EDI policy terms and conditions

The following terms and conditions shall apply with regard to the use and exchange of EDI messages between the parties in addition to the terms and conditions of the distribution agreement.

"EDI message" means an EDI message that consists of a set of segments structured using an agreed-upon standard, prepared in a computer-readable format, and capable of being automatically and unambiguously processed.

"Parties" means the applicable Adobe contracting entity to the distribution agreement and the distributor.


The Parties to a distribution agreement undertake to implement and maintain security procedures and measures to ensure the protection of EDI messages against the risks of unauthorized access, alteration, delay, destruction, or loss.

Security procedures and measures include verification of origin, verification of integrity, nonrepudiation of origin and receipt, and confidentiality of EDI messages.

Security procedures and measures for verification of origin and integrity to identify the sender of any EDI message and to ascertain that any EDI message received is complete and has not been corrupted are mandatory for any EDI message. Where required, additional security procedures and measures may be agreed upon between the Parties.

If the use of security procedures and measures results in the rejection or detection of an error in an EDI message, the receiver shall inform the sender thereof, within one business day.

The receiver of an EDI message that has been rejected or that contains an error shall not act upon the EDI message before receiving instructions from the sender. When a rejected or erroneous EDI message is retransmitted by the sender, the EDI message should clearly state that it is a corrected EDI message.

Confidentiality and protection of personal data

The Parties shall ensure that EDI messages containing information specified to be confidential by the sender or agreed mutually to be confidential between the Parties are maintained in confidence and are not disclosed or transmitted to any unauthorized persons nor used for any purposes other than those intended by the Parties.

When authorized, further transmission of such confidential information shall be subject to the same degree of confidentiality.

EDI messages shall not be regarded as containing confidential information to the extent that such information is in the public domain.

The parties may agree to use a specific form of protection for certain messages such as a method of encryption to the extent permitted by law in either of their respective countries.

Where EDI messages or other data transmitted to the other Party include personal data, such data shall be received, processed, and stored in accordance with the terms of the distribution agreement between the Parties, and the receiving Party agrees to comply with same for its processing of the data. EDI messages with personal data originating in the European Economic Area (EEA) and transmitted to the receiving Party outside the EEA shall be processed by the receiving Party in accordance with a "safe harbour" arrangement or by adhering to the terms of a separate model data transfer agreement (as published by the European Commission).

Recording and storage of EDI messages

A complete and chronological record of all EDI messages exchanged by the Parties in the course of a trade transaction shall be stored by each Party, unaltered and securely, in accordance with the time limits and specifications prescribed by the legislative requirements of its own national law, and, in any event, for a minimum of seven (7) years following completion of the transaction.

EDI messages shall be stored by the sender in the transmitted format and by the receiver in the format in which they are received.

Parties shall ensure that electronic or computer records of the EDI messages shall be readily accessible and are capable of being reproduced in a human-readable form and of being printed, if required. Any operational equipment required in this connection shall be retained.

If local country legislation requires or allows for the exchange of summary statement invoices, each Party shall be responsible for providing such summary statements to the other Party in accordance with such legislation.

Operational requirements for EDI

The parties undertake to implement and maintain the operational environment to operate EDI according to these terms and conditions, which include but are not limited to the following.

Operational equipment

The Parties shall provide and maintain the equipment, software, and services necessary to transmit, receive, translate, record, and store EDI messages.

Means of communication

The Parties shall determine the means of communication to be used, including the telecommunication protocols and, if required, the choice of third-party service providers.

EDI message standards

All EDI messages shall be transmitted in accordance with the UN/EDIFACT standards, recommendations, and procedures (UN/EDIFACT Syntax Rules ISO 9735 - EN 29735, UN/EDIFACT TDED ISO 7372 - EN 27372, the UNTDID [United Nations trade data interchange directory] including the UN/EDIFACT message design guidelines, syntax implementation guidelines, data elements directory, code list, composite data elements directory, standard segments directory, UNSMs directory, and UNCID) as approved by the United Nations Economic Commission for Europe (UN/ECE-NP 4) and with European Union standards and legislation.


Data element code lists referred to in EDI messages shall include UN/EDIFACT-maintained code lists, international code lists issued as ISO international standards, and UN/ECE or other officially published code lists.

Where such code lists are not available, preference shall be given to the use of code lists published, maintained, and ensuring correspondence with other coding systems.

Technical specifications and requirements

Either Party shall be responsible for defining in writing the technical, organizational, and procedural specifications and requirements to conduct their respective EDI transmissions according to these terms and conditions, which should include the following:

  • Operational requirements for EDI, as referred to above including operational equipment, means of communication, and EDI message standards and codes
  • Processing and acknowledgement of EDI messages
  • Security of EDI messages
  • Recording and storage of EDI messages
  • Time limits
  • Procedures for tests and trials to establish and monitor the adequacy of the technical specifications and requirements

Upon request from either Party, the other Party shall provide the requesting Party a copy of its written technical specifications and requirements as defined above.

Without prejudice to the above-stated obligations, the Parties may establish joint technical specifications and requirements, which shall be in writing and become an integral part of this Agreement.