Terms of Service

Latest Update: Nov 1, 2024

1. Agreement; Access to the Service and Permitted Scope of Use.

(a) Agreement. 

(i) These Terms of Service (which includes any and all Schedules, Appendixes and/or Exhibits hereto) constitutes a binding agreement by and between the applicable Burt entity (determined pursuant to and in accordance with Section 10(b) hereof) (such entity, “Burt”) and the legal entity that enters into the applicable Order Form(s) that incorporate these Terms of Service (such entity, “Customer”).  Capitalized terms not otherwise defined in the body of these Terms of Service have the respective meanings assigned thereto in Section 11 hereof.

(ii) Burt will provide the Service to Customer pursuant to this Agreement, consisting of these Terms of Service and “Order Forms” upon which the parties may agree in a writing signed by an authorized representative of each party from time to time (each, including any and all Schedules, Appendixes and/or Exhibits thereto, an “Order Form”; these Terms of Service, collectively with any and all Order Forms, this “Agreement”).  Each Order Form, each of which will be deemed to incorporate these Terms of Service (as supplemented or amended from time to time pursuant to the terms hereof), will set forth additional terms and conditions that are specific to the Service (or the particular portion(s), component(s), feature(s), element(s), and/or aspect(s) thereof) that is provided pursuant to such Order Form.  In the event of a conflict between these Terms of Service and any Order Form, these Terms of Service shall control, unless the particular Order Form expressly states otherwise.  The Service is provided subject to the terms and conditions of this Agreement, and, by an entering into an Order Form, Customer is agreeing to comply with the terms and conditions of such Order Form and these Terms of Service.

(b) Access to the Service and Permitted Scope of Use. Subject to all terms and conditions of this Agreement (including, for purposes of clarification and without limitation, Section 2 hereof), Burt hereby grants Customer the non-exclusive, non-transferable (other than pursuant to an assignment permitted under Section 10(f)(iv) hereof), and non-sublicensable right to access and use, during the term of this Agreement, the Service for Customer’s internal business purposes, it being understood and agreed that the foregoing shall not be deemed to limit any of Customer’s rights with respect to Customer Data (as defined in Section 5(a) hereof).  Throughout the term of this Agreement, and without limiting any of its other obligations under this Agreement, Customer will: (i) implement and maintain reasonable and appropriate measures to prevent unauthorized access to or use of the Service and its User IDs (as defined below), and promptly notify Burt if it becomes aware of any such unauthorized access or use (including, for purposes of clarification and without limitation, if any User ID is lost, stolen, or otherwise compromised); (ii) be solely responsible for all use of the Service under this Agreement; (iii) use the Service under this Agreement in compliance with its agreements with Connectors and other third parties; and (iv) be solely responsible, at Customer’s own expense, for acquiring, installing and maintaining such hardware, software and other equipment as may be necessary for Customer to connect to, access, and use the Service.  Pursuant to the grant described in the first sentence of this Section 1(b), Customer (x) will be provided with an account through which Customer may enable the permitted number (under each particular Order Form) of “Authorized Users” to access and use the Service and (y) may establish user identifications and passwords/access tokens through which Authorized Users may access and use the Service through Customer’s account (each such user identification and password/access token combination, together, a “User ID”).  Each particular User ID may be issued only to a particular Authorized User and may be used only by that particular Authorized User.

2. Restrictions on Use.

Customer will not, will not attempt to, and will not assist or permit any third party to: (a) access or use the Service except as expressly permitted by this Agreement; (b) use the Service in any unlawful or illegal manner or in any manner that could damage, disable, overburden or impair the Service; (c) interfere (whether through a device, software, mechanism, routine or otherwise) with the proper working of any component, feature, element, or aspect of the Service; (d) license, sublicense, distribute, sell, resell, rent, lease, transfer, assign, distribute, time share, or otherwise make available the Service, or any component, feature, element, or aspect of any of the foregoing (including, without limitation, by providing outsourcing, service bureau, hosting, application, service provider or online services) to any third party, or otherwise commercially exploit the Service, or any component, feature, element, or aspect of any of the foregoing; (e) copy, reproduce, modify, translate, disassemble, decompile, reverse engineer, create derivative works from, or attempt to discover the source code, object code, or any of the underlying structures, ideas, algorithms, or methods of operation of, or any of the trade secrets embodied in, the Service, or any component, feature, element, or aspect of any of the foregoing; (f) access or use the Service, or any component, feature, element, or aspect of any of the foregoing, to build a competitive product, service, or technology; or (g) breach any security measure provided by, or circumvent and access or use restriction of, the Service, or any component, feature, element, or aspect of any of the foregoing.

3. Term; Termination; Suspension.

(a) Term; Termination For Cause. Unless earlier terminated, these Terms of Service will remain in effect until all Order Forms have terminated. Either party may terminate this Agreement immediately upon written (including email) notice to the other party if the other party: (a) materially breaches this Agreement and fails to remedy such breach within thirty (30) days after receiving written (including email) notice of the breach from the other party; (b) materially breaches this Agreement in a manner that cannot be remedied; or (c) commences bankruptcy or dissolution proceedings, has a receiver appointed for a substantial part of its assets, or ceases to operate in the ordinary course of business.

(b) Suspension. Without limiting any of Burt’s rights under this Agreement, Burt may immediately suspend the provision, access and use of the Service under this Agreement upon prior written (including email) notice to Customer (i) following a material breach of this Agreement or (ii) if deemed reasonably necessary by Burt to prevent any damage, injury, or harm to the Service, Burt, any Authorized User, any other Burt customer or user of the Service, or any third party; provided, however, that, in the event of such a suspension, if, in Burt’s reasonable discretion, providing two (2) business days’ notice prior to suspension would not be expected to result in material harm or liability to Burt or material harm to the Service, Burt will use commercially reasonable efforts to provide Customer with at least two (2) business days’ notice prior to such suspension. 

(c) Effect of Termination. Upon termination of this Agreement for any reason: (i) Customer will immediately (A) cease all access to and use of the Service, (B) destroy all User IDs, and (C) destroy all Burt Confidential Information (as defined below) then in in Customer’s possession or control; and (ii) if the termination due to an uncured material breach of this Agreement by Burt, Burt will refund to Customer a prorated amount of any pre-paid fees with respect to the period from the effective date of termination through the end of the then-current term. Notwithstanding termination of this Agreement, any provisions of these Terms of Service that by their nature are intended to survive, will survive such termination. 

4. Intellectual Property Ownership.

(a) Ownership of the Service. As between the parties, Burt owns and shall retain all right, title and interest in and to its property, including, without limitation, the Service (including, for purposes of clarification, all components, features, element, and aspects thereof) (in each case, including, without limitation, all software, technologies, concepts, methodologies, techniques, models, templates, algorithms, trade secrets, processes, information, material, source codes, and know-how contained therein or related thereto, all modifications, updates, enhancements, and derivative works thereof, all documentation and manuals related thereto, and all other components, features, elements, and aspects thereof), the names “Burt” and “Burt Intelligence” and any and all derivatives of each of the foregoing, and any and all other trademarks, names, and logos that are owned or controlled by Burt and made available to Customer hereunder, and all intellectual property and other proprietary rights in and to all of the foregoing (collectively, the “Burt Property”). Customer will not remove, obscure or alter any copyright notice or legend or other proprietary rights notice or legend on or contained within the Service or any of the documentation or manuals related to any of the foregoing.

(b) Professional Services and Work Product. Customer may from time to time request that Burt performs certain customizations or other professional services relating to the Service (such additional customizations and services, collectively, are referred to herein as the “Professional Services”). The scope of all Professional Services will be detailed in one or more Order Forms. Unless otherwise agreed in a writing signed by authorized representatives of both parties: (i) all work product and/or services (including any and all deliverables) provided or developed in connection with the provision of the Service by Burt this Agreement, and all intellectual property and other proprietary rights therein and/or derived therefrom, shall be the sole and exclusive property of Burt (except any of Customer’s trademarks, service marks, data, or Confidential Information that may be contained therein and which shall remain the property of Customer); and (ii) upon full payment by Customer therefor, Burt shall be deemed to have hereby granted Customer a non-exclusive, non-transferable (except in connection with an assignment by Customer permitted pursuant to Section 10(f)(iv) hereof), worldwide license to use and disclose such work product and/or services (including any and all deliverables) developed hereunder.

(c) Feedback. If Customer (including, for purposes of clarification, any Authorized User) provides any feedback, suggestion(s) or recommendation(s) relating to the Service (“Feedback”): (i)  Burt shall be free to use (or not to use) such Feedback in its sole discretion without any obligations of any kind (including, for purposes of clarification and without limitation, payment) to Customer; (ii) Customer shall be deemed to have hereby granted Burt and its Affiliates a worldwide, perpetual, irrevocable, transferable, sublicensable, royalty-free, fully paid-up license to use, disclose, reproduce, display, distribute, create derivative works from, and otherwise fully exploit the Feedback for any purpose, provided that neither Burt nor any of its Affiliates will identify Customer (including any Authorized User) as the source of any Feedback; and (iii) Burt and its Affiliates shall have full ownership of any improvement, modification, and/or derivative work of the Service, and/or any new product or service, in each case that is created using such Feedback..

(d) Reservation of Rights; Disclaimer of Implied Licenses. Each of the parties hereto reserves any and all rights not expressly granted in this Agreement and disclaims all implied licenses, including, without limitation, all implied licenses to trademarks, copyrights, trade secrets, and patents.

5. Data.

(a) Customer Data. Without limiting any of the provisions of Section 6(c) hereof, Customer will be solely responsible for: (i) all data and other content that (A) is provided and/or made available to Burt in connection with this Agreement by or on behalf of Customer (including, without limitation, by any third-party service or platform) (collectively, “Customer Underlying Data”) and/or (B) is derived from Customer’s use of the Service under this Agreement with respect to Customer Underlying Data (collectively, “Customer Reporting”; Customer Underlying Data and Customer Reporting, together, “Customer Data”) (it being understood and agreed that nothing in the foregoing will be deemed to limit any of Burt’s obligations under this Agreement to provide the Service); and (ii) obtaining and maintaining all rights, authorizations, approvals, permissions, and consents necessary for Burt to receive, collect, use, and otherwise Process all Customer Data as contemplated by this Agreement. Without limiting any of the provisions of Section 4(b) hereof or any of the rights of Burt and/or its Affiliates under this Agreement (including this Section 5(a)), as between the parties: (i) Customer owns and shall retain all right, title and interest in and to all Customer Underlying Data; and (ii) with respect to the Customer Reporting (i.e., the output and reports) provided by Burt through the Service to Customer: (A) Customer shall own all right, title and interest in and to the data included in such Customer Reporting; and (B) Burt (x) shall own all of the formats and templates in and/or of such Customer Reporting and (y) shall be deemed to have hereby granted Customer a non-exclusive, non-transferable (except in connection with an assignment by Client permitted pursuant to Section 10(f)(iv) hereof), worldwide right and license to use and disclose the formats and templates in connection with the Customer Reporting. Without limiting any of either party’s rights under this Agreement with respect to the Customer Data, and subject to Burt’s obligations under Section 5(c) hereof, Customer hereby grants Burt and its Affiliates a non-exclusive, worldwide, perpetual, irrevocable, royalty-free, fully paid-up right and license to use, disclose, and otherwise Process Customer Data: (i) in order to provide the Service under this Agreement and to operate, manage, maintain, develop, and enhance its products and services (including, without limitation, the Service); (ii) in connection with internal operations and functions (including, without limitation, operational analytics and reporting, internal financial reporting and analytics, audit functions and archival purposes); and (iii) otherwise on an aggregated basis that does not identify and would not reasonably be expected to identify Customer, any of its Affiliates, any of its or their products or services, or any particular Authorized User (as so aggregated, “Aggregate Data”), it being understood and agreed that Burt shall own all right, title and interest in and to the Aggregate Data and may use, disclose, and otherwise Process the Aggregate Data for any lawful purpose, including, without limitation: to provide, operate, manage, maintain, develop, and enhance its products and services (including, without limitation, the Service); and to disclose and/or otherwise make it available to third parties for purposes such as marketing, research and analysis.

(b) Data Security. Burt shall implement and maintain reasonable and appropriate security measures with respect to the Customer Data

 in accordance with all Applicable Laws.

(c) Personal Data. 

(i) Notwithstanding anything to the contrary herein, other than pursuant to the provision and use of the Service in connection with a Covered Connector(s), Customer shall not provide or make available to Burt any Personal Data in the Customer Underlying Data; provided that in no event may Customer provide or make available to Burt any information that is deemed sensitive by any Applicable Law(s) or any Personal Data about a known “child” (as defined by Applicable Law) or an individual’s visit to a child-directed digital property.

(ii) In the event of the provision and/or use of the Service in connection with a Covered Connector(s) (if any) under this Agreement, then, with respect to the Personal Data within the Customer Underlying Data provided or made available to Burt under this Agreement (“Covered Customer Personal Data”):

1. General.

1. Each party will comply with its obligations relating to Covered Customer Personal Data under this Agreement and under all Applicable Laws (including, without limitation and to the extent applicable, all applicable sections of each such Applicable Law), it being understood and agreed that, for purposes hereof, with respect to Covered Customer Personal Data: (a) Customer is the Controller; and (b) Burt is a Processor that acts upon the instructions of Customer.

2. Without limiting any of its obligations under Section 6(c) hereof or the preceding clause (I), Customer: (a) will provide notice of Covered Customer Personal Data being collected, used, disclosed, and otherwise Processed, including as contemplated by this Agreement, in compliance with all Applicable Laws; and (b) will obtain all rights and consents necessary for such collection, usage, disclosure, and other Processing.

3. Without limiting the generality of the preceding clause (I), Burt: (a) will Process such Covered Customer Personal Data solely on behalf of, at the direction of, and pursuant to the instructions of Customer (including as to the subject matter and duration of the Processing, the nature and purpose of the Processing, the category(ies) of Personal Data and category(ies) of data subjects as set forth in Schedule I attached hereto, and as otherwise set forth in this Agreement); and (b) will maintain a record of all categories of Processing activities carried out on behalf of Customer with respect to Covered Customer Personal Data under this Agreement to the extent required by Applicable Laws.

4. Without limiting any of its obligations under Section 9 hereof, with respect to Burt’s employees engaged in Processing Covered Customer Personal Data, Burt: (a) will ensure that such employees are informed of the confidential nature of the Covered Customer Personal Data and are subject to appropriate confidentiality obligations sufficient to comply with the terms and conditions of this Agreement, which obligations will survive following termination of this Agreement for at least as long as the period required by this Agreement; (b) will ensure that such employees have received appropriate training on compliance with their confidentiality and data protection responsibilities (including under this Agreement and Applicable Laws); and (c) restrict such employees’ access to Covered Customer Personal Data to that which is strictly necessary to perform their respective duties under this Agreement.

5. Customer: (a) will have the rights (i) to take reasonable and appropriate steps to help to ensure that Burt uses the Covered Customer Personal Data in a manner consistent with Customer’s obligations under Applicable Laws and (ii) upon notice, to take reasonable and appropriate steps to stop and remediate unauthorized use of Covered Customer Personal Data; and (b) will (i) inform Burt of any consumer request under Applicable Law with respect to Covered Customer Personal Data that Burt must comply with and (ii) provide the information necessary for Burt to comply with such request.

6. Burt: (a) will promptly notify Customer if it determines that it can no longer meet its obligations relating to Covered Customer Personal Data under any Applicable Law; and (b) if and to the extent required by Applicable Law(s), upon the reasonable request of Customer, make available to Customer all information necessary to demonstrate Burt’s compliance with its obligations with respect to Covered Customer Personal Data under the  applicable Applicable Law(s).

2. US State Privacy Laws. Without limiting any of the obligations of Burt under this Agreement or under Applicable Laws, with respect to Covered Customer Personal Data relating to a data subject residing in a US Covered State (“US Covered Customer Personal Data”): 

1. Customer will be disclosing such US Covered Customer Personal Data to Burt under this Agreement for the “business purpose(s)” (as defined by CCPA) specified in Schedule I attached hereto and/or in the applicable Order Form(s), and Burt will Process such Covered Customer Personal Data solely on behalf of, at the direction of, and pursuant to the instructions of Customer and only as necessary to perform such business purpose(s) for Customer.

2. Burt will not: (a) “sell” (as defined by the applicable US State Privacy Law) or “share” (as defined by CCPA) US Covered Customer Personal Data; (b) retain, use, or disclose US Covered Customer Personal Data (i) for any purpose (including a “commercial purpose” (as defined by CCPA)) other than for the business purpose(s) specified in Schedule I attached hereto and/or in the applicable Order Form(s) or as otherwise permitted (whether or not expressly) by a Processor under the applicable US State Privacy Law or (ii) outside of the direct business relationship between Customer and Burt; or (c) if and to the extent prohibited by the applicable US State Privacy Law, combine the applicable US Covered Customer Personal Data with Personal Data that Burt receives from, or on behalf of, another person(s) or entity(ies), or “collects” (as defined by CCPA) from its own interactions with consumers, provided that Burt may combine such applicable US Covered Customer Personal Data (i) to perform any “business purpose” (as defined by the applicable US State Privacy Law or, if not defined by such US State Privacy Law, as defined by CCPA), except if and as prohibited by the applicable US State Privacy Law, and/or (ii) unless otherwise prohibited by a Processor under the applicable US State Privacy Law.

3. European Economic Area, United Kingdom, and/or Switzerland. With respect to Covered Customer Personal Data of a European Economic Area (“EEA”), United Kingdom (“UK”), and/or Switzerland data subject(s) (“Covered Customer GDPR Personal Data”), if and as applicable:

1. European Economic Area and Switzerland.

1. The Processing by Burt of Covered Customer GDPR Personal Data relating to an EEA or Switzerland data subject (including, without limitation, the transfer of such Covered Customer GDPR Personal Data from the EEA to a third country not providing an adequate level of protection) will be further governed by the EU SCCs (as defined below), which is incorporated by reference into these Terms of Service solely with respect to Covered Customer GDPR Personal Data relating to EEA and/or Switzerland data subjects.  If there is any conflict between (x) the terms and conditions of this Agreement and (y) the terms and conditions of the EU SCCs, then, with respect to Covered Customer GDPR Personal Data relating to an EEA and/or Switzerland data subject(s), the terms and conditions of the EU SCCs will control. 

2. Burt may only transfer Covered Customer GDPR Personal Data relating to an EEA or Switzerland data subject outside the EEA in compliance with Applicable Laws and pursuant to a data transfer mechanism then-recognized by the European Commission as a legitimate basis for the transfer of such Covered Customer GDPR Personal Data outside the EEA.

3. For purposes hereof, “EU SCCs” means the EU Standard Contractual Clauses (Transfers Controller-to-Processor) [Module Two thereunder], with Customer as data exporter [controller] and Burt as data importer [processor], completed as follows:

1. With respect to EEA data subjects: (a) in Clause 7, the optional docking clause shall apply; (b) in Clause 9a, general authorisation [Option 2] shall apply; (c) in Clause 11, the optional language shall not apply; (d) in Clause 17, Option 1 shall apply, and the EU SCCs shall be governed by the laws of Sweden; (e) in Clause 18(b), disputes arising from the EU SCCs shall be resolved by the courts of Stockholm, Sweden; (f) in Section (C) of Annex I, the competent supervisory authority is the Swedish Authority for Privacy Protection; and (g) in Annex III, the technical and organizational security measures implemented by Burt include the measures set forth in Schedule III attached hereto.

2. With respect to Swiss data subjects, the EU SCCs as set forth in the preceding clause (i) shall also apply to the Processing of such applicable Covered Customer GDPR Personal Data (i.e., relating to Switzerland data subject(s)); provided that: (a) references to ‘Regulation (EU) 2016/679’ shall be interpreted as references to the Swiss DPA (as defined below); (b) references to specific articles and or sections of ‘Regulation (EU) 2016/679’ shall be deemed replaced with the equivalent articles and/or sections of the Swiss DPA; (c) references to ‘EU’, ‘Union’, and ‘Member State’ shall be deemed replaced with ‘Switzerland’; (d) references to the ‘competent supervisory authority’ shall be replaced with the ‘Swiss Federal Data Protection Information Commissioner’; (e) references to competent courts shall be deemed replaced with ‘courts of Switzerland’; (f) in Clause 17, Option 1 shall apply, and the EU SCCs shall be governed by Swiss law; and (g) in Clause 18(b), disputes arising from the EU SCCs shall be resolved by the courts of Switzerland.  For purposes hereof, “Swiss DPA” means the Swiss Data Protection Act 2020, as amended from time to time.

2. United Kingdom.

1. The Processing by Burt of Covered Customer GDPR Personal Data relating to a UK data subject (including, without limitation, the transfer of such Covered Customer GDPR Personal Data from the UK to a third country not providing an adequate level of protection) will be further governed by the UK IDTA (as defined below), which is incorporated by reference into these Terms of Service solely with respect to Covered Customer GDPR Personal Data relating to UK data subjects.  If there is any conflict between (x) the terms and conditions of this Agreement and (y) the terms and conditions of the UK IDTA, then, with respect to Covered Customer GDPR Personal Data relating to a UK data subject(s), the terms and conditions of the UK IDTA will prevail and control.

2. Burt may only transfer Covered Customer GDPR Personal Data relating to a UK data subject outside the UK in compliance with Applicable Laws and pursuant to a data transfer mechanism then-recognized by the government of the United Kingdom as a legitimate basis for the transfer of such Covered Customer GDPR Personal Data outside the UK.

3. For purposes hereof, “UK IDTA” means the United Kingdom’s International Data Transfer Addendum to the EU Commission Standard Contractual Clauses (VERSION B1.0, in force 21 March 2022) to the EU SCCs, with Customer as data exporter/controller and Burt as data importer/processor, completed as follows: (i) in Table 2, (a) the first box is checked and (b) the table with respect to modules is completed as follows: (I) ‘Module in operation’ is checked only with respect to Module 2; and (II) in the row opposite Module 2: (A) ‘Does Apply’ is included for Clause 7 (Docking Clause); (B) ‘Does NOT Apply’ is included for Clause 11 (Option); (C) ‘General’ is included for Clause 9a (‘Prior Authorisation or General Authorisation’); and (D) ’10 business days’ is included for Clause 9a (Time period); (ii) in Table 4, ‘neither Party’ is checked; and (iii) the Alternative Part 2 Mandatory Clauses apply. 

4. Sub-Processors.

1. Burt will not have Covered Customer Personal Data Processed by a Sub-Processor unless such Sub-Processor is bound by a written (including, to the extent permitted by Applicable Laws, in electronic form) agreement with Burt that includes data protection obligations with respect to the protection of Covered Customer Personal Data consistent with Burt’s obligations hereunder (and, in any event, not less restrictive/rigorous as those required by Applicable Laws).

2. Burt is and will remain fully liable to Customer for any failure by any Sub-Processor to fulfill Burt’s data protection obligations under this Agreement and/or under Applicable Laws. 

3. Customer consents to the engagement as Sub-Processors of the third parties set forth on Schedule II attached hereto (each, an “Approved Sub-Processor”).

4. Prior to engaging a Sub-Processor other than an Approved Sub-Processor (each, an “Additional Sub-Processor”), Burt will notify Customer.  Customer may object to each Additional Sub-Processor by notifying Burt of such objection within ten (10) business days following the applicable notice.  If Customer fails to object to an Additional Sub-Processor within ten (10) business days following the applicable notice, Customer will be deemed to have consented to the Additional Sub-Processor.  If Customer objects to an Additional Sub-Processors and the parties fail to achieve an amicable resolution to such objection within thirty (30) days following such objection (with each party negotiating in good faith), each party may terminate this Agreement in whole or, if reasonably practicable, in part (e.g., with respect to the applicable Covered Connector(s)).

5. Deletion. Subject to Applicable Laws and Burt’s obligations thereunder, during the sixty (60) day period following termination of this Agreement, pursuant to the written (including email) direction of Customer, Burt will either (i) provide Customer with an export of the Covered Customer Personal Data in a machine-readable format or (ii) delete the Covered Customer Personal Data. Promptly following such sixty (60) day period, if Customer has not otherwise directed Burt to export or delete the Covered Customer Personal Data, Burt will delete the Covered Customer Personal Data.

6. Audits and Assessments.  

1. Subject to clause (II) of this Section 5(c)(ii)(F), not any more frequently than once every twelve (12) months (unless otherwise required by Applicable Laws), Customer may (either itself or via a recognized third-party audit firm that is not a competitor of Burt), at its sole expense (unless otherwise required by Applicable Laws), perform a confidential audit of Burt’s compliance with its obligations with respect to Covered Customer Personal Data under this Agreement. Such audit may be conducted on a mutually-agreed date, during Burt’s normal business hours, at Burt’s offices, no sooner than thirty (30) days after Customer’s written (including email) request (unless otherwise required by Applicable Law(s)), and in a manner that minimizes interference with Burt’s ordinary business activities.  Burt will reasonably cooperate with such audit efforts by providing reasonable access to relevant knowledgeable employees, documentation, systems, information, and materials; provided that in no event shall such audit include the examination of Burt’s business generally or relating to other agreements for purposes of comparison or otherwise, records and documents the disclosure of which is restricted under confidentiality obligations of Burt toward third parties, or any records or documents containing Personal Data other than Covered Customer Personal Data.  If such audit results find that Burt is not in material compliance with its obligations with respect to Covered Customer Personal Data under this Agreement, then Burt will use reasonable and appropriate efforts to promptly correct any such material noncompliance discovered by such audit.

2. If permitted by Applicable Laws, in lieu of an audit pursuant to the foregoing clause (I): (x) Burt may arrange for a qualified and independent assessor/auditor to conduct, at least annually and at Burt’s expense, to conduct an assessment/audit of Burt’s policies and technical and organizational measures in support of Burt’s obligations with respect to Covered Customer Personal Data using an appropriate and accepted control standard or framework and assessment/audit procedure for such assessments/audits; and (y) Customer hereby consents to such assessment/audit under this clause (II).

7. Change in Applicable Laws. If, due to any change(s) in Applicable Law(s), a party hereto reasonably believes that (i) Burt ceases to be able to provide the Service in whole or in part (e.g., with respect to a particular jurisdiction) and/or Customer ceases to be able to use the Service in whole or in part in compliance with such Applicable Law(s) under the then-current terms and conditions of this Agreement (the “Then-Current Agreement”) or (ii) Burt’s using, disclosing, or otherwise Processing Covered Customer Personal Data as contemplated under the Then-Current Agreement would result in Burt’s ceasing to be characterized as a Processor under such Applicable Law(s), then: (a) the parties will negotiate in good faith the terms and conditions of an amendment and/or supplement to the Then-Current Agreement that is designed to, as applicable: (x) enable Burt to provide the Service in and Customer to be able to use the Service in compliance with such Applicable Law(s) following such change(s); and/or (y) enable Burt to Process Covered Customer Personal Data as so contemplated and be characterized as a Processor under such Applicable Law(s) following such change(s); and (b) if, following such good-faith negotiation, the parties are unable to agree on the terms and conditions of such an amendment and/or supplement, each Party may terminate this Agreement in whole or, if reasonably practicable, in part (e.g., with respect to the applicable jurisdiction(s) and/or with respect to the applicable Covered Connector(s)).

6. Representation and Warranties.

(a) General. Each party represents, warrants, and covenants that: (i) it has and will continue to have during the term hereof, all rights, power, and authority necessary to enter into this Agreement and perform under this Agreement; and (ii) it will perform under this Agreement in compliance with all Applicable Laws.

(b) Burt Performance. Burt further represents, warrants, and covenants that, during the term of this Agreement it will use reasonable and appropriate measures to prevent the Service from containing any “virus”, “trap door”, “Trojan Horse”, “worm”, “time bomb”, “cancel bot” or other malicious computer programming routine that damages (or is intended to damage) or detrimentally interferes with (or is intended to detrimentally interfere with) any of Customer’s systems or data.

(c) Customer Performance.  Customer further represents, warrants, and covenants that: 

(i) It will use reasonable and appropriate measures to ensure that it does not pass or transmit any “virus”, “trap door”, “Trojan Horse”, “worm”, “time bomb”, “cancel bot” or other malicious computer programming routine to Burt, the Service, or any of Burt’s systems.

(ii) It has and throughout the term of this Agreement will have, and does hereby grant Burt and its Affiliates, all necessary rights necessary to allow Burt to use and otherwise Process Customer Data as contemplated by this Agreement.

(iii) Without limiting any of the provisions of Section 5 hereof, to the extent required by Applicable Laws, each of Customer’s digital property(ies) and each of the other sources of data provided or made available to Burt by or on behalf of Customer under this Agreement: 

1. Contains, and throughout the term of this Agreement will contain, (x) a privacy policy that clearly and unambiguously discloses, and will clearly and unambiguously disclose throughout the term of this Agreement, (I) the collection, disclosure, and usage of data (including, without limitation, the collection, disclosure, and usage of data contemplated by this Agreement) and (II) the method(s) by which the user may submit a data subject right request(s) under applicable laws, rules, and regulations, and (y) any and all other notices and/or disclosures required by applicable laws, rules, and regulations, including, without limitation, with respect to the collection, disclosure, and usage of data (including, without limitation, the collection, disclosure, and usage of data contemplated by this Agreement); and 

2. Obtains, and throughout the term of this Agreement will obtain, all user consents and authorizations as may be required by Applicable Laws in connection with the collection, disclosure, usage, and other Processing of data (including, without limitation, if and as may be contemplated by this Agreement).

(d) Disclaimer. EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, THE SERVICE IS PROVIDED TO CUSTOMER STRICTLY “AS IS” AND “AS AVAILABLE” AND WITHOUT WARRANTIES OF ANY KIND.  BURT EXPRESSLY DISCLAIMS ANY AND ALL IMPLIED AND STATUTORY WARRANTIES, INCLUDING, WITHOUT LIMITATION, IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABILITY, TITLE, NON-INFRINGEMENT, AVAILABILITY OR ERROR-FREE OPERATION.

7. Indemnification.

(a) General. Each party (the “Indemnifying Party”) will defend, indemnify and hold harmless the other party, its Affiliates, and its and their respective officers, directors, employees, and agents (each, an “Indemnified Party”) from and against any and all third-party claims and liabilities (including, without limitation, reimbursement for reasonable outside attorneys' fees, disbursements, and court costs) to the extent relating to, resulting from, or arising out of (i) the Indemnifying Party’s breach or alleged breach of this Agreement, (ii) the Indemnifying Party’s fraud or willful misconduct, (iii) with respect to Customer, any Customer Underlying Data or other Customer materials, and (iv) with respect to Burt, the infringement or misappropriation of a third party’s patent, trademark, trade secret, or copyright in connection with Burt’s technology used to provide the Service hereunder (the obligations of Burt described in this clause (iv), the “Burt IP Infringement Obligations”).  The previous sentence states the sole liability of the Indemnifying Party, and the sole remedy of the Indemnified Party, with respect to any third-party claim relating to, resulting from, or arising out of (A) the Indemnifying Party’s breach of this Agreement, (B) with respect to Customer as the Indemnifying Party, the Customer Underlying Data, and/or (C) with respect to Burt as the Indemnifying Party, Burt’s intellectual property infringement or misappropriation. 

(b) Procedure. The Indemnified Party must (i) promptly notify the Indemnifying Party in writing (including email) of the third-party claims (provided that failure of the Indemnified Party to promptly notify the Indemnified Party will not relieve the Indemnifying Party of its indemnification obligations hereunder, except to the extent it has been damaged by the failure), (ii) reasonably cooperate with the Indemnifying Party in the defense of and/or negotiations for settlement of the matter (at the Indemnifying Party’s expense), and (iii) give the Indemnifying Party primary control of the defense of the matter and negotiations for its settlement.  The Indemnified Party may, at its expense, join in the defense with counsel of its choice.  The Indemnifying Party may enter into a settlement only if it (x) involves only the payment of money damages by the Indemnifying Party and (y) includes a complete release of the Indemnified Party, as applicable; any other settlement will be subject to the written (including email) consent of the Indemnified Party (not to be unreasonably withheld, delayed, or conditioned).

(c) Burt IP Infringement Obligations.  The Burt IP Infringement Obligations will not apply to claims to the extent arising from (i) Customer’s use of the Service in violation of this Agreement or (ii) the combination, operation, or use of the Service with any product, service, data (other than Customer Underlying Data), or technology not provided or authorized in writing (including email) by Burt.  If the Service becomes, or in Burt’s reasonable opinion is likely to become, the subject of an intellectual property infringement or misappropriation claim, then Burt will promptly notify Customer and, at its sole option and expense, may: (x) procure the right to continue providing the Service as contemplated by this Agreement; (y) modify the Service to render it non-infringing (provided that modification does not materially adversely affect use of the Service); or (z) replace the Service with a functionally equivalent, non-infringing service.  If none of the foregoing options is commercially practicable, then each party will have the right to terminate each affected Order Form.

8. Limitations of Liability.

TO THE MAXIMUM EXTENT PERMITTED BY LAW, REGARDLESS OF THE TYPE OF CLAIM:

1. EXCEPT WITH RESPECT TO (i) ITS FRAUD OR WILLFUL MISCONDUCT, (ii) INDEMNIFICATION AMOUNTS PAYABLE TO THIRD PARTIES UNDER SECTION 7 HEREOF, AND (iii) ITS BREACH(ES) OF SECTION 9 HEREOF, IN NO EVENT WILL EITHER PARTY BE LIABLE FOR (A) ANY LOSS OF DATA, OPPORTUNITY, LOSS OF REVENUES OR PROFITS, BUSINESS INTERRUPTION, OR PROCUREMENT OF SUBSTITUTE SERVICES OR (B) ANY INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES, IN EACH CASE HOWEVER CAUSED, UNDER ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE), ARISING IN ANY WAY IN CONNECTION WITH OR OUT OF THIS AGREEMENT, EVEN IF SUCH PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH LOSS, CONSEQUENCE, OR DAMAGES. 

2. EXCEPT WITH RESPECT TO (i) ITS FRAUD OR WILLFUL MISCONDUCT AND (ii) WITH RESPECT TO CUSTOMER, ITS PAYMENT OBLIGATIONS UNDER THIS AGREEMENT: EACH PARTY’S TOTAL CUMULATIVE LIABILITY IN CONNECTION WITH ANY PARTICULAR ORDER FORM, WHETHER IN CONTRACT OR TORT OR OTHERWISE, WILL NOT EXCEED THE AGGREGATE AMOUNT OF FEES PAID OR PAYABLE BY CUSTOMER TO BURT UNDER SUCH ORDER FORM DURING THE 12-MONTH PERIOD IMMEDIATELY PRIOR TO THE DATE WHEN THE LIABILITY AROSE. CUSTOMER AGREES THAT THE FEES REFLECT THE ALLOCATION OF RISK SET FORTH IN THIS AGREEMENT AND ACKNOWLEDGE THAT BURT WOULD NOT ENTER INTO THIS AGREEMENT WITHOUT THESE LIMITATIONS ON ITS LIABILITY. 

9. Confidentiality.

(a) Definition of Confidential Information. As used herein, "Confidential Information" means any and all information that is disclosed, provided, or made accessible by, or on behalf of, one party (in such capacity, "Disclosing Party") to the other party (in such capacity, "Receiving Party") in connection with this Agreement and that is identified or designated as “confidential” or “proprietary” or that, given the nature of the information or material, or the circumstances surrounding the disclosure, reasonably should be understood to be confidential (e.g., business, product, or marketing plans, technology and/or technical information, product designs, and business processes). Without limiting the foregoing, Burt’s Confidential Information includes the Service (including, for purposes of clarification and without limitation, all related code and other technology associated therewith), and Customer’s Confidential Information includes the Customer Underlying Data. Confidential Information shall not include any information that: (i) is or becomes public through no fault of the Receiving Party; (ii) the Receiving Party already knew or possessed prior to its disclosure by or on behalf of the Disclosing Party; (iii) was independently developed by the Receiving Party without reference to the Disclosing Party’s Confidential Information; or (iv) is received by the Receiving Party from a third party without breach of any obligation owed to the Disclosing Party.

(b) Confidentiality Obligations. Throughout the term of this Agreement and for a period of five (5) years after the termination of this Agreement, the Receiving Party shall not disclose or use any Confidential Information of the Disclosing Party for any purpose other than as necessary to perform its obligations or exercise its rights under this Agreement; provided that the obligations of confidentiality and non-use related to any trade secret disclosed, provided or made accessible to, or observed by, the Receiving Party shall continue until such trade secret is generally known or available to the public through no fault, action, or inaction on the part of Receiving Party. The Receiving Party shall protect the confidentiality of the Confidential Information in the same manner that it protects the confidentiality of its own proprietary and confidential information of similar kind, but in no event shall the Receiving Party exercise less than reasonable care in protecting such Confidential Information. If the Receiving Party is compelled by law to disclose Confidential Information of the Disclosing Party, it shall provide the Disclosing Party with reasonable prior notice of such compelled disclosure (to the extent legally permitted) and use commercially reasonable efforts to provide the Disclosing Party with the opportunity to seek a protective order or the equivalent (at the Disclosing Party's expense).

(c) Remedies. If the Receiving Party discloses or uses (or threatens to disclose or use) any Confidential Information in breach of this Section 9, the Disclosing Party shall have the right, in addition to any other remedies available to it, to seek injunctive relief to enjoin such acts, it being specifically acknowledged by the parties that any other available remedies are inadequate. The Disclosing Party shall not be required to post a bond or other security in connection with the granting of any such relief.

10. Miscellaneous

(a) Payment Rules.  Fees and rates for the Service are set forth in the applicable Order Form(s).  Customer will pay Burt the fees for the Service in immediately available funds within thirty (30) days of the date of the applicable invoice; other than as expressly set forth in clause (ii) of Section 3(c) hereof, all fees are non-refundable once paid.  Until paid in full, all past due amounts (other than amounts disputed in good faith by Customer and set forth in a notice provided to Burt at least two (2) business days prior to the applicable due date) will bear an additional charge of the lesser of 1.5% per month or the maximum amount permitted under applicable law. Customer will pay reasonable expenses and attorneys’ fees Burt incurs in collecting and/or seeking to collect past due amounts that are not disputed in good faith. The fees and rates for the Service, and the amounts invoiced under this Agreement, do not and will not include any taxes, levies, assessments, duties, or other charges levied by or due to any taxing authority or other governmental agency.  Customer is and will be responsible for paying, and will pay, all taxes, levies, assessments, duties, and other governmental charges, if any, that may be imposed on account of the performance of either party under this Agreement, excluding only taxes based on Burt’s income.  All payments by Customer under this Agreement will be made without deduction for any taxes, including withholding taxes.

(b) Contract Entity and Governing Law.  The interpretation of the rights and obligations of the parties under this Agreement, including, to the extent applicable, any negotiations, arbitrations or other proceedings hereunder (and the jurisdiction and venue with respect thereto), will be governed in all respects exclusively by the laws described below depending on Customer’s jurisdiction of organization; provided that nothing in this Agreement will limit a party’s ability to seek equitable relief in any court of competent jurisdiction.  

(i) If Customer is organized under the laws of a jurisdiction in North America, Central America, or South America: (A) this Agreement (x) is entered with Burt Americas Inc. and (y) will be governed by the laws of the State of New York, without regard to rules or principles of conflicts of laws; and (B) THE JURISDICTION AND VENUE FOR ALL DISPUTES HEREUNDER WILL BE THE STATE AND FEDERAL COURTS OF NEW YORK COUNTY, NEW YORK, AND THE PARTIES HEREBY CONSENT TO THE PERSONAL JURISDICTION IN THOSE COURTS.  

(ii) If Customer is organized under the laws of a jurisdiction other than in North America, Central America, or South America (e.g., in Europe, Asia, or Australia): (A) this Agreement (x) is entered with Burt Intelligence AB and (y) will be governed by the laws of Sweden, without regard to rules or principles of conflicts of laws; and (B) any dispute, controversy or claim arising out of or in connection with this Agreement, or the breach, termination or invalidity thereof, shall be finally settled by arbitration administered by the Arbitration Institute of the Stockholm Chamber of Commerce (the “SCC Institute”), in accordance with the following: (I) the language to be used in the arbitral proceedings shall be English unless differently mutually agreed; (II) the Rules for Expedited Arbitrations of the Arbitration Institute of the Stockholm Chamber of Commerce shall apply, unless the SCC Institute, taking into account the complexity of the case, the amount in dispute and other circumstances, determines, in its discretion, that the Arbitration Rules of the Arbitration Institute of the Stockholm Chamber of Commerce shall apply, in which event the SCC Institute shall also decide whether the arbitral tribunal shall be composed of one or three arbitrators.

(c) Force Majeure.  Neither party will be held responsible or liable for any acts or omissions resulting from any cause or circumstance beyond its reasonable control (including, without limitation, act of God, natural disaster, fire or other casualty or loss of facility(ies), war, terrorism, act of public enemy, riot, strike, boycott, or other labor dispute, communication or transportation disruption, accident, epidemic, pandemic, or government action or order).

(d) Notices.

Unless otherwise expressly stated in this Agreement, all notices or other communications required under this Agreement must be made in writing (including email) and sent to attention of: (i) if to Customer, as set forth in the applicable Order Form; and (ii) if to Burt, to admin@burtcorp.com and, if Burt Americas Inc. is the Burt contracting entity hereunder, with a copy to 228 Park Ave S. PMB 375540, New York, New York, 10003-1502, USA, Attn: Legal.  Each party may  change its contact for notices by providing not less than five (5) business days’ notice to the other party, it being understood and agreed that Customer will keep its account information accurate and up to date.  Notice will be deemed given when delivered.   

(e) Amendments.

Burt may unilaterally supplement or amend these Terms of Service at any time. However, if Burt so unilaterally modifies these Terms of Service during the then-current term of an Order Form, then, with respect to such Order Form, the modified version will take effect upon the commencement of the subsequent renewal term of such Order Form; provided that if Burt so modifies these Terms of Service during the then-current term of an Order Form but after the autorenewal date with respect to the subsequent renewal term has occurred, then the modified version will take effect upon the commencement of the renewal term that follows the subsequent renewal term. Except as set forth in this Section 10(e), all amendments to this Agreement (including, for purposes of clarification and without limitation, these Terms of Service and any and all Order Forms) must be in writing and signed by both parties and expressly state that they are amending this Agreement.  

(f) General Terms.

(i) These Terms of Service (including any and all Schedules, Appendixes and/or Exhibits hereto), together with any Order Forms and any and all Schedules, Appendixes and/or Exhibits thereto, is the complete and exclusive understanding and agreement between the parties, and supersedes any oral or written (including email) proposal, agreement or other communication between the parties, regarding its subject (including, for purposes of clarification and without limitation, Customer’s access to and use of the Service). 

(ii) If any provision of this Agreement is held to be unenforceable, that provision will be removed to the extent necessary to comply with the law, replaced by a provision that most closely approximates the original intent and economic effect of the original to the extent consistent with the law, and the remaining provisions will remain in full force.  No presumption or burden of proof will arise favoring or disfavoring either party by virtue of the authorship of any of the provisions of this Agreement.  

(iii) The headings contained in this Agreement are for reference purposes only and will not affect in any way the meaning or interpretation of this Agreement. 

(iv) Neither party may assign or transfer this Agreement or any part thereof without the prior written (including email) consent of the other party; provided that: (A) this Agreement may be assigned, without the prior written consent of the other party: (I) to a person or entity that acquires, pursuant to a sale, merger, or otherwise, all or substantially all of the assigning party’s assets, stock or business; or (II) by Burt to an Affiliate(s); and (B) individual Order Forms may be assigned by Burt, without Customer’s written consent, to a person or entity that acquires, pursuant to a sale, merger, or otherwise, all or substantially all of the assets or business of the Burt business unit that provides the Service provided under such individual Order Form(s) (i.e., the particular service(s) and software provided or made available to Customer under such individual Order Form(s), and all components, features, elements, and aspects thereof and all tools and technology included and/or embodied therein). In the event of an assignment of an individual Order Form(s) by Burt (which assignment will include the terms and conditions of these Terms of Service), these Terms of Service and all other Order Forms in effect at the time of such assignment will remain in full force and effect.  Subject to the foregoing, this Agreement will bind and inure to the benefit of the parties, their respective successors and permitted assigns.  Any assignment in violation of the foregoing will be null and void. 

(v) Subject to Section 5(c)(ii)(D) of these Terms of Service, each party may use Subcontractors in connection with its performance under this Agreement; provided that such party is liable for the acts and omissions of its Subcontractors.  There are no third-party beneficiaries to this Agreement.  The parties hereto are independent parties, not agents, employees or employers of the other or joint venturers, and neither party acquires hereunder any right or ability to bind or enter into any obligation on behalf of the other party.

11. Definitions.

“Affiliate” means, with respect to a party, an entity that, directly or indirectly, controls, is controlled by, or is under common control with such party.

“Applicable Laws” means, collectively, all now existing or hereinafter effective or amended laws, rules, regulations (including, without limitation, self-regulatory obligations), and/or sanctions programs applicable to a party’s performance under this Agreement.

“CCPA” means the California Consumer Privacy Act of 2018, together with all effective rules and/or regulations adopted thereunder (in each case, as amended from time to time, including, without limitation, by the California Privacy Rights Act of 2020).

“Connector” means a third-party service from which Burt receives or accesses Customer Underlying Data under this Agreement.

“Controller” means, under and in the context of any Applicable Law regarding privacy or data protection, a “controller”, “business”, “covered entity”, “third party”/“third-party business”, or corresponding term denoting a substantially similar, role, and obligations under such Applicable Law.

“Covered Connector” means a Connector that includes or may include Personal Data within the Customer Underlying Data provided or made available to Burt under this Agreement.

“Personal Data” means “personal data”, “personal information”, or other term denoting a substantially similar definition and obligations under, and in the context of, any Applicable Law.

“Process” means any operation or set of computer operations performed on Personal Data, including, without limitation, collection, recording, organization, structuring, storage, access, adaptation, alteration, retrieval, consultation, use, transfer, transmission, sale, rental, disclosure, dissemination, making available, alignment, combination, deletion, erasure, or destruction. 

“Processor” means, under and in the context of any Applicable Law regarding privacy or data protection, a “processor”, “service provider”, or corresponding term denoting a substantially similar, role, and obligations under such Applicable Law.

“Service” means, collectively, all services and software provided or made available to Customer under the Order Forms, and all components, features, elements, and aspects thereof and all tools and technology included and/or embodied therein.

“Subcontractor” means, with respect to a party, a contractor, subcontractor, consultant, third-party service provider, or agent engaged by such party in connection with the use or provision of the Service under this Agreement.

“Sub-Processor” means a Subcontractor engaged by Burt for further Processing of Covered Customer Personal Data.

“US State Privacy Law” means each of (i) CCPA, (ii) each other general privacy law of a state, district, or commonwealth of the United States that is effective as of the Latest Update date at the top of these Terms of Service, and (iii) any and all hereinafter effective or amended general privacy laws (in each case, together with all effective rules and regulations adopted thereunder and as amended from time to time) of a state, district, or commonwealth of the United States (each, a “US Covered State”).

SCHEDULE I

Data Processing

1. Description of transfer and further Processing of Covered Customer Personal Data

(a) Frequency of transfer: Continuous/Recurring

(b) Nature and purpose(s) of transfer and further Processing of Covered Customer Personal Data:

• Burt will Process Covered Customer Personal Data in connection with the consolidation, organization, structuring, and analysis of such Covered Customer Personal Data and other Customer Data, which may include (without limitation) data maps, dashboards, and/or reporting, and analysis relating to the foregoing, on behalf of Customer, as set forth in the applicable Order Form(s), in particular for the following “business purposes”: 

• Auditing related to counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards

• Helping to ensure security and integrity to the extent the use of the consumer’s Covered Customer Personal Data is reasonably necessary and proportionate for these purposes

• Debugging to identify and repair errors that impair existing intended functionality

• Short-term, transient use

• Performing the Service on behalf of Customer, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, providing storage, or providing similar services on behalf of Customer

• Providing advertising and marketing services (provided that such services shall not include (i) cross-context behavioral advertising (as defined by CCPA) to the consumer or (ii) such other services as may be prohibited to be performed by a Processor under the applicable Applicable Law 

• Undertaking internal research for technological development and demonstration

• Undertaking activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by Customer and to improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by Customer

• Covered Customer Personal Data shall be subject to automated and/or manual Processing operations by Burt

(c) Duration of Processing (including storage/retention) of Covered Customer Personal Data: Burt shall store and otherwise Process Covered Customer Personal Data during the term of the Agreement and thereafter in accordance with the provisions of the Agreement (including Section 5(c)(ii)(E) of the Terms of Service)

2. Categories

(a) Categories of Covered Customer Personal Data that may be Processed under the Agreement:

• Identifiers (e.g., IP address); provided that in no event may the Covered Customer Personal Data include any government-issued identifier

• Characteristics of protected classifications under California or federal law

• Commercial information (e.g., products purchased or considered, purchase histories or tendencies, etc.)

• Internet or other electronic network activity information (e.g., browsing history, search history, information regarding interactions with Customer’s website and/or Customer’s advertising, etc.)

• Geolocation data

(b) Categories of data subject to which the Covered Customer Personal Data that may be Processed under the Agreement relate: customers and visitors (e.g., purchasers and/or potential purchasers of Customer’s products and/or services, visitors to and/or users of Customer’s digital properties, etc.)

SCHEDULE II

Approved Sub-Processors