1.1. This Data Processing Addendum (“Addendum”) forms an integral part of the Terms of Service (“Agreement”) between the party to such Agreement (the “Company”) and Co-Pilot CX Ltd. (“Licensor”) and applies to the extent that Licensor processes Personal Data, or has access to Personal Data, in the course of its performance under the Agreement.
1.2. Licensor shall qualify as the Data Processor and Company shall qualify as the Data Controller.
All capitalized terms not defined in this Data Protection Addendum have the meanings set forth in the Agreement.
2.1. “Approved Jurisdiction” means a member state of the European Economic Area, or other jurisdiction as may be approved as having adequate legal protections for data by the European Commission.
2.2. “Breach Incident” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Data transmitted, stored or otherwise processed.
2.3. “Data Controller”, “Data Processor”, “data subject”, “process” and “processing” shall have the meanings ascribed to them in the Data Protection Laws.
2.4. “Data Protection Laws” means any and/or all applicable domestic and foreign laws, rules, directives and regulations, on any local, provincial, state or deferral or national level, pertaining to data privacy, data security and/or the protection of Personal Data, including the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (“GDPR”) and the Israeli Protection of Privacy Law, 5741-1981 (and any regulation thereof), to the extent applicable.
2.5. “Personal Data” means any information that is about, or can be related to, an identifiable individual. Personal Data includes any information that can be linked to an individual or used to directly or indirectly identify an individual. Personal Data shall be considered Confidential Information.
2.6. “Security Measures” means commercially reasonable security-related policies, standards, and practices commensurate with the size and complexity of Licensor’s business, the level of sensitivity of the data collected, handled and stored, and the nature of Licensor’s business activities.
2.7. “Standard Contractual Clauses” means the standard contractual clauses for the transfer of Personal Data to data processors established in third countries adopted by the European Commission Decision C(2010)593.
2.8. “Sub-Processors” means any affiliate, agent or assign of Licensor that may process Personal Data pursuant to the terms of the Agreement, and any unaffiliated processor engaged by Licensor.
3.1. Each Party shall comply with its respective obligations under the Data Protection Laws.
3.2. Licensor shall process Personal Data in accordance with the Agreement and provide reasonable cooperation and assistance to Company in order to allow Company to comply with its obligations as a Data Controller under DataProtection Laws.
3.3. Licensor agrees to notify Company promptly if it becomes unable to comply with the terms of this Addendum andtake reasonable and appropriate measures to remedy such non-compliance.
4.1. The Platform is offered by subscription. You agree to pay Copilot.cx any fees related to your use of the Platform and any services you purchase or use in accordance with Copilot.cx’s pricing plans available at: https://www.copilot.cx/get-copilot as then in effect or as otherwise agreed to in writing by both parties (the “Fees”).
4.2. The Fees are payable to Copilot.cx net of any taxes imposed by any authority and you shall pay the Fees free and clear of and without any deduction or withholding of any tax imposed, levied, collected, withheld or assessed by or within your territory or otherwise.
4.3. Any Fees or payments by you that are not paid on or before the date such payments are due under this Agreement shall incur a 1.5% monthly interest charge, assessed from the day payment was initially due until the date of payment. Without derogating from the above, Copilot.cx may turn off your access to Platform without notice for any unpaid and due invoices.
4.3.1. Personal Data has been and will continue to be collected, processed and transferred by Company inaccordance with the relevant provisions of the Data Protection Laws;
5.1 Term. The License and this Agreement will continue in effect until terminated as set forth herein. Unless otherwise agreed to by the parties in writing, your subscription for the Platform will automatically renew for the same subscription term. If you do not wish to renew your subscription, you must provide Copilot.cx written notice of your intent not to renew at least 30 days prior to the end of the then current subscription term.
5.2. Termination. The Agreement may be terminated (i) by either party for any reason by providing the other party with a 30 days’ prior written notice, (ii) as set forth in Section 4.3 and Section 8.2, or (iii) by either party immediately on the occurrence of any of the following events: (i) Bankruptcy and/or insolvency and/or receivership proceedings have started against the other party and/or a petition has been filed for the appointment of a trustee, liquidator, administrator or receiver, temporary or not, and has not been removed in the first hearing in the presence of both sides and/or after the other party has been given any opportunity to plead against such order and/or has not been removed within sixty (60) days of such filing, or (ii) The other party has actually stopped managing its business or performing any services for a consecutive period of thirty (30) days. Copilot.cx may, in its sole discretion, suspend or terminate your access to the Platform if it determines that you have materially violated any of the terms of this Agreement, and any suspension or termination related to the foregoing will not relieve you of your payment obligations under the Agreement.
5.3. Effect of Termination. Upon termination of the License or this Agreement, (i) all rights given to you hereunder, including your right to access the Platform, shall immediately cease; (ii) you shall pay Copilot.cx all Fees accrued and/or due and outstanding as of the date of termination. Please note that any data and content you have uploaded into the Platform may be deleted from Copilot.cx’s systems immediately upon termination of the Agreement or cancellation of your account, unless legally prohibited. Copilot.cx is not liable for any loss or damage following, or as a result of, the cancellation of your account, and it is your responsibility to ensure that any content or data that you require is backed up or replicated before cancellation.
5.4. Survival. Sections 3, 4.2, 4.3, 5.3, 6, 7, 8.4, 9, and 10 shall survive the termination of the Agreement.
6.1. Copilot.cx (and its licensors or partners, as applicable) retain all ownership rights in and to the Platform, including any patentable and non-patentable, copyrights, trade secrets, database rights, know-how and any other intellectual property rights existing from time to time under any law or regulations, all derivatives, updates, modifications and upgrades to the Platform, and all other derivative works of the Platform, including any suggestions, ideas, feedback, or other information you may provide to Copilot.cx relating to or in connection with the Platform.
6.2. Subject to Section 6.2 below, all proprietary right, title and interest in and to any Confidential Information that you submit or processes in the Platform Data shall remain with you, and all uses of such data by Copilot.cx be in accordance with this Agreement.
6.3. De-Identified Data. Notwithstanding anything herein, Copilot.cx shall be permitted to create, use, license, retain or disclose De-Identified Data. “De-Identified Data” shall mean data or information collected or generated by your or End User's use of the Platform or any mobile application connected to the Platform (i) for which all identifiers have been removed such that the data, alone or in combination with other reasonably available data, cannot be attributed to or associated with or cannot identify any individual, and (ii) that has been combined with similar data such that the original data forms a part of a larger data set.
“Confidential Information” means, with respect to a party (the “disclosing party”), information that pertains to such party’s business, including, without limitation, technical, marketing, financial, employee, planning, product roadmaps and documentation, performance results, pricing, and other proprietary information. Confidential Information will be designated and/or marked as confidential when disclosed, provided that any information that the party receiving such information (the “receiving party”) knew or reasonably should have known is considered confidential or proprietary by the disclosing party will be considered Confidential Information of the disclosing party even if not designated or marked as such. The receiving party shall preserve the confidentiality of the disclosing party’s Confidential Information and treat such Confidential Information with at least the same degree of care that the receiving party uses to protect its own Confidential Information, but not less than a reasonable standard of care. The receiving party will use the Confidential Information of the disclosing party only to exercise rights and perform obligations under this Agreement or as otherwise required under applicable law. Confidential Information of the disclosing party will be disclosed only to those employees and contractors of the receiving party with a need to know such information. The receiving party shall not be liable to the disclosing party for the release of Confidential Information if such information (a) was known to the receiving party on or before effective date of the Agreement, without restriction as to use or disclosure, (b) is released into the public domain through no fault of the receiving party, (c) was independently developed solely by the receiving party with no access to or use of Confidential Information, or (d) is divulged pursuant to any legal proceeding or otherwise as required by law, provided that, to the extent legally permissible, the receiving party will notify the disclosing party promptly of such required disclosure and reasonably assist the disclosing party in efforts to limit such required disclosure.
8.1. Representations and Warranties. Your use of the License and the Platform is at your sole risk. The Platform, and the associated materials and content are provided on an “AS IS” and “AS AVAILABLE” basis. Except as otherwise expressly provided in this Agreement, Copilot.cx expressly disclaim all warranties of any kind, whether express or implied, including, but not limited to the implied warranties of merchantability, fitness for a particular purpose and non-infringement. Without limiting the generality of the foregoing, Copilot.cx makes no warranty that: (i) the Platform will meet your requirements; (ii) the Platform will be uninterrupted, timely, secure, or error-free; (iii) information that may be obtained via the Platform will be accurate or reliable; (iv) the quality of any and all products, services, information or other material, including all merchandise, goods and the Platform, obtained or purchased by you directly or indirectly through the Platform will meet your expectations or needs; and (v) any errors in the Platform will be corrected. Copilot.cx disclaims all implied warranties, including implied warranties of title, merchantability and fitness for a particular purpose.
8.2. Copilot.cx Indemnity. Copilot.cx will defend at its own expense any action against you brought by a third party to the extent that the action is based upon a claim that the Platform infringe or misappropriate any copyright or trade secret rights, and Copilot.cx will pay those direct costs and damages finally awarded against you in any such action that are specifically attributable to such claim, or those costs and damages agreed to in a monetary settlement of such action. The foregoing obligations are conditioned on (i) you notifying Copilot.cx promptly in writing of such action, (ii) you giving Copilot.cx sole control of the defense thereof and any related settlement negotiations, and (iii) your cooperation and, at Copilot.cx’s reasonable request and expense, assistance in such defense. If the Platform become, or in Copilot.cx’s opinion are likely to become, the subject of an infringement claim, Copilot.cx may, at its option and expense, either procure for you the right to continue exercising the rights licensed to you in the Agreement or replace or modify the Platform to render them non-infringing and functionally equivalent. If neither of the foregoing options is, in Copilot.cx’s reasonable opinion, commercially reasonable, Copilot.cx may terminate the License or this Agreement and will refund to you a pro rata portion of any applicable prepaid fees. This Section 8.2 states Copilot.cx’s entire liability and your sole and exclusive remedy for infringement claims and actions.
8.3. Exclusions. Copilot.cx’s obligations set forth in Section 8.2 shall not apply to the extent a claim arises out of (i) your breach of the Agreement, (ii) unauthorized use of the Platform, or (iii) third-party components (including in combination with the Platform) not provided by Copilot.cx.
8.4. Limitation of Liability. In no event shall Copilot.cx be liable to you or to any third party, whether under theory of contract, tort, or otherwise, for any indirect, incidental, punitive, consequential, or special damages (including any damage to business reputation, lost profits, or lost data), whether foreseeable or not and whether Copilot.cx is advised of the possibility of such damages. In addition, Copilot.cx’s aggregate cumulative liability for damages and expenses hereunder or in any way relating with the Agreement and the License shall not exceed, in the aggregate and regardless of whether under theory of contract, tort, or otherwise, the total of the fees actually paid by you under the agreement during the one-year period prior to the date that such liability first arises.
9.1. Company acknowledges and agrees that Licensor use the services of Sub-processors listed in Annex A, attached hereto [Licensor will add a list of sub processors] or otherwise specified in the list of Sub-processors on Licensor’s website. The list shall be updated in accordance with this provision.
9.2. Company authorizes Licensor to engage Sub-processors for carrying out specific processing activities of the Services listed in Annex A or on Licensor’s website. To the extent that Licensor wishes to update such list and engage other Sub-processor, it shall provide Company with prior notice through an automatic means (including through Licensor’s website).
9.3. Licensor will enter into an agreement with the Sub-processor containing data protection obligations that are as restrictive as the obligations under this Addendum (to the extent applicable to the services provided by the applicable Sub-processor) or as customary with such Sub-processor.
10.1. Licensor may transfer and process Personal Data to and in other locations around the world where Licensor or its Sub-processors maintain data processing operations as necessary to provide the Services as set forth in the Agreement which transfer shall be deemed approved by the Company hereunder.
10.2. If Licensor or its sub-processor processes Personal Data in a jurisdiction that is not an Approved Jurisdiction, Licensor shall ensure that it has a legally approved mechanism, such as the Standard Contractual Clauses in place to allow forthe international data transfer.
Licensor will only retain Personal Data for as long as Services are provided to Company in accordance with the Agreement. Notwithstanding the foregoing, Licensor shall be entitled to maintain Personal Data following the termination of the Agreement for any purpose as and if required by law provided that Licensor shall be further entitled to further maintain and use such Personal Data on an aggregate basis for internal research and development, statistical and financial purposes after having removed all personally identifiable attributes from such Personal data, so that the Data is completely anonymized and no longer Personal Data.
12.1. Each Party will indemnify and save the other Party and each of its officers, employees and agents or Sub-Processors (subject to Section 9 above) (each a “Indemnified Party”) harmless from and against any losses, claims, actions, suits, proceedings, damages, liabilities or expenses including the aggregate amount paid in reasonable settlement of any actions, suits, proceedings, investigations or claims and the reasonable fees, disbursements and taxes of their counsel in connection with any action, suit, proceeding, investigation or claim that may be made or threatened against any Indemnified Party or in enforcing this indemnity (each a “Claim”) to which an Indemnified Party may become subject insofar as the Claim relate to, is caused by, result from, arise out of or is based upon, directly or indirectly, any failure by the Indemnifying Party to comply with the terms of this Addendum or any Data Protection Law and to reimburse each Indemnified Party forthwith, upon demand, for any cost, fine, damage, reasonable attorneys’ fee or other liability of any nature (whether direct, indirect or consequential) incurred by such IndemnifiedParty in connection with any Claim.
12.2. The rights accorded to the Indemnified Party hereunder shall be in addition to any rights an Indemnified Party mayhave at common law, Data Protection Law or otherwise.
12.3. Section 8.4 of the Agreement shall be incorporated herein by reference and shall be deemed Licensor’s limitation of liability in connection with any Claim indemnified hereunder.
13.1. In the event of a conflict between the Agreement (or any document referred to therein) and this Addendum, theprovisions of this Addendum shall prevail.
13.2. Licensor may modify the terms of this Addendum in circumstances such as (i) if required to do so by a supervisory authority or other government or regulatory entity, or (ii) if necessary to comply with Data Protection Laws, or (iii) to implement or adhere to standard contractual clauses, approved codes of conduct or certifications, binding corporate rules, or other compliance mechanisms, which may be permitted under Data Protection Laws and are customary for the industry. Licensor will provide notice of such changes to Company in advance, and the modified Addendum will become effective, upon Company’s approval. If Company’s approval is not provided within 14 days, Licensor shall be entitled to terminate the Agreement with Company for convenience, without liability to either party for such premature termination.
13.3. If any of the Data Protection Laws are superseded by new or modified Data Protection Laws (including any decisions or interpretations by a relevant court or governmental authority relating thereto), the new or modified Data Protection Laws shall be deemed to be incorporated into this Data Protection Addendum, and parties will promptly begin complying with such Data Protection Laws.