Log In

Search
Last updated: LAST UPDATED: APRIL 7, 2023

Master Subscription Agreement

This Master Services Agreement (the “Agreement”) is made by and between Caliber UX, Inc. dba CaliberMind (“CaliberMind” or “Company”) and customer named on the order form (“Customer”), effective as of the date of last signature (“Effective Date”) CaliberMind and Customer may be referred to herein individually as a “party” or collectively as the “parties”. The parties hereby agree as follows:  

1. Scope; Procurement and Provisioning by Affiliates; Subscription Services Users

  1.1 Scope. This Master Services Agreement applies to Customer’s use of the online subscription services and related online training and packaged professional services offered by CaliberMind (collectively, the “Subscription Services”) that are listed in one or more CaliberMind subscription-based ordering documents signed by the Parties (each an “Order”). This Master Services Agreement and all executed Orders, including any addenda and exhibits, are collectively referred to as the “Agreement.” All capitalized terms not defined herein will have the meanings attributed to them in the Order.

  1.2 Procurement and Provisioning by Affiliates. Customer may procure Subscription Services under this Agreement for its own account and on behalf of one or more Customer Affiliates (defined below) only as set forth on the applicable Order. Customer is responsible for the acts and omissions of Customer Affiliates. “Affiliate” means any legal entity directly or indirectly controlling, controlled by or under common control with a Party, where control means the ownership of a majority share of the stock, equity or voting interests of such entity.

  1.3 Subscription Services Users. During the Subscription Term set forth in each Order, CaliberMind will make the Subscription Services available to Customer and its authorized Affiliates, employees, or agents (in each case, only as set forth on the applicable Order) (“Users”), for access and use by such Users solely for Customer’s internal business purposes in accordance with the terms of the Agreement. Customer is responsible for use of the Subscription Services by Users and any party who accesses the Subscription Services with Customer’s or a User’s account credentials.

2. Restrictions; CaliberMind Use Policies; Beta Versions; Usage Rights; Suspension.

  2.1 Restrictions. Customer will not, and will ensure that its Users do not, directly or indirectly (i) make the Subscription Services available to anyone other than Users or use the Subscription Services for the benefit of any unrelated third party; (ii) sell, resell, assign, pledge, transfer, license, sublicense, distribute, rent or lease the Subscription Services; (iii) reverse engineer, decompile, disassemble or otherwise attempt to discover the source code, object code or underlying structure, ideas or algorithms of the Subscription Services or any software, documentation or data related to or provided with the Subscription Services; (iv) modify, translate or create derivative works based on the Subscription Services or remove any proprietary notices or labels from the Subscription Services; (v) use or access the Subscription Services to build or support, and/or assist a third party in building or supporting products or services competitive to the Subscription Services; (vi) include the Subscription Services in a service bureau or outsourcing offering; or (vii) use the Subscription Services for any competitive purposes. Customer will, and will ensure that its Users do not engage in any of the following: (a) copying, distributing, or disclosing any part of the Subscription Services in any medium, including without limitation by any automated or non-automated “scraping”; (b) except as expressly authorized on an Order, using any automated system, including without limitation “robots,” “spiders,” “offline readers,” etc., to access the Subscription Services in a manner that sends more request messages to the CaliberMind servers than a human can reasonably produce in the same period of time by using a conventional on-line web browser (except that CaliberMind grants the operators of public search engines revocable permission to use spiders to copy materials from the site for the sole purpose of and solely to the extent necessary for creating publicly available searchable indices of the materials); (c) transmitting spam, chain letters, or other unsolicited email; (d) attempting to interfere with, compromise the system integrity or security or decipher any transmissions to or from the servers running the Service; (e) except as expressly authorized on an Order, taking any action that imposes, or may impose at CaliberMind sole discretion an unreasonable or disproportionately large load on CaliberMind infrastructure; (f) uploading invalid data, viruses, worms, or other software agents through the Subscription Services; (g) except as expressly authorized on an Order, collecting or harvesting any personally identifiable information, including account names, from the Subscription Services; (h) except as expressly authorized on an Order, using the Subscription Services for any commercial solicitation purposes; (i) impersonating another person or otherwise misrepresenting Customer’s affiliation with a person or entity, conducting fraud, hiding or attempting to hide Customer’s identity; (j) interfering with the proper working of the Subscription Services; (k) accessing any content on the Subscription Services through any technology or means other than those provided or authorized by the Subscription Services; (l) bypassing the measures CaliberMind may use to prevent or restrict access to the Subscription Services, including without limitation features that prevent or restrict use or copying of any content or enforce limitations on use of the Subscription Services or the content therein; (m) posting content that is patently offensive and promotes racism, bigotry, hatred or physical harm of any kind against any group or individual; (n) posting content that harasses or advocates harassment of another person; (o) exploits people in a sexual or violent manner; (p) violating the privacy rights, publicity rights, copyrights, trademark rights, contract rights or any other rights of any person; (q)  using the Subscription Services in a manner inconsistent with any and all applicable laws and regulations; (r) using the Subscription Services to create a competing service.

  2.2 Beta Versions. From time to time, CaliberMind may make available beta versions, pilot, limited release, non-production, or services by a similar description (each, a “Beta Version”). Beta Versions are intended for internal evaluation purposes and not for production use, are not supported, and may be subject to additional terms. CaliberMind may discontinue Beta Versions at any time in its sole discretion and may never make them generally available. CaliberMind assumes no liability for any harm or damage arising out of or in connection with a Beta Version, and CaliberMind shall not have any indemnification obligations related to any Beta Versions. All Beta Versions are provided as-is and without any warranties.  

  2.3 Usage Rights. Customer will, at all times, ensure that its use of the Subscription Services does not exceed the usage limits specified in the Order (“Subscription Usage”). Customer shall be responsible for any excess usage fees as set forth on the platform and/or in the Order.  

  2.4 Suspension. CaliberMind may immediately suspend Customer’s account and access to the Subscription Services if (i) Customer fails to make payment due within 10 business days after CaliberMind has provided Customer with written notice of such failure; or (ii) Customer violates Section 2.1 (Restrictions), or Section 10 (Confidential Information) or (iii) CaliberMind believes suspension is necessary to prevent any unauthorized access to or use of the Subscription Services or any data therein. Any suspension by CaliberMind of the Subscription Services under the preceding sentence will not relieve Customer of its payment obligations hereunder.

3. Ownership: Subscription Services; Data.

  3.1 Subscription Services. Customer acknowledges that the Subscription Services are offered online on a subscription basis. CaliberMind reserves all rights, title and interest in and to the Subscription Services, including any content, software or documents related to or provided with the Subscription Services and all intellectual property rights, and including any derivatives, modifications, refinements or improvements thereto. From time to time, Customer or its Users may submit to CaliberMind comments, questions, enhancement requests, suggestions, ideas, process descriptions or other information related to the Subscription Services (“Feedback”). CaliberMind shall own all Feedback, Customer hereby assigns such Feedback to CaliberMind, and Customer agrees that CaliberMind has all rights to use and incorporate Feedback into the Subscription Services without restriction or payment to Customer. No rights are granted to Customer other than as expressly set forth herein. Any rights not expressly granted to Customer hereunder are reserved by CaliberMind. 

  3.2 Rights in Data. 

3.2.1 Customer Data. As used herein, “Customer Data” means information or material provided by Customer to CaliberMind in the course of using the Subscription Services. Customer is the sole owner of all Customer Data. Notwithstanding the foregoing, Customer hereby grants to CaliberMind a non-exclusive, fully paid up, royalty free, worldwide, non-transferable right and license to use, copy, modify, display, perform, and share the Customer Data during the term of this Agreement for the limited purposes of performing Company’s obligations hereunder for the benefit of Customer, including but not limited to the performance of the Subscription Services.  

3.2.2 Enhanced Data. As used herein, “Enhanced Data” means Customer Data that CaliberMind enhances or appends with other data or information owned or controlled by CaliberMind or third parties in collaboration with CaliberMind, including but not limited to metadata, attribution data, account and contact scoring, return-on-advertisement spend ratio, and intent data. CaliberMind is the sole owner of Enhanced Data; provided that, subject to Customer’s compliance with its obligations hereunder, CaliberMind grants to Customer a perpetual, non-exclusive, non-transferable, non-sublicenseable license to access and use the Enhanced Data for Customer’s internal business purposes only.

3.2.3 Usage Data. As used herein, “Usage Data” means usage and log data describing various parameters as to how Subscription Services are used by CaliberMind’s customers, including Customer (such as search terms used, how customer perform searches, and usage statistics). CaliberMind owns Usage Data and may use such Usage Data for its own internal purposes of enhancing the Subscription Services, including but not limited to conducting aggregated statistical analysis, technical support and other business purposes.

3.2.4 Machine Learning Models. In addition to the foregoing, where Customer purchases the Subscription Services pursuant to an Order under a machine-learning model, CaliberMind may develop and train machine learning models using a specific set of Customer Data, Enhanced Data, and other appropriate data sources (collectively, “Machine Learning Models”). CaliberMind is the sole owner of Machine Learning Models, and CaliberMind grants to Customer a non-exclusive, non-transferable, non-sublicenseable license to access and use the Machine Learning Models during the term of the relevant Order under which such Machine Learning Models are generated. Machine Learning Models learn representations based on Customer Data and do not incorporate any data from other CaliberMind Customers. Specific data sources used in Machine Learning Models include, but are not limited to, training data, validation data, and model weights. Examples of Machine Learning Models include marketing qualified account scores, and chain based attribution. 

4. Professional Services and Technical Support Services

  4.1 Professional Services. Customer may contract with CaliberMind to perform Professional Services. The specific details of the Professional Services to be performed will be determined on a per-project basis, and the details for each project will be described on the applicable CaliberMind order form agreed to by the parties in writing. Unless otherwise specified in the applicable CaliberMind order form, any unused portion of the Professional Services and training are nonrefundable and nontransferable and will expire and may not be carried over after 12 months from the applicable CaliberMind order form effective date. Unless otherwise set forth on the applicable Professional Services order form, CaliberMind shall own all results of the Professional Services, including any inventions, idea, knowhow, code, customizations, or other materials or information arising thereof.  All Professional Services are provided AS-IS and WITHOUT WARRANTY. 

  4.2 Changes to Professional Services. You may reasonably request in writing that revisions be made with respect to the Professional Services set forth in an order form. If Customer’s requested revisions increase the scope of the Professional Services or the effort required to perform the Professional Services under the order form, then CaliberMind will deliver to Customer a written proposal reflecting CaliberMind reasonable determination of the revised Professional Services, delivery schedule, and payment schedule, if any, that applies to the requested revisions. If Customer approve the proposal, then the parties will execute an amendment to the order form. Otherwise, the then-existing order form will remain in full force and effect, and CaliberMind will have no obligation with respect to the relevant change requests.

  4.3 Support Services. Company shall use reasonable efforts to make the Subscription Services perform in accordance with its standard support terms set forth at Customer Support Policy, as may be updated from time to time. CaliberMind will not materially reduce its support levels without prior written notice to Customer.

  4.4 CaliberMind Responsibilities. Customer will provide Company with administrative access to data accounts, which may include third party accounts (“Third Party Accounts”); allocation of a sufficient amount of API calls for data connectivity, including for such Third Party Accounts, and to assign a project facilitator who will ensure timely completion of tasks.  Customer represents and warrants that it has the right to provide CaliberMind with access to such Third Party Accounts, as CaliberMind as the ability for CaliberMind to retrieve and use data from such Third Party Accounts. Customer warrants that it shall comply with all terms of any Third Party Accounts. Customer acknowledges that if it does not provide CaliberMind with a sufficient amount of API calls or other usage limits, particularly for any Third Party Accounts,  access to such third party accounts may be interrupted and service downtime may occur. CaliberMind is not responsible for any downtime or service issues caused by Third-Party Accounts.  CaliberMind is not responsible for any costs, fees, connectivity issues or data transfer issues with respect to such Third Party Accounts.

5. Fees; Taxes and Currency; Invoices.

  5.1 Fees. Customer will pay all fees set forth in the Orders and any fees invoiced pursuant to this Agreement. All fees are noncancelable and nonrefundable, except as expressly specified in the Agreement. Any fees paid pursuant to an Order will not offset any fees due under any other Order and Customer may not withhold any fees to offset payment under any other Order.

  5.2 Taxes and Currency. All fees are exclusive of, and Customer will be responsible for payment of, taxes, levies, duties or similar local, state, provincial, federal or foreign jurisdiction governmental assessments on the Subscription Services. Customer is not responsible for any taxes based on CaliberMind’s net income. Except as otherwise specified in an Order, all fees due hereunder will be paid in U.S. Dollars.

  5.3 Invoices. All amounts are due and payable by Customer as specified in the Order. If no payment terms are specified in the applicable Order, payment terms are net 30 days from receipt of invoice. Unpaid invoices not the subject of a written good faith dispute are subject to a finance charge of 1.5% per month on any outstanding balance, or the maximum permitted by law, whichever is lower, plus all CaliberMind’s reasonable expenses of collection, including attorneys’ fees.

6. Agreement Term; Termination for Cause, Effect of Termination; Survival.

  6.1 Agreement Term. The Agreement will commence on the Effective Date and will remain in effect until the Subscription Term in all Orders has expired or has otherwise been terminated (the “Agreement Term”) in accordance with the terms of this Agreement. This Agreement automatically renews for additional successive one-year terms unless at least thirty (30) days before the end of the then-current term either party provides written notice to the other party that it does not intend to renew. Unless otherwise agreed to, all subscription revenue will increase by seven percent upon renewal.

  6.2 Termination for Cause. In the event of a material breach by either Party, the non-breaching Party will have the right to terminate the applicable Order for cause if such breach has not been cured within 30 days after written notice from the non-breaching Party specifying the breach.

  6.3 Effect of Termination. If CaliberMind terminates an Order for Customer’s uncured material breach (i) all fees set forth in the terminated Order will be immediately due and payable; (ii) all rights granted thereunder will immediately terminate; and (iii) if such terminated Order includes fees for usage of the Subscription Services in excess of the Usage Rights, such fees are also immediately due and payable. If Customer terminates an Order for CaliberMind’s uncured material breach, Customer will be entitled to a pro-rata refund for prepaid fees for the Subscription Services not performed as of the date of termination. Upon any termination, Company will make all Customer Data available to Customer for electronic retrieval for a period of thirty (30) days, but thereafter Company may, but is not obligated to, delete stored Customer Data.  Notwithstanding, upon any expiration or termination, all rights to access and use the Subscription Services will terminate.

  6.4 Survival. The following Sections of the Agreement will survive termination of the Agreement: Section 2.1 (Restrictions), Section 3 (Ownership: Subscription Services; Customer Data; Derivative Statistical Information), Section 5 (Fees; Taxes and Currency; Invoices), Section 7.5 (Warranties Disclaimer), Section 9 (Limitation of Liability), Section 10 (Confidential Information) and Section 11 (General Terms).

7. Warranties; Warranty Remedies; Warranties Disclaimer.

  7.1 General Warranty. Each Party represents and warrants to the other Party that it has the power and authority to enter into the Agreement.

  7.2 Subscription Services Warranty. CaliberMind warrants the Subscription Services, under normal use, will (i) perform materially in accordance with the applicable documentation provided by CaliberMind; and (ii) be provided in a manner consistent with generally accepted industry standards.

  7.3 Customer Warranties. Customer represents and warrants that: (a) it has the right to provide the Customer Data and to authorize CaliberMind to use it as set forth herein; (b) it has obtained all consents and opt-ins necessary for the use and sharing of the Customer Data hereunder; (c) it has collected, used, and shared all Customer Data in accordance with all applicable laws; and (d) it will not provide CaliberMind with (or upload to the Subscription Services) any sensitive personal information, including without limitation social security numbers, credit card information,  protected health information, banking information, genetic information or similar. 

  7.4 Warranty Remedies. Customer will notify CaliberMind of any warranty deficiencies under Section 7.2 within thirty (30) days of the performance of the relevant Subscription Services, and Customer’s exclusive remedy and CaliberMind’s sole obligation will be the re-performance of the deficient Subscription Services. If CaliberMind cannot re-perform such deficient Subscription Services as warranted, Customer will be entitled to terminate the deficient Subscription Services under Section 6.2 above and CaliberMind will refund any prepaid fees for such deficient Subscription Services.  THIS PARAGRAPH SETS FORTH CUSTOMER’S SOLE REMEDY AND CALIBERMIND’S ENTIRE LIABILITY FOR ANY BREACH OF WARRANTY CLAIMS.

  7.5 WARRANTIES DISCLAIMER. EXCEPT FOR THE EXPRESS WARRANTIES ABOVE, AND TO THE MAXIMUM EXTENT PERMITTED BY LAW, CALIBERMIND AND ITS THIRD PARTY PROVIDERS DISCLAIM ALL EXPRESS, IMPLIED OR STATUTORY WARRANTIES, INCLUDING ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. CALIBERMIND DOES NOT WARRANT THE RELIABILITY, TIMELINESS, SUITABILITY, OR ACCURACY OF THE SUBSCRIPTION SERVICES OR THE RESULTS CUSTOMER MAY OBTAIN BY USING THE SUBSCRIPTION SERVICES. CALIBERMIND DOES NOT WARRANT UNINTERRUPTED OR ERRORFREE OPERATION OF THE SUBSCRIPTION SERVICES OR THAT CALIBERMIND WILL CORRECT ALL DEFECTS OR PREVENT THIRD PARTY DISRUPTIONS OR UNAUTHORIZED THIRD PARTY ACCESS. CALIBERMIND DISCLAIMS ALL FAILURES, DELAYS, AND OTHER PROBLEMS INHERENT IN THE USE OF THE INTERNET.  CALIBERMIND DOES NOT WARRANT THAT IT WILL BE ABLE TO ACCESS OR RETREIVE DATA FROM THIRD PARTY ACCOUNTS.

8. Indemnification

  8.1 By CaliberMind. CaliberMind will defend Customer against any claim brought against Customer by a third party alleging the Subscription Services as provided by CaliberMind directly infringe the U.S. copyright or trademark  rights of the claimant and will pay Customer for finally-awarded damages and costs and CaliberMind-approved settlements of the claim. CaliberMind’s obligations to defend or indemnify will not apply to the extent that a claim is based on (i) Customer Data, Customer’s or a third party’s technology, software, materials, data or business processes; (ii) a combination of the Subscription Services with non-CaliberMind products or services; or (iii) any use of the Subscription Services not in compliance with this Agreement or (iv) any modification of the Subscription Services. CaliberMind may at any time, in its discretion and at no cost to Customer, (a) modify the Subscription Services to avoid infringement; or (b) terminate Customer’s subscriptions for the affected Subscription Services and refund Customer any related prepaid fees for the remainder of the Subscription Term. THIS SECTION STATES THE CUSTOMER’S SOLE REMEDY, AND CALIBERMIND’S TOTAL LIABILITY, REGARDING THE CLAIMS AND LIABILITIES ADDRESSED BY THIS SECTION 8.1.

  8.2 By Customer. Customer will defend, indemnify, and hold CaliberMind harmless against any claim, loss, damage, cost, expense, fine, fee, suit, action, or other amount incurred by or on behalf of CaliberMind  (i) related to the Customer Data; or (ii) related to Customer’s use of the Subscription Services in violation of applicable law or regulations, or infringing the claimant’s intellectual property rights;  (iii) related to any Third Party Accounts; or (iv) arising out of Customer’s breach of its warranties. 

  8.3 Procedure. As a condition to the indemnifying Party’s obligations under this Section 8, the Party seeking indemnification for a third party claim must (i) promptly give written notice of the claim to the indemnifying Party; (ii) give the indemnifying Party sole control of the defense and settlement of the claim (provided that the indemnifying Party may not settle any claim unless it unconditionally releases the indemnified Party of all liability); and (iii) provide the indemnifying Party, at the indemnifying Party’s cost, all reasonable assistance. 

9. Limitation of Liability.

NO PARTY WILL BE LIABLE UNDER ANY CONTRACT, TORT, NEGLIGENCE, STRICT LIABILITY OR OTHER THEORY FOR ANY INDIRECT, EXEMPLARY, LOST PROFITS, LOST REVENUE, INCIDENTAL, SPECIAL OR CONSEQUENTIAL DAMAGES. EXCEPT FOR CUSTOMER PAYMENT OBLIGATIONS, CUSTOMER’S BREACH OF SECTION 2.1, AND FOR EACH PARTY’S INDEMNIFICATION OBLIGATIONS NEITHER PARTY SHALL BE LIABLE FOR ANY AMOUNTS THAT EXCEED THE CUMULATIVE FEES INVOICED TO CUSTOMER UNDER THE AGREEMENT IN THE 12 MONTHS PRECEDING THE DATE THE CLAIM AROSE. THE FOREGOING LIMITATION WILL NOT APPLY TO THE EXTENT PROHIBITED BY LAW.

10. Confidential Information.

Each Party (the “Recipient”) understands that the other Party (the “Discloser”) may, during the Agreement Term and in connection with the Subscription Services, disclose non-public information relating to the Discloser’s business that is designated as confidential or reasonably should be understood to be confidential given the nature of the information and circumstances of disclosure (“Confidential Information”). The Recipient agrees (i) to take reasonable precautions to protect such Confidential Information; and (ii) not to use or divulge to any third person any such Confidential Information except as set forth herein and to those of its employees and contractors who need access for purposes consistent with this Agreement and who are bound to confidentiality terms with Recipient containing protections no less stringent than those herein. The Discloser agrees that the foregoing will not apply with respect to Confidential Information after 5 years following the termination of the Agreement (although trade secrets shall be protected indefinitely)  or any Confidential Information the Recipient can document (a) is or becomes generally available to the public; (b) was in its possession or known by it prior to receipt from the Discloser without restriction; (c) was rightfully disclosed to it by a third party without restriction; or (d) was independently developed without use of or reference to any Confidential Information of the Discloser. If the Recipient is required by law or court order to disclose Confidential Information, it will give prior written notice to the Discloser (to the extent legally permitted) and reasonable assistance at the Discloser’s cost to contest the disclosure. Upon any expiration or termination of this Agreement, the Recipient will return all of the Discloser’s Confidential Information to the Discloser.

11. Data Privacy and Security.

Each party will comply with all applicable privacy and data security laws and regulations governing its collection, processing, and storage of Customer Data. Without limiting the generality of the foregoing, the parties hereby agree to the terms and conditions set forth in the Data Processing Addendum, attached to this Agreement as Addendum A. 

12. General Terms.

  12.1 Notice. CaliberMind may give general notices for Subscription Services applicable to all customers by means of a notice on the Subscription Services portal. Specific notices applicable to Users of the Subscription Services, technical support, system security and other account notices will be given by electronic mail to Customer’s e-mail address on record in CaliberMind’s account information. All legal or dispute-related notices will be sent by first class mail or express delivery, if to CaliberMind, attention Legal Department, at 2000 Central Ave., Boulder, CO, 80301, U.S.A, and if to Customer, to Customer’s account representative and address on record in CaliberMind’s account information or such other addresses as either Party may designate in writing from time to time.

  12.2 Force Majeure. Except for payment obligations, neither Party will be responsible for failure or delay of performance if caused by an act of nature, war, hostility or sabotage; an electrical, internet, or telecommunication outage that is not caused by the obligated Party; government restrictions (including the denial or cancellation of any export or other license); or other event outside the reasonable control of the obligated Party. Each Party will use reasonable efforts to mitigate the effect of a force majeure event. If such event continues for more than twenty (20) days, either Party may cancel unperformed Subscription Services upon written notice.

  12.3 Governing Law. Unless specifically set forth in the applicable Order (i) any action, claim, or dispute between the Parties will be governed by Colorado law, excluding its conflicts of law provisions, and controlling U.S. federal law; and (ii) the Parties agree to the exclusive jurisdiction of and venue in the state and federal courts in Colorado. Except for actions for nonpayment or breach of either Party’s proprietary rights, no action, regardless of form, arising out of or relating to the Agreement may be brought by either Party more than two (2) years after the cause of action has accrued.

  12.4 Entire Agreement. This Agreement, including any exhibits (including any Data Processing Agreements) entered into hereunder, represents the Parties’ entire understanding relating to the Subscription Services and supersedes any prior or contemporaneous agreements or understandings regarding the Subscription Services. In the event of a conflict between this Agreement and a contemporaneous or later-dated Order, the terms of the contemporaneous or later-dated Order will control.

  12.5 Standard Terms of Customer. No terms, provisions or conditions of any purchase order, acknowledgement or other business form Customer may use in connection with the acquisition of Subscription Services will affect the rights, duties or obligations of the Parties hereunder, or otherwise modify this Agreement, regardless of any failure of CaliberMind to object to such terms, provisions or conditions.

  12.6 Amendment / No Waiver. The Agreement may be amended only by written agreement signed by the Parties. If any provision of the Agreement is held by a court of competent jurisdiction to be invalid or unenforceable, then such provision(s) will be construed to reflect the intent of the invalid or unenforceable provision(s), with all other provisions remaining in full force and effect. The failure of either Party to enforce any right or provision in the Agreement will not constitute a waiver of such right or provision unless acknowledged and agreed to by such Party in writing.

  12.7 Assignment. No joint venture, partnership, employment, or agency relationship exists between CaliberMind and Customer as a result of the Agreement or use of the Subscription Services. This Agreement and any rights or obligations hereunder may not be assigned, sublicensed or otherwise transferred by the Parties without the prior written approval of the non-assigning Party, except that either Party may assign or transfer this Agreement in connection with a merger or acquisition of all or substantially all of the assets of the assigning company (provided that the assignee agrees in writing to be bound by all terms and conditions of this Agreement) by providing the non-assigning Party with prompt written notice of assignment. Any purported assignment in violation of this section will be void.

  12.8 Compliance with Laws. Each Party agrees to abide by all applicable federal, state, and local laws and regulations in the performance of this Agreement.

Addendum A

Data Processing Addendum

This Data Processing Addendum (“Addendum”) forms part of the Agreement between  CaliberMind and Customer.

The terms used in this Addendum shall have the meanings set forth in this Addendum. Capitalized terms not otherwise defined herein shall have the meaning given to them in the main body of the Agreement. Except as modified below, the terms of the Agreement shall remain in full force and effect.

The parties hereby agree that the terms and conditions set out below shall be added as an addendum to the Agreement. The following obligations shall only apply to the extent required by Data Protection Laws (as defined below) with regard to the relevant Customer Personal Data (as defined below), if applicable.

1. Definitions.

1.1 “Affiliate” means an entity that owns or controls, is owned or controlled by or is or under common control or ownership with either Customer or CaliberMind respectively, where control is defined as the possession, directly or indirectly, of the power to direct or cause the direction of the management and policies of an entity, whether through ownership of voting securities, by contract or otherwise.

1.2 “Aggregate Consumer Information” means information that relates to a group or category of consumers, from which individual consumer identities have been removed, that is not linked or reasonably linkable to any consumer or household, including via a device.

1.3 “Controller” means the entity that determines the purposes and means of the Processing of Personal Data.

1.4 “Customer Personal Data” means Personal Data received from or on behalf of Customer that is Processed by CaliberMind on behalf of Customer pursuant to the Agreement. To the extent permitted by Data Protection Laws, Customer Personal Data shall not include any Personal Data that CaliberMind has aggregated or deidentified to the extent such information constitutes Aggregate Consumer Information or Deidentified Information.

1.5 “Data Protection Laws” means, in each case to the extent applicable to the respective party in its role of Processing Customer Personal Data under the Agreement, any applicable legislation relating to personal data protection and privacy in any relevant jurisdiction including, in each case to the extent applicable, European Data Protection Laws and United States Data Protection Laws.

1.6 “Data Subject” means the identified or identifiable natural person who is the subject of Personal Data.

1.7 “Deidentified Information” means information that cannot reasonably identify, relate to, describe, be capable of being associated with, or be linked, directly or indirectly, to a particular consumer, provided that CaliberMind has implemented appropriate safeguards to prohibit reidentification and inadvertent release as required by Data Protection Laws.

1.8 “European Data Protection Laws” means, in each case to the extent applicable: (a) the EU General Data Protection Regulation 2016/679 (“GDPR”); (b) the GDPR as it forms part of the law of England and Wales, Scotland and Northern Ireland by virtue of section 3 of the European Union (Withdrawal) Act 2018 (“UK GDPR”), the Data Protection Act of 2018, and all other laws relating to data protection, the processing of personal data, privacy, or electronic communications in force from time to time in the United Kingdom (collectively, “UK Data Protection Laws”); (c) the Swiss Federal Act on Data Protection (“Swiss FADP”); and (d) any other applicable law, rule, or regulation related to the protection of Customer Personal Data in the European Economic Area, United Kingdom, or Switzerland that is already in force or that will come into force during the term of this Addendum.

1.9 “Personal Data” means information that constitutes “personal information,” “personal data,” “personally identifiable information,” or similar term defined under Data Protection Laws.

1.10 “Personal Data Breach” means a breach of CaliberMind’s security that leads to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Customer Personal Data in CaliberMind’s possession, custody, or control. “Personal Data Breach” does not include unsuccessful attempts or activities that do not compromise the security of Customer Personal Data, including unsuccessful log-in attempts, pings, port scans, denial of service attacks, or other network attacks on firewalls or networked systems.

1.11 “Process(es)(ed)(ing)” means any operation or set of operations performed upon Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, alignment, combination, restriction, erasure, destruction or disclosure by transmission, dissemination or otherwise making available.

1.12 “Restricted Transfer” means the transfer of Customer Personal Data subject to European Data Protection Laws from Customer to CaliberMind in a country that has not been deemed adequate by the relevant Supervisory Authority under European Data Protection Laws, where such transfer would be prohibited by Data Protection Laws in the absence of the Standard Contractual Clauses or another adequate transfer mechanism.

1.13 “Sensitive Personal Data means (a) social security number, passport number, driver’s license number, or similar identifier (or any portion thereof), (b) credit or debit card number (other than the truncated (last four digits) of a credit or debit card), (c) employment, financial, genetic, biometric or health information; (d) racial, ethnic, political or religious affiliation, trade union membership, or information about sexual life or sexual orientation; (e) account passwords; (f) date of birth; (g) criminal history; (h) mother’s maiden name; and (i) any other information that falls within the definition of “special categories of data” or “sensitive data” under Data Protection Laws.

1.14 “Standard Contractual Clauses” means, as applicable, Module Two (Transfer controller to processor) or Module Three (Transfer processor to processor) of the standard contractual clauses approved by the European Commission’s decision of 4 June 2021 on Standard Contractual Clauses for the transfer of personal data to processors established in third countries which do not ensure an adequate level of data protection (available at: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32021D0915&locale-en), as amended from time to time, as supplemented or modified by Appendix 2.

1.15 “Subprocessor” means any Processor (including any third party and any CaliberMind Affiliate) appointed by CaliberMind to Process Customer Personal Data on behalf of Customer.

1.16 “Supervisory Authority” means an independent competent public authority established or recognized under Data Protection Laws.

1.17 “United States Data Protection Laws” means, in each case to the extent applicable: (a) the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020, and its implementing regulations (collectively, “CCPA”); (b) the Virginia Consumer Data Protection Act (“VCDPA”); (c) the Colorado Privacy Act and its implementing regulations (“CPA”), when effective; (d) the Utah Consumer Privacy Act (“UCPA”), when effective; (e) the Connecticut Data Privacy Act (“CTDPA”), when effective; and (f) any other applicable law or regulation related to the protection of Customer Personal Data in the United States that is already in force or that will come into force during the term of this Addendum.

2. Processing of Customer Personal Data. 

2.1 Processing Authorization; Role of the Parties. While providing the Services to Customer a pursuant to the Agreement, CaliberMind may Process Customer Personal Data on behalf of Customer as per the terms of this Addendum. The parties acknowledge and agree that, as between the parties, with regard to the Processing of Customer Personal Data under the Agreement, Customer is a Controller and CaliberMind is a Processor. In some circumstances, the parties acknowledge that Customer may be acting as a Processor to a third-party Controller in respect of Customer Personal Data, in which case CaliberMind will remain a Processor. Each party will comply with the obligations applicable to it in such role under Data Protection Laws with respect to the Processing of Customer Personal Data. Notwithstanding any term set forth in this Addendum or, as the case may be, the Agreement, nothing herein or therein shall prohibit CaliberMind from Processing Customer Personal Data: (a) to retain and employ another service provider or Subprocessor in order to perform the Services; (b) for internal use by CaliberMind to build or improve the quality of the Services provided to Customer; (c) to detect a Personal Data Breach, protect against fraud, or illegal activity; or (d) for any other uses agreed to by the parties in the Agreement.

2.2 Customer Instructions. CaliberMind shall not Process Customer Personal Data other than on Customer’s documented instructions unless Processing is required by Data Protection Laws to which CaliberMind is subject, in which case CaliberMind shall to the extent permitted by Data Protection Laws inform Customer of that legal requirement before Processing Customer Personal Data. Customer’s instructions for the Processing of Customer Personal Data shall comply with Data Protection Laws. CaliberMind will inform Customer if, in its opinion, an instruction of Customer infringes upon Data Protection Laws. For the avoidance of doubt, the Agreement, including any Processing reasonably necessary and proportionate to provide the Services, exercise the rights, or perform the obligations outlined in the Agreement, and any related SOW entered into by Customer shall constitute documented instructions for the purposes of this Addendum. Customer is solely responsible for the accuracy of Customer Personal Data and the legality of the means by which Customer acquires Customer Personal Data. Customer shall be responsible for: (a) giving adequate notice and making all appropriate disclosures to Data Subjects regarding Customer’s use and disclosure and CaliberMind’s Processing of Customer Personal Data; and (b) obtaining all necessary rights, and, where applicable, all appropriate and valid consents to disclose such Customer Personal Data to CaliberMind to permit the Processing of such Customer Personal Data by CaliberMind for the purposes of performing CaliberMind’s obligations under the Agreement or as may be required by Data Protection Laws. Customer shall notify CaliberMind of any changes in, or revocation of, the permission to use, disclose, or otherwise Process Customer Personal Data that would impact CaliberMind’s ability to comply with the Agreement, or Data Protection Laws.  

2.3 Processing Details. The parties acknowledge and agree that the nature and purpose of the Processing of Customer Personal Data, the types of Customer Personal Data Processed, the categories of Data Subjects, and other details regarding the Processing of Customer Personal Data are as set forth in Appendix 1.

2.4 Processing Subject to the CCPA. As used in this Section, the terms “Sell,” “Share,” “Business Purpose,” and “Commercial Purpose” shall have the meanings given in the CCPA and “Personal Information” shall mean any personal information (as defined in the CCPA) contained in Customer Personal Data. CaliberMind will not: (a) Sell or Share any Personal Information; (b) retain, use, or disclose any Personal Information (i) for any purpose other than for the Business Purposes specified in the Agreement, including for any Commercial Purpose other than the Business Purposes specified in the Agreement, or as otherwise permitted by the CCPA, or (ii) outside of the direct business relationship between Customer and CaliberMind; or (c) combine Personal Information received from, or on behalf of, Customer with Personal Data received from or on behalf of any third party, or collected from CaliberMind’s own interaction with Data Subjects, except to perform any Business Purpose permitted by the CCPA. CaliberMind hereby certifies that it understands the foregoing restrictions under this Section and will comply with them. The parties acknowledge that the Personal Information disclosed by Customer to CaliberMind is provided to CaliberMind only for the limited and specified purposes set forth in Appendix 1. CaliberMind will comply with applicable obligations under the CCPA and provide the same level of privacy protection to Personal Information as is required by the CCPA. Customer has the right to take reasonable and appropriate steps to help ensure that CaliberMind uses the Personal Information transferred in a manner consistent with Customer’s obligations under the CCPA by exercising Customer’s audit rights in Section 10. CaliberMind will notify Customer if it makes a determination that CaliberMind can no longer meet its obligations under the CCPA. If CaliberMind notifies Customer of unauthorized use of Personal Information, including under the foregoing sentence, Customer will have the right to take reasonable and appropriate steps to stop and remediate such unauthorized use by limiting the Personal Information shared with CaliberMind, terminating the portion of the Agreement relevant to such unauthorized use, or such other steps mutually agreed between the parties in writing. 

2.5 Sensitive Personal Data. Customer acknowledges that the Services are not intended for the Processing of Sensitive Personal Data. Customer will not provide (or cause to be provided) any Sensitive Personal Data to CaliberMind for Processing under the Agreement or this Addendum. Except in the context of a specific agreement between the parties regarding Processing Sensitive Personal Data, any transmission or processing of Sensitive Personal Data is at Customer’s own risk. CaliberMind will have no liability whatsoever for Sensitive Personal Data, whether in connection with a Personal Data Breach or otherwise. For the avoidance of doubt, this Addendum will not apply to Sensitive Personal Data.

3. Confidentiality. CaliberMind shall take reasonable steps to ensure that individuals that process Customer Personal Data are subject to obligations of confidentiality or are under an appropriate statutory obligation of confidentiality.

4. Security. Taking into account the state of the art, the costs of implementation and the nature, scope, context, and purposes of Processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, CaliberMind shall in relation to Customer Personal Data implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk. Customer acknowledges that Customer: (a) controls the type and substance of Customer Personal Data; (b) sets user permissions to access Customer Personal Data; (c) must secure any account authentication credentials, systems, and devices Customer uses to access or connect to the Services; and (d) is responsible for reviewing and evaluating whether the documented functionality of the Services meets Customer’s required security obligations relating to Customer Personal Data under Data Protection Laws.

5. Subprocessing. CaliberMind may engage Subprocessors in connection with the provision of the Services, provided that: (a) CaliberMind has entered into a written agreement with each Subprocessor containing data protection obligations not less protective than those in this Addendum with respect to the protection of Customer Personal Data to the extent applicable to the nature of the Services provided by such Subprocessor; and (b) CaliberMind shall be liable for the acts and omissions of its Subprocessors to the same extent CaliberMind would be liable if performing the Services of each Subprocessor directly under the terms of this Addendum. CaliberMind’s current list of Subprocessors for the Services is available at calibermind.com/subprocessor-list (“Subprocessor List”), which Customer hereby approves and authorizes. CaliberMind may engage additional Subprocessors as CaliberMind considers reasonably appropriate for the Processing of Customer Personal Data in accordance with this Addendum, provided that, if Customer subscribes to updates on the Subprocessor List page, CaliberMind shall inform Customer of the addition or replacement of Subprocessors at least ten (10) days prior to such engagement. Customer may, on reasonable data protection grounds, object to a new Subprocessor by notifying CaliberMind in writing within ten (10) days of such notification, giving reasons for Customer’s objection. Customer’s failure to object within such ten (10) day period shall be deemed Customer’s waiver of its right to object to CaliberMind’s use of a new Subprocessor added to the Subprocessor List. In the event Customer objects to a new Subprocessor, CaliberMind will use reasonable efforts to make available to Customer a change in the Services or recommend a commercially reasonable change to Customer’s configuration or use of the Services to avoid Processing of Customer Personal Data by the objected to new Subprocessor without unreasonably burdening Customer. If CaliberMind is unable to make available such change within a reasonable period of time, which shall not exceed 30 days, Customer may terminate, as Customer’s sole and exclusive remedy, the portion of the Agreement with respect only to those Services which cannot be provided by CaliberMind without the use of the objected to new Subprocessor by providing written notice to CaliberMind.

6. Data Subject Rights. CaliberMind shall promptly notify Customer if it receives a request from a Data Subject under any Data Protection Laws in respect of Customer Personal Data. CaliberMind will assist Customer with fulfilling Customer’s obligations under Data Protection Laws to respond to requests from Data Subjects for exercising their rights in respect of Customer Personal Data by providing Customer with self-service functionality of the Services, such as the ability to remove or edit Customer Personal Data stored in the Services. In the event that the self-service functionality features of the Services are not sufficient for Customer’s compliance with Data Protection Laws, upon written request from Customer CaliberMind will use reasonable commercial efforts to assist Customer in fulfilling its obligations. CaliberMind reserves the right to charge Customer on a time and materials basis in the event that CaliberMind considers, in its reasonable discretion, that such assistance is onerous, complex, frequent, or time consuming.

7. Personal Data Breach. In the event of a Personal Data Breach, CaliberMind will notify Customer without undue delay after becoming aware of the Personal Data Breach. Such notification may be delivered to an email address provided by Customer or by direct communication (for example, by phone call or an in-person meeting). Customer is solely responsible for ensuring that the appropriate notification contact details are current and valid. CaliberMind will take reasonable steps to provide Customer with information available to CaliberMind that Customer may reasonably require to comply with its obligations as Controller to notify impacted Data Subjects or Supervisory Authorities.

8. Data Protection Impact Assessment and Prior Consultation. In the event that Customer considers that the Processing of Customer Personal Data requires a privacy impact assessment to be undertaken or requires assistance with any prior consultations to any Supervisory Authority of Customer, following written request from Customer, CaliberMind shall use reasonable commercial efforts to provide relevant information and assistance to Customer to fulfill such request, provided that CaliberMind may charge Customer on a time and materials basis in the event that CaliberMind considers, in its reasonable discretion, that such assistance is onerous, complex, frequent, or time consuming.

9. Deletion or Return of Customer Personal Data. Unless otherwise required by applicable Data Protection Laws, following termination or expiration of the Agreement CaliberMind shall, at Customer’s option, delete or return all Customer Personal Data and all copies to Customer.

10. Relevant Records and Audit Rights. CaliberMind will use external auditors to annually audit and verify the adequacy of its security measures and controls (“Audit”). The reports generated by the Audit (“Reports”) will be made available to Customer upon written request no more than annually subject to the confidentiality obligations of the Agreement or a mutually-agreed non-disclosure agreement. To the extent required by Data Protection Laws and if Customer requires information in addition to the Reports, CaliberMind shall make available to Customer on request all information reasonably necessary to demonstrate compliance with this Addendum and allow for and contribute to audits, including inspections by Customer or an auditor mandated by Customer, not being competitors of CaliberMind (“Mandated Auditor”) of any premises where the Processing of Customer Personal Data takes place in order to assess compliance with this Addendum (a “Customer Audit”). CaliberMind shall provide reasonable cooperation to Customer with respect to a Customer Audit. CaliberMind shall promptly inform Customer if, in its opinion, a Customer Audit infringes the Data Protection Laws or any other confidentially obligations with CaliberMind’s other customers. Customer agrees that: (a) a Customer Audit may only occur during normal business hours, and where possible only after reasonable notice to CaliberMind (not less than 20 days’ advance written notice); (b) a Customer Audit will be conducted in a manner that does not have any adverse impact on CaliberMind’s normal business operations; (c) Customer and any Mandated Auditor will comply with CaliberMind’s standard safety, confidentiality, and security procedures in conducting any Customer Audit; and (d) any records, data, or information accessed by Customer or any Mandated Auditor in the performance of any Customer Audit will be deemed to be the Confidential Information of CaliberMind. To the extent any Customer Audit incurs in excess of 20 hours of CaliberMind personnel time, CaliberMind may charge Customer on a time and materials basis for any such excess hours. If the controls or measures to be assessed in a request for a Customer Audit are addressed in an ISO/IEC 27001 or SOC 2 Type II audit report performed by a qualified and independent third party auditor within the 12 months preceding request for a Customer Audit and CaliberMind has certified in writing that there are no known material changes in the controls audited, CaliberMind agrees to accept such report in lieu of requesting an audit of such controls or measures.

11. International Data Transfer. With respect to Restricted Transfers, the parties will conduct such Restricted Transfer in accordance with all applicable laws. For Restricted Transfers that are not subject to an alternative adequate mechanism under European Data Protection Laws, Customer (as “data exporter”) and CaliberMind (as “data importer”) hereby agree that the Standard Contractual Clauses shall apply to and govern such Restricted Transfer and are hereby incorporated herein by reference. The Standard Contractual Clauses will be deemed executed by the parties as of the effective date of this Addendum. If there is any conflict between this Addendum or the Agreement and the Standard Contract Clauses, the Standard Contract Clauses will prevail with respect to the relevant Restricted Transfer.

12. General Terms. General Terms. Any obligation imposed on CaliberMind under this Addendum in relation to the Processing of Personal Data shall survive and remain in effect until CaliberMind ceases to Process Customer Personal Data, notwithstanding any earlier termination or expiration of this Addendum. Should any provision of this Addendum be invalid or unenforceable, then the remainder of this Addendum shall remain valid and in force. The invalid or unenforceable provision shall be either: (a) amended as necessary to ensure its validity and enforceability, while preserving the intent of the provision as closely as possible or, if this is not possible, (b) construed in a manner as if the invalid or unenforceable part had never been contained therein. With regard to the subject matter of this Addendum, the provisions of this Addendum shall prevail over the Agreement with regard to data protection obligations for Personal Data of a Data Subject under Data Protection Laws. Notwithstanding anything to the contrary in this Addendum or in the Agreement (including, without limitation, either party’s indemnification obligations), neither party will be responsible for any GDPR fines issued or levied under Article 83 of the GDPR against the other party by a regulatory authority or governmental body in connection with such other party’s violation of the GDPR. As between the parties to this Addendum, each party’s liability and remedies under this Addendum are subject to the aggregate liability limitations and damages exclusions set forth in the Agreement. Except as otherwise provided in this Addendum, this Addendum is governed by the laws stipulated in the Agreement and the parties to this Addendum hereby submit to the choice of jurisdiction and venue stipulated in the Agreement, if any, with respect to any dispute arising under this Addendum.

Subject matter and duration of Processing of Customer Personal Data: 

The subject matter and duration of the Processing are as described in the Agreement and the Addendum.

Nature and purpose of the Processing of Customer Personal Data:

The nature of the Processing involves those activities reasonably required to facilitate or support the provision of the Services as described in the Agreement and the Addendum.

The purpose of the Processing of Customer Personal Data is performing the Services as described in the Agreement and carrying out the instructions set forth in the Addendum, including analytics, scoring, and attribution, data storage, integrations, and web tracking; helping to ensure security and integrity, to the extent the use of Customer Personal Data is reasonably necessary and proportionate for these purposes; debugging to identify and repair errors that impair existing intended functionality; undertaking internal research for technological development and demonstration; undertaking activities to verify or maintain the quality or safety of the Services, and to improve, upgrade, or enhance the Services.

Categories of Data Subjects to whom Customer Personal Data relates:

Web and social media users (“authors”)

Categories of Customer Personal Data Processed:

(i) identification data defined as unique identifiers associated with authors, such as name, username, user ID, geolocation data, etc.; (ii) socio-biographical data defined as publicly available personal characteristics of authors, such as age, gender, consumer habits, hobbies and interests, professional and educational background, as well as photos and videos; (iii) authors’ content defined as a specific status update or comment, or item on a blog or forum that contains keywords and characteristics, and any other brand monitoring related information published by the authors’ on a public Internet website or on a third-party platform that fits the search criteria when associated with any identification data and/or socio-biographical data relating to authors.

The sensitive data included in Customer Personal Data (if appropriate):

N/A

The frequency of Customer’s transfer of Customer Personal Data to CaliberMind:

On a continuous basis

The period for which Customer Personal Data will be retained, or, if that is not possible, the criteria used to determine that period:

As set forth in the Addendum and the Agreement.

For transfers to Subprocessors, the subject matter, nature and duration of the Processing of Customer Personal Data:

For the same subject matter, nature, and duration set forth above.

Appendix 2

STANDARD CONTRACTUAL CLAUSES

1. Application of Modules. If Customer is acting as a Controller with respect to Customer Personal Data, “Module Two: Transfer controller to processor” of the Standard Contractual Clauses shall apply. If Customer is acting as a Processor to a third-party Controller with respect to Customer Personal Data, CaliberMind is a sub-Processor and “Module Three: Transfer processor to processor” of the Standard Contractual Clauses shall apply. 

2. Sections I-V. The parties agree to the following selections in Sections I-IV of the Standard Contractual Clauses: (a) the parties select Option 2 in Clause 9(a) and the specified time period shall be the notification time period set forth in Section 5 of the Addendum; (b) the optional language in Clause 11(a) is omitted; (c) the parties select Option 1 in Clause 17 and the governing law of the Republic of Ireland will apply; and (d) in Clause 18(b), the parties select the courts of the Republic of Ireland.

3. Annexes. The name, address, contact details, activities relevant to the transfer, and role of the parties set forth in the Agreement and the Addendum shall be used to complete Annex I.A. of the Standard Contractual Clauses. The information set forth in Appendix 1 to the Addendum shall be used to complete Annex I.B. of the Standard Contractual Clauses. The competent Supervisory Authority in Annex I.C. of the Standard Contractual Clauses shall be the relevant Supervisory Authority determined by Clause 13 and the GDPR, unless otherwise set forth in Sections 5 or 6 of this Appendix 2. If such determination is not clear, then the competent supervisory authority shall be the Irish Data Protection Authority. The technical and organizational measures in Annex II of the Standard Contractual Clauses shall be the following: CaliberMind InfoSec v1.07 (or later version) incorporated herein by reference and outlines all processes, procedures and handling of data as managed by CaliberMind.

4. Supplemental Business-Related Clauses. In accordance with Clause 2 of the Standard Contractual Clauses, the parties wish to supplement the Standard Contractual Clauses with business-related clauses, which shall neither be interpreted nor applied in such a way as to contradict the Standard Contractual Clauses (whether directly or indirectly) or to prejudice the fundamental rights and freedoms of Data Subjects. CaliberMind and Customer therefore agree that the applicable terms of the Agreement and the Addendum shall apply if, and to the extent that, they are permitted under the Standard Contractual Clauses, including without limitation the following:

a. Instructions. The instructions described in Clause 8.1 are set forth in Section 2 of the Addendum.

b. Protection of Confidentiality. In the event a Data Subject requests a copy of the Standard Contractual Clauses or the Addendum under Clause 8.3, Customer shall make all redactions reasonably necessary to protect business secrets or other confidential information of CaliberMind.

c. Deletion or Return. Deletion or return of Customer Personal Data by CaliberMind under the Standard Contractual Clauses shall be governed by Section 9 of the Addendum. Certification of deletion of Customer Personal Data under Clause 8.5 or Clause 16(d) will be provided by CaliberMind upon the written request of Customer.

d. Audits and Certifications. Any information requests or audits provided for in Clause 8.9 shall be fulfilled in accordance with Section 10 of the Addendum.

e. Liability. The relevant terms of the Agreement which govern indemnification or limitation of liability shall apply to CaliberMind’s liability under Clauses 12(a), 12(d), and 12(f).

f. Termination. The relevant terms of the Agreement which govern termination shall apply to a termination pursuant to Clauses 14(f) or 16.

5. Transfers from the United Kingdom. If Customer transfers Customer Personal Data to CaliberMind that is subject to UK Data Protection Laws, the parties acknowledge and agree that: (a) the template addendum issued by the Information Commissioner’s Office of the United Kingdom and laid before Parliament in accordance with s119A of the Data Protection Act 2018 on 2 February 2022 (available at: https://ico.org.uk/media/for-organisations/documents/4019539/international-data-transfer-addendum.pdf), as it may be revised from time to time by the Information Commissioner’s Office (the “UK Addendum”) shall be incorporated by reference herein; (b) the UK Addendum shall apply to and modify the Standard Contractual Clauses solely to the extent that UK Data Protection Laws apply to Customer’s Processing when making the transfer; (c) the information required to be set forth in “Part 1: Tables” of the UK Addendum shall be completed using the information provided in this Appendix 2 and the Addendum; and (d) either party may end the UK Addendum in accordance with section 19 thereof. 

6. Transfers from Switzerland. If Customer transfers Customer Personal Data to CaliberMind that is subject to the Swiss FADP, the following modifications shall apply to the Standard Contractual Clauses to the extent that the Swiss FADP applies to Customer’s Processing when making that transfer: (a) the term “member state” as used in the Standard Contractual Clauses shall not be interpreted in such a way as to exclude Data Subjects in Switzerland from suing for their rights in their place of habitual residence in accordance with Clause 18(c) of the Standard Contractual Clauses; (b) the Standard Contractual Clauses shall also protect the data of legal entities until the entry into force of the revised Swiss FADP; (c) references to the GDPR or other governing law contained in the Standard Contractual Clauses shall also be interpreted to include the Swiss FADP; and (d) the parties agree that the supervisory authority as indicated in Annex I.C of the Standard Contractual Clauses shall be the Swiss Federal Data Protection and Information Commissioner.