Terms & Policies

SaaS License Agreement

This document constitutes a Software License Agreement (hereinafter referred to as the “Agreement”) granted by THE GROWTH TEAM, a simplified joint stock company with a capital of 12 558,60 euros, whose registered office is located at 15, Rue Raynouard, 75016 PARIS, registered under the unique identification number 877 641 365 in the Paris Trade and Companies Register, represented by David Dokes, as President, duly authorized for that purpose (hereinafter referred to as " THE GROWTH TEAM" or the "PROVIDER") to any natural or legal person wishing to use the Software (hereinafter referred to as the “CLIENT” or “You”), collectively referred to as “the Parties” or individually as “Party”.

The CLIENT is informed that the use of the Software is conditional upon acceptance of this Software License Agreement which contains all necessary and useful information to enable him/her to commit in full knowledge of the facts. Accordingly, the mere use of the Software constitutes acceptance by the CLIENT of the entirety of the terms and conditions of this Agreement.

PREAMBLE

THE GROWTH TEAM is a software publisher that develops proprietary solutions whose licenses are marketed to its customers in the form of Software as a Service (hereinafter "SaaS"), which refers to the way in which the functionalities of a software solution are made available remotely, using Internet technologies and accessible via the Internet network. THE GROWTH TEAM has developed Polar Analytics, a software enabling the Client to manage its e-commerce data by offering a solution to centralize the different marketing channels, calculate and help monitor Key Performance Indicators (hereinafter the "Software").

HAVING REGARD TO THE AFORESAID, IT IS AGREED AS FOLLOWS:

ARTICLE 1 – DEFINITIONS

"Authorized Use": refers to the authorized use of the License by the CLIENT as defined in section 6 of the Agreement.

“Connectors” (or “Data Connectors”): refers to connector, like application programming interface, that enable to source data, such as online advertising platform, emailing software, web analytics service, which CLIENT might use in order to compute its marketing data. For example, Shopify, Google Analytics, Prestashop, Facebook Ads, etc. The list of available Connectors is accessible at https://www.polaranalytics.co/connectors

"Data": refers to all information created, acquired, aggregated, or archived by or for the CLIENT, including personal data processed via the Software, as well as the results of processing carried out on the basis of such data via the said Software. The Data also refers to the data communicated by the CLIENT relating to its activities, know-how, etc. These data are confidential and are the exclusive property of the CLIENT for the data concerning him.

"License": refers to the license as described in section 5 of the Agreement.

"Object Code": refers to the series of machine-readable instructions (executable program) that are intended to be directly executed by a computer after appropriate processing and linking but without the compilation or assembly steps.

“Support Assistance”: refers to the support provided by the PROVIDER team with commercially reasonable efforts. This technical assistance is provided through Email, Intercom or Slack depending on the Pricing plan selected

"Software" means the Software described in the Preamble of this Agreement, including all new versions, updates and modifications that may be developed after the date of signing the Agreement. By new versions and updates, we mean any improvements or evolutions of the existing functionalities of the Software, any corrections made to the Software. Software is accessible through a dashboard.

"Source Code": includes for the Software (i) a complete presentation of operations and instructions, expressed in an advanced language that is understandable to a computer professional, (ii) the procedures and methods used to achieve this result and (iii) all the technical documentation attached to the Software.

“Stores”: refer to a Shopify or Prestashop store as defined by a unique store url (Note: 1 brand can have multiples stores for multiple countries served)

“Subscription Process”: refers to the online process enable the CLIENT to subscribe to the SaaS.

“Visit”: refers to monthly sessions calculated by Google Analytics and showcased in Polar Analytics by “Visits” KPI under Key Indicators section.

ARTICLE 2 - CONTRACTUAL DOCUMENTS

The rights and obligations of the Parties relating to the subject matter hereof shall be governed by the provisions of the Agreement, which shall include the body of this Agreement, as well as the schedules hereafter listed.  The body of the Agreement should prevail over the others. Any modification of the Agreement shall be the subject of a written amendment agreed by mutual agreement between the Parties.

The Agreement expresses the entire agreement of the Parties as to its purpose. It replaces any previous agreements, declaration, negotiation, commitment, communication, oral or written, or any general conditions of the CLIENT or the PROVIDER, regardless of the time and/or medium of their communication.

ARTICLE 3 – PURPOSE

The purpose of the Agreement is to specify the terms and conditions under which the PROVIDER makes available to the CLIENT a License to use the Software.

ARTICLE 4 – DURATION

The Agreement takes effect upon the acceptation date of the terms and conditions provided herein for a term of 1 (one) month or 12 (twelve) months according to the choice made by the CLIENT during the Subscription Process, from the date of expiration of the Evaluation Period when applicable (“Initial Subscription Period”).

At the end of the term, the Agreement may be tacitly renewed (“Renewal Subscription Period”), unless one of the Parties terminates the Agreement by email sent to the other Party at least 5 (five) days before the end of the term or each renewal deadline.

If the CLIENT, subscribed to a free trial, the Agreement shall take effect upon acceptation of the free trial by following the terms of Article 5.

ARTICLE 5 – FREE TRIAL

When the CLIENT subscribes for a free trial ("Trial Account"), the PROVIDER will make the Software available to the CLIENT on a trial basis free of charge for seven (7) days (the “Evaluation Period”) from the effective date of this subscription. If, at the end of the Evaluation Period, the CLIENT does not sign up for a paid subscription of the Services, the Agreement will automatically terminate unless COMPAGNY agrees, in its sole discretion, to extend the Evaluation Period. Additional terms and conditions may appear on the registration website for a Trial Account and any such additional terms and conditions are incorporated into this Agreement by reference and are legally binding.

ALL TRIAL ACCOUNTS ARE PROVIDED “AS IS” AND “AS AVAILABLE” WITHOUT ANY WARRANTY OF ANY KIND. TRIAL ACCOUNTS MAY BE SUSPENDED, TERMINATED, OR DISCONTINUED AT ANY TIME AND FOR ANY REASON (OR NO REASON). THE PROVIDER DISCLAIMS ALL OBLIGATION AND LIABILITY UNDER THE AGREEMENT (INCLUDING LIABILITY OTHERWISE PROVIDED FOR UNDER ARTICLE 11 (LIMITATION – INSURANCE) FOR ANY HARM OR DAMAGE ARISING OUT OF OR IN CONNECTION WITH A TRIAL ACCOUNT, AND ANY CUSTOMIZATIONS MADE TO A TRIAL ACCOUNT BY OR FOR SUBSCRIBER, MAY BE PERMANENTLY LOST IF THE TRIAL ACCOUNT IS SUSPENDED, TERMINATED, OR DISCONTINUED.

ARTICLE 6 - USER LICENSE

In exchange for payment of the license fees, or, for a Trial Account, upon acceptance of this Agreement, the PROVIDER grants the CLIENT a non-exclusive, non-transferable right to use the Software in SaaS mode, 24/7 (except for planned maintenance or external outages beyond the PROVIDER’s control), for the duration of this Agreement in return for payment under Appendix 1.

The Software remains on the PROVIDER’s infrastructure; no copy is provided to the CLIENT in any form or medium. Appendix 1 describes current pricing and options.

In this respect, the CLIENT agrees to:

1. Use the Software only for its own internal business needs, ensuring any authorized user complies with these terms.

2. Not modify, transfer, or distribute the License; not correct errors on its own, disassemble, compile, decompile, reverse-engineer, or translate the Software; not separate any component from the Software or sublicense the Software.

3. Make copies of the Software only to load, display, run, or store the object code as authorized.

ARTICLE 7 - OBLIGATIONS OF THE PARTIES

7.1. OBLIGATIONS OF THE PROVIDER

• Make the Software available according to the terms of this Agreement.

• Promptly inform the CLIENT of any events that could compromise proper performance.

• Maintain and update the Software as needed for proper functionality (no guaranteed specific SLA unless included in a specific plan).

7.2. CLIENT COOPERATION

• The CLIENT shall cooperate actively and loyally, providing any elements or documents necessary for performance under this Agreement.

• The CLIENT shall pay applicable monthly or annual license fees (excluding Trial Accounts), in accordance with Appendix 1.

7.3 NON-COMPETITIVE USE

1. Prohibited Uses

The CLIENT agrees not to use the Software or any information derived from it for:

• Developing, enhancing, or supporting a competing product or service.

• Competitive analysis, benchmarking, or intelligence gathering.

• Reverse-engineering the Software’s features or functionality.

2. Representation and Warranty

The CLIENT represents and warrants that:

• It is not a direct competitor of THE GROWTH TEAM.

• It will not use the Software for competitive analysis or product development.

• It has truthfully disclosed its intended use of the Software.

3. Remedies

• Any violation of this section is a material breach of the Agreement.

• THE GROWTH TEAM may terminate services immediately upon discovery of competitive use.

• THE GROWTH TEAM reserves the right to seek injunctive relief and damages.

ARTICLE 8 - ASSISTANCE

Technical support is provided via email, Intercom, or Slack, depending on the selected Pricing Plan. Support does not include installation services (e.g., module activation, configuration, training, consulting), which may require separate agreements.

Any error discovered by the CLIENT that affects the Software shall be reported in writing to the PROVIDER.

ARTICLE 9 - INTELLECTUAL PROPERTY

The PROVIDER owns all intellectual property rights relating to the Software (including accompanying documentation, updates, old/current/future versions, and any developments). No ownership rights transfer to the CLIENT under this Agreement.

The CLIENT shall not infringe the PROVIDER’s IP rights nor:

• Reproduce the Software in any form (except for a permitted backup).

• Modify, represent, distribute, make available, or decompile the Software, except as legally required.

• Sublicense or share the Software with third parties.

The PROVIDER guarantees the CLIENT peaceful enjoyment of the rights granted under this Agreement. The PROVIDER shall defend the CLIENT against any third-party claim alleging infringement, provided the CLIENT:

1. Notifies the PROVIDER promptly.

2. Permits the PROVIDER sole authority to defend or settle.

3. Assists the PROVIDER in any such defense.

If a court prohibits the use of the Software (in whole or part) due to an infringement claim, the PROVIDER shall, within 3 (three) months, replace or modify the relevant portion to avoid infringement.

The CLIENT, likewise, guarantees the PROVIDER that it has obtained all necessary authorizations for any elements it provides to the PROVIDER, protecting the PROVIDER from any infringement or unfair competition claims arising from such elements.

EXCEPT FOR THE ABOVE IP PROVISIONS, THE SOFTWARE IS PROVIDED “AS IS” AND “AS AVAILABLE” WITHOUT ANY WARRANTIES OR CONDITIONS OF ANY KIND (EXPRESS OR IMPLIED). THE PROVIDER DOES NOT WARRANT THAT ACCESS OR USE WILL BE UNINTERRUPTED OR ERROR-FREE.

ARTICLE 10 – TERMINATION

If a Party fails to perform a material obligation under this Agreement, the other Party may terminate by sending a registered letter with acknowledgment of receipt. Termination takes effect only after a formal notice to cure remains unanswered for:

10 (ten) business days for monthly subscriptions.

30 (thirty) days for annual subscriptions.

Either Party may also terminate, without liability, via written notice if:

• The other Party enters insolvency or liquidation proceedings.

• Business operations cease for any reason.

If the CLIENT fails to pay sums owed to the PROVIDER, the PROVIDER may terminate immediately upon written notice if payment is not received within the stated cure period.

Provisions on liability, IP, non-solicitation, and confidentiality survive termination.

ARTICLE 11 - LIABILITY

The CLIENT is responsible for assessing whether the Software suits its needs. The CLIENT acknowledges it received all necessary information before entering this Agreement. The PROVIDER bears no liability if the CLIENT cannot use the Software due to interconnection issues with Connectors or because of the Software’s inadequacy for particular needs.

Analytics and insights from the Software are general guidance; the CLIENT is solely responsible for business decisions. The PROVIDER is not liable for direct or indirect damages (e.g., lost profits, commercial disruption, lost data, brand harm) arising from the CLIENT’s use or inability to use the Software.

IN NO EVENT SHALL EITHER PARTY’S CUMULATIVE LIABILITY EXCEED THE TOTAL AMOUNT PAID BY THE CLIENT FOR THE SOFTWARE IN THE 12 (TWELVE) MONTHS PRECEDING THE EVENT GIVING RISE TO THE CLAIM. NEITHER PARTY SHALL BE LIABLE FOR INDIRECT, SPECIAL, INCIDENTAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, EVEN IF ADVISED OF THEIR POSSIBILITY.

ARTICLE 12 - DATA PROTECTION

The CLIENT's Data and databases, whether or not containing personal data, to which the PROVIDER may have access in the performance of the Agreement, are the exclusive property of the CLIENT. These Data and databases are strictly confidential in accordance with the terms of the article "Confidentiality".

The PROVIDER shall refrain from infringing the CLIENT's property rights relating to the aforementioned Data and databases and, in this respect, shall refrain from communicating them to third parties, from reproducing them, from carrying out extractions (unless these operations are part of the services covered by the Agreement or following an express and prior request by the CLIENT), or from infringing the security of the processing of these Data.

In general, the PROVIDER shall maintain and comply with adequate technical security measures to protect the CLIENT's Data, to which the PROVIDER may have access in the performance of the Agreement, against any accidental or unlawful destruction or accidental loss, damage, alterations, disclosure or unauthorized access, in particular when the processing involves the transmission of data or databases over a network, and against any other form of unlawful processing.

To the extent PROVIDER processes any CLIENT Personal Data (as defined in Appendix 2) contained in CLIENT Data on behalf of CLIENT, the terms of the Data Processing Addendum which are incorporated in Appendix 2 by reference, will apply and the parties agree to comply with such terms.

ARTICLE 13 - FORCE MAJEURE

The Parties shall not be held liable for any breach of any of their obligations under the Agreement resulting from the occurrence of an event of force majeure, as defined by the case law of the French courts. In this case, the obligations of the Parties shall be suspended from the notification of this exonerating cause by one of the Parties to the other Party until its termination.

To the extent that such circumstances continue for a period of more than 1 (one) month, the Parties agree to enter into discussions with a view to amending the terms of their respective commitments.

If no agreement or alternative is possible, these commitments may then be terminated by the Party whose obligations are not affected by the event of force majeure, without damages, by simple written notification by registered letter with acknowledgement of receipt, without compensation or notice.

ARTICLE 14 – CONFIDENTIALITY

Each of the Parties acknowledges that they will communicate to each other (and to their officers, employees, consultants and subcontractors who may have a direct need to know such information) (together the "Authorized Persons") certain technical, commercial, financial or other information relating to their respective activities, as well as the Agreement and all its Annexes and amendments, whether such information has been delivered in writing, orally or by any other means (the "Confidential Information") under the Agreement.

In order to protect the confidentiality of the Confidential Information, each Party agrees, under the terms of the Agreement, to:

- maintain the Confidential Information in absolute confidentiality and not to disclose it to any third party to the Agreement (other than Authorized Persons), subject to the prior written consent of the Party that owns the Confidential Information concerned;

- use the Confidential Information only in the context of the Agreement, and therefore to refrain from any other use, directly or indirectly, in any form whatsoever, either for itself or on behalf of any third party;

- ensure that Authorized Persons to whom all or part of the Confidential Information has been communicated, are informed by that Party of the obligations under the Agreement relating to such Confidential Information;

- return, at the request of either Party, any Confidential Information in its possession, and destroy any copies of any Confidential Information in its possession (however, this obligation does not extend to documents or reports prepared on the basis of the Confidential Information or incorporating certain Confidential Information, provided that such documents and reports remain confidential under the conditions stipulated in the above paragraphs).

Provided that the obligations referred to in the above paragraphs shall not apply to Confidential Information provided by a Party which:

- have fallen into the public domain at the time of their communication or subsequent to their communication, provided, in the latter case, that such communication is not the result of a breach of confidentiality by the Party having had knowledge of the Confidential Information concerned;

- were known by the other Party in a legitimate and peaceful manner, prior to the date on which such Confidential Information was communicated to it;

- shall be provided by the other Party pursuant to any applicable law or regulation or at the request of any supervisory or regulatory body, administration or courts;

- are legitimately obtained by the Receiving Party from a third part which, by making such disclosure, does not breach any obligation of confidentiality;

- are developed autonomously by the Receiving Party;

- are disclosed by the disclosing Party to a third party without any obligation of confidentiality;

This obligation of confidentiality applies for the entire duration of the Agreement and for a period of two (2) years upon expiry or termination of the Agreement, for any reason whatsoever.

The Provider will respond with data requests within 72 hours and you may ask for data to be permanently deleted, with written confirmation after it is completed.

ARTICLE 15 - PRICES

The CLIENT shall pay the amounts stated in the contract as the agreed-upon price for the services provided. These amounts are monthly or annual fees for licenses, depending on various conditions, such as the number of visits, orders, the level of data accuracy and specific features the CLIENT wishes to have.

Any amount unpaid on the due date shall bear interest for late payment, subject to prior formal notice to pay, sent by registered letter with acknowledgement of receipt, which shall remain without effect for a period of 5 (five) working days following its receipt, at the rate of 3 (three) times the legal interest rate in force on the due date.

More generally, any supply or service not expressly defined in the Agreement will be invoiced under the terms of the amendment governing it.

In general, the CLIENT shall not reimburse any expenses incurred by the PROVIDER under the Agreement without his express prior written consent.

The PROVIDER remains free to change the agreed-upon price, as well as the structure and modalities of its pricing if and only if the PROVIDER informs the CLIENT 60 (sixty) days prior to the Renewal Subscription Period. Such change cannot occur during the ongoing subscription period.

When using the online payment service, the PROVIDER may use the services of the company Stripe. To this end, the CLIENT authorizes the PROVIDER to transmit personal data to its partner, like CLIENT details (Name, registration date), and any other documents or information relating to our regulatory obligations in the fight against money laundering and terrorist financing. Stripe's general terms and conditions and privacy policy are available at: . Stripe Ltd. is authorized by the Financial Conduct Authority (FCA) as a payment institution in accordance with the Payment Services Regulations 2009. FCA reference is FRN 580343.

ARTICLE 16 - NON-SOLICITATION

The CLIENT expressly refrains from soliciting, with a view to hiring or subcontracting, any employee of the PROVIDER, for the entire duration of the Agreement and the 12 (twelve) months following its termination, regardless of the cause. This prohibition also applies during the 12 (twelve) months following the end date of an employee's employment contract, regardless of the cause. In the event of an infringement of this prohibition, following a poaching and/or an offer made, the defaulting Party shall be required to pay the other Party, as a penalty clause, a lump-sum indemnity equal to 12 (twelve) times the last gross monthly salary of the requested person, plus the costs incurred in recruiting a replacement.

ARTICLE 17 - GENERAL PROVISIONS

Transfer. No change in the legal form of either Party and/or in the capital structure of either Party, including change in corporate form, merger, takeover or change of control, may affect the performance of the Agreement.

No waiver. The absence of sanction by one of the parties of a breach of a provision of this Agreement or failure to comply with the time of performance of an obligation to perform does not mean that it waives its right to sanction any prior or subsequent breach of the same or any other provision.

Notifications. All notices required to be given to either Party under this Agreement shall be in writing and delivered by hand during normal business hours or by registered mail with return receipt during normal business hours to the respective addresses indicated on the cover page of this document, which the Parties shall choose for the delivery or sending of notices, communications or legal proceedings arising under this Agreement. The Parties shall have the right to replace such address with another physical address, which shall take effect 30 (thirty) days after the other Party has been given written notice.

Applicable law and dispute resolution. This Agreement is subject to French law and the competent courts of Paris. Before any litigation is taken, the Parties shall seek, in good faith, to settle amicably their disputes relating to the validity, performance and interpretation of the Agreement. The Parties shall meet to discuss their points of view and make any relevant findings to enable them to find a solution to the conflict between them. The Parties shall endeavor to reach an amicable agreement within thirty (30) days of notification by one of them of the need for an amicable agreement by registered letter with acknowledgement of receipt.

APPENDIX 1: FINANCIAL CONDITIONS OF THE SERVICE

Base Plans & Pricing

1. Analyze Plan

• Starting from $300/month

• Business Intelligence features, automated scheduled reports, unlimited historical data, unlimited users, unlimited connectors, one-time Customer Success Manager (CSM) onboarding session.

2. Analyze & Enrich Plan

• Starting from $350/month

• Includes all Analyze Plan features plus intraday data refresh, Polar Pixel and dedicated Slack channel support, and solution engineering implementation.

3. Analyze, Enrich & Activate Plan

• Starting from $400/month

• Includes everything in Analyze & Enrich plus advanced automation workflows, activation features (e.g., audience syncing), and customized triggers for marketing engagements.

4. Enterprise Plan

• Customized pricing for brands above $20M yearly GMV or requiring specialized features.

• Includes all Analyze Plan features plus Snowflake database access, advanced automation workflows, a 99% SLA, priority support with a personal DM channel, bespoke reporting, and tailored training.

Usage-Based or GMV-Based Pricing

Depending on the CLIENT’s preference and business scale, the PROVIDER may offer usage-based pricing (calculated per order, excluding gift cards, canceled orders, and $0 orders) or a bracketed GMV-based model. The selected model is confirmed during the Subscription Process or Order Form, with any per-order increments billed monthly.

Billing and Payment Terms

All plans are billed monthly unless otherwise stated. The CLIENT may upgrade, downgrade, or switch models (usage-based vs. GMV-based) upon mutual agreement or plan features. Any official changes to pricing or plan structure will be communicated with reasonable notice.

All prices exclude applicable taxes. Payments occur via Stripe; additional charges may apply per Stripe’s terms. Any changes to the pricing structure will be communicated in advance.

APPENDIX 2: DATA PROTECTION AND SECURITY MEASURES

  1. Ownership and Confidentiality of Client Data: All Client data and databases, including any containing personal data, to which the Provider gains access during the execution of the Agreement, shall remain the sole and exclusive property of the Client. This data and databases shall be considered confidential under the terms of the "Confidentiality" article in the Agreement.
  2. Restrictions on Provider's Use of Data: The Provider will not infringe upon the Client's proprietary rights regarding the aforementioned data and databases. Specifically, the Provider will not disclose this data to third parties, reproduce it, extract it (unless these activities are part of the services covered by the Agreement or are done following an express prior request from the Client), or breach the security measures in place for processing this data.
  3. Technical Security Measures: The Provider will maintain and adhere to adequate technical security measures to safeguard the Client's data from accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access, and any other form of unlawful processing. These security measures apply especially during the transmission of data over a network.
  4. Data Processing Addendum: If the Provider processes any Client Personal Data contained within the Client's Data on behalf of the Client, the terms of the Data Processing Addendum, which is incorporated into this Appendix by reference, will apply. Both parties agree to comply with these terms.

Please note that "Client Personal Data" will be defined in the Data Processing Addendum.

All data handling procedures will adhere to applicable local and international data protection laws and regulations, to ensure the maximum possible protection of the Client's data

Data Processing Agreement

In the context of their contractual relations, the Parties undertake to comply with the regulations in force applicable to the processing of personal data and, in particular, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 applicable as from 25 May 2018 (hereinafter referred to as the "GDPR"), as well as Law No 78-17 of 6 January 1978 on data processing, files and freedoms (hereinafter referred to as the amended "Data Protection Act"). The purpose of this Annex is to define the conditions under which the processor undertakes to carry out on behalf of the controller the processing operations of personal data defined below.

I. Definitions of the terms

For the purposes of this Agreement, the following terms shall have the following meaning:

• "Personal Data" means any information relating to an identified or identifiable natural person; an "identifiable natural person" is defined as a natural person who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more elements unique to him/her. In order to determine whether a person is identifiable, all means of identification available or accessible to the Data Controller or any other person must be considered.

• "Data Subject" refers to a natural person whose Personal Data are processed.

• "Data Controller" means the CLIENT, who determines the purposes and means of the Personal Data Processing.

• "Data Processor" refers to the PROVIDER who processes Personal Data under the authority, on instructions and on behalf of the Data Controller.

• "Processing" means any operation or set of operations involving Personal Data by the Data Processor on behalf of the Data Controller, regardless of the process used, and in particular the collection, recording, organization, structuring, storage, adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other form of making available, reconciliation or interconnection, as well as limitation, deletion or destruction.

• "Personal Data Breach" means a security breach resulting in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or unauthorized access to, Personal Data transmitted, stored or otherwise processed.

II. Obligations of the Data Controller

The Data Controller acknowledges and guarantees:

- that the Processing is carried out in accordance with the provisions of the GDPR and the Data Protection Act, in particular, that the Data Subject has been informed of the purpose of the Processing, his rights, the recipients of the Personal Data and the policy on the protection of privacy and personal data;

- only in the event that the Data Controller processes "sensitive" data as defined in Article 9 of the GDPR (i.e. the Processing of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, as well as the Processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning the sex life or sexual orientation of a natural person), the Data Controller has collected them and requires the Data Processor to carry out their Processing, in full compliance with the provisions of the said Article 9;

- that it will respond as soon as possible to any Data Protection Authority requests for information, if any;

- that it will respond, as soon as possible, to requests from any Data Subject by the Processing, to communicate information on its Personal Data and that it will give appropriate instructions to the Data Processor, in due course.

- The Data Controller also undertakes to:

o document in writing any instructions concerning the Processing of Personal Data by the Data Processor;

o ensure, in advance and throughout the duration of the Processing, that the Data Processor complies with the obligations provided for in the European Data Protection Regulation;

o supervise the Processing, including carrying out audits and inspections of the Data Processor.

III. Obligations of the Data Processor

The Data Processor undertakes to:

- process the data only for the purposes indicated by the Data Controller;

- if the Data Processor considers that an investigation constitutes a violation of the European Data Protection Regulation or any other provision of Union law or of the law of the Member States relating to data protection, it shall immediately inform the Data Controller. In addition, if the Data Processor is required to transfer data to a third country or international organization, under the law of the Union or the law of the Member State to which it is subject, it must inform the Data Controller of this legal obligation before the Processing, unless the law concerned prohibits such information for important reasons of public interest;

- guarantee the confidentiality of the personal data processed under this Agreement;

- ensure that the persons authorized to process personal data under this Agreement:

- undertake to respect confidentiality or are subject to an appropriate legal obligation of confidentiality;

- receive the necessary training in the protection of personal data;

- consider, with regard to its tools, products, applications or services, the principles of privacy by design and data protection by default;

- inform its employees of their responsibility regarding the protection of Personal Data, in particular as regards the confidentiality of such data;

- in the event of a possible legal, administrative or judicial prohibition that could prevent it from carrying out the Processing, the Data Processor shall inform the Data Controller and may then terminate the Agreement, without the Data Controller being able to hold the Data Processor liable or claim damages from him;

- cooperate with the CNIL in the event of a request for information from the latter and that it will comply with any recommendation of the CNIL relating to the Processing.

1. Subcontracting

The Data Processor may use another subcontractor (hereinafter, the "Subprocessor") to carry out specific Processing activities. In this case, he/she shall inform the Data Controller in advance and in writing of any planned change concerning the addition or replacement of other Subprocessors. This information must clearly indicate the subcontracted Processing Activities, the identity and contact details of the Subprocessor and the dates of the subcontract. The Data Controller has a minimum period of one (1) month from the date of receipt of this information to present his objections. This subcontracting may only be carried out if the Data Controller has not raised any objection within the agreed period.

The Subprocessor is required to comply with the obligations of this Agreement on behalf of and in accordance with the instructions of the Data Controller. It is the initial Data Processor's responsibility to ensure that the Subprocessor provides the same sufficient guarantees as to the implementation of appropriate technical and organizational measures so that the Processing operation complies with the requirements of the European Data Protection Regulation. If the subsequent processor does not fulfill its data protection obligations, the initial Data Processor remains fully liable to the Data Controller for the performance by the subsequent processor of its obligations.

Polar Analytics is committed to transparency in its use of subcontractors and the services they provide. Below are the details regarding our primary subcontractors:

  1. Fivetran: Engaged for data integration services, facilitating aggregation and secure transfer of data. They are based in the United States, adhering to high standards of data security and privacy.
  2. Snowflake: Provides cloud-based data warehousing services, crucial for data processing and storage. Located in the United States, they comply with stringent data security and privacy standards.
  3. DBT (Data Build Tool): Used for transforming data within our warehousing environment. They operate primarily in the United States and maintain compliance with robust data security and privacy practices.
  4. Airbyte: An open-source data integration engine that plays a significant role in our data processing framework, ensuring flexible and efficient data integration.
  5. Apache Airflow: Utilized as a platform for programmatically authoring, scheduling, and monitoring workflows, contributing to the robust management of our data processing operations.

All these subcontractors, including Airbyte and Apache Airflow, are engaged under the strict requirement to comply with the same data protection obligations as set forth in this Agreement. Polar Analytics ensures that all subcontractors are bound by contractual terms that are no less protective than the terms set out in our agreement with you, the Data Controller.

The Data Processor (Polar Analytics) remains fully liable to the Data Controller for the performance of the Subprocessor's obligations. We conduct regular reviews and audits to ensure our subcontractors’ adherence to these obligations.

Should more detailed information about the roles, locations, or specific data security and privacy practices of these subcontractors be required, we are ready to provide this upon request.


2. Right of data subjects to be informed

It is the responsibility of the Data Controller to provide the information to the Data Subjects on the Processing operations at the time of data collection.

3. Exercise of data subject’s rights

The Data Controller grants requests to exercise the rights of the Data Subjects (right of access, rectification, deletion and opposition, right to limit the Processing, right to data portability, right not to be the subject of an automated individual decision, including profiling) and will give appropriate instructions to the Data Processor in due course. As far as possible, the Data Processor shall assist the Data Controller in fulfilling his obligation to comply with requests to exercise the rights of the Data Subjects.

4. Notification of Personal Data Breaches

The Data Processor shall notify the Data Controller of any breach of personal data as soon as possible and, at the latest, 72 hours after becoming aware of it. This notification shall be accompanied by all relevant documentation in order to enable the Data Controller, if necessary, to notify this Violation to the competent supervisory authority.The Data Processor must take all necessary steps to identify the causes of such Personal Data Violation and take all measures that it deems necessary and reasonable to remedy the origin of such Violation when such remedy is under the control of the Data Processor.

5. Security measures

The Data Processor must at all times have technical and organizational measures in place to prevent unauthorized access to the Personal Data and the use of the Personal Data for purposes other than those agreed for their transmission to the Data Processor. The Data Processor represents and warrants that the security measures taken are in no event less than those required by applicable law or those that a person performing the same activity as the Data Processor would reasonably have taken for the protection of Personal Data against unauthorized access or use.

In cases where the Data Processor has obtained the prior consent of the Data Controller for the transmission of Personal Data to a third party, the Data Processor must again take appropriate security measures to ensure the secure transmission of the Personal Data.  The Data Processor must protect and maintain the Personal Data as confidential information. The confidentiality requirements required by each of the commercial documents and/or confidentiality agreements signed between the Data Controller and the Data Processor must apply to the Personal Data.

VI. Termination and Data Deletion

In accordance with Article 28.f. of the General Data Protection Regulation (GDPR), the following terms are agreed upon regarding the termination of processing services and the handling of personal data:

Data Deletion upon Termination of Processing Services: Upon the termination of the processing services for any reason, Polar Analytics, acting as the Data Processor, commits to deleting all personal data processed on behalf of the Data Controller, subject to this Data Processing Agreement. This deletion will be executed as soon as reasonably possible, in a manner that ensures the complete erasure of all such personal data, in accordance with the Data Controller's instructions and the provisions of the GDPR.

Polar Analytics will confirm the completion of this data deletion process to the Data Controller in writing, ensuring that no personal data remains within Polar Analytics' systems or any subprocessors' systems, unless required by law.

Website Privacy Policy

This Privacy Policy describes how your personal information is collected, used, and shared when you visit or make a purchase from thegrowthteam.co (the “Site”).

PERSONAL INFORMATION WE COLLECT

When you visit the Site, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. Additionally, as you browse the Site, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the Site, and information about how you interact with the Site. We refer to this automatically-collected information as “Device Information.”

We collect Device Information using the following technologies:

- “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org.  
- “Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.  
- “Web beacons,” “tags,” and “pixels” are electronic files used to record information about how you browse the Site.

Additionally when you make a purchase or attempt to make a purchase through the Site, we collect certain information from you, including your name, billing address, shipping address, payment information (including credit card numbers), email address, and phone number.  We refer to this information as “Order Information.”

When we talk about “Personal Information” in this Privacy Policy, we are talking both about Device Information and Order Information.

CHANGES

We may update this privacy policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal or regulatory reasons.

CONTACT US

For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at david@thegrowthteam.co or by mail using the details provided below:

15 Rue Raynouard, Paris, France, 75016, France