PREAMBLE

1. The company under the registered name “FoodBrokers Single-Member Société Anonyme”, with registered seat at 40 Eleftherias square and Averof str., with Tax Registration Number 801494370 issued by the Tax Authority of the city of Heraklion (the Provider) is the exclusive legal owner of the internet address (domain name) under the name “www. foodbrokers.com”, which enables the operation of its website on the internet, offering a marketplace (the Digital Platform), via which Greek producers, processors and in general food and beverage suppliers (the Sellers) can exhibit, promote and offer for sale their products to professional buyers, i.e. indicatively, retail stores, wholesalers, HO.RE.CA. professionals in Greece and around the world. 
2. The Buyer, the details of whom are specified in the respective order form, is a professional who is active in the field of retail, wholesale, HO.RE.CA. and wishes to purchase products available on the Digital Platform.

The lawful use of the services provided by the Provider means the unconditional acceptance of the terms herein and the compliance of the Buyers, during the use of these services, with current Greek legislation governing such transactions.
 
 
Ι. TERMS OF COOPERATION
1. OPERATION OF THE PROVIDED SERVICE 

1. The information reproduced by the Provider via its Digital Platform to its Buyers for the displayed products have a purely informative character and purpose. The Provider under no circumstances bears any responsibility for compensation or reparation of any direct or indirect loss and positive or negative damage, even future, which may have been caused by this information.
2. Furthermore, the Provider bears no responsibility with respect to the accuracy and correctness of the information transmitted through the Digital Platform, as this is information collected by the Sellers.
3. The Provider does not guarantee with the present document the constant, uninterrupted and secure access to the services of the Digital Platform, as its operation is likely to be influenced by external factors that cannot be controlled. The Provider, its legal representatives or employees are not responsible for any damage, positive or negative,, which the Buyers may suffer as a result of the use of the services of the Provider, caused directly or indirectly by actions or omissions by third parties.
4. It is clarified that the services offered by the Provider to the Buyers entail significant technological, organizational and further business cost for the Provider. However, the Provider has decided that said cost will be borne not by Buyers, but by Sellers, in accordance with specified, reasonably fair, commission calculations. 

2. ACCESS TO THE DIGITAL PLATFORM

1. A condition for the participation of the Buyers in the use of the services offered by the Provider is the acceptance of the present terms of cooperation, which have been defined in accordance with the current Greek legislation, during their registration in the Digital Platform. In the event of violation of any of the aforementioned terms, the Provider reserves the right to exclude users or delete members of the Digital Platform at any moment.   

 3. EVALUATION OF PRODUCTS

1. The Provider offers the Buyers the opportunity to evaluate the products that are exhibited on the Digital Platform. In order to be able to evaluate a product, Buyers must be registered on the Digital Platform and have purchased those products. 
2. The evaluations of each product can summarily mention the Buyer’s experience with this product, the Seller, and any comments or judgments about the product. 
3. A product evaluation shall not include derogatory comments, disclosure of information relating to the promotion or commercial advertisement of any third party except for any relevant lawful promotional activities carried out and supervised by the Provider, reference to another user of the Digital Platform or product evaluation by another user.    
4. The Provider reserves the right, in its absolute discretion, to select how the evaluations of products are presented (partially or completely), or to delete reviews, or to delete part of the text, informing the author of any changes where it is deemed necessary, or to contact authors to inform them that an amendment of the text is necessary for its publication, pointing out the parts in question.

   4. FINAL CLAUSES

1. In any event, for any dispute that may arise between the Provider and any Buyer, the courts of the city of Heraklion (Crete) are competent and the Greek legislation is applicable.

   5. PERSONAL DATA

1. The Provider and the Buyer agree to fully comply with the obligations arising for each party from the legislation in force with regards to Personal Data Protection and in particular the Regulation (EU) 2016/679 of the European Union (hereinafter “GDPR”) and the Law 4624/2019. Both Parties acknowledge that in the context of the present agreement and with respect to any personal data that may be disclosed or otherwise processed, they act as independent Data Controllers with each other. Furthermore, the Parties undertake the obligation to comply with the relevant terms and conditions that are further specified in Appendix I, which also constitutes an integral part of the present agreement.

APPENDIX Ι
 
PERSONAL DATA DISCLOSURE – INDEPENDENT DATA CONTROLLERS
 
Article 1 – Definitions
For the purposes of the present Appendix, the Data Controller who discloses personal data is considered the “Data Provider” and the Data Controller who agrees to receive personal data by the Provider for further processing, is considered the “Data Recipient” of said personal data.
 
Article 2 – Roles of the Parties 
Both Parties acknowledge and agree that they shall operate as Independent Data Controllers, with respect to the disclosed data, that each process on their own behalf. Each Party shall independently abide by and comply with the relevant provisions of the applicable Greek and European data protection legislation, the legislation relating to privacy in electronic communications, as well as any acts (Decisions, Guidelines, Opinions etc.) issued by the Hellenic Data Protection Authority.
 
Article 3 – Subject Matter 
The subject matter of the present Appendix is the disclosure of personal data by the Provider Company as Data Provider, to the respective Buyer as Data Recipient, under this Cooperation Agreement between them, in accordance with the following table:

Article 4 – Confidentiality 
4.1 Each Party undertakes to select for the processing of the disclosed personal data persons with requisite professional skills that provide sufficient safeguards in terms of technical knowledge and personal integrity for the observance of confidentiality.
4.2 Each of the Parties undertakes to ensure that all employees, agents, associates and any representatives thereof (natural or legal persons), acting in its name and on its behalf, for the purpose of achieving the processing purposes as described in this Appendix, adequately protect the personal data received, according to the requirements of the national and European personal data protection legislation, abide by all relevant technical and organizational measures in place and are bound by the provisions stated herein.
4.3 Each of the Parties undertakes to submit all the aforementioned employees, agents, associates and any representatives thereof, who have access to personal data, to confidentiality commitments, to provide them with appropriate training and to ensure their compliance with the obligations set out herein. The Parties shall be responsible for any breach of the above personal data protection obligations by the aforementioned persons, as if the Party itself had committed the breach of said obligations.
 
Article 5 – Data Quality  
5.1 The disclosed data shall be accurate, updated, adequate and not more than is necessary for the purpose pursued by the disclosure, in accordance with the requirements of applicable personal data protection legislation.
5.2 In the event that either Party becomes aware of the existence of inaccurate, inadequate and non-updated disclosed data, it shall notify the other Party. The disclosed personal data shall not exceed what is foreseen under this Agreement.
 
Article 6 – Liability
6.1 The Parties shall bear no liability against each other or any third parties, for any damage caused by an act or omission of the other Party, including the imposition of a fine by any Authority, as well as any other liability that may occur in view of a breach of obligations of the Parties regarding the processing of the disclosed data. More specifically, the Parties shall bear no liability against each other, in the event of the disclosure of inaccurate, non-updated data by the other Party as well as of data exceeding what is necessary for the purpose pursued, according to the requirements of applicable personal data protection legislation.
6.2 Each of the Parties shall indemnify the other Party for any damage the latter may suffer and shall be liable for any compensation/fine that the other Party is required to pay to any third party, as a result of a damage or injury to a third party stemming from the unlawful processing of the disclosed data by the first Party, under the terms herein. This also applies to cases where one of the Parties has suffered damage as a result of the actions or omissions of the other Party, pertaining to the disclosed data.
 
Article 7 – Security
7.1 The Parties undertake to protect the personal data disclosed and to apply the appropriate technical and organizational measures, so as to ensure a level of protection proportionate to the risks attached to the processing operations involved, as well as the continuous confidentiality, integrity, availability and resilience of the applicable systems and services. These measures shall protect the personal data against any accidental or unlawful destruction, accidental loss, damage, alteration, unauthorized disclosure or access and any other form of unlawful processing.
7.2 More specifically, the Parties undertake to implement policies and procedures in accordance with the applicable data protection legislation, so as to ensure data security of data subjects. The data processed shall be the minimum possible and their processing shall not deviate from the specific purpose in the context of the cooperation between the Provider Company and the Buyer. 
 
Article 8 – Data Subject Rights
The Parties acknowledge that the obligation to respond to requests and/or complaints regarding the disclosed data is independent and burdens the Party that receives the request. Unless otherwise agreed between the two Parties, the Party that has received the request on the disclosed data, may ask for the other Party’s assistance, in which case the latter shall respond to the former Party within five (5) business days, to the extent that such an assistance is possible and taking into consideration the nature of the processing operation.
 
Article 9 – Point of Contact
It is hereby agreed between the Parties that any personal data protection issue that arises shall be communicated in good faith by each of the Parties, to the respective communication channel of the other Party: For the Provider Company, this is defined as: [email protected].
 
Article 10 – Obligation to Inform
10.1 The Data Provider undertakes to adequately inform the data subjects, through personal data protection policies/notices, on the disclosure of the personal data in question to the Recipient, the purpose of the disclosure and the identity of the recipient or the category of the recipient.
10.2 The Recipient of the personal data undertakes to adequately inform the data subjects, as an Independent Data Controller, according to the requirements of applicable legislation on data protection, unless another means of informing data subjects is agreed between the Parties.