Terms of Service & DPA
Last updated on December 14th, 2023Terms of Service
1. DEFINITIONS
“Add-ons” means any new releases of new products/modules, provided to customers on the Roadie Platform Subscription at the prices agreed between the parties.
“Agreement” means the Order Form and these Terms of Service and any other documents incorporated by reference.
“Bespoke Modifications” means any customer-specific development work agreed upon in a separate Order Form or Statement of Work (“SOW”) that is explicitly identified in writing as Bespoke Modifications in the Order Form or SOW.
“Bribery Laws” means the Criminal Justice (Corruption Offences) Act 2018 and all other applicable Irish laws, legislation, statutory instruments and regulation in relation to bribery or corruption and any similar or equivalent laws in any other relevant jurisdiction.
“Commencement Date” means the date of Customer signature of the Order Form or the date Customer clicks the “subscribe now” button, where signing up through the online payment portal, unless otherwise specified in the Order Form.
“Contributing Users” means a billable user, which is any account within Customer’s source code management tool (eg. Github, Bitbucket etc.) which has contributed code to a component tracked in the Product within the preceding 3 months. Contributing Users may include employees, consultants, contractors and agents of Customer.
“Customer” has the meaning given in the Order Form.
“Customer Data” means Materials provided to Roadie by Customer that are uploaded or hosted on or integrate with any part of the Product by Customer, excluding Non-Roadie Materials.
“Documentation” means the description and instructions of the relevant Product and/or Professional Services available at https://roadie.io/docs/.
“Fees” means the fees as described in the Order Form.
“Initial Subscription Term” shall be one (1) year from the Commencement Date, unless otherwise defined in the Order Form, or unless terminated earlier as provided in this Agreement.
“Intellectual Property Rights” means all patents, copyrights, design rights, trademarks, service marks, know-how, database rights and other rights in the nature of intellectual property rights (whether registered or unregistered) and all applications for the same, anywhere in the world.
“Non-Roadie Materials” means Materials provided, (i) controlled or owned by or on behalf of a third party or (ii) open source software, the use of which is subject to a separate agreement or licence between the Customer and the relevant third party (including such Non-Roadie Materials which may be linked to, interact with or used by the Product or Professional Services).
“Malicious Code” means viruses, worms, time bombs, Trojan horses and other harmful or malicious code, files, scripts, agents or programs.
“Materials” means all services, data, information, content, software code, Intellectual Property Rights, websites, software, tools and other materials.
“Order Form” means the order form, agreed to by the parties in connection with this Agreement.
“Product” means the ‘Roadie Platform’ a cloud-based developer tooling platform and service catalogue based on the opensource technology, ‘Backstage’, as described in the Documentation.
“Professional Services” means the Professional Services as detailed in the Order Form and where applicable, any Bespoke Modifications and Tools.
“Roadie” means Larder Software Limited, trading as Roadie, a company incorporated in Ireland whose registered number is 672354 and whose registered office is at The Black Church, Saint Mary’s Place North, Dublin, D07 P4AX, Ireland;
“Roadie Materials” means Materials provided by or on behalf of Roadie in connection with the Product or Professional Services, but excluding all Customer Data.
“Roadie Platform Subscription” means the subscription to use the Product commencing on the Commencement Date
“Roadie Platform Subscription Fee” means the fee for the Roadie Platform Subscription set out in the Order Form
“Subscription Term” means the period beginning on the Commencement Date and continuing until terminated as provided in this Agreement.
“Third Party Solution” means (i) any product, service, content or item of a third party contracted to provide products or services to Customer, or (ii) code or content licensed on a proprietary or non-proprietary basis to Customer that was not developed by Customer.
“Tools” means (i) Materials used in providing the Product and Professional Services which constitute pre-existing proprietary material owned by Roadie (or some other third party, as applicable); and/or (ii) Materials which have been newly developed by Roadie in the course of performing the Professional Services for the Customer but which do not contain information confidential to Customer or are of a routine, generic or non-customer specific nature.
“Update” means a maintenance update, patch or bug fix which does not constitute an Add-On.
“Users” means individuals who are authorised by Customer to access and use the Product on behalf of Customer, and who have been supplied user identifications and login credentials by Customer. Users may include employees, consultants, contractors and agents of Customer.
2. THE PRODUCT AND SERVICES
2.1 Provision of the Roadie Platform Subscription. Subject to the terms and conditions of this Agreement, and upon Customer’s payment of the applicable Fees, Roadie (i) grants Customer, a non-exclusive, non-transferable, license for the duration of the Subscription Term, for Users to access and use the Product and Updates (including the Documentation) in support of the Customer’s internal business operations in accordance with the edition of the Product to which they have subscribed as described at https://roadie.io/pricing/ and (ii) grants Customer a non-exclusive, non-transferable, licence to use the results of the Professional Services as set out in the Order Form for the Subscription Term. Customer’s right to access and use the Product is limited to Customer’s internal business use only. Customer’s right to access and use the Product is limited to the number of Users specified in the edition to which Customer has subscribed. Customer agrees that its purchase of the Product is neither contingent on the delivery of any future functionality or features nor dependent on any oral or written comments made by Roadie regarding future functionality or features.
2.2 Customer Responsibilities. Customer shall (i) be responsible for its Users’ compliance with any User instructions set out in the Documentation and with the terms of this Agreement, (ii) use commercially reasonable efforts to prevent unauthorized access to or use of the Product, and notify Roadie promptly of any such unauthorized access or use, (iii) be responsible for Customer’s and Users’ use of any Customer Data including without limitation any use of Customer Data in violation of applicable laws and regulations, (iv) use the Product and related Professional Services only in accordance with the terms of this Agreement and applicable laws and government regulations, (v) be responsible for obtaining the appropriate licences for any Third Party Solution, ensuring that such licences cover Roadie’s use for the performance of the Product and Professional Services, and to comply with the terms and conditions of such licences. Customer acknowledges that Roadie makes no comment and accepts no responsibility in relation to the suitability of the services and/or security provided by any Third Party Solution. The Customer is responsible for ensuring that all Third Party Solution services and security procedures are adequate for their needs. If individual consents are required to collect, use, transfer or otherwise process any Customer Data, including without limitation Customer Data subject to data privacy laws and regulations, Customer shall be solely responsible for obtaining all such consents. Customer shall not (a) make the Product or results of Professional Services available to anyone other than Users, (b) sell, resell, rent or lease the Products or Professional Services, (c) interfere with or disrupt the integrity or performance of the Product or Professional Services or any content contained therein, (d) attempt to gain unauthorized access to the Product or Professional Services or the underlying systems or networks or (e) share User log-ins between personnel to circumvent maximum Users limited under the Roadie edition to which Customer is subscribed.
2.3 Third-Party Solutions. When the Customer accesses any Third Party Solution in connection with the use of the Product or Professional Services, the Customer agrees and acknowledges that (a) Roadie is not responsible for interruptions of services or to the Product caused by the Third Party Solution provider or Customer Data and (b) the Customer is solely responsible for licensing the use of Third Party Solutions and Customer Data accessed in connection with the Product and Professional Services.
2.4 Additional Services. To the extent that Customer requires any additional products or services, such as Bespoke Modifications, program modifications or additions, new modules (which add new functionality), Add-Ons (which have different names and different functionality from the Product and Professional Services), Professional Services including consulting, Customer may order such additional products and/or services pursuant to an Order Form or written statement of work mutually agreed to by the parties. Additional services (including, without limitation, Professional Services) may be provided by Roadie upon payment of additional fees agreed by the parties.
3. FEES AND PAYMENT
3.1 Fees. The Fees payable for the Roadie Platform Subscription and Professional Services are as set forth in the Order Form. Except as otherwise specified herein or in an Order Form, (i) Fees are quoted and payable in Euro or United States Dollar and payable in the currency in which they are quoted, (ii) exclude VAT and sales taxes, and (iii) payment obligations are non-cancellable and Fees paid are non-refundable.
3.2 Expenses. Customer shall reimburse Roadie for all reasonable expenses incurred by Roadie with the prior approval of Customer in the performance or implementation of requested Professional Services. Records of reimbursable expenses including statements and receipts shall be provided to Customer along with the invoice to which they pertain.
3.3 Overage. If the Customer is using the Product over the amount of Users, Contributing Users, or licences purchased, Roadie shall invoice the Customer and Customer shall pay Roadie an amount equal to such underpayment in accordance with the Fees set out in the Order Form pro rata from the date overage commenced until the end of the Subscription Term.
3.4 Invoicing and Payment. Fees will be invoiced in advance in accordance with the relevant Order Form. Unless otherwise stated in the Order Form, fees are due thirty (30) days from the invoice date. Fees shall be paid by electronic funds transfer or, where Customer signed up via the Roadie website, by payment card accepted by Stripe or other reputable provider of payments processing used by Roadie to process payments. If any amounts invoiced hereunder are not received by Roadie by the due date, then such amounts shall accrue interest at the rate of 8% above the base rate of the ECB on the outstanding balance per month, or the maximum rate permitted by law, whichever is lower, from the date such payment was due until the date paid. Customer is not permitted to use chargebacks against its payment card payments. If an unwarranted chargeback appears against a Customer payment, Roadie can terminate this Agreement without further liability to Customer at Roadie’s sole discretion.
3.5 Suspension of access to the Product or the provision of Professional Services. If any charge owing by Customer is thirty (30) days or more overdue, Roadie may, without limiting its other rights and remedies, suspend Customer’s ability to access and use the Product and suspend the delivery of the Professional Services until such amounts are paid in full. Notwithstanding the foregoing, Roadie shall not be able to suspend the access to and use of the Product for overdue invoices that are the result of a good faith dispute between the Parties, provided such dispute is resolved within 60 days of the invoice becoming overdue.
3.6 Taxes. Customer agrees to pay all applicable taxes levied by any tax authority on the Product or Professional Services or on Customer’s use thereof, which shall be separately invoiced, excluding taxes based on the net income of Roadie. Customer shall provide to Roadie any certificate of exemption or similar document required to exempt any transaction under this Agreement from sales tax or other tax liability.
4. PROPRIETARY RIGHTS
4.1 Reservation of Rights. The Product and Professional Services and all Intellectual Property Rights therein, are and will remain the sole property of Roadie or its licensors, and no rights are granted to Customer with respect to the Product or Professional Services, or the Intellectual Property Rights therein, other than the limited rights and licenses specified in this Agreement. Customer will not access or use the Product or Professional Services, nor the Intellectual Property Rights therein, except as expressly permitted by this Agreement. Roadie uses reasonable efforts to ensure that all open source components provided by Roadie in connection with the Product or Professional Services are correctly licensed for use within the Product.
4.2 Restrictions. Customer shall not at any time, directly or indirectly, and shall not permit any User to (i) permit any third party to access or use the Product and/or Professional Services except as permitted herein or in an Order Form, (ii) copy, modify or create derivative works based on the Product, Professional Services or the Documentation, (ii) rent, lease, lend, sell, license, sublicense, publish, frame, mirror or otherwise distribute any part or content of the Product, Professional Services or Documentation, (iii) reverse engineer, disassemble, decompile, decode, adapt, or otherwise attempt to derive or gain access to any software component of the Product and/ or Professional Services, in whole or in part, or (iv) access the Product and/or Professional Services in order to (a) build a competing product or service, or (b) copy any content, features, functions or graphics of the Product and/or Professional Services.
4.3 License to Feedback. Roadie shall have a royalty-free, worldwide, transferable, sublicensable, irrevocable, perpetual license to use or incorporate into the Product and/or Professional Services any suggestions, enhancement requests, recommendations or other feedback provided by Customer, including Users, relating to the operation of the Product and/or Professional Services.
4.4 Customer Data. As between the parties, Customer owns all right, title and interest in and to all Customer Data; provided that Customer grants Roadie the right to use the Customer Data to perform its obligations under this Agreement.
4.5 Non-Roadie Materials. To the extent Non-Roadie Materials are made available to, or used by or on behalf of the Customer in connection with the use or provision of the Product or Professional Services, such use of Non-Roadie Materials (including all licence terms) shall be exclusively governed by applicable third party terms notified or made available by Roadie or the third party and not by our Agreement. Roadie grants no Intellectual Property Rights or other rights in connection with any Non-Roadie Materials. It is the Customer’s sole responsibility to appropriately license any third party data sources accessed in connection with the Product or any Professional Services.
4.6 Custom Plug-ins. Where Customer is permitted to build or use a Custom Plug-in with the Product, Roadie makes no representation or warranty as to such custom plug-ins. Roadie has no obligation to review custom plug-ins, Custom plug-ins may not be reviewed by Roadie, nor does Roadie make any representation or warranty as to custom plug-ins. Customer represents and warrants that it will not use any software in custom plug-ins that is subject to any legal requirement that would restrict Roadie’s right to distribute the Product or any modification thereof (a) for a fee, (b) with or without source code or source code rights, or (c) with such restrictions as Roadie sees fit to place on its customers’ modification or distribution rights (so called ‘copyleft software’). Use of such copyleft software in a custom plug-in is a material breach of this Agreement. Customer agrees to defend, indemnify and hold harmless Roadie for losses incurred by Roadie due to the incorporation of copyleft software in, and any third party intellectual property claims relating to, custom plug-ins. Customer’s use of the Product and Services can be immediately suspended upon Roadie becoming aware of the inclusion of copyleft software in a custom plug-in.
4.7 Suspension. Notwithstanding anything to the contrary in this Agreement, Roadie may temporarily suspend Customer’s licence to use and/or any User’s access to any portion or all of the Product and/or Professional Services if: (i) Roadie reasonably determines that: (A) Customer’s or any User’s use of the Product and/or Professional Services disrupts or poses a security risk to Roadie or to any other customer of Roadie; (B) Customer, or any User, is using the Product and/or Professional Services in breach of this Agreement or in violation of applicable law; (C) Customer has ceased to continue its business in the ordinary course, made an assignment for the benefit of creditors or similar disposition of its assets, or become the subject of any bankruptcy, reorganization, liquidation, dissolution, or similar proceeding in any relevant jurisdiction; or (D) Roadie’s provision of the Product and/or Professional Services to Customer is or becomes prohibited by applicable law; (ii) any third party has suspended or terminated Roadie’s access to or use of any third-party services or products required to enable Customer to access and use the Product and/or Professional Services; (iii) in accordance with section 3.5 or section 4.6 (any such suspension described in subsection (i), (ii), or (iii), a “Suspension”). Roadie shall use commercially reasonable efforts to provide written notice of any Suspension to Customer and to provide updates regarding resumption of access to the Product and/or Professional Services following any Suspension. Roadie shall use commercially reasonable efforts to resume providing access to the Product and/or Professional Services as soon as reasonably possible after the event giving rise to the Suspension is cured. Roadie will have no liability for any damage, liabilities, losses (including any loss of data or profits), or any other consequences that Customer may incur as a result of a Suspension.
5. CONFIDENTIALITY AND DATA PROTECTION.
5.1 Confidential Information. As used herein “Confidential Information” shall mean all confidential or proprietary information disclosed orally or in writing by one party to the other that is identified as confidential or whose confidential nature is reasonably apparent. Confidential Information of Customer shall include without limitation Customer Data; Confidential Information of Roadie shall include without limitation all information relating to the Product and Professional Services; and Confidential Information of each party shall include the terms and conditions of this Agreement, as well as business and marketing plans, technology and technical information, product plans and designs, and business processes disclosed by such party. Confidential Information shall not include information which: (a) is or becomes a part of the public domain through no fault of the receiving party; (b) was in the receiving party’s lawful possession prior to the disclosure; (c) is lawfully disclosed to the receiving party by a third party without restriction on disclosure or any breach of confidence; (d) is independently developed by the receiving party; or (e) is required to be disclosed by law. “Confidential Information” does not include feedback as described in section 4.3.
5.2 Protection of Confidential Information. Each party agrees to (i) hold the other’s Confidential Information in confidence, (ii) use the same degree of care that it uses to protect the confidentiality of its own confidential information of like kind (but in no event less than reasonable care), and (iii) not use or disclose such Confidential Information other than in connection with the performance of its obligations hereunder or as otherwise authorized by this Agreement. Notwithstanding the foregoing, either party may disclose any of the other party’s Confidential Information to its employees or consultants that have a need to know such Confidential Information in connection with such party’s performance under this Agreement and that have agreed to be bound by confidentiality obligations similar to those in this section.
5.3 Compelled Disclosure. The receiving party may disclose the Confidential Information of the disclosing party if it is compelled by law to do so, provided the receiving party gives the disclosing party prior notice of such compelled disclosure (to the extent legally permitted) and reasonable assistance, at the disclosing party’s cost, if the disclosing party wishes to contest the disclosure. If the receiving party is compelled by law to disclose the disclosing party’s Confidential Information as part of a civil proceeding to which the disclosing party is a party, the disclosing party will reimburse the receiving party for its reasonable cost of compiling and providing secure access to such Confidential Information.
5.4 Obligations on Termination. Upon expiration or termination of this Agreement, each party will: (a) immediately cease all use of the other party’s Confidential Information (b) cease use of the Products and Professional Services immediately; and (c) within thirty calendar days after such expiration or termination, upon the other party’s written request, confirm in writing to the other party that it has permanently erased from computer memory, destroyed or returned to the other party the other party’s Confidential Information, as well as any copies thereof on any media or in any form. Notwithstanding the foregoing, Roadie may retain any personal data as required by applicable laws, regulations, court orders, subpoenas or other legal process. In addition, any failure of Roadie to return or destroy electronic copies of Customer Data that are automatically generated through data backup and/or archiving systems shall not be deemed to violate the provisions of this section, provided that Roadie shall not use such back-ups or archived copies for any purpose and such copies shall be subject to all confidentiality obligations set forth herein.
5.5 Personal Data. Roadie will process personal data provided by the Customer in accordance with the Data Processing Addendum attached at Annex 1.
5.6 Analytics. Roadie may use Customer Data for internal business purposes such as trend analysis, testing, optimisation, visualisation, support, licence compliance and diagnostics. Roadie will not sell nor publish Customer Data.
6. WARRANTIES, REMEDIES AND DISCLAIMERS
6.1 Roadie Warranties. Roadie warrants that the Product shall materially conform with the Documentation. The Professional Services shall be materially carried out in line with the description set out in the Order Form or Statement of Work. Roadie further states that it has taken commercially reasonable steps to prevent the introduction of any Malicious Code or any other internal components, devices or mechanisms designed to disrupt, disable, harm, or otherwise impair in any material respect the normal and authorized operation of the Product and Professional Services. In the event of any breach of the foregoing warranties, Roadie will use commercially reasonable efforts to promptly repair the Product and Professional Services so as to be conforming.
6.2 Mutual Warranty. Each party represents and warrants that it has the legal power to enter into this Agreement.
6.3 Disclaimer. EXCEPT AS EXPRESSLY PROVIDED HEREIN, THE PRODUCT AND PROFESSIONAL SERVICES ARE PROVIDED ON AN “AS IS” BASIS WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, AND EACH PARTY SPECIFICALLY DISCLAIMS ALL IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, ANY IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE, TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, ROADIE DOES NOT WARRANT THAT THE PRODUCT AND PROFESSIONAL SERVICES WILL SATISFY CUSTOMER’S REQUIREMENTS NOR (WITHOUT PREJUDICE TO THE LIMITED WARRANTY ABOVE) THAT IT IS WITHOUT DEFECT OR ERROR NOR THAT CUSTOMER’S ACCESS THERETO WILL BE UNINTERRUPTED.
6.4 ROADIE MAY MAKE NON-ROADIE MATERIALS AVAILABLE FOR THE CUSTOMER’S USE OR USE CUSTOMER DATA IN CONNECTION WITH THE PRODUCT OR PROFESSIONAL SERVICES. THE CUSTOMER AGREES THAT: (A) ROADIE HAS NO RESPONSIBILITY FOR THE USE OR CONSEQUENCES OF USE OF ANY NON-ROADIE MATERIALS, THIRD PARTY SOLUTION NOR CUSTOMER DATA; (B) THE CUSTOMER’S USE OF ANY NON-ROADIE MATERIALS OR THIRD PARTY SOLUTION SHALL BE GOVERNED BY THE APPLICABLE TERMS BETWEEN THE CUSTOMER AND THE OWNER OR LICENSOR OF THE RELEVANT NON-ROADIE MATERIALS, THIRD PARTY SOLUTION OR CUSTOMER DATA; (C) THE CUSTOMER IS SOLELY RESPONSIBLE FOR ANY NON-ROADIE MATERIALS, THIRD PARTY SOLUTION OR CUSTOMER DATA USED IN CONNECTION WITH THE PRODUCT OR PROFESSIONAL SERVICES AND FOR COMPLIANCE WITH ALL APPLICABLE THIRD PARTY TERMS WHICH MAY GOVERN THE USE OF SUCH NON-ROADIE MATERIALS, THIRD PARTY SOLUTION OR CUSTOMER DATA; AND (D) THE CONTINUED AVAILABILITY, COMPATIBILITY WITH THE PRODUCT AND PROFESSIONAL SERVICES AND PERFORMANCE OF THE NON-ROADIE MATERIALS, THIRD PARTY SOLUTION OR CUSTOMER DATA IS OUTSIDE THE CONTROL OF ROADIE AND ROADIE HAS NO RESPONSIBILITY FOR ANY UNAVAILABILITY OF OR DEGRADATION IN THE PRODUCT AND PROFESSIONAL SERVICES TO THE EXTENT RESULTING FROM THE AVAILABILITY, INCOMPATIBILITY OR PERFORMANCE OF ANY OF THE NON-ROADIE MATERIALS, THIRD PARTY SOLUTION OR CUSTOMER DATA.
7. INDEMNIFICATION
7.1 Roadie Indemnification. Roadie agrees to defend Customer against any claims, demands, suits, or proceedings made or brought by a third party (each, a “Claim”) against Customer alleging that Customer’s use of the Product or Professional Services infringes or misappropriates the intellectual property rights of such third party and to indemnify Customer from any damages finally awarded by a court of competent jurisdiction against Customer or amounts agreed to in settlement in connection with any such Claim. Roadie’s obligations under this paragraph shall only apply to the extent that: (a) Customer promptly notifies Roadie in writing of the Claim; (b) Roadie has control of the defence and all related settlement negotiations relating to the Claim; and (c) Customer provides Roadie with the assistance, information and authority reasonably necessary to perform the above. In no event will Roadie have any obligation or liability under this paragraph for any Claim or action under any legal theory if the Claim or action is caused by, or results from: (i) Customer’s combination, operation or use of the Product or Professional Services with software other than Roadie Materials, (ii) any alteration or modification of the Product or Professional Services by Customer, (iii) Customer’s continued allegedly infringing activity after being notified thereof or after being provided modifications that would have avoided the alleged infringement, (iv) any Non-Roadie Materials or a Third Party Solution (v) any Customer Data or (vi) the actions or omissions of any person or entity other than Roadie.
7.2 Remedy for Infringement. Should Customer’s right to use the Products or Professional Services pursuant to this Agreement be subject to a Claim of infringement or if Roadie reasonably believes such a Claim of infringement may arise, Roadie may, at its option and in its sole discretion (i) procure for Customer the right to continue to access and use the Product and Professional Services; (ii) modify the Product or Professional Services to render them non-infringing but substantially functionally equivalent to the Product or Professional Services prior to such modification; or (iii) if the alternatives described in sections (i) and (ii) of this paragraph are not commercially practicable, then Roadie may terminate this Agreement and as applicable refund to Customer any amounts pre-paid by Customer for the Professional Services for the unused portion of Professional Services and the prorated amount pre-paid by Customer for the Product for the period of time following termination
7.3 Customer Indemnification. Customer agrees to defend, indemnify and hold harmless Roadie against any Claims made or brought against Roadie: (i) by a third party alleging that the Customer Data or any other information provided by Customer to Roadie for use in connection with the Roadie Platform Subscription, Product or Professional Services, infringes or violates the intellectual property rights or privacy/data protection rights of a third party or (ii) relating to a breach of the Customer Responsibilities as set out in section 2.2, and to indemnify Roadie from any damages finally awarded by a court of competent jurisdiction against Roadie or amounts agreed to in settlement in connection with any such Claims. Roadie shall: (a) promptly notify Customer in writing of the Claim; (b) ensure Customer has control of the defence and all related settlement negotiations relating to the Claim, provided however the settlement of any Claim shall not be made without advance written permission of Roadie, which shall not be unreasonably withheld; and (c) provide Customer with the assistance, information and authority reasonably necessary to perform the above. Roadie shall promptly provide Customer with written notice of any Claim which Roadie believes falls within the scope of this section. Roadie’s failure to provide written notice to Customer shall not affect Customer’s indemnification obligations hereunder except to the extent that Customer is materially prejudiced thereby. At any time after Customer becomes aware of any such Claim, Customer may procure for Roadie the right to continue to use the information for use in connection with the Product or Professional Services at its own expense. Roadie shall not be responsible for any delay or disruption to the Customer’s use of the Product or Professional Services, including any damages stemming therefrom, caused by a Claim falling under this section.
8. LIMITATION OF LIABILITY
IN NO EVENT SHALL EITHER PARTY HAVE ANY LIABILITY TO THE OTHER FOR ANY LOST PROFITS OR REVENUES, LOSS OF DATA (EXCLUDING PERSONAL DATA) OR FOR ANY INDIRECT, SPECIAL, INCIDENTAL, CONSEQUENTIAL, COVER OR PUNITIVE DAMAGES, HOWEVER CAUSED, WHETHER IN CONTRACT, TORT OR UNDER ANY OTHER THEORY OF LIABILITY, AND WHETHER OR NOT THE PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES EXCEPT FOR ITS LIABILITY ARISING OUT OF ROADIE’S (I) FRAUD, OR WILLFUL MISCONDUCT; OR (II) NEGLIGENCE LEADING TO DEATH OR PERSONAL INJURY. OTHER THAN WHERE LIABILITY CANNOT BE LIMITED BY LAW, IN NO EVENT SHALL ROADIE’S LIABILITY FOR DAMAGES UNDER THIS AGREEMENT FOR ANY CAUSE WHATSOEVER, AND REGARDLESS OF THE FORM OF THE ACTION, EXCEED THE FEES PAID BY CUSTOMER FOR THE ROADIE PLATFORM SUBSCRIPTION DURING THE 12-MONTH PERIOD IMMEDIATELY PRECEDING THE INCIDENT. CUSTOMER ACKNOWLEDGES THAT THE AMOUNT OF FEES PAYABLE BY CUSTOMER TO ROADIE HEREUNDER REFLECT THE ALLOCATION OF RISK SET FORTH IN THIS AGREEMENT AND THAT ROADIE WOULD NOT HAVE ENTERED INTO THIS AGREEMENT WITHOUT THE LIMITATIONS ON ITS LIABILITY CONTAINED IN THIS SECTION. THESE LIABILITY LIMITATIONS APPLY EVEN IF CONTRACTUAL REMEDIES FAIL OF THEIR ESSENTIAL PURPOSE.
9. TERM AND TERMINATION
9.1 Term of Agreement. Unless otherwise terminated as provided herein, this Agreement commences on the Commencement Date or the date of Customer’s signature of the Order Form, whichever is the earlier. The Agreement continues until the end of the Initial Subscription Term at which point this Agreement will automatically renew for successive periods of one year (each a “Renewal Period”), unless either party gives notice of termination at least 60 days in advance of the end of the Renewal Period or otherwise earlier terminated as provided in this Agreement. The Initial Subscription Term and any Renewal Period are together referred to as the “Subscription Term”.
9.2 Termination for Cause. A party may terminate this Agreement for cause (i) upon 30 days written notice to the other party of a material breach if such breach remains uncured at the expiration of such period, or (ii) if the other party becomes the subject of a petition in bankruptcy or any other proceeding relating to insolvency, receivership, liquidation or assignment for the benefit of creditors. Upon termination for cause by Customer under part (i) above, Roadie shall pay any pro-rated amounts pre-paid by Customer in relation to the Subscription Term for the period of time following termination. Upon any termination for cause by Roadie under part (i) above, Customer shall pay any unpaid fees covering the remainder of the Roadie Platform Subscription after the effective date of termination. In no event shall any termination relieve Customer of its obligation to pay any Fees payable to Roadie for any period prior to the effective date of termination.
9.3 Surviving Provisions. Sections 1, 3, 4, 5, 6, 7, 8 and 10 shall survive any termination or expiration of this Agreement.
10. GENERAL PROVISIONS
10.1 Export Compliance. Each party shall comply with the export laws and regulations of the United States, European Union and other applicable jurisdictions in providing and using the Product and/or Professional Services. Without limiting the foregoing, (i) each of Roadie and Customer represents that it is not named on any U.S. nor EU government list of persons or entities prohibited from receiving exports, and (ii) Customer shall not permit Users to access or use Product nor Professional Services in violation of any U.S. nor EU export embargo, prohibition or restriction.
10.2 Update to Terms of Service. Roadie reserve the right to modify these Terms of Service at any time. Material changes will be notified to Customer by email and acceptance of changes to the Terms of Service is constituted by: (i) continued use of the Roadie Platform thirty (30) days after the modified Terms of Service have been notified or (ii) Customer’s indication of agreement to the updated Terms of Service.
10.3 Force Majeure. Neither party shall be in default if a failure to perform any obligation hereunder is caused solely by supervening conditions beyond that party’s reasonable control, including acts of God, civil commotion, strikes, labour disputes and governmental demands or requirements. When a party’s delay or non-performance continues for a period of sixty (60) days or more, the other party may terminate this Agreement without penalty. Any prepaid amounts for Professional Services shall be refunded on a prorated basis.
10.4 Relationship of the Parties. The parties are independent contractors. This Agreement does not create a partnership, franchise, joint venture, agency, fiduciary or employment relationship between the parties.
10.5 No Third-Party Beneficiaries. There are no third-party beneficiaries to this Agreement.
10.6 Notices. Except as otherwise specified in this Agreement, all notices, permissions and approvals hereunder shall be in writing and delivered to the addresses or email addresses set forth on the Order Form, or provided at time of purchase, and shall be deemed to have been given upon: (i) the date of delivery by hand, (ii) the second business day after overnight delivery, (iii) the first business day after sending by email.
10.7 Publicity. Roadie may use the Customer’s name, logo, or trademarks on the Roadie website and in its marketing materials to reference Customer as a Roadie customer.
10.8 Severability. If any provision of this Agreement is held by a court of competent jurisdiction to be contrary to law, the provision shall be modified by the court and interpreted so as best to accomplish the objectives of the original provision to the fullest extent permitted by law, and the remaining provisions of this Agreement shall remain in effect.
10.9 Anti Corruption. Customer shall ensure that it and each person referred to in section 10.9(i) to 10.9(iii) does not, by any act or omission place Roadie in breach of any Bribery Laws in connection with the provision of Product and or Professional Services and this Agreement, ensure that it has in place adequate procedures to prevent any breach of this section 10.9 and ensure that: (i) all of the Customer’s personnel and all direct and indirect subcontractors, suppliers, agents and other intermediaries of the Customer, (ii) all others associated with the Customer, and (iii) each person employed by or acting for or on behalf of those listed in sections 10.9(i) to (iii) involved in performing services or this Agreement so comply.
10.10 Assignment. Customer may not assign the rights granted under this Agreement, in whole or in part and whether by operation of contract, law or otherwise, without the other party’s prior written consent. Such consent shall not be unreasonably withheld or delayed. For purposes of this provision, a change of control shall constitute an assignment. All terms and conditions of the Agreement shall be binding upon any assignee hereunder; assignee’s acceptance of these terms shall be evidenced by its performance hereunder.
10.11 Order of Precedence. Where there is a conflict between these terms and conditions and the Order Form, the Order Form shall apply to the extent of the conflict.
10.12 Governing Law; Venue. This Agreement, and any disputes arising out of or related hereto, shall be governed exclusively by the laws of Ireland and the parties hereby agree to submit any dispute arising therefrom to the exclusive jurisdiction of the Irish Courts.
Annex 1 Data Processing Addendum (“DPA”)
1. PURPOSE
This Data Processing Addendum forms part of the Agreement entered into by and between Customer and Roadie. The purpose of this DPA is to reflect the parties’ agreement with regard to the processing of Personal Data in the course of the provision of the Product and/or Professional Services in accordance with the requirements of EU/UK Data Protection Law.
2. DEFINITIONS
Agreement: the Agreement between Customer and Roadie to which this DPA is appended.
Controller: the person who, either alone or with others, determines the purpose and means of the processing of Personal Data.
Data Subject: an identified or identifiable natural person about whom the Personal Data relates.
EEA: the European Economic Area.
EU/UK Data Protection Law: (i) Regulation 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the Processing of Personal Data and on the free movement of such data (General Data Protection Regulation) (the “EU GDPR”); (ii) the EU GDPR as saved into United Kingdom law by virtue of section 3 of the United Kingdom’s European Union (Withdrawal) Act 2018 (the “UK GDPR”); (iii) the EU e-Privacy Directive (Directive 2002/58/EC); and (iv) any and all applicable national data protection laws made under, pursuant to or that apply in conjunction with any of (i), (ii) or (iii); in each case as may be amended or superseded from time to time;
Personal Data: Customer Data that is “personal data” as such term is understood under EU/UK Data Protection Law.
Personal Data Breach: means any breach of security leading to the accidental or un-lawful destruction, loss, alteration, unauthorised disclosure of, or access to, any Personal Data;
Processing and process: has the meaning given to that term in the EU/UK Data Protection Law.
Processor: a person which processes Personal Data on behalf of the Controller.
Restricted Transfer: (i) where the EU GDPR applies, a transfer of personal data from the European Economic Area to a country outside of the European Economic Area which is not subject to an adequacy determination by the European Commission; and (ii) where the UK GDPR applies, a transfer of personal data from the United Kingdom to any other country which is not based on adequacy regulations pursuant to Section 17A of the United Kingdom Data Protection Act 2018;
Roadie Personnel: employees, agents and independent contractors of Roadie or of a Roadie Affiliate.
Standard Contractual Clauses: (i) where the EU GDPR applies, the contractual clauses annexed to the European Commission’s Implementing Decision 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council (“EU SCCs”); and (ii) where the UK GDPR applies, the International Data Transfer Addendum to the EU Commission Standard Contractual Clauses adopted pursuant to or permitted under Article 46 of the UK GDPR (“UK SCCs”);
Note: Capitalised terms not defined in the DPA are as defined in the Agreement.
3. CONTROLLER AND PROCESSOR
3.1 The Customer is the controller of all Customer Data that is Personal Data and Roadie acts as a processor of that Personal Data.
3.2 Roadie controls Personal Data that is ancillary to this Agreement, e.g. billing, marketing and support data that is not processed via the Product. This Personal Data is processed in accordance with Roadie’s Privacy Notice available athttps://roadie.io/legal-notices/privacy-notice/.
4. DETAILS OF THE PROCESSING CONTEMPLATED UNDER THIS DPA
4.1 The details of the processing contemplated under this DPA are described in Schedule 1.
4.2 Roadie may provide notice of change to the description of the Personal Data to be processed or to the remainder of this DPA, where an update is required due to changes to the Product or Professional Services or changes required due to applicable EU/UK Data Protection Law, including their interpretation. Acceptance of changes to the DPA is constituted by: (i) continued use of the Roadie Platform thirty (30) days after the modified DPA has been notified or (ii) Customer’s indication of agreement to the updated DPA
5. PROCESSING OF PERSONAL DATA.
Roadie’s obligations as Data Processor
5.1 As the processor with respect to Personal Data, Roadie acknowledges and agrees that:
5.1.1 Roadie must, and shall procure that its subprocessors shall, process Personal Data only for the purposes of fulfilling its obligations under this Agreement and in accordance with relevant documented instructions from Customer (unless required to do so by a Union or member state law to which Roadie is subject; in such a case Roadie shall inform Customer of that legal requirement before processing, unless the law prohibits such information on important grounds of public interest). Customer agrees to provide Roadie with documented instructions relating to Personal Data under the Agreement.
5.1.2 Roadie agrees to make reasonable efforts to assist Customer in ensuring compliance with the obligations pursuant to Articles 32 to 36 of the GDPR taking into account the nature of the processing and the information available to Roadie.
5.1.3 Roadie will not disclose any Personal Data to a third party, except at Customer’s specific request or where obliged to do so under any statutory or other legal requirement (in which case Roadie will use reasonable endeavours to advise Customer in advance of such disclosure and in any event immediately thereafter); and
5.1.4 Roadie or its sub-processors will transfer Personal Data outside the European Economic Area (“EEA”), under the terms of section “Transfers of Personal Data Outside the EEA” (below).
Customer’s obligations as controller
5.2 In addition to Customer’s other responsibilities set out elsewhere in the Agreement, Customer also acknowledges and agrees that:
5.2.1 Customer has and will continue to abide by an appropriate privacy notice relating to the collection and use of Personal Data.
5.2.2 Customer shall comply with:
(a) all EU/UK Data Protection Law in connection with the processing of Personal Data and in the exercise and performance of Customer’s respective rights and obligations under this Agreement; and
(b) the terms of this Data Processing Addendum and the Agreement.
5.2.3 Customer states that:
(a) all data sourced by Customer for use in connection with the Product or Professional Services shall comply in all respects, including in terms of its collection, storage and processing (which shall include Customer providing all of the required fair processing information to, and obtaining all necessary consents from, Data Subjects), with EU/UK Data Protection Law; and
(b) all instructions given by it to Roadie in respect of Personal Data shall at all times be in accordance with EU/UK Data Protection Law.
5.2.4 Customer shall not withhold, delay or condition Customer’s agreement to any change to this Agreement requested by Roadie in order to ensure Roadie (and each subprocessor) can comply with EU/UK Data Protection Law.
6. SECURITY MEASURES
6.1 Each party agrees to take appropriate, and industry standard, technical and organizational measures against unauthorized or unlawful access or processing of Personal Data in connection with this Data Processing Addendum and the Agreement or its accidental loss, destruction or damage. Roadie agrees to apply the Roadie Platform Security Measures (available on request), which may be updated from time to time.
6.2 Roadie shall, and shall procure that its subprocessors shall, take all reasonable steps to ensure that Personal Data processed in connection with this Data Processing Addendum and the Agreement is processed in compliance with the obligations under Article 32 of the GDPR relating to security of processing.
7. PERSONAL DATA BREACH NOTIFICATIONS
7.1 Roadie will promptly notify Customer of any known or reasonably suspected breach of security leading to a Personal Data Breach.
7.2 In respect of any Personal Data Breach, Roadie shall:
7.2.1 notify the Customer of the Personal Data Breach without undue delay (but in no event later than 72 hours after becoming aware of the Personal Data Breach); and
7.2.2 provide the Customer without undue delay (wherever possible, no later than 72 hours after becoming aware of the Personal Data Breach) with such details as the Customer reasonably requires regarding:
(a) the nature of the Personal Data Breach (including, the categories and approximate numbers of data subjects and Personal Data records concerned);
(b) any investigations into such Personal Data Breach;
7.2.3 the likely consequences of the Personal Data Breach; and
7.2.4 any measures taken, or that Roadie recommends, to address the Personal Data Breach, including to mitigate its possible adverse effects,
provided that, (without prejudice to the above obligations) if Roadie cannot provide all these details within the timeframes set out in this section 7.2, it shall (before the end of such timeframes) provide the Customer with reasons for the delay and when it expects to be able to provide the relevant details (which may be phased), and give the Customer regular updates on these matters.
7.3 If a Personal Data Breach occurs Roadie shall:
7.3.1 take such steps and do all acts and things as the Customer requires in order to mitigate the effects of the Personal Data Breach; and
7.3.2 restore to the last available backup any Customer Data that has been lost, damaged or destroyed by the Personal Data Breach.
8. AUDITS
Roadie will make available to Customer all information necessary to demonstrate compliance with the data processing obligations laid down in this DPA including by allowing for and contributing to reasonable audits to determine Roadie’s compliance with its obligations under this DPA. These audits (of frequency of no more than once per year, except where there is reason to suspect a breach of the obligations may have occurred) may be conducted by Customer, auditors mandated by Customer, or public authorities in competent jurisdictions, subject to Customer and Customer’s auditors (if relevant) undertaking reasonable and appropriate confidentiality obligations.
9. CONFIDENTIALITY
Roadie shall, and shall procure that its subprocessors shall, ensure that any persons to whom Roadie discloses Personal Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality with respect to the Personal Data.
10. TRANSFER OF PERSONAL DATA TO THIRD PARTY PROVIDERS.
Subprocessors appointed by Roadie:
10.1 The Product and Professional Services may include an element of hosting. As such, Roadie uses third party providers to provide certain services, including hosting. A list of these third party providers is available at https://roadie.io/legal-notices/sub-processors/ (“Subprocessor Details”).
10.2 These subprocessors will have access to certain data, including relevant Personal Data, however such subprocessors are only permitted to process data, for the purposes of providing their specifically contracted services to Roadie.
10.3 Roadie will use commercially reasonable efforts to ensure that such subprocessors utilize reasonable industry recognized security measures to protect against loss, misuse and unauthorized viewing of the information Customer provides to Roadie.
Third Party Providers Appointed by Customer:
10.4 Customer may elect to subscribe to third party services that may integrate with the Product or Professional Services (Third Party Solutions as defined in the Agreement)
10.5 Where Customer chooses to integrate with a Third Party Solution, this may entail providing Roadie with access to Personal Data held by such Third Party Solution, and may require the providers of such Third Party Solution to have access to Personal Data. Customer must notify Roadie and put in place a written contract between Customer and Roadie as required under Article 28 GDPR relating to any extra categories of Personal Data that Roadie will process on behalf of Customer due to such integration. Customer shall not send any personal data to Roadie unnecessarily.
10.6 With regard to Third Party Solutions, Customer acknowledges and agrees that:
10.6.1 Roadie has no contractual relationship with such third parties (or if it does, it is relating to Roadie’s relationship to that party and not Customer’s nor Customer Data), and no responsibility for Personal Data once such a transfer commences, nor for the duration such third party holds the relevant data. Roadie does not audit the adequacy or otherwise confirm the security or organizational measures employed by such third parties, which is Customer’s sole responsibility.
10.6.2 Customer is responsible for ensuring that Customer’s and Roadie’s use of the Product and Professional Services and integration with a Third Party Solution complies with any service terms of the applicable Third Party Solution. Roadie is not required to maintain Personal Data collected in breach of any relevant data protection or other applicable laws.
10.6.3 Customer is responsible for obtaining consent from its personnel for the use and deployment of all Third Party Solutions or Customer Data subject to the E-Privacy Directive that will process data regulated by the E-Privacy Directive on the Product.
10.7 Roadie makes no representations as to the appropriateness or legality of Customer’s choice to permit such third parties to have access to its Personal Data, and Customer is responsible for ensuring that it has all requisite consents and has provided any required notices to data subjects with respect to this processing of their data. Roadie is not responsible for the processing of Personal Data by Third Party Solutions.
10.8 SUPPLIER HEREBY DISCLAIMS ALL RESPONSIBILITY FOR THE ACTIONS OF SUCH THIRD PARTIES OR FOR LOSS, DAMAGES, OR CLAIMS ARISING AS A RESULT OF DEPLOYING INTEGRATION CODE FACILITATING TRANSFERS OF PERSONAL DATA OR MAKING A TRANSFER OF PERSONAL DATA ON CUSTOMER’S BEHALF. SUPPLIER MAKES NO REPRESENTATIONS OR WARRANTIES AS TO THE SUITABILITY OF SUCH THIRD PARTY FOR RECEIPT OF PERSONAL DATA NOR OF THE SUITABILITY OF THE THIRD PARTY SOLUTIONS TO PROCESS PERSONAL DATA.
11. PROCESSING OF PERSONAL DATA BY SUBPROCESSORS OF SUPPLIER
11.1 Roadie may only authorise a subprocessor to process Personal Data provided that Roadie has entered into a written agreement with such subprocessor on terms which are substantially the same as those set out in this DPA. Where a subprocessor fails to fulfil its data protection obligations, Roadie shall remain liable to Customer for the performance of the data protection obligations of the relevant subprocessor.
11.2 Customer provide a general authorisation to Roadie to engage the subprocessors as are appointed on the date this DPA comes into force.
11.3 Roadie will with thirty (30) days’ notice inform Customer of any additional subprocessors that will process Personal Data under this Agreement and Customer shall be entitled to make any objections thereto. If no objections have been received within ten (10) days, the proposed subprocessor shall be deemed accepted. If Customer does not agree to the subprocessor, the parties shall attempt to settle the disagreement and if the parties cannot agree on the use of a subprocessor, Roadie may terminate this Agreement by providing written notice, such termination to take effect on the earlier of (i) the date on which Roadie will commence using the services of the relevant subprocessor in relation to the Product and/or Professional Services provided to Customer or (ii) one (1) month after the date of Customer’s written notice.
11.4 As listed in the Subprocessor Details, some Roadie subprocessors process Personal Data outside the EEA. Customer consents to this processing by Roadie, provided the following provisions are in place:
11.4.1 the subprocessor is processing the Personal Data in a territory which is subject to adequacy decision that the territory provides adequate protection for the privacy rights of individuals; or
11.4.2 the subprocessor participates in a valid cross-border transfer mechanism under the EU GDPR and UK GDPR, such as the Standard Contractual Clauses or Data Privacy Framework so that Roadie (and, where appropriate, the Customer) can ensure that appropriate safeguards are in place to ensure an adequate level of protection with respect to the privacy rights of individuals as required.
11.5 Other than with respect to the transfer of Personal Data to subprocessors listed in the Subprocessor Details, Roadie will only transfer Personal Data outside the EEA or UK on Customer’s specific request. Examples of why Customer may make such a request are transfers of such data to Customer or Customer’s affiliates, where Customer or Customer’s affiliate is based outside the EEA or UK; a transfer to a third party outside of the EEA or UK for further processing of the data; a specific request by Customer that Roadie uses an third party hosting provider or where Customer opts to integrate with a Third Party Solution outside of the EEA or UK.
11.6 Where Customer opts to send Personal Data to Third Party Solutions via integration or plug-in, Customer agrees that providers of Third Party Solutions are not subprocessors of Roadie for data protection purposes and such providers are Customer’s directly-contracted data processors acting under Customer’s instructions.
11.7 In making a request for Roadie to transfer Personal Data, subject to EU GDPR or UK GDPR and related privacy regulations outside of the EEA or UK, Customer confirms that there is “an adequate level of protection” in place for such transfer as such term in understood under EU/UK Data Protection Law.
11.8 Customer will indemnify and hold harmless Roadie, its subsidiaries and affiliates (and their respective employees, directors, officers, shareholders, attorneys, agents and representatives) from and against any and all claims, costs, losses, damages, judgments, penalties, interest and expenses (including reasonable attorneys’ fees and costs) from any claim, action, audit, investigation, regulatory action, inquiry or other proceeding that arises out of or relates to use of Personal Data by Third Party Solutions, or other transferees, or Customer’s failure to comply with any applicable laws and regulations in connection with the transfer of the Personal Data outside the EEA including any applicable data protection legislation or that arises out of or relates to any subsequent use of the Personal Data by the relevant transferee. This indemnification obligation set forth herein shall survive the termination of the Agreement.
12. RESTRICTED TRANSFERS
12.1 Personal Data may be transferred or stored outside the country where Customer or Customer’s Authorised Users are located in order to carry out the Services and our other obligations under the Agreement.
12.2 The parties agree that when the transfer of Personal Data from Customer to Supplier is a Restricted Transfer it shall be subject to the appropriate Standard Contractual Clauses as follows:
12.2.1 in relation to Personal Data that is protected by the EU GDPR, the EU SCCs will apply completed as follows:
(i) Module Two will apply;
(ii) in Clause 7, the optional docking clause will apply;
(iii) in Clause 9, Option 2 will apply, and the time period for prior notice of sub-processor changes shall be as set out in Clause 11.3 of this DPA;
(iv) in Clause 11, the optional language will not apply;
(v) in Clause 17, Option 1 will apply, and the EU SCCs will be governed by Irish law;
(vi) in Clause 18(b), disputes shall be resolved before the courts of Ireland;
(vii) Annex I of the EU SCCs shall be deemed completed with the information set out in Schedules 4 to this Agreement;
(viii) Annex II of the EU SCCs shall be deemed completed with the information set out in Schedule 3 to this Agreement, and
(ix) Annex III of the EU SCCs shall be deemed completed with the information set out in Schedule 2 to this Agreement.
12.2.2 in relation to Personal Data that is protected by the UK GDPR, the UK SCCs will apply completed as follows:
(i) Annex 1A of the UK SCCs shall be deemed completed with the information set out in Schedule 4 to this Agreement
(ii) Annex 1B shall be deemed completed with the information set out in Schedule 1 of this Agreement
(iii) Annex II of the UK SCCs shall be deemed completed with the information set out in Schedule 3 to this Agreement;
(iv) Annex III of the UK SCCs shall be deemed completed with the information set out in Schedule 2 to this Agreement; and
(v) Table 4 of the UK SCCs shall be answered with “neither party”.
12.2.3 in the event that any provision of this Agreement contradicts, directly or indirectly, the Standard Contractual Clauses, the Standard Contractual Clauses shall prevail.
12.3 The parties agree that when the transfer of Personal Data from Supplier to Customer is a Restricted Transfer it shall be subject to the appropriate Standard Contractual Clauses as follows:
12.3.1 in relation to Personal Data that is protected by the EU GDPR, the EU SCCs will apply completed as follows:
(i) Module Four will apply;
(ii) in Clause 7, the optional docking clause will apply;
(iii) in Clause 11, the optional language will not apply;
(iv) in Clause 17, the EU SCCs will be governed by Irish law;
(v) in Clause 18, disputes shall be resolved before the courts of Ireland; and
(vi) Annex I of the EU SCCs shall be deemed completed with the information set out in Schedule 4 to this Agreement.
12.3.2 in relation to Personal Data that is protected by the UK GDPR, and where required, the UK SCCs will apply completed as follows:
(i) Annex 1A of the UK SCCs shall be deemed completed with the information set out in Schedule 4 to this Agreement
(ii) Annex 1B shall be deemed completed with the information set out in Schedule 1 of this Agreement
(iii) Annex II of the UK SCCs shall be deemed completed with the information set out in Schedule 3 to this Agreement; and
(iv) Table 4 of the UK SCCs shall be answered with “neither party”.
12.3.3 in the event that any provision of this Agreement contradicts, directly or indirectly, the Standard Contractual Clauses, the Standard Contractual Clauses shall prevail.
12.4 All Customer requests to transfer Personal Data outside the EEA and UK, must be made to Supplier via email or in writing.
12.5 Roadie agrees to enter into an alternate module of the EU SCCs or UK SCCs with Customer where reasonably required to ensure an “adequate level of protection” is in place for the transfer of such Personal Data outside the EEA. As Roadie may not be aware of jurisdictions where Customer is regulated, Customer must request this and reference the correct module of the EU SCCs or UK SCCs in the Order Form.
12.6 Roadie has entered into EU SCCs with its subprocessors that process data outside the EEA.
12.7 The parties agree to cooperate where, due to changes in law or practice, an alternate data transfer mechanism is required to be put into operation to ensure an “adequate level of protection” is in place for transfer of data outside the EEA under EU/UK Data Protection Law.
12.8 Further to the above, Customer agrees to cooperate with Roadie where reasonable Supplementary Measures are required to be implemented to ensure compliance with the EU or UK level of protection of Personal Data including in respect of additional data processing terms in Customer contracts.
13. SUBJECT ACCESS REQUESTS
13.1 Roadie will promptly assist Customer with all notices, requests or other enquiries relating to the data protection rights which may be received by Customer or Roadie, at Customer’s reasonable expense.
13.2 Roadie will not respond to any subject access request without the Customer’s prior written approval unless required to do so by law or direction of a relevant regulator.
14. RETURN OR DELETION OF PERSONAL DATA
Immediately on termination or expiry of this Agreement, or otherwise on Customer’s request, Roadie must and shall procure that its subprocessors shall:
14.1 return all Personal Data to Customer; or
14.2 delete all the Personal Data, in a manner agreed to by Customer;
at Customer’s election, unless a law binding on Roadie or its subprocessors prevents it from doing as requested or unless otherwise agreed in the Agreement (for example, where the Customer has requested Roadie continue to store Personal Data in order to ensure compliance with a legal obligation). If Customer has not made their election within 30 days of termination of the Agreement, Roadie shall delete the Personal Data.
15. OBLIGATIONS INDEPENDENT OF OTHER PROVISIONS
The obligations contained in this DPA are without prejudice to Roadie’s other obligations under this Agreement and apply notwithstanding any permitted use or disclosure of confidential information in this Agreement.
16. COSTS
16.1 Subject to sections 16.2 and 16.3, the costs of Roadie and its subprocessors to comply with their respective obligations as data processors under EU/UK Data Protection Law applicable in a specific jurisdiction shall be borne by Roadie and its subprocessors to the extent compliance with such obligations is necessary for Roadie and/or its subprocessors’ compliance with applicable EU/UK Data Protection Law in their role as data processors in the jurisdiction in question.
16.2 Notwithstanding section 16.1, if Customer requests Roadie to take on compliance activities which go beyond the activities that Roadie is required to do as a processor under applicable EU/UK Data Protection Law, Roadie shall be entitled to its reasonable costs and the above shall be notified to Roadie and agreed pursuant to a further Order Form.
16.3 Should changes to applicable EU/UK Data Protection Law, including the interpretation thereof, entail increased costs for Roadie or its subprocessors, Roadie may, subject to providing written notice Customer, increase the rates charged to Customer to reflect the increased costs. The increase to Customer should be fair and reasonable and should be proportional to what other similar customers are being asked to pay.
17. WARRANTY and SUPPLIER LIABILITY
17.1 By using the Product to process Personal Data, Customer states that Customer’s collection and processing of Personal Data does not breach the rights of any person or entity, including rights of publicity, privacy or under applicable EU/UK Data Protection Law, that Customer is entitled to transfer the relevant Personal Data to Roadie, and that Roadie is entitled to transfer Personal Data to its subprocessors and all Third Party Solutions so that they each respectively may lawfully use, process and transfer such Personal Data in accordance with this DPA and the Agreement.
17.2 The liability of Roadie relating to Personal Data processed in connection with the Product and/or Professional Services is limited to direct losses related to:
17.2.1 any breach by Roadie of any of its Personal Data obligations under this DPA; or
17.2.2 Roadie (or any person acting on its behalf) acting outside or contrary to the lawful processing Instructions of the Customer in respect of the processing of Personal Data.
17.3 Any claims brought under or in connection with this DPA shall be subject to the Agreement, including but not limited to, the exclusions and limitations of liability set forth in the Agreement. .
18. INTERPRETATION
18.1 The parties agree that this DPA shall replace any existing data protection terms the parties may have previously entered into in connection with the Product or Professional Services relating to Personal Data.
18.2 Except for the changes made by this DPA, the Agreement remains unchanged and in full force and effect. If there is any conflict between this DPA and the Agreement, this DPA shall prevail to the extent of that conflict.
Schedule 1 to Annex 1 – Details of the Processing
The subject matter of the processing is: log-in details, logs and usage data for Users.
The duration of the processing is: the duration of the Agreement plus 30 days for Customer to elect return/deletion of the Personal Data.
The nature and purpose of the processing is: to manage access to and use of the Roadie Platform.
The type of Personal Data is: email address, password, name, company, log data related to the User.
The categories of data subjects are: Users
Schedule 2 to Annex 1 – Subprocessors
https://roadie.io/legal-notices/sub-processors/
Schedule 3 to Annex 1 – Security Measures
As per Roadie Platform Security Measures document(available on request).
Schedule 4 to Annex 1 – Details for Standard Contractual Clauses
A. LIST OF PARTIES
Data exporter(s):
Name: | Each of the Customer entities identified in the Order Form. |
Address: | The addresses of each of the Customer entities identified in the Order Form. |
Contact person’s name, position and contact details: | See Order Form. |
Activities relevant to the data transferred under these Clauses: | See “B. Description of Transfer” below |
Signature and date: | This Schedule 4 shall be deemed executed upon execution of the Agreement. |
Role (Controller/Processor): | Controller |
Processor(s) / Data importer(s):
Name: | Larder Software Limited, T/A Roadie. |
Address: | The Black Church, Saint Mary’s Place North, Dublin, D07 P4AX, Ireland |
Contact person’s name, position and contact details: | Data protection enquiries can be addressed to: [email protected] |
Activities relevant to the data transferred under these Clauses: | Provision of the Product to its customers. |
Signature and date: | This Schedule 4 shall be deemed executed upon execution of the Agreement |
Role (Controller/Processor): | Processor |
B. DESCRIPTION OF TRANSFER
Categories of Data Subjects whose Personal Data is transferred: | Please see Schedule 1 |
Categories of Personal Data transferred: | Please see Schedule 1 |
Sensitive data transferred (if applicable) and applied restrictions or safeguards that fully take into consideration the nature of the data and the risks involved, such as for instance strict purpose limitation, access restrictions (including access only for staff having followed specialised training), keeping a record of access to the data, restrictions for onward transfers or additional security measures: | Please see Order Form, if applicable. |
The frequency of the transfer (e.g. whether the data is transferred on a one-off or continuous basis): | Continuous for the duration of the Agreement. |
Nature of the Processing: | Please see Schedule 1 |
Purpose(s) of the data transfer and further Processing: | Please see Schedule 1 |
The period for which the Personal Data will be retained, or, if that is not possible, the criteria used to determine that period: | Please see Schedule 1 |
For transfers to (sub-) Processors, also specify subject matter, nature and duration of the Processing: | Please see Schedule 1 |
C. COMPETENT SUPERVISORY AUTHORITY
Identify the competent supervisory authority/ies in accordance (e.g. in accordance with Clause 13 SCCs): | Where the EU GDPR applies, the competent supervisory authority shall be determined in accordance with Clause 13 of the EU SCCs. Where the UK GDPR applies, the competent supervisory authority shall be the UK Information Commissioner’s Office. |