Privacy Policy and Terms of Use
Notice Of Privacy Practices THIS NOTICE DESCRIBES HOW DENTAL/ MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
TeleDentistry.com’s Commitment To Your Privacy
Teledentistry.com, is dedicated to maintaining the privacy of your protected health information (‘PHI’). PHI is information about you that may be used to identify you (such as your name, social security number or address), and that relates to (a) your past, present or future physical or mental health or condition, (b) the provision of health care to you, or (c) your past, present, or future payment for the provision of health care. In conducting its business, Teledentistry.com will receive and create records containing your PHI. Teledentistry.com is required by law to maintain the privacy of your PHI and to provide you with notice of its legal duties and privacy practices with respect to your PHI. Teledentistry.com must abide by the terms of this Notice while it is in effect. This current Notice takes effect on June 1st 2017, and will remain in effect until Teledentistry.com replaces it. Teledentistry.com reserves the right to change the terms of this Notice at any time, as long as the changes are in compliance with applicable law. If Teledentistry.com changes the terms of this Notice, the new terms will apply to all PHI that it maintains, including PHI that was created or received before such changes were made. If Teledentistry.com and affiliates changes this Notice, it will post the new Notice on its Web site and will make the new Notice available upon request.
Uses And Disclosures Of PHI
Teledentistry.com may use and disclose your PHI in the following ways:
- Treatment, Payment and Health Care Operations. Teledentistry.com and affiliates is permitted to use and disclose your PHI for purposes of (a) treatment, (b) payment and (c) health care operations. For example: Treatment. Teledentistry.com and affiliates may disclose your PHI to another dentist or healthcare provider for purposes of a consult or in connection with the provision of follow-up treatment.
Electronic Communication
Patients who utilize the services of Teledentistry.com agree to receiving communications with them by phone, voicemail, email or text. Teledentistry.com, respects your right to confidential communications about your protected health information (PHI) as well as your right to direct how those communications occur. Our email and texting methods are HIPAA compliant as verified by our service provider however, email and texting can be inherently insecure as a method of communication. We will only communicate with you by email or text at the email address or phone number you provide to us in your sign up form. Please be aware that if you have an email account through your employer, your employer may have access to your email. When you consent to communicating with us by email or text you are consenting to email and texting communications that may not be encrypted. As well voicemail or answering machine messages may be intercepted by others. Therefore, you are agreeing to accept the risk that your protected health information may be intercepted by persons not authorized to receive such information when you consent to communicating with us through phone, voicemail, email or text. Teledentistry.com will not be responsible for any privacy or security breaches that may occur through voicemail, email or text communications that you have consented to. If you choose not agree to these terms, then we will not be able to provide services to you through our platform. Payment. Teledentistry.com and affiliates may use and disclose your PHI to your health insurer or health plan in connection with the processing and payment of claims and other charges. Dental Care Operations. Teledentistry.com may use and disclose your PHI in connection with its health care operations, such as providing customer services and conducting quality review assessments. Teledentistry.com may engage third parties to provide various services for Teledentistry.com. If any such third party must have access to your PHI in order to perform its services, Teledentistry.com will require that third party to enter an agreement that binds the third party to the use and disclosure restrictions outlined in this Notice. Following up on routine care. Users of Teledentistry.com’s services and redeemers of promotional items agree to having Teledentistry.com follow up with their dental office in order to ensure that appointments are being kept. Authorization. Teledentistry.com is permitted to use and disclose your PHI upon your written authorization, to the extent such use or disclosure is consistent with your authorization. You may revoke any such authorization at any time and with express notice through writing to Teledentistry.com. Teledentistry.com may use and disclose your PHI to the extent required by law.
Special Circumstances
The following categories describe unique circumstances in which Teledentistry.com may use or disclose your PHI:
-
- Public Health Activities. Teledentistry.com may disclose your PHI to public health authorities or other governmental authorities for purposes including preventing and controlling disease, reporting child abuse or neglect, reporting domestic violence and reporting to the Food and Drug Administration regarding the quality, safety and effectiveness of a regulated product or activity. Teledentistry.com may, in certain circumstances disclose PHI to persons who have been exposed to a communicable disease or may otherwise be at risk of contracting or spreading a disease or condition.
Your Rights Regarding Your PHI
You have the following rights regarding the PHI maintained by Teledentistry.com:
-
- Confidential Communication. You have the right to receive confidential communications of your PHI. You may request that Teledentistry.com communicate with you through alternate means or at an alternate location, and Teledentistry.com will accommodate your reasonable requests. You must submit your request in writing to Teledentistry.com.
Terms Of Data Use and Privacy Policy
Teledentistry.com respects the privacy of its members and of its web site users. We are happy to share our policy regarding privacy information that is collected and how that data is used. Teledentistry.com has developed several systems and manages the data for this site. Teledentistry.com also licenses specific third party softwares that are HIPAA compliant for handling a variety of different services for our patients. All data is stored in encrypted format that exceeds standards defined by HIPAA. All data transfer is executed using similar standards that meet or exceed HIPAA, and no data is transferred to users that do not have specific data access keys. The importance of security for all personal information associated with you is of utmost concern to us. At Teledentistry.com, we exercise state of the art care in providing secure transmission of your information from your internet enabled device to our servers. Personal information collected by our web site is stored in secure operating environments that are not available to the public. Only those employees who need access to your information in order to do their jobs are allowed access, each having signed confidentiality agreements. Any employee who violates our privacy or security policies is subject to disciplinary action, including possible termination and civil and/or criminal prosecution. Any information that you submit to us through our website – whether a survey, registration form or e-mail will be used exclusively by the consulting dentists and only for the specific reason for which you submitted it. We take every reasonable precaution to protect your personal information including encryption and passwords when appropriate. Teledentistry.com are the sole owner of the information collected on this site. We will not sell, share or lease this information to others. Teledentistry.com does not sell any customer lists or e-mail addresses cookies or other data. Cookies are data stored on the user’s hard drive containing information about the user. Usage of a cookie is not linked to any personally identifiable information while visiting the Teledentistry.com site. Once users close their browser, cookies simply terminate. Teledentistry.com software never uses Cookies to retrieve information from your computer that was not originally sent in a Cookie. Except as described in this Policy, we do not use information transferred through Cookies for any promotional or marketing purposes, nor is that information shared with any third parties whatsoever. Acceptance By using this site and the Teledentistry.com service, you signify your acceptance of the Teledentistry.com Privacy Policy. If you do not agree to this policy, you should not use our service. If Teledentistry.com decides to change the Privacy Policy, we will post those changes prominently so users are always aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. We do, however, recommend that you read this Privacy Policy each time you use our web site in case you missed our notice of changes to the Privacy Policy. Your continued use of the services and site following the posting of changes to these terms will mean you accept those changes. Teledentistry.com welcomes your questions and comments about privacy and this policy. Please contact us if you have any questions about our policies or our site.
Refund Policy
Refunds must be submitted via email and must be within 30-days of the billing date. No refunds allowed for past billing cycles.
Terms & Conditions for Dental Consults
Terms
Patients who wish to access Teledentistry.com must be fully qualified as existing patients of Teledentistry.com either through a relationship between Teledentistry.com and the insurance carrier’s products the patient has purchased or through a relationship with Teledentistry.com and the employer who has opted into receiving Teledentistry.com services. The services may be accessed as soon as Teledentistry.com has received completed forms and paperwork from the patient including but not limited to the transferring of protected health information, complete medical and dental history and the formal document which creates the patient doctor relationship between the policyholder and Teledentistry.com.
Conditions
-
- By requesting a dental consultation, you are entering into a doctor/patient relationship with the dentists of Teledentistry.com and Teladentist PC Inc. which shall be a provider of dental services to you, and you agree to pay for dental consultations at the time a dental consultation is requested, unless payment arrangements have been established through your employer, association, or other entity.
To view our privacy policy and terms of use
Services
-
- Teledentistry.com Dentists(s) does not replace the existing patient dentist relationship.
-
- Teledentistry.com is not an insurance product nor a prescription fulfillment warehouse.
-
- Teledentistry.com Dentists(s) reserve the right to deny care for potential misuse of services.
- Teledentistry.com operates subject to state regulations and may not be available in your state.
- Teledentistry.com and the Teledentistry.com logo are registered trademarks of Teladentist PC, Inc. and may not be used without written permission.
Non-Discrimination Policy
Teledentistry.com believes that everyone should be treated equally regardless of race, sex, gender identification, sexual orientation, national origin, native language, religion, age, disability, marital status, citizenship, genetic information, pregnancy, or any other characteristic protected by law. Every employee has the right to work in a professional environment where their knowledge, skills, and abilities are the critical factors in their success.Teledentistry.com expects all employees to maintain standards of propriety, promote equal opportunity, treat everyone professionally, and act without bias.Teledentistry.com has a zero-tolerance policy for sexual harassment or discrimination, racial harassment or discrimination, or any other form of harassment and discrimination (religious, language, sexual orientation, etcetera). Teledentistry.com believes everyone has the right to work. An employee with a disability who can perform the core functions of the jobs, with or without reasonable accommodation, is entitled to the same protection and respect asother employees.Teledentistry.com prohibits retaliation against any person who files a complaint against harassment or discrimination. We encourage employees to come forward and participate in investigations. Telendentistry.com will make all reasonable efforts to keep investigations confidential, and to protect people who make complaints.
Prescriptions
-
- Teledentistry.com Dentists(s) do not prescribe DEA controlled substances, non-therapeutic drugs and certain other drugs which may be harmful because of their potential for abuse.
- Teledentistry.com Dentists(s) does not guarantee that a prescription will be written.
- Teledentistry.com Dentists(s) operates subject to state regulations and may not be available in your state.
Statistics
-
- Statistics cited in this website are based on Teledentistry.com’s data and surveys unless otherwise indicated and a source has been identified. Dentists(s) reporting and member surveys and are subject to change without notice. Individual results may vary.
To view our privacy policy and terms of use
Teledentistry.com does not take the place of your current dentist. Please note all users of www.Teledentistry.com services are subject to the following: Patients will not be excluded as a participant in the videoconference as long as they meet the qualifications established for participation. Qualifications include a dental insurance policy that we are accepting for this service. Dental consultations maybe billed to the dental insurance or the member directly. Prescriptions maybe written but they are done so at the discretion and judgement of the dentist conducting the videoconference. By registering on our site, the registrant is agreeing to be contacted by a local dentist for follow up care. Once a referral to a local dentist has been made, Teledentistry.com does not dictate how services are provided nor are we responsible for what services are ultimately rendered by the treating dentist or the quality of the same services. Teledentistry.com is also not responsible for repercussions of neglected dental treatment on the part of the patient whether they visit the local dentist for follow up care or not. Teledentistry.com selects providers to whom referrals are made based on the information the dentists have provided to us and referrals are based on the proximity of their location to that of the patient calling in. All services are not available in all areas. Videoconference capability is reliant on the recipient having a reliable internet connection and an internet enabled device that is capable of transmitting audio and video simultaneously. Teledentistry.com is not responsible for the quality of the internet connection at the recipients device.
EULA – Wisdom AI
STANDARD CONTRACT FOR AWS MARKETPLACE
- Scope
- Terms and This Standard Contract for AWS Marketplace (the “Standard Contract”) sets forth the terms and conditions applicable to the licensing of Software from the licensor (“Licensor”) by the Party subscribing to the Software (“Buyer”) through the AWS Marketplace, whether deployed via AMI or SaaS, via a Standard Contract Listing. The offer of the Software as a Standard Contract Listing on the AWS Marketplace, and Buyer’s purchase of the corresponding Subscription on the AWS Marketplace, constitutes each Party’s respective acceptance of this Standard Contract and their entry into this Agreement (defined below). Unless defined elsewhere in this Standard Contract, terms in initial capital letters have the meanings set forth in Section 13. Buyer and Licensor may be referred to collectively as the “Parties” or individually as a “Party”.
- Software Subscription. Buyer will subscribe to a Subscription as set forth in the Standard Contract Listing in accordance with this Agreement. Licensor will supply and sell the Subscription to Buyer, or Buyer may purchase the Subscription from Licensor’s authorized reseller (“Reseller”). A Subscription, as described in the applicable Standard Contract Listing, may be for Software deployed via AMI (“AMI Software”) or Software deployed via SaaS (“SaaS Software”). Software may be targeted for specific geographic regions, and Support Services may vary by geography as set forth in the applicable Standard Contract Listing. A Subscription may be provided on a Metered Pricing, Entitlement Pricing or other basis through the functionality available through AWS Services. The fee or rate for the Subscription is set forth in the applicable Standard Contract Listing. For Subscriptions provided on a Metered Pricing basis, upon request by Buyer, Licensor will provide sufficient documentation from its books and records to allow Buyer to verify the metered usage charged to Buyer for the Subscription.
- Each Party will be responsible, as required under applicable Law, for identifying and paying all taxes and other governmental fees and charges (and any penalties, interest and other additions thereto) that are imposed on that Party upon or with respect to the transactions and payments under this Agreement. Applicable taxes and duties may be due in addition to the fees or rates payable by Buyer. Licensor may charge and Buyer will pay, where applicable, national, state or local sales or use taxes, or value added or goods and services tax, or withholding or other taxes (“Taxes”). Where required by local legislation, Amazon Web Services, Inc. may charge for Taxes in its own name for Subscriptions made by Buyers on the AWS Marketplace, and Buyer will pay such Taxes. Buyer will receive a compliant tax invoice, where required. Licensor will be responsible for all other taxes or fees arising (including interest and penalties) from transactions and the documentation of transactions under this Agreement. Upon request, Buyer will provide such information to Licensor as reasonably required to determine whether Licensor is obligated to collect Taxes from Buyer. Licensor will not collect (or will refund to Buyer), and Buyer will not be obligated to pay (or will be entitled to a refund from Licensor), any such Tax or duty for which Buyer furnishes Licensor a properly completed exemption certificate or a direct payment permit certificate or for which Licensor claims an available exemption from Tax. Licensor will provide Buyer with any forms, documents or certifications as may be required for Buyer to satisfy any information reporting or withholding tax obligations with respect to any payments under this Agreement.
- Each Subscription is subject to and governed by this Standard Contract, the applicable Standard Contract Listing, the terms and conditions of the NDA (if any), the Privacy and Security Terms for SaaS Subscriptions, and any amendments to any of the foregoing as may be agreed upon by the Parties, which together constitute the agreement between Buyer and Licensor (the “Agreement”). Each Subscription is a separate agreement between Buyer and Licensor. In the event of any conflict between the terms and conditions of the various components of this Agreement, the following order of precedence will apply: (a) any amendment agreed upon by the parties; (b) the Privacy and Security Terms for SaaS Subscriptions; (c) the NDA (if any); (d) this Standard Contract; and (e) the Standard Contract Listing.
2. Licenses.
- Licensed
- If the Subscription is for AMI Software, Licensor hereby grants to Buyer, subject to Section 1.3, a nonexclusive, worldwide (subject to Section 12.6), nontransferable (except in connection with an assignment permitted under Section 12.2 or a divestiture permitted under Section 12.3), non-terminable (except as provided in Section 10) license under all Proprietary Rights in and to the AMI Software and AMI Image, to deploy, operate and use the AMI Software and AMI Image under Buyer’s own AWS Services account on AWS Services infrastructure in accordance with the applicable Standard Contract Listing and to allow its Users to access and use the AMI Software and AMI Image as so deployed.
- If the Subscription is for SaaS Software, Licensor hereby grants to Buyer, subject to Section 1.3, a nonexclusive, worldwide (subject to Section 12.6), nontransferable (except in connection with an assignment permitted under Section 12.2or a divestiture permitted under Section 12.3), non-terminable (except as provided in Section 10) license under all Proprietary Rights in and to the SaaS Software and SaaS Service, to access, receive and use the SaaS Software and SaaS Service in accordance with the applicable Standard Contract Listing and to allow its Users to access, receive and use the SaaS Software and SaaS Service.
- Buyer may use the Software and, as applicable, the AMI Image or SaaS Service, only: in support of the internal operations of Buyer’s and its Affiliates’ business(es) or organization(s), in connection with Buyer’s and its Affiliates’ products and services (but, for clarity, not as a stand-alone product or service of Buyer or its Affiliates), and in connection with Buyer’s and its Affiliate’s interactions with Users.
- Buyer may make a reasonable number of copies of the Documentation as necessary to use such Software, and as applicable the AMI Image, in accordance with the rights granted under this Agreement, provided that Buyer includes all proprietary legends and other notices on all Licensor retains all rights not expressly granted to Buyer under this Agreement.
- Affiliates and Contractors. With respect to Affiliates and Contractors that Buyer allows to use the Licensed Materials: (a) Buyer remains responsible for all obligations hereunder arising in connection with such Affiliate’s or Contractor’s use of the Licensed Materials; and (b) Buyer agrees to be directly liable for any act or omission by such Affiliate or Contractor to the same degree as if the act or omission were performed by Buyer such that a breach by an Affiliate or a Contractor of the provisions of this Agreement will be deemed to be a breach by The performance of any act or omission under this Agreement by an Affiliate or a Contractor for, by or through Buyer will be deemed the act or omission of Buyer.
- Except as specifically provided in this Agreement, Buyer and any other User of any Licensed Materials, in whole or in part, may not: (a) copy the Licensed Materials, in whole or in part; (b) distribute copies of Licensed Materials, in whole or in part, to any third party; (c) modify, adapt, translate, make alterations to or make derivative works based on Licensed Materials or any part thereof; (d) except as permitted by Law, decompile, reverse engineer, disassemble or otherwise attempt to derive source code from the Software; (e) use, rent, loan, sub-license, lease, distribute or attempt to grant other rights to any part of the Licensed Materials to third parties; (f) use the Licensed Materials to act as a consultant, service bureau or application service provider; or (g) permit access of any kind to the Licensed Materials to any third party.
- Open Source Subject to the requirements of Section 5.1(d), Software may contain or be provided with components that are subject to the terms and conditions of “open source” software licenses (“Open Source Software”). If Buyer’s use of the Software subjects Buyer to the terms of any license governing the use of Open Source Software, then information concerning such Open Source Software and the applicable license must be incorporated or referenced in the Standard Contract Listing or Documentation. To the extent required by the license to which the Open Source Software is subject, the terms of such license will apply in lieu of the terms of this Agreement with respect to such Open Source Software, including without limitation, any provisions governing attribution, access to source code, modification and reverse-engineering.
- No Additional No shrink-wrap, click-acceptance or other terms and conditions outside this Agreement provided with any Licensed Materials or any part thereof (“Additional Terms”) will be binding on Buyer or its Users, even if use of the Licensed Materials, or any part thereof, requires an affirmative “acceptance” of such Additional Terms before access to or use of the Licensed Materials, or any part thereof, is permitted. All such Additional Terms will be of no force or effect and will be deemed rejected by Buyer in their entirety. For clarity, the Software, Subscription type (AMI or SaaS), fee structure (Entitlement Pricing or Metered Pricing), technical requirements for use of the Software, Support Services, as well as any information regarding Open Source Software set forth or referenced in the Standard Contract Listing or Documentation, are not Additional Terms subject to this Section.
- High-Risk The Software is not designed or developed for use in high-risk, hazardous environments requiring fail-safe performance, including without limitation in the operation of nuclear facilities, aircraft navigation or control systems, air traffic control, or weapons systems, or any other application in which the failure of the Software could lead to severe physical or environmental damages (“High Risk Activities”). Buyer will not use the Software for High Risk Activities.
3. Services.
- SaaS Service. If Buyer is purchasing a SaaS Subscription, Licensor will provide the SaaS Service to Buyer in accordance with the Standard Contract Listing promptly following purchase of the Subscription and continuing until completion of the Subscription. Licensor will provide Buyer all license keys, access credentials and passwords necessary for access and use of the Software and SaaS Service (“Keys”) as set forth in the Standard Contract Listing.
- Support Licensor will provide sufficient Documentation to allow a reasonably competent user to access and use the Software, and Licensor will provide Support Services to Buyer in accordance with the support plan set forth or incorporated into the Standard Contract Listing.
4. Proprietary Rights.
- Licensed Subject to the licenses granted herein, Licensor will retain all right, title and interest it may have in and to the Licensed Materials, including all Proprietary Rights therein. Nothing in this Agreement will be construed or interpreted as granting to Buyer any rights of ownership or any other proprietary rights in or to the Licensed Materials.
- If Buyer provides any suggestions, ideas, enhancement requests, recommendations or feedback regarding the Licensed Materials or Support Services (“Feedback”), Licensor may use and incorporate Feedback in Licensor’s products and services. Buyer will have no obligation to provide Feedback, and all Feedback is provided by Buyer “as is” and without warranty of any kind.
5. Warranties.
- Licensed Materials. Licensor represents and warrants that: (a) for Subscriptions with Entitlement Pricing, the Software, and as applicable the AMI Image or SaaS Service, will conform, in all material respects, to the Documentation during the Warranty Period; (b) AMI Software will not contain any automatic shut-down, lockout, “time bomb” or similar mechanisms that could interfere with Buyer’s exercise of its rights under this Agreement (for clarity, the foregoing does not prohibit license keys that expire at the end of the Subscription); (c) Licensor will use industry standard practices designed to detect and protect the Software against any viruses, “Trojan horses”, “worms”, spyware, adware or other harmful code designed or used for unauthorized access to or use, disclosure, modification or destruction of information within the Software or interference with or harm to the operation of the Software or any systems, networks or data, including as applicable using anti-malware software and keeping the anti-malware software up to date prior to making the Software (including any Software provided through Support Services) available to Buyer, and for SaaS Software, scanning the SaaS Software on a regular basis; (d) the Software, and Buyer’s use thereof as permitted under this Agreement, will not be subject to any license or other terms that require that any Buyer Data, Buyer Materials or any software, documentation, information or other materials integrated, networked or used by Buyer with the Software, in whole or in part, be disclosed or distributed in source code form, be licensed for the purpose of making derivative works, or be redistributable at no charge; and (e) the Software, and as applicable the AMI Image or SaaS Service, will conform, to the extent applicable, with then-current Web Content Accessibility Guidelines (WCAG) and any other applicable accessibility Laws.
- Licensor represents and warrants that the Services will be performed in a professional manner with a level of care, skill and diligence performed by experienced and knowledgeable professionals in the performance of similar services.
- If any Software or Service fails to conform to the foregoing warranties, Licensor promptly will, at its option and expense, correct the Software and re-perform the Services as necessary to conform to the warranties. If Licensor does not correct the Software or re-perform the Services to conform to the warranties within a reasonable time, not to exceed 30 days, as Buyer’s sole remedy and Licensor’s exclusive liability (except as provided in Section 9), Buyer may terminate the Subscription and this Agreement without further liability and Licensor will provide Buyer with a refund of any fees prepaid to Licensor by Buyer, prorated for the unused portion of the Subscription, as well as, if applicable, any service credits available under Licensor’s Support Services or other policies.
- Special Remedy for Certain Entitlement Pricing This Section applies only to a Subscription with Entitlement Pricing that is $100,000 or more other than an Excluded Subscription. “Excluded Subscription” means a Subscription: (a) with Metered Pricing; (b) for software for which Licensor also offers free trial use, whether subject to the Standard Contract or other terms and conditions; (c) that is a renewal of an expiring subscription, or a new subscription for software previously licensed from Licensor by Buyer, whether on a paid, free or trial basis, and whether subject to the Standard Contract or other terms and conditions; or (d) that increases the quantity of Buyer’s then-current use of such software (e.g., additional hosts, CPU capacity, users or other metric of quantity). If, for any Subscription with Entitlement Pricing that is $100,000 or more other than an Excluded Subscription, Buyer reports a breach of the warranty set forth in Section 5.1(a) during the first 30 days of the Warranty Period, and if, following the process set forth in Section 5.3, the Software does not operate as warranted under Section 5.1(a), then as Buyer’s sole remedy and Licensor’s exclusive liability in lieu of the remedy available under Section 5.3, Buyer may terminate the Subscription or this Agreement without further liability and Licensor will provide Buyer with a full refund of all fees paid to Licensor by Buyer for the Subscription.
- Warranty Exclusions. Licensor will have no liability or obligation with respect to any warranty to the extent attributable to any: (a) use of the Software by Buyer in violation of this Agreement or applicable Law; (b) unauthorized modifications to the Licensed Materials made by Buyer or its Personnel; (c) use of the Software in combination with third-party equipment or software not provided or made accessible by Licensor or contemplated by the Standard Contract Listing or Documentation; or (d) use by Buyer of Software in conflict with the Documentation, to the extent that such nonconformity would not have occurred absent such use or modification by Buyer.
- Compliance with Laws. Each Party represents and warrants that it will comply with all applicable international, national, state and local laws, ordinances, rules, regulations and orders, as amended from time to time (“Laws”) applicable to such Party in its performance under this Agreement.
- Power and Authority. Each Party represents and warrants that: (a) it has full power and authority to enter in and perform this Agreement and that the execution and delivery of this Agreement has been duly authorized; and (b) this Agreement and such Party’s performance hereunder will not breach any other agreement to which the Party is a party or is bound or violate any obligation owed by such Party to any third party.
- EXCEPT FOR THE WARRANTIES SPECIFIED IN THIS AGREEMENT, NEITHER PARTY MAKES ANY WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, REGARDING THE LICENSED MATERIALS, SERVICES, BUYER MATERIALS AND BUYER DATA, AND EACH PARTY HEREBY DISCLAIMS ALL OTHER WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION, WARRANTIES OF MERCHANTABILITY, FITNESS
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. Licensor does not warrant: (a) that the
Licensed Materials will meet Buyer’s requirements; or (b) that the operation of the Software will be uninterrupted or error free.
6. Confidentiality.
- Confidential Information. “Confidential Information” means any nonpublic information directly or indirectly disclosed by either Party (the “Disclosing Party”) to the other Party (the “Receiving Party”) or accessible to the Receiving Party pursuant to this Agreement that is designated as confidential or that, given the nature of the information or the circumstances surrounding its disclosure, reasonably should be considered as confidential, including without limitation technical data, trade secrets, know-how, research, inventions, processes, designs, drawings, strategic roadmaps, product plans, product designs and architecture, security information, marketing plans, pricing and cost information, marketing and promotional activities, business plans, customer and supplier information, employee and User information, business and marketing plans, and business processes, and other technical, financial or business information, and any third party information that the Disclosing Party is required to maintain as confidential. Confidential Information will not, however, include any information which: (a) was publicly known or made generally available to the public prior to the time of disclosure; (b) becomes publicly known or made generally available after disclosure through no fault of the Receiving Party; (c) is in the possession of the Receiving Party, without restriction as to use or disclosure, at the time of disclosure by the Disclosing Party; (d) was lawfully received, without restriction as to use or disclosure, from a third party (who does not have an obligation of confidentiality or restriction on use itself); or (e) is developed by the Receiving Party independently from this Agreement and without use of or reference to the Disclosing Party’s Confidential Information or Proprietary Rights. Except for rights expressly granted in this Agreement, each Party reserves all rights in and to its Confidential Information. The Parties agree that the Licensed Materials are Confidential Information of Licensor.
- The Parties will maintain as confidential and will avoid disclosure and unauthorized use of Confidential Information of the other Party using reasonable precautions. Each Party will protect such Confidential Information with the same degree of care that a prudent person would exercise to protect its own confidential information of a like nature, and to prevent the unauthorized, negligent, or inadvertent use, disclosure, or publication thereof or access thereto. Each Party will restrict Confidential Information to individuals who need to know such Confidential Information and who are bound to confidentiality obligations at least as protective as the restrictions described in this Section 6. Except as necessary for the proper use of the Software, the exercise of a Party’s rights under this Agreement, performance of a Party’s obligations under this Agreement or as otherwise permitted under this Agreement, neither Party will use Confidential Information of the other Party for any purpose except in fulfilling its obligations or exercising its rights under this Agreement. Each Party will promptly notify the other Party if it becomes aware of any unauthorized use or disclosure of the other Party’s Confidential Information, and reasonably cooperate with the other Party in attempts to limit disclosure.
- Compelled Disclosure. If and to the extent required by law, including regulatory requirements, discovery request, subpoena, court order or governmental action, the Receiving Party may disclose or produce Confidential Information but will give reasonable prior notice (and where prior notice is not permitted by applicable Law, notice will be given as soon as the Receiving Party is legally permitted) to the Disclosing Party to permit the Disclosing Party to intervene and to request protective orders or confidential treatment therefor or other appropriate remedy regarding such disclosure. Disclosure of any Confidential Information pursuant to any legal requirement will not be deemed to render it non-confidential, and the Receiving Party’s obligations with respect to Confidential Information of the Disclosing Party will not be changed or lessened by virtue of any such disclosure.
- Buyer and Licensor may agree that a separate nondisclosure agreement between Buyer and Licensor (or the respective Affiliates of Buyer and Licensor) (“NDA”) will apply to the Subscription, in which case the terms and conditions thereof are incorporated herein by reference and will apply instead of subsections 6.1 through 6.3 of this Section 6.
- Additional SaaS Service Obligations and This Section 7 applies to Subscriptions for SaaS Software and SaaS Service only.
- Acceptable Buyer will not intentionally use the SaaS Software or SaaS Service to: (a) store, download or transmit infringing or illegal content, or any viruses, “Trojan horses” or other harmful code; (b) engage in phishing, spamming, denial-of-service attacks or fraudulent or criminal activity; (c) interfere with or disrupt the integrity or performance of the Software or data contained therein or on Licensor’s system or network; or (d) perform penetration testing, vulnerability testing or other security testing on the Software or Licensor’s systems or networks or otherwise attempt to gain unauthorized access to the Software or Licensor’s systems or networks.
7.2 Buyer Data and Buyer Materials.
- Buyer is and will continue to be the sole and exclusive owner of all Buyer Materials, Buyer Data and other Confidential Information of Buyer, including all Proprietary Rights Nothing in this Agreement will be construed or interpreted as granting to Licensor any rights of ownership or any other proprietary rights in or to the Buyer Data and Buyer Materials.
- Buyer will obtain all necessary consents, authorizations and rights and provide all necessary notifications in order to provide Buyer Data to Licensor and for Licensor to use Buyer Data in the performance of its obligations in accordance with the terms and condition of this Agreement, including any access or transmission to third parties with whom Buyer shares or permits access to Buyer Data.
- The Parties agree that Buyer Data and Buyer Materials are Confidential Information of Buyer. Buyer hereby grants to Licensor a nonexclusive, nontransferable (except in connection with an assignment permitted under Section 2), revocable license, under all Proprietary Rights, to reproduce and use Buyer Materials and Buyer Data solely for the purpose of, and to the extent necessary for, performing Licensor’s obligations under this Agreement. In no event will Licensor access, use or disclose to any third party any Buyer Data or any Buyer Materials for any purpose whatsoever (including, without limitation, the marketing of Licensor’s other products or services) other than as necessary for the purpose of providing the Software and Services to Buyer and performing its obligations under this Agreement. Licensor will not aggregate, anonymize or create any data derivatives of Buyer Data other than as necessary to provide the Software or Services and to perform its obligations in accordance with the terms and conditions of this Agreement.
- Buyer will have full access to, and has the right to review and retain, the entirety of Buyer Data contained in the At no time will any computer or electronic records containing Buyer Data be stored or held in a form or manner not readily accessible to Buyer through the ordinary operation of the Software. Licensor will provide to Buyer all passwords, codes, comments, keys and documentation necessary for such access and use of the Software, and Buyer will be entitled to delete, or have Licensor delete, Buyer Data as expressly specified by Buyer.
- System Data. To the extent that System Data identifies or permits, alone or in conjunction with other data, identification, association, or correlation of or with Buyer, its Affiliates, Users, customers, suppliers or other persons interacting with any of the foregoing, or any Confidential Information of Buyer or any device as originating through or interacting with Buyer or its Affiliates (“Identifiable System Data”), Licensor may only collect and use Identifiable System Data internally to provide and improve the Software and Services and Licensor’s other products and services. Licensor will not target any data analysis at, or otherwise use any Identifiable System Data to derive or attempt to derive information regarding, Buyer and its Affiliates, their businesses, operations, finances, users, customers, prospective customers, suppliers or other persons interacting with Buyer and its Affiliates. Licensor will not target any development efforts, marketing, communications or promotions arising from its use of Identifiable System Data at Buyer and its Affiliates or any other person on the basis of the intended recipient’s relationship with Buyer or any of its Affiliates. Licensor will not use or disclose any Identifiable System Data for any other purpose unless otherwise agreed in writing by the Parties.
- Use of Other Data. Notwithstanding the foregoing, nothing in this Agreement will restrict: (a) Licensor’s use of System Data or data derived from System Data that does not identify or permit, alone or in conjunction with other data, identification, association, or correlation of or with (i) Buyer, its Affiliates, Users, customers, suppliers or other persons interacting with Buyer and its Affiliates or any Confidential Information of Buyer, or (ii) any device (e.g. computer, mobile telephone, or browser) used to access or use the Software as originating through Buyer or its Affiliates or interacting with Buyer or its Affiliates; or (b) either Party’s use of any data, records, files, content or other information related to any third party that is collected, received, stored or maintained by a Party independently from this Agreement.
- Licensor will, consistent with industry standard practices, implement and maintain physical, administrative and technical safeguards and other security measures: (a) to maintain the security and confidentiality of Buyer Data; and (b) to protect Buyer Data from known or reasonably anticipated threats or hazards to its security, availability and integrity, including accidental loss, unauthorized use, access, alteration or disclosure. Without limiting the foregoing, Licensor will provide the SaaS Services in compliance with the Security Addendum attached hereto.
7.6 Data Protection Legislation.
- Each Party will comply with all data protection Laws, and any implementations of such Laws, applicable to its performance under this Agreement. The Parties acknowledge and agree that they will consider in good faith implementing any codes of practice and best practice guidance issued by relevant authorities as they apply to applicable country specific data protection Laws or their implementations.
- Without limiting the generality of the foregoing, if Licensor is collecting or furnishing Personal Information to Buyer or if Licensor is processing, storing or transferring Personal Information on behalf of Buyer, then Licensor and Buyer and/or their Affiliate(s), as applicable, will agree to supplemental privacy and security terms consistent with applicable Law, and if the Personal Information is regarding individuals in the European Economic Area, Licensor and Buyer agree to be bound by the attached Data Processing Addendum or other terms and conditions agreed upon by Buyer and Licensor that reflect their respective legal obligations with respect to Personal Information and any applicable data transfer mechanisms. For purposes of this Agreement, “Personal Information” means any information relating to an identified or identifiable natural person; an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to his or her physical, physiological, mental, economic, cultural or social identity or any data, data element or information that is subject to breach notification, data security obligations or other data protection Laws. For the avoidance of doubt, no Personal Information should be processed or transferred under this Agreement without Privacy and Security Terms necessary for compliance with applicable Law.
- Each Party agrees that in the event of a breach or threatened breach of this Section 7, the non-breaching Party will be entitled to injunctive relief against the breaching Party in addition to any other remedies to which the non-breaching Party may be entitled. Either Party may terminate this Agreement immediately upon written notice to the other Party if the other Party breaches any of the provisions set forth in this Section 7.
8. Limitations of Liability.
(a) EITHER PARTY BE LIABLE TO THE OTHER PARTY FOR ANY INDIRECT, SPECIAL, PUNITIVE, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF OR IN CONNECTION WITH THIS AGREEMENT, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES, AND (b) EITHER PARTY’S AGGREGATE LIABILITY UNDER THIS AGREEMENT, WHETHER SUCH DAMAGES ARE BASED IN CONTRACT, TORT OR OTHER LEGAL THEORY, EXCEED THE GREATER OF (i) IN THE CASE OF A SUBSCRIPTION WITH ENTITLEMENT PRICING, THE FEES AND OTHER AMOUNTS PAID AND REQUIRED TO BE PAID BY BUYER FOR THE SUBSCRIPTION, AND, IN THE CASE OF A SUBSCRIPTION WITH METERED PRICING, THE FEES AND OTHER AMOUNTS PAID AND REQUIRED TO BE PAID UNDER THIS AGREEMENT IN THE 12 MONTHS PRECEDING THE EVENT GIVING RISE TO THE DAMAGES, OR (ii) $500,000.
- Exception for Gross Negligence, Willful Misconduct or Fraud. THE EXCLUSIONS OF AND LIMITATIONS ON LIABILITY SET FORTH IN SECTION 1(a) AND (b) WILL NOT APPLY TO A PARTY’S GROSS NEGLIGENCE, WILLFUL MISCONDUCT, OR FRAUD.
- Exception for Certain Indemnification Obligations. THE EXCLUSIONS OF AND LIMITATIONS ON LIABILITY SET FORTH IN SECTIONS 1(a) AND (b) WILL NOT APPLY TO ANY COSTS OF DEFENSE AND ANY AMOUNTS AWARDED AGAINST THE INDEMNIFIED PARTY BY A COURT OF COMPETENT JURISDICTION OR AGREED UPON PURSUANT TO SETTLEMENT AGREEMENT THAT ARE SUBJECT TO SUCH PARTY’S INDEMNIFICATION AND DEFENSE OBLIGATIONS UNDER THIS AGREEMENT.
8.4 Special Cap for Security Breach.
- FOR SAAS SUBSCRIPTIONS, THE EXCLUSIONS OF AND LIMITATIONS ON LIABILITY SET FORTH IN SECTIONS 1(a) AND (b) WILL NOT APPLY TO, AND INSTEAD SECTION
- WILL APPLY TO: (a) BUYER’S COSTS OF INVESTIGATION, NOTIFICATION, REMEDIATION AND MITIGATION RESULTING FROM ANY UNAUTHORIZED ACCESS, USE OR DISCLOSURE OF BUYER DATA RESULTING FROM BREACH OF LICENSOR’S OBLIGATIONS UNDER ANY PRIVACY AND SECURITY TERMS, INCLUDING NOTICE OF BREACH TO AFFECTED INDIVIDUALS, INDUSTRY SELF-REGULATORY AGENCIES, GOVERNMENT AUTHORITIES AND THE PUBLIC, AND CREDIT AND IDENTITY THEFT MONITORING SERVICES FOR AFFECTED INDIVIDUALS AND LICENSOR’S OBLIGATIONS WITH RESPECT THERETO PURSUANT TO SECTION 5; AND (b) ANY LIABILITIES ARISING FROM CLAIMS BROUGHT BY THIRD PARTIES AGAINST BUYER ARISING FROM ANY UNAUTHORIZED ACCESS, USE OR DISCLOSURE OF BUYER DATA RESULTING FROM BREACH OF LICENSOR’S OBLIGATIONS UNDER ANY PRIVACY AND SECURITY TERMS, INCLUDING OUT-OF-POCKET COSTS OF DEFENSE AND ANY AMOUNTS AWARDED AGAINST BUYER BY A COURT OF COMPETENT JURISDICTION OR AGREED UPON PURSUANT TO A SETTLEMENT AGREEMENT.
8.4.2 FOR SAAS SUBSCRIPTIONS, LICENSOR’S AGGREGATE LIABILITY UNDER THIS AGREEMENT FOR ANY UNAUTHORIZED ACCESS, USE OR DISCLOSURE OF BUYER DATA RESULTING FROM BREACH OF LICENSOR’S OBLIGATIONS UNDER ANY PRIVACY AND SECURITY TERMS, INCLUDING BUYER’S COSTS SET FORTH IN SECTION 8.4.1 AND LICENSOR’S INDEMNIFICATION AND DEFENSE OBLIGATIONS PURSUANT TO SECTION 9.1(b) AND ITS OBLIGATIONS PURSUANT TO SECTION 9.5, WHETHER SUCH DAMAGES ARE BASED IN CONTRACT, TORT OR OTHER LEGAL THEORY, WILL NOT EXCEED (IN LIEU OF AND NOT IN ADDITION TO THE AMOUNT SET FORTH IN SECTION 8.1) THE GREATER OF (i) IN THE CASE OF A
SUBSCRIPTION WITH ENTITLEMENT PRICING, FIVE TIMES THE FEES AND OTHER AMOUNTS PAID AND REQUIRED TO BE PAID BY BUYER FOR THE SUBSCRIPTION, AND, IN THE CASE OF A SUBSCRIPTION WITH METERED PRICING, FIVE TIMES THE FEES AND OTHER AMOUNTS PAID AND REQUIRED TO BE PAID UNDER THIS AGREEMENT IN THE 12 MONTHS PRECEDING THE EVENT GIVING RISE TO THE DAMAGES OR (ii) $2 MILLION.
9. Indemnification.
- Licensor Indemnity. Licensor will, at its expense, indemnify, defend and hold harmless Buyer and its Affiliates and their respective officers, directors, employees, agents and representatives (collectively “Buyer Indemnified Parties”) from and against any and all claims, actions, proceedings and suits brought by a third party, and any and all liabilities, losses, damages, settlements, penalties, fines, costs and expenses (including reasonable attorneys’ fees) (“Claims”), to the extent arising out of or relating to an allegation of any of the following: (a) infringement, misappropriation or violation of any Proprietary Rights by the Licensed Materials or Buyer’s use thereof as permitted under this Agreement; and (b) any unauthorized access, use or disclosure of Buyer Data resulting from breach of Licensor’s obligations under any Privacy and Security Terms.
- Buyer Indemnity. Buyer will, at its expense, indemnify, defend and hold harmless Licensor and its Affiliates and their respective officers, directors, employees, agents and representatives (collectively “Licensor Indemnified Parties”) from and against any and all claims, actions, proceedings and suits brought by a third party, and any and all liabilities, losses, damages, settlements, penalties, fines, costs and expenses (including reasonable attorneys’ fees) (“Claims”) to the extent arising out of or relating to an allegation of any of the following: (a) infringement, misappropriation or violation of any Proprietary Rights by the Buyer Materials or Buyer Data or Licensor’s use thereof as permitted under this Agreement; and (b) any unauthorized or unlawful receipt, processing, transmission or storage of Buyer Data by Licensor in the performance of its obligations as permitted under this Agreement resulting from breach of Buyer’s obligations under Section 7.2.2.
- The party(ies) seeking indemnification pursuant to this Section 9 (each, an “Indemnified Party” and collectively, the “Indemnified Parties”) will give the other Party (the “Indemnifying Party”) prompt notice of each Claim for which it seeks indemnification, provided that failure or delay in providing such notice will not release the Indemnifying Party from any obligations hereunder except to the extent that the Indemnifying Party is prejudiced by such failure. The Indemnified Parties will give the Indemnifying Party their reasonable cooperation in the defense of each Claim for which indemnity is sought, at the Indemnifying Party’s expense. The Indemnifying Party will keep the Indemnified Parties informed of the status of each Claim. An Indemnified Party may participate in the defense at its own expense. The Indemnifying Party will control the defense or settlement of the Claim, provided that the Indemnifying Party, without the Indemnified Parties’ prior written consent: (a) will not enter into any settlement that; (i) includes any admission of guilt or wrongdoing by any Indemnified Party; (ii) imposes any financial obligations on any Indemnified Party that Indemnified Party is not obligated to pay under this Section 9; (iii) imposes any non-monetary obligations on any Indemnified Party; and (iv) does not include a full and unconditional release of any Indemnified Parties; and (b) will not consent to the entry of judgment, except for a dismissal with prejudice of any Claim settled as described in (a). The Indemnifying Party will ensure that any settlement into which it enters for any Claim is made confidential, except where not permitted by applicable Law.
- Infringement Remedy. In addition to Licensor’s obligations under Section 1, if the Software or other Licensed Materials is held, or in Licensor’s opinion is likely to be held, to infringe, misappropriate or violate any Proprietary Rights, or, if based on any claimed infringement, misappropriation or violation of Proprietary Rights, an injunction is obtained, or in Licensor’s opinion an injunction is likely to be obtained, that would prohibit or interfere with Buyer’s use of the Licensed Materials under this Agreement, then Licensor will at its option and expense either: (a) procure for Buyer the right to continue using the affected Licensed Materials in accordance with the license granted under this Agreement; or (b) modify or replace the affected Licensed Materials so that the modified or replacement Licensed Materials are reasonably comparable in functionality, interoperability with other software and systems, and levels of security and performance and do not infringe,misappropriate or violate any third-party Proprietary Rights. If, in such circumstances, Licensor cannot not successfully accomplish any of the foregoing actions on a commercially reasonable basis, Licensor will notify Buyer and either Party may terminate the Subscription and this Agreement, in which case Licensor will refund to Buyer any fees prepaid to Licensor by Buyer prorated for the unused portion of the Subscription. For clarity, Licensor’s indemnification and defense obligations under this Section include infringement Claims based on use of the Licensed Materials by Buyer Indemnified Parties following an initial infringement Claim except that, if Licensor responds to an infringement Claim by accomplishing the solution in (b), Licensor will have no obligation to defend and indemnify Buyer for infringement Claims arising from Buyer’s use after the accomplishment of (b) of the infringing Licensed Materials for which Licensor provided modified or replacement Licensed Materials.
- Security Breach Remedy. In the case of a SaaS Subscription, in addition to Licensor’s obligations under Section 1, if any unauthorized access, use or disclosure of any Buyer Data results from breach of Licensor’s obligations under any Privacy and Security Terms, Licensor will pay the reasonable and documented costs incurred by Buyer for investigation, notification, remediation and mitigation concerning such unauthorized access, use or disclosure of Buyer Data, including notice of breach to affected individuals, industry self-regulatory agencies, government authorities and the public, and credit and identity theft monitoring services for affected individuals.
9.6 Limitations.
- Licensor will have no liability or obligation under this Section 9 with respect to any infringement Claim to the extent attributable to any: (a) modifications to the Licensed Materials not provided by Licensor or its Personnel; (b) use of the Software in combination with third-party equipment or software not provided or made accessible by Licensor or not specifically referenced for use with the Licensed Materials by the Standard Contract Listing or Documentation; or (c) use of the Licensed Materials by Buyer in breach of this Agreement. Licensor’s liability under this Section 9 with respect to any infringement Claim that is attributable to use of the Software in combination with third-party equipment or software provided or made accessible by Licensor or specifically referenced by the Standard Contract Listing or Documentation is limited to Licensor’s proportional share of defense costs and indemnity liability based on the lesser of: (i) the value of the contribution of the Licensed Materials to the total value of the actual or allegedly infringing combination; or (ii) the relative contribution of the Licensed Materials to the actual or allegedly infringed claims (e.g., the Licensed Materials are alleged to satisfy one limitation of a claim with four separate limitations and Licensor would be responsible for a 25% share of the defense and indemnity obligations).
- Buyer will have no liability or obligation under this Section 9 with respect to any infringement Claim to the extent attributable to any: (a) modifications to the Buyer Materials or Buyer Data not provided by Buyer or its Personnel; or (b) use of the Buyer Materials or Buyer Data by Licensor in breach of this
- This Section 9 states the entire liability of Licensor with respect to infringement, misappropriation or violation of Proprietary Rights of third parties by any Licensed Materials or any part thereof or by any use thereof by Buyer, and this Section 9 states the entire liability of Buyer with respect to infringement, misappropriation or violation of Proprietary Rights of third parties by any Buyer Materials, Buyer Data or any part thereof or by any use, receipt, storage or processing thereof by Licensor.
- Not The foregoing indemnities will not be limited in any manner whatsoever by any required or other insurance coverage maintained by a Party.
10. Term and Termination.
- This Agreement will continue in full force and effect until conclusion of the Subscription, unless terminated earlier by either Party as provided by this Agreement.
- Termination for Convenience. Buyer may terminate the Subscription or this Agreement without cause at any time upon notice to Licensor or using the termination or cancellation functionality available through the AWS Services. If a Subscription with Metered Pricing, Buyer will pay for all Software usage up to the time of termination. If a Subscription with Entitlement Pricing, Buyer will not be entitled to refund of fees nor relieved of any future payment obligations for any unused portion of the Subscription.
- Termination for Cause. Either Party may terminate the Subscription or this Agreement if the other Party materially breaches this Agreement and does not cure the breach within 30 days following its receipt of written notice of the breach from the non-breaching In the case of a SaaS Subscription, termination by Licensor pursuant to this Section does not prejudice Buyer’s right, and Licensor’s obligation, to extract or assist with the retrieval or deletion of Buyer Data as set forth in Section 10.4.2 following such termination.
10.4 Effect of Termination.
- Upon termination or expiration of the Subscription or this Agreement, Buyer’s right to use the Software licensed under such Subscription will terminate, and Buyer’s access to the Software and Service provided under such Subscription may be disabled and discontinued. Termination or expiration of any Subscription purchased by Buyer from Licensor will not terminate or modify any other Subscription purchased by Buyer from Licensor.
- Within 30 days following termination or expiration of any SaaS Subscription for any reason and on Buyer’s written request at any time before termination or expiration, Licensor will extract from the SaaS Service and return to Buyer all Buyer Data, or if Buyer is able directly to retrieve or delete Buyer Data from the SaaS Service, then for a period of 30 days following termination or expiration of this Agreement for any reason, Buyer may retrieve or delete Buyer Data itself with support from Licensor as reasonably requested by Buyer. If Buyer retrieves or deletes Buyer Data itself, Licensor will assist Buyer, as reasonably requested by Buyer, in validating whether the retrieval or deletion was successful. Buyer Data must be provided or extractable in a then-current, standard nonproprietary format. Notwithstanding anything herein to the contrary, Licensor’s duty to return or enable Buyer’s retrieval or deletion of the Buyer Data pursuant to this Section 10.4.2 will not be discharged due to the occurrence of any Force Majeure event. Following delivery to Buyer of the Buyer Data and Buyer’s confirmation thereof, or Buyer’s retrieval or deletion of Buyer Data and Licensor’s validation thereof, Licensor will permanently delete and remove Buyer Data (if any) from its electronic and hard copy records and will, upon Buyer’s request, certify to such deletion and removal to Buyer in writing. If Licensor is not able to delete any portion of the Buyer Data or Buyer Confidential Information, it will remain subject to the confidentiality, privacy and data security terms of this Agreement.
- Sections 4 (Proprietary Rights), 6 (Confidentiality), 2.1 (Buyer Data and Buyer Materials), 8 (Limitations of Liability), 9 (Indemnification), 10.4 (Effect of Termination), 11 (Insurance), 12(General) and 13 (Definitions) and any perpetual license granted under this Agreement, together with all other provisions of this Agreement that may reasonably be interpreted or construed as surviving expiration or termination, will survive the expiration or termination of this Agreement for any reason; but the nonuse and nondisclosure obligations of Section 6 will expire five years following the expiration or termination of this Agreement, except with respect to, and for as long as, any Confidential Information constitutes a trade secret.
11. Insurance.
- Each Party will obtain and maintain appropriate insurance necessary for implementing and performing under this Agreement in accordance with applicable Law and in accordance with the requirements of this Section 11. Subject to Licensor’s right to self-insure as described below, Licensor will at its own cost and expense, acquire and continuously maintain the following insurance coverage during the term of this Agreement and for one year after:
- Commercial General Liability insurance, including all major coverage categories, including premises-operations, property damage, products/completed operations, contractual liability, personal and advertising injury with limits of $1,000,000 per occurrence and $2,000,000 general aggregate, and $5,000,000 products/completed operations aggregate;
- Professional Liability insurance, covering liabilities for financial loss resulting or arising from acts, errors or omissions in rendering Services in connection with this Agreement including acts, errors or omissions in rendering computer or information technology Services, proprietary rights infringement, data damage/destruction/corruption, failure to protect privacy, unauthorized access, unauthorized use, virus transmission and denial of service from network security failures with a minimum limit of $2,000,000 each claim and annual aggregate;
- If a SaaS Subscription, Cyber Liability or Technology Errors and Omissions, with limits of $2,000,000 each claim and annual aggregate, providing for protection against liability for: (a) system attacks; (b) denial or loss of service attacks; (c) spread of malicious software code; (d) unauthorized access and use of computer systems; (e) liability arising from loss or disclosure of personal or corporate confidential data; (f) cyber extortion; (g) breach response and management coverage; (h) business interruption; and (i) invasion of privacy; and
- If a SaaS Subscription, Computer Crime Insurance with limits of $1,000,000 and Employee Theft/Buyer Insurance Coverage with limits of $500,000.
- Umbrella Insurance; Self-Insurance. The limits of insurance may be satisfied by any combination of primary and umbrella/excess insurance. In addition, either Party may satisfy its insurance obligations specified in this Agreement through a self-insured retention program. Upon request by Buyer, Licensor will provide evidence of Licensor’s self-insurance program in a formal declaration (on Licensor’s letterhead, if available) that declares Licensor is self-insured for the type and amount of coverage as described in Section 1. Licensor’s declaration may be in the form of a corporate resolution or a certified statement from a corporate officer or an authorized principal of Licensor. The declaration also must identify which required coverages are self-insured and which are commercially insured.
- Certificates and Other Requirements. Prior to execution of this Agreement and annually thereafter during the term, Buyer may request that Licensor furnish to Buyer a certificate of insurance evidencing the coverages set forth above. Licensor’s Commercial General Liability and any umbrella insurance relied upon to meet the obligations in this Section will be primary and non-contributory coverage and the policies will not contain any intra-insured exclusions as between insured persons or organizations. Licensor’s Commercial General Liability policy will provide a waiver of subrogation in favor of Buyer and its Affiliates. The stipulated limits of coverage above will not be construed as a limitation of any potential liability to Buyer, and failure to request evidence of this insurance will not be construed as a waiver of Licensor’s obligation to provide the insurance coverage specified.
12. General.
- Applicable This Agreement will be governed and interpreted under the laws of the State of New York, excluding its principles of conflict of laws. The Parties agree that the exclusive forum for any action or proceeding will be in New York County, New York, and the Parties consent to the jurisdiction of the state and federal courts located in New York County, New York. The Parties agree that the United Nations Convention on Contracts for the International Sale of Goods does not apply to this Agreement.
- Neither Party may assign or transfer this Agreement or any rights or delegate any duties herein without the prior written consent of the other Party, which will not be reasonably withheld, delayed or conditioned. Notwithstanding the foregoing, and without gaining the other Party’s written consent, either Party may assign this Agreement, in whole or part, and delegate its obligations to its Affiliates or to any entity acquiring all or substantially all of its assets related to the Standard Contract Listing or the assigning Party’s entire business, whether by sale of assets, sale of stock, merger or otherwise. Any attempted assignment, transfer or delegation in contravention of this Section will be null and void. This Agreement will inure to the benefit of the Parties hereto and their permitted successors and assigns.
- If Buyer divests a portion of its business to one or more organizations that are not Affiliates of Buyer, or if an entity ceases to be an Affiliate of Buyer (such divested business unit or such entity, a “Divested Affiliate”), Licensor agrees to allow such Divested Affiliate to continue to use the Software, and Buyer may elect that (a) such Divested Affiliate continue, as if it were a Buyer Affiliate, to use the Software under Buyer’s AWS Marketplace account if an AMI Subscription and under Buyer’s account with Licensor if a SaaS Subscription for the remainder of the Subscription, or (b) such Divested Affiliate may obtain its own Subscription to the Software for a period of 90 days after the effective date of such divestiture under the same terms and conditions as this Agreement and the same pricing as set forth in the Standard Contract Listing. Use by a Divested Affiliate after the conclusion of the Subscription or 90 day period, as applicable, will require a separately purchased subscription from Licensor through an AWS Marketplace account of that Divested Affiliate or its then-current Affiliates.
- Entire This Agreement constitutes the entire agreement between the Parties relating to the subject matter hereof, and there are no other representations, understandings or agreements between the Parties relating to the subject matter hereof. This Agreement is solely between Buyer and Licensor. Neither Amazon Web Services, Inc. nor any of its Affiliates are a party to this Agreement and none of them will have any liability or obligations hereunder. The terms and conditions of this Agreement will not be changed, amended, modified or waived unless such change, amendment, modification or waiver is in writing and signed by authorized representatives of the Parties. NEITHER PARTY WILL BE BOUND BY, AND EACH SPECIFICALLY OBJECTS TO, ANY PROVISION THAT IS DIFFERENT FROM OR IN ADDITION TO THIS AGREEMENT (WHETHER PROFFERED ORALLY OR IN ANY QUOTATION, PURCHASE ORDER, INVOICE, SHIPPING DOCUMENT, ONLINE TERMS AND CONDITIONS, ACCEPTANCE, CONFIRMATION, CORRESPONDENCE, OR OTHERWISE), UNLESS SUCH PROVISION IS SPECIFICALLY AGREED TO IN A WRITING SIGNED BY BOTH PARTIES.
- Force Majeure. Neither Party will be liable hereunder for any failure or delay in the performance of its obligations in whole or in part, on account of riots, fire, flood, earthquake, explosion, epidemics, war, strike or labor disputes (not involving the Party claiming force majeure), embargo, civil or military authority, act of God, governmental action or other causes beyond its reasonable control and without the fault or negligence of such Party or its Personnel and such failure or delay could not have been prevented or circumvented by the non-performing Party through the use of alternate sourcing, workaround plans or other reasonable precautions, including, in the case of a SaaS Service, Licensor’s Business Continuity Plan, as required under this Agreement (a “Force Majeure Event”). A Force Majeure Event will not excuse or suspend Licensor’s obligation to invoke and follow its Business Continuity Plan in a timely fashion, and to the extent that such Business Continuity Plan was designed to cover the specific force majeure, or events caused by the Force Majeure Event, the foregoing will excuse Licensor’s performance under this Agreement only for the period of time from the occurrence of the Force Majeure Event until Licensor invokes its Business Continuity Plan. If a Force Majeure Event continues for more than 14 days for any Subscription with Entitlement Pricing, Buyer may cancel the unperformed portion of the Subscription and receive a pro rata refund of any fees prepaid by Buyer to Licensor for such unperformed portion.
- Export Laws. Each Party will comply with all applicable customs and export control laws and regulations of the United States and/or such other country, in the case of Buyer, where Buyer or its Users use the Software or Services, and in the case of Licensor, where Licensor provides the Software or Services. Each Party certifies that it and its Personnel are not on any of the relevant U.S. Government Lists of prohibited persons, including but not limited to the Treasury Department’s List of Specially Designated Nationals and the Commerce Department’s list of Denied Neither Party will export, re-export, ship, or otherwise transfer the Licensed Materials, Services or Buyer Data to any country subject to an embargo or other sanction by the United States.
- Government As defined in FARS §2.101, the Software and Documentation are “commercial items” and according to DFARS §252.227 and 7014(a)(1) and (5) are deemed to be “commercial computer software” and “commercial computer software documentation”. Consistent with FARS §12.212 and DFARS §227.7202, any use, modification, reproduction, release, performance, display or discourse of such commercial software or commercial software documentation by the U.S. government will be governed solely by the terms of this Agreement and will be prohibited except to the extent expressly permitted by the terms of this Agreement.
- The headings throughout this Agreement are for reference purposes only, and the words contained therein will in no way be held to explain, modify, amplify or aid in the interpretation, construction or meaning of the provisions of this Agreement.
- No Third-Party Beneficiaries. Except as specified in Section 9 with respect to Buyer Indemnified Parties and Licensor Indemnified Parties, nothing express or implied in this Agreement is intended to confer, nor will anything herein confer, upon any person other than the Parties and the respective successors or assigns of the Parties, any rights, remedies, obligations or liabilities whatsoever.
- To be effective, notice under this Agreement must be given in writing. Each Party consents to receiving electronic communications and notifications from the other Party in connection with this Agreement. Each Party agrees that it may receive notices from the other Party regarding this Agreement: (a) by email to the email address designated by such Party as a notice address for the Standard Contract; (b) by personal delivery; (c) by registered or certified mail, return receipt requested; or (d) by nationally recognized courier service. Notice will be deemed given upon written verification of receipt.
- Any failure or delay by either Party to exercise or partially exercise any right, power or privilege under this Agreement will not be deemed a waiver of any such right, power or privilege under this Agreement. No waiver by either Party of a breach of any term, provision or condition of this Agreement by the other Party will constitute a waiver of any succeeding breach of the same or any other provision hereof. No such waiver will be valid unless executed in writing by the Party making the waiver.
- Neither Party will issue any publicity materials or press releases that refer to the other Party or its Affiliates, or use any trade name, trademark, service mark or logo of the other Party or its Affiliates in any advertising, promotions or otherwise, without the other Party’s prior written consent.
- Relationship of Parties. The relationship of the Parties will be that of independent contractors, and nothing contained in this Agreement will create or imply an agency relationship between Buyer and Licensor, nor will this Agreement be deemed to constitute a joint venture or partnership or the relationship of employer and employee between Buyer and Each Party assumes sole and full responsibility for its acts and the acts of its Personnel. Neither Party will have the authority to make commitments or enter into contracts on behalf of, bind, or otherwise oblige the other Party.
- If any term or condition of this Agreement is to any extent held invalid or unenforceable by a court of competent jurisdiction, the remainder of this Agreement will not be affected thereby, and each term and condition will be valid and enforceable to the fullest extent permitted by law.
- Licensor may use Subcontractors in its performance under this Agreement, provided that: (a) Licensor remains responsible for all its duties and obligations hereunder and the use of any Subcontractor will not relieve or reduce any liability of Licensor or cause any loss of warranty under this Agreement; and (b) Licensor agrees to be directly liable for any act or omission by such Subcontractor to the same degree as if the act or omission were performed by Licensor such that a breach by a Subcontractor of the provisions of this Agreement will be deemed to be a breach by Licensor. The performance of any act or omission under this Agreement by a Subcontractor for, by or through Licensor will be deemed the act or omission of Licensor. Upon request, Licensor will identify to Buyer any Subcontractors performing under this Agreement, including any that have access to Buyer Data, and such other information reasonably requested by Buyer about such subcontracting.
13. Definitions.
- “Affiliate” means, with respect to a Party, any entity that directly, or indirectly through one or more intermediaries, controls, or is controlled by, or is under common control with such Party.
- “AMI” means a way that the Software offered under a Standard Contract Listing may be provisioned to Buyer where the Software is delivered in a machine image using the Amazon Machine Image functionality of AWS Buyer deploys and runs the AMI Image containing the AMI Software under Buyer’s own AWS Services account on AWS Services infrastructure.
- “AMI Image” means the specific machine image in which AMI Software is delivered to Buyer using the Amazon Machine Image functionality of AWS Services, including the AMI Software, the operating system and all applications, services and information included therein.
- “AWS Marketplace” means the software marketplace operated by Amazon Web Services, located at https://aws.amazon.com/marketplace/ as it may be updated from time to time.
- “AWS Services” means the cloud computing services offered by Amazon Web Services, Inc. as they may be updated from time to time.
- “Buyer Data” means all data, records, files, information or content, including text, sound, video, images and software, that is (a) input or uploaded by Buyer or its Users to or collected, received, transmitted, processed, or stored by Buyer or its Users using the Software or SaaS Service in connection with this Agreement, or (b) derived from (a). Buyer Data is Confidential Information of Buyer.
- “Buyer Materials” means any property, items or materials, including Buyer Data, furnished by Buyer to Licensor for Licensor’s use in the performance of its obligations under this Agreement.
- “Contractor” means any third party contractor of Buyer or other third party performing services for Buyer, including outsourcing suppliers.
- “Documentation” means the user guides, manuals, instructions, specifications, notes, documentation, printed updates, “read-me” files, release notes and other materials related to the Software (including all information included or incorporated by reference in the applicable Standard Contract Listing), its use, operation or maintenance, together with all enhancements, modifications, derivative works, and amendments to those documents, that Licensor publishes or provides under this Agreement.
- “Entitlement Pricing” means any pricing model for AMI Software or SaaS Software Subscriptions where Buyer purchases a quantity of usage upfront, include prepaid and installment payment pricing models.
- “Licensed Materials” means the Software, Documentation and any other items, materials or deliverables that Licensor provides, or is obligated to provide, under this Agreement.
- “Metered Pricing” means any pricing model for AMI Software or SaaS Software Subscriptions where Buyer pays as it goes based on the quantity of its usage of the Software.
- “Personnel” means a Party or its Affiliate’s directors, officers, employees, non-employee workers, agents, auditors, consultants, contractors, subcontractors and any other person performing services on behalf of such Party (but excludes the other Party and any of the foregoing of the other Party).
- “Privacy and Security Terms” means Section 5, the attached Security Addendum and any other terms and conditions regarding the privacy and security of data agreed upon by the parties that are a part of this Agreement, whether in an addendum or amendment to this Standard Contract.
- “Proprietary Rights” means all intellectual property and proprietary rights throughout the world, whether now known or hereinafter discovered or invented, including, without limitation, all: (a) patents and patent applications; (b) copyrights and mask work rights; (c) trade secrets; (d) trademarks; (e) rights in data and databases; and (f) analogous rights throughout the world.
- “SaaS” means a way that the Software offered by Licensor under a Standard Contract Listing may be provisioned to Buyer where the Software is delivered to Buyer on a software-as-a-service The SaaS Licensor deploys the hosted Software under Licensor’s account on the AWS Services infrastructure and is responsible for granting Buyer access to and use of the Software and SaaS Service.
- “SaaS Service” means the SaaS Software as deployed and hosted by Licensor on the AWS Service infrastructure, any software and other technology provided or made accessible by Licensor that Buyer is required or has the option to use in order to access, receive and use the SaaS Software as hosted by Licensor, including any software or technology that Buyer is required or has the option to install, operate and use on Buyer’s systems for its use of the SaaS Software, and all related services, functions or responsibilities of Licensor inherent in, and necessary for, the proper performance of such software-as-a-service.
- “Services” means all services and tasks that Licensor provides, or is obligated to provide, under this Agreement, including without limitation Support Services.
- “Software” means the computer software identified in the applicable Standard Contract Listing and any other software, including any patches, bug fixes, corrections, remediation of security vulnerabilities, updates, upgrades, modifications, enhancements, derivative works, new releases and new versions of the Software that Licensor provides, or is obligated to provide, under this Agreement.
- “Standard Contract Listing” means an offer by Licensor or a Reseller, as set forth in the detail page on the AWS Marketplace, to license Software for a specific use capacity and provide Support Services subject to this Standard Contract, including Licensor’s policies and procedures referenced or incorporated in the detail page.
- “Subcontractor” means any third party subcontractor or other third party to whom Licensor delegates any of its duties and obligations under this Agreement.
- “Subscription” means a subscription ordered by Buyer in the AWS Marketplace and fulfilled by Licensor for the licensing and provision of AMI Software or SaaS Software listed in a Standard Contract Listing.
- “Support Services” means the support and maintenance services for the Software that Licensor provides, or is obligated to provide, as described in the Standard Contract Listing.
- “System Data” means data and data elements collected by the SaaS Software, SaaS Service or Licensor’s computer systems regarding configuration, environment, usage, performance, vulnerabilities and security of the SaaS Software or SaaS Service that may be used to generate logs, statistics and reports regarding performance, availability, integrity and security of the SaaS Software.
- “User” means an employee, non-employee worker or other member of Buyer or any of its Affiliates’ workforces, Contractor of Buyer or any of its Affiliates or other person or software program or computer systems authorized by Buyer or any of its Affiliates to access and use the Software as permitted under this Agreement.
- “Warranty Period” means, in the case of SaaS Software with Entitlement Pricing for the term of the Subscription and, in the case of AMI Software with Entitlement Pricing, 30 days after Buyer’s purchase of the Subscription or the term of the Subscription, whichever is shorter.
Security Addendum for Standard Contract for AWS Marketplace
(Basic Security Requirements)
This Security Addendum (this “Security Addendum”) is part of the Standard Contract for AWS Marketplace (the “Standard Contract”) between Licensor and Buyer and governs the treatment of Confidential Information of Buyer in the case of a SaaS Subscription. All capitalized terms used but not defined in this Addendum have the meanings given to them in the Standard Contract.
- Security Licensor will, consistent with industry standard practices, implement and maintain a security program: (a) to maintain the security and confidentiality of Confidential Information; and (b) to protect Confidential Information from known or reasonably anticipated threats or hazards to its security, availability and integrity, including accidental loss, unauthorized use, access, alteration or disclosure. Licensor will safeguard Buyer’s Confidential Information with at least the degree of care it uses to protect its own confidential information of a like nature and no less than a reasonable degree of care. Without limitation, Licensor’s policies will require, and the safeguards to be implemented by Licensor, will include at a minimum, but without limitation to, the following:
- appropriate administrative controls, such as communication of all applicable information security policies, information security and confidentiality training, and assignment of unique access credentials (which shall be revoked upon termination);
- controls to ensure the physical safety and security of all facilities (including third party locations) where Confidential Information may be processed or stored, including, at a minimum, locked doors and keys/key cards to access any facility and a business continuity plan that is regularly reviewed and updated;
- controls to limit access to Licensor’s systems and Confidential Information, including a password policy for all Personnel that access Confidential Information and a prohibition on the use of shared credentials for users and/or systems; and
- regular testing and evaluation of the effectiveness of the safeguards for the protection of Confidential Information.
- Security Without limiting Licensor’s duties and obligations under Section 1 of this Security Addendum, Licensor will comply with the following requirements:
2.1 Licensor Systems; Access
- Licensor shall not and shall not permit a third party to access, use or disclose Confidential Information except as specifically authorized in the Standard Contract or this Security Addendum.
- Licensor will safeguard Confidential Information in a controlled environment consistent with industry standards.
- Licensor shall establish, maintain and enforce the security access principles of “segregation of duties” and “least privilege” with respect to Confidential Information.
- Licensor will maintain a list of systems where Confidential Information is processed and stored and maintain a list of Personnel who have access to those systems.
- Licensor will have in place industry standard policies and processes to limit access to Personal Information including: (i) a unique individual user-id will be used for each user that accesses Confidential Information; (ii) any temporary password issued will be unique and must be changed upon first use; (iii) no Confidential Information, nor a subset of Confidential Information (such as part of a user’s Social Security Number), will be used in either the user-id or the initial temporary password; and (iv) it will establish a process to ensure timely revocation of access when access is no longer allowed for an individual (e.g. separation, role change).
- Licensor will have in place industry standard end user authentication processes including that passwords will not be displayed, printed stored in clear text and will be required to be at least six characters, case sensitive, different from user-ids and will be a combination of at least uppercase, lowercase and numerals. The process for users to change their passwords will meet the following requirements: (i) passwords are not sent in email (except for temporary/one-time use passwords); (ii) users receive a separate notification upon password and/or profile changes such as an email or mail; and (iii) password resets require authentication of individual
- Licensor will time out an authenticated session and require re-authentication should the session If using cookies for authenticated session management, the cookies must be marked as secure, and any authentication material must be encrypted.
- Upon Buyer’s request, Licensor shall provide Buyer a copy of or online viewing access to a summary of its policies, processes and administrative controls by which Confidential Information is used, disclosed, stored, processed or otherwise transmitted or handled, and any material modifications to such policies, processes and controls.
2.2 Personnel.
- Access to Confidential Information will be restricted to authorized Personnel and provided only on a need to know Personnel having access to Confidential Information shall be bound by a written agreement with Licensor with requirements and restrictions no less than those set forth herein. Each Personnel must pass a background check consistent with industry standards before having access to Confidential Information.
- Licensor shall provide security awareness training to all Personnel authorized by Licensor to have access to Confidential Information (“Authorized Personnel”). Such training shall be: (i) consistent with industry standards; (ii) designed, at a minimum, to educate all such individuals on maintaining the security, confidentiality and integrity of Personal Information consistent with this Security Addendum; and (iii) be provided no less than annually.
- Licensor shall have in place a process by which Authorized Personnel and other user accounts are created and deleted in a secure and timely fashion.
2.3 Records and Risk Assessments.
- Licensor agrees to maintain and enforce retention policies for any and all reports, logs, audit trails and any other documentation that provides evidence of security, systems, and audit processes and procedures in accordance with all applicable laws and regulations.
- Licensor will conduct regular penetration testing or other appropriate security testing and security assessments that verify its information security practices as to the use, handling and storage of Confidential Information. Upon request from Buyer, Licensor will provide Buyer a copy of or online viewing access to reports summarizing such testing and audits. If Licensor engages an independent third party to conduct audits, upon request by Buyer, Licensor will provide to Buyer a copy of or online viewing access the audit reports or certifications issued (or a summary of the audit reports if use or distribution of the reports is restricted by the third party auditor) as a result of such audits. If Licensor conducts its own risk assessment, then Licensor will provide Buyer with a copy of or online viewing access to its report of such assessment, including at a minimum a summary of Licensor’s security program, including the safeguards, controls, policies and procedures with respect to infrastructure, software, people, procedures, and data used to provide the SaaS Services (“Security Program”) as verified against Licensor’s actual practices and any material vulnerabilities or issues identified in the audit. Any such reports are Licensor’s Confidential Information.
- Licensor shall remedy material issues identified from the testing and audits in a timely manner.
- Business Continuity. Licensor will establish and implement plans and risk controls, consistent with industry standards, for continuity of its performance under this Agreement (“Business Continuity Plan”). Licensor’s Business Continuity Plan will include safeguards to resume the SaaS Service, and recover and make available Buyer Data, within a reasonable time after a security breach or any significant interruption or impairment of operation or any loss, deletion, corruption or alteration of data. Licensor will review its Business Continuity Plan on a regular basis and update it in response to changes within its company and industry Upon request, Licensor will provide Buyer a summary of its Business Continuity Plan that covers access and processing of Buyer Confidential Information.
2.5 Personal Information.
- Licensor understands and acknowledges that, to the extent that performance of its obligations hereunder involves or necessitates the processing of Personal Information relating to individuals, it shall act only on instructions and directions from Buyer as set out in the Standard Licensor shall comply within a reasonable time frame (which shall in no event be longer than any time frame for compliance required by law) with all such instructions and directions.
- Licensor shall as soon as reasonably practicable in the circumstances, and in any event within three days of becoming aware of any data subject access request, serve notice on Buyer of any request made by a data subject to access Personal Information processed by Licensor on behalf of Buyer and, if required by Buyer, permit Buyer to handle such request and at all times cooperate with and assist Buyer to execute its obligations under the law in relation to such data subject access requests.
3. Data Security Breach Notification.
- Licensor will inform Buyer promptly upon discovery of any compromise, unauthorized access to, alteration, loss, use or disclosure of any Confidential Information or any other breach of the confidentiality,security or integrity of Confidential Information (each, a “Security Incident”), provided that such notification is not prohibited by legal authorities. Licensor will investigate and conduct a root cause analysis on the Security Incident and take all reasonable steps to prevent further compromise, access, alteration, loss, use or disclosure of such Confidential Information. Licensor will provide Buyer written details and regular updates regarding Licensor’s internal investigation of each Security Incident, and Licensor will cooperate and work together with Buyer to formulate and execute a plan to rectify all Security Incidents.
- Licensor shall be responsible for all its costs related to or arising from any Security Incident, including without limitation investigating the Security Incident. At Buyer’s request and cost, Licensor will reasonably cooperate with Buyer, at Licensor’s expense, in complying with its obligations under applicable law pertaining to responding to a Security Incident.
- Licensor’s obligation to report or respond to a Security Incident under this Section is not an acknowledgement by Licensor of any fault or liability with respect to the Security Incident. Buyer must notify Licensor promptly about any possible misuse of its accounts or authentication credentials or any security incident related to the SaaS Service.
4. General.
- Buyer shall retain ownership of Confidential Licensor shall not obtain any ownership interest in Confidential Information.
- Licensor shall not retain Confidential Information beyond the expiration or termination of the Standard Contract, except as provided in this Security Addendum, the Standard Contract or by law. Upon completion of the Services, Confidential Information shall be promptly returned, deleted or destroyed as required under the Standard Contract. If Licensor cannot promptly return, deleted or destroy Confidential Information, Licensor shall protect such Confidential Information in accordance with this Security Addendum for so long as Licensor retains such Confidential Information.
- If Licensor subcontracts its obligations under this Security Addendum, Licensor shall enter into a written agreement with its subcontractor that (i) imposes in all materials respects the same obligations on the subcontractor that are imposed on Licensor under this Security Addendum (“Subcontractor Obligations”), and (ii) does not allow further subcontracting of its obligations. Without limiting the foregoing, Licensor shall remain liable to Buyer for its obligations under this Security Addendum, including any misuse or mishandling of Confidential Information by its subcontractors. Licensor will be responsible for the compliance of the subcontractors with the terms of this Addendum.
- Licensor shall comply with and shall cause each of its subcontractors to comply with all applicable laws and regulations including all data protection and security laws and regulations whether in effect at the time of execution of this Security Addendum or coming into effect thereafter. This Security Addendum does not limit other obligations of Licensor, including under any Laws that apply to Licensor or its performance under this Agreement.
- This Security Addendum and all provisions herein shall survive as long as Licensor and/or subcontractor retains any Confidential Information.
General Data Protection Regulation Data Processing Addendum for Standard Contract for AWS Marketplace (European Economic Area & Switzerland)
This Data Processing Addendum (this “Addendum”) is part of the Standard Contract for AWS Marketplace (the “Standard Contract”) between Licensor (who is the data processor) and Buyer (who is the data controller) and governs Licensor’s processing of Personal Data to the extent such Personal Data relates to natural persons in the European Economic Area or Switzerland in connection with Licensor’s provision of the Services it provides pursuant to the Standard Contract. All capitalized terms used but not defined in this Addendum have the meanings given to them in the Standard Contract.
Processing of Personal Data
- Instructions from the Controller. Notwithstanding anything in the Standard Contract to the contrary, Licensor will only process Personal Data in order to provide the Services to Buyer, in accordance with Buyer’s written instructions, or as required by applicable Law. Licensor will promptly inform Buyer if following Buyer instructions would result in a violation of applicable data protection law or where Licensor must disclose Personal Data in response to a legal obligation (unless the legal obligation prohibits Licensor from making such disclosure).
- Licensor will restrict access to Personal Data to those authorized persons who need such information to provide the Services. Such authorized persons are obligated to maintain the confidentiality of any Personal Data.
- Sensitive Buyer will inform Licensor if Personal Data falls into any special categories of personal data as defined in Article 9(1) of Regulation (EU) 2016/679.
- Licensor will implement appropriate technical and organizational measures to ensure a level of security appropriate to the Personal Data provided by Buyer and processed by Licensor. Such security measures will be at least as protective as the security requirements set forth in Section 8.5 of the Standard Contract.
- Sub-processors. Buyer agrees that Licensor, a processor, may engage other processors (“Sub- processors”) to assist in providing the Services consistent with the Standard Licensor will make a list of such Sub-processors available to Buyer prior to transferring any Personal Data to such Sub-processors. Licensor will notify Buyer of any changes to the list of Sub-processors in order to give Buyer an opportunity to object to such changes.
- Sub-processor Liability. Where Licensor engages another processor for carrying out specific processing activities on behalf of Buyer, the same data protection obligations as set out in this Addendum will be imposed on that other processor by way of a contract or other legal act under EU or Member State law, in particular providing sufficient guarantees to implement appropriate technical and organizational measures in such a manner that the processing will meet the requirements of the EU data protection law. Where that other processor fails to fulfil its data protection obligations, Licensor shall remain fully liable to the Buyer for the performance of that other processor’s obligations.
- Access Licensor has implemented and will maintain appropriate technical and organizational measures needed to enable Buyer to respond to requests from data subjects to access, correct, transmit, limit processing of, or delete any relevant Personal Data held by Licensor.
- Upon a request issued by a supervisory authority for records regarding Personal Data, Licensor will cooperate to provide the supervisory authority with records related to processing activities performed on Buyer’s behalf, including information on the categories of Personal Data processed and the purposes of the processing, the use of service providers with respect to such processing, any data disclosures ortransfers to third parties and a general description of technical and organizational measures to protect the security of such data.
- Licensor will cooperate to the extent reasonably necessary in connection with Buyer’s requests related to data protection impact assessments and consultation with supervisory authorities and for the fulfillment of Buyer’s obligation to respond to requests for exercising a data subject’s rights in Chapter III of Regulation (EU) 2016/679. Licensor reserves the right to charge Buyer for its reasonable costs in collecting and preparing Personal Data for transfer and for any special arrangements for making the transfer.
- Third Party Requests. If Licensor receives a request from a third party in connection with any government investigation or court proceeding that Licensor believes would require it to produce any Personal Data, Licensor will inform Buyer in writing of such request and cooperate with Buyer if Buyer wishes to limit, challenge or protect against such disclosure, to the extent permitted by applicable Law.
- Transfer of Personal Data; Appointment. Buyer authorizes Licensor to transfer, store or process Personal Data in the United States or any other country in which Licensor or its Sub-processors maintain facilities. Buyer appoints Licensor to perform any such transfer of Personal Data to any such country and to store and process Personal Data in order to provide the Services. Licensor will conduct all such activity in compliance with the Standard Contract, this Addendum, applicable Law and Buyer instructions.
- Personal Data received from Buyer will be retained only for so long as may be reasonably required in connection with Licensor’s performance of the Standard Contract or as otherwise required under applicable Law.
- Deletion or When instructed by Buyer, Licensor will delete any Personal Data or return it to Buyer in a secure manner and delete all remaining copies of Personal Data after such return except where otherwise required under applicable Law. Licensor will relay Buyer’s instructions to all Sub-processors.
- Breach Notification. After becoming aware of a Personal Data breach, Licensor will notify Buyer without undue delay of: (a) the nature of the data breach; (b) the number and categories of data subjects and data records affected; and (c) the name and contact details for the relevant contact person at Licensor.
- Upon request, Licensor will make available to Buyer all information necessary, and allow for and contribute to audits, including inspections, conducted by Buyer or another auditor mandated by Buyer, to demonstrate compliance with Article 28 of Regulation (EU) 2016/679. For clarity, such audits or inspections are limited to Licensor’s processing of Personal Data only, not any other aspect of Licensor’s business or information systems. If Buyer requires Licensor to contribute to audits or inspections that are necessary to demonstrate compliance, Buyer will provide Licensor with written notice at least 60 days in advance of such audit or inspection. Such written notice will specify the things, people, places or documents to be made available. Such written notice, and anything produced in response to it (including any derivative work product such as notes of interviews), will be considered Confidential Information and, notwithstanding anything to the contrary in the Standard Contract, will remain Confidential Information in perpetuity or the longest time allowable by applicable Law after termination of the Standard Contract. Such materials and derivative work product produced in response to Buyer’s request will not be disclosed to anyone without the prior written permission of Licensor unless such disclosure is required by applicable Law. If disclosure is required by applicable Law, Buyer will give Licensor prompt written notice of that requirement and an opportunity to obtain a protective order to prohibit or restrict such disclosure except to the extent such notice is prohibited by applicable Law or order of a court or governmental agency. Buyer will make every effort to cooperate with Licensor to schedule audits or inspections at times that are convenient to Licensor. If, after reviewing Licensor’s response to Buyer’s audit or inspection request, Buyer requires additional audits or inspections, Buyer acknowledges and agrees that it will be solely responsible for all costs incurred in relation to such additional audits or inspections.