Effective: Aug 20, 2020
Terms of Service
Welcome to Growbots! These Terms of Service (these “Terms” or the “Agreement“) are important and govern your use and access of our websites at https://www.growbots.com/ (the “Website”) and https://dashboard.growbots.com/s/ and https://app.growbots.com, our app (the “App”) and the products and services we provide through these mediums (collectively referred to as the “Services”) in accordance with a subscription plan describing particular package and duration of the Services that you have elected to subscribe upon ordering documents (order form), online registration, order descriptions or other order confirmations that may refer to the Agreement (the “Subscription Plan”). These Terms also provide (i) rules for personal data processing when you use the App (the “Data Processing Agreement” or the “DPA”) to address the GDPR compliance, and (ii) the so-called standard contractual clauses (the “Clauses”) serving as a legal basis of personal data transfer.
- Acceptance of the Terms of Service
2. Changes to the Terms of Service
Growbots may amend the Terms related to the Services, from time to time, at its sole discretion, unless otherwise stipulated herein. The date that the Terms of Service was last revised is identified at the top of the page. You are responsible for reviewing any updated Terms of Service we may send to you and contacting us to update your e-mail address. Your continued use of our Services represent that you agree to be bound by all the terms in the revised terms of services.
3. Our Services
3.1. In general
Growbots provides Services and support to Customers conducting online marketing. In general, our Services will perform materially as described in the Documentation (defined below) when used in accordance with our instructions. To the extent within our reasonable control, we will not materially decrease the functionality of our Services during a subscription term, and we will not knowingly introduce any Malicious Code (defined below) into your systems.
Growbots will use all commercially reasonable effort to make the Services available to you pursuant to these Terms, provide our standard support for the Services to you at no additional charge, and provide you with online Services 24 hours a day, 7 days a week, except for any unavailability caused by circumstances beyond our reasonable control, including, for example, an act of God, act of government, flood, fire, earthquake, civil unrest, act of terror, strike or other labor problem, Internet service provider failure or delay or denial of service attack.
Our Services can only be purchased on a subscription basis, by agreeing to a Subscription Plan with our representative. Please mind that whenever such agreement (on particular conditions of each Subscription Plan) is mentioned in these Terms we mean an express arrangement between you and us, fixed in documentary/tangible form (or in a durable medium, e.g. emails), incorporating such Subscription Plan as tailored by our representatives in compliance with your needs and expectations such as custom duration of the subscription, number of prospects, integrations, payments terms, etc. Additional services, services bundles and subscriptions (e.g numbers the App’s users) may be added during the Subscription Plan term and should such additional services be recurring ones that renew each month, they can be prorated for the portion of the subscription term remaining at the time the additional subscriptions are added (if not otherwise agreed), and all additional recurring subscriptions will terminate on the same date as the underlying subscriptions. Services are subject to usage limits as set forth in the Documentation (defined below) and these Terms, including, for example, the quantities specified in Subscription Plans. If you exceed a contractual usage limit, we may work with you to seek to reduce your usage so that it conforms to that limit. If, notwithstanding our efforts, you are unable or unwilling to abide by a contractual usage limit, we may require that you order additional quantities of the applicable Services and/or pay any invoice for excess usage in accordance with Section 5 (Payment for Services). Unless otherwise specified, unlimited access to our leads database means that users may submit unlimited queries to the leads database, each of which generates up to 1000 leads, with the possibility of repeated queries.
BY REGISTERING AN ACCOUNT WITH US (“ACCOUNT”) OR USING OUR SERVICES, YOU ACKNOWLEDGE AND AGREE THAT GROWBOTS DOES NOT GUARANTEE QUALITY, ACCURACY, SAFETY AND LEGALITY OF THE INFORMATION IN OUR DATABASE. YOU ARE ADVISED TO SEEK THE LEGAL ADVICE FROM A LICENSED PRACTITIONER TO EVALUATE THE SUITABILITY OF OUR SERVICES FOR YOUR BUSINESS PRIOR TO USING OUR SERVICES.
3.2. Beta Services
From time to time, we may invite you to try our beta Services (“Beta Services”) at no charge. You may accept or decline any such trial in your sole discretion. Beta Services will be clearly designated as beta, pilot, limited release, developer preview, non-production, evaluation or by a description of similar import. Beta Services are for evaluation purposes and not for production use, are not considered “Services” under the Agreement, are not supported, and may be subject to additional terms. Unless otherwise stated, any Beta Services trial period will expire upon the earlier of one year from the trial start date, or the date that a version of the Beta Services becomes generally available or the date that we elect (in our sole discretion) to discontinue the Beta Services. We may discontinue Beta Services at any time in our sole discretion and may never make them generally available. We will have no liability for any harm or damage arising out of or in connection with a Beta Service.
4. Third Party Applications
4.1. Acquisition of Third Party Applications
The Services may be compatible or useful in connection with a third party applications or services, including, for example, other applications and implementation and other consulting services. Any acquisition by you of such other third party applications or services, and any exchange of data between you and any other provider, is solely between you and the applicable other provider.
WE DO NOT WARRANT OR SUPPORT THIRD PARTY APPLICATIONS OR OTHER SERVICES, WHETHER OR NOT THEY ARE DESIGNATED BY US AS “CERTIFIED” OR OTHERWISE.
4.2. Integration with Third Party Applications
The Services may contain features designed to interoperate with third party applications (such as Google OAuth and salesforce.com). To use such features, you may be required to obtain access to third party applications from their providers, and may be required to grant us access to your account(s) on the other applications. If the provider of other application ceases to make the third party applications available for interoperation with the corresponding Service features on reasonable terms, we may cease providing those Service features without entitling you to any refund, credit, or other compensation.
5. Payment for Services
5.1. Payment In General
Every Customer shall be responsible for timely payment of all fees specified on our invoices in U.S. dollars and other obligations set forth in the physical or electronic order for a particular Subscription Plan, including any addenda and supplements thereto. By using our Services, you acknowledge and agree that our fees are based on Services purchase rather than actual usage; that our fees cannot be cancelled once charged and all fees paid are non-refundable; and that all payments to subscription services must be paid in full, in advance, and in accordance with the terms of the Subscription Plan of your choice or the Subscription Plan agreed on with our representative.
When you (as our Customer) start a subscription according to the Subscription Plan, and provide or designate a method of payment, you need to authorize us to charge your payment method with fees for the Subscription Plan you have subscribed to. All such charges shall be due and payable on a monthly or yearly prepayment basis; unless you timely cancel subscription (if your Subscription Plan already allows you to do so) prior to scheduled payment for subsequent periods of subscription you will be automatically charged with those at the beginning of your subscription and also at a time when any relevant subsequent term of your Subscription Plan commences. Similarly, you may also be charged with other fees in connection with your use of the Services that are not covered by your Subscription Plan.
By using our Services, you acknowledge and agree that our fees do not include any taxes, levies, duties or similar governmental assessments of any nature, including, for example, value-added, sales, use or withholding taxes, assessable by any jurisdiction whatsoever (collectively, as “Taxes”). You are solely responsible for paying all Taxes associated with the use of our Services. If you are exempt from certain Taxes, you shall provide us with the valid Tax exemption documentation.
5.3. Late Payments
In the event that your credit card was declined, your check was bounced, or your payment was not timely made for any or no reason, we will automatically charge and you shall be automatically responsible for all reasonable surcharges, including but not limited to any administrative fees, processing fees and fines. In addition, if any of your payment is 20 or more days overdue (or 10 or more days overdue in the case of amounts you have authorized us to charge to your credit card), we may choose, at our sole discretion and without limiting our other rights and remedies, accelerate your unpaid fee obligations to be immediately due. In addition, we reserve our right to suspend, terminate, or delete your Account upon a 10 day prior notice.
This Section 5.3 (Late Payments) does not apply to any payment or invoices under a good faith dispute and/or resolution.
5.4. Future Functionality.
You agree that your purchases are not contingent on the delivery of any future functionality or features, or dependent on any oral or written public comments made by us regarding future functionality or features.
6. Conditions for Using Our Services
The Services are not directed to or intended for use by anyone under the age of 18. By using our Services, you represent and warrant that you (a) are 18 years of age or older, (b) are a legal resident of the United States, (c) have not been previously suspended or removed from our Services, or engaged in any activity that could result in suspension or removal from our Services, (d) do not have more than one Account, (e) have all right, power and authority to enter into and perform this Agreement; (f) the execution of this Agreement and performance of this Agreement will not violate any other agreement to which you are party; (g) this Agreement constitutes the legal, valid and binding obligation to you; and (h) you shall perform this Agreement in accordance with all applicable laws, including any laws, rules and regulations related to unsolicited commercial communications.
6.2. Representations and Warranties
You acknowledge and agree that your use of our Services is subject to your adherence certain documentations, such as the Subscription Plan and certain service descriptions, pricing information on chosen Subscription Plan and user guides available on our Website, as amended and/or updated from time to time (“Documentation”), and incorporated herein by reference.
You further acknowledge, agree, represent and warrant that:
- you shall not use our Service for any unlawful purpose;
- you shall not infringe rights of Growbots or a third party, including any property, intellectual property, privacy rights of Growbots or a third party;
- you shall not use our Services in violation of any of the Terms herein, including the DPA;
- you shall not use our Services in violation of your contractual or other legal obligations, including applicable personal data protection laws;
- you shall not commit any unlawful acts using our services, including any infringing, libelous, tortious acts;
- you shall not “stalk” or otherwise harass any person;
- you shall not make false representations, including about your identity or affiliations;
- you shall not use any software, program, file, scripts, agents, or any other code, including, for example, viruses, worms, time bombs and Trojan horses, (“Malicious Code”) that is designed to interrupt, destroy or limit the functionality of any computer software, hardware or telecommunications equipment;
- you shall not engage in any conduct that interferes with our Website, App or Services, or restricts or inhibits any other person from using or enjoying the same, or which, in Growbots’ sole judgment, exposes Growbots or any of its officers, directors, employees or agents to any liability or detriment of any type;
- you shall not copy any part of our Service including any feature, function or user interface thereof;
- you shall not use or attempt to use reverse engineer to reconstruct any of Growbots’ Services;
- you shall not harvest or otherwise collect any data, information or content from our Website or App, including by using manual or automated software, devices, or other processes to “crawl”, “scrape” or “spider” any page of the Website or App to copy, obtain, propagate, distribute or misappropriate any content;
- you shall not permit any direct or indirect access of our Services that circumvents or attempts to circumvent a contractual usage limit;
- you shall not access our Services with the intent to build a competitive product or service;
- you shall not frame or mirror any part of our Service, other than framing on your own intranets or otherwise for your own internal business purposes;
- you shall not engage in any activity that can reasonably cause injury, loss or damage to a Growbots or third party;
- you have not received or been offered any illegal or improper bribe, kickback, payment, gift, or thing of value from any of our employees or agents in connection with this Agreement. Reasonable gifts and entertainment provided in the ordinary course of business do not violate the above restriction; and
- you shall notify Growbots regarding (i) any illegal, suspicious, or fraudulent activity, (ii) any security or data breaches, (iii) any activity that violates these Terms, (iv) any misrepresentations, errors, or inaccuracies you discover, or (v) any illegal or improper bribe, kickback, payment give or thing of value from any of our employees or agents in connection with this Agreement.
You acknowledge and agree you are responsible for your own acts and omissions. Growbots reserves the right to delete or disable access to any Account for any or no reason.
By registering an account with Growbots (an “Account”) or using our Services, you represent and warrant that you shall:
- provide accurate, truthful, current and complete information, whether on our Services or to a third party;
- maintain and promptly update the information, including any billing and contact information;
- maintain the security of your password, including not disclosing your password to another;
- not permit anyone else to access or otherwise use your Account;
- not access or otherwise use, or attempt to access or use, an Account of another other than your own; and
- immediately notify us if you discover or otherwise suspect any security breaches related to the Website, the App, your Account, or our Services.
Notwithstanding the aforementioned, you may reassign your Account to a new individual when you no longer require ongoing use of the Service.
7. Intellectual Properties
7.1. Growbots’ Intellectual Properties
(a) Ownership of Growbots Intellectual Properties
Unless otherwise indicated in writing by us, the Website, App, software, code, database, lists and all content and other materials contained therein, including, without limitation, the Growbots logo, trademarks, trade names, service marks, slogans and all designs, text, graphics, pictures, information, data, software, sound files (as described herein), other files and the selection and arrangement thereof (collectively, the “Content”) are the proprietary property of Growbots or our licensors, as applicable, and are protected by U.S. and international copyright laws. No rights to the Contents are granted to you hereunder other than as expressly set forth herein.
(b) Limited License
Subject to your compliance with these Terms, you are hereby granted a limited, nonexclusive, nontransferable, non-sublicensable license to access and use the Services in connection with your marketing campaigns. However, such license is subject to these Terms and does not include any right to:
- sell, resell license, sublicense, distribute, rent or lease the Services and the Contents;
- use the Services and the Contents for commercial purposes unrelated to your marketing campaigns;
- distribute, publicly perform or publicly display any Content;
- modify or otherwise make any derivative uses of the Services or Content, or any portion thereof;
- use any data mining, robots or similar data gathering or extraction methods;
- download (other than the page caching) any portion of the Services or Content, except as expressly permitted by us; and
- use the Services or Content other than for their intended purposes, which shall be limited to use in furtherance of the Services.
Any use of the Services or Content other than as specifically authorized herein, without our prior written permission, is strictly prohibited and will terminate the license granted herein. Such unauthorized use may also violate applicable laws, including, without limitation, copyright and trademark laws and applicable communications regulations and statutes. Unless explicitly stated by us, nothing in these Terms shall be construed as conferring any right or license to any patent, trademark, copyright or other proprietary rights of Growbots or any third party, whether by estoppel, implication or otherwise.
(c) Federal Government End Use
We provide the Services, including related software and technology, for ultimate federal government end use solely in accordance with the following: government technical data and software rights related to the Services include only those rights customarily provided to the public as defined in the Agreement. This customary commercial license is provided in accordance with FAR 12.211 (Technical Data) and FAR 12.212 (Software) and, for Department of Defense transactions, DFAR 252.227-7015 (Technical Data – Commercial Items) and DFAR 227.7202-3 (Rights in Commercial Computer Software or Computer Software Documentation). If a government agency has a need for rights not granted under these terms, it must negotiate with us to determine if there are acceptable terms for granting those rights, and a mutually acceptable written addendum specifically granting those rights must be included in any applicable agreement.
7.2. Customer Content
Our Services permit electronic data, material, and information to be created, submitted, received, processed, collected, transmitted, and stored by or for you through our Services and/ or a third party application, (collectively, “Customer Content”). By using our Services, represent, warrant, acknowledge and agree not to create, submit, process, transmit or store any of the following:
- Customer Content that is unlawful, libelous, defamatory, obscene, pornographic, indecent, lewd, suggestive, harassing, threatening, invasive of privacy or publicity rights, abusive, inflammatory, fraudulent or otherwise objectionable;
- Customer Content that would constitute, encourage or provide instructions for a criminal offense, violate the rights of any party or otherwise create liability or violate any local, state, national or international law;
- Customer Content that may infringe any patent, trademark, trade secret, copyright or other intellectual or proprietary right of any party;
- Customer Content that contains material misrepresentations;
- Customer Content that contains or depicts any statements, remarks or claims that do not reflect your honest views and experiences;
- Customer Content that impersonates, or misrepresents your affiliation with, any person or entity;
- Customer Content that references or depicts Growbots or our Services but fails to disclose a material connection to us, if you have one;
- Customer Content that contains any private or personal information of a third party without such third party’s consent;
- Customer Content that contains any viruses, corrupted data or other harmful, disruptive or destructive files or content; and
- Customer Content that, in our sole judgment, is objectionable or that restricts or inhibits any other person from using or enjoying the our Services, or that may expose Growbots or others to any harm or liability of any type.
We are not responsible or liable for any Customer Content. Although we have no obligation to screen, edit or monitor Customer Content, we reserve the right, and have absolute discretion, to remove Customer Content stored on our Services at any time and for any reason. You are solely responsible for creating backup copies of and replacing any Customer Content at your sole cost and expense.
We do not claim any ownership interest in your Customer Content. However, by creating, submitting, receiving, processing, collecting, transmitting, and storing Customer Content on or through our Services you hereby grant Growbots a nonexclusive, royalty-free, worldwide, perpetual, irrevocable and fully sublicensable right and license to use, reproduce, modify, adapt, publish, translate, create derivative works from, distribute, perform and publicly and display your Customer Content to provide our Services in accordance with these Terms.
By using our Services, represent and warrant that
- you own and control all of the rights to the Customer Content or you otherwise have all necessary rights to use such Customer Content;
- you authorize Growbots to use such Customer Content for the purposes described in these Terms;
- the Customer Content is accurate and not misleading or harmful in any manner;
- the Customer Content, and your use and posting thereof, does not and will not violate these Terms or any applicable law, rule, regulation or third party right.
7.3. Feedback and Suggestions
You grant to us and our affiliates a worldwide, perpetual, irrevocable, royalty-free license to make, have made, use, distribute, modify, make derivative works of, incorporate into the Services and otherwise exploit in any manner any suggestion, enhancement request, recommendation, correction or other feedback provided by you or users relating to the operation of the Services or any of our products or services.
7.4. Copyright Complaints
In accordance with the Digital Millennium Copyright Act and other applicable laws, we have adopted a policy of limiting access to the Services to or terminating the Accounts of Customers, in appropriate circumstances or in our sole discretion who infringe the intellectual property rights of another. If you believe that anything on our Services infringes any copyright that you own or control, you may file a notification of such infringement with our designated agent as set forth below:
1015 Fillmore St. PMB 18339
San Francisco, CA 94115
If a material you have posted to our Services was removed or disabled in error, you may file a counter notice pursuant to the Digital Millennium Copyright Act.
Please consult the Digital Millennium Copyright Act, for example at 17 U.S.C. § 512, for the requirements of a proper notification.
You should also note that if you knowingly make any material misrepresentation in your notification that the material or activity is infringing, you will be liable for any damages, including, without limitation, costs and attorneys’ fees, incurred by us or the alleged infringer as the result of our relying upon such misrepresentation in removing or disabling access to the material or activity claimed to be infringing.
8. Confidential Information
“Confidential Information” means all information, whether oral or written, disclosed by a party (“Disclosing Party”) to the other party (“Receiving Party”), that is designated as confidential or that reasonably should be understood to be confidential given the nature of the information and the circumstances of disclosure. Confidential Information excludes any information that, without breach of any obligation owed to the Disclosing Party or any other third party,
- is public or generally known to the public;
- was known to the Receiving Party prior a disclosure from the Disclosing Party;
- is received from a third party; or
- was independently developed by the Receiving Party,
The Receiving Party will use the same degree of care that it uses to protect the confidentiality of its own confidential information of like kind, but not less than reasonable care, to protect the Confidential Information of the Disclosing Party. The Receiving Party agrees not to use any Confidential Information of the Disclosing Party for any purpose outside the scope of the Agreement, and except as otherwise authorized by the Disclosing Party in writing, to limit access to Confidential Information of the Disclosing Party to those of its and its Affiliates’ employees and contractors who need that access for purposes consistent with the Agreement and who have signed confidentiality agreements with the Receiving Party containing protections no less stringent than those herein. Neither party will disclose these Terms to any one without the other party’s prior written consent, except when the disclosure is made to the party’s affiliates, legal counsel and accountants on a need to know basis. Notwithstanding the aforementioned, the Receiving Party may disclose any Confidential Information to the extent compelled by law, provided that the Receiving Party gives the Disclosing Party prior notice of the compelled disclosure, to the extent permitted under law, and provide reasonable assistance, to the extent feasible and practical, at the Disclosing Party’s cost, if the Disclosing Party wishes to contest the disclosure.
9. Term and termination
9.1. Term of Agreement
This Agreement is effective on the date you first accept it pursuant to Section 1 of these Terms and continues until all subscriptions hereunder have expired or have been terminated.
9.2. Term of Purchased Subscriptions
The term of each subscription shall be as specified in the applicable Subscription Plan. Except as otherwise specified in the Subscription Plan that may constitute definite term of subscription, subscriptions will automatically renew for additional periods equal to the expiring subscription term or one year (whichever is shorter) unless either party cancels the Subscription anytime before the end of the term of Subscription Plan. All Services (including emails sent to leads on behalf of the Customer) will terminate upon termination of a subscription.
A party may terminate the Agreement:
- for cause of a material breach upon 30 days written notice to the other party and if such breach remains uncured at the expiration of such period;
- if the other party becomes the subject of a petition in bankruptcy or any other proceeding relating to insolvency, receivership, liquidation or assignment for the benefit of creditors.
9.4. Refund or Payment upon Termination
If the Agreement is terminated by you in accordance with Section 9.3 (Termination) of these terms, we will refund we have collected for any period after the effective date of termination. If the Agreement is terminated by us in accordance with Section 9.3 (Termination), you shall pay any unpaid fees covering the remainder of the term of all Subscription Plans. In no event will termination relieve you of your obligation to pay any fees payable to us for the period prior to the effective date of termination.
9.5. Customer Data Portability and Deletion
Upon a written request made within 30 days after the effective date of a termination or expiration of the Agreement under these Terms, we will make the Customer Data associated with your Account available to you for export or download. We will have no obligation to maintain or provide any Customer Data to you 30 day after the termination or expiration of this Agreement, and may continue to use the Customer Data in aggregate form.
9.6. Surviving Provisions
Sections 5 (Payment for Services), 7 (Intellectual Properties), 10 (General Disclaimers), 11 (Limitation of Liability and Release), 12 (Indemnification), 9.4 (Refund or Payment upon Termination), 9.5 (Customer Data Portability and Deletion), 13 (Dispute Resolution, Governing Law, Venue, Jurisdiction), 14 (Miscellaneous).
10. General Disclaimers
GROWBOTS IS ONLY RESPONSIBLE FOR PROVIDING THE WEBSITE AND THE SERVICES UNDER THE TERMS OF THIS AGREEMENT. GROWBOTS SHALL NOT HAVE ANY LIABILITY WITH RESPECT TO ANY COMMUNICATIONS CREATED, STORED, OR TRANSMITTED THROUGH THE SERVICES.
GROWBOTS DOES NOT MAKE ANY REPRESENTATIONS OR WARRANTIES REGARDING THE ACCURACY OF OUR DATABASE OR LISTS. UNLESS EXPRESSLY PROVIDED OTHERWISE HEREIN, ALL SERVICES AND BETA SERVICES ARE PROVIDED ON AN “AS IS”, “WHERE IS” BASIS, WITH ALL FAULTS AND, WITHOUT REPRESENTATIONS AND WARRANTIES OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, (1) ALL WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT, TITLE, NON INFRINGEMENT, AND ANY AND ALL WARRANTIES ARISING FROM COURSE OF DEALING AND USAGE OF TRADE, AS TO THE WEBSITE, APP, THEIR CONTENT AND MATERIALS AND SERVICES; (2) THAT THE WEBSITE, CONTENT, MATERIALS, AND SERVICES, WILL MEET YOUR REQUIREMENTS, WILL ALWAYS BE ACCURATE, RELIABLE, AVAILABLE, ACCESSIBLE, UNINTERRUPTED, TIMELY, SECURE OR OPERATE WITHOUT ERROR; (3) WITH RESPECT TO THE RESULTS THAT MAY BE OBTAINED FROM THE OPERATION, USE OR OTHER EXPLOITATION OF THE WEBSITE, CONTENT, MATERIALS, SERVICES, AND LISTINGS. GROWBOTS FURTHER DISCLAIMS ANY OTHER WARRANTIES THAT ARISE FROM TRADE USAGE OR CUSTOM, AND ANY WARRANTIES THAT THE WEBSITE, CONTENT, MATERIALS OR SERVICES WILL BE FREE AND CLEAR FROM ANY ADVERSE LIEN OR SECURITY INTERESTS.
11. Limitation of Liability and Release
UNDER NO CIRCUMSTANCES WILL YOU BE ENTITLED TO RECOVER FROM GROWBOTS PARTIES ANY INCIDENTAL, EXEMPLARY, CONSEQUENTIAL, INDIRECT, PUNITIVE OR SPECIAL DAMAGES (INCLUDING WITHOUT LIMITATION DAMAGES FOR LOSS OF BUSINESS, LOSS OF PROFITS, LOSS OF USE OR EMOTIONAL DISTRESS), WHETHER BASED ON WARRANTY, CONTRACT, TORT (INCLUDING NEGLIGENCE), PRODUCT LIABILITY OR ANY OTHER LEGAL THEORY, AND WHETHER OR NOT WE HAVE BEEN INFORMED OF THE POSSIBILITY OF SUCH DAMAGE, FOR ANY HARM OR DAMAGE CAUSED BY, ARISING FROM, OR RELATING TO THE USE OF THE WEBSITE, APP, THEIR CONTENTS, OR OUR SERVICES, EVEN IF A LIMITED REMEDY SET FORTH HEREIN IS FOUND TO HAVE FAILED OF ITS ESSENTIAL PURPOSE. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES, SO THE ABOVE LIMITATION MAY NOT APPLY TO YOU.
IN NO EVENT WILL GROWBOTS’ TOTAL LIABILITY TO YOU FROM A SINGLE INCIDENT EXCEED THE AMOUNTS OF PAYMENTS WE RECEIVE FROM YOU IN THE 12 MONTHS PRECEDING THE INCIDENT. IN NO EVENT WILL GROWBOTS’ TOTAL AGGREGATE LIABILITY TO YOU EXCEED THE TOTAL AMOUNT OF PAYMENTS WE RECEIVE FROM YOU. YOUR EXCLUSIVE REMEDIES IN THE EVENT THAT GROWBOTS BREACHED ANY OF ITS WARRANTIES TO YOU HEREIN, ARE (1) TERMINATION AS DESCRIBED UNDER SECTION 9.3 (TERMINATION) OR (2) REFUND OF PAYMENT AS DESCRIBED UNDER SECTION 9.4 (REFUND OR PAYMENT UPON TERMINATION).
IF YOU ARE A CALIFORNIA RESIDENT, YOU WAIVE CALIFORNIA CIVIL CODE SECTION 1542, WHICH SAYS: “A GENERAL RELEASE DOES NOT EXTEND TO CLAIMS WHICH THE CREDITOR DOES NOT KNOW OR SUSPECT TO EXIST IN HIS FAVOR AT THE TIME OF EXECUTING THE RELEASE, WHICH, IF KNOWN BY HIM MUST HAVE MATERIALLY AFFECTED HIS SETTLEMENT WITH THE DEBTOR.”
THE PROVISIONS OF THIS SECTION 11 ARE FUNDAMENTAL ELEMENTS OF THE BASIS OF THE BARGAIN BETWEEN YOU AND GROWBOTS.
12.1. Indemnification by Us
WE WILL DEFEND YOU AGAINST ANY CLAIM, DEMAND, SUIT OR PROCEEDING MADE OR BROUGHT AGAINST YOU BY A THIRD PARTY ALLEGING THAT THE TECHNOLOGY UNDERLYING OUR SERVICES INFRINGES OR MISAPPROPRIATES SUCH THIRD PARTY’S INTELLECTUAL PROPERTY RIGHTS (A “CLAIM AGAINST YOU”) AND WILL INDEMNIFY YOU FROM ANY DAMAGES, ATTORNEY FEES AND COSTS FINALLY AWARDED AGAINST YOU AS A RESULT OF, OR FOR AMOUNTS PAID BY YOU UNDER A COURT APPROVED SETTLEMENT OF, A CLAIM AGAINST YOU, PROVIDED THAT (1) YOU PROMPTLY GIVE US WRITTEN NOTICE OF THE CLAIM AGAINST YOU; (2) YOU GIVE US SOLE CONTROL OF THE DEFENSE AND SETTLEMENT OF THE CLAIM AGAINST YOU (EXCEPT THAT WE MAY NOT SETTLE ANY CLAIM AGAINST YOU UNLESS IT UNCONDITIONALLY RELEASES YOU OF ALL LIABILITY); (3) YOU GIVE US ALL REASONABLE ASSISTANCE, AT OUR EXPENSE; AND (4) THE CLAIM AGAINST YOU DOES NOT RELATE TO CUSTOMER DATA OR ANY LEADS OR LEAD DATA GENERATED BY OUR SERVICES.
IN THE EVENT OF A DISPUTE, WE RESERVE THE RIGHT TO, AT OUR SOLE DISCRETION, AND AT NO COST TO YOU (1) MODIFY OUR SERVICES; (2) OBTAIN A LICENSE FOR YOUR CONTINUED USE OF THE SERVICE IN ACCORDANCE WITH THE AGREEMENT; AND (3) TERMINATE YOUR SUBSCRIPTIONS FOR THAT SERVICE UPON THIRTY (30) DAYS WRITTEN NOTICE AND REFUND YOU ANY PREPAID FEES COVERING THE REMAINDER OF THE TERM OF THE TERMINATED SUBSCRIPTIONS.
12.2. Indemnification by You
YOU AGREE TO INDEMNIFY, DEFEND AND HOLD HARMLESS GROWBOTS, AND OUR PAST, PRESENT AND FUTURE EMPLOYEES, OFFICERS, DIRECTORS, CONTRACTORS, CONSULTANTS, EQUITY HOLDERS, SUPPLIERS, VENDORS, SERVICE PROVIDERS, PARENT COMPANIES, SUBSIDIARIES, AFFILIATES, AGENTS, REPRESENTATIVES, PREDECESSORS, SUCCESSORS AND ASSIGNS (INDIVIDUALLY AND COLLECTIVELY, THE “GROWBOTS PARTIES”) AGAINST ANY CLAIM, DEMAND, SUIT OR PROCEEDING MADE OR BROUGHT AGAINST GROWBOTS PARTIES BY A THIRD PARTY ALLEGING YOUR CUSTOMER DATA, YOUR USE AND DISCLOSURE OF ANY DATA GENERATED FROM OUR SERVICES (INCLUDING ANY LEADS OR LEAD DATA), OR YOUR USE OF OUR SERVICES, INFRINGES OR MISAPPROPRIATES A THIRD PARTY RIGHT, VIOLATES YOUR CONTRACTUAL OR LEGAL OBLIGATIONS, OR VIOLATES ANY APPLICABLE LAW, RULES, OR REGULATION, EXCEPT TO THE EXTENT SUCH INDEMNIFICATION IS PROHIBITED BY LAW (A “CLAIM AGAINST US”). YOU WILL INDEMNIFY, DEFEND AND HOLD GROWBOTS PARTIES HARMLESS FROM ANY CLAIM DAMAGES, AWARDS, JUDGMENTS, LOSSES, LIABILITIES, OBLIGATIONS, PENALTIES, INTEREST, FEES, EXPENSES (INCLUDING, WITHOUT LIMITATION, ATTORNEYS’ FEES AND EXPENSES) AND COSTS (INCLUDING, WITHOUT LIMITATION, COURT COSTS, COSTS OF SETTLEMENT AND COSTS OF PURSUING INDEMNIFICATION AND INSURANCE), OF EVERY KIND AND NATURE WHATSOEVER IN CONNECTION TO A CLAIM AGAINST US, WHETHER KNOWN OR UNKNOWN, FORESEEN OR UNFORESEEN, MATURED OR UNMATURED, OR SUSPECTED OR UNSUSPECTED, IN LAW OR EQUITY, PROVIDED THAT (1) WE PROMPTLY GIVE YOU WRITTEN NOTICE OF THE CLAIM AGAINST US; (2) WE GIVE YOU SOLE CONTROL OF THE DEFENSE AND SETTLEMENT OF THE CLAIM AGAINST US; (EXCEPT THAT YOU SHALL NOT SETTLE ANY CLAIM AGAINST US UNLESS IT UNCONDITIONALLY RELEASES US OF ALL LIABILITY); AND (3) WE GIVE YOU ALL REASONABLE ASSISTANCE, AT YOUR EXPENSE.
12.3. Exclusive Remedy
THIS SECTION 12 STATES THE INDEMNIFYING PARTY’S SOLE LIABILITY TO AND THE INDEMNIFIED PARTY’S EXCLUSIVE REMEDY AGAINST THE OTHER PARTY FOR ANY TYPE OF CLAIM DESCRIBED IN THIS SECTION 12.
13. Dispute Resolution, Governing Law, Venue, Jurisdiction
Each party agrees to the governing law of the State of California without regard to choice or conflicts of law rules, and to the exclusive jurisdiction of federal and state courts sitting in San Francisco, California.
Except as otherwise specified in the Agreement, all notices, permissions and approvals shall be deemed to have been given upon:
- personal delivery;
- the second business day after mailing; or
- the first business day after sending by email.
Notwithstanding the aforementioned, email shall not be sufficient for notices of termination or indemnification purposes.
All notices, permissions and approvals to Growbots pursuant to this Agreement shall be delivered to:
Attn: Łukasz Deka, Chief Executive Officer
1015 Fillmore St. PMB 18339
San Francisco, CA 94115 USA.
All notices, permissions and approvals to the Customer pursuant to this Agreement shall be delivered to the address or e-mail address on the record. All billing-related notices will be sent to the relevant billing contact designated by you. All other notices shall be sent to the relevant service system administrator designated by you.
It is the responsibility of the Customer to update its contact information with Growbots. Growbots is not responsible for any correspondences that failed to reach the Customer due to a change in address or e-mail address not reported to Growbots.
14.2. Entire Agreement and Order of Precedence
The Agreement, including the DPA, is the entire agreement between You and Us regarding Your use of Services and supersedes all prior and contemporaneous agreements, proposals or representations, written or oral, concerning its subject matter. No modification, amendment, or waiver of any provision of the Agreement will be effective unless in writing and signed by the party against whom the modification, amendment or waiver is to be asserted. The parties agree that any term or condition stated in any purchase order or in any other ordering documentation that you may provide (excluding merely Subscription Plans) is void. In the event of any conflict or inconsistency between the Subscription Plan and these Terms of Service, the Subscription Plan shall control and govern.
Neither party may assign any of its rights or obligations hereunder, whether by operation of law or otherwise, without the other party’s prior written consent (not to be unreasonably withheld); provided, however, either party may assign the Agreement in its entirety (including all Subscription Plans), without the other party’s consent to its affiliate or in connection with a merger, acquisition, corporate reorganization, or sale of all or substantially all of its assets. Subject to the foregoing, the Agreement will bind and inure to the benefit of the parties, their respective successors and permitted assigns.
If any term, clause or provision of these Terms is held invalid or unenforceable, then that term, clause or provision will be severable from these Terms and will not affect the validity or enforceability of any remaining part of that term, clause or provision, or any other term, clause or provision of these Terms.
14.5. No Waiver of Rights
No waiver of any provision of these Terms will constitute a waiver of such provision in any prior, concurrent or subsequent circumstance, and a party’s failure to assert any right or provision under these Terms shall not constitute a waiver of such right or provision.
14.6. No Third Party Beneficiary
Except as otherwise provided herein, these Terms are intended solely for the benefit of the parties and are not intended to confer third party beneficiary rights upon any other person or entity.
14.7. International Use
If you gain access to the Services from locations outside the United States, you will be responsible for compliance with all local laws of any such other location, and in no event will you use the Services or Site Content in violation of U.S. export laws or regulations.
14.8. Export Compliance
Our Services may be subject to export laws and regulations of the United States and other jurisdictions. Each party represents that it is not named on any U.S. government denied-party list. You shall not permit any one to access or use our Service in a U.S.-embargoed country or in violation of any U.S. export law or regulation.
14.9. Relationship of the Parties.
During the terms of the Agreement, the parties are deemed independent contractors. The Agreement does not create a partnership, franchise, joint venture, agency, fiduciary or employment relationship between the parties.
Schedule A to the Terms of Service. The Data Processing Agreement including Standard Contractual Clauses (processors).
- General Remarks.
To address the GDPR compliance, Growbots requires you to accept the provisions of this Data Processing Agreement that constitutes integral part of these Terms of Service and which is intended to meet the requirements of the GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (the “GDPR”). Therefore, if the GDPR applies to your activity (for instance because you are established in the European Union or established outside the European Union but you offer good or services to data subjects who are in the European Union) — you need to enter into Data Processing Agreement so that you can process such GDPR-eligible personal data with Growbots as this may be considered data transfer to the United States which is considered a “third country” under the GDPR. Unless you accept the Agreement involving this DPA your contract with Growbots might lack those terms hence if GDPR applies to your activity you must refrain from using Growbots’ Service unless you accept this DPA.
The terms “personal data”, “data subject”, “processing”, “controller”, “processor” and “supervisory authority” as used in this DPA have the meanings given in the GDPR.
Please be advised that in order to meet the data protection adequacy and security requirements of the GDPR, this DPA contains the Clauses, i.e. so-called Standard Contractual Clauses (for data processors) – the Commission Decision (EU) 2010/87 of 5 February 2010 on standard contractual clauses for the transfer of personal data to processors established in third countries under Directive 95/46/EC of the European Parliament and of the Council, as amended by Commission Implementing Decision (EU) 2016/2297 of 16 December 2016. This mechanism considers the Court of Justice of the European Union ruling on data transfers, invalidating the EU-U.S. Privacy Shield, while such Standard Contractual Clauses (for data processors) continue to be a valid legal mechanism to transfer data under the GDPR. Considering the above, on the condition that you (our Customer) demonstrate to be obliged with the GDPR regulations, once you accept the Terms of Services, both you and us agree to be bound by the following DPA and the Clauses in order to adduce adequate safeguards with respect to the protection of privacy and fundamental rights and freedoms of individuals for the transfer of the personal data specified in Appendix 1 to the Clauses that you might import or otherwise upload to our App within the scope of the Services we provide you under the Agreement.
2. Acceptance of this DPA.
For the reasons mentioned above, if you choose to accept Terms and enter the Agreement, you enter this Data Protection Agreement which reflects the conditions governing processing and security of the personal data you submit to our system or which may be processed by you when connect your e-mail account thereto, i.e. submitted, stored, sent or received via the App, hereinafter referred to as the “Customer Data”. Please note that whenever we use the word “you” in this DPA, we also mean any persons who use the Services on your behalf, including your employees, subcontractors and other personnel members.
In accordance with the GDPR regulations, this DPA shall be governed and construed in accordance with the laws of Poland as a European Union’s member state. The DPA is concluded for the whole period from the acceptance of the Agreement and this DPA until the end of Growbots’ provision of the Services under the Agreement, which shall include periods of suspension of Services’ provision or other post-termination periods when we may refrain from deleting your data.
3. Subject Matter and Circumstances of Data Processing.
Growbots shall not be the controller of the Customer Data you may submit to our Services and will process such information within the Services solely in the processor’s role and – depending on the scope of your activity – you may be the controller or processor of this data. If the GDPR applies to the processing of Customer Data and you are the processor, you explicitly warrant us that your instructions and actions with respect to that Customer Data processing, including hereby appointment of Growbots as another processor, have been authorized by the relevant controller.
The personal data which may be processed (i.a. submitted, stored, sent or received) by you when you use the Services may include categories of data listed in Appendix 1 to the Clauses.
The Customer Data which you may process might concern the categories of data subjects listed in Appendix 1 to the Clauses.
If the explicit consent of data subject is your legal basis to process the Customer Data via our Systems, you represent and warrant us the each such consent is freely given and taken in accordance with applicable laws. In this context you indemnify Growbots of all claims and actions of third parties related to the processing of Customer Data via Services without explicit consent or other legal basis under the respective laws.
By entering this DPA you instruct Growbots to process Customer Data only in for the reasons listed in Appendix 1 to the Clauses.
4. Scope of Processing. Data Deletion. Subprocessors.
We enable you to delete Customer Data during this DPA by using functionalities within Services – including moving data to archive for limited period or by instant permanent deletion. If the term indicated above expires or you choose to delete data permanently, the Customer Data may not be recovered. Each of such actions will be acknowledged as your instruction to delete relevant Customer Data you submitted or keep within our systems. When the Agreement is terminated or otherwise expires we shall delete your data, including Customer Data, and/or give you their copy (return them) subject the terms of Agreement.
Under this DPA you authorise us to engage sub-processors in accordance with Appendix 1 to the Clauses.
5. Security Measures. Data incidents. Liability.
If we become aware of a data incident – meaning a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Customer Data on systems managed by or otherwise controlled by Growbots, excluding unsuccessful attempts or activities that do not compromise the security of Customer Data, unsuccessful log-in attempts, pings, port scans, denial of service attacks, and other network attacks on firewalls or networked systems – we will notify you of the Data Incident promptly and without undue delay and promptly take reasonable steps to minimize harm and secure Customer Data. Such Data Incident notification will describe, to the extent possible, details of the Data Incident, including steps taken to mitigate the potential risks and steps we may recommend you to address the Data Incident. We will deliver you such notification to your e-mail address or, at our discretion, by phone call or other direct communication. It is your sole responsibility to provide us with and update your current and valid contact information. Neither of our notifications or communications regarding Data Incidents shall be construed as an acknowledgement of our fault or liability with respect to the Data Incident.
By entering this DPA you explicitly acknowledge, agree and confirm that Growbots will never assess the contents of Customer Data you may submit, store, send or receive using our Services in order to identify information subject to any specific legal requirements or to assess your compliance with any laws or infringements thereof. Therefore you are solely responsible for complying with applicable incident notification laws and fulfilling any third party notification obligations related to any Data Incident(s).
You agree that, without prejudice to our obligations under this section, you shall be solely responsible for your use of the Services, including: making appropriate use of the Services and exercise adequate security controls to ensure a level of security appropriate to the risk in respect of the Customer Data, securing the account authentication credentials, systems and devices which you may use to access the Services and backing up your Customer Data.
As we provide solely online Services we shall have no obligation to protect Customer Data that you may choose to store or transfer outside of Growbots systems, for instance for physical storage – in any form. If you have further questions on our technical and organisational means for personal data protection you shall inquire us to provide you with additional information prior to submitting Customer Data to our systems or it shall be otherwise considered that you agree that taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of the processing of Customer Data as well as the risks to individuals our data protection standards are appropriate to the risk in respect of the Customer Data.
Notwithstanding our obligations we may have in respect to this DPA, you shall also take all the reasonable precaution steps in order to ensure appropriate security and to prevent any destruction, loss, alteration, disclosure, unauthorised or illegal access to or acquirement of Customer Data and any other personal data you may process using via Services and Growbots systems. If the data you process via Services were accessed or obtained by an unauthorised person or if there occurs a breach of such personal data security, you shall immediately notify Growbots on such Data Incident and shall cooperate with us in order to take any steps deemed required for the mitigation of any loss or damage. In this case the respective provisions of sections 15.5 and 15.6 apply adequately to the cooperation we will demand from you.
If you breach any obligations you may have under the GDPR you shall be unconditionally and solely liable and it shall compensate Growbots and any third parties or data subjects against (a) any damage, loss, costs, taxes and expenses (including legal charges related to judicial experts and lawyers), (b) the refund of any fines or penalties paid by us to the supervisory authority, (c) any other damages resulting from the negligence, fault or gross misconduct or from any breach of an obligation related to Customer Data and other personal data processed via the Services as a consequence of non-complying with this DPA and the GDPR.
We will consider any breach of any representation or provision of the DPA and the GDPR by you shall represent a gross breach of the Agreement and it shall entitle us to terminate the Agreement immediately by sending a termination notice, without any grace or remedy period and without any other formality, notification or intervention of any court of law or another jurisdictional body.
6. Cooperation on Data Protection and Execution of Data Subjects’ Rights.
To the extent necessary for the reason of this DPA, Growbots will make available for your review the documents and information to demonstrate our compliance with our obligations under this DPA. If GDPR applies to the processing of Customer Data, we will also allow you or your appointed independent auditor to conduct audits (including inspections) to verify our compliance with obligations under this DPA, including our documentation and we will contribute to such audits. In any case such audits will be subject to prior arrangements and reasonably agreed terms for such audits and inspections which may involve fees based on our reasonable costs of such reviews. If you wish to appoint an auditor, we may object to your choice if in our reasonable opinion the appointed auditor is not suitably qualified or independent, a competitor of Growbots or otherwise manifestly unsuitable. If this is the case we will require you to appoint another auditor or conduct the audit itself.
If applicable, we will assist you in ensuring compliance with any of you obligations in respect of data protection impact assessments and prior consultation, including if applicable Customer’s obligations pursuant to Articles 35 and 36 of the GDPR, taking into account the nature of the processing and the information available to us, for instance by providing you additional security information or providing the information with regard to performance of the Agreement including this DPA.
During the term of the Agreement, we enable you to access, rectify and restrict processing of Customer Data, including deletion of this data (subject to the hereinabove terms) and to export Customer Data – in a manner consistent with the functionalities of the Services.
If Growbots receives any request from a data subject in relation to Customer Data we may process, we will advise the data subject to submit their request to you and you shall be responsible for to respond to any such request including, where necessary, by using the functionality of the Services. Nevertheless, taking into account the nature of the processing of Customer Data via the Services, we will assist you in fulfilling any obligation to respond to requests by data subjects, including obligation to respond to requests for exercising the data subject’s rights laid down in Chapter III of the GDPR. Depending on the case, we may provide you Services’ functionalities to perform our commitments you assist you or we may help you in other appropriate manner, including serving you with additional information on processing of Customer Data.
7. An annex to the DPA follows, constituting integral part of this DPA.
Standard Contractual Clauses (processors) for the purposes of Article 26(2) of Directive 95/46/EC for the transfer of personal data to processors established in third countries which do not ensure an adequate level of data protection
are hereby concluded between you (our Customer) as the non-Growbots legal entity accepting the Clauses (hereinafter referred to as the “Data Exporter”) and Growbots Inc.,1015 Fillmore St. PMB 18339, San Francisco, CA 94115, (hereinafter referred to as the “Data Importer”) each a “party”; together “the parties”,
WHO HAVE MUTUALLY AGREED on the following contractual clauses (the “Clauses”) in order to adduce adequate safeguards with respect to the protection of privacy and fundamental rights and freedoms of individuals for the transfer by the Data Exporter to the Data Importer of the personal data specified in Appendix 1 to these Clauses.
If you are accepting these Clauses on behalf of the Data Exporter, you represent and warrant that: (i) you have full legal authority to bind your employer, or the applicable entity, to these terms and conditions; (ii) you have read and understand the Clauses; and (iii) you agree, on behalf of the party that you represent, to the Clauses. The Clauses shall automatically expire on the termination or expiry of the Agreement. The parties agree that where Data Exporter has been presented with this Clauses and clicked to accept these terms electronically or continued to use the Services, such acceptance shall constitute execution of the entirety of the Clauses by both parties, subject to the effective date described above.
Clause 1. Definitions.
For the purposes of the Clauses:
(a) ‘personal data’, ‘special categories of data’, ‘process/processing’, ‘controller’, ‘processor’, ‘data subject’ and ‘supervisory authority’ shall have the same meaning as in Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data;
(b) ‘the Data Exporter’ means you (our Customer) – as the controller who transfers the personal data;
(c) ‘the Data Importer’ means us (Growbots) as the processor who agrees to receive from the Data Exporter personal data intended for processing on his behalf after the transfer in accordance with his instructions and the terms of the Clauses and who is not subject to a third country’s system ensuring adequate protection within the meaning of Article 25(1) of Directive 95/46/EC;
(d) ‘the Sub-processor’ means any processor engaged by the Data Importer or by any other Sub-processor of the Data Importer who agrees to receive from the Data Importer or from any other Sub-processor of the Data Importer personal data exclusively intended for processing activities to be carried out on behalf of the Data Exporter after the transfer in accordance with his instructions, the terms of the Clauses and the terms of the written subcontract;
(e) ‘the applicable data protection law’ means the legislation protecting the fundamental rights and freedoms of individuals and, in particular, their right to privacy with respect to the processing of personal data applicable to a data controller in the Member State in which the Data Exporter is established;
(f) ‘technical and organisational security measures’ means those measures aimed at protecting personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing.
Clause 2. Details of the transfer
The details of the transfer and in particular the special categories of personal data where applicable are specified in Appendix 1 which forms an integral part of the Clauses.
Clause 3. Third-party beneficiary clause
- The data subject can enforce against the Data Exporter this Clause, Clause 4(b) to (i), Clause 5(a) to (e), and (g) to (j), Clause 6(1) and (2), Clause 7, Clause 8(2), and Clauses 9 to 12 as third-party beneficiary.
- The data subject can enforce against the Data Importer this Clause, Clause 5(a) to (e) and (g), Clause 6, Clause 7, Clause 8(2), and Clauses 9 to 12, in cases where the Data Exporter has factually disappeared or has ceased to exist in law unless any successor entity has assumed the entire legal obligations of the Data Exporter by contract or by operation of law, as a result of which it takes on the rights and obligations of the Data Exporter, in which case the data subject can enforce them against such entity.
- The data subject can enforce against the Sub-processor this Clause, Clause 5(a) to (e) and (g), Clause 6, Clause 7, Clause 8(2), and Clauses 9 to 12, in cases where both the Data Exporter and the Data Importer have factually disappeared or ceased to exist in law or have become insolvent, unless any successor entity has assumed the entire legal obligations of the Data Exporter by contract or by operation of law as a result of which it takes on the rights and obligations of the Data Exporter, in which case the data subject can enforce them against such entity. Such third-party liability of the Sub-processor shall be limited to its own processing operations under the Clauses.
- The parties do not object to a data subject being represented by an association or other body if the data subject so expressly wishes and if permitted by national law.
Clause 4. Obligations of the Data Exporter
The Data Exporter agrees and warrants:
(a) that the processing, including the transfer itself, of the personal data has been and will continue to be carried out in accordance with the relevant provisions of the applicable data protection law (and, where applicable, has been notified to the relevant authorities of the Member State where the Data Exporter is established) and does not violate the relevant provisions of that State;
(b) that it has instructed and throughout the duration of the personal data-processing services will instruct the Data Importer to process the personal data transferred only on the Data Exporter’s behalf and in accordance with the applicable data protection law and the Clauses;
(c) that the Data Importer will provide sufficient guarantees in respect of the technical and organisational security measures specified in Appendix 2 to this contract;
(d) that after assessment of the requirements of the applicable data protection law, the security measures are appropriate to protect personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing, and that these measures ensure a level of security appropriate to the risks presented by the processing and the nature of the data to be protected having regard to the state of the art and the cost of their implementation;
(e) that it will ensure compliance with the security measures;
(f) that, if the transfer involves special categories of data, the data subject has been informed or will be informed before, or as soon as possible after, the transfer that its data could be transmitted to a third country not providing adequate protection within the meaning of Directive 95/46/EC;
(g) to forward any notification received from the Data Importer or any Sub-processor pursuant to Clause 5(b) and Clause 8(3) to the data protection supervisory authority if the Data Exporter decides to continue the transfer or to lift the suspension;
(h) to make available to the data subjects upon request a copy of the Clauses, with the exception of Appendix 2, and a summary description of the security measures, as well as a copy of any contract for sub-processing services which has to be made in accordance with the Clauses, unless the Clauses or the contract contain commercial information, in which case it may remove such commercial information;
(i) that, in the event of sub-processing, the processing activity is carried out in accordance with Clause 11 by a Sub-processor providing at least the same level of protection for the personal data and the rights of data subject as the Data Importer under the Clauses; and
(j) that it will ensure compliance with Clause 4(a) to (i).
Clause 5. Obligations of the Data Importer.
The Data Importer agrees and warrants:
(a) to process the personal data only on behalf of the Data Exporter and in compliance with its instructions and the Clauses; if it cannot provide such compliance for whatever reasons, it agrees to inform promptly the Data Exporter of its inability to comply, in which case the Data Exporter is entitled to suspend the transfer of data and/or terminate the contract;
(b) that it has no reason to believe that the legislation applicable to it prevents it from fulfilling the instructions received from the Data Exporter and its obligations under the contract and that in the event of a change in this legislation which is likely to have a substantial adverse effect on the warranties and obligations provided by the Clauses, it will promptly notify the change to the Data Exporter as soon as it is aware, in which case the Data Exporter is entitled to suspend the transfer of data and/or terminate the contract;
(c) that it has implemented the technical and organisational security measures specified in Appendix 2 before processing the personal data transferred;
(d) that it will promptly notify the Data Exporter about:
(i) any legally binding request for disclosure of the personal data by a law enforcement authority unless otherwise prohibited, such as a prohibition under criminal law to preserve the confidentiality of a law enforcement investigation;
(ii) any accidental or unauthorised access; and
(iii) any request received directly from the data subjects without responding to that request, unless it has been otherwise authorised to do so;
(e) to deal promptly and properly with all inquiries from the Data Exporter relating to its processing of the personal data subject to the transfer and to abide by the advice of the supervisory authority with regard to the processing of the data transferred;
(f) at the request of the Data Exporter to submit its data-processing facilities for audit of the processing activities covered by the Clauses which shall be carried out by the Data Exporter or an inspection body composed of independent members and in possession of the required professional qualifications bound by a duty of confidentiality, selected by the Data Exporter, where applicable, in agreement with the supervisory authority;
(g) to make available to the data subject upon request a copy of the Clauses, or any existing contract for sub-processing, unless the Clauses or contract contain commercial information, in which case it may remove such commercial information, with the exception of Appendix 2 which shall be replaced by a summary description of the security measures in those cases where the data subject is unable to obtain a copy from the Data Exporter;
(h) that, in the event of sub-processing, it has previously informed the Data Exporter and obtained its prior written consent;
(i) that the processing services by the Sub-processor will be carried out in accordance with Clause 11;
(j) to send promptly a copy of any Sub-processor agreement it concludes under the Clauses to the Data Exporter.
Clause 6. Liability.
- The parties agree that any data subject, who has suffered damage as a result of any breach of the obligations referred to in Clause 3 or in Clause 11 by any party or Sub-processor is entitled to receive compensation from the Data Exporter for the damage suffered.
- If a data subject is not able to bring a claim for compensation in accordance with paragraph 1 against the Data Exporter, arising out of a breach by the Data Importer or his Sub-processor of any of their obligations referred to in Clause 3 or in Clause 11, because the Data Exporter has factually disappeared or ceased to exist in law or has become insolvent, the Data Importer agrees that the data subject may issue a claim against the Data Importer as if it were the Data Exporter, unless any successor entity has assumed the entire legal obligations of the Data Exporter by contract of by operation of law, in which case the data subject can enforce its rights against such entity. The Data Importer may not rely on a breach by a Sub-processor of its obligations in order to avoid its own liabilities.
- If a data subject is not able to bring a claim against the Data Exporter or the Data Importer referred to in paragraphs 1 and 2, arising out of a breach by the Sub-processor of any of their obligations referred to in Clause 3 or in Clause 11 because both the Data Exporter and the Data Importer have factually disappeared or ceased to exist in law or have become insolvent, the Sub-processor agrees that the data subject may issue a claim against the data Sub-processor with regard to its own processing operations under the Clauses as if it were the Data Exporter or the Data Importer, unless any successor entity has assumed the entire legal obligations of the Data Exporter or Data Importer by contract or by operation of law, in which case the data subject can enforce its rights against such entity. The liability of the Sub-processor shall be limited to its own processing operations under the Clauses.
- The parties agree that if one party is held liable for a violation of the clauses committed by the other party, the latter will, to the extent to which it is liable, indemnify the first party for any cost, charge, damages, expenses or loss it has incurred. This indemnification is contingent upon:
(a) the Data Exporter promptly notifying the Data Importer of a claim; and
(b) the Data Importer being given the possibility to cooperate with the Data Exporter in the defense and settlement of the claim.
Clause 7. Mediation and jurisdiction.
- The Data Importer agrees that if the data subject invokes against it third-party beneficiary rights and/or claims compensation for damages under the Clauses, the Data Importer will accept the decision of the data subject:
(a) to refer the dispute to mediation, by an independent person or, where applicable, by the supervisory authority;
(b) to refer the dispute to the courts in the Member State in which the Data Exporter is established.
- The parties agree that the choice made by the data subject will not prejudice its substantive or procedural rights to seek remedies in accordance with other provisions of national or international law.
Clause 8. Cooperation with supervisory authorities.
- The Data Exporter agrees to deposit a copy of this contract with the supervisory authority if it so requests or if such deposit is required under the applicable data protection law.
- The parties agree that the supervisory authority has the right to conduct an audit of the Data Importer, and of any Sub-processor, which has the same scope and is subject to the same conditions as would apply to an audit of the Data Exporter under the applicable data protection law.
- The Data Importer shall promptly inform the Data Exporter about the existence of legislation applicable to it or any Sub-processor preventing the conduct of an audit of the Data Importer, or any Sub-processor, pursuant to paragraph 2. In such a case the Data Exporter shall be entitled to take the measures foreseen in Clause 5(b).
Clause 9. Governing law.
These Clauses shall be governed by the law of the European Union state in which the Data Exporter is established.
Clause 10. Variation of the contract.
The parties undertake not to vary or modify the Clauses. This does not preclude the parties from adding clauses on business related issues where required as long as they do not contradict any of clauses of these Clauses.
Clause 11. Sub-processing.
- The Data Importer shall not subcontract any of its processing operations performed on behalf of the Data Exporter under the Clauses without the prior written consent of the Data Exporter. Where the Data Importer subcontracts its obligations under the Clauses, with the consent of the Data Exporter, it shall do so only by way of a written agreement with the Sub-processor which imposes the same obligations on the Sub-processor as are imposed on the Data Importer under the Clauses. Where the Sub-processor fails to fulfil its data protection obligations under such written agreement the Data Importer shall remain fully liable to the Data Exporter for the performance of the Sub-processor’s obligations under such agreement.
- The prior written contract between the Data Importer and the Sub-processor shall also provide for a third-party beneficiary clause as laid down in Clause 3 for cases where the data subject is not able to bring the claim for compensation referred to in paragraph 1 of Clause 6 against the Data Exporter or the Data Importer because they have factually disappeared or have ceased to exist in law or have become insolvent and no successor entity has assumed the entire legal obligations of the Data Exporter or Data Importer by contract or by operation of law. Such third-party liability of the Sub-processor shall be limited to its own processing operations under the Clauses.
- The provisions relating to data protection aspects for sub-processing of the contract referred to in paragraph 1 shall be governed by the law of the Member State in which the Data Exporter is established.
- The Data Exporter shall keep a list of sub-processing agreements concluded under the Clauses and notified by the Data Importer pursuant to Clause 5(j), which shall be updated at least once a year. The list shall be available to the Data Exporter’s data protection supervisory authority.
Clause 12. Obligation after the termination of personal data-processing services.
- The parties agree that on the termination of the provision of data-processing services, the Data Importer and the Sub-processor shall, at the choice of the Data Exporter, return all the personal data transferred and the copies thereof to the Data Exporter or shall destroy all the personal data and certify to the Data Exporter that it has done so, unless legislation imposed upon the Data Importer prevents it from returning or destroying all or part of the personal data transferred. In that case, the Data Importer warrants that it will guarantee the confidentiality of the personal data transferred and will not actively process the personal data transferred anymore.
- The Data Importer and the Sub-processor warrant that upon request of the Data Exporter and/or of the supervisory authority, it will submit its data-processing facilities for an audit of the measures referred to in paragraph 1.
Appendix 1 to the Clauses
The Member States may complete or specify, according to their national procedures, any additional necessary information to be contained in this Appendix
The Data Exporter is the non-Growbots legal entity that is a party to these Clauses and have entered into an Agreement with Growbots for our Services involving, inter alia, uploading information to our App or connecting CRM (customer relationship management software), which may, in turn, involve, where the Data Exporter so chooses, such personal data as prospects data, customers data and business partners of the Data Exporter.
The Data Importer is a global provider of Services consisting in facilitation of sales prospecting and automatization of online marketing campaigns via software solutions that Growbots provides to businesses.
The personal data transferred concern the following categories of data subjects: users of the Services who may include the Data Exporter’s employees and contractors, the personnel of the Data Exporter’s customers, suppliers and subcontractors or any other person whose personal data is transmitted data via the Services, including any individuals collaborating and communicating with the App’s users.
Categories of data
The personal data which may be processed (inter alia, submitted, stored, sent or received) by the Data Exporter in connection with the Services may include the following categories of data: names, e-mail address, telephone, profession, company’s name and address, city and country of the company, user IDs, presentations, images, calendar entries and other data which may be relevant for your purposes of permitted usage of our Services.
Special categories of data (if appropriate)
The Data Exporter shall not transfer any personal data constituting special categories of data but should it come to pass, such personal data include: data submitted, stored, sent or received by end users via the Services.
The personal data transferred will be subject to the following basic processing activities:
Scope of Processing.
The Clauses reflect the parties’ agreement with respect to the processing and transfer of personal data specified in this Appendix pursuant to the provision of the Services.
Term of Data Processing.
Data processing will continue throughout the performance of the Agreement between the parties under which the Services are provided by the Data Importer to the Data Exporter. When the Agreement is terminated or otherwise expires the Data Importer shall delete the Data Exporter’s data, including personal data, and/or give the Data Exporter their copy (return them) subject to the terms of Agreement.
During the term of the Services Agreement, the Data Importer will provide the Data Exporter with the ability to delete the Data Exporter’s personal data in accordance with the Terms of Services – including by having them archived for a limited period of time or by instant permanent deletion. If the term indicated above expires or you choose to delete data permanently, the Data Importer will delete the Data Exporter’s personal data and such data may not be then recovered. Aforementioned actions will be regarded as the Data Exporter’s instructions to delete relevant personal data submitted or kept within the Data Importer’s systems.
Access to Data.
During the term of the Services Agreement, the Data Importer will provide the Data Exporter with access to and the ability to rectify, restrict processing of and export the Data Exporter’s personal data from the Services in accordance with the Terms of Services.
The Data Importer may engage Sub-processors, including Growbots sp. z o.o., a limited liability company incorporated under the laws of Poland, with its registered office at Hoża 51, 00-681 Warsaw (and its personnel) – within the scope and for the purposes of processing the personal data mentioned in this DPA, including in particular with respect to parts of the Services and related technical support, as well as for software troubleshooting, maintenance and development.
Appendix 2 to the Clauses
Description of the technical and organizational security measures implemented by the Data Importer in accordance with Clauses 4(d) and 5(c) (or document/legislation attached):
The Data Importer have implemented and will maintain all the appropriate technical and organizational measures to protect personal data that the Data Exporter may transfer – to ensure a high and adequate level of security against accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access to personal data, including encryption of personal data, introducing and maintaining systems ensuring the ongoing confidentiality, integrity, availability and resilience of processing, systems ensuring ability to restore the availability and access to the personal data in the event of a physical or technical incident.
Technical and organizational measures implemented by the Data Importer were designed to mitigate risks of any incidents involving personal data and involve in particular the following undertakings:
- offering secure, encrypted connection for personal data transfers when using the App,
- physical security operations in our geographical locations and limiting access to personal data to particular geographical locations where the Data Importers offices or personnel are located,
- password and software protection of devices allowing access to personal data where passwords to data processing tools are personalized and available only subject to confidentiality,
- using solely world-class, trusted and esteemed hosting and cloud services providers,
- separation of databases,
- implementation of policy regarding the removal of magnetic and optical data (including hard drives, portable storage media, backup platforms, etc.),
- implementation of procedures regarding database management,
- implementation of procedures regarding the collection, verification, processing, and distribution of the data, management and access control for the Data Importer personnel, including determination of the methodology for providing access to data, restrictions upon access, and keeping an updated list of persons with access rights,
- confidentiality agreements concluded with persons with access rights,
- encryption of personal data,
- implementation of procedures regarding operations of the systems and maintaining ongoing data integrity, confidentiality, availability and resilience of processing systems and services,
- monitoring for the discovery of breaches of data integrity and methodology for curing such breaches,
- implementation of procedures regarding employee reliability and record of data misuse in accordance with the level of data sensitivity,
- conducting audits of the security and privacy practices of Sub-processors to ensure that Sub-processors provide a level of security and privacy appropriate to their access to data and the scope of services they are engaged to provide,
- conducting further regular tests, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the personal data processing.
For any questions on technical and organizational means for personal data protection the Data Exporter shall contact the Data Importer prior to transferring respective personal data to the Data Importer or it shall be otherwise considered that the Data Exporter agrees that taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of the processing of personal data as well as the risks to individuals, the Data Importer’s data protection standards are appropriate to the risk in respect of the personal data.
The Data Importer has also appointed a Data Protection Representative who may be contacted at firstname.lastname@example.org