PRIVO iD SaaS Terms & Conditions

Last updated October 14, 2021

The following terms and conditions apply to the legal agreement formed between Privacy Vaults Online, Inc. (“PRIVO”) and the Customer executing the PRIVO iD Software-as-a-Service Customer Order Form that references these Terms and Conditions (“Customer”). PRIVO and Customer are sometimes referred to herein individually as a “Party” or collectively as the “Parties.”

1. DEFINITIONS. As used in and for purposes of this Agreement:

“Administrative User(s)” means employees, contractors or other representatives of Customer and Authorized Customer Entities who have completed PRIVO’s online registration process or who otherwise receive an administrative user ID or other access credentials from PRIVO or Customer authorizing them to access and administer the SaaS on behalf of Customer and Authorized Customer Entities for Authorized Purposes.

“Agreement” means and consists of these Terms and Conditions, each Order Form signed by both Parties that is attached to or references these Terms and Conditions, and, if available, PRIVO’s online Terms of Service and Privacy Policy posted on PRIVO’s Web Site.

“APIs” means application programming interfaces made available for the purpose of interfacing Customer or third-party Online Service(s) with the SaaS.

“Applicable Laws” means all legislation, statutes, regulations, ordinances, rules, judgments, orders, decrees, rulings, and other requirements enacted, promulgated, or imposed by any governmental authority or judicial or regulatory body (including any recognized self-regulatory body) at any level (e.g., municipal, county, provincial, state or national) that are applicable to or enforceable against a Party or its personnel in relation to their activities under or pursuant to this Agreement in a Territory in which such Party operates.

“Authorized Customer Entities” means specific Customer-affiliated entities named in a Customer Order Form who are authorized to access and use the SaaS during the Subscription Term under Customer’s subscription to the SaaS, and for whose compliance with these SaaS Terms Customer is therefore responsible under these SaaS Terms as if use was by Customer.

“Authorized Purpose(s)” means those purposes set forth in a Customer Order Form or on PRIVO’s Web Site describing the purposes for which the applicable SaaS and associated Content are permitted to be used by Customer’s and Authorized Customer Entities’ Administrative Users and End Users. If no Authorized Purpose is stated, the Authorized Purpose shall be internal business use by Customer and Authorized Customer Entities in their businesses.

“Confidential Information” means all written or oral information, disclosed by either Party to the other, related to the business or operations of either Party or a third party, including any information that constitutes Confidential Information under the PRIVO Privacy Assured COPPA Consulting and Certification Program Membership Agreement if entered into by the Parties in connection with this Agreement, that (i) is marked with a legend indicating the confidential nature of such information (if the information is in writing), (ii) if the information is orally conveyed, is identified by the Disclosing Party at the time of disclosure to be confidential, or (iii) the Receiving Party reasonably should have understood, based on the nature of the information or the circumstances under which it was disclosed, that the Disclosing Party intended such information to be treated as "Confidential Information” for the purposes hereof.

“Content” means any data, media, information and/or other type or form of content displayed, distributed or otherwise made available to a Party through the SaaS or other Services, including Customer Data, End User Data, Customer Content and PRIVO Content.

“Customer Content” means Content owned, originated or controlled by Customer, including Content that Customer posts on the SaaS or is submitted to the SaaS or other Services for processing and/or storage, as well as any of the following: data that was already in the possession of Customer: anonymous, aggregated data that Customer derives from Customer Data (including End User Data); data that Customer generates or receives from a party other than PRIVO; and any data from or pertaining to a Customer Authorized Entity or a Customer End User that is obtained or generated by Customer, whether or not such data was generated as a result of its relationship with PRIVO.

“Customer Data” means (i) any particular End User Data and non-End User Data already in the possession or control of Customer or an Authorized Customer Entity prior to it being transmitted or otherwise communicated to PRIVO; and (ii) any particular End User Data and non-End User Data transmitted or otherwise communicated to PRIVO via a Customer Online Service or directly by Customer via another transmission method (for clarity and avoidance of doubt, this does not include and shall be distinguished from End User Data and non-End User Data transmitted or otherwise communicated to PRIVO directly by an End User or via communication channels not operated or controlled by Customer or an Authorized Customer Entity).

“Customer End User” means an End User of the SaaS (or Content made available by the SaaS) through a Customer Online Service.

“Customer Online Service” means the website(s), mobile application(s) or other services that transact data over the internet which are identified in the Customer Order Form as those through which Customer’s Administrative Users and End Users of Customer and Authorized Customer Entities are permitted to access and use the SaaS.

“Customer Order Form” means an order form issued by PRIVO and executed by Customer and PRIVO setting forth the necessary information relating to a SaaS and/or other Services to be provided to Customer under this Agreement, and the associated fees payable to PRIVO.

“Data Privacy and Security Laws” means all applicable federal, state, regional, territorial and local laws, statutes, ordinances, regulations, rules, executive orders, of or by any United States federal or state government entity, or any authority, department or agency thereof governing the privacy, data protection and security of Personally Identifiable Information and security breach notification relating to Personally Identifiable Information, and any other laws in force in the Territory, including the Children’s Online Privacy Protection Act (COPPA) (16 CFR Part 312), the Family Educational Rights and Privacy Act (FERPA) (20 U.S.C. § 1232g; 34 CFR Part 99), the Health Insurance Portability and Accountability Act of 1996 (HIPAA), (Pub.L. 104–191, 110 Stat. 1936), the European Union’s General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679), and Title V of the Gramm-Leach-Bliley Act of 1999 (Public Law 106-102, 113 Stat. 1338), and the “Interagency Guidelines Establishing Standards for Safeguarding Customer Information” (Exhibit B to 12 CFR Part 364), as each may be amended from time to time, and their respective implementing regulations.

“End User” means an individual user of the Internet who accesses or uses the SaaS or Content made available by the SaaS, either directly through a SaaS Access Method of PRIVO or indirectly through a Customer Online Service. As used herein, “End User” also includes any person who is authorized to act on another’s behalf with regard to their interactions with the SaaS or a Customer Online Service, such as a parent, teacher, or legal guardian.

“End User Data” means data provided by or on behalf of an End User that is accessed, stored, processed or managed via the SaaS. For purposes of this Agreement, End User Data will also constitute either Customer Data or PRIVO Content, as applicable.

“Including” (and its derivative forms, whether or not capitalized) means including without limitation.

“Intellectual Property Rights” means the legal rights held by the owner of a copyright, patent, trademark, or trade secret, including (i) the rights to copy, publicly perform, publicly display, distribute, adapt, translate, modify and create derivative works of copyrighted subject matter; (ii) the rights to exclude others from using, making, having made, selling, offering to sell, and importing patented subject matter and to practice patented methods, (iii) the rights to use and display any marks in association with businesses, products or services as an indication of ownership, origin, affiliation, certification, or sponsorship; and (iv) the rights to apply for any of the foregoing rights, and all rights in those applications. Intellectual Property Rights also include any and all rights associated with particular information that are granted by law and that give the owner, independent of contract, exclusive authority to control use or disclosure of the information, including privacy rights and any rights in databases recognized by applicable law.

“Losses” means, in connection with a Claim that is subject to defense and indemnification by a Party under this Agreement, all reasonable attorneys’ fees, reasonable costs of investigation, discovery, litigation and settlement, and any resulting liabilities, damages, settlements, judgments and awards, including associated taxes, interest and penalties.

“Mobile App” means, when applicable, client software, in object code form, that is made available by PRIVO for installation by End Users on mobile devices to allow them to interact with and use the SaaS.

“PRIVO Content” means the following: (i) Content owned, originated or controlled by PRIVO that PRIVO posts on the SaaS, including any particular End User Data and non-End User Data already in the possession or control of PRIVO prior to it being transmitted or otherwise communicated to PRIVO via a Customer Online Service or directly by Customer via another transmission method; (ii) any particular End User Data and non-End User Data transmitted or otherwise communicated to PRIVO directly by an End User or via communication channels not operated or controlled by Customer or an Authorized Customer Entity, or a Customer Administrative User; and (iii) any aggregate or statistical data (i.e., data in de-identified or anonymous form) measuring or pertaining generally to usage of the SaaS, in each of the foregoing cases subject to any legal right of the End User to affect the use and disclosure of End User Data relating to that End User.

“PRIVO’s Web Site” means the web interface of the SaaS platform that PRIVO offers as one of the SaaS Access Methods.

“SaaS” means PRIVO’s proprietary web-based Software-as-a-Service platform and related services made available to Administrative Uses and End Users of Customer and Authorized Customer Entities under this Agreement, as identified on the applicable Customer Order Form, including its technology components, such as PRIVO’s Web Site, PRIVO’s Mobile App(s) (when applicable), and related documentation.

“SaaS Access Method” means any device or method offered by PRIVO as a means for Administrative Users or End Users to access and use the SaaS, including PRIVO’s Web Site, PRIVO’s Mobile App(s) (when available), and PRIVO-approved Customer Online Services.

“SDK License” means, when applicable, the license granted herein by PRIVO to Customer in which PRIVO grants additional rights to Customer to access the program code of the SaaS for the purpose of integrating it with other applications or platforms at a Customer Online Service.

“Services” means, collectively, the SaaS and any professional services performed by PRIVO pursuant to this Agreement. For the avoidance of doubt, at all times while this agreement is in force PRIVO is acting as a service provider to Customer.

“Subscription Term” means the period during which Customer’s and Authorized Customer Entities’ Administrative Users and End Users are permitted to access and use the SaaS, as set forth in the applicable Customer Order Form.

“Support Services” has the meaning given in Section 5.

“Territory” means the United States and any other region(s) or country(ies) that may be designated in an Order Form as included in the Territory in which use of the SaaS is authorized by PRIVO.

“Update” means any improvement, enhancement, modification and/or changes to the SaaS offered or provided by PRIVO to its subscribers at no charge.

 

2. NATURE OF THE SAAS; RIGHTS IN DATA.

2.1. SaaS Description. The SaaS enables a suite of services that collectively provide for (i) registration, authentication, and/or identity verification of End Users; (ii) management of End User attributes, relationships, and consents concerning End User Data; and (iii) additional customer service solutions for operators of such online services, all subject to any legal right of the End User to affect such activities when they involve End User Data relating to that End User. An essential element of the SaaS is the ability to provide a secure environment and greater convenience for operators and End Users by leveraging certain data that the SaaS accesses, stores, processes, derives or manages, whether such data originates with Customer, Customer’s End Users or third-party sources of verification data and services.

2.2. PRIVO Content. As between PRIVO and Customer, and subject to any rights of the relevant End User or other data owner/controller under Applicable Laws, including Data Privacy and Security Laws, with respect to End User Data that constitutes PRIVO Content, PRIVO shall be considered the owner of PRIVO Content. PRIVO hereby grants to Customer during the relevant Subscription Term, and thereafter in the specific case of an archival log of End User permissions and consents granted during the relevant Subscription Term, a limited, personal non-exclusive, non-transferable (except in connection with a permitted assignment of these SaaS Terms) right for Administrative Users and Customer End Users to use PRIVO Content made available through the SaaS solely in furtherance of Customer’s and Authorized Customer Entities’ permitted use of the SaaS as authorized by this Agreement, subject to the terms and conditions of this Agreement and to the legal rights of End Users with respect to End User Data under Applicable Laws, including Data Privacy and Security Laws.

2.3. Customer Data. As between PRIVO and Customer, and subject to any rights of the relevant End User or other data owner/controller under Applicable Laws, including Data Privacy and Security Laws, Customer shall be considered the owner of Customer Data, excluding End User Data that constitutes PRIVO Content. Customer hereby grants to PRIVO a limited, non-exclusive, non-transferable (except in connection with a permitted assignment of these SaaS Terms) right to use Customer Data made available to PRIVO hereunder solely in furtherance of PRIVO’s provision of the SaaS and associated services and fulfillment of PRIVO’s other duties and responsibilities under this Agreement and Applicable Laws, including Data Privacy and Security Laws.

2.4. Rights in End User Data. For the avoidance of doubt, all rights of PRIVO and Customer expressed in this Agreement with respect to End User Data are subject to (and, as applicable, constrained by) Applicable Laws, Including Data Privacy and Security Laws and the rights of End Users thereunder, including the legal right of each Customer End User to affect access to, use, processing, hosting, copying, delivery or disclosure of the Customer’s End User Data.

 

3. ACCESS TO AND USE OF THE SAAS.

3.1. Limited-Purpose Access Grant. Subject to Customer’s and its Administrative Users’ continuing compliance with this Agreement and payment of the applicable fees, PRIVO hereby grants to Customer a limited, personal, non-exclusive, non-transferable (except in connection with a permitted assignment of these SaaS Terms) right for Administrative Users of Customer and any other Authorized Customer Entities to access the features and functions of the SaaS during the Subscription Term, in the territories listed in the Customer Order Form (or, if no territories are listed in the Customer Order Form, in the U.S.), including the right to expose portions of the SaaS designated for public or end user display/access on Customer’s Online Service where provided for in the Customer Order Form, solely through PRIVO-approved SaaS Access Methods and solely for the Authorized Purpose(s). This access grant may not be sublicensed, in whole or in part, other than to Authorized Customer Entities as authorized herein. The scope of Customer’s use of the SaaS is subject to the terms and conditions of this Agreement, including any parameters or limitations set forth in the applicable Customer Order Form.

3.2 Access Protocols. On or as soon as reasonably practicable after the execution of this Agreement, PRIVO shall provide to Customer the necessary passwords and network links or connections to allow Customer’s Administrative Users to access the SaaS (the “Access Protocols”). Customer acknowledges and agrees that, as between Customer and PRIVO, Customer shall be responsible for all acts and omissions of Customer’s Administrative Users, including any act or omission by a Customer’s Administrative User, which, if undertaken by Customer, would constitute a breach of this Agreement. Customer shall undertake reasonable efforts to make all Customer’s Administrative Users aware of the provisions of this Agreement that are applicable to their use of the SaaS and shall cause them to comply with such provisions.

3.3. Account Administration. Customer shall designate at least one Administrative User (the “Customer’s Administrative User”) to act as an administrator who will act as Customer’s principal point of contract with PRIVO for purposes of this Agreement on behalf of Customer and Authorized Customer Entities.

3.4. Use of End User Data. Subject to any limitations or provisions addressing End User Data contained in the Customer Order Form, the SaaS may enable Customer’s Administrative Users to search for, find, store, manage and use End User Data of interest that is provided or made accessible through the SaaS. Customer acknowledges that while the functionality of the SaaS includes the utilization of industry reasonable methods of verification, as defined by COPPA and the FTC-authorized COPPA safe harbor program administered by PRIVO, as between Customer and PRIVO, except as otherwise expressly provided herein or otherwise agreed by PRIVO in writing, Customer is solely responsible for determining the suitability of any End User Data for its intended use by Customer and its Affiliates

3.5. Compliance. (a) Customer’s and Customer’s Administrative Users’ access to and use of the SaaS and any Content made available via the SaaS is subject to their continuing compliance with all of the following: (a) the terms and conditions set forth in this Agreement; (b) PRIVO’s online Terms of Use and online Privacy Policy, the current versions of which are attached hereto as Exhibits B and C, respectively, as they may be revised by PRIVO from time to time to maintain conformance with applicable laws and regulations and changes in the technology used to operate the SaaS; (c) third party service terms and conditions governing any Content accessed through the SaaS that is published or distributed by a third-party, provided that such content is identified as Content provided by a third party, and (d) Applicable Laws, including Data Privacy and Security Laws. In the event of a conflict between this Agreement and the online Terms of Use and online Privacy Policy, this Agreement shall prevail and control.

(b) In addition to complying with applicable Data Privacy and Security Laws, PRIVO will employ commercially reasonable security and access controls and backup and recovery plans and procedures (including, but not limited to, disaster recovery plans and procedures) (collectively, “Data Protection Procedures”) suitable for protecting the types of data collected and stored by the SaaS, including Personally Identifiable Information. PRIVO will review its Data Protection Procedures at least annually and remediate without undue delay any identified material vulnerabilities or risks. PRIVO shall notify Customer immediately of any breach of security that it believes has or probably has resulted in unauthorized access to or acquisition of any Customer Data or Customer Confidential Information. PRIVO agrees to cooperate with customer to notify applicable government authorities of such breach and to cooperate in any investigation.

3.6. Restrictions. Except with the prior written consent of both PRIVO and the affected End User(s), Customer will not store or knowingly permit anyone to store End User Data created or made available through the SaaS except such End User Data, if any, that Customer has been granted express permission by the End User to store, and an archival log of the End User permissions granted. Customer agrees not to act outside the scope of the rights that are expressly granted by PRIVO in this Agreement. Further, Customer will not (i) use the SaaS in any manner that is inconsistent with this Agreement; (ii) except as expressly permitted under an SDK License granted by PRIVO to Customer, or in collaboration with PRIVO and with PRIVO’s express written approval, modify any program code of the SaaS or attempt to create or permit the creation of any derivative works of the SaaS; (iii) decompile, reverse engineer (unless expressly permitted by law for interoperability), or use any other method in an attempt to view or recreate any of the source code of the SaaS or extract any trade secrets from it; (iv) use the SaaS to operate the business of a third party or to process data or content provided by a third party for the operation of a third party’s business, or otherwise use the SaaS on a third party’s behalf, or to act as a service bureau or PRIVO of application services to any third party; (v) knowingly or intentionally re-use, disseminate, copy, or otherwise use the SaaS or associated PRIVO Content in a way that infringes, misappropriates, or violates any PRIVO trademark, copyright, patent, trade secret, publicity, privacy or other right of any third party; or (vi) sell, lend, lease, assign, transfer, pledge, permit a lien upon, or sublicense any of the rights granted by this Agreement with respect to the SaaS.

3.7. No Interference with SaaS Operations. Customer will not take and will prohibit Customer’s Administrative Users from taking any action designed or intended to: (a) interfere with the proper working of the SaaS; (b) circumvent, disable, or interfere with security-related features of the SaaS or features that prevent or restrict use, access to, or copying the SaaS or any Content or other data, or that enforce limitations on use of the SaaS or Content; or (c) impose (or which may impose, in PRIVO’s sole discretion) an unreasonable or disproportionately large load on the SaaS infrastructure.

3.8. Access and Use Outside the U.S. The SaaS is offered for use in the U.S., any location with an APO, FPO, or DPO address and any other territory set forth in the Customer Order Form. As between Customer and PRIVO, Customer is solely responsible for compliance with Applicable Laws relevant to Administrative Users or Customer End Users accessing or using the SaaS while outside the U.S. and such other territory.

 

4. CONFIDENTIALITY OBLIGATIONS; PUBLICITY. All activities of the parties under or in relation to this Agreement are subject to the confidentiality terms attached hereto as Exhibit A. Neither Party may use the name of the other in any published advertising or publicity materials without the prior written consent of the other party. However, and notwithstanding anything to the contrary in Exhibit A, PRIVO may include Customer’s name and logo on PRIVO’s client list and in the Service Directory and may describe briefly and in general terms the nature of the services provided by PRIVO to Customer.

 

5. SUPPORT SERVICES.

5.1. Technical Support. At no additional charge and during PRIVO’s normal business hours (which are 8:00 a.m. to 6:00 p.m. Eastern Time, Monday through Friday, excluding PRIVO-designated holidays unless otherwise specified in the applicable Customer Order Form), PRIVO will provide reasonable technical support and assistance for Administrative User requests by telephone or sent via email to support@PRIVO.com. PRIVO may also offer upgraded support services for an additional fee.

5.2. Updates. Customer will be given access to Updates of the SaaS that PRIVO implements during the Subscription Term. Customer acknowledges, however, that PRIVO may in the future offer optional value-added functions, features or other capabilities for a separate fee.

5.3. Scheduled Maintenance. PRIVO reserves the right to take down applicable servers hosting the SaaS to conduct scheduled and emergency maintenance. If PRIVO performs scheduled maintenance outside regular business hours that will involve PRIVO taking down servers hosting the SaaS, it will provide at least 24 hours advance notice for such maintenance to Customer, unless the maintenance is emergency maintenance and PRIVO will attempt to provide notice as soon as possible.

 

6. ALLOCATIONS OF RISK.

6.1. Representations and Warranties. (a) Each Party represents to the other (i) that the execution and performance of its obligations under this Agreement will not conflict with or violate any provision of Applicable Law; and (ii) that this Agreement, when executed and delivered, will constitute a valid and binding obligation of such Party and will be enforceable against such Party in accordance with its terms.

(b) PRIVO represents and warrants that the SaaS is designed to meet COPPA’s online identity verification requirements regarding child use of Customer’s Online Service(s), such that Customer’s use of the SaaS in accordance with all terms and conditions governing its use will provide processes and tools Customer can utilize to qualify for the COPPA’s Safe Harbor program. PRIVO further represents and warrants that PRIVO’s SaaS will utilize methods to obtain verifiable parental consent that, as prescribed by COPPA, are reasonably calculated, in light of available technology, to ensure that the person providing consent is the child’s parent.

(c) PRIVO represents and warrants that it has adopted commercially reasonable measures to safeguard Customer Data and End User Data from alteration, loss or erasure and to guard against the SaaS transmitting any virus or other malicious code or malware to Customer or any End User.

(d) PRIVO warrants that any professional service performed by PRIVO under this Agreement will be performed in a good and workmanlike manner and that any deliverables prepared for Customer will conform in all material requests, at the time of delivery, to their agreed and documented requirements and specifications. In the event of a breach of this warranty, PRIVO’s sole obligation and Customer’s sole remedy will be for PRIVO to correct or re-perform the affected professional service without undue delay to remedy the breach, at no charge to Customer; provided, however, that if PRIVO is unable to cure a breach of this warranty after two attempts to do so (i.e., the limited warranty remedy fails of its essential purpose), then Customer may seek to avail itself of other available remedies, subject to the exclusions and limitations of liability set forth herein.

(e) PRIVO represents and warrants to Customer that (i) it will only access, disclose, deliver, use, or otherwise process End User Data to which, and in the manner for which, PRIVO has a legal right and/or has received the permission of the affected End User; and (ii) that any professional service performed by PRIVO under this Agreement will not knowingly infringe any Intellectual Property Rights of a third party.

(f) Customer represents and warrants to PRIVO that it will only access, disclose, deliver, use, or otherwise process End User Data to which, and in the manner for which, Customer has a legal right and/or has received the permission of the affected End User.

(g) Customer represents and warrants to PRIVO that to Customer’s knowledge, Customer’s Online Service(s) does(do) not infringe or violate the Intellectual Property Rights, privacy rights, or other rights of a third party.

6.2. DISCLAIMERS. (a) CUSTOMER REPRESENTS THAT IT IS ENTERING THIS AGREEMENT WITHOUT RELYING UPON ANY PRIVO REPRESENTATION OR WARRANTY NOT EXPRESSLY STATED IN THIS AGREEMENT. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, PRIVO DISCLAIMS ANY AND ALL PROMISES, REPRESENTATIONS AND WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, INCLUDING, BUT NOT LIMITED TO, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, DATA ACCURACY, SYSTEM INTEGRATION, SYSTEM RELIABILITY, TITLE, NON-INFRINGEMENT, NON-INTERFERENCE AND/OR QUIET ENJOYMENT, AND ALL WARRANTIES THAT MAY OTHERWISE BE IMPLIED. NO WARRANTIES ARE MADE ON THE BASIS OF TRADE USAGE, COURSE OF TRADE, OR COURSE OF DEALING OR PERFORMANCE.

(b) CUSTOMER ASSUMES COMPLETE RESPONSIBILITY, WITHOUT ANY RECOURSE AGAINST PRIVO, FOR THE SELECTION OF THE SAAS TO ACHIEVE CUSTOMER’S INTENDED RESULTS AND FOR ITS USE OF THE RESULTS OBTAINED FROM THE SAAS IN CUSTOMER’S BUSINESS. PRIVO. PRIVO DOES NOT WARRANT THAT THE SAAS WILL MEET CUSTOMER’S REQUIREMENTS, OTHER THAN TO ASSIST CUSTOMER IN COMPLYING WITH COPPA OR OTHER APPLICABLE DATA PRIVACY AND SECURITY LAW(S), OR THAT THE OPERATION OF THE SAAS WILL BE UNINTERRUPTED, OR THAT THE SOFTWARE USED TO PROVIDE THE SAAS WILL BE ERROR FREE OR THAT ALL ERRORS IN THE SAAS SOFTWARE WILL BE CORRECTED; PROVIDED, HOWEVER, THAT PRIVO WILL GIVE CUSTOMER PROMPT WRITTEN NOTICE OF ANY DISRUPTIONS IN THE SAAS OR ERRORS IN THE SAAS SOFTWARE OF WHICH PRIVO BECOMES AWARE THAT PRIVO COULD REASONABLY FORESEE MAY COMPROMISE THE COMPLIANCE OF THE SAAS WITH APPLICABLE LAWS.

6.3. Indemnification of Customer by PRIVO. PRIVO agrees to defend, indemnify and hold harmless Customer and its Authorized Customer Entities from and against all third-party claims and actions (collectively, “Claims” and individually, a “Claim”), that may, at any time, arise out of or relate to (a) a breach or alleged breach by PRIVO of any of its representations or warranties given in Section 6.1 of this Agreement; (b) a Claim that the Services, the SaaS, or PRIVO Content (excluding, however, Customer Data and End User Data) provided by PRIVO hereunder or Customer’s use of same in accordance with the terms hereof infringes any third party’s Intellectual Property Rights; (c) a Claim arising with respect to PRIVO’s posting or displaying PRIVO Content on PRIVO’s Web Site; and, in each case, associated Losses; (d) the posting, display, distribution, broadcast or other use of End User Data, by or on behalf of PRIVO or an Authorized PRIVO Entity, in a manner that Customer or the applicable End User did not consent to or that contains libelous, defamatory, or otherwise injurious or unlawful material; and, in each case, associated Losses or (e) PRIVO's gross negligence or willful misconduct.

6.4. Indemnification of PRIVO by Customer. Except for any Claims in respect of which PRIVO is obligated to indemnify Customer under Section 6.3, Customer agrees to defend, indemnify and hold harmless PRIVO and its Affiliates from and against all Claims, that may, at any time, arise out of or relate to: (a) use or dissemination of the SaaS or any Content by or on behalf of Customer or an Authorized Customer Entity other than in accordance with this Agreement ; (b) the posting, display, distribution, broadcast or other use of End User Data, by or on behalf of Customer or an Authorized Customer Entity in a manner that PRIVO or the applicable End User did not consent to or that contains libelous, defamatory, or otherwise injurious or unlawful material; and, in each case, associated Losses.

6.5. Indemnification Procedures. If any third party makes a Claim covered by Section 6.3 or 6.4 against an indemnitee (a “Covered Party”) with respect to which the Covered Party intends to seek indemnification under this Agreement, the Covered Party shall give prompt written notice of the Claim to the indemnifying Party, including a brief description of the amount and basis for the claim, if known. Upon receiving such notice, the indemnifying Party shall be obligated to defend the Covered Party against the Claim and shall be entitled to assume control of the defense and settlement of the Claim. The Covered Party may participate in the defense and settlement of the Claim at its own expense, using its own counsel, but without any right of control. The indemnifying Party shall keep the Covered Party apprised as to the status of the Claim. Neither the indemnifying party nor any Covered Party shall be liable for any settlement of a Claim made without its consent, which will not be unreasonably withheld, delayed, or conditioned. Notwithstanding the foregoing, the Covered Party shall retain responsibility for all aspects of the Claim that are not subject to indemnification by the indemnifying Party hereunder.

6.6. Limitation of Liability. Except as expressly provided in this Section 6.6, neither Party shall have any liability under or in connection with this Agreement for any indirect, incidental, consequential, special, exemplary or punitive damages, nor any liability for lost profits, loss of data, loss of business opportunity, or business interruption, regardless of the theory of liability (including theories of contractual liability, tort liability (including negligence), or strict liability), even if the liable Party knew or should have known that those kinds of damages were possible; and each Party’s maximum cumulative liability under or in connection with this Agreement shall never exceed the injured Party’s actual direct damages, capped at an amount equal to the total amount paid or payable under this Agreement by Customer to PRIVO (excluding third-party transaction fees) during the 12-month period preceding the occurrence of the event giving rise to liability. The foregoing limitations of liability shall not be applicable to a Party’s indemnification obligations under this Section 6, to willful or grossly negligent misconduct of a Party, to fraud or fraudulent misrepresentation of a Party, or to any damages that the liable Party is not permitted to disclaim (or, as applicable, limit) under Applicable Law. Customer acknowledges that this Section 6.6 is an essential part of this Agreement, absent which the economic terms and other provisions of this Agreement would be substantially different.

 

7. DURATION AND TERMINATION.

7.1. Duration of Agreement. This Agreement commences on the Subscription Term start date set forth in the first Customer Order Form executed by both Parties and continues until all Customer Order Forms entered into by the Parties have expired or been terminated in accordance with this Agreement.

7.2. Termination. Either Customer or PRIVO may terminate this Agreement, and all Customer Order Forms or only affected Customer Order Forms (a) for cause upon written notice to the other Party if the other Party has committed a material breach of this Agreement and the breach either is not reasonably susceptible of cure or remains uncured 25 days after the breaching party has received written notice of the breach from the non-breaching party, or (b) if the other Party becomes the subject of a petition in bankruptcy or any other proceeding relating to insolvency, receivership, liquidation or assignment for the benefit of creditors.

7.3. Effect of Early Termination on Fees. If this Agreement is terminated by Customer pursuant to Section 7.2, any pre-paid fees for the unused portion of the terminated Subscription Term will be refunded to Customer. In all other cases, all fees paid or payable for the terminated Subscription Term are non-cancellable and non-refundable, and any unpaid fees for the remainder of the terminated Subscription Term will become immediately due and payable.

7.5. Other Effects of Termination. Effective immediately upon expiration or termination of this Agreement, (i) all rights granted by PRIVO to Customer under this Agreement automatically revert to PRIVO, (ii) Customer and Authorized Customer Entities shall cease all use of the SaaS, and (iii) neither Party will have continuing rights to use any Confidential Information of the other Party or to exercise any Intellectual Property Rights of the other Party that were licensed under this Agreement. The foregoing notwithstanding, nothing in this Agreement shall operate so as to invalidate the provisions of Section 2.2 of these Terms and Conditions. Should any Customer End User Data to which PRIVO is entitled pursuant to Section 2.2 reside solely on servers, papers, or facilities over which Customer has control, Customer shall cooperate with PRIVO to effectuate PRIVO’s rights under Section 2.2 in the manner and timeframe identified by PRIVO. In addition, and subject to any additional rights of or limits on Customer regarding Customer End User Data as expressly set forth in a Customer Order Form, Customer shall have 30 days after any such expiration or termination to download or otherwise obtain an extract of any Customer Data stored by the SaaS at the time of expiration or termination that Customer has both a legal right and any necessary permissions from End Users or others to access and store.

7.6. Survival. Any provision of the Agreement that contemplates or governs performance or observance subsequent to its termination or expiration will survive the expiration or termination of this Agreement (or the applicable Customer Order Form) for any reason.

 

8. PROPRIETARY RIGHTS.

8.1. Services and PRIVO Content. Unless expressly provided otherwise in the Customer Order Form, the Services (including the SaaS) and PRIVO Content, and all Intellectual Property Rights in and to them, are and shall remain owned by PRIVO (and its licensors, as applicable) and are protected by copyright, trademark, patent, trade secret and other laws and treaties. PRIVO hereby grants Customer and Customer’s Administrative Users a limited, personable, revocable, non-sublicensable and non-transferable license to reproduce and display PRIVO Content solely for their authorized use of the SaaS. Any derivative work Customer or Customer’s Administrative Users may create of any part of the SaaS or PRIVO Content, and all rights therein, shall be owned solely by PRIVO. To that end, Customer hereby irrevocably transfers and conveys to PRIVO, without further consideration, all right, title and interest that Customer or Customer’s Administrative Users may have or acquire in any such derivative work and, upon PRIVO’s request, Customer shall perform, during and after the term of this Agreement, all acts that PRIVO reasonably deems necessary or desirable to permit and assist PRIVO, at its expense, to obtain, perfect, and enforce the full benefits, enjoyment, rights and title throughout the world in any such derivative works as provided herein.

8.2. Customer End User Data License. In accordance with the rights set out in Section 2.2 of these Terms and Conditions, Customer hereby grants to PRIVO a non-exclusive, non-transferable right and license to access, use, host, copy, process, deliver and disclose the Customer End User Data as necessary or convenient for PRIVO to comply with its obligations and exercise its rights under this Agreement and the proper functioning of the SaaS both during and after the Subscription Term.

8.3. Customer Trademarks. If PRIVO agrees to create, at Customer’s request, any Customer-branded or co-branded user interfaces through which Customer’s Administrative Users or Customer End Users will access the SaaS, Customer hereby grants to PRIVO during the Subscription Term a non-exclusive, worldwide, royalty-free license to use and display the Customer’s name, logo and other trademarks (“Customer Trademarks”) designated by Customer on such user interface(s). In such event, PRIVO will use the relevant Customer Trademarks in accordance with Customer’s then-current trademark usage guidelines, if any, provided by Customer to PRIVO and only for the agreed purposes. Subject to the foregoing license, Customer will retain all Intellectual Property Rights that it may have in and to the Customer Trademarks, and all use thereof by PRIVO and goodwill arising therefrom shall inure to the sole benefit of Customer.

8.4. Feedback. If PRIVO receives from Customer or any Authorized Customer Entity or Customer’s Administrative Users or End Users any suggestions, ideas, improvements, modifications, feedback, error identifications or other information related to the Services or any other PRIVO products, offerings or services (“Feedback”), PRIVO may use, disclose and exploit such Feedback without restriction, including to improve the Services and to develop, market, offer, sell and provide other products and services, and without any obligation to compensate Customer for doing so.

8.5. No Implied Licenses by PRIVO. Subject to any rights and licenses expressly granted under this Agreement, Customer acknowledges that there are no licenses granted by PRIVO by implication under this Agreement. PRIVO reserves all rights that are not expressly granted. Customer acknowledges that, unless expressly provided otherwise in the Customer Order Form, as between the Parties, PRIVO owns all Intellectual Property Rights and proprietary interests that are embodied in, or practiced by, the SaaS or other Services.

 

9. GENERAL.

9.1. Governing Law. The validity, construction, and interpretation of this Agreement and the rights and duties of the Parties shall be governed by the internal laws of the Commonwealth of Delaware, without regard to principles of conflicts of laws, and any applicable U.S. federal laws. The Parties agree that this Agreement is not subject to the UN Convention on Contracts for the International Sale of Goods.

9.2. Force Majeure. Notwithstanding any other provision of this Agreement, no Party to the Agreement shall be deemed in default or breach of this Agreement or liable for any loss or damages or for any delay or failure in performance (except for the payment of money) due to any cause beyond the reasonable control of, and without fault or negligence by, such Party or its officers, directors, employees, agents or contractors.

9.3. Insurance. PRIVO shall have and maintain in force throughout the Subscription Term insurance coverage in types and amounts as set forth below:

Commercial General Liability – $1,000,000 (occurrence); $2,000,000 (aggregate)

Worker’s Compensation –Statutory limits

Employer’s Liability –$1,000,000

Automobile Liability –$1,000,000 (combined single limit)

Technology E&O/Cyber Liability –$3,000,000 (per claim/aggregate)

9.4. Dispute Resolution. Any controversy or claim arising out of or relating to this Agreement, or the breach thereof, that is not mutually resolved by the Parties shall be decided by a single arbitrator in binding arbitration administered by the American Arbitration Association (“AAA”) in accordance with its then-current Commercial Arbitration Rules, and judgment on the award rendered by the arbitrator may be entered in any court having jurisdiction thereof. Each Party shall bear its own costs, fees and expenses incurred in connection with the arbitration proceeding, including attorneys’ fees and expenses and witness costs and expenses. The arbitrator shall apportion the fees, expenses and compensation of the American Arbitration Association and the arbitrator between the parties in such amount as the arbitrator determines is appropriate. Arbitration shall take place in Delaware unless the Parties mutually agree to another location. Notwithstanding the foregoing, a party may, without waiving any remedy under this Agreement, seek from any court with jurisdiction, interim or provisional equitable relief necessary to protect such party’s rights or property. Any civil action seeking injunctive relief, challenging an arbitration proceeding or award or otherwise related to this Agreement will be instituted and maintained exclusively in the federal or state courts sitting in Delaware.

9.5. Notice. All notices required or permitted under this Agreement will be in writing and sent by certified mail, return receipt requested, or by reputable oversight courier, or by hand delivery, together with a copy (which shall not constitute notice) sent to the recipient by email. The notice address for PRIVO and Customer shall be their respective addresses specified in the applicable Customer Order Form. Any notice sent in the manner sent forth above shall be deemed sufficiently given for all purposes hereunder (i) in the case of certified mail, on the second business day after deposited in the U.S. mail and (ii) in the case of overnight courier or hand delivery, upon delivery. Either party may change its notice address by giving written notice to the other party by the means specified in this Section.

9.6. Construction; Headings. No provision of this Agreement shall be construed against or interpreted to the disadvantage of any Party by any court or arbitrator by reason of such Party having or being deemed to have structured or drafted such provision. The headings in this Agreement are for reference purposes only and shall not be deemed to have any substantive effect.

9.7. Severability. If any provision of this Agreement is held by a court or arbitrator of competent jurisdiction to be contrary to law, then the Parties agree to replace it with an enforceable provision reflecting the intent of the original provision as nearly as possible in accordance with applicable law, and the remaining provisions of this Agreement will remain in full force and effect.

9.8. Waiver. The failure of either Party at any time to require performance by the other Party of any provision of this Agreement shall not affect in any way the full right to require the performance at any subsequent time. The waiver by either Party of a breach of any provision of this Agreement shall not be taken or held to be a waiver of the provision itself. Any course of performance shall not be deemed to amend or limit any provision of this Agreement.

9.9. Entire Agreement; Amendments. This Agreement (including Customer Order Forms entered under it) constitutes the entire agreement between PRIVO and Customer with respect to the subject matter hereof. There are no restrictions, promises, warranties, covenants, or undertakings other than those expressly set forth herein and therein. This Agreement supersedes all prior negotiations, agreements, and undertakings between the Parties with respect to such matter. This Agreement may be amended only by an instrument in writing executed by the Parties’ duly authorized representatives.

9.10. Order of Precedence. In the event of conflict between any provision contained in these Terms and Conditions and any Customer Order Form, the provisions of the Customer Order Form will prevail. Where multiple Customer Order Forms address the area of conflict, the most recent Customer Order Form executed by both Parties that addresses the area of conflict will prevail.

9.11. Counterparts; Signatures. This Agreement may be executed via a Customer Order Form signed in counterparts with the same effect as if the signatures were upon a single instrument, and all such counterparts together shall be deemed an original of this Agreement. For purposes of this Agreement, a facsimile copy of a Party’s signature made by reliable means shall be sufficient to bind such Party. [End of Terms and Conditions]

 

EXHIBIT A

Non-Disclosure Terms

All activities of the Parties under or in relation to this Agreement are subject to the following terms and conditions with respect to Confidential Information:

 

OBLIGATIONS AND PERMITTED USES

With respect to the disclosing Party’s Confidential Information, the receiving Party and its personnel will:

hold all Confidential Information received from or on behalf of the disclosing Party in strict confidence and protect the disclosing Party Confidential Information from any unauthorized disclosure or use by using the same degree of care as it uses to protect its own similar confidential information, but no less than a reasonable degree of care;

not, except with the prior written approval of the disclosing Party, disclose any the disclosing Party’s Confidential Information to any third party except as expressly permitted by Section 1(e) below;

use the disclosing Party’s Confidential Information only for the purpose of performing the receiving Party’s obligations and exercising its rights under this Agreement, and not otherwise for the benefit of the receiving Party or any other party (which prohibition includes use of the disclosing Party’s Confidential Information in or for published papers and presentations, or for use in any manner or for any purpose that would be competitive with the disclosing Party’s products or services, or its use in or for research that is subject to licensing or ownership obligations to any government or other entity);

reproduce the disclosing Party’s Confidential Information only as reasonably necessary for the purpose of performing the receiving Party’s obligations and exercising its rights under this Agreement;

limit disclosure of the disclosing Party’s Confidential Information to only those of its personnel (employees, contractors, and professional and legal advisors) who have a need to know such Confidential Information for the purposes of this Agreement, who have been advised of the receiving Party’s obligations herein, and who are bound to the receiving Party to preserve the confidentiality of such Confidential Information substantially consistent with the terms hereof; and

not engage in or permit any efforts to reverse engineer, disassemble or decompile any prototypes, software or other tangible objects provided to it pursuant to this Agreement that embody the disclosing Party’s Confidential Information in an attempt to derive the source code for any software or discern any trade secrets, except as expressly permitted by applicable law to create interoperability with other computer programs.

Any breach or violation of this Section 1 shall constitute a material breach of this Agreement.

 

EXCEPTIONS

The foregoing obligations of confidentiality shall not apply to any particular disclosing Party Confidential Information that the receiving Party can demonstrate by written records:

was publicly disclosed prior to disclosure to the receiving Party, or, subsequent to disclosure to the receiving Party, is publicly disclosed through no fault of the receiving Party;

was known to or otherwise independently developed by the receiving Party, without any use of or other reliance upon the disclosing Party’s Confidential Information, prior to the date of its disclosure by or on behalf of the disclosing Party, which knowledge was acquired independently and not from the disclosing Party or its personnel, as shown by documents and other competent evidence in the receiving Party’s possession prior to the time of disclosure; or

is subsequently disclosed to the receiving Party in good faith by a third party who has a right to make such disclosure to the receiving Party without any obligation to restrict its further use or disclosure.

 

COURT ORDERS OR GOVERNMENT ORDERS

If the receiving Party is required to disclose any of the disclosing Party’s Confidential Information in response to a valid order of a court or other valid governmental body in the United States, the receiving Party agrees to give the disclosing Party reasonable advance notice of the required disclosure (unless it is not legally permitted to do so) in order to afford the disclosing Party a reasonable opportunity to contest the disclosure or seek a protective order, and the receiving Party agrees to reasonably cooperate with such the disclosing Party efforts.

NO LICENSE

No license to any of the Parties’ respective trademarks, patents, copyrights, or any other intellectual property rights is either granted or implied by this Exhibit A or any disclosure of the disclosing Party’s Confidential Information pursuant to this Agreement, including but not limited to, any license to make, have made, use, sell, offer to sell, or import any device or item embodying any the disclosing Party’s Confidential Information.

 

NO OBLIGATION

Neither this Agreement nor the disclosure or receipt of the disclosing Party’s Confidential Information shall be construed as creating any obligation of the disclosing Party to furnish more or other the disclosing Party Confidential Information to the receiving Party.

 

RETURN OF CONFIDENTIAL INFORMATION

Upon the disclosing Party's written request to the receiving Party, the receiving Party will return to the disclosing Party (or, at the disclosing Party’s direction, destroy) all of the Confidential Information received from or on behalf of the disclosing Party (including all copies and derivative works made by the receiving Party) and will cease all use of such the disclosing Party’s Confidential Information. Upon request of the disclosing Party, the receiving Party will certify to the disclosing Party, in writing, that all such disclosing Party Confidential Information (including all copies thereof) has been returned or destroyed and all use of the disclosing Party’s Confidential Information has been discontinued.

 

REPRESENTATION

The disclosing Party represents that it has the right to disclose its Confidential Information disclosed to the receiving Party under this Agreement.

 

EXHIBIT B

Current PRIVO Online Terms of Use. Please read these Terms of Use carefully: Click here to read.

----------------------------------------------------------------------------------------------

 

EXHIBIT C

Current PRIVO iD Platform Privacy Policy. Please read this Policy carefully: Click here to read.