IntelliBoard, Inc., a Delaware corporation (“us”, “our”, we”, or “IntelliBoard”) welcomes you to our website (the “Site”) and the applications and services available from us, through the Site or other platforms (collectively with the Site, the “IntelliBoard Service”). Your (“you”, “your” or “Customer”) use of the IntelliBoard Service is governed by these Terms of Service (this “Agreement”). If you are entering into and accepting this Agreement on behalf of a business entity, you represent and warrant that you have the right, authority, and capacity to enter into and accept this Agreement on behalf of the relevant business entity.

BY BROWSING THE SITE, USING THE INTELLIBOARD SERVICE, OR INSTALLING, COPYING, DOWNLOADING, ACCESSING OR OTHERWISE USING THE SOFTWARE, YOU AGREE TO BE BOUND BY THIS AGREEMENT.  IF YOU DO NOT AGREE TO THE TERMS YOU MUST DISCONTINUE THE SETUP AND INSTALLATION OF THE SOFTWARE AND THE USE OF THE SERVICES.

Your use of the IntelliBoard Service is also subject to IntelliBoard’s Privacy Policy, as well as any policies and procedures that IntelliBoard publishes from time to time (collectively, the “Policies”). IntelliBoard reserves the right to modify this Agreement and the Privacy Policy at any time, with such changes becoming effective when IntelliBoard posts the modified this Agreement and/or the Privacy Policy to the Site.  Each time you use the IntelliBoard Service, the then-current version of this Agreement and/or the Privacy Policy will apply. If you use the IntelliBoard Service after a modification of this Agreement and/or the Privacy Policy, you agree to be bound by this Agreement and/or the Privacy Policy as modified.

SECTION 14.8 OF THIS AGREEMENT CONTAINS PROVISIONS THAT GOVERN HOW DISPUTES BETWEEN INTELLIBOARD AND YOUR ARE RESOLVED. IN PARTICULAR, THE ARBITRATION AGREEMENT IN THAT SECTION WILL, WITH LIMITED EXCEPTIONS, REQUIRE DISPUTES BETWEEN YOU AND US TO BE SUBMITTED TO BINDING AND FINAL ARBITRATION, UNLESS YOU OPT OUT. IN ADDITION: (1) YOU WILL ONLY BE PERMITTED TO PURSUE CLAIMS AGAINST US ON AN INDIVIDUAL BASIS, AND NOT IN ANY CLASS OR REPRESENTATIVE PROCEEDING; AND (2) YOU ARE WAIVING YOUR RIGHT TO SEEK RELIEF IN A COURT OF LAW AND TO HAVE A JURY TRIAL ON YOUR CLAIMS. PLEASE SEE SECTION 14.8 FOR MORE INFORMATION REGARDING THIS ARBITRATION AGREEMENT, THE POSSIBLE EFFECTS OF THIS ARBITRATION AGREEMENT, AND HOW TO OPT OUT OF THE ARBITRATION AGREEMENT.

1. THE SERVICES

   IntelliBoard operates a platform that provides analytic and reporting services to education communities and institutions that want expanded reporting and analytics for their LMS platform.

   The platform includes a dashboard and analytics service designed to connect with existing learning management systems (each an “LMS”). Depending upon the LMS environment to which you subscribe, we may or may not store data. In the event that IntelliBoard stores data based upon your LMS environment, you and all designees will be made aware of how your LMS integrates with IntelliBoard. In order for the processing of reports and analytics to visualize at an acceptable speed, IntelliBoard integrates and duplicates selected data points to IntelliBoard servers under Customer account authentication. No other Customers can access that data set, and each data set is located in a specific location assigned to that specific Customer, segregating server data. No direct access to data exists, other than through the IntelliBoard application itself. The link to current IntelliBoard integrations can be found at https://intelliboard.net/downloads. In select LMS IntelliBoard integrations, IntelliBoard uses API access and processes data, authenticated by the LMS. Only LMS Partners have access to the API. IntelliBoard has partnerships with all LMS providers where API access is used. In some cases, our integration processes LMS queries on connected LMS servers via web services by sending a specific query command from your web browser virtual dashboard to your connected LMS server(s). The data returned reflects learner academic and instructor activity data from your LMS server. This data populates the respective reports and analytic outputs requested which can then be viewed from your virtual dashboard in your web browser. The reports and analytics shown provide an instantaneous snapshot of your LMS based on your Account’s level of access. In other cases, a snapshot of your data is stored on IntelliBoard servers hosted by Amazon Web Services. At no time can your connected LMS data be altered on your LMS servers(s) while logged in on our virtual dashboard, because the dashboard is fundamentally a data viewing or read-only service which only gives you external data viewing rights. To view any live LMS changes at any point in time made to any LMS connected with the IntelliBoard Service, you must refresh (resubmit) the browser page to see any updated changes on your virtual dashboard.

   Access to the IntelliBoard Service may require you to download and install certain software applications (the “Customer Software”) which is covered under a License (below). The License may also be presented to anyone downloading the Customer Software and for the avoidance of doubt, in the event of any conflict between the License contained in this Agreement and any license accepted to download the Customer Software, the License in this Agreement shall prevail. Except for Customer Software, the service and the software underlying or used to deliver the Service will be hosted on servers under control or direction of IntelliBoard or its third-party providers.

2. SUBSCRIPTION TO THE INTELLIBOARD SERVICE
   1. IntelliBoard grants the Customer a non-exclusive, non-transferable license for the Subscription Term, to access, use, and permit Authorized Users to access and use the IntelliBoard Service and to view and download copies of the Documentation, in accordance with and subject to the terms and conditions of this Agreement, for the Customer’s internal business purposes.
   2. IntelliBoard will use commercially reasonable efforts to make the IntelliBoard Service available with an uptime rate of 98%, except for:
      • (a) planned maintenance for which 24 hours’ notice will be given; and
      • (b) unscheduled maintenance during normal business hours (ET time) or otherwise, for which IntelliBoard will use reasonable efforts to give the Customer advance notice.
   3. IntelliBoard will, as part of the IntelliBoard Service, use reasonable efforts to provide a level of support (via telephone and e-mail) that is appropriate to the nature of any issues requiring support during normal business hours (ET time), and such support shall be provided entirely at IntelliBoard’s option and discretion and at no additional charge to the Customer. The Customer shall provide all support reasonable required by IntelliBoard to perform its obligations under this Section 2.3, including providing reasonably detailed descriptions of issues and updates on the performance of the IntelliBoard Service.
   4. The Customer shall indemnify and defend IntelliBoard, and its agents and contractors from and against any and all losses, damages, claims, liabilities or expenses (including reasonable lawyer’s fees) arising out of a claim brought by an Authorized User or any other third party relating to the Customer’s use of the IntelliBoard Service (except to the extent caused by IntelliBoard’s gross negligence), including the failure of, or non-availability affecting, the IntelliBoard Service.
3. CUSTOMER’S OBLIGATIONS
   1. The Customer:
      • (a) The Customer shall ensure that the maximum number of Authorized Users that the Customer authorizes to access and use the IntelliBoard Service does not exceed the Maximum Authorized Users;
      • (b) must comply with all applicable laws and regulations with respect to its use of the IntelliBoard Service and its activities under the Agreement;
      • (c) must use the IntelliBoard Service in accordance with the terms of the Agreement and shall be responsible for any acts and omissions in connection with the use of the IntelliBoard Service by its Authorized Users;
      • (d) must ensure that the Customer ends an Authorized User’s right to access and use the IntelliBoard Service, if the Authorized User ceases its employment or other relationship with the Customer;
      • (e) must not grant more Authorized Users access to the IntelliBoard Service than the maximum number of Authorized Users specified in the Subscription Form (if applicable);
      • (f) must notify IntelliBoard in writing if there are any changes to any of the Customer’s contact details as set out in the Subscription Form (as applicable);
      • (g) must ensure that its network and systems, including its internet browser, complies with any relevant specifications provided by IntelliBoard in writing (including e-mail) from time to time;
      • (h) is solely responsible for procuring and maintaining its network connections and telecommunications links from its systems in order to access and use the IntelliBoard Service;
      • (i) must treat any username and password used to access the IntelliBoard Service or the Customer Account as Confidential Information, and must not disclose such information to any third party (other than to Authorized Users);
      • (j) shall procure that each Authorized User keeps secure and confidential any username and password provided to, or created by, that Authorized User for their use of the IntelliBoard Service, and that they will not disclose such username and password to any third party, including any other Authorized Users or persons within the Customer’s organization, company or business;
      • (k) is responsible for maintaining the confidentiality of its login details for its Customer Account and for any activities that occur under its Customer Account, including the activities of Authorized Users; and
      • (l) must not do, or allow any Authorized Users to do, any of the following:
        • (i) access, store, distribute, or transmit any Virus through the IntelliBoard Service;
        • (ii) use the IntelliBoard Service to access, store, distribute, or transmit any material that is unlawful, harmful, threatening, defamatory, inflammatory, violent, obscene, infringing, harassing, or racially or ethnically offensive;
        • (iii) use the IntelliBoard Service in a manner that is illegal or causes damage or injury to any person or property;
        • (iv) use any automated system, including without limitation “robots”, “spiders”, or “offline readers”, to access the IntelliBoard Service in a manner that sends more request messages to the IntelliBoard Service than a human can reasonably produce in the same period of time by using a conventional online web browser;
        • (v) attempt to interfere with or compromise the integrity or security of the IntelliBoard Service;
          
          and IntelliBoard reserves the right, without liability or prejudice to its other rights under the Agreement, to disable the Customer Account or access to all or any part of the IntelliBoard Service by any Authorised User, for any breach of any provision of this Section 3.1(l).
   2. IntelliBoard may monitor the Customer’s and Authorized Users’ use of the IntelliBoard Service to ensure the quality of, and improve, the IntelliBoard Service, and verify the Customer’s compliance with the Agreement.
   3. The IntelliBoard Service may contain links to, or call the servers of, third party websites, data or services that are not under IntelliBoard’s control, solely at the direction of and/or as a convenience to the Customer (“Third Party Sites”). As such, IntelliBoard is not responsible for, and makes no express or implied warranties with regard to, the information, content or other material, products, or services that are contained on or are accessible through, or the policies regarding use and privacy in respect of, Third Party Sites. Access to and use of Third-Party Sites, including information, content, material, products, and services on such websites or available through such websites, is solely at the Customer’s risk.
4. PROPRIETARY RIGHTS
   1. IntelliBoard is the owner or licensee of all intellectual property rights in the IntelliBoard Service. These works are protected by copyright and other laws and treaties around the world. All such rights are reserved. Except as expressly set out in this Agreement, IntelliBoard does not grant to the Customer any rights to or licenses in respect of the IntelliBoard Service.
   2. The Customer will not, and shall procure that Authorized Users will not, when using the IntelliBoard Service:
      • (a) to copy, modify, duplicate, create derivative works from, frame, mirror, republish, download, display, transmit, or distribute all or any portion of the IntelliBoard Service or IntelliBoard Content in any form or media or by any means, other than as permitted by the functionality of the IntelliBoard Service;
      • (b) attempt to reverse compile, disassemble, reverse engineer, or otherwise reduce to human-perceivable form all or any part of the IntelliBoard Service;
      • (c) access all or any part of the IntelliBoard Service in order to build a product or service which competes with the IntelliBoard Service, or use or attempt to use the IntelliBoard Service to directly compete with IntelliBoard; or
      • (d) erase or remove any proprietary or intellectual property notice contained in the IntelliBoard Service or on the IntelliBoard Content.
   3. The Customer grants IntelliBoard a worldwide, royalty-free, non-exclusive, irrevocable (except in connection with the termination of this Agreement), sublicensable license to access, download and use the Customer Data for the purpose of:
      • (a) performing the IntelliBoard Service for the Customer;
      • (b) developing, testing, improving and altering the functionality of the IntelliBoard Service; and
      • (c) producing anonymized or anonymized and aggregated statistical reports and research.
   4. IntelliBoard may use the Customer’s name, logo, and related trade marks in any of IntelliBoard’s publicity or marketing materials (whether in printed or electronic form) for the purpose of highlighting that the Customer uses the IntelliBoard Service and alongside any testimonials that the Customer has agreed to give. The Customer grants IntelliBoard such rights as are necessary to use it name, logo, related trademarks and testimonials for the purpose of this Section 4.4.
   5. The Customer acknowledges that IntelliBoard may use and allow others to use any feedback the Customer provides to IntelliBoard in relation to its use of the IntelliBoard Service, whether in the IntelliBoard Service or otherwise, without any restriction and without payment of any kind to the Customer.
5. DATA PROTECTION
   1. To the extent that IntelliBoard processes any Customer Data as a processor or subprocessor as a result of hosting the Customer Data or otherwise as a result of the Customer’s use of the IntelliBoard Service, it shall do so in accordance with its Privacy Policy.
   2. In the event Customer or any Customer Data is sourced from the European Union (“EU”) or the IntelliBoard Service otherwise involves special privacy or data protection provisions (whether applicable in the EU or otherwise), the parties may agree to a Data Processing Addendum with additional provisions relating to privacy and data protection, which shall be attached to this Agreement or Subscription Form and become a part of this Agreement.
6. CONFIDENTIAL INFORMATION
   1. Each party may be given access to Confidential Information from the other party in order to perform its obligations under the Agreement. A party’s Confidential Information shall not be deemed to include information that:
      • (a) is or becomes publicly known other than through any act or omission of the receiving party;
      • (b) was in the other party’s lawful possession before the disclosure;
      • (c) is lawfully disclosed to the receiving party by a third party without restriction on disclosure;
      • (d) is independently developed by the receiving party, which independent development can be shown by written evidence; or
      • (e) is required to be disclosed by law, by any court of competent jurisdiction, or by any regulatory or administrative body.
   2. Each party shall hold the other party’s Confidential Information in confidence and, unless required by law, shall not make the other party’s Confidential Information available for use for any purpose other than as needed to perform the terms of the Agreement.
   3. Each party shall take all reasonable steps to ensure that the other party’s Confidential Information to which it has access is not disclosed or distributed by its employees or agents in violation of the terms of the Agreement.
   4. Each party shall take a backup of its own Confidential Information and shall not be responsible to the other party for any loss, destruction, alteration, or disclosure of Confidential Information.
7. FEES AND PAYMENT
   1. The Customer will pay the Service Fees on the Subscription Commencement Date and thereafter prior to the commencement of any Extended Term(s) in accordance with the payment method as agreed between the parties.
   2. If IntelliBoard has not received payment in full within 30 days of the due date, and without prejudice to any other rights and remedies available to IntelliBoard:
      • (a) IntelliBoard may, without liability to the Customer, suspend or temporarily disable all or part of the Customer’s access to the IntelliBoard Service and IntelliBoard shall be under no obligation to provide any access to the IntelliBoard Service or any Consultancy Services while the relevant sum remains unpaid;
      • (b) interest shall accrue on such due amounts at an annual rate equal to 1 per month, commencing on the due date for payment and continuing until the Fees have been paid in full, whether before or after judgment; and
      • (c) the Customer shall reimburse IntelliBoard for all reasonable costs and expenses (including reasonable attorneys’ fees) incurred by IntelliBoard in collecting any overdue amounts.
   3. All amounts and Fees stated or referred to in the Agreement:
      • (a) are payable in United States Dollars; and
      • (b) are exclusive of exclusive of all taxes, levies, duties or similar governmental assessments of any nature (collectively, “Taxes”). Customer is responsible for paying all Taxes associated with Customer purchases hereunder except for those based on IntelliBoard’s net income, property, or employee withholdings. Taxes shall not be deducted from the payments to IntelliBoard, except as required by law, in which case the amount payable shall be increased as necessary, so that after making all required deductions and withholdings, IntelliBoard receives and retains (free from any Tax liability) an amount equal to the amount it would have received had no such deductions or withholdings been made.
   4. IntelliBoard may, not less than ninety days prior to the expiry of the first Extended Term and any Extended Term thereafter, give notice to the Customer that it intends to increase any of the Fees and the amount of the proposed increase (the “Increase Notice”). If the Customer is dissatisfied with the increase, the Customer may give notice to IntelliBoard, in which case the parties shall review and discuss in good faith and agree an increase to the Fees, and any increase agreed between the parties shall take effect from the commencement of the Extended Term following the service of the Increase Notice. If the parties are unable to agree an increase in the Fees, the Agreement shall automatically terminate at the end of the then- current Extended Term.
8. SUSPENSION AND TERMINATION
   1. Without prejudice to any other rights or remedies available to IntelliBoard, IntelliBoard may terminate this Agreement on giving not less than 30 days written notice to the Customer.
   2. Without prejudice to any other rights or remedies available to IntelliBoard, if the Customer fails to pay any sum due to IntelliBoard and such sum remains outstanding for a further 30 days following notice requiring such sum to be paid, IntelliBoard may immediately terminate the Agreement on giving notice to the Customer, without liability for IntelliBoard to the Customer.
   3. Without prejudice to any other rights and remedies available to IntelliBoard, IntelliBoard may terminate the Agreement by notice with immediate effect, or such notice as IntelliBoard may in its sole discretion elect to give, if the Customer:
      • (a) infringes IntelliBoard’s intellectual property rights in the IntelliBoard Service;
      • (b) is in material breach of any of the terms of this Agreement; or
      • (c) is in breach of any applicable law.
   4. Without prejudice to any other rights and remedies available to it, either party may terminate the Agreement at any time with immediate effect on giving notice in writing to the other party, if that other party:
      • (a) is in material or persistent breach of any of the terms of the Agreement and either that breach is incapable of remedy, or, if capable of remedy, the other party fails to remedy the breach within 30 days after receiving written notice requiring it to remedy the breach; or
      • (b) upon the institution by or against the other party of insolvency, receivership or bankruptcy proceedings (provided such proceedings are not dismissed within thirty (30) days of such institution), (ii) upon the other party’s making an assignment for the benefit of creditors, or (iii) upon the other party’s dissolution or ceasing to do business.
   5. On termination of the Agreement for any reason:
      • (a) any current Subscription shall terminate;
      • (b) all rights and licenses granted under the Agreement shall immediately terminate and the Customer’s right to access and use, and grant Authorized Users the right to access and use the IntelliBoard Service will end; and
      • (c) each party shall return to the other party or (at the other party’s request) destroy, and make no further use of, any Confidential Information (and all copies thereof) belonging to the other party (provided that each party may retain documents and materials containing Confidential Information to the extent required by law or any applicable governmental or regulatory authority); and
   6. Where the Agreement is terminated by the Customer under Section 8.1, IntelliBoard shall refund any Service Fees paid for the remainder of the Term on a pro rata basis.
   7. Termination of the Agreement for whatever reason shall not affect any rights or remedies of the parties that have accrued up to the date of termination.
   8. Any provision of the Agreement that expressly or by implication is intended to come into force or continue in force on or after expiry or termination of this Agreement shall survive and continue in full force and effect.
9. LIMITED WARRANTY
   1. IntelliBoard undertakes to make the IntelliBoard Service available as set out in Section 2, and the Customer’s sole and exclusive remedy, and IntelliBoard’s sole liability, with respect to any failure by IntelliBoard to provide the IntelliBoard Service in accordance with Section 2 is for IntelliBoard to use commercially reasonable efforts to repair the affected part of the IntelliBoard Service so that it is available in accordance with Section 2.
   2. OTHER THAN AS SET OUT IN SECTION 9.1, THE INTELLIBOARD SERVICE, INCLUDING THE INTELLIBOARD CONTENT, IS PROVIDED ON AN “AS IS” BASIS AND INTELLIBOARD GIVES NO REPRESENTATIONS, WARRANTIES, CONDITIONS OR OTHER TERMS OF ANY KIND IN RESPECT OF THE INTELLIBOARD SERVICE, WHETHER EXPRESS OR IMPLIED, INCLUDING (BUT NOT LIMITED TO) WARRANTIES OF SATISFACTORY QUALITY, MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT.
   3. Except as expressly provided for in the Agreement:
      • (a) all representations, warranties, conditions and all other terms of any kind whatsoever implied by statute or common law are, to the fullest extent permitted by law, excluded from the Agreement; and
      • (b) IntelliBoard will not be responsible for any interruptions, delays, failures, or non- availability affecting the IntelliBoard Service or the performance of the IntelliBoard Service which are caused by third party services (including Third-Party Sites), errors or bugs in third party software, hardware, or the Internet on which IntelliBoard relies to provide the IntelliBoard Service, or any changes to the IntelliBoard Service made by or on behalf of the Customer, and the Customer acknowledges that IntelliBoard does not control such third party services and that such errors and bugs are inherent in the use of such software, hardware and the Internet.
10. LIMITATION OF LIABILITY
    1. NOTWITHSTANDING ANYTHING TO THE CONTRARY, EXCEPT FOR BODILY INJURY OF A PERSON, INTELLIBOARD AND ITS SUPPLIERS (INCLUDING BUT NOT LIMITED TO ALL EQUIPMENT AND TECHNOLOGY SUPPLIERS), OFFICERS, DIRECTORS, SHAREHOLDERS, AGENTS, AFFILIATES, REPRESENTATIVES, CONTRACTORS AND EMPLOYEES SHALL NOT BE RESPONSIBLE OR LIABLE WITH RESPECT TO ANY SUBJECT MATTER OF THIS AGREEMENT OR TERMS AND CONDITIONS RELATED THERETO UNDER ANY CONTRACT, NEGLIGENCE, STRICT LIABILITY OR OTHER THEORY: (A) FOR ERROR OR INTERRUPTION OF USE OR FOR LOSS OR INACCURACY OR CORRUPTION OF DATA OR COST OF PROCUREMENT OF SUBSTITUTE GOODS, SERVICES OR TECHNOLOGY OR LOSS OF BUSINESS; (B) FOR ANY INDIRECT, EXEMPLARY, INCIDENTAL, SPECIAL OR CONSEQUENTIAL DAMAGES; (C) FOR ANY MATTER BEYOND INTELLIBOARD’S REASONABLE CONTROL; OR (D) FOR ANY AMOUNTS THAT, TOGETHER WITH AMOUNTS ASSOCIATED WITH ALL OTHER CLAIMS, EXCEED THE FEES PAID BY CUSTOMER TO INTELLIBOARD FOR THE SERVICES UNDER THIS AGREEMENT IN THE SIX MONTHS PRIOR TO THE ACT THAT GAVE RISE TO THE LIABILITY, IN EACH CASE, WHETHER OR NOT INTELLIBOARD HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
    2. THE FOREGOING LIMITATIONS, EXCLUSIONS AND DISCLAIMERS SHALL APPLY TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, EVEN IF ANY REMEDY FAILS ITS ESSENTIAL PURPOSE.
    3. Some jurisdictions do not allow the exclusion or limitation of certain categories of damages or implied warranties; therefore, the above limitations may not apply to you. In such jurisdictions, our liability is limited to the greatest extent permitted by law.
11. INDEMNIFICATION
    1. IntelliBoard shall indemnify the Customer and its agents and contractors from and against any and all losses, damages, claims, liabilities or expenses (including reasonable lawyer’s fees) (“Claim”) suffered or incurred by the Customer arising out of a claim that the Customer’s use of the IntelliBoard Service infringes any third party’s intellectual property rights, provided that:
       • (a) IntelliBoard is given prompt notice of any such claim;
       • (b) the Customer provides reasonable co-operation to IntelliBoard in the defense and settlement of such claim, at IntelliBoard’s expense; and
       • (c) IntelliBoard may not settle any Claim without the Customer’s written approval, which will not be unreasonably withheld or delayed, unless the settlement unconditionally releases the Customer of all liability.
    2. In the defense or settlement of any claim, IntelliBoard may procure the right for the Customer to continue using the IntelliBoard Service, replace or modify any part of the IntelliBoard Service so that it becomes non-infringing or, if such remedies are not reasonably available, terminate this agreement on two Business Days’ notice to the Customer without any additional liability.
    3. Customer will defend, indemnify and hold harmless IntelliBoard against any Claim made or brought against IntelliBoard by a third party (a) relating to or arising from Customer’s use of the IntelliBoard Service in violation of this Agreement, or (b) relating to or arising from IntelliBoard’s permitted use of Customer Data, provided that:
       • (a) IntelliBoard is given prompt notice of any such claim;
       • (b) IntelliBoard provides reasonable co-operation to IntelliBoard in the defense and settlement of such claim, at IntelliBoard’s expense; and
       • (c) Customer may not settle any Claim without IntelliBoard’s written approval, which will not be unreasonably withheld or delayed, unless the settlement unconditionally releases IntelliBoard of all liability.
12. CHANGES TO THE INTELLIBOARD SERVICE

    The Customer recognizes that IntelliBoard is always innovating and finding ways to improve the IntelliBoard Service with new features and services. The Customer therefore agrees that the IntelliBoard Service may change from time to time and no warranty, representation or other commitment is given in relation to the continuity of any functionality of the IntelliBoard Service.

13. CLIENT SOFTWARE LICENSE
    1. To access the IntelliBoard Service, Customer will need to download and install Client Software. Client Software and any accompanying documentation is licensed and not sold and is protected by copyright laws and treaties, as well as laws and treaties related to other forms of intellectual property. IntelliBoard owns intellectual property rights in the Client Software. Customer’s license to download, use and/or copy the Client Software is subject to these rights and to all the terms of conditions of this license (“License”). The terms and conditions of this License are in addition to and not in substitution of the terms and conditions of the Agreement. Unless specified otherwise, the terms of this Agreement apply to the License.
    2. License. Access to the IntelliBoard Service, or portion thereof, requires that Customer download and install directly, or download, distribute and install programmatically, certain Client Software applications. Subject to Customer’s compliance with all of the terms and conditions of the Agreement and this License, IntelliBoard hereby grants Customer a limited, personal, non-sublicensable, non-transferable, non-exclusive license to internally use the Client Software only in accordance with any accompanying documentation, and only as required to access the Services in accordance with this License.
    3. Restrictions
       • (a) Customer will not, and will not permit any third party to: reverse engineer, decompile, disassemble or otherwise attempt to discover the source code, object code or underlying structure, ideas or algorithms of the Client Software, documentation or data related to the Client Software (provided that reverse engineering is prohibited only to the extent such prohibition is not contrary to applicable law); modify, translate, or create derivative works based on the Client Software, except as expressly permitted herein; sublicense, sell, resell, transfer, assign or distribute or otherwise commercially exploit or make available in any way to any third party any portion of the Client Software; use the Client Software other than in accordance with this License and in compliance with all applicable laws and regulations;
       • (b) Customer will cooperate with IntelliBoard in connection with the performance of this License by making available such personnel and information as may be reasonably required, and taking such other actions as IntelliBoard may reasonably request. Customer will also cooperate with IntelliBoard in establishing a password or other procedures for verifying that only designated users have access to any administrative functions of the IntelliBoard Service;
       • (c) Customer hereby agrees to indemnify and hold harmless IntelliBoard against any damages, losses, liabilities, settlements and expenses (including without limitation costs and attorneys’ fees) in connection with any claim or action that arises from an alleged violation of the foregoing, any breach of this License, or from Customer’s and/or Authorized Users’ use of the Client Software
    4. Proprietary Rights. Section 4 of the Agreement shall apply to this License.
    5. Termination. Section 8 of this Agreement shall apply to this License.
    6. Client Software Security. IntelliBoard represents and warrants that it will not knowingly include, in any IntelliBoard software released to the public and provided to Customer hereunder, any computer code or other computer instructions, devices or techniques, including without limitation those known as disabling devices, Trojans, or time bombs, that are intentionally designed to disrupt, disable, harm, infect, defraud, damage, or otherwise impede in any manner, the operation of a network, computer program or computer system or any component thereof, including its security or user data. If, at any time, IntelliBoard fails to comply with the warranty in this Section, Customer may promptly notify IntelliBoard in writing of any such non-compliance. IntelliBoard will, within thirty (30) days of receipt of such written notification, either correct the non-compliance or provide Customer with a plan for correcting the non-compliance. If the non-compliance is not corrected or if a reasonably acceptable plan for correcting them is not established during such period, Customer may terminate this License as Customer’s sole and exclusive remedy for such non-compliance.
    7. Warranty Disclaimer. EXCEPT AS SET FORTH IN SECTION 13.6 ABOVE, THE SERVICE, CLIENT SOFTWARE AND INTELLIBOARD’S PROPRIETARY INFORMATION AND ANYTHING PROVIDED IN CONNECTION WITH THIS LICENSE ARE PROVIDED “AS-IS,” WITHOUT ANY WARRANTIES OF ANY KIND. ANY USE OF THE SERVICE AND/OR CLIENT SOFTWARE IS DONE AT CUSTOMER’S SOLE RISK AND CUSTOMER WILL BE SOLELY RESPONSIBLE FOR ANY DAMAGE, LOSS OR EXPENSE INCURRED AS A RESULT OF OR ARISING OUT OF CUSTOMER’S USE OF THE SERVICE AND/OR CLIENT SOFTWARE. INTELLIBOARD AND ITS LICENSORS HEREBY DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING, WITHOUT LIMITATION, ALL IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT. IF THE CLIENT SOFTWARE OR THE INTELLIBOARD SERVICE DOES NOT MEET CUSTOMER’S REQUIREMENTS OR PROVIDE FUNCTIONALITY AND PERFORMANCE TO CUSTOMER’S SATISFACTION, CUSTOMER AGREES THAT CUSTOMER’S SOLE AND EXCLUSIVE REMEDY SHALL BE TO CANCEL CUSTOMER’S SUBSCRIPTION TO THE SERVICE AND TERMINATE THIS LICENSE AS SET FORTH IN SECTION 13.5 THE REMEDIES PROVIDED HEREIN ARE CUSTOMER’S SOLE AND EXCLUSIVE REMEDIES.
    8. Limitation of Liability. Section 10 of the Agreement shall apply to this License.
14. GENERAL
    1. Written communication. Applicable laws may require that some of the information or communications that IntelliBoard sends to the Customer should be in writing. When using the IntelliBoard Service, the Customer accepts that communication with IntelliBoard will mainly be electronic. IntelliBoard will contact the Customer by e-mail or provide the Customer with information by posting notices on the IntelliBoard Service. For contractual purposes, the Customer agrees to this electronic means of communication and the Customer acknowledges that all contracts, notices, information and other communications that IntelliBoard provides to the Customer electronically comply with any legal requirement that such communications be in writing.
    2. Notices. All notices given by the Customer to IntelliBoard must be given to info@intelliboard.net. IntelliBoard may give notice to the Customer at either the e-mail or mailing address the Customer provides to IntelliBoard, or any other way that IntelliBoard deems appropriate. Notice will be deemed received and properly served immediately when posted on the IntelliBoard Service or 24 hours after an e-mail is sent or three days after the date of mailing of any letter. In proving the service of any notice, it will be sufficient to prove, in the case of a letter, that such letter was properly addressed, stamped and placed in the mail and, in the case of an e-mail that such e-mail was sent to the specified e-mail address of the addressee.
    3. Transfer of any rights and obligations. The Customer may not transfer, assign, charge or otherwise deal in the Agreement, or any of the Customer’s rights or obligations arising under the Agreement, without IntelliBoard’s prior written consent.
    4. Events outside a party’s control. Neither party shall be liable to the other party for any delay or non-performance of any of its obligations under the Agreement arising from any cause beyond its control including, without limitation, any of the following: telecommunications failure, Internet failure, act of God, act of a third party unless an approved sub-contractor of IntelliBoard, governmental act, war, fire, flood, explosion, or civil commotion. Notwithstanding the foregoing, nothing in this clause shall excuse the Customer from any payment obligation under the Agreement.
    5. Waiver. No forbearance or delay by either party in enforcing its rights shall prejudice or restrict the rights of that party, and no waiver of any such rights or any breach of any contractual terms shall be deemed to be a waiver of any other right or of any later breach.
    6. Severability. If any provision of the Agreement is judged to be illegal or unenforceable, the continuation in full force and effect of the remainder of the provisions of the Agreement shall not be prejudiced.
    7. Law and jurisdiction. This Agreement is governed by the laws of the State of Connecticut, without giving effect to conflicts of law principles. Customer agrees, to the extent applicable and expressly subject to the Arbitration provisions below, to submit to the exclusive jurisdiction of the state and federal courts located in the State of Connecticut in circumstances where this Agreement permits litigation in court.
    8. Arbitration. IntelliBoard and Customer agree that any dispute that has arisen or may arise between us relating in any way to the Customer’s use of or access to the IntelliBoard Service, any validity, interpretation, breach, enforcement, or termination of this Agreement, or otherwise relating to IntelliBoard in any way (collectively, “Covered Dispute Matters”) will be resolved in accordance with the provisions set forth in this Section 14.8.
       • (a) Applicable Law. You and IntelliBoard agree that United States federal law including the Federal Arbitration Act, and (to the extent not inconsistent with or pre-empted by federal law) the laws of the State of Connecticut, USA, without regard to conflict of laws principles, will govern all Covered Dispute Matters.
       • (b) Arbitration. You and IntelliBoard agree that this Agreement and each of its parts evidence a transaction involving interstate commerce, and the Federal Arbitration Act applies in all cases and governs the interpretation and enforcement of the arbitration rules and arbitration proceedings. Any Covered Dispute Matter must be asserted individually in binding arbitration administered by the American Arbitration Association (“AAA”) in accordance with its Consumer Arbitration Rules (including utilizing desk, phone or video conference proceedings where appropriate and permitted to mitigate costs of travel). You and IntelliBoard agree that the arbitrator shall not conduct any form of class or collective arbitration nor join or consolidate claims by or for individuals. You and IntelliBoard agree that the arbitrator, and not any federal, international, state, or local court or agency, shall have exclusive authority to resolve any dispute relating to the interpretation, applicability, enforceability or formation of this Agreement, including any claim that all or any part of this Agreement is void or voidable or a particular claim is subject to arbitration. You and We agree that judgment on the award rendered by the arbitrator may be entered in any court of competent jurisdiction.
       • (c) Arbitrator’s Award. You and IntelliBoard agree that for matters where the relief sought is over $5,000, the arbitrator’s decision will include the essential findings and conclusions upon which the arbitrator based the award. The arbitrator will decide the substance of all claims in accordance with applicable law, including recognized principles of equity, and will honor all claims of privilege recognized by law. You and IntelliBoard agree that the arbitrator’s award shall be final and binding, and judgment on the award rendered by the arbitrator may be entered in any court having jurisdiction thereof.
       • (d) Injunctive and Declaratory Relief. Except as provided in Section 14.8(e) below, the arbitrator shall determine all issues of liability on the merits of any claim asserted by you or IntelliBoard and may award declaratory or injunctive relief only in favor of the individual party seeking relief and only to the extent necessary to provide relief warranted by that party's individual claim. To the extent that you or IntelliBoard have sought public injunctive relief (that is, injunctive relief that has the primary purpose and effect of prohibiting unlawful acts that threaten future injury to the public), the entitlement to and extent of such relief must be litigated in a civil court of competent jurisdiction and not in arbitration after the party seeking public injunctive relief has first prevailed in arbitration. The parties agree that the litigation of any issues of public injunctive relief shall be stayed pending the outcome of the merits of any individual claims in arbitration.
       • (e) Exceptions. There are only two exceptions to this agreement to arbitrate:
         • (i) if either party reasonably believes that the other party has in any manner violated or threatened to infringe the intellectual property rights of the other party, the party whose rights have been violated may seek injunctive or other appropriate interim relief in any court of competent jurisdiction;
         • (ii) each party will retain the right to seek relief in a small claims court for disputes or claims within the scope of the jurisdiction of such courts.
       • (f) Costs of Arbitration. You and IntelliBoard agree that payment of all filing, administration, and arbitrator fees will be governed by the AAA’s rules, unless otherwise stated in this agreement to arbitrate.
       • (g) Judicial Forum for Legal Disputes. Unless You and IntelliBoard agree otherwise and except as described in Section 14.8(e)(ii), in the event that the agreement to arbitrate above is found not to apply to You or to a particular claim or dispute, either as a result of your decision to opt out of the agreement to arbitrate, as a result of a decision by the arbitrator or a court order, or because you are an international user to which this agreement to arbitrate does not apply, You agree (except as otherwise provided by law) that any claim or dispute that has arisen or may arise between you and IntelliBoard must be resolved exclusively by a state or federal court located in the State of Connecticut. You and IntelliBoard agree to submit to the exclusive personal jurisdiction of the courts located within the State of Connecticut for the purpose of litigating all such claims or disputes.
       • (h) OPT-OUT OF ARBITRATION. IF YOU ARE A NEW INTELLIBOARD CUSTOMER, YOU CAN CHOOSE TO REJECT THE AGREEMENT TO ARBITRATE PROVISION (“OPT-OUT”) BY EMAILING US AN OPT-OUT NOTICE TO INFO@INTELLIBOARD.NET (“OPT-OUT NOTICE”) OR REGULAR MAIL TO: IntelliBoard, Inc., 20 Aspetuck Ln, Monroe, CT 06468. THE OPT-OUT NOTICE MUST BE RECEIVED NO LATER THAN THIRTY (30) DAYS AFTER THE DATE YOU ACCEPT THE TERMS OF THIS AGREEMENT FOR THE FIRST TIME. IF YOU ARE NOT A NEW INTELLIBOARD CUSTOMER, YOU HAVE UNTIL THIRTY (30) DAYS AFTER THE POSTING OF THIS AGREEMENT TO SUBMIT AN ARBITRATION OPT-OUT NOTICE.
       • (i) If you opt out of the agreement to arbitrate, all other parts of this Agreement and this Arbitration will continue to apply to you. Opting out of this agreement to arbitrate has no effect on any previous, other, or future arbitration agreements that You may have with IntelliBoard.
       • (j) WAIVER OF CERTAIN RIGHTS. BY AGREEING TO THIS AGREEMENT, YOU HEREBY IRREVOCABLY WAIVE ANY RIGHT YOU MAY HAVE (i) TO A COURT TRIAL (OTHER THAN SMALL CLAIMS COURT AS PROVIDED ABOVE), (ii) TO SERVE AS A REPRESENTATIVE, AS A PRIVATE ATTORNEY GENERAL, OR IN ANY OTHER REPRESENTATIVE CAPACITY, OR TO PARTICIPATE AS A MEMBER OF A CLASS OF CLAIMANTS, IN ANY LAWSUIT, ARBITRATION OR OTHER PROCEEDING FILED AGAINST US AND/OR RELATED THIRD PARTIES, EVEN IF ARBITRATION IS NOT REQUIRED UNDER THIS AGREEMENT, AND (iii) TO A TRIAL BY JURY.
       • (k) STATUTE OF LIMITATIONS. REGARDLESS OF ANY STATUTE OR LAW TO THE CONTRARY, ANY CLAIM OR CAUSE OF ACTION ARISING OUT OF OR RELATED TO USE OF THE SITE, SERVICES, OR THIS AGREEMENT MUST BE FILED WITHIN ONE (1) YEAR AFTER SUCH CLAIM OR CAUSE OF ACTION ARISES OR IT WILL BE FOREVER BARRED.
    9. Copyright Infringement

       IntelliBoard respects the intellectual property rights of others. The Digital Millennium Copyright Act of 1998 (the”DMCA”) provides a complaint procedure for copyright owners who believe that website material infringes their rights under U.S. copyright law. If you believe that your work has been improperly copied and posted on the website, please provide us with the following information: (1) name, address, telephone number, email address and an electronic or physical signature of the copyright owner or of the person authorized to act on his/ her behalf; (2) a description of the copyrighted work that you claim has been infringed; (3) a description of where on the Site the material that you claim is infringing is located; (4) a written statement that you have a good faith belief that the disputed use is not authorized by the copyright owner, its agent, or the law; and (5) a statement by you, made under penalty of perjury, that the above information in your notice is accurate and that you are the copyright owner or authorized to act on the copyright owner’s behalf. These requirements must be followed to give the Company legally sufficient notice of infringement. Send copyright infringement complaints to the following email address: info@intelliboard.net. We suggest that you consult your legal advisor before filing a DMCA notice with Company’s copyright agent. There can be penalties for false claims under the DMCA.

    10. U.S. Government Matters

        Notwithstanding anything else, Customer may not provide to any person or export or re-export or allow the export or re-export of the IntelliBoard Service or any software or anything related thereto or any direct product thereof (collectively “Controlled Subject Matter”), in violation of any restrictions, laws or regulations of the United States Department of Commerce, the United States Department of Treasury Office of Foreign Assets Control, or any other United States or foreign agency or authority. Without limiting the foregoing Customer acknowledges and agrees that the Controlled Subject Matter will not be used or transferred or otherwise exported or re-exported to countries as to which the United States maintains an embargo (collectively, “Embargoed Countries”), or to or by a national or resident thereof, or any person or entity on the U.S. Department of Treasury’s List of Specially Designated Nationals or the U.S. Department of Commerce’s Table of Denial Orders (collectively, “Designated Nationals”). The lists of Embargoed Countries and Designated Nationals are subject to change without notice. Customer’s use of the Service is deemed a representation and warranty by Customer that the user is not located in, under the control of, or a national or resident of an Embargoed Country or Designated National. The Controlled Subject Matter may use or include encryption technology that is subject to licensing requirements under the U.S. Export Administration Regulations. As defined in FAR section 2.101, any software and documentation provided by IntelliBoard are “commercial items” and according to DFAR section 252.227-7014(a)(1) and (5) are deemed to be “commercial computer software” and “commercial computer software documentation.” Consistent with DFAR section 227.7202 and FAR section 12.212, any use modification, reproduction, release, performance, display, or disclosure of such commercial software or commercial software documentation by the U.S. Government will be governed solely by the terms of this Agreement and will be prohibited except to the extent expressly permitted by the terms of this Agreement.

    11. Definitions
        • (a) “Authorized User” means an employee, contractor or other person engaged by the Customer, in each case who is authorized by the Customer to access the IntelliBoard Service.
        • (b) “Business Day” means a day other than a Saturday, Sunday or public holiday when banks in the State of Connecticut are open for business.
        • (c) “Customer Data” means the content and data that the Customer makes available to IntelliBoard and that is hosted by IntelliBoard in connection with the provision of the IntelliBoard Service.
        • (d) “Subscription Commencement Date” means the date from which the Customer will have access to the IntelliBoard Service, as set out in the Subscription Form.
        • (e) “Confidential Information” means information which is identified as confidential or proprietary by either party, or by the nature of which is clearly confidential or proprietary.
        • (f) “Documentation” means any proprietary information or documentation made available to Customer by IntelliBoard for use with the provision of the IntelliBoard Service.
        • (g) “Extended Term” means the period set out in the Paid Subscription Form or as otherwise agreed by the parties in writing.
        • (h) “Initial Term” means the period set out in the Subscription Form.
        • (i) “Subscription Form” means the form signed (whether electronically or otherwise) by the parties, and which, amongst other things, identifies the Customer, any service limits and sets out the Service Fees.
        • (j) Service Fee” means the fee set out in the Subscription Form, or such other amount that the parties may agree in writing from time to time, relating to the provision of the IntelliBoard Service.
        • (k) “Subscription Term” means the Initial Term and any Extended Term(s).
        • (l) “Virus” means any thing or device (including any software, code, file or program) which may: prevent, impair or otherwise adversely affect the operation of any computer software, hardware, or network, any telecommunications service, equipment or network or any other service or device; prevent, impair or otherwise adversely affect access to or the operation of any program or data, including the reliability of any program or data (whether by re- arranging, altering or erasing the program or data in whole or part or otherwise); or adversely affect the user experience, including works, Trojan horses, viruses and other similar things or device.

This Data Processing Addendum (“DPA”) is incorporated into and forms a part of the agreement between Intelliboard Inc., a Delaware corporation (the “Company”) and Customer that governs Customer’s access to and use of the Services, or to the extent that no separate agreement exists, the Company’s Terms of Services (collectively, the “Agreement”).  Capitalized terms not defined herein have the meaning given in the Agreement. To incorporate the following terms into your agreement with the Company for access to and use of the Services, please email the Company at DPA@intelliboard.net.

1. Definitions. In this DPA, the following terms (and derivations thereof) have the meanings set out below:

“Controller” means the individual or entity that determines the purposes and means of the Processing of Personal Data.

“Customer” means the individual or entity that has entered into the Agreement and agreed to the incorporation of this DPA into the Agreement.

“Customer Content” means any data, file attachments, text, images, reports, personal information, or other content that is uploaded or submitted to the Services by Customer or Users and is Processed by the Company on behalf of Customer. 

“Customer Personal Data” means Personal Data that is contained within Customer Content.

“Data Breach” means a breach of security resulting in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Customer Content.

“Data Protection Laws” means, to the extent applicable to a Party, the data protection or privacy laws of any country regarding the Processing of Customer Personal Data.

“Data Subject” means an identified or identifiable natural person. 

“Parties” or “Party” means Customer and/or the Company as applicable.

“Personal Data” means any information relating to, identifying, describing, or capable of being associated with a Data Subject or a household. 

“Process” means any operation or set of operations performed upon Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, alignment, combination, restriction, erasure, destruction or disclosure by transmission, dissemination or otherwise making available.

“Processor” means the individual or entity that Processes Personal Data on behalf of a Controller.

“Professional Services” means implementation, configuration, integration, training, advisory, and other professional services related to the Services that are provided by the Company and purchased by Customer specified in an Order or SOW.

“Services” means the Subscription Services, Professional Services, and any other online service or application provided or controlled by the Company for use with the Subscription Services. 

“Company Personnel” means any individual authorized by the Company to Process Customer Personal Data.

“Subprocessor” means any individual or entity (including any third party but excluding the Company Personnel) appointed by or on behalf of the Company to Process Customer Personal Data in connection with the Agreement.

“Supervisory Authority” means an independent competent public authority established or recognized under Data Protection Laws.

“User” means any individual authorized or invited by Customer or another User to access and use the Services under the terms of the Agreement. 

2. Roles of Parties.

2.1.    Customer and the Company agree that, as between the Parties, Customer is a Controller and the Company is a Processor of Customer Personal Data and that each Party is solely responsible for its compliance with Data Protection Laws applicable to it and for fulfilling any of its related obligations to third parties, including Data Subjects and Supervisory Authorities.

2.2.    Customer as Controller. 

• 2.2.1.   Customer is solely responsible for the accuracy of Customer Personal Data and the legality of the means by which Customer acquires Customer Personal Data.

2.2.2.   Customer’s instructions to the Company to Process Customer Personal Data will comply with Data Protection Laws and be duly authorized, with all necessary rights, permissions, and consents secured. 

2.3     Company as Processor.

• 2.3.1.   Company will Process Customer Personal Data only: (a) as instructed by Customer in writing or as initiated by Users via an Services; (b) as necessary to provide the Services and prevent or address technical problems with an Services or violations of the Agreement or this DPA; or (c) as required by applicable law. Annex 1 (Details of Processing of Customer Personal Data) sets out a description of the Company’s Processing of Customer Personal Data.

2.3.2.   Company will ensure that the Company Personnel: (a) access Customer Personal Data only to the extent necessary to perform the Company’s Processing obligations under this DPA and the Agreement; (b) are bound by confidentiality obligations with respect to Customer Personal Data substantially as protective as those set forth in this DPA and the Agreement; and (c) are subject to appropriate training relating to the Processing of Customer Personal Data. 

2.3.3.    Company will not disclose Customer Personal Data to a third party for monetary or other consideration except as otherwise permitted under this DPA or the Agreement. 

2.3.4.    At Customer’s written request and to the extent Customer is unable to access the relevant information on its own, the Company will provide reasonable assistance to Customer in relation to data protection impact assessments and consultations with Supervisory Authorities, taking into account the nature of the Company’s Processing of Customer Personal Data and the information available to the Company.

2.3.5.    the Company will not assess the type or substance of Customer Content to identify whether it is Customer Personal Data or subject to any specific legal requirements.

3. Security.

3.1.     Company will implement and maintain technical, physical, and organizational measures and controls designed to protect and secure Customer Content (including the return and deletion thereof) in accordance with the Agreement. 

3.2.      Customer acknowledges that, through its Users, Customer: (a) controls the type and substance of Customer Content; and (b) sets User permissions to access Customer Content; and therefore, Customer is responsible for reviewing and evaluating whether the documented functionality of an Services meets Customer’s required security obligations relating to Customer Personal Data under Data Protection Laws.

4. Subprocessors.

4.1.      Subprocessors will be identified at www.smartsheet.com/legal/subprocessors. Customer authorizes the Company to use any such Subprocessors subject to the terms and conditions of this Section 4.

4.2.     Company will carry out appropriate due diligence on each Subprocessor and have a written agreement with each Subprocessor that includes provisions for Processing Customer Personal Data that are substantially as protective as those set out in this DPA. 

4.3.      Company is responsible for Subprocessors’ acts and omissions, including a Subprocessor’s appointment of another Subprocessor.

4.4.    New Subprocessors; Right to Object.

4.4.1.    Customer must e-mail the Company at DPA@intelliboard.net to receive notifications of new Subprocessor appointments by the Company. Following submission of such form, the Company will provide prior written notice to Customer if the Company intends to appoint new Subprocessors; provided, however, that the Company will notify Customer in writing without undue delay after the appointment of a new Subprocessor if direct involvement of such Subprocessor is necessary for maintaining the availability and security of the Services or Customer Content. 

4.4.2.    If Customer objects to a new Subprocessor on a reasonable basis related to the Processing of Customer Personal Data, Customer must notify the Company in writing within fifteen (15) days after receiving an appointment notice; otherwise, the Company will deem the appointment of the new Subprocessor authorized by Customer. Upon receipt of an objection notice from Customer, the Company will use reasonable efforts to make available to Customer a change in the Services or recommend a commercially reasonable configuration or use of the Services to avoid the Processing of Customer Personal Data by the new Subprocessor. If the Company cannot address Customer’s objection pursuant to the foregoing efforts, the Company will notify Customer within fifteen (15) days of receipt of Customer’s objection notice. Customer may then, by written notice to the Company within thirty (30) days of the Company’s notice, terminate this DPA and any affected Services and receive a refund of prepaid fees covering the terminated portion of the applicable Services. 

5. Data Subject Requests.

5.1.     Company will provide Customer access to Customer Personal Data via the Services to allow Customer to respond to Data Subject requests relating to Customer Personal Data.

5.2.     Company will notify Customer in writing without undue delay of any requests the Company receives directly from a Data Subject relating to Customer Personal Data, and the Company may respond directly to a Data Subject request: (a) to confirm that such request relates to Customer; (b) as required by applicable law; or (c) with the written consent of Customer.

5.3.    At Customer’s written request and to the extent Customer is unable to access Customer Personal Data on its own, the Company will provide reasonable assistance to Customer in accessing Customer Personal Data for Customer to respond to such Data Subject requests. To the extent legally permitted, Customer will be responsible for any expenses attributable to the Company’s assistance efforts outside the normal course of business.

6. Data Breach.

6.1.     Company will notify Customer in writing without undue delay upon the Company becoming aware of a Data Breach.

6.2.     Company will investigate and, as necessary, mitigate or remediate a Data Breach in accordance with the Company’s security incident policies and procedures (“Breach Management”).

6.3.    Subject to the Company’s legal obligations, the Company will provide Customer with information available to the Company as a result of its Breach Management, including the nature of the incident, specific information disclosed (if known), and any relevant mitigation efforts or remediation measures (“Breach Information”), for Customer to comply with its obligations under Data Protection Laws as a result of a Data Breach.  

6.4.    If Customer requires information relating to a Data Breach in addition to the Breach Information, at Customer’s sole expense and written request and to the extent Customer is unable to access the additional information on its own, the Company will reasonably cooperate with Customer as requested by Customer to attempt to collect and provide such additional information.

7. Audit Rights.

7.1.     Subject to sections 7.2 and 7.3, the Company shall make available to Customer on request such information  necessary to demonstrate compliance with this DPA and shall allow for, and contribute to, audits by a reputable  auditor mandated by Customer in relation to the Processing of the Customer Personal Data by the Company.

7.2       To the extent the Company has undergone a third-party independent audit based on SOC 2, Type II or similar standards, then any audit right arising pursuant to section 7.1 shall be first satisfied by providing Customer with a report of such audit.  If Customer, for reasonable reasons, is not satisfied by the independent audit report then Customer may request that a reputable auditor perform an audit pursuant to section 7.1 and subject to Section 7.3. If the Company does not agree to such additional audit or inspection, then Customer shall have the right to terminate the Agreement with immediate effect.

7.3       Customer shall give the Company reasonable prior written notice of any audit or inspection to be conducted under Section 7.1 and shall use (and ensure that each of its mandated auditors uses) its best efforts to avoid causing any damage, injury or disruption to the Company’s premises, equipment, personnel and business while its personnel are on those premises in the course of such an audit or inspection. All such audits shall be subject to the confidentiality obligations set forth in the Agreement.  Customer and the Company shall mutually agree upon the scope, timing and duration of the audit or inspection in addition to any reimbursement of expenses for which Customer shall be responsible. Any such audits shall not occur more than once a year (except where required by law or due to a Personal Data Breach).   Additionally,  the Company need  not  give  access  to  its  premises  for  the purposes of such an audit or inspection: (a) to any individual unless he or she produces reasonable evidence of identity and authority; (b) to any competitor of the Company; or (c) outside the Company’s normal business hours.

8. International Transfers.

8.1.    The Parties acknowledge and agree that the Processing of Customer Personal Data by the Company may involve an international transfer of Customer Personal Data from Customer to the Company (“International Transfer”).

8.2.    With respect to any International Transfer from the European Economic Area or the United Kingdom that would be prohibited by applicable Data Protection Laws in the absence of a lawful data transfer mechanism, the Parties agree that the Standard Contractual Clauses issued by the European Commission under decision 2010/87/EU (“SCC”) will be in effect between the Parties, subject to the following clarifications:

• 8.2.1.    for purposes of SCC Clause 5(a), Section 2.3 (the Company as Processor) of this DPA is deemed an instruction by Customer to Process Customer Personal Data;
• 8.2.2.    for purposes of SCC Clauses 5(h) and 11, Section 4 (Subprocessors) of this DPA satisfies the Company’s obligations in such SCC clauses;
• 8.2.3.    for purposes of SCC Clause 5(j), Customer must request in writing a copy of the Company’s Subprocessor agreements and the Company may remove all commercial information, or terms unrelated to the SCCs, from such copies;
• 8.2.4.    for purposes of SCC Clause 5(f) and 12(2), Section 7 (Audit Rights) of this DPA satisfies the Company’s obligations in such SCC clauses; 
• 8.2.5.    for purposes of SCC Clause 12(1), the Company will provide certification of deletion only upon Customer’s written request; 
• 8.2.6.    for purposes of SCC Appendix 1, the information set forth in Annex 1 of this DPA will be deemed to complete such Appendix; and 
• 8.2.7.    for purposes of SCC Appendix 2, the security measures and controls set forth in the Agreement will be deemed to complete such Appendix.

8.3.    If the SCC as clarified in Section 8.2 of this DPA fails as a lawful data transfer mechanism for an International Transfer, the Parties will act in accordance with Section 9.8 (Variations in Data Protection Laws) of this DPA.

9. General.

9.1.    Amendment; Waiver. Unless otherwise expressly stated herein, this DPA may be modified only by a written agreement executed by an authorized representative of each Party.  The waiver of any breach of this DPA will be effective only if in writing, and no such waiver will operate or be construed as a waiver of any subsequent breach. 

9.2.    Severance. If any provision of this DPA is held to be unenforceable, then that provision is to be construed either by modifying it to the minimum extent necessary to make it enforceable (if permitted by law) or disregarding it (if not permitted by law), and the rest of this DPA is to remain in effect as written. Notwithstanding the foregoing, if modifying or disregarding the unenforceable provision would result in failure of an essential purpose of this DPA, the entire DPA will be considered null and void.

9.3.    Order of Precedence. Regarding the subject matter of this DPA, in the event of any conflict between this DPA and any other written agreement between the Parties (including the Agreement), this DPA will govern and control. Any data processing agreements that may already exist between Parties are superseded and replaced by this DPA in their entirety.

9.4.    Notices. Unless otherwise expressly stated herein, the parties will provide notices under this DPA in accordance with the Agreement, provided that all such notices may be sent via email.

9.5.    Governing Law and Jurisdiction. Unless prohibited by Data Protection Laws, this DPA is governed by the laws stipulated in the Agreement and the Parties to this DPA hereby submit to the choice of jurisdiction and venue stipulated in the Agreement, if any, with respect to any dispute arising under this DPA.

9.6.    Enforcement.  Regardless of whether Customer or its affiliate(s) or a third-party is a Controller of Customer Personal Data, unless otherwise required by law: (a) only Customer will have any right to enforce any of the terms of this DPA against the Company; and (b) the Company’s obligations under this DPA, including any applicable notifications, will be to only Customer. 

9.7.    Liability. As between the Parties to this DPA, each Party’s liability and remedies under this DPA are subject to the aggregate liability limitations and damages exclusions set forth in the Agreement.

9.8.    Variations in Data Protection Laws. If any variation is required to this DPA as a result of a change in or subsequently applicable Data Protection Law, then either Party may provide written notice to the other Party of that change in law. The Parties will then discuss and negotiate in good faith any variations to this DPA necessary to address such changes, with a view to agreeing and implementing those or alternative variations as soon as practicable, provided that such variations are reasonable with regard to the functionality and performance of the Services and the Company’s business operations.

9.9.    Reservation of Rights. Notwithstanding anything to the contrary in this DPA: (a) the Company reserves the right to withhold information the disclosure of which would pose a security risk to the Company or its customers or is prohibited by applicable law or contractual obligation; and (b) the Company’s notifications, responses, or provision of information or cooperation under this DPA are not an acknowledgement by the Company of any fault or liability.

9.10.   Company as Controller. the Company may collect Personal Data directly from Data Subjects (which may be duplicative of Customer Personal Data) in accordance with the Company’s internal policies and publicly posted Privacy Notice available at www.smartsheet.com/legal/privacy, and nothing in this DPA will prohibit the Company from Processing such Personal Data as a Controller under Data Protection Laws, provided that the Company conspicuously notifies such Data Subjects that such information will be handled in accordance with the Company’s Privacy Notice.

ANNEX 1: DETAILS OF PROCESSING OF CUSTOMER PERSONAL DATA

This Annex 1 includes certain details of the Processing of Personal Data as required by Article 28(3) of the GDPR.

Subject matter and duration of the Processing of Personal Data:

• The subject matter and duration of the Processing of Personal Data are set out in the Agreement and this DPA.

The nature and purpose of the Processing of Personal Data

• Processing of Personal Data by the Company is reasonably required to facilitate or support the provision of the Services as described under the Agreement and this DPA.

Type of Personal Data and Categories of Data Subjects:

• The types of Personal Data and categories of Data Subject about whom the Personal Data relates are determined and controlled by Customer in its sole discretion. 

Obligations and Rights of the Controller:

• The obligations and rights of Customer are set out in the Agreement and this DPA.

Last Updated: August 31, 2020