MASTER SERVICES AGREEMENT – REST OF THE WORLD (NON-US)

Chaque Bon de commande et SOW signé par le Client et spaceti s.r.o., une société à responsabilité limitée dont le siège social est situé au

Premyslovska 2845/43, Praha 3, 13000, République tchèque N° d'identification : 05137659 ("Spaceti") est soumis au présent contrat-cadre de service (le "Contrat"). DÉFINITIONS

"Affilié" désigne toute entité qui, directement ou indirectement, contrôle, est contrôlée par, ou est sous contrôle commun avec l'entité concernée. "Contrôle", aux fins de la présente définition, signifie la propriété ou le contrôle direct ou indirect de plus de 50 % des intérêts avec droit de vote de l'entité concernée.

" ServicesBêta " désigne les services ou fonctionnalités de Spaceti qui peuvent être mis à la disposition du Client pour qu'il les essaie à son gré sans frais supplémentaires et qui sont clairement désignés comme bêta, pilote, version limitée, aperçu pour développeurs, non-production, évaluation, ou par une description similaire.

"Client" désigne toute entité qui achète les Services, les Services professionnels ou le HW, tel que plus particulièrement détaillé dans le Bon de commande ou le SOW.

"Données du Client" désigne les données et informations électroniques soumises par ou pour le Client aux Services, à l'exclusion des Applications Non-Spaceti.

"Documentation" désigne la documentation relative à la description du produit du Service applicable dans le Bon de commande, la documentation relative à la sécurité et l'infrastructure et les sous-traitants secondaires (tous deux définis dans le DPA) ainsi que son guide d'utilisation et sa politique, tels que mis à jour de temps à autre, accessibles via la connexion au Service applicable.

"Services gratuits" désigne les Services que Spaceti met gratuitement à la disposition du Client. Les Services gratuits excluent les Services offerts en tant que Services achetés.

"Code malveillant" : code, fichiers, scripts, agents ou programmes destinés à nuire, y compris, par exemple, les virus, les vers, les bombes à retardement et les chevaux de Troie.

"Applicationnon-Spaceti " désigne une fonctionnalité d'application logicielle basée sur le Web, mobile, hors ligne ou autre qui interagit avec un Service, qui est fournie par le Client ou un tiers. Les Applications Non-Spaceti, autres que celles obtenues ou fournies par le Client, seront identifiables comme telles.

" Heures normales de travail " désigne la période comprise entre 9h00 et 18h00 en République tchèque un jour ouvrable, où l'on entend par jour ouvrable tout jour qui n'est pas un samedi, un dimanche ou un jour férié en République tchèque.

"Bon de commande" désigne un document de commande ou une commande en ligne spécifiant les Services et HW à fournir en vertu des présentes, conclu entre le Client et Spaceti ou l'un de leurs Affiliés, y compris les addenda et les suppléments y afférents. En concluant un Bon de commande en vertu des présentes, une Société affiliée accepte d'être liée par les termes du présent Accord comme si elle était une partie initiale aux présentes.

"Servicesachetés " désigne les Services que le Client ou l'Affilié du Client achète dans le cadre d'un Bon de commande ou d'un portail d'achat en ligne, à la différence des Services gratuits.

"Services" désigne les produits et services SW en ligne qui sont commandés par le Client dans le cadre d'un Bon de commande ou d'un portail d'achat en ligne, ou fournis au Client gratuitement (selon le cas) ou dans le cadre d'un essai gratuit, et mis à disposition en ligne par Spaceti, y compris les composants hors ligne ou mobiles Spaceti associés, comme décrit dans la Documentation. Les " Services " excluent le matériel informatique, les services professionnels et les applications non-Spaceti.

"SOW" désigne un énoncé des travaux décrivant les Services Professionnels à fournir en vertu des présentes, qui est conclu entre le Client et Spaceti ou l'une de ses Sociétés Affiliées ou qui est incorporé dans un Bon de Commande conclu entre le Client et Spaceti ou l'une de ses Sociétés Affiliées. En concluant un SOW en vertu des présentes, une Société affiliée accepte d'être liée par les termes du présent Accord comme si elle était une partie initiale aux présentes.

"Utilisateur" désigne, dans le cas d'une personne physique acceptant les présentes conditions pour son propre compte, cette personne physique ou, dans le cas d'une personne physique acceptant le présent Contrat pour le compte d'une société ou d'une autre entité juridique, une personne physique qui est autorisée par le Client à utiliser un Service, pour lequel le Client a acheté un abonnement (ou dans le cas de tout Service fourni par Spaceti sans frais, pour lequel un Service a été fourni), et à qui le Client (ou, le cas échéant, Spaceti à la demande du Client) a fourni un identifiant et un mot de passe (pour les Services utilisant l'authentification). Les Utilisateurs peuvent inclure, par exemple, les employés, les consultants, les entrepreneurs et les agents du Client ou des Sociétés affiliées du Client, ainsi que les tiers avec lesquels le Client ou la Société affiliée du Client effectue des transactions commerciales.

NONOBSTANT LA SECTION " DÉCLARATIONS, GARANTIES, RECOURS EXCLUSIFS ET DÉNIS DE RESPONSABILITÉ " ET LA SECTION " INDEMNISATION PAR SPACETI " CI-DESSOUS, LES SERVICES GRATUITS SONT FOURNIS " EN L'ÉTAT ", SANS AUCUNE GARANTIE ET SPACETI N'A AUCUNE OBLIGATION D'INDEMNISATION NI AUCUNE RESPONSABILITÉ DE QUELQUE NATURE QUE CE SOIT EN CE QUI CONCERNE LES SERVICES GRATUITS, À MOINS QU'UNE TELLE EXCLUSION DE RESPONSABILITÉ NE SOIT PAS APPLICABLE EN VERTU DE LA LOI EN VIGUEUR, AUQUEL CAS LA RESPONSABILITÉ DE SPACETI EN CE QUI CONCERNE LES SERVICES GRATUITS EST LIMITÉE. SANS AUCUNE GARANTIE ET SPACETI N'AURA AUCUNE OBLIGATION D'INDEMNISATION NI AUCUNE RESPONSABILITÉ DE QUELQUE TYPE QUE CE SOIT EN CE QUI CONCERNE LES SERVICES GRATUITS, À MOINS QUE CETTE EXCLUSION DE RESPONSABILITÉ NE SOIT PAS APPLICABLE EN VERTU DE LA LOI EN VIGUEUR, AUQUEL CAS LA RESPONSABILITÉ DE SPACETI EN CE QUI CONCERNE LES SERVICES GRATUITS NE DÉPASSERA PAS 1 000,00 $. SANS LIMITER CE QUI PRÉCÈDE, SPACETI, SES AFFILIÉS ET SES CONCÉDANTS NE DÉCLARENT NI NE GARANTISSENT AU CLIENT QUE : (A) L'UTILISATION DES SERVICES GRATUITS PAR LE CLIENT RÉPONDRA AUX EXIGENCES DU CLIENT, (B) L'UTILISATION DES SERVICES GRATUITS PAR LE CLIENT SERA ININTERROMPUE, OPPORTUNE, SÉCURISÉE OU EXEMPTE D'ERREUR, ET (C) LES DONNÉES D'UTILISATION FOURNIES PAR LES SERVICES GRATUITS SERONT EXACTES. NONOBSTANT TOUTE DISPOSITION CONTRAIRE DANS LA SECTION "LIMITATION DE RESPONSABILITÉ" CI-DESSOUS, LE CLIENT SERA ENTIÈREMENT RESPONSABLE EN VERTU DU PRÉSENT CONTRAT ENVERS SPACETI ET SES AFFILIÉS POUR TOUT DOMMAGE RÉSULTANT DE L'UTILISATION PAR LE CLIENT DES SERVICES GRATUITS, DE TOUTE VIOLATION DU PRÉSENT CONTRAT PAR LE CLIENT ET DE TOUTE OBLIGATION D'INDEMNISATION DU CLIENT EN VERTU DES PRÉSENTES.

(c) les Services fonctionneront matériellement conformément à la Documentation applicable, et (d) sous réserve de la section " Intégration avec des applications non-Spaceti " ci-dessus, Spaceti ne diminuera pas matériellement la fonctionnalité globale des Services. Pour toute violation d'une garantie ci-dessus, les recours exclusifs du Client sont ceux décrits dans les sections " Résiliation " et " Remboursement ou paiement en cas de résiliation " ci-dessous.

quelle qu'en soit la cause et que ces pertes soient prévisibles ou non, même si cette partie ou sa société affiliée a été informée (ou est autrement consciente) de la possibilité de telles pertes à l'avance.

Pièce A - Addendum sur le traitement des données

   

Pièce à conviction A

ADDENDUM AU TRAITEMENT DES DONNÉES

(Révision août 2019)

Le présent avenant relatif au traitement des données, y compris ses annexes, ("APD") fait partie du Contrat cadre de services entre Spaceti et le Client pour l'achat de services auprès de Spaceti (le "Contrat") afin de refléter l'accord des parties concernant le traitement des données personnelles.

Tous les termes en majuscules qui ne sont pas définis dans le présent document ont la signification qui leur est donnée dans l'Accord.

Dans le cadre de la fourniture des Services au Client conformément à l'Accord, Spaceti peut traiter des Données personnelles pour le compte du Client et les Parties conviennent de se conformer aux dispositions suivantes en ce qui concerne toutes les Données personnelles, chacune agissant raisonnablement et de bonne foi :

"Contrôleur" désigne l'entité qui détermine les finalités et les moyens du Traitement des Données à caractère personnel.

"Lois et règlements relatifs à la protection des données" désigne l'ensemble des lois et règlements, y compris les lois et règlements de l'Union européenne, de l'Espace économique européen et de leurs États membres, de la Suisse et du Royaume-Uni, applicables au Traitement des données personnelles en vertu de l'Accord.

"Personne concernée" désigne la personne identifiée ou identifiable à laquelle se rapportent les Données personnelles.

"GDPR" désigne le Règlement (UE) 2016/679 du Parlement européen et du Conseil du 27 avril 2016 relatif à la protection des personnes physiques à l'égard du traitement des données à caractère personnel et à la libre circulation de ces données, et abrogeant la directive 95/46/CE (Règlement général sur la protection des données).

"Données personnelles" désigne toute information relative (i) à une personne physique identifiée ou identifiable et, (ii) à une personne morale identifiée ou identifiable (lorsque ces informations sont protégées de manière similaire en tant que données personnelles ou informations personnellement identifiables en vertu des Lois et Règlements applicables en matière de protection des données), où pour chaque (i) ou (ii), ces données sont des Données du Client.

"Traitement" désigne toute opération ou tout ensemble d'opérations effectuées ou non à l'aide de procédés automatisés et appliquées à des Données à caractère personnel, telles que la collecte, l'enregistrement, l'organisation, la structuration, la conservation, l'adaptation ou la modification, l'extraction, la consultation, l'utilisation, la communication par transmission, la diffusion ou toute autre forme de mise à disposition, le rapprochement ou la combinaison, la limitation, l'effacement ou la destruction.

"Processeur" désigne l'entité qui traite les Données à caractère personnel pour le compte du Contrôleur.

La "Documentation de sécurité" désigne la Documentation de sécurité applicable aux Services spécifiques achetés par le Client, telle que mise à jour de temps à autre, et accessible via la connexion au Service applicable, ou telle qu'autrement rendue raisonnablement disponible par Spaceti. La Documentation de sécurité à la Date d'entrée en vigueur est jointe en Annexe 2 au présent DPA.

"Groupe Spaceti" désigne Spaceti et ses sociétés affiliées engagées dans le Traitement des données personnelles.

"Sous-traitant" désigne tout sous-traitant engagé par Spaceti ou un membre du Groupe Spaceti.

"Autorité de surveillance" désigne une autorité publique indépendante qui est établie par un État membre de l'UE conformément au GDPR.

Spaceti notifiera le Client sans délai indu après avoir pris connaissance de la destruction, de la perte, de l'altération, de la divulgation non autorisée ou de l'accès accidentel ou illégal aux Données du Client, y compris les Données Personnelles, transmises, stockées ou autrement traitées par Spaceti ou ses Sous-Traitants, dont Spaceti prend connaissance (un "Incident concernant les Données du Client"). Spaceti fera des efforts raisonnables pour identifier la cause d'un tel Incident relatif aux Données du Client et prendra les mesures que Spaceti jugera nécessaires et raisonnables afin de remédier à la cause d'un tel Incident relatif aux Données du Client dans la mesure où la remédiation est sous le contrôle raisonnable de Spaceti. Les obligations des présentes ne s'appliquent pas aux incidents causés par le Client ou les Utilisateurs du Client.

La procédure est définie à la section 2.2 de l'accord.

Spaceti veillera à ce que le transfert des Données à caractère personnel qui font l'objet d'un Traitement ou qui sont destinées à être traitées après le transfert vers un pays tiers n'ait lieu que si ce transfert répond aux conditions décrites dans le GDPR, notamment au chapitre V.

Liste des horaires

Annexe 1 : Détails du traitement

Annexe 2 : Documentation de sécurité (à la date d'entrée en vigueur)

Annexe 3 : Infrastructure Spaceti et Sous-Traitants (à la Date d'Entrée en Vigueur)

ANNEXE 1 - DÉTAILS DU TRAITEMENT

Nature et finalité du traitement

Spaceti traitera les Données Personnelles nécessaires à l'exécution des Services ou des Services Professionnels conformément au Contrat, comme spécifié plus en détail dans la Documentation, et comme indiqué plus en détail par le Client dans son utilisation des Services ou des Services Professionnels.

Durée du traitement

Sous réserve de la section 8 du RGPD, Spaceti traitera les données personnelles pendant toute la durée du contrat, sauf accord écrit contraire.

Catégories de personnes concernées

Le Client peut soumettre des Données personnelles aux Services, dont l'étendue est déterminée et contrôlée par le Client à sa seule discrétion, et qui peuvent inclure, sans s'y limiter, des Données personnelles relatives aux catégories de personnes concernées suivantes :

Type de données personnelles

Le Client peut soumettre des Données personnelles aux Services, dont l'étendue est déterminée et contrôlée par le Client à sa seule discrétion, et qui peuvent inclure, sans s'y limiter, les catégories suivantes de Données personnelles :

ANNEXE 2 - DOCUMENTATION SUR LA SÉCURITÉ

(à la date d'entrée en vigueur)

Spaceti a mis en œuvre les mesures de sécurité techniques et organisationnelles suivantes pour assurer la confidentialité, l'intégrité, la disponibilité et la résilience continues des systèmes et services de traitement :

  • Confidentialité

Spaceti a mis en œuvre les mesures de sécurité techniques et organisationnelles suivantes pour protéger la confidentialité des systèmes et services de traitement, en particulier :

  • Spaceti traite toutes les données des clients sur des sites de serveurs distants détenus et exploités par des fournisseurs de services en nuage leaders du secteur, qui offrent des mesures hautement sophistiquées pour protéger l'accès des personnes non autorisées aux équipements de traitement des données (à savoir les téléphones, les serveurs de bases de données et d'applications et le matériel connexe). Ces mesures comprennent :
  • un modèle de sécurité à plusieurs niveaux, comprenant des mesures de protection telles que des cartes d'accès électroniques personnalisées, des alarmes, des barrières d'accès aux véhicules, des clôtures de périmètre, des détecteurs de métaux et des dispositifs biométriques. Le centre de données est équipé d'un système de détection des intrusions par faisceau laser ;
  • Les centres de données sont surveillés 24 heures sur 24 et 7 jours sur 7 par des caméras intérieures et extérieures à haute résolution qui peuvent détecter et suivre les intrus ;
  • les journaux d'accès, les relevés d'activité et les images des caméras sont disponibles en cas d'incident ;
  • Les centres de données sont aussi régulièrement patrouillés par des agents de sécurité expérimentés qui ont suivi une formation et une vérification rigoureuse de leurs antécédents ;
  • l'accès à l'étage du centre de données n'est possible que par un couloir de sécurité qui met en œuvre un contrôle d'accès multifactoriel utilisant des badges de sécurité et des données biométriques ;
  • seuls les employés agréés ayant des rôles spécifiques peuvent y accéder.
  • Spaceti met en œuvre des mesures appropriées pour éviter que ses systèmes de traitement des données ne soient utilisés par des personnes non autorisées. Ceci est réalisé par :
  • arrêt automatique du terminal utilisateur s'il reste inactif, identification et mot de passe requis pour le rouvrir ;
  • l'émission et la conservation des codes d'identification ;
  • permettant aux clients de définir des comptes d'utilisateurs individuels avec des permissions sur les ressources Spaceti ;
  • Les employés de Spaceti habilités à utiliser ses systèmes de traitement des données ne peuvent accéder aux données personnelles que dans le cadre et la mesure de leur permission d'accès (autorisation) respective. En particulier, les droits et niveaux d'accès sont basés sur la fonction et le rôle de l'employé, en utilisant les concepts de moindre privilège et de besoin de savoir pour faire correspondre les privilèges d'accès aux responsabilités définies. Pour ce faire, il faut
  • limiter l'accès aux données personnelles aux seules personnes autorisées ;
  • un cryptage conforme aux normes de l'industrie ; et
  • Intégrité

Spaceti a mis en place les mesures de sécurité techniques et organisationnelles suivantes pour protéger l'intégrité des systèmes et services de traitement, en particulier :

  • Spaceti met en œuvre des mesures appropriées pour empêcher que les Données Personnelles soient lues, copiées, modifiées ou supprimées par des parties non autorisées pendant leur transmission ou pendant le transport des supports de données. Ceci est réalisé par :
  • utilisation de technologies de pointe en matière de pare-feu et de cryptage pour protéger les passerelles et les pipelines par lesquels transitent les données ;
  • un cryptage conforme aux normes de l'industrie ; et
  • éviter le stockage des données personnelles sur des supports de stockage portables à des fins de transport et sur les ordinateurs portables ou autres appareils mobiles fournis par l'entreprise.
  • Spaceti n'accède pas au contenu des clients, sauf si cela est nécessaire pour fournir à ce client les produits et services professionnels Spaceti qu'il a choisis. Spaceti n'accède pas au contenu des clients à d'autres fins. Par conséquent, Spaceti ne sait pas quel contenu les clients choisissent de stocker sur ses systèmes et ne peut pas faire la distinction entre les Données Personnelles et les autres contenus, donc Spaceti traite les Données Client de la même manière. De cette façon, les Données du Client bénéficient des mêmes mesures de sécurité robustes de Spaceti, que ce contenu comprenne ou non des Données Personnelles.
  • Disponibilité

Spaceti a mis en œuvre les mesures de sécurité techniques et organisationnelles suivantes pour protéger la disponibilité des systèmes et services de traitement, en particulier :

  • Spaceti met en œuvre des mesures appropriées pour assurer que les données personnelles sont protégées contre la destruction ou la perte accidentelle. Ceci est accompli par :
  • la redondance de l'infrastructure ;
  • des politiques interdisant le stockage local permanent (poste de travail) des données personnelles ; et
  • effectuer des sauvegardes régulières des données.

Spaceti a mis en œuvre les mesures de sécurité techniques et organisationnelles suivantes pour protéger la résilience des systèmes et services de traitement, en particulier :

SOUS-ANNEXE 3

Infrastructure et sous-processeurs de Spaceti

(à la date d'entrée en vigueur)

Portée

Cette documentation décrit l'environnement de l'infrastructure, les sous-traitants secondaires et certaines autres entités importantes pour la fourniture des Services par Spaceti.

Les termes en majuscules utilisés dans cette documentation sont définis dans le Contrat cadre de services de Spaceti et/ou l'Addendum sur le traitement des données. En cas de conflit, la définition de l'addenda relatif au traitement des données prévaudra.

Infrastructure - Stockage des données personnelles

Le tableau suivant décrit les pays et les entités juridiques engagés dans le stockage des Données Personnelles soumises par les clients aux Services.

Entité Type d'entité Pays
Amazon Web Services, Inc. Fournisseur d'hébergement tiers
  • Allemagne
Heroku Fournisseur d'hébergement tiers
  • Irlande
  • USA

Traitement des données personnelles

Les entités juridiques suivantes sont engagées dans le traitement des données personnelles à des fins autres que le stockage.

Nom de l'entité Type d'entité Entité Pays
spaceti s.r.o. Siège de Spaceti
  • République tchèque

Fournisseurs de réseaux

Les Services peuvent utiliser des fournisseurs de réseau pour fournir les Services, à des fins de sécurité, pour prendre en charge l'authentification des utilisateurs et pour optimiser la diffusion du contenu (les "Fournisseurs de réseau"). Spaceti utilise des Fournisseurs de réseau pour fournir des capacités de réseau privé et également pour fournir des services de Réseau de diffusion de contenu (le "CDN"). Les CDN sont des systèmes de services distribués couramment utilisés qui fournissent du contenu en fonction de l'emplacement géographique de la personne qui accède au contenu et de l'origine du fournisseur de contenu. Les éléments de contenu à servir aux abonnés ou aux utilisateurs finaux, tels que les images ou les pièces jointes téléchargées sur les Services, peuvent être stockés auprès d'un CDN afin d'accélérer la transmission, et les informations transmises par le biais d'un CDN peuvent être consultées par le CDN afin de permettre ses fonctions. Les paragraphes suivants décrivent l'utilisation des fournisseurs de réseau par les services :

Fournisseur de réseau utilisé Localisation Description des services
Google Global Spaceti peut utiliser les services CDN de Google Firebase pour fournir les Services et optimiser la diffusion du contenu via les Services.
Vodafone Global Spaceti peut utiliser Vodafone pour fournir les Services afin de permettre une communication plus privée entre les capteurs utilisés pour la fourniture des Services en créant un réseau privé.

Les clients de Spaceti peuvent s'abonner aux notifications de nouveaux sous-traitants secondaires en envoyant un e-mail à legal@spaceti.com.

_______________________________________________________________________________________________________________________________________

MASTER SERVICES AGREEMENT – NORTH AMERICA

Customer Full Legal Name:
Customer Address:

 

This Master Services Agreement is between Spaceti Ltd. a limited liability company having its registered office at in the State of Delaware (“SPACETI”) and the customer named above.  This Agreement is effective as of the last date beneath the parties’ signatures below or the last date of the parties’ signatures on the Order Form or SOW where these terms are incorporated (the “Effective Date”).  The parties agree as follows:

1.          DEFINITIONS

Affiliate” means any entity that directly or indirectly controls, is controlled by, or is under common control with the subject entity. “Control,” for purposes of this definition, means direct or indirect ownership or control of more than 50% of the voting interests of the subject entity.

Agreement” means this Master Services Agreement.

Beta Services” means SPACETI services or functionality that may be made available to Customer to try at its option at no additional charge which is clearly designated as beta, pilot, limited release, developer preview, non-production, evaluation, or by a similar description.

Customer” means the entity named above and Affiliates of that company or entity (for so long as they remain Affiliates) which have entered into Order Forms.

Customer Data” means electronic data and information submitted by or for Customer to the Services, excluding Non-SPACETI Applications.

Documentation” means the applicable Service’s product description documentation in the Order Form, Security Documentation and Infrastructure and Sub-processors (both as defined in the DPA) and its usage guide and policy, as updated from time to time, accessible via login to the applicable Service.

Free Services” means Services that SPACETI makes available to Customer free of charge. Free Services exclude Services offered as Purchased Services.

Malicious Code” means code, files, scripts, agents or programs intended to do harm, including, for example, viruses, worms, time bombs and Trojan horses.

Non-Spaceti Application” means a Web-based, mobile, offline or other software application functionality that interoperates with a Service, that is provided by Customer or a third party. Non-Spaceti Applications, other than those obtained or provided by Customer, will be identifiable as such.

“Normal Working Hours” means the time between 9:00 AM and 6:00 PM in New York City, USA on a Business Day where Business Day means any day that is not a Saturday, Sunday or public holiday in the United States of America.

Order Form” means an ordering document or online order specifying the Services and Hardware to be provided hereunder that is entered into between Customer and SPACETI or any of their Affiliates, including any addenda and supplements thereto. By entering into an Order Form hereunder, an Affiliate agrees to be bound by the terms of this Agreement as if it were an original party hereto.

Purchased Services” means Services that Customer or Customer’s Affiliate purchases under an Order Form or online purchasing portal, as distinguished from Free Services.

Services” means the online SW products and services that are ordered by Customer under an Order Form or online purchasing portal, or provided to Customer free of charge (as applicable) or under a free trial, and made available online by SPACETI, including associated SPACETI offline or mobile components, as described in the Documentation. “Services” exclude Hardware, Professional Services and Non-Spaceti Applications.

Professional Services” refer to the pre-sale and post-sale support, installation/ implementation, trainings, warranty and post-warranty servicing, maintenance, technical services including but not limited to certain analysis, floor plan digitalization, product modifications/enhancement, technical consulting support provided by SPACETI to Customer under terms specified in an Order Form or SOW and this Agreement.

SOW” means a Statement of Work describing Professional Services to be provided hereunder, that is entered into between Customer and SPACETI or any of their Affiliates or which is incorporated into an Order Form that is entered into between Customer and SPACETI or any of their Affiliates. By entering into a SOW hereunder, an Affiliate agrees to be bound by the terms of this Agreement as if it were an original party hereto.

User” means, in the case of an individual accepting these terms on his or her own behalf, such individual, or, in the case of an individual accepting this Agreement on behalf of a company or other legal entity, an individual who is authorized by Customer to use a Service, for whom Customer has purchased a subscription (or in the case of any Services provided by SPACETI without charge, for whom a Service has been provisioned), and to whom Customer (or, when applicable, SPACETI at Customer’s request) has supplied a user identification and password (for Services utilizing authentication). Users may include, for example, employees, consultants, contractors and agents of Customer or Customer Affiliates, and third parties with which Customer or Customer Affiliate transacts business.

2.          SPACETI RESPONSIBILITIES

  1. Provision of Purchased Services. SPACETI will (a) make the Services available to Customer pursuant to this Agreement, and the applicable Order Forms, SOWs and Documentation, (b) provide applicable SPACETI standard support for the Purchased Services to Customer at no additional charge, and/or upgraded support if purchased, (c) use commercially reasonable efforts to make the Purchased Services available 24 hours a day, 7 days a week, except for: (i) planned downtime (of which SPACETI shall give advance electronic notice), and (ii) any unavailability caused by circumstances beyond SPACETI’s reasonable control, such as act of Force Majeure, Internet connection failure or delay, Non-Spaceti Application, or denial of service attack, and (d) provide the Services in accordance with laws and government regulations applicable to SPACETI’s provision of its Services to its customers generally, and subject to Customer’s use of the Services in accordance with this Agreement, the Documentation and the applicable Order Form or SOW.
  2. Protection of Customer SPACETI will maintain appropriate administrative, physical, and technical safeguards for protection of the security, confidentiality and integrity of Customer Data, as described in the Documentation. Those safeguards will include, but will not be limited to, measures designed to prevent unauthorized access to or disclosure of Customer Data (other than by Customer or Users). The data processing addendum is attached as Exhibit A (the “DPA”) and shall apply to the extent Customer Data includes Personal Data, as defined in the DPA. Upon request by Customer made within 30 days after the effective date of termination or expiration of this Agreement, SPACETI will make Customer Data available to Customer for export or download in commonly-readable format. After such 30-day period, SPACETI will have no obligation to maintain or provide any Customer Data, will thereafter delete all copies of Customer Data in its systems or otherwise in its possession or control, unless legally prohibited.
  3. SPACETI Personnel. SPACETI will be responsible for the performance of its personnel (including its employees and contractors) and their compliance with SPACETI’s obligations under this Agreement.
  4. Beta Services. From time to time, SPACETI may make Beta Services available to Customer at no charge. Customer may choose to try such Beta Services or not in its sole discretion. Beta Services are intended for evaluation purposes and not for production use, are not supported, and may be subject to additional terms. Beta Services are not considered “Services” under this Agreement, however, all restrictions, SPACETI’s reservation of rights and Customer obligations concerning the Services, and use of any related Non-Spaceti Applications, shall apply equally to Customer’s use of Beta Services. Unless otherwise stated, any Beta Services trial period will expire upon the earlier of one year from the trial start date or the date that a version of the Beta Services becomes generally available without the applicable Beta Services designation. SPACETI may discontinue Beta Services at any time in SPACETI’s sole discretion and may never make them generally available. SPACETI will have no liability for any harm or damage arising out of or in connection with a Beta Service.
  5. Free SPACETI may make Free Services available to Customer. Use of Free Services is subject to the terms and conditions of this Agreement. In the event of a conflict between this section and any other portion of this Agreement, this section shall control. Free Services are provided to Customer without charge up to certain limits as described in the Documentation or Order Form. Usage over these limits requires Customer’s purchase of additional resources or services. Customer agrees that SPACETI, in its sole discretion and for any or no reason, may terminate Customer’s access to the Free Services or any part thereof. Customer agrees that any termination of Customer’s access to the Free Services may be without prior notice, and Customer agrees that SPACETI will not be liable to Customer or any third party for such termination. Customer is solely responsible for exporting Customer Data from the Free Services prior to termination of Customer’s access to the Free Services for any reason, provided that if SPACETI terminates Customer’s account, except as required by law, SPACETI will provide Customer a reasonable opportunity to retrieve its Customer Data.
    NOTWITHSTANDING THE “REPRESENTATIONS, WARRANTIES, EXCLUSIVE REMEDIES AND DISCLAIMERS” SECTION AND “INDEMNIFICATION BY SPACETI” SECTION BELOW, THE FREE SERVICES ARE PROVIDED “AS-IS” WITHOUT ANY WARRANTY AND SPACETI SHALL HAVE NO INDEMNIFICATION OBLIGATIONS NOR LIABILITY OF ANY TYPE WITH RESPECT TO THE FREE SERVICES UNLESS SUCH EXCLUSION OF LIABILITY IS NOT ENFORCEABLE UNDER APPLICABLE LAW IN WHICH CASE SPACETI’S LIABILITY WITH RESPECT TO THE FREE SERVICES SHALL NOT EXCEED $1,000.00. WITHOUT LIMITING THE FOREGOING, SPACETI AND ITS AFFILIATES AND ITS LICENSORS DO NOT REPRESENT OR WARRANT TO CUSTOMER THAT: (A) CUSTOMER’S USE OF THE FREE SERVICES WILL MEET CUSTOMER’S REQUIREMENTS, (B) CUSTOMER’S USE OF THE FREE SERVICES WILL BE UNINTERRUPTED, TIMELY, SECURE OR FREE FROM ERROR, AND (C) USAGE DATA PROVIDED THROUGH THE FREE SERVICES WILL BE ACCURATE. NOTWITHSTANDING ANYTHING TO THE CONTRARY IN THE “LIMITATION OF LIABILITY” SECTION BELOW, CUSTOMER SHALL BE FULLY LIABLE UNDER THIS AGREEMENT TO SPACETI AND ITS AFFILIATES FOR ANY DAMAGES ARISING OUT OF CUSTOMER’S USE OF THE FREE SERVICES, ANY BREACH OF THIS AGREEMENT BY CUSTOMER AND ANY OF CUSTOMER’S INDEMNIFICATION OBLIGATIONS HEREUNDER.

3.          USE OF SERVICES

  1. Subscriptions. Unless otherwise provided in the applicable Order Form or Documentation, (a) Purchased Services are purchased as subscriptions for the term stated in the applicable Order Form or in the applicable online purchasing portal, (b) subscriptions for Purchased Services may be added during a subscription term at the same pricing as the underlying subscription pricing, prorated for the portion of that subscription term remaining at the time the subscriptions are added, and (c) any added subscriptions will terminate on the same date as the underlying subscriptions. Customer agrees that its purchases are not contingent on the delivery of any future functionality or features, or dependent on any oral or written public comments made by SPACETI regarding future functionality or features.
  2. Usage Limits. Services are subject to usage limits specified in Order Forms and Documentation. If Customer exceeds a contractual usage limit, SPACETI may work with Customer to seek to reduce Customer’s usage so that it conforms to that limit. If, notwithstanding SPACETI’s efforts, Customer is unable or unwilling to abide by a contractual usage limit, Customer will execute an Order Form for additional quantities of the applicable Services promptly upon SPACETI’s request, and/or pay any invoice for excess usage in accordance with the “Invoicing and Payment” section below.
  3. Customer Responsibilities. Customer will (a) be responsible for Users’ compliance with this Agreement, Documentation and Order Forms, (b) be responsible for the accuracy, quality and legality of Customer Data, the means by which Customer acquired Customer Data, Customer’s use of Customer Data with the Services, and the interoperation of any Non-Spaceti Applications with which Customer uses Services, (c) use commercially reasonable efforts to prevent unauthorized access to or use of Services, and notify SPACETI promptly of any such unauthorized access or use, (d) use Services only in accordance with this Agreement, Documentation, Order Forms and applicable laws and government regulations, and (e) comply with terms of service of any Non-SPACETI Applications with which Customer uses Services. Any use of the Services in breach of the foregoing by Customer or Users that in SPACETI’s judgment threatens the security, integrity or availability of SPACETI’s services, may result in SPACETI’s immediate suspension of the Services, however SPACETI will use commercially reasonable efforts under the circumstances to provide Customer with notice and an opportunity to remedy such violation or threat prior to any such suspension.
  4. Usage Restrictions. Customer will not (a) make any Service available to anyone other than Customer or Users, or use any Service for the benefit of anyone other than Customer or its Affiliates, unless expressly stated otherwise in an Order Form or the Documentation, (b) sell, resell, license, sublicense, distribute, make available, rent or lease any Service, or include any Service in a service bureau or outsourcing offering, (c) use a Service or Non-Spaceti Application to store or transmit infringing, libelous, or otherwise unlawful or tortious material, or to store or transmit material in violation of third-party privacy rights, (d) use a Service or Non-Spaceti Application to store or transmit Malicious Code, (e) interfere with or disrupt the integrity or performance of any Service or third-party data contained therein, (f) attempt to gain unauthorized access to any Service or its related systems or networks, (g) permit direct or indirect access to or use of any Services in a way that circumvents a contractual usage limit, or use any Services to access or use any of SPACETI intellectual property except as permitted under this Agreement, an Order Form, or the Documentation, (h) modify, copy, or create derivative works based on a Service or any part, feature, function or user interface thereof, (i) frame or mirror any part of any Service, other than framing on Customer’s own intranets or otherwise for its own internal business purposes or as permitted in the Documentation, (j) except to the extent permitted by applicable law, disassemble, reverse engineer, or decompile a Service or access it to (j1) build a competitive product or service, (j2) build a product or service using similar ideas, features, functions or graphics of the Service, (j3) copy any ideas, features, functions or graphics of the Service, or (4) determine whether the Services are within the scope of any patent.

4.          PROFESSIONAL SERVICES AND HARDWARE SALES

  1. Professional Services description. Customer may request from SPACETI provision of Professional Services. SPACETI will make available to Customer an appropriately trained employee or contractor to carry out such Professional Services as are mutually agreed between the parties in an Order Form or SOW. Such SPACETI resource shall be provided during Normal Working Hours (unless otherwise specifically agreed in a SOW) on the number of Workdays agreed in the Order Form or SOW. For the purpose of this section 4, a “Workday” means 8 Normal Working Hours.
  2. Order Form, Statement of Work. If Customer wishes to purchase any Professional Services, the parties may agree to mutually execute one or more separate Order Forms or SOWs specifying the scope of Professional Services, prerequisites for successful and timely delivery thereof, fees and payment terms and other relevant terms and conditions. Unless otherwise identified in an Order Form or SOW, all Professional Services must be used within the first subscription term or applicable renewal period. Any portion of the Professional Services not used within such period will be automatically forfeited, with no further action required of either party, and Customer will not be entitled to any fees’ refund or credit for any prepaid but unused fees. Customer may not apply any portion of any unused Professional Services or fees paid, for any products or services other than those stated in the Order Form or SOW.
  3. Professional Services warranty. SPACETI shall provide the Professional Services with reasonable skill and care and in accordance with generally recognized commercial practices and standards and in accordance with the Order Form or SOW. This warranty is exclusive and in lieu of all other warranties and conditions, whether express or implied. No implied conditions, warranties or other terms apply (including any implied terms as to satisfactory quality, fitness for purpose or conformance with description). SPACETI will re-perform Professional Services to remedy any breach of warranty. Customer must make any claim under the foregoing warranty to SPACETI in writing within ninety (90) days of performance of such Professional Services in order to receive warranty remedies.
  4. Change of Order. If either party requests a change to the scope or execution of the Professional Services SPACETI shall, within a reasonable time, provide a written estimate to the Customer of: (a) the likely time required to implement the change; (b) any necessary variations to SPACETI’s charges arising from the change; and (c) any other impact of the change on this Agreement and the applicable SOW. If the Customer wishes SPACETI to proceed with the change, SPACETI has no obligation to do so unless and until the parties have agreed in writing to all of the necessary variations to its charges, the Professional Services or SOW and any other relevant terms of this Agreement to take account of the change. Notwithstanding the foregoing, SPACETI may, from time to time on reasonable notice, change the Professional Services in order to comply with any applicable regulatory or statutory requirements, provided that such changes do not materially affect the nature, scope of, or the charges for the Professional Services or materially adversely affect the Customer.
  5. Delivery location. SPACETI shall deliver all Professional Services from SPACETI’s offices unless otherwise mutually agreed between the parties. If any SPACETI resource is required to travel to Customer’s premises or any other third party premises to deliver the Professional Services to Customer, Customer shall be responsible for SPACETI’s reasonable expenses.
  6. Subcontractors. SPACETI may, in its reasonable discretion, use subcontractors to perform any of its obligations hereunder. SPACETI will be responsible for the performance of Professional Services by its personnel (including employees and contractors) and their compliance with SPACETI’s obligations under this Agreement.
  7. Hardware. If SPACETI is selling any goods to use it with Services (the “Hardware”), the list and price of such products is in the applicable Order Form and the detailed description of SPACETI’s performance, detailed specification, characteristics and parameters of sold items, the conditions and the method of warranty service provided and the demands on Customer’s cooperation are set out in the Order Form.

5.          NON-SPACETI PRODUCTS AND SERVICES

  1. Integration with Non-Spaceti Applications. The Services may contain features designed to interoperate with Non-Spaceti Applications. Spaceti cannot guarantee the continued availability of such Service features, and may cease providing them without entitling Customer to any refund, credit, or other compensation, if for example and without limitation, the provider of a Non- Spaceti Application ceases to make the Non-Spaceti Application available for interoperation with the corresponding Service features in a manner acceptable to Spaceti.

6.          FEES AND PAYMENT

  1. Fees. Customer will pay all fees specified in the Order Forms or SOWs. Except as otherwise specified herein or in an Order Form or SOW, (i) fees are based on Services subscription, Professional Services, or Hardware purchased and not actual usage, (ii) payment obligations are non-cancelable and fees paid are non-refundable, and (iii) quantities of Services subscription purchased cannot be decreased during the relevant subscription term.
  2. Invoicing and Payment. Customer will provide SPACETI with a valid purchase order or alternative document reasonably acceptable to SPACETI. SPACETI will invoice Customer in advance and otherwise in accordance with the relevant Order Form or SOW. Unless otherwise stated in the Order Form or SOW, invoiced fees are due net fourteen (14) days from the invoice Customer is responsible for providing complete and accurate billing and contact information to SPACETI and notifying SPACETI of any changes to such information.
  3. Late payment. If Customer fails to pay to SPACETI any invoiced amount by the due date, Customer shall pay to SPACETI the late payment interest of 0.05% (five hundredths of a percent) of the outstanding amount for each commenced day of such default and/or (b) SPACETI may condition future subscription renewals and Order Forms or SOWs on payment terms shorter than those specified in the “Invoicing and Payment” section above.
  4. Suspension of Service and Acceleration. If any payment owed by Customer under this or any other agreement for services is thirty (30) days or more overdue, SPACETI may, without limiting its other rights and remedies, accelerate Customer’s unpaid fee obligations under such agreements so that all such obligations become immediately due and payable, and suspend Services, Professional Services or Hardware delivery until such amounts are paid in full, provided that SPACETI will give Customer at least 10 days’ prior notice that its account is overdue, in accordance with the “Notices” section below for billing notices, before suspending services to Customer.
  5. Payment Disputes. SPACETI will not exercise its rights under the “Overdue Charges” or “Suspension of Service” section above if Customer is disputing the applicable charges reasonably and in good faith and is cooperating diligently to resolve the dispute.
  6. Taxes. SPACETI’s fees do not include any taxes, levies, duties or similar governmental assessments of any nature, including, for example, value-added, sales, use or withholding taxes, assessable by any jurisdiction whatsoever (collectively, “Taxes”). Customer is responsible for paying all Taxes associated with its purchases hereunder. If SPACETI has the legal obligation to pay or collect Taxes for which Customer is responsible under this section, SPACETI will invoice Customer and Customer will pay that amount unless Customer provides SPACETI with a valid tax exemption certificate authorized by the appropriate taxing authority. For clarity, SPACETI is solely responsible for taxes assessable against it based on its income, property and employees.

7.          PROPRIETARY RIGHTS AND LICENSES

  1. Reservation of Rights. Subject to the limited rights expressly granted hereunder, SPACETI and its Affiliates reserve all of their right, title and interest in and to the Services, including all of their related intellectual property rights. No rights are granted to Customer hereunder other than as expressly set forth herein.
  2. License by Customer to SPACETI. Customer grants SPACETI, its Affiliates and applicable contractors a worldwide, limited-term license to host, copy, use, transmit, and display Customer Data, as appropriate for SPACETI to provide and ensure proper operation of, the Services and associated systems in accordance with this Agreement. Subject to the limited licenses granted herein, SPACETI acquires no right, title or interest from Customer or its licensors under this Agreement in or to any Customer Data.
  3. License by Customer to Use Feedback. Customer grants to SPACETI and its Affiliates a worldwide, perpetual, irrevocable, royalty- free license to use and incorporate into its services any suggestion, enhancement request, recommendation, correction or other feedback provided by Customer or Users relating to the operation of SPACETI’s or its Affiliates’ services.

8.          CONFIDENTIALITY

  1. Definition of Confidential Information. “Confidential Information” means all information disclosed by a party (“Disclosing Party”) to the other party (“Receiving Party”), whether orally or in writing, that is designated as confidential or that reasonably should be understood to be confidential given the nature of the information and the circumstances of disclosure. Confidential Information of Customer includes Customer Data; Confidential Information of SPACETI includes the Services, and the terms and conditions of this Agreement and all Order Forms (including pricing). Confidential Information of each party includes business and marketing plans, technology and technical information, product plans and designs, and business processes disclosed by such party. However, Confidential Information does not include any information that (i) is or becomes generally known to the public without breach of any obligation owed to the Disclosing Party, (ii) was known to the Receiving Party prior to its disclosure by the Disclosing Party without breach of any obligation owed to the Disclosing Party, (iii) is received from a third party without breach of any obligation owed to the Disclosing Party, or (iv) was independently developed by the Receiving For the avoidance of doubt, the non-disclosure obligations set forth in this “Confidentiality” section apply to Confidential Information exchanged between the parties in connection with the evaluation of additional SPACETI services.
  2. Protection of Confidential Information. As between the parties, each party retains all ownership rights in and to its Confidential Information. The Receiving Party will use the same degree of care that it uses to protect the confidentiality of its own confidential information of like kind (but not less than reasonable care) to (i) not use any Confidential Information of the Disclosing Party for any purpose outside the scope of this Agreement and (ii) except as otherwise authorized by the Disclosing Party in writing, limit access to Confidential Information of the Disclosing Party to those of its and its Affiliates’ employees and contractors who need that access for purposes consistent with this Agreement and who have signed confidentiality agreements with the Receiving Party containing protections not materially less protective of the Confidential Information than those Neither party will disclose the terms of this Agreement or any Order Form to any third party other than its Affiliates, legal counsel and accountants without the other party’s prior written consent, provided that a party that makes any such disclosure to its Affiliate, legal counsel or accountants will remain responsible for such Affiliate’s, legal counsel’s or accountant’s compliance with this “Confidentiality” section. Notwithstanding the foregoing, SPACETI may disclose the terms of this Agreement and any applicable Order Form to a subcontractor to the extent necessary to perform SPACETI’s obligations under this Agreement, under terms of confidentiality materially as protective as set forth herein.
  3. Compelled Disclosure. Receiving Party may disclose Confidential Information in accordance with any judicial or governmental order or request, provided that Receiving Party shall give Disclosing Party prior notice (to the extent legally permitted) of such disclosure and reasonable assistance, at Disclosing Party’s cost, if the Disclosing Party wishes to contest the disclosure. Receiving Party shall use commercially reasonable efforts to limit any such disclosure to the extent required and to obtain confidentiality protections to the extent reasonably practicable.

9.          REPRESENTATIONS, WARRANTIES, EXCLUSIVE REMEDIES AND DISCLAIMERS

  1. Representations. Each party represents that it has validly entered into this Agreement and has the legal power to do so.
  2. SPACETI Warranties. SPACETI warrants that during an applicable subscription term (a) this Agreement, the Order Forms and the Documentation will accurately describe the applicable administrative, physical, and technical safeguards for protection of the security, confidentiality and integrity of Customer Data, (b) SPACETI will not materially decrease the overall security of the Services, (c) the Services will perform materially in accordance with the applicable Documentation, and (d) subject to the “Integration with Non-SPACETI Applications” section above, SPACETI will not materially decrease the overall functionality of the Services. For any breach of a warranty above, Customer’s exclusive remedies are those described in the “Termination” and “Refund or Payment upon Termination” sections below.
  3. Disclaimers. EXCEPT AS EXPRESSLY PROVIDED HEREIN, NEITHER PARTY MAKES ANY WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, AND EACH PARTY SPECIFICALLY DISCLAIMS ALL IMPLIED WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW. BETA SERVICES ARE PROVIDED “AS IS,” AND AS AVAILABLE EXCLUSIVE OF ANY WARRANTY WHATSOEVER.

10.       MUTUAL INDEMNIFICATION

  1. Indemnification by SPACETI will defend Customer against any claim, demand, suit or proceeding made or brought against Customer by a third party alleging that any Purchased Service infringes or misappropriates such third party’s intellectual property rights (a “Claim Against Customer”), and will indemnify Customer from any damages, attorney fees and costs finally awarded against Customer as a result of, or for amounts paid by Customer under a settlement approved by SPACETI in writing of, a Claim Against Customer, provided Customer (a) promptly gives SPACETI written notice of the Claim Against Customer, (b) gives SPACETI sole control of the defense and settlement of the Claim Against Customer (except that SPACETI may not settle any Claim Against Customer unless it unconditionally releases Customer of all liability), and (c) gives SPACETI all reasonable assistance, at SPACETI’s expense. If SPACETI receives information about an infringement or misappropriation claim related to a Service, SPACETI may in its discretion and at no cost to Customer (i) modify the Services so that they are no longer claimed to infringe or misappropriate, without breaching SPACETI’s warranties under “SPACETI Warranties” above, (ii) obtain a subscription for Customer’s continued use of that Service in accordance with this Agreement, or (iii) terminate Customer’s subscriptions for that Service upon 30 days’ written notice and refund Customer any prepaid fees covering the remainder of the term of the terminated subscriptions. The above defense and indemnification obligations do not apply if (1) the allegation does not state with specificity that the Services are the basis of the Claim Against Customer; (2) a Claim Against Customer arises from the use or combination of the Services or any part thereof with software, hardware, data, or processes not provided by SPACETI, if the Services or use thereof would not infringe without such combination; (3) a Claim Against Customer arises from Services under an Order Form for which there is no charge; or (4) a Claim against Customer arises from Customer’s breach of this Agreement, the Documentation or applicable Order Forms.
  2. Indemnification by Customer. Customer will defend SPACETI and its Affiliates against any claim, demand, suit or proceeding made or brought against SPACETI by a third party alleging that any Customer Data or Customer’s use of Customer Data with the Services, infringes or misappropriates such third party’s intellectual property rights, or arising from Customer’s use of the Services in an unlawful manner or in violation of the Agreement, the Documentation, or Order Form (each a “Claim Against SPACETI”), and will indemnify SPACETI from any damages, attorney fees and costs finally awarded against SPACETI as a result of, or for any amounts paid by SPACETI under a settlement approved by Customer in writing of, a Claim Against SPACETI, provided SPACETI (a) promptly gives Customer written notice of the Claim Against SPACETI, (b) gives Customer sole control of the defense and settlement of the Claim Against SPACETI (except that Customer may not settle any Claim Against SPACETI unless it unconditionally releases SPACETI of all liability), and (c) gives Customer all reasonable assistance, at Customer’s The above defense and indemnification obligations do not apply if a Claim Against SPACETI arises from SPACETI’s breach of this Agreement, the Documentation or applicable Order Forms.
  3. Mutual Indemnity. Each party (the “Provider”) will defend the other party (the “Recipient”) against any Claim made or brought against the Recipient by a third party alleging that any information, design, specification, instruction, software, data or material furnished by the Provider in the course of providing or receiving Professional Services (the “Material”) infringes or misappropriates such third party’s intellectual property rights, and will indemnify the Recipient from any damages, attorneys fees and costs finally awarded against the Recipient as a result of, or for amounts paid by Recipient under a settlement approved in writing by Provider of, any such Claim, provided that the Recipient: (a) promptly gives the Provider written notice of the Claim; (b) gives the Provider sole control of the defense and settlement of the Claim (except that the Provider may not settle any Claim unless it unconditionally releases the Recipient of all liability); and (c) gives the Provider all reasonable assistance, at the Provider’s cost. The Provider will have no liability for any such Claim to the extent that (i) it arises from specifications or other Material provided by the other party, or (ii) such claim is based on the Recipient’s use of a superseded or altered version of Material if infringement or misappropriation would have been avoided by the use of a subsequent or unaltered version of the Material that was provided to the Recipient. In the event that some or all of the Material is held or is reasonably believed by the Provider to infringe or misappropriate, the Provider may in its discretion and at no cost to the Recipient (A) modify or replace the Material so it is no longer claimed to infringe or misappropriate, (B) obtain a license for the Recipient’s continued use of the Material in accordance with this Agreement, or (C) require return of the affected Material and all rights thereto from the Recipient. If the Provider exercises option (C), either party may terminate the relevant SOW upon 10 days’ written notice given within 30 days after the Provider’s exercise of such option, subject to the “Payment Upon Termination” section below.
  4. Exclusive Remedy. This “Mutual Indemnification” section states the indemnifying party’s sole liability to, and the indemnified party’s exclusive remedy against, the other party for any third party claim described in this section.

11.        LIMITATION OF LIABILITY

  1. Limitation of Liability. Subject to the “Exclusion of Consequential and Related Damages” and “Limitation of Restrictions” sections below, in no event shall the aggregate liability of each party together with all of its Affiliates arising out of or related to this Agreement (whether in contract or tort or under any other theory of liability) exceed the total amount paid by Customer and its Affiliates hereunder in the twelve months preceding the first incident out of which the liability arose. The foregoing limitation will not limit Customer’s and its Affiliates’ payment obligations under the “Fees and Payment” section above.
  2. Exclusion of Consequential and Related Damages. Subject to section the “Limitation of Restrictions” section below, in no event shall either party or its Affiliates have any liability to the other party or its Affiliates under or in relation to this Agreement whether in contract, tort or under any other theory of liability for:

    quelle qu'en soit la cause et que ces pertes soient prévisibles ou non, même si cette partie ou sa société affiliée a été informée (ou est autrement consciente) de la possibilité de telles pertes à l'avance.

  3. Limitation of Restrictions. Nothing in this “Limitation of Liability” section shall exclude or limit the liability of either party or its Affiliates for gross negligence or intentional misconduct of such party or its senior management, death or personal injury caused by that party’s or its Affiliate’s negligence or for fraud or fraudulent misrepresentation or for any other liability to the extent that the same may not be excluded or limited as a matter of applicable law.

12.       TERM AND TERMINATION

  1. Term of Agreement. This Agreement commences on the Effective Date and continues until all Services subscriptions hereunder have expired or have been terminated, Professional Services and Hardware were accepted and their warranty (if applicable) expired.
  2. Term of Purchased Subscriptions. The term of each subscriptions shall be as specified in the applicable Order Form. Except as otherwise specified in an Order Form, subscriptions will automatically renew for additional periods equal to the expiring subscription term or one year (whichever is shorter), unless either party gives the other notice of non-renewal at least 30 days before the end of the relevant subscription term. Within any renewal, the per-unit pricing for the renewal term shall be automatically adjusted in accordance with (i) Harmonised Index of Consumer Prices (HICP) issued by the European Statistical Office (Eurostat) in case of Services provided to customers worldwide except as described below, (ii) Consumer Prices Index (CPI) issued by the U.S. Bureau of Labor Statistics in case of Services provided to customers based in the Americas (iii) Consumer Prices Index (CPI) issued by the Saudi Central Bank in case of Services provided to customers based in MENA region. The adjustment may take place with effect as of first day of every renewal term and shall correspond up to the HICP / CPI index in previous calendar year, unless SPACETI provides Customer notice of lower indexation at least 60 days prior to the applicable renewal term. Except as expressly provided in the applicable Order Form, renewal of promotional or one-time priced subscriptions will be at SPACETI’s applicable list price in effect at the time of the applicable renewal. Notwithstanding anything to the contrary, any renewal in which subscription volume for any Services has decreased from the prior term will result in re- pricing at renewal without regard to the prior term’s per-unit pricing.
  3. Termination. A party may terminate this Agreement for cause (i) upon 30 days written notice to the other party of a material breach if such breach remains uncured at the expiration of such period, or (ii) if the other party becomes the subject of a petition in bankruptcy or any other proceeding relating to insolvency, receivership, liquidation or assignment for the benefit of creditors.
  4. Refund or Payment upon Termination. Upon any termination of the Agreement or SOW, Customer will pay, in accordance with the “Invoicing and Payment” section of this Agreement, any unpaid fees and expenses for Professional Services incurred on or before the termination date (such Professional Services fees to be paid on a time-and-materials or percent-of-completion basis, as appropriate). If this Agreement is terminated by Customer in accordance with the “Termination” section above, SPACETI will refund Customer any prepaid fees covering the remainder of the term of all Order Forms after the effective date of termination and any fees for Professional Services not yet received. If this Agreement is terminated by SPACETI in accordance with the “Termination” section above, Customer will pay any unpaid fees covering the remainder of the term of all Order Forms and any pre-paid fees for Professional Services charged on a fixed-fee basis are non-refundable, to the extent permitted by applicable law. In no event will termination relieve Customer of its obligation to pay any fees for Services payable to SPACETI for the period prior to the effective date of termination.
  5. Surviving Provisions. The sections titled “Free Services,” “Fees and Payment,” “Proprietary Rights and Licenses,” “Confidentiality,” “Disclaimers,” “Mutual Indemnification,” “Limitation of Liability,” “Refund or Payment upon Termination,” “Surviving Provisions” and “General Provisions” will survive any termination or expiration of this Agreement, and the section titled “Protection of Customer Data” will survive any termination or expiration of this Agreement for so long as SPACETI retains possession of Customer Data.

13.       GENERAL PROVISIONS

  1. Export Compliance. The Services, other SPACETI technology, and derivatives thereof may be subject to export laws and regulations of the European Union or the United States. SPACETI and Customer each represents that it is not named on any European Union or USA government denied-party list. Customer will not permit any User to access or use any Service in a European Union or USA-embargoed country or region or in violation of any U. or USA export law or regulation.
  2. Anti-Corruption. Neither party has received or been offered any illegal or improper bribe, kickback, payment, gift, or thing of value from an employee or agent of the other party in connection with this Agreement. Reasonable gifts and entertainment provided in the ordinary course of business do not violate the above restriction.
  3. Entire Agreement and Order of Precedence. This Agreement is the entire agreement between SPACETI and Customer regarding Customer’s use of Services, Professional Services and purchase of Hardware and supersedes all prior and contemporaneous agreements, proposals or representations, written or oral, concerning its subject matter. The parties agree that any term or condition stated in a Customer purchase order or in any other Customer order documentation (excluding Order Forms) is void. In the event of any conflict or inconsistency among the following documents, the order of precedence shall be: (1) the applicable Order Form or SOW, (2) any addenda, annex, schedule or exhibit to this Agreement, (3) this Agreement, and (4) the Titles and headings of sections of this Agreement are for convenience only and shall not affect the construction of any provision of this Agreement.
  4. Relationship of the Parties. The parties are independent contractors. This Agreement does not create a partnership, franchise, joint venture, agency, fiduciary or employment relationship between the Each party will be solely responsible for payment of all compensation owed to its employees, as well as all employment-related taxes.
  5. Third-Party Beneficiaries. There are no third-party beneficiaries under this Agreement.
  6. Waiver. No failure or delay by either party in exercising any right under this Agreement will constitute a waiver of that right.
  7. Severability. If any provision of this Agreement is held by a court of competent jurisdiction to be contrary to law, the provision will be deemed null and void, and the remaining provisions of this Agreement will remain in effect.
  8. Assignment. Neither party may assign any of its rights or obligations hereunder, whether by operation of law or otherwise, without the other party’s prior written consent (not to be unreasonably withheld); provided, however, either party may assign this Agreement in its entirety (including all Order Forms and SOWs), without the other party’s consent to its Affiliate or in connection with a merger, acquisition, corporate reorganization, or sale of all or substantially all of its assets. Notwithstanding the foregoing, if a party is acquired by, sells substantially all of its assets to, or undergoes a change of control in favor of, a direct competitor of the other party, then such other party may terminate this Agreement upon written notice. In the event of such a termination, SPACETI will refund Customer any prepaid fees covering the remainder of the term of all subscriptions for the period after the effective date of such Subject to the foregoing, this Agreement will bind and inure to the benefit of the parties, their respective successors and permitted assigns.
  9. No Agency. For the avoidance of doubt, SPACETI is entering into this Agreement as principal and not as agent for any other SPACETI company. Subject to any permitted Assignment under the “Assignment” section below, the obligations owed by SPACETI under this Agreement shall be owed to Customer solely by SPACETI and the obligations owed by Customer under this Agreement shall be owed solely to SPACETI.
  10. Notices. Except as otherwise specified in this Agreement, all notices related to this Agreement will be in writing and will be effective upon (a) personal delivery, (b) the second business day after mailing, or (c) except for notices of termination or an indemnifiable claim (“Legal Notices”), the day of sending by email. Notices to SPACETI will be addressed to the attention of Legal team to the SPACETI’s registered address, e-mail: legal@spaceti.com; or as updated by SPACETI via written notice to Customer. Billing-related notices to Customer will be addressed to the relevant billing contact designated by Customer, and Legal Notices to Customer will be addressed to Customer and be clearly identifiable as Legal Notices. All other notices to Customer will be addressed to the relevant Services system administrator designated by Customer.
  11. Governing Law. This Agreement, and any disputes arising out of or related hereto, will be governed exclusively by the laws of the Commonwealth of Massachussetts.
  12. Counterparts. This Agreement may be executed electronically and in counterparts.
  13. Attachments:
    Exhibit A – Data Processing Addendum

 

Signed by each party’s authorized representative:

SPACETI                                                                                  CUSTOMER

 

By:                                                                                          By:                                                                   

Print Name:                                                                             Print Name:                                                     

Title:                                                                                       Title:                                                                

Date:                                                                                      Date:                                                               

 

 

 

 

 

 

 

  

 

Pièce à conviction A

 

ADDENDUM AU TRAITEMENT DES DONNÉES

 (Revision November 2019)

 

This Data Processing Addendum, including its Schedules, (“DPA”) forms part of the Master Services Agreement between SPACETI and Customer for the purchase of services from SPACETI (the “Agreement”) to reflect the parties’ agreement with regard to the Processing of Personal Data.

Tous les termes en majuscules qui ne sont pas définis dans le présent document ont la signification qui leur est donnée dans l'Accord.

In the course of providing the Services to Customer pursuant to the Agreement, SPACETI may Process Personal Data on behalf of Customer and the Parties agree to comply with the following provisions with respect to any Personal Data, each acting reasonably and in good faith:

 

1.          DEFINITIONS

Controller” means the entity which determines the purposes and means of the Processing of Personal Data.

Data Protection Laws and Regulations” means all laws and regulations, including laws and regulations of the European Union, the European Economic Area and their member states, Switzerland and the United Kingdom, applicable to the Processing of Personal Data under the Agreement.

Data Subject” means the identified or identifiable person to whom Personal Data relates.

GDPR” means the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

Personal Data” means any information relating to (i) an identified or identifiable natural person and, (ii) an identified or identifiable legal entity (where such information is protected similarly as personal data or personally identifiable information under applicable Data Protection Laws and Regulations), where for each (i) or (ii), such data is Customer Data.

Processing” means any operation or set of operations which is performed upon Personal Data, whether or not by automatic means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Processor” means the entity which Processes Personal Data on behalf of the Controller.

Security Documentation” means the Security Documentation applicable to the specific Services purchased by Customer, as updated from time to time, and accessible via login to the applicable Service, or as otherwise made reasonably available by SPACETI. The Security Documentation as of Effective Date is attached as Schedule 2 to this DPA.

SPACETI Group” means SPACETI and its Affiliates engaged in the Processing of Personal Data.

Sub-processor” means any Processor engaged by SPACETI or a member of the SPACETI Group.

Supervisory Authority” means an independent public authority which is established by an EU Member State pursuant to the GDPR.

 

2.          PROCESSING OF PERSONAL DATA

  1. Roles of the Parties. The parties acknowledge and agree that with regard to the Processing of Personal Data, Customer is the Controller, SPACETI is the Processor and that SPACETI or members of the SPACETI Group will engage Sub-processors pursuant to the requirements set forth in Section 5 “Sub-processors” below.
  2. Customer’s Processing of Personal Data. Customer shall, in its use of the Services and Professional Services, Process Personal Data in accordance with the requirements of Data Protection Laws and Regulations. For the avoidance of doubt, Customer’s instructions for the Processing of Personal Data shall comply with Data Protection Laws and Regulations. Customer shall have sole responsibility for the accuracy, quality, and legality of Personal Data and the means by which Customer acquired Personal Data.
  3. SPACETI’s Processing of Personal Data. SPACETI shall treat Personal Data as Confidential Information and shall only Process Personal Data on behalf of and in accordance with Customer’s documented instructions for the following purposes: (i) Processing in accordance with the Agreement and applicable Order Form(s) or SOW(s); (ii) Processing initiated by Users in their use of the Services; and (iii) Processing to comply with other documented reasonable instructions provided by Customer (e.g., via email) where such instructions are consistent with the terms of the Agreement.
  4. Details of the Processing. The subject-matter of Processing of Personal Data by SPACETI is the performance of the Services and Professional Services, if applicable, pursuant to the Agreement. The duration of the Processing, the nature and purpose of the Processing, the types of Personal Data and categories of Data Subjects Processed under this DPA are further specified in Schedule 1 (Details of the Processing) to this DPA.

3.          RIGHTS OF DATA SUBJECTS

  1. Data Subject Request. SPACETI shall, to the extent legally permitted, promptly notify Customer if SPACETI receives a request from a Data Subject to exercise the Data Subject’s right of access, right to rectification, restriction of Processing, erasure (“right to be forgotten”), data portability, object to the Processing, or its right not to be subject to an automated individual decision making, each such request being a “Data Subject Request”. Taking into account the nature of the Processing, SPACETI shall assist Customer by appropriate technical and organizational measures, insofar as this is possible, for the fulfilment of Customer’s obligation to respond to a Data Subject Request under Data Protection Laws and Regulations. In addition, to the extent Customer, in its use of the Services, does not have the ability to address a Data Subject Request, SPACETI shall upon Customer’s request provide commercially reasonable efforts to assist Customer in responding to such Data Subject Request, to the extent SPACETI is legally permitted to do so and the response to such Data Subject Request is required under Data Protection Laws and Regulations. To the extent legally permitted, Customer shall be responsible for any costs arising from SPACETI’s provision of such assistance.

4.          SPACETI PERSONNEL

  1. Confidentiality. SPACETI shall ensure that its personnel engaged in the Processing of Personal Data are informed of the confidential nature of the Personal Data and have executed written confidentiality agreements. SPACETI shall ensure that such confidentiality obligations survive the termination of the personnel engagement.
  2. Limitation of Access. SPACETI shall ensure that SPACETI’s access to Personal Data is limited to those personnel performing Services and Professional Services in accordance with the Agreement.
  3. Data Protection Officer. Members of the SPACETI Group have appointed a data protection officer. The appointed person may be reached at legal@spaceti.com.

5.          SUB-PROCESSORS

  1. Appointment of Sub-processors. Customer acknowledges and agrees that (a) SPACETI’s Affiliates may be retained as Sub- processors; and (b) SPACETI and SPACETI’s Affiliates respectively may engage third-party Sub-processors in connection with the provision of the Services and Professional Services. SPACETI or a SPACETI Affiliate has entered into a written agreement with each Sub-processor containing data protection obligations not less protective than those in this Agreement with respect to the protection of Personal Data to the extent applicable to the nature of the Services and Professional Services provided by such Sub-processor.
  2. List of Current Sub-processors and Notification of New Sub-processors. SPACETI shall make available to Customer the current list of Sub-processors. Such Sub-processor lists shall include the identities of those Sub-processors and their country of location (the “Infrastructure and Sub-processor Documentation”). SPACETI shall make available to Customer the up-to date Infrastructure and Sub-processor Documentation as well as a mechanism to subscribe to notifications of new Sub-processors to which Customer shall subscribe, and if Customer subscribes, SPACETI shall provide notification of a new Sub-processor(s) before authorizing any new Sub-processor(s) to Process Personal Data in connection with the provision of the applicable Services. The Infrastructure and Sub-processor Documentation for Services, as of Effective Date, is for reference purposes only attached as Schedule 3 hereto.
  3. Objection Right for New Sub-processors. Customer may object to SPACETI’s use of a new Sub-processor by notifying SPACETI promptly in writing within ten (10) business days after receipt of SPACETI’s notice in accordance with the mechanism set out in Section 5.2 hereof. In the event Customer objects to a new Sub-processor, as permitted in the preceding sentence, SPACETI will use reasonable efforts to make available to Customer a change in the Services or Professional Services or recommend a commercially reasonable change to Customer’s configuration or use of the Services or Professional Services to avoid Processing of Personal Data by the objected-to new Sub- processor without unreasonably burdening Customer. If SPACETI is unable to make available such change within a reasonable period of time, which shall not exceed thirty (30) days, Customer may terminate the applicable Order Form(s) or SOW(s) with respect only to those Services or Professional Services which cannot be provided by SPACETI without the use of the objected-to new Sub-processor by providing written notice to SPACETI. SPACETI will refund Customer any prepaid fees covering the remainder of the term of such Order Form(s) or SOW(s) following the effective date of termination with respect to such terminated Services or Professional Services, without imposing a penalty for such termination on Customer.
  4. Liability. SPACETI shall be liable for the acts and omissions of its Sub-processors to the same extent SPACETI would be liable if performing the services of each Sub-processor directly under the terms of this DPA.

6.          SECURITY

  1. Controls for the Protection of Personal Data. SPACETI shall maintain appropriate technical and organizational measures for protection of the security (including protection against unauthorized or unlawful Processing and against accidental or unlawful destruction, loss or alteration or damage, unauthorized disclosure of, or access to, Customer Data), confidentiality and integrity of Customer Data, as set forth in the Security Documentation. SPACETI regularly monitors compliance with these measures. SPACETI will not materially decrease the overall security of the Services during a subscription term.
  2. Cooperation and Audits. SPACETI shall make available to Customer such information as is requested by Customer to demonstrate its compliance with applicable statutory obligations, in a commonly used and machine-readable format. In cases of official requests of data protection authorities with jurisdiction over the Processing hereunder, or, in case Customer has reasonable grounds to assume that a Customer Data Incident has taken place, Customer may upon at least fourteen (14) days prior written notice to SPACETI conduct a site visit of the applicable SPACETI operations center at Customer’s expense by a representative of Customer or its independent third party auditor (always not a direct competitor of SPACETI). Such audits shall be carried out at normal business hours without disrupting the on-going business operations of SPACETI. SPACETI may make the audits dependent on the signing of a nondisclosure agreement with SPACETI.

7.          CUSTOMER DATA INCIDENT NOTIFICATION

  1. SPACETI shall notify Customer without undue delay after becoming aware of the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Customer Data, including Personal Data, transmitted, stored or otherwise Processed by SPACETI or its Sub-processors of which SPACETI becomes aware (a “Customer Data Incident”). SPACETI shall make reasonable efforts to identify the cause of such Customer Data Incident and take those steps as SPACETI deems necessary and reasonable in order to remediate the cause of such a Customer Data Incident to the extent the remediation is within SPACETI’s reasonable control. The obligations herein shall not apply to incidents that are caused by Customer or Customer’s Users.

8.          RETURN AND DELETION OF CUSTOMER DATA

  1. La procédure est définie à la section 2.2 de l'accord.

9.          DATA TRANSFERS

  1. SPACETI shall ensure that the transfer of Personal Data which are undergoing Processing or are intended for Processing after transfer to a third country shall take place only if such transfer meets the conditions outlined in the GDPR, specifically Chapter V.

10.       EUROPEAN SPECIFIC PROVISIONS

  1. GDPR. SPACETI will Process Personal Data in accordance with the GDPR requirements directly applicable to SPACETI’s provision of its Services or Professional Services.
  2. Data Protection Impact Assessment. Upon Customer’s request, SPACETI shall provide Customer with reasonable cooperation and assistance needed to fulfil Customer’s obligation under the GDPR to carry out a data protection impact assessment related to Customer’s use of the Services or Professional Services, to the extent Customer does not otherwise have access to the relevant information, and to the extent such information is available to SPACETI. SPACETI shall provide reasonable assistance to Customer in the cooperation or prior consultation with the Supervisory Authority in the performance of its tasks relating to Section 10.2 of this DPA, to the extent required under the GDPR.

 

Liste des horaires

Annexe 1 : Détails du traitement

Annexe 2 : Documentation de sécurité (à la date d'entrée en vigueur)

Schedule 3: SPACETI Infrastructure and Sub-processors (as of Effective Date)

 

 

ANNEXE 1 - DÉTAILS DU TRAITEMENT

 

Nature et finalité du traitement

SPACETI will Process Personal Data as necessary to perform the Services or Professional Services pursuant to the Agreement, as further specified in the Documentation, and as further instructed by Customer in its use of the Services or Professional Services.

 

Durée du traitement

Subject to Section 8 of the DPA, SPACETI will Process Personal Data for the duration of the Agreement, unless otherwise agreed upon in writing.

 

Catégories de personnes concernées

Le Client peut soumettre des Données personnelles aux Services, dont l'étendue est déterminée et contrôlée par le Client à sa seule discrétion, et qui peuvent inclure, sans s'y limiter, des Données personnelles relatives aux catégories de personnes concernées suivantes :

 

Type de données personnelles

Le Client peut soumettre des Données personnelles aux Services, dont l'étendue est déterminée et contrôlée par le Client à sa seule discrétion, et qui peuvent inclure, sans s'y limiter, les catégories suivantes de Données personnelles :

 

ANNEXE 2 - DOCUMENTATION SUR LA SÉCURITÉ

(à la date d'entrée en vigueur)

 

SPACETI has implemented the following technical and organizational security measures to provide the ongoing confidentiality, integrity, availability and resilience of processing systems and services:

 

1. Confidentiality

SPACETI has implemented the following technical and organizational security measures to protect the confidentiality of processing systems and services, in particular:

●      SPACETI processes all customer data on remote server sites owned and operated by industry leading cloud service providers that offer highly sophisticated measures to protect against unauthorized persons gaining access to data processing equipment (namely telephones, database and application servers and related hardware).  Such measures include:
–       a layered security model, including safeguards like custom-designed electronic access cards, alarms, vehicle access barriers, perimeter fencing, metal detectors, and biometrics, and the data center floor features laser beam intrusion detection;

–       data centers are monitored 24/7 by high-resolution interior and exterior cameras that can detect and track intruders;

–       access logs, activity records, and camera footage are available in case an incident occurs;

–       data centers are also routinely patrolled by experienced security guards who have undergone rigorous background checks and training;

–       access to the data center floor is only possible via a security corridor which implements multi-factor access control using security badges and biometrics;

–       only approved employees with specific roles may enter.

●      SPACETI implements suitable measures to prevent its data processing systems from being used by unauthorized persons. This is accomplished by:
–       automatic time-out of user terminal if left idle, identification and password required to reopen;
–       issuing and safeguarding identification codes;

–       letting customers define individual user accounts with permissions across SPACETI resources;

 
●      SPACETI’s employees entitled to use its data processing systems are only able to access Personal Data within the scope of and to the extent covered by their respective access permission (authorization).  In particular, access rights and levels are based on employee job function and role, using the concepts of least-privilege and need-to-know to match access privileges to defined responsibilities.  This is accomplished by:
–       limited access to Personal Data to only authorized persons;
–       industry standard encryption; and
 
2. Integrity

SPACETI has implemented the following technical and organizational security measures to protect the integrity of processing systems and services, in particular:

●      SPACETI implements suitable measures to prevent Personal Data from being read, copied, altered or deleted by unauthorized parties during the transmission thereof or during the transport of the data media. This is accomplished by:
–       use of state-of-the-art firewall and encryption technologies to protect the gateways and pipelines through which the data travels;
–       industry standard encryption; and
–       avoiding the storage of Personal Data on portable storage media for transportation purposes and on company issued laptops or other mobile devices.
 
●      SPACETI does not access any customer content except as necessary to provide that customer with the SPACETI products and professional services it has selected. SPACETI does not access customers’ content for any other purposes. Accordingly, SPACETI does not know what content customers choose to store on its systems and cannot distinguish between Personal Data and other content, so SPACETI treats Customer Data the same. In this way, Customer Data benefits from the same robust SPACETI security measures, whether this content includes Personal Data or not.
 

3. Availability

SPACETI has implemented the following technical and organizational security measures to protect the availability of processing systems and services, in particular:

●      SPACETI implements suitable measures to provide that Personal Data is protected from accidental destruction or loss. This is accomplished by:
–       infrastructure redundancy;
–       policies prohibiting permanent local (work station) storage of Personal Data; and
–       performing regular data back-ups.

4. Resilience

SPACETI has implemented the following technical and organizational security measures to protect the resilience of processing systems and services, in particular:

 

 

 

SOUS-ANNEXE 3

SPACETI Infrastructure and Sub-processors

(à la date d'entrée en vigueur)

Portée

This documentation describes the infrastructure environment and sub-processors and certain other entities material to SPACETI’s provision of the Services.

 

Capitalized terms used in this documentation are defined in SPACETI’s Master Services Agreement and/or Data Processing Addendum. In the event of conflict, the Data Processing Addendum definition shall prevail.

 

Infrastructure – Personal Data Storage & Processing

Le tableau suivant décrit les pays et les entités juridiques engagés dans le stockage des Données Personnelles soumises par les clients aux Services.

 

 

SUBPROCESSOR PURPOSE OF DATA PROCESSING SUBPROCESSOR SEAT OF BUSINESS LOCATION
Amazon Web Services EMEA SAR Data processing, storing personal & other data (personal data, analytics, booking data etc.). BUSINESS REG. NO 352 2789 0057

38 Avenue John F. Kennedy, L-1855, Luxembourg

Allemagne
Heroku (Salesforce) Data processing. 415 Mission Street

Suite 300

San Francisco, CA, 94105

EU region
Google Cloud EMEA Limited Mobile app users noitification, app distribution. 70 Sir John Rogerson’s Quay, Dublin 2, Ireland Allemagne
Redis Green Storing data (personal data, analytics data, aggregated analytics data, booking data). Stovepipe Studios, 2130 N Kilpatrick Street #17292, Portland OR 97217, United States EU (Frankfurt)
Elastic.co Storage for sensor & analytics data. EUROPEAN HQ

The Netherlands

Keizersgracht 281

1016 ED Amsterdam

EU region
Auth0 Authentication & authorization platform for secured login & user management. Auth0 Inc. (a wholly owned subsidiary of Okta, Inc.) (10800 NE 8th Street, Suite 700, Bellevue, WA 98004, USA) and/or the applicable Okta affiliates processing personal data. Auth0 Limited, UK, is registered with the Information Commissioner’s Office (“ICO”) under registration number ZA840835. EU region
Apple Mobile app users notification, app distribution.
WorkOS
(*Note: only for specific product features)
Okta SSO, Google SSO integration, Microsoft AD synchronization. WorkOS, 548 Market St, PMB 86125, San Francisco, CA 94104 USA

 

 

Fournisseurs de réseaux

The Services may use network providers to provide the Services, for security purposes, to support user authentication, and to optimize content delivery (the “Network Providers”). SPACETI uses Network Providers to provide private network capabilities and also to provide Content Delivery Network services (the “CDN”). CDN are commonly used systems of distributed services that deliver content based on the geographic location of the individual accessing the content and the origin of the content provider. Content items to be served to subscribers or end users, such as images or attachments uploaded to the Services, may be stored with a CDN to expedite transmission, and information transmitted across a CDN may be accessed by the CDN to enable its functions.

SPACETI customers may subscribe to notifications of new sub-processors by sending an e-mail to legal@spaceti.com.