This Master Services Agreement (the “Agreement”) is made by and between Caliber UX, Inc. dba CaliberMind (“CaliberMind” or “Company”) and customer named on the order form (“Customer”), effective as of the date of last signature (“Effective Date”) CaliberMind and Customer may be referred to herein individually as a “party” or collectively as the “parties.” The parties hereby agree as follows:
1.1 Scope. This Master Services Agreement applies to Customer’s use of the online subscription services and related online training and packaged professional services offered by CaliberMind (collectively, the “Subscription Services”) that are listed in one or more CaliberMind subscription-based ordering documents signed by the Parties (each an “Order”). This Master Services Agreement and all executed Orders, including any addenda and exhibits, are collectively referred to as the “Agreement.” All capitalized terms not defined herein will have the meanings attributed to them in the Order.
1.2 Procurement and Provisioning by Affiliates. Customer may procure Subscription Services under this Agreement for its own account and on behalf of one or more Customer Affiliates (defined below) only as set forth on the applicable Order. Customer is responsible for the acts and omissions of Customer Affiliates. “Affiliate” means any legal entity directly or indirectly controlling, controlled by or under common control with a Party, where control means the ownership of a majority share of the stock, equity or voting interests of such entity.
1.3 Subscription Services Users. During the Subscription Term set forth in each Order, CaliberMind will make the Subscription Services available to Customer and its authorized Affiliates, employees, or agents (in each case, only as set forth on the applicable Order) (“Users”), for access and use by such Users solely for Customer’s internal business purposes in accordance with the terms of the Agreement. Customer is responsible for use of the Subscription Services by Users and any party who accesses the Subscription Services with Customer’s or a User’s account credentials.
2.1 Restrictions. Customer will not, and will ensure that its Users do not, directly or indirectly (i) make the Subscription Services available to anyone other than Users or use the Subscription Services for the benefit of any unrelated third party; (ii) sell, resell, assign, pledge, transfer, license, sublicense, distribute, rent or lease the Subscription Services; (iii) reverse engineer, decompile, disassemble or otherwise attempt to discover the source code, object code or underlying structure, ideas or algorithms of the Subscription Services or any software, documentation or data related to or provided with the Subscription Services; (iv) modify, translate or create derivative works based on the Subscription Services or remove any proprietary notices or labels from the Subscription Services; (v) use or access the Subscription Services to build or support, and/or assist a third party in building or supporting products or services competitive to the Subscription Services; (vi) include the Subscription Services in a service bureau or outsourcing offering; or (vii) use the Subscription Services for any competitive purposes. Customer will, and will ensure that its Users do not engage in any of the following: (a) copying, distributing, or disclosing any part of the Subscription Services in any medium, including without limitation by any automated or non-automated “scraping”; (b) except as expressly authorized on an Order, using any automated system, including without limitation “robots,” “spiders,” “offline readers,” etc., to access the Subscription Services in a manner that sends more request messages to the CaliberMind servers than a human can reasonably produce in the same period of time by using a conventional on-line web browser (except that CaliberMind grants the operators of public search engines revocable permission to use spiders to copy materials from the site for the sole purpose of and solely to the extent necessary for creating publicly available searchable indices of the materials); (c) transmitting spam, chain letters, or other unsolicited email; (d) attempting to interfere with, compromise the system integrity or security or decipher any transmissions to or from the servers running the Service; (e) except as expressly authorized on an Order, taking any action that imposes, or may impose at CaliberMind sole discretion an unreasonable or disproportionately large load on CaliberMind infrastructure; (f) uploading invalid data, viruses, worms, or other software agents through the Subscription Services; (g) except as expressly authorized on an Order, collecting or harvesting any personally identifiable information, including account names, from the Subscription Services; (h) except as expressly authorized on an Order, using the Subscription Services for any commercial solicitation purposes; (i) impersonating another person or otherwise misrepresenting Customer’s affiliation with a person or entity, conducting fraud, hiding or attempting to hide Customer’s identity; (j) interfering with the proper working of the Subscription Services; (k) accessing any content on the Subscription Services through any technology or means other than those provided or authorized by the Subscription Services; (l) bypassing the measures CaliberMind may use to prevent or restrict access to the Subscription Services, including without limitation features that prevent or restrict use or copying of any content or enforce limitations on use of the Subscription Services or the content therein; (m) posting content that is patently offensive and promotes racism, bigotry, hatred or physical harm of any kind against any group or individual; (n) posting content that harasses or advocates harassment of another person; (o) exploits people in a sexual or violent manner; (p) violating the privacy rights, publicity rights, copyrights, trademark rights, contract rights or any other rights of any person; (q) using the Subscription Services in a manner inconsistent with any and all applicable laws and regulations; (r) using the Subscription Services to create a competing service.
2.2 Beta Versions. From time to time, CaliberMind may make available beta versions, pilot, limited release, non-production, or services by a similar description (each, a “Beta Version”). Beta Versions are intended for internal evaluation purposes and not for production use, are not supported, and may be subject to additional terms. CaliberMind may discontinue Beta Versions at any time in its sole discretion and may never make them generally available. CaliberMind assumes no liability for any harm or damage arising out of or in connection with a Beta Version, and CaliberMind shall not have any indemnification obligations related to any Beta Versions. All Beta Versions are provided as-is and without any warranties.
2.3 Usage Rights. Customer will, at all times, ensure that its use of the Subscription Services does not exceed the usage limits specified in the Order (“Subscription Usage”). Customer shall be responsible for any excess usage fees as set forth on the platform and/or in the Order.
2.4 Suspension. CaliberMind may immediately suspend Customer’s account and access to the Subscription Services if (i) Customer fails to make payment due within 10 business days after CaliberMind has provided Customer with written notice of such failure; or (ii) Customer violates Section 2.1 (Restrictions), or Section 10 (Confidential Information) or (iii) CaliberMind believes suspension is necessary to prevent any unauthorized access to or use of the Subscription Services or any data therein. Any suspension by CaliberMind of the Subscription Services under the preceding sentence will not relieve Customer of its payment obligations hereunder.
3.1 Subscription Services. Customer acknowledges that the Subscription Services are offered online on a subscription basis. CaliberMind reserves all rights, title and interest in and to the Subscription Services, including any content, software or documents related to or provided with the Subscription Services and all intellectual property rights, and including any derivatives, modifications, refinements or improvements thereto. From time to time, Customer or its Users may submit to CaliberMind comments, questions, enhancement requests, suggestions, ideas, process descriptions or other information related to the Subscription Services (“Feedback”). CaliberMind shall own all Feedback, Customer hereby assigns such Feedback to CaliberMind, and Customer agrees that CaliberMind has all rights to use and incorporate Feedback into the Subscription Services without restriction or payment to Customer. No rights are granted to Customer other than as expressly set forth herein. Any rights not expressly granted to Customer hereunder are reserved by CaliberMind.
3.2 Rights in Data.
3.2.1 Customer Data. As used herein, “Customer Data” means information or material provided by Customer to CaliberMind in the course of using the Subscription Services. Customer is the sole owner of all Customer Data. Notwithstanding the foregoing, Customer hereby grants to CaliberMind a non-exclusive, fully paid up, royalty free, worldwide, non-transferable right and license to use, copy, modify, display, perform, and share the Customer Data during the term of this Agreement for the limited purposes of performing Company’s obligations hereunder for the benefit of Customer, including but not limited to the performance of the Subscription Services.
3.2.2 Enhanced Data. As used herein, “Enhanced Data” means Customer Data that CaliberMind enhances or appends with other data or information owned or controlled by CaliberMind or third parties in collaboration with CaliberMind, including but not limited to metadata, attribution data, account and contact scoring, return-on-advertisement spend ratio, and intent data. CaliberMind is the sole owner of Enhanced Data; provided that, subject to Customer’s compliance with its obligations hereunder, CaliberMind grants to Customer a perpetual, non-exclusive, non-transferable, non-sublicenseable license to access and use the Enhanced Data for Customer’s internal business purposes only.
3.2.3 Usage Data. As used herein, “Usage Data” means usage and log data describing various parameters as to how Subscription Services are used by CaliberMind’s customers, including Customer (such as search terms used, how customer perform searches, and usage statistics). CaliberMind owns Usage Data and may use such Usage Data for its own internal purposes of enhancing the Subscription Services, including but not limited to conducting aggregated statistical analysis, technical support and other business purposes.
3.2.4 Machine Learning Models. In addition to the foregoing, where Customer purchases the Subscription Services pursuant to an Order under a machine-learning model, CaliberMind may develop and train machine learning models using a specific set of Customer Data, Enhanced Data, and other appropriate data sources (collectively, “Machine Learning Models”). CaliberMind is the sole owner of Machine Learning Models, and CaliberMind grants to Customer a non-exclusive, non-transferable, non-sublicenseable license to access and use the Machine Learning Models during the term of the relevant Order under which such Machine Learning Models are generated. Machine Learning Models learn representations based on Customer Data and do not incorporate any data from other CaliberMind Customers. Specific data sources used in Machine Learning Models include, but are not limited to, training data, validation data, and model weights. Examples of Machine Learning Models include marketing qualified account scores, and chain based attribution.
4.1 Professional Services. Customer may contract with CaliberMind to perform Professional Services. The specific details of the Professional Services to be performed will be determined on a per-project basis, and the details for each project will be described on the applicable CaliberMind order form agreed to by the parties in writing. Unless otherwise specified in the applicable CaliberMind order form, any unused portion of the Professional Services and training are nonrefundable and nontransferable and will expire and may not be carried over after 12 months from the applicable CaliberMind order form effective date. Unless otherwise set forth on the applicable Professional Services order form, CaliberMind shall own all results of the Professional Services, including any inventions, idea, knowhow, code, customizations, or other materials or information arising thereof. All Professional Services are provided AS-IS and WITHOUT WARRANTY.
4.2 Changes to Professional Services. You may reasonably request in writing that revisions be made with respect to the Professional Services set forth in an order form. If Customer’s requested revisions increase the scope of the Professional Services or the effort required to perform the Professional Services under the order form, then CaliberMind will deliver to Customer a written proposal reflecting CaliberMind reasonable determination of the revised Professional Services, delivery schedule, and payment schedule, if any, that applies to the requested revisions. If Customer approve the proposal, then the parties will execute an amendment to the order form. Otherwise, the then-existing order form will remain in full force and effect, and CaliberMind will have no obligation with respect to the relevant change requests.
4.3 Support Services. Company shall use reasonable efforts to make the Subscription Services perform in accordance with its standard support terms set forth at Customer Support Policy, as may be updated from time to time. CaliberMind will not materially reduce its support levels without prior written notice to Customer
4.4 CaliberMind Responsibilities. Customer will provide Company with administrative access to data accounts, which may include third party accounts (“Third Party Accounts”); allocation of a sufficient amount of API calls for data connectivity, including for such Third Party Accounts, and to assign a project facilitator who will ensure timely completion of tasks. Customer represents and warrants that it has the right to provide CaliberMind with access to such Third Party Accounts, as CaliberMind as the ability for CaliberMind to retrieve and use data from such Third Party Accounts. Customer warrants that it shall comply with all terms of any Third Party Accounts. Customer acknowledges that if it does not provide CaliberMind with a sufficient amount of API calls or other usage limits, particularly for any Third Party Accounts, access to such third party accounts may be interrupted and service downtime may occur. CaliberMind is not responsible for any downtime or service issues caused by Third-Party Accounts. CaliberMind is not responsible for any costs, fees, connectivity issues or data transfer issues with respect to such Third Party Accounts.
5.1 Fees. Customer will pay all fees set forth in the Orders and any fees invoiced pursuant to this Agreement. All fees are noncancelable and nonrefundable, except as expressly specified in the Agreement. Any fees paid pursuant to an Order will not offset any fees due under any other Order and Customer may not withhold any fees to offset payment under any other Order.
5.2 Taxes and Currency. All fees are exclusive of, and Customer will be responsible for payment of, taxes, levies, duties or similar local, state, provincial, federal or foreign jurisdiction governmental assessments on the Subscription Services. Customer is not responsible for any taxes based on CaliberMind’s net income. Except as otherwise specified in an Order, all fees due hereunder will be paid in U.S. Dollars.
5.3 Invoices. All amounts are due and payable by Customer as specified in the Order. If no payment terms are specified in the applicable Order, payment terms are net 30 days from receipt of invoice. Unpaid invoices not the subject of a written good faith dispute are subject to a finance charge of 1.5% per month on any outstanding balance, or the maximum permitted by law, whichever is lower, plus all CaliberMind’s reasonable expenses of collection, including attorneys’ fees.
6.1 Agreement Term. The Agreement will commence on the Effective Date and will remain in effect until the Subscription Term in all Orders has expired or has otherwise been terminated (the “Agreement Term”) in accordance with the terms of this Agreement. This Agreement automatically renews for additional successive one-year terms unless at least thirty (30) days before the end of the then-current term either party provides written notice to the other party that it does not intend to renew. Unless otherwise agreed to, all subscription revenue will increase by seven percent upon renewal.
6.2 Termination for Cause. In the event of a material breach by either Party, the non-breaching Party will have the right to terminate the applicable Order for cause if such breach has not been cured within 30 days after written notice from the non-breaching Party specifying the breach.
6.3 Effect of Termination. If CaliberMind terminates an Order for Customer’s uncured material breach (i) all fees set forth in the terminated Order will be immediately due and payable; (ii) all rights granted thereunder will immediately terminate; and (iii) if such terminated Order includes fees for usage of the Subscription Services in excess of the Usage Rights, such fees are also immediately due and payable. If Customer terminates an Order for CaliberMind’s uncured material breach, Customer will be entitled to a pro-rata refund for prepaid fees for the Subscription Services not performed as of the date of termination. Upon any termination, Company will make all Customer Data available to Customer for electronic retrieval for a period of thirty (30) days, but thereafter Company may, but is not obligated to, delete stored Customer Data. Notwithstanding, upon any expiration or termination, all rights to access and use the Subscription Services will terminate.
6.4 Survival. The following Sections of the Agreement will survive termination of the Agreement: Section 2.1 (Restrictions), Section 3 (Ownership: Subscription Services; Customer Data; Derivative Statistical Information), Section 5 (Fees; Taxes and Currency; Invoices), Section 7.5 (Warranties Disclaimer), Section 9 (Limitation of Liability), Section 10 (Confidential Information) and Section 11 (General Terms).
7.1 General Warranty. Each Party represents and warrants to the other Party that it has the power and authority to enter into the Agreement.
7.2 Subscription Services Warranty. CaliberMind warrants the Subscription Services, under normal use, will (i) perform materially in accordance with the applicable documentation provided by CaliberMind; and (ii) be provided in a manner consistent with generally accepted industry standards.
7.3 Customer Warranties. Customer represents and warrants that: (a) it has the right to provide the Customer Data and to authorize CaliberMind to use it as set forth herein; (b) it has obtained all consents and opt-ins necessary for the use and sharing of the Customer Data hereunder; (c) it has collected, used, and shared all Customer Data in accordance with all applicable laws; and (d) it will not provide CaliberMind with (or upload to the Subscription Services) any sensitive personal information, including without limitation social security numbers, credit card information, protected health information, banking information, genetic information or similar.
7.4 Warranty Remedies. Customer will notify CaliberMind of any warranty deficiencies under Section 7.2 within thirty (30) days of the performance of the relevant Subscription Services, and Customer’s exclusive remedy and CaliberMind’s sole obligation will be the re-performance of the deficient Subscription Services. If CaliberMind cannot re-perform such deficient Subscription Services as warranted, Customer will be entitled to terminate the deficient Subscription Services under Section 6.2 above and CaliberMind will refund any prepaid fees for such deficient Subscription Services. THIS PARAGRAPH SETS FORTH CUSTOMER’S SOLE REMEDY AND CALIBERMIND’S ENTIRE LIABILITY FOR ANY BREACH OF WARRANTY CLAIMS.
7.5 WARRANTIES DISCLAIMER. EXCEPT FOR THE EXPRESS WARRANTIES ABOVE, AND TO THE MAXIMUM EXTENT PERMITTED BY LAW, CALIBERMIND AND ITS THIRD PARTY PROVIDERS DISCLAIM ALL EXPRESS, IMPLIED OR STATUTORY WARRANTIES, INCLUDING ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. CALIBERMIND DOES NOT WARRANT THE RELIABILITY, TIMELINESS, SUITABILITY, OR ACCURACY OF THE SUBSCRIPTION SERVICES OR THE RESULTS CUSTOMER MAY OBTAIN BY USING THE SUBSCRIPTION SERVICES. CALIBERMIND DOES NOT WARRANT UNINTERRUPTED OR ERRORFREE OPERATION OF THE SUBSCRIPTION SERVICES OR THAT CALIBERMIND WILL CORRECT ALL DEFECTS OR PREVENT THIRD PARTY DISRUPTIONS OR UNAUTHORIZED THIRD PARTY ACCESS. CALIBERMIND DISCLAIMS ALL FAILURES, DELAYS, AND OTHER PROBLEMS INHERENT IN THE USE OF THE INTERNET. CALIBERMIND DOES NOT WARRANT THAT IT WILL BE ABLE TO ACCESS OR RETREIVE DATA FROM THIRD PARTY ACCOUNTS.
8.1 By CaliberMind. CaliberMind will defend Customer against any claim brought against Customer by a third party alleging the Subscription Services as provided by CaliberMind directly infringe the U.S. copyright or trademark rights of the claimant and will pay Customer for finally-awarded damages and costs and CaliberMind-approved settlements of the claim. CaliberMind’s obligations to defend or indemnify will not apply to the extent that a claim is based on (i) Customer Data, Customer’s or a third party’s technology, software, materials, data or business processes; (ii) a combination of the Subscription Services with non-CaliberMind products or services; or (iii) any use of the Subscription Services not in compliance with this Agreement or (iv) any modification of the Subscription Services. CaliberMind may at any time, in its discretion and at no cost to Customer, (a) modify the Subscription Services to avoid infringement; or (b) terminate Customer’s subscriptions for the affected Subscription Services and refund Customer any related prepaid fees for the remainder of the Subscription Term. THIS SECTION STATES THE CUSTOMER’S SOLE REMEDY, AND CALIBERMIND’S TOTAL LIABILITY, REGARDING THE CLAIMS AND LIABILITIES ADDRESSED BY THIS SECTION 8.1.
8.2 By Customer. Customer will defend, indemnify, and hold CaliberMind harmless against any claim, loss, damage, cost, expense, fine, fee, suit, action, or other amount incurred by or on behalf of CaliberMind (i) related to the Customer Data; or (ii) related to Customer’s use of the Subscription Services in violation of applicable law or regulations, or infringing the claimant’s intellectual property rights; (iii) related to any Third Party Accounts; or (iv) arising out of Customer’s breach of its warranties.
8.3 Procedure. As a condition to the indemnifying Party’s obligations under this Section 8, the Party seeking indemnification for a third party claim must (i) promptly give written notice of the claim to the indemnifying Party; (ii) give the indemnifying Party sole control of the defense and settlement of the claim (provided that the indemnifying Party may not settle any claim unless it unconditionally releases the indemnified Party of all liability); and (iii) provide the indemnifying Party, at the indemnifying Party’s cost, all reasonable assistance.
NO PARTY WILL BE LIABLE UNDER ANY CONTRACT, TORT, NEGLIGENCE, STRICT LIABILITY OR OTHER THEORY FOR ANY INDIRECT, EXEMPLARY, LOST PROFITS, LOST REVENUE, INCIDENTAL, SPECIAL OR CONSEQUENTIAL DAMAGES. EXCEPT FOR CUSTOMER PAYMENT OBLIGATIONS, CUSTOMER’S BREACH OF SECTION 2.1, AND FOR EACH PARTY’S INDEMNIFICATION OBLIGATIONS NEITHER PARTY SHALL BE LIABLE FOR ANY AMOUNTS THAT EXCEED THE CUMULATIVE FEES INVOICED TO CUSTOMER UNDER THE AGREEMENT IN THE 12 MONTHS PRECEDING THE DATE THE CLAIM AROSE. THE FOREGOING LIMITATION WILL NOT APPLY TO THE EXTENT PROHIBITED BY LAW.
Each Party (the “Recipient”) understands that the other Party (the “Discloser”) may, during the Agreement Term and in connection with the Subscription Services, disclose non-public information relating to the Discloser’s business that is designated as confidential or reasonably should be understood to be confidential given the nature of the information and circumstances of disclosure (“Confidential Information”). The Recipient agrees (i) to take reasonable precautions to protect such Confidential Information; and (ii) not to use or divulge to any third person any such Confidential Information except as set forth herein and to those of its employees and contractors who need access for purposes consistent with this Agreement and who are bound to confidentiality terms with Recipient containing protections no less stringent than those herein. The Discloser agrees that the foregoing will not apply with respect to Confidential Information after 5 years following the termination of the Agreement (although trade secrets shall be protected indefinitely) or any Confidential Information the Recipient can document (a) is or becomes generally available to the public; (b) was in its possession or known by it prior to receipt from the Discloser without restriction; (c) was rightfully disclosed to it by a third party without restriction; or (d) was independently developed without use of or reference to any Confidential Information of the Discloser. If the Recipient is required by law or court order to disclose Confidential Information, it will give prior written notice to the Discloser (to the extent legally permitted) and reasonable assistance at the Discloser’s cost to contest the disclosure. Upon any expiration or termination of this Agreement, the Recipient will return all of the Discloser’s Confidential Information to the Discloser.
Each party will comply with all applicable privacy and data security laws and regulations governing its collection, processing, and storage of Customer Data. Without limiting the generality of the foregoing, the parties hereby agree to the terms and conditions set forth in the Data Processing Addendum, attached to this Agreement as Addendum A.
12.1 Notice. CaliberMind may give general notices for Subscription Services applicable to all customers by means of a notice on the Subscription Services portal. Specific notices applicable to Users of the Subscription Services, technical support, system security and other account notices will be given by electronic mail to Customer’s e-mail address on record in CaliberMind’s account information. All legal or dispute-related notices will be sent by first class mail or express delivery, if to CaliberMind, attention Legal Department, at PO Box 271278, Louisville, CO 80027, U.S.A, and if to Customer, to Customer’s account representative and address on record in CaliberMind’s account information or such other addresses as either Party may designate in writing from time to time.
12.2 Force Majeure. Except for payment obligations, neither Party will be responsible for failure or delay of performance if caused by an act of nature, war, hostility or sabotage; an electrical, internet, or telecommunication outage that is not caused by the obligated Party; government restrictions (including the denial or cancellation of any export or other license); or other event outside the reasonable control of the obligated Party. Each Party will use reasonable efforts to mitigate the effect of a force majeure event. If such event continues for more than twenty (20) days, either Party may cancel unperformed Subscription Services upon written notice.
12.3 Governing Law. Unless specifically set forth in the applicable Order (i) any action, claim, or dispute between the Parties will be governed by Colorado law, excluding its conflicts of law provisions, and controlling U.S. federal law; and (ii) the Parties agree to the exclusive jurisdiction of and venue in the state and federal courts in Colorado. Except for actions for nonpayment or breach of either Party’s proprietary rights, no action, regardless of form, arising out of or relating to the Agreement may be brought by either Party more than two (2) years after the cause of action has accrued.
12.4 Entire Agreement. This Agreement, including any exhibits (including any Data Processing Agreements) entered into hereunder, represents the Parties’ entire understanding relating to the Subscription Services and supersedes any prior or contemporaneous agreements or understandings regarding the Subscription Services. In the event of a conflict between this Agreement and a contemporaneous or later-dated Order, the terms of the contemporaneous or later-dated Order will control.
12.5 Standard Terms of Customer. No terms, provisions or conditions of any purchase order, acknowledgement or other business form Customer may use in connection with the acquisition of Subscription Services will affect the rights, duties or obligations of the Parties hereunder, or otherwise modify this Agreement, regardless of any failure of CaliberMind to object to such terms, provisions or conditions.
12.6 Amendment / No Waiver. The Agreement may be amended only by written agreement signed by the Parties. If any provision of the Agreement is held by a court of competent jurisdiction to be invalid or unenforceable, then such provision(s) will be construed to reflect the intent of the invalid or unenforceable provision(s), with all other provisions remaining in full force and effect. The failure of either Party to enforce any right or provision in the Agreement will not constitute a waiver of such right or provision unless acknowledged and agreed to by such Party in writing.
12.7 Assignment. No joint venture, partnership, employment, or agency relationship exists between CaliberMind and Customer as a result of the Agreement or use of the Subscription Services. This Agreement and any rights or obligations hereunder may not be assigned, sublicensed or otherwise transferred by the Parties without the prior written approval of the non-assigning Party, except that either Party may assign or transfer this Agreement in connection with a merger or acquisition of all or substantially all of the assets of the assigning company (provided that the assignee agrees in writing to be bound by all terms and conditions of this Agreement) by providing the non-assigning Party with prompt written notice of assignment. Any purported assignment in violation of this section will be void.
12.8 Compliance with Laws. Each Party agrees to abide by all applicable federal, state, and local laws and regulations in the performance of this Agreement.
This Data Processing Addendum (“Addendum”) forms part of the Master Services Agreement (“Agreement”) between Caliber UX, Inc., dba CaliberMind (“CaliberMind”) acting on its own behalf and as agent for each CaliberMind Affiliate (as defined below); and customer named on the order form (“Customer”) acting on its own behalf and as agent for each Customer Affiliate.
The terms used in this Addendum shall have the meanings set forth in this Addendum. Capitalized terms not otherwise defined herein shall have the meaning given to them in the Agreement. Except as modified below, the terms of the Agreement shall remain in full force and effect.
The parties hereby agree that the terms and conditions set out below shall be added as an Addendum to the Agreement. The following obligations shall only apply to the extent required by Data Protection Laws (as defined below) with regard to the relevant Customer Personal Data (as defined below), if applicable.
1.1 “Affiliate” means an entity that owns or controls, is owned or controlled by or is or under common control or ownership with either Customer or CaliberMind respectively, where control is defined as the possession, directly or indirectly, of the power to direct or cause the direction of the management and policies of an entity, whether through ownership of voting securities, by contract or otherwise.
1.2 “Aggregate Consumer Information” means information that relates to a group or category of consumers, from which individual consumer identities have been removed, that is not linked or reasonably linkable to any consumer or household, including via a device.
1.3 “Consumer,” “Controller,” “Processor,” “Data Subject,” “Processing,” “Supervisory Authority,” “Personal Data Breach,” and “Special Categories of Personal Data” shall have the same meaning as in the applicable Data Protection Law.
1.4 “Customer Personal Data” means Personal Data received from or on behalf of Customer that is covered by a Data Protection Law. To the extent permitted by Data Protection Laws, Customer Personal Data shall not include any Personal Data that CaliberMind has aggregated or deidentified to the extent such information constitutes Aggregate Consumer Information or Deidentified Information
1.5 “Data Protection Laws” means, in each case to the extent applicable to the respective party in its role of Processing Customer Personal Data under the Agreement: (i) the California Consumer Privacy Act of 2018, Cal. Civ. Code §§ 1798.100 et seq. (“CCPA”); (ii) the EU General Data Protection Regulation 2016/679 (“GDPR”), as well as any other applicable national rule and legislation on the protection of personal data in the European Union, the European Economic Area, or Switzerland that is already in force or that will come into force during the term of this Addendum; (iii) the United Kingdom Data Protection Act of 2018 and the GDPR as it forms part of UK domestic law under the European Union (Withdrawal) Act 2018, as amended (“UK GDPR”); and (iv) any other applicable legislation relating to personal data protection and privacy in any relevant jurisdiction.
1.6 “Deidentified Information” means information that cannot reasonably identify, relate to, describe, be capable of being associated with, or be linked, directly or indirectly, to a particular consumer, provided that CaliberMind has implemented appropriate safeguards to prohibit reidentification and inadvertent release as required by Data Protection Law.
1.7 “EEA” means the European Economic Area as well as any country for which the European Commission has published an adequacy decision as published at https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en.
1.8 “Personal Data” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual or household.
1.9 “Restricted Transfer”means the onward transfer of Customer Personal Data that is located in the European Economic Area to CaliberMind in a country that is not in the EEA, where such transfer would be prohibited by Data Protection Laws in the absence of the Standard Contractual Clauses or another adequate transfer mechanism as approved by the European Commission.
1.10 “Standard Contractual Clauses” means the European Commission’s decision of 4 June 2021 on Standard Contractual Clauses for the transfer of personal data to processors established in third countries which do not ensure an adequate level of data protection (available at: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32021D0915&locale-en), as amended from time to time.
1.11 “Subprocessor” means any Processor (including any third party and any CaliberMind Affiliate) appointed by CaliberMind to Process Customer Personal Data on behalf of Customer or any Customer Affiliate.
1.12 “Special Categories of Personal Data” means (a) social security number, passport number, driver’s license number, or similar identifier (or any portion thereof), (b) credit or debit card number (other than the truncated (last four digits) of a credit or debit card), (c) employment, financial, genetic, biometric or health information; (d) racial, ethnic, political or religious affiliation, trade union membership, or information about sexual life or sexual orientation; (e) account passwords; (f) date of birth; (g) criminal history; (h) mother’s maiden name; and (i) any other information that falls within the definition of “special categories of data” or “sensitive data” under Data Protection Laws.
2. Data Processing Terms. While providing the Services to Customer and Customer Affiliates pursuant to the Agreement, CaliberMind and CaliberMind Affiliates may Process Customer Personal Data on behalf of Customer or any Customer Affiliate as per the terms of this Addendum. CaliberMind agrees to comply with the following provisions with respect to any Customer Personal Data submitted by or for Customer or any Customer Affiliate to the Services or otherwise collected and Processed by or for Customer or any Customer Affiliate by CaliberMind or any CaliberMind Affiliate. CaliberMind shall only retain, use, or disclose Customer Personal Data as necessary for CaliberMind’s performance of its obligations under the Agreement and only in accordance with Customer’s instructions. CaliberMind shall not sell any Customer Personal Data as the term “selling” is defined in the CCPA. CaliberMind shall not take any action that would cause any transfers of Customer Personal Data to or from CaliberMind to qualify as “selling personal information” under the CCPA. Notwithstanding any term set forth in this Addendum or, as the case may be, the Agreement, nothing herein or therein shall prohibit CaliberMind from Processing Customer Personal Data: (a) to retain and employ another service provider or Subprocessor in order to perform the Services; (b) for internal use by CaliberMind to build or improve the quality of the Services provided to Customer; (c) to detect a Personal Data Breach, protect against fraud, or illegal activity; or (d) for any other uses agreed to by the parties in the Agreement.
3. Processing of Customer Personal Data. CaliberMind shall not Process Customer Personal Data other than on Customer’s documented instructions unless Processing is required by Data Protection Laws to which CaliberMind is subject, in which case CaliberMind shall to the extent permitted by Data Protection Laws inform Customer of that legal requirement before Processing Customer Personal Data. For the avoidance of doubt, the Agreement, including any Processing reasonably necessary and proportionate to achieve the business purpose outlined in the Agreement, and any related SOW entered into by Customer shall constitute documented instructions for the purposes of this Addendum. Customer is solely responsible for the accuracy of Customer Personal Data and the legality of the means by which Customer acquires Customer Personal Data. Customer shall be responsible for: (1) giving adequate notice and making all appropriate disclosures to Data Subjects regarding Customer’s use and disclosure and CaliberMind’s Processing of Customer Personal Data; and (2) obtaining all necessary rights, and, where applicable, all appropriate and valid consents to disclose such Customer Personal Data to CaliberMind to permit the Processing of such Customer Personal Data by CaliberMind for the purposes of performing CaliberMind’s obligations under the Agreement or as may be required by Data Protection Laws. Customer shall notify CaliberMind of any changes in, or revocation of, the permission to use, disclose, or otherwise Process Customer Personal Data that would impact CaliberMind’s ability to comply with the Agreement, or Data Protection Laws.
4. Confidentiality. CaliberMind shall take reasonable steps to ensure that individuals that process Customer Personal Data are subject to obligations of confidentiality or are under an appropriate statutory obligation of confidentiality.
5. Security. Taking into account the state of the art, the costs of implementation and the nature, scope, context, and purposes of Processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, CaliberMind shall in relation to Customer Personal Data implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk. Customer acknowledges that, through its users, Customer: (1) controls the type and substance of Customer Personal Data; and (b) sets user permissions to access Customer Personal Data; and therefore, Customer is responsible for reviewing and evaluating whether the documented functionality of the Services meets Customer’s required security obligations relating to Customer Personal Data under Data Protection Laws.
6. Subprocessing. CaliberMind may engage Subprocessors in connection with the provision of the Services, provided that: (1) CaliberMind has entered into a written agreement with each Subprocessor containing data protection obligations not less protective than those in this Addendum with respect to the protection of Customer Personal Data to the extent applicable to the nature of the Services provided by such Subprocessor; and (2) CaliberMind shall be liable for the acts and omissions of its Subprocessors to the same extent CaliberMind would be liable if performing the Services of each Subprocessor directly under the terms of this Addendum. CaliberMind’s current list of Subprocessors for the Services is available at [calibermind.com/subprocessor-list] (“Subprocessor List”), which Customer hereby approves and authorizes. CaliberMind may engage additional Subprocessors as CaliberMind considers reasonably appropriate for the Processing of Customer Personal Data in accordance with this Addendum, provided that CaliberMind shall notify Customer of the addition or replacement of Subprocessors by making modifications to the Subprocessor List. Customer shall be responsible for periodically checking the Subprocessor List to remain informed of CaliberMind’s current list of Subprocessors. Customer shall be responsible for periodically checking the Subprocessor List to remain informed of CaliberMind’s current list of Subprocessors. Customer may, on reasonable grounds, object to a new Subprocessor by notifying CaliberMind in writing within 10 days of CaliberMind updating the Subprocessor List, giving reasons for Customer’s objection. Customer’s failure to object within such 10 day period shall be deemed Customer’s waiver of its right to object to CaliberMind’s use of a new Subprocessor added to the Subprocessor List. In the event Customer objects to a new Subprocessor, CaliberMind will use reasonable efforts to make available to Customer a change in the Services or recommend a commercially reasonable change to Customer’s configuration or use of the Services to avoid Processing of Customer Personal Data by the objected to new Subprocessor without unreasonably burdening Customer. If CaliberMind is unable to make available such change within a reasonable period of time, which shall not exceed 30 days, Customer may terminate, as Customer’s sole and exclusive remedy, the portion of the Agreement with respect only to those Services which cannot be provided by CaliberMind without the use of the objected to new Subprocessor by providing written notice to CaliberMind.
7. Data Subject Rights. CaliberMind shall promptly notify Customer if it receives a request from a Data Subject under any Data Protection Laws in respect to Customer Personal Data. In the event that any Data Subject exercises any of its rights under the Data Protection Laws in relation to Customer Personal Data, CaliberMind will shall use reasonable commercial efforts to assist Customer in fulfilling its obligations as Controller following written request from Customer, provided that CaliberMind may charge Customer on a time and materials basis in the event that CaliberMind considers, in its reasonable discretion, that such assistance is onerous, complex, frequent, or time consuming.
8. Personal Data Breach. In the event of a Personal Data Breach, CaliberMind will notify Customer without undue delay after becoming aware of the Personal Data Breach. Such notification may be delivered to an email address provided by Customer or by direct communication (for example, by phone call or an in-person meeting). Customer is solely responsible for ensuring that the appropriate notification contact details are current and valid. CaliberMind will take reasonable steps to provide Customer with information available to CaliberMind that Customer may reasonably require to comply with its obligations as Controller to notify impacted Data Subjects or Supervisory Authorities.
9. Data Protection Impact Assessment and Prior Consultation. In the event that Customer considers that the Processing of Customer Personal Data requires a privacy impact assessment to be undertaken or requires assistance with any prior consultations to any Supervisory Authority of Customer, following written request from Customer, CaliberMind shall use reasonable commercial efforts to provide relevant information and assistance to Customer to fulfil such request, provided that CaliberMind may charge Customer on a time and materials basis in the event that CaliberMind considers, in its reasonable discretion, that such assistance is onerous, complex, frequent, or time consuming.
10. Deletion or Return of Customer Personal Data.Unless otherwise required by applicable Data Protection Laws, following termination or expiration of the Agreement CaliberMind shall, at Customer’s option, delete or return all Customer Personal Data and all copies to Customer.
11. Relevant Records and Audit Rights. CaliberMind will use external auditors to annually audit and verify the adequacy of its security measures and controls (“Audit”). The reports generated by the Audit (“Reports”) will be made available to Customer upon written request no more than annually subject to the confidentiality obligations of the Agreement or a mutually-agreed non-disclosure agreement. To the extent required by Data Protection Laws and if Customer requires information in addition to the Reports, CaliberMind shall make available to Customer on request all information reasonably necessary to demonstrate compliance with this Addendum and allow for and contribute to audits, including inspections by Customer or an auditor mandated by Customer, not being competitors of CaliberMind (“Mandated Auditor”) of any premises where the Processing of Customer Personal Data takes place in order to assess compliance with this Addendum (a “Customer Audit”). CaliberMind shall provide reasonable cooperation to Customer with respect to a Customer Audit. CaliberMind shall promptly inform Customer if, in its opinion, a Customer Audit infringes the Data Protection Laws or any other confidentially obligations with CaliberMind’s other customers. Customer agrees that: (1) a Customer Audit may only occur during normal business hours, and where possible only after reasonable notice to CaliberMind (not less than 20 days’ advance written notice); (2) a Customer Audit will be conducted in a manner that does not have any adverse impact on CaliberMind’s normal business operations; (3) Customer and any Mandated Auditor will comply with CaliberMind’s standard safety, confidentiality, and security procedures in conducting any Customer Audit; and (4) any records, data, or information accessed by Customer or any Mandated Auditor in the performance of any Customer Audit will be deemed to be the Confidential Information of CaliberMind. To the extent any Customer Audit incurs in excess of 20 hours of CaliberMind personnel time, CaliberMind may charge Customer on a time and materials basis for any such excess hours. If the controls or measures to be assessed in a request for a Customer Audit are addressed in an ISO/IEC 27001 or SOC 2 Type II audit report performed by a qualified and independent third party auditor within the 12 months preceding request for a Customer Audit and CaliberMind has certified in writing that there are no known material changes in the controls audited, CaliberMind agrees to accept such report in lieu of requesting an audit of such controls or measures.
12. International Data Transfer. With respect to Restricted Transfers, the parties will conduct such Restricted Transfer in accordance all applicable laws. The parties hereby agree that the Standard Contractual Clauses set forth in Exhibit 1 to this Addendum A (which will be deemed executed by the parties as of the effective date of this Addendum), and the following terms will apply: (1) Customer will be referred to as the “Data Exporter” and CaliberMind will be referred to as the “Data Importer” in such clauses with relevant company name and address details from the Agreement being used accordingly; (2) details in the Agreement and any Order will be used to complete Annex 1 of the Standard Contractual Clauses; and (3) details in Section 5 (Security) of this Addendum will be used to complete Annex 2 of the Standard Contractual Clauses. If there is any conflict between this Addendum or the Agreement and the Standard Contract Clauses, the Standard Contract Clauses will prevail.
12.1 Instructions. For the purposes of Section 2 of this Addendum and Clause 5(a) of the Standard Contractual Clauses, the following acts are deemed an instruction by the Customer to process Personal Data: (a) Customer’s entering into the Agreement and applicable Orders are deemed instructions to Process Personal Data as is necessary to perform Services under the Agreement; (b) Users actions that initiate Processing while using the Services; and (c) Customer’s other documented reasonable instructions provided by Customer (e.g., via email) where such instructions are consistent with the terms of the Agreement.
12.2 Engagement of New Subprocessors. Pursuant to Clause 5(h) of the Standard Contractual Clauses, Customer acknowledges and expressly agrees that CaliberMind may engage new Subprocessors as described in this Addendum.
12.3 Copies of Subprocessor Agreements. The parties agree that CaliberMind may redact the copies of the Subprocessor agreements that must be provided by CaliberMind to Customer pursuant to Clause 5(j) of the Standard Contractual Clauses to remove commercial information, confidential information, and clauses unrelated to the Standard Contractual Clauses or their equivalent. CaliberMind will provide copies of the Subprocessor agreements, only upon request by Customer.
12.4 Audits and Certifications. The parties agree that the audits described in Clause 5(f) and Clause 12(2) of the Standard Contractual Clauses shall be carried out in accordance with the specifications described in this Addendum.
12.5 Certification of Deletion. The parties agree that the certification of deletion of Personal Data that is described in Clause 12(1) of the Standard Contractual Clauses shall be provided by CaliberMind to Customer only upon Customer’s request.
13. General Terms. Any obligation imposed on CaliberMind under this Addendum in relation to the Processing of Personal Data shall survive any termination or expiration of this Addendum. Should any provision of this Addendum be invalid or unenforceable, then the remainder of this Addendum shall remain valid and in force. The invalid or unenforceable provision shall be either: (1) amended as necessary to ensure its validity and enforceability, while preserving the intent of the provision as closely as possible or, if this is not possible, (2) construed in a manner as if the invalid or unenforceable part had never been contained therein. With regard to the subject matter of this Addendum, the provisions of this Addendum shall prevail over the Agreement with regard to data protection obligations for Personal Data of a Data Subject under Data Protection Laws. Notwithstanding anything to the contrary in this Addendum or in the Agreement (including, without limitation, either party’s indemnification obligations), neither party will be responsible for any GDPR fines issued or levied under Article 83 of the GDPR against the other party by a regulatory authority or governmental body in connection with such other party’s violation of the GDPR. Customer acknowledges that the Services are not intended for the Processing of Special Categories of Personal Data. Customer will not provide (or cause to be provided) any Special Categories of Personal Data to CaliberMind for Processing under the Agreement or this Addendum. Except in the context of a specific agreement between the parties regarding Processing Special Categories of Personal Data, any transmission or processing of Special Categories of Personal Data is at Customer’s own risk. CaliberMind will have no liability whatsoever for Special Categories of Personal Data, whether in connection with a Personal Data Breach or otherwise. For the avoidance of doubt, this Addendum will not apply to Special Categories of Personal Data. As between the parties to this Addendum, each party’s liability and remedies under this Addendum are subject to the aggregate liability limitations and damages exclusions set forth in the Agreement. Unless prohibited by Data Protection Laws, this Addendum is governed by the laws stipulated in the Agreement and the parties to this Addendum hereby submit to the choice of jurisdiction and venue stipulated in the Agreement, if any, with respect to any dispute arising under this Addendum.