GENERAL TERMS AND CONDITIONS OF SALE APPLICABLE TO LEVIIA SERVICES

Date of update and entry into force of these General Terms and Conditions of Sale : 3 April 2026

ARTICLE 1 – INTRODUCTION TO THESE GENERAL TERMS AND CONDITIONS OF SALE

Article 1.1 – Designation of the parties

LEVIIA, a simplified joint-stock company with its registered office at 14 avenue de l’Europe, 77144 Montevrain, registered with the Meaux Trade and Companies Register under number 894137561, represented by Arnaud Méauzoone in his capacity as Chairman, hereinafter referred to as “LEVIIA” or the “Company .

LEVIIA is a provider of data storage services in France for private individuals and businesses (hereinafter “the Service” or “the Services”), marketed via the website www.leviia.com (hereinafter “the Website”).

“The Customer” refers to any person subscribing to the Services by means of an online order on the Website or via a Purchase Order/Quotation forming part of the contractual package (hereinafter “the Purchase Order”) in accordance with the terms set out in these General Terms and Conditions.

The purpose of these General Terms and Conditions is the non-exclusive provision of the Services by the Company to the Customer for the Customer’s own personal use.

Article 1.2 – Scope of the General Terms and Conditions

The Customer acknowledges that they have the necessary capacity to subscribe to LEVIIA’s Services. The choice of and subscription to the Services are the sole responsibility of the Customer.

These General Terms and Conditions apply without restriction or reservation to any subscription to Services by the Customer with LEVIIA. In particular, they set out the conditions for access to the Services and the LEVIIA Website, for placing orders, for payment and for the provision of the Services ordered by the Customer.

These General Terms and Conditions may be supplemented by specific terms agreed prior to any transaction with the Customer.

These General Terms and Conditions apply to the exclusion of all other terms and conditions, and in particular those of the Customer or those applicable to other channels for the marketing of the Services.

Unless proven otherwise, the data recorded in LEVIIA’s computer system shall constitute proof of all transactions concluded with the Customer.

The Customer declares that they have read these General Terms and Conditions and accepted them by ticking the box provided for this purpose on the Website prior to completing the online ordering process. The Customer’s confirmation of the order for Services constitutes acceptance of these General Terms and Conditions without restriction or reservation.

As these General Terms and Conditions may be subject to subsequent amendments, the version applicable on the date of the Customer’s subscription is that in force on the date the contract is concluded.

Article 1.3 ISO 27001 & HDS certification

LEVIIA obtained ISO 27001 (2017) & HDS (2018) certification on 2 June 2023 for all its service offerings.

In July 2025, the official surveillance audit validated the transition to the ISO 27001 (2022) and HDS (2024) certification versions. View our up-to-date certificates here: Leviia ISO 27001 & HDS Certificates

Follow-up audits are scheduled annually until the renewal audit, the next of which is currently planned for 2026.

The scope of the HDS LEVIIA certification covers the following activities:

• 3 – Provision and maintenance of the virtual infrastructure of the information system used for the processing of health data
• 4 – Provision and maintenance of the operational condition of the hosting platform for the IS used for the processing of health data
• 5 – Administration and operation of the information system containing health data
• 6 – Backing up health data

Activities 1 and 2, which relate respectively to the physical hosting of data and infrastructure management, are covered by our hosting provider – the data centre. Please refer to section ‘6.4 Data Subcontracting’ for further details.

The Company guarantees that the data is stored within France; please consult our Data Location Certificate as proof of our commitment: Leviia – Data Location Certificate

LEVIIA certifies that no personal health data is transferred to a country outside the European Economic Area.

ARTICLE 2 – SERVICES PROVIDED BY LEVIIA

Article 2.1 – Terms of use of the Services and the Customer Personal Space

To access the Services, the Customer must:

• Create their own customer account using their email address and a password of their own choosing (hereinafter “Personal Access Codes”).
• Log in to their LEVIIA account using their Personal Access Codes.

Article 2.2 – Designation of Services

The following Services are available on the LEVIIA website, depending on the Customer’s needs, who chooses the Service they wish to use:

• LEVIIA Next: file storage, sharing and editing, chat, video calls, calendar, etc. Leviia Next is a sovereign and secure collaborative suite based on Nextcloud, available in three tiers:
  • “Solo” for individuals, direct subscription on the website
  • “Squad” for micro-businesses and families, direct subscription on the website
  • “Pro” for SMEs, mid-market companies, large enterprises and public sector organisations, available on quotation
• LEVIIA Storag3 (S3): high-performance, sovereign object storage, ideal for outsourced backups, aimed at businesses and government bodies, subject to quotation.

Article 2.3 – LEVIIA Services rates

The Services are provided at the current rates listed on the Website at the time the order is registered by LEVIIA. Prices are quoted in euros and shown as amounts excluding VAT and including VAT. These rates are fixed and non-negotiable during their period of validity, as indicated on the Website; LEVIIA reserves the right, outside this period of validity, to amend prices at any time.

The payment requested from the Customer corresponds to the total amount of the subscription to the Service, including these charges. An electronic invoice is issued by LEVIIA and sent to the Customer upon provision of the Services ordered.

The prices listed on the Website are indexed to the SYNTEC index and will be revised on the anniversary date of the contract by applying the following formula: P = Po x (S/So)

Where:

• P = revised amount
• Po = initial amount
• So = value of the latest SYNTEC index published on the date this contract was drawn up
• S = value of the latest SYNTEC index published on the date of revision.

Should the above index cease to exist, the Parties shall replace it with an alternative index.

ARTICLE 3 – INVOICING FOR LEVIIA SERVICES

3.1 General

LEVIIA applies different billing methods depending on the Service(s) subscribed to. Any period that has commenced is payable in full. A Customer wishing to cancel their subscription during a billing period must pay for the services and variable usage incurred during that period. Full details of the pricing terms are available on the website https://www.leviia.com.

The provisions of this article do not prevent the Customer from exercising their rights to switch provider, to cancel the Service and to data portability in accordance with Regulation (EU) 2023/2854 (Data Act) and Annex 2.

3.2 Billing for the Leviia Next Solo and Squad packages

Billing for the Leviia Next Solo and Squad packages is on a flat-rate, fixed basis. It depends on the storage space and the parameters selected at the time of ordering (for example: storage volume, number of users for Squad packages). The flat rates are indicated according to the chosen billing method (monthly or annual), with a discount for annual billing.

3.3 Billing for the Leviia Next Pro package

Billing for the Leviia Next Pro package is a fixed amount, corresponding to the subscription taken out, calculated in particular based on the number of users, the amount of storage in TB and the options selected at the time of ordering.

3.4 Billing for the Storag3 (S3) package

Billing for the Leviia Storag3 (S3) package is a flat-rate charge, based on a capacity reservation:

• The Customer reserves a storage capacity corresponding to the number of TB they wish to contract
• The capacity reservation is a minimum of 10 (ten) TB, for a minimum commitment period of 1 (one) year. This package operates in increments of 10 (ten) TB.

A 15 (fifteen)-day trial of the Leviia Storag3 Service may be granted, subject to prior commercial agreement.
Any data uploaded by the user during this trial period will be automatically deleted 15 days after the end of the trial if no order is placed. This deletion is irreversible and cannot give rise to a claim by the user who benefited from the trial.

ARTICLE 4 – ORDERING THE SERVICES PROVIDED BY LEVIIA

Article 4.1 – Pre-contractual information and customer acceptance

The Customer acknowledges having been informed by LEVIIA in a clear and comprehensible manner, through the provision of these General Terms and Conditions, prior to subscribing to the Service:

• The essential characteristics of the Services, and in particular the specifications and details of dimensions or capacity, enabling them to subscribe to the Service of their choice in full knowledge of the facts, particularly with regard to the Terms of Use. The Customer is required to refer to the description of each Service in order to ascertain its essential properties and features;
• Regarding the price of the Services and the application of a personalised price based on an automated decision-making process and associated costs or, in the absence of payment of a price, regarding any benefit provided in lieu of or in addition to it;
• Regarding the identity of LEVIIA and all its contact details;
• Regarding the right of withdrawal (existence, conditions, time limit, procedures for exercising this right and standard withdrawal form), the terms of termination and other important contractual conditions and, where applicable, the costs of using the means of distance communication, and the existence of codes of conduct;
• Regarding accepted payment methods.

The fact that a Customer subscribes to the Services on the Website implies full and unconditional acceptance of these General Terms and Conditions and an obligation to pay for the Services ordered, which is expressly acknowledged by the Customer, who waives, in particular, the right to rely on any conflicting document that would be unenforceable against LEVIIA.

Article 4.2 – Placing an order

In order to place an order for the Service they have chosen, the Customer must have a customer account. The Customer creates their customer account online on the Website. The Customer provides all the required information (including email address, identity, contact details, bank details, etc.) and undertakes to ensure that all information provided is accurate and kept up to date throughout the duration of the Contract.

Once their Customer Account has been activated, the Customer may order one or more Services.

It is the Customer’s responsibility to select the Services they wish to order on the Website, in accordance with the following terms:

• Information on the key features of the Service or services;
• Selection of the Service and, where applicable, its options;
• Provision of the Customer’s essential contact details (name, email address, postal address, etc.);
• Acceptance of these Terms and Conditions;
• Checking the order details and, where necessary, correcting any errors;
• Then, follow the payment instructions.

Registration for a subscription to the Services on the Website is completed when the Customer accepts these Terms and Conditions by ticking the box provided for this purpose and confirms their order. This confirmation implies acceptance of these Terms and Conditions in their entirety.

The subscription to the Service is only final once LEVIIA has sent the Customer confirmation of acceptance of the order by email.

Any order placed, confirmed by the Customer and accepted by LEVIIA, in accordance with the Terms and Conditions and the procedures described above, on the Website constitutes the formation of a distance contract between the Customer and LEVIIA.

Article 4.3 – Payment terms

The amount payable by the Customer, as stated on the invoice issued for the use of the Service(s) selected by the Customer, is payable in full on the day the Customer places the order, in accordance with the following terms:

• By credit card: Carte Bancaire, Visa, MasterCard,
• By SEPA direct debit,
• Via the “Chorus pro” service in the case of an order placed by the Public Sector.

Payment by credit card is irrevocable, except in the event of fraudulent use of the card. In such cases, the Customer may request cancellation of the payment and a refund of the corresponding amounts, subject to providing proof of such fraud to LEVIIA.

Payments made by the Customer shall only be considered final once the sums due have been effectively received by LEVIIA.

Article 4.4 – Payment irregularities

In the event of non-payment or late payment, including partial payment, the Customer shall be liable for late payment penalties payable on the day following the payment deadline, at an interest rate equal to twice the statutory interest rate.

Furthermore, any delay in payment shall automatically result in the application of a fixed compensation of forty (40) euros, without prejudice to late payment penalties.

Failure to pay shall result in the suspension of the Services subscribed to by the Customer until the Customer has rectified the situation. If the Customer fails to rectify the situation within a commercially acceptable timeframe, and no later than thirty (30) calendar days following the suspension, LEVIIA may terminate the Contract and delete the Data, provided that the Customer has been notified at least fifteen (15) calendar days in advance. This deletion is irreversible and will only take place after the expiry of the applicable legal time limits and in compliance with obligations relating to data portability and reversibility.

Article 4.5 – Right of withdrawal

Where the Service is ordered directly via the website without the involvement of LEVIIA, the Customer has a period of 30 days from the date of ordering the Services to exercise their right of withdrawal with LEVIIA, without having to provide any reason or pay any penalty, in order to receive a refund. The right of withdrawal may be exercised by email to support@leviia.com.

If the right of withdrawal is exercised within the aforementioned period, only the price of the Service(s) purchased will be refunded. The refund is not automatic upon account deletion and will be processed within a maximum of fourteen days from the date LEVIIA receives this explicit request for a refund.

However, the right of withdrawal does not apply to an order placed following the signing of a quotation sent by LEVIIA based on requests made by the Customer.

Article 4.6 – Term, termination of the contract, and termination clause

These General Terms and Conditions shall take effect on the date the Customer subscribes to the Service(s) for a term specified at the time of ordering (hereinafter the “Contract Effective Date”) and for the duration of the subscription to the Service(s).

The Contract shall then be tacitly renewed, automatically and indefinitely, for a period similar to the Initial Period, unless terminated by the Customer at least 24 hours before the end of the term by registered letter with acknowledgement of receipt (LRAR) or in accordance with the procedure set out on the Website for this purpose.

Either Party may terminate the contractual relationship in the event of a breach by the other Party of a material provision of these General Terms and Conditions, which has not been remedied within one (1) month of the sending of a formal notice addressed by registered letter with acknowledgement of receipt to the other Party, setting out the grievance(s) in detail and referring to the relevant provision of the General Terms and Conditions.

In the event of termination by the Company due to the Customer’s fault, such termination shall automatically and ipso jure result in the acceleration of all other sums owed by the Customer to the Company, which shall become payable immediately, even before the agreed due date, without prejudice to any additional damages to which the Company may be entitled, in particular in respect of the loss of margin resulting from the Customer’s default.

ARTICLE 5 – LIABILITY OF THE PARTIES

Article 5.1 – Client’s Responsibilities

The Client is solely responsible for safeguarding the Personal Access Code and undertakes not to disclose it to any third party under any pretext whatsoever, and to keep it strictly confidential.

The Customer undertakes to inform the Company without delay and by email, as soon as they become aware of it, of any risk of misuse or unauthorised use of their Personal Access Code.

It is the sole responsibility of the Customer, at their own expense and under their sole liability, to equip themselves with the technical means, in particular internet access (hardware, software, networks, etc.), and the necessary skills to access the Services and carry out all permitted operations, without recourse against LEVIIA in the event of damage resulting from a misunderstanding or mishandling, including, for example, in the placing or cancellation of an order, or in the deletion of data or information, or the entry of incomplete or erroneous data or information.

The Customer shall notify LEVIIA of the users who, under the Customer’s sole responsibility, are the only ones authorised to access the Platform and use the Service (hereinafter the “Users”). The number of Users specified when placing the order may be increased subject to a corresponding increase in the agreed price. The Customer therefore undertakes to use only one user account per person. Account sharing and the simultaneous connection of several people to the same user account are strongly discouraged, as this may lead to conflicts and undermine the quality of the Service provided by LEVIIA.

The data hosted by LEVIIA, as well as the Customer’s use of the Service for their own or internal purposes, are the sole responsibility of the Customer, who undertakes not to make any fraudulent or unlawful use of the Service.

The Customer’s content and data hosted by LEVIIA must be lawful and used in accordance with best practice and the laws and regulations in force. Any use of unlawful content (for example, child pornography,  content that glorifies or incites the commission of crimes against humanity, acts of terrorism, paedophilia, anti-Semitism, racism or other such acts, or content that incites hatred towards persons on the grounds of their gender, religion, sexual orientation or identity, or disability) or the unlawful or abusive use of content (for example, fraudulent use of content or use of content in breach of third-party rights such as personality rights, copyright, patents, trade marks or other intellectual property rights) in connection with the Services is prohibited and may result, at the Company’s discretion, to the right to remove any offending data, to suspend the Customer’s access to the Service without further formalities or notice, to deactivate the Customer’s account and/or to terminate the contract at the Customer’s fault, without prejudice to any legal proceedings and claims for compensation which the Company reserves the right to pursue.

The sharing of data hosted by LEVIIA is the sole responsibility of the Customer.

Article 5.2 – LEVIIA’s Responsibilities

Subject to the elements made available by LEVIIA, LEVIIA does not intervene in the management of the Customer’s content (such as data, photos, files, etc.) within the scope of the Services and shall not access such content for any purpose other than for the purposes of performing the Services, such as maintenance.

The use of the Personal Access Code by the Customer shall constitute proof of the Customer’s use of the Service, this provision constituting an agreement on evidence within the meaning of Article 1368 of the Civil Code (new numbering pursuant to Order No. 2016-131 of 10 February 2016). Similarly, the continued use of the Service shall constitute proof of the Service’s compliance.

Article 5.3 – Limitation of LEVIIA’s warranty

The Services provided via the LEVIIA Website comply with the regulations in force in France. LEVIIA shall not be held liable in the event of non-compliance with the legislation of the country from which the Customer uses the Services, and it is the Customer’s sole responsibility, as the party solely responsible for the choice of Services requested, to verify these applicable regulations.

In the event of non-conformity of the Services, the Customer may demand that the non-conforming Services be brought into conformity, the free provision of a new compliant Service or, failing that, a price reduction or cancellation of the sale, in accordance with the Legal Terms and Conditions.

It is also the Customer’s responsibility to request from LEVIIA that the defective Services be brought into compliance or that a new compliant Service be provided free of charge. The defective Service shall be brought into compliance within a period not exceeding thirty days following the Customer’s request.

Exclusion of warranty:

LEVIIA shall not be held liable or in default for any delay or failure to perform resulting from:

• The occurrence of a force majeure event, within the meaning of Article 1218 of the Civil Code.
• Non-compliance with the legislation of the country in which the Services are provided, which the Customer is responsible for verifying before placing their order,
• The Customer storing unlawful data on the Service,
• In the event of misuse of the Service by the Customer.

Limitation of liability clause:

In the event of a breach by LEVIIA of its contractual obligations, its liability shall not be sought beyond twelve (12) months from the occurrence of the event giving rise to such liability, subject to compliance with the provisions set out in these General Terms and Conditions of Sale, and only in the event of proven fault.

In any event, LEVIIA shall not be liable for any indirect damage or loss arising from any loss of turnover or business, LEVIIA’s liability being in any case capped at the sum of one million five hundred thousand euros (1,500,000), which is equal to the amount of the professional liability insurance taken out by the Company.

ARTICLE 6 – DATA PROTECTION AND GDPR

Article 6.1 – Types of Personal Data at LEVIIA

LEVIIA distinguishes between two types of personal data and processes them differently:

• Personal Data associated with the Customer’s account: this is necessary for processing the Customer’s order and for all transactional communications. It is not linked to the data stored by the Customer on LEVIIA’s servers.
• Personal Data provided by the Customer: this refers to all data and files stored on LEVIIA’s servers. This data is linked to the Customer’s active LEVIIA subscription: that is to say, to the purchase of a Service. This Personal Data is available as long as the Customer has an active Service.

Article 6.2 – Processing of Personal Data for ordering Services

With regard to the data provided by the Customer (the Personal Data of the Customer Account) in connection with the subscription to the Services and in accordance with the French Data Protection Act of 6 January 1978, as reinforced and supplemented by the GDPR (General Data Protection Regulation) which came into force on 25 May 2018, the Customer has, at any time, the right to access, rectify, object to, erase and transfer all their personal data by writing, by post and providing proof of their identity, to: support@leviia.com.

Pursuant to Law No. 78-17 of 6 January 1978, as amended by Law No. 2018-http://Leviiacontact@leviia.com493 of 20 June 2018, it is noted that the personal data requested from the Customer is necessary for the processing of their order and the issuance of invoices.

These T&Cs constitute the contractual basis applicable between LEVIIA and the Customer with regard to obligations relating to the processing of Personal Data, in accordance with Article 28 of the GDPR.

Article 6.3 – Protection of the Customer’s Personal Data in connection with the use of LEVIIA Services

Generally speaking, access to hosting environments is strictly limited to authorised LEVIIA staff, within the scope of their duties. Access rights are granted on a least-privilege basis, formalised, logged and regularly reviewed. Privileged accounts are subject to enhanced monitoring and periodic review of authorisations. All administrative actions are logged and retained in accordance with applicable regulatory requirements.

Please consult our Data Availability, Integrity and Confidentiality Statement as proof of our commitment; this covers both customer personal data and data stored as part of our service offering: Leviia – Data Availability, Integrity and Confidentiality Statement

1. Regarding Personal Data in the Customer Account

As part of its own activities, LEVIIA collects and processes certain personal data, in particular for administrative and commercial management purposes. In this capacity, LEVIIA, as Data Controller:

• Complies with the principles of the GDPR relating to the protection of personal data (lawfulness, fairness, transparency, purpose limitation, data minimisation, accuracy, storage limitation, integrity and confidentiality);
• Maintains a record of processing activities in accordance with Article 30 of the GDPR, describing the purposes, categories of data processed, retention periods, and security measures implemented;
• Ensures the confidentiality and security of the personal data processed by implementing appropriate technical and organisational measures;
• Informs data subjects of their rights and ensures the effective exercise of those rights (access, rectification, erasure, restriction, objection, portability);
• Does not transfer personal data outside the European Union without appropriate safeguards, unless legally required to do so;
• Reports any personal data breaches to the CNIL and, where necessary, to the data subjects within the statutory time limits.

For any questions regarding the processing of personal data for which LEVIIA is the Data Controller, data subjects may contact our Data Protection Officer (DPO) at the following address: support@leviia.com.

2. Regarding Personal Data stored by the Customer as part of the Leviia cloud service

The Data is stored using the Services provided by LEVIIA to the Customer. The Customer is solely responsible for the processing of their Personal Data processed by the various features available on the Services, with LEVIIA acting as a Data Processor. As such, LEVIIA:

• processes Personal Data only on the documented instructions of the Data Controller;
• guarantees the confidentiality, integrity and availability of Personal Data;
• ensures that its employees are subject to an appropriate duty of confidentiality;
• shall not transfer Personal Data outside the European Union unless required by law or with the Client’s prior written consent;
• immediately alerts the Client if an instruction constitutes a breach of applicable law;
• maintains an up-to-date GDPR sub-processing register for this Service for the Client.

LEVIIA accesses the Client’s Data in two ways:

• To fulfil LEVIIA’s obligations as set out in Article 5.2 (LEVIIA’s Responsibilities) in accordance with the product subscribed to (list available in Article 2.2 – Product Specifications).
• For maintenance and support operations, in order to ensure the quality and continuity of the Service. The Customer acknowledges and accepts that LEVIIA may, in the context of a maintenance operation or a support request, access the administration of the Customer’s account. In the event of a support request from the Customer, this must be made in writing to support@leviia.com or via the support form so that the request can be tracked in an internal ticketing system.

LEVIIA undertakes not to use the Data it processes for any purpose other than the performance of the contracted services.

In the general case of a direct subscription/sale by the Customer to LEVIIA’s Services, the contractual relationship is established as follows (see Article 6.11 for other cases of subscription/sale):

• The Customer acts as the Data Controller;
• LEVIIA acts as a direct Data Processor, within the meaning of Article 28.3 of the GDPR;
• This Article 6 of the GTC constitutes the data processing agreement between the Parties, without the need for a separate contract;
• LEVIIA shall act solely on the basis of documented instructions from the Customer;
• All obligations of the Data Processor under the GDPR apply;
• At the Client’s express request, LEVIIA may formalise a dedicated Data Processing Agreement (DPA), based on a legally validated template, which shall constitute the reference version. No other version of the DPA shall be accepted without prior validation by LEVIIA.

Article 6.4 – Sub-processing of Data

LEVIIA may use Sub-processors, classified as subsequent sub-processors under the GDPR, to perform the Services. In this context:

• LEVIIA shall inform the Client in advance of any addition or replacement of a data processor;
• The Client may object on legitimate grounds*;
• Any subsequent sub-processor is contractually bound by the same obligations regarding security, confidentiality and compliance;
• LEVIIA remains fully liable to the Client in the event of a breach by the subsequent processor;
• Any transfer to a third country is subject to the Client’s express consent and the required safeguards.

List of subcontractors available at: Leviia – List of subcontractors.

Customer data is hosted within the infrastructure operated by our data centre provider, Free Pro, whose current certifications can be viewed at the following address: FreePro Certifications.

To date, the physical hosting sites used are as follows:

Lyon region	Marseille
LYO01 – Vénissieux	MAR02 – Marseille 13016
LYO02 – Limonest	MAR03 – Marseille 13015
LYO03 – Lyon “Rockefeller”

*The Customer shall be entitled to refuse this change, on legitimate and documented grounds, by registered letter with acknowledgement of receipt, no later than one (1) month after notification of the change by LEVIIA.

In the event of the Customer’s refusal, LEVIIA shall be entitled to terminate the Contract by giving notice of such termination by registered letter with acknowledgement of receipt, subject to a notice period of three (3) months.

Special case of transfers outside the EU within the subcontracting chain

In the event of the use of subsequent Sub-processors involving a transfer of Data to a country outside the European Union:

• LEVIIA undertakes to seek the prior and express consent of the Customer (or the Reseller if they are the main sub-processor – see the scenarios in Article 6.11);
• LEVIIA shall provide the appropriate contractual and technical safeguards required by the GDPR (standard contractual clauses, additional measures, etc.).

Article 6.5 – Exercise of Data Subjects’ Rights

LEVIIA has a procedure for the exercise of so-called “data subjects’ rights” within the meaning of the GDPR (General Data Protection Regulation), namely primarily the following rights: right to object, right of access, right to rectification, right to erasure (known as the “right to be forgotten”), right to restriction of processing, right to data portability. The Customer must submit a written request to support@leviia.com, specifying the nature of their request (deletion, retrieval, etc.).

LEVIIA undertakes to acknowledge receipt of the request within seven (7) working days and to respond within the timeframes set out in the applicable regulations, and in any event within a maximum of one (1) month, unless there are duly justified exceptional circumstances. All requests are recorded by LEVIIA in a Data Subject Rights Request Register. LEVIIA shall also forward without delay any request received directly from a data subject to the Data Controller.

LEVIIA has appointed a Data Protection Officer, in accordance with Article 37 of the GDPR, under CNIL number DPO-80958, who can be contacted:

• By email at support@leviia.com.
• By post, for the attention of the DPO: 14 avenue de l’Europe, 77144 Montevrain.

Article 6.6 – Return and deletion of Personal Data

Upon expiry of the Contract and no later than the final day of the Contract, LEVIIA is obliged to delete all the Client’s Personal Data and any existing copies. LEVIIA shall not retain any such data for any reason whatsoever. At the end of the said contract:

• LEVIIA shall delete all Personal Data, unless otherwise required by law;
• Upon the Client’s instruction, LEVIIA shall provide the data in a structured and interoperable format (e );
• LEVIIA shall retain no copies, unless required by law.

If the Customer wishes to terminate their subscription before the expiry date, they will be informed via a confirmation window that their data will be automatically deleted. The Customer is informed that they must retrieve their data before terminating their subscription.

Unlike the Personal Data provided by the Customer, the Customer Account data is retained by LEVIIA so that the Customer can retrieve their invoices. The Customer may submit a written request to support@leviia.com to have their Customer Account data deleted.

Article 6.7 – Notifications in the event of a Data Security Breach

LEVIIA undertakes to inform the Customer of any Personal Data Breach and to assist with any request from the Customer and the implementation of any measures to remedy the situation. In such cases, LEVIIA undertakes to:

• Notify the customer as soon as possible, and within 72 hours at the latest, after becoming aware of the breach;
• Provide the customer with all necessary information to assess the risks and impacts of the breach, enabling them to take all appropriate decisions and measures regarding its management and the necessary follow-up;
• Provide the following details for any Breach, as a minimum: the nature of the Breach, the category and approximate number of individuals affected or likely to be affected, the categories and volume of Personal Data impacted, the likely consequences of the Personal Data Breach, an assessment of potential harm and the level of severity, and the technical and organisational measures already taken or proposed to remedy the situation;
• Assist the Client in fulfilling its obligations towards the authorities or the data subjects.

Article 6.8 – Notifications in the event of disclosure of Personal Data

LEVIIA shall cooperate with the Client in the event of a request from an authority or a third party, within the limits of applicable law.

In the event of judicial seizures relating to Personal Data, the Client:

• Acknowledges having read the Judicial Seizure Policy and declares that they accept it without reservation.
• Undertakes to comply with LEVIIA’s Judicial Seizure Policy.

The Customer is invited to send any questions regarding LEVIIA’s Judicial Seizure Policy to support@leviia.com. LEVIIA undertakes to respond as soon as possible. Unless notification is prohibited by applicable law, LEVIIA will inform the Customer by email.

LEVIIA’s Judicial Seizure Policy outlines the following steps:

1. LEVIIA receives a request for judicial seizure
2. LEVIIA verifies the identity of the applicant by providing a secure, password-protected submission link.
3. LEVIIA deletes the evidence of the applicant’s identity and the submission link
4. LEVIIA sends all the Data to the claimant in the form of an archive uploaded to the LEVIIA application, accessible via a secure, password-protected link
5. The claimant retrieves the Data
6. The applicant confirms in writing that they have retrieved the data
7. LEVIIA deletes the archive and the sharing link

Article 6.9 – Contractual representative responsible for the hosting of personal health data

Customers who host Personal Health Data via the LEVIIA Services they have subscribed to must provide LEVIIA with a designated contact person – the HDS contact point – who will act as the point of contact in the event of incidents concerning the hosting of Health Data, in accordance with HDS obligations (requirement no. 11).

The contact details of this contact person must be provided upon signing the contract, via the relevant contractual annexe or, failing that, by emailing support@leviia.com.

The following details are required: Name of the company or organisation (as stated in the contract drawn up with Leviia), Surname and first name of the “HDS” contact, role, email, telephone number, and an indication of whether the contact is also a healthcare professional authorised to access DSCP.

Article 6.10 Audit procedures by the Data Protection Officer (DPO)

In accordance with paragraph 4 of Article R.1111-11 of the Public Health Code, it is agreed that the following provisions shall apply to ensure compliance with the rights of data subjects:

1. Procedures for exercising rights: the rights of access, rectification, restriction, objection, erasure and data portability are guaranteed in accordance with the procedures described in Articles 6.2 and 6.5 herein.
2. Reporting of breaches: LEVIIA undertakes to notify the data controller of any personal data breach in accordance with Article 6.7.
3. Audits carried out by the DPO: LEVIIA agrees that the Client’s Data Protection Officer (DPO), or any authorised representative, may:

• Conduct audits regarding compliance with the GDPR;
• Access the data necessary for such an audit;
• Coordinate monitoring activities with the LEVIIA DPO;
• Receive all documentation necessary to demonstrate LEVIIA’s compliance.

These audits are subject to the same terms and conditions as those set out in Article 11.2 of these GTC.

Article 6.11 – Framework for subcontracting in cases of indirect sales

The LEVIIA Service may be offered to end customers through a third party, such as a reseller, distributor or business introducer (hereinafter the “Reseller”). In accordance with the GDPR, and in particular Article 28 thereof, the following legal classifications apply:

1. Indirect sale to the End Customer: cascading subcontracting

This refers to the situation where the Reseller administers, integrates or implements the LEVIIA Services on behalf of the End Customer.

• The End Customer acts as the Data Controller;
• The Reseller acts as the main data processor;
• LEVIIA acts as a sub-processor, in accordance with Article 28(4) of the GDPR;
• LEVIIA is contractually bound solely to the Reseller and never deals directly with the End Customer, unless explicitly instructed to do so by the Reseller.

Specific conditions:

• The Reseller undertakes to have obtained prior, written and valid authorisation from its customers to engage LEVIIA as a sub-processor, in accordance with Article 28(2) of the GDPR;
• LEVIIA acts solely upon the Reseller’s express and documented request, in accordance with the End Customer’s instructions and the limitations communicated;
• LEVIIA’s interventions in this context are:
• Justified and limited (maintenance, incidents, etc.);
• Documented via a ticketing system;
• Traceable (access logs);
• Carried out in a secure environment.

Obligations of the Reseller:

• To inform the End Customer of LEVIIA’s obligations regarding data processing;
• Notify LEVIIA of any instructions or restrictions imposed by the End Customer;
• Ensure full compliance of the subcontracting chain, including security and confidentiality guarantees.

2. Indirect sale without the Reseller’s involvement

This refers to cases where the Reseller markets the LEVIIA offering without intervening technically in the Customer’s environment.

• The End Customer is the Data Controller;
• LEVIIA acts as a direct processor (direct relationship between LEVIIA and the End Customer);
• The Reseller has no role as a data processor; it acts solely as a commercial intermediary;
• The Reseller must inform the End Customer that it is their responsibility to enter into a contract directly with LEVIIA to comply with the obligations set out in Article 28 of the GDPR;
• This contractual arrangement takes the form of a dedicated GDPR Data Processing Agreement (DPA).

LEVIIA provides a legally validated data processing agreement template that meets the requirements of the GDPR, which shall be used to formalise this relationship. No other version of the DPA shall be accepted unless expressly approved in advance by LEVIIA.

Special case of transfers outside the EU within the subcontracting chain

In the event of the use of sub-processors involving the transfer of Data to a country outside the European Union:

• LEVIIA undertakes to seek the prior and express consent of the Client (or the Reseller if they are the main data processor);
• LEVIIA shall provide the appropriate contractual and technical safeguards required by the GDPR (standard contractual clauses, additional measures, etc.).

Article 6.12 – Essential clauses and dedicated contractual option

The obligations relating to the protection of Personal Data set out in this Article 6 constitute essential commitments under the Contract. Any material breach of these obligations, in particular regarding confidentiality, security or compliance with the GDPR, may result in the termination of the Contract. These obligations shall survive the expiry of the Contract.

The Client – Data Controller acknowledges that this Article serves as a data processing agreement within the meaning of Article 28 of the GDPR. However, at the Client’s express request, a dedicated data processing agreement (DPA) may be drawn up and signed between LEVIIA and the Data Controller.

ARTICLE 7 – INTELLECTUAL PROPERTY

Article 7.1 – LEVIIA’s Intellectual Property

The content of the Website (images, content, documents, design, logo and LEVIIA brand, etc.), excluding hosted content belonging to Customers, is the property of LEVIIA and is protected by French and international intellectual property laws.

Any reproduction, in whole or in part, of this content is strictly prohibited and may constitute an offence of copyright infringement.

LEVIIA is also the owner or lawful user of all the programming codes and applications necessary for the operation of the Services.

Article 7.2 – Client’s Intellectual Property

The Customer declares that they hold the ownership or usage rights relating to the data hosted by the Company under this Agreement and undertakes to indemnify LEVIIA, upon first request, against all damages, costs and expenses, including the cost (fees and legal costs) of its defence in the event of any third-party action against the Customer’s content that may have consequences for LEVIIA.

The Customer expressly authorises the Company to list them as one of its commercial references and to use the Customer’s name and logo for this purpose on the Website, as well as in all its communication and marketing materials and documents (social media, blog, press releases, testimonials, etc.).

ARTICLE 8 – SERVICE CONTINUITY AND AVAILABILITY REQUIREMENTS

Article 8.1 – Availability of LEVIIA Services (SLA)

Availability and performance indicators are regularly monitored by LEVIIA.

The term ‘Monthly Availability Rate’ means: the total number of minutes in the month in question, less the number of minutes of Downtime in that month, divided by the total number of minutes in the month in question.

“Downtime” means the total number of minutes during which the Service was unavailable for more than three (3) consecutive minutes. Downtime is calculated by LEVIIA from the time the incident ticket is opened via the address support@leviia.com.

The Customer must submit a written request for the issuance of credit notes via the email address support@leviia.com; these are not issued automatically and are subject to LEVIIA’s assessment of the duration of the Downtime.

Service Level Agreements do not in any way concern the availability of elements that remain under the Customer’s control, such as, in particular, third-party software or applications installed and/or used by the Customer.

In the event of an Outage, the Customer must cooperate with LEVIIA to restore the Service. They must report the incident and provide all information necessary for LEVIIA’s diagnosis and intervention. The Customer undertakes to remain available at all times, in particular to respond to any requests for further information and to carry out all necessary tests and checks. If required, the Customer shall grant LEVIIA access to its Management Interface. In the absence of such cooperation, the Customer shall not be entitled to claim Service Credits.

The term “Resilience” refers to LEVIIA’s ability to make the data that was stored prior to a duly reported unavailability incident available to the Customer once again (see conditions above).

Recovery objectives
LEVIIA undertakes to deploy all reasonable human, technical and organisational resources to restore the availability of the Services in the event of an incident affecting the LEVIIA infrastructure.

The response and recovery targets for availability incidents, expressed in working hours (WH), apply from the time LEVIIA receives a valid report from the Customer and are set out in the table below.

In addition:

• Customers benefit from 24/7 monitoring and support, every day of the year.
• This process applies exclusively to incidents falling within the remit of the Leviia technical systems administration team (in particular infrastructure availability and security).
• It is triggered by the Supplier’s internal monitoring and alert mechanisms. Manual reports from Customers outside Business Hours do not result in immediate action, unless they correlate with an internal alert from the system administration team.

Grounds for exclusion from credit (Availability and Response-Restoration)
No service credit shall be due if the overrun results in particular from:

• a force majeure event within the meaning of Article 1218 of the Civil Code;
• an intervention or configuration attributable to the Customer;
• a breach by the Customer of their contractual obligations or their obligations to cooperate;
• unavailability caused by a third party;
• a scheduled maintenance operation notified to the Customer in accordance with these T&Cs.

Article 8.2 – Technical modifications and developments

In accordance with Article R. 1111-11 of the Public Health Code, LEVIIA undertakes to inform its customers of any technical modifications or developments introduced by it or imposed by the applicable legal framework.

Notification of technical changes:
LEVIIA shall notify the Customer in writing (by email or via the customer portal) of any technical changes or developments likely to affect the use of the Services.

This notification will include a description of the changes, their implementation date, and their potential impact on functionality or security.

Prior consent of the Customer:
In the event that the technical changes or updates are, at the time of notification and based on reasonably available information, likely to result in:

• a significant deterioration in the service levels (SLA) defined in Article 8.1;
• or a substantial alteration to the security and compliance guarantees provided for in Articles 6.2 and 6.9;

LEVIIA shall seek the Customer’s prior consent before implementing any such changes.

In the absence of a response from the Client within 15 working days, the changes shall be deemed to have been accepted.

In the event of the Customer’s express refusal, the Parties shall endeavour to agree on an alternative solution, provided that this is technically feasible and compatible with the legal, security and operational constraints of the Services.

In the absence of an agreement within thirty (30) calendar days of the Client’s refusal, LEVIIA reserves the right to terminate the Contract automatically, without compensation, subject to thirty (30) calendar days’ notice.

During this notice period, the Customer may retrieve their data in accordance with the terms set out in these General Terms and Conditions.

Exceptions:
Critical security patches or updates required by legal obligations may be applied immediately, subject to the Customer being informed retrospectively.

Subcontracting:
Changes relating to the addition or replacement of subcontractors remain subject to the provisions of Article 6.4.

ARTICLE 9 – TECHNICAL AND ORGANISATIONAL MEASURES TAKEN BY LEVIIA

Article 9.1 – User access control

User access is governed:

• For the Next Solo and Squad products: by the application’s user creation system. User creation is therefore the responsibility of the Client, who creates the accounts, and the new user receives an invitation by email with their login details.
• For the Next PRO product: by the application’s user creation system. User creation is therefore the responsibility of the Customer, who creates the accounts and shares the login details with their employees.
• For the Storag3 product: via secure access to the LEVIIA dashboard.

Article 9.2 – Traceability measures

As part of the monitoring of its Information System (IS), LEVIIA has a system for logging user actions, for the purposes of support and IS monitoring.

The logs are retained for a period of 12 months and contain:

• The IP address
• The action performed: creation, modification, move, deletion
• The file or folder concerned
• The application used: web app, desktop application, mobile application
• The browser used

Article 9.3 – Software protection measures

To ensure a high-quality service, LEVIIA has implemented the following security measures:

• Our hosting provider’s anti-DDoS system
• Network data encryption: website accessible via HTTPS, use of TLS
• Daily backups and daily monitoring of incidents (see Article 9.4 Data Backups)
• Monitoring of vulnerabilities and security breaches, with the implementation of patches following their detection
• Change management policy, including test environments and procedures prior to making these changes available to the customer

Article 9.4 – Data backup

LEVIIA performs rolling ‘snapshots’ once a day for Next products:

• For the last 30 days for the “Next Solo and Squad” product, the cost of restoring these “snapshots” depends on:
• The total volume of data to be restored
• The number of files to be restored
• The timeframe for performing this restoration
• For the last 180 days for the ‘Next Pro’ product, the cost of restoring these ‘snapshots’ is included in the subscription.

Restoration requests must be sent to support@leviia.com.

For the “Storag3” product, it is the customer’s responsibility to back up their data.

Article 9.5 – Data reversibility

General Case:

Personal Data stored with LEVIIA is accessible in plain text and without any constraints or restrictions on the part of LEVIIA. The Customer may access it at any time to manage and/or retrieve it.

Should the Customer wish to retrieve data hosted by LEVIIA, they may submit a request to support@leviia.com.

The Data Reversibility Policy involves the following steps:

1. LEVIIA informs the Customer of the loss of HDS Certification and initiates the return of the Data, or the Customer initiates a request for the Data Reversibility procedure
2. LEVIIA sends all of the Customer’s Data in the form of an archive uploaded to the LEVIIA application on the Customer’s account, accessible via a secure, password-protected link
3. The Customer retrieves their data
4. The Customer confirms in writing that the data has been retrieved
5. LEVIIA deletes the archive and the sharing link
6. LEVIIA deletes all of the Customer’s Data

Specific reversibility applicable in the case of health data hosting:

In accordance with paragraphs 12 to 14 of Article R.1111-11 of the Public Health Code, LEVIIA undertakes, in the event of termination or early cessation of the service, to:

• Return all data entrusted to it in connection with the service, in standard, readable and usable formats (e.g. CSV, SQL), enabling the portability of health data;
• Provide the data within a maximum of thirty (30) calendar days from the date of the Client’s written request;
• Delete all copies, including backups, within a maximum of sixty (60) days following confirmation of data retrieval, by means of secure and traceable erasure;
• Provide the Client in advance with the return schedule and estimated costs

Pricing:

In all cases, data return carried out via the Service’s standard mechanisms (including APIs, automated export or direct download) is included in the price of the Service, subject to reasonable terms of use and in proportion to the volume of data stored.

Where data return requires specific operations or falls outside the scope of standard usage, in particular due to:

• the total volume of data to be returned;
• the requested delivery formats (specific or non-standard formats);
• specific technical requirements (transfer via secure media, extraction from virtual machines or containers, architectural constraints);
• specific time constraints requested by the Customer;

the costs of data retrieval are then determined based on the criteria set out above, including a base rate and, where applicable, variable adjustments.

In such cases, a quotation is provided to the Customer for prior approval before any work commences.

In any event, the costs of data portability shall be determined in a reasonable, transparent and proportionate manner, and shall not constitute an obstacle to the exercise of the right to data portability.

Article 9.6 – Guarantees in the event of failure

In accordance with paragraph 10 of Article R.1111-11 of the Public Health Code, LEVIIA shall inform the Customer of the guarantees and procedures put in place to cover any potential failure on its part:

• Backups: Daily snapshots are taken for the Next and Next Pro products in accordance with the terms set out in Article 9.4. These backups enable restoration within the specified timeframes, depending on the type of subscription.
• Business Continuity and Disaster Recovery Plan (BCDRP): LEVIIA has implemented a single, documented business continuity and disaster recovery plan to ensure the continuity and subsequent recovery of critical Services in the event of a major incident. This plan includes redundancy of data, infrastructure and monitoring points, in accordance with the commitments set out in Article 8 (Requirements for Service Continuity and Availability).
• Liabilities in the event of an incident: In the event of an incident affecting the availability or integrity of data, LEVIIA undertakes to inform the Customer without delay in accordance with the procedures set out in Article 6.7. LEVIIA’s liability is limited to the extent provided for in Article 5.3 hereof, in particular with regard to exclusions and compensation limits.
• LEVIIA shall provide the Customer, upon request, with a summary of its incident and failure management plan, subject to a confidentiality undertaking.

Article 9.7 Data immutability feature

Leviia offers, as part of its Leviia Storag3 service, a security feature called Object Lock, which prevents any modification or deletion of data contained in a ‘bucket’ (principle of data immutability) during the retention period defined by the Customer. In exceptional circumstances, a duly justified request for an early waiver of this feature may be submitted in writing to support@leviia.com. Leviia will then initiate an initial validation process for the request. Should this request be deemed admissible by LEVIIA, the Customer must then formalise their request using a template provided by Leviia, to be completed and signed by the legal representative, and which will be subject to final validation prior to any action being taken. Leviia reserves the right to refuse any incomplete or inconsistent request.

The Customer acknowledges that any early deactivation of the Object Lock feature restores the technical capability to permanently delete the relevant data. LEVIIA shall not be held liable for any consequences resulting from LEVIIA’s execution of a compliant and validated request from the Customer, except in cases of gross negligence or proven breach of its essential contractual or legal obligations.

Where the Customer acts as a Reseller, without being the Data Controller for its own customers’ data, it must submit this request on behalf of its customer to LEVIIA and shall be solely responsible for the validity of the request; LEVIIA nevertheless reserves the right to refuse any unjustified, incomplete or inconsistent request.

In the event of termination of the contract between LEVIIA and the Customer for any reason whatsoever, the Object Lock feature shall also be terminated, regardless of the retention period initially specified by the Customer.

ARTICLE 10 – SUPPORT POLICY

Leviia has a support policy in place to assist its Clients in the event of incidents affecting the use of the Services or in response to enquiries regarding the Services.

Incident
An incident refers to any event impacting the availability, integrity, confidentiality or proper functioning of the Services. An incident may be reported by the Customer, detected by Leviia or by its monitoring systems.

Feature Request
Feature requests include requests for the addition of features, customisation or specific adaptations. They are reviewed by Leviia as part of its product management process and may, where appropriate, be the subject of a dedicated contractual proposal.
Minor or cosmetic issues, which have no impact on the availability or use of the Service, are treated as change requests.

Information requests
An information request refers to any question relating to the use of the Services, with no expected technical or corrective impact.

Reporting

Reports of these various events (incidents, enhancement requests, information requests)  must be sent exclusively by email to the following address: support@leviia.com

Support hours and availability

• All customers
  The Leviia support service is available during Business Hours (BH), i.e. Monday to Friday from 9am to 5pm (Paris time), excluding public holidays.
• Special case: Infrastructure incidents: please refer to Article 8.1

ARTICLE 11 – AUDIT OF THE LEVIIA INFORMATION SYSTEM

Article 11.1 – Regular audits of the LEVIIA Information System

LEVIIA regularly commissions an independent audit to assess and document the adequacy of the technical and organisational measures implemented in connection with its Services.

LEVIIA shall regularly commission an independent audit to assess and document the adequacy of the technical and organisational measures implemented in connection with its Services, and shall provide a summary of the results of such audit and/or other related information that the Client may reasonably request, upon the Client’s written request.

This information constitutes LEVIIA’s confidential information and is protected as a trade secret (Articles 151-1 et seq. of the French Commercial Code). It may be subject to other reasonable confidentiality requirements (including, but not limited to, the execution of a separate confidentiality agreement).

Article 11.2 – Audits carried out by the Client

During the performance of the Contract, the Client may, subject to a limit of once per contractual year, at its own expense and under its own responsibility, commission an audit whose sole purpose is to verify the compliance of the Services provided by LEVIIA in performance of the Contract.

The Client shall notify LEVIIA of this audit by registered letter with acknowledgement of receipt, detailing the protocol to be followed, the methods to be used and the data to be audited, thirty (30) Working Days prior to the proposed date of its implementation.

The audit shall be carried out by the Client or by a third party designated by the Client, subject to the dual condition that such third party is not a direct or indirect competitor of LEVIIA and that it has entered into a confidentiality agreement, a copy of which shall be provided to LEVIIA for approval.

With regard to audits conducted by Clients, the following is specified:

• Clients may audit their hosted Data only (whether in a dedicated or shared environment), with a trusted technical partner (who must contact LEVIIA to confirm the technical feasibility of conducting their test) and undertake to provide an audit report to LEVIIA,
• Customers may obtain a public version of the latest “HDS” audit report upon request.
• Customers may, upon request, obtain a public summary of the penetration test reports carried out on the LEVIIA global Information System.

Article 11.3 – Provision of traceability elements

In the context of Services involving the hosting of Personal Health Data (PHD), the Customer may request, by sending an email to support@leviia.com, the provision of access logs relating to their own environments.

In accordance with the HDS certification framework and applicable legal obligations, LEVIIA strictly regulates the conditions under which such information is made available. The transmission of this information may only take place in the following cases:

• A duly authorised regulatory or contractual audit,
• Management of a security incident,
• Legal grounds, including any request from a competent judicial or administrative authority,
• A proven or ongoing dispute,
• Documented suspicion of malicious intent or fraudulent access.

Any request must therefore be legitimate, justified and contextualised; otherwise, it will be deemed inadmissible by LEVIIA and will not result in the disclosure of the relevant logs.

No information may be disclosed that is likely to compromise the security of LEVIIA’s Information System, the rights of other Clients, trade secrets or the confidentiality of security measures.

The disclosure of the requested data takes place after the request has been validated by LEVIIA and may require the prior signing of a specific confidentiality agreement.

This policy aims to ensure the confidentiality, integrity and security of data and hosted environments. LEVIIA confirms that it possesses all the necessary technical and organisational resources to extract and transmit, where applicable, logs that are strictly relevant within the regulatory framework and in accordance with HDS certification requirements.

ARTICLE 12 – APPLICABLE LAW, LANGUAGE AND DISPUTES

These General Terms and Conditions and the transactions arising therefrom are governed by French law. They are drafted in the French language. In the event that they are translated into one or more languages, only the French text shall prevail in the event of a dispute.

In the event of a dispute and prior to any legal proceedings, the Parties undertake to seek an amicable solution.

Any disputes relating to the subscription to Services entered into pursuant to these General Terms and Conditions or to their performance which cannot be resolved amicably between LEVIIA and the Customer shall be submitted to the competent courts within the jurisdiction of the Paris Court of Appeal.

The Customer is informed that, in any event, they may, in the event of a dispute, resort to contractual mediation, in particular through the Consumer Mediation Commission (Consumer Code, Art. L 612-1) or through existing sector-specific mediation bodies, or to any alternative dispute resolution method (such as conciliation).

APPENDIX 1 – WITHDRAWAL FORM

This form must be completed and returned only if the Customer wishes to withdraw from the order placed on https://www.leviia.com, except in the case of exclusions or limits to the exercise of the right of withdrawal in accordance with the applicable General Terms and Conditions.

For the attention of :

LEVIIA

14 avenue de l’Europe, 77144 Montevrain

support@leviia.com

I hereby give notice of withdrawal from the contract relating to the order for the following Services:

• Ordered on …………………………………………………………………….
• Order number: …………………………………………………..
• Customer name: ………………………………………………………………….
• Customer address: …………………………………………………………….

Date and place: ……………………………

Customer’s signature :