Our Terms of Service was last updated on October 30, 2025.
These Terms of Service (“Terms” or “Agreement”) govern the use of CloudAMQP platform (the “Service”) provided by 84codes AB (“84codes”). The Service includes all managed offerings provisioned under your CloudAMQP account, including hosted RabbitMQ and hosted LavinMQ Services. The Terms also consists of the Service Level Agreement, Data Processing Agreement (Exhibit 1) and Program Policies (Exhibit 2).
All capitalized Terms used but not defined herein or in any other agreement with us governing the use of the Services, shall have the meanings given to them below:
Affiliate: means any entity that controls, is controlled by, or is under common control with a party, where “control” means direct or indirect ownership of more than 50% of the voting interests of the entity.
Application: means the Product/Service that is built by you by using the Service.
Confidential Information: means information described in the Confidentiality section of the Agreement.
Content: means all data and information transmitted in the Service by Customer or on Custmer’s behalf.
Customer: means the individual or company using the Service provided by 84codes AB.
Customer Data: means data that is not defined as Content and is necessary for Customer to access the Service such as login credentials and statistics.
Data Controller: means the entity which determines the purposes and means of the Processing of Personal Data.
Data Processor: means the entity which Processes Personal Data on behalf of the Data Controller.
Data Protection Regulation: means all applicable laws relating to data protection, including without limitation the EU General Data Protection Regulation 2016/679, (the “GDPR”).
DPA: means the Data Processing Agreement.
Discloser: means the party which is disclosing Confidential Information.
Personal Data: means any information that relates to an identified or identifiable individual, to the extent such information is protected as Personal Data under applicable Data Protection Regulation.
Recipient: means the party which is receiving Confidential Information.
Service or Service Offering: means the Service provided by 84codes that is the base of the Contract.
SLA: means CloudAMQP Service Level Agreement located on the Web Site.
Subprocessor: means a third-party Data Processor engaged by the Data Processor, who has or potentially will have access to or process the Data Controller’s Data under the DPA for the provision of Services.
User: means any person that Customer allows access to or use of the Service, and may includes Customer´s employees, contractors, and other third parties that use the Service in connection with Customer´s own business operations.
You/Your/Yours: means the Customer and its Affiliates.
Web Site: means CloudAMQP’s web site available at https://www.cloudamqp.com/.
Your use of the Service is governed by this Agreement unless a separate Terms of Service Agreement has been entered into, in which case that agreement shall govern Your use of the Service.
If you are accepting these Terms and use the Services on behalf of a company, organization, government, or other legal entity, you represent and warrant that you are authorized to do so and have the full legal capacity to bind such entity.
Additional instructions, Agreements or Terms (if any) outside the scope of these Terms of Service require a prior written agreement between 84codes and the Customer. An agreement on any additional fees payable by the Customer to 84codes for carrying out further instructions and/or Terms must also be established.
You are responsible for the security of your passwords and for any use of your account. If you become aware of any unauthorized use of your password or your account, you agree to notify 84codes immediately.
Your use of the Service must comply with all applicable laws, regulations, and ordinances, including any laws regarding the export of data or software. You agree not to use the Service in, including but not limited to, the design, development, production, or use of missiles or the design, development, production, stockpiling, or use of chemical or biological weapons.
You agree not to (a) access (or attempt to access) the administrative interface of the Service by any means other than through the interface that 84codes provides in connection with the Service, unless you have been specifically allowed to do so in a separate agreement with 84codes, or (b) engage in any activity that interferes with or disrupts the Service (or the servers and networks which are connected to the Service).
Notification(s) of information concerning the Customer’s account will be sent to the Customer’s registered team notification email address. It is the Customer’s sole responsibility to ensure that the Customer always maintains accurate contact information on the service management console and secure transmission.
You are responsible for the actions of affiliates, subsidiaries, and the respective employees of those companies and Users, who utilize the Service on your behalf to the same extent as you are for the actions of your own employees who utilize the Service on your behalf.
To the extent You or your Users input any Personal Data in the Service, 84codes is the Data Processor (or the Subprocessor, depending on the relationship you have with your customer).
Unless a separate Data Processing Agreement has been entered into by the parties, each party shall comply with the Data Processing Agreement (Exhibit 1).
Subject to the Terms, the Service is provided to you without charge up to certain limits. Usage over this limit (overage usage) requires purchase of additional resources or Services. 84codes may change its fees and payment policies for the Service by notifying you at least fifteen (15) days before the beginning of the billing cycle in which such change will take effect.
You are responsible for providing accurate payment details. For all purchased resources and Services, 84codes provides three main payment options: credit card, wire transfers (an administrative fee of $9/invoice is added to invoices paid with this payment option), and prepayment via credits (credits are non-refundable and valid for a period of twelve (12) months, starting from the purchasing date). If you need to purchase our service via a PO, please contact billing@cloudamqp.com.
84codes’s billing is pro-rated, meaning that the Customer only pays for the time the Service has been available to them and the payment is made the month after the delivery of the Service. An invoice is generated at the beginning of each month and concerns the usage period of the previous month. The rates for CloudAMQP may be reviewed at the Web Site. Actual fees for the Service will vary depending on usage.
You acknowledge and agree that 84codes may share any credit card and related billing and payment information that you provide to 84codes with companies who work on 84codes’s behalf, such as payment processors and/or credit agencies, solely to check credit, and effecting payment to 84codes. Your credit card data will be shared with and stored by our PSP.
If the Customer has chosen to pay via credit card, 84codes will automatically charge the card after the invoice is generated. The Customer is responsible for having a balance that covers the invoice amount when the credit card is charged. The payment is due within fifteen (15) days from the invoice date.
If the Customer has chosen to pay through wire transfers, the invoice shall be paid within fifteen (15) days from the invoice date, according to our payment term NET15.
Accounts with failed charges and outstanding invoices will receive an email about this matter to their registered billing email when an invoice has passed its due date. The Customer is therefore responsible for providing 84codes with correct and updated contact information. 84codes reserves the right to discontinue the provision of the Service for any late payments. Late payments may also bear interest at a rate of the Swedish base rate (Sw. referensränta) plus eight (8) percentage points.
Charges to customers within the EU include taxes. Companies acting within the EU shall provide 84codes with their VAT number upon registration to get the VAT fee deducted from their invoices in line with the reverse charge rule. For customers outside the EU, charges are exclusive of taxes. You are responsible for paying all taxes and government charges, and all reasonable expenses and attorney’s fees 84codes incurs collecting late amounts.
To the fullest extent permitted by law, refunds (if any) are at the discretion of 84codes, and only in the form of credit for the Service. Nothing in these Terms obligates 84codes to extend credit to any party.
To the fullest extent permitted by law, you waive all claims relating to charges unless claimed within sixty (60) days after the payment (this does not affect your credit card issuer rights). Charges are solely based on 84codes’s measurements of your use of the Service unless otherwise agreed to in writing.
You may not create multiple accounts to simulate or act as a single account or otherwise access the Service in a manner intended to avoid incurring fees.
84codes reserves the right (but shall have no obligation) to pre-screen, review, flag, filter, modify, refuse or remove any or all Content from the Service. You agree to immediately take down any Content that violates the Program Policies, including pursuant to a take-down request from 84codes. If you do not to comply with a request from 84codes to take down certain Content, 84codes reserves the right to take down such Content directly or to disable the Service.
If you become aware of any violation of the Program Policies, you shall immediately terminate such a User’s account. 84codes reserves the right to terminate User’s accounts or disable the Service in response to a violation or suspected violation of the Program Policies.
You agree that you are solely responsible for (and that 84codes has no responsibility to you or any third party for) the Application or any Content that you create, transmit, or display while using the Service and for the consequences of your actions (including any loss or damage which 84codes may suffer) by doing so.
You agree that 84codes has no responsibility or liability for the deletion or failure to store any Content and other communications maintained or transmitted through the use of the Service. You further acknowledge that you are solely responsible for securing and backing up your Application and your Content.
You acknowledge and agree that 84codes (or 84codes’s licensors) owns all legal right, title and interest in and to the Service, including any intellectual property rights which exists in the Service (whether those rights happen to be registered or not, and wherever in the world those rights may exist).
Unless you have agreed otherwise in writing with 84codes, nothing in the Terms gives you a right to use any of 84codes AB’s trade names, trademarks, Service marks, logos, domain names, and other distinctive brand features.
Except as provided in Section 7, 84codes acknowledges and agrees that it obtains no right, title, or interest from you (or your licensors) under these Terms in or to any Content or the Application that you create, submit, post, transmit or display on, or through, the Service, including any intellectual property rights which subsist in that Content and the Application (whether those rights happen to be registered or not, and wherever in the world those rights may exist). Unless you have agreed otherwise in writing with 84codes, you agree that you are responsible for protecting and enforcing those rights and that 84codes has no obligation to do so on your behalf.
During the term of this Agreement, You may access and use the Service. 84codes retains all right, title, and interest in and to the Service, including without limitation all software included in and used to provide the Service and all logos and trademarks reproduced through the Service. This Agreement does not grant You (a) any right to reproduce, modify, distribute, or publicly display or perform the software included in the Service or (b), any other right to the Service not specifically set forth herein.
Open-source software licenses for components of the Service released under an open-source license constitute separate written agreements. To the limited extent that the open-source software licenses expressly supersede these Terms, the open-source licenses govern your agreement with 84codes to use the components of the Service released under an open-source license.
Each party shall keep in confidence all material and information received from the other Party and marked as confidential or which should be understood to be confidential (“Confidential Information”), and may not use such Confidential Information for any other purpose than those set forth in the Agreement. The confidentiality obligation shall, however, not apply to material and information, (a) which is or later becomes generally available or otherwise public; or (b) which the Receiver has received from a third party without any obligation of confidentiality; or (c) which was rightfully in the possession of the Receiver prior to receipt of the same from the Discloser without any obligation of confidentiality related thereto; (d) which a party has independently developed without any use of or reference to the Confidential Information received from the other party; or (e) which a party is required to disclose under any mandatory law or by order of a court or governmental body of competent jurisdiction.
YEach party shall hold Discloser’s Confidential Information in strict confidence for five (5) years and shall not disclose any such Confidential Information to any third party, other than to its Representatives, its Affiliates and their Representatives, subject to the other terms of this Agreement, and each case who need to know such information and who are bound by restrictions regarding disclosure and use of such information comparable to and no less restrictive than those set forth herein.
Each party acknowledges that a breach of this Section 8 may cause the other party irreparable harm. Therefore, each party agrees that those breaches may be stopped through injunctive proceedings in addition to any other rights and remedies which may be available to the injured party at law or in equity without the posting of a bond.
Unless otherwise stated in a separate agreement or applicable order, you may terminate these Terms at any time by canceling your account of the Service. You will not receive any refunds if you cancel your account.
You agree that 84codes, in its sole discretion, may terminate these Terms or suspend your access to your account at any time in the event of your actual or suspected unauthorized use or overage usage of the Service, or non- compliance with these Terms. If 84codes terminates your use of the Services for reasons other than unauthorized use or non-compliance with these Terms (including the Program Policies) 84codes will notify you in advance.
You are solely responsible for exporting your Customer Data and Content from the Service prior to termination of your account for any reason, provided that if we terminate your account, we will make reasonable efforts to permit you to retrieve your Service(s) for a reasonable period of time.
Upon any termination of the Service or Your account these Terms will also terminate. Sections 6.1, 8, 11, 12, 14.4 and 14.6 shall continue to be effective after these Terms are terminated.
YOU EXPRESSLY UNDERSTAND AND AGREE THAT YOUR USE OF THE SERVICE IS AT YOUR SOLE RISK AND THAT THE SERVICE IS PROVIDED “AS IS” AND “AS AVAILABLE.” 84CODES, ITS SUBSIDIARIES AND AFFILIATES, AND ITS LICENSORS MAKE NO EXPRESS WARRANTIES AND DISCLAIM ALL IMPLIED WARRANTIES REGARDING THE SERVICE INCLUDING IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. WITHOUT LIMITING THE GENERALITY OF THE FOREGOING, 84CODES AB, ITS SUBSIDIARIES AND AFFILIATES, AND ITS LICENSORS DO NOT REPRESENT OR WARRANT TO YOU THAT: (A) YOUR USE OF THE SERVICE WILL MEET YOUR REQUIREMENTS, (B) YOUR USE OF THE SERVICE WILL BE UNINTERRUPTED, TIMELY, SECURE OR FREE FROM ERROR, AND (C) USAGE DATA PROVIDED THROUGH THE SERVICE WILL BE ACCURATE. FOR AVOIDANCE OF DOUBT, A FAILURE TO COMPLY WITH ANY SERVICE LEVEL SHALL NOT BE CONSIDERED A BREACH OF THE TERMS, BUT MAY GIVE YOU THE RIGHT TO RECEIVE A COMPENSATION SET OUT IN THE SLA.
SUBJECT TO SECTION 10.1 ABOVE, YOU EXPRESSLY UNDERSTAND AND AGREE THAT 84CODES, ITS SUBSIDIARIES, AND AFFILIATES, AND ITS LICENSORS SHALL NOT BE LIABLE TO YOU OR ANY THIRD PARTY FOR ANY INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, PUNITIVE, OR CONSEQUENTIAL DAMAGES OF ANY KIND ARISING OUT OF OR IN CONNECTION WITH THIS AGREEMENT OR THE SERVICES, REGARDLESS OF THE FORM OF ACTION, WHETHER IN CONTRACT, TORT, STRICT LIABILITY OR OTHERWISE. THIS SHALL INCLUDE, BUT NOT BE LIMITED TO, ANY LOSS OF PROFIT OR REVENUE (WHETHER INCURRED DIRECTLY OR INDIRECTLY), LOSS OF ANTICIPATED SAVINGS, ANY LOSS OF GOODWILL OR BUSINESS REPUTATION, ANY LOSS OF DATA SUFFERED, INTERRUPTION OF BUSINESS, COST OF PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES, OR OTHER INTANGIBLE LOSS. THE FOREGOING DISCLAIMER IN THIS PARAGRAPH SHALL APPLY TO THE MAXIMUM EXTENT PERMITTED BY LAW IN THE APPLICABLE JURISDICTION.
THE LIMITATION OF LIABILITY IN PARAGRAPH 11.1 ABOVE SHALL APPLY WHETHER OR NOT 84CODES HAS BEEN ADVISED OF OR SHOULD HAVE BEEN AWARE OF THE POSSIBILITY OF ANY SUCH DAMAGES.
IN THE EVENT THAT, NOTWITHSTANDING THE FOREGOING, 84CODES OR ITS AFFILIATES IS FOUND LIABLE TO YOU FOR DAMAGES FROM ANY CAUSE WHATSOEVER, AND REGARDLESS OF THE FORM OF THE ACTION, IN NO EVENT WILL 84CODES’S TOTAL LIABILITY ARISING OUT OF OR RELATED TO THIS AGREEMENT EXCEED FIFTY (50) % OF FEES ACTUALLY PAID FOR THE SERVICE IN THE SIX (6) MONTHS PRECEDING THE APPLICABLE CLAIM GIVING RISE TO LIABILITY. MULTIPLE CLAIMS WILL NOT EXPAND THIS LIMITATION. THE FOREGOING DISCLAIMER SHALL APPLY TO THE MAXIMUM EXTENT PERMITTED BY LAW IN THE APPLICABLE JURISDICTION. YOU AGREE THAT 84CODES’S LIABILITY TO YOU AT LAW WILL BE REDUCED BY THE EXTENT, IF ANY, TO WHICH YOU CONTRIBUTED TO THE DAMAGE OR LOSS. THE PARTIES ACKNOWLEDGE THAT THE LIMITATIONS SET FORTH IN THIS SECTION ARE INTEGRAL TO THE AMOUNT OF FEES CHARGED IN CONNECTION WITH PROVIDING THE SERVICES TO YOU, AND THAT IF 84CODES WERE TO ASSUME ANY FURTHER LIABILITY OTHER THAN AS SET FORTH HEREIN, SUCH FEES WOULD OF NECESSITY BE SET SUBSTANTIALLY HIGHER.
84codes agrees to hold harmless and indemnify the other party, and its subsidiaries, affiliates, officers, agents, employees, (collectively “Indemnified Parties”) from and against any third party claim arising from or in any way related to that the Service infringe upon the Intellectual Property Rights of a third party valid in the European Economic Area (“EEA”), provided that the Customer: (a) in writing notifies 84codes of such claim within reasonable time and immediately upon receipt of notice thereof; (b) provides 84codes, free of charge, with all available information, permissions and assistance; (c), grants 84codes the sole and exclusive right to control the defense of the claim; and (d) does not agree on any settlement of such claim or action prior to a final judgment thereon by a competent court of law or court of arbitration, without the express prior written consent of 84codes.
If 84codes deems that the Service infringe or may infringe upon any third party rights, 84codes shall have the right at its own expense and in its sole discretion, to (a) acquire for the Customer the right to continue the use of the Service; or (b) replace the Services; or (c) modify the Service to the extent necessary to avoid the infringement.
If none of the alternatives defined in Section 12.2 are available to 84codes on commercially reasonable terms and/or without the significant loss of time, 84codes shall have the right to terminate the Agreement in whole or in part subject to a notice period set by 84codes, upon which the Customer agrees to cease using the Service and 84codes agrees to reimburse the Fees paid by the Customer for the terminated Service, which should be a proportion equal to the time of use of the Service by the Customer.
The indemnity in this Section 12 shall not apply to, and 84codes is not liable for any claim that (a) is based on a claim by any Affiliate of the Customer; or (b) is based on the modification or alteration of the Service by the Customer; or (c) results from 84codes failure to comply with any instructions, specifications or design given by the Customer (or any third party under the command and control of the Customer) regarding requested customizations of the Service; or (d) could have been avoided by using the latest version of the Service made available by 84codes to the Customer.
Customer agrees to defend, indemnify and hold 84codes harmless, and its subsidiaries, affiliates, officers, agents, employees, (collectively “Indemnified Parties”) from and against any third party claims, including any liability or expense arising from all claims, losses, damages (actual and consequential), suits, judgments, litigation costs and attorneys’ fees, of every kind and nature arising from or in any way related to any Application, Content or Customer Data (collectively “Your Data”) that You input in the Service, including without limitation claims that Your Data infringes third party intellectual property rights or that Your Data otherwise infringes applicable laws.
84codes is continuously innovating to provide the best possible experience for its users. You acknowledge and agree that the form and nature of the Service which 84codes provides may change from time to time without prior notice to you. Changes to the form and nature of the Service will be effective with respect to all versions of the Service; examples of changes to the form and nature of the Service include without limitation changes to fee and payment policies, security patches, added functionality, and other enhancements.
There are no third-party beneficiaries to these Terms. The parties are independent contractors, and nothing in these Terms creates an agency, partnership or joint venture. If 84codes provides you with a translation of these Terms, these (English language) Terms will control if there is any conflict.
You agree that 84codes may provide you with notices, including those regarding changes to the Terms, by email, regular mail, or postings on the Service on the sole ground of providing you with the Service.
You agree that if 84codes does not exercise or enforce any legal right or remedy which is contained in the Terms (or which 84codes has the benefit of under any applicable law), this will not be taken to be a formal waiver of 84codes’s rights and that those rights or remedies will still be available to 84codes.
84codes shall not be liable for failing or delaying performance of its obligations resulting from any condition beyond its reasonable control, including but not limited to governmental action, acts of terrorism, earthquake, fire, flood, or other cases of force majeure, labor conditions, power failures, and Internet disturbances.
These Terms, and your relationship with 84codes under these Terms shall be governed by the laws of Sweden without regard to its conflict-of-law provisions. You and 84codes agree to submit to the exclusive jurisdiction of the courts located within Sweden to resolve any legal matter arising from these Terms. Notwithstanding this, you agree that 84codes shall still be allowed to apply for injunctive remedies (or an equivalent type of urgent legal relief) in any jurisdiction.
This Data Processing Agreement (the “DPA”) is an exhibit to the Terms of Service. It is incorporated therein, agreed between the Data Controller and the Data Processor in connection with registration for the Service. The DPA applies where, and to the extent that, 84codes processes Personal Data on behalf of Customer when providing the Service under the Agreement. The DPA does not apply where 84codes determines the purpose and means of the processing of Personal Data.
This DPA was last updated on October 30, 2025.
DEFINITIONS
Unless otherwise defined in this DPA or in the Agreement, terms used in this DPA, such as “Data Controller”, “Data Processor”, “Data Subject” and “Personal Data” have the meanings as defined in the Data Protection Regulation.
Additional Instructions: means any instructions from Data Controller to the Data Processor which have not been fixed in this DPA upon its execution.
Data Protection Regulation: means all applicable laws relating to data protection, including without limitation the EU General Data Protection Regulation 2016/679, (the “GDPR”).
Personal Data Breach: means any unauthorized or unlawful breach of security leading to the unauthorized or accidental destruction loss, alteration, unauthorized disclosure of or access to Personal Data.
Process or Processing: means any operation or set of operations which is performed on Personal Data or sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Subprocessor: means third parties engaged by the Data Processor which, as part of the subcontractor’s role of delivering the services, Processes Personal Data on behalf of the Data Controller.
Supervisory Authority: means an independent public authority that is established pursuant to GDPR Article 51. For example, Swedish Authority for Privacy Protection (IMY, Integritetsskyddsmyndigheten), in Sweden.
Third Country: means a country or region outside the European Union (“EU”) or the European Economic Area (“EEA”).
2021 SCCs: means the standard contractual clauses approved by the European Commission in decision 2021/914/EC, dated 4 June 2021.
This DPA applies only to the extent that 84codes processes Personal Data on behalf of Customer when providing the Service to the Customer. Processing of Personal Data in this context refers to storage, maintenance and other processing activities initiated by the Customer.
The Personal Data Processed under this DPA and details of the Processing is described in Appendix 1 (“Data Processing Instructions”) attached to this DPA.
Additional Instructions or terms outside the scope of this DPA requires a prior written agreement between 84codes and the Customer.
Customer shall be responsible within the framework of this DPA for complying with Customer’s relevant obligations under applicable Data Protection Regulation.
Customer has the right to give instructions to 84codes in the following subjects:
The instructions shall be written and at first be fixed in this DPA and Appendix 1. These instructions may subsequently be amended, supplemented, or replaced by written Additional Instructions of Customer to 84codes. Additional Instructions (if any) need to be agreed upon beforehand as per section 1.3. 84codes will attempt to accommodate eventual Additional Instructions; however, nothing in this DPA shall require 84codes to change the terms of this DPA.
Customer shall ensure that its instructions and usage of the Service comply with all Data Protection Regulation.
Notification(s) of information concerning the Processing or a Personal Data Breach (if any), will be delivered to the Data Controller’s email address. It is the Customer’s sole responsibility to ensure that it maintains accurate contact information on the service management console and secure transmission at all times.
Customer have the right to perform controls of 84codes’s technical and organizational measures according to section 9 and as further described in Appendix 2 (“Technical and Organizational Measures”) before starting the Processing, and to check them afterward in regular intervals, but no more than each year. An independent auditor could also perform these controls on behalf of Customer.
Customer shall inform 84codes without delay when it notices any mistakes or irregularities while performing controls according to section 2.6. 84codes shall correct such errors or irregularities without delay.
84codes ensures that, during the term of this DPA, it has implemented and further undertakes to comply with appropriate technical and organizational measures in such a manner that its Processing of Personal Data under this DPA will meet the requirements of Data Protection Regulation and ensure the protection of the rights of the Data Subject.
84codes undertakes to only Process the Personal Data pursuant to the Data Controller’s documented instructions and within the Service Offering’s framework, unless in exceptional cases as per applicable Data Protection Regulation. Customer’s initial instructions to 84codes AB regarding the subject-matter and duration of the Processing, the nature and purpose of the Processing, the type of Personal Data, and categories of Data Subjects are set forth in this DPA and Appendix 1.
84codes shall inform Customer without undue delay if it would discover that an instruction would violate Data Protection Regulation. 84codes shall be authorized to interrupt this instruction’s performance until it is confirmed or changed by the responsible person of Customer.
84codes shall not use the Personal Data for other purposes than specified by Customer or generate copies or duplicates without the prior written consent of Customer.
84codes shall not view, access or edit the Personal Data without specific permission, or when required to maintain the Service, or as necessary to comply with the Terms, the law, Program Policies or a binding order of a Supervisory Authority.
84codes shall ensure that the persons authorized to Process the Personal Data have committed themselves to confidentiality in writing before taking up the activity. Furthermore, 84codes shall ensure that its associates are sufficiently informed on the regulations of Data Protection Regulation as well as on further relevant data protection requirements and are familiar with the instructions of Customer.
Customer shall be obliged to respect the confidentiality of all business secrets and data protection measures of 84codes which may be disclosed within the framework of the contractual relationship. Any Confidential Information disclosed shall be subject to the confidentiality section in the Terms.
84codes shall forward any request to Customer from a Data Subject, Supervisory Authority or any other third party, who is requesting receipt of information regarding Personal Data that 84codes is Processing under this DPA. 84codes, or anyone working under 84codes’s supervision, shall not disclose Personal Data, or information about the Processing of Personal Data, without Customer’s express written instruction or as provided in this DPA, unless required by applicable Data Protection Regulation.
f 84codes receives a request from Customer’s Data Subject to exercise one or more of its rights under the GDPR or any other Data Protection Regulation in connection with the Service for which 84codes is a Data Processor or Subprocessor, 84codes will redirect the Data Subject to make its request directly to Customer. Customer will be responsible for responding to any such request. 84codes shall (at Customer’s expense) provide reasonable cooperation to assist Customer to respond to any requests from individuals or applicable data protection authorities relating to the processing of Personal Data under the Terms.
To the extent 84codes is required under applicable Data Protection Regulation or this DPA, 84codes will assist Customer with any requests or duties.
84codes shall inform Customer of any inquiries from the Supervisory Authority concerning Processing of Personal Data under the DPA. 84codes is not entitled to represent Customer or act on Customer’s behalf in relation to Supervisory Authority.
84codes shall, to the extent required by law, cooperate with any government agencies or authorities with jurisdiction regarding any inquiry or investigation. 84codes shall not be an active participant in such investigations and its role is limited to compliance with requests made by such authorities.
Upon execution of this DPA, 84codes is granted general authorization to engage Subprocessors to provide the Service under the Agreement. The Customer can choose a Subprocessor to provide the hosting for the Service from the options provided by 84codes. 84codes shall inform the Customer in writing of any intended changes of the hosting service provider Subprocessor at least ten (10) days in advance.
When engaging a Subprocessor, 84codes shall use it’s commercially reasonable efforts to ensure that its Subprocessors are subject to similar data protection obligations as set out in this DPA. 84codes remains responsible for its Subprocessors and their compliance with the obligations of this DPA.
Within the area of its responsibilities, 84codes shall organize the internal organization in a way to meet the requirements of data protection. 84codes will take technical and organizational measures to adequately protect the data of the Data Controller.
84codes shall make available to Customer all information necessary to demonstrate compliance and contribute to audits, including inspections, conducted by Customer or another auditor mandated by Customer. The cost of such inspection and compliance review will be at Customer’s expense.
84codes shall immediately notify Customer if the safety measures taken by 84codes differ from the requirements agreed upon, or if severe disturbances occur in the operating procedure, or in case of violations of applicable Data Protection Regulation or the provisions made in this DPA by 84codes or the persons employed by it, as well as in the case of suspicion of Personal Data Breaches or irregularities in the processing of Personal Data.
84codes does not physically host any of the servers provided for the Service. Instead, data centers provided by external cloud platforms are used, which the Customer chooses itself when using the Service. These cloud platforms are listed as Subprocessors in Appendix 3.
84codes does not know what kind of Personal Data the Customer is handling while using the Service and employees of 84codes do not look at Customer’s Personal Data (unless we have a reason to believe that Customer is interfering with our Program Policies), nor copy the Personal Data to a server other than the one chosen by Customer. All Data in the Service is processed according to the Customer configuration. Backups (where applicable) are deleted after thirty (30) days. 84codes does not backup any Content within the Service.
As detailed in Section 10, 84codes processes all Content in the geographic location(s) that Customer specifies via the Service. If the Customer has selected a Subprocessor to provide the hosting within the European Economic Area, 84codes shall store the Personal Data within the European Economic Area and transfers outside are subject to the Customer’s prior approval, instruction or request thereto.
If the Customer selects a Subprocessor to provide the hosting services outside the European Economic Area, the 2021 SCCs shall be deemed incorporated by reference into and form and integral part of this DPA as follows:
If 84codes adopts another alternative data export solution, as recognized under applicable Data Protection Regulation, then the alternative data export solution shall apply instead of the SCCs.
84codes provides Customer the option to use the Service in a Third Country, including countries that may not provide adequate Personal Data protection according to the applicable Data Protection Regulation. The Customer warrants to have used reasonably efforts to determine that the Subprocessor acting as data importer, and chosen by Customer ,is able through the implementation of appropriate technical and organizational measures, to satisfy data importer’s obligations under the 2021 SCCs for the transfer to be performed as agreed in this DPA.
84codes shall, if possible, provide Customer with information about received requests for access to data from U.S. public authorities.
In case of a Personal Data Breach involving Personal Data Processed on behalf of Customer, 84codes shall take into account the nature of Processing and the information available to 84codes to support Customer in ensuring compliance.
If 84codes becomes aware of a Personal Data Breach, 84codes shall without undue delay notify Customer. The notification shall at least:
The liability of each party arising out of or related to this DPA (whether in contract, tort, or any other theory of liability) shall be subject to the exclusions and limitations of liability set out in the Agreement. Customer agrees that any regulatory penalties incurred by 84codes in relation to the Personal Data that arise as a result of, or in connection with, Customer’s failure to comply with its obligations under this DPA and applicable Data Protection Regulation shall count towards and reduce the 84codes’s liability under the Agree,emt as if it were a liability to Customer under the Agreement.
Subject to section 13.1, Customer shall indemnify and hold harmless 84codes and its subsidiaries, affiliates, officers, agents, employees, advertisers, licensors, suppliers or partners, (collectively “84codes and Partners”) from and against any direct claims, including any claim from Data Subjects, against 84codes due to Processing of Personal Data which violates the applicable Data Protection Regulation, if such violation is due to unclear, inadequate or inadmissible instructions from Customer, inadequate information from Customer regarding the categories of Personal Data being Processed (e.g., if sensitive Personal Data is Processed without Customer having informed 84codes) or otherwise due to circumstance on Customer’s side.
This DPA shall continue in force until the termination of the Service (the “Termination Date”).
Upon termination of this DPA, 84codes shall permanently erase, or completely block for access, all business-related information, documentation, and data provided by Customer, including Personal Data created in connection with this DPA, unless there is an legal obligation for the storage of Personal Data.
84codes may at any time make additions and/or amendments to this DPA and all its constituent elements (including any assurances granted by 84codes) by posting the new agreement at: https://www.cloudamqp.com/legal/terms_of_service.html or such URL that 84codes may provide. Customer is responsible for regularly reviewing any updates to the Terms. If 84codes makes substantial changes to the DPA in any way, we will give you a ten (10) days notice. Any changes or modifications to the DPA will become binding (a) by Customer’s written acceptance of updated terms, or (b) after Customer’s continued use of the Service after such terms have been updated by 84codes.
Regardless of 15.1, 84codes may at any time make additions and/or amendments to this DPA and all its constituent elements (including any assurances granted by 84codes), to comply with changes to applicable Data Protection Regulations or in response to guidance or mandates issued by any court, regulatory body, or supervisory authority with jurisdiction over 84codes.
What follows from the Terms shall also apply to the 84codes’s Processing of Personal Data and the commitments according to this DPA. For avoidance of doubt; where there are conflicting provisions in the Terms and the DPA, the provisions in the DPA shall take precedence regarding all Processing of Personal Data and nothing in the Terms shall be considered to limit or change the commitments according to this DPA to the extent this would mean Customer does not comply with applicable Data Protection Regulation. The 2010 SCCs shall prevail over any other Agreement.
Swedish law applies in all aspects to 84codes AB’s Processing of Personal Data under this DPA.
Any dispute arising out of or in connection with the DPA shall be settled per the dispute resolution provision in the Terms.
The following instructions apply to the Processing of the Personal Data under this DPA. In addition to what is stated in this DPA, the Data Processor shall comply with the instructions below:
| Topic | Instruction |
|---|---|
| Processing operations and purposes | The Processing shall include the following operations and purposes: • Storage and forwarding of data and other Processing necessary to provide, maintain, and improve the Service provided to the Data Controller; • To provide technical support to the Data Controller; and • Disclosures in accordance with the DPA, as compelled by law |
| Categories of Data | The Personal Data Processed might include the following Categories of Data: • First and last name • Title • Position • Employer • Contact information (company, email, phone, business address) • ID data • Professional life data • Personal life data • Connection data • Localization data |
| Categories of Data Subjects | The Personal Data Processed might include the following Categories of Data Subjects: • Data Controller’s business management and employees • Customers • Prospects • Subscribers • Suppliers • Trade representatives • Contact partners • Job applicants |
| Retention period | The Personal Data shall be erased at the Data Controller’s request according to the Data Controller’s instructions. |
The following TOMS are agreed upon between the Data Controller and the Data Processor.
There is no unauthorized access to data processing systems. Data is stored in highly secure data centers that are monitored 24/7. Physical access to the data center facilities is strictly limited to selected cloud staff.
There is no unauthorized system usage. SSH keys are required when identifying trusted computers, along with a certificate that is received via a two-step verification process. Two-step authentication is enabled on every cloud platform providing it (platforms such as AWS and Heroku). Individual authentication credentials are not shared. SSH keys are frequently rotated. All endpoints (computers, laptops, mobile phones) use encrypted storage, secure passwords, and auto-locking mechanisms.
There is no unauthorized reading, copying, changing or removing within the system.
Personal Data is Processed in dedicated systems that are not shared with other services, applications, or corporate entities. Within individual systems and databases, data is segregated with logical access control. Personal Data is not used for purposes other than what it has been collected for, except in the case of explicit customer approval.
There is no unauthorized reading, copying, changing, or removing during electronic transmission or transport. Data encryption measures are in place to protect Personal Data. All data that 84codes holds about its customers is encrypted both at rest and in transit. All data that the Data Controller inserts to the Service is encrypted at rest per default at 84codes’ side (at the cloud platforms that support it). The Data Controller can encrypt data in transit for additional security.
Logging systems are in place to determine and record whether and by whom Personal Data was entered, changed, or removed.
There is protection against accidental damage or destruction or loss via escalation ways and emergency plans.
According to Art. 28 of the GDPR, no Processing under commission is allowed without corresponding instructions from the Data Controller via explicit contract design, formalized order management, stringent selection of the service provider, obligation to convince in advance, and follow-up inspections.
Systems and services are designed to withstand intermittent high stresses or high constant loads of Processing. Further, the systems and services are also tested for vulnerabilities to ensure and maintain a high level of security.
The use of personnel, customer, and supplier IDs instead of names is prioritized to protect Personal Data.
Data encryption measures are in place to protect personal data on 84codes’ side. All data that 84codes holds about its customers is encrypted both at rest and in transit. All data that the Data Controller inserts to the Service is encrypted at rest per default at 84codes’ side (at the cloud platforms that support it). The Data Controller can encrypt data in transit for additional security.
84codes stores data in redundant data storage, and backups are performed on the databases regularly. The Data Controller has the option to set up redundancy for data processed via the Service.
| Company name, direction and nomination of possible Data Protection Officer/contract partner for data protection questions | Content of assignment (Scope of the commission by the Data Processor) | Place of Processing | Transmission of/access to Personal Data of the Data Controller (category of data and Data Subjects) | |
|---|---|---|---|---|
| 1 | Amazon Web Services | Data Center | Dependent on the Data Controller | Storage of data |
| 2 | Digital Ocean | Data Center | Dependent on the Data Controller | Storage of data |
| 3 | Google Cloud Platform | Data Center | Dependent on the Data Controller | Storage of data |
| 4 | Microsoft Azure | Data Center | Dependent on the Data Controller | Storage of data |
Please note that the data center is chosen on behalf of the Data Controller. Thus, not all data centers listed as Subprocessors will have access to the Data Controller’s data. Only the data center of the Data Controller’s choice will have access to the data and is considered as a Subprocessor in the means of this DPA.
These Program Policies are an exhibit to the Terms of Service (hereinafter referred to as Contract) and is incorporated therein.
To uphold the quality and reputation of 84codes AB products and services, your use of CloudAMQP (the “Service”) is subject to these program policies. If you are found to violate our policies at any time, as determined by 84codes AB in its sole discretion, we may warn you or suspend or terminate your account.
Please note that we may change our program policies at any time, and pursuant to the CloudAMQP Terms of Service (the “Terms”), it is your responsibility to keep up-to-date with and adhere to these policies. All capitalized terms used herein have the meanings stated in the Terms, unless stated otherwise.
Revision Date: These Program Policies were last revised on April 18, 2022.
The Content displayed and/or processed through your Application or other web site utilizing the Service shall not contain any of the following types of content (“Prohibited Content”):
In addition to the violations described in the Terms, you shall not (and shall not allow any third party, including your end users) to:
84codes AB is conscious of the kind of impact we are having on all aspects of society, including economic, social and environmental. To make sure we are in line with our Corporate Social Responsibility model and Code of Ethics, the following business are not allowed as clients at 84codes AB: