Transmit Security Cloud Services Agreement

To read this page in Spanish, click here. This Cloud Services Agreement (“Agreement”) is a legal agreement between you (referred to herein as “YOU”, “YOUR” or “CUSTOMER”) and (A) Transmit Security, Inc., 201 Washington Street, Suite 2600, Boston, MA 02108, United States, if You are located in North America or Japan; (B) Transmit Security Ltd., 94 Yigal Alon Street, Tel Aviv, 6789139, Israel, if You are located outside North America or Japan, or (C) Transmit Security (CA) Services Ltd. 700 West Georgia Street, Suite 2200, Vancouver BC V7Y 1K8 Canada, if You are located in Canada (“TRANSMIT SECURITY”). THIS AGREEMENT GOVERNS THE USE OF TRANSMIT SECURITY’S CLOUD SERVICES. BY DOWNLOADING, INSTALLING, ACCESSING, EVALUATING OR OTHERWISE USING THE CLOUD SERVICE, YOU ACKNOWLEDGE AND AGREE THAT YOU ARE BOUND TO THIS AGREEMENT. IF YOU DO NOT ACCEPT ALL ITS TERMS, IMMEDIATELY CEASE USING OR ACCESSING THE CLOUD SERVICE. THIS AGREEMENT GOVERNS YOUR USE OF THE CLOUD SERVICES HOWEVER THEY WERE ACQUIRED INCLUDING WITHOUT LIMITATION THROUGH AN AUTHORIZED DISTRIBUTOR, RESELLER, ONLINE APP STORE, OR MARKETPLACE.

1. Definitions. The terms used in this Agreement shall have the following definitions:
   1. “API” means application programming interface.
   2. “Authorized Use” means use allowed in connection with this Agreement to the extent of authorizations acquired from Transmit Security as set forth in the Order Form.
   3. “Cloud Service(s)” means Transmit Security software, data and services and updates thereto developed, owned and managed by Transmit Security and made available to Customer via a network, including, if applicable, the API.
   4. “Customer” means the party who has entered into this Agreement with Transmit Security.
   5. “End User” means an individual who accesses Customer’s services via the Cloud Service.
   6. “End User Data” means data relating to an End User that may be accessed or collected pursuant to or in connection with the End User’s use of the Cloud Services during the relationship governed by this Agreement, including in the form of logs, session data, telemetry, user data, usage data, and threat intelligence data, or other data specified for the relevant Cloud Service. End User Data may include confidential data and Personal Data, such as source and destination IP addresses.
   7. “Identity Network” means the network of Transmit Security Customers who agree to share data and signals with other Customers in the network for the purpose of improved security.
   8. “Identity Network End User Data” means, where Customer has elected to allow End Users to register with the Identity Network, any End User Data that may be accessed or collected pursuant to or in connection with an End User’s registration and use of the Identity Network.
   9. “Personal Data” means any information relating to an identified or identifiable person (as determined under applicable data protection laws), including biometric information and any information derived therefrom.
   10. “Order Form” means the applicable ordering document setting forth the Cloud Services provided under this Agreement.
2. License Grant and Access Rights
   1. Transmit Security grants You a limited, revocable, non-transferable and non-exclusive right to use the Cloud Service during the term as set forth in an applicable Order Form.
   2. Transmit Security shall make the Cloud Service available pursuant to this Agreement and the applicable Order Form.
   3. Customer will provide the hardware, software and connectivity to access and use the Cloud Service.
   4. Customer and End User shall agree to use the Cloud Service only for the Authorized Use. End User shall be prohibited from replicating or distributing the Cloud Service, or otherwise using the Cloud Service other than for the Authorized Use.
   5. To the extent that Customer is granted access to and uses the API, Customer shall design and implement a user interface pursuant to which End Users can access the Services, and which provides a method for providing notice and obtaining or securing End Users’ consent for the collection of certain Personal Data (the “User Interface”). Such notice and consent shall also include a link to Transmit Security’s privacy policy located at https://www.transmitsecurity.com/legal/transmit-security-privacy-statement. Prior to making the User Interface publicly available to any End User or collecting any Personal Data via or in connection with the Cloud Service, Customer must obtain Transmit Security’s written approval with respect to the design, accessibility, and user flow of the User Interface as well as notices provided and consents obtained or secured thereby or prior to the collection of any Personal Data and all language and content displayed thereon, which may be granted or withheld at Transmit Security’s sole discretion. Customer will ensure that the User Interface is at all times presented and maintained in the form approved by Transmit Security. Customer will grant Transmit Security access to Customer’s network as necessary to monitor Customer’s compliance with this Section 2(e). Transmit Security may suspend Customer’s access to the API and/or the Cloud Service in the event of Customer’s breach of this Section 2(e) immediately upon notice to Customer.
   6. Customer and End User shall agree to comply with all applicable laws, regulations, and ordinances relating to its performance and the exercise of its rights under this Agreement.
   7. Customer is responsible for all activities that occur within its account and for its End Users’ compliance with this Agreement. A breach of any term of this Agreement by an End User will constitute a breach by Customer.
   8. Customer is responsible for obtaining all necessary rights, permissions and consents prior to providing or inputting data into the Cloud Service.
   9. Audit. If the Cloud Service permits Customer to exceed the use authorizations set forth in an Order Form (e.g., soft limits on user counts, transactions, sessions, etc.), then Customer is responsible for purchasing additional quantities to account for excess usage. Transmit Security may audit Customer’s use of the Cloud Service (e.g., through use of software tools) to assess whether Customer’s usage is in accordance with the applicable Order. Customer agrees to cooperate with the audit and provide reasonable assistance and access to information. Any such audit shall not unreasonably interfere with Customer’s normal business operations and will be conducted at Transmit Security’s expense. Customer agrees to pay within thirty (30) days of written notification any charges applicable to excess usage, based on the then-current unit rates in the applicable Order Form. Customer agrees that Transmit Security shall not be responsible for any of Customer’s costs incurred in cooperating with the audit.
   10. Restrictions. Restrictions. With regard to the Cloud Service, and any component thereof, a Cloud Service may not be used in any jurisdiction for unlawful, obscene, offensive or fraudulent content or activity, such as advocating or causing harm, interfering with or violating the integrity or security of a network or system, evading filters, sending unsolicited, spam, abusive or deceptive messages, viruses or harmful code, or violating third party rights. In addition, You will not (i) access the Cloud Service or its output for the purpose of developing a competitive product or service; (ii) reverse assemble, reverse engineer, decompile or otherwise attempt to derive source code or any component thereof; (iii) modify or prepare derivative works, (iv) assign, copy, reproduce, modify, sell, lease, pledge, transfer to or share with any third party, sublicense, market, commercially exploit, or otherwise dispose of in any way, on a temporary or permanent basis (v) use in any manner that infringes or misappropriates the intellectual property rights or other rights of Transmit Security or another party; (vi) distribute or re-distribute; (vii) use to provide service-bureau, software rental, time sharing or any data services to any third party; (viii) bundle, integrate, or attempt to integrate with any third-party software or solution; (ix) interfere with or disrupt the integrity or performance of the Cloud Service, including conducting any load or penetration testing on the Cloud Service; or (x) use in any way not specifically licensed pursuant to this Agreement or not in accordance with provided related documentation.
   11. End User Data. As between Customer and Transmit Security, Customer owns the End User Data, excluding Identity Network End User Data (“Customer Data”). Customer hereby grants to Transmit Security a non-exclusive, worldwide, royalty-free, fully paid-up, sublicensable, right and license to (i) copy, distribute, display and create derivative works of and use the Customer Data to perform Transmit Security’s obligations under this Agreement. Customer also hereby grants to Transmit Security a non-exclusive, world-wide, perpetual, royalty-free, fully paid-up, and irrevocable license to copy, anonymize, process and create derivative works of Customer Data, in whole or in part, for the purpose of deriving statistical and usage data, and data related to the functionality of Transmit Security’s products and services and combine or incorporate Customer Data with or into other similar data and information available, derived or obtained from other customers, licensees, users, or other sources (when so combined or incorporated, referred to as “Aggregate Data”), for improving Transmit Security’s existing products and services and developing new Transmit Security products and services. For clarity, Aggregate Data is not Customer Data. Customer reserves any and all right, title and interest in and to the Customer Data other than the licenses therein expressly granted to Transmit Security under this Agreement.
   12. Database. Transmit Security manages a database of end user data on behalf of customers of Transmit Security’s cloud services (“Database”), which Transmit Security is instructed to make available to customers who use Transmit Security’s identity verification services. Customer hereby instructs Transmit Security to incorporate the Customer Data into the Database and make the Customer Data available to other customers of Transmit Security’s identity verification services, and grants to Transmit Security a non-exclusive, worldwide, royalty-free, fully paid-up, sublicensable, right and license to use the Customer Data for such purposes.
3. Ownership
   1. Transmit Security and its suppliers retain all rights to intellectual and intangible property relating to the Cloud Service, including but not limited to copyrights, patents, trade secret rights, and trademarks and any other intellectual property rights therein unless otherwise indicated. As between Customer, End User and Transmit Security, all rights, title and interest in and to the Cloud Service is owned solely by Transmit Security. You further acknowledge that the Cloud Service constitutes proprietary information and trade secrets of Transmit Security or its licensors and that the Cloud Service is protected intellectual property throughout the world. You shall acknowledge that Your use of the Cloud Service shall not operate so as to transfer or convey to End User or any third party any right, title or interest in or to the Cloud Service or any associated intellectual property rights, but only a limited right of use, revocable in accordance with the terms of this Agreement.
   2. Feedback. To the extent You provide any suggestions or comments related to the Cloud Service, Transmit Security shall have the right to retain and use any such suggestions or comments in current or future cloud services, products or subscriptions, without Your approval or compensation to You.
4. Confidential Information To the extent that confidential and proprietary information of each Party (“Confidential Information”) is exchanged and received in connection with the Cloud Service, each Party agrees not to use the other Party’s Confidential Information except in the performance of, or as authorized by this Agreement. Confidential Information does not include: (i) information that was publicly available at the time of disclosure or that subsequently becomes publicly available other than by a breach of this provision, (ii) information previously known by or developed by the receiving Party independent of the Confidential Information; (iii) information that the receiving Party rightfully obtains without restrictions on use and disclosure; or (iv) information that is required to be disclosed pursuant to any law or regulation or by the rules of any stock exchange or by a court of competent jurisdiction.
5. Term; Termination; and Effect of TerminationThis Agreement is effective in accordance with the term set forth in the applicable Order Form or until it is terminated pursuant the terms of this Agreement. Either party may terminate this Agreement at any time in the event the other party breaches a material term (including but not limited to non-payment or, with respect to Customer as the breaching party, Section 2(e)) and fails to cure such breach within thirty (30) days after receipt of notice. Upon expiration or termination, You shall immediately cease use of the Cloud Service and all rights to access the Cloud Service and data will terminate.Termination of this Agreement does not terminate Orders in effect that are not affected by the material breach and the provisions of this Agreement as they relate to such Orders remain in effect.
6. Fees and Payment
   Customer shall pay Transmit Security the fees for access to the Cloud Service as set forth in the Order Form and any charges for use in excess of authorizations. Fees are non-refundable and due within thirty (30) days of the invoice date or as otherwise set forth in the Order Form.

   For multi-year agreements, a cost of living increase shall be applied on an annual basis unless Customer pays the Total Subscription Fee(s) amount upfront.
   In the event of late payment or nonpayment of an invoice, in addition to any other remedies available at law or equity, Transmit Security will charge Customer a late-payment penalty equal to the lesser of 1.5% per month or the maximum legal interest rate allowed by law, which interest shall be immediately due and payable.  Customer shall reimburse Transmit Security for all reasonable costs, including attorneys’ fees, incurred by Transmit Security in collecting late payments.
   Fees are exclusive of any and all taxes. Other than taxes on Transmit Security’s net income, Customer shall pay (and Transmit Security shall have no liability for), any taxes, tariffs, duties and other charges or assessments imposed or levied by any government or governmental agency in connection with this Agreement, including, without limitation, any federal, provincial, state and local sales, use, goods and services, value-added, withholding, and personal property taxes on any payments due in connection with the Cloud Service(s) provided hereunder.
7. Warranty and DisclaimerTO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, TRANSMIT SECURITY AND ITS SUPPLIERS DISCLAIM ALL OTHER REPRESENTATIONS, WARRANTIES, TERMS AND CONDITIONS, WHETHER EXPRESS OR IMPLIED, REGARDING THE  CLOUD SERVICE, RELATED DOCUMENTATION OR INFORMATION, AND OTHER MATERIALS AND SERVICES, AND SPECIFICALLY DISCLAIM THE IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR PURPOSE, SATISFACTORY QUALITY, MERCHANTABLE QUALITY, NON-INFRINGEMENT AND THOSE ARISING FROM A COURSE OF PERFORMANCE, DEALING, USAGE OR TRADE. Customer acknowledges and agrees that Transmit Security’s approval of the User Interface and the exercise of its rights pursuant to Section 2(e) is not a representation or warranty regarding the legality or sufficiency of any End User notice provided and consent obtained or secured via or in connection with the Cloud Service. Approval by Transmit Security of the User Interface or any component or feature thereof cannot and should not be interpreted or construed as any statement or certification regarding the compliance of the process of providing notice or obtaining or securing End User consent to collect and process certain Personal Data via or in connection with the Cloud Service .  NOTWITHSTANDING ANYTHING IN THIS AGREEMENT TO THE CONTRARY, CUSTOMER ACKNOWLEDGES AND AGREES THAT TRANSMIT SECURITY IS NEITHER RESPONSIBLE NOR LIABLE FOR PROVIDING NOTICE OR OBTAINING OR SECURING END USER CONSENT FOR THE COLLECTION OR PROCESSING OF CERTAIN PERSONAL DATA MADE AVAILABLE VIA THE USER INTERFACE OR THAT THE FOREGOING COMPLIES WITH ANY LAW, RULE OR REGULATION.  TRANSMIT Security does not warrant that the functions contained in the Cloud Service, or in any update(s) to the Cloud Service, will meet Your requirements or that the operation of the Cloud Service will be uninterrupted or free from errors or other program limitations. 
8. Liability and Indemnity
   1. IN NO EVENT SHALL TRANSMIT SECURITY BE LIABLE FOR INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES, OR ANY PENALTIES, CLAIMS FOR LOST DATA, REVENUE, PROFITS, COSTS OF PROCUREMENT OR SUBSTITUTE GOODS OR SERVICES OR BUSINESS OPPORTUNITIES, ARISING OUT OF THIS AGREEMENT, OR ANY SCHEDULES, EXHIBITS, OR ADDENDA THERETO, UNDER ANY CAUSE OF ACTION OR THEORY OF LIABILITY, WHETHER IN CONTRACT OR IN TORT INCLUDING NEGLIGENCE, EVEN IF TRANSMIT SECURITY HAD BEEN ADVISED OF SUCH DAMAGES.
   2. EXCEPT AS EXPRESSLY STATED IN THIS PARAGRAPH, AND TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL TRANSMIT SECURITY’S AGGREGATE LIABILITY HEREUNDER FOR ANY CAUSE OF ACTION OR THEORY OF LIABILITY EXCEED THE AMOUNTS PAID BY YOU TO TRANSMIT SECURITY PURSUANT TO THE APPLICABLE ORDER FORM FOR WHICH THE CAUSE OF ACTION AROSE, DURING THE PRECEDING TWELVE (12) MONTH PERIOD PRIOR TO THE DATE THE CAUSE OF ACTION AROSE. THIS LIMIT ALSO APPLIES TO ANY OF TRANSMIT SECURITY’S AFFILIATES, SOFTWARE DEVELOPERS AND SUPPLIERS. IT IS THE MAXIMUM FOR WHICH TRANSMIT SECURITY AND ITS AFFILIATES, SOFTWARE DEVELOPERS, AND SUPPLIERS ARE COLLECTIVELY RESPONSIBLE.
   3. Customer will indemnify, defend and hold Transmit Security, its affiliates and its and their officers, directors, agents, and employees (“Transmit Indemnified Parties”) harmless from settlement amounts and damages, liabilities, penalties, costs and expenses (“Liabilities”) that are payable to any third party or incurred by the Transmit Indemnified Parties (including reasonable attorneys’ fees) arising from, directly or indirectly, any claim, demand or allegation by a third party or any investigation or other proceeding by a governmental authority (collectively, a “Claim”) (i) arising from Customer’s breach of Section 2(e) or (ii) any allegation that the process for providing notice or securing or obtaining End User consent for the collection or processing of Personal Data pursuant to this Agreement violates any law, rule or regulation.
   4. Customer’s indemnification obligations are subject to Transmit Security: (i) promptly notifying Customer in writing of any such Claim; (ii) providing assistance and information reasonably requested by Customer; and (iii) giving Customer full control over the defense and settlement of such Claim; provided that any compromise, resolution or settlement of such a Claim will require the prior written consent of both parties hereunder, such consent not to be unreasonably withheld or delayed.
   5. Transmit Security will indemnify, defend and hold Customer, its affiliates and its and their officers, directors, agents, and employees (“Customer Indemnified Parties”) harmless from Liabilities that are payable to any third party or incurred by the Transmit Indemnified Parties (including reasonable attorneys’ fees) arising from, directly or indirectly, any Claim alleging that that the Cloud Service used pursuant to this Agreement (and used within the scope of this Agreement) infringes a patent or copyright.
   6. Transmit Security’s indemnification obligation is subject to You: (i) promptly notifying Transmit Security in writing of any such Claim; (ii) providing assistance and information reasonably requested by Transmit Security; and (iii) giving Transmit Security full control over the defense and settlement of such Claim; provided that any compromise, resolution or settlement of such a Claim will require the prior written consent of both parties hereunder, such consent not to be unreasonably withheld or delayed.
   7. Transmit Security shall have no responsibility for a Claim pursuant to Section 8(c) to the extent that such Claim is caused by or results from any (i) use of the Cloud Services not in accordance with this Agreement or for purposes not intended by Transmit Security and not specifically licensed pursuant to this Agreement; (ii) use of the Cloud Services other than the latest unaltered and unmodified version of the Cloud Services as made available by Transmit Security to You as an update or upgrade or as approved by Transmit Security pursuant to Section 2(e); or (iii) any violation of law or third party rights caused by Your content, materials, designs or specifications.
9. Data ProtectionThe terms of the Data Protection Addendum found at https://www.transmitsecurity.com/legal/data-protection-addendum-for-cloud-services shall apply to the processing of Personal Data pursuant to this Agreement, and these terms shall be considered as incorporated into this Agreement by reference.
10. General
    1. Service Levels. Support and service level commitments, if applicable, are specified at: https://www.transmitsecurity.com//legal/support-and-service-level-agreement-for-cloud-services
    2. Successors and Assigns. This Agreement shall bind and inure to the benefit of each party’s permitted successors and assigns. Transmit Security may assign any of its rights or obligations to a parent or successor entity without Your consent.
    3. Evaluations. If You use a Cloud Service for proof of concept, beta testing, trial, evaluation, preview or other similar purpose (“Evaluations”), You may do so for thirty (30) days only, unless Transmit Security issues an extension. Transmit Security reserves the right to terminate Evaluations at any time. Evaluations are provided “AS IS” without warranties of any kind. Any Evaluation is excluded from available service level agreements and may not be supported. Any other limitations for Evaluations will be in accordance with the applicable Order Form.
    4. Governing Law.
       1. If You are located in North America or Japan, this Agreement shall be governed by and construed in accordance with the laws of the state of New York, U.S.A., excluding its conflict of laws principles. Any legal action or proceeding arising under this Agreement will be brought exclusively in the state or federal courts located in the State of New York.
       2. If You are located outside North America or Japan, this Agreement shall be governed by and construed in accordance with the laws of the State of Israel, and the sole and exclusive place of jurisdiction in any matter arising out of or in connection with this Agreement shall be the applicable courts in Tel Aviv.
       3. If You are located in Canada, any legal action or proceeding arising under this Agreement will be governed by and construed in accordance with the laws of British Columbia and the laws of Canada.
       4. The United Nations Convention on Contracts for the International Sale of Goods shall not apply
    5. Force Majeure. With the exception of payment obligations, neither party shall be liable to the other party for any delay or failure in performance, to the extent such delay or failure is due to causes beyond its control. These events include but are not limited to the following: acts of nature, acts of government, flood, fire, earthquakes, civil unrest, acts of terror, strikes or other labor problems.
    6. Severability and Waiver. If any provision of this Agreement is found invalid or unenforceable, that provision will be enforced to the maximum extent permissible so as to affect the intent of the parties and the remainder of this Agreement will remain in full force and effect. Neither party will be deemed to have waived any of its rights under this Agreement by lapse of time or by any statement or representation other than by an explicit written waiver. No waiver of a breach of this Agreement will constitute a waiver of any prior or subsequent breach of this Agreement.
    7. Survival. Sections regarding license restrictions, ownership rights, term and termination, limitations of liability, confidentiality, governing law and this General section shall survive the termination or expiration of this Agreement.
    8. Notices. All notices shall be in writing and delivered by overnight delivery service or by certified mail sent to the address published on the respective parties’ websites or the address specified on the relevant order document (attention: Legal Department), and in each instance will be deemed given upon receipt.