DPA

DPA

Constella Intelligence, Inc.

Data Processing Amendment

This Data Processing Amendment (this “DPA” or this “Amendment”), effective as of the date on which you electronically accept or otherwise agree or opt-in to this DPA, is entered into by and between Constella Intelligence, Inc. (“Constella”, “Processor”, “we”, or “us”) and the customer that electronically accepts or otherwise agrees or opts-in to this DPA (“Customer”, “Controller”, or “you”).

You have entered into a Master Subscription and Services Agreement with us (each, as amended from time to time, an “Agreement”). This DPA will amend the terms of the Agreement to reflect the parties’ rights and responsibilities with respect to the processing and security of Customer’s data under the Agreement. If you are accepting this DPA in your capacity as an employee, consultant or agent of Customer, you represent that you are an employee, consultant or agent of Customer, and that you have the authority to bind Customer (and, to the extent required under applicable Data Protection Laws (defined below), in the name and on behalf of its Affiliates (defined below), if any) to this DPA.

1. Definitions

1.1 “Affiliate” means (i) an entity of which a party directly or indirectly owns fifty percent (50%) or more of the stock or other equity interest, (ii) an entity that owns at least fifty percent (50%) or more of the stock or other equity interest of a party, or (iii) an entity which is under common control with a party by having at least fifty percent (50%) or more of the stock or other equity interest of such entity and a party owned by the same person, but such entity shall only be deemed to be an Affiliate so long as such ownership exists.

1.1 “Alternative Transfer Solution” means a solution, other than the Standard Contractual Clauses, that enables the lawful transfer of personal data to a third country in accordance with Article 45 or 46 of the GDPR (for example, an approved code of conduct or an approved certification mechanism).

1.2 “Anonymous Data” means Personal Data that has been processed in such a manner that it can no longer be attributed to an identified or identifiable natural person.

1.3 “Authorized Employee” means an employee of Processor who has a need to know or otherwise access Personal Data to enable Processor to perform their obligations under this Amendment or the Agreement.

1.4 “Authorized Sub-Processor” means a third-party who has a need to know or otherwise access Personal Data to enable Processor to perform its obligations under this Amendment or the Agreement, and who is either (1) listed in Exhibit B or (2) authorized by Controller to do so under Section 4.2 of this Amendment.

1.5 “Data Subject” means an identified or identifiable person to whom Personal Data relates.

1.6 “Instruction” means a direction, either in writing, in textual form (e.g. by e-mail) or by using a software or online tool, issued by Controller to Processor and directing Processor to Process Personal Data.

1.7 “Personal Data” means any information relating to Data Subject which is subject to Data Protection Laws (defined below) and which Processor Processes on behalf of Controller, other than Anonymous Data.

1.8 “Personal Data Breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored, or otherwise processed.

1.9 “Process” or “Processing” means any operation or set of operations which is performed upon the Personal Data, whether or not by automatic means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure, or destruction.

1.10 “Standard Contractual Clauses” means the standard data protection clauses for the transfer of Personal Data to processors established in countries that do not ensure an adequate level of data protection, under Decision 2010/87/EU, or other contractual terms as may from time to time be approved by the European Commission instead of those clauses, as described in Article 46 of the GDPR.

1.11 “Supervisory Authority” means an independent public authority which is established by a member state of the European Union, Iceland, Liechtenstein, or Norway.

2. Processing of Data

2.1 The rights and obligations of the Controller with respect to this Processing are described herein. Controller shall, in its use of the Services, at all times Process Personal Data, and provide instructions for the Processing of Personal Data, in compliance with the General Data Protection Regulation (Regulation (EU) 2016/679) (the “GDPR” and together, “Data Protection Laws”)). Controller shall ensure that its instructions comply with all laws, rules and regulations applicable in relation to the Personal Data, and that the Processing of Personal Data in accordance with Controller’s instructions will not cause Processor to be in breach of the Data Protection Laws. Controller is solely responsible for the accuracy, quality, and legality of (i) the Personal Data provided to Processor by or on behalf of Controller, (ii) the means by which Controller acquired any such Personal Data, and (iii) the instructions it provides to Processor regarding the Processing of such Personal Data. Controller shall not provide or make available to Processor any Personal Data in violation of the Agreement or otherwise inappropriate for the nature of the Services, and shall indemnify Processor from all claims and losses in connection therewith. This Amendment does not apply to Personal Data for which Processor is a controller.

2.2 Processor shall not Process Personal Data (i) for purposes other than those set forth in the Agreement and/or Exhibit A, (ii) in a manner inconsistent with the terms and conditions set forth in this Amendment or any other documented instructions provided by Controller, including with regard to transfers of personal data to a third country or an international organization, unless required to do so by Supervisory Authority to which the Processor is subject; in such a case, the Processor shall inform the Controller of that legal requirement before Processing, unless that law prohibits such information on important grounds of public interest and (iii) in violation of the GDPR. Controller hereby instructs Processor to Process Personal Data in accordance with the foregoing and as part of any Processing initiated by Controller in its use of the products or services described in the Agreement.

2.3 The subject matter, nature, purpose, and duration of this Processing, as well as the types of Personal Data collected and categories of Data Subjects, are described in Exhibit A to this Amendment.

2.4 Following termination or expiration of the Agreement, at Controller’s choice, Processor shall return or delete the Personal Data, unless further storage of Personal Data is required or authorized by applicable law. If return or destruction is impracticable or prohibited by law, rule or regulation, Processor shall take measures to block such Personal Data from any further Processing (except to the extent necessary for its continued hosting or Processing required by law, rule or regulation) and shall continue to appropriately protect the Personal Data remaining in its possession, custody, or control. If Controller and Processor have entered into Standard Contractual Clauses as described in Section 6 (Transfers of Personal Data), the parties agree that the certification of deletion of Personal Data that is described in Clause 12(1) of the Standard Contractual Clauses shall be provided by Processor to Controller only upon Controller’s request.

3. Authorized Employees

3.1 Processor shall take commercially reasonable steps to ensure the reliability and appropriate training of any Authorized Employee.

3.2 Processor shall ensure that all Authorized Employees are made aware of the confidential nature of Personal Data and have executed confidentiality agreements that prevent them from disclosing or otherwise Processing, both during and after their engagement with Processor, any Personal Data except in accordance with their obligations in connection with the Services.

3.3 Processor shall take commercially reasonable steps to limit access to Personal Data to only Authorized Employees.

4. Authorized Sub-Processors

4.1 Controller acknowledges and agrees that Processor may (1) engage its affiliates and the Authorized Sub-Processors listed in Exhibit B to this Amendment to access and Process Personal Data in connection with its performance under the Agreement, and (2) from time to time engage additional third parties for the purpose of its performance under the Agreement, including without limitation the Processing of Personal Data. By way of this Amendment, Controller provides general written authorization to Processor to engage sub-processors as necessary to perform under the Agreement.

4.2 A list of Processor’s current Authorized Sub-Processors (the “List”) will be made available to Controller, either attached hereto, at a link provided to Controller, via email or through another means made available to Controller. Such List may be updated by Processor from time to time. The List may provide a mechanism to subscribe to notifications of new Authorized Sub-Processors and Controller agrees to subscribe to such notifications where available. At least ten (10) days before enabling any third party other than Authorized Sub-Processors to access or participate in the Processing of Personal Data, Processor will add such third party to the List. Controller may reasonably object to such an engagement on legitimate grounds by informing Processor in writing within ten (10) days of receipt of the aforementioned notice by Processor. Controller acknowledges that certain sub-processors are essential to providing the products and services set forth in the Agreement and that objecting to the use of a sub-processor may prevent Processor from offering the Services to Controller.

4.3 If Controller reasonably objects to an engagement in accordance with Section 4.2, and Processor cannot provide a commercially reasonable alternative within a reasonable period of time, Processor may terminate this Amendment. Termination shall not relieve Controller of any fees owed to Processor under the Agreement.

4.4 If Controller does not object to the engagement of a third party in accordance with Section 4.2 within ten (10) days of notice by Processor, that third party will be deemed an Authorized Sub-Processor for the purposes of this Amendment.

4.5 Processor will enter into a written agreement with the Authorized Sub-Processor imposing on the Authorized Sub-Processor data protection obligations comparable to those imposed on Processor under this Amendment with respect to the protection of Personal Data. In case an Authorized Sub-Processors fails to fulfill its data protection obligations under such written agreement with Processor, Processor will remain liable to Controller for the performance of the Authorized Sub-Processor’s obligations under such agreement.

4.6 If Controller and Processor have entered into Standard Contractual Clauses as described in Section 6 (Transfers of Personal Data), (i) the above authorizations will constitute Controller’s prior written consent to the subcontracting by Processor of the processing of Personal Data if such consent is required under the Standard Contractual Clauses, and (ii) the parties agree that the copies of the agreements with Authorized Sub-Processors that must be provided by Processor to Controller pursuant to Clause 5(j) of the Standard Contractual Clauses may have commercial information, or information unrelated to the Standard Contractual Clauses or their equivalent, removed by the Processor beforehand, and that such copies will be provided by the Processor only upon request by Controller.

5. Security of Personal Data. Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of Processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, Processor shall maintain appropriate technical and organizational measures to ensure a level of security appropriate to the risk of Processing Personal Data.

6. Transfers of Personal Data

6.1 You agree that we may, subject to Section 6.2, store and process Personal Data in the United States and any other country in which we or our Authorized Sub-Processors maintain facilities.

6.2 If the storage and/or processing of Personal Data as described in Section 6.1 involves transfers of Personal Data out of the EEA and European Data Protection Legislation applies to the transfers of such data (collectively, “Transferred Personal Data”), we will, at our sole discretion, either (i) ensure that we (as the data importer) have entered into Standard Contractual Clauses with you (as the data exporter), and that the transfers are made in accordance with the Standard Contractual Clauses; or (ii) ensure that the transfers are made in accordance with an Alternative Transfer Solution. With respect to Transferred Personal Data, you agree that if we reasonably require you to enter into Standard Contractual Clauses with respect to such transfers as required by applicable Data Protection Laws, you will promptly do so; similarly, if we reasonably require you to use an Alternative Transfer Solution and we request that you take any action (including, without limitation, execution of documents) required to give full effect to that solution, you will promptly do so.

7. Rights of Data Subjects

7.1 Processor shall, to the extent permitted by law, notify Controller upon receipt of a request by a Data Subject to exercise the Data Subject’s right of: access, rectification, erasure, data portability, restriction or cessation of Processing, withdrawal of consent to Processing, and/or objection to being subject to Processing that constitutes automated decision-making (such requests individually and collectively “Data Subject Request(s)”). If Processor receives a Data Subject Request in relation to Controller’s data, Processor will advise the Data Subject to submit their request to Controller and Controller will be responsible for responding to such request, including, where necessary, by using the functionality of the Services. Controller is solely responsible for ensuring that Data Subject Requests for erasure, restriction or cessation of Processing, or withdrawal of consent to Processing of any Personal Data are communicated to Processor, and for ensuring that a record of consent to Processing is maintained with respect to each Data Subject.

7.2 Processor shall, at the request of the Controller, and taking into account the nature of the Processing applicable to any Data Subject Request, apply appropriate technical and organizational measures to assist Controller in complying with Controller’s obligation to respond to such Data Subject Request and/or in demonstrating such compliance, where possible, provided that (i) Controller is itself unable to respond without Processor’s assistance and (ii) Processor is able to do so in accordance with all applicable laws, rules, and regulations. Controller shall be responsible to the extent legally permitted for any costs and expenses arising from any such assistance by Processor.

8. Actions and Access Requests

8.1 Processor shall, taking into account the nature of the Processing and the information available to Processor, provide Controller with reasonable cooperation and assistance where necessary for Controller to comply with its obligations under the GDPR to conduct a data protection impact assessment and/or to demonstrate such compliance, provided that Controller does not otherwise have access to the relevant information. Controller shall be responsible to the extent legally permitted for any costs and expenses arising from any such assistance by Processor.

8.2 Processor shall, taking into account the nature of the Processing and the information available to Processor, provide Controller with reasonable cooperation and assistance with respect to Controller’s cooperation and/or prior consultation with any Supervisory Authority, where necessary and where required by the GDPR. Controller shall be responsible to the extent legally permitted for any costs and expenses arising from any such assistance by Processor.

8.3 Processor shall maintain records sufficient to demonstrate its compliance with its obligations under this Amendment, and retain such records for a period of three (3) years after the termination of the Agreement. Controller shall, with reasonable notice to Processor, have the right to review, audit and copy such records at Processor’s offices during regular business hours.

8.4 Upon Controller’s request, Processor shall, no more than once per calendar year, either (i) make available for Controller’s review copies of certifications or reports demonstrating Processor’s compliance with prevailing data security standards applicable to the Processing of Controller’s Personal Data, or (ii) if the provision of reports or certifications pursuant to (i) is not reasonably sufficient under Data Protection Laws, allow Controller or its authorized representative, upon reasonable notice and at a mutually agreeable date and time, to conduct an audit or inspection of Processor’s data security infrastructure and procedures that is sufficient to demonstrate Processor’s compliance with its obligations under this Amendment, provided that Controller shall provide reasonable prior notice of any such request for an audit and such inspection shall not be unreasonably disruptive to Processor’s business. Controller shall be responsible for the costs of any such audits or inspections, including without limitation a reimbursement to Processor for any time expended for on-site audits. If Controller and Processor have entered into Standard Contractual Clauses as described in Section 6 (Transfers of Personal Data), the parties agree that the audits described in Clause 5(f) and Clause 12(2) of the Standard Contractual Clauses shall be carried out in accordance with this Section 8.4.

8.5 Processor shall immediately notify Controller if an instruction, in the Processor’s opinion, infringes the Data Protection Laws or the instructions or decisions of the Supervisory Authority.

8.6 In the event of a Personal Data Breach, Processor shall, without undue delay, inform Controller of the Personal Data Breach and take such steps as Processor in its sole discretion deems necessary and reasonable to remediate such violation (to the extent that remediation is within Processor’s reasonable control).

8.7 In the event of a Personal Data Breach, Processor shall, taking into account the nature of the Processing and the information available to Processor, provide Controller with reasonable cooperation and assistance necessary for Controller to comply with its obligations under the GDPR with respect to notifying (i) the relevant Supervisory Authority and (ii) Data Subjects affected by such Personal Data Breach without undue delay.

8.8 The obligations described in Sections 8.5 and 8.6 shall not apply in the event that a Personal Data Breach results from the actions or omissions of Controller. Processor’s obligation to report or respond to a Personal Data Breach under Sections 8.5 and 8.6 will not be construed as an acknowledgement by Processor of any fault or liability with respect to the Personal Data Breach.

9. Limitation of Liability. The total liability of each of Controller and Processor (and their respective employees, directors, officers, affiliates, successors, and assigns), arising out of or related to this Amendment, whether in contract, tort, or other theory of liability, shall not, when taken together in the aggregate, exceed the limitation of liability set forth in the Agreement.

10. Processor’s Role as a Data Controller. The parties acknowledge and agree that to the extent Processor processes Personal Data in connection with the Agreement to: (i) monitor, prevent and detect fraud, and to prevent harm to Controller, Processor and the Processor’s affiliates, and to third parties; (ii) comply with legal or regulatory obligations applicable to the processing and retention of Personal Data to which Processor is subject; (iii) analyze, develop and improve Processor’s products and services; or (iv) provide the Processor products and services to Processor users, Processor is acting as a data controller with respect to the Processing of such Personal Data it receives from or through Controller.

11. Signatories’ Data. Any personal data contained in the Agreement or in this Amendment itself (addresses, email, etc.) will be processed by the parties, as independent Data Controllers, in order to comply with the purpose of the Agreement and the Amendment, and will be kept for as long as the relationship is maintained or for as long as necessary in order to comply with applicable legal obligations. Data subjects may exercise their data protection rights by means of written notice to each party to the address provided in the heading of the Agreement. Constella has appointed a Data Protection Officer who may be contacted at the following email address: privacy@constellaintelligence.com. Data subjects may file a complaint with the competent authority.

12. Controlling Language. The original version of this Amendment is drawn up in English, and the English version of this Amendment shall prevail in the event of any conflict with any version of this Amendment or portion thereof that has been translated into another language (including Spanish).

13. Governing Law and Jurisdiction. This Amendment will be governed by and construed in accordance with the laws of the State of California, without regard to that State’s conflict of law principles. Any legal action or proceeding arising under, related to or connected with this Amendment will be brought exclusively in the federal (if they have jurisdiction) or state courts located in Santa Clara County, California, and the parties irrevocably consent to the personal jurisdiction and venue of such court(s). The United Nations Convention on Contracts for the International Sale of Goods and the Uniform Computer Information Transactions Act will not apply to this Amendment. If a party initiates any proceeding regarding this Amendment, the prevailing party to such proceeding is entitled to reasonable attorneys’ fees and costs.

EXHIBIT A

Details of Processing

Nature and Purpose of Processing: Constella’s performance under the Agreement with Customer, and related technical support.

Duration of Processing: Throughout the term of the Agreement.

Categories of Data Subjects:

Categories of Data Subjects might include:

  • Customer end-users
  • “Hunter” Investigation targets
  • Customer’s representatives who are signatories of the Agreement and the Amendment

Type of Personal Data:

Personal Data submitted to, stored on, or sent via the Constella products and services may include, without limitation, the following categories of data: IP addresses, browser agents, email addresses, usernames, full names, browser and operating system identifiers, and any other personal data that Customer chooses to send to Constella during the course of our provision of the Constella products and services, and related technical support.

EXHIBIT B

Authorized Sub-Processors

Controller acknowledges and agrees that the following entities shall be deemed Authorized Sub-Processors that may Process Personal Data pursuant to this Amendment:

  • Amazon Web Services (Web/Hosting services)
  • Arsys (Web/Hosting services)

EULA

EULA

EULA

Constella Intelligence, Inc.

End User License Agreement

EULA Last Updated: April 21, 2023

  1. Introduction.

This End Used License Agreement (this “EULA”) applies by and between Constella Intelligence, Inc. (“Constella”, “we”, or “us”) and the customer/user (the “Customer”, or “you”) who is accessing or using one or more Applications (as defined below). By accessing or using any Application, you agree to be bound by this EULA. If you do not agree to this EULA, you are not allowed to access or use any Application. The “Effective Date” of this EULA is the date you first access or use any Application.

If you are accessing or using an Application in your capacity as an employee, consultant or agent of the contracting entity, you represent that you are an employee, consultant or agent of that entity, and that you have the authority to bind that entity to this EULA. For the purpose of this EULA, you (and, if applicable, the entity that you represent) will be referred to as “Customer” or “you”.

Constella reserves the right to change or modify this EULA, or any of our other policies or guidelines, at any time upon notice to you. We may provide that notice in a variety of ways, including, without limitation, sending you an email or posting the revised EULA on Constella’s web site and revising the date at the top of this EULA. Any changes or modifications will be effective after we provide notice that this EULA has been modified. You acknowledge that your continued access or use of any Application following such notice constitutes your acceptance of the modified EULA.

This EULA forms a binding agreement between you and Constella.

  1. Definitions.

1.1 “Constella Data” means any and all data that is made available to you as a result of your use of or access to the Application.

1.2 “Application” means, individually and collectively, each of the Constella-proprietary applications made available to Customer hereunder. The current list of available Applications is set forth at https://live-constellaintelligence-website.pantheonsite.io.

1.3 “Call Limits” means the limits, if any, set forth in the Order Form regarding the number of seats, tasks, queries or calls that you are authorized to use or make via the applicable Application, and/or the amount of data you are authorized to store on, or transfer to or from, Constella’s servers.

1.4 “Clear Text Passwords” means certain passwords within the Constella database provided to a Customer (when specific Constella Services are purchased by Customer) in unencrypted, unsecure, plain text, capable of being read without restructuring or any other similar data security protocol or process. For terms of the Agreement applicable to Clear Text Passwords, see Exhibit A to this Agreement.

1.5 “Client” means a client of Customer (whether directly or through multiple tiers) to whom Customer is providing products or services that utilize, include, or reference the Constella Data, or any other element of an Application.

1.6 “Customer Data” means any data or other content that you either: (i) publish, upload to, or use in conjunction with an Application; (ii) make available in conjunction with an Application, or (iii) allow an Application to access.

1.7 “Customer Systems” means any of your (or your contractors’ or agents’) computer systems that are used in conjunction with the Application or any Constella Data.

1.8 “Documentation” means any manuals, guides, documentation and other supporting materials related to an Application that Constella makes generally available to our customers. Documentation is considered part of the applicable Application.

1.9 “Fees” means, collectively: (i) the fees that you are required to pay us to use and/or access an Application during the applicable Subscription Term, as such fees are reflected on each applicable Order Form; and (ii) the fees that you are required to pay us for any Professional Services you engage us to perform, as such fees are reflected on each applicable SOW or Order Form.

1.10 “Intellectual Property Rights” means patent rights (including, without limitation, patent applications and disclosures), copyrights, trade secrets, trademarks, know-how and any other intellectual property rights recognized in any country or jurisdiction in the world.

1.11 The “Order Form” means the form you use to order Application(a) and/or Professional Services. Upon execution by the parties, each Order Form will be subject to this EULA. In the event of a conflict between this EULA and the terms of an Order Form, this EULA will prevail, notwithstanding any language to the contrary in the Order Form.

1.12 “Professional Services” means training, consulting, or implementation services that we provide to you pursuant to an Order Form or Statement of Work. Professional Services do not include support, or any Application.

1.13 “Purpose” means the specific purpose(s) for which you are permitted to use each Application, as set forth in the applicable Order Form.

1.14 “Reports” means, collectively, any reports that are created through your use of an Application.

1.15 “Statement of Work” or “SOW” means a mutually executed statement of work detailing the Professional Services we will perform for you, their price, and your related obligations (if any). Upon execution by the parties, each SOW will be subject to this EULA.

1.16 “Subscription Term” means the time period set forth on the Order Form that you will allowed to use the Application. If no time period is set forth on the Order Form, the Subscription Term will be one (1) year from the date of last signature of the Order Form.

1.17 “Third Party Services” means, collectively, any applications, interfaces, software, or services not operated or provided by Constella.

  1. Application.

2.1 Access Grant. Subject to your continued compliance with this EULA (including, among other things, paying all applicable Fees), Constella grants you a limited, non-transferable, non-exclusive license to access and use each Application that you have ordered in the applicable Order Form for the applicable Subscription Term, solely for the Purpose, and subject to the Call Limits set forth in the Order Form. The Application will be deemed accepted when made to available to Client pursuant to this EULA.

2.2 Restrictions. As between the parties, Constella owns all right, title and interest in and to each Application and the Constella Data, and all Intellectual Property Rights therein. Constella reserves all rights not expressly granted to you in this EULA. You acknowledge and agree that you may not, unless otherwise expressly permitted in this EULA or in the applicable Order Form: (a) modify, disclose, alter, translate or create derivative works of any Application, or any Constella Data; (b) license, sublicense, resell, distribute, lease, rent, lend, transfer, assign or otherwise dispose of any Application or any Constella Data (or any components thereof); (c) offer any part of an Application or the Constella Data on a timeshare or service bureau basis; (d) allow or permit any third party to access or use an Application or the Constella Data; (e) use an Application to store or transmit any viruses, software routines, or other code designed to permit anyone to access in an unauthorized manner, disable, erase or otherwise harm software, hardware, or data, or to perform any other harmful actions; (f) build a competitive product or service, or copy any features or functions of an Application (including, without limitation, the look-and-feel of an Application) or the Constella Data; (g) interfere with or disrupt the integrity or performance of an Application; (h) publicly disclose to any third party any performance information or analysis relating to an Application; (i) remove, alter or obscure any proprietary notices in or on an Application or any Constella Data, including copyright notices; (j) use an Application, the Constella Data, or any product thereof for any illegal or unauthorized purpose, or in a manner which violates applicable law or regulation; (k) use an Application or the Constella Data for any purpose other than the Purpose set forth in this EULA and the applicable Order Form; (l) reverse engineer, decompile, disassemble, or otherwise attempt to discover the source code, object code, or underlying structure, ideas, or algorithms that make up an Application or any software, documentation, or data relating to an Application, except to the limited extent that applicable law prohibits such a restriction; (m) to the extent that the license provides a specific number of seat licenses, allow multiple users to use the same seat license (notwithstanding the foregoing, you can transfer seat licenses from one use to another); or (n) cause or permit any third party (including, without limitation, any Client) to do any of the foregoing. Clear Text Passwords (if provided) are subject to the foregoing, and shall be subject to the terms found in Exhibit A, the Clear Text Password Addendum.

2.3 Exceeding Call Limits. If you exceed the Call Limits set forth in an applicable Order Form, Constella may, in its sole discretion and at is option, and in addition to any other rights or remedies available to it at law or in equity: (i) elect to charge Constella’s then-current rates for any overages; or (ii) suspend your use of the Application until the Call Limits are no longer exceeded.

2.4 Right to Modify the Application. You acknowledge that we reserve the right – at any time, and without notice or liability to you – to modify each Application, or any part of it, temporarily or permanently. We may modify an Application for a variety of reasons, including, without limitation, for the purpose of providing new features, implementing new protocols, maintaining compatibility with emerging standards, or complying with regulatory requirements. We will not modify an Application in any way that materially decreases its features or functionality during the then-current Subscription Term.

2.5 Registration. Promptly after the execution of each Order Form, we will make the Application(s) available to you. You will be required to provide accurate, current and complete information about you as part of the registration process that enables you to access each Application (“Registration Data”). You agree: (i) to maintain the security of your password(s) that you use to access each Application; (ii) to maintain and promptly update your Registration Data (as well as any other information you provide to us) and to keep it accurate, current and complete; (iii) to accept all risks of unauthorized access to your Registration Data, and any other information you provide to us, via your account(s) or password(s); (iv) that you are responsible for maintaining the security of your account and safeguarding your password(s); and (v) that you will be fully responsible for any activities or transactions that take place using your account(s) or password(s).

2.6 Third Party Services (Hunter Application Only). You may elect to access or use one or more Third Party Services in conjunction with your use of the “Hunter” Application. Constella is not responsible for the operation of any Third Party Services, nor the availability or operation of the “Hunter” Application to the extent that you make such availability and/or operation dependent upon the proper functioning of any Third Party Services. You are solely responsible for procuring any and all rights and licenses necessary for you to access any Third Party Services, and for complying with any applicable terms or conditions thereof. We do not make any representations or warranties with respect to any Third Party Services, or the providers thereof. Any exchange of data or other interaction between you and a Third Party Service is at your sole risk, and any such exchange will be governed solely by such the Third Party Services’ terms and conditions.

2.7 Data Processing Amendment; Acceptable Use Policy. The parties agree to the terms of the Data Processing Amendment (the “DPA”), found at https://constellaintelligence.com/dpa.  You understand and agree that your use of each Application is at all times subject to your compliance with the then-current Acceptable Use Policy (the “AUP”), found at https://constellaintelligence.com/aup. The DPA and AUP are hereby incorporated into this Agreement by this reference.

When you access or use Application(s) that enable executive protection services, you will input personal and confidential information of one or more of your executives, and collect, track, and monitor data that may be available online concerning that executive. To the extent that you access or use Application(s) that enable executive protection services, you represent and warrant as follows: (i) that you have obtained all necessary permissions from each executive to (A) upload their personal data to the Application, and (B) collect, track, and monitor data that may be available online concerning that executive; (ii) that you will not use the Application for any purpose other than the limited evaluation set forth herein; and (iii) that your use of the Application will comply with all applicable laws and regulations.

2.8 Support. Provided that you have paid all applicable Fees, we will provide you with support for each Application, as more fully described in and in accordance with the support terms set forth at https://constellaintelligence.com/support (the “Support Terms”). Standard support may be included in the cost of the Application, while premium support may be obtained for an additional fee. To the extent that you are slated to receive support in the relevant Order Form, you will receive such support in accordance with the Support Terms, which are incorporated by reference into this EULA. You will provide us with access to any Customer Systems necessary for us to provide support. For the avoidance of doubt: (i) we will not be liable for any failure to provide support that is due to your failure to provide us with all necessary access to Customer Systems; and (ii) you at all times are and will be responsible for all aspects of any Customer Systems.

2.9 Ownership; Feedback. As between the parties, Constella retains all right, title, and interest in and to each Applications and the Constella Data, and all Intellectual Property Rights therein. We reserve all rights not expressly granted to you in this EULA. You acknowledge that, to the extent that you provide us with any suggestions, comments, or other feedback with respect to any Application or any other Constella product or service (collectively, “Feedback”), you grant us a perpetual, irrevocable, royalty-free, fully paid up, sublicensable right and license to fully exploit such Feedback for any purpose, without restriction.

  1. Customer Data. As between the parties, you own your Customer Data. You acknowledge and agree that you are fully responsible for the Customer Data, irrespective of whether you were the original creator of the Customer Data. By making the Customer Data available to us or to the Application, you grant us a worldwide, royalty-free, and non-exclusive license to use, reproduce, modify, adapt and publish the Customer Data for the purpose of providing the Application to you. By making Customer Data available to us or to the Application, you represent and warrant that: (i) the Customer Data does not and will not infringe, violate or misappropriate the Intellectual Property Rights of any third party; (ii) you have obtained all rights and permissions necessary to use the Customer Data in the manner in which you have used it; (iii) the Customer Data does not contain or install any viruses, worms, malware, Trojan horses or other harmful or destructive code; and (iv) our use of the Customer Data for the purpose of providing the Application does not and will not (a) violate any applicable law or regulation, or (b) infringe, violate, or misappropriate the Intellectual Property Rights of any third party.
  2. Government Users.We do not develop any technical data or computer software pursuant to this EULA. The Application and Documentation have been developed solely with private funds, are considered “Commercial Computer Software” and “Commercial Computer Software Documentation” as described in FAR 12.212, FAR 27.405-3, and DFARS 227.7202-3, and access is provided to U.S. Government end users as restricted computer software and limited rights data. Any use, disclosure, modification, distribution, or reproduction of the Application or Documentation by the U.S. Government, its end users or contractors is subject to the restrictions set forth in this EULA.
  3. ProfessionalServices.From time to time during the term of this EULA, you may order Professional Services from us via an Order Form or an SOW. If an SOW is required to more fully define or detail any Professional Services ordered via an Order Form, the parties will execute an SOW for that purpose (for the sake of clarity, however, the lack of an SOW will in no way impact the validity of Professional Services ordered via an Order Form, or your obligation to pay for those Professional Services). Each SOW will be binding once both parties sign it, and the parties agree that any Professional Services we provide to you (whether pursuant to a SOW or not) will be provided pursuant to this EULA. In the event of any conflict between the terms of this EULA and any SOW, this EULA will control. Provided you comply with the terms of this EULA (including, among other things, paying us the Fees), we will perform the Professional Services described in each SOW, according to the timeframes set forth in that SOW. We will control the manner and means by which the Professional Services are performed, and we reserve the right to determine which personnel we assign to perform Professional Services for you. Provided we remain responsible for all of their acts and omissions, we can use third parties to help us perform the Professional Services. You acknowledge that we retain all right, title and interest in and to anything we use or develop in connection with performing Professional Services for you, including, among other things, software programs, tools, specifications, ideas, concepts, inventions, processes, techniques, and know-how. To the extent that we deliver anything to you during the course of performing Professional Services (collectively, “Deliverables”), we grant you a non-exclusive, non-transferable, worldwide, royalty-free, limited-term license to use the Deliverables during the term of this EULA, solely in conjunction with your use of the Application. You may not copy, modify, or otherwise create derivative works of any Deliverables without our prior written consent in each case. To the extent that we provide you with Reports, you may freely use the content of such Reports (even if you are not using an Application), provided that such use is for the Purpose.
  4. Payment. You agree to pay us all applicable Fees in full, without deduction or setoff of any kind, in U.S. Dollars, within thirty (30) days of the date of the invoice. Application-related Fees are payable in accordance with the terms set forth in the applicable Order Form. Amounts payable under this EULA are nonrefundable, except as otherwise expressly set forth herein. If you do not pay us on time, in addition to any other rights we may have at law or in equity, we reserve the right to suspend your access to the Application, we reserve the right to charge you interest on past due amounts at 1.5% per month or the highest rate allowed by law, whichever is less, and to additionally charge all expenses of recovery.
  5. Taxes. The Fees to be paid to Constella under this EULA are exclusive of any taxes, fees and duties or other amounts, however designated, and including without limitation value added and withholding taxes which are levied or based upon such charges, or upon this EULA (other than taxes based on the net income of Constella). You will pay all sales, use, value-added and other taxes, and all customs, duties and tariffs now or hereafter claimed or imposed by any governmental authority upon the license of the Application to you, or upon payments to us under this EULA, or you will present an exemption certificate acceptable to the taxing authorities. Except for income taxes levied on Constella, you: (i) will pay or reimburse us for all national, federal, state, local or other taxes and assessments of any jurisdiction, including value added taxes and taxes as required by international tax treaties, customs or other import or export taxes, and amounts levied in lieu thereof based on charges set, services performed or payments made hereunder, as are now or hereafter may be imposed under the authority of any national, state, local or any other taxing jurisdiction; and (ii) will not be entitled to deduct the amount of any such taxes, duties or assessments from payments made to us under this EULA. The purpose of this subsection is to preserve the payments to us from being reduced because of withholding taxes, duties and other taxes and assessments which may be imposed by a jurisdiction in which you operate or are otherwise subject to taxation.
  6. Term and Termination.

8.1 Term. This EULA begins on the Effective Date and, unless terminated earlier as provided for herein, will remain in effect for as long as there is a Subscription Term, Order Form, or SOW for Professional Services outstanding. Each Order Form (or that portion of the Order Form) that you use to order an Application will automatically renew (and we may automatically invoice you) for additional Subscription Terms of equivalent length, unless one party provides written notice to the other at least sixty (60) days prior to the expiration of the then-current Subscription Term that it wishes to terminate the applicable Order Form at the end of the then-current Subscription Term. Neither SOWs nor those portions of Order Forms that you use to order Professional Services will automatically renew. We reserve the right to modify the Fees for each Application at any time upon sixty (60) days’ prior written notice to you, provided that the modified Fees will not apply until the next Subscription Term. If we do not inform you of a specific price increase for a new Subscription Term, you acknowledge and agree that the Application Fees for each new Subscription Term will automatically increase by the greater of (i) five percent (5%), or (ii) the percentage increase in the Consumer Price Index over the most recent Subscription Term.

8.2 No Termination for ConvenienceWe offer our Applications on an annual subscription basis. With that in mind, you cannot terminate any Order Form for your convenience during the applicable Subscription Term.

8.3 Termination for Cause. Either party can terminate this EULA, any Order Form or SOW for cause immediately upon written notice to the other if the other party breaches any part of this EULA or the applicable Order Form or SOW and fails to cure the breach within thirty (30) days of receiving written notice of it from the non-breaching party. We reserve the right to terminate this EULA or any Order Form or SOW for cause immediately upon written notice to you, and without giving you a cure period, if you breach any of the terms of this EULA relating to our intellectual property (including your compliance with the license/access grant and any license/access restrictions) or our Confidential Information (defined below).

8.4 Right to Suspend Access to Application. Without limiting any of our other rights in this Section 8, we have the right, in our sole discretion, to suspend your ability to access the Application (in whole or in part), without liability, under the following circumstances: (i) for scheduled or emergency maintenance to the Application, or any part thereof; (ii) if we reasonably believe that you are using the Application or the Constella Data in violation of this EULA or applicable law; (iii) if we reasonably believe that your use of the Application poses a security risk to us or to any third party; (iv) if required by law enforcement or government agency, or otherwise in order to comply with applicable law or regulation; (v) if you are using the Application or Constella Data other than for the Purpose; or (vi) if you fail to fulfill your payment obligations hereunder.

8.5 Effect of Termination. When this EULA or any Order Form or SOW terminates or expires: (i) you will no longer have the right to use or access the Application identified in the terminated/expired Order Form as of the date of termination/expiration; (ii) all licenses we grant you in this EULA or the Order Form, as applicable, will immediately cease to exist as of the date of termination/expiration; (iii) if you owed us any Fees prior to such termination/expiration, you will pay those Fees in accordance with this EULA; (iv) except as otherwise set forth in Section 8.6 below, we may delete your Customer Data, and we will not be responsible or liable to you if you are unable to access or recover your Customer Data following termination/expiration; and (v) each of us will promptly return to the other (or, if the other party requests it, destroy) all Confidential Information belonging to the other. Sections 1, 2.2, 2.9, 6, 7, 8.5, 8.6, 9.2, and 10 through 14 will survive the termination or expiration of this EULA for any reason.

 

8.6 Data Retention. You may request the destruction of Customer Data in our possession or control, provided that you provide us with formal written notice of such request within ninety (90) days of the termination or expiration of this EULA, and further provided that you promptly respond to our requests for additional information relating thereto. At the conclusion of this ninety (90) day period, Constella may, at its sole discretion, elect to destroy the Customer Data. In the event that you make a request of us pursuant to this Section 8.6, we will use our reasonable efforts to comply with the request within five (5) business days of receiving it, and we will confirm once the Customer Data has been destroyed.

  1. LimitedWarranty; Disclaimer.

9.1 Limited Warranty. Constella represents and warrants solely to you that: (i) Constella has the power and authority to enter into this EULA and to perform its obligations hereunder; (ii) Constella’s performance under this EULA will not conflict with obligations it has to any third party; (iii) Constella has the right to provide access to the Application(s) and the Constella Data as provided herein; and (iv) Constella will provide support pursuant to this EULA in a professional and workmanlike manner.

9.2 Disclaimer. THE LIMITED WARRANTIES SET FORTH ABOVE ARE THE ONLY WARRANTIES WE MAKE WITH RESPECT TO EACH APPLICATION, THE CONSTELLA DATA, THE SUPPORT, AND THE PROFESSIONAL SERVICES. YOU ACKNOWLEDGE THAT, EXCEPT AS EXPRESSLY SET FORTH IN SECTION 9.1, EACH APPLICATION, THE CONSTELLA DATA, SUPPORT, AND PROFESSIONAL SERVICES ARE PROVIDED ON AN “AS IS”, “AS AVAILABLE” BASIS, WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS OR IMPLIED, AND THAT YOUR USE OF EACH APPLICATION, THE CONSTELLA DATA, SUPPORT, AND THE PROFESSIONAL SERVICES ARE AT YOUR SOLE RISK. CONSTELLA DOES NOT WARRANT: (I) THAT ANY APPLICATION, THE CONSTELLA DATA, SUPPORT, OR PROFESSIONAL SERVICES WILL MEET YOUR SPECIFIC REQUIREMENTS, (II) THAT ANY APPLICATION, THE CONSTELLA DATA, SUPPORT, OR PROFESSIONAL SERVICES WILL BE UNINTERRUPTED, TIMELY, SECURE, OR ERROR-FREE, (III) THAT THE RESULTS THAT MAY BE OBTAINED FROM THE USE OF ANY APPLICATION, THE CONSTELLA DATA, SUPPORT, OR THE PROFESSIONAL SERVICES WILL BE ACCURATE OR RELIABLE, (IV) THAT THE QUALITY OF ANY PRODUCTS, SERVICES, INFORMATION, OR OTHER MATERIAL THAT YOU PURCHASE OR OBTAIN THROUGH ANY APPLICATION, SUPPORT, THE CONSTELLA DATA, OR PROFESSIONAL SERVICES WILL MEET YOUR EXPECTATIONS, OR (V) THAT ANY ERRORS IN ANY APPLICATION, SUPPORT THE CONSTELLA DATA, OR PROFESSIONAL SERVICES WILL BE CORRECTED. CONSTELLA SPECIFICALLY DISCLAIMS ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT.

  1. Indemnification.

10.1 Constella Indemnity. Constella agrees to defend (or settle, at Constella’s option and expense), indemnify and hold Customer (and its directors, officers, employees, consultants and agents) harmless from and against any and all actual or threatened suits, actions, proceedings (whether at law or in equity), claims, damages, payments, deficiencies, fines, judgments, settlements, liabilities, losses, costs and reasonable expenses (including, without limitation, reasonable attorneys’ fees, costs, penalties, interest and disbursements) arising out of or relating to any third-party claim brought against Customer to the extent that it is based on an allegation that Customer’s use of the Application as permitted under this EULA infringes a U.S. patent or copyright or misappropriates a trade secret of any third party (each, a “Claim”), provided that Customer notifies Constella in writing of any such Claim as soon as reasonably practicable and allows Constella to control, and reasonably cooperates with Constella in the defense of, any such Claim and related settlement negotiations. Constella will have no obligation to indemnify Customer for any Claim that is based upon (i) the modification of the Application or the Constella Data, unless Constella or its designee were the ones who made the modifications; (ii) Customer’s use of the Application or the Constella Data other than as authorized by this EULA, the Order Form, or the applicable Documentation; or (iii) the combination, operation or use of the Application or the Constella Data with equipment, devices, software, systems, or data that Constella did not supply or authorize in writing, unless the Claim would have arisen irrespective of such combination, operation, or use. If Customer’s use of the Application is, or in Constella’s reasonable opinion is likely to be, subject to a Claim under this Section 10.1, Constella may, at its sole option and at no charge to Customer (and in addition to Constella’s indemnity obligation to Customer in this Section 10.1): (i) procure for Customer the right to continue using the Application; (ii) replace or modify the Application so that it is non-infringing; or (iii) if options (i) and (ii) above are not commercially practicable in Constella’s reasonable estimation, Constella may terminate this EULA and/or all affected Order Forms (in which event, Customer will immediately stop using the affected Application) and refund any pro-rata portion of the prepaid Fees that Customer paid to Constella for the then-current Subscription Term for each terminated Order Form. THIS SECTION 10.1 SETS FORTH CONSTELLA’S SOLE AND EXCLUSIVE OBLIGATIONS, AND CUSTOMER’S SOLE AND EXCLUSIVE REMEDIES, WITH RESPECT TO CLAIMS OF INFRINGEMENT OR MISAPPROPRIATION OF THIRD PARTY INTELLECTUAL PROPERTY RIGHTS.

10.2 Customer Indemnity. Except to the extent that Constella owes an indemnity to Customer pursuant to Section 10.1 above, Customer agrees, at its sole expense, to defend, indemnify and hold Constella (and its directors, officers, employees, consultants and agents) harmless from and against any and all actual or threatened suits, actions, proceedings (whether at law or in equity), claims, damages, payments, deficiencies, fines, judgments, settlements, liabilities, losses, costs and expenses (including, without limitation, reasonable attorneys’ fees, costs, penalties, interest and disbursements) arising out of or relating to (i) the Customer Data; (ii) Customer’s use of the Application, the Constella Data, or any Professional Services; (iii) Customer’s failure to pay any taxes owed under this EULA; (iv) Customer’s provision of products or services to any Client; and (v) any other actual or alleged breach of any of Customer’s obligations under this EULA. Customer will not settle any such claim in any manner that would require Constella to pay money or admit wrongdoing of any kind without Constella’s prior written consent, which Constella may withhold in its sole discretion.

FOR CUSTOMER’S USE OF CLEAR TEXT PASSWORDS AND CUSTOMER’S INDEMNITY OBLIGATIONS, SEE EXHIBIT “A” CLEAR TEXT PASSWORD ADDENDUM.

  1. Limitation of Liability

11.1 Limitation of Total Liability. UNLESS OTHERWISE REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL CONSTELLA’S TOTAL, AGGREGATE LIABILITY TO YOU OR TO ANY THIRD PARTY ARISING OUT OF OR RELATED TO THIS EULA OR YOUR USE OF (OR INABILITY TO USE) ANY PART OF ANY APPLICATION, THE CONSTELLA DATA, OR THE PROFESSIONAL SERVICES EXCEED THE TOTAL AMOUNT OF FEES YOU ACTUALLY PAID TO CONSTELLA UNDER THE AFFECTED ORDER FORM DURING THE TWELVE (12) MONTHS IMMEDIATELY PRIOR TO THE ACCRUAL OF THE FIRST CLAIM. MULTIPLE CLAIMS WILL NOT EXPAND THIS LIMITATION.

11.2 Waiver of Consequential Damages. UNLESS OTHERWISE REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL CONSTELLA BE LIABLE TO YOU OR TO ANY THIRD PARTY FOR ANY LOSS OF PROFITS, LOSS OF USE, LOSS OF REVENUE, LOSS OF GOODWILL, INTERRUPTION OF BUSINESS, LOSS OF DATA, OR ANY INDIRECT, SPECIAL, INCIDENTAL, EXEMPLARY, PUNITIVE OR CONSEQUENTIAL DAMAGES OF ANY KIND ARISING OUT OF, OR IN CONNECTION WITH THIS EULA OR YOUR USE (OR INABILITY TO USE) ANY PART OF ANY APPLICATION, THE CONSTELLA DATA, OR THE PROFESSIONAL SERVICES, WHETHER IN CONTRACT, TORT, STRICT LIABILITY OR OTHERWISE, EVEN IF CONSTELLA HAS BEEN ADVISED OR IS OTHERWISE AWARE OF THE POSSIBILITY OF SUCH DAMAGES.

11.3 Basis of Bargain. THIS SECTION (LIMITATION OF LIABILITY) WILL BE GIVEN FULL EFFECT EVEN IF ANY REMEDY SPECIFIED IN THIS EULA IS DEEMED TO HAVE FAILED OF ITS ESSENTIAL PURPOSE.

  1. Confidential Information.

12.1 Definition. For the purposes of this EULA, “Confidential Information” means any technical or business information disclosed by one party to the other that: (i) if disclosed in writing, is marked “confidential” or “proprietary” at the time of disclosure; (ii) if disclosed orally, is identified as confidential or proprietary at the time of such disclosure, and is summarized in a writing sent by the disclosing party to the receiving party within thirty (30) days of the disclosure; or (iii) irrespective of the manner of disclosure, which the receiving party should reasonably understand to be confidential or proprietary to the disclosing party. For the purposes of this EULA, you agree that the Feedback, any Deliverables we provide to you, and any non-public elements of each Application (including, without limitation, the source code of any Constella-proprietary software), will be deemed to be Constella’s Confidential Information, regardless of whether it is marked as such. Customer Data will be considered Customer’s Confidential Information, regardless of whether it is marked as such.

12.2 Restrictions on Use and Disclosure. Neither of us will use the other party’s Confidential Information, except as permitted under this EULA. Each of us agrees to maintain in confidence and protect the other party’s Confidential Information using at least the same degree of care as it uses for its own information of a similar nature, but in all events at least a reasonable degree of care. Each of us agrees to take all reasonable precautions to prevent any unauthorized disclosure of the other party’s Confidential Information, including, without limitation, disclosing Confidential Information only to its employees, independent contractors, consultants, and legal and financial advisors (collectively, “Representatives”): (i) with a need to know such information, (ii) who are parties to appropriate agreements sufficient to comply with this Section 12, and (iii) who are informed of the nondisclosure obligations imposed by this Section 12. Each party will be responsible for all acts and omissions of its Representatives. The foregoing obligations will not restrict either party from disclosing Confidential Information of the other party pursuant to the order or requirement of a court, administrative agency, or other governmental body, provided that the party required to make such a disclosure gives reasonable notice to the other party to enable them to contest such order or requirement.

12.3 Exclusions. The restrictions set forth in Section 12.2 will not apply with respect to any Confidential Information that: (i) was or becomes publicly known through no fault of the receiving party; (ii) was rightfully known or becomes rightfully known to the receiving party without confidential or proprietary restriction from a source other than the disclosing party who has a right to disclose it; (iii) is approved by the disclosing party for disclosure without restriction in a written document which is signed by a duly authorized officer of such disclosing party; or (iv) the receiving party independently develops without access to or use of the other party’s Confidential Information.

  1. Trademarks. You acknowledge and agree that any Constella names, trademarks, service marks, logos, trade dress, or other branding included as part of the Application or on our website(s) (collectively, the “Marks”) are owned by Constella and may not be copied, imitated, or used (in whole or in part) without Constella’s prior written consent. All other trademarks, names, or logos referenced as part of the Application or on our website(s) (collectively, “Third-Party Trademarks”) are the property of their respective owners, and the use of such Third-Party Trademarks inure to the benefit of their respective owners. The use of such Third-Party Trademarks is intended to denote interoperability, and does not constitute an affiliation by Constella or its licensors with any company or an endorsement or approval by that company of Constella, its licensors, or their respective products or services. At no time during or after the term of this EULA will Customer challenge or assist others to challenge any Marks or the registration thereof, or register or attempt to register any marks or trade names that are confusingly similar to those of Constella.
  2. General Provisions.

14.1 Entire Agreement; Amendments; No Other Terms. This EULA, including each link referenced herein, along with each Exhibit and mutually-executed Order Form and SOW, constitutes the complete and exclusive understanding of the parties with respect to its subject matter, and supersedes all previous or contemporaneous agreements or communications, whether written or oral, relating to its subject matter. As noted above, Constella reserves the right to change or modify this EULA, or any of our other policies or guidelines, at any time upon notice to you. This EULA is the only agreement between us, and the terms of any purchase order, written terms or conditions, or other document that you send to us that contains terms that are different from, in conflict with, or in addition to the terms of this EULA are hereby rejected by Constella, and will be void and of no effect.

14.2 Governing Law and Jurisdiction. This EULA will be governed by and construed in accordance with the laws of the State of California, without regard to that State’s conflict of law principles. Any legal action or proceeding arising under, related to or connected with this EULA will be brought exclusively in the federal (if they have jurisdiction) or state courts located in Santa Clara County, California, and the parties irrevocably consent to the personal jurisdiction and venue of such court(s). The United Nations Convention on Contracts for the International Sale of Goods and the Uniform Computer Information Transactions Act will not apply to this EULA. If a party initiates any proceeding regarding this EULA, the prevailing party to such proceeding is entitled to reasonable attorneys’ fees and costs.

14.3 Assignment. Neither party may assign this EULA, in whole or in part, by operation of law or otherwise, without the prior written consent of the other party, and any attempted transfer, assignment or delegation without such consent will be void and of no effect. Notwithstanding the foregoing, however, each party may assign this EULA in its entirety, upon written notice but without the requirement to obtain consent, to an affiliate of that party or in connection with a merger, acquisition, corporate reorganization, or sale of all or substantially all of that party’s business or assets. Subject to the foregoing, this EULA will be binding upon and will inure to the benefit of the parties and their respective representatives, heirs, administrators, successors and permitted assigns.

14.4 Controlling Language. The original version of this Agreement is drawn up in English, and the English version of this Agreement shall prevail in the event of any conflict with any version of this Agreement or portion thereof that has been translated into another language (including Spanish).

14.5 Miscellaneous. Except as expressly set forth in this EULA, the exercise by either party of any of its remedies will be without prejudice to its other remedies under this EULA or otherwise. The failure by a party to enforce any part of this EULA will not constitute a waiver of future enforcement of that or any other provision. Any waiver of any provision of this EULA will be effective only if in writing and signed by an authorized representative of the waiving party. You acknowledge that you are responsible for complying with all applicable laws and regulations associated with your access and use of each Application and the Constella Data, including, without limitation, all applicable data privacy, security, and export control laws and regulations. If any portion of this EULA is held to be unenforceable or invalid, that portion will be enforced to the maximum extent possible, and all other provisions will remain in full force and effect. Except for payments due under this Agreement, neither party will be responsible for any delay or failure to perform that is attributable in whole or in part to any cause beyond its reasonable control. The parties are independent contractors with respect to the subject matter of this EULA. Nothing contained in this EULA will be deemed or construed in any manner whatsoever to create a partnership, joint venture, employment, agency, fiduciary, or other similar relationship between us, and neither party can bind the other contractually.

 

 

 

 

 

 

 

 

 

EXHIBIT A

 

CONSTELLA INTELLIGENCE, INC. CLEAR-TEXT PASSWORD ADDENDUM

 

This Constella Intelligence, Inc., Clear Text Password Addendum (the “Addendum”) is attached to and made part of the Constella Intelligence, Inc., End User License Agreement (EULA) (the “Agreement” herein); the Addendum shall supplement the terms of the Agreement and forms an integral part of the Agreement. In the event of any conflict between the terms of the Agreement and this Addendum regarding the matters set forth in this Addendum, the Addendum shall govern and control.

 

Customer acknowledges that its receipt of Clear Text Passwords (passwords within the Constella database provided in unencrypted, unsecure, plain text, capable of being read without restructuring or any other similar data security protocol or process) requires Customer to agree to specific restrictions regarding the use of such clear text passwords; and Customer must provide certain representations and warranties, and indemnification to Constella, regarding Customer’s use of clear text passwords. Customer shall assume the risk associated with the use of clear text passwords provided to Customer under the Agreement and this Addendum.

 

Therefore, Customer represents and warrants to Constella: Customer has lawfully obtained and shall demonstrate upon Constella’s request, all the applicable rights required by law; the necessary permission(s) and consent(s) when required by law; and a proper legal basis under applicable data privacy law, when necessary, to obtain and process clear text passwords. Customer shall implement and maintain appropriate technical and organization measures to ensure the security and privacy of clear text passwords, with a full and complete understanding of the unsecure and highly vulnerable nature of clear text password-data. Customer shall only use clear text passwords for the following purpose(s): (i) fraud or criminal investigation; (ii) genuine know-your-customer (KYC) activities and related due diligence for identifying customers and verifying a customer’s identity; (iii) identity theft protection, customer account takeover, or executive monitoring; or (iv) cybersecurity analysis or data security incident response. Constella shall immediately and without prior notice stop providing Customer clear text passwords in the event Constella determines, at its sole discretion, Customer has violated any of the foregoing terms, representations and warranties.

 

Customer agrees to fully and completely indemnify, defend, and hold harmless Constella, its directors, officers, employees, partners, affiliates, and agents, and shall defend any action brought against same with respect to any claim of any kind, demand, cause of action, fine(s), expense, debt or liability (a “Claim”), including reasonable attorneys’ fees and all related costs and expenses, based upon any Claim that: (i) arises due to a breach of any of Customers representations, warranties, or agreements hereunder; (ii) arises out of the negligence or willful misconduct of Customer; or (iii) any action or omission of Customer that results in a Claim arising from Customer’s use of clear text passwords. CUSTOMER’S INDEMNIFICATION OBLIGATIONS REGARDING A CLAIM IN CONNECTION WITH THE USE OF CLEAR TEXT PASSWORDS SHALL NOT BE SUBJECT TO OR LIMITED BY ANY LIMITATION OF LIABILITY, OR ANY OTHER SIMILAR LIABILITY LIMITING TERMS IN THE AGREEMENT AND IN ANY OTHER AGREEMENT BETWEEN CUSTOMER AND CONSTELLA; CUSTOMER’S INDEMNITY OBLIGATIONS HEREIN REGARDING CLEAR TEXT PASSWORDS SHALL BE UNLIMITED, UNLESS SUCH LIMITATION IS THE RESULT OF APPLICABLE LAW.