Privacy Policy

Legal Notice and Terms of Use

Information of the company that manages the services

The platform accessible through the https://aramedica.com domain name (the “Site”) is provided by Ara Medica (hereinafter referred to as “us”, “we” or the “Company”), a Italian entity with registered address at Via Giuseppe di Vittorio, 64 – 73040 Aradeo (Lecce). The company is registered with the Register of Companies of Lecce. The registration number of the company in the Business Register is LE-315576. You may contact us regarding Ara Medica by filling out our Contact Form.

Please read these Terms of Use (“ToU”) carefully before you start to use the Site. By using the Site or by clicking to accept or agree to this ToU when this option is made available to you, you accept and agree to be bound and abide by this ToU, our Privacy Notice and our Cookie Notice (each of which is incorporated herein by reference) and all applicable laws and regulations.

IMPORTANT NOTICE: IF YOU ARE USING THE PLATFORM
IN THE U.S., THESE STC CONTAIN A WAIVER OF JURY TRIALS AND CLASS ACTIONS GOVERNING DISPUTES ARISING FROM USE OF THE SERVICES. IT MAY AFFECT YOUR LEGAL RIGHTS AS DETAILED IN THE GOVERNING LAW AND DISPUTE RESOLUTION PAGE. PLEASE READ CAREFULLY.

IF YOU DO NOT AGREE TO BE BOUND BY ANY PROVSION IN THIS STC, THE
WEBSITE TOU, THE PRIVACY POLICY, OR THE COOKIE NOTICE, YOU MUST
DISCONTINUE ALL ACCESS AND USE OF THE SERVICES.

Please be advised that by subscribing to our Services (as defined below), you will also be subject to the relevant services agreement that applies to the specific subscription you purchased, each of which can be found at Services Agreement (each a “Services Agreement”). If there is any conflict between this ToU and any Services Agreement, the Services Agreement will govern with respect to that particular service.

1. General

These ToU are the legal agreement between you and the Company, and govern the access to, browsing, and use of the Site, whether as a guest or a registered user. By accessing the Site, you accept to be bound by these ToU. In the case you do not agree with the terms and conditions set forth herein, you must refrain from accessing and using the Site. Should you have any doubts in connection with these ToU, please contact us through our Contact Form.

If you are using the Site on behalf of a corporation or other entity, you represent and warrant that you can agree to this ToU on behalf of such entity and all references to “you” throughout these TOU will include such entity, jointly and severally with you personally.

Persons using the Site represent and warrant that as a condition of use that they are (i) 18 years of age or older or (ii) if under 18, have parental or other legal guardian permission to access materials and are over 14 years of age (a “Minor”). If you are a parent or legal guardian of a Minor using the Site, you hereby agree to bind the Minor to this ToU and to fully indemnify and hold harmless the Company if the Minor breaches and terms or conditions in this ToU. If you ae not at least 14 years old, you may not use the Site at any time or in any manner or submit any information to the Company or the Site.

You also represent and warrant that (i) you are not located in a country that is subject to a U.S. Government embargo or that has been designated by the U.S. Government as a “terrorist supporting” country; and (ii) you are not listed on any U.S. Government list of prohibited or restricted parties. If any applicable law, rule, or regulation prohibits you from accessing the Site, you may not access it.

2. Purpose

The purpose of the Site is to provide general and business information about the activity of the Company and, with respect to users that have created an account in accordance with the Service Terms and Conditions, enable the use of the services offered by us, consisting in the creation of forms and any other services as may be offered by us from time to time (indistinctly referred to as the “Services”).

To ensure you can successfully participate in the Services, we recommend that you review the performance of your technology, as we cannot accept any responsibility for slow loading, latency, or failure to view or access forms or other online content forming part of any Service. We reserve the right to limit the use of any Service to any person, geographic region, or jurisdiction.

3. Information available on the Site

We make great efforts to ensure that all general and business information on the Site is comprehensive and error-free, and we periodically review the content, information, and any other data of any kind included in the Site. However, you acknowledge and accept that all data available on the Site is provided for information purposes only, and that the Company does not warrant nor accept any liability for any errors existing in the information. All Service descriptions and pricing are subject to change at any time without notice, at our sole discretion. Additionally, we reserve the right to discontinue any Services at any time. We recommend that you search from time to time for updates of, or amendments to, the contents of the Site.

4. Your use of the Site

You must use the Site and the Services complying with law and public order. In particular, you undertake not to use them to pursue illegal purposes, contrary to the rights and legitimate interests of us or any other third party, or in any other manner that may tamper, disrupt, overload or otherwise damage the Site and/or the Services. You undertake to comply with any instructions or recommendations given by us or by any individual acting on behalf of the Company.

5. Accounts

The Site contains certain areas and contents that are accessible to all persons and contains areas that may be accessed by valid, active account holders after login with assigned username and password credentials through a personal user account (“Account”). You shall provide accurate, complete, and current Account information and, as applicable, timely update the same. You are solely responsible for the activity that occurs on the Account and for keeping your Account credentials secure. You also acknowledge that your Account is personal to you and agree not to provide any other person with access to this Site or portions of it using your username, password, or other security information. You shall remain solely responsible for the activity arising out of any failure to keep your Account details confidential and notify us promptly of any breach of security or any known unauthorized use of the Account. Notwithstanding deletion of the Account, the Company may retain your data as reasonably necessary for compliance with applicable law or as otherwise set forth in our Privacy Policy. You agree that all information you provide to register with the Site or otherwise is governed by our Privacy Policy, and you consent to all actions we take with respect to your information consistent with our Privacy Policy.

6. Feedback

You can submit to us via the Site or otherwise questions, comments, suggestions, and ideas (“Feedback”). Any Feedback you provide to us shall be deemed to be non-confidential and non-proprietary, and, accordingly, the Company shall be free to use such information on an unrestricted basis.

7. Indemnity

You shall indemnify, defend, and hold the Company, its officers, directors, employees, agents, partners, suppliers, and/or licensors harmless, and will keep them indemnified from and against any claim, loss, expense, liability, damage or demand—including reasonable attorney’s fees— relating to, arising from, or allegedly arising from your use of the Site and/or the Services in breach of the law, or a breach of these ToU or any other contractual obligation you have assumed vis-à-vis the Company.

6. Disclaimer

We strive to ensure that the Site and/or the Services are available and fully functional. However, and to the maximum extent permitted under applicable law we do not warrant that the Site and/or the Services will always be available, undisrupted, and error-free. In particular but without limitation, we shall not be held liable in the event of:

-Technical errors preventing their regular use and caused by force majeure circumstances, acts of God, or otherwise;
-Maintenance works impacting the availability and access of the Site and/or the Services;
-Damages based on the contents of the Site and/or the Services;
-Wrongful use of the Site and/or the Services, or use contrary to the law, these ToU, or any other agreement between you and the Company;
-Unauthorized third party access to the Site and/or the Services;
-Conflicts that arise between you and other users of the Site; or
-Contents uploaded by you to the Site.

TO THE FULLEST EXTENT PERMITTED BY LAW, THE SITE IS PROVIDED ON AN “AS IS” AND “AS AVAILABLE” BASIS, WITHOUT WARRANTY OF ANY KIND. THE COMPANY AND ITS THIRD-PARTY LICENSORS OR PROVIDERS SPECIFICALLY DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT OF PROPRIETARY OR THIRD-PARTY RIGHTS. THE COMPANY AND THIRD-PARTY LICENSORS AND PROVIDERS MAKE NO WARRANTY THAT: (i) THE SITE WILL MEET YOUR REQUIREMENTS, (ii) THE PROVISION OF THE SITE WILL BE UNINTERRUPTED, SECURE, OR ERROR-FREE, (iii) THE RESULTS THAT MAY BE OBTAINED FROM THE USE OF THE SITE WILL BE ACCURATE OR RELIABLE, OR (iv) ANY ERRORS ON THE SITE WILL BE CORRECTED. Some jurisdictions do not allow the disclaimer of implied warranties, so a portion of the foregoing may not apply to you, in which case the duration of any such implied warranties is limited to the minimum period permissible under applicable law.

7. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT WILL WE, OR OUR THIRD-PARTY LICENSORS OR PROVIDERS (OR ANY OF OUR OR THEIR DIRECTORS, OFFICERS, EMPLOYEES, AGENTS, OR CONTRACTORS), BE LIABLE FOR ANY INDIRECT, SPECIAL, INCIDENTAL, COMPENSATORY, CONSEQUENTIAL, OR PUNITIVE DAMAGES (INCLUDING, BUT NOT LIMITED TO, LOST PROFITS) ARISING OUT OF THE USE OF OR INABILITY TO ACCESS THE SITE, INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF GOODWILL, WORK DISRUPTIONS, COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER COMMERCIAL DAMAGES OR LOSSES, EVEN IF ADVISED OF THE POSSIBILITY THEREOF AND REGARDLESS OF THE LEGAL OR EQUITABLE THEORY (CONTRACT, TORT, BREACH OF WARRANTY OR OTHERWISE) UPON WHICH THE CLAIM IS BASED. THE COMPANY SHALL NOT BE RESPONSIBLE FOR ANY LIABILITY ARISING OUT OF ANY MATERIAL LINKED THROUGH THE WEBSITE. TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL MAXIMUM AGGREGATE LIABILITY OF THE COMPANY OR OUR THIRD-PARTY LICENSORS OR PROVIDERS (OR ANY OF OUR OR THEIR DIRECTORS, OFFICERS, EMPLOYEES, AGENTS, OR CONTRACTORS) ARISING OUT OF OR RELATING TO YOUR ACCESS TO OR USE OF THE SITE EXCEED $100. THE LIMITATIONS SET FORTH IN THIS TOU WILL NOT LIMIT OR EXCLUDE LIABILITY FOR OUR GROSS NEGLIGENCE, OR INTENTIONAL, MALICIOUS MISCONDUCT.

8. Intellectual property

The Site remains the sole property of the Company or its third-party licensors or providers. The Site is protected by copyright, trademark, and other Spanish, U.S., and foreign laws. This ToU do not grant you any right, title, or interest in any Company trademarks, logos, or other brand features.

Unless expressly granted by their corresponding rightsholders or by law, you do not have any use or ownership rights upon the above-mentioned contents and creations other than for the use of the Site and/or the Services under the terms and conditions described in these ToU or the applicable Service Agreement. Therefore, and except when authorized in accordance with this section or otherwise in these ToU or in the applicable Service Agreement, you may not distribute, reproduce or copy, communicate to the public, transform or modify, adapt, translate, or otherwise use and exploit said works.

9. Privacy and cookie policy

Your use of the Site and/or the Services may result in the collection and further processing of information, including information having a personal nature. We will inform you whenever said collection and processing takes place, and the processing shall be governed and subject to our Privacy Policy and Cookie Policy.

10. Links to third parties’ webpages

We are not liable for websites and contents provided by third parties and linked or embedded in the Site or the Services, either as advertisement banners or otherwise included in any of the contents. We shall have no obligation to review the contents of said webpages and the services or products that third parties may offered through them, and their existence does not imply that we support, promote, endorse, sponsor, guarantee, or recommend the linked websites, contents, services, or products. You acknowledge that terms and conditions may apply to the access and use of said services, products, and websites, and that you are responsible for reviewing and accepting them.

11. Amendments

We may update, delete, amend or modify the Services, the Site, and the information provided through them from time to time. Likewise, we may delete access to the Services or the Site from time to time, by providing prior reasonable notice.

12. Governing Law and Dispute Resolution

For Users outside of the US: the rights and obligations of the parties under these ToU shall be governed by Spanish law. This shall not prevent the application of those mandatory rights you are entitled to under your applicable law in the event that you are acting as a consumer.

Also, should you be acting as a consumer, you may also access to the European Union’s online dispute resolution webpage.

For U.S. Users of the Site: The rights and obligations of the parties under this ToU will be governed by the laws of the State of Delaware, without regard to its conflicts of laws principles and specifically will not be governed by the United Nations Convention on Contracts for the International Sale of Goods. Any cause of action or claim you might have with respect to this ToU must be filed before the courts of the State of Delaware, which shall have exclusive jurisdiction, and shall be commenced within one (1) year after such claim or cause of action arises or shall be deemed waived. EACH PARTY HEREBY IRREVOCABLY WAIVES, TO THE EXTENT PERMITTED BY LAW, ALL RIGHTS TO TRIAL BY JURY AND ALL RIGHTS TO BRING OR PARTICIPATE IN A CLASS ACTION OR MULTI-PARTY ACTION IN ANY ACTION, PROCEEDING, OR COUNTER-CLAIM ARISING OUT OF OR RELATING TO THIS AGREEMENT. ALL CLAIMS AND DISPUTES ARISING OUT OF THIS AGREEMENT MUST BE ARBITRATED OR LITIGATED ON AN INDIVIDUAL BASIS AND NOT ON A CLASS BASIS.

13. Miscellanea

The illegality, invalidity, nullity or unenforceability of any of the sections of these ToU will not affect the validity of its other provisions, which shall remain in full force and effect. Such sections are to be replaced or integrated into others that, in accordance with law, correspond to the objective of the substituted sections.

If, at any time, we fail to respond to a breach of these ToU by you, that failure will not waive our right to act with respect to subsequent or similar breaches. A waiver will only be binding on the Company if it is in writing and signed by the Company.

14. Entire Agreement

These ToU (including the Privacy Policy and Cookie Notice) constitute the entire agreement between you and the Company with respect to the subject matter of this ToU and supersede and replace any other prior or contemporaneous agreements, or terms and conditions applicable to the subject matter of this ToU. Our past, present, and future affiliates and agents can invoke our rights under these this ToU in the event they become involved in a dispute with you. Otherwise, this ToU do not give rights to any third parties.

These ToU are drafted both in plain and legal versions. In case of any discrepancies, the legal version included herein shall prevail and take precedence with respect to the plain version.

Service Terms and Conditions

PLEASE READ THE FOLLOWING CAREFULLY BEFORE ACCEPTING THIS AGREEMENT AND ACCESSING, USING, AND/OR REGISTERING FOR AN ACCOUNT OR THE SERVICES (each as defined below).

This Service Terms and Conditions (“STC”) is a legal agreement between you and the applicable Ara Medica contracting entity as defined in Section 16 below (the “Ara Medica Contracting Party”). As used in this STC, the “Company,” “we,” “us,” and “our” means the applicable Ara Medica Contracting Party.

Please read this STC carefully before you open an Account (as defined in Section 2(a) below) or start to use the Services (as defined in Section 1 below). By using opening an account or using the Services or by clicking to accept or agree to this STC, you accept and agree to be bound and abide by this STC, our Website ToU , our Privacy Policy, and our Cookie Notice (each of which is incorporated herein by reference) and all applicable laws and regulations. To the extent allowed under applicable law, you hereby waive any applicable rights to require or receive an original (non-electronic) signature or delivery of non-electronic records of this Agreement.

IMPORTANT NOTICE: IF THE CONTRACTING PARTY IS Ara Medica US LLC, THIS STC CONTAINS A WAIVER OF JURY TRIALS AND CLASS ACTIONS GOVERNING DISPUTES ARISING FROM USE OF THE SERVICES. IT MAY AFFECT YOUR LEGAL RIGHTS AS DETAILED IN THE APPLICABLE LAW AND JURISDICTION SECTION BELOW. PLEASE READ CAREFULLY.

IF YOU DO NOT AGREE TO BE BOUND BY ANY PROVSION IN THIS STC, THE WEBSITE TOU, THE PRIVACY POLICY, OR THE COOKIE NOTICE, YOU MUST DISCONTINUE ALL ACCESS AND USE OF THE SERVICES.

1. General

The proprietary platform (the “Platform”) accessible through the www.Ara Medica.com domain name (together with any sub-domains thereto, collectively, the “Site”) is provided by Ara Medica (hereinafter referred to as “us”, “we” or the “Company”), a Italian entity with registered address at Via Giuseppe di Vittorio, 64 – 73040 Aradeo (Lecce). The company is registered with the Register of Companies of Lecce. The registration number of the company in the Business Register is LE-315576.

You may contact us regarding Ara Medica by filling out our Contact Form.

This STC governs the use of the services offered to customers through the Site consisting of (i) services to create, for your internal business purposes, online surveys/forms/applications/questionnaires (each a “Form”), (ii) the subsequent collection, storage, and related information management, and (iii) any other services as may be offered by us from time to time as described on the Site, including software, interfaces, documentation, technical support, and the features, functionality, and connectivity provided through the Platform (the “Services”). You will be solely responsible for all Forms you create, including without limitation, the accuracy and appropriateness of content appearing therein and the final tabulations and application of Respondent’s Data (as defined in Section 3(k) below).

To purchase a Paid Subscription (as defined in Section 2(c) below), you will choose the applicable Services package on the Site, which will include the applicable Subscription term of, for example, a monthly or annual period (each a “Subscription Period”), and Subscription fees (the “Fees”), will agree to accept this STC, and will create an Account as directed by us, which is necessary to become an Authorized User (as defined in section 2(b) below) to use the Services. Subscription Periods of monthly or annual periods will automatically renew for another term equal in duration to the initial period until your Paid Subscription is cancelled or terminated in accordance with this STC.

To be able to use the Services, you will need to create an Account and comply with other requirements set forth in this STC. Please note that the Account also enables you to use certain developer features accessible through the Site. Should you decide to use those functionalities, the Developer Terms and Conditions apply to you in addition to this STC.

2. Access to the Services; Account Creation

a) Eligible Individuals

Services are offered to individuals and companies, either conducting business activities on their own or acting as consumers. For purposes of this STC, ‘consumer’ shall be interpreted as any individual or entity using the Services for a purpose other than to conduct a business or commercial activity. If you are creating an account for an a corporation, organization, or other entity (the “Organization”), you understand and agree that the Organization will be understood to be the owner of the Account and, hence, any contents created using the Services, and any data collected through the Services, will be understood to belong to the Organization, subject to the terms and conditions set forth herein or in the ToU. No other use of the Services not specified in this STC, including use by any other employees, agents, contractors, consultants, representatives, personnel, or other parties or individuals of or on behalf of your Organization or its affiliates or subsidiaries shall be permitted to use the Services or access the Account.

Persons using the Services represent and warrant that as a condition of use that they are (i) 18 years of age or older or (ii) if under 18, have parental or other legal guardian permission to access the Services materials and are over 16 years of age (a “Minor”). If you are a parent or legal guardian of a Minor using the Services, you hereby agree to bind the Minor to this STC and to fully indemnify and hold us harmless if the Minor breaches and terms or conditions in this STC. If you ae not at least 16 years old, you may not use the Services at any time or in any manner.

You also represent and warrant that you are not located in a country that is designated by an applicable government as a “terrorist supporting” country. If any applicable law, rule, or regulation prohibits you from accessing the Services, you may not access it.

b) Account Creation

In order to access the Services, you will need to register and create an account (the “Account”). To this end, you must provide true, current, complete, and accurate information, as requested during the registration process, that refers to you. You cannot sign up or otherwise create an Account with us on behalf of a third party other than as expressly set forth in this section.

An “Authorized User” means you or an employee or representative of your Organization who has been supplied with a single user identification and password to access and use the Account and Services on the user’s own behalf or on behalf of the user’s Organization. No other use of the Account or Services not specified in this Agreement, including use by any other employees, agents, contractors, consultants, representatives, personnel, or other parties or individuals of or on behalf of your Organization or its affiliates or subsidiaries shall be permitted to use the Services or access the Account. We shall provide each Authorized User a username and password for logging into the Account to enable the Authorized User to use the Services.

If you are using the Services on behalf of an Organization, you represent and warrant that you can agree to this STC on behalf of your Organization and all references to “you” throughout this STC will include your Organization, jointly and severally with you personally. You should create a business Account, which will allow use of the Services under your Organization’s name. Note that you are obligated to obtain the number of Authorized Users that will access the Account and/or use the Services within your Organization.

If you create an Account, you will be able to opt for any of the Paid Subscriptions described in the Pricing section of Ara Medica. Among other functionalities, these Subscriptions enable you to manage shared workspaces with as many Authorized Users as you have selected in your Paid Subscriptions, by sending an invitation to collaborate with other Authorized Users of your Paid Subscription. The owner of the Paid Subscription will have limited admin rights to control contents created and manages from the rest of Authorized Users. It is your duty to make sure that the other Authorized Users understand the impact for their privacy and content ownership when accepting to be part of your Subscription, and you shall indemnify, defend, and hold us harmless of any costs or damages directly or indirectly related to these matters.

We may provide different Subscriptions offering different functionalities and features, and subject to different pricing conditions. Services definition may vary from time to time and further and more detailed information on the current features and functionalities of the Service is provided during the signup process.

Notwithstanding deletion of the Account, the Company may retain your data as reasonably necessary for compliance with applicable law or as otherwise set forth in our Privacy Notice. You agree that all information you provide to register for the Services or otherwise is governed by our Privacy Notice, and you consent to all actions we take with respect to your information consistent with our Privacy Notice.

Note that when you are providing your information and accepting this STC, you are entering into an agreement with the Company that describes which are the obligations we have with regards to each other. If you have problems accessing or logging in into the Services, please contact us.

c) Provision of the Services; Right to Use

Once an Account has been successfully created, our basic free Service (“Basic Subscription”) will be available and ready to use, subject to the terms of this STC. Note, however, that access to and use of certain functionalities and Services are only available to certain plans and may be subject to payment requirements. Subject to your compliance with this STC, the Company hereby grants to you limited, personal, non-exclusive, non-transferable, revocable right to access and use of the Basic Subscription, which shall remain in effect unless and until terminated by us or by you through “My Account” in accordance with the instructions you can find here .

Additionally, subject to your compliance with this STC and payment of the applicable Fee, the Company grants each Authorized User a limited, revocable, personal, non-exclusive, non-transferable, non-sublicensable right during the Subscription Period to access and use the applicable Service package in accordance with this STC and the applicable subscription terms (“Paid Subscription” collectively with a Basic Subscription, each a “Subscription”).

3. Use of your Account and Services, and Your Contents

a) Account Security and Credentials

Accounts are to be used by you and Authorized Users, and it is strictly forbidden to share or allow others to use it. You must keep credentials for your Account secured at all times. It is strictly forbidden to share credentials with any third parties other than Authorized Users, or to write them down for recovery purposes. You shall remain solely responsible for the activity arising out of any failure to keep your Account details confidential. Should you suspect that your Account or your credentials have been or are being used by a third party, or have been compromised, you must contact us immediately through our Ara Medica Contact Form. Otherwise, we may attribute all use of your Account to you, and you agree to be responsible for all activities that occur under your Account.

You undertake to notify us any changes to the information submitted upon sign-up or thereafter to keep any information we may have in our records current and accurate.

b) Use of your Account and Services

You must use your Account and the Services complying with law, public order, and any guidelines in our Help Center. Our Help Center includes the documentation and instructions to use our Services. In particular, but without limitation, you shall not:

• Access the Site, Account, and/or the Services by any means other than through interfaces provided by us and as otherwise expressly authorized under this STC;

• Use the Services as a hosting service or hosting system only;

• Use the Services, or any responses or media within the Services, to create web pages or for hosting or supporting online resources or as a data repository;

• Avoid, bypass, remove, deactivate, impair, descramble, or otherwise tamper with the security measures, usage rules, or other protection measures implemented by us, our service providers or any third parties to protect the Site, the Account, or the Services, as well as the restricted features or functionalities available for given categories of Accounts other than the one you are holding, or to attempt to do any of those actions;

• Except as otherwise expressly permitted in this STC, access, tamper with, or use restricted areas of the Service or the Site, our computer systems, or the technical delivery systems of our providers;

• Use any metatags or other hidden text or metadata in the Site or Services, as well as forge headers or otherwise manipulate identifiers in order to disguise the origin of any content transmitted through the Service;

• Use, display, mirror, or frame the Site or Services, any individual element within the Site or Service, the layout and design of any portion of the Service or the Site, or the intellectual property rights and other proprietary rights of the Company, except to make the forms created through the Services available to others or as otherwise expressly permitted by us;

• Use any “deep-link,” “page-scrape,” “robot,” “spider,” or other automatic device, program, algorithm, or methodology or any similar or equivalent manual process to access, acquire, copy, or monitor any portion of the Site or Services or in any way reproduce or circumvent the navigational structure or presentation of the Site or Services to obtain or attempt to obtain any materials, documents, or information through any means not purposely made available through the Site;

• Reverse engineer, decompile, or disassemble software used in connection with Site or Services, except as permitted by applicable law;

• Interfere with, or attempt to interfere with, the access of any user, host, or network, including, without limitation, sending a virus, overloading, flooding, spamming, or mail-bombing the Services or the Site;

• Reproduce, duplicate, copy, sell, trade, resell, or exploit for any commercial purpose any portion of the Site or the Services (except for making the forms available to respondents in accordance with the intended use of the Services), or your access to or use of the Site or Services;

• Impersonate or misrepresent your affiliation with any person or entity, as well as stalk or harass other users or third parties, or share or use offensive or pornographic materials;

• Carry out vulnerability scanning, load testing, or penetration tests or bypass our security measures without our previous written approval;

• Use the Services and, in particular, the functionalities aimed at ensuring interaction of the Services to monitor the availability, performance, or functionality of our Services or the Site, or for benchmarking or other competitive purposes;

• Collect credit card information (unless using the specific questions blocks provided by us), passwords, or similar login credentials;

• Send electronic communications that are not expressly requested or authorized by the recipients or sending mass and/or repetitive electronic communications (spam) or use the Services to send any communications in a way not permitted by or compliant with any applicable laws or industry standards, or to any recipient who has opted out, unsubscribed, or otherwise objected to receiving such messages from you or another party on whose behalf you may be mandated; or

• Otherwise use the Account, Site, or Services in a manner contrary to our rights and legitimate interests or any other third party, or in any other manner that may tamper, disrupt, overload, or otherwise damage the Site or the Services. You may let us know about any abuse by filling out this Ara Medica. For clarification purposes, in cases where your form is being subject to a DDoS attack or similar attacks that may result in the Site or Services being overloaded, disrupted or damaged, we may suspend the provision of the Services with no liability to you, even if the situation has not been directly or indirectly caused by you.

For avoidance of doubt, you (or your Authorized Users) may carry out any action that enables the Services to interoperate and communicate with a given software program, provided that any such integration has been developed by means of the public APIs and related products and Services provided by us as part of our range of technical products for developer and integrator users. You understand that we do not control the use of any information collected by third parties to which you independently decided to integrate the Services to or to share data with via APIs —regardless of whether said collection of information took place in the past, is taking place in the present, or is intended to be carried out in the future. Therefore, you understand and agree that we shall not defend, indemnify, or hold you harmless for any costs or damages arising from those third-party actions and integrations. This paragraph does not override our obligations in respect of third-party providers we are engaging in the provision of the Services.

c) Usage Limits

You shall only use the Services in full compliance with the conditions set forth in this STC.

You may opt to purchase add-ons to a Subscription at any time to increase, for instance, the number of available responses of your plan, additional Authorized Users, or add other features. These add-ons can be purchased in the ‘Settings’ menu of your Account and are valid upon activation and for the then current Subscription Period.

In the event that the authorized responses limits are reached (any such limit reached by either a normal submission to a form or via the usage of the partial submit point feature or so-called partial responses), we will not be required to collect, store, and/or process any response in excess of the applicable limits. You may opt to activate the ‘upgrade my plan’ feature as further described in Section 5 of the Payment Terms and Conditions.

d) Authentication Services

You may decide to activate our authentication feature, a service fully owned by Okta, Inc. which enables the email address and passwords validation process used for purposes of logging into the Services. If you opt to use this feature, Okta, Inc.’s security, password, and other policies apply, and we strongly recommend you familiarize yourself with said policies and that you practice common sense in the administration of your user IDs and passwords.

e) Beta Services

You may be offered to take part in early access programs to use so-called alpha or beta versions of the Services (“Beta Services”). If you have agreed to participate in a Beta Service, you shall use such Service(s) solely for the stated purposes thereof and any other terms we set. Beta Services may not work in accordance with the documentation with which we may provide you or they may contain errors, defects, or bugs and may result in unexpected results, corruption or loss of data, or other unpredictable damage or loss, as you acknowledge and agree. Beta Services are not covered under any service level commitments under this STC, and, as an exception to the provisions in Sections 9, 10, and 11, we do not make any sort of representations or warranties and disclaim any liabilities regarding Beta Services. Beta Services may be discontinued at any time, for no reason and without prior notice, and nothing in this STC shall be construed as requiring us to release Beta Services as part of our regular Services.

f) Materials Available in the Services or the Site

The Site and the Services may include information, graphics, text, images, and other materials uploaded by other Account holders or third parties. Said materials are solely for your use in connection with the Site and Services, and their legality, accuracy, and completeness are the sole responsibility of the party that have uploaded them to or provided as part of the Site or the Services. Use of the materials may be subject to specific terms and conditions or license terms, and you are responsible to obtain any required licenses or authorizations, and to comply with any licenses or terms and conditions applicable to them.

g) Services and Third-Party Service Providers

To ensure you are provided with high-quality Services, from time to time, we may rely on third-party service providers. You understand that those providers act beyond our reasonable control and that we shall not be held liable for any damages caused by an action or omission attributable to them.

Also, you may decide to use third parties to process the information you may collect through the Services (e.g. by using webhooks). In all those cases, you acknowledge and agree that those third parties are beyond our reasonable control and that we will not be liable for any damages arising from the use of said information by them, or if you decide to transfer information to those third parties by using non-secured means (e.g. non-https transfer protocols). We recommend that you carefully review any terms and conditions governing the use of those third parties’ services and any integration tools they may offer before you start using their services. Note that the use of said services may result in the transmission of any kind of information (either confidential or having a personal nature, among others) outside our platform, and third parties not related to us may subsequently be gaining access to, modifying, or even deleting said information. Please review our Privacy Notice for further information.

h) User Submissions

You may post, upload, display, publish, distribute, transmit, broadcast, or otherwise make available on or submit through the Services messages, text, illustrations, files, images, graphics, comments, sounds, music, and data (“User Submissions”). We do not claim ownership over any User Submissions, and this STC does not grant us any licenses or rights to your User Submissions, except for the licenses expressly described in this STC.

You understand that we do not guarantee any confidentiality with respect to any User Submissions, other than as set forth in our Privacy Policy. You shall be solely responsible for your User Submissions and Respondent’s Data and the consequences of submitting them to us through the Platform and our use of them for the Services, including, but not limited to, any and all claims related to copyright or other intellectual property infringement claims or breach of applicable data privacy law.

We are not obligated to create or maintain a copy of any User Submission or Respondent’s Data. We reserve the right, in our sole discretion and without further notice to you, to monitor, censor, edit, delete, and/or remove any User Submission or Respondent’s Data at any time and for any reason and do not accept any responsibility for any such edit, deletion, or removal.

Each time you submit any User Submission, you represent and warrant that you are at least the age of majority in the jurisdiction in which you reside or are the parent or legal guardian of any minor who is depicted in or contributed to any User Submission you submit, and that, as to that User Submission (i) you are the sole author and owner of all the intellectual property rights and other rights to the User Submission or you have a lawful right to submit the User Submission and grant the Company the rights to it that you are granting by this STCs, all without any Company obligation to obtain consent of any third party and without creating any obligation or liability of the Company for compensation or otherwise; (ii) the User Submission does not and, as to our permitted uses and exploitation set forth in this STC, will not infringe any intellectual property or other right of any third party; and (iii) the User Submission will not violate this STC. Other than as expressly set forth in this STC, you retain all other ownership rights in and to your User Submissions.

Do not submit any User Submission that belongs to other people and pass it off as your own, including any content that you might have found elsewhere on the Internet. If anyone contributes to any of your User Submissions or has any rights to any of your User Submissions or if anyone appears in the User Submissions, then you must also have their permission to submit such User Submission.

By submitting the User Submissions, you grant us a worldwide, irrevocable, non-exclusive, royalty-free, perpetual, and fully sublicensable and transferable license to use, reproduce, distribute, prepare derivative works of, display, and perform the User Submissions in connection with the Platform and our business, including without limitation for redistributing part or all of your User Submissions (and derivative works thereof) in any media format and through any channels and, and you hereby waive any moral rights in your User Submissions to the extent permitted by applicable law.

You agree that you will not display, post, submit, publish, upload, or transmit any User Submission that: (i) is copyrighted, protected by trade secret, or otherwise subject to third party proprietary rights, including privacy and publicity rights; (ii) is unfair or deceptive under the consumer protection laws of any applicable jurisdiction; (iii) is unlawful, defamatory, libelous, threatening, pornographic, harassing, hateful, racially, or ethnically offensive, or encourages conduct that would be considered a criminal offense, gives rise to civil liability, violates any law, or is inappropriate; (iv) involves theft or terrorism; or (v) is otherwise malicious or fraudulent.

Please note that User Submissions are made publicly available to third parties. Please evaluate whether you want to share said content under those conditions before submitting them as part of the Services.

i) Third Parties’ Intellectual Property & other Proprietary Rights

Without prejudice to Section 3(b) above, you accept not to upload into the Services or the Site, or post, email, transmit, share, or otherwise use, in conjunction with, or related in any manner with the Services or the Site, content for which you do not have the prior authorization of their titleholders. We are not responsible for said content nor the actions you may take with respect to the content, and you shall not use third party content unless you have first obtained the permission of its owner.

By way of example, you shall not use photographs, music, text, graphics, information, trademarks, trade names, or other content protected under intellectual property rights (including privacy and publicity rights) that are not yours, except when the corresponding owner has expressly given its approval. It is strictly forbidden to use the Services to circumvent the rights of any titleholder upon its intellectual property or other exclusive rights, such as, for instance, providing through the Services links to P2P platforms including infringing materials.

Notwithstanding Section 11 below, we may delete at any time any content that breaches this section, without prior notice and accepting no liability for any such deletion.

j) Review of your Content

You acknowledge that to ensure compliance with legal obligations, prevent phishing or fraud, or when unlawful content is reported to us we may be required by third parties to review certain content submitted by you to determine whether it is illegal or whether it breaches this STC. We may at our sole discretion modify, prevent access to, delete, or refuse to display content that we believe violates the law or this STC. However, you acknowledge that we have no obligation to monitor or review any content submitted by you.

k) Obligations vis-à-vis Respondents

If you have a Subscription, you may create Forms in accordance with the applicable Subscription terms. Persons may access and voluntarily input data into the Forms or you may solicit persons to input data into the Forms (each such person, a “Respondent,” and such data, “Respondent’s Data”). Any contractual relationship existing with Respondents is entered into between you and them. You are fully responsible for meeting all applicable obligations related to Respondents and Respondent’s Data. Additionally, you are responsible for (i) the security of Respondent’s Data, (ii) receiving from Respondent all required consents in accordance with applicable data privacy law for the collection and transfer to us of Respondent’s Data for use in accordance with this STC, and (iii) for notifying Respondents about our Privacy Policy .

We do not claim ownership over any Respondent’s Data, and this STC does not grant us any licenses or rights to any Respondent’s Data, except as set forth in our Privacy Policy and as follows: You grant to us a worldwide, royalty free, fully sublicensable and transferable license to use, reproduce, distribute, modify, adapt, create derivative works, make publicly available, and otherwise exploit Respondent’s Data solely for the limited purposes of providing and improving the Services (and, for clarification purposes and in the later case, on an aggregated basis).

l) Collaboration with Us

You undertake to comply with any instructions or recommendations given by us or by any individual acting on behalf of the Company in connection with the use of the Site, your Account, or the Services.

m) Optional Features Specific Terms

Please, consider that certain features or services that we may offer from time to time require additional terms and conditions. In such cases, please note that you can always choose not to use such features and continue to enjoy the rest, without the Service Specific Terms being applicable to you.

For further information on the terms and conditions that apply to the additional features and services that we have made available to you, please refer to Optional Features Specific Terms.

n) Qualitative Insights Specific Terms

We offer the so-called Qualitative Insights feature as part of our product, aimed at offering quicker and deeper insights to data collected through your forms. Qualitative Insights are subject to its specific terms available here.

4. Fees and Payments; Taxes; Billing Disputes

Fees for the Services shall be subject to the Payment Terms and Conditions, which are included in this STC by reference, without the right of set-off, deduction, or counterclaim.

Fees are exclusive of any taxes, levies, customs fees, duties, or similar governmental assessments of any nature, including value-added, sales, use or withholding taxes, assessable by any jurisdiction (collectively, “Taxes”). You will be responsible for paying all applicable Taxes associated with your purchases, except for Taxes assessed against us based on net income. Should any payment for the Paid Subscription be subject to withholding tax by any government, you will be responsible for such Taxes and will reimburse us to the extent we are required to pay any such withholding Taxes.

Billing disputes must be initiated within thirty (30) days of purchase. Upon expiration of such 30-day period, you will not be entitled to dispute any fees paid or payable to us. The Parties will work together in good faith to resolve billing disputes. A pending billing dispute shall not exempt you from timely paying any undisputed amounts owed. Other than in accordance with the foregoing or otherwise expressly set forth in this STC, Fees paid are non-refundable.

5. Term; Auto-Renewal

The Basic Subscription shall be accessible until terminated by us or by you through “My Account”.

Paid Subscriptions starts on the date you sign up for the Paid Subscription and pay the applicable Subscription Fee and shall automatically renew (together with any add-ons you may have decided to purchase) at the end of the applicable Subscription Period. Paid Subscriptions automatically renew for the same Subscription Period and we will automatically bill the then applicable Subscription Fee unless, prior to the end of the then current Subscription Period, you cancel the automatic renewal of your Paid Subscription through “My Account” section in accordance with the instructions found here . In any such cases, except if you decide to cancel your entire Account, the Paid Subscription will run for the entire Subscription Period, and at which time your Account will be downgraded to a Basic Subscription.

As mentioned above, subject to the foregoing, you may terminate your Account at any time, and we reserve the right to terminate your Account under the conditions set forth in Section 6 below. This STC applies as long as you have an Account through our Site, regardless of the type of Subscription you held at each moment.

This section shall not prevent the rights you have as a consumer in connection with the cancellation of, or withdrawal from, your Account. For further information please refer to Section 7 below.

For any personal data collected through the Service, please check the terms of the Data Processing Agreement to learn how data will be processed upon termination of the Services.

6. Suspension and Termination of the Account

a) Termination or Suspension by the Company

We are entitled to suspend your Account in the event that you provide us with untrue, inaccurate, not current, or incomplete information when creating your Account, as well as when you fail to comply with this STC or other mandatory provisions by law. We shall have the right to modify, prevent access to, delete, or refuse to host, display, or make available those contents that are believed to violate the law or this STC, either by the way in which said contents are used as analyzed on their own or by the way they interoperate with other contents, entities, or people. Except for those cases in which the contents at issue could automatically trigger Company’s liability under applicable law or when it is necessary to act diligently to prevent harm to others, we will notify you in advance about its intention to act against said contents and give you reasonable time to respond and take any necessary actions. Upon occurrence of any of these, we will contact you and request you to remedy your breach of this STC.

We are entitled to terminate your Account in the event you fail to redress any STC breach in the non-extendable term of ten (10) calendar days from notification date. Additionally, your Account may be terminated in the event you substantially breach this STC, including without limitation any case in which the Account is used to commit fraud (e.g. to carry out phishing attacks) or wilfully addressed to breach the law. Account termination may result in data loss.

We are entitled to terminate your Account, without any further prior notice, in the event that you, as a free plan user, do not access your Account on any occasion for an uninterrupted period of 24 (twenty- four) months. The purpose of this termination is ensuring that only active users use the Site and, therefore, that the Site works in a fast and effective way. You can prevent this from happening by accessing at any given time to your Account, and the 24-month timeframe will restart.

Finally, we may terminate your Account should you oppose the appointment of any sub-processor, as further detailed in our Privacy Policy.

Please note that in all these cases you may lose all the information stored in your information stored in your Account, such as surveys and responses.

b) Termination by you

You may terminate your Account at any time by using the account termination option found here . If you terminate your Account, you may still be able to access the Site, but you will not have access to the Services, features, and content that are available to Account holders. Please note that this may result in data loss.

7. Cancellation of your Subscription

The Basic Subscription Services are available upon the creation of your Account. Paid Subscriptions are available for the Subscription Period once we receive the applicable Fee payable in connection therewith.

If you object to any term or condition of this STC, or any subsequent modifications thereto, or become dissatisfied with the Services in any way, your only recourse is to immediately discontinue use of the Services and cancel your Subscription. Upon termination of your Account, all licenses granted by the Company to you and your Organization (if applicable) under this STC shall be terminated and you and your Organization (if applicable) will lose all access to the Accounts and Services. We shall not be liable to you or your Organization or any third party for termination of your use of or access to the Account or Services, or any portion thereof.

8. Social Media and Third-Party Platforms

The Services may include functionality that allows you to access and post content to social media and third-party platforms regarding your activities while using our Services. If you choose to use this functionality, we may:

a) have access to certain information that you make available through the social media or third-party platforms at issue, provided that the data has been made available to us under the terms and conditions and privacy policies set forth by said third parties; or

b) post status messages, notes, photos, videos and other materials to the applicable social media or third-party platform on your behalf.

Subject to all the applicable third parties’ terms and conditions and privacy policies, by connecting your Account with your account on a social media or third-party platform, you grant us permission to access and use the information that you make available through the social media or third-party platform at issue. To manage the information provided to us, please review the privacy settings applicable to your social media or third-party platform accounts.

We are not liable for social media or third-party platform contents, products, or services. We shall have no obligation to review their contents, services, or products. You shall review all terms of use, policies, and guidelines established from time to time in said social media or platforms, and you agree to be solely responsible and liable for any claims arising as a result of sharing or posting any content to or your activity in any social media or third-party platforms.

9. Representations and Warranties. Disclaimer of Warranties and Damages

In addition to any other representations and warranties included in this STC, the Company and you each warrant and represent that we have the full power and authority to enter into this STC. In addition, you further warrant and represent that you will (i) use the Services in accordance with the provisions of this STC as well as any reasonable instructions delivered by us or by any of our authorized representatives from time to time; (ii) any contents or data used in connection with the Services will be uploaded, processed, or otherwise used and acquired having obtained any necessary approvals, authorizations or licenses, and complying with any applicable laws, rules, regulations, directives and governmental requirements in the field of privacy, intellectual property and/or image rights; and (iii) provide your reasonable cooperation in the event that we need any evidence to prove before competent authorities and/or courts about the satisfaction of the requirements or consents referred therein.

TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, THE SITE AND THE SERVICES ARE PROVIDED “AS IS,” “WITH ALL FAULTS” AND “AS AVAILABLE” AND THE ENTIRE RISK OF USE AND PERFORMANCE REMAINS WITH YOU. WE DISCLAIMS ANY REPRESENTATIONS, WARRANTIES, OR CONDITIONS, EXPRESS, OR IMPLIED, OR STATUTORY, INCLUDING, WITHOUT LIMITATION, (I) THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT; AND (II) THAT THE SERVICES AND THE SITE WILL BE AVAILABLE OR PROVIDED ON AN UNINTERRUPTED, ERROR-FREE, TIMELY, OR SECURE BASIS, WILL BE FREE BE ERROR-FREE OR FREE FROM VIRUSES, WORMS, OR OTHER HARMFUL OR MALICIOUS COMPONENTS. YOU MAY HAVE ADDITIONAL RIGHTS UNDER YOUR LOCAL LAWS THAT THIS STC CANNOT SUPERSEDE AND, IN ANY SUCH CASES, OUR LIABILITY IS LIMITED IN ACCORDANCE WITH AND TO THE EXTENT PERMISSIBLE UNDER SAID LOCAL LAWS.

10. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT WILL WE BE LIABLE FOR ANY INDIRECT, CONSEQUENTIAL, INCIDENTAL, EXEMPLARY, PUNITIVE, OR SPECIAL DAMAGES, INCLUDING WITHOUT LIMITATION ANY DAMAGES TO OR FOR LOSS OF DATA, REVENUE, PROFITS, GOODWILL, OR OTHER INTANGIBLE LOSSES ARISING FROM OR RELATING TO THIS STC, YOUR ACCOUNT, OR THE SERVICES. TO THE MAXIMUM EXTENT PERMITTED UNDER APPLICABLE LAW, THIS LIMITATION WILL APPLY TO ALL CLAIMS UNDER ALL THEORIES OF LAW AND EQUITY.

SUBJECT TO SECTIONS 9 AND 10, OUR MAXIMUM, AGGREGATE OR CUMULATIVE LIABILITY TO YOU, FOR DIRECT DAMAGES UNDER THIS STC (INCLUDING UNDER SECTIONS 9, 10, AND 11 OR ANY OTHER CONTRACTUAL OBLIGATIONS), TORT (INCLUDING NEGLIGENCE AND STATUTORY DUTY) OR OTHERWISE SHALL NOT EXCEED THE TOTAL MAXIMUM AMOUNT EQUIVALENT TO FEES PAID TO THE COMPANY IN THE LAST TWELVE (12) MONTHS PRECEDING THE DATE IN WHICH THE DAMAGE TOOK PLACE.

THE FOREGOING LIMITATION OF LIABILITY IS COMPLETE AND EXCLUSIVE, SHALL APPLY EVEN IF WE HAVE BEEN ADVISED OF THE POSSIBILITY OF CLAIMS, LOSSES, OR DAMAGES EXCEEDING SUCH LIMIT, AND SHALL APPLY REGARDLESS OF THE SUCCESS OR EFFECTIVENESS OF ANY OTHER REMEDIES WE POSSESS. THE LIMITATION OF LIABILITY REFLECTS AN ALLOCATION OF RISK BETWEEN YOU AND US.

In the event of invalidity of any provision of this Agreement, the parties agree that such invalidity shall not affect the validity of the remaining portions of this Agreement.

Limitation and/or exclusion of liability and warranties may be limited in certain jurisdictions. To the extent that the limitations and exclusions in sections 9, 10 and 11 cannot be enforced or are considered void or illegal, either in whole or in part, said sections shall be construed and enforced in the sense of limiting the scope, duration and/or extent of the liability and/or warranty provision at issue. Nothing in this STC shall be understood to limit or exclude your liability for the price owed in excess of any liability caps hereunder.

11. Indemnity

You shall defend, indemnify and hold harmless the Company from and against any and all losses, settlements, damages, liabilities, judgements, obligations, fines or sanctions, costs, and expenses (including reasonable attorney’s fees) (collectively “Losses”), arising out of any claim, proceeding, demand, suit or action (collectively “Actions”) brought by a third party related to (a) your use of the Site or the Services, and activities occurring under your Account; (b) any violation of this STC; or (c) your violation of any other party’s rights or applicable law.

12. Amendments to the STC; Other Notices

We may modify this STC from time to time. We will provide you with reasonable prior written notice of any substantial change, to be sent via email or in-product notifications. If you do not agree to any amendments to the STC, you shall (as your sole remedy) stop using the Site, the Account, and the Services. By continuing to use the Account, the Services, or the Site, you are providing your agreement to be bound by the updated terms of the STC.

We may notify you about any topic related to this contract via email or in-product notifications. It is your responsibility to check those regularly to be informed about any said changes.

13. Modifications and Updates of the Services

Due to the constant updates and changes made by us to improve the Services and ensure that you can use them in a seamless way and that the Services can interoperate with third-party platforms, we may add, alter, or remove functionalities from a Service at any time. Moreover, we may implement any updates to the Services (including security updates) that will be applicable to some or all users collectively at any time.

14. Miscellanea

The illegality, invalidity, nullity, or unenforceability of any of the sections of this STC will not affect the validity of its other provisions, which shall remain in full force and effect. Such sections are to be replaced or integrated into others that, in accordance with law, correspond to the objective of the substituted sections.

If, at any time, we fail to respond to a breach of this STC by you, that failure will not waive our right to act with respect to subsequent or similar breaches. A waiver will only be binding on us if it is in writing and signed by us. This STC constitute the entire agreement between you and us with respect to your Account and the Services. Both you and the Company, warrant to each other that, in entering this STC, neither the Company nor you have relied on or will have any right or remedy based upon any statement, representation, warranty, or assurance other than those expressly stated in this STC.

The rights and obligations set forth in this STC (or, otherwise, of the Account) cannot be assigned to any third party without the prior written consent of the Company. The Company can assign its rights and obligations under this STC to any third party.

If you are an Organization, we may use your logos, trade name, and trademarks on our Site and any other promotional materials produced by us from time to time. To this extent, you grant to us a non-exclusive, non-sublicensable, royalty-free, worldwide license to use said intellectual property, it being understood, however, that we shall use said intellectual property in accordance with the industry standards.

This STC are drafted both in plain and legal jargon versions. In case of any discrepancies, the legal version included herein shall prevail and take precedence with respect to the plain version. In the event of any conflict between the provisions of this STC and the Website Terms of Use, the Privacy Notice, the Data Protection Agreement or any other terms included by reference into this STCs, the terms of the STCs shall take precedence.

Neither party is liable for any failure of performance (other than for delay or performance in the payment of money due and payable hereunder) to the extent such failure is due to any cause or causes beyond such Party’s reasonable control, including acts of God, fire, explosion, vandalism, cable cut, adverse weather conditions, governmental action, acts of terrorism, strikes and similar labor difficulties, war, sabotage, pandemic, internet-access issues, denial of service attacks, shortage or unavailability of supplies, and other mechanical, electronic, or communications failures or degradation. Either party’s invocation of this clause will not relieve you of your obligation to pay for any Services provided or permit you to terminate any Services except as expressly provided herein.

15. Notices, Support, Contact and Complaints

You can contact us in case you have any doubts, comments, or concerns by any of the following means:

By our contact email or form:

https://www.Ara Medica.com/contact/

16. Ara Medica Contracting Party; Applicable Law and Jurisdiction

a) If you are not residing in the U.S.:

Information according to Art.42 law 88/2009

The registered office of Aratravel S.R.L. is in Via Giuseppe di Vittorio, 64 – Lecce
The company is registered with the Register of Companies of Lecce
The registration number of the company in the Business Register is LE-315576
VAT n. 04750630750 F.C. 04750630750
C.M.: aratravelsrl@pec.it
The share capital is of 10.000 paid-up i.v.
La società non è in stato di liquidazione
unipersonale

If you are acting as a consumer, this STC shall be governed and construed in accordance with Spanish law, but this shall not prevent the application of those mandatory rights you are entitled to under your applicable law. “Consumer” shall be interpreted as any individual or company using the Services for a purpose other than to conduct a business or commercial activity. The courts in Italy, shall have no exclusive jurisdiction in connection with any claim brought by you against the Company. You may also access to the European Union’s online dispute resolution webpage: https://ec.europa.eu/consumers/odr/main/index.cfm?event=main.home2.show&lng=EN

b) If you are residing in the U.S. or acquiring the Services through a US procurement entity:

PLEASE READ THIS SECTION CAREFULLY. IT AFFECTS YOUR LEGAL RIGHTS:

The Ara Medica Contracting Party is Ara Medica US LLC, a Delaware limited liability company registered in The Corporation Trust Company, 1209 N Orange St., Wilmington, Delaware 19801, USA, as a reseller of the Services from Ara Medica SL.

This STC shall be governed and construed in accordance with the State of Delaware, without reference to its conflict of law provisions. Any cause of action or claim you might have with respect to the Services or otherwise under this STC must be filed before the courts of the State of Delaware, which shall have exclusive jurisdiction, and shall be commenced within one (1) year after such claim or cause of action arises or shall be deemed waived.

EACH PARTY HEREBY IRREVOCABLY WAIVES, TO THE EXTENT PERMITTED BY LAW, ALL RIGHTS TO TRIAL BY JURY AND ALL RIGHTS TO BRING OR PARTICIPATE IN A CLASS ACTION OR MULTI-PARTY ACTION IN ANY ACTION, PROCEEDING, OR COUNTER-CLAIM ARISING OUT OF OR RELATING TO THIS STC. ALL CLAIMS AND DISPUTES ARISING OUT OF THIS STC MUST BE LITIGATED ON AN INDIVIDUAL BASIS AND NOT ON A CLASS BASIS.

Qualitative Insights Terms and Conditions

The Qualitative Insights feature offers the ability to obtain quicker and deeper insights from the responses to your forms’ open-ended questions (the “Powered Insights”). Powered insights will be made available to new customers as of mid September 2024, and to existing customers as of mid. October 2024.

This feature requires that you share the responses to the form at issue in respect of which the Powered Insights will be obtained (the “Analyzed Responses”) with third parties. Note that Analyzed Responses may include personal data. We need the collaboration of Anthropic, PBC and Amazon Web Services, Inc. since this feature is powered by Claude 3.5 Sonnet (AI assistant based on Anthropic, PBC’s research and available through the technical environment referred to as Amazon Bedrock that is hosted and managed by Amazon Web Services, Inc.). Please, bear in mind that neither Anthropic nor AWS are an affiliate, partner, agent or representative of us.

You may provide input together with the Analyzed Responses (“Input”) to be processed by Qualitative Insights to receive Powered Insights. We do not own and we will not claim ownership of the Input and the Powered Insights, but we do not make any guarantees, representations or warranties of any kind to you regarding the ownership or your right to use the Powered Insights. We disclaim any liability for any third-party IP, including their accuracy, integrity, quality, legality, usefulness or safety, or any intellectual property rights therein.

You acknowledge that due to the nature of machine learning and the technology powering Qualitative Insights, Powered Insights may not be unique and Qualitative Insights may generate the same or similar output to a third party. The availability of this feature does not imply our endorsement or affiliation with any Powered Insights.

You are solely responsible for your use of the Qualitative Insights feature and the Powered Insights, and any Losses of any kind associated with that use. You shall comply with all rights, obligations, conditions, policies, laws and regulations applicable to your use of the Qualitative Insights, the Input and the Powered Insights. In particular but without limitation, you are responsible for (i) providing any notice and/or obtaining any consent from respondents, where appropriate; (ii) shall use Powered Insights for your own internal business purposes, (iii) shall not mislead any person that the Powered Insights were solely human generated, and (iv) shall not generate spam. You shall defend, indemnify, and hold us harmless from and against any and all Losses, arising out of any claim, proceeding, demand, suit or Action brought by a third party related to your use of the Qualitative Insights, the Input and the Powered Insights.

If you use the Qualitative Insights to make consequential decisions, you must evaluate the potential risks of your use case and implement appropriate human oversight, testing, and other use case-specific safeguards to mitigate such risks. Consequential decisions include those impacting a person’s fundamental rights, health, or safety (e.g., medical diagnosis, judicial proceedings, access to critical benefits like housing or government benefits, opportunities like education, decisions to hire or terminate employees, or access to lending/credit, and providing legal, financial, or medical advice). You agree to provide information about your intended uses of the Qualitative Insights upon request. You are responsible for all decisions made, advice given, actions taken, and failures to take action based on your use of Qualitative Insights and Powered Insights. Powered Insights should be evaluated for accuracy and appropriateness for your use case.

By using Qualitative Insights, you agree as well, to comply with all of AWS and Anthropic terms and conditions and usage policy, which can be found here, here, and here, respectively, including any restrictions on use contained therein.

The usage of this feature is fully subject to the relevant Agreement, which shall be incorporated herein by reference. Any terms not defined in these specific terms shall have the same meanings attributed to them in the Service Terms and Conditions.

Privacy Policy

1. General

This Privacy Policy describes how we collect, use, store, share and protect your personal information in connection with your use of both the platform accessible through the www.aramedica.com domain name (the “Site”) and the services offered by us consisting in the creation of forms and any other services that may be offered by us from time to time (indistinctly referred to as the “Services”). In addition, this Privacy Policy also describes how we process information about other people that are directly or indirectly providing us services, or from people that, despite not using the Services, have contacted us or that we need to contact because of a conflict or issue with the Services or our Company.

If you are between 16 and 18 years old, you will be subject to the same data processings as detailed below. We encourage you to read our plain English version of this Privacy Policy if you prefer an easier and more readable approach. In any case, you are always welcome to ask any questions you may have by sending an email to gdpr@aramedica.com.

We have structured this Privacy Policy based on the role you play when you interact with us. This way we can offer the information that is the most relevant to you and have a meaningful conversation. So, let’s get to know each other, who are you:

Respondents

If you are a respondent (i.e. someone that has answered a form —i.e. a form, quiz or questionnaire created on our platform), please note that we are not the entity responsible for the processing of data, but a mere provider rendering services to the person or company that sent you the form at issue.

We suggest you carefully read the terms and conditions and privacy policy of the company or person that sent you the form, as those are the ones governing the processing of your personal data. If you have any doubts, please contact that person or company. Also, depending on how the person or company that sent you a form configured that form, your data may be shared or made public. To find out more, please contact the entity or person sending you the form.

On our side, please note that this policy is drafted both in plain and legal versions. In case of any discrepancies, the legal version included herein shall prevail and take precedence with respect to the plain version.

Customers

How are we processing respondents’ personal data on your behalf? Aramedica SL as data processor.

If you are using our Services and you are interested in learning how we are processing any personal data that we collect on your behalf, please check our Data Processing Agreement out in the following link. Please note that in this case you are the Data Controller and we (Aramedica SL) are the Data Processor as further elaborated within the DPA.

How are we processing your data as our Customer? Aramedica as data controller.

As mentioned above, if you use our Services or Site because you have created an Account with us, this Privacy Policy sets forth how we are processing your personal data. You are not required to provide any personal information when using the Site, unless you choose to access features that require such information (as, by way of example, subscribing to any newsletter). The use of the Services, however, requires that you sign up and create an account as described in more detail in the Service Terms and Conditions.

Personal information you provide us when using the Site and/or the Services is subject to this Privacy Policy, and you will be prompted to read and accept it. In addition, if you are a California resident, please click here and refer to the ‘CCPA Notice’ section for additional California-specific privacy disclosures that address the collection, use, disclosure and other processing of personal information that supplement this Privacy Policy and may fall outside its scope.

Who processes personal information? (who is the ‘Data controller’)

Your personal information is processed by Aramedica SL, and, in some cases, jointly by Aramedica US LLC and Aramedica SL.

For the activities to offer and sell you the plan and following-up with the commercial relationship with you, both Aramedica SL and Aramedica US LLC act jointly and severally, as joint data controllers. On the contrary, for providing the services only, Aramedica SL is the entity acting as sole data controller.

Information according to Art.42 law 88/2009

The registered office of Aratravel S.R.L. is in Via Giuseppe di Vittorio, 64 – Lecce

The company is registered with the Register of Companies of Lecce

The registration number of the company in the Business Register is LE-315576

VAT n. 04750630750 F.C. 04750630750

C.M.: aratravelsrl@pec.it

The share capital is of 10.000 paid-up i.v.

La società non è in stato di liquidazione

unipersonale

Contact details for our Data Protection Officer: gdpr@aramedica.com

What are we processing your data for and why are we processing it? (‘Purposes of data processing’, ‘legal basis of the data processing’ and ‘storage periods’)

Based on our contract or future contract with you: we will process your data when we have to perform a contract, and we will be processing your data as long as the contractual relationship with you is in force and during the five years following the end of said relationship. This results in us having to process your data for purposes of (i) providing you with both the Services, as well as to (ii) perform our obligations under the Services Terms and Conditions.

Based on your consent: subject to obtaining your consent, and as long as you do not withdraw any such consent, we may also process your data for the following purposes:

a) To send you electronic commercial communications (if you subscribe to a newsletter) or to answer the requests you may address us when contacting us;

b) For profiling and analytics purposes based on your behavior and how you browse the Site and use the Services, which pages you have visited, and to build audiences by means of cookies, as described in detail in the Cookie Policy, and subject to the terms set forth therein. In those cases, your acceptance of the installation and use of cookies results in a data processing for profiling purposes, as described in this paragraph.

c) If you opt to sign in by means of a third party social media platform, we may obtain ID confirmation and other information from that third party, as mentioned in each case. For further information on what personal data we receive from third parties, see below;

d) We may enrich the data we have about you by obtaining information from a select third party for data enrichment purposes, provided that you have given us prior permission. Enriching data allows us to analyze a deeper subset of data from which we may present personalized content.

Based on a legal obligation: When we have to comply with a legal obligation applicable to us from time to time, such as those set forth in tax and anti-money laundering laws and regulations (such as Act no. 58/2003, dated December 17, on Taxes; Act no. 27/2014, dated November 27, on corporate taxes; Act no. 10/2010, dated April 28, for the prevention of money laundering and financing or terrorism; or Organic Act no. 10/1995, dated November 23, on Criminal Code). In any such cases, the data will be processed only during the periods set forth by said laws, being deleted thereafter.

Based on our legitimate interest: Finally, we may also process your data to protect our legitimate interests, as long as said data is strictly necessary to review and monitor your activity for purposes of investigating and analyzing how to improve the Services and/or the Site, as well as to keep our Services and the Site secure and operational and prevent abusive activity (e.g. fraud, spam, phishing activities, etc.). This may include sending you forms to assess any problems you may have experienced in the service or know how to improve your user experience. The interests at stake are ensuring a correct and safe environment for both other users and us, taking those interests prevalence over your legitimate interests (we need to create and maintain an environment which is in accordance with the law, the legitimate interests of other parties, what other users may expect from our end, and to protect other users’ security when accessing the Site and using the Services).

To which extent do we require to have access to your personal data?

We need to process your personal data to perform the legal and contractual obligations mentioned above. Otherwise, we are not able to provide you with the Services and/or access to the Site. On the other hand, for data processing which depends on your consent or on our legitimate interests, the data processing is not legally required.

Which companies or entities will have access to your personal information?

We share your information with our service providers who help us to provide the Services to you, in which case those third parties are required to comply with our internal standards, policies, and technical and organizational measures that ensure that your data is protected and kept confidential at all times, and only in accordance with and to the extent authorized by this Privacy Policy.

We share your profile information with other users to permit and facilitate that you collaborate with them, and work across multiple workspaces and organizations. This information includes your name, account email, as well as things like the forms that you have created or removed, the time they were edited, or usage activity. As a result, the administrator of the organization or workspace where you collaborate may be able to access or export logs of your activity.

When you authorize us to do so, we may also share your data with other companies so that they can process the data for other purposes, as explained more in detail when we request your prior consent. In addition, if you provide consent for the installation of cookies, your data may be processed by third companies for the purposes and in the territories mentioned in the Cookie Policy.

We may also share your information with competent courts and authorities, when we are legally required to do so (for instance, to allow such bodies to investigate, prevent, or take action against illegal activities), or we have to take action to protect our rights or any third party rights.

The categories of recipients of personal data are: (i) hosting and infrastructure providers; (ii) providers of audience analytics tools; (iii) providers of product and user experience analytics tools; (iv) providers of security of our systems; (v) providers of subscription, accounting and billing management; (vi) auditing and consulting services providers; (vii) providers of marketing campaign management; (viii) providers of electronic communication management; (ix) providers that supports customer relationship management; (x) providers of SSO services; and (xi) our affiliates. A detailed and up-to-date description of the companies we may share data with could be found here for Aramedica and here for .

Finally, please note that you may opt for creating a form and share publicly the results that are displayed not in an aggregated manner but by providing the particular responses provided by respondents. In those cases, if you opt to create a form having this functionality, the said results will be shared with those third parties you opt to share them with. Please bear in mind that, depending on what you intend to do with your data, you may be required to inform or comply with further legal requirements vis-à-vis respondents.

In which territories may your personal information be processed?

Your data may be transferred, processed, and stored in countries that do not have data protection laws as protective as those in your jurisdiction. Your agreement to the terms of this Privacy Policy, followed by your submission of information in connection with the Service, represents your agreement to this international transfer of personal data.

For clarification purposes, we will process information from the European Economic Area and the US. In some cases, data may also be processed from other countries, including the UK, in which case we will implement the security measures required by law. In particular, we will be signing Standard Contractual Clauses to ensure that the information is protected at all times and applying additional technical and organizational measures to ensure that the information is protected at all times.

For further information on the security measures we apply at Aramedica, please check our help center.

A detailed and up-to-date description of the companies we may share data with could be found here for Aramedica and here for . You will observe a clear description on the territories of those companies and the measures implemented to keep your data safe.

What other information we may be processing from you that has not been obtained directly from you?

When you create an Account helped by your existing accounts with the third parties detailed below, we will be using your contact details (i.e. name, email address, language preference and profile picture) as you consent to be shared with us to ease the creation of your Account and the sign-up process.

Microsoft Corporation, dba. Microsoft – for further information on their Privacy Policy click here.

Google Ireland Limited, dba. Google – for further information on their Privacy Policy click here.

Automattic Inc., dba. Gravatar – for further information on their Privacy Policy click here.

In the event you leverage your account with these third parties to create an account with us, the rest of the provisions of this Privacy Policy will apply to you as if you have created on your own.

When you expressly consent to data enrichment, we will be using the information collected from you to customize your experience and our services so they are adapted to what is more relevant to you.

Miscellanea. Updating your information

You can update any information we may have from you by means of the account settings area or by sending us a written communication as described in section 5 below. Please remember that it is your duty to keep information updated so we can correctly provide you with the Services, and you undertake to verify the information you have handed us from time to time to make sure that it is accurate.

Commercial communications: as explained in this policy, you are entitled to ask us, now or at any moment, not to send you any kind of emails or commercial communications. To that extent, you can either change the communication preferences in your account settings page or contact us as described in section 5 below. Note that this will not prevent the sending of emails or other communications related to the Services (i.e transactional messages), as those communications are necessary to perform the contractual relationship we have with you.

This is the case, for instance, of messages concerning new features that we may roll out, or bugs impacting the availability of our services.

Our analytics: Upon anonymizing your data – this means that such data will no longer be possible to be associated to you or to any other person – we may perform statistical and other analysis on such information (technical and metadata) to analyze and measure aggregated user behavior and trends, to understand how people use our services, in order to improve and optimize our performance of such services, and to publish any findings.

Your rights.

You have the right to withdraw your consent at any time. You also have the right to request access to, and rectification of, or erasure of your personal data, or restriction of processing, or to object to processing, as well as the right to data portability. Please note that if you choose to cancel your data as a customer, your account will be deleted and all data in your account will be permanently deleted from our systems. In some cases, we may refuse to delete all the data if we are not allowed under the laws or for purposes of the establishment, exercise or defense of legal claims. In such latter cases your data will be processed on a restricted basis, and only as long and to the extent required by law.

You can always lodge a complaint at any time with the Spanish Data Protection Agency.

You can exercise the above-mentioned rights at any time by sending an email to gdpr@aramedica.com, or by sending a letter addressed to our Data Protection Officer to Via Giuseppe di Vittorio, 64 – 73040 Aradeo (Lecce).

How to contact us

Send a request via our Aramedica Contact Form or Contact Form. In the Help Center click on the Contact Support link at the bottom of any article. You can always contact us at gdpr@Aramedica.com for any privacy-related matters.

Changes to the privacy policy

We may amend this Privacy Policy from time to time. We may also notify you of material changes to this Privacy Policy, before the effective date of the changes, by sending an email, through in-app notices or otherwise. If you do not agree to any substantial change to this Privacy Policy, you should stop using and eliminating your Account.

Prevalence

This policy is drafted both in plain and legal versions. In case of any discrepancies, the legal version included herein shall prevail and take precedence with respect to the plain version.

Professionals and other contacts

If you are a professional working for us, or you have contacted us or we need to contact you because of a conflict, please be informed that this Privacy Policy sets forth how we are processing your personal data.

Who processes personal information? (who is the ‘Data controller’)

Personal information is processed by us, an entity incorporated in accordance with the laws of Italy with the following contact details:

Information according to Art.42 law 88/2009

The registered office of Aratravel S.R.L. is in Via Giuseppe di Vittorio, 64 – Lecce

The company is registered with the Register of Companies of Lecce

The registration number of the company in the Business Register is LE-315576

VAT n. 04750630750 F.C. 04750630750

C.M.: aratravelsrl@pec.it

The share capital is of 10.000 paid-up i.v.

La società non è in stato di liquidazione

unipersonale

Contact details for our Data Protection Officer: gdpr@aramedica.com

What are we processing your data for and why are we processing it? (‘Purposes of data processing’, ‘legal basis of the data processing’ and ‘storage periods’)

Based on our contract or future contract with you: For professionals working with us (other than users of the Site), we will process your data to perform a contract, and we will be processing your data as long as the contractual relationship with you or the entity for which you are working for is in force and during the five years following the end of said relationship.

Based on your consent: For other people contacting us, we will be processing data based on your consent and your request to contact you back and answer a petition initially addressed to us.

Based on a legal obligation: In addition to the legal basis mentioned above, we may also need to process both professionals’ and people’s contacting us data to comply with a legal obligation. This is the case of storing data about the contractual relationship we have with a professional working for us, because of the tax and anti-money laundering laws and regulations, or, when it comes to people contacting us, you report some suspicious activities that need further investigation and action under criminal law (such as Act no. 58/2003, dated December 17, on Taxes; Act no. 27/2014, dated November 27, on corporate taxes; Act no. 10/2010, dated April 28, for the prevention of money laundering and financing or terrorism; or Organic Act no. 10/1995, dated November 23, on Criminal Code). In any such cases, the data will be processed only during the periods set forth by said laws, being deleted thereafter.

Based on our legitimate interests: Finally, we may also process data from people we need to contact because of a conflict or a breach of our rights or other situations. This processing will take place on the basis of our legitimate interests, as long as said data is strictly necessary to review, monitor, investigate, and analyze a conflict and how to protect our assets, rights, and users. The interests at stake are ensuring the protection of both our users and us, taking those interests prevalence over your legitimate interests (we need to abide by the law, the legitimate interests of other parties, what other users may expect from our end).

To which extent do we require to have access to your personal data?

We need to process your personal data to perform the legal and contractual obligations mentioned above. On the other hand, for data processing which depends on your consent or on our legitimate interests, the data processing is not legally required.

Which companies will have access to your personal information?

We share your information with our service providers who help us operate our business, in which case those third parties are required to comply with our internal standards, policies, and technical and organizational measures that ensure that your data is protected and kept confidential at all times, and only in accordance with and to the extent authorized by this Privacy Policy.

In particular, these third parties helping us out in operating our business belong to the following categories: (i) consultancy and audit service providers; (ii) electronic communications management tools providers; (iii) contract management tools providers; (iv) accounting and billing tools providers;

(v) Public authorities; and (vi) our affiliates.

In addition, if you browse our Site and you provide consent for the installation of cookies, your data may be processed by third companies for the purposes and in the territories mentioned in the Cookie Policy.

In which territories may your personal information be processed?

Your data may be transferred, processed, and stored in countries that do not have data protection laws as protective as those in your jurisdiction. Your agreement to the terms of this Privacy Policy, followed by your submission of information in connection with your request, represents your agreement to this international transfer of personal data.

For clarification purposes, we will process information from the European Economic Area. In some cases, data may also be processed from other countries, including the UK, in which case we will implement the security measures required by law. In particular, we will be signing Standard Contractual Clauses to ensure that the information is protected at all times and applying additional technical and organizational measures to ensure that the information is protected at all times.

For further information on the security measures we apply at Ara Medica, please check our help center.

Your rights.

You have the right to withdraw your consent at any time. You also have the right to request access to, and rectification of, or erasure of your personal data, or restriction of processing, or to object to processing, as well as the right to data portability. Please note that if you choose to request the deletion of your data, we may refuse if we are not allowed under the laws or for purposes of the establishment, exercise or defense of legal claims. In such latter cases your data will be processed on a restricted basis, and only as long and to the extent required by law.

You can always lodge a complaint at any time with the Spanish Data Protection Agency.

We allow you to exercise the above-mentioned rights at any time by sending an email to gdpr@aramedica.com, or by sending a letter addressed to our Data Protection Officer to Aratravel S.R.L. is in Via Giuseppe di Vittorio, 64 – Lecce.

How to contact us

Send a request via our Ara Medica Contact Form or Contact Form. In the Help Center click on the Contact Support link at the bottom of any article. You can always contact us at gdpr@aramedica.com for any privacy-related matters.

Changes to the privacy policy

We may amend this Privacy Policy from time to time. We may also notify you of material changes to this Privacy Policy, before the effective date of the changes, by sending an email or otherwise. If you do not agree to any substantial change to this Privacy Policy, you may terminate the Service Terms and Conditions.

Prevalence

This policy is drafted both in plain and legal versions. In case of any discrepancies, the legal version included herein shall prevail and take precedence with respect to the plain English version.

Data Processing Agreement

This Data Processing Agreement entered into between you and Ara Medica SL (the “Company”, “we”, or “us”) regulates the particularities of data processing in connection with your use of both the platform accessible through the www.aramedica.com domain names (the “Site”) and the services we may offer through the Site from time to time, consisting in ‘Ara Medica’ forms and other services (indistinctly referred to as the “Services”). If you are also subject to the CCPA, please check our ‘CCPA Notice’ here to learn which specific provisions apply to you.

Please, note that ‘Data controller’, ‘data processor’, ‘data subject’, ‘personal data’, ‘processing’ will have the meaning set forth in the GDPR or in any other applicable European data protection law. ‘GDPR’ shall be understood as (i) the Regulation (EU) 2016/679, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data; (ii) the GDPR as it forms part of UK law by virtue of section 3 of the UK European Union (Withdrawal) Act 2018 and the UK Data Protection Act 2018 (together, “UK Data Protection Laws”); (iii) any future laws that may amend them or complement them in the future.

For clarification purposes, under this DPA (i) the processing of data regulated hereunder shall take place for as long as there is a service agreement in place between you and we, or until you decide to terminate said agreement; (ii) the nature and purposes of the processing shall be the collection, saving, organization, hosting, and deletion of data, as well as making it available to you upon your request; and (iii) the types of personal data and the categories of data subjects that are likely to be used in our product are name, surname, email address, telephone number, other ID details belonging to employees, candidates, prospects, and clients.

1. Processing of data

We will process any personal data we may have access to because of the provision of the Services in accordance with the documented instructions provided by you from time to time. Should a Union or Member State law to which we are subject requires us to process personal data —including the international transfer of personal data—, we will inform you of that legal requirement before processing, unless that law prohibits such information on important grounds of public interest.

Should we have reasonable grounds to believe that a documented instruction given by you infringes the GDPR or any other applicable EU data protection law or regulation, we will put said instruction on hold and immediately notify you. At your sole risk and without us being responsible or liable to you for any losses, you will be entitled to order us to perform any such instruction despite the concerns raised by us, as long as you reconfirm your instruction in writing.

For purposes of this DPA, it will be understood that a ‘documented instruction’ includes, without limitation, (i) any instruction delivered by you by means of any durable media, such as a letter or email; (ii) any instruction electronically sent by you when using the software provided as part of the Services (i.e. by using the interface part of the software and the features made available through it); or (iii) the provisions of the DPA.

For clarification purposes and given your position of data controller, you warrant and represent that you will timely and sufficiently perform your obligations under the applicable privacy laws, such as inform data subjects (e. g. respondents to the forms, etc.) and obtain their consent (where appropriate). This enumeration is for illustration purposes only, in the sense that you will still be required to satisfy the obligations you are subject under the GDPR, such as making sure, in general, that the processing satisfies the requirements of the GDPR, you have the right and obligation to decide about the purpose and means of said processing, or making sure that there is a legal basis for the processing.

2. Confidentiality duty

We will ensure that all employees authorized to process personal data have committed to confidentiality or are under an appropriate statutory obligation of confidentiality.

3. Sub-processors

In the event that we intend to replace one subprocessor by other or contract new subprocessors to provide you with the Services, you will be entitled to reasonably oppose (i.e. any challenge based on the potential or actual failure to meet the legal requirements set forth by the GDPR by the subprocessor to be appointed) to such change in the non-extendable term of fifteen (15) calendar days and, if you exercise such right, we will be entitled to early terminate the contractual relationship set forth in for the provision of the Services.

We will enter into written agreements with any sub-processors engaged in the provision of the Services including the safeguards and guarantees required by the GDPR, particularly in respect of implementing the security measures required in the GDPR, and we will be liable for any actions by our sub-processors.

4. Data subjects’ rights

Taking into account the nature of the processing, we will assist you by appropriate technical and organizational measures, insofar as this is possible, for the fulfilment of your obligation to respond to requests for exercising the data subject’s rights laid down in Chapter III of the GDPR, if applicable. For the avoidance of doubt, we will send to you any request data subjects may address directly to us together with all relevant information, if any, so that you can formally contact and answer to data subjects.

5. Security measures

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, as those measures are further detailed in Annex II. Taking into account the nature of processing and the information available to us, we will reasonably assist you in compliance with the security obligations set forth by Article 32 of the GDPR.

6. Assistance and data breaches

In addition to the duty set forth in Section 5 above, we will also provide, subject to the nature of processing and information available to us, assistance in complying with obligations set forth in Articles 32 to 36 of the GDPR, if applicable.

With respect to data breaches, we will notify you without undue delay upon we becoming aware of a personal data breach affecting personal data and, in any event, within the deadlines set forth under the GDPR. We will provide you with sufficient information to allow it to meet any obligations to report or inform competent authorities or data subjects. We will reasonably cooperate with you and take such reasonable commercial steps as are directed by you to assist in the investigation, mitigation and remediation of each such data breach. For the avoidance of doubt, you will be the only Party responsible for both filing any reports required under applicable law and notifying data subjects, and you will defend, indemnify and hold us harmless of any and all costs (including attorney’s fines), fines or sanctions, or any damages that lack of action on your side may cause.

7. Termination

You will decide whether you want us to delete or return personal data, unless Union or Member State law requires storage of the personal data. To this end, you acknowledge that deletion of the account provided as part of the Services will always result in deletion of personal data, and its request to delete the account will be understood as a request to delete data under this Section 7.

Canceling your paid subscription shall not result in a termination of the Services and, therefore, a termination of this DPA. You will still be able to keep using our Services under a free plan, but some of the functionalities offered to you may not be fully available. This includes the ability to access and download pre-collected responses – for clarification purposes, you will still be able to ask us to download and send you a copy of these responses and we will perform this action as soon as possible and, in any event, within fifteen (15) days.

If you are an inactive free user, as this term is described in the STC, you accept that data is deleted after the 24-month period of time set forth in these STC.

8. Audit rights

We will make available to you the information necessary to demonstrate our compliance with the obligations set forth in this DPA. You agree that the obligation to provide information demonstrating compliance with this DPA may be satisfied by us making available to you copies of the audit reports and/or certifications undergone by us, such as ISO27001 or SOC2 certificates. In the event that these documents do not reasonably address your concerns, you agree that you may only conduct up to one (1) audit per year, unless there are reasonable grounds to believe that we are not performing the obligations laid down in this DPA. Audits will only be carried out during normal business hours, and you will bear all costs unless we are found to be in a material breach of this DPA.

9. International transfer of personal data

In the event that the you are neither subject to the GDPR, nor located in the EEA, nor the transfer can be legally performed in accordance with the GDPR (because such transfer falls under an adequacy decision passed by the European Commission or can be otherwise performed under the GDPR on the basis of BCR, a certification mechanism or under a legally binding instrument), you and us enter into the SCCs, module 4, as a mechanism to ensure the adequate protection of personal data being transferred outside the EEA.

Should you be based in the United Kingdom, the Parties declare that the transfer of data from the United Kingdom to Italy or from Italy to the United Kingdom will not be construed as an international transfer of personal data, considering the adequacy decisions passed on this subject. Annex IV shall apply in respect of any onward transfers.

You authorize to the transfer of data to the sub-processors listed in Section 3 above, it being understood that any such transfer will be performed to the extent that we enter into a written contract with the sub-processors setting forth the obligations to be implemented by the sub-processors in respect of the transfer of data (e.g. SCCs, module 3; or, should you be an entity subject to the UK GDPR, the SCCs amended as specified in Annex IV), and you have the right to oppose any future changes or amendments of the sub-processors by following the same steps mentioned in Section 3 above. Should you exercise any such right, we will be entitled to early terminate the contractual relationship set forth for the provision of the Services. For purposes of the SCCs:

– Clause 7 (Docking Clause) will not apply;

– Option 2 in Clause 9 (general written authorization) is chosen. Option 2 will be construed in the light of the provisions of this DPA;

– Clause 11 (Optional Language) will not apply; and

– In Clause 13, 17 and 18, Spanish law shall be the applicable law, and the competent courts and authorities of the Kingdom of Italy shall be the ones competent to solve any disputes connected with the SCCs.

ANNEX I

A. LIST OF PARTIES

Information according to Art.42 law 88/2009

The registered office of Aratravel S.R.L. is in Via Giuseppe di Vittorio, 64 – Lecce

The company is registered with the Register of Companies of Lecce

The registration number of the company in the Business Register is LE-315576

VAT n. 04750630750 F.C. 04750630750

C.M.: aratravelsrl@pec.it

The share capital is of 10.000 paid-up i.v.

La società non è in stato di liquidazione

unipersonale

B. DESCRIPTION OF TRANSFER

Categories of data subjects whose personal data is transferred – Any kind of data subject categories..

Categories of personal data transferred – Any kind of personal data categories.

Sensitive data transferred (if applicable) and applied restrictions or safeguards that fully take into consideration the nature of the data and the risks involved, such as for instance strict purpose limitation, access restrictions (including access only for staff having followed specialised training), keeping a record of access to the data, restrictions for onward transfers or additional security measures – sensitive information may be processed, and subject to the security measures described in Annex II.

The frequency of the transfer (e.g. whether the data is transferred on a one-off or continuous basis) – Continuous basis.

Nature of the processing – data collection, saving, organization, hosting, deletion. Making the data available to the data exporter following its requirements / petitions.

Purpose(s) of the data transfer and further processing –Provision of customer service services, as further detailed in the STC.

The period for which the personal data will be retained, or, if that is not possible, the criteria used to determine that period: data will be retained for as long as the data exporter requires the services.

For transfers to (sub-) processors, also specify subject matter, nature and duration of the processing – same as above.

C. COMPETENT SUPERVISORY AUTHORITY –the Spanish Data Protection Agency.

ANNEX II

TECHNICAL AND ORGANISATIONAL MEASURES INCLUDING TECHNICAL AND ORGANISATIONAL MEASURES TO ENSURE THE SECURITY OF THE DATA

Information Security Program (“ISP”)

Ara Medica will maintain an ISP designed to (i) help secure personal data against accidental or unlawful loss, access or disclosure; (ii) identify reasonably foreseeable and internal risks to security and unauthorized access; and (iii) minimize security risks, including through risk assessment and regular testing. The ISP will include the following measures:

Network Security

Ara Medica will maintain access and transmission controls and policies to manage access to the network, including the use of authentication controls, firewalls or intrusion detection systems to ensure that only the authorized individual have access to the systems and data is transmitted without compromise to the correct recipients. Ara Medica will maintain security incident response plans to handle potential security incidents.

Physical Security

Physical components are housed in facilities (“Facilities”) controlled by an ISO 27001 certified company (i.e. Amazon Web Services) or in Facilities which meet or exceed all of the following physical security requirements.

Physical Access Controls and Limited Access. Access to the Facilities is granted to those employees and contractors who have a legitimate business need for such access privileges. When an employee or contractor no longer has a business need for the access privileges assigned to him/her, the access privileges are promptly revoked.

Personal Data Security. Controls for the Protection of Personal Data.

Taken care in the control “Privacy by design & by default”. Ara Medica will maintain appropriate technical and organizational measures for protection of the security (including protection against unauthorized or unlawful processing and against accidental or unlawful destruction, loss or alteration or damage, unauthorized disclosure of, or access to, personal data), confidentiality and integrity of personal data appropriate to the risk, including inter alia as appropriate: (i) the pseudonymization and encryption of personal data; (ii) the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services; (iii) the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident; (iv) a process for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing; and (v) the principles of privacy by design and by default to ensure that processes and systems are designed such that the collection and processing if data are limited to what is necessary for the identified purpose. Such principles comprises for personal data the limit of collection, processing, accuracy and quality, minimization of objectives, de-identification, deletion & disposal at the end of processing, proper management of temporary files, retention periods & processing transmission controls. Ara Medica regularly monitors compliance with these measures, and will not materially decrease the overall security of the data processing services.

Temporary files: Temporary files training & awareness will be included in Ara Medica training & awareness program for employees.

Business Continuity and Disaster Recovery

Ara Medica will maintain a business continuity and disaster recovery plan based on risk. Recovery plan are tested at least annually.

Employee security

Ara Medica will have signed confidentiality agreements with the employees and contractors. Also, all employees and contractors will have a common way to report incidents approved by the organization and they will undergo at least an annual security awareness training.

Ongoing Evaluation

Ara Medica must reassess and update their security policies on a periodic basis. Changes must be documented.

ANNEX III

LIST OF SUB-PROCESSORS

For Ara Medica

Ara Medica shall be entitled to seek the assistance of its affiliates Ara Medica US LLC, conducting business in the US and having registered address at Spaces 95, 3rd St. 2nd Floor – San Francisco, CA 94103 (United States of America); Ara Medica UK Limited, a company incorporated in England and Wales with registered office at 9th Floor, 107 Cheapside, London, EC2V 6DN (United Kingdom); and Ara Medica DE GmbH, a company incorporated in Germany with registered office at EdisonStr. 63 – 12459 Berlin (Germany). These companies are providing engineering, marketing & sales and customer success support services. Additionally, Ara Medica shall be entitled to engage Amazon Web Services Inc., a US entity with registered address at 2021 Seventh Ave., Seattle — Washington 98121 (United States of America) for the provision of hosting services; Cloudflare Inc., a US entity with registered address at 101 Townsend St., San Francisco — California 94107 (USA) for security & fraud prevention; Google Inc., a US entity with registered address at 1600 Amphitheatre Parkway Mountain View — California 94043 (USA), for supporting the processing of tickets raised by respondents; and Zendesk Inc., a US company with registered address at 1019 Market Street San Francisco, — California 94103 (USA), for the processing of customer success tickets.

ANNEX IV

International Data Transfer Addendum to the EU Commission Standard Contractual Clauses

This Addendum has been issued by the Information Commissioner for Parties making Restricted Transfers. The Information Commissioner considers that it provides Appropriate Safeguards for Restricted Transfers when it is entered into as a legally binding contract.

Part 1: Tables

Table 1 Parties

Start date: As specified in the STCs

The Parties:

Information according to Art.42 law 88/2009

The registered office of Aratravel S.R.L. is in Via Giuseppe di Vittorio, 64 – Lecce

The company is registered with the Register of Companies of Lecce

The registration number of the company in the Business Register is LE-315576

VAT n. 04750630750 F.C. 04750630750

C.M.: aratravelsrl@pec.it

The share capital is of 10.000 paid-up i.v.

La società non è in stato di liquidazione

unipersonale

Importer (who receives the Restricted Transfer)

Full legal name: as identified when creating an account with us

Trading name (if different): As identified when creating an account with us

Main address (if a company registered address): As identified when creating an account with us

Official registration number (if any) (company number or similar identifier): As identified when creating an account with us

Key Contact

Full Name (optional): N/A

Job Title: N/A

Contact details including email: As identified when creating an account with us

Signature (if required for the purposes of Section ‎2)

Table 2: Selected SCCs, Modules and Selected Clauses

As stipulated in Section 9 of the DPA.

Table 3: Appendix Information

Appendix Information: means the information which must be provided for the selected modules as set out in the Appendix of the EU SCCs (other than the Parties), and which is set out in the DPA.

Table 4:

Neither party may end this Addendum when the approved Addendum changes.

Part 2: Mandatory Clauses

Entering into this Addendum

1. Each Party agrees to be bound by the terms and conditions set out in this Addendum, in exchange for the other Party also agreeing to be bound by this Addendum.

2. Although Annex 1A and Clause 7 of the Approved EU SCCs require signature by the Parties, for the purpose of making Restricted Transfers, the Parties may enter into this Addendum in any way that makes them legally binding on the Parties and allows data subjects to enforce their rights as set out in this Addendum. Entering into this Addendum will have the same effect as signing the Approved EU SCCs and any part of the Approved EU SCCs.

Interpretation of this Addendum

5. Where this Addendum uses terms that are defined in the Approved EU SCCs those terms will have the same meaning as in the Approved EU SCCs. In addition, the following terms have the following meanings:

Addendum: This International Data Transfer Addendum which is made up of this Addendum incorporating the Addendum EU SCCs.

Addendum EU SCCs: The version(s) of the Approved EU SCCs which this Addendum is appended to, as set out in Section ‘Table 2’, including the ‘Appendix Information.

Appendix Information: As set out in Table ‎3.

Appropriate Safeguards: The standard of protection over the personal data and of data subjects’ rights, which is required by UK Data Protection Laws when you are making a Restricted Transfer relying on standard data protection clauses under Article 46(2)(d) UK GDPR.

Approved Addendum: The template Addendum issued by the ICO and laid before Parliament in accordance with s119A of the Data Protection Act 2018 on 2 February 2022, as it is revised under Section ‎18.

Approved EU SCCs: The Standard Contractual Clauses set out in the Annex of Commission Implementing Decision (EU) 2021/914 of 4 June 2021.

ICO: The Information Commissioner.

Restricted Transfer: A transfer which is covered by Chapter V of the UK GDPR.

UK: The United Kingdom of Great Britain and Northern Ireland.

UK Data Protection Laws: All laws relating to data protection, the processing of personal data, privacy and/or electronic communications in force from time to time in the UK, including the UK GDPR and the Data Protection Act 2018.

UK GDPR: As defined in Section 3 of the Data Protection Act 2018.

7. This Addendum must always be interpreted in a manner that is consistent with UK Data Protection Laws and so that it fulfils the Parties’ obligation to provide the Appropriate Safeguards.

8. If the provisions included in the Addendum EU SCCs amend the Approved SCCs in any way which is not permitted under the Approved EU SCCs or the Approved Addendum, such amendment(s) will not be incorporated in this Addendum and the equivalent provision of the Approved EU SCCs will take their place.

9. If there is any inconsistency or conflict between UK Data Protection Laws and this Addendum, UK Data Protection Laws applies.

10. If the meaning of this Addendum is unclear or there is more than one meaning, the meaning which most closely aligns with UK Data Protection Laws applies.

11. Any references to legislation (or specific provisions of legislation) means that legislation (or specific provision) as it may change over time. This includes where that legislation (or specific provision) has been consolidated, re-enacted and/or replaced after this Addendum has been entered into.

Hierarchy

12. Although Clause 5 of the Approved EU SCCs sets out that the Approved EU SCCs prevail over all related agreements between the parties, the parties agree that, for Restricted Transfers, the hierarchy in Section ‎10 will prevail.

13. Where there is any inconsistency or conflict between the Approved Addendum and the Addendum EU SCCs (as applicable), the Approved Addendum overrides the Addendum EU SCCs, except where (and in so far as) the inconsistent or conflicting terms of the Addendum EU SCCs provides greater protection for data subjects, in which case those terms will override the Approved Addendum.

14. Where this Addendum incorporates Addendum EU SCCs which have been entered into to protect transfers subject to the General Data Protection Regulation (EU) 2016/679 then the Parties acknowledge that nothing in this Addendum impacts those Addendum EU SCCs.

Incorporation of and changes to the EU SCCs

15. This Addendum incorporates the Addendum EU SCCs which are amended to the extent necessary so that:

a. together they operate for data transfers made by the data exporter to the data importer, to the extent that UK Data Protection Laws apply to the data exporter’s processing when making that data transfer, and they provide Appropriate Safeguards for those data transfers;

b. Sections ‎9 to ‎11 override Clause 5 (Hierarchy) of the Addendum EU SCCs; and

c. this Addendum (including the Addendum EU SCCs incorporated into it) is (1) governed by the laws of England and Wales and (2) any dispute arising from it is resolved by the courts of England and Wales, in each case unless the laws and/or courts of Scotland or Northern Ireland have been expressly selected by the Parties.

16. Unless the Parties have agreed alternative amendments which meet the requirements of Section ‎12, the provisions of Section ‎15 will apply.

17. No amendments to the Approved EU SCCs other than to meet the requirements of Section ‎12 may be made.

18. The following amendments to the Addendum EU SCCs (for the purpose of Section ‎12) are made:

a. References to the “Clauses” means this Addendum, incorporating the Addendum EU SCCs;

b. In Clause 2, delete the words:

“and, with respect to data transfers from controllers to processors and/or processors to processors, standard contractual clauses pursuant to Article 28(7) of Regulation (EU) 2016/679”;

c. Clause 6 (Description of the transfer(s)) is replaced with:

“The details of the transfers(s) and in particular the categories of personal data that are transferred and the purpose(s) for which they are transferred) are those specified in Annex I.B where UK Data Protection Laws apply to the data exporter’s processing when making that transfer.”;

d. Clause 8.7(i) of Module 1 is replaced with:

“it is to a country benefitting from adequacy regulations pursuant to Section 17A of the UK GDPR that covers the onward transfer”;

e. Clause 8.8(i) of Modules 2 and 3 is replaced with:

“the onward transfer is to a country benefitting from adequacy regulations pursuant to Section 17A of the UK GDPR that covers the onward transfer;”

f. References to “Regulation (EU) 2016/679”, “Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation)” and “that Regulation” are all replaced by “UK Data Protection Laws”. References to specific Article(s) of “Regulation (EU) 2016/679” are replaced with the equivalent Article or Section of UK Data Protection Laws;

g. References to Regulation (EU) 2018/1725 are removed;

h. References to the “European Union”, “Union”, “EU”, “EU Member State”, “Member State” and “EU or Member State” are all replaced with the “UK”;

i. The reference to “Clause 12(c)(i)” at Clause 10(b)(i) of Module one, is replaced with “Clause 11(c)(i)”;

j. Clause 13(a) and Part C of Annex I are not used;

k. The “competent supervisory authority” and “supervisory authority” are both replaced with the “Information Commissioner”;

l. In Clause 16(e), subSection (i) is replaced with:

“the Secretary of State makes regulations pursuant to Section 17A of the Data Protection Act 2018 that cover the transfer of personal data to which these clauses apply;”;

m. Clause 17 is replaced with:

“These Clauses are governed by the laws of England and Wales.”;

n. Clause 18 is replaced with:

“Any dispute arising from these Clauses will be resolved by the courts of England and Wales. A data subject may also bring legal proceedings against the data exporter and/or data importer before the courts of any country in the UK. The Parties agree to submit themselves to the jurisdiction of such courts.”; and

o. The footnotes to the Approved EU SCCs do not form part of the Addendum, except for footnotes 8, 9, 10 and 11.

Amendments to this Addendum

19. The Parties may agree to change Clauses 17 and/or 18 of the Addendum EU SCCs to refer to the laws and/or courts of Scotland or Northern Ireland.

20. If the Parties wish to change the format of the information included in Part 1: Tables of the Approved Addendum, they may do so by agreeing to the change in writing, provided that the change does not reduce the Appropriate Safeguards.

21. From time to time, the ICO may issue a revised Approved Addendum which:

a. makes reasonable and proportionate changes to the Approved Addendum, including correcting errors in the Approved Addendum; and/or

b. reflects changes to UK Data Protection Laws;

22. The revised Approved Addendum will specify the start date from which the changes to the Approved Addendum are effective and whether the Parties need to review this Addendum including the Appendix Information. This Addendum is automatically amended as set out in the revised Approved Addendum from the start date specified.

23. If the ICO issues a revised Approved Addendum under Section ‎18, if any Party selected in Table 4 “Ending the Addendum when the Approved Addendum changes”, will as a direct result of the changes in the Approved Addendum have a substantial, disproportionate and demonstrable increase in:

a its direct costs of performing its obligations under the Addendum; and/or

b its risk under the Addendum,

24. and in either case it has first taken reasonable steps to reduce those costs or risks so that it is not substantial and disproportionate, then that Party may end this Addendum at the end of a reasonable notice period, by providing written notice for that period to the other Party before the start date of the revised Approved Addendum.

25. The Parties do not need the consent of any third party to make changes to this Addendum, but any changes must be made in accordance with its terms.

CCPA Notice - How are we processing your data?

CCPA Notice – How are we processing your data?

These Additional California Privacy Disclosures (the “CA Disclosures”) supplement the information contained in our Privacy Policy and apply solely to individual residents of the State of California (“consumers” or “you”).

We strongly encourage you to read in full our Privacy Policy in addition to these CA Disclosures. If these CA Disclosures and any provision in the rest of our Privacy Policy conflict, then these CA Disclosures control for the processing of personal information of California consumers, otherwise the Privacy Policy shall control.

If you interact with the Site (as defined below) as a respondent to a survey/form/application/questionnaire sent to you by a person or entity (the “Creator”), the Creator controls all of your response data, and we recommend you contact them about their practices under the CCPA and similar privacy laws. We will process your response data only on the Creator’s behalf, and, accordingly, the Creator, and not us, is responsible for responding to your request related to data privacy.

These CA Disclosures provide additional information about how we collect, use, disclose and otherwise process personal information of individual residents of the State of California, either online or offline, within the scope of the California Consumer Privacy Act of 2018 and its subsequent developments such as the CPRA (“CCPA”). Unless otherwise expressly stated, all terms in these CA Disclosures have the same meaning as defined in our Privacy Policy or as otherwise defined in the CCPA.

Personal Information Disclosures

When we use the term “personal information” in these CA Disclosures, we mean information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.

For the purposes of these CA Disclosures, personal information does not include:

• Publicly available information from government records.

• Deidentified, aggregated or anonymized data (not capable of being associated with or linked to you).

• Information relating to our job applicants, employees, contractors and other personnel of Ara Medica, which is not governed by these CA Disclosures.

• Certain information that we process solely on behalf of our business customers as a “service provider,” which includes information relating to respondents that fill out Ara Medicas sent to them by our customers – please refer to CCPA Notice – Ara Medica as a Service Provider section here.

• Information excluded from the CCPA’s scope, such as: (i) Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data; (ii) Information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.

Collection and Use of Personal Information

We collect various categories of personal information in connection with our websites located at www.aramedica.com (together with any sub-domains thereto, collectively, the “Site”), our services accessible through the Site. This includes types of Personal Data that may be considered “sensitive” under the CCPA. Please review our Privacy Policy to learn more about the personal information we collect.

In the last 12 months we have collected the following categories of personal information, which will be retained for as long as it is necessary to perform our contractual obligations:

• Identifiers, such as name, address, email address, account information or other similar identifiers. These are collected directly from you, our business partners and affiliates, your browser or device and third parties you direct to share information with us.

• California Customer Records (Cal. Civ. Code § 1798.80(e)), such as financial information. These are collected directly from you, our business partners and affiliates and third parties you direct to share information with us.

• Commercial Information, such as information about products or services purchased or considered and your use of our services. These are collected directly from you, and third parties you direct to share information with us.

• Internet/Network Information, such as log data and analytics data (including your usage and activity on our website). These are collected from your browser or device.

• Geolocation Data, such as your general geographic location based on the log data. These are collected from your browser or device.

• Sensory Information, such as audio recordings of phone calls you have with us or photographs and video footage you choose to provide or we otherwise record as permitted by law. These are collected directly from you.

• Professional/Employment Information, such as current occupation, job title, company/employer, industry and employment history. These are collected directly from you and third parties you direct to share information with us.

• Other Personal Information, such as messages or requests you provide to us directly or through a third-party service, such as social media. These are collected directly from you, our business partners and affiliates, and third parties you direct to share information with us.

• Inferences, including information generated from your use of our websites reflecting your preferences. These are collected from your browser device, and form information generated or derived from the personal information described above.

The categories of sources of personal information, include but are not limited to:

Directly and indirectly from activity on our Services: For example, from submissions through the Site, the Services, or website usage details collected automatically from measurement tools.

Directly from you: For example, from contact us forms you complete, requesting a demo, account registration, etc.

From third-parties. For example, from vendors who assist us in performing services for consumers, advertising networks, internet service providers, data analytics providers, and social networks, as further explained in the Privacy Policy and Cookie Policy.

The business purpose for the information collected as above is as follows:

(i) To provide you with and manage access to our products and services, audit the transactions in our platform and manage the relationship with our users;

(ii) To communicate with you, including via email, push notification and/or social media;

(iii) To operate, evaluate, secure and improve our business;

(iv) To enhance our products and services;

(v) To recognize you and remember your information when you return to our website and services;

(vi) To develop and carry out marketing campaigns and activities;

(vii) For debugging existing intended functionality;

(viii) For testing, training, research, analysis and product development, including to develop and improve our products and services;

(ix) To detect and protect against security events;

(x) To defend, protect or enforce our rights or applicable terms of service;

(xi) To comply with legal process and our legal obligations; and

(xii) As otherwise provided in our agreements with you.

(xiii) As otherwise detailed in the Privacy Policy.

Disclosure of Personal Information

In the last 12 months, we have not sold personal information about you, but we have disclosed all of the categories of personal information we collect, explained in the table above, to our affiliate and to third parties for a business purpose. Please refer to our Privacy Policy for further detail.

Note about “Sales”: We do not “sell” personal information as most people would typically understand that term. However, we do allow certain third-party partners and providers to collect information about consumers directly through our services for purposes of analyzing and optimizing our services and ads, providing content and ads that are more relevant, measuring statistics and the success of ad campaigns, and detecting and reporting fraud. To the extent this practice is interpreted to constitute a “sale” under the CCPA, please see our Cookie Policy for more information including how you may be able to exercise your rights to opt-out of cookies, analytics and personalized advertising.

Recipients of Personal Information

As described in our Privacy Policy, we share personal information with our affiliate and with a variety of third parties for business purposes. Please refer to our Privacy Policy for further information.

We may process Sensitive Personal Information in accordance with applicable laws but do not use or disclose sensitive personal information in any way that would require us to provide an opt-out opportunity under California law.

Your California Privacy Rights

As a California resident, you may be able to exercise the following rights in relation to the Personal Information about you that we have collected (subject to certain limitations at law):

The Right to Know

Most of your personal information is accessible directly from your Ara Medica account. This includes information about subscription and personal information, such as your email address. Additionally, you have the right to request any or all of the following information relating to the personal information we have collected about you or disclosed in the last 12 months, upon verification of your identity:

• The categories of personal information we have collected about you;

• The specific pieces of personal information we have collected about you;

• The categories of sources from which we collected your personal information;

• The purposes for which we use your personal information;

• The categories of third parties with whom we share your personal information; and

• The categories of information that we sell or disclose to third parties.

The Right to Request Deletion

You have the right to request us to delete your personal information that we have collected from you and to tell our service provider to do the same, subject to certain legally permitted exceptions.

The Right to Opt Out of Personal Sales or Sharing

You have the right to direct us not to sell personal information we have collected about you to third parties now or in the future.

If you are under the age of 16, you have the right to opt in, or to have a parent or guardian opt in on your behalf, to such sales.

The Right to Correct Inaccurate Information

You have the right to ask us to correct any information we may have from you that is not accurate or reflects wrong information about you.

The right to limit the use and disclosure of sensitive personal information

You may request us to use your sensitive personal information only for providing you with Services.

The right to opt-out of automated decision-making technology

We do not use this kind of technology, but if we ever do you will have the right to avoid us from taking decisions using automated means.

However, please note that if the exercise of the rights described above limits our ability to process personal information (such as in the case of a deletion request), we may no longer be able to provide you our products or services or engage with you in the same manner.

Non-Discrimination

We do not discriminate against any individual for exercising their rights under these CA Disclosures

How to Exercise Your California Privacy Rights

To Exercise Your Right to Know or Right to Deletion

To exercise your right to know and/or right to deletion, please submit a request by: (i) our Contact Form indicating the title “California Rights Request”; or (ii) filling out our California Resident Rights Request Form .

We will need to verify your identity before processing your request. In order to verify your identity, we will generally either require the successful login to your account or the matching of sufficient information you provide us to the information we maintain about you in our systems. Although we try to limit the personal information collected in connection with a request to exercise the right to know and/or the right to deletion to that personal, certain requests may require us to obtain additional personal information from you, which we will only use for this verification purpose. In certain circumstances, we may decline a request to exercise the right to know and/or right to deletion, particularly where we are unable to verify your identity.

To Exercise Your Right to Opt Out of Personal Information Sales

As noted above, we do not “sell” personal information as most people would typically understand that term. However, we do allow certain third-party partners and providers to collect information about consumers directly through our services for purposes of analyzing and optimizing our services and ads, providing content and ads that are more relevant, measuring statistics and the success of ad campaigns, and detecting and reporting fraud. To the extent this practice is interpreted to constitute a “sale” under the CCPA, please see our Cookie Policy for more information including how you may be able to exercise your rights to opt-out of cookies, analytics and personalized advertising.

Updates to These CA Disclosures

We will update these CA Disclosures from time to time. When we make changes to these CA Disclosures, we will change the “Last Updated” date at the beginning of these CA Disclosures. If we make material changes to these CA Disclosures, we will notify you by email to your registered email address, by prominent posting on the Site, or through other appropriate communication channels. All changes shall be effective from the date of publication unless otherwise provided in the notification.

If you have any questions or requests in connection with this Notice or other privacy-related matters, please submit a request via our Contact Form.

CCPA Notice - AraMedica as a Service Provider

This notice confirms that we will act as a Service Provider as such term is defined in the California Consumer Privacy Act, Cal. Civ. Code §§ 1798.100 et seq. and implementing regulations including the CPRA (the “CCPA”). We will collect, access, maintain, use, process and transfer personal information, as that term is defined by the CCPA (“CCPA Personal Information”) solely for the purpose of performing our obligations under the Service Terms and Conditions and as further described in our Privacy Policy, on your behalf and for no commercial purpose other than the performance of such obligations.

We shall not sell, share, retain, disclose, release, transfer, combine your information with third-party information, make available or otherwise communicate any CCPA Personal Information to any third party without your prior written consent or as required to perform our contractual relationship. Notwithstanding the foregoing, nothing shall restrict our ability to disclose CCPA Personal Information (i) to a Subcontractor for a business purpose pursuant to a written agreement to protect CCPA Personal Information in the same manner as provided herein and in the Privacy Policy, (ii) to a third party as necessary to comply with applicable laws, or (iii) as otherwise permitted by the CCPA.

We will delete and permanently destroy CCPA Personal Information (i) upon your written request by you, and (ii) upon termination of this Agreement. We shall at all times remain responsible for compliance with its obligations to protect CCPA Personal Information in accordance with this notice and our Privacy Policy and will be liable to you for the acts or omissions of any subcontractor or other third party to whom we have disclosed or permitted to access CCPA Personal Information as if they were our acts or omissions.

Cookie Policy

The platform accessible through the www.aramedica.com domain names (the “Site”) is provided by the registered office of Aratravel S.R.L. is in Via Giuseppe di Vittorio, 64 – Lecce

The company is registered with the Register of Companies of Lecce

The registration number of the company in the Business Register is LE-315576

VAT n. 04750630750 F.C. 04750630750

C.M.: aratravelsrl@pec.it

The share capital is of 10.000 paid-up i.v.

La società non è in stato di liquidazione

unipersonale

1. What are cookies?

Cookies are small text files that are generated when you access the Site and that collect your browsing information. All cookies used by us are safe for your computer and only process information which is stored on your internet browser. Our cookies cannot execute code, do not contain malware or viruses, and cannot be used to access content on your computer.

2. What types of cookies do we use?

We use our own and those of third parties, as described below:

Strictly necessary cookies: are those cookies needed to ensure you can access the Site, and browse it securely. These cookies are strictly necessary, as the use and access to the Site and the services provided through the Site require them. They also protect us from any fraudulent use of the Site or our services, to verify that anyone using your account is actually you, and protect your data from any unauthorized users. For instance, technical cookies are those relating to the communication and exchange of data, or those required to verify your identity when you sign in into your account.

Typeform:

We use third party cookies for the purposes mentioned above. Said cookies are installed, used, and owned by:

Formagrid, Inc (dba Airtable), a US entity with registered address at 799 Market St, Floor 8, San Francisco, CA – 94103 (United States of America). To know more about Airtable’s cookies, please visit its cookies and privacy policies, as available here. Please note that the processing of data by Airtable may entail the international transfer of data outside the European Union, as further described in the link above;

Cloudflare, Inc., a US entity with registered address at 101 Townsend St, San Francisco, CA – 94107 (United States of America). To know more about Cloudflare’s cookies, please visit its cookies and privacy policies, as available here. Please note that the processing of data by Cloudflare may entail the international transfer of data outside the European Union, as further described in the link above;

Google Ireland Limited, an Irish entity with registered address at Gordon House, Barrow Street, Dublin 4 (Ireland). To know more about Google’s cookies, please visit its cookies and privacy policies, as available here. Please note that (i) this cookie is being used and considered necessary as it is required to run the Spam Prevention feature (ReCaptcha), and it will only be used to the extent that this feature is active; and (ii) the processing of data by Google may entail the international transfer of data outside the European Union, as further described in the link above.

InSided Inc., a Delaware corporation having its registered office and place of business at 228 EAST 45th Street, Suite 9E, New York, NY – 10017 (United States of America). InSided is used in our Community webpages. To know more about InSided’s cookies, please visit its cookies and privacy policies, as available here. Please note that the processing of data by InSided may entail the international transfer of data outside the European Union, as further described in the link above;

OneTrust, LLC., a US entity with registered address at 1200 Abernathy Rd NE, Building 600, Atlanta, Georgia 30328 (United States of America). To know more about OneTrust’s cookies, please visit its cookies and privacy policies, as available here. Please note that the processing of data by OneTrust may entail the international transfer of data outside the European Union, as further described in the link above;

PowerPlay GmbH (dba Cello.so), a German entity with registered address at Philipp-Loewenfeld-Str. 19, 80339, Munich (Germany). To know more about Cello’s cookies, please visit its cookies and privacy policies, as available here. Please note that the processing of data by Cello may entail the international transfer of data outside the European Union, as further described in the link above;

Segment.io, Inc., a US entity with registered address at 100 California Street, Suite 700 San Francisco, CA – 94111 (United States of America). To know more about Segment.io’s cookies, please visit its cookies and privacy policies, as available here. Please note that the processing of data by Segment.io may entail the international transfer of data outside the European Union, as further described in the link above.

Stripe, Inc., a US entity with registered address at 510 Townsend Street, San Francisco, California, 94103 (United States of America). To know more about Stripe’s cookies, please visit its cookies and privacy policies, as available here. Please note that the processing of data by Stripe may entail the international transfer of data outside the European Union, as further described in the link above; and

Zendesk, Inc., a US entity, with registered address at 989 Market Street, San Francisco, CA 94103 (United States of America). To know more about Zendesk’s cookies, please visit its cookies and privacy policies, as available here. Please note that the processing of data by Zendesk may entail the international transfer of data outside the European Union, as further described in the link above.

VideoAsk:

We use third party cookies for the purposes mentioned above. Said cookies are installed, used, and owned by:

Auth0, Inc., a US entity with registered address at 100 First Street, Floor 6, San Francisco, CA – 94105 (United States of America). To know more about Auth0’s cookies, please visit its cookies and privacy policies, as available here. Please note that the processing of data by Auth0 may entail the international transfer of data outside the European Union, as further described in the link above;

Amazon Web Services, Inc., a US entity with registered address at 410 Terry Avenue North, Seattle WA 98109-5210 (United States of America). To know more about AWS’s cookies, please visit its cookies and privacy policies, as available here. Please note that the processing of data by AWS may entail the international transfer of data outside the European Union, as further described in the link above;

Pexels GmbH, a US entity with registered address at Franz-Schubert-Str. 20 34277 Fuldabrück (Germany). To know more about Pexels’s cookies, please visit its cookies and privacy policies, as available here. Please note that the processing of data by Pexels may entail the international transfer of data outside the European Union, as further described in the link above.

Cookies that remember your settings (functional cookies): are those cookies that are installed and used to adapt the Site and the services offered by us to your preferences, such as language, or look and feel of the Site. You can opt to block or limit the installation and use of these cookies as explained in section ‘How can you block or delete cookies’ below, and this shall not impact the usability or functionalities of the Site and/or the services, but your preferences will be lost.

Typeform:

We use third party cookies for the purposes mentioned above. Said cookies are installed, used, and owned by:

Amazon Web Services, Inc. (dba AWS), a US entity with registered address at 410 Terry Avenue North, Seattle, WA (United States of America). To know more about AWS’s cookies, please visit its cookies and privacy policies, as available here. Please note that the processing of data by AWS may entail the international transfer of data outside the European Union, as further described in the link above;

Datadog, Inc., a US entity with registered address at 620, 8TH AVE, FL 45, New York, NY – 10018 (United States of America). To know more about Datadog’s cookies, please visit its cookies and privacy policies, as available here. Please note that the processing of data by Datadog may entail the international transfer of data outside the European Union, as further described in the link above;

Google Ireland Limited, an Irish entity with registered address at Gordon House, Barrow Street, Dublin 4 (Ireland). To know more about Google’s cookies, please visit its cookies and privacy policies, as available here. Please note that the processing of data by Google may entail the international transfer of data outside the European Union, as further described in the link above;

Loom, Inc., a US entity with registered address at 85 2nd Street, 1st Floor, San Francisco, 94105 (United States of America). To know more about Loom’s cookies, please visit its cookies and privacy policies, as available here. Please note that the processing of data by Loom may entail the international transfer of data outside the European Union, as further described in the link above;

Optimizely, Inc., a US entity with registered address at 631 Howard Street, Suite 100 San Francisco, CA 94105 (United States of America). To know more about Optimizely’s cookies, please visit its cookies and privacy policies, as available here. Please note that the processing of data by Optimizely may entail the international transfer of data outside the European Union, as further described in the link above; and

Zapier, Inc., a US entity with registered address at 548 Market St. 62411, San Francisco, CA – 94104-5401 (United States of America). To know more about Zapier’s cookies, please visit its cookies and privacy policies, as available here. Please note that the processing of data by Zapier may entail the international transfer of data outside the European Union, as further described in the link above.

VideoAsk:

We use third party cookies for the purposes mentioned above. Said cookies are installed, used, and owned by:

Cookies that measure website use (analytics cookies): are those cookies used for tracking, monitoring, and analyzing how you browse and interact with the Site and our services. They reveal usage trends as well as which users upgrade the services rendered by us and how this is done. You can opt to block or limit the installation and use of these cookies as explained in section ‘How can you block or delete cookies’ below, and this shall not impact the usability or functionalities of the Site and/or the services.

Typeform:

We use third party cookies for the purposes mentioned above. Said cookies are installed, used and owned by:

Amplitude, Inc., a US entity with registered address at 501 2nd Street, Suite 100, San Francisco, CA – 94107 (United States of America). To know more about Amplitude’s cookies, please visit its cookies and privacy policies, as available here. Please note that the processing of data by Amplitude may entail the international transfer of data outside the European Union, as further described in the link above;

Google Ireland Limited, an Irish entity with registered address at Gordon House, Barrow Street, Dublin 4 (Ireland). To know more about Google’s cookies, please visit its cookies and privacy policies, as available here. Please note that the processing of data by Google may entail the international transfer of data outside the European Union, as further described in the link above;

FullStory, Inc., a US entity with registered address at 120 Ottley Drive NE, Suite 100, Atlanta, GA – 30324 (United States of America). To know more about FullStory’s cookies, please visit its cookies and privacy policies, as available here. Please note that the processing of data by FullStory may entail the international transfer of data outside the European Union, as further described in the link above;

HubSpot Ireland Limited, a Irish entity with registered address at HubSpot House, One Sir John Rogerson’s Quay, Dublin 2 (Ireland). To know more about Hubspot’s cookies, please visit its cookies and privacy policies, as available here. Please note that the processing of data by Hubspot may entail the international transfer of data outside the European Union, as further described in the link above;

InSided Inc., a Delaware corporation having its registered office and place of business at 228 EAST 45th Street, Suite 9E, New York, NY – 10017 (United States of America).InSided is used in our Community webpages. To know more about InSided’s cookies, please visit its cookies and privacy policies, as available here. Please note that the processing of data by InSided may entail the international transfer of data outside the European Union, as further described in the link above;

PowerPlay GmbH (dba Cello), a German entity with registered address at Philipp-Loewenfeld-Str. 19, 80339, Munich (Germany). To know more about Cello’s cookies, please visit its cookies and privacy policies, as available here. Please note that the processing of data by Cello may entail the international transfer of data outside the European Union, as further described in the link above;

RudderStack Inc., a Delaware corporation with registered address at 96 S. Park Street, San Francisco, CA 94107 (United States of America). To know more about RudderStack’s cookies, please visit its cookies and privacy policies, as available here. Please note that the processing of data by RudderStack may entail the international transfer of data outside the European Union, as further described in the link above;

Unbounce Marketing Solutions, Inc., a Canadian entity with registered address at 400-401 West Georgia Street, Vancouver, BC V6B 5A1 (Canada). To know more about Unbounce’s cookies, please visit its cookies and privacy policies, as available here. Please note that the processing of data by Unbounce may entail the international transfer of data outside the European Union, as further described in the link above.

VideoAsk:

We use owned and third party cookies for the purposes mentioned above. Said cookies are installed, used and owned by:

Google Ireland Limited, an Irish entity with registered address at Gordon House, Barrow Street, Dublin 4 (Ireland). To know more about Google’s cookies, please visit its cookies and privacy policies, as available here. Please note that the processing of data by Google may entail the international transfer of data outside the European Union, as further described in the link above; and

Cookies that help with our communications and marketing (advertising and profiling cookies): refers to cookies aimed at tracking, monitoring, and analyzing how you browse and interact with the Site and our services, as well as segment our users based on their behavior and how they browse the site, and to build audiences. They reveal usage trends as well as which users upgrade the services rendered by us and how is this done. All those actions are aimed at better understanding our users for improve communications and marketing strategies. You can opt to block or limit the installation and use of these cookies as explained in section ‘How can you block or delete cookies’ below, and this shall not impact the usability or functionalities of the Site and/or the services.

Typeform:

We use third party cookies for the purposes mentioned above. Said cookies are installed, used and owned by:

APIHub, Inc. (dba Clearbit), a US entity with registered address at 90 Sheridan St. San Francisco, CA 94103 (United States of America). To know more about Clearbit’s cookies, please visit its cookies and privacy policies, as available here. Please note that the processing of data by Clearbit may entail the international transfer of data outside the European Union, as further described in the link above;

Criteo SA, a French entity with registered address at 32 rue blanche, 75009 Paris (France). To know more about Criteo’s cookies, please visit its cookies and privacy policies, as available here. Please note that the processing of data by Criteo may entail the international transfer of data outside the European Union, as further described in the link above;

Facebook Ireland, Inc., an Irish entity with registered address at 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland (Ireland). To know more about Facebook’s cookies, please visit its cookies and privacy policies, as available here. Please note that the processing of data by Facebook may entail the international transfer of data outside the European Union, as further described in the link above;

Google Ireland Limited, an Irish entity with registered address at Gordon House, Barrow Street, Dublin 4 (Ireland). To know more about Google’s cookies, please visit its cookies and privacy policies, as available here. Please note that the processing of data by Google may entail the international transfer of data outside the European Union, as further described in the link above;

LinkedIn Ireland Unlimited Company, an Irish entity with registered address at Wilton Plaza, Wilton Place, Dublin 2 (Ireland). To know more about LinkedIn’s cookies, please visit its cookies and privacy policies, as available here. Please note that the processing of data by LinkedIn may entail the international transfer of data outside the European Union, as further described in the link above;

Microsoft Corporation, a US company addressed at One Microsoft Way, Redmond, WA – 98052 (United States of America), and Microsoft Ireland Operations Limited, an Irish company addressed at One Microsoft Place, South County Business Park, Leopardstown, Dublin – 18 (Ireland). To know more about their cookies, please visit this page. Please note that the processing of data by Microsoft may entail the international transfer of data outside the European Union, as further described in the link above;

Outbrain Inc., a US entity with registered address at 111 West 19th Street, New York, NY 10011 (United States of America). To know more about Outbrain’s cookies, please visit its cookies and privacy policies, as available here. Please note that the processing of data by Outbrain may entail the international transfer of data outside the European Union, as further described in the link above;

Quora, Inc., a US entity with registered address at 650 Castro Street, Suite 450, Mountain View, CA – 94041 (United States of America). To know more about Quora’s cookies, please visit its cookies and privacy policies, as available here. Please note that the processing of data by Quora may entail the international transfer of data outside the European Union, as further described in the link above;

Reddit, Inc., a US entity with registered address at 548 Market Street Suite 16093 San Francisco, CA 94104 (United States of America). To know more about Reddit’s cookies, please visit its cookies and privacy policies, as available here. Please note that the processing of data by Reddit may entail the international transfer of data outside the European Union, as further described in the link above;

Rokt Corp., a US corporation with registered address at 175 Varick Street Level 10, New York, NY 10014 (United States of America). To know more about Rokt’s cookies, please visit its cookies and privacy policies, as available here. Please note that the processing of data by Rokt may entail the international transfer of data outside the European Union, as further described in the link above;

StackAdapt Inc., a Canadian corporation with registered address at 500 – 210 King St. East Toronto, ON, Canada, M5A 1J7 (Canada). To know more about StackAdapt’s cookies, please visit its cookies and privacy policies, as available here. Please note that the processing of data by StackAdapt may entail the international transfer of data outside the European Union, as further described in the link above;

Twitter Inc., a US entity with registered address at 1355 Market St #900, San Francisco, CA – 94103 (United States of America). To know more about Twitter’s cookies, please visit its cookies and privacy policies, as available here. Please note that the processing of data by Twitter may entail the international transfer of data outside the European Union, as further described in the link above; and

Wistia, Inc., a US entity with registered address at 17 Tudor Street, Cambridge, MA – 02139 (United States of America). To know more about Wistia’s cookies, please visit its cookies and privacy policies, as available here. Please note that the processing of data by Wistia may entail the international transfer of data outside the European Union, as further described in the link above.

VideoAsk:

We use third party cookies for the purposes mentioned above. Said cookies are installed, used and owned by:

Google Ireland Limited, an Irish entity with registered address at Gordon House, Barrow Street, Dublin 4 (Ireland). To know more about Google’s cookies, please visit its cookies and privacy policies, as available here. Please note that the processing of data by Google may entail the international transfer of data outside the European Union, as further described in the link above;

TikTok Technology Limited, an Irish entity with registered address at 10 Earlsfort Terrace, Dublín, D02 T380 (Ireland). To know more about Tik Tok’s cookies, please visit its cookies and privacy policies, as available here. Please note that the processing of data by Tik Tok may entail the international transfer of data outside the European Union, as further described in the link above;

3. How can you block or delete cookies?

You can allow, block, or delete cookies at any time by configuring your browser settings, as well as by means of the cookie banner. As mentioned in section 2 above, blocking or deleting some cookies may impact your ability to access and/or use the Site or the services offered by us. You can find more information on how to block or deactivate cookies below:

Internet Explorer

Safari

Chrome

Firefox

4. Prevalence

This policy is drafted both in plain and legal versions. In case of any discrepancies, the legal version included herein shall prevail and take precedence with respect to the plain version.

Contact us

Procedures

Need to Know

Clinic

Contact us

+1 (305) 513 1087

AraMedica

Via Lequile, 37,
73100 Lecce LE, Italy

Phone: +1 (305) 513 1087

Our location map