A. This ZOLOZ Smart AML Addendum to the Alibaba Cloud International Website Product Terms of Service (the “Addendum”) is an Additional Agreement as defined in the Alibaba Cloud International Website Product Terms of Service (the “Product Terms”) and is entered into by and between the applicable Alibaba Cloud contracting entity in accordance with the Product Terms (“Company”) and you (or “Customer”).
B. This Addendum governs Customer’s download, installation, access to and/or use of Solution. This document also incorporates the applicable Solution Specific Terms or Service Level Agreement that apply to the specific Solution that Customer has purchased.
C. Customer agrees to be bound by this Addendum through Customer’s download, installation, access to and/or use of any Solution, and/or Customer’s express agreement to the same.
D. The rights and protections conferred on Company under this Addendum and the terms incorporated herein, shall be in addition to the rights and protections conferred on Company under any other contracts that Company has been conferred rights and protections as a third-party beneficiary.
1. Definitions
“Affiliate” means in relation to a party any person directly or indirectly Controlling, Controlled by, or under common Control with that party. For the purposes of this definition, "Control," "Controlling", and "Controlled" mean having the right to elect a majority of the board of directors or other comparable body responsible for management and direction of a person by contract, by virtue of share ownership or otherwise.
“API” means any application programming interface provided by Company to Customer from time to time for accessing Solution.x
“Authorised Personnel” means an employee, agent, contractor, consultant, supplier or other personnel, who is authorised by Customer to use Solution for facilitating the provision of Customer Services.
“Business Day” means a day other than a Saturday, Sunday or public holiday in the Territory, People’s Republic of China, or Singapore.
“Change Request Note” has the meaning given to it in Clause 10(b) of this Addendum.
“Company Developed Material” means any material solely developed by Company or its Affiliates or its Licensors, including any software, systems, data, processes, test plans, test results and know-how used in connection with Solution. For the avoidance of doubt, any modification, feedback or ideas (in any form whatsoever) provided by Customer or its Affiliates related to Company Developed Material (including all IP Rights in Solution) shall be considered as part and parcel of Company Developed Material.
“Company IP” means all IP Rights subsisting in Solution (including Updates, if any), the Foreground IP, the Documentation (and any portion reproduced or incorporated in the User Reference Materials), Company’s trademarks, Company’s Pre-Existing Material, Company Developed Material, and Company Systems.
“Company Systems” means the software, hardware, systems and network infrastructure used by Company and its Affiliates in their respective businesses.
“Confidential Information” means all information (whether oral, written or in another form) disclosed by the Disclosing Entity to the Receiving Entity, directly or indirectly, that is:
a. by its nature or by the circumstances of the disclosure, or could reasonably be expected to be, regarded as confidential;
b. marked as or instructed to be confidential at the time of disclosure to the Receiving Entity, or if disclosed in oral form, is identified as confidential at the time of disclosure to the Receiving Entity; or
c. proprietary (whether owned by the Disclosing Entity or a third party to whom the Disclosing Entity owes a non-disclosure obligation),
including, to the extent that it is confidential:
a. the fact and content of the negotiations between the parties in relation to the Addendum;
b. Personal Data of End Users;
c. information comprised in or relating to any of the Disclosing Entity’s IP Rights; and
d. any information agreed between the parties in writing to be ‘Confidential Information’,
but does not include information which:
a. the Disclosing Entity specifies in writing is not confidential;
b. has been duly received by the Receiving Entity from a third party which, to the knowledge of the Receiving Entity, is not subject to a confidentiality obligation to the Disclosing Entity;
c. is or becomes part of the public domain (other than through breach of either the Addendum); or
d. was independently developed by the Receiving Entity, without reliance on any Confidential Information of the Disclosing Entity.
“Content Provider” means a third-party content provider who supplies Content Provider Information to Company.
“Content Provider Information” means information supplied by Content Provider to Company for integration of such information into Solution to distribute and display such information to Customer.
“Customer” means the individual or legal entity that has been approved by Company to purchase Company’s Solution for download, installation, access to and/or use.
“Customer Data” means any and all data entered or stored in, generated by or Processed by Customer in connection with Solution, including all Derived Data, De-Identified Data, and Data relating to End Users, Affiliates and Transactions.
“Customer Portal” means the secure portal hosted by Company through which Customer may activate Solution and where data, images and transactions processed by Company as part of Solution would be made available to Customer.
“Customer Service” means each product or service developed, distributed or provided by Customer (as applicable) that uses or relies on Solution.
“Customer Systems” means the software, hardware, systems and network infrastructure used by Customer to provide Customer Services, and otherwise used in its respective businesses, which for the avoidance of doubt excludes the Company Systems.
“Data” means all data which is stored, Processed or created, by or on behalf of an entity in the course of the performance of obligations under this Addendum, or otherwise under or in connection with this Addendum.
“De-Identified Data” means data derived from End User Personal Data to the extent that the personally identifiable information has been removed or detached, and as a result is no longer considered Personal Data under Relevant Privacy Laws.
“Derived Data” means data, in electronic or any other format, that is transformed, translated, modified, or otherwise derived from original information or data by a Party or its Affiliates. For purposes of clarity, Derived Data may be derived by transforming, translating or modifying Data, but such transformation, translation, or modification shall not affect the rights or obligations of the parties with respect to any of the original Data.
“Disclosing Entity” means the entity disclosing Confidential Information, and includes that entity’s Representatives and Affiliates.
“Documentation” means documentation provided to Customer, which describes the functions and use of Solution.
“End User” means either a natural person permitted by Customer to use the Customer Services.
“End User Terms” has the meaning given to it in Clause 5 of this Addendum.
“Force Majeure Event” in relation to an entity, means an act of nature, force or cause beyond an entity’s, its Affiliates’ or Representatives’ reasonable control, including: (i) a fire, flood, elements of nature or other acts of God; (ii) pandemic or epidemic; (iii) an outbreak of escalation of hostilities, war, riots or civil disorders, or an act of terrorism; (iv) internet failures, computer, telecommunications, electrical power failures or any other equipment failures; (v) a labour dispute (whether or not employees’ demands are reasonable or within the entity’s power to satisfy); (vi) acts or omissions of a Government Agency prohibiting or impeding the affected entity (or its Affiliates or Representatives) from performing its obligations under this Addendum or the Solution Specific Terms, including orders of domestic or foreign courts or tribunals, governmental restrictions, sanctions, or change in Relevant Law; and (vii) the non-performance by a third party for any similar cause beyond the reasonable control of the entity.
“Foreground IP” means all IP Rights developed, created, arising from, conceived or invented by or on behalf of the parties (including any modifications, customizations or enhancements that may be created by third parties, such as independent software vendors) during or after the Usage Term.
“Government Agency” means any government, semi-governmental, statutory, administrative, or judicial or quasi-judicial body having jurisdiction in connection with the activities contemplated by this Addendum, and includes anybody having regulatory or supervisory authority over any part of the business or affairs of Customer, Company or its Affiliates.
“IP Rights” means any of the following rights in any jurisdiction anywhere in the world: (a) all patents and patent disclosures, utility model, design patents and rights in inventions; (b) trademarks, service marks, logos, tradenames, trade dress and domain names, together with all goodwill associated therewith; (c) copyrights, copyrightable rights, moral rights and database rights; (d) rights in know-how, confidential information, trade secrets, and proprietary rights and processes; and (e) all other intellectual property rights or forms of protection, subsisting now or in the future, having equivalent or similar effect to the rights referred to in any of the foregoing items (a) to (d), subject matter of any of the foregoing, tangible embodiments of any of the foregoing, in each case, whether unregistered or registered (including all applications, rights to apply and rights to claim priority), including all divisionals, continuations, continuations-in-part, reissues, extensions, re-examinations, renewals and extensions thereof, as applicable.
“Loss” means all claims, judgments, awards, damages, losses, liabilities or costs of any kind and however arising, including legal costs (on a full indemnity basis), penalties, fines and interest.
“Military End Use” / “Military End User” has the meaning given to it in Clause 3(v) of this Addendum.
“Person” includes any natural person, individual, firm, company, partnership, joint venture, an unincorporated body or association, trust, corporation or other body corporate and any Government Agency (whether or not having a separate legal personality).
“Personal Data” means: (a) information, whether true or not, about an individual who can be identified from that piece of data or from other data to which the data recipient has or is likely to have access; or; (b) considered to be personal data, personal information, personally identifiable information or equivalent under Relevant Privacy Laws.
“Pre-Existing Material” means any material or know-how that is developed or owned by a Party (or its licensor or Affiliate as the case may be) before the date that this Addendum is entered into.
“Process” (including its correlative meanings, “Processing” and “Processed”) means: (a) the receipt, access, acquisition, collection, compilation, use, modification, storage, processing, safeguarding, security, disposal, destruction, disclosure, or transfer of Data; or (b) such other activities that may be considered to be processing of Data under Relevant Laws.
“Prohibited Activities” means activities that may disrupt international peace and security, including: (a) the design, development, production, handling, operation, maintenance, storage, detection, identification, dissemination or use of weapons of mass destruction, including nuclear, chemical or biological weapons; (b) the development, production, maintenance or storage of missiles which are capable of delivering any such weapon; (c) the transportation of any such or similar weapons; or (d) the involvement in any military activities.
“Receiving Entity” means the entity receiving the Confidential Information, including its Representatives and Affiliates.
“Relevant Data Consents” means consents or permissions given by End Users in relation to the Processing of their Personal Data.
“Relevant Laws” means any applicable law, statute, rule, regulation, directive, treaty, judgement, order, guidelines, decree, interpretation, permit, injunction of any Government Agency, whether or not of the Territory, and in each case, as amended from time to time.
“Relevant Privacy Laws” means Relevant Laws relating to privacy and data protection, including those relating to the Processing of Data and other information.
“Representative” of a Person means an officer, director, employee, agent, auditor, adviser, consultant, joint venturer, contractor or sub-contractor of the Person or of an Affiliate of that Person, or any other Person solely when acting at the direction of or on behalf of that Person in connection with the performance of that Person’s obligations under this Addendum and/or use of Solution.
“Rules” has the meaning given to it in Clause 19 of this Addendum.
“Sanctioned Person” has the meaning given to it in Clause 3(u) of this Addendum.
“SDK” means any software code provided by Company to Customer from time to time, for incorporation by Customer into any Customer Systems to enable the relevant devices to call, invoke, redirect to, communicate with, or otherwise access Solution.
“Security Incident” means any actual or suspected: (a) loss or misuse of Personal Data by any means; (b) unauthorised or unlawful Processing, sale, or rental of Personal Data, including under Relevant Laws and Relevant Data Consents; or (c) other act or omission that compromises the privacy, security or confidentiality of Personal Data.
“SIAC” has the meaning given to it in Clause 19 of this Addendum.
“Solution”means ZOLOZ SMART AML products and/or services purchased by Customer, including (a) ZOLOZ SMART AML - Screening; (b) ZOLOZ SMART AML - Transaction Monitoring Services (“TMS”), (c) ZOLOZ SMART AML - Case Management System (“CMS”), and (d) ZOLOZ SMART AML - Customer Risk Rating (“CRR”).
“Solution Specific Terms” or “Service Level Agreement” means the terms and conditions between Company and Customer, governing Customer’s download, installation, access to and/or use of the relevant Solution, as updated by notice in writing from Company to Customer from time to time.
“Technological Change” means any development that customises, enhances, or changes existing functionality of Solution, including the creation of any new application programme interfaces, alternative user interfaces or extension to existing data structure.
“Territory” means the territory within which, Company has approved, for Customer to purchase from Company and thereafter, download, install, access to and/or use of any of Solution.
“Transferred Personal Data” has the meaning given to it in Clause 17 of this Addendum.
“Updates” means modifications to Solution provided by Company from time to time.
“Usage Term” means the period commencing on delivery of Solution to Customer and continuing until expiration or termination of Customer’s entitlement to use Solution, pursuant to the Addendum.
“User Reference Materials” means the user guides and materials for the Customer Services.
2. Solution Specific Terms/Service Level Agreement
(a) In consideration for Customer’s payment of the fees and subject to the terms and conditions set forth in the applicable Solution Specific Terms and Service Level Agreement, Company hereby authorizes Customer during the Usage Term and within the Territory specified, on a non-exclusive, revocable, non-transferable, non-sublicensable basis, to access and use (i) the applicable modules as made available to Customer through Solution, (ii) the APIs, SDKs (if applicable) and the Documentation relevant to the receipt of Solution and (iii) the Customer Portal (if applicable), solely for the purpose of Customer providing the Customer Services in the Territory to its End Users.
(b) Customer hereby authorizes Company during the Usage Term and within the Territory specified, on a worldwide, revocable, non-exclusive, sub-licensable through multiple tiers, royalty-free basis, to use, and to allow its Affiliates and Representatives to use Customer IP Rights solely for purpose of and in connection with Customer’s use of Solution in the Territory.
(c) Customer agrees to use Solution and provide the Customer Services in accordance with: (a) the applicable Solution Specific Terms and Service Level Agreement (as may be updated by Company from time to time) that governs Customer’s use of the relevant Solution (the terms of which shall be between Customer and Company); (b) this Addendum; (c) the applicable Documentation, and (d) any other terms or requirements, documentation, policies or guidelines as may be required and notified by Company to Customer from time to time.
(d) Depending on Solution purchased by Customer, Company may release Updates to Solution from time to time. Such Updates shall form part of Solution and be subject to this Addendum. Customer further acknowledges and agrees that Company shall have the right to add, suspend, substitute, replace, remove or discontinue any component, feature or function of Solution through such Updates for any reason or no reason without any liability towards Customer and/or any End Users.
(e) Customer acknowledges and agrees that Company shall have the right to Process any Customer Data that it has access to (including transfer of any such Customer Data to third parties for Processing) for the purposes of this Agreement and development and maintenance of Solution.
(f) Customer shall obtain all relevant Regulatory Approvals or third party consents and determine any restrictions applicable to its use of Solution or provision of Customer Services under the Relevant Laws.
(g) Service Standards for Incident Response for TMS, CMS and CRR. Company acknowledges and agrees that the ability of Customer to provide the Customer Services to End Users is dependent upon the connectivity and availability of Solution and Customer Portal (if applicable). For products and services in connection with TMS, CMS and CRR, Company will provide the following commitments upon the occurrence of any Incident which affects the availability or provision of the TMS, CMS and CRR. In the table below, “User base” refers to the persons or entities that will be screened/ processed by Customer using Solution:
Service via Customer Portal
Incident Severity Level | Description | Examples | Target Response Time |
P0 | Severe Error Entire User base impacted. Workaround is required immediately or Solution is unavailable. This condition is limited to Solution components supported. Such Incidents must be notified by phone or instant messaging where immediate confirmation of recipient is possible. | Total loss of functionality of Solution. A crash or hang in Solution. An initialization or loading failure of Solution. Repeated failures of the software that impacts entire User base. | One (1) hour after confirmation of receiving request during Business Hours
Four (4) hours after confirmation of receiving request during non-Business Hours
|
P1 | Major Error. Solution functionality impact. Workaround is required. A portion of the User base is impacted. This condition is limited to Solution components supported. Such Incidents must be notified by phone or instant messaging where immediate confirmation of recipient is possible. | Partial loss of functionality of Solution. Solution production system adversely impacted. Degraded level of Solution service. | Four (4) hours after confirmation of receiving request during Business Hours One (1) Business Day after confirmation of receiving request during non-Business Hours
|
P2 | Incident has or will affect User productivity. Workaround exists, but Incident needs to be fixed. Solution can go live, but with some level of degradation that is acceptable for User in the short-term. Such Incidents can be reported by designated asynchronized support channel (e.g. support portal or support email). | Failure in Solution component that is non-critical. Failure of redundant Solution component. Production or development system has encountered a non-critical problem or defect. Solution non-production system crash or hang. | Two (2) Business Days after confirmation of receiving request |
P3 | No or minimal User impact. Issue does not affect Customer’s use of Solution. Such Incidents can be reported by designated asynchronized support channel (e.g. support portal or support email). | “How to” questions. Documentation issues. Enhancement requests. | Five (5) Business Days after confirmation of receiving request. Issue fixes are accumulated for next scheduled release. |
For the purposes of this Clause 2(g), an "Incident" means a failure of Solution to materially conform to its Documentation, but does not include a failure caused by:
(i) Customer’s failure to use Solution in accordance with the applicable Documentation or the Addendum;
(ii) a modification of Solution without Company's consent;
(iii) a defect, error or malfunction in any item of hardware or software not supplied by Company or its Affiliates pursuant to the Addendum;
(iv) a defect, error or malfunction in any telecommunications carrier service;
(v) a fault or failure of Customer System or network; or
(vi) any other problem, event or delay that is outside the reasonable control of Company (including, without limitation, a Force Majeure Event, an event that is attributable to a third party data centre that is not hosted by Company).
For the purpose of this Clause 2(g), “Business Hour” means an hour between 9 a.m. and 5 p.m. on Business Day.
3. Customer Requirements – Customers must:
(a) in using any Solution offered by Company, comply with the applicable Solution Specific Terms and Service Level Agreement (as may be updated by Company from time to time) that governs use of that relevant Solution (the terms of which shall be between Customer and Company). Customer shall also comply with Documentation, security procedures, technical standards, system and data security requirements, policies and rules, as notified by Company from time to time;
(b) at Company's request, provide Company with information about its security procedures and other measures sufficient to demonstrate to Company the adequacy of those procedures and measures;
(c) ensure that only Authorised Personnel and End Users may access and use Solution or Customer Services, as applicable;
(d) make commercially reasonable efforts to ensure that it conducts due diligence and on-boarding procedures in relation to End Users to ensure that End Users have suitable information and communications technology infrastructure, practices and protocols, and access controls, to access and use the applicable Customer Services;
(e) prevent a Security Incident;
(f) ensure that access to and use of Solution by all Authorised Personnel and End Users comply with all usage metrics or other requirements provided by Company from time to time;
(g) only use an API or SDK specified and permitted by Company to access and use Solution;
(h) comply with all Relevant Laws, including all Relevant Privacy Laws, and obtain all Relevant Data Consents;
(i) promptly notify Company in writing of any complaint or investigation under, or relating to, any Relevant Privacy Laws or Relevant Data Consents, to the extent permitted by such Relevant Laws, or any circumstances that may lead to any such complaint or investigation;
(j) act promptly in the resolution of any such complaint, investigation or circumstances;
(k) not do, or omit to do, anything which would put Company in breach of Relevant Privacy Laws or Relevant Data Consents;
(l) take all such steps as Company reasonably requires to facilitate Company's compliance with any of the Relevant Privacy Laws or Relevant Data Consents that apply to the Customer Services;
(m) promptly notify Company in writing if it becomes aware of any changes to a Relevant Privacy Law that may cause the Customer Services, Customer’s business, or the Processing of Data by, operations of, or conduct of, Customer relating to this Addendum, to breach such Relevant Privacy Law;
(n) only store Personal Data on servers or other devices controlled by Customer or its Affiliates in a manner that is in accordance with Relevant Privacy Laws;
(o) back up Data in accordance with good information technology practices, Relevant Laws and Relevant Data Consents, including that backup copies on transportable device or other data media must be marked as backup copies and bear the same IP Rights and authorship notice as the original device or other data media, unless technically unfeasible;
(p) at all times comply with its own system security policies and maintain industry standard safeguards for its information and communications technology infrastructure;
(q) comply and shall procure that any of its Affiliates, its Authorised Personnel and End Users comply with all Relevant Laws;
(r) conduct screening checks on its Affiliates, Authorised Personnel and/or End Users (as the case may be), to ensure that they are not designated as a Sanctioned Person or located, incorporated or ordinarily resident in any country that is the subject of sanctions, or that they intend to or are likely to use Solution for any Prohibited Activities;
(s) ensure that neither itself, nor any of its Affiliates, its Authorised Personnel and End Users is not a Military End User pursuant to EAR § 744.17 (or the equivalent laws of other countries and jurisdictions in the Territory); and
(t) comply with any other vetting or screening procedures reasonably imposed by Company from time to time.
(u) For the purposes of this clause, “Sanctioned Person” shall mean:
(i) a person or entity who appears on the list of Specially Designated Nationals and Blocked Persons maintained by the U.S. Department of the Treasury, Office of Foreign Assets Control, or any other list of persons or entities with whom dealings are restricted or prohibited by any Relevant Jurisdiction;
(ii) the government, including any political subdivision, agency, or instrumentality thereof, of any country against which any Relevant Jurisdiction maintains comprehensive economic sanctions or embargos;
(iii) a national or resident of any country against which any Relevant Jurisdiction maintains comprehensive economic sanctions or an embargo; or
(iv) a person acting or purporting to act, directly or indirectly, on behalf of, or a person owned or controlled by, any of the persons listed in Clauses 3(u)(i) to 3(u)(iii) above.
(v) For the purpose of this Addendum, “Military End Use” has the meaning defined under § 744.17 and § 744.21 of the EAR (or the equivalent laws of other countries and jurisdictions in the Territory); and “Military End User” has the meaning defined under § 744.17 of the EAR (or the equivalent laws of other countries and jurisdictions in the Territory).
4. Customer Prohibitions – Customer must not, unless expressly permitted by Company in writing:
(a) incorporate or grant any other person the right to incorporate Solution into another product to form a new product;
(b) use, distribute or permit access to any Solution that has been recalled, or that does not comply with the Documentation;
(c) lease, loan, resell, transfer, sublicense or otherwise make available Solution or Documentation, other than to its Affiliates, Authorised Personnel and End Users as permitted in writing;
(d) make or attempt to make any modification to, reverse engineer, decompile, disassemble, or otherwise seek to recreate the source code or underlying functionality of Solution or any API or SDK;
(e) modify, port, translate, adapt, alter, frame or create derivative works based on Solution;
(f) disable or circumvent any access control or related process or procedure established with respect to Solution;
(g) copy (except for installation and backup of Solution as permitted in writing and the applicable Documentation), translate, disassemble, decompile, attempt to recreate, reverse engineer Solution or any source code object code, software programs, processes, algorithms, methods, techniques, data, or information embodied in Solution, the relevant portal or platform, or the Documentation, or any part, feature, function or user interface thereof, or extract ideas, algorithms, procedures, workflows or hierarchies from Solution, the relevant portal or platform, or the Documentation or otherwise use Solution for the purpose of creating any other product or service;
(h) change or remove any IP Rights and authorship notices from Solution or Documentation;
(i) access or use or attempt to access or use Solution in any way that causes, or may cause, damage to Solution or other Company Systems or impairment of the availability or accessibility of Solution or other Company Systems;
(j) breach, tamper with, compromise or circumvent any security measures included in system and data security requirements, policies and/or rules notified by Company from time to time;
(k) circumvent or disclose the user authentication or security of Solution or Company Systems, or any related host, network, or account;
(l) share, distribute or publish log-in credentials assigned to it except as permitted by Company (as the case may be);
(m) interfere with or disrupt Solution or Company Systems or other equipment or networks connected to Solution;
(n) knowingly do or permit anything to be done which could infringe, invalidate, cancel, harm, challenge, deny, question or contest Company IP;
(o) allow any Company IP to become the subject matter of any charge, lien or encumbrance;
(p) publish or disclose any results of benchmark tests run on any Solution;
(q) disclose, provide or otherwise make available trade secrets in connection with Company IP in any form to any third party;
(r) use Solution to transmit any content, data or information that is unlawful, defamatory, obscene, invasive of another’s privacy or otherwise objectionable;
(s) solicit for employment any employee or consultant of Company or its Affiliates thereof with whom Customer had contact or who became known to it;
(t) permit access to or use of Solution, in violation of any Relevant Laws;
(u) permit access to or use of Solution to disrupt international peace and security, including not permitting access to or use of the Solution for any Prohibited Activities; or
(v) permit access to or use of Solution to exploit for Military End Use or to be resold or transferred to any Military End User.
Customer acknowledges and agrees that Company may implement certain technology or software including data loss prevention software, to monitor, analyse and report on Customer's activities in relation to its usage of and access to Solution, as well as to ensure information security of Customer’s Systems. Customer shall not grant access to Solution to any Representative who does not have, or refuse to have, such software implemented on his/her computers.
5. End User terms
Customer shall ensure that where End Users have access to or use of any Solution via Customer Services provided by Customer to End Users, Customer shall also issue, and ensure that End User accepts and complies with, the terms of use of such Customer Services. These terms shall contain, at a minimum, the end user terms of use set out in Annexure A to this Addendum (the “End User Terms”). For the avoidance of doubt, references in the End User Terms to the “Provider” shall be read as references to the “Customer” as defined in this Addendum; and references in the End User Terms to the “Solution licensor” shall be read as references to the “Company” as defined in this Addendum. All capitalised terms used but not defined in the End User Terms shall have the meaning given to them in this Addendum.
6. Customer responsibility
Customer agrees to be responsible for the acts and omissions of all its Authorised Personnel, End Users, Affiliates or Representatives as if they were the acts and omissions of Customer.
7. Reference Materials Licence
Company hereby grants Customer during the Usage Term and within the Territory a non-exclusive, revocable, nontransferable, non-sublicensable licence to use all or part of the Documentation for the purpose of creating User Reference Materials, provided that: (1) Company’s IP Rights are preserved and IP Rights notices are kept intact; and (2) the User Reference Materials have been approved in writing by Company prior to being released to any Customer Affiliates or End Users.
8. Use of Trademarks
Customer shall comply with (i) branding and marketing guidelines as may be notified by Company in writing, and (ii) the standards of quality and design as notified to Customer by Company from time to time, in relation to the use of Company trademarks. Before each new use of any Trademark, Customer shall obtain prior written approval from Company (which shall not be unreasonably withheld or delayed). If required by Relevant Laws, Customer shall not send any communications to any individuals regarding the Customer Services to its End Users unless appropriate approvals have been obtained under Relevant Laws. Company may, from time to time, and on reasonable prior written notice, audit Customer’s compliance with the terms in this Addendum (including compliance with this Clause 8, the applicable Solution Specific Terms and Service Level Agreement as incorporated herein). Where an audit reveals Customer is, or is likely to be, in non-compliance with the aforesaid terms, Customer will bear the full costs of any such audits conducted by Company, and further, Customer shall also use all reasonable efforts to rectify any actual or potential non-compliance.
9. IP Rights
Company owns and will retain, or licenses and will retain their rights under licences for, all Company IP. All rights in Company IP not expressly granted to Customer under this Addendum are reserved by Company. Nothing in this Addendum transfers from Company any proprietary right or interest in any Company IP.
Customer must: (i) promptly notify Company in writing of any actual, attempted, threatened or suspected infringement of any of Company IP; and (ii) at the request and expense of Company, provide all reasonable assistance as Company may require in conducting enforcement proceedings or defending proceedings in respect of Company IP.
All rights, title to and interests in, all Foreground IP shall vest in and shall be the sole and exclusive property of Company, unless otherwise agreed in writing by Company or otherwise set forth in the applicable Solution Specific Terms and Service Level Agreement. For clarity, if Customer (through itself, or other third parties) perform customizations, or create developments, derivatives, enhancements, improvements or additional products, functions or modules relating to Solution, the Documentation and/or other matters using Company IP, all Foreground IP created as a result of the foregoing work shall vest solely and absolutely in Company upon their creation or development, and Company shall have the sole and exclusive right, at its discretion, to file, prosecute and maintain any patent or other registrable IP Rights in and to the Foreground IP.
Customer (including its Affiliates) shall do all acts and things and execute any further documents reasonably required by Company to give effect to and/or perfection of the ownership by Company of all Company IP.
10. Technological Changes
To the extent that, Customer wishes to request for a Technological Change:
(a) Customer shall promptly discuss such request with Company. Customer acknowledges that it is the sole discretion of Company whether or not it wishes to proceed with the Technological Change requested by Customer;
(b) Any agreed Technological Change shall be documented by Company and Customer by completing a written change control note signed by both parties setting out the agreed revised fees, deliverable, timetable, and other relevant aspects of such Technological Change (a “Change Request Note”); and
(c) Each Change Request Note shall be substantially in the form set out in the agreement between Customer and Company.
11. Customer Regulatory Requirements
Customer agrees that it is solely responsible for: (a) determining whether or not Relevant Laws impose any restrictions or requirements on any of its activities in connection with this Addendum, Customer Services or any Solution; (b) determining what Regulatory Approvals are required for Customer to use any Solution (if any); and (c) as applicable, obtain from the appropriate Government Agencies all applicable Regulatory Approvals.
12. Warranty
12.1 Solution is provided “as is”. Except to the extent prohibited by Relevant Laws, or to the extent any statutory rights apply that cannot be excluded, limited or waived, Company, its Affiliates and its Licensors: (a) do not make any representations or warranties of any kind, whether express, implied, statutory or otherwise, regarding Solution, and relevant services, and any other matter pertaining to this Addendum or Relevant Data Consents; (b) disclaim any and all warranties of any kind, whether express, implied or statutory, and shall not be responsible for: (i) merchantability, fitness for purpose, non-infringement, satisfactory quality, accuracy, quality, completeness, timeliness, responsiveness, or productivity of any Solution; and (ii) whether Customer’s use of Solution for whatever purpose, will infringe any Relevant Laws; and (c) exclude any warranty that any Solution will be uninterrupted, error free, free of security defects or harmful components, or that any Data will not be lost or corrupted.
12.2 Company shall not be responsible for (a) any representations made by any person regarding the sufficiency or suitability of Solution in any actual application, or (b) Customer’s use of Solution for whatever purpose or whether any such use would violate the Relevant Laws or comply with the regulatory requirements under the Relevant Laws or required by the Government Agency, or (c) reviewing the Customer Data for accuracy.
12.3 Customer acknowledges and agrees that Solution, and the access to and use thereof, may be subject to limitations, delays and other problems not in Company’s control (including such limitations, delays and other problems of or attributable to the data source) and inherent in the use of the Internet and electronic communications, and that Company shall not be held responsible for delays, delivery failures or other damage resulting from such limitations.
12.4 Customer acknowledges and agrees that Solution are designed to be tools to assist Customer in the provision of the Customer Services, and that Company makes no warranties nor shall Company have any liability that Solution shall meet all of Customer’s requirements, or that the use of Solution shall be uninterrupted, error free or free from security defects.
12.5 Customer acknowledges and agrees that Solution uses and integrates information of a Content Provider, and Company and Company’s customers are subject to the terms and conditions of such Content Provider (the “Content Provider Terms”) in relation to Solution. Customer agrees to comply with these Content Provider Terms as set forth in Annexure C (Content Provider Terms) hereto and as provided by Company to Customer from time to time. Customer further acknowledges and agrees that the access to and use of Solution may be subject to limitations, delays and other problems of or attributable to the Content Provider and/or data source supplied by the reputable data provider of Company and its Affiliate (“Data Source”). Customer acknowledges that the charges may be calculated based on and incorporated the relevant fees and charges of the Content Provider, and/or Data Source (as applicable), and Company may adjust the charges from time to time with prior written notice to Customer to the extent that the fees of the Content Provider, and/or Data Source increase. Company makes no warranties nor shall Company or its Content Provider (as applicable) have any liability (whether in contract, tort, under statute or indemnities or otherwise, including negligence or fundamental breach) with respect to, any third party products or services.
12.6 Company makes no warranties on and shall not be responsible for any application of results obtained from the use of Solution or for unintended or unforeseen results obtained in the use of Solution.
13. Liability
TO THE MAXIMUM EXTENT PERMITTED UNDER APPLICABLE LAW, UNDER NO CIRCUMSTANCES SHALL COMPANY BE LIABLE TO CUSTOMER FOR ANY DIRECT DAMAGES, LOSS OF PROFITS, REVENUE, DATA, REPUTATION OR GOODWILL, OR FOR ANY INDIRECT, INCIDENTAL, CONSEQUENTIAL, SPECIAL OR PUNITIVE DAMAGES FOR ANY MATTER RELATING TO SOLUTION, WHETHER SUCH LIABILITY IS ASSERTED ON THE BASIS OF CONTRACT, TORT (INCLUDING, WITHOUT LIMITATION, NEGLIGENCE OR STRICT LIABILITY) OR OTHERWISE, AND EVEN IF INFORMED OF THE POSSIBILITY OF SUCH DAMAGES. NOTWITHSTANDING THE FOREGOING, IF COMPANY IS FOUND LIABLE DIRECTLY TO CUSTOMER FOR ANY DAMAGES, ITS TOTAL LIABILITY RELATED TO, IN CONNECTION WITH AND RISING FROM ITS PURCHASE AND USE OF SOLUTION SHALL NOT EXCEED THE AMOUNT EQUAL TO THE LOWER OF (A) USD $500,000.00 OR (B) FEES PAID BY CUSTOMER TO COMPANY FOR ACCESS TO AND USE OF SOLUTION IN THE PRECEDING SIX (6) MONTHS PRIOR TO THE MONTH IN WHICH THE RELEVANT CLAIM IS FIRST MADE GIVING RISE TO LIABILITY. THE EXISTENCE OF MORE THAN ONE CLAIM OR CAUSE OF ACTION WILL NOT ENLARGE THE FOREGOING LIMIT.
Customer agrees to indemnify, defend and hold harmless Company against all Losses arising from (a) the Customer Services, (b) the acts or omissions of Customer and its End Users, Affiliates, Authorised Personnel, and Representatives, (c) management of its relationships with any of the foregoing (including alleged breach of agreements between Customer and any of the foregoing), and/or (c) any breach of its obligations under this Addendum (which includes the applicable Solution Specific Terms and Service Level Agreement as incorporated herein) caused by any of the foregoing.
14. Audit
Without prejudice to any other rights that Company may have under this Addendum, Company may also audit (no more than once annually) Customer’s compliance with the terms in this Addendum. Customer must, with reasonable notice from Company, reasonably cooperate with such audits, including the provision of access to relevant records and personnel. Any audit undertaken under this Clause 14 shall be at Company’s own cost, except where the audit reveals non-compliance, in which case, Customer must pay Company’s reasonable costs of the audit.
15. Suspension and Downtime
15.1 Without prejudice to the rights under this Addendum, Company may suspend the provision of Solution if:
(a) any amount due to be paid by Customer is overdue or Customer has breached any term of any Solution Specific Terms or this Addendum; and
(b) Company has given Customer at least fourteen (14) days’ written notice, following the amount becoming overdue or Customer’s breach, of its intention to suspend access to or use of Solution,
in which event such action shall not give rise to any cause of breach of contract or other liability against Company.
15.2 Customer acknowledges that Solution may be unavailable from time to time. Unavailability of Solution caused directly or indirectly by any of the following shall not be considered a breach by Company of any Solution Specific Terms or this Addendum:
(a) a Force Majeure Event;
(b) a fault or failure of the internet or any public telecommunications network;
(c) a fault or failure of Customer System or network;
(d) any downtime caused or contributed to by the improper use of SDKs, or wrong configure of server-end component like mobile gateway by Customer or End User;
(e) any breach by Customer of Solution Specific Terms or this Addendum; or
(f) scheduled, major, urgent or emergency maintenance, upgrades or updates carried out in accordance with Solution Specific Terms/ Service Level Agreement or this Addendum.
16. Termination
Without prejudice to any other rights that Company may have under any agreement as a third-party beneficiary, Company shall also have the right to terminate or suspend Customer’s access to and use of Solution immediately by notice, and terminate or suspend all licences granted to Customer immediately by notice, without any liability to Customer if: (a) Customer (including its Authorised Personnel, End Users, Affiliates or Representatives) had used or is using Solution outside the scope of this Addendum (which includes the applicable Solution Specific Terms and Service Level Agreement as incorporated herein); (b) Customer (including its Authorised Personnel, End Users, Affiliates or Representatives) is or had been otherwise in material breach of Relevant Laws (including applicable laws or regulations about personal data, data privacy, anti-money laundering, sanctions, export or import control prohibitions in relation to technology (encrypted or otherwise), or is or had been otherwise in breach of the terms set forth in Clause 3(q) to Clause 3(v)), or this Addendum ; or (c) a Security Incident has occurred with respect to Data that is in the possession of, or under the control of Customer, or (d) there is any change in Relevant Laws which makes it unlawful, impossible, or impracticable for Company to continue this Addendum, as it becomes known to Company.
Upon the effective date of termination, Customer shall (a) immediately stop accessing and using Solution; and (b) where applicable, return to Company or, if required by Company, destroy all information concerning Solution in Customer’s possession or control.
17. Data Privacy
If and to the extent applicable, and without prejudice to the applicable Data Processing Addendum of the Alibaba Cloud International Website Membership Agreement, Company agrees to comply with the obligations set out in Annexure B (Data Protection Terms), with regards to the processing of Personal Data received from Customer during its use of Solution (“Transferred Personal Data”).
18. Confidentiality
Each Party retains all ownership rights in and to its Confidential Information. The Receiving Entity will use the same degree of care that it uses to protect the confidentiality of its own confidential information (but not less than reasonable care) to (i) not use any Confidential Information of the Disclosing Entity for any purpose outside the scope of this Addendum and (ii) except as otherwise authorized by the Disclosing Entity in writing, limit access to Confidential Information of the Disclosing Entity to those of its and its Affiliates’ employees and contractors who need that access for purposes consistent with this Addendum.
The Receiving Entity acknowledges that disclosure of Confidential Information would cause substantial harm for which damages alone would not be a sufficient remedy, and therefore that upon any such disclosure by the Receiving Entity, the Disclosing Entity will be entitled to seek appropriate equitable relief in addition to whatever other remedies it might have at law.
19. Governing Law & Dispute Resolution
This Addendum shall be governed by, and construed in accordance with, the laws of the Republic of Singapore. Any dispute arising out of or in connection with this Addendum and the terms incorporated therein, including any question regarding its application, validity or termination, shall be referred to, and exclusively and finally resolved by, arbitration administered by the Singapore International Arbitration Centre (“SIAC”) in accordance with the SIAC Arbitration Rules for the time being in force (“Rules”), which Rules are deemed to be incorporated by reference in this clause. The arbitral tribunal shall consist of three (3) arbitrators, of which one (1) arbitrator shall be appointed by Company, one (1) arbitrator shall be appointed by Customer and the third and presiding arbitrator shall be appointed by the first two (2) arbitrators as agreed between them or failing agreement within thirty (30) days from the appointment of the second arbitrator, by the President of SIAC in accordance with the Rules. The venue and seat of the arbitration must be Singapore, and the arbitration must be conducted in English.
20. Third Party Rights
Customer agrees that: (a) in respect of terms in any agreements that are intended to be for the benefit of Company, Company shall have the right to enforce directly against Customer, notwithstanding that Company is not a party to the Customer Terms, under the Contracts (Rights of Third Parties) Act (Cap.53B); and (b) should any dispute arise between Customer and any third party under the relevant agreement, Customer agrees to release Company from all claims, demands and damages of every kind and nature, known and unknown, suspected and unsuspected, disclosed and undisclosed, foreseeable or unforeseeable, arising out of or in any way connected to such disputes.
Annexure A to the Addendum
End User Terms of Use
1. Usage - End User is permitted to access and use Solution as incorporated into the Customer Services, pursuant to these End User Terms of Use (“End User Terms”), for the sole purpose of enabling End User to receive and/or use the Customer Services. End User shall not modify, reverse engineer, copy, sell, lease, or sublicense Solution. End User may not extract ideas, algorithms, procedures, workflows or hierarchies from Solution or otherwise use Solution for the purpose of developing any other software based on concepts, functions, or operations similar to those in Solution.
2. Confidential Information - End User acknowledges that Solution and all information provided in connection therewith, is proprietary to, and forms part of, the Confidential Information of Solution licensor. End User hereby acknowledges that unauthorised access to or use of Solution may cause immediate and irreparable harm and Provider and/or Solution licensor shall have the right to (i) seek and obtain preliminary and final injunctive relief to enforce these terms of use, and (ii) terminate End User’s licence to access or use Solution in case of any actual or threatened breach, in addition to other rights and remedies that may be available to Provider and/or Solution licensor.
3. Intellectual Property Rights - End User only acquires the right under these End User Terms to access and use Solution, and all intellectual property rights in Solution and all derivatives belong to and shall remain owned by Solution licensor. End User may not copy all or any part of Solution. End User shall maintain adequate security measures to safeguard Solution from unauthorised access or use, and shall comply with security procedures and technical standards as notified by Customer from time to time (if any).
4. Ownership. The copy of Solution is licensed, not sold. Solution licensor retains ownership of the copy of Solution, including all intellectual property rights therein. The Software is protected by international copyright law, international treaties and other applicable laws. End Users will not delete or in any manner alter the copyright, trademark, and other proprietary rights notices or markings appearing on Solution or generated when Solution runs, as delivered.
5. Technical Support - No support requests shall be addressed to Provider. Nothing under these terms of use requires Provider to create or deliver any Updates, or provide any support directly to End User, and Provider makes no representations or warranties regarding any Updates.
6. Warranty – SOLUTION ARE PROVIDED “AS IS”. EXCEPT TO THE EXTENT PROHIBITED BY RELEVANT LAWS, OR TO THE EXTENT ANY STATUTORY RIGHTS APPLY THAT CANNOT BE EXCLUDED, LIMITED OR WAIVED, PROVIDER AND SOLUTION LICENSOR DISCLAIMS ALL EXPRESS, IMPLIED, STATUTORY OR OTHERWISE WARRANTIES REGARDING SOLUTION AND DOCUMENTATION, INCLUDING WITHOUT LIMITATION THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE OR NON-INFRINGEMENT, EXCEPT AND SOLELY FOR A WARRANTY THAT SOLUTION SHALL MATERIALLY COMPLY WITH THE DOCUMENTATION PROVIDED BY PROVIDER. PROVIDER AND SOLUTION LICENSOR SHALL NOT BE RESPONSIBLE FOR ANY REPRESENTATIONS MADE BY ANY PERSON REGARDING THE SUFFICIENCY OR SUITABILITY OF SOLUTION IN ANY ACTUAL APPLICATION.
7. Liability – TO THE MAXIMUM EXTENT PERMITTED UNDER APPLICABLE LAW, UNDER NO CIRCUMSTANCES SHALL PROVIDER OR SOLUTION LICENSOR BE LIABLE TO END USER FOR ANY DIRECT DAMAGES, LOSS OF PROFITS, REVENUE, DATA, REPUTATION OR GOODWILL, OR FOR ANY INDIRECT, INCIDENTAL, CONSEQUENTIAL, SPECIAL OR PUNITIVE DAMAGES FOR ANY MATTER RELATING TO SOLUTION, WHETHER SUCH LIABILITY IS ASSERTED ON THE BASIS OF CONTRACT, TORT (INCLUDING, WITHOUT LIMITATION, NEGLIGENCE OR STRICT LIABILITY) OR OTHERWISE, AND EVEN IF INFORMED OF THE POSSIBILITY OF SUCH DAMAGES. NOTWITHSTANDING THE FOREGOING, IF PROVIDER OR SOLUTION LICENSOR IS FOUND LIABLE DIRECTLY TO END USER FOR ANY DAMAGES, ITS TOTAL LIABILITY RELATED TO THESE TERMS OF USE SHALL NOT EXCEED THE AMOUNT EQUAL TO THE LOWER OF (A) USD $500,000.00 OR (B) THE FEES PAID BY END USER TO PROVIDER FOR THE CUSTOMER SERVICES THAT INCORPORATES SOLUTION IN THE PRECEDING SIX (6) MONTHS PRIOR TO THE MONTH IN WHICH THE RELEVANT CLAIM IS FIRST MADE GIVING RISE TO LIABILITY. THE EXISTENCE OF MORE THAN ONE CLAIM OR CAUSE OF ACTION WILL NOT ENLARGE THE FOREGOING LIMIT.
8. U.S. Government End Users. Solution is “commercial computer software” as that term is used in FAR 12.212 and DFARS 227.7202. If Solution is being acquired by or on behalf of the U.S. Government, then, as provided in FAR 12.212 and DFARS 227.7202-1 through 227.7202-4, as applicable, the U.S. Government’s rights in Solution will be only those specified in these End User Terms.
9. Export Law. End User agrees to comply fully with all applicable export laws and regulations to ensure that neither Solution nor any technical data related thereto nor any direct product thereof are exported or re-exported directly or indirectly in violation of, or used for any purposes prohibited by, such laws and regulations.
10. Termination – Provider and/or Solution licensor may terminate End User's permission to use Solution immediately by notice in the event that End User breaches any term or condition of this terms of use. Upon termination, End User must immediately delete all copies of Solution from all devices (and otherwise) and stop accessing and using Solution.
11. Miscellaneous – These End User Terms shall be governed by, and construed in accordance with, the laws of the Republic of Singapore. End User agrees that in respect of these End User Terms that are intended for the benefit of Solution licensor, Solution licensor shall be entitled to enforce these terms directly against the End User, notwithstanding that Solution licensor is not a party to these End User Terms, under the Contracts (Rights of Third Parties) Act (Cap.53B).
Annexure B to the Addendum
Data Protection Terms (the “Terms”)
1. Use restrictions
1.1 Company shall Process Transferred Personal Data in accordance with the Addendum, the Product Terms and other relevant agreements between Company and Customer. For the avoidance of doubt, the Terms shall be read together with the applicable Data Processing Addendum of the Alibaba Cloud International Website Membership Agreement. Any terms related to Processing Transferred Personal Data not provided herein shall follow the terms in the applicable Data Processing Addendum.
1.2 Company shall only Process Transferred Personal Data:
(i) strictly for the for the purposes of the Addendum and development and maintenance of Solution, including manual marking of the Transferred Personal Data in order to improve the service quality and/or the functionality (“Purpose”); or
(ii) with Customer’s prior written consent or in accordance with Customer’s instructions.
2. Customer obligations
2.1 Customer represents and warrants to Company that it has the legal right under all applicable laws to disclose to Company and/or its Affiliates, or permit Company and/or its Affiliates to collect, all Transferred Personal Data and has taken the proper steps to ensure that Company and/or its Affiliates are able to lawfully Process the Transferred Personal Data for the Purpose and any other purposes set out in the Addendum, including providing all required notices or statements to all data subjects of the Transferred Personal Data and obtaining all required consents or permissions or similar or equivalent concept pursuant to any Relevant Privacy Laws from all data subjects of the Transferred Personal Data.
2.2 Customer must:
(i) promptly notify Company in writing of any complaint or investigation under, or relating to, any Relevant Privacy Laws or Relevant Data Consents concerning the Customer’s use of Solution or concerning the Transferred Personal Data or any circumstances that may lead to any such complaint or investigation;
(ii) act promptly in the resolution of any such complaint, investigation or circumstances;
(iii) not do, or omit to do, anything which would put Company in breach of Relevant Privacy Laws or Relevant Data Consents;
(iv) take all such steps as Company reasonably requires of it to facilitate Company's compliance with any of the Relevant Privacy Laws or Relevant Data Consents that apply to Company, including any Relevant Privacy Laws obliging Company to obtain Relevant Data Consents or to store a copy of Transferred Personal Data within the Territory (including in the circumstance of assignment of Company's rights under the Addendum);
(v) maintain security measures, including physical and electronic measures, in relation to:
(a) the Customer Services;
(b) the technology and infrastructure required to provide and perform the Customer Services; and
(c) the Personal Data in its or its Representative's possession or control,
in accordance with the provisions of Clause 4 of the Addendum and all relevant data security standards, including those related to fraud and anti-money laundering, required or identified by:
(d) Company's data security protocols and data integrity and security measures furnished by Company to Customer from time to time; and
(e) Relevant Privacy Laws,
with the more stringent measures to apply in the case of any inconsistency;
(vi) comply with Company's security requirements regarding the dedicated or direct interconnection between its systems, platforms or devices and Customer's operating environment, as specified in Clause 4 of the Addendum;
(vii) promptly notify Company in writing if it becomes aware of any changes to a Relevant Privacy Law that may cause the Customer Services, the Processing of Transferred Personal Data or any other activities of Company relating to the Addendum, to breach such Relevant Privacy Law;
(viii) in addition to complying with any obligations for data back-up and storage under any Relevant Privacy Laws and Relevant Data Consents (including any obligations to store a copy of the Transferred Personal Data within the Territory), Customer must:
(a) back up the Transferred Personal Data as often as is necessary to ensure that the Transferred Personal Data can be recovered; or
(b) otherwise comply with the data back-up and storage protocols as provided by Company from time to time;
(ix) in the event of any:
(a) breach of any data security requirement under the Addendum by Customer or its End Users; or
(b) Security Incident, which Customer knows or reasonably suspects has occurred,
Customer must notify Company in writing immediately and comply with all reasonable directions of Company in respect of the breach; and
(x) Company may audit or require a copy of an internal or external audit performed in respect of Customer's compliance with this Clause 2 of the Terms from time to time.
2.3 Customer agrees that it is solely responsible for the development, content, operation, maintenance, and Processing of Personal Data in connection with the Customer Services or the Addendum, including:
(i) ensuring that the Processing of Transferred Personal Data, including by Company, and/or its Affiliates, complies with the Relevant Privacy Laws, Relevant Data Consents, and other notices or disclosures provided or made;
(ii) any claims relating to or Losses arising from the Processing of Personal Data or a Security Incident;
(iii) properly handling and processing notices sent to Customer by any Person claiming that Transferred Personal Data (or any actions in relation to it, including actions consistent with the terms of the Addendum) is in breach of Relevant Privacy Laws or violates such Person’s rights;
(iv) responding to any request which Customer may receive from any End User seeking to exercise the rights over his/her Personal Data that he/she may be entitled to in accordance with the Relevant Privacy Laws; and
(v) taking its own steps to maintain appropriate security, protection and backup of Transferred Personal Data, which may include the use of encryption technology to protect Transferred Personal Data from unauthorised access and appropriate archiving of Transferred Personal Data.
2.4 Customer agrees and acknowledges that any Processing of any Transferred Personal Data by Company or its Affiliates, is carried out by them as data intermediaries, data processors or other similar designation under Relevant Privacy Laws, of Customer, on behalf of Customer and for the purposes of Customer.
2.5 In processing transactions using the Customer Services, Customer acknowledges and agrees that all Transferred Personal Data shall be provided in accordance with data standards developed and issued by Company. The data standards are published by Company or its Affiliates and may be varied by Company or its Affiliates from time to time with notice to Customer.
2.6 In relation to all Personal Data to be Processed in connection with the Customer Services, Customer must ensure that:
(i) all consents or approvals required under, or are otherwise necessary or useful to comply with, Relevant Privacy Laws have been obtained;
(ii) all Relevant Data Consents that are necessary or useful for Company to provide the Customer Services to Customer and otherwise perform its other obligations under the Addendum have been obtained;
(iii) all notices and disclosures that are required under, or otherwise necessary or useful to comply with Relevant Privacy Laws and Relevant Data Consents and any notices and disclosures that Customer is required to provide to data subjects of Transferred Personal Data or Government Agencies have been provided or made, including those concerning:
(a) the collection of Personal Data by, and disclosure of Personal Data to, Company or its Affiliates;
(b) the collection and transfer of Personal Data in, by and from the Services in the course of receiving and providing the Services and Customer Services; and
(c) the Processing of Transferred Personal Data by Company,
(iv) as contemplated by the Addendum, including being consistent with and reflecting Company's status as described in Clause 2.4 of the Terms; and
(v) a record of all consents (including Relevant Data Consents) or approvals in connection with this Clause 2.6 of the Terms is maintained in accordance with all Relevant Privacy Laws.
2.7 After Customer complies with the requirements of this clause 2, if for any reason, whether under Relevant Privacy Laws or any requirement reasonably imposed by Company, Customer is required to subsequently obtain any consent or approval of such data subject of Personal Data or Government Agency for any Processing of Personal Data as set out above, Customer must inform Company and shall obtain such consent or approval before Processing such Personal Data which is the subject of such consent or approval.
2.8 Customer acknowledges that Company does not intend for Customer Services to be made available to End Users under the age of 15 years. Customer must ensure that all End Users are over 15 years of age and that End Users between 15 and 18 years of age do not use Customer Services without a guardian's consent.
3. Sub-processing
3.1 Customer hereby consents to Company engaging ZOLOZ PTE. LTD. and its Affiliates to Process Transferred Personal Data.
Annexure C to the Addendum
Content Provider Terms
1. General:
1.1 Customer acknowledges and agrees that Solution integrates the Content Provider Information, and Customer’s use of Solution which integrated the Content Provider Information is subject to the following terms set forth in this Schedule.
1.2 Customer acknowledges and agrees that the Content Provider(s) are third-party beneficiaries of Company’s rights and remedies under the Addendum. Customer agrees to comply with all applicable Content Provider Terms. Those terms will be supplied to Customer by Company from time to time. Company is from time to time required to provide Customer’s name and the terms of the Addendum (with commercial sensitive information redacted) to the Content Provider(s) to the extent that they need such details in order to enable Company to perform their contractual obligations, and Customer hereby consents to such disclosure and use of such information by Content Provider and Company.
2. Definitions:
All capitalized terms used in these Content Provider Terms and not otherwise defined herein shall have the meanings assigned to them in the Addendum:
“Affiliate” means, for any legal entity, an individual or legal entity that directly or indirectly controls, is controlled by or is under common control with such individual or legal entity, and where “control” shall mean: (a) ownership of the majority of the voting equity interest of an applicable entity; and (b) having the legal and practicable ability to procure compliance by the applicable entity with the terms and conditions of the Addendum.
“Content Provider Information” means information supplied by Content Provider to Company for integration of such information into Solution to distribute and display such information to Customer in the Territory.
“Applicable Data Protection Law” means, in so far as applicable to the supply of Content Provider Information pursuant to the Addendum, all laws and regulations governing the protection of individuals with regard to the processing of personal data (including, without limitation, security requirements for and the free movement of such personal data), such as: (a) the General Data Protection Regulation (EU) No. 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (“GDPR”) and any national law implementing or supplementing the GDPR; and (b) any UK laws or regulations replacing, succeeding or re-enacting the GDPR.
“Intellectual Property Rights” means patents, inventions (whether or not capable of protection by patent or registration), trademarks, trade names, know-how, registered and unregistered design rights, utility models, semi-conductor topography rights, copyright in all specifications, drawings and technical descriptions, computer software and databases, database rights, moral rights, and all other intellectual or industrial property rights in any part of the world including, where such rights are obtained or enhanced by registration, any registration of such rights (including, without limitation, the right to apply for such registrations) and applications therefor (including, without limitation, the right to claim priority from patent applications).
“Display Terms” means the Content Provider Information shall be displayed in full when matched with searches carried out by Customer in Solution, and such other additional terms provided by Content Provider detailing how the information may be displayed. In no event shall the Content Provider Information be truncated or edited.
“Permitted User” means an individual authorized by Customer, to access and use the Content Provider Information if allowed by Company under the Addendum, who is either: (a) an individual employee of Customer; or (b) an individual performing the functions of an employee, on a temporary basis, independent contractor, or consultant, in each case who is performing work solely for Customer.
3. Use of the Content Provider Information
3.1 Customer shall:
(a) ensure that it and its Permitted Users agree to the terms of the Addendum (including, without limitation, these Content Provider Terms) before being granted access to the Content Provider Information;
(b) ensure that the Content Provider Information is: protected by firewall or other comparable up-to-date security measure together with other appropriate technical and organizational security measures and, that in particular, the Content Provider Information is protected against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access;
(c) If, at any time, Company, or the Content Provider, becomes aware that the Content Provider Information is being used in an unauthorized manner (including, without limitation, being used for purposes other than as set out in the Addendum); Customer will promptly notify Company with written confirmation thereafter. Company may, upon notice to the Customer, require Customer to suspend the access to Solution which integrates the Content Provider Information. If significant amounts of the Content Provider Information are stored as a result of the unauthorized use of the Content Provider Information described in this section, then Customer shall provide Company with reasonable assistance to ensure that such stored Content Provider Information is deleted or returned to Company, if applicable; and
(d) assume full responsibility and liability for the acts and omissions of Customer or its Permitted User in relation to the use of the Content Provider Information.
3.2 Notwithstanding anything to the contrary in the Addendum, the Content Provider Information may only be used for the following purposes and for no other purpose:
(a) performing customer or counterparty due diligence and other screening and risk management activities carried out to comply with legal or regulatory obligations to which Customer is subject, in particular “know your customer and counterparty” requirements under anti-money laundering, anti-bribery, corruption and economic sanctions regulation which apply to any Customer;
(b) performing a statutory role as a governmental organization;
(c) performing law enforcement duties; or
(d) any establishment, exercise or defense of legal claims relating to the purposes set out in this Clause 3.
3.3 Except as otherwise permitted under this Addendum, Customer shall not:
(a) reproduce, distribute, display, translate, sell, publish, broadcast, or circulate any of the Content Provider Information to any third party (including, without limitation, via the use of the Content Provider Information in another form such as orally or via intercom devices), including, without limitation, to other individuals in Customer’s or its Affiliate's organization, nor make the Content Provider Information available for any such use;
(b) redistribute, publish or use any of the Content Provider Information or any derived content (including, without limitation, charts from the Content Provider Information) in any commercial news or information service, nor permit any third party to do the same;
(c) use the Content Provider Information, or the Codes for its benefit nor in conjunction with: (i) any data mining or text mining software, or automated trend analysis application (without limiting the foregoing, Customer shall not use the Content Provider Information, or the Codes for the development, testing, or use of algorithmic or automated trading applications or in algorithmic or automated trading applications; or (ii) systems or applications that enable any program that integrates news with customer relationship management, order management, trading, portfolio management tools or systems, mid- or back-office applications, or real-time payment screening applications and/or services;
(d) distribute or display any Content Provider Information (i) to or for any third party; (ii) as part of “cobranded,” “white-labelled”, “private label” or “framed” web sites or services (including, without limitation, via any site or through other arrangements that are branded with the trademarks, trade names, logos and insignia of Customer or a person other than Customer); (iii) through any service not permitted in the Addendum; (iv) via a feed (including, without limitation, via RSS feeds); or (v) via any application programming interface (API) nor application program (for example, but not limited to, mobile phone applications for iPhone, iPad, Android, and/or BlackBerry);
(e) distribute or display any Content Provider Information in open access;
(f) edit, modify, reverse-engineer or disassemble any part of the Content Provider Information, or any Codes contained therein (including, without limitation, the time and date information applicable to each headline and story) nor use the Content Provider Information to create derivative work;
(g) knowingly do or permit anything to be done which could infringe, invalidate, cancel, harm, challenge, deny, question or contest Content Provider’s Intellectual Property Rights; and
(h) permit any third party to redistribute the Content Provider Information nor do anything prohibited in sub-sections (a)-(g) above.
3.4 Nothing in the Addendum shall be construed as permitting Customer to: (i) change or display the Content Provider Information in any way that may be prejudicial to the integrity of the Content Provider Information or of Content Provider; or (ii) alter the form, content, tone, facts or meaning of the Content Provider Information (including, without limitation, any copyright notices attached thereto). The Content Provider Information may only be made available in the Subscription Service, in accordance with the terms of the Addendum and the Display Terms (if any), as one information source and not as a standalone product or service. Notwithstanding the foregoing, Customer acknowledges and agrees that Content Provider shall own all Intellectual Property Rights of Content Provider Information (including, without limitation, any and all copyrights therein, other right, title and interest in and to any translations of such Content Provider Information). To the extent that the copyright and other rights in and to such translations do not vest in Content Provider, Customer hereby irrevocably grants, assigns and transfers all rights, title and interest in and to such translations to Company and Content Provider, and Customer agrees never to claim any rights including, without limitation, moral rights of the author in or to such translations. Customer waives any and all rights now or later provided by applicable law related in any way to the revisions, abridgments, translations and other uses of such translations.
3.5 The indexing codes (including, but not limited to, Content Provider indexing codes and CUSIP data) delivered with the Content Provider Information (the "Codes") are owned by Content Provider, its Affiliates or a third party (the “Code Owners”), and are protected by copyrights, database rights, trademarks and/or patents owned by the relevant party. No proprietary rights are being transferred with respect to the Codes. If applicable, Customer may use the Codes solely to access Content Provider Information and may not otherwise copy or re-distribute the Codes. The Code Owners make no warranties of any kind, whether express or implied, in respect of the Codes and will not be liable for any errors or omissions in the Codes, nor shall they be liable for any loss or damage, whether direct or indirect, resulting therefrom. The Code Owners may enforce this Clause. Customer acknowledges that it may be required to obtain a license directly from the Code Owner in connection with the receipt or delivery of third party Codes.
3.6 Provision of any Content Provider Information not owned by Content Provider is subject to the continuing consent of the owner/licensor. Nothing in the Addendum or the Content Provider Terms shall obligate Content Provider to continue providing access to any Content Provider Information beyond the date when Content Provider ceases publishing such Content Provider Information to subscribers generally. If at any time therefore Content Provider ceases to be able to provide Company with the Content Provider Information, Company may, at its sole discretion, elect to either: (a) substitute alternative content that is similar in all material respects; or (b) terminate the Addendum with respect to such Content Provider Information immediately by written notice. Company shall provide as much notice as reasonably practicable under the circumstances, in writing, prior to cessation of the Content Provider Information.
3.7 The Content Provider Information is either licensed from third party information providers or is proprietary to Company or Content Provider. The rights to use the Content Provider Information under the Addendum are contractual and the Addendum shall govern such use regardless of any copyright license acquired from a third party. Accordingly, no such separate copyright license will permit any redistribution of information prohibited by the Addendum.
3.8 In no event shall the Content Provider Information be truncated or edited by Customer.
4. Disclaimers, Warranties, Representations.
4.1 Except as provided herein, the Content Provider Information is provided on an "as is", “as available” basis without warranties, conditions or representations of any kind and Company and its Content Provider does not warrant the accuracy, timeliness, completeness, adequacy, merchantability or fitness for a particular purpose of the Content Provider Information. Company and its Content Provider shall not be liable to Customer, or to any third party, in respect of any actual or alleged inaccuracy, untimeliness, inadequacy, merchantability or unfitness of the Content Provider Information. In particular, but without limitation, Customer acknowledges and agrees that none of the Content Provider Information, any part of it and its provision constitutes any form of advice (investment, tax, or legal), recommendation, representation, endorsement or arrangement, and none of the same should be relied upon by any person for any reason, including, without limitation, in connection with any investment decision. Customer shall not make any statement respecting Company, Content Provider, the Content Provider Information that is contradictory or inconsistent with the foregoing statements or that has not been approved in writing and in advance by Content Provider.
4.2 Customer represents and warrants that:
(a) it is a corporate entity located in the Applicable Territory that has: (a) a regulatory requirement to use the Content Provider Information, and (b) is either (i) a Financial Service Institution with less than US$1 billion total assets or (ii) a Related Party of Company or Alibaba Group Holding Limited.
For the purpose of this section:
(i) “Applicable Territory” means jurisdictions including Hong Kong, Macau, Taiwan, Singapore, Thailand, Malaysia, Indonesia, Brunei, the Philippines, Vietnam, and Cambodia.
(ii) “Financial Services Institutions” means retail banks, digital banks, payment service provider, merchant organization, wallet or payment institution, money service operator, card organization, insurance company, fund company, security company, investment company, wealth management company, or fintech companies.
(iii) “Related Party” means in relation to an entity, any other entity directly or indirectly Controlling, Controlled by, or under common Control with that entity. “Control”, “Controlling”, and “Controlled” mean (i) having more than 25% of shares or similar rights of an entity; or (ii) having the right to elect a majority of the board of directors or other comparable body responsible for management and direction of an entity by contract or otherwise.
(b) it acknowledges that Content Provider is not a “consumer reporting agency” and that the Content Provider Information does not constitute a “consumer report” or “investigative consumer report” as such terms are defined in the Fair Credit Reporting Act, 15 U.S.C. §1681, et seq. (FCRA), applicable state or national fair credit reporting laws;
(c) it acknowledges and agrees that Customer is using the Content Provider Information solely to fulfil legally binding compliance obligations. Accordingly, Customer represents and warrants that it will not, and shall procure that its Permitted Users will not, use the Content Provider Information for any permissible purpose under section 604 paragraph 1681b of the Fair Credit Reporting Act, 15 U.S.C. §1681, et seq. (FCRA), or any applicable state or national fair credit reporting laws. For example, Customer represents and warrants that it will not use or allow the use of the Content Provider Information: (a) in connection with a credit transaction involving the consumer to whom the data relates and involving the extension of credit to, or review or collection of an account of, the consumer; (b) in connection with the underwriting of insurance involving the consumer; or (c) for the purpose of evaluating a consumer for employment, promotion, reassignment or retention as an employee.
5. Compliance with Applicable Laws
5.1 Customer represents, warrants and covenants to Company and Content Provider as follows:
(a) Customer is aware of and understands all applicable laws and regulations and agrees to comply with all such laws and regulations in its performance of its obligations arising pursuant to this Addendum, including, without limitation, all applicable export-control and sanctions programs including the economic sanctions programs administered by the United States Treasury Office of Foreign Assets Control (“OFAC”) and sanctions programs administered by the European Union (collectively, the “Sanctions Programs”). Customer agrees that it will not offer or provide the Content Provider Information to any individual or entity which is listed as a specially designated national or blocked person by OFAC or to any individual or entity based or residing in a country or territory subject to comprehensive U.S. sanctions. To the extent that Customer is not subject to the U.S. Foreign Corrupt Practices Act, the U.K. Anti-Bribery Act and/or one or more of the Sanctions Programs, Customer agrees that it shall comply with the terms thereof as if subject to such Acts and Sanctions Programs;
(b) the performance of Customer’s obligations established by the Addendum will not violate any law, regulation or obligation by which it is bound, including, without limitation, anti-corruption and public procurement laws and regulations, and laws and regulations applicable to government officials, and will not conflict with or violate any agreement or instrument to which Customer is a party or by which it is bound;
(c) Customer will not make any payment to any other person or entity if such payment or transfer: (i) would violate the laws of the country in which the transaction is made; or (ii) is being provided to a competitor in an effort to eliminate or restrict competition or divide the market;
(d) in the event that Customer receives any request, or demand, for any undue financial or other advantage of any kind in connection with its performance under the Addendum, Customer shall promptly notify Company;
(e) neither Customer or any of its owners, directors, officers, employees or agents has been convicted of or pleaded guilty to an offense involving fraud, corruption or moral turpitude, nor has any such person been listed by any government agency as debarred, suspended, proposed for suspension or debarment or otherwise ineligible for government procurement programs; and
(f) Customer shall comply with applicable laws, rules and regulations when it uses the Content Provider Information or in relation to performing this Addendum, including, without limitation, the Applicable Data Protection Law.
6. Remedies and Termination
6.1 Customer will cooperate in good faith with Company, Content Provider and their respective representatives in the event of any actual, or potential, violation of the law, or any breach of representations, warranties or covenants hereunder, by it, its officers, directors or employees, including providing access to its owners, directors, officers, employees and agents for interviews.
Customer further covenants that such representations and warranties will remain true and correct throughout the term of the Addendum. If, at any time during the term of the Addendum, any of these representations and warranties ceases to be accurate, or Customer has reason to suspect any breach of the covenants in these Content Provider Terms, Customer shall promptly notify Company. Customer understands that these representations and warranties will be relied upon by Company and Content Provider in preparing accurate financial accounts and records, filing reports and preparing and filing tax returns, as required by law.
6.2 Notwithstanding anything to the contrary contained in the Addendum, Company may unilaterally terminate the Addendum if at any time Company, acting in good faith, has reason to believe:
(a) that Customer has used or is in the process of using any part of the compensation payable, or expenses reimbursable, as a part of the Addendum, for a bribe, kickback or other corrupt payment;
(b) that the representations, warranties and covenants in these Content Provider Terms are false or have been breached; or
(c) that the Addendum or the performance of Customer’s obligations under the Addendum violates or contravenes any law, regulation, restriction or order of the United States of America or any government in whose territory the Addendum or any part of it is to be performed.
6.3 Termination under this provision shall be effective immediately, and without payment of any compensation, upon Company giving the Customer written notice.
6.4 In addition to, and without limitation, any provision set forth in the Addendum, the following obligations shall survive termination or expiration of the Addendum for any reason: Sections 4, 5, 6, and 7 of these Content Provider Terms.
7. Indemnification
In addition to, and without limitation, any indemnification obligations set forth in the Addendum, Customer shall indemnify and hold harmless Company, its Affiliates, the Content Provider, and their respective officers, directors, employees, representatives, agents, successors and assigns from and against any and all costs, expenses, damages, losses, liabilities, penalties, fines, disgorgement orders, judgments, settlements, and awards, including reasonable attorneys’ fees and expenses arising from any governmental or internal Company investigation and/or any civil, legislative, administrative, regulatory or criminal proceedings arising from, related to or in connection with: (a) any act or omission by Customer or anyone acting on its behalf that violates any applicable export-control and sanctions programs or applicable anti-bribery and anti-corruption law, regulation or ordinance, and the Applicable Data Protection Law; or (b) any breach by Customer or anyone acting on its behalf of any representation, warranty, covenant or agreement contained in these Content Provider Terms.