Terms of Service
Last updated: 17 June 2024
These FoundriesFactory Terms of Service (“Terms”), together with the Order Form (as defined below), govern the use of the FoundriesFactory Service and Support Services (each as defined below) that may be provided by Foundries.io Ltd, a company registered in England and Wales under company number 10899991, having its registered office at Churchill House, Cambridge Business Park, Cowley Road, Cambridge, CB4 0WZ, United Kingdom (“Foundries.io”) to the person or legal entity (“Customer”) that has executed an Order Form (as defined below). Foundries.io and Customer are occasionally referred to herein individually as a “Party” and collectively as the “Parties”.
1. DEFINITIONS
In addition to other terms defined elsewhere in the Agreement (as defined below), the following terms, when the first letter is capitalized, shall have the meanings set forth in this Section 1 (DEFINITIONS). These meanings shall apply both to their singular or plural forms, as the context may require. As used herein, “hereunder,” “herein” and similar expressions refer to the Agreement; and “including” means “including without limitation”.
“Acceptable Use Policy” means the Foundries.io acceptable use policy available on the Foundries.io website or upon request.
“Affiliate” means, with respect to a Party, any corporation or other legal entity that, at any time, directly or indirectly, Controls, is Controlled by, or is under common Control with such Party (but only as long as such Control exists). For the purpose of this definition, the term “Control” means (i) the beneficial ownership (whether direct or indirect) of more than fifty percent (50%) of the voting power of an entity or (ii) in the case of an entity that does not have outstanding voting shares or securities, the majority (i.e., more than fifty percent (50%)) of the equity interests in such entity is now or hereafter owned or controlled by another entity, either directly or indirectly.
“Agreement” means the Order Form executed by the Parties, together with these Terms, including all exhibits, attachments and addenda hereto, and any terms and conditions referenced herein, which are incorporated into these Terms by reference. For the avoidance of doubt, each separate Order Form executed by the Parties (together with these Terms) will be deemed a separate agreement as set forth herein.
“Customer Material” means schematics, designs, software in object code or source code, hardware, other documentation or technology including updates or upgrades that Customer in its sole discretion, uploads to the FoundriesFactory Service or otherwise provides to Foundries.io or its Affiliates.
“FoundriesFactory Service” means the cloud service provided by Foundries.io under these Terms, including any bug fixes, error corrections, new builds, enhancements, updates, upgrades and new modules (in each case, if any) to the FoundriesFactory Service provided by Foundries.io to Customer during the Subscription Term.
“Foundries.io Technology” means any technology from Foundries.io and/ or its Affiliates.
“Order Effective Date” means the effective date of the Order Form as set out in the Order Form.
“Order Form” means the order setting out certain commercial terms, including the term of Customer's subscription to, the FoundriesFactory Service, that incorporates these Terms.
“Product” means an embedded, IoT or edge hardware device of Customer's that is provided to end customers. For purposes of these Terms, a set of Products that runs a single binary software build image is regarded as a single Product. For example, a device that is shipped with several different memory or other configurations is regarded as a single Product provided that all variants use the same binary software build image.
“Services” means the FoundriesFactory Service and Support Services (if any).
“Subscription Term” means the subscription period for the FoundriesFactory Service, and/or Support Services (if any), as set out in the Order Form.
“Support Addendum” means the Support Addendum attached hereto as Schedule 2.
“Support Services” means the support services set forth in the Support Addendum which are included if the Customer has subscribed for commercial use of the FoundriesFactory Service pursuant to an Order Form, and such additional support (if any) that the Customer has ordered on the Order Form.
2. ORDERS; RIGHT TO ACCESS FOUNDRIESFACTORY SERVICE
2.1 Orders. Subject to these Terms, Customer may subscribe for access and use of the FoundriesFactory Service, as further specified in the Order Form. The Order Form will incorporate by reference these Terms. Customer agrees that its purchases hereunder are neither contingent on the delivery of any future functionality or features nor dependent on any oral or written public comments or representations made by Foundries.io or its Affiliates regarding any future functionality or features. If there is any inconsistency between the Order Form and these Terms, the Order Form controls, but only in the event that the Order Form specifically identifies by Section reference the provisions of these Terms that the Order Form will control and take precedence over, and only for such Order Form.
2.2 Access to FoundriesFactory Service. Subject to Customer's compliance with the Agreement, including the payment of fees, Foundries.io or its Affiliate shall provide Customer with access to the FoundriesFactory Service, to evaluate or develop, test, deploy and maintain Products (as specified in the Order Form) provided that each Product will require a separate subscription to the FoundriesFactory Service. Customer represents and warrants to Foundries.io that Customer will use the FoundriesFactory Service: (i) in accordance with Foundries.io's Acceptable Use Policy; and (ii) solely as set forth in the Agreement. Nothing herein shall be construed as the sale of any software or tools to Customer. Nothing in the Agreement shall modify or abrogate Customer's obligations under any other agreement with Foundries.io or any of its Affiliates. Customer acknowledges and agrees that the entire right, title and interest in the FoundriesFactory Service (including all intellectual property and proprietary rights therein) shall remain with Foundries.io and its Affiliates.
2.3 Support Services. Unless otherwise set forth in the Order Form, Foundries.io will provide the Support Services described in the Support Addendum. Customer acknowledges and agrees that the Support Addendum shall apply only to Customer's commercial use of the FoundriesFactory Service as specified in the Order Form, and accordingly, said Support Addendum and the Support Services specified therein shall not apply to the use of the FoundriesFactory Service for evaluation purposes. Furthermore, the Support Services will be provided solely to Customer.
2.4 Enhancements. Foundries.io may, from time to time and in its sole discretion, make certain enhancements to the FoundriesFactory Service generally available at no cost to Customers at no additional charge. In addition, Foundries.io may, in its sole discretion, offer Customer certain enhancements to the FoundriesFactory Service at an additional charge. If Customer opts to subscribe for such chargeable enhancements, they will be included in the FoundriesFactory Service under these Terms for the remainder of the Subscription Term, subject to Customer entering into the relevant Order Form and making the applicable payment.
3. CUSTOMER MATERIAL
3.1 Foundries.io's Right to Use Customer Material. As to any Customer Material uploaded by Customer to the FoundriesFactory Service, Customer hereby grants to Foundries.io and its Affiliates, a worldwide, royalty-free, fee-free, non-exclusive, non-transferrable, sublicensable (through multiple tiers, including, through its subcontractors) license to access, use, reproduce, display and otherwise exploit such Customer Material in order to provide the Services to Customer, without obligation of any kind to Customer. Customer is responsible for all Customer Material. Foundries.io will only access the Customer Material uploaded by Customer for the purpose of providing the Services or if Foundries.io is required by applicable law to access the Customer Material. Foundries.io shall use commercially reasonable efforts to notify Customer regarding Foundries.io's access to the Customer Material, unless Foundries.io is prevented from making such notification under applicable law or such access is required to maintain the security of the FoundriesFactory Service.
3.2 Customer Obligation. Customer shall assume all risk and liabilities associated with the use of the FoundriesFactory Service and any Customer Material. Customer acknowledges and agrees that it is responsible for creating and maintaining back-ups of the Customer Material and Foundries.io may remove Customer Material from the Foundries.io Service without notice. Customer shall defend, indemnify, and hold harmless Foundries.io and each of its successors and assigns and each of its directors, officers, Affiliates, agents, employees and customers from all claims, losses, costs, damages, expenses (including attorneys' fees), and other liabilities arising out of or related to Customer's use, operation, possession and/or distribution of (a) the Customer Material, and (b) any Product utilizing such Customer Material, to the fullest extent permitted by law.
3.3 Security. Customer shall implement and maintain appropriate security measures to prevent unauthorized access, use, or disclosure of the FoundriesFactory Service. This includes but is not limited to using secure login credentials, maintaining up-to-date antivirus and firewall protection, and promptly reporting to Foundries.io any suspected security breaches, security issues, vulnerabilities or unauthorized activities in respect of the Service by email to [email protected], or to such other email address as Foundries.io may notify to Customer.
3.4 Data Protection. If and to the extent that the Services involve the Processing of Personal Data as defined in the Data Processing Agreement attached hereto as Schedule 1 to the Terms (“DPA”), the Parties shall comply with the obligations as set forth in the DPA that is hereby incorporated by reference and made part of the Agreement. Neither Party shall be liable to the other Party for breach under this Section 3.3 (Data Protection) to the extent such breach is directly caused by the failure of that other Party to perform its obligations under the Agreement. Before filing any claim of breach against the other alleging violation of this Section 3.4 or if either Party reasonably believes that the data collection, data use, data security, or data sharing practices as set forth in the Agreement may violate applicable privacy, data protection, or data security laws, rules or regulations in any particular jurisdiction where the Services or any portion thereof is implemented or distributed, such Party shall notify the other and the Parties shall work in good faith to either modify such practices or, if modification of practices is not commercially feasible in the sole reasonable judgment of the Party obligated to undertake such modification, terminate provision of related service for the applicable jurisdiction.
4. RESTRICTIONS
4.1 Open Source Prohibition. Customer shall not incorporate, link, submit, provide, upload, or use any third party software or code in conjunction with the FoundriesFactory Service in such a way that: (a) creates, purports to create or has the potential to create, obligations with respect to any of Foundries.io's or Foundries.io's Affiliates' software, including without limitation the distribution or disclosure of any source code; or (b) grants, purports to grant, or has the potential to grant to any third party any rights to or immunities under any intellectual property or proprietary rights of Foundries.io or Foundries.io's Affiliates. Without limiting the generality of the foregoing, Customer shall not incorporate, link, submit, provide, upload, or use, in conjunction with the FoundriesFactory Service, any code or software licensed under any version of the GNU General Public License (“GPL”), Lesser General Public License (“LGPL”), Affero GPL (“AGPL”), European Union Public License (EUPL) , Mozilla Public License (“MPL”), Server Side Public License (“SSPL”) or any other open source license, in any manner that could cause or could be interpreted or asserted to cause any of Foundries.io's or Foundries.io's Affiliates' software that is not already under such terms to become subject to the terms of the GPL, LGPL, AGPL, ECPL, MPL, SSPL or such other open source license. The rights granted by Foundries.io in the Agreement and the Services provided are expressly conditioned upon Customer's full compliance with this Section.
4.2 No Reverse Engineering. Except as required by applicable law, Customer shall not, and shall procure that its employees, contractors and agents do not,: (a) copy, decompile, decrypt, reverse engineer, disassemble, modify, or create derivative works of the FoundriesFactory Service or attempt to reconstruct or discover any source code or underlying ideas or algorithms of same, or (b) remove, alter or obscure any product identification, copyright or other intellectual property notices embedded within or on the FoundriesFactory Service.
4.3 Third Party Material. All third party software that Customer downloads from the FoundriesFactory Service or from github.com/foundriesio is governed by the third party's license terms, and not the terms of this Agreement. Customer agrees to be bound by the applicable license terms. Foundries.io provides a Software Bill of Materials (SBOM) containing a list of all third party open source software and corresponding open source license (the “SBOM Data”). This SBOM Data is generated based on Software Package Data eXchange (SPDX)-formatted metadata found in the source code and documentation of the third party packages. Customer is responsible for complying with all third party proprietary or open source licenses. In no event shall Foundries.io or any of Foundries.io's Affiliates be liable for any claim, damages, or other liability, whether in action of contract, tort, or other legal theory, arising from, out of, or in connection with the use of the SBOM Data or any software listed in the SBOM Data. To the extent any open source materials are provided in the environment by Foundries.io, as between the Parties such activity will not be considered to be a distribution of such open source materials from Foundries.io to Customer, and Customer will be considered to have received such open source materials directly from the relevant upstream repositories.
4.4 FoundriesFactory Service. Customer shall not access the FoundriesFactory Service in order to (a) build a competitive product or service, (b) build a product using similar ideas, features, or functions of the FoundriesFactory Service, or (c) copy any ideas, features, or functions of the FoundriesFactory Service. Customer agrees not to harm or interfere with the networks, systems or servers of Foundries.io or its Affiliates, or any third-party networks or servers through which Foundries.io or its Affiliates provide the FoundriesFactory Service, or otherwise disrupt other users' use of the FoundriesFactory Service. Further, Customer agrees not to intentionally harm or interfere with the networks, systems or servers of any third party while utilizing the FoundriesFactory Service, including but not limited to activities, other than those authorized by or in accordance with applicable law, that seek to compromise or impair the confidentiality, integrity, or availability of computers, information or communications systems, networks, physical or virtual infrastructure controlled by computers or information systems, or information resident thereon.
4.5 Availability of FoundriesFactory Service. The FoundriesFactory Service may not be available or for use in all countries and Foundries.io makes no representation or warranty that the FoundriesFactory Service is appropriate or available for use in any particular location. Foundries.io makes no guarantees to Customer in relation to the availability (i.e. uptime) of the FoundriesFactory Service and is not obligated to provide any maintenance, technical or other support (other than Support Services purchased by Customer, if any) for the FoundriesFactory Service. Use of the FoundriesFactory Service is provided on an “AS IS” basis and no warranty of suitability for use for a particular purpose is given.
4.6 Modifications to FoundriesFactory Service. Foundries.io may at any time modify the FoundriesFactory Service, including changing or removing any feature or functionality. Foundries.io has no express or implied obligation to provide, or continue to provide, access to the FoundriesFactory Service and may suspend or discontinue all or any portion of the FoundriesFactory Service at any time. Foundries.io shall not be liable for any losses, damages or costs of any kind incurred by Customer or any other party arising out of or related to any such service suspension or discontinuation or any such modification of the FoundriesFactory Service and Customer's sole remedy shall be the refund of Fees paid by Customer for any complete unexpired calendar months of the then current Subscription Term.
4.7 Limitation or Revocation of Access. Foundries.io reserves the right to revoke Customer's access to the FoundriesFactory Service, or impose limits on use of the FoundriesFactory Service, at any time in Foundries.io's sole discretion or if required by law, or to terminate the Agreement in whole or in part for any violation of these Terms. In addition, Foundries.io may, in its sole discretion, impose or adjust the limit of Customer Material that Customer may upload to the FoundriesFactory Service.
5. FEES AND PAYMENT
5.1 Fees. Customer agrees to pay all fees specified in the Order Form using one of the payment methods Foundries.io supports. Except as otherwise specified in these Terms or in the Order Form, (a) fees are quoted and payable in United States dollars, (b) fees are based on Services purchased, regardless of actual usage, (c) payment obligations are non-cancelable and fees paid are non-refundable, unless otherwise stated in these Terms, and (d) the number, volume or other amount (if any) applicable to the FoundriesFactory Services subscription purchased cannot be decreased during the relevant Subscription Term shown on the Order Form. Fees are based on monthly or annual periods that begin with the first day of the calendar month in which the applicable Subscription Commencement Date falls; accordingly, fees for FoundriesFactory Services subscriptions added will be charged from the first day of the relevant calendar month in which they are added. All amounts payable under the Agreement will be made without setoff or counterclaim, and without any deduction or withholding.
5.2 Invoices and Payment. Except as otherwise set forth in the Order Form, (a) all fees for FoundriesFactory Services, and Support Services (if applicable), will be invoiced on a monthly or annual basis, in advance, at the beginning of each calendar month or year, and Support Services (if applicable) will be included with the first invoice or as otherwise agreed in the Order Form; and (b) Customer agrees to pay all invoiced amounts within thirty (30) calendar days of the invoice date. Customer is responsible for providing complete and accurate billing and contact information to Foundries.io and notifying Foundries.io of any changes to such information.
5.3 Overdue Charges. If Foundries.io does not receive fees by the due date, then at Foundries.io's discretion, (a) such charges may accrue late interest at the rate of one and one-half percent (1.5%) of the outstanding balance per month, or the maximum rate permitted by law, whichever is lower, from the date such payment was due until the date paid; and (b) Foundries.io may condition future purchases of Services and Order Forms on payment terms shorter than those specified in Section 5.2 (Invoices and Payment).
5.4 Suspension of Service. If any amounts owed by Customer for the Services are ninety (90) or more calendar days overdue, Foundries.io may, without limiting Foundries.io's other rights and remedies, suspend Customer's access to the Services until such amounts are paid in full.
5.5 Payment Disputes. Foundries.io agrees that it will not exercise its rights under Section 5.3 (Overdue Charges) or Section 5.4 (Suspension of Service) if the applicable charges are under reasonable and good-faith dispute and Customer is cooperating diligently to resolve the dispute.
5.6 Taxes. “Taxes” means all taxes, levies, imposts, duties, fines or similar governmental assessments imposed by any jurisdiction, country or any subdivision or authority thereof including, but not limited to federal, state or local sales, use, property, excise, service, transaction, privilege, occupation, gross receipts or similar taxes, in any way connected with the Agreement or any instrument, order form or agreement required hereunder, and all interest, penalties or similar liabilities with respect thereto, except such taxes imposed on or measured by a Party's net income. Notwithstanding the foregoing, Taxes shall not include payroll taxes attributable to the compensation paid to workers or employees and each Party shall be responsible for its own federal and state payroll tax collection, remittance, reporting and filing obligations. Fees and charges imposed under these Terms or under any order form or similar document ancillary to or referenced by the Agreement shall not include Taxes except as otherwise provided herein. Customer shall be responsible for all of such Taxes. If, however, Foundries.io has the legal obligation to pay Taxes and is required or permitted to collect such Taxes for which Customer is responsible under this Section, Customer shall promptly pay the Taxes invoiced by Foundries.io, whether such Taxes are concurrently invoiced with the original invoiced amount or subsequently invoiced based on a review of the facts affecting Customer's tax status or a determination that the laws of the applicable state(s) require assessment and collection of such Taxes, unless Customer has furnished Foundries.io with valid tax exemption documentation regarding such Taxes at the execution of the Agreement or at the execution of any subsequent instrument, order form or agreement ancillary to or referenced by the Agreement. At the request of Foundries.io, Customer will provide documentation reasonably satisfactory to Foundries.io evidencing payment of such Taxes by Customer to the applicable taxing authority. In the event that Foundries.io pays for any Taxes on behalf of Customer (other than withholding of income taxes), then Customer shall reimburse Foundries.io within thirty (30) calendar days after the invoice date. Customer shall comply with all applicable tax laws and regulations. Customer hereby agrees to indemnify Foundries.io for any Taxes and related costs paid or payable by Foundries.io attributable to Taxes that would have been Customer's responsibility under this Section 5.6 if invoiced to Customer. Customer shall promptly pay or reimburse Foundries.io for all costs and damages related to any liability incurred by Foundries.io as a result of Customer's non-compliance or delay with its responsibilities herein. Customer's obligation under this Section 5.6 shall survive the termination or expiration of the Agreement.
The Parties do not expect withholding tax to apply to any payments to be made pursuant to the Agreement. Notwithstanding the foregoing, in the event a taxing authority disagrees and levies withholding tax, then the amount due to Foundries.io in respect to such payment shall be reduced by the amount of such income tax withholding; then Customer will deliver to Foundries.io an income tax withholding certificate or similar documentation reasonably satisfactory to Foundries.io evidencing payment of any such withholding. Upon receipt by Foundries.io of the income tax withholding certificate, the portion of the invoice represented by the income tax withholding certificate will be deemed fully paid. If there is an applicable tax treaty or various rates and/or exemptions under local law, Foundries.io agrees to provide Customer the necessary documentation in order to have Customer withhold at the beneficial treaty rate or applicable rate and/or exemption under local law. Customer agrees that upon receipt of the necessary documentation, Customer will only withhold at the beneficial treaty rate or applicable rate and/or exemption under local law. For the avoidance of doubt, if valid documentation is not received, the statutory income tax withholding rate will be applied. If Customer fails to withhold income taxes from any payment due Foundries.io where income tax withholding is required by applicable law, Foundries.io shall have no obligation to reimburse Customer for such unwithheld income taxes, unless Customer requests reimbursement from Foundries.io in writing within sixty (60) calendar days after the applicable invoice date. Customer shall be responsible for any penalty, additional tax, interest or other charge due if Customer fails to meet its income tax withholding obligations.
6. CUSTOMER WARRANTY; INDEMNITY
6.1 Customer Material. Customer represents, warrants and covenants that: (a) Customer has (and will continue to have during the Term of the Agreement) all necessary licenses, rights, consents, and permissions which are required to upload the Customer Material on the FoundriesFactory Service and to provide the rights and licenses granted in Section 3.1; (b) no Customer Material contains any third party copyright material, or material that is subject to other third party proprietary rights, unless Customer has a formal license or permission from the rightful owner to grant Foundries.io and its Affiliates the license referred to in Section 3.1 (Foundries.io's Right To Use Customer Material) above; (c) Customer will not provide any Customer Material to Foundries.io or its Affiliates that contains material which is (i) unlawful for Customer to possess in the country in which it is resident, or which it would be unlawful for Foundries.io or its Affiliates to use or possess in connection with the use of the Customer Material on the FoundriesFactory Service, or (ii) harmful, threatening, obscene, violent, abusive, tortious, defamatory, libelous, vulgar, lewd, invasive of another's privacy, hateful, or otherwise objectionable; (d) Customer's provision of any Customer Material or (if any) (as defined in Section 7.2 (Feedback)) to Foundries.io or its Affiliate will not introduce viruses, Trojans, worms, logic bombs or other material which is malicious or technologically harmful; (e) there is no current litigation or prospective litigation at the Order Effective Date, involving the Customer Material; (f) the loading of the Customer Material by Foundries.io and its Affiliates on the FoundriesFactory Service will not place source code disclosure, copyleft or similar obligations on Foundries.io or any of its Affiliates; (g) the Customer Material and Feedback (if any) will not: (i) be infringing, obscene, threatening, libelous, violative of third party privacy rights, or otherwise unlawful or tortious, or (ii) interfere with or disrupt the integrity or performance of the FoundriesFactory Service; and (h) by loading the Customer Material onto the FoundriesFactory Service, or giving Feedback (if any), Customer is not in breach of applicable domestic or international export laws or regulations. Customer shall defend, indemnify, and hold harmless Foundries.io and each of its successors and assigns and each of its directors, officers, Affiliates, agents, employees and customers from all claims, losses, costs, damages, expenses (including attorneys' fees), and other liabilities arising out of or related to Foundries.io's or its Affiliates' use, operation and/or possession of the Customer Material, to the fullest extent permitted by law; and (i) if Customer incorporates, submits, provides or uploads to the FoundriesFactory Service any third party software or code ("Third Party Material"), (1) Customer has sufficient right to use such Third Party Material, and (2) to the extent that such Third Party Material includes notice of a license, Customer is using the Third Party Material under that license.
6.2 Misuse of FoundriesFactory Service. Customer shall comply with the terms of the Agreement, including all legal notices attached hereto, relating to its use of the FoundriesFactory Service. Customer shall assume all risk and liabilities associated with any use of the FoundriesFactory Service that is not in accordance with the Agreement. Customer shall indemnify, defend and hold Foundries.io and its Affiliates, harmless from and against any and all losses, claims, damages, actions, suits, proceedings, demands, assessments, adjustments, liabilities, costs and expenses arising from or relating to any claims arising from or relating to Customer's breach of this Section 6.2 (Misuse of FoundriesFactory Service). Customer will promptly notify Foundries.io if Customer becomes aware of any unauthorized access to the FoundriesFactory Service or violation or threatened violation of Foundries.io's or its Affiliates' intellectual property rights therein. Customer agrees to cooperate with Foundries.io and render such assistance as Foundries.io may reasonably request to identify, halt and/or prevent any violation of the provisions of the Agreement.
7. INTELLECTUAL PROPERTY
7.1 Ownership. Foundries.io shall retain all right, title and interest to any and all intellectual property and other rights in and to the FoundriesFactory Service, including any modifications, enhancements and derivatives thereof. Accordingly, neither access to the FoundriesFactory Service nor any provision of the Agreement shall be construed as to grant to Customer either expressly, by implication or by way of estoppel or waiver, any license or other right under any intellectual property rights of Foundries.io or any Foundries.io Affiliate. Customer, on behalf of itself and its Affiliates, agrees not to contend in any context that, as a result of the provision or use of the FoundriesFactory Service, Foundries.io or any of its Affiliates has any obligation to extend, or Customer or any other party has obtained any right to, any license, whether express or implied, with respect to any intellectual property rights of Foundries.io or any Foundries.io Affiliate.
7.2 Feedback. Foundries.io or its Affiliates may from time to time receive suggestions, feedback or other information from Customer regarding the FoundriesFactory Service (“Feedback”). Any such Feedback received from Customer is and shall be entirely voluntary on the part of Customer, and Customer (on behalf of itself and its Affiliates) grants to Foundries.io and its Affiliates, without charge and without any other obligation of any kind to Customer, a worldwide, royalty-free, fee-free, non-exclusive, non-transferrable, sublicensable (through multiple tiers, including, through its subcontractors) license under the intellectual property rights of Customer and its Affiliates to make, use, modify, distribute and otherwise commercialize such Feedback as part of or designed for use with the FoundriesFactory Service, or with any product offering of Foundries.io or any of its Affiliates.
7.3 Residuals. Customer acknowledges that Foundries.io's access to the Customer Material and any other Customer information provided in connection with the course of Support Services (if any), hereinafter collectively referred to as the “Residual Information”), may increase or enhance the knowledge and experience retained in the unaided memories of those persons providing the FoundriesFactory Service and Support Services (if any), who are exposed to such Residual Information. Customer further acknowledges and agrees that, notwithstanding anything to the contrary in this Agreement or the NDA (as defined in Section 9.7 (Conflict with NDA) below, Foundries.io shall be free to use and incorporate such knowledge and experience, which is derived from the Residual Information, in the specifications, documentation, technology, products and service offerings of Foundries.io, without payment of royalties and without any other obligations or restrictions; provided that, the persons serving Foundries.io, have not (a) intentionally memorized or referred to such Residual Information for purposes of creating a residual or using the same; or (b) deliberately and knowingly utilized such Residual Information in the specifications, documentation, technology, products and service offerings of Foundries.io. For the purposes of this Section 7.3 (Residuals), (i) a person's memory is unaided if the person has not intentionally memorized the Residual Information for the purpose of retaining and subsequently using or disclosing it other than as permitted under this Agreement; and (ii) the term “Foundries.io” shall include the Affiliates of Foundries.io.
8. TERM AND TERMINATION
8.1 Term. The term of the Agreement shall commence on the Order Effective Date and, subject to Foundries.io's rights under Section 4.7 and Section 8.6 (Survival), shall continue until the last Subscription Term to expire, unless terminated in accordance with this Section 8 (TERM AND TERMINATION).
8.2 At Will Termination. Either Party shall have the right to terminate the Agreement for any reason by giving written notice of termination to the other Party. Such termination shall become effective ninety (90) calendar days after the date of such notice. In the event Foundries.io exercises such termination right, Foundries.io shall (i) refund Customer the amount of pre-paid fees calculated on a pro rata basis for the unexpired complete months of the terminated Subscription Term; and (ii) at Customer's request, provide Customer with confidential documentation (included training material) designed solely to assist Customer to transition to an alternative OTA service (which will not encompass all other features and functionality of the FoundriesFactory Service), by using the OTA Connect Community Edition Open Source project, or another similar project of Foundries.io's choosing.
8.3 Termination for Cause. The Agreement will automatically terminate upon any breach by Customer of a provision of Sections 2 (RIGHT TO ACCESS FOUNDRIESFACTORY SERVICE), 4 (RESTRICTIONS), 6.1 (Customer Material), or 9 (CONFIDENTIALITY) of these Terms. In addition, Foundries.io will have the right to terminate this Agreement immediately upon written notice to the Customer for any breach of Section 6.2 (Invoices and Payment).
8.4 Bankruptcy, Dissolution or Liquidation. Customer shall provide written notice to Foundries.io immediately upon the occurrence of any of the following events (“Events”): (a) insolvency, bankruptcy or liquidation or filing of any application therefor, or other commitment of any affirmative act of insolvency under any jurisdiction; (b) attachment, execution or seizure of substantially all of the assets or filing of any application therefor; (c) assignment or transfer of that portion of the business to which the Agreement pertains to a trustee for the benefit of creditors; (d) disposition, by sale or assignment of all of its rights, of that portion of the business or the material assets to which the Agreement pertains; or (e) termination of its business or dissolution. Either Party shall have the right to terminate the Agreement with immediate effect by giving written notice of termination to the other Party at any time upon occurrence of an Event.
8.5 Effects of Termination. Upon termination or expiration of the Agreement, Customer shall immediately cease using or accessing, or permitting to be used or accessed, the FoundriesFactory Service. Any termination of the Agreement under Section 8 (TERM AND TERMINATION) shall not prejudice the right to recover any sums due or accrued at the time of such termination or expiration and shall not prejudice any cause of action or claim accrued or to accrue on account of any breach or default.
8.6 Survival. The Parties' rights and obligations which by their sense and context are intended to survive any termination of the Agreement shall so survive, including but not limited to Sections 3.1 (Foundries.io's Right To Use Customer Material) subsection (b), 3.2 (Customer Obligation), 5 (CUSTOMER WARRANTY; INDEMNITY), 6 (INTELLECTUAL PROPERTY), 7.2 (Feedback), 7.3 (Residuals), 8.5 (Effects of Termination), 8.6 (Survival), 9 (CONFIDENTIALITY), 10 (WARRANTY DISCLAIMER), 11 (LIMITATION OF LIABILITY), 13 (RECORDS AND AUDIT), 14 (COMPLIANCE WITH LAWS; APPLICABLE LAW), and 15 (MISCELLANEOUS PROVISIONS) hereof.
9. CONFIDENTIALITY
9.1 Definition. “Confidential Information” means: any information disclosed by Foundries.io or any of its Affiliates to Customer, either directly or indirectly, during the Term, by any means (whether in writing, orally or visually); provided such information is designated as “Confidential”, “Proprietary” or some similar designation at the time of disclosure. Confidential Information does not, however, include any information that Customer demonstrates: (a) is legally and publicly available, other than through a breach of Customer's obligations under this Section 9 (CONFIDENTIALITY); (b) Customer received, without an obligation of confidentiality, from a third party that was entitled so to disclose it; or (c) is independently developed by Customer without use of or reference to Confidential Information. Nothing in these Terms will prevent Customer from disclosing Confidential Information to the extent Customer is required by law to disclose such Confidential Information, provided Customer gives Foundries.io prompt written notice of that requirement prior to such disclosure and cooperates with Foundries.io's efforts to obtain an order protecting the information from public disclosure.
9.2 Non-use and Non-disclosure. Customer acknowledges and agrees that the materials provided hereunder (including but not limited to access to the FoundriesFactory Service) contain trade secrets of Foundries.io and confidential and proprietary information of Foundries.io, its Affiliates and the suppliers and licensors of Foundries.io and its Affiliates, and Customer shall maintain such materials under strict confidence and shall not disclose or transfer the materials to any third party without the prior written consent of Foundries.io. Customer agrees not to disclose Confidential Information other than to Customer's employees who have a need to know to exercise the rights and licenses granted to Customer herein, and not to use Confidential Information other than in the exercise of such rights and licenses. Customer agrees that prior to any disclosure by Customer of Confidential Information to an employee, Customer will have entered into a written non-disclosure agreement with such person, containing terms at least as strict as those contained in this Section 9 (CONFIDENTIALITY). Customer may not reverse engineer any software, including but not limited to the FoundriesFactory Service, that embodies Confidential Information and is provided hereunder.
9.3 Maintenance of Confidentiality. Customer agrees to take reasonable measures to protect the secrecy of and avoid the unauthorized disclosure or use of Confidential Information, including at least those measures that Customer takes to protect its own most highly confidential information. Customer may not make any copies of Confidential Information except as approved by Foundries.io in advance, in writing. Customer must reproduce all proprietary right notices on any such approved copies, in the same manner in which such notices were set forth in or on the original.
9.4 Return of Confidential Information. Except as otherwise provided in Section 8.5 (Effects of Termination), Customer agrees to promptly return to Foundries.io or destroy, at Foundries.io's request, all copies of Confidential Information, in whatever form or media, and to certify to Foundries.io in writing that it has done so.
9.5 Remedies. Customer agrees that any violation or threatened violation of any provision of this Section 9 (CONFIDENTIALITY) will cause Foundries.io irreparable injury, entitling Foundries.io to seek (and Customer shall not object thereto) injunctive relief in addition to all legal remedies.
9.6 Announcement. Customer shall not disclose, advertise or publish the Agreement or use the name of Foundries.io or its Affiliates in any news release, public announcement, advertisement or other form of publicity without the written consent of Foundries.io, except: (a) as may be required by law or to satisfy financial reporting requirements; and (b) to its professional advisors and to investors or potential investors who are under an obligation of confidentiality at least as restrictive as those contained in this Section 9 (CONFIDENTIALITY); or (c) with Foundries.io's or its Affiliate's prior written consent.
9.7 Conflict with NDA. In the event of any conflict between this Section 9 (CONFIDENTIALITY) and the terms of a signed Non-Disclosure Agreement entered into between Foundries.io or a Foundries.io Affiliate and Customer or a Customer Affiliate (“NDA”) before or after the Order Effective Date, the terms which are most protective of the Confidential Information shall prevail.
10. WARRANTY DISCLAIMER
ACCESS TO THE FOUNDRIESFACTORY SERVICE, AND SUPPORT SERVICES (IF ANY), ARE PROVIDED ON AN “AS IS” BASIS AND FOUNDRIES.IO AND ITS AFFILIATES MAKE NO WARRANTIES, EXPRESS OR IMPLIED, WITH RESPECT TO THE FOUNDRIESFACTORY SERVICE OR SUPPORT SERVICES (IF ANY), OR OTHER INFORMATION OR DOCUMENTATION MADE ACCESSIBLE FOR USE OR PROVIDED UNDER THIS AGREEMENT, INCLUDING BUT NOT LIMITED TO ANY WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE OR AGAINST INFRINGEMENT, OR ANY EXPRESS OR IMPLIED WARRANTY ARISING OUT OF TRADE USAGE OR OUT OF A COURSE OF DEALING OR COURSE OF PERFORMANCE. NOTHING CONTAINED IN THIS AGREEMENT SHALL BE CONSTRUED AS (A) A WARRANTY OR REPRESENTATION BY FOUNDRIES.IO OR ITS AFFILIATES OR THEIR RESPECTIVE LICENSORS AS TO THE VALIDITY OR SCOPE OF ANY PATENT, COPYRIGHT OR OTHER INTELLECTUAL PROPERTY RIGHT OR (B) A WARRANTY OR REPRESENTATION BY FOUNDRIES.IO OR ITS AFFILIATES OR THEIR RESPECTIVE LICENSORS THAT ANY USE OF THE FOUNDRIESFACTORY SERVICE, SUPPORT SERVICES (IF ANY), OR OTHER INFORMATION OR DOCUMENTATION PROVIDED HEREUNDER WILL BE FIT FOR A PARTICULAR PURPOSE, FREE FROM ERRORS, INFRINGEMENT OF PATENTS, COPYRIGHTS OR OTHER INTELLECTUAL PROPERTY RIGHTS OF OTHERS.
11. LIMITATION OF LIABILITY
11.1 No Consequential Damages. IN NO EVENT SHALL FOUNDRIES.IO OR ITS AFFILIATES OR THEIR RESPECTIVE LICENSORS OR SUPPLIERS BE LIABLE TO CUSTOMER OR ANY OF ITS AFFILIATES FOR ANY INCIDENTAL, CONSEQUENTIAL OR SPECIAL DAMAGES, OR OTHER INCIDENTAL DAMAGES, OR ANY WASTED EXPENDITURE, LOSS OF BUSINESS, LOST PROFITS, LOST SAVINGS, LOSS OF OR DAMAGE TO REPUTATION OR GOODWILL, OR ANY LOSS OR CORRUPTION OF SOFTWARE, DATA OR INFORMATION, ARISING OUT OF THE USE OR INABILITY TO USE, OR THE DELIVERY OR FAILURE TO PROVIDE ACCESS TO THE FOUNDRIESFACTORY SERVICE, OR SUPPORT SERVICES (IF ANY), OR ANY BREACH OF ANY OBLIGATION UNDER THE AGREEMENT, EVEN IF FOUNDRIES.IO OR ITS AFFILIATES HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
11.2 Limits on Liability. IN ADDITION TO THOSE LIMITATIONS OF LIABILITY AS SET FORTH ABOVE IN SECTION 11.1 (NO CONSEQUENTIAL DAMAGES), THE ENTIRE LIABILITY OF FOUNDRIES.IO, ITS AFFILIATES AND THEIR RESPECTIVE LICENSORS OR SUPPLIERS, AND THE SOLE AND EXCLUSIVE REMEDY OF CUSTOMER OR ITS AFFILIATES, FOR ANY CLAIM OR CAUSE OF ACTION ARISING HEREUNDER (WHETHER IN CONTRACT, TORT, OR OTHERWISE) SHALL NOT EXCEED, IN THE AGGREGATE, THE LESSER OF (i) FIFTY PER CENT (50%) OF THE FEES PAID BY CUSTOMER TO FOUNDRIES.IO FOR THE SERVICES IN THE TWELVE MONTHS IMMEDIATELY PRECEDING SUCH CLAIM OR CAUSE OF ACTION; AND (ii) ONE HUNDRED THOUSAND UNITED STATES DOLLARS (US$100,000.00). NOTWITHSTANDNG THE FOREGOING, IF CUSTOMER HAS SUBSCRIBED FOR A FREE TRIAL OR EVALUATION OF THE SERVICES, THE ENTIRE LIABILITY OF FOUNDRIES.IO, ITS AFFILIATES, THEIR RESPECTIVE LICENSORS AND SUPPLIERS, AND THE SOLE AND EXCLUSIVE REMEDY OF CUSTOMER OR ITS AFFILIATES, FOR ANY CLAIM OR CAUSE OF ACTION ARISING HEREUNDER (WHETHER IN CONTRACT, TORT, OR OTHERWISE) DURING SUCH TRIAL OR EVALUATOPN PERIOD SHALL NOT EXCEED, IN THE AGGREGATE, ONE THOUSAND US DOLLARS (US$1,000.00).
11.3 Essential Purpose. THE LIMITATIONS AND DISCLAIMERS SET FORTH IN THIS SECTION 11 (LIMITATION OF LIABILITY) REFLECT THE PARTIES' REASONABLE ALLOCATION OF THE RISKS ASSOCIATED WITH ANY PERFORMANCE OR NON-PERFORMANCE UNDER THE AGREEMENT AND ARE INCLUDED IN THE AGREEMENT AS A MATERIAL INDUCEMENT FOR FOUNDRIES.IO TO ENTER INTO THE AGREEMENT. FURTHERMORE, CUSTOMER ACKNOWLEDGES THAT THE TERMS IN THIS SECTION 11 (LIMITATION OF LIABILITY) SHALL APPLY TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, EVEN IF AN EXCLUSIVE OR LIMITED REMEDY STATED HEREIN FAILS OF ITS ESSENTIAL PURPOSE, AND WITHOUT REGARD TO WHETHER SUCH CLAIM IS BASED IN CONTRACT, TORT (INCLUDING NEGLIGENCE), PRODUCT LIABILITY OR OTHERWISE.
12. ASSIGNMENT. Customer shall not assign the Agreement or any right or interest under the Agreement, nor delegate any obligation to be performed under the Agreement, without Foundries.io's prior written consent. For purposes of this Section 12 (ASSIGNMENT), an “assignment” by Customer under this Section shall be deemed to include, any merger, consolidation, sale of all or substantially all of its assets, or any substantial change in the management or control of Customer. Any attempted assignment in contravention of this Section 12 (ASSIGNMENT) shall be void.
13. RECORDS AND AUDIT. During the Term and for a period of five (5) years thereafter (“Audit Period”), Customer shall keep detailed, accurate and up-to-date records (“Records”) showing during the Audit Period the steps taken by Customer to comply with all provisions of the Agreement, including, without limitation, whether Customer is in compliance with its obligations under Section 14.2 (Compliance with Anti-Corruption Laws) of these Terms, as well as its export, trade control, sanctions and regulatory compliance obligations under Section 14.3 (Export and Trade Controls Compliance) of these Terms. Customer shall ensure that the Records are sufficient to enable Foundries.io and/or its designated Affiliate to verify Customer's compliance with its obligations under this Section 13 (RECORDS AND AUDIT). During the Audit Period, Customer shall keep full, true, and accurate records and accounts, in accordance with generally accepted accounting principles, in connection with all activities of Customer under these Terms. During the Audit Period, Foundries.io and/or its designated Affiliate shall have the right to audit the Records, and Customer shall make such Records available for audit by Foundries.io, its designated Affiliate and/or its independent auditors upon fifteen (15) calendar days' prior written notice, during regular business hours, at those locations where Customer may maintain relevant Records. Customer agrees to make available all such Records to Foundries.io and/or its designated Affiliate, and to provide Foundries.io and/or its designated Affiliate with reasonable assistance, as well as provide accurate and truthful information to Foundries.io and/or its designated Affiliate, during Foundries.io's, its designated Affiliate's and/or its independent auditor's inspection of Customer's Records as Foundries.io and/or its designated Affiliate may, from time to time, reasonably request. In all cases, Customer agrees to bear and/or repay to Foundries.io all costs, fees and expenses incurred by Foundries.io, its designated Affiliate and/or its independent auditors in the performance of any such audit and/or investigation that discloses any breach of these Terms by Customer. In addition, Foundries.io reserves the right to bill back Customer if an audit or inspection reveals an error or a violation of the terms of these Terms. In addition to the foregoing and in connection with any such audit, inspection of Records or investigation of a suspected breach of this Agreement, Foundries.io shall have the right to audit Customer and to inspect its facilities, monitor network connectivity and practices to verify Customer's compliance with the terms of the Agreement.
14. COMPLIANCE WITH LAWS; APPLICABLE LAW
14.1 General Covenant regarding Compliance with Laws. Customer agrees to comply, at its own expense, with all applicable international and national laws as they apply to the subject matter of the Agreement, including, all applicable governmental laws, statutes, ordinances, administrative orders, rules or regulations relating to Customer's duties, obligations and performance under the Agreement.
14.2 Compliance with Anti-Corruption Laws. Customer represents and warrants to Foundries.io and its Affiliates that, in connection with the transactions contemplated by the Agreement or in connection with any other business transactions involving Foundries.io or its Affiliates, Customer, and everyone acting on its behalf, will comply with and will not violate any anti-corruption law or international anti-corruption standards. Customer further represents and warrants to Foundries.io and its Affiliates that Customer has not, and covenants and agrees that it will not, in connection with the transactions contemplated by the Agreement or in connection with any other business transactions involving Foundries.io or its Affiliates, make, promise, or offer to make any payment or transfer anything of value, directly or indirectly, to any individual to secure an improper advantage. It is the intent of the Parties that no payments or transfer of value will be made which have the purpose or effect of public or commercial bribery, acceptance of or acquiescence in extortion, kickbacks, or other unlawful or improper means of obtaining or retaining business.
14.3 Export and Trade Controls Compliance. Customer agrees that the Foundries.io Technology (including software, source code and other technology provided by Foundries.io) may be subject to US export control and economic sanctions laws, orders, and regulations, including without limitation the Export Administration Regulations (“EAR”), 15 CFR Parts 730-774, the Foreign Assets Control Regulations, 31 CFR Parts 500-599, the United Kingdom (“UK”) Dual Use Regulation (retained EU Regulation 428/2009) and any other applicable laws and regulations of the UK, the European Union (“EU”) Dual Use Regulation (Regulation (EU) 2021/821), and any other applicable laws and regulations of other applicable jurisdictions (collectively, “Export and Sanctions Laws”). Among other aspects of the software provided by Foundries.io, Customer acknowledges, in particular, that the Linux microPlatform and other open source software provided in the FoundriesFactory Service contain encryption software and may be subject to the encryption-focused provisions of the Export and Sanctions Laws.
In connection with the performance of its obligations under this Agreement, Customer and its subsidiaries, affiliates, and agents (i) will comply with all Export and Sanctions Laws, including by obtaining any required US, UK, EU Member State or other country licenses, authorizations, or approvals, and (ii) will not engage in any activity that would reasonably be expected to cause Foundries.io to violate any Export and Sanctions Laws. Customer warrants that neither it, nor its subsidiaries, affiliates, or agents, will directly or indirectly export, re-export, transfer or release (collectively, “Export”) any Foundries.io Technology (whether or not incorporated into another item), or any direct product thereof, to any country or territory, its government, any entity located in or organized under the laws of such country or territory, or any individual located or resident in such country or territory, if, at the time of Export, the US government maintains comprehensive economic sanctions or an embargo with respect to such country or territory, or the EU and/or UK imposes broad economic sanctions and export restrictions on the basis of being a non-government controlled region of Ukraine under Russian control (collectively, “Embargoed Territories”), without prior government authorization. The US government currently maintains comprehensive economic sanctions or an embargo against Cuba, Iran, North Korea, Syria, and the Crimea and so-called Donetsk People's Republic and Luhansk People's Republic regions of Ukraine, and the additional non-government controlled territories of the Kherson and Zaporizhzhia regions of Ukraine are subject to applicable EU and/or UK restrictions. The Embargoed Territories may be amended over time. Customer further agrees not to directly or indirectly employ any Foundries.io Technology in, or Export any Foundries.io Technology for, end uses or end users that would violate the controls in Part 744 of the EAR, the EU Dual Use Regulation and/or the UK Dual Use Regulations, without any required government authorization, including those related to prohibited missile or unmanned aerial vehicle (“UAV”) technology; prohibited nuclear, chemical, or biological weapons activities; prohibited supercomputer and semiconductor manufacturing end uses; or for any prohibited military end use or end user. Customer warrants that neither it, nor its Affiliates or agents, are: (i) listed on a prohibited or restricted party list published by the US government, including but not limited to the US Department of Treasury's “List of Specially Designated Nationals and Blocked Persons” and “Consolidated Sanctions List”, and the US Department of Commerce's Entity List, Unverified List, and Denied Persons List, or any similar list maintained by the UK, the EU or its Member States, or other applicable local authority; (ii) located, organized or resident in an Embargoed Territory; (iii) owned (50% or more) or controlled, directly or indirectly, by a person or entity described in clauses (i) or (ii); or (iv) otherwise the target of US, EU or UK sanctions (collectively, “Restricted Persons”). Customer shall not Export any Foundries.io Technology to any Restricted Persons without prior government authorization, to the extent required by regulation. If Customer is a person or entity located in Belarus, Cambodia, the People's Republic of China, the Russian Federation, Venezuela or Myanmar, Customer certifies that it is not a “military end-user” as that term is defined in section 744.21 of the EAR, the EU Dual Use Regulation or the UK Dual Use Regulation. Customer acknowledges that the foregoing certifications are conditions to Customer's access to any Foundries.io Technology.
Customer shall not deliver Customer Material or any other goods, software, or technology to Foundries.io that are subject to the International Traffic in Arms Regulations, the Wassenaar International Munitions List, or the 600 Series or 9x515 Export Control Classification Numbers on the EAR's Commerce Control List, without notifying Foundries.io in advance and marking the items appropriately.
Customer warrants that absent prior notification to and approval from Foundries.io, no Customer Material or any other goods, software, technology, or services supplied under this Agreement are sourced or originate from or incorporate content from:
- 1. an Embargoed Territory or its government (including government agencies, instrumentalities, and entities controlled by the government); or
- 2. a Restricted Person
Customer agrees to defend, indemnify and hold Foundries.io and its Affiliates harmless against any and all third-party claims, actions, causes of action, loss and expenses arising out of Customer's failure to comply with its obligations as provided for in this Section 14.3.
14.4 Applicable Law and Venue. The Agreement shall be governed by and construed and enforced in accordance with the laws of the State of California, excluding the U.N. Convention on International Sale of Goods, without regard to conflict of laws principles. Any dispute, claim or controversy arising out of or relating to the Agreement, or the breach or validity hereof, including, any improper use, copying or misappropriation by Customer of any knowhow and related documentation or materials provided by Foundries.io or a Foundries.io Affiliate to Customer hereunder, shall be subject to the dispute resolution terms set forth in this Section 14.4 (Applicable Law and Venue) regardless of any conflicting terms in any other agreements between the Parties. Therefore, any dispute, claim or controversy arising out of or relating to the Agreement, or the breach or validity hereof, shall be adjudicated only by a court of competent jurisdiction in the county of San Diego, State of California, and each Party hereby consents to the personal jurisdiction of such courts for that purpose. In the event of any proceeding to enforce the provisions of the Agreement, the prevailing Party (as determined by the court) shall be entitled to reasonable attorneys' fees as fixed by the court. The Parties acknowledge that monetary damages may not be a sufficient remedy for unauthorized use of the FoundriesFactory Service and that Foundries.io shall be entitled, without waiving any other rights or remedies, to injunctive or equitable relief as may be deemed proper by a court of competent jurisdiction.
Notwithstanding the foregoing, if Customer is resident in, or has its principal place of business in the People's Republic of China, the following shall apply: The Agreement shall be governed by and construed and enforced in accordance with the laws of the State of Delaware without regard to conflict of laws principles. Any dispute, claim, or controversy arising from or relating to the Agreement or the breach or validity hereof will be finally settled by a confidential arbitration proceeding conducted in accordance with the Rules of Arbitration of the International Chamber of Commerce. The place of arbitration will be Singapore. The language of the arbitration will be English. Except as may be required by law, neither Party may disclose the existence, content, or results of any arbitration hereunder without the prior written consent of both Parties. The arbitrator's award will be final and binding on the Parties. The Parties agree that judgment may be entered upon such an award in any court of competent jurisdiction. In the event of any proceeding to enforce the provisions of the Agreement or to resolve any claim or dispute arising from or related to the Agreement, the prevailing Party (as determined by the arbitrator) shall be entitled to reasonable attorneys' fees as fixed by the arbitrator.
15. MISCELLANEOUS PROVISIONS. All notices and consents required or permitted under the Agreement must be in writing and sent by reputable commercial courier, if to Foundries.io, to the address listed above to the attention of the legal department, and if to Customer to such address (email or otherwise) as set out in the Order Form or as specified by Customer to Foundries.io from time to time. Notices will be deemed given and received on receipt. If a notice cannot be received because the recipient has moved and failed to notify the sender of its change of address, or because the recipient is out of business, then a notice will be deemed received when sent. The Agreement, together with all notices attached hereto constitutes the entire agreement between the Parties and supersedes all prior negotiations, representations and agreements between the Parties with respect to the subject matter hereof. In the event of a conflict between the terms of the Agreement and a separate written agreement signed by the Parties relating to the subject-matter hereof, the terms of the Agreement will apply over any conflicting provision(s) in such separate written agreement, unless the Parties have specifically disapplied this provision in the Agreement by a document signed by both Parties that references the Agreement. Save as stated below, no addition or modification of the Agreement shall be effective unless made in writing and signed by the respective representatives of Foundries.io and Customer. The restrictions, limitations, exclusions and conditions set forth in the Agreement shall apply even if Foundries.io or its Affiliates become aware of or fails to act in a manner to address any violation or failure to comply therewith. Customer hereby acknowledges and agrees that the restrictions, limitations, conditions and exclusions imposed in the Agreement on the rights granted in the Agreement are not a derogation of the benefits of such rights. If any of the provisions of the Agreement are determined to be invalid, illegal, or otherwise unenforceable, the remaining provisions shall remain in full force and effect.
If a Party is unable to perform its obligations (excluding Customer's obligation to pay the fees), either in whole or in part, under the Agreement as a result of civil or military authority, war, flood, fire, epidemic, or other condition or cause beyond its reasonable control and not related to its fault or negligence (a “Force Majeure”), the affected party will be excused from performance of its obligations during the Force Majeure to the extent that party is prevented or delayed thereby. Except to the extent that Foundries.io is expressly precluded by applicable law, Foundries.io further reserves the right to provide a modified version of these Terms by giving Customer reasonable notice of the modified version electronically. If Customer continues to access the FoundriesFactory Service more than sixty (60) calendar days after notice of the modified version has been given, then Customer shall be deemed to have accepted and be bound by the modified version. In terms of the enforceability of these Terms, these Terms shall be deemed to be “in writing” and “accepted” by both Parties. Customer will not contest the validity or enforceability of these Terms, the Agreement or any document forming part of the Agreement, solely because they were accepted or it was concluded electronically. For the avoidance of doubt, the Parties acknowledge and agree that it is not a requirement to the effectiveness and enforceability of the Agreement that either Party hand-sign these Terms, the Order Form or any part of the Agreement.
The Digital Service Act ("DSA") is a European Union (“EU”) law that applies to certain providers of digital services in the EU. If you would like to report any suspected violations of this Agreement or any other suspected illegal user content to Foundries, you may do so by emailing us at https://foundriesio.atlassian.net/servicedesk/customer/portals. In accordance with Article 11 of the DSA, the European Commission, EU Member States' authorities, and the European Board for Digital Service may contact Foundries.io at [email protected] regarding the application of the DSA. Any other person seeking to communicate with Foundries regarding the DSA, should also contact [email protected]. Communications to these email addresses should be in English.
SCHEDULE 1 TO TERMS
DATA PROCESSING AGREEMENT
1 Introduction.
This Data Processing Agreement (this “DPA”) forms an integral part of the FoundriesFactory Terms of Service (“Terms”). Customer and Foundries.io, as defined in the Terms, are each a “Party” and collectively the “Parties” to this DPA.
2 Roles of the Parties.
Subject to Data Protection Laws, the Parties hereby acknowledge and agree that:
2.1 With respect to Foundries.io's Processing of Customer Personal Data, Customer shall be the Controller, and Foundries.io shall be the Processor.
2.2 If Customer is a Processor on behalf of a third party, Foundries.io is a Sub-processor, and Customer represents and warrants that Customer's instructions to Foundries.io on Processing Customer Personal Data, including Customer's appointment of Foundries.io as a Sub-Processor, have been fully authorized by the respective Controller.
2.3 Each Party is an independent Controller with regard to business operations incidental to providing the Service, which may include accounting, tax, billing, audit, compliance, and investigation or prevention of fraud, spam, or wrongful or unlawful use or as further provided under applicable law.
3 General Compliance Obligations.
3.1 When Foundries.io Processes Customer Personal Data on behalf of Customer, this DPA constitutes documented instructions from Customer on which Foundries.io may Process Customer Personal Data, and Foundries.io shall:
3.1.1 if and to the extent required by Data Protection Laws, inform Customer if, in Foundries.io's reasonable opinion, any Processing instructions from Customer infringe such Data Protection Laws;
3.1.2 comply, and with reasonable efforts assist Customer in complying, with Data Protection Laws;
3.1.3 not perform its obligations under the Terms in such a way as to knowingly cause Customer to breach any of its obligations under Data Protection Laws;
3.1.4 obligate its employees, Sub-processors, and any other third party authorized by Foundries.io to Process Customer Personal Data in connection with the Service to written confidentiality obligations or ensure the same are under appropriate statutory obligations of confidentiality;
3.1.5 contractually obligate its Sub-processors and any other third parties authorized to Process Customer Personal Data on Foundries.io's behalf to provide substantially the same level of protection for Customer Personal Data as provided in this DPA and as required by Data Protection Laws;
3.1.6 where required under Data Protection Laws, take reasonable steps, in light of the deadlines provided for in the Data Protection Laws, to promptly notify and provide reasonable cooperation to Customer if Foundries.io receives any requests in connection with its Processing of Customer Personal Data from: (i) Data Subjects to exercise their rights granted by Data Protection Laws; or (ii) any governmental, regulatory or supervisory authority or legal judicial process, provided such notice is not prohibited by law or court order;
3.1.7 upon Customer's reasonable request, where such means and assistance are not already in Customer's control or possession, and to the extent required by Data Protection Laws, provide assistance and information necessary for Customer to comply and demonstrate Customer's compliance with its legal obligations with respect to:
(A) requests for audits or assessments, at Customer's cost and expense, to occur no more than annually provided that: (i) any audits or assessments shall be conducted during Foundries.io's normal business hours upon advance written notice at times to be agreed by Foundries.io, (ii) Foundries.io's written approval for the use of any third-party auditors shall be obtained in advance, in writing, and not to be unreasonably withheld, and (iii) Customer shall ensure that information provided by Foundries.io, or otherwise revealed in the course of any such audit or assessment, will be treated as Foundries.io's Confidential Information. Neither Foundries.io nor any third-party auditor shall have the right to access Foundries.io's or its other customers' or third parties' Personal Data or Confidential Information;
(B) information needed for Customer's records of Processing activities and data protection impact assessments (such scope as determined by Data Protection Laws); and
(C) security information of Processing Customer Personal Data.
3.2 In connection with the Service, Customer shall comply with Data Protection Laws, any additional terms described in the applicable Service Details such as third-party licensor or flow down terms, this DPA and ensure all instructions and Personal Data given by Customer to Foundries.io will be in compliance with Data Protection Laws.
4. Data Security.
4.1 Foundries.io shall implement and maintain commercially reasonable and appropriate physical, technical and organizational security measures designed to handle and protect Customer Personal Data against accidental or unlawful destruction; accidental loss, alteration, unauthorized disclosure or access to Customer Personal Data transmitted, stored or otherwise processed; all other unlawful forms of Processing.
4.2 Data Breach:
4.2.1 If either Party discovers or learns of a Data Breach, it shall take commercially reasonable, appropriate, and prompt steps to: (a) investigate and mitigate the Data Breach; (b) notify the other Party of such Data Breach; (c) furnish necessary and relevant details of the Data Breach as may be available; (d) provide reasonable assistance, as needed, in the investigation and mitigation of the Data Breach; and (e) provide information and assistance, as needed, in meeting a Party's legal obligations, including any applicable obligations to notify individuals, regulators and/or other parties.
4.2.2 Unless prohibited by applicable law or court order, each Party shall notify the other Party of any third-party legal process relating to any Data Breach, including but not limited to any legal process initiated by any governmental entity or other party.
4.2.3 A Party's cooperation or obligation to report or respond to Data Breaches under this DPA shall not be deemed an acknowledgment by a Party of any fault or liability with respect to a Data Breach.
5. Sub-processors.
5.1 Customer hereby gives general consent to Foundries.io to engage the Sub-processors, including Foundries.io's affiliates, set forth in the Service Details. Before amending the list of Foundries.io Sub-processors identified in the Service Details, Foundries.io will notify Customer, and Customer authorizes Foundries.io to use any such Sub-processor to Process Customer Personal Data unless Customer objects within thirty (30) calendar days of such notification. Any such objection must be based on reasonable grounds. If such objection is justified, Customer and Foundries.io will work together to find a mutually acceptable resolution to such objection.
5.2 Where a Sub-processor fails to fulfil its obligations under such written agreement or Data Protection Laws, Foundries.io will remain responsible to Customer for the failure of such Sub-processor to the same extent Foundries.io is responsible for its own failure in the performance of Foundries.io's obligations under this DPA.
6 International Data Transfers.
6.1 With regard to countries, regions, or territories with Data Protection Laws requiring a condition for the valid export of Personal Data, or any subset or category of data within the Customer Personal Data, (such countries, regions, or territories, “Limited Transfer Region(s)” and such data, to the extent restricted, “Limited Transfer Data”), Foundries.io may not receive and Process such Limited Transfer Data outside of a Limited Transfer Region unless Foundries.io (or its relevant Sub-Processor(s)) adopts measures, safeguards, or mechanisms recognized by such Data Protection Laws as satisfying such condition (each, a “Valid Mechanism”). Limited Transfer Data transferred to third countries that are not deemed by the applicable authorities as providing an adequate level of data protection shall be subject to Exhibit 1 of this DPA.
6.2 Customer agrees that the transfer mechanisms in Exhibit 1 are each a Valid Mechanism and that Foundries.io may transfer Limited Transfer Data outside of a Limited Transfer Mechanism pursuant to Exhibit 1.
6.3 The Parties agree that to the extent any additional Valid Mechanism is required to export data to a third country, or if the Valid Mechanism agreed upon under this DPA is substituted, replaced, or no longer recognized under Data Protection Laws as satisfying the conditions for valid export, the Parties agree that Foundries.io will use another Valid Mechanism.
6.4 Notwithstanding the availability of a Valid Mechanism, where implementation of such Valid Mechanism is not commercially reasonable, Foundries.io may discontinue the Service in the applicable region(s) without penalty, subject to any provisions in the Terms applicable to discontinuation of the Service, if any.
7 Retention and Deletion of Customer Personal Data. Upon termination or expiration of the Terms or Customer's written request to delete Customer Personal Data, Foundries.io shall cease to Process any Customer Personal Data and delete all Customer Personal Data under Foundries.io's possession or control or, if technically feasible, provide Customer the ability to delete such Customer Personal Data directly through tools or functionality made available by Foundries.io; except (a) where such deletion is not permitted under applicable laws (including Data Protection Laws) or the order of a governmental or regulatory body, (b) where Foundries.io retains such data for compliance with any legal obligation, (c) where Foundries.io's then-current data retention or similar back-up system stores Customer Personal Data, provided such data will remain protected in accordance with the measures described in the Terms and this DPA, or (d) where Foundries.io is a Controller.
8 Miscellaneous.
8.1 Termination and Survival. Upon termination or expiration of the Terms, this DPA shall automatically and immediately expire as it applies to such Terms, provided, however, the provisions of this DPA that, by their terms, require performance after the termination or expiration of this DPA, or apply to events that may occur after the termination or expiration of this DPA, will survive.
8.2 Governing Law; Conflicts of Law; Severance. Without prejudice to clauses 17 (governing law) and 18 (choice of forum and jurisdiction) of the Incorporated SCCs (if applicable), the Parties hereby submit to the choice of jurisdiction stipulated in the Terms with respect to any disputes or claims arising under this DPA, including disputes regarding its existence, validity or termination or the consequences of its nullity; and this DPA and all non-contractual or other obligations arising out of or in connection with it are governed by the laws of the country or territory stipulated in the Terms (without reference to its conflict of laws requirements), unless otherwise required by Data Protection Laws. To the extent any court or governmental entity with competent jurisdiction determines that a provision of this DPA is invalid or unenforceable, the Parties agree and intend that such provision should be (a) amended solely as necessary to bring it back into force in a manner consistent with the Parties' manifest intent, or if that is not possible (b) severed from the DPA in a manner to give maximum legal force and effect to the remaining provisions.
8.3 Updates to the DPA. Foundries.io reserves the right to update this DPA where such change is strictly required by any applicable Data Protection Law, court order or regulatory guidance. Foundries.io shall inform Customer of such changes (email shall suffice) and give Customer an opportunity to object within a reasonable period of time from the delivery of such notice of change. Customer and Foundries.io will, in good faith, resolve any objections raised by Customer. Unless Customer has objected as set forth in this paragraph, the changes to this DPA shall become effective thirty (30) calendar days from the date Foundries.io notifies Customer of such changes (or such earlier period as required by the Data Protection Laws, court order, or guidance issued by a governmental regulator).
8.4 Conflict. If there is any conflict or inconsistency between any terms comprising the Terms, the following order of priority shall apply: the standard contractual clauses referenced in Exhibit 1 to this DPA (the “Incorporated SCCs”); the jurisdiction-specific terms, e.g., in Exhibits 1 and 2 to this DPA; the main body of this DPA; the remainder of the Terms. Any ambiguity in this DPA shall be resolved to permit the Parties to comply with mandatory obligations under Data Protection Laws.
8.5 Applicability. This DPA does not apply to Protected Health Information, if any, provided by Customer as a Covered Entity (as such terms are defined by the Health Insurance Portability and Accountability Act (“HIPAA”), a federal law of the United States). Customer shall provide Foundries.io with prior written notice if it intends to provide Foundries.io with access to such information and shall enter into a separate Business Associate Agreement, as defined in HIPAA, with Foundries.io.
9 Definitions. The capitalized terms of this DPA shall have the meanings set forth below, unless otherwise specified in this DPA. Capitalized terms used but not defined in this DPA shall have the meaning given to them in the Terms. Cognates of all terms shall be construed accordingly.
9.1 “California Consumer Privacy Act” means the California Consumer Privacy Act of 2018 (as amended) and the final regulations issued thereunder (“CCPA”).
9.2 “Chinese Data Protection Law” means the PRC Personal Information Protection Law, the PRC Cybersecurity Law, the PRC Data Security Law, their supporting regulations and standards, and other laws governing privacy and data protection matters in the People's Republic of China (for the purposes of this Addendum, excluding Hong Kong, Macau and Taiwan; “China”).
9.3 “Confidential Information” has the meaning given to it or substantially similar terms that are, in the context of the Terms, subject to confidentiality obligations.
9.4 “Controller” means 'controller' as defined in the GDPR and other substantially similar roles in other Data Protection Laws.
9.5 “Customer Personal Data” means any Personal Data made available by or on behalf of Customer to Foundries.io, or collected by Foundries.io solely on behalf of Customer, in connection with the Service.
9.6 “Data Breach” means any unauthorized interference with the availability of, or any unauthorized, unlawful or accidental loss, misuse, destruction, alteration, acquisition of, access to, disclosure of, or damage to, Personal Data.
9.7 “Data Protection Laws” means all applicable transnational, national, federal, state or local laws (statutory, common or otherwise), treaties, conventions, ordinances, codes, rules and regulations of any applicable jurisdiction related to privacy, personal data protection and information security, to the extent such laws, treaties, conventions, ordinances, codes, rules and regulations govern and are binding upon the relevant Party in its performance of its obligations or exercise of its rights under the Terms, including but not limited to the General Data Protection Regulation (EU) 2016/679 (“GDPR”), the GDPR as incorporated into UK law, the CCPA and the Chinese Data Protection Law.
9.8 “Data Subject” means an identified or identifiable natural person about whom Personal Data is Processed in connection with the Service, or as otherwise defined (including under similar terms such as 'consumer') under Data Protection Laws.
9.9 “Personal Data” means 'personal data' as defined in the GDPR or other substantially similar terms in other Data Protection Laws such as 'personal information'.
9.10 “Processing” means the performance of any operation or set of operations upon data, whether or not by automatic means, such as collection, receipt, recording, organization, structuring, alteration, use, transmission, access, sharing, provision, disclosure, distribution, copying, transfer, storage, management, retention, deletion, combination, restriction, summarizing, aggregation, correlation, inferring, derivation, analysis, adaptation, retrieval, consultation, destruction, or disposal.
9.11 “Processor” means 'processor' as defined in the GDPR and other substantially similar roles in other Data Protection Laws.
9.12 “Service” means the applicable service provided by Foundries.io to Customer, as described in the Terms
9.13 “Service Details” means the description of the Service, information pertaining to the Processing of Customer Personal Data in connection with such Service, and other relevant details specific to the Service, if applicable, which are attached hereto as Appendix A (Service Details) to this DPA.
9.14 “Sub-processor” means any person or entity engaged by Foundries.io to Process Customer Personal Data.
EXHIBIT 1
TRANSFERS TO THIRD COUNTRIES
For the purpose of Exhibit 1, the “data exporter” or “Exporter” is Customer and the “data importer” or “Importer” is Foundries.io.
PART I: Data Transfers Under Data Protection Laws that Recognize the 2021 EU Standard Contractual Clauses for International Transfers approved by the European Commission (“EU SCCs”)
The Parties agree to abide by the EU SCCs, which are recognized as a Valid Mechanism of international data transfers by the GDPR and substantially recognized by similar Data Protection Laws of certain Limited Transfer Regions. To the extent Foundries.io is Processing Customer Personal Data subject to the GDPR or such other Data Protection Laws, the Parties hereby enter into the EU SCCs, which are hereby incorporated by reference, with the selected modules and options completed as set forth below.
1 EU SCCs
1.1 Clarifications of Definitions & Terms
A. For Limited Transfer Regions other than the European Economic Area, references to the GDPR or EU or Member State Law will be replaced by references to the Data Protection Laws of the respective Limited Transfer Region.
B. The information to be listed in Annex I (A) and (B) of the APPENDIX of the EU SCCs, in addition to the identities of the data exporter and data importer as set forth above, are collectively listed in the Terms, the DPA, and the Service Details.
C. All terms and definitions of the EU SCCs, whether or not capitalized or in quotes, are incorporated by reference into this Part I of Exhibit 1 to the DPA, notwithstanding any contrary definitions in other portions of the DPA.
1.2 Applicable Modules
With respect to Processing of Customer Personal Data:
A. When Customer is a controller, and Foundries.io is a controller, Module One shall apply.
B. When Customer is a controller, and Foundries.io is a processor, Module Two shall apply.
C. When Customer is a processor, and Foundries.io is a sub-processor, Module Three shall apply.
1.3 Selected Options for EU SCCs
A. Optional Clause 7 (“Docking clause”) will be deemed incorporated.
B. In Clause 9 for Modules Two and Three, “Option 2: General Written Authorization” is selected, and the time period for prior notice of addition or replacement of Sub-processors will be as set forth in the DPA.
C. In Clause 11, the optional language will not apply.
D. With respect to Clause 12, the Parties agree that, solely as between the Parties, the limitations on liability negotiated between the Parties in the Terms, if any, shall apply in connection with Clause 12, so long as they do not prejudice the rights or remedies of Data Subjects.
E. In Clause 17, Option 2 is selected, and where the law of the EU Member State in which the data exporter is established does not allow for third-party beneficiary rights, the EU SCCs will be governed by the law of Ireland, except with respect to Limited Transfer Regions that do not accept the governance by the law of Ireland, in which case the EU SCCs will be governed by the laws of such Limited Transfer Region.
F. In Clause 18(b), disputes will be resolved before the courts of Ireland, except with respect to any Limited Transfer Regions that do not accept the courts of Ireland as the chosen forum, where applicable, in which case disputes will be resolved before the courts of such jurisdictions.
G. The Data Protection Commission of Ireland is hereby identified as the competent supervisory authority for the purpose of Annex I (C) of the APPENDIX of the EU SCCs, unless the transfer of such Limited Transfer Data is exclusively subject to the jurisdiction of another EU Member State supervisory authority, where such supervisory authority shall accordingly replace the Data Protection Commission of Ireland as the competent supervisory authority.
H.The information required by Annex II of the APPENDIX of the EU SCCs is set forth in clause 4.1 of this DPA.
I.The information required by Annex III of the APPENDIX of the EU SCCs is set forth in the Service Details.
J.By entering into the DPA, the Parties are deemed to be signing the EU SCCs, to the extent Foundries.io's Processing of Customer Personal Data or transfer of Limited Transfer Data is subject to the GDPR.
2 Data Exported from the United Kingdom of Great Britain and Northern Ireland (“UK”). The UK's International Data Transfer Addendum to the EU SCCs (“UK IDTA”) will be deemed incorporated into this DPA with respect to Personal Data exported from the UK that is subject to Data Protection Laws in the UK, and the Parties confirm that the information required for the purposes of the UK IDTA is hereby completed as follows:
A. For Table 1 (Parties): the Parties' fields will be deemed to be pre-populated with the information respectively of Customer and Foundries.io as set out in the Terms.
B. For Table 2 (Selected SCCs, Modules and Selected Clauses): the applicable module of the SCCs including the Appendix Information and with only the modules, clauses or optional provisions listed in Sections 2 and 3 above will be brought into effect for the purpose of the UK SCCs.
C. For Table 3 (Appendix Information): the Appendix Information is set out in the following:
i. Annex 1A: List of Parties: as set out above and in the Terms;
ii. Annex 1B: Description of Transfer: as set out in the Service Details;
iii. Annex II: Technical and organizational measures including technical and organizational measures to ensure the security of the data: as set out in clause 4.1 of the DPA;
iv. Annex III: List of Sub processors: as set out in the Service Details with respect to Sub-processors.
D. For Table 4: the Parties agree that either Party may end the UK SCCs in accordance with the provisions of Section 19 of the UK SCCs.
E. For Part 2 “Mandatory Clauses”: The clauses under the “Amendments to this Addendum” are hereby incorporated into the DPA except Clause 16, for which the amendment should be that (i) the Parties confirm that Clause 17 and/or 18 of the Addendum EU SCCs (as defined in the UK IDTA) shall refer to the laws and/or courts of England and Wales, (ii) a Data Subject may also bring legal proceedings against the (data) Exporter and/or Importer before any courts of the UK, and (iii) the Parties agree to submit themselves to the jurisdiction of such courts.
3 Data Exported from Switzerland. In case of any transfers of Personal Data from Switzerland subject exclusively to the Data Protection Laws and Regulations of Switzerland (“Swiss Data Protection Laws”), the following provisions apply:
3.1 In respect of data transfers governed by Swiss Data Protection Laws, the EU SCCs also apply to the transfer of information relating to an identified or identifiable legal entity where such information is protected similarly as Personal Data under Swiss Data Protection Laws until such laws are amended to no longer apply to a legal entity.
3.2 For Data Subjects habitually residing in Switzerland, the courts of Switzerland are an alternative place of jurisdiction in respect of disputes.
PART II: Data Transfers Under Data Protection Laws with Requirements Different from or in Addition to the GDPR
1 Brazil
In relation to Limited Transfer Data transferred outside of Brazil, the Parties shall comply with Data Protection Laws and, unless either Party explicitly objects to the other Party, whenever applicable and legally required, adopt the standard contractual clauses as approved by the Brazilian data authority, which will be deemed incorporated into the DPA and shall be read and interpreted in the light of the provisions and definitions of the General Data Protection Law of Brazil. Such clauses shall be automatically updated, amended, replaced, or superseded from time to time in accordance with further instructions of the Brazilian data authority.2 Canada
In relation to Limited Transfer Data subject to laws of Canada, in addition to adopting the EU SCCs as specified above under PART I, to ensure the level of data protection required by applicable laws of Canada, the Parties shall comply with the Personal Information Protection and Electronic Documents Act (PIPEDA) and any other applicable laws on the federal, provincial, and territorial level of Canada. The Parties agree to abide by the principles established in PIPEDA, including (i) accountability/compliance with the principles, (ii) identification of the purposes/reasons for collecting the personal information, (iii) consent to the collection of the personal information, (iv) limiting the collection to only what is necessary in order to achieve the desired tasks, (v) limiting the use, disclosure and retention of the personal information, (vi) maintaining accurate data, (vii) safeguarding data with appropriate security policies, and (viii) making policies easily available to employees and customers. The data exporter shall notify individuals according to applicable laws, including but not limited that their personal data may be transferred outside of Canada and accordingly may be subject to access by foreign governments, courts, law enforcement or regulatory agencies.3 South Korea
In relation to Limited Transfer Data transferred out of South Korea, if legally required, Customer shall obtain consent of the Data Subjects to the data transfer and other administrative approval as applicable.4 China
In relation to Limited Transfer Data transferred outside China, the Parties shall, as applicable, (i) adopt the Standard Contract approved by the Cyberspace Administration of China (“CAC”), which will be deemed incorporated into the DPA and shall be read and interpreted in the light of the provisions and definitions of applicable laws, (ii) pass the CAC's data transfer security assessment as required by law, or (iii) obtain the data transfer certification as approved by the CAC. Where the data transfer requires consent of Data Subjects, Customer shall ensure such consent of Data Subjects is in place as legally required.5 Singapore
In relation to Limited Transfer Data subject to Singapore's Personal Data Protection Act 2012 as amended, revised, or supplemented from time to time (“PDPA”), the Parties shall obtain the deemed or express consent of the Data Subjects to such data transfers as required by the PDPA.6 Other Mandatory Standard Clauses
To the extent any other Limited Transfer Region does not recognize the EU SCCs and adopts other standard clauses that are mandatory for transfers of Personal Data from such Limited Transfer Region, unless either Party explicitly objects to the other Party, the Parties agree that such clauses will be deemed incorporated into this DPA with respect to Personal Data from such Limited Transfer Region, and relevant details of the Terms, including but not limited to the DPA and Service Details, will be used to complete the information required by such clauses.
The competent supervisory authority should be decided in accordance with Data Protection Laws; in absence of clear legal guidance, it should be the authority of the jurisdiction where the headquarters of Customer resides.
EXHIBIT 2
CALIFORNIA CONSUMER PRIVACY ACT ADDENDUM (“CCPA Addendum”)
This CCPA Addendum shall apply with respect to Customer Personal Data that is subject to the CCPA and Processed by Foundries.io on behalf of Customer (“California Personal Information”).
The terms used in this CCPA Addendum shall have the meanings set forth in this CCPA Addendum, and capitalized terms not otherwise defined herein shall have the meanings given to them in the remainder of the DPA.
Where Customer acts as the “business” and Foundries.io acts as the “service provider” or “contractor” to Customer, as defined under the CCPA, the following provisions shall apply:
1. Customer shall disclose California Personal Information to Foundries.io for the limited and specific business purposes set forth in the Terms, Service Details, and/or Service description, as applicable, or as otherwise permitted by the CCPA.
2. Foundries.io shall comply with applicable obligations under the CCPA and provide the same level of protection to California Personal Information as required of Customer by the CCPA.
3. Foundries.io shall not “sell” or “share” California Personal Information as those terms are defined in the CCPA.
4. Foundries.io shall not retain, use, disclose or combine California Personal Information for any purpose other than the business purpose(s) specified in the Terms (including this DPA), nor otherwise Process California Personal Information outside the direct business relationship with Customer, unless otherwise permitted by the CCPA or required by law.
5. Customer may take reasonable and appropriate steps to ensure that Foundries.io uses California Personal Information in a manner consistent with the Customer's obligations under the CCPA, and upon notice, to stop and remediate any unauthorized use of California Personal Information by Foundries.io.
6. Customer shall inform Foundries.io of any consumer request made pursuant to the CCPA that Foundries.io must comply with and provide the information necessary for Foundries.io to comply with the request (or Foundries.io may enable the Customer to comply with consumer requests directly should such functionality be available as part of the Service).
7. If Foundries.io determines it can no longer meet its obligations under the CCPA, it shall promptly notify Customer.
8. To the extent that the Parties Process “deidentified” information as that term defined in the CCPA, each Party shall (a) take reasonable measures to ensure that the information cannot be associated with a consumer or household, (b) commit to maintaining and using the information in deidentified form and not to attempt to reidentify the information, except that a Party may attempt to reidentify the information for the purpose of determining whether its deidentification processes satisfy the requirements of CCPA, and (c) contractually obligate any recipients of the information to comply with these restrictions.
APPENDIX A
SERVICE DETAILS
LIST OF PARTIES:
- Data exporter(s)
- Name and Address: As set forth in the Terms and/or the Order Form for the Customer
Contact person's name, position and contact details: As set forth in the Terms and/or the Order Form for the Customer
Role: Controller - Data importer(s)
- Name and Address: As set forth in the Terms and/or the Order Form for Foundries.io
Contact person's name, position and contact details: Available at qualcomm.com/privacy or by emailing [email protected].
Role: Processor - Activities relevant to the Personal Data transferred under the EU SCCs
- Where Customer enables the device and fleet management capabilities as part of the Service to manage devices of Customer's end users, the Customer Personal Data as described hereunder would be transmitted to and hosted in servers controlled by Foundries.io or its affiliates.
DESCRIPTION OF PROCESSING:
- Categories of Data Subjects whose Personal Data is transferred or otherwise Processed
- End users of Customer.
- Categories of Personal Data transferred or otherwise Processed
- MAC address, IP address and the related device configuration of end user devices.
- Sensitive data (as defined by the EU SCCs) transferred (if applicable) and applied restrictions or safeguards that fully take into consideration the nature of the data and the risks involved, such as for instance strict purpose limitation, access restrictions (including access only for staff having followed specialised training), keeping a record of access to the data, restrictions for onward transfers or additional security measures.
- Not applicable.
- The frequency of the transfer (e.g. whether the data is transferred on a one-off or continuous basis)
- Continuous.
- Nature and Purpose(s) of the Processing, including the transfer and further Processing
- Foundries.io Processes Customer Personal Data (i) to provide, manage, test, maintain and enhance the Service to Customer as described in the Terms, where Customers can manage the devices of their end users using the device and fleet management capabilities provided by the Service, (ii) to test, maintain, support, and secure the systems in connection with the provision of the Service, (iii) to prevent, detect, or investigate data security incidents or protect against malicious, deceptive, fraudulent or illegal activity, and (iv) to aggregate, anonymize or de-identify the data such that it cannot be used to identify a Data Subject or Customer, and use such data, subject to applicable law, for any lawful reason including but not limited to research and development, and analyzing and improving products and services.
- The period for which the Personal Data will be retained, or, if that is not possible, the criteria used to determine that period
- The data will be retained for as long as Customer maintains a subscription (or if Customer requests data deletion), and at the end of a subscription, a 90-calendar day data retention policy applies unless Customer reactivates a subscription.
- For transfers to Sub-Processors, also specify subject matter, nature and duration of the Processing
- See the section of Sub-processors below.
SUB-PROCESSORS:
In accordance with Section 5.1 of the DPA, the Data Exporter has provided general written consent to engage Sub-Processors. In addition, specific consent has been provided to engage the Sub-Processors from the following agreed list:
Name | Contact | Description of processing |
---|---|---|
Google LLC | 1600 Amphitheater Parkway, Mountain View, CA 84043 | Used for (i) Customer source code builds, Customer build artifacts, and Customer FoundriesFactory member email addresses, (ii) service management, and (iii) performance of builds and store artifacts. |
Amazon Web Services Inc. | 410 Terry Avenue, North Seattle, WA 98109 | Used for (i) Customer source code builds and Customer build artifacts, and (ii) performance of builds and store artifacts. |
DigitalOcean LLC | 101 Avenue of the Americas 10th Floor, New York, NY 10013 | Used for (i) Customer source code builds and Customer build artifacts, and (ii) performance of builds and store artifacts. |
In addition to the Sub-Processors listed above, Foundries.io may engage its affiliates, the office locations of which are available at https://www.qualcomm.com/company/facilities/offices, as Sub-Processors to Process Customer Personal Data in accordance with the Terms.
SCHEDULE 2 TO TERMS
SUPPORT ADDENDUM
NOTE: As stipulated in the Terms, this Support Addendum applies only to Customer's commercial use of the FoundriesFactory Service as specified in the Order Form. Accordingly, it does not apply to use of the FoundriesFactory Service for evaluation purposes.
1 DEFINITIONS
For purposes of this Support Addendum, in addition to other terms defined elsewhere in this Support Addendum, the following terms, when the first letter is capitalized, shall have the meanings set forth below. Capitalized terms used, but not defined herein, shall have the meaning set forth in the Terms or Order Form, as the case may be, that incorporates this Support Addendum.
“Emergency Maintenance” means unscheduled maintenance that is necessary, in Foundries.io's sole discretion, to address an unanticipated issue in the FoundriesFactory Service that could potentially, if left unresolved, materially threaten the security or usability of the FoundriesFactory Service or Customer Material. In the event of Emergency Maintenance, Foundries.io will notify Customer as soon as reasonably practicable if the FoundriesFactory Service is expected to be unavailable.
“Scheduled Maintenance” means routine monthly maintenance of the FoundriesFactory Service, provided that: (i) Scheduled Maintenance shall not exceed one hundred and twenty (120) consecutive minutes in duration; and (ii) Foundries.io will use commercially reasonable efforts to provide Scheduled Maintenance notifications at least five (5) business days before any Scheduled Maintenance that is reasonably expected to cause any material degradation in service availability.
2 FOUNDRIESFACTORY SERVICE AVAILABILITY
Foundries.io will use commercially reasonable efforts to make the FoundriesFactory Service available with minimal downtime twenty-four (24) hours a day, seven (7) days a week; provided, however, that the following are excepted from availability commitments: (i) Scheduled Maintenance; (ii) Emergency Maintenance; (iii) the failure by Customer to properly implement, operate and maintain its implementation of the FoundriesFactory Service in accordance with the Agreement and the applicable documentation; (iv) the failure of Customer's systems (to include, without limitation, those third parties operating as a service provider to Customer, such as telecommunications providers and others); (v) the failure of Customer to properly operate, maintain and ensure compatibility of Customer-provided hardware, software, and services that interface or interoperate with the FoundriesFactory Service; (vi) any Force Majeure event; (vii) Denial of Service (“DoS”) and distributed DoS attacks; (viii) a failure by a third party telecommunications carriers' cellular, satellite, terrestrial, or other network, including, but not limited to, transmission limitations errors caused by network congestions, weather, atmospheric conditions (such as space debris, solar flares, and other atmospheric anomalies or disturbances), magnetic interference, terrain, structures, localized 'gaps' in telecommunications network coverage, civil disturbances, or other natural or manmade conditions over which Foundries.io has no control; or (ix) Foundries.io's suspension or termination of Customer's right to use the FoundriesFactory Service in accordance with the Agreement.
3 SUPPORT AND INCIDENT RESPONSE
a. Support Services. Foundries.io will provide the following Support Services directly to Customer: commercially reasonable troubleshooting and bug fixes in those instances where Foundries.io reasonably determines that a problem is likely related to the FoundriesFactory Service, in accordance with the Incident Management procedures set forth in Section (c) below.
b. Support Ticketing. Customer shall open all support cases via Foundries.io's case management platform, available at support.foundries.io. Only Customers, who are registered FoundriesFactory Service users, shall be permitted to access the case management platform.
c. Incident Management. In the event that Foundries.io detects, or Customer notifies Foundries.io of a potential event and/or defect in the FoundriesFactory Service (an “Incident”), Foundries.io will assign an Incident severity level in accordance with Table 1 below. After Foundries.io provides acknowledgement of the Incident to Customer, Foundries.io will use commercially reasonable efforts to provide a resolution for the issue within the Estimated Resolution Times as set forth in Table 1 below and subject to Customer's compliance with its obligations in sub-section (d) below. Response times outside of 4am to 10pm Pacific Time or during weekends may not be addressed until the start of the following business day.
Security Level Description Estimated Response Time Estimated Resolution Time Level 1 ‐ Urgent Foundries.io is experiencing issues of the FoundriesFactory Service severely impacting all Customers' ability to update devices with no workaround. 2 hours 8 business hours Level 2 ‐ High FoundriesFactory Service is operational, but with significant disruption to Customer's business operations; and no stable workaround is available. 1 business day 2 business days Level 3 ‐ Normal FoundriesFactory Service issues are causing moderate to low disruption of the FoundriesFactory Service; or any issue for which there is a stable workaround available. 1 business day 5 business days Level 4 ‐ Low FoundriesFactory Service is fully operational; no significant disruption to Customer's business operations; issues with little or minimal time sensitivity. 1 business day 14 business days Table 1 ‐ Incident Severity Levels, Estimated Response Times & Estimated Resolution Times d. Customer Obligations. Customer agrees that in connection with any reported Incident, it will supply Foundries.io with full and accurate diagnostic information regarding any incident, including, but not limited to screenshots or other images; hardware or device specifications and configuration; software version; description of the issue, including any error messages; and log files, including when relevant any signal data or location result; or other information reasonably requested by Foundries.io. Any supplied information shall be deemed Feedback under the terms of the Agreement. Customer understands that Foundries.io support of the service levels described in this Support Addendum is contingent upon Customer fulfilling its responsibilities as set forth in this Support Addendum and responding promptly to all commercially reasonable requests from Foundries.io relating to resolution of the Incident. The Estimated Resolution Time will not begin until Customer has provided Foundries.io with all reasonably requested information. In the event of a difference of opinion between Customer and Foundries.io over the appropriate Incident Severity Level to which any Incident should be assigned, and over requested information, Foundries.io's decision shall be final. If a Customer response is requested in a support case in the case management system, and no response is received within fourteen (14) calendar days, then the case ticket will be closed, In this case Customer may raise a new case request if required.
Website terms of use can be found here: https://www.qualcomm.com/site/privacy/terms-of-use.