CONNECTED LIVING TECHNOLOGY

TERMS OF SERVICE AGREEMENT

This Terms of Service Agreement, along with an applicable Order, form an agreement between Client and Connected Living Technology, LLC (“CLT”) related to Client’s purchase of the right to access and use the System (as defined below) and/or Services (as defined below). For purposes of this Agreement (as defined below), Client and CLT each will be referred to individually as a "Party" and together as the "Parties."

1.              Definitions. As used in this Agreement, the following terms shall have the meaning described herein, and shall include the plural as well as the singular.

(a)            “Additional Services” means any implementation, training, support, or customization services set forth in the Order. 

(b)            “Agreement” means these terms and conditions, any Order, and any written amendments signed by both Parties.

(c)            “Aggregate Data” means Client Data where any and all personally identifiable information has been removed.  

(d)            “Authorized Users” means Client’s employees, agents or residents who are authorized by Client to utilize the Services and access and use the System.

(e)            “Client” shall have the meaning set forth in the Order.

(f)              “Client Data” means the data provided to CLT by Client and/or its Authorized Users in connection with their use of the Services.

(g)            “Documentation” means any manuals and/or training materials related to the System that have been provided to Client by CLT.

(h)            “Feedback” means any suggestion or idea for improving or otherwise modifying the System, Documentation, or Services.

(i)              “Fees” means the fees set forth in the Order. 

(j)              “Intellectual Property” means any and all patents, patent applications, trademarks, trade names, service marks, certification marks, collective marks, designs, processes, inventions, licenses, copyrights, know-how, trade secrets, and proprietary information.

(k)            “Order” means a document executed by Client and CLT that incorporates by reference the terms of this Agreement and that lists the specific Services the Client is purchasing. 

(l)              “Services” means providing Authorized Users with the ability to access and use the System and any Additional Services as listed in the Order.

(m)           “Software” means the software listed in an applicable Order, including without limitation any computer programs, object code, source code, graphics, user interfaces related to the foregoing, and any updates CLT may provide from time to time. 

(n)            “System” means CLT’s web-based, mobile technology platforms identified on an Order [Query: If the System also includes the robot, we will want to expand the definition and account for the robot in the Agreement. Is the robot purchased or leased? Is it returned to CLT upon expiration or termination of the Agreement? The answer will impact several other provisions in the Agreement].

(o)            “Third Party Products or Services” means any product or service that is subject to separate terms identified on the Order. 

(p)            “User Generated Content” means any form of content, including but not limited to images, videos, text and audio, that has been posted by Client or Authorized Users to the System.  

2.              Services and Licenses

(a)            License. Subject to the terms and conditions set forth herein, CLT grants Client and its Authorized Users a limited, non-exclusive, non-sublicensable, non-transferable, terminable license to use the Software and any related Documentation solely for the purpose of accessing and utilizing the System or Services listed in the Order. Client acknowledges and agrees that some products and services are Third Party Products or Services and are licensed to Client under separate terms and conditions. Such Third Party Products or Services are identified on the Order.

(b)            Authorized Users. Client acknowledges and agrees that it will be liable for any action or omission by an Authorized User, including User Generated Content, that would, if it were an action or omission of the Client, have been a breach of this Agreement. The Services and System may only be used by Client and Authorized Users in accordance with the terms and conditions of CLT’s End User License Agreement.

(c)            Restrictions on Use.  Client and its Authorized Users will not, and will not permit any third-party to: (i) interfere with the System, other customers’ access to the System, or with the security of the System, (ii) make the System available to third parties as managed or network provisioned services; (iii) attack or disrupt the System, including without limitation through any denial of service (DoS) attacks, unauthorized access, monitoring or crawling, or distribution of malware (including but not limited to virus, Trojan horses, worms, time bombs, spyware, adware, or cancelbots); (iv) modify, translate, or create derivative works based on the System or Documentation; (v) use the System or Documentation other than in accordance with this Agreement and other than in compliance with all applicable laws and regulations; (vi) provide System passwords or other log-in information to any third party; (vii) share non-public System features with any third party; (viii) access the System in order to build a competitive product or service, build a product using similar ideas, features, functions or graphics of the System, or copy any ideas, features, functions or graphics of the System.

(d)            Suspension. If CLT reasonably believes that Client and/or its Authorized Users have violated the requirements of this Section 2(d), CLT may suspend Client’s and/or its Authorized Users’ access to the System and/or Software without advanced notice, in addition to other remedies CLT may have. 

3.              Intellectual Property 

(a)            CLT Intellectual Property. CLT retains all right, title, and interest in and to the any and all Intellectual Property associated with the System, Services, and Documentation, including without limitation the Software, and any and all graphics, user interfaces, logos, and trademarks used in or reproduced through the System. This Agreement does not grant Client or its Authorized Users any intellectual property license or rights in or to the System, Services, and Documentation or any component or aspect thereof, except to the limited extent that this Agreement specifically sets forth. Client recognizes that the System, Services, and Documentation or any component or aspect thereof are protected by copyright and other laws.

(b)            Feedback. CLT has not agreed to and does not agree to treat as confidential any Feedback (as defined below) that Client or any Authorized Users provide to CLT, and nothing in this Agreement or in the Parties’ dealings arising out of or related to this Agreement will restrict CLT’s right to use, profit from, disclose, publish, keep secret, or otherwise exploit Feedback, without compensating or crediting Client or the Authorized Users in question. Client hereby grants to CLT a perpetual, irrevocable right and license to exploit Feedback in any and every way.

4.              Fees and Payment

(a)            Fees. Client shall be responsible for and shall pay to CLT the fees further described in the Order. Except as otherwise set forth in an Order, all Fees shall be due and payable within thirty (30) days of the invoice date and shall be paid in U.S. Dollars. CLT shall email invoices to Client within five (5) business days of the date of the invoice. Client shall provide CLT with complete and accurate billing contact information including a valid email address. Client shall pay interest on all late payments at the lesser of the rate of 1.5% per month or the highest rate permissible under applicable law, calculated daily and compounded monthly. Client shall reimburse CLT for all costs incurred or imposed on CLT related to collecting any late payments, including, without limitation, reasonable attorneys’ fees.

(b)            Taxes. Amounts due under this Agreement are payable to CLT without deduction and are net of any tax, tariff, duty, or assessment imposed by any government authority (national, state, provincial, or local), including without limitation any sales, use, excise, ad valorem, property, withholding, or value added tax withheld at the source. If applicable law requires withholding or deduction of such taxes or duties, Client shall separately pay CLT the withheld or deducted amount. However, the preceding two sentences do not apply to taxes based on CLT’s net income.

5.              Representations and Warranties and Limitation of Liability

(a)            Client Warranties. Client makes the following representations and warranties: (i) Client has the requisite power and authority to enter into this Agreement and perform its obligations hereunder; (ii) Client’s provision of any Feedback or any information or instructions related to the System shall not violate applicable law or the rights of any third parties, including without limitation the Intellectual Property rights of any third party; and (iii) Client has the full right and authority to provide CLT with the Client Data, and CLT’s use of the Client Data as authorized herein will not violate applicable law or the rights of any third party. 

(b)            CLT Warranties. CLT makes the following representations, warranties and covenants: (i) CLT has the requisite power and authority to enter into this Agreement and perform its obligations hereunder; (ii) CLT’s performance of this Agreement shall not violate or conflict with any agreement to which CLT is a party; and (iii) the System will function in conformity with the Documentation, if any.

(c)             DISCLAIMER. THE SYSTEM, SOFTWARE, AND/OR SERVICES ARE PROVIDED ON AN “AS IS” AND “AS AVAILABLE” BASIS. EXCEPT AS EXPRESSLY STATED IN THIS AGREEMENT, CLT MAKES NO OTHER WARRANTIES WITH RESPECT TO THE SYSTEM, SOFTWARE, AND/OR SERVICES, EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABILITY, QUIET ENJOYMENT, QUALITY OF INFORMATION, OR TITLE/NONINFRINGEMENT AND ALL SUCH WARRANTIES ARE HEREBY SPECIFICALLY DISCLAIMED.WITHOUT LIMITING THE GENERALITY OF THE FOREGOING: (A) CLT DOES NOT REPRESENT OR WARRANT THAT THE SYSTEM WILL PERFORM WITHOUT INTERRUPTION OR ERROR; AND (B) CLT MAKES NO WARRANTIES THAT ANY OUTPUT OR RESULT GENERATED FROM THE USE OF THE SYSTEM OR SERVICES WILL MEET CLIENT’S REQUIREMENTS. CLT PROVIDES NO WARRANTIES AND ASSUMES NO LIABILITY FOR ANY THIRD PARTY PRODUCTS OR SERVICES, OR ANY USER GENERATED CONTENT.

(d)            LIMITATION OF LIABILITY. EXCEPT AS OTHERWISE PROVIDED FOR HEREIN, CLTNEITHER PARTY SHALL NOTBE LIABLE FOR INDIRECT, SPECIAL OR CONSEQUENTIAL DAMAGES, INCLUDING, BUT NOT LIMITED TO, ANY LOSS OF DATA, BUSINESS OR PROFITS, WHETHER OR NOT FORESEEABLE AND WHETHER OR NOT BASED ON BREACH OF WARRANTY, CONTRACT, OR NEGLIGENCE IN CONNECTION WITH THIS AGREEMENT OR THE SYSTEM, DOCUMENTATION OR SERVICES PROVIDED HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. CLT’S LIABILITY FOR ACTUAL DAMAGES WILL NOT IN ANY EVENT EXCEED ALL FEES PAID TO CLT HEREUNDER DURING THE TWELVE (12) MONTHS IMMEDIATELY PRECEDING ACCRUAL OF THE UNDERLYING ALLEGED CLAIM. THESE LIMITATIONS SHALL APPLY NOTWITHSTANDING THE FAILURE OF ANY LIMITED REMEDY TO MEET ITS ESSENTIAL PURPOSE. 

6.              Indemnity. 

(a)            CLT will defend or settle, at its sole option and expense, any action or suit brought against Client that the Services infringe a third party’s United States patent (“Claim”). CLT will indemnity Client against all damages and costs finally awarded or those costs and damages agreed to in a monetary settlement of such Claim, which are attributable solely to such Claim, provide that Client: (i) promptly gives written notice of the Claim to CLT; (ii) gives CLT sole control of the defense and settlement of the Claim; (iii) provides CLT will all available information and assistance relating to the Claim and cooperates with CLT and its counsel; and (iv) is not in breach of this Agreement. 

(b)            CLT has no obligation for any Claim resulting from: (i) Client having modified the Services, Software or Systems; (ii) Third Party Products or Services or User Generated Content; or (iii) the combination, operation, customization or use of the Services, Software or Systems with software or data not provided by CLT.  Each party (as “Indemnitor”) shall indemnify, defend, and hold harmless the other party, its affiliates, officers, directors, employees, agents, and customers (collectively, “Indemnitees”) from and against any and all loss, liability, cost, damages, judgments, and expense, including attorneys' fees, which may be incurred by Company in connection with any claims, actions, or demands by a third party arising out of or related to (i) the gross negligence or willful misconduct of Indemnitor; (ii) Indemnitor’s violation of applicable law or the Intellectual Property rights of a third party; or (iii) Indemnitor’s breach of its representations and warranties as set forth herein. Notwithstanding the foregoing, Indemnitor shall have no indemnity obligation under this Section to the extent the Claims arise from (i) the gross negligence or willful misconduct of Indemnitee; or (ii) specifications, information, or instructions provided by Indemnitee, its employees, agents or independent contractors.

(c)            Client shall defend CLT from any claim, demand, suit, or proceeding made or brought against CLT or its affiliates, suppliers or service providers by: (i) Client’s Authorized Users; (ii) a third party arising out of or related to CLT’s or its Authorized Users use of the Services, Software or Systems in violation of this Agreement, including related to User Generated Content, or infringing or misappropriating the rights of a third party or violating applicable law; (iii) Client’s or its Authorized Users breach of the terms and conditions of this Agreement or violation of applicable law. Client shall indemnify and hold harmless CLT for any loss, costs, judgments, damages, expenses, and liability that may be incurred by CLT in connection with any such claims, actions, or demands. The obligations under this Section are expressly condition on the following: (a) Indemnitee promptly giving written notice of the Claim to the Indemnitor (provided that Indemnifying Party shall only be relieved of its obligations to the extent prejudiced by the delay); (b) Indemnitee giving sole control of the defense and settlement of the Claim to Indemnitor (provided that Indemnitee may participate in the defense and employ counsel at its expense and Indemnitor will obtain the prior approval of Indemnitee before entering into any settlement of such Claim or ceasing to defend against such Claim, if such settlement or ceasing to defend the Claim adversely affects Indemnitee); and (c) Indemnitee providing to Indemnitor, at Indemnitor’s cost and expense, all reasonable assistance.

7.              DATA 

(a)            Use of Client Data. CLT shall use, store, disclose, and otherwise process the Client Data: (i) in accordance with the Data Processing Addendum attached hereto as Exhibit A, the contents of which are expressly incorporated by reference; (ii) pursuant to documented instructions from Client, or (iii) when required to do so by applicable law, and CLT informs Client of that legal requirement before processing and minimizes any disclosures to the maximum extent permitted by law.

(b)            Aggregate Data. Notwithstanding anything to the contrary herein, CLT may create, use, reproduce, or otherwise exploit Aggregate Data in for our internal business purposes, including without limitation for research and development purposes. 

8.              CONFIDENTIALITY 

(a)            Confidential Information Defined. “Confidential Information” means any and all information disclosed by one party to this Agreement (“Discloser”) to the other (“Recipient”) during the Term, including without limitation, any source code, prices, trade secrets, databases, designs and techniques, models, displays and manuals, information concerning research activities and plans, customers, personnel, marketing or sales plans, sales forecasts, pricing or pricing strategies, costs, operational techniques, strategic plans, business information, whether or not such information is disclosed by Discloser orally or in writing, and whether or not such information is marked as “confidential” or “proprietary” at the time of disclosure. Notwithstanding the foregoing, Confidential Information does not include information that: (i) is in Recipient’s possession at the time of disclosure; (ii) is independently developed by Recipient without use of or reference to Confidential Information; (iii) becomes known publicly, before or after disclosure, other than as a result of Recipient’s improper action or inaction; or (iv) is approved for release in writing by Discloser. Recipient is on notice that the Confidential Information may include Discloser’s valuable trade secrets.

(b)            Nondisclosure. Recipient shall not use Confidential Information for any purpose other than to perform its obligations under this Agreement (the “Purpose”). Recipient: (a) shall not disclose Confidential Information to any employee or contractor of Recipient unless such person needs access in order to facilitate the Purpose and executes a nondisclosure agreement with Recipient with terms no less restrictive than those of this Section 8; and (b) shall not disclose Confidential Information to any other third party without Discloser’s prior written consent. Without limiting the generality of the foregoing, Recipient shall protect Confidential Information with the same degree of care it uses to protect its own confidential information of similar nature and importance, but with no less than reasonable care. Recipient shall promptly notify Discloser of any misuse or misappropriation of Confidential Information that comes to Recipient’s attention. Notwithstanding the foregoing, Recipient may disclose Confidential Information as required by applicable law or by proper legal or governmental authority. Recipient shall give Discloser prompt notice of any such legal or governmental demand and reasonably cooperate with Discloser in any effort to seek a protective order or otherwise to contest such required disclosure, at Discloser’s expense.

(c)            Injunction. Recipient agrees that breach of this Section 8 would cause Discloser irreparable injury, for which monetary damages would not provide adequate compensation, and that in addition to any other remedy, Discloser will be entitled to injunctive relief against such breach or threatened breach, without proving actual damage or posting a bond or other security.

(d)            Termination & Return. With respect to each item of Confidential Information, the obligations of Section 8 above will terminate five (5) years after the termination or expiration of this Agreement; provided that such obligations related to Confidential Information constituting Discloser’s trade secrets shall continue so long as such information remains subject to trade secret protection pursuant to applicable law. Upon termination or expiration of this Agreement, Recipient shall return all copies of Confidential Information to Discloser or certify, in writing, the destruction thereof.

(e)            Retention of Rights. This Agreement does not transfer ownership of Confidential Information. Discloser will retain all right, title, and interest in and to all Confidential Information.

9.              TERM AND TERMINATION. 

(a)            Term. Unless terminated earlier as set forth herein, the initial term of this Agreement shall take effect on the Effective Date and expire one year thereafter (the “Initial Term”), after which this Agreement shall automatically be renewed for successive one (1) year periods (each a “Renewal Term”) (the Initial Term and any Renewal Term, collectively, the “Term”), unless either party gives at least sixty (60) days prior written notice of cancellation to the other party before the expiration of the then-current term in effect.  The term of any Order shall be set forth within the Order. 

(b)            Termination. In addition to any other express termination right set forth in this Agreement:

(i)              Either Party may terminate this Agreement or any Order for cause upon thirty (30) days’ written notice of a material breach to the other Party, provided such breach remains uncured at the expiration of such notice period; and 

(ii)             Either Party may immediately terminate this Agreement or any Order upon the occurrence of any of the following events: (a) the other Party becomes insolvent, or is adjudicated bankrupt or voluntarily seeks protection under any bankruptcy or insolvency law; or (b) the other Party makes an assignment of its assets for the benefit of creditors or any arrangement with its creditors.

Either Party may terminate this Agreement without cause at any time by providing the other Party with at least ninety (90) days written notice. 

(c)            Effect of Termination or Expiration.  Upon termination or expiration of this Agreement or any specific Order, (i) any right or license granted to Client under this Agreement or that specific Order shall immediately cease, (ii) except in instances where CLT terminates this Agreement pursuant to Sections 9(b)(i) and 9(b)(ii), CLT will provide the Client with a pro-rata refund of any pre-paid Fees associated with Services scheduled to be performed after the effective date of the termination or expiration of the Agreement; (iii) and any Fees due to CLT under the Agreement or the specific Order for Services that have been performed or will be performed prior to the effective date of the termination or expiration of the Agreement shall become immediately payable.  

(d)            Return of Materials; Subscriber Data. Upon expiration or termination of this Agreement, each Party shall promptly return to the other Party, or certify the destruction of, the other Party’s Confidential Information. 

(e)            Equitable Relief. The Parties acknowledge and agree that there may be no adequate remedy at law for the failure of the other Party to comply with any of the material terms and conditions of this Agreement upon termination of this Agreement, or upon a breach of the confidentiality terms herein, and the Parties agree that, in the event of any such failure, the non-breaching Party shall be entitled to equitable relief by way of temporary restraining order, temporary injunction, and permanent injunction and such other and further relief as any court of competent jurisdiction may deem proper.

10.           MISCELLANEOUS

(a)            Notice. All notices to a Party hereunder shall be in writing, and delivered by certified mail, return receipt requested, overnight courier service, or by facsimile with confirmation by the above described mailing methods to the address(es) set forth above or in an Order fForm, or to a different address which a Party may give written notice of pursuant to this Section from time to time. Notice will be deemed delivered and received on the date it is actually received. Client will provide notices to CLT as follows:

Connected Living Living Technology, LLC

400 Crown Colony, Suite 102

Quincy, Massachusetts 02169

Attention: [Patti Holbrook]

 

(b)            Amendment. CLT reserves the right, in its sole discretion, to revise this Agreement at any time. Any such changes will be made available on the CLT website. Your continued use of the System following posting of any changes to this Agreement constitutes your unconditional acceptance and agreement to be bound by the updated Agreement.

(c)            Assignment. This Agreement may not be assigned by either Party without the written consent of the other Party, which shall not be unreasonably conditioned, held or delayed. Any attempt to assign this Agreement in violation of the foregoing will be null and void. This Agreement binds the Parties, their respective affiliates, successors and permitted assigns.

(d)            Right to Audit. Client will keep accurate and complete records related to Client’s use of the Services necessary to demonstrate compliance with this Agreement. Within ten (10) days following CLT’s written request, Client shall certify to CLT in writing that Client is in compliance with this Agreement and provide CLT with any records, information, or documentation reasonably requested by CLT. In addition, CLT may audit Client: (i) at Client’s applicable facility during normal business hours and/or (ii) by remote or electronic means. If CLT’s audit reveals that Client has exceeded the scope of its license or is otherwise not in compliance with the terms and conditions of this Agreement, CLT may terminate this Agreement immediately and Client shall be responsible for the payment of additional fees related to Client’s exceeding the scope of its license.

(e)            Export Laws.   Export laws and regulations of the United States and any other relevant local export laws and regulations may apply to the Services. Client agrees that such export laws govern its uses of the Services, and Client agrees to comply will all such export laws and regulations. 

(f)             Client Responsibilities. Client shall be solely responsible for obtaining broadband internet access in order to use the Services. 

(g)            Survival. The terms of this Agreement that by their sense and context should survive any termination or expiration of this Agreement shall survive the termination or expiration of this Agreement, including but not limited to Sections 1, 3, 5, 6, 7, 8, and 10 and any payment obligations that accrue prior to such termination or expiration.

(h)            Independent Contractor. The Parties are independent contractors and will so represent themselves in all regards. No partnership, joint venture, or agency relationship exists between the Parties.

(i)              Binding Effect and Third-Party Beneficiary. Except as specifically stated in this Agreement, neither Party, nor any of their respective employees or agents, will have the power or authority to bind or obligate the other Party. No third party is a beneficiary of this Agreement. 

(j)              Waiver of Rights. Except where specifically stated to the contrary, all remedies available to either party for breach of this Agreement under this Agreement, at law, or in equity, are cumulative and nonexclusive. A waiver or failure of either Party at any time to require performance by the other Party of any provision hereof will not affect the full right to require such performance at any time thereafter.

(k)            Severability. If any provision or portion thereof of this Agreement or its application in a particular circumstance is held to be invalid or unenforceable to any extent in any jurisdiction, such provision or portion thereof will, as to such jurisdiction only, be ineffective to the extent of such unenforceability, all other provisions and portions thereof of this Agreement will not be affected thereby and will be valid and enforced to the fullest extent permitted by law.

(l)              Choice of Law and Venue. This Agreement, as well as any and all tort claims arising from this Agreement or arising from any of the proposals, negotiations, communications or understandings regarding this Agreement, will be governed by and construed in accordance with the laws of the State of Massachusetts, United States of America (“Massachusetts”), accept to the extent preempted by federal law. The sole jurisdiction and venue for any litigation arising out of this Agreement will be the federal or state courts located in Massachusetts. The Parties agree that the application of the United Nations Convention on Contracts for the International Sale of Goods is expressly excluded. 

(m)           Force Majeure. No party shall be liable or responsible to the other party, nor be deemed to have defaulted under or breached this Agreement, for any failure or delay in fulfilling or performing any term of this Agreement when and to the extent such failure or delay is caused by or results from acts beyond the affected party's reasonable control (each, a “Force Majeure Event”), including, without limitation: (a) acts of God; (b) flood, fire, earthquake or explosion; (c) war, invasion, hostilities (whether war is declared or not), terrorist threats or acts, riot or other civil unrest; (d) government order or law; (e) actions, embargoes or blockades in effect on or after the date of this Agreement; (f) action by any governmental authority; (g) governmental health restrictions or advisories; (h) disease, epidemics or pandemics; (i) national or regional emergency; and (j) any other similar events or circumstances. The party suffering a Force Majeure Event shall give notice within 14 days of the Force Majeure Event to the other party, stating the period of time the occurrence is expected to continue and shall use diligent efforts to end the failure or delay and ensure the effects of such Force Majeure Event are minimized.

(n)            Entire Agreement. This Agreement and the Order(s) contains the final and entire agreement of the Parties and supersedes all previous and contemporaneous verbal or written negotiations, understandings, or agreements regarding the Agreement’s subject matter.  In the event of any conflict between this Agreement and any Order, the terms of the Order shall control to the extent of the conflict.

 

 

EXHIBIT A

Data Processing Addendum

 

1.   DEFINITIONS

 

“Data Controller” means the entity which determines the purposes and means of the Processing of Personal Data.

 

“Data Processor” means the entity which Processes Personal Data on behalf of the Data Controller.

 

“Data Protection Laws” means all laws and regulations applicable to the Processing of Personal Data under the Agreement.

 

“Data Subject” means the individual to whom Personal Data relates.  

 

“Personal Data” means any information relating to an identified or identifiable person contained in Client Data. The types of Personal Data Processed under this DPA may include but are not limited to the following: IP addresses; names; emails; phone numbers; usernames; location data; device data; browser generated data; and online identifiers of the end users of digital properties.

 

“Processing” means any operation or set of operations which is performed upon Personal Data, whether or not by automatic means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction (“Process”, “Processes” and “Processed” shall have the same meaning). 

 

“Security Breach” has the meaning set forth in Section 7 of this DPA.

 

“Sub-processor” means any Data Processor engaged by CLT.

 

 

2.   PROCESSING OF PERSONAL DATA

 

  1. The Parties agree that with regard to the Processing of Personal Data, Client is the Data Controller and CLT is the Data Processor.

 

2.2. Client will, in its use of the Service, Process Personal Data in accordance with the requirements of applicable Data Protection Laws and Client will ensure that its instructions for the Processing of Personal Data will comply with applicable Data Protection Laws. Client will have sole responsibility for the accuracy, quality, and legality of Personal Data and the means by which Client obtained the Personal Data.

 

2.3. During the Term of the Agreement, CLT will only Process Personal Data on behalf of and in accordance with the Agreement, Orders, this DPA, and Client’s instructions and shall treat Personal Data as Confidential Information.  Client instructs CLT to Process Personal Data for the following purposes: (i) Processing in accordance with the Agreement and any applicable Order; and (ii) Processing to comply with other reasonable instructions provided by Client where such instructions are consistent with the terms of the Agreement.  CLT may Process Personal Data other than on the instructions of the Client if it is required under applicable law to which CLT is subject.  In this situation CLT will inform the Client of such a requirement unless the law prohibits this on important grounds of public interest.  

 

  1. RIGHTS OF DATA SUBJECTS

 

  1. To the extent Client, in its use of the Services, does not have the ability to correct, amend, restrict, block or delete Personal Data, as required by applicable Data Protection Laws, CLT may use commercially reasonable efforts to comply with reasonable requests by Client to facilitate such actions to the extent CLT is legally permitted and able to do so.

 

  1. CLT will, to the extent legally permitted, promptly notify Client if it receives a request from a Data Subject for access to, correction, amendment, deletion of or objection to the Processing of that person’s Personal Data.  CLT will not respond to any such Data Subject request without Client’s prior written consent except to confirm that the request relates to Client. CLT will provide Client with commercially reasonable cooperation and assistance in relation to handling of a Data Subject’s request, to the extent legally permitted and to the extent Client does not have access to such Personal Data through its use of the Service.

 

  1. CLT PERSONNEL

 

  1. CLT will ensure that its personnel engaged in the Processing of Personal Data are informed of the confidential nature of the Personal Data and are subject to obligations of confidentiality and such obligations survive the termination of that individual’s engagement with CLT.

 

  1. CLT will ensure that access to Personal Data is limited to those personnel who require such access to provide the Service.

 

  1. SUB-PROCESSORS

 

  1. Client acknowledges and agrees that CLT may engage third-party Sub-processors in connection with the provision of the Services.  Any such Sub-processors will be permitted to obtain Personal Data only to deliver the services CLT has retained them to provide and are prohibited from using Personal Data for any other purpose.  CLT agrees that any agreement with a Sub-processor will include substantially the same data protection obligations as set out in this DPA.

 

1.1.CLT shall be liable for the acts and omissions of its Sub-processors to the same extent CLT would be liable if performing the services of each Sub-processor directly under the terms of this DPA, except as otherwise set forth in the Agreement.

 

 

  1. SECURITY; AUDIT RIGHTS; PRIVACY IMPACT ASSESSMENTS

 

  1. CLT will maintain administrative, physical and technical safeguards for protection of the security, confidentiality and integrity of Personal Data.

 

1.1.No more than once per year, Client may engage a mutually agreed upon third party to audit CLT solely for the purposes of meeting its audit requirements pursuant applicable Data Protection Law. To request an audit, Client must submit a detailed audit plan to CLT at least four (4) weeks in advance of the proposed audit date describing the proposed scope, duration, and start date of the audit.  The auditor must execute a written confidentiality agreement acceptable to CLT before conducting the audit.  The audit must be conducted during regular business hours, subject to CLT’s policies, and may not unreasonably interfere with CLT’s business activities.  Any audits are at Client’s expense.

 

Any request for CLT to provide assistance with an audit is considered a separate service if such audit assistance requires the use of resources different from or in addition to those required by applicable law.  Client will reimburse CLT for any time spent for any such audit at the rates agreed to by the Parties. Before the commencement of any such audit, Client and CLT shall mutually agree upon the scope, timing, and duration of the audit in addition to the reimbursement rate for which Client will be responsible. All reimbursement rates will be reasonable, taking into account the resources expended by CLT. Client shall promptly notify CLT with information regarding any non-compliance discovered during the course of an audit.

 

  1. CLT will reasonably cooperate with Client, at Client’s expense, to assist Client in ensuring compliance with applicable law taking into account the nature of processing and the information available to CLT.

 

 

  1. SECURITY BREACH MANAGEMENT AND NOTIFICATION

 

  1. If CLT becomes aware of any accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to any Client Personal Data transmitted, stored or otherwise Processed by CLT or its Sub-processors (a “Security Breach”), CLT will notify Client of the Security Breach without undue delay and in compliance with applicable laws, but in no event shall such notification take place more than forty-eight (48) hours after CLT becomes aware of the Security Breach.

 

  1. Client agrees that an unsuccessful Security Breach attempt will not be subject to this Section.  An unsuccessful Security Breach attempt is one that results in no unauthorized access to Client Personal Data or to any of CLT’s equipment or facilities storing Client Personal Data, and may include, without limitation, pings and other broadcast attacks on firewalls or edge servers, port scans, unsuccessful log-on attempts, denial of service attacks, packet sniffing (or other unauthorized access to traffic data that does not result in access beyond headers) or similar incidents.

 

  1. CLT’s obligation to report or respond to a Security Breach under this Section 6 is not and will not be construed as an acknowledgement by CLT of any fault or liability of CLT with respect to the Security Breach.

 

 

  1. RETURN AND DELETION OF PERSONAL DATA

 

CLT shall delete or return Personal Data to Client after the end of the provision of the Services under the Agreement and shall delete existing copies unless applicable law requires storage of such data.

 

 

  1. PARTIES TO THIS DPA

 

Nothing in this DPA shall confer any benefits or rights on any person or entity other than the parties to this DPA.