Northern Light User Agreement
Last Updated: May 29, 2018
Thank you for being part of the Northern Light community.
Last Updated: April 13, 2021
Northern Light complies with the EU-U.S. Privacy Shield and the Swiss-U.S. Privacy Shield Frameworks Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from Switzerland and the European Union to the United States. Northern Light has certified to the Department of Commerce that it adheres to the Privacy Shield Principles.
Collection of Information
Northern Light has a legitimate interest in running a successful and efficient business and in providing you with Service and useful content, and therefore collect information for the following reasons:
To provide service, useful content, functioning applications, offer improvements and technical support, movement through the Site and use of our services, and diagnose problems with our servers and/or our services.
There are two general categories of information we collect:
Information You Give to Us That Is Necessary for the Use of the Site.
We require and collect the following personal information about you when you use certain functions of the Site. In certain cases, the following information is required because without it, we may not be able to provide you with all the services that the Site provides:
- Account Information. If you choose to register for an account at the Site, we require certain information such as your name and email address, and the password you choose.
- Communications with Northern Light. When you communicate with Northern Light or use the Site to communicate with others, we collect information about your communication and any information you choose to provide.
If you wish to use the Site, we require the aforementioned information; if you do not want to provide this information, you should not use the Site or if you do, do not use one of the functions that require an account, and do not send us communications.
Information We Automatically Collect from Your Use of the Site.
When you use the Site, we automatically collect information, including personal information, about the services you use and how you use them. This information is necessary given our legitimate interest in being able to provide and improve the functionalities of the Site.
When you use the Site, we automatically collect information, including personal information, about the services you use and how you use them. This information is necessary given our legitimate interest in being able to provide and improve the functionalities of the Site.
- Geo-location Information. When you use certain features of the Site, we may collect information about your precise or approximate location as determined through data such as your IP address or mobile device’s GPS to offer you an improved user experience. Most mobile devices allow you to control or disable the use of location services for applications in the device’s settings menu. The Site may also collect this information even when you are not using a mobile device if this connection is enabled through your settings or device permissions.
- Usage Information. We collect information about your interactions with the Site such as the pages or content you view, your search query terms, documents you access from the Site, and other actions on the Site.
- Log Data and Device Information. We automatically collect log data and device information when you access and use the Site, even if you have not registered for an account or logged in. That information includes, among other things: details about how you’ve used the Site (including if you clicked on links to third party applications), IP address, access dates and times, hardware and software information, device information, device event information, unique identifiers, crash data, cookie data, the pages you’ve viewed or engaged with before or after using the Site, and other items.
Use of Information Collected
We use, store, and process information, including personal information, about you to provide and improve the Site and comply with our legal obligations.
- Provide and Improve the Site.
- Enable you to access and use the Site.
- Enable you to communicate with other users and customers.
- Operate, protect, improve, and optimize the Site and experience, such as by performing analytics and conducting research.
- Provide customer service.
- Send you service or support messages, updates, security alerts, and account notifications.
- Send you promotional messages and other information that may be of interest to you based on your preferences (including information about Northern Light or business partners).
Comply with Our Legal Obligations.
- Detect and prevent fraud, spam, abuse, security incidents, and other harmful activity.
- Conduct security investigations and risk assessments.
- Verify or authenticate information provided by you.
- Conduct checks against databases and other information sources, to the extent permitted by applicable laws.
- Resolve any disputes with any of our users or customers and enforce our agreements with third parties.
- Enforce our User Agreement and other policies
We process this information given our legitimate interest and legal obligation to protect the Site, to measure the adequate performance of our contract with you, and to comply with applicable laws. Northern Light may process your information if it is necessary for legitimate interests, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.
Sharing and Disclosure
Processing is lawful only if and to the extent one of the following applies:
- With Your Consent. Where you have provided consent, we process your information, including personal information, as described at the time of consent. Use of the Site is an affirmative consent on your part to collect your personal information as described above.
- Profiles and other Public Information. the Site may let you publish information, including personal information that is visible to the general public. For example: the Site may provide you with the option of creating a Personal Profile Page. If so, parts of your public profile page, such as your name and any information you enter about yourself are publicly visible to others.
- Posts You Make. If you submit content in a community or discussion forum, blog or social media post, or use a similar feature on the Site, that content is publicly visible.
- Third Party Search Engines Indexes. Information you share publicly on the Site may be indexed through third party search engines. If you change your public-facing content, these search engines may not update their databases. We do not control the practices of third party search engines, and they may use caches containing your outdated information.
- Compliance with Law. Responding to Legal Requests, Preventing Harm and Protection of Our Rights. Northern Light may disclose your information, including personal information, to courts, law enforcement or governmental authorities, or authorized third parties, if and to the extent we are required or permitted to do so by law or if such disclosure is reasonably necessary: (i) comply with our legal obligations, (ii) to comply with legal process and to respond to claims asserted against Northern Light, (iii) to respond to verified requests relating to a criminal investigation or alleged or suspected illegal activity or any other activity that may expose us, you, or any other of our users to legal liability, (iv) to enforce and administer our Terms of Service or other agreements with our users and customers, or (v) to protect the rights, property or personal safety of Northern Light, its employees, its users, customers or members of the public. Where appropriate, we may notify users and customers about legal requests unless: (i) providing notice is prohibited by the legal process itself, by court order we receive, or by applicable law, or (ii) we believe that providing notice would be futile, ineffective, create a risk of injury or bodily harm to an individual or group, or create or increase a risk of fraud upon Northern Light’s property, its users and customers and the Site. In instances where we comply with legal requests without notice for these reasons, we will attempt to notify that user or customer about the request after the fact where appropriate and where we determine in good faith that we are no longer prevented from doing so.
- Service Providers. Since Northern Light conducts activities globally. In doing so, Northern Light uses a variety of third parties to help us provide services related to the Site. Service providers may be located inside or outside of Switzerland or the European Economic Area (“EEA”). The EEA unites the EU Member States and the three EEA EFTA States (Iceland, Liechtenstein, and Norway) into a market governed by the same basic rules (such as GDPR). For example, service providers may host computer servers that provide the Site services, provide data storage that stores your personal information, or provide email or newsletter management services. In these circumstances Northern Light may share your personal information with the third party service provider. If Northern Light needs to share your information, including personal information, with a third party service provider, in order to perform or ensure the adequate performance of the Site and services with you, we are permitted to do so. If Northern Light choses to share your personal information with a third party service providers for our internal marketing purposes such as sending you offers or other promotional material and information, you grant us your consent to do so by using the Site or registering for an Account.
- Aggregated Data. We may also share aggregated information (information about our users that we combine together so that it no longer identifies or references an individual user) and other anonymized information for regulatory compliance, industry and market analysis, insights about the sector, demographic profiling, marketing and advertising, and other business purposes. We may share this aggregated data with the public.
Onward Transfers to Third Party
In the context of an onward transfer, Northern Light has responsibility for the processing of personal information it receives under the Privacy Shield and subsequently transfers to a third party acting as an agent on its behalf. The Northern Light shall remain liable under the Privacy Shield if its agent processes such personal information in a manner inconsistent with the principles of the Privacy Shield, unless the Northern Light proves that it is not responsible for the event giving rise to the damage.
FTC or court order based on non-compliance
If Northern Light becomes subject to an FTC or court order based on non-compliance, Northern Light shall make public any relevant Privacy Shield-related sections of any compliance or assessment report submitted to the FTC, to the extent consistent with confidentiality requirements. The Privacy Shield has established a dedicated point of contact for reporting any problems with compliance. The FTC will give priority consideration to referrals of non-compliance with the principles of the Privacy Shield and will exchange information regarding referrals with any referring state authorities on a timely basis, subject to existing confidentiality restrictions.
Compliance Inquiries and Complaints
Northern Light, and our independent recourse mechanism provider, will respond promptly to inquiries and requests for information relating to the Privacy Shield. Northern Light, and our independent recourse mechanism provider, will respond expeditiously to complaints regarding compliance with the principles of the Privacy Shield.
Northern Light is obligated to arbitrate claims, provided that an individual has invoked binding arbitration by delivering notice to the Northern Light and following the procedures and subject to conditions set forth in the Privacy Shield requirements.
Third Party Partners and Integrations
The Site may contain links to third party the Sites or services, such as third party integrations, co-branded services, or third party-branded services (“Third Party Partners”). Northern Light does not own or control these Third Party Partners and when you interact with them, you may be providing information directly to the Third Party Partner, Northern Light, or both. These Third Party Partners will have their own rules about the collection, use, and disclosure of information. We encourage you to review the privacy policies of the other Sites you visit.
You may exercise any of the rights described in this section by sending an email to privacy@NorthernLight.com. Please note that we may ask you to verify your identity before taking further action on your request.
- Managing Your Information. If you have created an Account, you may access and update some of your information through your Account settings. You are responsible for keeping your personal information up-to-date.
- Rectification of Inaccurate or Incomplete Information. You have the right to ask us to correct inaccurate or incomplete personal information concerning you (and which you cannot update yourself within your account).
- Data Access and Portability. In some jurisdictions, applicable law may entitle you to request copies of your personal information held by us. You may also be entitled to request copies of personal information that you have provided to us in a structured, commonly used, and machine-readable format and/or request us to transmit this information to another service provider (where technically feasible).
- Data Retention and Erasure. We generally retain your personal information for as long as is necessary for the performance services we provide you from the Site to comply with our legal obligations. We may store your personal information for longer periods for our own purposes including improving the performance of the Site and other items described above. If you no longer want us to use your information to provide the Site, you can request that we erase your personal information and close your account. Please note that if you request the erasure of your personal information:
- We may retain some of your personal information as necessary for our legitimate business interests, such as fraud detection and prevention and enhancing safety. For example, if we suspend an account for fraud or safety reasons, we may retain certain information from that account to prevent that user or customer from opening a new account in the future.
- We may retain and use your personal information to the extent necessary to comply with our legal obligations. For example, Northern Light may keep some of your information for tax, legal reporting and auditing obligations.
- Information you have shared with others (e.g., forum postings) may continue to be publicly visible on the Site, even after your account is cancelled. However, attribution of such information to you will be removed. Additionally, some copies of your information (e.g., log records) may remain in our database, but are disassociated from personal identifiers.
- Because we maintain redundant copies of the Site to protect from accidental or malicious loss and destruction, residual copies of your personal information may not be removed from our backup systems for a limited period of time.
- Withdrawing Consent and Restriction of Processing. Where you have expressly provided your consent to the processing of your personal information by Northern Light you may withdraw your consent at any time by deleting your Account settings or by sending a communication to Northern Light specifying which consent you are withdrawing. Please note that the withdrawal of your consent does not affect the lawfulness of any processing activities based on such consent before its withdrawal. Additionally, in some jurisdictions, applicable law may give you the right to limit the ways in which we use your personal information, in particular where (i) you contest the accuracy of your personal information; (ii) the processing is unlawful and you oppose the erasure of your personal information; (iii) we no longer need your personal information for the purposes of the processing, but you require the information for the establishment, exercise or defense of legal claims; or (iv) you have objected to the processing pursuant to Section 5.6 and pending the verification whether the legitimate grounds of Northern Light override your own.
- Objection to Processing. In some jurisdictions, applicable law may permit you to legally object to Northern Light’s processing. In these instances, you may require Northern Light not to process your personal information for specific purposes even where such processing is based on legitimate interest. If you object to such processing Northern Light will no longer process your personal information for these purposes unless we can demonstrate a legal basis for doing so or such processing is required for the establishment, exercise or defense of legal claims. At any time, regardless of applicable law, you may object to us processing your personal information for direct marketing purposes. You may, at any time, ask Northern Light to cease processing your data for these direct marketing purposes by sending an e-mail to privacy@NorthernLight.com.
In compliance with the Privacy Shield Principles, Northern Light commits to resolve complaints about our collection or use of your personal information. IEU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Northern Light at:
Northern Light Privacy Department
One Constitution Center
Boston, MA 02129
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Unsubscribe or Opt-Out
All users and/or visitors to the Site have the option to discontinue receiving communication from us and/or reserve the right to discontinue receiving communications by way of email or newsletters. To discontinue or unsubscribe to the Site please send an email that you wish to unsubscribe to firstname.lastname@example.org. If you wish to unsubscribe or opt-out from any third party websites, you must go to that specific website to unsubscribe and/or opt-out.
- EU Model Clauses. If your information is shared with corporate affiliates or third party companies or service providers outside the EEA, we have, prior to sharing your information with such corporate affiliate or third party company or service provider we have a reasonable basis for believing the third party company has an adequate level of data protection. This agreement may incorporate the basis of the EU Model Clauses (a set of clauses issued by the European Commission).
- California Privacy Rights. California law permits users and customers who are California residents to request and obtain from us once a year, free of charge, a list of the third parties to whom we have disclosed their personal information (if any) for their direct marketing purposes in the prior calendar year, as well as the type of personal information disclosed to those third parties. See the “Contact Us” section for where to send such requests. Northern Light does not share personal information with third parties for its own direct marketing purposes without your prior consent. Accordingly, you can prevent disclosure of your personal information to third parties for direct marketing purposes by withholding consent.
We are continuously implementing and updating administrative, technical, and physical security measures to help protect your information against unauthorized access, loss, destruction, or alteration. Some of the safeguards we use to protect your information are firewalls and data encryption, and information access controls. If you know or have reason to believe that your account credentials have been lost, stolen, misappropriated, or otherwise compromised or in case of any actual or suspected unauthorized use of your account, please contact us following the instructions in the Contact Us section below.
Links to Other Web Sites
How to Contact Us
Telephone Number: (617) 515-5771
Northern Light Privacy Department
One Constitution Center
Boston, MA 02129
Northern Light AWS End User License Agreement
Last Updated: September 24, 2020
DATA SUBSCRIPTION AGREEMENT FOR AWS MARKETPLACE
1.1. Terms and Conditions. This Data Subscription Agreement for AWS Marketplace (the “Agreement”) sets forth the terms and conditions applicable to Data subscriptions between the Party offering the Data under a DSA Offer (“Provider”) and the Party subscribing to the Data (“Subscriber”) through AWS Marketplace. Subscriber and Provider may be referred to collectively as the “Parties” or individually as a “Party”. Provider’s offer of the Data via a DSA Offer on AWS Marketplace, and Subscriber’s purchase of the corresponding Subscription to the Data on AWS Marketplace, constitutes each Party’s respective acceptance of and their entry into this Agreement, and each Party’s agreement to be bound by the terms hereof. Unless defined elsewhere in this Agreement, terms in initial capital letters have the meanings set forth in Section 11 (Definitions).
1.2. Data Subscription. Provider will supply and sell to Subscriber, and Subscriber will receive and purchase, respectively, a Subscription to the Data as set forth in the DSA Offer in accordance with this Agreement. A Subscription, as described in the applicable DSA Offer, includes Data distributed via AWS Marketplace which may be downloaded via Amazon Simple Storage Services (Amazon S3) or other available functionality (collectively, “Downloaded Data”). The frequency of updates to the Data via data revisions by the Provider, as well as fees or rates for the Subscription, shall be as set forth in the applicable DSA Offer.
1.3. Agreement. The Subscription is subject to and governed by the terms of this Agreement, the DSA Offer, and any amendments to any of the foregoing as may be agreed upon by the Parties, each of which are incorporated herein. In the event of any conflict between the terms and conditions of the various components of the Subscription, the following order of precedence will apply: (1) any amendment agreed upon by the Parties; (2) this Agreement; and (3) the DSA Offer. The Parties further acknowledge that the Subscription is subject to Subscriber’s AWS Customer Agreement and AWS Service Terms or other agreement with AWS governing use of AWS services, and such terms shall prevail to the extent that they conflict with any of the foregoing components of the Subscription.
1.4. Third Party Data and Terms. Notwithstanding anything to the contrary stated in this Agreement, Subscriber agrees that Subscriber’s access to and use of Third Party Data included within a Subscription (if any) may be subject to any additional or different terms, conditions and policies applicable to such Third Party Data (such as terms of service or privacy policies of the person or entity that makes available the Third Party Data (collectively, “Third Party Terms”). Third Party Terms typically will be referenced in the DSA Offer but Provider also may provide notice of Third Party Terms in accordance with Section 10.9 of this Agreement. Subscriber agrees that it will be subject to and will comply with Third Party Terms. By accessing or using Third Party Data made available under a DSA Offer, Subscriber is directing Provider to access, route and transmit to Subscriber the applicable Third Party Data.
2.1. Grant of License. For the term of the Subscription Provider hereby grants to Subscriber, its Affiliates, and each of their Users, a nonexclusive, worldwide, nontransferable license to receive, retain, use, and modify the Data and to create Derived Data using the Data, in each case subject to and in accordance with the terms hereof and the DSA Offer. Provider retains all rights not expressly granted to Subscriber under this Agreement. Notwithstanding the foregoing, the rights and licenses granted to Subscriber with regard to Third Party Data may be more limited than the rights and licenses set forth above. Any additional or different rights or licenses that apply to Third Party Data will be included in the DSA Offer or otherwise within the Third Party Terms communicated to Subscriber in accordance with Section 1.4 above.
2.2. Affiliates and Users. With respect to Affiliates and Users (including Contractors) that Subscriber allows to use the Data: (a) Subscriber remains responsible for all obligations hereunder arising in connection with such Affiliate’s and User’s processing of the Data; and (b) Subscriber agrees to be directly liable for any and all acts and omissions by such Affiliate or User to the same degree as if the act or omission were performed by Subscriber such that a breach by an Affiliate or a User of the provisions of this Agreement will be deemed to be a breach by Subscriber. The performance of any act or omission under this Agreement by an Affiliate or a User for, by or through Subscriber will be deemed the act or omission of Subscriber.
2.3. Restrictions. Except as specifically provided in this Agreement, Subscriber and any other User of Data, or any subset thereof, may not: (a) publish, disseminate, distribute or provide access of any kind to the Data, or any material subset thereof, to any third party; (b) sell, sublicense, loan, lease, assign, authorize others to access, use, or disclose, or attempt to grant any rights to, the Data, or any material subset thereof, to third parties; (c) except as permitted by Law, decompile, reverse engineer, or otherwise attempt to derive source code from the Data; (d) use the Data or any material subset thereof to act as a consultant, service bureau, or application service provider; or (e) to the extent the Data is provided in a manner that does not identify an individual, use the Data to create, generate, or infer any information relating to the identity of an individual. Subscriber will not remove, delete or alter any trademarks, copyright notices, or other Proprietary Rights notices of Provider or its licensors, if any. Additional restrictions may be included in the DSA Offer or otherwise within the Third Party Terms communicated to Subscriber in accordance with Section 1.4 above.
3. Proprietary Rights
3.1. Data. Provider will retain all right, title and interest it may have in and to the Data, including all Proprietary Rights therein. Nothing in this Agreement will be construed or interpreted as granting to Subscriber any rights of ownership or, except as expressly provided herein, any other Proprietary Rights in or to the Data.
3.2. Feedback. If Subscriber provides any suggestions, ideas, enhancement requests, recommendations, or feedback regarding the Data (“Feedback”), Provider may use, incorporate, and otherwise practice Feedback in Provider’s products and services. Subscriber will have no obligation to provide Feedback, and all Feedback is provided by Subscriber “as is” and without warranty of any kind.
3.3. Derived Data. Except for the Data that may be included in Derived Data, Subscriber represents and warrants to Provider that it owns all right, title and interest in and to the Derived Data, including all Proprietary Rights therein. Nothing in this Agreement will be construed or interpreted as granting to Provider any right, title or interest or except as expressly provided herein, any other Proprietary Rights in or to the Derived Data.
4.1. Restrictions on Personal Information. Provider represents and warrants that, to the extent any of the Data (i) identifies or can be used by Subscriber or any third party (other than Subscriber or its licensors) to identify a natural person or (ii) otherwise may be deemed to be personal data or personal information under applicable laws or regulations, that such Data: (a) has already lawfully been made available to the general public, such as via governmental records, widely distributed media, or legally required public disclosures; and (b) does not include sensitive data or sensitive information about an individual or shall not otherwise be deemed to be sensitive data or sensitive information under applicable laws and regulations, including information relating to biometric or genetic data, health, racial or ethnic origin, political opinions, religious or philosophical beliefs, sex or sexual orientation, trade union membership, or personal payment or financial information (collectively, “Sensitive Personal Data”). For example, none of the Data will include (i) any consumer reports as defined in the Fair Credit Reporting Act, as amended (“FCRA”), (ii) nonpublic personal information as defined under the Gramm-Leach-Bliley Act, as amended (“GLBA”), (iii) protected health information as defined under the Health Insurance Portability and Accountability Act, as amended (“HIPAA”) that has not been de-identified in compliance with HIPAA, or (iv) special categories of personal data as defined in the General Data Protection Regulation, as amended.
4.2. Additional Data Warranties. Provider further represents and warrants that (a) Provider will use industry standard practices designed to detect and protect the Data against any viruses, “Trojan horses”, “worms”, spyware, adware, or other harmful code designed or used for unauthorized access to or use, disclosure, modification, or destruction of, information within the Data, or interference with or harm to the operation of the Data or any systems, networks, or data, including, as applicable, using anti-malware software and keeping the anti-malware software up to date prior to making the Data (including any updated, revised or additional Data made available by Provider) available to Subscriber, and (b) the Data, and Subscriber’s use thereof as permitted under this Agreement, will not be subject to any terms that require that any data, software, documentation or other materials integrated, networked, or used by Subscriber with the Data, in whole or in part, be disclosed or distributed in source code form, be provided to others for the purpose of, or with authorization for making, derivative works, or be redistributable at no charge.
4.3. Remedies. If any Data fails to conform to the foregoing warranties, Provider will promptly, at its option and expense, correct the Data as necessary to conform to the warranties. If Provider does not correct the Data to conform to the warranties within a reasonable time, not to exceed thirty (30) calendar days, as Subscriber’s sole remedy and Provider’s exclusive liability (except as provided in Section 7 (Indemnification)), Subscriber may terminate the Subscription and this Agreement and shall receive a refund of any prepaid fees prorated for the unused portion of the Subscription and the portion of the Subscription’s noncompliance, as measured from the time Subscriber reports the noncompliance to Provider through Provider’s support channel.
4.4. Warranty Exclusions. Provider will have no liability or obligation with respect to any warranty to the extent any nonconformity is attributable to any: (a) use of the Data by Subscriber in violation of this Agreement or applicable law; or (b) modifications to the Data made by Subscriber or its Personnel; where in each of (a) and (b) such nonconformity would not have occurred absent such use or modification by Subscriber.
4.5. Power and Authority. Each Party represents and warrants that: (a) it has full power and authority to enter in and perform this Agreement and that the execution and delivery of this Agreement has been duly authorized; and (b) this Agreement and such Party’s performance hereunder will not breach any other agreement to which the Party is a party or is bound or violate any obligation owed by such Party to any third party.
4.6. Disclaimer. EXCEPT FOR THE WARRANTIES SPECIFIED IN THIS AGREEMENT, NEITHER PARTY MAKES ANY WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, OR NON-INFRINGEMENT, REGARDING THE DATA, AND EACH PARTY HEREBY DISCLAIMS ALL OTHER WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION, WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NONINFRINGEMENT. Provider does not warrant: (a) that the Data will meet Subscriber’s requirements; or (b) that the Data will be accurate, complete, or up-to-date.
5.1. Confidential Information. “Confidential Information” means the Data (including the selection, arrangement, and compilation thereof) and any nonpublic information directly or indirectly disclosed or made accessible by Provider to Subscriber pursuant to this Agreement that is designated as confidential or that, given the nature of the information or the circumstances surrounding its disclosure, reasonably should be considered as confidential. Confidential Information will not, however, include any information which: (a) was publicly known or made generally available to the public prior to the time of disclosure; (b) becomes publicly known or made generally available after disclosure through no fault of the Receiving Party; (c) is in the possession of the Receiving Party, without restriction as to use or disclosure, at the time of disclosure by the Disclosing Party; (d) was lawfully received, without restriction as to use or disclosure, from a third party (who does not have an obligation of confidentiality or restriction on use itself); (e) is developed by the Receiving Party independently from this Agreement and without use of or reference to the Disclosing Party’s Confidential Information or Proprietary Rights; or (f) was required by law or regulation to be disclosed by Subscriber to the extent so disclosed. Except for rights expressly granted in this Agreement, each Party reserves all rights in and to its Confidential Information.
5.2. Obligations. Subscriber agrees not to use or disclose the Confidential Information other than as expressly authorized by this Agreement. Subscriber agrees to safeguard the Confidential Information against unauthorized use or disclosure with means at least as stringent as those it uses to safeguard its own confidential information, and in no event with less than reasonable means. Subscriber will promptly notify Provider if it becomes aware of any unauthorized use or disclosure of the Confidential Information, and reasonably cooperate with Provider in attempts to limit disclosure. If and to the extent required by law, Subscriber may disclose or produce Confidential Information but will give reasonable prior notice (and where prior notice is not permitted by applicable law, notice will be given as soon as Subscriber is legally permitted) to Provider to permit Provider to intervene and to request protective orders or confidential treatment therefor or other appropriate remedy regarding such disclosure.
6. Limitations of Liability
6.1. Disclaimer. SUBJECT TO SECTIONS 6.3 (EXCEPTIONS) AND 6.4 (DIRECT DAMAGES), IN NO EVENT WILL EITHER PARTY BE LIABLE TO THE OTHER PARTY FOR ANY INDIRECT, SPECIAL, PUNITIVE, INCIDENTAL, OR CONSEQUENTIAL DAMAGES ARISING OUT OF OR IN CONNECTION WITH THIS AGREEMENT, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES
6.2. General Cap. SUBJECT TO SECTIONS 6.3 (EXCEPTIONS) AND 6.4 (DIRECT DAMAGES), NEITHER PARTY’S AGGREGATE LIABILITY UNDER THIS AGREEMENT, WHETHER SUCH DAMAGES ARE BASED IN CONTRACT, TORT, OR OTHER LEGAL THEORY, SHALL EXCEED THE GREATER OF THREE TIMES THE SUBSCRIBER SPEND IN THE TWELVE (12) MONTHS PRECEDING THE EVENT GIVING RISE TO THE DAMAGES OR $1 MILLION. “SUBSCRIBER SPEND” MEANS THE AGGREGATE OF ALL FEES AND OTHER AMOUNTS PAID AND PAYABLE BY SUBSCRIBER TO PROVIDER UNDER THIS AGREEMENT AND THE APPLICABLE DSA OFFER.
6.3. Exceptions. THE EXCLUSIONS OF OR LIMITATIONS ON LIABILITY SET FORTH IN SECTION 6.1 (DISCLAIMER) AND 6.2 (GENERAL CAP) WILL NOT APPLY TO DAMAGES OR LIABILITY WHEN SUCH EXCLUSIONS OR LIMITATIONS ARE PROHIBITED BY LAW.
6.4. Direct Damages. THE PARTIES AGREE THAT, FOR THE PURPOSES OF THIS SECTION 6 (LIMITATIONS OF LIABILITY), THE FOLLOWING ARE AND WILL BE DEEMED TO BE DIRECT DAMAGES AND NOT SUBJECT TO SECTION 6.1 (DISCLAIMER): (A) WITH RESPECT TO A PARTY’S INDEMNIFICATION AND DEFENSE OBLIGATIONS UNDER THIS AGREEMENT, ANY COSTS OF DEFENSE AND ANY AMOUNTS AWARDED AGAINST THE INDEMNIFIED PARTY BY A COURT OF COMPETENT JURISDICTION OR AGREED UPON PURSUANT TO SETTLEMENT AGREEMENT APPROVED BY THE PARTY THAT BEARS THE FINANCIAL LIABILITY FOR THE SETTELEMENT AND THAT ARE SUBJECT TO SUCH PARTY’S INDEMNIFICATION OBLIGATIONS UNDER THIS AGREEMENT; (B) WITH RESPECT TO ANY DATA THAT IDENTIFIES OR CAN BE USED TO IDENTIFY A NATURAL PERSON, OR OTHERWISE MAY BE DEEMED TO BE PERSONAL DATA, PERSONAL INFORMATION, OR SENSITIVE PERSONAL DATA (INCLUDING AS DESCRIBED IN SECTION 4.1 (RESTRICTIONS ON PERSONAL INFORMATION)), SUBSCRIBER’S COSTS OF INVESTIGATION, NOTIFICATION, REMEDIATION, AND MITIGATION RESULTING FROM A SUBSCRIBER’S RECEIPT, ACCESS, OR USE OF SUCH INFORMATION , INCLUDING NOTICE OF BREACH TO AFFECTED INDIVIDUALS, INDUSTRY SELF-REGULATORY AGENCIES, GOVERNMENT AUTHORITIES, AND THE PUBLIC, AND CREDIT AND IDENTITY THEFT MONITORING SERVICES FOR AFFECTED INDIVIDUALS; AND (C) ANY LIABILITIES ARISING FROM CLAIMS BROUGHT BY THIRD PARTIES AGAINST SUBSCRIBER RESULTING FROM SUBSCRIBER’S RECEIPT, ACCESS, OR USE OF SUCH INFORMATION, INCLUDING OUT-OF-POCKET COSTS OF DEFENSE AND ANY AMOUNTS AWARDED AGAINST SUBSCRIBER BY A COURT OF COMPETENT JURISDICTION OR AGREED UPON PURSUANT TO A SETTLEMENT AGREEMENT.
7.1. Provider Indemnity. Provider will, at its expense, indemnify, defend and hold harmless Subscriber and each of Subscriber’s Affiliates and their respective officers, directors, employees, agents, representatives, successors, and assigns (collectively “Subscriber Indemnified Parties”) from and against any and all claims, actions, proceedings, and suits brought by a third party, and any and all associated liabilities, losses, damages, settlements, penalties, fines, deficiencies, judgments, awards, costs, and expenses of whatever kind, including reasonable attorneys’ fees, fees, the cost of enforcing any right to indemnification hereunder, and the cost of pursuing any insurance providers (“Claims”), to the extent arising out of or relating to (a) any actual or alleged breach of Provider’s representations and warranties in Section 4.1 (Restrictions on Personal Information); (b) any actual or alleged failure by Provider to obtain and hold sufficient legal right and any consents, authorizations, and other rights and permissions necessary to transmit to, or provide Subscriber with, access to the Data for the purposes set forth in this Agreement and to authorize Subscriber to access and use the Data as set forth in this Agreement (without any payment by Subscriber to any third party and without the need for Subscriber to clear or obtain additional rights to access and use the Data as authorized hereunder); (c) any actual or alleged infringement, misappropriation, or violation of any Proprietary Rights, right of publicity, or privacy or other rights of a third party by the Data or Subscriber’s exercise of its rights under this Agreement; (d) any Data that actually or allegedly is libelous, defamatory, obscene, or unlawful; or (e) any Data that actually or allegedly does not include all information and disclosures required by applicable laws and regulations.
7.2. Process. The party(ies) seeking indemnification pursuant to this Section 7 (Indemnification) (each, an “Indemnified Party” and collectively, the “Indemnified Parties”) will give Provider (or its successor or assign), as the indemnifying party pursuant to Section 7.1 (Provider Indemnity) (the “Indemnifying Party”), sole control over the defense and/or settlement of each Claim (subject to the provisions of this Section 7.2 (Process) below), prompt notice of each Claim for which it seeks indemnification, provided that failure or delay in providing such notice will not release the Indemnifying Party from any obligations hereunder except to the extent that the Indemnifying Party is prejudiced by such failure. The Indemnified Parties will give the Indemnifying Party their reasonable cooperation in the defense of each Claim for which indemnity is sought, at the Indemnifying Party’s expense. The Indemnifying Party will keep the Indemnified Parties informed of the status of each Claim. Notwithstanding anything to the contrary, an Indemnified Party may participate in the defense at its own expense. The Indemnifying Party, without the Indemnified Parties’ prior written consent: (a) will not enter into any settlement that (i) includes any admission of guilt or wrongdoing by any Indemnified Party, (ii) imposes any financial obligations on any Indemnified Party that Indemnified Party is not obligated to pay under this Section 7 (Indemnification), (iii) imposes any non-monetary obligations on any Indemnified Party, and (iv) does not include a full and unconditional release of any Indemnified Parties; and (b) will not consent to the entry of judgment, except for a dismissal with prejudice of any Claim settled as described in clause (a) of this Section 7.2 (Process). The Indemnifying Party will ensure that any settlement into which it enters for any Claim is made confidential, except where not permitted by applicable law.
7.3. Infringement Remedy. In addition to Provider’s obligations under Section 7.1 (Provider Indemnity), if the Data is held, or in Provider’s opinion is likely to be held, to infringe, misappropriate, or violate any Proprietary Rights or other rights of a third party, or, if based on any claimed infringement, misappropriation, or violation of any Proprietary Rights or other rights of a third party, an injunction is obtained, or in Provider’s opinion an injunction is likely to be obtained, that would prohibit or interfere with Subscriber’s use of the Data under this Agreement, then Provider will at its expense either: (a) procure for Subscriber the right to continue using the affected Data in accordance with the authorization provided under this Agreement; or (b) modify or replace the affected Data so that the modified or replacement Data are reasonably comparable and do not infringe, misappropriate, or violate any Proprietary Rights or other rights of a third party. If, in such circumstances, Provider does not successfully accomplish any of the foregoing actions on a commercially reasonable basis, either Party may terminate the Subscription and this Agreement and Provider will refund to Subscriber all prepaid, unused amounts for the Subscription as well as fees paid for the Subscription beginning at the time the cause of action giving rise to the infringement or misappropriation claim first arose.
7.4. Limitations. Provider will have no liability or obligation under this Section 7 (Indemnification) with respect to any infringement or misappropriation Claim to the extent attributable to any modifications to the Data by Subscriber or its Personnel or use of the Data by Subscriber in breach of this Agreement, where such infringement Claim would not have arisen absent such modification or use.
7.5. Not Limiting. The foregoing indemnities will not be limited in any manner whatsoever by any required or other insurance coverage maintained by a Party.
8. Term and Termination
8.1. Term. This Agreement will continue in full force and effect until conclusion of the Subscription, unless terminated earlier by either Party as provided by this Agreement.
8.2. Termination for Convenience. Subscriber may terminate the Subscription or this Agreement without cause at any time using the termination or cancellation functionality available through the AWS Services. In the event the Subscriber elects to terminate for convenience, any applicable refund will be provided according to the refund policy set forth in the respective DSA Offer.
8.3. Termination for Cause. Either Party may terminate the Subscription or this Agreement if the other Party materially breaches this Agreement and does not cure the breach within thirty (30) calendar days following its receipt of written notice of the breach from the non-breaching Party.
8.4. Other Termination by Provider. Provider may suspend or terminate Subscriber’s Subscription or this Agreement without refund of fees for any unused portion of a Subscription with Prepaid Pricing (other than as expressly set forth in the DSA Offer): (i) if required to comply with any applicable law or requests of governmental entities; (ii) if Subscriber does not cooperate with any reasonable investigation by Subscriber of a suspected breach of this Agreement; or (iii) if Provider determines that suspension is necessary to prevent or mitigate damage to Provider’s, Provider Contractors’ or Subscriber’s systems or networks caused by a denial of service attack or other any act or omission of a third party (e.g., hacking or the introduction of viruses or other malware).
8.5. Effect of Termination.
8.5.1. Upon termination or expiration of the Subscription or this Agreement, Subscriber’s authorization to use the Data under such Subscription (or all Subscriptions if the Agreement expires or is terminated) will terminate, and, within ninety (90) calendar days following such termination or expiration, Subscriber will remove the Data from the AWS Services infrastructure used by Subscriber under its own AWS Services account and any other computer systems operated by or for Subscriber, and if instructed by Provider, destroy all other copies of the Data. Termination or expiration of any Subscription purchased by Subscriber from Provider will not terminate or modify any other Subscription purchased by Subscriber from Provider.
8.5.2. Sections 3 (Proprietary Rights), 5 (Confidentiality), 6 (Limitations of Liability), 7 (Indemnification), 8.5 (Effect of Termination), 9 (Insurance), 10 (General) and 11 (Definitions), together with all other provisions of this Agreement that may reasonably be interpreted or construed as surviving expiration or termination of this Agreement, will survive the expiration or termination of this Agreement for any reason.
9. Insurance. Provider shall maintain Commercial General Liability insurance that is reasonably adequate to fulfill its obligation to Subscriber hereto, but in any event not less than $1,000,000 per occurrence and $4,000,000 aggregate limit, and Professional Liability insurance with a minimum limit of $1,000,000 for each claim and $4,000,000 annual aggregate. Provider shall provide to Subscriber, upon request, with a certificate of such insurance. Provider shall continue to maintain such insurance during the term of this Agreement and for one (1) year thereafter.
10.1. Applicable Law. This Agreement will be governed and interpreted under the laws of the Commonwealth of Massachusetts, excluding its principles of conflict of laws. The Parties agree that the exclusive forum for any action or proceeding will be in the city of Boston, Massachusetts, and the Parties consent to the jurisdiction of the state and federal courts located in the City of Boston, Massachusetts. The Parties agree that the United Nations Convention on Contracts for the International Sale of Goods does not apply to this Agreement. Any matter of disagreement, dispute or controversy between the Parties shall be submitted to arbitration conducted by a single arbitrator who is knowledgeable in computer and Internet law. Such arbitration will be held in the location in Boston, Massachusetts. The arbitration will be conducted in accordance with the Commercial Arbitration Rules of the American Arbitration Association. The award rendered by the arbitrator will be binding and conclusive on the Parties and judgment upon such award may be entered in any court having jurisdiction. The arbitrator shall provide written findings of fact, law and written calculations of awards. In any action to enforce rights under the Agreement, the prevailing Party shall be entitled to an award of reasonable attorneys’ fees and any court costs incurred in such action or proceeding.
10.2. Assignment. Neither Party may assign or transfer this Agreement or any rights or delegate any duties herein without the prior written consent of the other Party, which will not be unreasonably withheld, delayed, or conditioned. Notwithstanding the foregoing, and without gaining the other Party’s written consent, either Party may assign this Agreement, in whole or part, and delegate its obligations to its Affiliates or to any entity acquiring all or substantially all of its assets or the assigning Party’s entire business, whether by sale of assets, sale of stock, merger, or otherwise. Any attempted assignment, transfer, or delegation in contravention of this Section 10.2 (Assignment) will be null and void. This Agreement will inure to the benefit of the Parties hereto and their permitted successors and assigns.
10.3. Entire Agreement. This Agreement constitutes the entire agreement between the Parties relating to the subject matter hereof, and there are no other representations, understandings or agreements between the Parties relating to the subject matter hereof. This Agreement is solely between Subscriber and Provider. Neither Amazon Web Services, Inc. nor any of its Affiliates are a party to this Agreement and none of them will have any liability or obligations hereunder. The terms and conditions of this Agreement will not be changed, amended, modified, or waived unless such change, amendment, modification, or waiver is in writing and signed by authorized representatives of the Parties. NEITHER PARTY WILL BE BOUND BY, AND EACH SPECIFICALLY OBJECTS TO, ANY PROVISION THAT IS DIFFERENT FROM OR IN ADDITION TO THIS AGREEMENT (WHETHER PROFFERED ORALLY OR IN ANY QUOTATION, PURCHASE ORDER, INVOICE, SHIPPING DOCUMENT, ONLINE TERMS AND CONDITIONS, ACCEPTANCE, CONFIRMATION, CORRESPONDENCE, OR OTHERWISE), UNLESS SUCH PROVISION IS SPECIFICALLY AGREED TO IN A WRITING SIGNED BY BOTH PARTIES.
10.4. Force Majeure. Neither Party will be liable hereunder for any failure or delay in the performance of its obligations in whole or in part, on account of riots, fire, flood, earthquake, explosion, epidemics or pandemics, war, actions of the common enemy, strike, sabotage, extreme weather, disruptions of the Internet, or labor disputes (not involving the Party claiming force majeure), embargo, civil or military authority, act of God, governmental action, or other causes beyond its reasonable control and without the fault or negligence of such Party or its Personnel and such failure or delay could not have been prevented or circumvented by the non-performing Party through the use of alternate sourcing, workaround plans, or other reasonable precautions (a “Force Majeure Event”). If a Force Majeure Event continues for more than fourteen (14) days for any Subscription with Prepaid Pricing, Subscriber may cancel the unperformed portion of the Subscription and receive a pro rata refund for such unperformed portion, unless otherwise specified in the DSA Offer.
10.5. Export Laws. Each Party will comply with all applicable customs and export control laws and regulations of the United States and/or such other country, with respect to its activities under this Agreement, including in the case of Subscriber, where Subscriber or its Users access or use the Data, and in the case of Provider, where Provider provides the Data. Each Party certifies that it and its Personnel are not on any of the relevant U.S. Government Lists of prohibited persons, including but not limited to the Treasury Department’s List of Specially Designated Nationals and the Commerce Department’s list of Denied Persons. Neither Party will export, re-export, ship, or otherwise transfer the Data, to any country subject to an embargo or other sanction by the United States.
10.6. Government Rights. As defined in FARS §2.101, the Data constitutes “commercial items”. Consistent with FARS §12.212 and DFARS §227.7202, any use, modification, reproduction, release, performance, display, or disclosure of such commercial Data by the U.S. government will be governed solely by the terms of this Agreement and will be prohibited except to the extent expressly permitted by the terms of this Agreement.
10.7. Headings; Construction. The headings throughout this Agreement are for reference purposes only, and the words contained therein will in no way be held to explain, modify, amplify or aid in the interpretation, construction, or meaning of the provisions of this Agreement. As used herein, (a) the terms “include” and “including” are meant to be inclusive and shall be deemed to mean “include without limitation” or “including without limitation,” (b) the word “or” is disjunctive, but not necessarily exclusive, (c) words used herein in the singular, where the context so permits, shall be deemed to include the plural and vice versa, (d) references to “dollars” or “$” shall be to United States dollars unless otherwise specified herein, (e) the term “his” applies to both genders, and (f) all references to days, months or years shall be deemed to be preceded by the word “calendar.”
10.8. No Third-Party Beneficiaries. Except as specified in Section 7 (Indemnification) with respect to Subscriber Indemnified Parties and Provider Indemnified Parties, nothing express or implied in this Agreement is intended to confer, nor will anything herein confer, upon any person other than the Parties and the respective successors or assigns of the Parties, any rights, remedies, obligations, or liabilities whatsoever.
10.9. Notices. To be effective, notice under this Agreement must be given in writing. Each Party consents to receiving electronic communications and notifications from the other Party in connection with this Agreement. Each Party agrees that it may receive notices from the other Party regarding this Agreement: (a) by email to the email address designated by such Party as a notice address for the DSA Offer; (b) by personal delivery; (c) by registered or certified mail, return receipt requested; (d) by nationally recognized courier service. Notice will be deemed given upon written verification of receipt. These additional Notices are provided in this Agreement:
“Data” means the bibliographic metadata (i.e., title, source, date, authors, author affliations, publication name, conference name, conference sponsor), document summaries, tags of various types applied by Provider, and links to the full-text of the documents as aggregated and/or produced by Provider and licensed to Subcribers. In those situations in which Data does not include the full-text of the documents indexed and linked to, Subcribers may click through to the linked to documents using the supplied links to consume the full-text on the public websites the Data was aggregated from. Provider’s grant of license to Data does not grant Client any rights to the material on the linked to websites beyond what the owners of the linked to websites themselves grant on their websites. Data includes content such as publishers’ names, publication names, article or report names, author names, and document summaries that includes document text that is owned by third parties and which is provided under the doctrine of “fair use.” In the Agreement or as a consequence of providing access to Data, Provider does not grant any ownership, right, title, or interest to trademarks or copyrighted material of third parties.
10.10. Nonwaiver. Any failure or delay by either Party to exercise or partially exercise any right, power, or privilege under this Agreement will not be deemed a waiver of any such right, power, or privilege under this Agreement. No waiver by either Party of a breach of any term, provision, or condition of this Agreement by the other Party will constitute a waiver of any succeeding breach of the same or any other provision hereof. No such waiver will be valid unless executed in writing by the Party making the waiver.
10.11. Publicity. Neither Party will issue any publicity materials or press releases that refer to the other Party or its Affiliates, or use any trade name, trademark, service mark, or logo of the other Party or its Affiliates in any advertising, promotions, or otherwise, without the other Party’s prior written consent.
10.12. Relationship of Parties. The relationship of the Parties will be that of independent contractors, and nothing contained in this Agreement will create or imply an agency relationship between Subscriber and Provider, nor will this Agreement be deemed to constitute a joint venture or partnership or the relationship of employer and employee between Subscriber and Provider. Each Party assumes sole and full responsibility for its acts and the acts of its Personnel. Neither Party will have the authority to make commitments or enter into contracts on behalf of, bind, or otherwise oblige the other Party.
10.13. Severability. If any term or condition of this Agreement is to any extent held invalid or unenforceable by a court of competent jurisdiction, the remainder of this Agreement will not be affected thereby, and each term and condition will be valid and enforceable to the fullest extent permitted by law.
10.14. Subcontracting. Provider may use Subcontractors in its performance under this Agreement, provided that: (a) Provider remains responsible for all its duties and obligations hereunder and the use of any Subcontractor will not relieve or reduce any liability of Provider or cause any loss of warranty under this Agreement; and (b) Provider agrees to be directly liable for any act or omission by such Subcontractor to the same degree as if the act or omission were performed by Provider such that a breach by a Subcontractor of the provisions of this Agreement will be deemed to be a breach by Provider. The performance of any act or omission under this Agreement by a Subcontractor for, by, or through Provider will be deemed the act or omission of Provider.
11.1. “Affiliate” means, with respect to a Party, any entity that directly, or indirectly through one or more intermediaries, controls, or is controlled by, or is under common control with, such Party.
11.2. “AWS Marketplace” means the marketplace operated by Amazon Web Services, Inc. located at https://aws.amazon.com/marketplace/ as it may be updated from time to time.
11.3. “AWS Services” means the cloud computing services offered by Amazon Web Services, Inc., as they may be updated from time to time.
11.4. “Contractor” means any third party contractor of Subscriber or other third party performing services for Subscriber, including business process outsourcing service providers.
11.5. “Data” means the data identified in the applicable DSA Offer (including Third Party Data) and any other data, including any revisions, updates, modifications, enhancements, and additional data that Provider provides, or is obligated to provide, under this Agreement.
11.6. “Derived Data” means any data, work product or other items, information or materials derived from or created by or for Subscriber using the Data, including data analytics, reports, research, analysis, tools, notes, presentations, discussions and/or models, calculations, algorithms or statistical methods, but excluding any unmodified Data as provided by Provider under this Agreement.
11.7. “DSA Offer” means the offer by Provider for a subscription to Data, as set forth in the detail page on AWS Marketplace and subject to the terms and conditions of the Agreement.
11.8. “Personnel” means a Party or its Affiliate’s directors, officers, employees, non-employee workers, agents, auditors, consultants, contractors, subcontractors, and any other person performing services on behalf of such Party (but excludes the other Party and any of the foregoing of the other Party).
11.9. “Prepaid Pricing” means a pricing model for Data Subscriptions where Subscriber purchases a quantity of usage upfront, upfront as specified in the applicable DSA Offer.
11.10. “Proprietary Rights” means all intellectual property and proprietary rights throughout the world, whether now known or hereinafter discovered or invented, including, without limitation, all: (a) patents and patent applications; (b) copyrights and mask work rights; (c) trade secrets; (d) trademarks; (e) rights in data and databases; and (f) analogous rights throughout the world.
11.11. “Third Party Data” means information or data that Provider obtains from a third party and makes available to Subscriber pursuant to a DSA Offer. For clarity, Amazon Web Services, Inc. and its affiliates (including persons or entities controlling or under common control with Amazon Web Services, Inc.) are third parties for purposes of this definition.
11.12. “Subcontractor” means any third party subcontractor or other third party to whom Provider delegates any of its duties and obligations under this Agreement.
11.13. “Subscription” means Subscriber’s entitlement to Data listed and provided by Provider in AWS Marketplace under the terms of this Agreement and the DSA Offer.
11.14. “User” means an employee, non-employee worker or other member of Subscriber or any of its Affiliates’ workforces, Contractor of Subscriber, or any of its Affiliates, or other person, Data program, or computer systems authorized by Subscriber or any of its Affiliates to access and use the Data as permitted under this Agreement.