Terms of Service
Last Updated: March 4, 2023
Phase AI Technologies Inc. (“Provider”) provides a platform and application program interface (API) on a software as a service and platform as a service basis (“Service”, as further defined below). The Service is provided on a subscription basis as further described in this Agreement and on the Website under specific subscription plans offered by Provider from time to time.
The Services are provided through the website https://ampup.ai (the “Website”). This Agreement applies to anyone (“You”/”Customer”) who subscribes for or otherwise uses the Services.
THESE TERMS (THE “AGREEMENT”) CONTAIN IMPORTANT LIMITATIONS ON REPRESENTATIONS, WARRANTIES, CONDITIONS, REMEDIES AND LIABILITIES THAT ARE APPLICABLE TO THE SERVICES. ACCORDINGLY, YOU SHOULD READ THESE TERMS CAREFULLY BEFORE USING THE SERVICES. EITHER BY CLICKING A BOX INDICATING YOUR ACCEPTANCE, YOU AGREE TO THE TERMS HEREOF. IF YOU ARE AN AGENT OR EMPLOYEE OF AN ENTITY YOU REPRESENT AND WARRANT THAT (I) THE INDIVIDUAL ACCEPTING THIS AGREEMENT IS AUTHORIZED TO ACCEPT THIS AGREEMENT ON SUCH ENTITY’S BEHALF AND TO BIND SUCH ENTITY, AND (II) SUCH ENTITY HAS FULL POWER, CORPORATE OR OTHERWISE, TO ENTER INTO THIS AGREEMENT AND PERFORM ITS OBLIGATIONS HEREUNDER. IF YOU DO NOT ACCEPT THESE TERMS, THEN DO NOT USE THE WEBSITE OR ANY OF ITS CONTENT OR SERVICES.
1. Provision of Service.
- Provision Generally. Subject to your acceptance of this Agreement and your payment of all fees due and owing to Provider, during the Subscription Term (as defined in Section 5.1) Provider will provide Customer with access to Provider’s analytics platform and Provider’s application program interface (API) (collectively, the “Service”) allowing Customer to analyze its marketing data in accordance with the terms and conditions of this Agreement. In order to access and use the Service, Customer is responsible at its own expense for obtaining its own Internet access and any hardware and software required therefor. Customer’s right to use the Service during the Subscription Term shall be subject to and in accordance with any additional conditions, restrictions or parameters specified in this Agreement.
- Grant of Rights. Subject to the terms and conditions of this Agreement, Provider hereby grants to Customer a limited, royalty-free, non-exclusive, non-sublicensable, non-transferable (except for permitted assignments as hereinafter described) right to access and use the Service in accordance with this Agreement, subject to the terms and conditions of approved Services plan and solely for Customer’s internal business purposes during the Subscription Term. All rights not expressly granted to Customer are reserved by Provider and its licensors. There are no implied rights.
- Eligibility Requirements. By entering into this Agreement, Customer represents and warrants that Customer meets the following minimum requirements (“Eligibility Requirements”): (a) Customer has the necessary rights and authority to enter into and perform the obligations required of Customer under this Agreement; (b) the Customer Data (as defined herein) is and will remain within Customer’s right to use, accurate, complete and current; (c) Customer’s use of the Service will comply with all applicable laws and regulations; and (d) Customer will not infringe the rights of any third party (including without limitation any intellectual property rights or privacy rights) in its use of the Service.
- Restrictions. Customer shall not (and shall not allow any third party to): (a) permit any third party to access or use the Service except as envisioned by the Service in its normal operation or specified herein; (b) alter, modify, debug, reverse engineer, decompile, disassemble, or otherwise attempt to derive or gain access to any software (including source code) associated with the Service; (c) use any unauthorized robot, spider, scraper or other automated means to access the Service, or engage in any scraping, data-mining, harvesting, data aggregating or indexing of the Service except to have copy of Customer Data and End User Data (d)frame or mirror any content forming part of the Service; or (e) access the Service in order to (f) build a competitive product or service, or (ii) copy any ideas, features, functions or graphics of the Service. Customer shall keep all passwords and API keys provided to it safe and secure, and shall be responsible for all use of the Service using passwords or API keys issued to Customer. Customer shall notify Provider immediately of any actual or suspected unauthorized use of its passwords or API keys for the Service. Without limiting any of its other rights or remedies, Provider reserves the right to suspend access to the Service if Provider reasonably believes that Customer has materially violated the restrictions and obligations in this Agreement after providing Customer written notice remained ineffective within 15 days.
The Service may not be accessed or used by any national or resident of a country embargoed by the United Stated or Canada including countries sanctioned by the Office of Foreign Assets Control (OFAC) or the Financial Action Task Force (FATF). By accessing or using the Service, Customer is representing and warranting that Customer is not located in, under the control of, or are a national or resident of any country to which the use of the Service would be prohibited by the laws of Canada or the United States.
- Important note on Minors. The Website and Services are not intended for use by children and Provider reserves the right to terminate access to and use of the Services without notice to any User we have reason to believe is a minor.
- Customer Cooperation. Customer shall: (a) reasonably cooperate with Provider in all matters relating to the Service; (b) respond promptly to any Provider request to provide information, approvals, authorizations or decisions that are reasonably necessary for Provider to provide the Service in accordance with this Agreement; and (c) provide such Customer materials or information as Provider may reasonably request to provide the Service and ensure that such materials or information are complete and accurate in all material respects.
2. Provider Technology.
In connection with providing the Service, Provider and its licensors shall operate and support the hosted environment used by Provider to provide the Service, including the Provider Technology (as defined below), the server hardware, disk storage, firewall protection, server operating systems, management programs, web server programs, documentation and all other technology or information so used by Provider. As used herein, “Provider Technology” means all of Provider’s proprietary technology (including software, hardware, products, processes, algorithms, user interfaces, know-how, techniques, designs and other tangible or intangible technical material or information) made available to Customer by Provider in providing the Service, including any and all updates, modifications, improvements and derivatives thereto and thereof.
Provider acknowledges and agrees that as between Customer and Provider, all right, title and interest in and to the Customer Data and End User Data are and shall remain owned by Customer or its licensors, and this Agreement in no way conveys any right, title or interest in the Customer Data or End User Data other than a limited right to use the Customer Data and End User Data in accordance with the terms and conditions herein. No right or license is granted hereunder to Customer under any trademarks, service marks, trade names or logos. Customer shall not remove any Provider trademark, service mark or logo, or any proprietary notices or labels (including any copyright or trademark notices) from the Service. Customer acknowledges and agrees that, as between Provider and Customer, all right, title and interest in and to the Service (including the data, information, text, images, designs, sound, music, marks, logos, compilations (meaning the collection, arrangement and assembly of information other than Customer Data and End User Data) and other content on or made available through the Service, other than Customer Data, the End User Data and the Customer’s copyrights elements including logo or graphic charter), the Provider Technology and all improvements and derivatives of the foregoing (including all intellectual property and proprietary rights embodied therein or associated therewith) are and shall remain owned by Provider or its licensors, and this Agreement in no way conveys any right, title or interest in the Service or the Provider Technology other than a limited right to use the Service in accordance with this Agreement.
4. Fees; Payments; Taxes.
- Fees. Customers with paid subscriptions will provide Provider (or its third-party payment service provider) with a valid credit card for payment of the applicable subscription fees. In addition to any fees, the Customer may still incur charges incidental to using the Service, for example, charges for Internet access, data roaming, and other data transmission charges. No refunds or credits will be issued for partial periods of service, upgrade/downgrade refunds, or refunds for periods unused with an active subscription, including, but not limited to, instances involving the removal of a Customer. There are no charges for cancelling a subscription and paying subscriptions cancelled prior to the end of their current billing cycle will not be charged again in the following cycle.
- Increases. Provider reserves the right to increase its fees upon at least 90 days’ advance notice (e-mail or otherwise) to Customer; provided, however, that fee increases will not take effect until the start of the next Subscription Term.
- Taxes. All amounts due hereunder are exclusive of all sales, use, excise, service, value added, or other taxes, duties and charges of any kind (whether foreign, federal, state, local or other) associated with this Agreement, the Service, or Customer’s access to the Service. Customer shall be solely responsible for all such taxes, duties and charges (except for taxes imposed on Provider’s income), which may be invoiced by Provider from time-to-time. In the event of updated tax rates, Provider will apply the new tax rate without notice to the Customer.
- Withholdings. Any and all payments by or on account of the compensation payable under this Agreement shall be made free and clear of and without deduction or withholding for any taxes. If the Customer is required to deduct or withhold any taxes from such payments, then the sum payable shall be increased as necessary so that, after making all required deductions or withholdings, Provider receives an amount equal to the sum it would have received had no such deduction or withholding been made.
5. Term & Termination.
- Term, Termination and Automatic Renewal. Customers are solely responsible for canceling subscriptions. A Customer may cancel their subscription at any time by accessing the Service. For security reasons, cancellations shall only be performed by a Customer using the account cancellation URL within the Service. The Customer may be directed, within the Service, to call support to complete the cancellation. Cancellations shall not be accepted by any other means.
- Termination for Breach. Provider in its sole discretion has the right to suspend or discontinue providing the Service to any Customer without notice for actions that are in material violation of this Agreement.
- Termination for convenience. Where the Service is provided to Customer on a “free” basis, Provider reserves the right to terminate this Agreement at any time, with or without notice to Customer.
- Effects of Subscription Termination; Survival. Upon any termination of this Agreement: (a) all rights granted to Customer hereunder shall terminate and Provider shall no longer provide access to the Service to Customer, (b) Customer shall cease using the Service, and (c) Provider shall delete all Customer Data. Any obligations that have accrued prior to termination shall survive termination of this Agreement. In addition, the following Sections, as well as any other provisions herein which by their nature should survive, shall survive termination of this Agreement: Sections 3-10.
6. Customer Data and End User Data.
- Data Generally. All account and billing information, and all data and information which the Customer, or its End Users (being its employees and any other person who it permits to use its instance of the Service) inputs into the Service (collectively, “Customer Data”) will not be used by Provider except as permitted herein. Provider agrees to protect Customer Data and End User Data with no less than industry-standard information security tools and procedures. Customer hereby grants to Provider a limited, non- exclusive, non-transferable, royalty-free right to use, reproduce, manipulate, and display the Customer Data solely in connection with providing the Service to Customer. Provider may analyze Customer Data, and data of other customers, to create aggregated and anonymized statistics or data that do not identify Customer or any individual, household, user, browser, or device and Provider may during and after the Subscription Term use and disclose such statistics or data in its discretion. Except as specified otherwise in this Agreement, Customer shall be solely responsible for providing, updating, uploading and maintaining all Customer Data. Provider shall operate the Service in a manner that provides reasonable information security for Customer Data and End User Data, using commercially reasonable data backup, security, and recovery protections.
- EU Data Protection. The parties agree to comply with the provisions of the Data Processing Addendum set out in Exhibit A.
7. Warranty Disclaimer.
- Disclaimer. THE SERVICES ARE PROVIDED ON AN “AS –IS” BASIS, AND, PROVIDER MAKES NO REPRESENTATION OR WARRANTY WHATSOEVER, AND HEREBY DISCLAIMS ALL REPRESENTATIONS AND WARRANTIES WITH RESPECT TO THE SERVICE (IN EACH CASE WHETHER EXPRESS OR IMPLIED BY LAW, COURSE OF DEALING, COURSE OF PERFORMANCE, USAGE OF TRADE OR OTHERWISE), INCLUDING ANY WARRANTY (A) OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT (subject to the provisions of Article 9), (B) THAT THE SERVICE WILL MEET CUSTOMER’S REQUIREMENTS, WILL ALWAYS BE AVAILABLE , ACCESSIBLE, UNINTERRUPTED), TIMELY, OR OPERATE WITHOUT ERROR, (C) AS TO THE RESULTS THAT MAY BE OBTAINED FROM THE USE OF THE SERVICE, OR (D) AS TO THE ACCURACY OR RELIABILITY OF ANY INFORMATION OBTAINED FROM THE SERVICE.
- Additional Disclaimer. CUSTOMER ACKNOWLEDGES THAT THE SERVICE IS HOSTED BY A THIRD PARTY HOSTING PROVIDER (THE “HOSTING CONTRACTOR”) AND USES THIRD PARTY SERVER HARDWARE, DISK STORAGE, FIREWALL PROTECTION, SERVER OPERATING SYSTEMS, MANAGEMENT PROGRAMS, WEB SERVER PROGRAMS FOR DELIVERY OF THE SERVICE (THE “HOSTING CONTRACTOR SERVICES”). ADDITIONALLY, Provider USES THIRD PARTIES TO HELP RECEIVE PAYMENTS (“PAYMENT PROCESSOR”). PROVIDER MAY CHANGE ITS HOSTING CONTRACTOR AND PAYMENT PROCESSOR AT ANY TIME. CUSTOMER’S USE OF THE SERVICE IS SUBJECT TO ANY RESTRICTIONS IMPOSED BY THE HOSTING CONTRACTOR AND THE PAYMENT PROCESSOR, AS APPLICABLE. NOTWITHSTANDING ANY OTHER PROVISION OF THIS AGREEMENT, PROVIDER SHALL NOT BE LIABLE FOR ANY PROBLEMS, FAILURES, DEFECTS OR ERRORS WITH THE SERVICE TO THE EXTENT CAUSED BY THE HOSTING CONTRACTOR OR PAYMENT PROCESSOR. CUSTOMER ACKNOWLEDGES THAT THE FEES PAYABLE FOR THE SERVICE REFLECT THE FACT THAT PROVIDER IS NOT RESPONSIBLE FOR THE ACTS AND OMISSIONS OF THE HOSTING CONTRACTOR OR PAYMENT PROCESSOR, AND THAT PROVIDER COULD NOT AFFORD TO PROVIDE THE SERVICE AT THE PRICES OFFERED IF IT WERE RESPONSIBLE FOR THE ACTS OR OMISSIONS OF THE HOSTING CONTRACTOR OR PAYMENT PROCESSOR.
8. Limitations of Liability.
- Disclaimer of Indirect Damages. EXCEPT FOR (A) CUSTOMER’S OBLIGATION TO PAY ALL AMOUNTS DUE HEREUNDER; (B) ITS INDEMNIFICATION OBLIGATIONS; AND (C) ITS BREACH OF ANY INTELLECTUAL PROPERTY OR CONFIDENTIALITY OBLIGATIONS OR RESTRICTIONS HEREIN (INCLUDING ANY LIMITATIONS OR RESTRICTIONS ON USE OF THE SERVICE), IN NO EVENT SHALL EITHER PARTY BE LIABLE FOR ANY INDIRECT, CONSEQUENTIAL, INCIDENTAL, SPECIAL, EXEMPLARY OR PUNITIVE DAMAGES (INCLUDING LOSS OF DATA, PROFITS OR REVENUE) ARISING OUT OF OR RELATED TO THE SERVICE OR THIS AGREEMENT, WHETHER SUCH DAMAGES ARISE IN CONTRACT, TORT (INCLUDING NEGLIGENCE) OR OTHERWISE.
- Damages Cap. TO THE FULLEST EXTENT PERMISSIBLE BY LAW, PROVIDER’S TOTAL LIABILITY FOR ALL DAMAGES ARISING OUT OF OR RELATED TO THE SERVICE OR THIS AGREEMENT, WHETHER IN CONTRACT, TORT (INCLUDING NEGLIGENCE) OR OTHERWISE, SHALL NOT EXCEED THE TOTAL AMOUNT OF FEES PAID BY CUSTOMER TO PROVIDER DURING THE THEN-CURRENT SUBSCRIPTION TERM WHATEVER THE MOMENT OF THE THEN-CURRENT PERIOD (EXCLUDING NON-INFRINGEMENT AND CLAIM RELATED TO DATA PROTECTION).
- Basis of the Bargain. THE PARTIES AGREE THAT THE LIMITATIONS OF LIABILITY SET FORTH IN THIS SECTION 8 ARE A FUNDAMENTAL BASIS OF THE BARGAIN, THAT PROVIDER HAS SET ITS FEES IN RELIANCE ON THE ENFORCEABILITY OF THESE PROVISIONS, AND THAT THEY SHALL APPLY NOTWITHSTANDING THAT ANY REMEDY SHALL FAIL ITS ESSENTIAL PURPOSE.
- Provider Indemnification. Provider shall defend, indemnify and hold harmless Customer and its directors, officers, and employees (“Customer Indemnified Parties”) from and against any third-party claims, actions, proceedings, demands, lawsuits, damages, liabilities and expenses (including reasonable attorneys’ fees and court costs)(collectively, “Claims”) to the extent the Service infringes, misappropriates or otherwise violates (collectively, “Infringes”) any third party intellectual property or proprietary right.
- Customer Indemnification. Customer shall defend, indemnify and hold harmless Provider and its directors, officers, employees, agents and providers (“Provider Indemnified Parties”) from and against any Claims based on the Customer Data effectively uploaded by the Customer, excluding any such Claim to the extent resulting from Provider’s use of the Customer Data in violation of this Agreement.
- Indemnification Process. As conditions of the indemnification obligations in Sections 9.1-9.2 above: (a) the applicable Customer Indemnified Party or Provider Indemnified Party (the “Indemnitee”) will provide the indemnifying Party (the “Indemnitor”) with prompt written notice of any Claim for which indemnification is sought (provided that failure to so notify will not remove the Indemnitor’s indemnification obligations except to the extent it is prejudiced thereby), (b) the Indemnitee will permit the Indemnitor to control the defense and settlement of such Claim, and (c) the Indemnitee will reasonably cooperate with the Indemnitor in connection with the Indemnitor’s evaluation, defense and settlement of such Claim. In defending any Claim, the Indemnitor shall use counsel reasonably satisfactory to the other Party. The Indemnitor shall not settle or compromise any such Claim or consent to the entry of any judgment without the prior written consent of the other Party (not unreasonably withheld).
- Exclusions. Provider’s obligations in Section 9.1 above shall not apply to any Claim to the extent arising from or relating to (a) misuse of the Service not strictly in accordance with the documentation therefor, Provider’s instructions, and this Agreement; (b) any modification, alteration or conversion of the Service not created or approved in writing by Provider; (c) any combination of the Service with any computer, hardware, software or service not provided by Provider; (d) Provider’s compliance with specifications or other requirements of Customer; or (e) any third party data or Customer Data. If the Service is or may be subject to a Claim of Infringement described in Section 9.1 above, Provider may, at its cost and sole discretion: (i) obtain the right for Customer to continue using the Service as contemplated herein; (ii) replace or modify the Service so that it becomes non-Infringing without substantially compromising its principal functions; or (iii) to the extent the foregoing are not commercially reasonable, terminate this Agreement and return to Customer any pre-paid fees for the Service associated with the then-current Subscription Term. Provider’s obligations in this Section 9 shall be Provider’s sole obligations, and Customer’s sole remedies, in the event of any Infringement of intellectual property or proprietary rights by or related to the Service.
- Definitions. “Confidential Information” means information that is disclosed by either Party (the “Disclosing Party”) to the other Party (the “Receiving Party”) hereunder during the Subscription Term that is clearly labeled or identified as confidential or proprietary when disclosed, or that, under the circumstances, should reasonably be treated as confidential, including without limitation information (tangible or intangible) regarding a Party’s technology, designs, techniques, research, know-how, specifications, product plans, pricing, customer information, user data, current or future strategic information, current or future business plans, policies or practices, employee information, and other business and technical information. “Confidential Information” shall not include any information that (a) is or becomes generally known to the public through no fault of, or breach of this Agreement by, the Receiving Party; (b) is rightfully in the Receiving Party’s possession at the time of disclosure without an obligation of confidentiality; (c) is independently developed by the Receiving Party without use of the Disclosing Party’s Confidential Information; or (d) is rightfully obtained by the Receiving Party from a third party without restriction on use or disclosure. In addition, (i) the terms and conditions of this Agreement shall be deemed to be Confidential Information of both Parties; (ii) the Service and Provider Technology shall be deemed Confidential Information of Provider, regardless of whether or not they are labeled or identified, or would reasonably be considered confidential; and (iii) Customer Data shall be deemed Confidential Information of Customer.
- General Obligations. Each Party agrees that it will during the Subscription Term and thereafter a period of five (5) years (a) not disclose the other Party’s Confidential Information to any third party (other than as permitted in the last sentence of this paragraph); (b) use the other Party’s Confidential Information only to the extent reasonably necessary to perform its obligations or exercise its rights under this Agreement; (c) disclose the other Party’s Confidential Information only to those of its employees and independent contractors who reasonably need to know such information for purposes of this Agreement and who are bound by confidentiality obligations offering substantially similar protection to those in this Section 10; and (d) protect all Confidential Information of the other Party from unauthorized use, access, or disclosure in the same manner as it protects its own confidential information of a similar nature, and in no event with less than reasonable care. Notwithstanding the above, this paragraph shall not prohibit: (i) a Party from disclosing Confidential Information of the other Party to the extent required by applicable law, rule or regulation (including a court order or other government order); provided that such Party provides the other Party prior written notice of such disclosure, to the extent practicable, and reasonably cooperates with efforts of the other Party to seek confidential treatment thereof, to the extent such cooperation is requested by the other Party; or (ii) a Party from disclosing the terms and conditions of this Agreement to its attorneys and financial advisors, or current or potential lenders, other sources of financing, investors or acquirers; provided that such third parties are bound by confidentiality obligations offering substantially similar protection to those in this Section 10 (provided further that such third parties are only permitted to use such information for the purpose of advising, lending or providing financing to, or investing in or acquiring, such Party, as applicable).
- Return or Destruction. Except as otherwise expressly provided in this Agreement, the Receiving Party will return to the Disclosing Party, or destroy or erase, the Disclosing Party’s Confidential Information in tangible form, upon the termination of this Agreement; provided that (a) Receiving Party may retain a copy of Disclosing Party’s Confidential Information solely for the purposes of tracking Receiving Party’s rights and obligations hereunder with respect thereto, (b) Receiving Party may retain copies of Disclosing Party’s Confidential Information solely to the extent required by law or by applicable professional standards which require such Party to retain copies of its working papers, and (c) Receiving Party may retain Disclosing Party’s Confidential Information solely to the extent reasonably necessary for Receiving Party to exercise rights or perform obligations under this Agreement that survive such termination.
- Feedback. Notwithstanding the above or anything to the contrary herein, to the extent that Customer at any time provides Provider with any feedback or suggestions regarding the Service, including potential improvements or changes thereto (collectively, “Feedback”), the Feedback shall not be considered Confidential Information of Customer, and Provider may use, disclose and exploit the Feedback in any manner it chooses without any obligation to Customer. All Feedback provided by Customer is provided “AS IS” and without warranty or representation of any kind.
- Assignment. This Agreement and any rights or obligations hereunder may not be assigned, sublicensed or otherwise transferred by either Party without the prior written consent of the other Party (not to be unreasonably withheld or delayed), except that either Party may assign or transfer this Agreement without the other Party’s consent (i) to any of its affiliates, or (b) upon a change of control of a party, a sale of all or substantially all assets of that party, or by operation of law, in each case, by providing the non-assigning party with prior written notice thereof provided that the assignee agrees in writing to be bound by all terms and conditions of this Agreement. Customer understands and agrees that, in the event its assignment of the Agreement results in a material change in Service usage, Provider may require a renegotiation of Service pricing.
- Entire Agreement; Precedence; Amendment. This Agreement contains the complete understanding and agreement of the Parties with respect to the subject matter hereof, and supersedes all prior or contemporaneous agreements or understandings, oral or written, with respect thereto. Each Party hereby rejects the inclusion of any pre-printed terms and conditions on any purchase orders or other such contract documents. All amendments must be in signed writing. Provider reserves the right to amend this Agreement. In the event of material changes to the Agreement, Provider will notify Customers, by email, or by other reasonable means of these changes prior to their enactment. Continued use of the Service by the Customer after reasonable notice by Provider will be considered acceptance of any new terms.
- Notices. Provider may give any notices issued in connection with this Agreement by email to Customer at the email address given by Customer when creating its account, and such notices shall be effective upon confirmation of transmission to Customer.
- Force Majeure. Neither Party will be liable to the other Party for any failure or delay in performance by circumstances beyond its control, including, fire, labor difficulties, telecommunication failures, Internet unavailability, governmental actions or terrorism, provided that the Party seeking to rely on such circumstances gives written notice of such circumstances to the other Party and uses reasonable efforts to overcome such circumstances.
- Choice of Law. Any question, claim or controversy arising out of or related to this Agreement (a “Dispute”) will be governed by and construed in accordance with the laws of the Province of Ontario, without giving effect to any conflicts of laws provision thereof or of any other jurisdiction that would produce a contrary result.
- Disputes. In the event of any Dispute, the designated representatives of Customer and Provider shall promptly confer and exert their good faith efforts to reach a reasonable and equitable resolution of such Dispute. Ifsuch representatives are unable to resolve such Dispute within five business days, the Dispute shall be referred promptly to the responsible senior management of each Party for resolution. Neither Party shall seek any other means of resolving any Dispute until both Parties’ responsible senior management have had at least five business days to resolve the Dispute. If the Parties are unable to resolve the Dispute in accordance with the foregoing procedure, then either Party may, at any time, deliver notice to the other Party of its intent to submit the Dispute to the Court of the Province of Ontario, Canada [, except for provision relating to personal data of the Agreement and the Data Processing Agreement which will be submitted to the Court of Ontario, Canada].
- Claims of Infringement. Provider respects Customer’s copyrights and other intellectual property rights and those of other third parties. If Customer believes in good faith that Customer’s copyrighted work has been reproduced on the Service without Customer’s authorization in a way that constitutes copyright infringement, Customer may notify our designated copyright agent by mail to: Phase AI Technologies Inc., Inc., Attn: firstname.lastname@example.org
- Relationship of the Parties. The relationship between the Parties is that of independent contractors. Nothing contained in this Agreement shall be construed as creating any agency, partnership, joint venture or other form of joint enterprise or employment relationship between the Parties, and neither Party shall have authority to contract for or bind the other Party in any manner whatsoever.
- Waiver. No waiver by either Party of any of the provision of this Agreement is effective unless explicitly set forth in writing and signed by such Party. No failure to exercise, or delay in exercising, any right, remedy, power or privilege arising from this Agreement operates, or may be construed, as a waiver thereof. No single or partial exercise of any right, remedy, power or privilege hereunder precludes any other or further exercise thereof or the exercise of any other right, remedy, power or privilege.
- Severability. If any provision of this Agreement is held to be unenforceable or illegal by a court or tribunal of competent jurisdiction, such provision will be modified to the extent necessary to render it enforceable, or will be severed from this Agreement, and all other provisions of this Agreement will remain in full force and effect.
- Interpretation. Headings are provided for convenience only and will not be used to interpret the substance of this Agreement. Unless the intent is expressly otherwise in specific instances, use of the words “include,” “includes,” or “including” in this Agreement shall not be limiting and “or” shall not be exclusive.
Exhibit A: Data Processing Agreement
To the extent that Provider Processes any Customer Personal Data (each as defined below) and (i) the Customer Personal Data relates to individuals located in the EEA; or (ii) Customer is established in the EEA or UK, the provisions of this Data Processing Addendum (“DPA”) shall apply to the processing of such Customer Personal Data. In the event of any conflict between the remainder of the Agreement and the DPA, the DPA will prevail.
1.1. The following capitalised terms used in this DPA shall be defined as follows:
- “Controller” has the meaning given in the GDPR.
- “Data Protection Laws” means the EU General Data Protection Regulation 2016/679 (“GDPR“) or the UK General Data Protection Regulation (“UK GDPR”), tailored by the Data Protection Act 2018, any applicable national implementing legislation in each case as amended, replaced or superseded from time to time, and all applicable legislation protecting the fundamental rights and freedoms of persons and their right to privacy with regard to the Processing of Customer Personal Data.
- “Data Subject” has the meaning given in the GDPR.
- “European Economic Area” or “EEA” means the Member States of the European Union together with Iceland, Norway, and Liechtenstein.
- “Processing” has the meaning given in the GDPR, and “Process” will be interpreted accordingly.
- “Processor” has the meaning given in the GDPR.
- “Security Incident” means any confirmed accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, any Customer Personal Data.
- “Standard Contractual Clauses” means the Standard Contractual Clauses (processors) approved by European Commission Decision (EU) 2021/914 of 4 June 2021 or any subsequent version thereof released by the European Commission (which will automatically apply).
The Standard Contractual Clauses are applicable to the extent they reference Module Two (Controller-to-Processor).
When (i) the Customer Personal Data relates to individuals located in the UK; or (ii) Customer is established in the UK, the parties agree to the Mandatory Clauses of the Approved Addendum, being the template Addendum B.1.0 issued by the ICO and laid before Parliament in accordance with s119A of the Data Protection Act 2018 on 2 February 2022, as it is revised under Section18 of those Mandatory Clauses.
- “Subprocessor” means any Processor engaged by Provider who agrees to receive from Provider Customer Personal Data.
- “Customer Personal Data” means the “personal data” (as defined in the GDPR) described in the Annex and any other personal data contained in the Content or that Provider processes on Customer’s behalf in connection with the provision of the Service.
- “Supervisory Authority” has the meaning given in the GDPR.
- “United Kingdom” or “UK” means the country of the United Kingdom.
2. Data Processing
2.1. The Parties acknowledge and agree that for the purpose of the Data Protection Laws, the Customer is the Controller and Provider is the Processor.
2.2 Instructions for Data Processing. Provider will only Process Customer Personal Data in accordance with Customer’s written instructions. The parties acknowledge and agree that the Agreement (subject to any changes to the Service agreed between the parties) and this DPA shall be Customer’s complete and final instructions to Provider in relation to the processing of Customer Personal Data.
2.3. Processing outside the scope of this DPA or the Agreement will require prior written agreement between Customer and Provider on additional instructions for Processing.
2.4. Required consents. Where required by applicable Data Protection Laws, Customer will ensure that it has obtained/will obtain all necessary consents and complies with all applicable requirements under Data Protection Laws for the Processing of Customer Personal Data by Provider in accordance with the Agreement.
3. Transfer of Personal Data
3.1. Authorised Subprocessors. Customer agrees that Provider may use Subprocessors listed to Process Customer Personal Data. The current list of Subprocessors may be accessed here: Exhibit B.
3.2. As per Clause 9(a), Module 2, OPTION 2 of the Standard Contractual Clauses, Customer agrees that Provider may use subcontractors to fulfil its contractual obligations under the Agreement. Provider shall notify Customer from time to time of the identity of any Subprocessors engaged. If Customer (acting reasonably) objects to a new Subprocessor on grounds related to the protection of Customer Personal Data only, then without prejudice to any right to terminate the Agreement, Customer may request that Provider move the Customer Personal Data to another Subprocessor and Provider shall, within a reasonable time following receipt of such request, use reasonable endeavours to ensure that the original Subprocessor does not Process any of the Customer Personal Data. If it is not reasonably possible to use another Subprocessor, and Customer continues to object for a legitimate reason, either party may terminate the Agreement on thirty (30) days written notice. If Customer does not object within thirty (30) days of receipt of the notice, Customer is deemed to have accepted the new Subprocessor.
3.3. Save as set out in clauses 3.1 and 3.2, Provider shall not permit, allow or otherwise facilitate Subprocessors to Process Customer Personal Data without Customer’s prior written consent and unless Provider:
- enters into a written agreement with the Subprocessor which imposes equivalent obligations on the Subprocessor with regard to their Processing of Customer Personal Data, as are imposed on Provider under this DPA; and
- shall at all times remain responsible for compliance with its obligations under the DPA and will be liable to Customer for the acts and omissions of any Subprocessor as if they were Provider’s acts and omissions.
3.4. International Transfers of Customer Personal Data. Provider commits to Processing Customer Personal Data within the EEA. To the extent that the Processing of Customer Personal Data by Provider involves the export of such Customer Personal Data to a third party in a country or territory outside the EEA, such export shall be:
- to a country or territory ensuring an adequate level of protection for the rights and freedoms of Data Subjects as determined by the European Commission;
- to a third party that is a member of a compliance scheme recognised as offering adequate protection for the rights and freedoms of Data Subjects as determined by the European Commission; or
- governed by the Standard Contractual Clauses between the Customer as exporter and such third party as importer. For this purpose, the Customer appoints Provider as its agent with the authority to complete and enter into the Standard Contractual Clauses as agent for the Customer on its behalf.
4. Data Security, Audits, and Security Notifications
4.1 Provider Security Obligations. Provider will implement and maintain appropriate technical and organizational security measures to ensure a level of security appropriate to the risk, including as appropriate, the measures referred to in Article 32(1) of the GDPR.
4.2 Upon Customer’s reasonable request, Provider will make available all information reasonably necessary to demonstrate compliance with this DPA.
4.3 Security Incident Notification. If Provider becomes aware of a Security Incident, Provider will (a) notify Customer of the Security Incident within 72 hours, (b) investigate the Security Incident and provide Customer (and any law enforcement or regulatory official) with reasonable assistance as required to investigate the Security Incident.
4.4 Provider Employees and Personnel. Provider will treat the Customer Personal Data as confidential, and shall ensure that any employees or other personnel have agreed in writing to protect the confidentiality and security of Customer Personal Data.
4.5 Audits. Provider will, upon Customer’s reasonable request and at Customer’s expense, allow for and contribute to audits, including inspections, conducted by Customer (or a third party auditor on Customer’s behalf and mandated by Customer) provided (i) such audits or inspections are not conducted more than once per year (unless requested by a Supervisory Authority); (ii) are conducted only during business hours; (iii) are conducted in a manner that causes minimal disruption to Provider’s operations and business; and (iv) Following completion of the audit, upon request, Customer will promptly provide Provider with a complete copy of the results of that audit.
5. Access Requests and Data Subject Rights
5.1 Data Subject Rights. Where applicable, and taking into account the nature of the Processing, Provider will use reasonable endeavours to assist Customer by implementing appropriate technical and organisational measures, insofar as this is possible, for the fulfilment of Customer’s obligation to respond to requests for exercising Data Subject rights laid down in the Data Protection Laws.
6. Data Protection Impact Assessment and Prior Consultation
6.1 To the extent required under applicable Data Protection Laws, Provider will provide Customer with reasonably requested information regarding its Service to enable Customer to carry out data protection impact assessments or prior consultations with any Supervisory Authority, in each case solely in relation to Processing of Customer Personal Data and taking into account the nature of the Processing and information available to Provider.
7.1 Deletion or return of data. Subject to 7.2 below, Provider will, at Customer’s election and within 90 (ninety) days of the date of termination of the Agreement:
- make available for retrieval all Customer Personal Data Processed by Provider (and delete all other copies of Customer Personal Data Processed by Provider following such retrieval);
- delete the Customer Personal Data Processed by us.
7.2 Provider and its Subprocessors may retain Customer Personal Data to the extent required by applicable laws and only to the extent and for such period as required by applicable laws and always provided that Provider ensures the confidentiality of all such Customer Personal Data and shall ensure that such Customer Personal Data is only Processed as necessary for the purpose(s) specified in the applicable laws requiring its storage and for no other purpose.
8. Governing law
8.1 This DPA shall be governed by, and construed in accordance with the laws of Ireland. Each of the parties irrevocably submits for all purposes (including any non-contractual disputes or claims) to the non-exclusive jurisdiction of the courts in Ireland. For Standard Contractual Clauses Clause 17 OPTION 1 and Clause 18, the parties agree to the laws and courts of Ireland.
Details of the Processing of Customer Personal Data
This Annex includes certain details of the processing of Customer Personal Data as required by Article 28(3) of the GDPR.
Subject matter and duration of the Processing of Customer Personal Data
The subject matter and duration of the Processing of the Customer Personal Data are set out in the Agreement and this DPA.
The nature and purpose of the Processing of Customer Personal Data
The Customer Personal Data will be subject to the following basic processing activities: transmitting, collecting, storing and analysing data in order to provide the Service to the Customer, and any other activities related to the provision of the Service or specified in the Agreement.
The types of Customer Personal Data to be processed
The Customer Personal Data concern the following categories of data: names; email addresses; personal and professional information; and any other personal data provided by the Customer in connection with its use of the Service.
The categories of data subject to whom the Customer Personal Data relates
Any categories of individuals whose data the Customer extracts, transfers, and/or loads onto the Service, which may include but is not limited to:
- Registered Clients; and
- Past, present and prospective clients, business relationship contacts, and outside counsel contacts of the Customer.
The obligations and rights of the Customer
The obligations and rights of the Customer are as set out in this DPA.
Exhibit B: Subprocessors
- Amazon Web Services