Terms and Conditions
These Privacera Terms and Conditions (“Terms”) govern Customer’s subscription to access and use the Privacera, Inc. Data Governance Management SaaS Service (Service) . Customer will be entitled to access and use the Privacera Services upon acceptance of these Terms and Conditions, submission of the related Service Order and payment to Kollective of the amounts indicated in the Service Order. Together, these Terms and Conditions and the Service Order will constitute the Agreement. Together, these Terms and Conditions and the Service Order will constitute the Agreement. Capitalized terms have the meanings given under “Definitions.”This Saas Services Agreement (the “Agreement”) is entered into as of __________, 20__ (the “Effective Date”) between Privacera Inc., a Delaware corporation with an address at 39300 Civic Center Drive #140, Fremont, CA 94538 (“Privacera”), and _________, a _______ corporation with an address at _______________ (“Customer”).
As used in this Agreement, the words below are defined as follows:
“Applicable Data Protection Laws” means any applicable Personal Data protection or privacy laws, rules, regulations or requirements in any jurisdiction, including without limitation, the EU Data Protection Directive 95/46/EC, as amended or replaced from time to time including the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (“GDPR”) and the California Consumer Protection Act (“CCPA”).
“Confidential Information” means any proprietary information provided by a party to this Agreement (“Discloser”) to the other party (“Recipient”) during or prior to entering into this Agreement that is either designated as confidential at the time of disclosure or that Recipient should know is confidential or proprietary based on the circumstances surrounding the disclosure and includes, without limitation, the Saas Services and any non-public technical and business information; provided, however, Confidential Information does not include information that (a) is or becomes generally known to the public through no fault of or breach of this Agreement by the Recipient; (b) is rightfully known by the Recipient at the time of disclosure without an obligation of confidentiality; (c) is independently developed by the
Recipient without use of the Discloser’s Confidential Information; or (d) the Recipient rightfully obtains from a third party without restriction on use or disclosure.
“Customer Data” means all Customer data processed by or stored by the SaaS Services, including logs and any output or results generated by processing of such materials by the SaaS Services.
“Documentation” means Privacera’s standard end user manuals and user guides for the SaaS Services.
“Malicious Code” means viruses, worms, time bombs, Trojan horses and other harmful or malicious code, files, scripts, agents or programs.
“Product Schedule” means a mutually executed version of Privacera’s standard ordering document which references this Agreement. The initial Product Schedule is attached hereto as Exhibit A. Each Product Schedule will be incorporated into and form a part of the Agreement.
“Personal Data” has the definition set forth in the GDPR and, where applicable, other Applicable Data Protection Laws applying to similar concepts.
“SaaS Services” means the hosted software services that are to be provided online to Customer by Privacera, including any updates provided by Privacera to Customer as part of the Support Services.
“Sensitive Data” means Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation. For the purposes of this Agreement, “Sensitive Data” also includes Personal Data relating to banking or credit card information, creditworthiness or other financial status information.
“Subscription Term” means the applicable subscription term as set forth in the Product Schedule.
“Support Services” means Privacera’s standard support services as described in Exhibit B (“Support Terms”).
“Usage Data” means data collected by Privacera relating to Customer’s use of the Saas Services that has been aggregated and de-identified such that it is not associated with any specific customer or individual.
“User” means a Customer employee who is authorized by Customer to use the SaaS Services for the benefit of Customer, and to whom Customer has supplied a user identification and password.
Subject to Customer’s compliance with the terms and conditions of this Agreement, Privacera grants Customer the right to access and use the Saas Services in accordance with the Documentation solely for Customer’s internal business purposes.
As between the parties, Privacera retains all right, title, and interest in and to the SaaS Services and Documentation, and all software, products, works, and other intellectual property and moral rights related thereto or created, used, or provided by Privacera for the purposes of this Agreement, including any copies and derivative works of the foregoing. No rights or licenses are granted except as expressly and unambiguously set forth in this Agreement. All rights are expressly reserved by Privacera.
The SaaS Services scan specified Customer databases to identify information that is subject to Applicable Data Protection Laws. Customer (not Privacera) is solely responsible for correctly identifying which data protection regulations may apply, and configuring the SaaS Services to include such regulations.
Customer is responsible for its and its Users’ compliance with this Agreement, the Documentation and the Product Schedule. Customer will not: (i) attempt to gain, and will use commercially reasonable efforts to prevent unauthorized access to or use of the Saas Services by third parties, and will promptly notify Privacera of any such unauthorized access or use; (ii) make the SaaS Services available to anyone other than Customer or Users, or use the SaaS Services for the benefit of anyone other than Customer, unless expressly stated otherwise in the Product Schedule; (iii) copy, sell, resell, license, sublicense, distribute, make available, rent or lease any SaaS Services or include any SaaS Services in a service bureau or outsourcing offering; (iv) reverse engineer, decompile, disassemble, or otherwise attempt to discover the source code, object code, or underlying structure, ideas, or algorithms of the SaaS Services (except to the extent applicable laws specifically prohibit such restriction); (v) modify, translate, or create derivative works SaaS Services; (vi) not remove or otherwise alter any proprietary notices from the SaaS Services or Documentation or any portion thereof; (vii) not interfere or attempt to interfere with the proper working of the SaaS Services; (viii) use the SaaS Services in a manner that violates applicable laws, treaties or regulations (including those related to data privacy, international communications and export laws); (ix) use the Saas Services to store or transmit infringing, libelous, or otherwise unlawful or tortious material, or to store or transmit material in violation of third-party privacy rights, or to store or transmit any Sensitive Information; (x) use the Saas Services to store or transmit Malicious Code; or (xi) attempt to access Privacera’s systems or networks.
Customer is responsible for the accuracy, quality and legality of Customer Data, the means by which Customer acquired Customer Data, and Customer’s use of Customer Data with the SaaS Services.
As between the parties, Customer owns and retains all rights to the Customer Data. Customer grants Privacera a worldwide, limited license to host, copy, use, transmit, and display Customer Data in order to fulfill its obligations to provide the Saas Services to Customer in accordance with this Agreement.
Privacera will maintain appropriate administrative, physical and technical safeguards for protection of the security, confidentiality and integrity of Customer Data, as described in the Documentation. Those safeguards will include, but will not be limited to, measures designed to prevent unauthorized access to or disclosure of Customer Data (other than by Customer or Users). The terms of Privacera’s data processing addendum available upon request (“DPA”) are hereby incorporated by reference and shall apply to the extent Customer Data includes Personal Data, as defined in the DPA.
Privacera will make Customer Data available to Customer for export or download for thirty (30) days after termination or expiration of the Subscription Term. After such 30-day period, Privacera will have no obligation to maintain or provide any Customer Data, and will thereafter delete or destroy all copies of Customer Data in its systems or otherwise in its possession or control, unless legally prohibited.
Privacera may freely use the Usage Data to develop, modify, improve, support, customize and operate its current and future products and services.
Privacera will provide Support Services for the SaaS Services during the Subscription Term. Privacera may modify the Support Terms at any time; provided, however, that during a Subscription Term such modifications shall not materially diminish the benefit of the Support Services as provided by Privacera at the start of such Subscription Term.
The subscription fees payable by Customer for the SaaS Services for the Subscription Term will be set forth in each Product Schedule (“Subscription Fees”). Unless otherwise specified in a Product Schedule, all Subscription Fees shall be invoiced annually in advance.
All invoices issued under this Agreement are payable in U.S. dollars within thirty (30) days of the date of invoice. Past due invoices are subject to interest on any outstanding balance of the lesser of 1.5% per month or the maximum amount permitted by law. All fees paid are non-cancelable, non-refundable (except where expressly provided to the contrary in this Agreement) and are not subject to set-off.
All fees specifically exclude (and Customer is responsible for) any and all applicable sales, use and other taxes, other than taxes based on Privacera’s income. If all or any part of any payment owed to Privacera under this Agreement is withheld, based upon a claim that such withholding is required pursuant to the tax laws of any country or its political subdivisions and/or any tax treaty between the U.S. and any such country, such payment shall be increased by the amount necessary to result in a net payment to Privacera of the amounts otherwise payable under this Agreement. If Customer exceeds any user or usage limitations set forth on a Product Schedule, then Privacera shall invoice Customer for such additional users or usage at the overage rates set forth on the Product Schedule (or if no overage rates are set forth on the Product Schedule, at Privacera’s then-current standard overage rates for such usage), in each case on a pro-rata basis from the first date of such excess usage through the end of the then current Subscription Term, and such increased quantity will be used as the basis for calculating the Subscription Fees for any renewal term.
Following execution of this Agreement, Privacera will enable access to the Saas Services, and the SaaS Services will be deemed accepted by Customer at such time.
Subject to termination as set forth below in this Section 7, the term of this Agreement will commence on the Effective Date and will continue for as long as any SaaS Sevices are being provided to Customer under this Agreement. The Subscription Term set forth in a Product Schedule shall automatically renew for successive terms equal in duration to the initial Subscription Term unless either party notifies the other party in writing, not less than thirty (30) calendar days before the expiration of the then-current Subscription Term, that such party does not wish to renew for an additional Subscription Term.
Either party may terminate this Agreement immediately without further notice if the other party materially breaches any of its obligations under this Agreement and does not remedy such breach within thirty (30) calendar days of the date on which the breaching party receives written notice of such breach from the non-breaching party.
Upon the expiration or termination of this Agreement for any reason: (i) Customer’s right to use and access the SaaS Services shall immediately terminate; (ii) Privacera’s obligations to perform the Support Services shall immediately terminate; (iii) Customer shall pay to Privacera the full amount of any outstanding fees due hereunder; and (iv) each party shall promptly destroy or return all Confidential Information of the other party in its possession, and will not make or retain any copies of such information in any form, except that the receiving party may retain one (1) archival copy of such information solely for purposes of ensuring compliance with this Agreement. Notwithstanding the foregoing, the following Sections shall survive the termination of this Agreement: 2.2, 6.2, 7.3, 8, 9.2, 10, 11 and 12.
Use by Customer of the Saas Services in violation of the terms of this Agreement or in a manner that threatens the security, integrity or availability of the Saas Services may result in Privacera’s immediate suspension of the Saas Services; provided however that Privacera will use commercially reasonable efforts under the circumstances to provide Customer with notice and an opportunity to remedy such violation or threat prior to any such suspension.
Recipient agrees not to use Discloser’s Confidential Information for any purpose except as necessary to fulfill its obligations and exercise its rights under this Agreement. Recipient shall protect the secrecy of and prevent disclosure and unauthorized use of the Discloser’s Confidential Information using the same degree of care that it takes to protect its own confidential information of a similar nature, which in no event shall be less than reasonable care. The Recipient may disclose the Discloser’s Confidential Information if required by judicial or administrative process, provided that Recipient first provides Discloser with prompt notice of such required disclosure to enable Discloser to seek a protective order.
Privacera warrants to Customer that the Saas Services will have the functionality set forth in the Documentation. Customer’s sole and exclusive remedy, and Privacera’s sole and exclusive liability for any breach of this warranty will be, at Privacera’s sole discretion, to either proceed to remedy the breach accordance with the Support Services or refund a prorated portion of the applicable Subscription Fees representing the fees attributable to the remainder of the applicable Subscription Term. This warranty is null and void if a breach results from use of the SaaS Services that aises from: (i) use with any third party hardware or software; or (ii) use for an unintended purpose, use other than in accordance with the Documentation, or use otherwise in breach of this Agreement.
EXCEPT AS EXPRESSLY SET FORTH IN SECTION 9.1, THE SAAS SERVICES ARE PROVIDED “AS IS” AND “AS AVAILABLE” AND WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE, AND ANY WARRANTIES IMPLIED BY ANY COURSE OF PERFORMANCE, USAGE OF TRADE, OR COURSE OF DEALING, ALL OF WHICH ARE EXPRESSLY DISCLAIMED.
Privacera shall defend, indemnify, and hold harmless Customer, its affiliates and each of its and its affiliates’ employees, contractors, directors, suppliers and representatives from all liability and costs (including reasonable attorneys’ fees) (“Losses”), that arise from or relate to any third party claim that the SaaS Services infringe or misappropriate any intellectual property rights of a third party. If Customer’s use of the SaaS Services is enjoined or Privacera reasonably believes Customer’s use of the SaaS Services may be enjoined, Privacera may, at its option, elect to obtain a license for Customer to continue using the applicable SaaS Services or modify the applicable SaaS Services so that they no longer infringe or, if neither of the foregoing is commercially practicable, terminate the applicable Product Schedule and provide a refund to Customer of any prepaid, unused fees for the remainder of the Subscription Term. Privacera shall have no indemnity obligation to the extent that the infringement arises out of (i) use of other than the then-current, unaltered version of the applicable SaaS Services, unless the infringing portion is also in the then-current, unaltered release; (ii) Privacera’s compliance with Customer’s specifications; (iii) modifications to the SaaS Services made by anyone other than Privacera; (iv) the combination of the SaaS Services with other products, processes or materials not provided by Privacera (where the alleged Losses arise from or relate to such combination); (v) Customer’s continued allegedly infringing activity after being notified thereof or after being informed of modifications that would have avoided the alleged infringement; or (vi) Customer’s use of the SaaS Services other than in accordance with this Agreement and the Documentation. THIS SECTION 10.1 SETS FORTH CUSTOMER’S SOLE AND EXCLUSIVE REMEDY AND PRIVACERA’S SOLE AND EXCLUSIVE OBLIGATION WITH RESPECT TO ANY CLAIMS OF INTELLECTUAL PROPERTY INFRINGEMENT.
By Customer. Customer shall defend, indemnify, and hold harmless Privacera, its affiliates and each of its and its affiliates’ employees, contractors, directors, suppliers and representatives from all Losses that arise from or relate to Customer’s breach of its obligations set forth in Section 3.2.
Process. The party seeking indemnification in accordance with this Section (the “Indemnitee”) must provide the indemnifying party (“Indemnitor”) with: (a) prompt written notice of any claim (provided that a failure to provide such notice shall only relieve the Indemnitor of its indemnity obligations to the extent the Indemnitor is materially prejudiced by such failure); (b) sole control over the defense and settlement of any claim (provided that: (i) the Indemnitee may participate in such defense at its own cost; and (ii) the Indmnitor may not settle any case in a manner that requires the Indemnitee to pay any amount or admit any liability); and (c) reasonable information and assistance in connection with such defense and settlement (at the Indemnitor’s expense).
UNDER NO CIRCUMSTANCES SHALL EITHER PARTY BE LIABLE TO THE OTHER PARTY OR ANY THIRD PARTY FOR ANY INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, PUNITIVE, RELIANCE, OR CONSEQUENTIAL DAMAGES, (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF BUSINESS PROFITS, BUSINESS INTERRUPTION, LOSS OF BUSINESS INFORMATION AND THE LIKE) ARISING OUT OF THIS AGREEMENT, REGARDLESS OF THE LEGAL THEORY UPON WHICH ANY CLAIM FOR SUCH DAMAGES IS BASED AND EVEN IF SUCH PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
Damages Cap. WITHOUT LIMITING THE FOREGOING, AND EXCEPT AS OTHERWISE PROHIBITED BY LAW, IN NO EVENT WILL EITHER PARTY’S TOTAL AGGREGATE LIABILITY UNDER THIS AGREEMENT FOR ALL DAMAGES, LOSSES AND CAUSES OF ACTION EXCEED THE TOTAL AMOUNT OF SUBSCRIPTION FEES PAID OR PAYABLE BY CUSTOMER TO PRIVACERA DURING THE TWELVE (12) MONTH PERIOD IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO THE LIABILITY. The limitations set forth in this Section 11 do not apply to: (i) a party’s indemnification obligations under Section 10; and (ii) a party’s willful misconduct, gross negligence or fraud.
Assignment. Customer shall not assign this Agreement or transfer any of its rights hereunder, or delegate the performance of any of its obligations under this Agreement, whether by merger, acquisition, sale of assets, operation of law, or otherwise, without the prior written consent of Privacera. Any purported assignment in violation of the preceding sentence is null and void
Governing Law. This Agreement will be construed and enforced in all respects in accordance with the laws of the state of California, without reference to its choice of law rules. Except as set forth below, the federal and state courts seated in Alameda County, California, will have sole and exclusive jurisdiction for all purposes in connection with any action or proceeding that arises from, or relates to, this Agreement, and each party hereby irrevocably waives any objection to such exclusive jurisdiction. Notwithstanding anything in this Agreement to the contrary, either party may seek injunctive or other equitable relief in any court of competent jurisdiction to protect any actual or threatened misuse or disclosure of its Confidential Information and each party hereby submits to the exclusive jurisdiction of such courts.
Feedback. To the extent Customer provides any comments, suggestions, or related materials regarding the Privacera or Support Services, whether by letter, e-mail, telephone, or otherwise (“Feedback”), Customer hereby grants Privacera a non-exclusive, worldwide, perpetual, irrevocable, transferable, sublicensable, royalty free, fully paid up license to use and exploit the Feedback for any purpose whatsoever.
Force Majeure. Except for payment obligations, neither party shall be liable for any failure to perform its obligations hereunder where such failure results from any cause beyond such party’s reasonable control, including, without limitation, the elements; fire; flood; severe weather; earthquake; vandalism; accidents; sabotage; power failure; denial of service attacks or similar attacks; Internet failure; acts of God and the public enemy; acts of war; acts of terrorism; riots; civil or public disturbances; strikes lock-outs or labor disruptions; any laws, orders, rules, regulations, acts or restraints of any government or governmental body or authority, civil or military, including the orders and judgments of courts.
Notices. All notices under this Agreement shall be in writing and shall be deemed to have been duly given when received, if personally delivered or sent by certified or registered mail, return receipt requested; or the day after it is sent, if sent for next day delivery by recognized overnight delivery service. Notices must be sent to the contacts for each party set forth on the signature blocks below. Either party may update its address set forth above by giving notice in accordance with this section.
Publicity. During the term of this Agreement, Customer hereby agrees that Privacera shall have the right to include Customer’s name and logo as a customer who uses the SaaS Services on the Privacera website and in other marketing materials promoting the SaaS Services.
Amendment and Waiver. Except as otherwise specified in this Agreement, this Agreement may be amended or supplemented only by a writing that refers explicitly to this Agreement and that is signed on behalf of both parties. No waiver will be implied from conduct or failure to enforce rights. No waiver will be effective unless in a writing signed on behalf of the party against whom the waiver is asserted.
Integration and Order of Precedence. This Agreement (which includes all Product Schedules) represents the entire agreement between the parties relating to its subject matter and supersedes all prior and/or contemporaneous representations, discussions, negotiations and agreements, whether written or oral. The terms on any purchase order, confirmation, or similar document submitted by Customer to Privacera will have no effect and are hereby rejected. In the event of any conflict or inconsistency between the terms and conditions of this Agreement and the terms of any Product Schedule, the terms and conditions of this Agreement shall govern, and the conflicting or inconsistent provision in the Product Schedule will have no force or effect unless expressly stated otherwise in the Product Schedule. If any term of this Agreement is found invalid or unenforceable that term will be enforced to the maximum extent permitted by law and the remainder of this Agreement will remain in full force.
Independent Contractors. The parties are independent contractors and nothing contained herein shall be construed as creating an agency, partnership, or other form of joint enterprise between the parties.
Counterparts. This Agreement may be entered into in one or more counterparts, each of which will be deemed an original, and all of which taken together shall constitute one and the same instrument.
IN WITNESS WHEREOF the parties have executed this Agreement as of the Effective Date:
Product Schedule #1
This Product Schedule, dated _____________, 20__ (the “Product Schedule Effective Date”), is entered into between Privacera, Inc. (“Privacera”) and ___________ (“Customer”) pursuant to the SaaS Services Agreement (the “Agreement”) effective as of __________ between Privacera and Customer. Upon mutual execution, this Product Schedule will be incorporated into and form a part of the Agreement. All capitalized terms used by not defined herein shall have the meanings ascribed to them in the Agreement.
Form of Ownership:
39300 Civic Center Drive. Suite # 140 Fremont, CA 94538
Delaware, US Corporation
Federal Tax ID Number (EIN): ___________________
Product Schedule Term:
The Product Schedule Initial Term (annual subscription) shall be one (1) year from the Order Form Effective Date (subject to renewal as set forth in the SaaS Services Agreement).
|SAAS SERVICE||SERVICE DESCRIPTION & SCOPE||QUANTITY||ANNUAL SUBSCRIPTION FEE|
|Privacera Access Manager (PAM)||Privacera Access Manager provides centralized definition and management of data access policies from a single console, enables distributed enforcement across heterogeneous cloud and on-premises data services. PAM provides Dynamic masking, and centralized audit and reporting for all services. Platform: AWS Licensed Data Services: AWS-S3, EMR-Hive, Snowflake||Connector Count: User Count:||$ x00,000|
Services and Training:
Saas Service Subscription:
|Services and Training:||Privacera team will help setup SaaS Services, and help configure the systems. Privacera will also train the customer team on use of the SaaS Services||Connector Count:|
Fees and Expenses; Invoicing
Annual Subscription Fees will be invoiced upon the Product Schedule Effective Date and every subsequent one-year anniversary as applicable.
IN WITNESS WHEREOF, the parties have executed this Product Schedule as of the Product Schedule Effective Date:
|SEVERITY TYPE||OPERATING HOURS|
|Severity 1||24 hours x 7 days|
|Severity 2-4||24 hours x 5 days (Monday to Friday)|
|SEVERITY TYPE||FIRST RESPONSE TIME|
|Severity 1 Response||Within 2 hours|
|Severity 2 Response||Within 8 hours|
|Severity 3 Response||Within 48 hours|
|Severity 4 Response||Within 72 hours|
Support tickets created by customers will be responded to as per the support SLAs. Support tickets can be created in the Privacera support portal as a registered user. Privacera support portal can be accessed at https://privacera.zendesk.com. Alternatively, tickets can be created by calling the support using the toll free hotline in case the support portal is not accessible. Privacera reserves the right to change support portal software depending on support requirements.
Privacera Support Hotline
Privacera guarantees 99.9% uptime where downtime of 0.1% equates to 44mins per month and 8hr 46mins per year. The guaranteed uptime does not include scheduled maintenance hours.
Privacera shall run a maintenance update on Privacera Cloud to ensure proper functionality and new features. Privacera will maximize an effort to minimize the downtime and out of control unavailability and non-maintenance window of Privacera service.