Please read these terms carefully — they govern your use of FoundersCart's websites, services and platform.
THESE TERMS OF USE ("TERMS") ARE A BINDING CONTRACT BETWEEN YOU AND FOUNDERSCARTS ("WE", "US"), A CHATBOT PLATFORM (HENCEFORTH REFERRED TO AS THE "Platform") BUILT BY FOUNDERS CART LIMITED, A COMPANY REGISTERED IN THE ONTARIO, CANADA AND WILL INCLUDE ITS SUBSIDIARY COMPANIES. BY SUBSCRIBING AND ACCESSING THE BELOW TERMS, YOU AGREE TO THESE TERMS ON BEHALF OF YOURSELF AS AN INDIVIDUAL USER, OR ON BEHALF OF THE ORGANIZATION YOU REPRESENT ("CUSTOMER", "YOU"). IN CASE YOU DO NOT AGREE TO ANY OF THE TERMS LISTED BELOW, YOU MAY REFRAIN FROM USING (OR ACCESSING) THE PLATFORM AND RELATED SERVICES.
Welcome to FoundersCart, an easy-to-use, multi-messaging customer experience platform ("platform") that allows non-developers, companies, individuals, and agencies to easily build, train, manage and analyse their chatbots. Please read on to learn the terms that govern your use of FoundersCart website(s), services and platform. If you have any questions, comments, or concerns regarding these terms or the Services, please feel free to [email protected]
2.1.1. The Children’s Online Privacy Protection Act ("COPPA") requires that online service
providers
obtain parental consent before they knowingly collect personally identifiable information online
from children who are under 13.
2.1.2. We do not knowingly collect or solicit personally identifiable information from children
under 13. If you are a child under 13, please do not attempt to register for the Services or
send
any personal information about yourself to us.
2.1.3. If we learn we have collected personal information from a child under 13, we will delete
that
information as quickly as possible.
2.1.4. If you believe that a child under 13 may have provided us personal information, please
contact us at [email protected]
2.2.1. As part of the registration process you will need to sign up and create an account,
including
a username & password, on the platform (app.technowizards.io).
2.2.2. Your registration on the platform provides you access to a number of features and
services
which are permissible to be accessed only by you. This registered account and its credentials is
not
to be shared between users. A breach of this clause will result in termination of the abused
accounts and/or all accounts provided to you.
2.2.3. If, for any reason, you suspect that your username & password has been disclosed to, or
obtained, by another party you should contact us immediately. Please note that we never contact
users requesting them to confirm their username & password or other details.
3.1.1. We provide you with a platform interface and a related set of services (“Services”) which
can
enable you to subscribe and use the same for creation, modification and maintenance of chatbot
programs that may help you improve your business process(es) in an as-is condition.
3.1.2. On registration, and subject to Section 5 (when applicable), we will grant to you the
right
to access and use the Platform, and any related functionality, in accordance with the Terms
mentioned in this document.
3.1.3. Your use of the Services is also governed by (and subject to) different third party
platform
policies that FoundersCart can be integrated from time to time (“PlatformPolicies”) including
but
not limited to which are hereby incorporated by reference and are a part of these Terms.
3.1.4. You are solely responsible and liable for complying with the Platform Policies that you
opt
for building your chatbot and FoundersCart bears no commercial or any other liability or
responsibility for the users that access the bot and the data that gets created. By using the
platform you implicitly agree to and accept all of the Terms and Conditions, or you will lose
the
right to use the right to use the platform and services. Your using the Services in any way
means
that you agree to all of these Terms, and these Terms will remain in effect while you use the
Services. These Terms include the provisions in this document, as well as those in the Privacy
Policy and Data Processing Agreement (addendum).
3.1.5. The Mobile app SDK is supported only for the following frameworks - Native iOS, Native
Android and Flutter.
3.2.1.It is acknowledged and agreed upon that you are completely responsible for evaluating the
integrity, quality, accuracy or reliability of any data provided to us before making/
implementing
any decisions based on this information and any consequences that arise out of this.
3.2.2. You acknowledge that we do not assume any liability for any data handled/generated by you
on
the platform.
3.2.3. The licenses granted herein are only for the purpose of allowing you to connect to and
use
the Services for your personal or internal business use. You will not use the services to
perform
natural language processing for any third parties.
3.3.1. We may temporarily limit or suspend the Services from time to time at its discretion
including to perform upgrades to, and maintenance of, the platform.
3.3.2. We also hold the rights to terminate access to the platform based on any missed payments
as
per contractual agreements forwarded to you. Your access to the platform and/or subscription or
other payments for use of FoundersCart represents an agreement to abide by the commercial terms
and
conditions of the contract forwarded to you, the usage Terms and Conditions listed in this
document
as well as the Privacy Policy and Data Processing Agreement that accompany and are available on
www.founderscart.com
3.4.1. You represent, warrant, and agree that you will not create and / or contribute any
Content or
User Submission (each of those terms is defined below) or otherwise create any chatbots or use
the
Services in a manner that:
(a) Infringes or violates the intellectual property rights or any other rights of anyone else
(including FoundersCart);
(b) Violates any law or regulation, including any applicable export control laws;
(c) Is harmful, fraudulent, deceptive, threatening, harassing, defamatory, obscene, or otherwise
objectionable;
(d) Jeopardizes the security of your FoundersCart account or anyone else’s (such as allowing
someone else to log in to the Services as you);
(e) Attempts, in any manner, to obtain the password, account, or other security information from
any
other user;
(f) Violates the security of any computer network, or cracks any passwords or security
encryption
codes;
(g) Runs Mail list, Listserv, any form of auto-responder or “spam” on the Services, or any
processes
that run or are activated while you are not logged into the Services, or that otherwise
interfere
with the proper working of the Services (including by placing an unreasonable load on the
Services’
infrastructure);
(h) “Crawls,” “scrapes,” or “spiders” any page, data, or portion of or relating to the Services
or
Content (through use of manual or automated means);
(i) Copies or stores any significant portion of the Content; and
(j) Decompiles, reverse engineers, or otherwise attempts to obtain the source code or underlying
ideas or information of or relating to the Services;
(k) Is non-compliant with any international agreements, treaties as may be applicable including
but
not limited to the Global DataPrivacy Regulations (GDPR) and the Children’s Online Privacy
Protection Act, 1998 (“COPPA”) and any of its amendments, notifications and revisions, updated
form
time to time;
3.4.2. A violation of any of the foregoing is grounds for termination of your right to use or
access
the Services, with or without notice and surrender of your contact information, data and
intelligence that you have built on the platform.
3.4.3 We understand the need of requiring documented evidence for stress test or security tests
(VAPT). If such a need arises, please contact us at [email protected] to request for the
same. Running the stress test or any form of security tests on the platform without prior
approval
from FoundersCart will cause the bot and/or the account to be deactivated. FoundersCart does
not
carry any liability for the loss caused due to the deactivation of the bot or the account.
3.5.1. As discussed in Section 2.2, you are solely responsible for the credentials to your
account
and for any activity that happens in the account, intentionally or unintentionally.
3.5.2. In case any unwarranted activity is noticed, you should notify us immediately by sending
an
email to [email protected]
3.6.1. You are responsible to maintain and upgrade any OS or systems that are used to access the platform. Any problem caused in the use of the platform because of older/legacy/unsupported systems is solely your responsibility.
3.7.1. You shall comply with all applicable laws including the ones around protection of
personal
information and data privacy.
3.7.2. You are responsible for obtaining any consent required by law from your users to allow
the
use of their personal information (if required) for use of our services, in accordance with the
general terms, privacy policy and Data Processing Agreement.
3.8.1. You will need to ensure that your Users are informed that they are governed by, and hence comply with, all applicable laws, including laws governing the protection of personal information.
4.1.1. As defined in the Data Processing Agreement, all
information shared with us is owned by you. We are not responsible for evaluating its integrity,
quality, accuracy or reliability.
4.1.2. You acknowledge that the responsibility of any data
provided/used on the platform is your responsibility. Any loss of data caused by the downgrading
and removal of any service within the account connected to the downgrade, is also your
responsibility.
4.2.1. Digital Millennium Copyright Act (the “DMCA”) relates to
online service providers, like us, who are responsible to remove any material that allegedly
violates someone’s copyright.
4.2.2. We respect others’ intellectual property rights, and we
reserve the right to delete or disable any such content, and to terminate the any account(s)
that is/are alleged repeat-infringers.
4.3.1. Any information or content publicly posted or privately
transmitted through the Services, and any chatbots created using the platform, are the sole
responsibility of the person from whom such content is originated. You should access all such
information and content at your own risk, and we aren’t liable for any errors or omissions in
that information or content or for any damages or loss you might suffer in connection with
it.
4.3.2. We cannot control and have no duty to take any action regarding how you may
interpret and use the Content or what actions you may take as a result of having been exposed to
the Content. You hereby release us from all liability for you having acquired or not acquired
Content through the Services. We can’t guarantee the identity of any users with whom you
interact in using the Services and are not responsible for which users gain access to the
platform.
4.3.3. You are responsible for all Content you contribute, in any manner, to the
Services, and you represent and warrant you have all rights necessary to do so, in the manner in
which you contribute it. You will keep all your registration information accurate and current.
You are responsible for all your activity in connection with the Services.
4.3.4.The Services
may contain links or connections to third party websites or services that are not owned or
controlled by us. When you access third party websites or use third party services, you accept
that there are risks in doing so, and that we are not responsible for such risks. We encourage
you to be aware of this and to read the terms and conditions and privacy policy of each third
party website or service that you visit or utilize. You are solely responsible for complying
with the terms and conditions, any liability or commercial conditions set forth and arising from
any third party provider access that you connect to via the Platform.
4.3.5. We have no
control over, and assume no responsibility for, the content, accuracy, privacy policies, or
practices of or opinions expressed in any third party websites or by any third party that you
interact with through the Services. In addition, we will not and cannot monitor, verify, censor
or edit the content of any third party site or service. By using the Services, you release and
hold us harmless from any and all liability arising from your use of any third party website or
service.
4.3.6. Your interactions with organizations and/or individuals found on or through
the Services, including payment and delivery of goods or services, and any other terms,
conditions, warranties or representations associated with such dealings, are solely between you
and such organizations and/or individuals. You should make whatever investigation you feel
necessary or appropriate before proceeding with any online or offline transaction with any of
these third parties. You agree that we shall not be responsible or liable for any loss or damage
of any sort incurred as the result of any such dealings.
4.3.7. If there is a dispute between
participants on this site, or between users and any third party, or a dispute arising out of
violation of terms and conditions set forth here for the use of the Platform, you agree that we
are under no obligation to become involved. In the event that you have a dispute with one or
more other users, you release us, our officers, employees, agents, and successors from claims,
demands, and damages of every kind or nature, known or unknown, suspected or unsuspected,
disclosed or undisclosed, arising out of or in any way related to such disputes and/or our
Services.
4.4.1.We may utilize the services of multiple sub processors for
the purpose of providing the services.
4.4.2. Any data collected by us through our services
shall be as defined by us in the Data Processing Agreement.
4.4.3. It is advisable that you
take all required backups of your data prior to requesting a downgrade (or termination) in
service.
4.5.1.We do not explicitly collect any personal information such
as age, gender etc. unless shared by you.
5.1.1. We offer some basic functionalities of our Services under
a Free Trial. In case you register for this service, we will make it available to you free of
charge, for a trial basis, until the earlier of (a) the end of the free trial applicable to you;
(b) the start date of any subscription purchased by you; or (c) termination of the trial by us
at our sole discretion.
5.2.1. In order to avail access to different features/services
from the platform, you may be required to choose (and pay for) specific subscription plans, as
designed and defined by us. The plans and pricing are subject to change subject to term and
commercial agreement for any subscription plans signed by us with you which will uphold over any
pricing changes.
5.2.2. We have a pre-set, tier based, subscription plans which have been
structured based on many factors like number of bots, interactions, licenses required, monthly
active users (MAU) and many other module based dependencies.
5.2.3. You may choose a relevant
subscription plan of your choice (or that is prescribed by us), by making an upfront payment of
the prescribed fees. We have flexible billing plans, should you wish to term based payments. For
subscription modifications refer section 5.3.
5.2.4. On Professional plan, bot can be
installed on 3 domains and on the business plan, it can be extended to 10 domains. In case, the
customer wishes to install the bot on more than 10 domains, upgrade to the Enterprise plan is
required.
5.2.5. For usage beyond your plan limit, an overage charge as per the base plan is
charged on a monthly basis. Non-payment of the overage charge will lead to discontinuation of
the service.
5.2.6. We reserve the right to change all/any of the subscription plan tiers,
its pricing and the features offered at any time and without prior notice.
5.2.7. For
partners and customers registered under FoundersCart, if payments are managed by the payment
gateway
and if card details are available, they will be automatically invoiced in the designated
frequency.
5.3.5. FoundersCart provides easy upgrade/downgrade options from
your
chosen subscription.
Whenever you would want to upgrade your subscription plan, you
can do so from the platform. On upgrade, a pro-rata bill (for the upgraded plan) will be
generated based on number of remaining days in the existing billing cycle. All subsequent bills
will be generated based on the upgraded plan amount.
If you ever wish to downgrade your existing subscription plan,
you may choose to do so from the platform. Downgrades will be applied only at the end of current
billing term. All subsequent bills will be generated based on the downgraded plan
amount.
5.4.1. All subscription cancellations will be done
manually.
5.4.2 You may cancel your account(s) at any point of time. If you wish so, please
reach out to us at [email protected]
for processing cancellations.
5.4.3 No refunds will be processed for subscription
cancellations (as described in 5.5).
5.5.1. NO REFUNDS will be offered for remaining unused days, on
cancellation from an existing Subscription Plan.
5.5.2 NO REFUNDS will be offered if a
downgrade is requested before the end of current billing term.
5.5.3 In case of any queries,
you can write to us at
[email protected]
5.6.1. We reserve the right to use a third party payment
processor, which is PCI-DSS complaint, for all billing and payment receipts.
5.6.2 The credit
card information provided to us shall be automatically charged for any modification to existing
services, or upon renewal.
5.6.3 In the event where you do not wish to process your payment
via credit card, you can do so through bank/wire transfer/cheque. This would be done only on
your explicit request by writing to us at
[email protected]
5.6.4 In the event that we are unable to bill the credit
card on
file or you request us (in writing over email) to not bill the credit card, you shall be solely
responsible for completing the expected payment by whatever means. In the event that payment is
not made, the services may become unavailable to you and we may terminate this Agreement without
notice.
5.7.1. We reserve the right to revise the service fees applicable
for a paid plan or functionality at its sole discretion.
5.7.2 The revised fees will only
take effect from the next renewal date of your existing subscription plan.
5.7.3 You would be
notified over email in case of such revision of fees.
6.1.1. Neither FoundersCart, nor its licensors or
suppliers,
make any representations or warranties regarding suggestions or recommendations of
services or products offered or purchased through the Services. We are not responsible
for any links to third party websites from the Service and the inclusion of any link
does not imply an endorsement of a third party website or service by us.
6.1.2 THE
SERVICES AND CONTENT ARE PROVIDED BY FoundersCart (AND ITS LICENSORS AND SUPPLIERS) ON
AN
“AS-IS” BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING,
WITHOUT LIMITATION, IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
PURPOSE, NON-INFRINGEMENT, OR THAT USE OF THE SERVICES WILL BE UNINTERRUPTED OR
ERROR-FREE.
6.1.3 ANY USE OF THE SERVICES IS AT YOUR OWN RISK. THE SOFTWARE MAY
CONTAIN BUGS, ERRORS. WE DO NOT WARRANT THE PERFORMANCE OF THE SERVICES, THAT THE
SERVICES WILL OPERATE UNINTERRUPTED OR ERROR-FREE, OR THAT THE SERVICES WILL OPERATE IN
ACCORDANCE WITH ANY ACCOMPANYING DOCUMENTATION.
6.2.1. Our Services are provided over the Internet. As
such, the Services are subject to the operation of the Internet and telecommunications
infrastructures as well as the operation of your Internet connection services, all of
which are beyond our control.
6.2.2 We do not warrant that the services will be
uninterrupted or that you will be able to access or use the Services at the location and
times of your choosing.
6.3.1. We provide all kinds of technical support for any
issues/roadblocks to the usage of the available services, based on our Support
Policy.
6.3.2 The support would be provided over email. All communications regarding
the same are expected to be directed to [email protected]
6.3.3. We reserve the right not
to
provide a full technical support service to free or trial account users.
6.3.4 You
are solely responsible for the procurement of any hardware or services required to use
the Services, including any computers, servers, or Internet access.
7.1. TO THE FULLEST EXTENT ALLOWED BY APPLICABLE LAW,
UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY (INCLUDING, WITHOUT LIMITATION, TORT,
CONTRACT, STRICT LIABILITY, OR OTHERWISE) SHALL FoundersCart (OR ITS LICENSORS OR
SUPPLIERS)
BE LIABLE TO YOU OR TO ANY OTHER PERSON FOR (A) ANY INDIRECT, SPECIAL, INCIDENTAL, OR
CONSEQUENTIAL DAMAGES OF ANY KIND, INCLUDING DAMAGES FOR LOST PROFITS, LOSS OF GOODWILL,
WORK STOPPAGE, ACCURACY OF RESULTS, OR COMPUTER FAILURE OR MALFUNCTION, OR (B) ANY
AMOUNT, IN THE AGGREGATE, IN EXCESS OF THE GREATER OF (I) $100 OR (II) THE AMOUNTS PAID
BY YOU TO FoundersCart IN CONNECTION WITH THE SERVICES IN THE TWELVE (12) MONTH PERIOD
PRECEDING THIS APPLICABLE CLAIM, OR (C) ANY MATTER BEYOND OUR REASONABLE CONTROL. SOME
STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF CERTAIN DAMAGES, SO THE ABOVE
LIMITATION AND EXCLUSIONS MAY NOT APPLY TO YOU.
7.2 We shall not be liable for any
indirect, consequential, exemplary, incidental, special or punitive damages, including
loss of profits.
7.3 EXCEPT AS STATED IN SECTION 7.1, FoundersCart AND ITS
AFFILIATES,
OFFICERS, LICENSORS, AND/OR CONTRACTORS SHALL NOT BE LIABLE FOR ANY INDIRECT,
INCIDENTAL, SPECIAL OR CONSEQUENTIAL DAMAGES, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
DAMAGES. TO THE EXTENT THAT A STATE DOES NOT PERMIT THE EXCLUSION OR LIMITATION OF
LIABILITY AS SET FORTH HEREIN, OUR LIABILITY IS LIMITED TO THE FULL EXTENT PERMITTED BY
LAW IN SUCH STATE.
8.1. To the fullest extent allowed by applicable law, you
agree to indemnify and hold us, and our affiliates, officers, agents, employees, and
partners harmless from and against any and all claims, liabilities, damages (actual and
consequential), losses and expenses (including attorneys’ fees) arising from or in any
way related to any third party claims relating to (a) your use of the Services
(including any actions taken by a third party using your account, including those
mentioned in Section 3.5), (b) your violation of these Terms, or (c) your infringement
upon any intellectual property or other proprietary right of any person or
entity.
8.2 In the event of such a claim, suit, or action (“Claim”), we will attempt
to provide notice of the Claim to the contact information we have for your account
(provided that failure to deliver such notice shall not eliminate or reduce your
indemnification obligations hereunder).
8.3. We may, at our own expense, assume the
defense and control of any matter otherwise subject to indemnification by you. Doing so
shall not excuse your indemnity obligations in this Agreement. The terms of this
paragraph will survive any termination or cancellation of the Agreement.
9.1.1. The materials displayed or performed or available
on or through the Services, including, but not limited to, text, graphics, data,
articles, photos, images, illustrations, User Submissions, and so forth (all of the
foregoing, the “Content”) are protected by copyright and/or other intellectual property
laws. You promise to abide by all copyright notices, trademark rules, information, and
restrictions contained in any Content you access through the Services, and you won’t
use, copy, reproduce, modify, translate, publish, broadcast, transmit, distribute,
perform, upload, display, license, sell or otherwise exploit for any purpose any Content
not owned by you, (i) without the prior consent of the owner of that Content or (ii) in
a way that violates someone else’s (including FoundersCart’s) rights.
9.1.2 You
understand
that we own the Services. You won’t modify, publish, transmit, participate in the
transfer or sale of, reproduce (except as expressly provided in this Section), create
derivative works based on, or otherwise exploit any of the Services. The Services may
allow you to copy or download certain Content; please remember that just because this
functionality exists, doesn’t mean that all the restrictions above don’t apply – they
do!
9.2.1. Anything you (or your users) post, upload, share,
store, or otherwise provide through the Services, including any chatbots you create
and/or communicate with through the Services, is your “User Submission.”
9.2.2 Some
User Submissions are viewable by other users. In order to display your User Submissions
on the Services, and to allow other users to enjoy them (where applicable), you grant us
certain rights in those User Submissions. Please note that all of the following licenses
are subject to our Privacy Policy to the extent they relate to User Submissions that are
also your personally-identifiable information
9.2.3. For all User Submissions, you
hereby grant us a license to translate, modify (for technical purposes, for example
making sure your content is viewable on an Android device as well as a desktop) and
reproduce and otherwise act with respect to such User Submissions, in each case to
enable us to operate the Services, as described in more detail below. This is a license
only – your ownership in User Submissions is not affected.
9.2.4 If you store a User
Submission in your own personal FoundersCart account, in a manner that is not viewable
by any
other user except you (a “Personal User Submission”), you grant us the license above, as
well as a license to display, perform, and distribute your Personal User Submission for
the sole purpose of making that Personal User Submission accessible to you and providing
the Services necessary to do so.
9.2.5. If you share a User Submission only in a
manner that only certain specified users can view; for example, a private message to a
chatbot (a “Limited Audience User Submission”), then you grant us the licenses above, as
well as a license to display, perform, and distribute your Limited Audience User
Submission for the sole purpose of making that Limited Audience User Submission
accessible to such other specified users, and providing the Services necessary to do so.
Also, you grant such other specified users a license to access that Limited Audience
User Submission, and to use and exercise all rights in it, as permitted by the
functionality of the Services.
9.2.6 If you share a User Submission publicly on the
Services and/or in a manner that more than just you or certain specified users can view,
or if you provide us (in a direct email or otherwise) with any feedback, suggestions,
improvements, enhancements, and/or feature requests relating to the Services (each of
the foregoing, a “Public User Submission”), then you grant us the licenses above, as
well as a license to display, perform, and distribute your Public User Submission for
the purpose of making that Public User Submission accessible to all FoundersCart users
and
providing the Services necessary to do so, as well as all other rights necessary to use
and exercise all rights in that Public User Submission in connection with the Services
for any purpose. Also, you grant all other users of the Services a license to access
that Public User Submission, and to use and exercise all rights in it, as permitted by
the functionality of the Services.
9.2.7 You agree that the licenses you grant are
royalty-free, perpetual, sublicensable, irrevocable, and worldwide. All chatbots created
through the Services will automatically include an attribution to FoundersCart. You
agree not
to remove, modify, or obscure the FoundersCart attribution. In addition, you hereby
grant us a
nonexclusive license to use your trademarks, logos or any chatbots you create using the
Services in FoundersCart’s marketing materials (such as on founderscart.com). Finally,
you
understand and agree that FoundersCart, in performing the required technical steps to
provide
the Services to our users (including you), may need to make changes to your User
Submissions to conform and adapt those User Submissions to the technical requirements of
connection networks, devices, services, or media, and the foregoing licenses include the
rights to do so.
10.1.1. The Terms mentioned here are a binding contract
between you and us.
10.1.2 The general terms are effective as of the first date that
a customer or a user of the website accesses or uses the FoundersCart platform or
website,
until they are terminated by both or any of the the parties in accordance with Section
10.2.
10.1.3 This Agreement is effective until terminated by you or by us.
10.1.4
Any Additional Services subscribed to post termination will be subject to ac is licensed
only for the Subscription Period selected during the registration or upgrade. The
Subscription Period may be renewed by paying an additional license fee as set forth on
the FoundersCart website. This renewal fee may be charged automatically to the credit
card
used to initially pay for the Services.
10.2.1. You’re free to stop using the Services at any
time; just email us at [email protected] to notify.
10.2.2 Services may be
terminated by notifying FoundersCart of your intent to terminate this Agreement.
Notification
of termination must be sent by email to [email protected] Your termination will
be
effective upon FoundersCart’s receipt and processing of the email. Processing may take
up to
24 hours.
10.2.3 Any Additional Services subscribed to post termination will be
licensed only for the Subscription Period selected during the registration or upgrade,
and after payment of the relevant fees.
10.3.1. We are free to terminate (or suspend access to)
your use of the Services or your account, for any reason in our discretion, including
your breach of these Terms (as described in Section 3.5). We have the sole right to
decide whether you are in violation of any of the restrictions set forth in these
Terms.
10.3.2 We may terminate this Agreement at any time and for any reason. We may
monitor its systems for excessive consumption of network resources and may take
technical or other remedies deemed necessary to prevent or eliminate any excessive
consumption. If we deem your use to be excessive, we may terminate your account or
adjust the price of the Services.
10.3.3 Any Additional Services subscribed to post
termination will be subject to review by us and can be availed only if found acceptable.
The additional services will then be treated as a new registration and will be licensed
only for the Subscription Period selected during the registration, and after payment of
the relevant fees.
10.4.1. Account termination may result in destruction of
any chatbots and Content associated with your account, so keep that in mind before you
decide to terminate your account.
10.4.2 We will try to provide advance notice to you
prior to our terminating your account so that you are able to retrieve any important
User Submissions you may have stored in your account (to the extent allowed by law and
these Terms), but we may not do so if we determine it would be impractical, illegal, not
in the interest of someone’s safety or security, or otherwise harmful to the rights or
property of FoundersCart.
10.4.3 Provisions that, by their nature, should survive
termination of these Terms shall survive termination. By way of example, all of the
following will survive termination: any obligation you have to pay us or indemnify us,
any limitations on our liability, any terms regarding ownership of intellectual property
rights, and terms regarding disputes between us.
10.4.4 Upon termination, you must
immediately cease using the Services. Upon termination, we may disable further use of
the Services or related Services without further notice and may delete, remove, and
erase any account information and any data stored by us. Such deletions are in our sole
discretion and may occur without notice to you. No refunds shall be given for any
reason.
10.5.1. Section 5.5 (No Refunds) applies, regardless of
the cause of termination, cancellation, or downgrade of subscription.
11.1.1. These Terms are governed by and will be construed
under the laws of USA, without regard to the conflicts of laws provisions thereof. Any
dispute arising from or relating to the subject matter of these Terms shall be finally
settled in USA, in English. Judgment upon the award rendered by such arbitrator may be
entered in any court of competent jurisdiction. Notwithstanding the foregoing obligation
to arbitrate disputes, each party shall have the right to pursue injunctive or other
equitable relief at any time, from any court of competent jurisdiction. For all purposes
of this Agreement, the parties consent to exclusive jurisdiction and venue in Texas
(state), USA (Country). Any arbitration under these Terms will take place on an
individual basis: class arbitrations and class actions are not permitted. YOU UNDERSTAND
AND AGREE THAT BY ENTERING INTO THESE TERMS, YOU AND FoundersCart ARE EACH WAIVING THE
RIGHT
TO TRIAL BY JURY OR TO PARTICIPATE IN A CLASS ACTION.
11.1.2 These general terms
shall be governed solely by the laws of the United States of America without regard to
conflicts of law provisions thereof. You agree that the exclusive forum for any disputes
arising out of or relating to this Agreement shall be an appropriate federal or state
court sitting in the Republic of India.
11.2.1. We shall not be liable by reason of any failure
or delay in performance of its obligation on account of an unforeseeable and
irresistable event, including external causes with the same characteristics (a “Force
Majeure”), which may include DOS attack, stikes, shortages, riots, fires, act of
god,failure by a third party hosting or utility provider, war, terrorism and government
action.
11.3.1. FoundersCart may send notices to the customer’s email
contact points provided by the customer, pursuant to these terms. You may send notices
pursuant to these terms at [email protected] All notices will be considered
received 24 hours after they are sent.
11.3.2. All questions, notices, demands, or requests to
FoundersCart with respect to this Agreement shall be made in writing to: [email protected]
11.4.1. You may not assign, delegate or transfer these
Terms or your rights or obligations hereunder, or your Services account, in any way (by
operation of law or otherwise) without FoundersCart’s prior written consent. We may
transfer,
assign, or delegate these Terms and our rights and obligations without
consent.
11.4.2. These Terms shall be binding upon and inure to the benefit of the
Parties’ respective successors and assigns.
11.4.3. You may not assign or transfer,
or purport to assign or transfer, any of your rights, duties, or obligations under the
Agreement to any person or entity, in whole or in part, whether by assignment, merger,
transfer of assets, sale of stock, operation of law, or otherwise. FoundersCart may
assign or
transfer this Agreement in its sole discretion.
11.5.1. As we are constantly trying to improve our the
platform, the Terms may be subject to change.
11.5.2. We reserve the right, and may
amend, the Terms of this agreement and related services offered under this agreement
(including license fees, availability, equipment and Services requirements, and limits
or restrictions on the use of Services or services) at any time, at our sole discretion
without notice.
11.5.3. In case of any such amendments, we will bring it to your
attention by notifying you through an email, post on FoundersCart website, and/or by
some
other means, as far as possible.
11.5.4. The amendments made will be effective
immediately after posting it. Continued use of the Services after the amendment
constitutes your acceptance of the same.
11.5.5. If you don’t agree with the new
Terms, you are free to reject them; unfortunately, that means you will no longer be able
to use the Services.
11.5.6. Except for changes by us as described here, no other
amendment or modification of these Terms will be effective unless in writing and signed
by both you and us.
11.6.1. No waiver, delay or discharge by a party will be
valid unless in writing and signed by an authorized representative of the party against
which its enforcement is sought. Neither the failure of either party to exercise any
right of termination nor the waiver of any default will constitute a waiver of the
rights granted in the Agreement with respect to any subsequent or other
default.
11.6.2. Failure by us to enforce any accrued rights under these Terms &
Conditions is not to be taken as or deemed to be a waiver of those rights unless we
acknowledge the waiver in writing.
11.7.1. The foregoing paragraphs, sub-paragraphs and
clauses of these Terms & Conditions shall be read and construed independently of
each other. Should any part of this agreement or its paragraphs, sub-paragraphs or
clauses be found invalid it shall not affect the remaining paragraphs, sub-paragraphs
and clauses.
11.7.2. If a provision of the Agreement is held by a court of competent
jurisdiction to be invalid, void, or unenforceable, the remaining provisions of the
Agreement will not be affected, impaired or invalidated. If the absence of the provision
adversely affects the substantive rights of a party, the parties agree to replace the
provision with a new provision that closely approximates the economic and proprietary
results intended by the parties.
12.1. The Agreement, the Privacy Policy, Data Processing
Agreement, applicable Proposals, Order forms, statement of work including any Annexure’s
attached hereto contain the entire and exclusive Agreement and understanding between the
parties on the subject matter of the Agreement.
12.2. The Agreement supersedes all
prior agreements, understandings and arrangements related to the subject matter. No
representation, undertaking or promise made prior to the Agreement shall be effective or
valid except as may be expressly stated in the Agreement.
This FoundersCart Data Protection Addendum ("Addendum")
including the Standard Contractual Clauses forms part of the agreement between the
parties as defined by the FoundersCart Customer Terms of Service
("Agreement")
The term
of this DPA shall follow the term of the Agreement. Terms not otherwise defined herein
shall have the meaning as set forth in the Agreement. Except as modified below, the
terms of the Agreement shall remain in full force and effect.
In consideration of the
mutual obligations set out herein, the parties hereby agree that the terms and
conditions set out below shall be added as an Addendum to the Agreement.Except where the
context requires otherwise, references in this Addendum to the Agreement are to the
Agreement as amended by, and including, this Addendum.
In this Addendum, the following terms shall have the
meanings set out below and cognate terms shall be construed
accordingly:
1."Applicable Laws" means (a) European Union or Member State laws with
respect to any Company Personal Data in respect of which any Company Group Member is
subject to EU Data Protection Laws; and (b) any other applicable law with respect to any
Company Personal Data in respect of which any Company Group Member is subject to any
other Data Protection Laws;
2."Company Affiliate" means an entity that owns or
controls, is owned or controlled by or is or under common control or ownership with
Company, where control is defined as the possession, directly or indirectly, of the
power to direct or cause the direction of the management and policies of an entity,
whether through ownership of voting securities, by contract or otherwise;
3."Company
Group Member" means Company or any Company Affiliate;
4."Company Personal Data" means
any Personal Data Processed by a Contracted Processor on behalf of a Company Group
Member pursuant to or in connection with the Agreement;
5."Contracted Processor"
means Vendor or a Subprocessor;
6."Data Protection Laws"means EU Data Protection Laws
and, to the extent applicable, the data protection or privacy laws of any other
country;
7."EEA" means the European Economic Area;
8."EU Data Protection Laws"
means EU Directive 95/46/EC, as transposed into domestic legislation of each Member
State and as amended, replaced or superseded from time to time, including by the GDPR
and laws implementing or supplementing the GDPR;
9."GDPR"means EU General Data
Protection Regulation 2016/679;
10."Restricted Transfer" means:
1.a transfer of
Company Personal Data from any Company Group Member to a Contracted Processor;
or
2.an onward transfer of Company Personal Data from a Contracted Processor to a
Contracted Processor, or between two establishments of a Contracted Processor, in each
case, where such transfer would be prohibited by Data Protection Laws (or by the terms
of data transfer agreements put in place to address the data transfer restrictions of
Data Protection Laws) in the absence of the Standard Contractual Clauses to be
established under section [6.4.3 or] 12 below;
11."Services" means the services and
other activities to be supplied to or carried out by or on behalf of Vendor for Company
Group Members pursuant to the Agreement;
12."Standard Contractual Clauses"means the
contractual clauses set out in Annex 2, amended as indicated (in square brackets and
italics) in that Annex and under section 13.4;
13."Subprocessor" means any person
(including any third party and any Vendor Affiliate, but excluding an employee of Vendor
or any of its sub-contractors) appointed by or on behalf of Vendor or any Vendor
Affiliate to Process Personal Data on behalf of any Company Group Member in connection
with the Agreement; and
14."Vendor Affiliate" means an entity that owns or controls,
is owned or controlled by or is or under common control or ownership with Vendor, where
control is defined as the possession, directly or indirectly, of the power to direct or
cause the direction of the management and policies of an entity, whether through
ownership of voting securities, by contract or otherwise.
15.“Vendor” means an entity
that owns or controls, is owned or controlled by or is or under common control or
ownership with Vendor, where control is defined as the possession, directly or
indirectly, of the power to direct or cause the direction of the management and policies
of an entity, whether through ownership of voting securities, by contract or
otherwise.
The terms, "Commission", "Controller", "Data Subject", "Member State",
"Personal Data", "Personal Data Breach", "Processing" and "Supervisory Authority" shall
have the same meaning as in the GDPR, and their cognate terms shall be construed
accordingly.
1.Vendor and each Vendor Affiliate shall: 1.Not Process
Company Personal Data other than on the relevant Company Group Member’s documented
instructions unless Processing is required by Applicable Laws to which the relevant
Contracted Processor is subject, in which case Vendor or the relevant Vendor Affiliate
shall to the extent permitted by Applicable Laws inform the relevant Company Group
Member of that legal requirement before the relevant Processing of that Personal
Data.
2.Each Company Group Member:
1.instructs Vendor and each Vendor Affiliate
(and authorises Vendor and each Vendor Affiliate to instruct each Subprocessor)
to:
1.Process Company Personal Data; and
2.in particular, transfer Company
Personal Data to any country or territory, as reasonably necessary for the provision of
the Services and consistent with the Agreement; and
2.warrants and represents that it
is and will at all relevant times remain duly and effectively authorised to give the
instruction set out in section 2.2.1 on behalf of each relevant Company
Affiliate.
3.Annex 1 to this Addendum sets out certain information regarding the
Contracted Processors' Processing of the Company Personal Data as required by article
28(3) of the GDPR (and, possibly, equivalent requirements of other Data Protection
Laws). Company may make reasonable amendments to Annex 1 by written notice to Vendor
from time to time as Company reasonably considers necessary to meet those requirements.
Nothing in Annex 1 (including as amended pursuant to this section) confers any right or
imposes any obligation on any party to this Addendum.
Vendor and each Vendor Affiliate shall take reasonable
steps to ensure the reliability of any employee, agent or contractor of any Contracted
Processor who may have access to the Company Personal Data, ensuring in each case that
access is strictly limited to those individuals who need to know / access the relevant
Company Personal Data, as strictly necessary for the purposes of the Agreement, and to
comply with Applicable Laws in the context of that individual's duties to the Contracted
Processor, ensuring that all such individuals are subject to confidentiality
undertakings or professional or statutory obligations of confidentiality.
1.Taking into account the state of the art technology
being used in the platform, the costs of implementation and the nature, scope, context
and purposes of Processing as well as the risk of varying likelihood and severity for
the rights and freedoms of natural persons, Vendor and each Vendor Affiliate shall in
relation to the Company Personal Data implement appropriate technical and organizational
measures to ensure a level of security appropriate to that risk, including, as
appropriate, the measures referred to in Article 32(1) of the GDPR.
2.In assessing
the appropriate level of security, Vendor and each Vendor Affiliate shall take account
in particular of the risks that are presented by Processing, in particular from a
Personal Data Breach.
1. Each Company Group Member authorises Vendor and each
Vendor Affiliate to appoint (and permit each Subprocessor appointed in accordance with
this section 5 to appoint) Subprocessors in accordance with this section 5 and any
restrictions in the Agreement.
2. Vendor and each Vendor Affiliate may continue to
use those Subprocessors already engaged by Vendor or any Vendor Affiliate as at the date
of this Addendum, subject to Vendor and each Vendor Affiliate in each case as soon as
practicable meeting the obligations set out in section 5.4.
3. Vendor shall give
Company prior written notice of the appointment of any new Subprocessor, including full
details of the Processing to be undertaken by the Subprocessor. If, within 30 days of
receipt of that notice, Company notifies Vendor in writing of any objections (on
reasonable grounds) to the proposed appointment: Neither Vendor nor any Vendor Affiliate
shall appoint (or disclose any Company Personal Data to) that proposed Subprocessor
until reasonable steps have been taken to address the objections raised by any Company
Group Member and Company has been provided with a reasonable written explanation of the
steps taken.
4. With respect to each Subprocessor, Vendor or the relevant Vendor
Affiliate shall:
1. Before the Subprocessor first Processes Company Personal Data
(or, where relevant, in accordance with section 5.2), carry out adequate due diligence
to ensure that the Subprocessor is capable of providing the level of protection for
Company Personal Data required by the Agreement;
2. Ensure that the arrangement
between on the one hand (a) Vendor, or (b) the relevant Vendor Affiliate, or (c) the
relevant intermediate Subprocessor; and on the other hand the Subprocessor, is governed
by a written contract including terms which offer at least the same level of protection
for Company Personal Data as those set out in this Addendum and meet the requirements of
article 28(3) of the GDPR;
3. If that arrangement involves a Restricted Transfer,
ensure that the Standard Contractual Clauses are at all relevant times incorporated into
the agreement between on the one hand (a) Vendor, or (b) the relevant Vendor Affiliate,
or (c) the relevant intermediate Subprocessor; and on the other hand the Subprocessor,
or before the Subprocessor first Processes Company Personal Data procure that it enters
into an agreement incorporating the Standard Contractual Clauses with the relevant
Company Group Member(s); and
4. Provide to Company for review such copies of the
Contracted Processors' agreements with Subprocessors (which may be redacted to remove
confidential commercial information not relevant to the requirements of this Addendum)
as Company may request from time to time.
5.Vendor and each Vendor Affiliate shall
ensure that each Subprocessor performs the obligations, as they apply to Processing of
Company Personal Data carried out by that Subprocessor, as if it were party to this
Addendum in place of Vendor.
Vendor will provide reasonable assistance, including
technical and organizational measures and taking into account the nature of the
Processing, to enable Controller to respond to any request from Data Subjects seeking to
exercise their rights under the Data Protection Law with respect to Personal Data
(including access, rectification, restriction, deletion or portability of Personal Data,
as applicable), to the extent permitted by the law.
If such request is made directly
to Vendor, Vendor will promptly inform Company Group Member and will advise Data
Subjects to submit their request to the Company Group Member directly, who shall be
solely responsible for responding to any Data Subjects’ requests.
1. Vendor shall notify Company without undue delay upon
Vendor or any Subprocessor becoming aware of a Personal Data Breach affecting Company
Personal Data, providing Company with sufficient information to allow each Company Group
Member to meet any obligations to report or inform Data Subjects of the Personal Data
Breach under the Data Protection Laws.
2. Vendor shall co-operate with Company and
each Company Group Member and take such reasonable commercial steps as are directed by
Company to assist in the investigation, mitigation and remediation of each such Personal
Data Breach.
Vendor and each Vendor Affiliate shall provide reasonable
assistance to each Company Group Member with any data protection impact assessments, and
prior consultations with Supervising Authorities or other competent data privacy
authorities, which Company reasonably considers to be required of any Company Group
Member by article 35 or 36 of the GDPR or equivalent provisions of any other Data
Protection Law, in each case solely in relation to Processing of Company Personal Data
by, and taking into account the nature of the Processing and information available to,
the Contracted Processors.
Other than to the extent required to comply with Data
Protection Law, following termination or expiry of the Agreement, Processor will return
or delete all Personal Data processed pursuant to this DPA in a reasonable time frame.
If Processor is unable to delete Personal Data for technical or other reasons, Processor
will apply measures to ensure that Personal Data is blocked from any further
Processing.
1. Vendor and each Vendor Affiliate shall make available
to each Company Group Member on request all information necessary to demonstrate
compliance with this Addendum, and shall allow for and contribute to audits, including
inspections, by any Company Group Member or an auditor mandated by any Company Group
Member in relation to the Processing of the Company Personal Data by the Contracted
Processors.
2. Information and audit rights of the Company Group Members only arise
under section 10.1 to the extent that the Agreement does not otherwise give them
information and audit rights meeting the relevant requirements of Data Protection Law
(including, where applicable, article 28(3)(h) of the GDPR).
3. Company or the
relevant Company Affiliate undertaking an audit shall give Vendor or the relevant Vendor
Affiliate reasonable notice of any audit or inspection to be conducted under section
10.1 and shall make (and ensure that each of its mandated auditors makes) reasonable
endeavours to avoid causing (or, if it cannot avoid, to minimise) any damage, injury or
disruption to the Contracted Processors' premises, equipment, personnel and business
while its personnel are on those premises in the course of such an audit or
inspection.
A Contracted Processor need not give access to its premises for the
purposes of such an audit or inspection:
1. To any individual unless he or she
produces reasonable evidence of identity and authority;
2. Outside normal business
hours at those premises, unless the audit or inspection needs to be conducted on an
emergency basis and Company or the relevant Company Affiilate undertaking an audit has
given notice to Vendor or the relevant Vendor Affiliate that this is the case before
attendance outside those hours begins; or
3. For the purposes of more than [one]
audit or inspection, in respect of each Contracted Processor, in any [calendar year],
except for any additional audits or inspections which:
Company or the relevant
Company Affiliate undertaking an audit reasonably considers necessary because of genuine
concerns as to Vendor's or the relevant Vendor Affiliate’s compliance with this
Addendum; or
A Company Group Member is required or requested to carry out by Data
Protection Law, a Supervisory Authority or any similar regulatory authority responsible
for the enforcement of Data Protection Laws in any country or territory,
where
Company or the relevant Company Affiliate undertaking an audit has identified its
concerns or the relevant requirement or request in its notice to Vendor or the relevant
Vendor Affiliate of the audit or inspection.
1.Subject to section 11.3, each Company Group Member (as
"data exporter") and each Contracted Processor, as appropriate, (as "data importer")
hereby enter into the Standard Contractual Clauses in respect of any Restricted Transfer
from that Company Group Member to that Contracted Processor.
2.The Standard
Contractual Clauses shall come into effect under section 11.1 on the later of:
1.the
data exporter becoming a party to them;
2.the data importer becoming a party to them;
and
3.aimencement of the relevant Restricted Transfer.
3.Section 11.1 shall not
apply to a Restricted Transfer unless its effect, together with other reasonably
practicable compliance steps (which, for the avoidance of doubt, do not include
obtaining consents from Data Subjects), is to allow the relevant Restricted Transfer to
take place without breach of applicable Data Protection Law.
Effective 25 May 2018 FoundersCart will process Personal
Data
in accordance with the GDPR requirements contained herein which are directly applicable
to FoundersCart's provision of the Subscription Services.
1.Nothing in this Addendum
reduces Vendor's or any Vendor Affiliate’s obligations under the Agreement in relation
to the protection of Personal Data or permits Vendor or any Vendor Affiliate to Process
(or permit the Processing of) Personal Data in a manner which is prohibited by the
Agreement. In the event of any conflict or inconsistency between this Addendum and the
Standard Contractual Clauses, the Standard Contractual Clauses shall
prevail.
2.Subject to section 12.1, with regard to the subject matter of this
Addendum, in the event of inconsistencies between the provisions of this Addendum and
any other agreements between the parties, including the Agreement and including (except
where explicitly agreed otherwise in writing, signed on behalf of the parties)
agreements entered into or purported to be entered into after the date of this Addendum,
the provisions of this Addendum shall prevail.
3.Should any provision of this
Addendum be invalid or unenforceable, then the remainder of this Addendum shall remain
valid and in force. The invalid or unenforceable provision shall be either (i) amended
as necessary to ensure its validity and enforceability, while preserving the parties’
intentions as closely as possible or, if this is not possible, (ii) construed in a
manner as if the invalid or unenforceable part had never been contained
therein.
3.aimencement of the relevant Restricted Transfer.
3.Section 11.1 shall
not apply to a Restricted Transfer unless its effect, together with other reasonably
practicable compliance steps (which, for the avoidance of doubt, do not include
obtaining consents from Data Subjects), is to allow the relevant Restricted Transfer to
take place without breach of applicable Data Protection Law.
For the purposes of Article 26(2) of Directive 95/46/EC
for the transfer of personal data to processors established in third countries which do
not ensure an adequate level of data protection,
The Customer, as defined in the
FoundersCart Customer Terms of Service (the "data exporter")
And
FoundersCart
Technologies
Inc., 919 North Market Street, Suite 950, Wilmington, New Castle 19801 (the "data
importer"),
each a ‘party’; together ‘the parties’,
HAVE AGREED on the following
Contractual Clauses (the Clauses) in order to adduce adequate safeguards with respect to
the protection of privacy and fundamental rights and freedoms of individuals for the
transfer by the data exporter to the data importer of the personal data specified in
Appendix 1.
For the purposes of the Clauses:
(a) ‘personal data’,
‘special categories of data’, ‘process/processing’, ‘controller’, ‘processor’, ‘data
subject’ and ‘supervisory authority’ shall have the same meaning as in Directive
95/46/EC of the European Parliament and of the Council of 24 October 1995 on the
protection of individuals with regard to the processing of personal data and on the free
movement of such data;
(b) ‘the Data Exporter’ means the controller who transfers the
personal data;
(c) ‘the Data Importer’ means the processor who agrees to receive from
the data exporter personal data intended for processing on his behalf after the transfer
in accordance with his instructions and the terms of the Clauses and who is not subject
to a third country’s system ensuring adequate protection within the meaning of Article
25(1) of Directive 95/46/EC;
(d) ‘the Subprocessor’ means any processor engaged by
the data importer or by any other subprocessor of the data importer who agrees to
receive from the data importer or from any other subprocessor of the data importer
personal data exclusively intended for processing activities to be carried out on behalf
of the data exporter after the transfer in accordance with his instructions, the terms
of the Clauses and the terms of the written subcontract;
(e) ‘the applicable data
protection law’ means the legislation protecting the fundamental rights and freedoms of
individuals and, in particular, their right to privacy with respect to the processing of
personal data applicable to a data controller in the Member State in which the data
exporter is established;
(f) ‘technical and organisational security measures’ means
those measures aimed at protecting personal data against accidental or unlawful
destruction or accidental loss, alteration, unauthorised disclosure or access, in
particular where the processing involves the transmission of data over a network, and
against all other unlawful forms of processing.
The details of the transfer and in particular the special
categories of personal data where applicable are specified in Appendix 1 which forms an
integral part of the Clauses.
-The data subject can enforce against the data exporter
this Clause, Clause 4(b) to (i), Clause 5(a) to (e), and (g) to (j), Clause 6(1) and
(2), Clause 7, Clause 8(2), and Clauses 9 to 12 as third-party beneficiary.
-The data
subject can enforce against the data importer this Clause, Clause 5(a) to (e) and (g),
Clause 6, Clause 7, Clause 8(2), and Clauses 9 to 12, in cases where the data exporter
has factually disappeared or has ceased to exist in law unless any successor entity has
assumed the entire legal obligations of the data exporter by contract or by operation of
law, as a result of which it takes on the rights and obligations of the data exporter,
in which case the data subject can enforce them against such entity.
-The data
subject can enforce against the subprocessor this Clause, Clause 5(a) to (e) and (g),
Clause 6, Clause 7, Clause 8(2), and Clauses 9 to 12, in cases where both the data
exporter and the data importer have factually disappeared or ceased to exist in law or
have become insolvent, unless any successor entity has assumed the entire legal
obligations of the data exporter by contract or by operation of law as a result of which
it takes on the rights and obligations of the data exporter, in which case the data
subject can enforce them against such entity. Such third-party liability of the
subprocessor shall be limited to its own processing operations under the Clauses.
-
The parties do not object to a data subject being represented by an association or other
body if the data subject so expressly wishes and if permitted by national law.
The data exporter agrees and warrants:
(a) that the
processing, including the transfer itself, of the personal data has been and will
continue to be carried out in accordance with the relevant provisions of the applicable
data protection law (and, where applicable, has been notified to the relevant
authorities of the Member State where the data exporter is established) and does not
violate the relevant provisions of that State;
(b) that it has instructed and
throughout the duration of the personal data-processing services will instruct the data
importer to process the personal data transferred only on the data exporter’s behalf and
in accordance with the applicable data protection law and the Clauses;
(c) that the
data importer will provide sufficient guarantees in respect of the technical and
organisational security measures specified in Appendix 2 to this contract;
(d) that
after assessment of the requirements of the applicable data protection law, the security
measures are appropriate to protect personal data against accidental or unlawful
destruction or accidental loss, alteration, unauthorised disclosure or access, in
particular where the processing involves the transmission of data over a network, and
against all other unlawful forms of processing, and that these measures ensure a level
of security appropriate to the risks presented by the processing and the nature of the
data to be protected having regard to the state of the art and the cost of their
implementation;
(e) that it will ensure compliance with the security measures;
(f)
that, if the transfer involves special categories of data, the data subject has been
informed or will be informed before, or as soon as possible after, the transfer that its
data could be transmitted to a third country not providing adequate protection within
the meaning of Directive 95/46/EC;
(g) to forward any notification received from the
data importer or any subprocessor pursuant to Clause 5(b) and Clause 8(3) to the data
protection supervisory authority if the data exporter decides to continue the transfer
or to lift the suspension;
(h) to make available to the data subjects upon request a
copy of the Clauses, with the exception of Appendix 2, and a summary description of the
security measures, as well as a copy of any contract for subprocessing services which
has to be made in accordance with the Clauses, unless the Clauses or the contract
contain commercial information, in which case it may remove such commercial
information;
(i) that, in the event of subprocessing, the processing activity is
carried out in accordance with Clause 11 by a subprocessor providing at least the same
level of protection for the personal data and the rights of data subject as the data
importer under the Clauses; and
(j) that it will ensure compliance with Clause 4(a)
to (i).
The data importer agrees and warrants:
(a) to process
the personal data only on behalf of the data exporter and in compliance with its
instructions and the Clauses; if it cannot provide such compliance for whatever reasons,
it agrees to inform promptly the data exporter of its inability to comply, in which case
the data exporter is entitled to suspend the transfer of data and/or terminate the
contract;
(b) that it has no reason to believe that the legislation applicable to it
prevents it from fulfilling the instructions received from the data exporter and its
obligations under the contract and that in the event of a change in this legislation
which is likely to have a substantial adverse effect on the warranties and obligations
provided by the Clauses, it will promptly notify the change to the data exporter as soon
as it is aware, in which case the data exporter is entitled to suspend the transfer of
data and/or terminate the contract;
(c) that it has implemented the technical and
organisational security measures specified in Appendix 2 before processing the personal
data transferred;
(d) that it will promptly notify the data exporter about:
(i)
any legally binding request for disclosure of the personal data by a law enforcement
authority unless otherwise prohibited, such as a prohibition under criminal law to
preserve the confidentiality of a law enforcement investigation;
(ii) any accidental
or unauthorised access; and
(iii) any request received directly from the data
subjects without responding to that request, unless it has been otherwise authorised to
do so;
(e) to deal promptly and properly with all inquiries from the data exporter
relating to its processing of the personal data subject to the transfer and to abide by
the advice of the supervisory authority with regard to the processing of the data
transferred;
(f) at the request of the data exporter to submit its data-processing
facilities for audit of the processing activities covered by the Clauses which shall be
carried out by the data exporter or an inspection body composed of independent members
and in possession of the required professional qualifications bound by a duty of
confidentiality, selected by the data exporter, where applicable, in agreement with the
supervisory authority;
(g) to make available to the data subject upon request a copy
of the Clauses, or any existing contract for subprocessing, unless the Clauses or
contract contain commercial information, in which case it may remove such commercial
information, with the exception of Appendix 2 which shall be replaced by a summary
description of the security measures in those cases where the data subject is unable to
obtain a copy from the data exporter;
(h) that, in the event of subprocessing, it has
previously informed the data exporter and obtained its prior written consent;
(i)
that the processing services by the subprocessor will be carried out in accordance with
Clause 11;
(j) to send promptly a copy of any subprocessor agreement it concludes
under the Clauses to the data exporter.
The parties agree that any data subject, who has suffered
damage as a result of any breach of the obligations referred to in Clause 3 or in Clause
11 by any party or subprocessor is entitled to receive compensation from the data
exporter for the damage suffered.
The data importer agrees that if the data subject invokes
against it third-party beneficiary rights and/or claims compensation for damages under
the Clauses, the data importer will accept the decision of the data subject:
(a) to
refer the dispute to mediation, by an independent person or, where applicable, by the
supervisory authority;
(b) to refer the dispute to the courts in the Member State in
which the data exporter is established.
- The parties agree that the choice made by
the data subject will not prejudice its substantive or procedural rights to seek
remedies in accordance with other provisions of national or international law.
- The data exporter agrees to deposit a copy of this
contract with the supervisory authority if it so requests or if such deposit is required
under the applicable data protection law.
- The parties agree that the supervisory
authority has the right to conduct an audit of the data importer, and of any
subprocessor, which has the same scope and is subject to the same conditions as would
apply to an audit of the data exporter under the applicable data protection law.
-
The data importer shall promptly inform the data exporter about the existence of
legislation applicable to it or any subprocessor preventing the conduct of an audit of
the data importer, or any subprocessor, pursuant to paragraph 2. In such a case the data
exporter shall be entitled to take the measures foreseen in Clause 5(b).
The Clauses shall be governed by the law of the Member
State in which the data exporter is established.
The parties undertake not to vary or modify the Clauses.
This does not preclude the parties from adding clauses on business related issues where
required as long as they do not contradict the Clause.
- The data importer shall not subcontract any of its
processing operations performed on behalf of the data exporter under the Clauses without
the prior written consent of the data exporter. Where the data importer subcontracts its
obligations under the Clauses, with the consent of the data exporter, it shall do so
only by way of a written agreement with the subprocessor which imposes the same
obligations on the subprocessor as are imposed on the data importer under the Clauses.
Where the subprocessor fails to fulfil its data protection obligations under such
written agreement the data importer shall remain fully liable to the data exporter for
the performance of the subprocessor’s obligations under such agreement.
- The prior
written contract between the data importer and the subprocessor shall also provide for a
third-party beneficiary clause as laid down in Clause 3 for cases where the data subject
is not able to bring the claim for compensation referred to in paragraph 1 of Clause 6
against the data exporter or the data importer because they have factually disappeared
or have ceased to exist in law or have become insolvent and no successor entity has
assumed the entire legal obligations of the data exporter or data importer by contract
or by operation of law. Such third-party liability of the subprocessor shall be limited
to its own processing operations under the Clauses.
- The provisions relating to data
protection aspects for subprocessing of the contract referred to in paragraph 1 shall be
governed by the law of the Member State in which the data exporter is established.
-
The data exporter shall keep a list of subprocessing agreements concluded under the
Clauses and notified by the data importer pursuant to Clause 5(j), which shall be
updated at least once a year. The list shall be available to the data exporter’s data
protection supervisory authority.
-The parties agree that on the termination of the
provision of data-processing services, the data importer and the subprocessor shall, at
the choice of the data exporter, return all the personal data transferred and the copies
thereof to the data exporter or shall destroy all the personal data and certify to the
data exporter that it has done so, unless legislation imposed upon the data importer
prevents it from returning or destroying all or part of the personal data transferred.
In that case, the data importer warrants that it will guarantee the confidentiality of
the personal data transferred and will not actively process the personal data
transferred anymore.
- The data importer and the subprocessor warrant that upon
request of the data exporter and/or of the supervisory authority, it will submit its
data-processing facilities for an audit of the measures referred to in paragraph 1.
This Appendix forms part of the Clauses. The Member
States may complete or specify, according to their national procedures, any additional
necessary information to be contained in this Appendix.
A. Data exporter
The data
exporter is the Customer, as defined in the FoundersCart Customer Terms of Service
(“Agreement”).
B. Data importer
The data importer is FoundersCart Technologies
Inc., a
global provider of chatbot and customer engagement software.
C. Data
subjects
Categories of data subjects set out under Section 2 of the Data Processing
Agreement to which the Clauses are attached.
D. Categories of data
E. Special
categories of data (if appropriate)
The parties do not anticipate the transfer of
special categories of data.
F. Processing operations
The processing activities set
out under Section 2 of the Data Processing Agreement to which the Clauses are
attached.
This Appendix forms part of the Clauses.
Description
of the technical and organizational security measures implemented by the data importer
in accordance with Clauses 4(d) and 5(c) (or document/legislation
attached):
FoundersCart
currently observes the security practices as described in this Appendix
2.
Notwithstanding any provision to the contrary otherwise agreed to by data
exporter, FoundersCart may modify or update these practices at its discretion provided
that
such modification and update does not result in a material degradation in the protection
offered by these practices. All capitalized terms not otherwise defined herein shall
have the meanings as set forth in the Agreement and the Addendum.
Hosting:
FoundersCart
hosts its platform and services on outsources subprocessors who adhere to strict
physical and environmental guidelines. FoundersCart maintains contractual relationships
with
such vendors in order to provide the Service in accordance with our Data Processing
Agreement.
Authentication: Customer data is stored in multi-tenant systems whose
access is provided via the platform via user interface or application programming
interface. Authentication mechanism is put in place for such access with a defined
policy for passwords. FoundersCart’s authorization model enforces that only users with
specified access can use the platform.
Access controls and monitoring: Network access
control mechanisms are enabled to prevent acccess to unauthorized protocols keeping the
underlying platform safe. FoundersCart has systems in place to detect and notify
abnormal
network activity patterns.
FoundersCart also performs periodic vulnerability
detection
scans to determine system risks.
Platform Data Access: A limited subset of
FoundersCart’s
employees have access to the customer data who have abided by company Non-Disclosure
Agreements. Such access is controlled and secured by two-factor authentication. A review
is done at least twice a year to determine the roles and individuals requiring such
access.
Background Checks: All FoundersCart employees undergo background checks
prior to
the acceptance of their employment offer under the prevailing legal guidelines. All
employees are required to act in a manner consistent with the company’s policies,
non-disclosure and other contractual requirements.
Data Transmission: All network
communication on the platform happens over secured HTTPS protocol. FoundersCart follows
industry standard implementation for HTTPS.
Data at Rest: As of 25th of May, 2018,
FoundersCart has implemented changes to secure the data by using industry standard
encryption.
Detection: FoundersCart logs data around platform access and usage,
which
includes alerting systems that would trigger in case of unintended or malicious use of
the platform.
Security Incidents: An incident log is maintained of every incident
where an abnormal platform use or data access is determined, including details and
impact. On every incident an impact analysis is performed and steps are taken to limit
the damage to systems and unauthorized access.
Communication: If FoundersCart
becomes aware
of unlawful access to customer data, FoundersCart agrees to notify the customers of the
incident. It also would communicate - information about the incident and steps taken for
its resolution. Notification for such incidents will be sent to individual customers or
such groups having been affected by the incident over email and/or phone or a medium
FoundersCart deems fit.
Availability: FoundersCart via it’s infrastructure
providers ensure a
platform availability of 99.9% availability of the platform and supporting
systems.
Backups: Data backups are taken for customer data and configurations at
regular intervals. The periodicity of such backups may change without affecting the
terms of the agreement.