MASTER SERVICES AGREEMENT – REST OF THE WORLD (NON-US)
Each Order Form and SOW signed by Customer and spaceti s.r.o., a
limited liability company having its registered office at
Italska 2581/67, Praha, 12000, Czech republic ID no.: 05137659
(“Spaceti”) is subject to this Master Service Agreement (the
“Agreement”). DEFINITIONS
“Affiliate” means any entity that directly or indirectly controls,
is controlled by, or is under common control with the subject entity.
“Control,” for purposes of this definition, means direct or
indirect ownership or control of more than 50% of the voting interests of
the subject entity.
“Beta Services” means Spaceti services or functionality that
may be made available to Customer to try at its option at no additional
charge which is clearly designated as beta, pilot, limited release,
developer preview, non-production, evaluation, or by a similar
description.
“Customer” means any entity that purchases the Services,
Professional Services or HW, as more particularly detailed in the Order
Form or SOW.
“Customer Data” means electronic data and information submitted by
or for Customer to the Services, excluding Non-Spaceti Applications.
“Documentation” means the applicable Service’s product description
documentation in the Order Form, Security Documentation and Infrastructure
and Sub-processors (both as defined in the DPA) and its usage guide and
policy, as updated from time to time, accessible via login to the
applicable Service.
“Free Services” means Services that Spaceti makes available to
Customer free of charge. Free Services exclude Services offered as
Purchased Services.
“Malicious Code” means code, files, scripts, agents or programs
intended to do harm, including, for example, viruses, worms, time bombs
and Trojan horses.
“Non-Spaceti Application” means a Web-based, mobile,
offline or other software application functionality that interoperates
with a Service, that is provided by Customer or a third party. Non-Spaceti
Applications, other than those obtained or provided by Customer, will be
identifiable as such.
“Normal Working Hours” means the time between 9:00 AM and 6:00 PM
in the Czech Republic on a Business Day where Business Day means any day
that is not a Saturday, Sunday or public holiday in the Czech Republic.
“Order Form” means an ordering document or online order specifying
the Services and HW to be provided hereunder that is entered into between
Customer and Spaceti or any of their Affiliates, including any addenda and
supplements thereto. By entering into an Order Form hereunder, an
Affiliate agrees to be bound by the terms of this Agreement as if it were
an original party hereto.
“Purchased Services” means Services that Customer or
Customer’s Affiliate purchases under an Order Form or online purchasing
portal, as distinguished from Free Services.
“Services” means the online SW products and services that are
ordered by Customer under an Order Form or online purchasing portal, or
provided to Customer free of charge (as applicable) or under a free trial,
and made available online by Spaceti, including associated Spaceti offline
or mobile components, as described in the Documentation. “Services”
exclude HW, Professional Services and Non-Spaceti Applications.
“SOW” means a Statement of Work describing Professional Services to
be provided hereunder, that is entered into between Customer and Spaceti
or any of their Affiliates or which is incorporated into an Order Form
that is entered into between Customer and Spaceti or any of their
Affiliates. By entering into a SOW hereunder, an Affiliate agrees to be
bound by the terms of this Agreement as if it were an original party
hereto.
“User” means, in
the case of an individual accepting these terms on his or her own behalf,
such individual, or, in the case of an individual accepting this Agreement
on behalf of a company or other legal entity, an individual who is
authorized by Customer to use a Service, for whom Customer has purchased a
subscription (or in the case of any Services provided by Spaceti without
charge, for whom a Service has been provisioned), and to whom Customer
(or, when applicable, Spaceti at Customer’s request) has supplied a user
identification and password (for Services utilizing authentication). Users
may include, for example, employees, consultants, contractors and agents
of Customer or Customer Affiliates, and third parties with which Customer
or Customer Affiliate transacts business.
-
SPACETI RESPONSIBILITIES
-
Provision of Purchased Services. Spaceti will (a) make the
Services available to Customer pursuant to this Agreement, and the
applicable Order Forms, SOWs and Documentation, (b) provide
applicable Spaceti standard support for the Purchased Services to
Customer at no additional charge, and/or upgraded support if
purchased, (c) use commercially reasonable efforts to make the
Purchased Services available 24 hours a day, 7 days a week, except
for: (i) planned downtime (of which Spaceti shall give advance
electronic notice), and (ii) any unavailability caused by
circumstances beyond Spaceti’s reasonable control, including, for
example, an act of God, act of government, flood, fire, earthquake,
civil unrest, act of terror, strike or other labor problem (other
than one involving Spaceti employees), Internet service provider
failure or delay, Non-Spaceti Application, or denial of service
attack, and (d) provide the Services in accordance with laws and
government regulations applicable to Spaceti’s provision of its
Services to its customers generally, and subject to Customer’s use
of the Services in accordance with this Agreement, the Documentation
and the applicable Order Form or SOW.
-
Protection of Customer Data. Spaceti will maintain appropriate
administrative, physical, and technical safeguards for protection of
the security, confidentiality and integrity of Customer Data, as
described in the Documentation. Those safeguards will include, but
will not be limited to, measures designed to prevent unauthorized
access to or disclosure of Customer Data (other than by Customer or
Users). The data processing addendum is attached as Exhibit A (the
“DPA”) and shall apply to the extent Customer Data includes
Personal Data, as defined in the DPA. Upon request by Customer made
within 30 days after the effective date of termination or expiration
of this Agreement, Spaceti will make Customer Data available to
Customer for export or download in commonly-readable format. After
such 30-day period, Spaceti will have no obligation to maintain or
provide any Customer Data, will thereafter delete all copies of
Customer Data in its systems or otherwise in its possession or
control, unless legally prohibited.
-
Spaceti Personnel. Spaceti will be responsible for the
performance of its personnel (including its employees and
contractors) and their compliance with Spaceti’s obligations under
this Agreement.
-
Beta Services. From time to time, Spaceti may make Beta
Services available to Customer at no charge. Customer may choose to
try such Beta Services or not in its sole discretion. Beta Services
are intended for evaluation purposes and not for production use, are
not supported, and may be subject to additional terms. Beta Services
are not considered “Services” under this Agreement, however, all
restrictions, Spaceti’s reservation of rights and Customer
obligations concerning the Services, and use of any related
Non-Spaceti Applications, shall apply equally to Customer’s use of
Beta Services. Unless otherwise stated, any Beta Services trial
period will expire upon the earlier of one year from the trial start
date or the date that a version of the Beta Services becomes
generally available without the applicable Beta Services
designation. Spaceti may discontinue Beta Services at any time in
Spaceti’s sole discretion and may never make them generally
available. Spaceti will have no liability for any harm or damage
arising out of or in connection with a Beta Service.
-
Free Services. Spaceti may make Free
Services available to Customer. Use of Free Services is subject to
the terms and conditions of this Agreement. In the event of a
conflict between this section and any other portion of this
Agreement, this section shall control. Free Services are provided to
Customer without charge up to certain limits as described in the
Documentation or Order Form. Usage over these limits requires
Customer’s purchase of additional resources or services. Customer
agrees that Spaceti, in its sole discretion and for any or no
reason, may terminate Customer’s access to the Free Services or any
part thereof. Customer agrees that any termination of Customer’s
access to the Free Services may be without prior notice, and
Customer agrees that Spaceti will not be liable to Customer or any
third party for such termination. Customer is solely responsible for
exporting Customer Data from the Free Services prior to termination
of Customer’s access to the Free Services for any reason, provided
that if Spaceti terminates Customer’s account, except as required by
law, Spaceti will provide Customer a reasonable opportunity to
retrieve its Customer Data.
NOTWITHSTANDING THE “REPRESENTATIONS, WARRANTIES, EXCLUSIVE REMEDIES AND
DISCLAIMERS” SECTION AND “INDEMNIFICATION BY SPACETI” SECTION BELOW, THE
FREE SERVICES ARE PROVIDED “AS-IS” WITHOUT ANY WARRANTY AND SPACETI SHALL
HAVE NO INDEMNIFICATION OBLIGATIONS NOR LIABILITY OF ANY TYPE WITH RESPECT
TO THE FREE SERVICES UNLESS SUCH EXCLUSION OF LIABILITY IS NOT ENFORCEABLE
UNDER APPLICABLE LAW IN WHICH CASE SPACETI’S LIABILITY WITH RESPECT TO THE
FREE SERVICES SHALL NOT EXCEED $1,000.00. WITHOUT LIMITING THE FOREGOING,
SPACETI AND ITS AFFILIATES AND ITS LICENSORS DO NOT REPRESENT OR WARRANT
TO CUSTOMER THAT: (A) CUSTOMER’S USE OF THE FREE SERVICES WILL MEET
CUSTOMER’S REQUIREMENTS, (B) CUSTOMER’S USE OF THE FREE SERVICES WILL BE
UNINTERRUPTED, TIMELY, SECURE OR FREE FROM ERROR, AND (C) USAGE DATA
PROVIDED THROUGH THE FREE SERVICES WILL BE ACCURATE. NOTWITHSTANDING
ANYTHING TO THE CONTRARY IN THE “LIMITATION OF LIABILITY” SECTION BELOW,
CUSTOMER SHALL BE FULLY LIABLE UNDER THIS AGREEMENT TO SPACETI AND ITS
AFFILIATES FOR ANY DAMAGES ARISING OUT OF CUSTOMER’S USE OF THE FREE
SERVICES, ANY BREACH OF THIS AGREEMENT BY CUSTOMER AND ANY OF CUSTOMER’S
INDEMNIFICATION OBLIGATIONS HEREUNDER.
-
USE OF SERVICES
-
Subscriptions. Unless otherwise provided in the applicable
Order Form or Documentation, (a) Purchased Services are purchased as
subscriptions for the term stated in the applicable Order Form or in
the applicable online purchasing portal, (b) subscriptions for
Purchased Services may be added during a subscription term at the
same pricing as the underlying subscription pricing, prorated for
the portion of that subscription term remaining at the time the
subscriptions are added, and (c) any added subscriptions will
terminate on the same date as the underlying subscriptions. Customer
agrees that its purchases are not contingent on the delivery of any
future functionality or features, or dependent on any oral or
written public comments made by Spaceti regarding future
functionality or features.
-
Usage Limits. Services are subject to usage limits specified
in Order Forms and Documentation. If Customer exceeds a contractual
usage limit, Spaceti may work with Customer to seek to reduce
Customer’s usage so that it conforms to that limit. If,
notwithstanding Spaceti’s efforts, Customer is unable or unwilling
to abide by a contractual usage limit, Customer will execute an
Order Form for additional quantities of the applicable Services
promptly upon Spaceti’s request, and/or pay any invoice for excess
usage in accordance with the “Invoicing and Payment” section below.
-
Customer Responsibilities. Customer will (a) be responsible
for Users’ compliance with this Agreement, Documentation and Order
Forms, (b) be responsible for the accuracy, quality and legality of
Customer Data, the means by which Customer acquired Customer Data,
Customer’s use of Customer Data with the Services, and the
interoperation of any Non-Spaceti Applications with which Customer
uses Services, (c) use commercially reasonable efforts to prevent
unauthorized access to or use of Services, and notify Spaceti
promptly of any such unauthorized access or use, (d) use Services
only in accordance with this Agreement, Documentation, Order Forms
and applicable laws and government regulations, and (e) comply with
terms of service of any Non-Spaceti Applications with which Customer
uses Services. Any use of the Services in breach of the foregoing by
Customer or Users that in Spaceti’s judgment threatens the security,
integrity or availability of Spaceti’s services, may result in
Spaceti’s immediate suspension of the Services, however Spaceti will
use commercially reasonable efforts under the circumstances to
provide Customer with notice and an opportunity to remedy such
violation or threat prior to any such suspension.
-
Usage Restrictions. Customer will not (a) make any Service
available to anyone other than Customer or Users, or use any Service
for the benefit of anyone other than Customer or its Affiliates,
unless expressly stated otherwise in an Order Form or the
Documentation, (b) sell, resell, license, sublicense, distribute,
make available, rent or lease any Service, or include any Service in
a service bureau or outsourcing offering, (c) use a Service or
Non-Spaceti Application to store or transmit infringing, libelous,
or otherwise unlawful or tortious material, or to store or transmit
material in violation of third-party privacy rights, (d) use a
Service or Non-Spaceti Application to store or transmit Malicious
Code, (e) interfere with or disrupt the integrity or performance of
any Service or third-party data contained therein, (f) attempt to
gain unauthorized access to any Service or its related systems or
networks, (g) permit direct or indirect access to or use of any
Services in a way that circumvents a contractual usage limit, or use
any Services to access or use any of Spaceti intellectual property
except as permitted under this Agreement, an Order Form, or the
Documentation, (h) modify, copy, or create derivative works based on
a Service or any part, feature, function or user interface thereof,
(i) frame or mirror any part of any Service, other than framing on
Customer’s own intranets or otherwise for its own internal business
purposes or as permitted in the Documentation, (j) except to the
extent permitted by applicable law, disassemble, reverse engineer,
or decompile a Service or access it to (j1) build a competitive
product or service, (j2) build a product or service using similar
ideas, features, functions or graphics of the Service, (j3) copy any ideas, features, functions or graphics of
the Service, or (4) determine whether the Services are within the
scope of any patent.
-
PROFESSIONAL SERVICES AND HW SALES
-
Professional Services definition. Spaceti shall make
available to Customer an appropriately trained employee or
contractor to carry out such professional services as are mutually
agreed between the parties in a SOW (the “Professional Services”). Such Spaceti resource shall be provided during Normal Working
Hours (unless otherwise specifically agreed in a SOW) on the number
of Days agreed in the SOW. For the purpose of this clause 4, a “Day”
means 8 Normal Working Hours.
-
Statement of Work. If Customer wishes to purchase any
Professional Services, the parties may agree to mutually execute one
or more separate SOWs containing the relevant terms and conditions.
Unless otherwise identified in a SOW, all Professional Services must
be used within the first subscription term or applicable renewal
period. Any portion of the Professional Services not used within
such period will be automatically forfeited, with no further action
required of either party, and Customer will not be entitled to any
refund or credit for any prepaid but unused fees. Customer may not
apply any portion of any unused Professional Services or fees paid,
for any products or services other than those stated in the SOW.
-
Professional Services warranty. Spaceti shall provide the
Professional Services with reasonable skill and care and in
accordance with generally recognised commercial practices and
standards and in accordance with the SOW. This warranty is exclusive
and in lieu of all other warranties and conditions, whether express
or implied. No implied conditions, warranties or other terms apply
(including any implied terms as to satisfactory quality, fitness for
purpose or conformance with description). Spaceti will re-perform
Professional Services to remedy any breach of warranty. Customer
must make any claim under the foregoing warranty to Spaceti in
writing within 90 days of performance of such Professional Services
in order to receive warranty remedies.
-
Change Order. If either party requests a change to the scope
or execution of the Professional Services Spaceti shall, within a
reasonable time, provide a written estimate to the Customer of: (a)
the likely time required to implement the change; (b) any necessary
variations to Spaceti’s charges arising from the change; and (c) any
other impact of the change on this Agreement and the applicable SOW.
If the Customer wishes Spaceti to proceed with the change, Spaceti
has no obligation to do so unless and until the parties have agreed
in writing to all of the necessary variations to its charges, the
Professional Services or SOW and any other relevant terms of this
Agreement to take account of the change. Notwithstanding the
foregoing, Spaceti may, from time to time on reasonable notice,
change the Professional Services in order to comply with any
applicable regulatory or statutory requirements, provided that such
changes do not materially affect the nature, scope of, or the
charges for the Professional Services or materially adversely affect
the Customer.
-
Delivery location. Spaceti shall deliver all Professional
Services from Spaceti’s offices unless otherwise mutually agreed
between the parties. If any Spaceti resource is required to travel
to Customer’s premises or any other third party premises to deliver
the Professional Services to Customer, Customer shall be responsible
for Spaceti’s reasonable expenses.
-
Subcontractors. Spaceti may, in its reasonable discretion,
use subcontractors inside or outside of the Czech Republic to
perform any of its obligations hereunder. Spaceti will be
responsible for the performance of Professional Services by its
personnel (including employees and contractors) and their compliance
with Spaceti’s obligations under this Agreement.
-
Hardware. If Spaceti is selling any goods to use it with
Services (the “HW”), the list and price of such products is
in the applicable Order Form and the detailed description of
Spaceti’s performance, detailed specification, characteristics and
parameters of sold items, the conditions and the method of warranty
service provided and the demands on Customer’s cooperation are set
out in the Order Form.
-
NON-SPACETI PRODUCTS AND SERVICES
-
Integration with Non-Spaceti Applications. The Services may
contain features designed to interoperate with Non-Spaceti
Applications. Spaceti cannot guarantee the continued availability of
such Service features, and may cease providing them without
entitling Customer to any refund, credit, or other compensation, if
for example and without limitation, the provider of a Non- Spaceti
Application ceases to make the Non-Spaceti Application available for
interoperation with the corresponding Service features in a manner
acceptable to Spaceti.
-
FEES AND PAYMENT
-
Fees. Customer will pay all fees specified in the Order Forms
or SOWs. Except as otherwise specified herein or in an Order Form or
SOW, (i) fees are based on Services subscription, Professional
Services, or HW purchased and not actual usage, (ii) payment
obligations are non-cancelable and fees paid are non-refundable, and
(iii) quantities of Services subscription purchased cannot be
decreased during the relevant subscription term.
-
Invoicing and Payment. Customer will provide Spaceti with a
valid purchase order or alternative document reasonably acceptable
to Spaceti. Spaceti will invoice Customer in advance and otherwise
in accordance with the relevant Order Form or SOW. Unless otherwise
stated in the Order Form or SOW, invoiced fees are due net 30 days
from the invoice date. Customer is responsible for providing
complete and accurate billing and contact information to Spaceti and
notifying Spaceti of any changes to such information.
-
Overdue Charges. If any invoiced amount is not received by
Spaceti by the due date, then without limiting Spaceti’s rights or
remedies, (a) those charges may accrue late interest at the rate of
1.5% of the outstanding balance per month, or the maximum rate
permitted by law, whichever is lower, and/or (b) Spaceti may
condition future subscription renewals and Order Forms or SOWs on
payment terms shorter than those specified in the “Invoicing and
Payment” section above.
-
Suspension of Service and Acceleration. If any charge owing by
Customer under this or any other agreement for services is 30 days
or more overdue, Spaceti may, without limiting its other rights and
remedies, accelerate Customer’s unpaid fee obligations under such
agreements so that all such obligations become immediately due and
payable, and suspend Services, Professional Services or HW delivery
until such amounts are paid in full, provided that Spaceti will give
Customer at least 10 days’ prior notice that its account is overdue,
in accordance with the “Notices” section below for billing notices,
before suspending services to Customer.
-
Payment Disputes. Spaceti will not exercise its rights under
the “Overdue Charges” or “Suspension of Service” section above if
Customer is disputing the applicable charges reasonably and in good
faith and is cooperating diligently to resolve the dispute.
-
Taxes. Spaceti’s fees do not include any taxes, levies,
duties or similar governmental assessments of any nature, including,
for example, value-added, sales, use or withholding taxes,
assessable by any jurisdiction whatsoever (collectively,
“Taxes”). Customer is responsible for paying all Taxes
associated with its purchases hereunder. If Spaceti has the legal
obligation to pay or collect Taxes for which Customer is responsible
under this section, Spaceti will invoice Customer and Customer will
pay that amount unless Customer provides Spaceti with a valid tax
exemption certificate authorized by the appropriate taxing
authority. For clarity, Spaceti is solely responsible for taxes
assessable against it based on its income, property and employees.
-
PROPRIETARY RIGHTS AND LICENSES
-
Reservation of Rights. Subject to the limited rights
expressly granted hereunder, Spaceti and its Affiliates reserve all of their right, title and interest in and to the
Services, including all of their related intellectual property
rights. No rights
are granted to Customer hereunder other than as expressly set forth
herein.
-
License by Customer to Spaceti. Customer grants Spaceti, its
Affiliates and applicable contractors a worldwide, limited-term
license to host, copy, use, transmit, and display Customer Data, as
appropriate for Spaceti to provide and ensure proper operation of,
the Services and associated systems in accordance with this
Agreement. Subject to the limited licenses granted herein, Spaceti
acquires no right, title or interest from Customer or its licensors
under this Agreement in or to any Customer Data.
-
License by Customer to Use Feedback. Customer grants to
Spaceti and its Affiliates a worldwide, perpetual, irrevocable,
royalty- free license to use and incorporate into its services any
suggestion, enhancement request, recommendation, correction or other
feedback provided by Customer or Users relating to the operation of
Spaceti’s or its Affiliates’ services.
-
CONFIDENTIALITY
-
Definition of Confidential Information. “Confidential
Information” means all information disclosed by a party (“Disclosing Party”) to the other party (“Receiving Party”), whether orally or
in writing, that is designated as confidential or that reasonably
should be understood to be confidential given the nature of the
information and the circumstances of disclosure. Confidential
Information of Customer includes Customer Data; Confidential
Information of Spaceti includes the Services, and the terms and
conditions of this Agreement and all Order Forms (including
pricing). Confidential Information of each party includes business
and marketing plans, technology and technical information, product
plans and designs, and business processes disclosed by such party.
However, Confidential Information does not include any information
that (i) is or becomes generally known to the public without breach
of any obligation owed to the Disclosing Party, (ii) was known to
the Receiving Party prior to its disclosure by the Disclosing Party
without breach of any obligation owed to the Disclosing Party, (iii)
is received from a third party without breach of any obligation owed
to the Disclosing Party, or (iv) was independently developed by the
Receiving Party. For the avoidance of doubt, the non-disclosure
obligations set forth in this “Confidentiality” section apply to
Confidential Information exchanged between the parties in connection
with the evaluation of additional Spaceti services.
-
Protection of Confidential Information. As between the parties, each party retains all
ownership rights in and to its Confidential Information. The
Receiving Party will use the same degree of care that it uses to
protect the confidentiality of its own confidential information of
like kind (but not less than reasonable care) to (i) not use any
Confidential Information of the Disclosing Party for any purpose
outside the scope of this Agreement and (ii) except as otherwise
authorized by the Disclosing Party in writing, limit access to
Confidential Information of the Disclosing Party to those of its and
its Affiliates’ employees and contractors who need that access for
purposes consistent with this Agreement and who have signed
confidentiality agreements with the Receiving Party containing
protections not materially less protective of the Confidential
Information than those herein. Neither party will disclose the terms
of this Agreement or any Order Form to any third party other than
its Affiliates, legal counsel and accountants without the other
party’s prior written consent, provided that a party that makes any
such disclosure to its Affiliate, legal counsel or accountants will
remain responsible for such Affiliate’s, legal counsel’s or
accountant’s compliance with this “Confidentiality” section.
Notwithstanding the foregoing, Spaceti may disclose the terms of
this Agreement and any applicable Order Form to a subcontractor to
the extent necessary to perform Spaceti’s obligations under this
Agreement, under terms of confidentiality materially as protective
as set forth herein.
-
Compelled Disclosure. The Receiving Party may disclose
Confidential Information of the Disclosing Party to the extent
compelled by law to do so, provided the Receiving Party gives the
Disclosing Party prior notice of the compelled disclosure (to the
extent legally permitted) and reasonable assistance, at the
Disclosing Party’s cost, if the Disclosing Party wishes to contest
the disclosure. If the Receiving Party is compelled by law to
disclose the Disclosing Party’s Confidential Information as part of
a civil proceeding to which the Disclosing Party is a party, and the
Disclosing Party is not contesting the disclosure, the Disclosing
Party will reimburse the Receiving Party for its reasonable cost of
compiling and providing secure access to that Confidential
Information.
-
REPRESENTATIONS, WARRANTIES, EXCLUSIVE REMEDIES AND DISCLAIMERS
-
Representations. Each party represents that it has validly
entered into this Agreement and has the legal power to do so.
-
Spaceti Warranties. Spaceti warrants that during an
applicable subscription term (a) this Agreement, the Order Forms and
the Documentation will accurately describe the applicable
administrative, physical, and technical safeguards for protection of
the security, confidentiality and integrity of Customer Data, (b)
Spaceti will not materially decrease the overall security of the
Services,
(c) the Services will perform materially in accordance with the applicable
Documentation, and (d) subject to the “Integration with Non-Spaceti
Applications” section above, Spaceti will not materially decrease the
overall functionality of the Services. For any breach of a warranty above,
Customer’s exclusive remedies are those described in the “Termination” and
“Refund or Payment upon Termination” sections below.
-
-
Disclaimers. EXCEPT AS EXPRESSLY PROVIDED HEREIN, NEITHER
PARTY MAKES ANY WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED,
STATUTORY OR OTHERWISE, AND EACH PARTY SPECIFICALLY DISCLAIMS ALL
IMPLIED WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR
NON-INFRINGEMENT, TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW.
BETA SERVICES ARE PROVIDED “AS IS,” AND AS AVAILABLE EXCLUSIVE OF
ANY WARRANTY WHATSOEVER.
-
MUTUAL INDEMNIFICATION
-
Indemnification by Spaceti. Spaceti will defend Customer against any claim, demand,
suit or proceeding made or brought against Customer by a third party
alleging that any Purchased Service infringes or misappropriates
such third party’s intellectual property rights (a “Claim Against
Customer”), and will indemnify Customer from any damages,
attorney fees and costs finally awarded against Customer as a result
of, or for amounts paid by Customer under a settlement approved by
Spaceti in writing of, a Claim Against Customer, provided Customer
(a) promptly gives Spaceti written notice of the Claim Against
Customer, (b) gives Spaceti sole control of the defense and
settlement of the Claim Against Customer (except that Spaceti may
not settle any Claim Against Customer unless it unconditionally
releases Customer of all liability), and (c) gives Spaceti all
reasonable assistance, at Spaceti’s expense. If Spaceti receives
information about an infringement or misappropriation claim related
to a Service, Spaceti may in its discretion and at no cost to
Customer (i) modify the Services so that they are no longer claimed
to infringe or misappropriate, without breaching Spaceti’s
warranties under “Spaceti Warranties” above, (ii) obtain a
subscription for Customer’s continued use of that Service in
accordance with this Agreement, or (iii) terminate Customer’s
subscriptions for that Service upon 30 days’ written notice and
refund Customer any prepaid fees covering the remainder of the term
of the terminated subscriptions. The above defense and
indemnification obligations do not apply if (1) the allegation does
not state with specificity that the Services are the basis of the
Claim Against Customer; (2) a Claim Against Customer arises from the
use or combination of the Services or any part thereof with
software, hardware, data, or processes not provided by Spaceti, if
the Services or use thereof would not infringe without such
combination; (3) a Claim Against Customer arises from
Services under an Order Form for which there is no charge; or (4) a
Claim against Customer arises from Customer’s breach of this
Agreement, the Documentation or applicable Order Forms.
-
Indemnification by Customer. Customer will defend Spaceti and
its Affiliates against any claim, demand, suit or proceeding made or
brought against Spaceti by a third party alleging that any Customer
Data or Customer’s use of Customer Data with the Services, infringes
or misappropriates such third party’s intellectual property rights,
or arising from Customer’s use of the Services in an unlawful manner
or in violation of the Agreement, the Documentation, or Order Form
(each a “Claim Against Spaceti”), and will indemnify Spaceti
from any damages, attorney fees and costs finally awarded against
Spaceti as a result of, or for any amounts paid by Spaceti under a
settlement approved by Customer in writing of, a Claim Against
Spaceti, provided Spaceti (a) promptly gives Customer written notice
of the Claim Against Spaceti, (b) gives Customer sole control of the
defense and settlement of the Claim Against Spaceti (except that
Customer may not settle any Claim Against Spaceti unless it
unconditionally releases Spaceti of all liability), and (c) gives
Customer all reasonable assistance, at Customer’s expense. The above
defense and indemnification obligations do not apply if a Claim
Against Spaceti arises from Spaceti’s breach of this Agreement, the
Documentation or applicable Order Forms.
-
Mutual Indemnity. Each party (the “Provider”) will
defend the other party (the “Recipient”) against any Claim
made or brought against the Recipient by a third party alleging that
any information, design, specification, instruction, software, data
or material furnished by the Provider in the course of providing or
receiving Professional Services (the “Material”) infringes or
misappropriates such third party’s intellectual property rights, and
will indemnify the Recipient from any damages, attorneys fees and
costs finally awarded against the Recipient as a result of, or for
amounts paid by Recipient under a settlement approved in writing by
Provider of, any such Claim, provided that the Recipient: (a)
promptly gives the Provider written notice of the Claim; (b) gives
the Provider sole control of the defense and settlement of the Claim
(except that the Provider may not settle any Claim unless it
unconditionally releases the Recipient of all liability); and (c)
gives the Provider all reasonable assistance, at the Provider’s
cost. The Provider will have no liability for any such Claim to the
extent that (i) it arises from specifications or other Material
provided by the other party, or (ii) such claim is based on the
Recipient’s use of a superseded or altered version of Material if
infringement or misappropriation would have been avoided by the use
of a subsequent or unaltered version of the Material that was
provided to the Recipient. In the event that some or all of the
Material is held or is reasonably believed by the Provider to
infringe or misappropriate, the Provider may in its discretion and
at no cost to the Recipient (A) modify or replace the Material so it
is no longer claimed to infringe or misappropriate, (B) obtain a
license for the Recipient’s continued use of the Material in
accordance with this Agreement, or (C) require return of the
affected Material and all rights thereto from the Recipient. If the
Provider exercises option (C), either party may terminate the
relevant SOW upon 10 days’ written notice given within 30 days after
the Provider’s exercise of such option, subject to the “Payment Upon
Termination” section below.
-
Exclusive Remedy. This “Mutual Indemnification” section
states the indemnifying party’s sole liability to, and the
indemnified party’s exclusive remedy against, the other party for
any third party claim described in this section.
-
LIMITATION OF LIABILITY
-
Limitation of Liability.
Subject to the “Exclusion of Consequential and Related Damages” and
“Limitation of Restrictions” sections below, in no event shall the
aggregate liability of each party together with all of its
Affiliates arising out of or related to this Agreement (whether in
contract or tort or under any other theory of liability) exceed the
total amount paid by Customer and its Affiliates hereunder in the
twelve months preceding the first incident out of which the
liability arose. The foregoing limitation will not limit Customer’s
and its Affiliates’ payment obligations under the “Fees and Payment”
section above.
-
Exclusion of Consequential and Related Damages.
Subject to section the “Limitation of Restrictions” section below,
in no event shall either party or its Affiliates have any liability
to the other party or its Affiliates under or in relation to this
Agreement whether in contract, tort or under any other theory of
liability for:
-
-
-
any financial damages as a result of loss or damage to property,
economic loss, cost of replacement services, loss of profits,
loss of revenue, loss of orders, loss of goodwill, and/or loss
resulting from damage to image or reputation in each case
whether direct or indirect, or
-
any indirect or consequential loss or damage arising from or
related to this Agreement,
howsoever caused and whether or not such losses are foreseeable, even if
that party or its Affiliate has been advised (or is otherwise aware) of
the possibility of such losses in advance.
-
-
Limitation of Restrictions.
Nothing in this “Limitation of Liability” section shall exclude or
limit the liability of either party or its Affiliates for gross
negligence or intentional misconduct of such party or its senior
management, death or personal injury caused by that party’s or its
Affiliate’s negligence or for fraud or fraudulent misrepresentation
or for any other liability to the extent that the same may not be
excluded or limited as a matter of applicable law.
-
TERM AND TERMINATION
-
Term of Agreement. This Agreement commences on the Effective
Date and continues until all Services subscriptions hereunder have
expired or have been terminated, Professional Services and HW were
accepted and their warranty (if applicable) expired.
-
Term of Purchased Subscriptions. The term of each
subscriptions shall be as specified in the applicable Order Form.
Except as otherwise specified in an Order Form, subscriptions will
automatically renew for additional periods equal to the expiring
subscription term or one year (whichever is shorter), unless either
party gives the other notice of non-renewal at least 30 days before
the end of the relevant subscription term. The per-unit pricing
during any renewal term will increase by up to 7% above the
applicable pricing in the prior term, unless Spaceti provides
Customer notice of different pricing at least 60 days prior to the applicable renewal term. Except as expressly provided in the
applicable Order Form, renewal of promotional or one-time priced
subscriptions will be at Spaceti’s applicable list price in effect
at the time of the applicable renewal. Notwithstanding anything to
the contrary, any renewal in which subscription volume for any
Services has decreased from the prior term will result in re-
pricing at renewal without regard to the prior term’s per-unit
pricing.
-
Termination. A party may terminate this Agreement for cause
(i) upon 30 days written notice to the other party of a material
breach if such breach remains uncured at the expiration of such
period, or (ii) if the other party becomes the subject of a petition
in bankruptcy or any other proceeding relating to insolvency,
receivership, liquidation or assignment for the benefit of
creditors.
-
Refund or Payment upon Termination. Upon any termination of
the Agreement or SOW, Customer will pay, in accordance with the
“Invoicing and Payment” section of this Agreement, any unpaid fees
and expenses for Professional Services incurred on or before the
termination date (such Professional Services fees to be paid on a
time-and-materials or percent-of-completion basis, as appropriate).
If this Agreement is terminated by Customer in accordance with the
“Termination” section above, Spaceti will refund Customer any
prepaid fees covering the remainder of the term of all Order Forms
after the effective date of termination and any fees for
Professional Services not yet received. If this Agreement is terminated by Spaceti in accordance with the
“Termination” section above, Customer will pay any unpaid fees
covering the remainder of the term of all Order Forms and any
pre-paid fees for Professional Services charged on a fixed-fee basis
are non-refundable, to the extent permitted by applicable law. In no
event will termination relieve Customer of its obligation to pay any
fees for Services payable to Spaceti for the period prior to the
effective date of termination.
-
Surviving Provisions. The sections titled “Free Services,”
“Fees and Payment,” “Proprietary Rights and Licenses,”
“Confidentiality,” “Disclaimers,” “Mutual Indemnification,”
“Limitation of Liability,” “Refund or Payment upon Termination,”
“Surviving Provisions” and “General Provisions” will survive any
termination or expiration of this Agreement, and the section titled
“Protection of Customer Data” will survive any termination or
expiration of this Agreement for so long as Spaceti retains
possession of Customer Data.
-
GENERAL PROVISIONS
-
Export Compliance. The Services, other Spaceti technology,
and derivatives thereof may be subject to export laws and
regulations of the European Union, Czech Republic and other
jurisdictions. Spaceti and Customer each represents that it is not
named on any European Union or Czech government denied-party list.
Customer will not permit any User to access or use any Service in a
European Union or Czech-embargoed country or region or in violation
of any E.U. or Czech export law or regulation.
-
Anti-Corruption. Neither party has received or been offered
any illegal or improper bribe, kickback, payment, gift, or thing of
value from an employee or agent of the other party in connection
with this Agreement. Reasonable gifts and entertainment provided in
the ordinary course of business do not violate the above
restriction.
-
Entire Agreement and Order of Precedence. This Agreement is
the entire agreement between Spaceti and Customer regarding
Customer’s use of Services, Professional Services and purchase of HW
and supersedes all prior and contemporaneous agreements, proposals
or representations, written or oral, concerning its subject matter.
The parties agree that any term or condition stated in a Customer
purchase order or
in any other Customer order documentation (excluding Order Forms) is
void. In the event of any conflict or inconsistency among the
following documents, the order of precedence shall be: (1) the
applicable Order Form or SOW, (2) any addenda, annex, schedule or
exhibit to this Agreement, (3) this Agreement, and (4) the
Documentation. Titles and headings of sections of this Agreement are
for convenience only and shall not affect the construction of any
provision of this Agreement.
-
Relationship of the Parties. The parties are independent
contractors. This Agreement does not create a partnership,
franchise, joint venture, agency, fiduciary or employment
relationship between the parties. Each party will be solely
responsible for payment of all compensation owed to its employees,
as well as all employment-related taxes.
-
Third-Party Beneficiaries.
There are no third-party beneficiaries under this Agreement.
-
Waiver. No failure or delay by either party in exercising any
right under this Agreement will constitute a waiver of that right.
-
Severability. If any provision of this Agreement is held by a
court of competent jurisdiction to be contrary to law, the provision
will be deemed null and void, and the remaining provisions of this
Agreement will remain in effect.
-
Assignment. Neither party may assign any of its rights or
obligations hereunder, whether by operation of law or otherwise,
without the other party’s prior written consent (not to be
unreasonably withheld); provided, however, either party may assign
this Agreement in its entirety (including all Order Forms and SOWs),
without the other party’s consent to its Affiliate or in connection
with a merger, acquisition, corporate reorganization, or sale of all
or substantially all of its assets. Notwithstanding the foregoing,
if a party is acquired by, sells substantially all of its assets to,
or undergoes a change of control in favor of, a direct competitor of
the other party, then such other party may terminate this Agreement
upon written notice. In the event of such a termination, Spaceti
will refund Customer any prepaid fees covering the remainder of the
term of all subscriptions for the period after the effective date of
such termination. Subject to the foregoing, this Agreement will bind
and inure to the benefit of the parties, their respective successors
and permitted assigns.
-
No Agency. For the avoidance of doubt, Spaceti is entering
into this Agreement as principal and not as agent for any other
Spaceti company. Subject to any permitted Assignment under the
“Assignment” section below, the obligations owed by Spaceti under
this Agreement shall be owed to Customer solely by Spaceti and the
obligations owed by Customer under this Agreement shall be owed
solely to Spaceti.
-
Notices. Except as otherwise specified in this Agreement, all
notices related to this Agreement will be in writing and will be
effective upon (a) personal delivery, (b) the second business day
after mailing, or (c) except for notices of termination or an
indemnifiable claim (“Legal Notices”), the day of sending by email.
Notices to Spaceti will be addressed to the attention of Legal team
to the Spaceti’s registered address, e-mail: legal@spaceti.com; or
as updated by Spaceti via written notice to Customer. Billing-related notices to Customer will be addressed to the
relevant billing contact designated by Customer, and Legal Notices
to Customer will be addressed to Customer and be clearly
identifiable as Legal Notices. All other notices to Customer will be
addressed to the relevant Services system administrator designated
by Customer.
-
Governing Law. This Agreement, and any disputes arising out
of or related hereto, will be governed exclusively by the laws of
the Czech Republic.
-
Venue. The courts located in Prague, the Czech Republic, will
have exclusive jurisdiction over any dispute relating to this
Agreement, and each party consents to the exclusive jurisdiction of
those courts.
-
Counterparts. This Agreement may be executed electronically
and in counterparts.
- Attachments:
Exhibit A – Data Processing Addendum
Exhibit A
DATA PROCESSING ADDENDUM
This Data Processing Addendum, including its Schedules, (“DPA”)
forms part of the Master Services Agreement between Spaceti and Customer
for the purchase of services from Spaceti (the “Agreement”) to
reflect the parties’ agreement with regard to the Processing of Personal
Data.
All capitalized terms not defined herein shall have the meaning set forth
in the Agreement.
In the course of providing the Services to Customer pursuant to the
Agreement, Spaceti may Process Personal Data on behalf of Customer and the
Parties agree to comply with the following provisions with respect to any
Personal Data, each acting reasonably and in good faith:
“Controller” means the entity which determines the purposes and
means of the Processing of Personal Data.
“Data Protection Laws and Regulations” means all laws and
regulations, including laws and regulations of the European Union, the
European Economic Area and their member states, Switzerland and the United
Kingdom, applicable to the Processing of Personal Data under the
Agreement.
“Data Subject” means the identified or identifiable person to whom
Personal Data relates.
“GDPR” means the Regulation (EU) 2016/679 of the European
Parliament and of the Council of 27 April 2016 on the protection of
natural persons with regard to the processing of personal data and on the
free movement of such data, and repealing Directive 95/46/EC (General Data
Protection Regulation).
“Personal Data” means any information relating to (i) an identified
or identifiable natural person and, (ii) an identified or identifiable
legal entity (where such information is protected similarly as personal
data or personally identifiable information under applicable Data
Protection Laws and Regulations), where for each (i) or (ii), such data is
Customer Data.
“Processing” means any operation or set of operations which is
performed upon Personal Data, whether or not by automatic means, such as
collection, recording, organization, structuring, storage, adaptation or
alteration, retrieval, consultation, use, disclosure by transmission,
dissemination or otherwise making available, alignment or combination,
restriction, erasure or destruction.
“Processor” means the entity which Processes Personal Data on
behalf of the Controller.
“Security Documentation” means the Security Documentation applicable to the specific Services
purchased by Customer, as updated from time to time, and accessible via
login to the applicable Service, or as otherwise made reasonably available
by Spaceti. The Security Documentation as of Effective Date is attached as
Schedule 2 to this DPA.
“Spaceti Group” means Spaceti and its Affiliates engaged in the
Processing of Personal Data.
“Sub-processor” means any Processor engaged by Spaceti or a member
of the Spaceti Group.
“Supervisory Authority” means an independent public authority which
is established by an EU Member State pursuant to the GDPR.
-
PROCESSING OF PERSONAL DATA
-
Roles of the Parties. The parties acknowledge and agree that
with regard to the Processing of Personal Data, Customer is the
Controller, Spaceti is the Processor and that Spaceti or members of
the Spaceti Group will engage Sub-processors pursuant to the
requirements set forth in Section 5 “Sub-processors” below.
-
Customer’s Processing of Personal Data. Customer shall, in
its use of the Services and Professional Services, Process Personal
Data in accordance with the requirements of Data Protection Laws and
Regulations. For the avoidance of doubt, Customer’s instructions for
the Processing of Personal Data shall comply with Data Protection
Laws and Regulations. Customer shall have sole responsibility for
the accuracy, quality, and legality of Personal Data and the means
by which Customer acquired Personal Data.
-
Spaceti’s Processing of Personal Data. Spaceti shall treat
Personal Data as Confidential Information and shall only Process
Personal Data on behalf of and in accordance with Customer’s
documented instructions for the following purposes: (i) Processing
in accordance with the Agreement and applicable Order Form(s) or
SOW(s); (ii) Processing initiated by Users in their use of the
Services; and (iii) Processing to comply with other documented
reasonable instructions provided by Customer (e.g., via email) where
such instructions are consistent with the terms of the Agreement.
-
Details of the Processing. The subject-matter of Processing
of Personal Data by Spaceti is the performance of the Services and
Professional Services, if applicable, pursuant to the Agreement. The
duration of the Processing, the nature and purpose of the
Processing, the types of Personal Data and categories of Data
Subjects Processed under this DPA are further specified in Schedule
1 (Details of the Processing) to this DPA.
-
RIGHTS OF DATA SUBJECTS
-
Data Subject Request. Spaceti shall, to the extent legally
permitted, promptly notify Customer if Spaceti receives a request
from a Data Subject to exercise the Data Subject’s right of access,
right to rectification, restriction of Processing, erasure (“right
to be forgotten”), data portability, object to the Processing, or
its right not to be subject to an automated individual decision
making, each such request being a “Data Subject Request”. Taking
into account the nature of the Processing, Spaceti shall assist
Customer by appropriate technical and organizational measures,
insofar as this is possible, for the fulfilment of Customer’s
obligation to respond to a Data Subject Request under Data
Protection Laws and Regulations. In addition, to the extent
Customer, in its use of the Services, does not have the ability to
address a Data Subject Request, Spaceti shall upon Customer’s
request provide commercially reasonable efforts to assist Customer
in responding to such Data Subject Request, to the extent Spaceti is
legally permitted to do so and the response to such Data Subject
Request is required under Data Protection Laws and Regulations. To
the extent legally permitted, Customer shall be responsible for any
costs arising from Spaceti’s provision of such assistance.
-
SPACETI PERSONNEL
-
Confidentiality. Spaceti shall ensure that its personnel
engaged in the Processing of Personal Data are informed of the
confidential nature of the Personal Data, and have executed written
confidentiality agreements. Spaceti shall ensure that such
confidentiality obligations survive the termination of the personnel
engagement.
-
Limitation of Access. Spaceti shall ensure that Spaceti’s
access to Personal Data is limited to those personnel performing
Services and Professional Services in accordance with the Agreement.
-
Data Protection Officer. Members of the Spaceti Group have
appointed a data protection officer. The appointed person may be
reached at legal@spaceti.com.
-
SUB-PROCESSORS
-
Appointment of Sub-processors. Customer acknowledges and
agrees that (a) Spaceti’s Affiliates may be retained as Sub-
processors; and (b) Spaceti and Spaceti’s Affiliates respectively
may engage third-party Sub-processors in connection with the
provision of the Services and Professional Services. Spaceti or a
Spaceti Affiliate has entered into a written agreement with each
Sub-processor containing data protection obligations not less
protective than those in this Agreement with respect to the
protection of Personal Data to the extent applicable to the nature
of the Services and Professional Services provided by such
Sub-processor.
-
List of Current Sub-processors and Notification of New
Sub-processors. Spaceti shall make available to Customer the current list of
Sub-processors. Such Sub-processor lists shall include the
identities of those Sub-processors and their country of location
(the “Infrastructure and Sub-processor Documentation”).
Spaceti shall make available to Customer the up-to date
Infrastructure and Sub-processor Documentation as well as a
mechanism to subscribe to notifications of new Sub-processors to
which Customer shall subscribe, and if Customer subscribes, Spaceti
shall provide notification of a new Sub-processor(s) before
authorizing any new Sub-processor(s) to Process Personal Data in
connection with the provision of the applicable Services. The
Infrastructure and Sub-processor Documentation for Services, as of
Effective Date, is for reference purposes only attached as Schedule
3 hereto.
-
Objection Right for New Sub-processors. Customer may object
to Spaceti’s use of a new Sub-processor by notifying Spaceti
promptly in writing within ten (10) business days after receipt of
Spaceti’s notice in accordance with the mechanism set out in Section
5.2 hereof. In the event Customer objects to a new Sub-processor, as
permitted in the preceding sentence, Spaceti will use reasonable
efforts to make available to Customer a change in the Services or
Professional Services or recommend a commercially reasonable change
to Customer’s configuration or use of the Services or Professional
Services to avoid Processing of Personal Data by the objected-to new
Sub- processor without unreasonably burdening Customer. If Spaceti
is unable to make available such change within a reasonable period
of time, which shall not exceed thirty (30) days, Customer may
terminate the applicable Order Form(s) or SOW(s) with respect only
to those Services or Professional Services which cannot be provided
by Spaceti without the use of the objected-to new Sub-processor by
providing written notice to Spaceti. Spaceti will refund Customer
any prepaid fees covering the remainder of the term of such Order
Form(s) or SOW(s) following the effective date of termination with
respect to such terminated Services or Professional Services,
without imposing a penalty for such termination on Customer.
-
Liability. Spaceti shall be liable for the acts and omissions
of its Sub-processors to the same extent Spaceti would be liable if
performing the services of each Sub-processor directly under the
terms of this DPA.
-
SECURITY
-
Controls for the Protection of Personal Data. Spaceti shall
maintain appropriate technical and organizational measures for
protection of the security (including protection against
unauthorized or unlawful Processing and against accidental or
unlawful destruction, loss or alteration or damage, unauthorized
disclosure of, or access to, Customer Data), confidentiality and
integrity of Customer Data, as set forth in the Security
Documentation. Spaceti regularly monitors compliance with these
measures. Spaceti will not materially decrease the overall security
of the Services during a subscription term.
-
Cooperation and Audits. Spaceti shall make available to
Customer such information as is requested by Customer to demonstrate
its compliance with applicable statutory obligations, in a commonly
used and machine-readable format. In cases of official requests of
data protection authorities with jurisdiction over the Processing
hereunder, or, in case Customer has reasonable grounds to assume
that a Customer Data Incident has taken place, Customer may upon at
least fourteen (14) days prior written notice to Spaceti conduct a
site visit of the applicable Spaceti operations center at Customer’s
expense by a representative of Customer or its independent third
party auditor (always not a direct competitor of Spaceti). Such
audits shall be carried out at normal business hours without
disrupting the on-going business operations of Spaceti. Spaceti may
make the audits dependent on the signing of a nondisclosure
agreement with Spaceti.
- CUSTOMER DATA INCIDENT NOTIFICATION
Spaceti shall notify Customer without undue delay after becoming aware of
the accidental or unlawful destruction, loss, alteration, unauthorized
disclosure of, or access to Customer Data, including Personal Data,
transmitted, stored or otherwise Processed by Spaceti or its
Sub-processors of which Spaceti becomes aware (a “Customer Data Incident”). Spaceti shall make reasonable efforts to identify the cause of such
Customer Data Incident and take those steps as Spaceti deems necessary and
reasonable in order to remediate the cause of such a Customer Data
Incident to the extent the remediation is within Spaceti’s reasonable
control. The obligations herein shall not apply to incidents that are
caused by Customer or Customer’s Users.
- RETURN AND DELETION OF CUSTOMER DATA
The procedure is set forth in Section 2.2 of the Agreement.
Spaceti shall ensure that the transfer of Personal Data which are
undergoing Processing or are intended for Processing after transfer to a
third country shall take place only if such transfer meets the conditions
outlined in the GDPR, specifically Chapter V.
-
EUROPEAN SPECIFIC PROVISIONS
-
GDPR. Spaceti will Process Personal Data in accordance with
the GDPR requirements directly applicable to Spaceti’s provision of
its Services or Professional Services.
-
Data Protection Impact Assessment. Upon Customer’s request,
Spaceti shall provide Customer with reasonable cooperation and
assistance needed to fulfil Customer’s obligation under the GDPR to
carry out a data protection impact assessment related to Customer’s
use of the Services or Professional Services, to the extent Customer
does not otherwise have access to the relevant information, and to
the extent such information is available to Spaceti. Spaceti shall
provide reasonable assistance to Customer in the cooperation or
prior consultation with the Supervisory Authority in the performance
of its tasks relating to Section 10.2 of this DPA, to the extent
required under the GDPR.
List of Schedules
Schedule 1: Details of the Processing
Schedule 2: Security Documentation (as of Effective Date)
Schedule 3: Spaceti Infrastructure and Sub-processors (as of Effective
Date)
SCHEDULE 1 – DETAILS OF THE PROCESSING
Nature and Purpose of Processing
Spaceti will Process Personal Data as necessary to perform the Services or
Professional Services pursuant to the Agreement, as further specified in
the Documentation, and as further instructed by Customer in its use of the
Services or Professional Services.
Duration of Processing
Subject to Section 8 of the DPA, Spaceti will Process Personal Data for
the duration of the Agreement, unless otherwise agreed upon in writing.
Categories of Data Subjects
Customer may submit Personal Data to the Services, the extent of which is
determined and controlled by Customer in its sole discretion, and which
may include, but is not limited to Personal Data relating to the following
categories of data subjects:
-
-
-
- Employees or visitors of Customer
-
Agents, advisors, freelancers of Customer (who are natural
persons)
-
Customer’s Users authorized by Customer to use the Services
Type of Personal Data
Customer may submit Personal Data to the Services, the extent of which is
determined and controlled by Customer in its sole discretion, and which
may include, but is not limited to the following categories of Personal
Data:
-
-
-
- First and last name
- Title
- Position
- Employer
-
Contact information (company, email, phone, physical
business address)
- ID data
- Professional life data
- Personal life data
- Connection data
- Localisation data
SCHEDULE 2 – SECURITY DOCUMENTATION
(As of Effective Date)
|
Spaceti has implemented the following technical and organizational
security measures to provide the ongoing confidentiality, integrity,
availability and resilience of processing systems and services:
Spaceti has implemented the following technical and organizational
security measures to protect the confidentiality of processing
systems and services, in particular:
|
-
Spaceti processes all customer data on remote server sites owned
and operated by industry leading cloud service providers that
offer highly sophisticated measures to protect against
unauthorized persons gaining access to data processing equipment
(namely telephones, database and application servers and related
hardware). Such
measures include:
|
-
a layered security model, including safeguards like
custom-designed electronic access cards, alarms, vehicle access
barriers, perimeter fencing, metal detectors, and biometrics,
and the data center floor features laser beam intrusion
detection;
-
data centers are monitored 24/7 by high-resolution interior and
exterior cameras that can detect and track intruders;
-
access logs, activity records, and camera footage are available
in case an incident occurs;
-
data centers are also routinely patrolled by experienced
security guards who have undergone rigorous background checks
and training;
-
access to the data center floor is only possible via a security
corridor which implements multi-factor access control using
security badges and biometrics;
-
only approved employees with specific roles may enter.
|
|
-
Spaceti implements suitable measures to prevent its data
processing systems from being used by unauthorized persons. This
is accomplished by:
|
-
automatic time-out of user terminal if left idle, identification
and password required to reopen;
|
- issuing and safeguarding identification codes;
-
letting customers define individual user accounts with
permissions across Spaceti resources;
|
|
-
Spaceti’s employees entitled to use its data processing systems
are only able to access Personal Data within the scope of and to
the extent covered by their respective access permission
(authorization). In particular, access rights and levels are based on employee
job function and role, using the concepts of least-privilege and
need-to-know to match access privileges to defined
responsibilities. This is accomplished by:
|
-
limited access to Personal Data to only authorized persons;
|
- industry standard encryption; and
|
|
|
Spaceti has implemented the following technical and organizational
security measures to protect the integrity of processing systems
and services, in particular:
|
-
Spaceti implements suitable measures to prevent Personal Data
from being read, copied, altered or deleted by unauthorized
parties during the transmission thereof or during the transport
of the data media. This is accomplished by:
|
-
use of state-of-the-art firewall and encryption technologies to
protect the gateways and pipelines through which the data
travels;
|
- industry standard encryption; and
|
-
avoiding the storage of Personal Data on portable storage media
for transportation purposes and on company issued laptops or
other mobile devices.
|
|
-
Spaceti does not access any customer content except as necessary
to provide that customer with the Spaceti products and
professional services it has selected. Spaceti does not access
customers’ content for any other purposes. Accordingly, Spaceti
does not know what content customers choose to store on its
systems and cannot distinguish between Personal Data and other
content, so Spaceti treats Customer Data the same. In this way,
Customer Data benefits from the same robust Spaceti security
measures, whether this content includes Personal Data or
not.
|
|
Spaceti has implemented the following technical and organizational
security measures to protect the availability of processing
systems and services, in particular:
|
-
Spaceti implements suitable measures to provide that Personal
Data is protected from accidental destruction or loss. This is
accomplished by:
|
- infrastructure redundancy;
|
-
policies prohibiting permanent local (work station) storage of
Personal Data; and
|
- performing regular data back-ups.
|
|
Spaceti has implemented the following technical and organizational
security measures to protect the resilience of processing systems and
services, in particular:
-
Spaceti designs the components of its platform to be highly
resilient. This is
accomplished by:
-
selection of best-in-class infrastructure providers with data centres
that have daily backups with an assured uptime and availability of
99.9999% by the service providers.
SCHEDULE 3
Spaceti Infrastructure and Sub-processors
(As of Effective Date)
Scope
This documentation describes the infrastructure environment and
sub-processors and certain other entities material to Spaceti’s provision
of the Services.
Capitalized terms used in this documentation are defined in Spaceti’s
Master Services Agreement and/or Data Processing Addendum. In the event of
conflict, the Data Processing Addendum definition shall prevail.
Infrastructure – Personal Data Storage
The following table describes the countries and legal entities engaged in
the storage of Personal Data submitted by customers to the Services.
| Entity |
Entity Type |
Country |
| Amazon Web Services, Inc. |
Third-party hosting provider |
|
| Heroku |
Third-party hosting provider |
|
Personal Data Processing
The following legal entities are engaged in processing Personal Data for
non-storage purposes.
| Entity Name |
Entity Type |
Entity Country |
| spaceti s.r.o. |
Spaceti HQ |
|
Network Providers
The Services may use network providers to provide the Services, for
security purposes, to support user authentication, and to optimize content
delivery (the “Network Providers”). Spaceti uses Network Providers
to provide private network capabilities and also to provide Content
Delivery Network services (the “CDN”). CDN are commonly used
systems of distributed services that deliver content based on the
geographic location of the individual accessing the content and the origin
of the content provider. Content items to be served to subscribers or end
users, such as images or attachments uploaded to the Services, may be
stored with a CDN to expedite transmission, and information transmitted
across a CDN may be accessed by the CDN to enable its functions. The
following describes use of Network Providers by the Services:
| Network provider used |
Location |
Description of Services |
| Google |
Global |
Spaceti may use Google Firebase CDN services to provide the Services
and to optimize content delivery via the Services.
|
| Vodafone |
Global |
Spaceti may use Vodafone to provide the Services to enable more
private communication between sensors used for the provision of the
Services by creating a private network.
|
Spaceti customers may subscribe to notifications of new sub-processors by
sending an e-mail to legal@spaceti.com.
_______________________________________________________________________________________________________________________________________
MASTER SERVICES AGREEMENT – NORTH AMERICA
| Customer Full Legal Name: |
|
| Customer Address: |
|
This Master Services Agreement is between
Spaceti Ltd. a limited liability company having its registered office
at in the State of Delaware
(“SPACETI”) and the customer named above. This
Agreement is effective as of the last date beneath the parties’ signatures
below or the last date of the parties’ signatures on the Order Form or SOW
where these terms are incorporated (the “Effective Date”). The parties agree as follows:
1. DEFINITIONS
“Affiliate” means any entity that directly or indirectly
controls, is controlled by, or is under common control with the subject
entity. “Control,” for purposes of this definition, means
direct or indirect ownership or control of more than 50% of the voting
interests of the subject entity.
“Agreement” means this Master Services Agreement.
“Beta Services” means SPACETI services
or functionality that may be made available to Customer to try at its
option at no additional charge which is clearly designated as beta, pilot,
limited release, developer preview, non-production, evaluation, or by a
similar description.
“Customer” means the entity named above and Affiliates of
that company or entity (for so long as they remain Affiliates) which have
entered into Order Forms.
“Customer Data” means electronic data and information
submitted by or for Customer to the Services, excluding Non-SPACETI
Applications.
“Documentation” means the applicable Service’s product
description documentation in the Order Form, Security Documentation and
Infrastructure and Sub-processors (both as defined in the DPA) and its
usage guide and policy, as updated from time to time, accessible via login
to the applicable Service.
“Free Services” means Services that SPACETI makes
available to Customer free of charge. Free Services exclude Services
offered as Purchased Services.
“Malicious Code” means code, files, scripts, agents or
programs intended to do harm, including, for example, viruses, worms, time
bombs and Trojan horses.
“Non-Spaceti Application” means a Web-based, mobile,
offline or other software application functionality that interoperates
with a Service, that is provided by Customer or a third party. Non-Spaceti
Applications, other than those obtained or provided by Customer, will be
identifiable as such.
“Normal Working Hours” means the time between 9:00 AM and
6:00 PM in New York City, USA on a Business Day where Business Day means
any day that is not a Saturday, Sunday or public holiday in the United
States of America.
“Order Form” means an ordering document or online order
specifying the Services and Hardware to be provided hereunder that is
entered into between Customer and SPACETI or any of their Affiliates,
including any addenda and supplements thereto. By entering into an Order
Form hereunder, an Affiliate agrees to be bound by the terms of this
Agreement as if it were an original party hereto.
“Purchased Services” means Services that Customer or
Customer’s Affiliate purchases under an Order Form or online purchasing
portal, as distinguished from Free Services.
“Services” means the online SW products and services that
are ordered by Customer under an Order Form or online purchasing portal,
or provided to Customer free of charge (as applicable) or under a free
trial, and made available online by SPACETI, including associated SPACETI
offline or mobile components, as described in the Documentation.
“Services” exclude Hardware, Professional Services and Non-Spaceti
Applications.
“Professional Services” refer to the pre-sale and
post-sale support, installation/ implementation, trainings, warranty and
post-warranty servicing, maintenance, technical services including but not
limited to certain analysis, floor plan digitalization, product
modifications/enhancement, technical consulting support provided by
SPACETI to Customer under terms specified in an Order Form or SOW and this
Agreement.
“SOW” means a Statement of Work describing Professional
Services to be provided hereunder, that is entered into between Customer
and SPACETI or any of their Affiliates or which is incorporated into an
Order Form that is entered into between Customer and SPACETI or any of
their Affiliates. By entering into a SOW hereunder, an Affiliate agrees to
be bound by the terms of this Agreement as if it were an original party
hereto.
“User” means, in the case of an individual accepting
these terms on his or her own behalf, such individual, or, in the case of
an individual accepting this Agreement on behalf of a company or other
legal entity, an individual who is authorized by Customer to use a
Service, for whom Customer has purchased a subscription (or in the case of
any Services provided by SPACETI without charge, for whom a Service has
been provisioned), and to whom Customer (or, when applicable, SPACETI at
Customer’s request) has supplied a user identification and password (for
Services utilizing authentication). Users may include, for example,
employees, consultants, contractors and agents of Customer or Customer
Affiliates, and third parties with which Customer or Customer Affiliate
transacts business.
2. SPACETI
RESPONSIBILITIES
-
Provision of Purchased Services. SPACETI will (a) make
the Services available to Customer pursuant to this Agreement, and the
applicable Order Forms, SOWs and Documentation, (b) provide applicable
SPACETI standard support for the Purchased Services to Customer at no
additional charge, and/or upgraded support if purchased, (c) use
commercially reasonable efforts to make the Purchased Services available
24 hours a day, 7 days a week, except for: (i) planned downtime (of
which SPACETI shall give advance electronic notice), and (ii) any
unavailability caused by circumstances beyond SPACETI’s reasonable
control, such as act of Force Majeure, Internet connection failure or
delay, Non-Spaceti Application, or denial of service attack, and (d)
provide the Services in accordance with laws and government regulations
applicable to SPACETI’s provision of its Services to its customers
generally, and subject to Customer’s use of the Services in accordance
with this Agreement, the Documentation and the applicable Order Form or
SOW.
-
Protection of Customer SPACETI will maintain
appropriate administrative, physical, and technical safeguards for
protection of the security, confidentiality and integrity of Customer
Data, as described in the Documentation. Those safeguards will include,
but will not be limited to, measures designed to prevent unauthorized
access to or disclosure of Customer Data (other than by Customer or
Users). The data processing addendum is attached as Exhibit A (the
“DPA”) and shall apply to the extent Customer Data
includes Personal Data, as defined in the DPA. Upon request by Customer
made within 30 days after the effective date of termination or
expiration of this Agreement, SPACETI will make Customer Data available
to Customer for export or download in commonly-readable format. After
such 30-day period, SPACETI will have no obligation to maintain or
provide any Customer Data, will thereafter delete all copies of Customer
Data in its systems or otherwise in its possession or control, unless
legally prohibited.
-
SPACETI Personnel. SPACETI will be responsible for the
performance of its personnel (including its employees and contractors)
and their compliance with SPACETI’s obligations under this Agreement.
-
Beta Services. From time to time, SPACETI may make Beta
Services available to Customer at no charge. Customer may choose to try
such Beta Services or not in its sole discretion. Beta Services are
intended for evaluation purposes and not for production use, are not
supported, and may be subject to additional terms. Beta Services are not
considered “Services” under this Agreement, however, all restrictions,
SPACETI’s reservation of rights and Customer obligations concerning the
Services, and use of any related Non-Spaceti Applications, shall apply
equally to Customer’s use of Beta Services. Unless otherwise stated, any
Beta Services trial period will expire upon the earlier of one year from
the trial start date or the date that a version of the Beta Services
becomes generally available without the applicable Beta Services
designation. SPACETI may discontinue Beta Services at any time in
SPACETI’s sole discretion and may never make them generally available.
SPACETI will have no liability for any harm or damage arising out of or
in connection with a Beta Service.
-
Free SPACETI may make Free Services available to
Customer. Use of Free Services is subject to the terms and conditions of
this Agreement. In the event of a conflict between this section and any
other portion of this Agreement, this section shall control. Free
Services are provided to Customer without charge up to certain limits as
described in the Documentation or Order Form. Usage over these limits
requires Customer’s purchase of additional resources or services.
Customer agrees that SPACETI, in its sole discretion and for any or no
reason, may terminate Customer’s access to the Free Services or any part
thereof. Customer agrees that any termination of Customer’s access to
the Free Services may be without prior notice, and Customer agrees that
SPACETI will not be liable to Customer or any third party for such
termination. Customer is solely responsible for exporting Customer Data
from the Free Services prior to termination of Customer’s access to the
Free Services for any reason, provided that if SPACETI terminates
Customer’s account, except as required by law, SPACETI will provide
Customer a reasonable opportunity to retrieve its Customer Data.
NOTWITHSTANDING THE “REPRESENTATIONS, WARRANTIES, EXCLUSIVE REMEDIES AND
DISCLAIMERS” SECTION AND “INDEMNIFICATION BY SPACETI” SECTION BELOW, THE
FREE SERVICES ARE PROVIDED “AS-IS” WITHOUT ANY WARRANTY AND SPACETI
SHALL HAVE NO INDEMNIFICATION OBLIGATIONS NOR LIABILITY OF ANY TYPE WITH
RESPECT TO THE FREE SERVICES UNLESS SUCH EXCLUSION OF LIABILITY IS NOT
ENFORCEABLE UNDER APPLICABLE LAW IN WHICH CASE SPACETI’S LIABILITY WITH
RESPECT TO THE FREE SERVICES SHALL NOT EXCEED $1,000.00. WITHOUT
LIMITING THE FOREGOING, SPACETI AND ITS AFFILIATES AND ITS LICENSORS DO
NOT REPRESENT OR WARRANT TO CUSTOMER THAT: (A) CUSTOMER’S USE OF THE
FREE SERVICES WILL MEET CUSTOMER’S REQUIREMENTS, (B) CUSTOMER’S USE OF
THE FREE SERVICES WILL BE UNINTERRUPTED, TIMELY, SECURE OR FREE FROM
ERROR, AND (C) USAGE DATA PROVIDED THROUGH THE FREE SERVICES WILL BE
ACCURATE. NOTWITHSTANDING ANYTHING TO THE CONTRARY IN THE “LIMITATION OF
LIABILITY” SECTION BELOW, CUSTOMER SHALL BE FULLY LIABLE UNDER THIS
AGREEMENT TO SPACETI AND ITS AFFILIATES FOR ANY DAMAGES ARISING OUT OF
CUSTOMER’S USE OF THE FREE SERVICES, ANY BREACH OF THIS AGREEMENT BY
CUSTOMER AND ANY OF CUSTOMER’S INDEMNIFICATION OBLIGATIONS HEREUNDER.
3. USE OF SERVICES
-
Subscriptions. Unless otherwise provided in the
applicable Order Form or Documentation, (a) Purchased Services are
purchased as subscriptions for the term stated in the applicable Order
Form or in the applicable online purchasing portal, (b) subscriptions
for Purchased Services may be added during a subscription term at the
same pricing as the underlying subscription pricing, prorated for the
portion of that subscription term remaining at the time the
subscriptions are added, and (c) any added subscriptions will terminate
on the same date as the underlying subscriptions. Customer agrees that
its purchases are not contingent on the delivery of any future
functionality or features, or dependent on any oral or written public
comments made by SPACETI regarding future functionality or features.
-
Usage Limits. Services are subject to usage limits
specified in Order Forms and Documentation. If Customer exceeds a
contractual usage limit, SPACETI may work with Customer to seek to
reduce Customer’s usage so that it conforms to that limit. If,
notwithstanding SPACETI’s efforts, Customer is unable or unwilling to
abide by a contractual usage limit, Customer will execute an Order Form
for additional quantities of the applicable Services promptly upon
SPACETI’s request, and/or pay any invoice for excess usage in accordance
with the “Invoicing and Payment” section below.
-
Customer Responsibilities. Customer will (a) be
responsible for Users’ compliance with this Agreement, Documentation and
Order Forms, (b) be responsible for the accuracy, quality and legality
of Customer Data, the means by which Customer acquired Customer Data,
Customer’s use of Customer Data with the Services, and the
interoperation of any Non-Spaceti Applications with which Customer uses
Services, (c) use commercially reasonable efforts to prevent
unauthorized access to or use of Services, and notify SPACETI promptly
of any such unauthorized access or use, (d) use Services only in
accordance with this Agreement, Documentation, Order Forms and
applicable laws and government regulations, and (e) comply with terms of
service of any Non-SPACETI Applications with which Customer uses
Services. Any use of the Services in breach of the foregoing by Customer
or Users that in SPACETI’s judgment threatens the security, integrity or
availability of SPACETI’s services, may result in SPACETI’s immediate
suspension of the Services, however SPACETI will use commercially
reasonable efforts under the circumstances to provide Customer with
notice and an opportunity to remedy such violation or threat prior to
any such suspension.
-
Usage Restrictions. Customer will not (a) make any
Service available to anyone other than Customer or Users, or use any
Service for the benefit of anyone other than Customer or its Affiliates,
unless expressly stated otherwise in an Order Form or the Documentation,
(b) sell, resell, license, sublicense, distribute, make available, rent
or lease any Service, or include any Service in a service bureau or
outsourcing offering, (c) use a Service or Non-Spaceti Application to
store or transmit infringing, libelous, or otherwise unlawful or
tortious material, or to store or transmit material in violation of
third-party privacy rights, (d) use a Service or Non-Spaceti Application
to store or transmit Malicious Code, (e) interfere with or disrupt the
integrity or performance of any Service or third-party data contained
therein, (f) attempt to gain unauthorized access to any Service or its
related systems or networks, (g) permit direct or indirect access to or
use of any Services in a way that circumvents a contractual usage limit,
or use any Services to access or use any of SPACETI intellectual
property except as permitted under this Agreement, an Order Form, or the
Documentation, (h) modify, copy, or create derivative works based on a
Service or any part, feature, function or user interface thereof, (i)
frame or mirror any part of any Service, other than framing on
Customer’s own intranets or otherwise for its own internal business
purposes or as permitted in the Documentation, (j) except to the extent
permitted by applicable law, disassemble, reverse engineer, or decompile
a Service or access it to (j1) build a competitive product or service,
(j2) build a product or service using similar ideas, features, functions
or graphics of the Service, (j3) copy any ideas, features, functions or
graphics of the Service, or (4) determine whether the Services are
within the scope of any patent.
4. PROFESSIONAL
SERVICES AND HARDWARE SALES
-
Professional Services description. Customer may request
from SPACETI provision of Professional Services. SPACETI will make
available to Customer an appropriately trained employee or contractor to
carry out such Professional Services as are mutually agreed between the
parties in an Order Form or SOW. Such SPACETI resource shall be provided
during Normal Working Hours (unless otherwise specifically agreed in a
SOW) on the number of Workdays agreed in the Order Form or SOW. For the
purpose of this section 4, a “Workday” means 8 Normal Working Hours.
-
Order Form, Statement of Work. If Customer wishes to
purchase any Professional Services, the parties may agree to mutually
execute one or more separate Order Forms or SOWs specifying the scope of
Professional Services, prerequisites for successful and timely delivery
thereof, fees and payment terms and other relevant terms and conditions.
Unless otherwise identified in an Order Form or SOW, all Professional
Services must be used within the first subscription term or applicable
renewal period. Any portion of the Professional Services not used within
such period will be automatically forfeited, with no further action
required of either party, and Customer will not be entitled to any fees’
refund or credit for any prepaid but unused fees. Customer may not apply
any portion of any unused Professional Services or fees paid, for any
products or services other than those stated in the Order Form or SOW.
-
Professional Services warranty. SPACETI shall provide
the Professional Services with reasonable skill and care and in
accordance with generally recognized commercial practices and standards
and in accordance with the Order Form or SOW. This warranty is exclusive
and in lieu of all other warranties and conditions, whether express or
implied. No implied conditions, warranties or other terms apply
(including any implied terms as to satisfactory quality, fitness for
purpose or conformance with description). SPACETI will re-perform
Professional Services to remedy any breach of warranty. Customer must
make any claim under the foregoing warranty to SPACETI in writing within
ninety (90) days of performance of such Professional Services in order
to receive warranty remedies.
-
Change of Order. If either party requests a change to
the scope or execution of the Professional Services SPACETI shall,
within a reasonable time, provide a written estimate to the Customer of:
(a) the likely time required to implement the change; (b) any necessary
variations to SPACETI’s charges arising from the change; and (c) any
other impact of the change on this Agreement and the applicable SOW. If
the Customer wishes SPACETI to proceed with the change, SPACETI has no
obligation to do so unless and until the parties have agreed in writing
to all of the necessary variations to its charges, the Professional
Services or SOW and any other relevant terms of this Agreement to take
account of the change. Notwithstanding the foregoing, SPACETI may, from
time to time on reasonable notice, change the Professional Services in
order to comply with any applicable regulatory or statutory
requirements, provided that such changes do not materially affect the
nature, scope of, or the charges for the Professional Services or
materially adversely affect the Customer.
-
Delivery location. SPACETI shall deliver all
Professional Services from SPACETI’s offices unless otherwise mutually
agreed between the parties. If any SPACETI resource is required to
travel to Customer’s premises or any other third party premises to
deliver the Professional Services to Customer, Customer shall be
responsible for SPACETI’s reasonable expenses.
-
Subcontractors. SPACETI may, in its reasonable
discretion, use subcontractors to perform any of its obligations
hereunder. SPACETI will be responsible for the performance of
Professional Services by its personnel (including employees and
contractors) and their compliance with SPACETI’s obligations under this
Agreement.
-
Hardware. If SPACETI is selling any goods to use it
with Services (the “Hardware”), the list and price of
such products is in the applicable Order Form and the detailed
description of SPACETI’s performance, detailed specification,
characteristics and parameters of sold items, the conditions and the
method of warranty service provided and the demands on Customer’s
cooperation are set out in the Order Form.
5. NON-SPACETI
PRODUCTS AND SERVICES
-
Integration with Non-Spaceti Applications. The Services
may contain features designed to interoperate with Non-Spaceti
Applications. Spaceti cannot guarantee the continued availability of
such Service features, and may cease providing them without entitling
Customer to any refund, credit, or other compensation, if for example
and without limitation, the provider of a Non- Spaceti Application
ceases to make the Non-Spaceti Application available for interoperation
with the corresponding Service features in a manner acceptable to
Spaceti.
6. FEES AND PAYMENT
-
Fees. Customer will pay all fees specified in the Order
Forms or SOWs. Except as otherwise specified herein or in an Order Form
or SOW, (i) fees are based on Services subscription, Professional
Services, or Hardware purchased and not actual usage, (ii) payment
obligations are non-cancelable and fees paid are non-refundable, and
(iii) quantities of Services subscription purchased cannot be decreased
during the relevant subscription term.
-
Invoicing and Payment. Customer will provide SPACETI
with a valid purchase order or alternative document reasonably
acceptable to SPACETI. SPACETI will invoice Customer in advance and
otherwise in accordance with the relevant Order Form or SOW. Unless
otherwise stated in the Order Form or SOW, invoiced fees are due net
fourteen (14) days from the invoice Customer is responsible for
providing complete and accurate billing and contact information to
SPACETI and notifying SPACETI of any changes to such information.
-
Late payment. If Customer fails to pay to SPACETI any
invoiced amount by the due date, Customer shall pay to SPACETI the late
payment interest of 0.05% (five hundredths of a percent) of the
outstanding amount for each commenced day of such default and/or (b)
SPACETI may condition future subscription renewals and Order Forms or
SOWs on payment terms shorter than those specified in the “Invoicing and
Payment” section above.
-
Suspension of Service and Acceleration. If any payment
owed by Customer under this or any other agreement for services is
thirty (30) days or more overdue, SPACETI may, without limiting its
other rights and remedies, accelerate Customer’s unpaid fee obligations
under such agreements so that all such obligations become immediately
due and payable, and suspend Services, Professional Services or Hardware
delivery until such amounts are paid in full, provided that SPACETI will
give Customer at least 10 days’ prior notice that its account is
overdue, in accordance with the “Notices” section below for billing
notices, before suspending services to Customer.
-
Payment Disputes. SPACETI will not exercise its rights
under the “Overdue Charges” or “Suspension of Service” section above if
Customer is disputing the applicable charges reasonably and in good
faith and is cooperating diligently to resolve the dispute.
-
Taxes. SPACETI’s fees do not include any taxes, levies,
duties or similar governmental assessments of any nature, including, for
example, value-added, sales, use or withholding taxes, assessable by any
jurisdiction whatsoever (collectively, “Taxes”).
Customer is responsible for paying all Taxes associated with its
purchases hereunder. If SPACETI has the legal obligation to pay or
collect Taxes for which Customer is responsible under this section,
SPACETI will invoice Customer and Customer will pay that amount unless
Customer provides SPACETI with a valid tax exemption certificate
authorized by the appropriate taxing authority. For clarity, SPACETI is
solely responsible for taxes assessable against it based on its income,
property and employees.
7. PROPRIETARY
RIGHTS AND LICENSES
-
Reservation of Rights. Subject to the limited rights
expressly granted hereunder, SPACETI and its Affiliates reserve all of
their right, title and interest in and to the Services, including all of
their related intellectual property rights. No rights are granted to
Customer hereunder other than as expressly set forth herein.
-
License by Customer to SPACETI. Customer grants
SPACETI, its Affiliates and applicable contractors a worldwide,
limited-term license to host, copy, use, transmit, and display Customer
Data, as appropriate for SPACETI to provide and ensure proper operation
of, the Services and associated systems in accordance with this
Agreement. Subject to the limited licenses granted herein, SPACETI
acquires no right, title or interest from Customer or its licensors
under this Agreement in or to any Customer Data.
-
License by Customer to Use Feedback. Customer grants to
SPACETI and its Affiliates a worldwide, perpetual, irrevocable, royalty-
free license to use and incorporate into its services any suggestion,
enhancement request, recommendation, correction or other feedback
provided by Customer or Users relating to the operation of SPACETI’s or
its Affiliates’ services.
8. CONFIDENTIALITY
-
Definition of Confidential Information. “Confidential
Information” means all information disclosed by a party (“Disclosing Party”) to the other party (“Receiving Party”), whether
orally or in writing, that is designated as confidential or that
reasonably should be understood to be confidential given the nature of
the information and the circumstances of disclosure. Confidential
Information of Customer includes Customer Data; Confidential Information
of SPACETI includes the Services, and the terms and conditions of this
Agreement and all Order Forms (including pricing). Confidential
Information of each party includes business and marketing plans,
technology and technical information, product plans and designs, and
business processes disclosed by such party. However, Confidential
Information does not include any information that (i) is or becomes
generally known to the public without breach of any obligation owed to
the Disclosing Party, (ii) was known to the Receiving Party prior to its
disclosure by the Disclosing Party without breach of any obligation owed
to the Disclosing Party, (iii) is received from a third party without
breach of any obligation owed to the Disclosing Party, or (iv) was
independently developed by the Receiving For the avoidance of doubt, the
non-disclosure obligations set forth in this “Confidentiality” section
apply to Confidential Information exchanged between the parties in
connection with the evaluation of additional SPACETI services.
-
Protection of Confidential Information. As between the
parties, each party retains all ownership rights in and to its
Confidential Information. The Receiving Party will use the same degree
of care that it uses to protect the confidentiality of its own
confidential information of like kind (but not less than reasonable
care) to (i) not use any Confidential Information of the Disclosing
Party for any purpose outside the scope of this Agreement and (ii)
except as otherwise authorized by the Disclosing Party in writing, limit
access to Confidential Information of the Disclosing Party to those of
its and its Affiliates’ employees and contractors who need that access
for purposes consistent with this Agreement and who have signed
confidentiality agreements with the Receiving Party containing
protections not materially less protective of the Confidential
Information than those Neither party will disclose the terms of this
Agreement or any Order Form to any third party other than its
Affiliates, legal counsel and accountants without the other party’s
prior written consent, provided that a party that makes any such
disclosure to its Affiliate, legal counsel or accountants will remain
responsible for such Affiliate’s, legal counsel’s or accountant’s
compliance with this “Confidentiality” section. Notwithstanding the
foregoing, SPACETI may disclose the terms of this Agreement and any
applicable Order Form to a subcontractor to the extent necessary to
perform SPACETI’s obligations under this Agreement, under terms of
confidentiality materially as protective as set forth herein.
-
Compelled Disclosure. Receiving Party may disclose
Confidential Information in accordance with any judicial or governmental
order or request, provided that Receiving Party shall give Disclosing
Party prior notice (to the extent legally permitted) of such disclosure
and reasonable assistance, at Disclosing Party’s cost, if the Disclosing
Party wishes to contest the disclosure. Receiving Party shall use
commercially reasonable efforts to limit any such disclosure to the
extent required and to obtain confidentiality protections to the extent
reasonably practicable.
9. REPRESENTATIONS,
WARRANTIES, EXCLUSIVE REMEDIES AND DISCLAIMERS
-
Representations. Each party represents that it has
validly entered into this Agreement and has the legal power to do so.
-
SPACETI Warranties. SPACETI warrants that during an
applicable subscription term (a) this Agreement, the Order Forms and the
Documentation will accurately describe the applicable administrative,
physical, and technical safeguards for protection of the security,
confidentiality and integrity of Customer Data, (b) SPACETI will not
materially decrease the overall security of the Services, (c) the
Services will perform materially in accordance with the applicable
Documentation, and (d) subject to the “Integration with Non-SPACETI
Applications” section above, SPACETI will not materially decrease the
overall functionality of the Services. For any breach of a warranty
above, Customer’s exclusive remedies are those described in the
“Termination” and “Refund or Payment upon Termination” sections below.
-
Disclaimers. EXCEPT AS EXPRESSLY PROVIDED HEREIN,
NEITHER PARTY MAKES ANY WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED,
STATUTORY OR OTHERWISE, AND EACH PARTY SPECIFICALLY DISCLAIMS ALL
IMPLIED WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, TO THE MAXIMUM
EXTENT PERMITTED BY APPLICABLE LAW. BETA SERVICES ARE PROVIDED “AS IS,”
AND AS AVAILABLE EXCLUSIVE OF ANY WARRANTY WHATSOEVER.
10. MUTUAL INDEMNIFICATION
-
Indemnification by SPACETI will defend Customer against
any claim, demand, suit or proceeding made or brought against Customer
by a third party alleging that any Purchased Service infringes or
misappropriates such third party’s intellectual property rights (a
“Claim Against Customer”), and will
indemnify Customer from any damages, attorney fees and costs finally
awarded against Customer as a result of, or for amounts paid by Customer
under a settlement approved by SPACETI in writing of, a Claim Against
Customer, provided Customer (a) promptly gives SPACETI written notice of
the Claim Against Customer, (b) gives SPACETI sole control of the
defense and settlement of the Claim Against Customer (except that
SPACETI may not settle any Claim Against Customer unless it
unconditionally releases Customer of all liability), and (c) gives
SPACETI all reasonable assistance, at SPACETI’s expense. If SPACETI
receives information about an infringement or misappropriation claim
related to a Service, SPACETI may in its discretion and at no cost to
Customer (i) modify the Services so that they are no longer claimed to
infringe or misappropriate, without breaching SPACETI’s warranties under
“SPACETI Warranties” above, (ii) obtain a subscription for Customer’s
continued use of that Service in accordance with this Agreement, or
(iii) terminate Customer’s subscriptions for that Service upon 30 days’
written notice and refund Customer any prepaid fees covering the
remainder of the term of the terminated subscriptions. The above defense
and indemnification obligations do not apply if (1) the allegation does
not state with specificity that the Services are the basis of the Claim
Against Customer; (2) a Claim Against Customer arises from the use or
combination of the Services or any part thereof with software, hardware,
data, or processes not provided by SPACETI, if the Services or use
thereof would not infringe without such combination; (3) a Claim Against
Customer arises from Services under an Order Form for which there is no
charge; or (4) a Claim against Customer arises from Customer’s breach of
this Agreement, the Documentation or applicable Order Forms.
-
Indemnification by Customer. Customer will defend
SPACETI and its Affiliates against any claim, demand, suit or proceeding
made or brought against SPACETI by a third party alleging that any
Customer Data or Customer’s use of Customer Data with the Services,
infringes or misappropriates such third party’s intellectual property
rights, or arising from Customer’s use of the Services in an unlawful
manner or in violation of the Agreement, the Documentation, or Order
Form (each a “Claim Against SPACETI”), and will
indemnify SPACETI from any damages, attorney fees and costs finally
awarded against SPACETI as a result of, or for any amounts paid by
SPACETI under a settlement approved by Customer in writing of, a Claim
Against SPACETI, provided SPACETI (a) promptly gives Customer written
notice of the Claim Against SPACETI, (b) gives Customer sole control of
the defense and settlement of the Claim Against SPACETI (except that
Customer may not settle any Claim Against SPACETI unless it
unconditionally releases SPACETI of all liability), and (c) gives
Customer all reasonable assistance, at Customer’s The above defense and
indemnification obligations do not apply if a Claim Against SPACETI
arises from SPACETI’s breach of this Agreement, the Documentation or
applicable Order Forms.
-
Mutual Indemnity. Each party (the
“Provider”) will defend the other party (the
“Recipient”) against any Claim made or brought against
the Recipient by a third party alleging that any information, design,
specification, instruction, software, data or material furnished by the
Provider in the course of providing or receiving Professional Services
(the “Material”) infringes or misappropriates such
third party’s intellectual property rights, and will indemnify the
Recipient from any damages, attorneys fees and costs finally awarded
against the Recipient as a result of, or for amounts paid by Recipient
under a settlement approved in writing by Provider of, any such Claim,
provided that the Recipient: (a) promptly gives the Provider written
notice of the Claim; (b) gives the Provider sole control of the defense
and settlement of the Claim (except that the Provider may not settle any
Claim unless it unconditionally releases the Recipient of all
liability); and (c) gives the Provider all reasonable assistance, at the
Provider’s cost. The Provider will have no liability for any such Claim
to the extent that (i) it arises from specifications or other Material
provided by the other party, or (ii) such claim is based on the
Recipient’s use of a superseded or altered version of Material if
infringement or misappropriation would have been avoided by the use of a
subsequent or unaltered version of the Material that was provided to the
Recipient. In the event that some or all of the Material is held or is
reasonably believed by the Provider to infringe or misappropriate, the
Provider may in its discretion and at no cost to the Recipient (A)
modify or replace the Material so it is no longer claimed to infringe or
misappropriate, (B) obtain a license for the Recipient’s continued use
of the Material in accordance with this Agreement, or (C) require return
of the affected Material and all rights thereto from the Recipient. If
the Provider exercises option (C), either party may terminate the
relevant SOW upon 10 days’ written notice given within 30 days after the
Provider’s exercise of such option, subject to the “Payment Upon
Termination” section below.
-
Exclusive Remedy. This “Mutual Indemnification” section
states the indemnifying party’s sole liability to, and the indemnified
party’s exclusive remedy against, the other party for any third party
claim described in this section.
11. LIMITATION OF LIABILITY
-
Limitation of Liability. Subject to the “Exclusion of
Consequential and Related Damages” and “Limitation of Restrictions”
sections below, in no event shall the aggregate liability of each party
together with all of its Affiliates arising out of or related to this
Agreement (whether in contract or tort or under any other theory of
liability) exceed the total amount paid by Customer and its Affiliates
hereunder in the twelve months preceding the first incident out of which
the liability arose. The foregoing limitation will not limit Customer’s
and its Affiliates’ payment obligations under the “Fees and Payment”
section above.
-
Exclusion of Consequential and Related Damages. Subject
to section the “Limitation of Restrictions” section below, in no event
shall either party or its Affiliates have any liability to the other
party or its Affiliates under or in relation to this Agreement whether
in contract, tort or under any other theory of liability for:
-
any financial damages as a result of loss or damage to property,
economic loss, cost of replacement services, loss of profits, loss
of revenue, loss of orders, loss of goodwill, and/or loss resulting
from damage to image or reputation in each case whether direct or
indirect, or
-
any indirect or consequential loss or damage arising from or related
to this Agreement,
howsoever caused and whether or not such losses are foreseeable, even
if that party or its Affiliate has been advised (or is otherwise
aware) of the possibility of such losses in advance.
-
Limitation of Restrictions. Nothing in this “Limitation
of Liability” section shall exclude or limit the liability of either
party or its Affiliates for gross negligence or intentional misconduct
of such party or its senior management, death or personal injury caused
by that party’s or its Affiliate’s negligence or for fraud or fraudulent
misrepresentation or for any other liability to the extent that the same
may not be excluded or limited as a matter of applicable law.
12. TERM AND TERMINATION
-
Term of Agreement. This Agreement commences on the
Effective Date and continues until all Services subscriptions hereunder
have expired or have been terminated, Professional Services and Hardware
were accepted and their warranty (if applicable) expired.
-
Term of Purchased Subscriptions. The term of each
subscriptions shall be as specified in the applicable Order Form. Except
as otherwise specified in an Order Form, subscriptions will
automatically renew for additional periods equal to the expiring
subscription term or one year (whichever is shorter), unless either
party gives the other notice of non-renewal at least 30 days before the
end of the relevant subscription term. Within any renewal, the per-unit
pricing for the renewal term shall be automatically adjusted in
accordance with (i) Harmonised Index of Consumer Prices (HICP) issued by
the European Statistical Office (Eurostat) in case of Services provided
to customers worldwide except as described below, (ii) Consumer Prices
Index (CPI) issued by the U.S. Bureau of Labor Statistics in case of
Services provided to customers based in the Americas (iii) Consumer
Prices Index (CPI) issued by the Saudi Central Bank in case of Services
provided to customers based in MENA region. The adjustment may take
place with effect as of first day of every renewal term and shall
correspond up to the HICP / CPI index in previous calendar year, unless
SPACETI provides Customer notice of lower indexation at least 60 days
prior to the applicable renewal term. Except as expressly provided in
the applicable Order Form, renewal of promotional or one-time priced
subscriptions will be at SPACETI’s applicable list price in effect at
the time of the applicable renewal. Notwithstanding anything to the
contrary, any renewal in which subscription volume for any Services has
decreased from the prior term will result in re- pricing at renewal
without regard to the prior term’s per-unit pricing.
-
Termination. A party may terminate this Agreement for
cause (i) upon 30 days written notice to the other party of a material
breach if such breach remains uncured at the expiration of such period,
or (ii) if the other party becomes the subject of a petition in
bankruptcy or any other proceeding relating to insolvency, receivership,
liquidation or assignment for the benefit of creditors.
-
Refund or Payment upon Termination. Upon any
termination of the Agreement or SOW, Customer will pay, in accordance
with the “Invoicing and Payment” section of this Agreement, any unpaid
fees and expenses for Professional Services incurred on or before the
termination date (such Professional Services fees to be paid on a
time-and-materials or percent-of-completion basis, as appropriate). If
this Agreement is terminated by Customer in accordance with the
“Termination” section above, SPACETI will refund Customer any prepaid
fees covering the remainder of the term of all Order Forms after the
effective date of termination and any fees for Professional Services not
yet received. If this Agreement is terminated by SPACETI in accordance
with the “Termination” section above, Customer will pay any unpaid fees
covering the remainder of the term of all Order Forms and any pre-paid
fees for Professional Services charged on a fixed-fee basis are
non-refundable, to the extent permitted by applicable law. In no event
will termination relieve Customer of its obligation to pay any fees for
Services payable to SPACETI for the period prior to the effective date
of termination.
-
Surviving Provisions. The sections titled “Free
Services,” “Fees and Payment,” “Proprietary Rights and Licenses,”
“Confidentiality,” “Disclaimers,” “Mutual Indemnification,” “Limitation
of Liability,” “Refund or Payment upon Termination,” “Surviving
Provisions” and “General Provisions” will survive any termination or
expiration of this Agreement, and the section titled “Protection of
Customer Data” will survive any termination or expiration of this
Agreement for so long as SPACETI retains possession of Customer Data.
13. GENERAL PROVISIONS
-
Export Compliance. The Services, other SPACETI
technology, and derivatives thereof may be subject to export laws and
regulations of the European Union or the United States. SPACETI and
Customer each represents that it is not named on any European Union or
USA government denied-party list. Customer will not permit any User to
access or use any Service in a European Union or USA-embargoed country
or region or in violation of any U. or USA export law or regulation.
-
Anti-Corruption. Neither party has received or been
offered any illegal or improper bribe, kickback, payment, gift, or thing
of value from an employee or agent of the other party in connection with
this Agreement. Reasonable gifts and entertainment provided in the
ordinary course of business do not violate the above restriction.
-
Entire Agreement and Order of Precedence. This
Agreement is the entire agreement between SPACETI and Customer regarding
Customer’s use of Services, Professional Services and purchase of
Hardware and supersedes all prior and contemporaneous agreements,
proposals or representations, written or oral, concerning its subject
matter. The parties agree that any term or condition stated in a
Customer purchase order or in any other Customer order documentation
(excluding Order Forms) is void. In the event of any conflict or
inconsistency among the following documents, the order of precedence
shall be: (1) the applicable Order Form or SOW, (2) any addenda, annex,
schedule or exhibit to this Agreement, (3) this Agreement, and (4) the
Titles and headings of sections of this Agreement are for convenience
only and shall not affect the construction of any provision of this
Agreement.
-
Relationship of the Parties. The parties are
independent contractors. This Agreement does not create a partnership,
franchise, joint venture, agency, fiduciary or employment relationship
between the Each party will be solely responsible for payment of all
compensation owed to its employees, as well as all employment-related
taxes.
-
Third-Party Beneficiaries. There are no third-party
beneficiaries under this Agreement.
-
Waiver. No failure or delay by either party in
exercising any right under this Agreement will constitute a waiver of
that right.
-
Severability. If any provision of this Agreement is
held by a court of competent jurisdiction to be contrary to law, the
provision will be deemed null and void, and the remaining provisions of
this Agreement will remain in effect.
-
Assignment. Neither party may assign any of its rights
or obligations hereunder, whether by operation of law or otherwise,
without the other party’s prior written consent (not to be unreasonably
withheld); provided, however, either party may assign this Agreement in
its entirety (including all Order Forms and SOWs), without the other
party’s consent to its Affiliate or in connection with a merger,
acquisition, corporate reorganization, or sale of all or substantially
all of its assets. Notwithstanding the foregoing, if a party is acquired
by, sells substantially all of its assets to, or undergoes a change of
control in favor of, a direct competitor of the other party, then such
other party may terminate this Agreement upon written notice. In the
event of such a termination, SPACETI will refund Customer any prepaid
fees covering the remainder of the term of all subscriptions for the
period after the effective date of such Subject to the foregoing, this
Agreement will bind and inure to the benefit of the parties, their
respective successors and permitted assigns.
-
No Agency. For the avoidance of doubt, SPACETI is
entering into this Agreement as principal and not as agent for any other
SPACETI company. Subject to any permitted Assignment under the
“Assignment” section below, the obligations owed by SPACETI under this
Agreement shall be owed to Customer solely by SPACETI and the
obligations owed by Customer under this Agreement shall be owed solely
to SPACETI.
-
Notices. Except as otherwise specified in this
Agreement, all notices related to this Agreement will be in writing and
will be effective upon (a) personal delivery, (b) the second business
day after mailing, or (c) except for notices of termination or an
indemnifiable claim (“Legal Notices”), the day of sending by email.
Notices to SPACETI will be addressed to the attention of Legal team to
the SPACETI’s registered address, e-mail: legal@spaceti.com; or as
updated by SPACETI via written notice to Customer. Billing-related
notices to Customer will be addressed to the relevant billing contact
designated by Customer, and Legal Notices to Customer will be addressed
to Customer and be clearly identifiable as Legal Notices. All other
notices to Customer will be addressed to the relevant Services system
administrator designated by Customer.
-
Governing Law. This Agreement, and any disputes arising
out of or related hereto, will be governed exclusively by the laws of
the Commonwealth of Massachussetts.
-
Counterparts. This Agreement may be executed
electronically and in counterparts.
-
Attachments:
Exhibit A – Data Processing Addendum
Signed by each party’s authorized representative:
SPACETI
CUSTOMER
By:
By:
Print Name:
Print
Name:
Title:
Title:
Date:
Date:
Exhibit A
DATA PROCESSING ADDENDUM
This Data Processing Addendum, including its Schedules,
(“DPA”) forms part of the Master Services Agreement
between SPACETI and Customer for the purchase of services from SPACETI
(the “Agreement”) to reflect the parties’ agreement with
regard to the Processing of Personal Data.
All capitalized terms not defined herein shall have the meaning set forth
in the Agreement.
In the course of providing the Services to Customer pursuant to the
Agreement, SPACETI may Process Personal Data on behalf of Customer and the
Parties agree to comply with the following provisions with respect to any
Personal Data, each acting reasonably and in good faith:
1. DEFINITIONS
“Controller” means the entity which determines the
purposes and means of the Processing of Personal Data.
“Data Protection Laws and Regulations” means all laws and
regulations, including laws and regulations of the European Union, the
European Economic Area and their member states, Switzerland and the United
Kingdom, applicable to the Processing of Personal Data under the
Agreement.
“Data Subject” means the identified or identifiable
person to whom Personal Data relates.
“GDPR” means the Regulation (EU) 2016/679 of the European
Parliament and of the Council of 27 April 2016 on the protection of
natural persons with regard to the processing of personal data and on the
free movement of such data, and repealing Directive 95/46/EC (General Data
Protection Regulation).
“Personal Data” means any information relating to (i) an
identified or identifiable natural person and, (ii) an identified or
identifiable legal entity (where such information is protected similarly
as personal data or personally identifiable information under applicable
Data Protection Laws and Regulations), where for each (i) or (ii), such
data is Customer Data.
“Processing” means any operation or set of operations
which is performed upon Personal Data, whether or not by automatic means,
such as collection, recording, organization, structuring, storage,
adaptation or alteration, retrieval, consultation, use, disclosure by
transmission, dissemination or otherwise making available, alignment or
combination, restriction, erasure or destruction.
“Processor” means the entity which Processes Personal
Data on behalf of the Controller.
“Security Documentation” means the Security Documentation
applicable to the specific Services purchased by Customer, as updated from
time to time, and accessible via login to the applicable Service, or as
otherwise made reasonably available by SPACETI. The Security Documentation
as of Effective Date is attached as Schedule 2 to this DPA.
“SPACETI Group” means SPACETI and its Affiliates engaged
in the Processing of Personal Data.
“Sub-processor” means any Processor engaged by SPACETI or
a member of the SPACETI Group.
“Supervisory Authority” means an independent public
authority which is established by an EU Member State pursuant to the GDPR.
2. PROCESSING OF
PERSONAL DATA
-
Roles of the Parties. The parties acknowledge and agree
that with regard to the Processing of Personal Data, Customer is the
Controller, SPACETI is the Processor and that SPACETI or members of the
SPACETI Group will engage Sub-processors pursuant to the requirements
set forth in Section 5 “Sub-processors” below.
-
Customer’s Processing of Personal Data. Customer shall,
in its use of the Services and Professional Services, Process Personal
Data in accordance with the requirements of Data Protection Laws and
Regulations. For the avoidance of doubt, Customer’s instructions for the
Processing of Personal Data shall comply with Data Protection Laws and
Regulations. Customer shall have sole responsibility for the accuracy,
quality, and legality of Personal Data and the means by which Customer
acquired Personal Data.
-
SPACETI’s Processing of Personal Data. SPACETI shall
treat Personal Data as Confidential Information and shall only Process
Personal Data on behalf of and in accordance with Customer’s documented
instructions for the following purposes: (i) Processing in accordance
with the Agreement and applicable Order Form(s) or SOW(s); (ii)
Processing initiated by Users in their use of the Services; and (iii)
Processing to comply with other documented reasonable instructions
provided by Customer (e.g., via email) where such instructions are
consistent with the terms of the Agreement.
-
Details of the Processing. The subject-matter of
Processing of Personal Data by SPACETI is the performance of the
Services and Professional Services, if applicable, pursuant to the
Agreement. The duration of the Processing, the nature and purpose of the
Processing, the types of Personal Data and categories of Data Subjects
Processed under this DPA are further specified in Schedule 1 (Details of
the Processing) to this DPA.
3. RIGHTS OF DATA
SUBJECTS
-
Data Subject Request. SPACETI shall, to the extent
legally permitted, promptly notify Customer if SPACETI receives a
request from a Data Subject to exercise the Data Subject’s right of
access, right to rectification, restriction of Processing, erasure
(“right to be forgotten”), data portability, object to the Processing,
or its right not to be subject to an automated individual decision
making, each such request being a “Data Subject Request”. Taking into
account the nature of the Processing, SPACETI shall assist Customer by
appropriate technical and organizational measures, insofar as this is
possible, for the fulfilment of Customer’s obligation to respond to a
Data Subject Request under Data Protection Laws and Regulations. In
addition, to the extent Customer, in its use of the Services, does not
have the ability to address a Data Subject Request, SPACETI shall upon
Customer’s request provide commercially reasonable efforts to assist
Customer in responding to such Data Subject Request, to the extent
SPACETI is legally permitted to do so and the response to such Data
Subject Request is required under Data Protection Laws and Regulations.
To the extent legally permitted, Customer shall be responsible for any
costs arising from SPACETI’s provision of such assistance.
4. SPACETI PERSONNEL
-
Confidentiality. SPACETI shall ensure that its
personnel engaged in the Processing of Personal Data are informed of the
confidential nature of the Personal Data and have executed written
confidentiality agreements. SPACETI shall ensure that such
confidentiality obligations survive the termination of the personnel
engagement.
-
Limitation of Access. SPACETI shall ensure that
SPACETI’s access to Personal Data is limited to those personnel
performing Services and Professional Services in accordance with the
Agreement.
-
Data Protection Officer. Members of the SPACETI Group
have appointed a data protection officer. The appointed person may be
reached at legal@spaceti.com.
5. SUB-PROCESSORS
-
Appointment of Sub-processors. Customer acknowledges
and agrees that (a) SPACETI’s Affiliates may be retained as Sub-
processors; and (b) SPACETI and SPACETI’s Affiliates respectively may
engage third-party Sub-processors in connection with the provision of
the Services and Professional Services. SPACETI or a SPACETI Affiliate
has entered into a written agreement with each Sub-processor containing
data protection obligations not less protective than those in this
Agreement with respect to the protection of Personal Data to the extent
applicable to the nature of the Services and Professional Services
provided by such Sub-processor.
-
List of Current Sub-processors and Notification of New
Sub-processors. SPACETI shall make available to Customer the current list of
Sub-processors. Such Sub-processor lists shall include the identities of
those Sub-processors and their country of location (the “Infrastructure and Sub-processor Documentation”). SPACETI shall make available to Customer the up-to date
Infrastructure and Sub-processor Documentation as well as a mechanism to
subscribe to notifications of new Sub-processors to which Customer shall
subscribe, and if Customer subscribes, SPACETI shall provide
notification of a new Sub-processor(s) before authorizing any new
Sub-processor(s) to Process Personal Data in connection with the
provision of the applicable Services. The Infrastructure and
Sub-processor Documentation for Services, as of Effective Date, is for
reference purposes only attached as Schedule 3 hereto.
-
Objection Right for New Sub-processors. Customer may
object to SPACETI’s use of a new Sub-processor by notifying SPACETI
promptly in writing within ten (10) business days after receipt of
SPACETI’s notice in accordance with the mechanism set out in Section 5.2
hereof. In the event Customer objects to a new Sub-processor, as
permitted in the preceding sentence, SPACETI will use reasonable efforts
to make available to Customer a change in the Services or Professional
Services or recommend a commercially reasonable change to Customer’s
configuration or use of the Services or Professional Services to avoid
Processing of Personal Data by the objected-to new Sub- processor
without unreasonably burdening Customer. If SPACETI is unable to make
available such change within a reasonable period of time, which shall
not exceed thirty (30) days, Customer may terminate the applicable Order
Form(s) or SOW(s) with respect only to those Services or Professional
Services which cannot be provided by SPACETI without the use of the
objected-to new Sub-processor by providing written notice to SPACETI.
SPACETI will refund Customer any prepaid fees covering the remainder of
the term of such Order Form(s) or SOW(s) following the effective date of
termination with respect to such terminated Services or Professional
Services, without imposing a penalty for such termination on Customer.
-
Liability. SPACETI shall be liable for the acts and
omissions of its Sub-processors to the same extent SPACETI would be
liable if performing the services of each Sub-processor directly under
the terms of this DPA.
6. SECURITY
-
Controls for the Protection of Personal Data. SPACETI
shall maintain appropriate technical and organizational measures for
protection of the security (including protection against unauthorized or
unlawful Processing and against accidental or unlawful destruction, loss
or alteration or damage, unauthorized disclosure of, or access to,
Customer Data), confidentiality and integrity of Customer Data, as set
forth in the Security Documentation. SPACETI regularly monitors
compliance with these measures. SPACETI will not materially decrease the
overall security of the Services during a subscription term.
-
Cooperation and Audits. SPACETI shall make available to
Customer such information as is requested by Customer to demonstrate its
compliance with applicable statutory obligations, in a commonly used and
machine-readable format. In cases of official requests of data
protection authorities with jurisdiction over the Processing hereunder,
or, in case Customer has reasonable grounds to assume that a Customer
Data Incident has taken place, Customer may upon at least fourteen (14)
days prior written notice to SPACETI conduct a site visit of the
applicable SPACETI operations center at Customer’s expense by a
representative of Customer or its independent third party auditor
(always not a direct competitor of SPACETI). Such audits shall be
carried out at normal business hours without disrupting the on-going
business operations of SPACETI. SPACETI may make the audits dependent on
the signing of a nondisclosure agreement with SPACETI.
7. CUSTOMER DATA
INCIDENT NOTIFICATION
-
SPACETI shall notify Customer without undue delay after becoming aware
of the accidental or unlawful destruction, loss, alteration,
unauthorized disclosure of, or access to Customer Data, including
Personal Data, transmitted, stored or otherwise Processed by SPACETI or
its Sub-processors of which SPACETI becomes aware (a “Customer Data Incident”). SPACETI shall make reasonable efforts to identify the cause of such
Customer Data Incident and take those steps as SPACETI deems necessary
and reasonable in order to remediate the cause of such a Customer Data
Incident to the extent the remediation is within SPACETI’s reasonable
control. The obligations herein shall not apply to incidents that are
caused by Customer or Customer’s Users.
8. RETURN AND
DELETION OF CUSTOMER DATA
- The procedure is set forth in Section 2.2 of the Agreement.
9. DATA TRANSFERS
-
SPACETI shall ensure that the transfer of Personal Data which are
undergoing Processing or are intended for Processing after transfer to a
third country shall take place only if such transfer meets the
conditions outlined in the GDPR, specifically Chapter V.
10. EUROPEAN SPECIFIC PROVISIONS
-
GDPR. SPACETI will Process Personal Data in accordance
with the GDPR requirements directly applicable to SPACETI’s provision of
its Services or Professional Services.
-
Data Protection Impact Assessment. Upon Customer’s
request, SPACETI shall provide Customer with reasonable cooperation and
assistance needed to fulfil Customer’s obligation under the GDPR to
carry out a data protection impact assessment related to Customer’s use
of the Services or Professional Services, to the extent Customer does
not otherwise have access to the relevant information, and to the extent
such information is available to SPACETI. SPACETI shall provide
reasonable assistance to Customer in the cooperation or prior
consultation with the Supervisory Authority in the performance of its
tasks relating to Section 10.2 of this DPA, to the extent required under
the GDPR.
List of Schedules
Schedule 1: Details of the Processing
Schedule 2: Security Documentation (as of Effective Date)
Schedule 3: SPACETI Infrastructure and Sub-processors (as of Effective
Date)
SCHEDULE 1 – DETAILS OF THE PROCESSING
Nature and Purpose of Processing
SPACETI will Process Personal Data as necessary to perform the Services or
Professional Services pursuant to the Agreement, as further specified in
the Documentation, and as further instructed by Customer in its use of the
Services or Professional Services.
Duration of Processing
Subject to Section 8 of the DPA, SPACETI will Process Personal Data for
the duration of the Agreement, unless otherwise agreed upon in writing.
Categories of Data Subjects
Customer may submit Personal Data to the Services, the extent of which is
determined and controlled by Customer in its sole discretion, and which
may include, but is not limited to Personal Data relating to the following
categories of data subjects:
- Employees or visitors of Customer
-
Agents, advisors, freelancers of Customer (who are natural persons)
- Customer’s Users authorized by Customer to use the Services
Type of Personal Data
Customer may submit Personal Data to the Services, the extent of which is
determined and controlled by Customer in its sole discretion, and which
may include, but is not limited to the following categories of Personal
Data:
- First and last name
-
Contact information (company, email, phone, physical business address)
- Profile photo (optional)
- Connection data (anonymized)
- Localization data
- Locker usage data
- Booking data (who, when, what was booked)
- User-created content (newsfeed, picture, events, …)
SCHEDULE 2 – SECURITY DOCUMENTATION
(As of Effective Date)
|
SPACETI has implemented the following technical and organizational
security measures to provide the ongoing confidentiality, integrity,
availability and resilience of processing systems and services:
1. Confidentiality
SPACETI has implemented the following technical and organizational
security measures to protect the confidentiality of processing
systems and services, in particular:
|
|
● SPACETI processes all customer data
on remote server sites owned and operated by industry leading cloud
service providers that offer highly sophisticated measures to
protect against unauthorized persons gaining access to data
processing equipment (namely telephones, database and application
servers and related hardware). Such measures include:
|
|
– a layered security model,
including safeguards like custom-designed electronic access cards,
alarms, vehicle access barriers, perimeter fencing, metal detectors,
and biometrics, and the data center floor features laser beam
intrusion detection;
– data centers are monitored
24/7 by high-resolution interior and exterior cameras that can
detect and track intruders;
– access logs, activity
records, and camera footage are available in case an incident
occurs;
– data centers are also
routinely patrolled by experienced security guards who have
undergone rigorous background checks and training;
– access to the data center
floor is only possible via a security corridor which implements
multi-factor access control using security badges and biometrics;
– only approved employees with
specific roles may enter.
|
|
|
● SPACETI implements suitable measures
to prevent its data processing systems from being used by
unauthorized persons. This is accomplished by:
|
|
– automatic time-out of user
terminal if left idle, identification and password required to
reopen;
|
|
– issuing and safeguarding
identification codes;
– letting customers define
individual user accounts with permissions across SPACETI
resources;
|
| |
|
● SPACETI’s employees entitled to use
its data processing systems are only able to access Personal Data
within the scope of and to the extent covered by their respective
access permission (authorization). In particular, access
rights and levels are based on employee job function and role, using
the concepts of least-privilege and need-to-know to match access
privileges to defined responsibilities. This is accomplished
by:
|
|
– limited access to Personal
Data to only authorized persons;
|
|
– industry standard encryption;
and
|
| |
|
2. Integrity
SPACETI has implemented the following technical and organizational
security measures to protect the integrity of processing systems
and services, in particular:
|
|
● SPACETI implements suitable measures
to prevent Personal Data from being read, copied, altered or deleted
by unauthorized parties during the transmission thereof or during
the transport of the data media. This is accomplished by:
|
|
– use of state-of-the-art
firewall and encryption technologies to protect the gateways and
pipelines through which the data travels;
|
|
– industry standard encryption;
and
|
|
– avoiding the storage of
Personal Data on portable storage media for transportation purposes
and on company issued laptops or other mobile devices.
|
| |
|
● SPACETI does not access any customer
content except as necessary to provide that customer with the
SPACETI products and professional services it has selected. SPACETI
does not access customers’ content for any other purposes.
Accordingly, SPACETI does not know what content customers choose to
store on its systems and cannot distinguish between Personal Data
and other content, so SPACETI treats Customer Data the same. In this
way, Customer Data benefits from the same robust SPACETI security
measures, whether this content includes Personal Data or not.
|
|
3. Availability
SPACETI has implemented the following technical and organizational
security measures to protect the availability of processing
systems and services, in particular:
|
|
● SPACETI implements suitable measures
to provide that Personal Data is protected from accidental
destruction or loss. This is accomplished by:
|
|
– infrastructure redundancy;
|
|
– policies prohibiting permanent
local (work station) storage of Personal Data; and
|
|
– performing regular data
back-ups.
|
|
4. Resilience
SPACETI has implemented the following technical and organizational
security measures to protect the resilience of processing systems and
services, in particular:
-
SPACETI designs the components of its platform to be highly resilient.
This is accomplished by:
-
selection of best-in-class infrastructure providers with data centres
that have daily backups with an assured uptime and availability of
99.9999% by the service providers.
SCHEDULE 3
SPACETI Infrastructure and Sub-processors
(As of Effective Date)
Scope
This documentation describes the infrastructure environment and
sub-processors and certain other entities material to SPACETI’s provision
of the Services.
Capitalized terms used in this documentation are defined in SPACETI’s
Master Services Agreement and/or Data Processing Addendum. In the event of
conflict, the Data Processing Addendum definition shall prevail.
Infrastructure – Personal Data Storage & Processing
The following table describes the countries and legal entities engaged in
the storage of Personal Data submitted by customers to the Services.
| SUBPROCESSOR |
PURPOSE OF DATA PROCESSING |
SUBPROCESSOR SEAT OF BUSINESS |
LOCATION |
| Amazon Web Services EMEA SAR |
Data processing, storing personal & other data (personal data,
analytics, booking data etc.).
|
BUSINESS REG. NO 352 2789 0057
38 Avenue John F. Kennedy, L-1855, Luxembourg
|
Germany |
| Heroku (Salesforce) |
Data processing. |
415 Mission Street
Suite 300
San Francisco, CA, 94105
|
EU region |
| Google Cloud EMEA Limited |
Mobile app users noitification, app distribution. |
70 Sir John Rogerson’s Quay, Dublin 2, Ireland |
Germany |
| Redis Green |
Storing data (personal data, analytics data, aggregated analytics
data, booking data).
|
Stovepipe Studios, 2130 N Kilpatrick Street #17292, Portland OR
97217, United States
|
EU (Frankfurt) |
| Elastic.co |
Storage for sensor & analytics data. |
EUROPEAN HQ
The Netherlands
Keizersgracht 281
1016 ED Amsterdam
|
EU region |
| Auth0 |
Authentication & authorization platform for secured login &
user management.
|
Auth0 Inc. (a wholly owned subsidiary of Okta, Inc.) (10800 NE 8th
Street, Suite 700, Bellevue, WA 98004, USA) and/or the applicable
Okta affiliates processing personal data. Auth0 Limited, UK, is
registered with the Information Commissioner’s Office (“ICO”) under
registration number ZA840835.
|
EU region |
| Apple |
Mobile app users notification, app distribution. |
|
|
WorkOS
(*Note: only for specific product features)
|
Okta SSO, Google SSO integration, Microsoft AD synchronization.
|
WorkOS, 548 Market St, PMB 86125, San Francisco, CA 94104
|
USA |
Network Providers
The Services may use network providers to provide the Services, for
security purposes, to support user authentication, and to optimize content
delivery (the “Network Providers”). SPACETI uses Network
Providers to provide private network capabilities and also to provide
Content Delivery Network services (the “CDN”). CDN are
commonly used systems of distributed services that deliver content based
on the geographic location of the individual accessing the content and the
origin of the content provider. Content items to be served to subscribers
or end users, such as images or attachments uploaded to the Services, may
be stored with a CDN to expedite transmission, and information transmitted
across a CDN may be accessed by the CDN to enable its functions.
SPACETI customers may subscribe to notifications of new sub-processors by
sending an e-mail to legal@spaceti.com.