In addition to the RCS Messaging Terms and Conditions, (i) the RCS Service is further subject to the general terms and conditions agreed to by Customer during the sign-up process (the “Master Agreement”), and (ii) the RCS Upscale Service is subject to the existing agreement between Customer and Sinch for SMS messaging (the “Existing Agreement”). 

General RCS Messaging Terms 

Google Terms: Customer acknowledges and agrees that the availability and use of the RCS Messaging Services is conditioned on Customer’s compliance and acceptance of all the terms and policies set forth below including, without limitation, any other complementary terms and policies referenced in such terms and policies. Customer acknowledges that the terms and policies below may be changed, adapted, and/or updated by Google LLC and its affiliates, including Jibe Mobile Inc. (collectively, “Google”), at any time and at its discretion, therefore, Customer will periodically check the terms and policies in order to be fully aware and fully comply with their conditions, rights, and obligations: 

1. terms of service that govern the use of RCS for Business as set out at the following URL: http://developers.google.com/business-communications/rcs-business-messaging/carriers/tos (as such terms and URL may be updated from time to time by Google); 
2. terms of service for RCS for Business as located at the following URL: https://developers.google.com/business-communications/rcs-business-messaging/support/tos (as such URL may be updated by Google from time to time); 
3. any policies, restrictions, terms and conditions required by Jibe Mobile Inc. at https://jibe.google.com/intl/en_ZZ/policies/terms/ that may be updated from time to time; and 
4. All policies, terms and conditions of the relevant mobile network operator shall apply. 

RCS Agent: An RCS Agent must be registered to use the RCS Messaging Services and Customer hereby authorizes Sinch to do the relevant registration(s) for and on behalf of Customer. Customer agrees to provide Sinch with all necessary information and/or complete all documentations required in relation to the registration process that may be requested by Sinch and/or Google from time to time. 

Disclaimer. In addition to any disclaimers in the Master Agreement or your Existing Agreement, Customer acknowledges that the RCS Messaging Services are not specifically designed to meet Customer’s and/or any of Customer’s customers’ or end users’ individual needs and are provided as is and where currently available.  

RCS Service  

Service. The RCS Service is a service in which multimedia messages are provided for compatible devices through an interface between mobile network operators and Google. The RCS Service is provided through Sinch Conversation API. 

Commercial Terms. 

Pricing. Fee is based on destination and type of message. Rates are set forth in the table located here.

RCS Upscale Service  

Service. The RCS Upscale Service allows SMS messages to be re-routed and delivered as RCS to destinations where Sinch supports RCS while using the existing network connection for SMS. In the event that RCS routing is not available or the SMS cannot be sent as RCS for any reason, Sinch has the sole discretion and right to re-route the sending and delivery of the message as SMS. Based on the RCS Agent ID through Sinch, the re-routing will be adjusted in order for the SMS to be delivered to the end-users. 

Dedicated SMS Services Required. RCS Upscale Service is only available for Dedicated SMS services. For this purpose, “Dedicated SMS” means a sms bearing a pre-registered and assigned sender identification or sms originator (i.e. long code / short code/ alpha numeric Sender ID or originator) that is unique and dedicated for that customer’s exclusive use excluding all Sender ID shared by multiple customers or end users for sms traffic (“Dedicated Sender ID”). Customer will ensure, at its own cost and expense, that Customer’s system(s) are capable of any technical integration and inter-operation with Google’s, Jibe’s and Sinch’s system, as the case may be, that is required to enable the relevant mobile operator or carrier to provide the RCS Upscale Services to Customer. 

Commercial Terms. 

a)  Pricing. Customer will be billed at existing SMS rates for all messages sent with RCS Upscale. 

b) Minimum consumption. If applicable, if Customer’s Existing Agreement contains a minimum monthly consumption volume for the SMS channel, the RCS volume used will be counted to calculate the minimum monthly consumption. 

c) Term. Subject to these RCS Messaging Terms and Conditions, Customer will be permitted to use the RCS Upscale Service for as long as its Existing Agreement is valid and effective. If the Existing Agreement terminates for any reason, Customer’s use of the RCS Upscale Service will automatically terminate. 

The post Rich Communication Service (RCS) Messaging Terms and Conditions appeared first on Sinch.

Fees. The Service is free of charge and Customer shall not be entitled to any reimbursements and/or service credits. 

The post Consent Management Services appeared first on Sinch.

By signing up to our services (the “Services”) and affirming that you (the entity agreeing to the terms, “you” or “Customer”) agree to our terms of service through the sign-up process, you are entering into a master service agreement (the “Agreement”) with the legal entity set out below, which shall be referred to as “we”, “our”, “us” or “Sinch”.  

The account creator represents and confirms to Sinch that you are the duly authorised representative and signatory of the Customer to act for and on behalf of the Customer to enter into the Agreement and accepts the General Terms of Services and all other terms, as set out below. All information provided is complete and accurate. The Agreement shall be effective on the date at which time the account is created and verified. 

Sinch and Customer are together referred to as the “Parties” and each a “Party”.  

General

The Terms apply to you, your agents, any service provider(s) you work with, and any employees, representatives, agents, and suppliers (collectively “you” or “Company”). The terms of the Agreement are set out herein (the “Terms”) and as referenced below, and you agree to comply with the Terms. The Agreement is effective as of the date agreed to by you (“Effective Date”). 

These terms, the applicable terms listed in the table below, any accompanying API documentation, and any applicable policies and guidelines are part of the Terms. To the extent applicable, the following terms are incorporated by reference into these Terms, and listed in order of precedence. 

1. Data Protection Agreement
2. Messaging Supplemental Terms and Conditions
3. Social Channel Supplemental Terms and Conditions
4. SAAS Services Supplemental Terms and Conditions
5. Email Supplemental Terms and Conditions
6. Fax API Supplemental Terms and Conditions
7. Verification Supplemental Terms and Conditions
8. Contact Pro Supplemental Terms and Conditions
9. General Terms and Conditions (“GTC”)
10. Service Level Agreement (“SLA”)

Additionally, if you have agreed to separate terms and conditions with Sinch and its affiliates (an “Existing Agreement”) for access to and use of (a) services(s) available via a Sinch online ordering system, or (b) other tools and services, then the terms and conditions (including pricing) in your Existing Agreement, and not these Terms (and/or associated online pricing), will apply to your use of such services. To the extent the Existing Agreement does not cover a particular service, these Terms (including any online pricing) will apply to your use of that particular uncovered service. 

Unless expressly defined in the specific document or a contrary intention appears, capitalised terms defined in the Agreement have the meaning set out in the GTC. 

This Agreement shall apply to any Services that Customer self-provisions through its access to  https://dashboard.sinch.com. Sinch may use its affiliates in connection with the performance of its obligations and exercise of its rights under the Agreement. 

Commercial

The Customer will pay Sinch the fees and taxes and all other amounts payable to Sinch through prepayments made by the Customer on the Customer’s Account in the SINCH Dashboard. The fees shall be calculated in accordance with the rates and pricing which Sinch makes available to the Customer (by means determined by Sinch) from time to time. All Recurring Fees and One-Time Fees may be deducted in advance of the applicable Service being provided and all Non-Recurring Fees may be deducted after the applicable Service is provided. Payments received from the Customer will be deposited in the currency selected during Account creation as supported by Sinch. Sinch may deduct or offset from the Customer’s Credit Balance, any sums the Customer owes to Sinch, which may include but are not limited to fees and taxes, and in the currency selected by Customer and from the same Credit Balance. The Customer will not earn interest on any Credit Balance held by Sinch. The Customer will lose the right to any Credit Balance if the Agreement has been terminated and if Sinch is not reasonably able to refund the Credit Balance, e.g. by not receiving information of relevant bank account upon request.  

SINCH may modify any fees in its sole discretion upon written notice, and in accordance with the terms of Section 13.5 of the GTC (Notices), the parties agree that for the purposes of notice under this Section, such notice may be given by email and that notice shall be deemed to have been given once the email is dispatched from the SINCH email server. 

For any pricing shown on the Sinch website, including but not limited to any Sinch Dashboard, Sinch aims to update prices at midnight UTC. The pricing shown at the time when Customer uses the Service applies. 

Term and Termination

The Agreement is in force until terminated by a Party (the “Term”). The Agreement may be terminated by each Party by giving ninety (90) days advance written notice to the other Party. The aforementioned notice period for termination by the Customer shall be subject to the Customer’s full payment of any and all fixed fees regarding Services ordered by Customer with a longer notice period than ninety (90) days.  

Upon termination of any Service, all fees incurred relation to the terminated Service(s) shall become immediately payable and remaining fees charged until the end of the term. 

Changes

Sinch reserves the right, in Sinch’s sole discretion and with or without notice from time to time, to modify or update any Services (including but not limited to the features, scope, reach and functionality). Additionally, Sinch may amend the Agreement (or any part thereof), and such amendment will take effect on the date Sinch designates (or upon expiration of the minimum period of notice Sinch is required to provide under applicable law). Upon the event that there is uncertainty regarding what version of the Agreement that applies between the Parties, the version published at https://sinch.com/terms-of-service/ at that point in time shall apply. Sinch specifically reserves the right to make changes to such terms of service by publishing a revised version at https://sinch.com/terms-of-service/ (or any successor URL Sinch determines) as may be updated by us from time to time. If an amendment to the Service Agreement or Services is to the Customer’s material detriment, the Customer may terminate either: (i) the affected Order; or (ii) the affected Service, upon written notice within thirty (30) days following the effectiveness of such amendment (or by the date which the Customer is entitled to terminate under applicable law). 

Compliance

The Customer shall (and shall ensure that the Customer’s customers, Affiliates, employees, contractors and agents shall) ensure that all use of the Services and all Data complies with applicable laws and the Compliance Rules, including but not limited to export control laws and regulations, economic, trade and financial sanctions laws, regulations, embargoes, restricted state lists or restrictive measures administered. The Customer shall provide (and shall ensure that the Customer’s customers, Affiliates, employees, contractors and agents shall provide) all co-operation as is required by Sinch to enable Sinch to comply with requests and investigations by regulators, law enforcement agencies and Service Providers relating to the Services and Data. “Compliance Rules” shall mean that the Customer shall not download any software from Sinch relating to the data calling services in any Restricted Countries. For the purpose of this Agreement, “Restricted Countries” shall mean People’s Republic of China (including Hong Kong and Macau), Belarus, Iran, the Democratic People’s Republic of Korea, the Russian Federation, and/or Syrian Arabic Republic. 

Governing Law and Dispute Resolution

The governing law and dispute resolution as set out in section 13 of the GTC shall apply between the Parties.  

The post Terms of Service appeared first on Sinch.

This Data Processing Agreement (this “DPA“) forms part of Sinch master services agreement (the “Principal Agreement“) between Sinch and the Customer and is subject to the Principal Agreement. The contracting parties under this DPA are identical to the parties under the Principal Agreement.

1. Definitions. For the purposes of this DPA, capitalized terms shall have the following meanings. Capitalized terms not otherwise defined shall have the meaning given to them in the Principal Agreement.
   1. “Customer’s Personal Data” means any personal data that is processed by Sinch on behalf of the Customer to perform the Services under the Principal Agreement.
   2. “Applicable Data Protection Laws” means the GDPR, as transposed into domestic legislation of each Member State (and the United Kingdom) and as amended, replaced or superseded from time to time, and laws implementing, replacing or supplementing the GDPR and all laws applicable to the processing of Customer’s Personal Data, including the California Consumer Privacy Rights Act of 2020, which amends the California Consumer Privacy Act of 2018 Cal. Civ. Code § 1798.100 et seq (“CCPA”).
   3. “GDPR” means the General Data Protection Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and the free movement of such data.
   4. “Sinch Infrastructure” means (i) Sinch’s physical facilities; (ii) hosted cloud infrastructure; (iii) Sinch’s corporate network and the non-public internal network, software, and hardware necessary to provide the Services and which is controlled by Sinch; in each case to the extent used to provide the Services.
   5. “Restricted Transfer” means a transfer of the Customer’s Personal Data from Sinch to a sub-processor where such transfer would be prohibited by Applicable Data Protection Laws (or by the terms of data transfer agreements put in place to address the data transfer restrictions of Applicable Data Protection Laws) in the absence of appropriate safeguards required for such transfers under Applicable Data Protection Laws.
   6. “Services” means the services provided to the Customer by Sinch pursuant to the Principal Agreement.
   7. “Standard Contractual Clauses” means the latest version of the standard contractual clauses for the transfer of personal data to processors established in third countries under the GDPR (the current version as at the date of this DPA is as annexed to European Commission Decision 2021/914 (EU) of June 4, 2021).
   8. “UK Addendum” means the United Kingdom Addendum (International Data Transfer Addendum to the EU Commission Standard Contractual Clauses) set out at https://ico.org.uk/media2/migrated/4019539/international-data-transfer-addendum.pdf
   9. The terms “consent“, “controller“, “data subject“, “Member State“, “personal data“, “personal data breach“, “processor“, “sub processor”, “processing“, “supervisory authority” and “third party” shall have the meanings ascribed to them in article 4 of the GDPR or the CCPA, in cases where CCPA is applicable.
2. Compliance with Applicable Data Protection Laws
   1. Sinch and the Customer shall each comply with the provisions and obligations imposed on them by the Applicable Data Protection Laws and shall procure that their employees and sub-processors observe the provisions of the Applicable Data Protection Laws.
3. Details and Scope of the Processing
   1. The Processing of the Customer’s Personal Data within the scope of the Agreement shall be carried out in accordance with the following stipulations and as required according to the Applicable Data Protection Laws. The parties may amend this information from time to time, as the parties may reasonably consider necessary to meet those requirements.
      1. Subject matter and duration of the processing of personal data: The subject matter and duration of the processing of the personal data are set out in the Principal Agreement.
      2. The nature and purpose of the processing of personal data: Under the Principal Agreement, Sinch provides certain services such as messaging, email, voice calls and other communication services, as further detailed in the Principal Agreement, to the Customer which involves the processing of personal data. Subject to section 3(a)(iv), such processing activities include (a) providing the Services; (b) the detection, prevention and resolution of security and technical issues; and (c) responding to Customer’s support requests.
      3. The types of personal data to be processed: The personal data submitted to Sinch’s network, the extent of which is determined and controlled by the Controller in its sole discretion, may include name, email, telephone numbers, IP address and other personal data included in the contact lists and message or call content.
      4. Independent Data Controller Exclusion: Notwithstanding any other provision herein, when processing personal data in the course of providing communication services as part of the Services, including the transmission and exchange of SMS via telecommunications networks and other messages and communications, including emails, voice, and other media via other communication platforms, regardless of whether Customer acts as a controller or processor, Sinch acts as an independent data controller, and not as joint controller, so as to provide its communications services and carry out its necessary functions and business as a communication services and value-added services (VAS) provider, including necessary measures to prevent spam and fraud and control, security, and maintenance of its network, management of its business and compliance functions, and consistent with its obligations under applicable laws.
      5. The categories of data subjects to whom the personal data relates: Senders and recipients of email and sms messages, voice calls or other communication.
   2. Sinch shall only process the Customer’s Personal Data (i) for the purposes of fulfilling its obligations under the Principal Agreement and (ii) in accordance with the documented instructions described in this DPA or as otherwise instructed by the Customer from time to time. Such Customer’s instructions shall be documented in the applicable order, services description, support ticket, other written communication or as directed by Customer using the Services (such as through an API or control panel).
   3. Where Sinch reasonably believes that a Customer instruction is contrary to the provisions of the Principal Agreement or this DPA, or that it infringes the GDPR or other applicable data protection provisions, it shall inform the Customer without delay. In both cases, Sinch shall be authorized to defer the performance of the relevant instruction until it has been amended by Customer or is mutually agreed by both Customer and Sinch.
   4. Customer is solely responsible for its utilization and management of personal data submitted or transmitted by the Services, including: (i) verifying recipient’s information such as phone number or address and that they are correctly entered into the Services (ii) reasonably notifying any recipient of the insecure nature of email or messaging as a means of transmitting personal data (as applicable), (iii) reasonably limiting the amount or type of information disclosed through the Services (iv) encrypting any personal data transmitted through the Services where appropriate or required by applicable law (such as through the use of encrypted attachments, PGP toolsets, or S/MIME). When the Customer decides not to configure mandatory encryption, the Customer acknowledges that the Services may include the transmission of unencrypted email in plain text over the public internet and open networks. Information uploaded to the Services, including message content, is stored in an encrypted format when processed by the Sinch Infrastructure.
4. Controller and Processor
   1. For the purposes of this DPA, the Customer is the controller of the Customer’s Personal Data and Sinch is the processor of such data, except when the Customer acts as a processor of the Customer’s Personal Data, in which case Sinch is a sub-processor.
   2. Sinch shall at all times have in place an officer who is responsible for assisting the Customer (i) in responding to inquiries concerning the Data Processing received from Data Subjects; and, (ii) in completing all legal information and disclosure requirements which apply and are associated with the Data Processing. Such assistance may be requested at dpo@sinch.com.
   3. The Customer warrants that:
      1. The processing of the Customer’s Personal Data is based on legal grounds for processing, as may be required by Applicable Data Protection Laws and that it has made and shall maintain throughout the term of the Principal Agreement all necessary rights, permissions, registrations and consents in accordance with and as required by Applicable Data Protection Laws with respect to Sinch’s processing of the Customer’s Personal Data under this DPA and the Principal Agreement;
      2. it is entitled to and has all necessary rights, permissions and consents to transfer the Customer’s Personal Data to Sinch and otherwise permit Sinch to process the Customer’s Personal Data on its behalf, so that Sinch may lawfully use, process and transfer the Customer’s Personal Data in order to carry out the Services and perform Sinch’s other rights and obligations under this DPA and the Principal Agreement;
      3. it will inform its Data Subjects about its use of Processors in Processing their personal data, to the extent required under Applicable Data Protection Laws; and,
      4. it will respond in a reasonable time and to the extent reasonably practicable to enquiries by Data Subjects regarding the Processing of their personal data, and to give appropriate instructions to Sinch in a timely manner.
5. Confidentiality
   1. Sinch shall ensure that each of its, and sub-processors’, personnel that is authorized to process the Customer’s Personal Data is subject to confidentiality undertakings or professional or statutory obligations of confidentiality and are trained with the relevant security and Data Protection requirements.
6. Technical and Organizational Measures
   1. Sinch shall, in relation to the Customer’s Personal Data, (a) take and document reasonable and appropriate measures, as described in Annex 2, in relation to the security of the Sinch Infrastructure and the platforms used to provide the Services as described in the Principal Agreement, and (b) on reasonable request at the Customer’s cost, assist the Customer in ensuring compliance with the Customer’s obligations pursuant to Applicable Data Protection Laws.
   2. Sinch’s internal operating procedures shall comply with the specific requirements of an effective Data Protection management.
7. Data Subject Requests
   1. Sinch provides specific tools in order to assist customers in replying to requests received from data subjects. These include our APIs and interfaces to search event data, suppressions, and retrieve message content. When Sinch receives a complaint, inquiry or request (including requests made by data subjects to exercise their rights pursuant to Applicable Data Protection Laws) related to the Customer’s Personal Data directly from data subjects Sinch will notify the Customer. Taking into account the nature of the processing, Sinch shall assist the Customer, by appropriate technical and organizational measures, insofar as this is reasonably possible, for the fulfillment of the Customer’s obligation to respond to requests for exercising such data subjects’ rights.
8. Personal Data Breaches
   1. Sinch shall notify the Customer without undue delay once Sinch becomes aware of a personal data breach affecting the Customer’s Personal Data. Sinch shall, taking into account the nature of the processing and the information available to Sinch, use commercially reasonable efforts to provide the Customer with sufficient information to allow the Customer at the Customer’s cost, to meet any obligations to report or inform regulatory authorities, data subjects and other entities of such personal data breach to the extent required under Applicable Data Protection Laws.
9. Data Protection Impact Assessments
   1. Sinch shall, taking into account the nature of the processing and the information available, provide reasonable assistance to the Customer at the Customer’s cost, with any data protection impact assessments and prior consultations with supervisory authorities or other competent regulatory authorities as required for the Customer to fulfill its obligations under Applicable Data Protection Laws.
10. Audits
    1. Sinch shall make available to the Customer on reasonable request, information that is reasonably necessary to demonstrate compliance with this DPA.
    2. Customer, or a mandated third party auditor, may upon written reasonable request conduct an inspection in relation to the Processing of the Customer’s Personal Data by Sinch and to the extent necessary according to Data Protections Laws and without interrupting Sinch’s business operations and ensuring confidentiality.
    3. The audit right as described in Paragraph 10(b) above will become applicable for the Customer, in case Sinch has not provided sufficient evidence of its compliance with the provisions of this DPA. Sufficient evidence includes providing either: (i) a certification as to compliance with ISO 27001or other standards implemented by Sinch (scope as defined in the certificate); or (ii) an audit or attestation report of an independent third party. An audit as described within this Paragraph 10 shall be carried out at the Customer’s cost and expense and requires reasonable notice by the Customer of at least thirty (30) days.
11. Return or Destruction of the Customer’s Personal Data
    1. The Customer may, by written notice to Sinch no later than at the time of termination of the Principal Agreement, request the return and/or certificate of deletion of all copies of the Customer’s Personal Data in the control or possession of Sinch and sub-processors. Sinch shall provide a copy of the Customer’s Data in a form that can be read and processed further.
    2. Within ninety (90) days following termination of the account, Sinch shall delete all personal data processed pursuant to this DPA, unless Customer requests the return of personal data as described in Paragraph 11(a) above. This provision shall not affect potential statutory duties of the Parties to preserve records for retention periods set by law, statute or contract.
    3. Any additional cost arising in connection with the return of personal data after the termination or expiration of the Agreement shall be borne by the Customer.
12. Data Transfers
    1. Customer acknowledges and agrees that, in connection with the performance of the Services under the Agreement, Sinch may transfer personal data within its company group. These transfers are necessary to provide the Services globally.
    2. Whenever personal data is processed outside the country where the contracted Sinch legal entity is established, Sinch will ensure an adequate level of protection for personal data by means of organizational, technical and contractual measures as is required by Applicable Data Protection Laws and this DPA.
    3. The Standard Contractual Clauses and, if required, the UK Addendum, having Sinch act as data importer with the Customer acting as data exporter are incorporated as part of this DPA. If Sinch’s arrangement with a sub-processor involves a Restricted Transfer, Sinch shall ensure that the onward transfer provisions of the Standard Contractual Clauses and/or UK Addendum are incorporated into the Principal Agreement, or otherwise entered into between Sinch and the sub-processor. The Customer agrees to exercise its audit right in the Standard Contractual Clauses by instructing Sinch to conduct the audit set out in Paragraph 10.
    4. For transfers of personal data from the European Union, the European Economic Area and/or their member states, Switzerland and the United Kingdom to countries which do not ensure an adequate level of Data Protection within the meaning of Data Protection Laws of the foregoing territories, to the extent such transfers are subject to Data Protection Laws and Regulations and in order to implement appropriate safeguards, the following safeguards are taken: (i) Standard Contractual Clauses as per European Commission’s Decision 2021/914/EU of June 4, 2021, (2) for Sinch Email, the EU-US Data Privacy Framework (EU-US DPF) and the UK Extension to the EU-U.S DPF, as set forth by the U.S Department of Commerce (3) UK Addendum, and (4) additional safeguards with respect to security measures including data encryption, data aggregation, separation of access controls and data minimization principles.
13. Sub-processing
    1. The Customer hereby gives a general authorization to Sinch to appoint sub-processors in accordance with this Paragraph 13 and Annex 1. Sinch will ensure that sub-processors are bound by written agreements that require them to provide at least the level of data protection required of Sinch by this DPA. The Customer also gives Sinch a specific authorization to continue to use those sub-processors already engaged at the date of this DPA, as referenced in section (b).
    2. The current sub-processors for the Services are set out at https://www.sinch.com/data-protection-agreement/sub-processors/ (“Sub-processor List”). Provided that the Customer subscribes to notifications of new sub-processors through the subscription mechanism found at https://www.sinch.com/data-protection-agreement/sub-processors/, Sinch shall notify the Customer, through such mechanism, thirty (30) days’ in advance of any intended changes concerning the addition or replacement of any Sub-processor. If, within ten (10) business days of receipt of that notice, the Customer notifies Sinch in writing of any objections on reasonable grounds to the proposed appointment, Sinch shall not appoint that proposed sub-processor until reasonable steps have been taken to address the objections raised by the Customer and the Customer has been provided with a reasonable written explanation of the steps taken. If Sinch and the Customer are not able to resolve the appointment of a sub-processor within a reasonable period, either party shall have the right to terminate the Principal Agreement for cause.
    3. Sinch shall be responsible for the acts and omissions of any sub-processors as it is to the Customer for its own acts and omissions in relation to the matters provided in this DPA.
14. Governing law and jurisdiction
    1. The parties to this DPA hereby submit to the choice of jurisdiction stipulated in the Principal Agreement with respect to any disputes or claims howsoever arising under this DPA, including disputes regarding its existence, validity or termination or the consequences of its nullity.
    2. This DPA and all non-contractual or other obligations arising out of or in connection with it are governed by the laws of the country or territory stipulated for this purpose in the Principal Agreement.
    3. Notwithstanding the forementioned under this Paragraph (a) and (b), all obligations arising out of or in connection with the Standard Contractual Clauses incorporated into this DPA shall be governed by the laws of the EU Member State specified in Annex 1, as required for the validity of those Standard Contractual Clauses pursuant to European Commission’s Decision 2021/914/EU of June 4, 2021.
15. Order of precedence
    1. With regard to the subject matter of this DPA, in the event of inconsistencies between the provisions of this DPA and any other agreements between the parties, including the Principal Agreement and including (except where explicitly agreed otherwise in writing, signed on behalf of the parties) agreements entered into or purported to be entered into after the date of this DPA, the provisions of this DPA shall prevail.
16. Severance
    1. Should any provision of this DPA be invalid or unenforceable, then the remainder of this DPA shall remain valid and in force. The invalid or unenforceable provision shall be either (i) amended as necessary to ensure its validity and enforceability, while preserving the parties’ intentions as closely as possible or, if this is not possible, (ii) construed in a manner as if the invalid or unenforceable part had never been contained therein.
17. Termination
    1. This DPA and the Standard Contractual Clauses will terminate contemporaneously and automatically with the termination of the Principal Agreement.

ANNEX 1

STANDARD CONTRACTUAL CLAUSES

With regard to the Standard Contractual Clauses the Parties agree that:

1. Module 2 (Controller-to-Processor) will apply where Sinch acts as Customer’s data processor; Module 3 (Processor-to-Processor) will apply where Sinch acts as Customer sub-processor. For each Module, where applicable:
2. Clause 7 (Docking clause) is incorporated;
3. For the purposes of Clause 9.a) (Use of sub-processors), Option 2: General written authorization shall apply. The data importer has the data exporter’s general authorization for the engagement of sub-processors from an agreed list. The data importer shall specifically inform the data exporter in writing of any intended changes to that list through the addition or replacement of sub-processors at least thirty (30) days in advance;
4. The optional wording in Clause 11 (Redress) on independent resolution bodies is not incorporated;
5. For the purpose of Clause 13 (Supervision), IMY, the Swedish Data Protection Authority (Integritetsskyddsmyndigheten) shall act as competent supervisory authority;
6. Option 1 of Clause 17 (Governing law) shall apply and the laws of Sweden shall govern the Standard Contractual Clauses;
7. For the purposes of Clause 18 (Choice of forum and jurisdiction), the courts of Sweden will resolve any dispute arising out of the Standard Contractual Clauses;
8. Annex IA (List of Parties) and Annex IB (Description of Transfer) shall be completed using the information and details specified in the Principal Agreement and listed in Paragraph 3 of the DPA;
9. Annex IB (Description of Transfer) shall be further completed by specifying that no sensitive data shall be transferred. The frequency of the transfer shall be continuous. For transfers to sub- processors, the subject matter, nature and duration of the processing shall be the same as that of the data importer;
10. For the purpose of Annex IC, the competent supervisory authority in accordance with Clause 13 is IMY, the Swedish Data Protection Authority (Integritetsskyddsmyndigheten);
11. For the purpose of Annex II, the Technical and organisational measures are described in Annex 2 of the DPA;
12. For the purpose of Annex III, the List of Sub processors is referenced in Clause 13 of the DPA;
13. where the Restricted Transfer is subject to the Regulation as it forms part of the law of England and Wales, Scotland and Northern Ireland (UK GDPR), the Standard Contractual Clauses shall incorporate the UK Addendum completed as follows:
    1. For the purposes of Table 1, the start date is the date of the DPA’s signature and the Parties’ details shall be completed using the information and details specified in the Principal Agreement;
    2. For the purposes of Table 2, the version of the Approved EU SCCs which the UK Addendum is appended to is the Standard Contractual Clauses as completed in accordance with this Annex 1, with the date being the effective date of this Addendum;
    3. For the purposes of Table 3, the Appendix Information is as described in paragraphs (h) – (l) of this Annex 1; and,
    4. For the purposes of Table 4, the Sinch entity acting as the Importer may end the UK Addendum when the Approved Addendum changes.

ANNEX 2

INFORMATION SECURITY – TECHNICAL AND ORGANIZATIONAL MEASURES

The Technical and Organizational Measures included within this Annex are measures that are applicable on the Service(s) provided by Sinch. If necessary, for the Service, Sinch may include further Technical and Organizational measures in the Service Order or Service

1) Inventory of information and other associated assets 

An inventory of information and other associated assets, including owners, is developed and maintained.  An asset owner has been appointed for every asset within the inventory according to the asset tagging policy.

2) Authentication information

The allocation and management of authentication information is controlled by a management process, which includes advising personnel on the appropriate handling of authentication information.

In particular, Sinch:

• Do not limit the permitted characters that can be used.

• Password minimum 16 characters

• Do not use secret questions as a sole password reset requirement

• Require email verification of a password change request

• Require the current password in addition to the new password during password change

• Verify newly created passwords against common passwords lists or leaked passwords databases 

• Check existing user passwords for compromise regularly

• Memorized secrets must be salted and hashed using a suitable one-way key derivation function.

• Enforce appropriate account lockout and brute-force protection on account access max 5 failed logins, then lock for 30 mins

• The last 24 passwords must not be re-used

• 365 day password change

• Guest network passwords if low risk can be set to never expire if following the password length requirement (min 16 characters)

• MFA & SSO used in all use cases

3) Access rights

Access rights to information and other associated assets is provisioned, reviewed, modified and removed in accordance with the organization’s topic-specific policy on and rules for access control.

In particular in Sinch:

• Access rights are reviewed quarterly.

• User accounts inactive for over 90 days are disabled

• Quarterly access reviews should be performed for all offices access systems to check that users access rights are still valid.

4) ICT readiness for business continuity

ICT readiness is planned, implemented, maintained and tested based on business continuity objectives and ICT continuity requirements.

In particular, in Sinch:

• All Business Units have one or more Disaster Recovery Plans specifically aligned with the product offering.

• The DRP is tested annually through using Incident Simulation.

5) Information security awareness, education and training

Personnel of the organization and relevant interested parties receive appropriate information security awareness, education and training and regular updates of the organization’s information security policy, topic-specific policies and procedures, as relevant for their job function.

In particular, in Sinch:

• All employees completed within 3 weeks of start date

• All employees carried out ISA-training during the last 12 months

• The content of ISA-training is updated every 12 months

6) Capacity management

The use of resources is monitored and adjusted in line with current and expected capacity requirements.

7) Protection against malware

Protection against malware is implemented and supported by appropriate user awareness.  All endpoint devices should have EDR Endpoint detection.

8) Management of technical vulnerabilities

Information about technical vulnerabilities of information systems in use is obtained, Sinch’s exposure to such vulnerabilities is evaluated and appropriate measures are taken.

In particular, in Sinch:

• Vulnerability Scan every 7 days.

• Apply security patches to all components of the application stack with severity score higher than “Medium“ as determined by the issuer of the patch within one month (30 days) after release

• Pen test every 12 months black box manual.

9) Configuration Management

Configurations, including security configurations, of hardware, software, services and networks is established, documented, implemented, monitored and reviewed against the following standards: NIST 800-53 and CIS Controls.

10)  Information Backup

Backup copies of information, software and systems are maintained and regularly tested in accordance with the agreed topic-specific policy on backup.

The backup routine at least specifies:

• Backup intervals (minimum weekly)

• Retention requirements

• Location for backup storage

• Extent of backup (e.g. data, configurations, full system backup)

• Backup strategy (e.g. online versus offline, number of backups, relation between full and incremental backup)

• Backup restore tests shall be performed at least quarterly for business-critical systems and at least annually for all others and the tests

11) Monitoring activities

Networks, systems and applications are monitored for anomalous behaviour and appropriate actions taken to evaluate potential information security incidents.  Networks, systems and application are monitored for anomalous and malicious behaviour in order to detect potential security incidents.

12) Network Security

Networks and network devices are secured, managed and controlled to protect information in systems and applications.

For instance, Sinch:

• Encrypt data at rest on servers, applications, and databases (AES256 Minimum). Encrypt data in transit (TLS 1.2 or higher).

• Appropriately logging and monitoring to enable recording and detection of actions that can affect, or are relevant to, information security including EDR.

• Product owner must maintain up-to-date documentation including network diagrams and configuration files of devices (e.g. routers, switches).

• Restrict and filter systems connection to the network both incoming and outgoing e.g. using firewalls to minimize exposed assets both internally and externally.

• Hardening of network devices

• Segregating network administration channels from other network traffic.

• Temporarily isolating critical subnetworks (e.g. with drawbridges) if the network is under attack.

13) System life cycle management

Rules for the secure development of software and systems are established and applied.

For instance, in Sinch:

• The system is designed in a secure way utilizing threat modelling as required.

• There is a plan to maintain the system in line with the vulnerability management control

• There is an owner of the system

• There is a plan to replace the system (zero legacy policy)

14) Security testing in development and acceptance

Security testing processes are defined and implemented in the development life cycle.

• SAST and vulnerability & secrets detection scans in CICD pipelines. If possible DAST

• No critical or high vulnerabilities remediated before available for customers

• Securely manage network infrastructure.

• All projects follow Product Release Security Checklists

15) Measures for ensuring physical security of locations at which personal data are processed

Physical and environmental security measures have been implemented within Sinch.

For instance, in Sinch:

• Security perimeters are defined and used to protect areas that contain information and other associated assets.

• Secure areas are protected by appropriate entry controls and access points.

• Physical security for offices, rooms and facilities are designed and implemented.

• Premises are continuously monitored for unauthorized physical access.

• Protection against physical and environmental threats, such as natural disasters and other intentional or unintentional physical threats to infrastructure are designed and implemented.

• Security measures for working in secure areas are designed and implemented.

• Clear desk rules for papers and removable storage media and clear screen rules for information processing facilities are defined and appropriately enforced.

• Equipment is sited securely and protected.

• Off-site assets are protected.

• Storage media is managed through their life cycle of acquisition, use, transportation and disposal in accordance with the organization’s classification scheme and handling requirements.

• Information processing facilities are protected from power failures and other disruptions caused by failures in supporting utilities.

• Cables carrying power, data or supporting information services are protected from interception, interference or damage.

• Equipment is maintained correctly to ensure availability, integrity and confidentiality of information.

• Items of equipment containing storage media are verified to ensure that any sensitive data and licensed software has been removed or securely overwritten prior to disposal or re-use.

Sinch has also applied an Information Security Management System (ISMS), according to ISO/IEC 27001:2022.

16) Measures for ensuring limited data retention

Measures to ensure limited personal data retention have been implemented.

For instance, Sinch:

• Established a data retention policy, which clearly defines the specific types of data that will be collected, how long it will be retained, and when it will be deleted.

• Implemented automated deletion processes.

• Regularly reviews and updates the retention policy.

• Limits data collection to only what is necessary for the specific business purpose.

• Trains employees on data retention.

• Regularly reviews and monitors data retention

• Uses encryption to protect data that is retained, to reduce the risk of unauthorized access or disclosure.

17) Measures for ensuring accountability

Appropriate technical and organisational measures have been implemented to meet the requirements of accountability.

For instance, Sinch:

• Adopted and implemented data protection policies.

• Took a ‘data protection by design and default’ approach.

• Put written contracts in place with organisations that process personal data on Sinch’s behalf.

• Documented its processing activities.

• Carried out data protection impact assessments.

• Appointed a Group DPO

18) Measures for allowing data portability and ensuring erasure

Measures to allow the exercise of data subject rights are implemented within Sinch.

For instance, Sinch:

• Erases personal data from back-up systems as well as live systems where necessary, and it clearly tells the individual what will happen to their data.

• Contacts each recipient to inform them about the erasure, if the personal data is disclosed to others, unless this is impossible or involves disproportionate effort. If personal data has been made public in an online environment, the organisation takes reasonable steps to tell other controllers, if they are processing it, to erase links to, copies or replication of that data.

• Informs the data subject which third parties have received the personal data whenever requested.

• Provides personal data in a structured, commonly used and machine readable format, where requested. Where possible and if an individual requests it, the organisation can directly transmit the information to another organisation.

19) Measures for ensuring data minimisation

Measures to minimize the amount of data processed are implemented.

For instance, for each processing activity Sinch:

• Implemented measures that ensure that the collection of personal data is adequate, relevant and strictly limited to what is necessary in relation to the purposes for which they are processed.

• Has assessed that it cannot achieve the purposes of its processing activity with less privacy invasive data (e.g. working with less granular data) or intrusive process (i.e. using less intrusive means).

• Documented the requirement for each data field in relation to the purpose.

ANNEX 3

DEVIATIONS

1. Deviations.
   1. For Customers and contracts in Brazil, in addition to what is agreed upon in this DPA, the established obligations will adopt the following word and guidelines:
      1. The definitions highlighted below shall replace the ones used in this DPA:
         1. “Special Categories of Personal Data” shall mean Sensitive personal data: this means such data concerning racial or ethnic origin, religious beliefs, political opinions, membership to a trade union or religious, philosophical or political organizations, data concerning health or a natural person’s sex life, genetic or biometric data, when related to a natural person.
         2. “Applicable Data Protection Laws” means the Brazilian General Data Protection Law (Law No. 13.709/2018) (“LGPD”) and the GDPR, as transposed into domestic legislation of each Member State (and the United Kingdom) and as amended, replaced or superseded from time to time, and laws implementing, replacing or supplementing the GDPR and all laws applicable to the processing of Customer’s Personal Data, including the California Consumer Privacy Act of 2018, Cal. Civ. Code § 1798.100 et seq (“CCPA”).
         3. “Data Processing” shall mean any operation carried out with personal data, such as those that refer to the collection, production, receipt, classification, use, access, reproduction, transmission, distribution, processing, filing, storage, elimination, information evaluation or control, modification, communication, transfer, diffusion or extraction.
         4. The terms “consent,” “processor,” “controller,” “data subject,” “personal data,” “processing,” and “national authority” shall have the meanings assigned to them in the LGPD. In the absence of a specific definition in the LGPD, the definition contained in Article 4 of the GDPR shall be adopted for the following terms: “third party,” “personal data breach,” “sub-processor” and “supervisory authority(ies)” (or “control authority”).
      2. The section 3(b) shall adopt the following wording:
         • Sinch shall only process the Customer’s Personal Data for the purposes of (i) fulfilling its obligations under the Principal Agreement; (ii) the regular exercise of rights, including in contract and in judicial, administrative, and arbitral proceedings; (iii) ensuring the prevention of fraud and the security of the data subject; and (iv) in accordance with the documented instructions described in this DPA or as otherwise instructed by the Customer from time to time. Such Customer’s instructions shall be documented in the applicable order, services description, support ticket, other written communication or as directed by Customer using the Services (such as through an API or control panel).
      3. The provisions contained in Clause 13(b) shall not apply.
      4. The section 6 (b) shall adopt the following wording:
         • Both parties’ internal operating procedures shall comply with the specific requirements of an effective Data Protection management and information security, including but not limited to access management, fraud prevention, and irregular use of Sinch’s services.
   2. For Customers and contracts in Colombia, in addition to what is agreed upon in this DPA, the following is applicable concerning the definition of the term “Applicable Data Protection Laws” as well the processing and transfer of personal data:
      1. “Applicable Data Protection Laws” means the Colombian Statutory Law 1581 of 2012 and the Regulatory Decree 1377 of 2013, and other regulations that amend, replace, or supplement the aforementioned, as well as the GDPR, as transposed into domestic legislation of each Member State (and the United Kingdom) and as amended, replaced or superseded from time to time, and laws implementing, replacing or supplementing the GDPR and all laws applicable to the processing of Customer’s Personal Data, including the California Consumer Privacy Act of 2018, Cal. Civ. Code § 1798.100 et seq (“CCPA”).
      2. “Controller acknowledges that Processor may transfer, store, and process Personal Data to territories outside of Colombia, where it will be subject to the laws of the foreign jurisdictions in which it is held. Controller acknowledges that it possesses all necessary prior authorizations from data subjects and databases records that would allow Processor to process the data within databases and in countries that meet at least the same data protection standards (adequate level of protection) as the ones provided under Colombian laws (such as, but not limited to, Statutory Law 1581 of 2012, Regulatory Decree 1377 of 2013, Decree N° 90 of 2018, the Unique Circular from the Superintendence of Industry and Commerce and the External Circular Nº 005 of 2017 from the Superintendence of Industry and Commerce, and other regulations that modify, replace, or complement the aforementioned).”
   3. For Customers and contracts in Argentina, in addition to what is agreed upon in this DPA, the following applies concerning the processing and transfer of personal data: the Customer acknowledges that it has all the necessary prior authorization from the data subjects for the processing and transfer of personal data, including sensitive data, if applicable, to SINCH. The parties acknowledge and agree that the processing of personal data will be carried out in accordance with Law No. 25.326 (“Personal Data Protection Law of the Republic of Argentina”) and provisions and resolutions issued by the Agency for Access to Public Information. The transfer of personal data to countries or international or supranational organizations will only be carried out to Recipients who provide adequate levels of protection.
   4. For Customers and contracts in Uruguay, in addition to what is agreed upon in this DPA, the following applies concerning the processing and transfer of personal data:
      1. The Controller acknowledges that it has all the necessary prior authorizations from the data subjects and database records that would allow Sinch to process personal data and transfer and/or transmit them to countries that meet at least the same standard of personal data protection (adequate level of protection) as provided in Uruguayan legislation, such as, but not limited to, Law No. 18.331, Regulatory Decree No. 414/009, and Law No. 19.670, and other regulations that amend, replace, or supplement the aforementioned.
      2. The provisions contained in Clause 13(b) shall not apply.
   5. For Customers and contracts in Mexico, in addition to what is agreed upon in this DPA, the definitions highlighted below shall replace the definitions used in this DPA:
      • “Applicable Data Protection Laws” means the Mexican Federal Law on the Protection of Personal Data Held by Private Parties (“LFPDPPP”), and other regulations that amend, replace, or supplement the aforementioned, as well as the GDPR, as transposed into domestic legislation of each Member State (and the United Kingdom) and as amended, replaced or superseded from time to time, and laws implementing, replacing or supplementing the GDPR and all laws applicable to the processing of Customer’s Personal Data, including the California Consumer Privacy Act of 2018, Cal. Civ. Code § 1798.100 et seq (“CCPA”).

The post Data Processing Agreement appeared first on Sinch.

Capitalized terms are defined in the Glossary at the end of this document.  

2. SUPPLY OF SERVICE AND RESTRICTIONS  

2.1 Supply of Service.  

Subject to the terms of the Agreement, SINCH will make the Service available to Customer.  

2.2 Grant of Rights.  

SINCH grants to Customer a non-exclusive and non-transferable right to use the Service as permitted under the Agreement solely for the Customer’s internal business operations.  

2.3 Acceptable Use Policy.  

With respect to the Service, Customer shall not:  

1. except to the extent such rights cannot be validly waived by law, disassemble, decompile, reverse-engineer, copy, translate or make derivative works,  

2. market, rent, sell, lease or use for non-civilian purposes, 

3. transmit any content or data that is unlawful, including without limitation any unlawful voice calls, or infringes any intellectual property rights, or  

4. circumvent or endanger Sinch’s operation or security.  

2.4 Monitoring.  

SINCH may, but is under no obligation to, monitor use of the Service (only to the extent allowed by applicable law):  

1. to comply with applicable law, regulation, or other governmental request or order including disclosing Customer Data in accordance with such law, regulation, request or order;  

2. to verify Customer’s compliance with the Agreement;  

3. to protect the integrity of its systems and networks and those of its suppliers;  

4. as necessary to provide and support the Service; or  

5. as otherwise approved or requested by Customer.  

2.5 Compliance.  

Customer shall promptly provide any information as SINCH may request relating to Customer Data or Customer’s use of the Service:  

1. to determine Customer’s compliance with the Agreement, and  

2. in response to any request made by any regulatory or governmental or statutory body.  

2.6 Operating Instructions.  

Customer shall comply, and use the Service in accordance, with the operating guidelines and policies relating to the use of the Services.  

2.7 Suspension of Service.  

SINCH may suspend use of the Service:  

1. as necessary to comply with applicable law or regulation;  

2. to perform maintenance (whether planned or emergency) or repair to the SINCH Network;  

3. if the use poses a threat to the integrity or continued operation of the SINCH Network or any part of it;  

4. if the use is in breach of the Agreement or otherwise exposes SINCH to legal liability;  

5. in SINCH’s sole discretion, if not doing so would have a material harm on the Services or SINCH’s provision thereof; or 

6. if SINCH is unable to provide the Service due to a termination or alteration of SINCH’s relationship with any third party or the termination or suspension of any license or authorization necessary to provide the Service.  

SINCH will promptly notify (email permitted) Customer of the suspension. SINCH will endeavor to limit the suspension in time and scope as reasonably possible under the circumstances, and will resume the Service once the cause of the suspension has been remedied, provided that if a suspension is due to Customer’s actions or inactions, SINCH will resume the Service once Customer has remedied the cause of the suspension and Customer will pay any applicable reconnection charge or, if no charge is specified, Customer shall reimburse SINCH for all reasonable costs and expenses incurred by SINCH in resuming the Service and further provided that SINCH may terminate the Agreement if Customer does not remedy the cause of the suspension within thirty (30) days.  

2.8 Third Party Services and Applications.  

The Service may include integrations with web services, software and/or application by third parties (other than SINCH or its Affiliates) that are accessed through the Service and subject to terms and conditions with those third parties.  

2.9 Anti-Fraud 

SINCH adopts measures to identify and prevent fraud and illegal practices during the use of the Service, including, without limitation, the verification of links inserted by the Customer during the use of the Service. SINCH does not represent that it will be able to block or prevent the transmission of fraudulent messages or voice calls. Customer is responsible for ensuring that its account is not used to transmit fraudulent messages or voice calls. Fraud, including artificial inflated traffic originating from the Customer, will not excuse Customer’s payment obligations under the Agreement. 

3. SINCH RESPONSIBILITIES  

3.1 Provisioning.  

SINCH provides access to the Service as described in the Order Form.  

3.2 Support.  

SINCH provides support for the Service as referenced in the Order Form.  

3.3 Modifications.  

1. The Service may be modified by SINCH. SINCH will inform Customer of modifications by email, the support portal, release notes, Documentation or the Service. The information will be delivered by email if the modification is not solely an enhancement. Modifications may include optional new features for the Service, which Customer may use subject to the then- current Supplement and Documentation.  

2. If Customer establishes that a modification by SINCH causes a materially adverse impact on Customer’s use of the Service and is not reasonably acceptable to Customer for legitimate business reasons, Customer may terminate its access to the affected Service by providing written notice to SINCH within thirty (30) days of such modification.  

3.4 Excluded Events.  

Notwithstanding any provision to the contrary in the Agreement, SINCH shall not be liable for any failure to perform or any delay in performing an obligation under the Agreement if such failure or delay arises as a result of or in connection with the occurrence of an Excluded Event.  

4. CUSTOMER RESPONSIBILITIES AND CUSTOMER DATA  

4.1 Customer Obligations.  

Customer shall:  

1. comply with all laws and regulations applicable to it in connection with the Customer Data and Customer’s use of the Service, including but not limited to telecommunications laws and regulations, export control laws and regulations, economic, trade and financial sanctions laws, regulations, embargoes, restricted state lists or restrictive measures administered. 

2. continue to obtain all necessary permits, consents, rights, authorisations, or certifications for its use of the Service, including, but not limited to, any Customer Data transmitted as part of that use; and  

3. immediately comply with such directions and/or orders as may be issued from time to time by a governmental or regulatory authority in relation to the Customer Data or its use of the Service and shall cooperate with SINCH’s request for assistance in conforming the Service to any new requirements or determinations.  

4.2 Customer Data.  

Customer is solely responsible for all Customer Data. Customer (i) grants to Sinch (including its Affiliates and subcontractors) a nonexclusive, worldwide right to use, modify, adapt and process Customer Data to analyse, develop, test, and operate, provide and support the Services and/or any of products of SINCH and its Affiliates and (ii) acknowledges that neither SINCH, its Affiliates, nor their respective suppliers exercise any control over Customer Data, and act as a mere or passive conduit in transmitting and handling Customer Data.  

Customer acknowledge and agree that any Messages sent through Sinch are deemed to have been sent and/or authorized by Customer. 

4.3 Personal Data.  

Customer will collect and maintain all Personal Data necessary to utilise the Service, and all required consents associated with such Personal Data, in compliance with applicable Data Protection Laws.  

4.4 Co-operation  

The Customer shall reasonably co-operate with SINCH in SINCH’s supply and support of a Service, including any diagnostic or other maintenance or upgrade activities.  

4.5 Access and Security.  

Customer has the sole and exclusive responsibility for the installation, configuration, security (including firewall security), and integrity of all Customer facilities, systems, equipment, proxy servers, software, networks, network configurations and the like (the “Customer Equipment”) used in conjunction with or related to the Service(s) provided by SINCH, including, without limitation, Customer’s connectivity to any third party. Customer will maintain reasonable security standards to protect the SINCH Network from unauthorised access, including, but not limited to, protecting Customer’s passwords from being disclosed to or accessed by third parties. Customer shall immediately inform SINCH if the Customer becomes aware of any possible or actual unauthorised use, misuse or access of the Service.  

4.6 Disaster Recovery.  

Customer is solely responsible for all disaster recovery, business continuity and back up arrangements in respect of its own equipment and all of its Customer Data.  

4.7. Test Account. Sinch may make an account available to the Customer for the purposes of non-productive testing, demonstration and evaluation of certain Services. The terms of the Agreement shall govern the Customer’s use and access to such test account and test Services. The Customer shall ensure that the test account and test Services are used strictly for the purpose of non-production testing, demonstration and evaluation, and not for any productive, commercial or other purpose. The Customer shall not connect the test Services to a productive IT-environment. The Customer shall comply with any relevant instructions or protocols Sinch notifies the Customer of in relation to the test account and test Services. The Customer agrees that Sinch can withdraw such test account and test Services at any time (with or without notice to the Customer). 

5. FEES AND TAXES  

5.1 Fees and Payment.  

Customer will pay fees as stated in the Order Form. For nonpayment, SINCH may, after prior written notice, suspend Customer’s use of the Service until payment is made. Customer cannot withhold, reduce or set-off fees owed during the Term. For any invoice the Customer fails to pay by its due date, interest will thereafter accrue on such unpaid amount at the maximum allowable rate. The fees payable shall be calculated by reference to data recorded or logged by Sinch and not by reference to any data recorded or logged by the Customer. Invoices issued by Sinch shall be final, conclusive and binding on the Customer, provided that the Customer may dispute an invoice in writing and in good faith no later than within thirty (30) days from the date of invoice but further, provided that Customer will timely pay any undisputed part of such invoice. No omission or delay by Sinch in invoicing any sums shall prohibit Sinch from raising an invoice at a later date nor shall it relieve the Customer of the Customer’s liability to pay.

5.2 Taxes.  

Unless otherwise stated in an Order Form, fees and other charges imposd under an Order Form will not include taxes, including withholding taxes, all of which will be for Customer’s account. Customer is responsible for all taxes including withholding taxes, other than SINCH’s income and payroll taxes. If SINCH is required to pay taxes (other than its income and payroll taxes), Customer will reimburse SINCH for those amounts and indemnify SINCH for any taxes and related costs paid or payable by SINCH attributable to those taxes.  

5.3 Set-off.  

SINCH may, without notice to the Customer, set-off any sums owed by the Customer under this Agreement and/or any other agreement with SINCH against any sums owed by SINCH to Customer regardless of the place of payment or currency of such obligations.  

6. TERM AND TERMINATION  

6.1 Term.  

The Term is as stated in the Order Form.  

6.2 Termination by Either Party.  

A party may terminate the Agreement:  

1. upon thirty (30) days written notice of the other party’s material breach unless the breach is remedied during that thirty-day period;  

2. as permitted under Sections 3.3(b), 6.3(b), or 8.1(c) (with termination effective thirty (30) days after receipt of notice in each of these cases); or  

3. immediately if the other party files for bankruptcy, becomes insolvent, or makes an assignment for the benefit of creditors, or otherwise materially breaches Sections 11 or 13.6.  

6.3 Termination by SINCH.  

In addition to the termination rights set out in Section 6.2, SINCH may also terminate the Agreement or any specific  Service being affected at any time:  

1. upon any termination of a network operator, third-party subcontractor, supplier, or interconnected carrier relationship with SINCH or its Affiliates or the discontinuance of support for equipment or a component of service necessary for SINCH to provide the Service;  

2. upon any legal, regulatory or governmental prohibition or limitation affecting the Service; or 

3. upon the termination or expiry of any license necessary to provide the Service. 

Sinch will endevaour to limit the termination in time and scope as reasonably possible under the circumstances. In addition, Sinch may terminate the entire Agreement immediately, without prejudice to the other clause in the Agreement and in applicable legislation, if any illegal practice and/or fraudulent use of the Service is proven. 

6.4 Effect of Expiration or Termination.  

Upon the effective date of expiration or termination of the Agreement:  

1. Customer’s right to use the Service and all SINCH Confidential Information will end;  

2. SINCH will cease providing the applicable Service;  

3. Confidential Information of the disclosing party will be returned or destroyed as required in writing by the disclosing party;  

4. Customer shall promptly pay to SINCH all outstanding amounts due and payable under the Agreement; and  

5. termination or expiration of the Agreement does not affect other agreements between the parties.  

6.5 Survival.  

Sections 1, 2.4, 2.5, 5, 6.4, 6.5, 8, 9, 10, 11, and 13 will survive the expiration or termination of the Agreement.  

7. WARRANTIES  

7.1 Compliance with Law.  

Each Party warrants its current and continuing compliance with all laws and regulations applicable to it in connection with (i) in the case of Sinch, the operation of SINCH’s business as it relates to the Service and (ii) in the case of Customer, the Customer Data and the Customer’s use of the Services. 

7.2 Disclaimer.  

Except as expressly provided in the Agreement, neither SINCH nor its subcontractors make any representation or warranties, and SINCH and its subcontractors disclaim all representations, warranties, terms, conditions or statements, which might have effect between the parties or be implied or incorporated into this Agreement or any collateral contract, whether by statute, common law or otherwise, all of which are excluded to the fullest extent permitted by law including the implied conditions, warranties or other terms as to merchantability, suitability, originality, or fitness for a particular use or purpose. In addition, except as expressly provided in this Agreement, neither SINCH nor its subcontractors make any representations, warranties, terms, conditions or statements of non-infringement or results to be derived from the use of or integration with any products or services provided under the Agreement, or that the operation of any products or services will be secure, uninterrupted or error free. Customer agrees that it is not relying on delivery of future functionality, public comments or advertising of SINCH or product roadmaps in entering into the Agreement. Customer acknowledges that (i) the Service has not been specifically designed to meet its and/or any of its customer’s or end-user’s individual requirements; and (ii) the Service will not be error- free, uninterrupted, or free from unauthorised access. Except as expressly stated in this Agreement, the Service is provided on an ‘as is’ and ‘as available’ basis.  

8. THIRD PARTY CLAIMS  

8.1 Claims Brought Against Customer.  

1. SINCH will defend Customer against claims brought against Customer by any third party alleging that Customer’s use of the Service infringes or misappropriates a patent claim, copyright, or trade secret right. SINCH will indemnify Customer against all damages finally awarded against Customer (or the amount of any settlement SINCH enters into) with respect to these claims.  

2. SINCH’s obligations under Section 8.1 will not apply if the claim results from (i) Customer’s breach of the Agreement; (ii) use of the Service in conjunction with any product or service not provided by SINCH, or (iii) use of the Service provided for no fee.  

3. In the event a claim described in Section 8.1(a) is made or likely to be made, SINCH may (i) procure for Customer the right to continue using the Service under the terms of the Agreement, or (ii) replace or modify the Service to be non-infringing without material decrease in functionality. If these options are not reasonably available, SINCH or Customer may terminate Customer’s access to the affected Service upon written notice to the other.  

8.2 Third Party Claim Procedure.  

1. Customer will timely notify SINCH in writing of any claim.  

2. SINCH will have the right to fully control the defense (and SINCH shall be free to delegate such claim to its third party insurer or indemnifier).  

3. Customer shall fully cooperate in the defense of such claim and shall not undertake any action that is prejudicial to SINCH’s rights.  

4. The Customer shall not undertake any action in response to any infringement or misappropriation, or alleged infringement or misappropriation that is prejudicial to SINCH’s rights.  

8.3 Exclusive Remedy.  

The provisions of Section 8 state the sole, exclusive, and entire liability of SINCH, its Affiliates, and subcontractors to Customer, and is Customer’s sole remedy, with respect to third party claims and to the infringement or misappropriation of third party intellectual property rights.  

9. LIMITATION OF LIABILITY  

9.1 Unlimited Liability.  

Neither party will exclude or limit its liability for damages resulting from:  

1. SINCH’s obligations under Section 8.1(a);  

2. Customer’s obligations under any Indemnity;  

3. unauthorised use or disclosure of Confidential Information;  

4. fraud or fraudulent misrepresentation;  

5. death or bodily injury arising from either party’s gross negligence or willful misconduct;  

6. any failure by Customer to pay any fees due under the Agreement; or  

7. any liability that cannot be excluded or limited by applicable law.  

9.2 Liability Cap.  

Subject to Sections 9.1 and 9.3, under no circumstances and regardless of the nature of the claim, shall the maximum aggregate liability of either party (or its respective Affiliates or SINCH’s subcontractors) to the other party or its Affiliates or any other person or entity (howsoever arising) under or in connection with this Agreement including (but not limited to) liability for breach of contract, tort (including but not limited to negligence), misrepresentation (whether tortious or statutory), breach of statutory duty, breach of warranty, claims by third parties from any repudiatory, material, or other breach (however minor) of this Agreement (whether or not intentional), from willful misconduct or otherwise, exceed EUR 10,000 for all events (or series of connected events) arising in any twelve (12) month period Any “twelve (12) month period” commences on the Term start date or any of its yearly anniversaries.  

9.3 Exclusion of Damages.  

Subject to Section 9.1:  

1. Under no circumstances shall either party (nor its respective Affiliates or SINCH’s subcontractors) be liable to the other party or its Affiliates or any other person or entity (whether or not the other party had been advised of the possibility of such loss or damage) for any of the following types of loss or damage arising under or in relation to this Agreement (whether arising out of liability under breach of contract, tort (including but not limited to negligence), misrepresentation (whether tortious or statutory), breach of statutory duty, breach of warranty, claims by third parties from any repudiatory, material, or other breach (however minor) of this Agreement (whether or not intentional)):  
   • (i) any loss or inaccuracy of data, (ii) loss of profits, (iii) loss of business, (iv) loss resulting from business disruption, (v) loss of contracts, (vi) loss of revenue, (vii) loss of anticipated savings, (viii) loss of goodwill, (ix) loss of reputation, (regardless of whether these types of loss or damage listed in this sub-clause (A) are direct, indirect, special or consequential); or  
   • any special, incidental, consequential, or indirect losses or damages or for exemplary or punitive damages;  
2. SINCH will not be liable for any damages caused by any Service provided for no fee.  

9.4 Risk Allocation.  

The Agreement allocates the risks between SINCH and Customer. The fees for the Service reflect this allocation of risk and limitations of liability.  

10. INTELLECTUAL PROPERTY RIGHTS  

10.1 SINCH Ownership.  

SINCH, its Affiliates or licensors own all intellectual property rights in and related to the Service, Documentation, design contributions, related knowledge or processes, and any derivative works of them, including any feedback Customer may provide to Sinch about the Service in connection with Customer’s use of the Service. All rights not expressly granted to Customer are reserved to SINCH, its Affiliates and its licensors.  

10.2 Customer Ownership.  

Customer retains all rights in and related to the Customer Data as between Customer and SINCH.  

10.3 Non-Assertion of Rights.  

Customer covenants, on behalf of itself and its successors and assigns, not to assert against SINCH, its Affiliates or licensors, any rights, or any claims of any rights, in any Service or Documentation.  

11. CONFIDENTIALITY  

11.1 Use of Confidential Information.  

1. The receiving party will protect all Confidential Information of the disclosing party as strictly confidential to the same extent it protects its own Confidential Information, and not less than a reasonable standard of care. Receiving party will not disclose any Confidential Information of the disclosing party to any person other than its personnel or representatives or those of its Affiliates whose access is necessary to enable it to exercise its rights or perform its obligations under the Agreement and who are under obligations of non-disclosure and non-use at least as strict as those in Section 11. Customer will not disclose the Agreement or the pricing to any third party.  

2. Confidential Information of either party disclosed prior to execution of the Agreement will be subject to Section 11.  

3. The receiving party will return or destroy all Confidential Information promptly after being requested to do so by the disclosing party.  

11.2 Exceptions.  

The restrictions on use or disclosure of Confidential Information will not apply to any Confidential Information that:  

1. is independently developed by the receiving party without reference to the disclosing party’s Confidential Information;  

2. is available to the public without breach of the Agreement by the receiving party;  

3. at the time of disclosure, was known to the receiving party free of confidentiality restrictions; or  

4. the disclosing party agrees in writing is free of confidentiality restrictions.  

11.3 Compelled Disclosure 

The receiving party may disclose Confidential Information pursuant to a lawful requirement or request from a court or governmental agency (including by pursuant to stock market rule or regulation); provided that prior to making any disclosure, the receiving party will (a) give the disclosing party written notice, to the extent commercially practicable and not otherwise prohibited by law, sufficient to allow the disclosing party to seek a protective order or other appropriate remedy and (b) disclose only that portion of the Confidential Information it is required to disclose, based on advice of its counsel, to comply with such legal requirement, and will use commercially reasonable efforts to obtain confidential treatment for any of the Confidential Information so disclosed. 

11.4 Publicity.  

Neither party will use the name of the other party in publicity activities without the prior written consent of the other, except that Customer agrees that SINCH may use Customer’s name and logo in customer listings or quarterly calls with its investors or, at times mutually agreeable to the parties, as part of SINCH’s marketing efforts (including reference calls and stories, press testimonials, site visits). Customer agrees that SINCH may share information on Customer with its Affiliates for marketing and other business purposes and that it has secured appropriate authorisations to share Customer employee contact information with SINCH.  

12. DATA PROTECTION  

12.1 Data Controller.  

The Customer acknowledges that SINCH shall act as an independent Data Controller with respect to the processing of Personal Data that is necessary to provide its communications services and carry out its necessary functions and business as a communication services provider, including necessary measures to prevent spam and fraud and measures for control, security, and maintenance of its network, management of its business and compliance functions, consistent with its obligations under applicable laws including Data Protection Law. 

12.2 Data Processor.  

When SINCH processes Personal Data on behalf of the Customer (in accordance with Data Protection Law), SINCH can be qualified as a Data Processor and the Customer as a Data Controller as defined within this Agreement and the DPA applicable on the service. 

1. The parties agree that, when SINCH acts as a Data Processor under applicable Data Protection Law, the DPA is applicable. 

2. Each Party shall comply with applicable Data Protection Law. The Customer has the obligation to inform Sinch, in writing, about the Data Protection Law applicable to such processing of Personal Data for which the Customer is the Data Controller and SINCH is Data Processor. 

3. The Customer represents and warrants, and covenants that the Customer has and will maintain all necessary rights, licenses and consents to provide Sinch with Customer Data. Sinch may require that Customer provides evidence thereof whenever necessary and in accordance with the terms of the Agreement. 

4. The Customer acknowledges and agrees that Sinch may retain, store, use and disclose Customer Data to the extent necessary to provide and improve the Services and to satisfy applicable legal, accounting or regulatory. 

13. MISCELLANEOUS  

13.1 Severability.  

If any provision of the Agreement is held to be invalid or unenforceable, the invalidity or unenforceability will not affect the other provisions of the Agreement.  

13.2 No Waiver.  

A waiver of any breach of the Agreement is not deemed a waiver of any other breach.  

13.3 Electronic Signature.  

Electronic signatures that comply with applicable law are deemed original signatures.  

13.4 Regulatory Matters.  

SINCH Confidential Information is subject to export control laws of various countries. Customer will not submit SINCH Confidential Information to any government agency for licensing consideration or other regulatory approval, and will not export SINCH Confidential Information to countries, persons or entities if prohibited by export laws.  

13.5 Notices.  

All notices will be in writing and given when delivered to the address set forth in an Order Form with copy to the legal department. Notices by SINCH relating to the operation or support of the Service, and as otherwise permitted in the GTC or an Order Form (including, but not limited to, those under Sections 2.7 and 5.1 of this GTC) may be in the form of electronic mail to Customer’s authorised representative or administrator, with such notice deemed to have been given upon dispatch from SINCH’s email server.  

13.6 Assignment.  

Without SINCH’s prior written consent, Customer may not assign or transfer the Agreement (or any of its rights or obligations) to any party. SINCH may assign the Agreement to any of its Affiliates. Any attempted assignment in violation of the provisions of this Section will be void ab initio. 

13.7 Subcontracting and use of Affiliates.  

SINCH may subcontract parts of the Service to third parties. SINCH is responsible for breaches of the Agreement caused by its subcontractors. Nothing shall prevent SINCH from delegating the performance of any or all of its obligations under this Agreement to any Affiliate.  

13.8 Relationship of the Parties.  

The parties are independent contractors, and no partnership, franchise, joint venture, agency, fiduciary or employment relationship between the parties is created by the Agreement.  

13.9 Rights of third parties.  

Except as specifically provided for in this Agreement, this Agreement does not give rise to any third party being a third party beneficiary of this Agreement or being entitled to any rights whatsoever, including, but not limited to, the right to enforce any term of this Agreement. Under this Agreement, any liability, loss or damage incurred or suffered by an Affiliate of SINCH in relation to the supply of the Service to, or use by, Customer pursuant to this Agreement shall be deemed to constitute a liability, loss or damage incurred or suffered by SINCH.  

13.10 Force Majeure.  

Any delay in performance (other than for the payment of amounts due) caused by conditions beyond the reasonable control of the performing party is not a breach of the Agreement. The time for performance will be extended for a period equal to the duration of the conditions preventing performance.  

13.11 Anti-Corruption 

The Parties, in addition to acting according to this Agreement, will comply with all Anticorruption and Bribery applicable legislation. Neither party nor its officers, directors, employees, agents, affiliates, delegates or representatives shall pay, offer or promise to pay or authorize the payment, directly or indirectly, of any money, gift, or any other type of favoring to an official or employee of a private organization or company, the government or a state agency, an agency or company which majority partner is a state body, a public organization, a candidate for public office or a political party,  a member of a political party, any person acting in an official governmental capacity and any person or entity acting for or for the benefit of any of the parties mentioned in this paragraph, for the purpose of influencing any action or decision, whether to obtain a commercial advantage or to obtain or retain business, or to direct transactions for any person. The Parties further agree to maintain books, records and accounts which, in reasonable detail, accurately and fairly reflect the transactions undertaken and the disposition of assets; and will maintain, and provide to the other Party on request, information that is reasonably required to verify compliance with this paragraph. 

13.12 Export Regulations 

Customer acknowledges that the products delivered by SINCH under this Agreement may be controlled under applicable export and import control or sanctions laws and regulations and Customer may require an export or import license from a government authority to export, transfer or import any Hardware, Software or Documentation. Customer represents that it is not on any sanction lists such as the EU restrictive list or the U.S. Treasury Department list of Specially Designated Nationals and Blocked Persons and warrants it will only use the products for civil and peaceful use and not use the products to develop or produce conventional weapons and/or nuclear, chemical, biological weapons or missiles. Nothing in this agreement shall be read as requiring either Party to be directly or indirectly involved in export, re-export, transfer, use of goods, technology, software, or services that is prohibited by applicable export control or sanctions laws 

13.13 Governing Law and Dispute

(a) If this Agreement is entered into with Sinch Sweden AB, the Agreement will be governed by, and construed in accordance with, the laws of Sweden, without reference to its conflicts of laws principles. All disputes will be subject to the exclusive jurisdiction of the courts in Stockholm, Sweden.

(b) If this Agreement is entered into with Sinch UK Ltd., the Agreement will be governed by, and construed in accordance with, the laws of England and Wales, without reference to its conflicts of law principles. All disputes will be subject to the exclusive jurisdiction of the courts located in London, England.

(c) If this Agreement is entered into with Sinch America Inc. or MessageMedia U.S.A. Inc., the Agreement will be governed by, and construed in accordance with, the laws of the state of Georgia, USA, without reference to its conflicts of law principles. All disputes will be subject to the exclusive jurisdiction of the courts located in Georgia, USA.

(d) If this Agreement is entered into with Sinch Communications Canada Inc., the Agreement will be governed by, and construed in accordance with, the provincial laws of Quebec and the federal laws of Canada as applicable therein, without reference to its conflicts of laws principles. All disputes will be subject to the exclusive jurisdiction of the provincial and federal courts in the judicial district of Montreal, Quebec.

(e) If this Agreement is entered into with Sinch Singapore Pte Ltd, this Agreement and any matters relating to this Agreement shall be governed by and construed in accordance with the laws of Singapore, without reference to its conflicts of law principles. All disputes will be subject to the exclusive jurisdiction of the Singapore courts. A person who is not a party to this Agreement has no right under the Contracts (Rights of Third Parties) Act, Chapter 53B of Singapore to enforce any term of this Agreement.

(f) If this Agreement is entered into with Sinch Australia Pty Ltd, the Agreement and any claims relating to its subject matter will be governed by and construed under the laws of New South Wales, without reference to its conflicts of law principles. All disputes will be subject to the exclusive jurisdiction of the New South Wales courts.

(g)  If this Agreement is entered into with MessengerPeople GmbH, the Agreement will be governed by, and construed in accordance with, the laws of Germany, without reference to its conflicts of laws principles. All disputes will be subject to the exclusive jurisdiction of the courts in Berlin, Germany.

(h) If this Agreement is entered into with Sinch BR S.A., the Agreement will be governed by, and construed in accordance with, the laws of Federative Republic of Brazil- All disputes will be subject to the exclusive jurisdiction of the Central District located in São Paulo, State of São Paulo.

(i) If this Agreement is entered into with Cyclelogic Mexico S. de R.L de CV, the Agreement will be governed by, and construed in accordance with, the Mexican laws applicable in Mexico City and the Parties chose the court of Mexico City, to resolve the questions or controversies arising from the Agreement, excluding any other, as privileged as it may be.

(j) If this Agreement is entered into with ACL Mobile Private Ltd., the Agreement will be governed by, and construed in accordance with, the laws of India, without reference to its conflicts of laws principles. All disputes will be subject to the exclusive jurisdiction of the courts in New Delhi, India.

The United Nations Convention on Contracts for the International Sale of Goods and the Uniform Computer Information Transactions Act (where enacted) will not apply to the Agreement. Either party must initiate a cause of action for any claim(s) relating to the Agreement and its subject matter within one (1) year from the date when the party knew, or should have known after reasonable investigation, of the facts giving rise to the claim(s). If Customer fails to pay Sinch any amounts due under this Agreement, Customer will be liable for and pay to Sinch all expenses Sinch incurs in collecting such unpaid amounts, including fees Sinch pays to a debt collection agency.  In addition, in any jurisdiction in which attorneys’ fees and expenses are not awarded to the prevailing party, if either party commences a legal action in connection with this Agreement, the prevailing party will be entitled to recover as a part of the action its reasonable third-party, out-of-pocket attorneys’ fees, and all other reasonable expenses actually incurred. The prevailing party for the purpose of this clause shall be determined by the trier of fact.

13.14 Entire Agreement.  

The Agreement constitutes the complete and exclusive statement of the agreement between SINCH and Customer relating to the subject matter of the Agreement and supersedes all prior agreements, arrangements and understandings between the parties relating to that subject matter. Each party acknowledges that in entering into the Agreement it has not relied on any representation, discussion, collateral contract or other assurance except those expressly set out in the Agreement. Each party waives all rights and remedies which, but for this section, might otherwise be available to it in respect of any such representation, discussion, collateral contract or other assurance. Except as permitted under Section 3.3, this Agreement may be modified only in writing signed by both parties. The Agreement shall prevail over any additional, conflicting, or inconsistent terms and conditions which may appear on any purchase order furnished by one party to the other, and any additional terms and conditions in any such purchase order shall have no force and effect, notwithstanding the non-furnishing party’s acceptance or execution of such purchase order.  

Glossary  

1.1. “Affiliate” means SINCH or any legal entity in which Customer or SINCH, directly or indirectly, holds more than fifty percent (50%) of the entity’s shares or voting rights. Any legal entity will be considered an Affiliate as long as that interest is maintained.  

1.2. “Agreement” means an Order Form and documents incorporated into an Order Form.  

1.3. “Confidential Information” means  

1. with respect to Customer: (i) Customer marketing and business requirements, (ii) Customer implementation plans, and/or (iii) Customer financial information, and  

2. with respect to SINCH: (i) the Service, Documentation, and (ii) information regarding SINCH research and development, product offerings, pricing and availability.  

3. Confidential Information of either SINCH or Customer also includes information which the disclosing party protects against unrestricted disclosure to others that (i) the disclosing party or its representatives designates as confidential in writing at the time of disclosure, or (ii) should reasonably be understood to be confidential given the nature of the information and the circumstances surrounding its disclosure.  

4. Confidential Information does not include Customer Data.  

1.4. “Customer Data” means any content, messages, data and/or information that Customer delivers or uploads to the SINCH Network or to a Service or provides via a Service. Customer Data and its derivatives will not include SINCH’s Confidential Information nor any usage data that arises or SINCH generates in the supply of the Service.  

1.5. “Data Controller” means given to it in the GDPR. 

1.6. “Data Processor” means given to it in the GDPR.  

1.7. “Data Processing Agreement” is the Data Processing Agreement (“DPA”) applicable on the Services, and of which the most recent version can be found at https://www.sinch.com/data-protection-agreement/. 

1.8. “Data Protection Law” means the relevant laws and other regulations applicable to the collection, use, storage, disclosure or otherwise processing personal data (such as but not limited to and as far as applicable the General Data Protection Regulation or the “GDPR”), the California Privacy Rights Act (the “CPRA”) and California Consumer Privacy Act (the “CCPA”) and as further defined within the DPA. 

1.9. “Documentation” means SINCH’s then-current technical and functional documentation as well as any service descriptions and roles and responsibilities descriptions, if applicable, for the Service which is made available to Customer with the Service.  

1.10. “Excluded Event(s)” means any of the following: (i) a fault in, or any other problem associated with, systems not operated or managed by SINCH; (iii) any breach of the Agreement by the Customer or a third-party within the Customer’s direct control or any third party supplier to the Customer;(iv) any act by the Customer which interferes with or impedes the supply and support of the Service; (v) any suspension of the Service in accordance with the terms of the Agreement; or (vi) any other circumstances caused by events for which SINCH is not liable in accordance with the terms of the Agreement.  

1.11. “General Data Protection Regulation” or “GDPR” the General Data Protection Regulation (EU) 2016/679 of the European Parliament and the Council, as amended, supplemented and/or varied from time to time. 

1.12. “Indemnity” means any section within an Order Form, Supplement or GTC identified as an indemnity either by its wording or its heading.  

1.13. “Intellectual Property Rights” means copyrights, database rights, patents, patent applications, patent rights, trademarks, trademark applications, trademark registrations, trademark rights, trade secrets, rights in know-how and all other intellectual property and proprietary information rights as may exist now or hereafter come into existence under the laws of any country and all pending applications for and right to apply for or register the same (present, future and contingent, and including all renewals, extensions, revivals and all accrued rights of action). 

1.14. “Order Form” means the ordering document (including an electronic form and/or order submitted through an online ordering platform) for the Service that references the GTC. 

1.15. “Personal Data” information about an individual that is defined as “personal data” or “personal information” as defined within the DPA and, if necessary, further defined within in the applicable Data Protection Law, such as but not limited to the GDPR  

1.16. “Service” means any distinct service or services that SINCH provides pursuant to an Order Form including any support associated with such service or services.  

1.17. “SINCH Network” means the digital networks (wireless or otherwise), server(s), hardware, software and/or any other equipment that SINCH owns, operates or leases, in its sole discretion, in connection with the supply of the Service and including any extranet access provided by SINCH in connection with the supply of the Service.  

1.18. “Supplement” means the Supplemental Terms and Conditions that apply to the Service and that are incorporated in an Order Form.  

1.19. “Term” means the term identified in the applicable Order Form, including all renewals.  

The post General Terms and Conditions appeared first on Sinch.

These supplemental terms and conditions (“Supplement”) are part of an agreement for certain SINCH services (“Agreement”) between SINCH and Customer and apply solely to the SINCH social channel services (“Service”) and not any other SINCH product or service.

Capitalized terms are defined in the Glossary below. Capitalized terms not defined in this Supplement shall have the meanings ascribed to them in the General Terms and Conditions for SINCH Services (“GTC”).

Part A – Legal Terms

A1. Services

A1.1. End User opt-in/opt-out requirements. Customer shall send Messages only to End Users who have, and continue to, knowingly consent or “opt-in” to receiving Messages and who have been informed by Customer of their right to cancel, and have been given a, readily accessible free process for cancelling, receipt or to “opt-out” of receiving further Messages. This opt-in information shall include the End User’s MSISDN, Social Channel ID, and any SINCH Message Channel Preference (collectively “Opt-In Information”), and any further details if and as required by any relevant Service Provider. Customer agrees that SINCH will deliver Messages to the Customer Messaging Application via the Social Media Platform Provider based on the End User’s Social Channel ID and Customer’s communication to SINCH of such End User’s Opt-In Information. Customer shall stop sending Messages to an End User who has opted-out from receiving such Messages as soon as possible but in no case later than twenty-four (24) hours after receipt of the opt-out request (or any shorter time period if necessary to meet or comply with any legal, regulatory, governmental and/or Service Provider request or requirement). At Sinch’s request, or the request of a Service Provider, Customer shall provide Sinch with proof of any and all such opt-in(s) and optout(s), and response time to discontinue transmission of Messages after opt-out, to Sinch’s reasonable satisfaction.

A1.2. Supply of Customer Services. Customer shall inform End Users that Customer is the source and supplier of the Messages and provide appropriate contact details to End Users. SINCH shall have no support obligations of any kind with respect to End Users and Customer shall not in any way, directly or indirectly, communicate or otherwise convey to End Users anything to the contrary. Customer shall bear sole responsibility for the acts, omissions or breaches of End Users with respect to the use of the Service, Customer Services and the Messages, including but not limited to the Customer Data. Customer shall promptly inform SINCH if Customer becomes aware of any violation of the terms of this paragraph.

A1.3. Restrictions. Customer shall not use the Service or permit the Service to be used:

(a) in a manner that violates any applicable law, regulation, industry guidelines or code of practice, or that violates, infringes or misappropriates the rights of any third party;

(b) to transmit any Message or any electronic material (including viruses or other similar destructive computer programming routines) which causes, or is likely to cause, detriment or harm or damage to the SINCH Network or any computer systems or telecommunications equipment or mobile handsets owned by SINCH or any other person , or to facilitate the transmission or use of any code that would allow any third party to interfere with or access any Customer Data;

(c) to send spam, “junk mail” or unsolicited advertising or promotional Messages or material, or to send or knowingly receive or use any Message or material which is obscene, offensive, abusive, harassing, misleading, fraudulent, unethical, indecent, defamatory, discriminatory, threatening, libelous, unlawful or menacing; or

(d) to send any Messages that are of an urgent or sensitive nature or contain emergency information.

A1.4. Inappropriate Use. Customer shall not: (a) remove any identification, patent, trademark, copyright or other notice from the Service or any part of it; (b) access, use, or copy any portion of the Service directly or indirectly to develop, promote or support any product or service that is competitive with the Service or any part of it; (c) disclose or publish performance or capacity statistics about the Service or any part of it; (d) perform any benchmark tests on the Service or its supply or any part of it; or (e) use the Service in connection with any activity that may result in tangible or intangible personal property damage, or death or serious body injury.

A1.5. Acceptable Use. Customer shall not access any information or data provided or controlled by any other customer of SINCH or its suppliers and will abide by, and will not circumvent or otherwise disable, any security measures implemented in the Service. Customer shall immediately inform SINCH if any third party makes or threatens any claim or action against Customer, or SINCH, or any other party relating to any Customer Data, Customer Service or Messages.

A1.6. Faults. Customer agrees to promptly fix any faults and/or bugs in Customer’s software that causes the Service to be accessed incorrectly, including, but not limited to, software that generates incorrect API calls to the Service.

A2. Compliance

A2.1 Requirements. The provisions of Sections 2.5 and 4.1(c) of the GTC shall apply equally to requests, directions and/or orders made or issued by any Service Provider.

A2.2 Responsibility. SINCH may, in its sole discretion, require Customer to take primary responsibility for any request or enquiry made under Section A2.1 above relating to any Customer Service, Message(s) or Customer Data or arising from Customer’s use of the Service or from an alleged or actual breach of the Agreement by Customer. Customer agrees, at its own cost, to accept full responsibility for any such request or enquiry including for any expenses, penalties, fines, sanctions or other analogous costs that may arise, and in relation to such request or enquiry, to provide all requested information to such regulator or Service Provider (with copies to SINCH) in a timely manner.

A2.3 Survival. Sections A1.1, A1.2, A1.3, A1.4, A1.5, A2.2, A2.3, A2.4, A2.6, and A2.7 shall survive termination or expiration of the Agreement.

A2.4 Indemnity. Customer will indemnify and, at SINCH’s election, defend SINCH, its Affiliates and subcontractors against:

(a) any claims (including, but not limited to, any claims, fines, penalties, or losses ) or other liabilities brought against SINCH, its Affiliates and subcontractors by any third party (including, but not limited to, any other SINCH customer, Service Provider or governmental or regulatory authority) relating to Customer Data, Customer Services, Messages or Customer’s use of the Service (including, but not limited to, any such claim which relates to infringement or misappropriation of any intellectual property rights of any third party or any breach or violation of laws or regulations, and any breach of Social Media Platform Terms); and

(b) all damages finally awarded against SINCH, its Affiliates and subcontractors with respect to these claims.

A2.5 Suspension. In addition to its rights under the GTC, SINCH may without liability block or delete any Customer Data or Message(s) that SINCH determines, in its sole discretion, violates the terms of the Agreement.

A2.6 Disclaimer. Customer agrees that, with respect to its supply of the Service, neither SINCH nor any SINCH supplier shall be liable whether in contract, tort, or strict liability to Customer or to any End User or any other customer of Customer for (i) any Messages deleted or not delivered regardless of the reason for deletion or non-delivery, including, without limitation, message processing errors, transmission errors, or messaging network and/or service failures; or (ii) the accuracy of information provided through the Service.

A2.7 Compliance with Social Media Platform Provider’s Terms and Condition (to the extent it is applicable). Customer shall fully comply at all times with all terms and conditions imposed and required by a Social Media Platform Provider with respect to Customer’s use of such Social Media Platform Provider’s Social Media Platform (“Social Media Platform Terms“) and such compliance shall at all times be a condition of use by Customer of the Service. Customer is solely responsible for ascertaining Social Media Platform Terms and ensuring Customer’s full compliance with Social Media Platform Terms. SINCH shall have no obligations to Customer or any third party with respect to Customer’s ascertaining or compliance with Social Media Platform Terms. For information purposes only, set forth below are URLs for a sample of Social Media Platform Providers’ policies as published or updated by such Social Media Platform Providers. Customer acknowledges and agrees that it understands that the following URLs and such policies are subject to change at any time and from time to time based on the specific actions solely of the Social Media Platform Provider and that ascertaining the correct URL, and the Social Media Platform Terms, for a specific Social Media Platform Provider is solely the obligation of Customer:

• Facebook: https://developers.facebook.com/docs/messenger-platform/policy-overview/
• FB TOS: currently available at https://www.facebook.com/legal/terms/, including all terms and policies incorporated or referenced therein and any complementary terms applicable to them or any other Facebook product;
• Business Tool Terms: currently available at https://m.facebook.com/legal/businesstech
• Commercial Terms: currently available at https://www.facebook.com/legal/commercial_terms
• Data Policy: currently available at https://www.facebook.com/about/privacy/update
• Instagram TOU: currently available at https://help.instagram.com/478745558852511, including the Community Guidelines (https://help.instagram.com/477434105621119?helpref=page_content).
• Viber: https://www.viber.com/terms/
• WhatsApp: https://www.whatsapp.com/legal/commerce-policy/, https://www.whatsapp.com/legal/business-terms/. Customer’s use of the WhatsApp Business Solution also shall be governed by the appendix to the applicable Order Form. In the event of a conflict between terms in the Agreement and the terms in such Appendix with respect to the subject matter of Appendix, the terms in the Appendix shall govern.
• Apple Business Chat Register Terms of Use currently available at https://register.apple.com/resources/tou/register_en.html
• Apple Business Chat Terms of Service currently available at: Service Terms for Business Chat (apple.com)
• Apple Business Chat Policies and Best Practices: currently available at BC-PoliciesAndBestPractices-Dec2020.1 (apple.com)
• KakaoTalk Business Channel: https://www.kakao.com/policy/terms?lang=en.
• Telegram: https://telegram.org/tos
• LINE Official Account Terms of Use at: LINE Official Account Terms of Use,
• LINE Official Account Guidelines at: LINE Official Account Guidelines
• LINE Terms and Conditions of Use at: LINE Terms and Conditions of Use,
• LINE Privacy Policy at: LINE Privacy Policy and LINE Privacy Center at: LINE Privacy Center (linecorp.com),
• LINE User Data Policy at: LINE User Data Policy, and
• LINE Developers Agreement at: LINE Developers Agreement
• WeChat – Terms of Service available at: WeChat – Terms of Service
• WeChat – Acceptable Use Policy available at: WeChat – Acceptable Use Policy
• Weixin Official Account Admin Platform – Terms of Service available at: 微信公众平台 (qq.com)
• Weixin Channels Operation Standards available at: Weixin Channels Operation Standards (qq.com)

As of the Effective Date of the Order Form, the Social Media Platform Providers listed in the Order Form shall be available for Customer’s use in connection with the Service, provided however that Customer acknowledges and agrees that Social Media Platforms available for use in connection with the Service may change from time to time and that SINCH does not guarantee to Customer the availability of any Social Media Platform. SINCH will promptly notify Customer in writing (email permitted) of changes to the availability of a Social Media Platform listed in the Order Form of which SINCH becomes aware. Customer will promptly notify SINCH of any changes to Customer’s right to use a specific Social Media Platform of which Customer becomes aware or of any non-compliance by Customer with any Social Media Platform Terms. Customer further acknowledges and agrees that a Social Media Platform Provider may at any time impose on SINCH certain other terms and conditions with respect to the availability and use of such Social Media Platform Provider’s Social Media Platform (“Other SMP Terms”) in connection with the Service and that in such event SINCH shall have the right to impose on Customer such Other SMP Terms in the form of a written addendum to the Agreement, effective on the same date on which such Other SMP Terms are effective as to SINCH, and to be signed promptly by Customer, but in no event later than five (5) business days from the date on which SINCH communicates such addendum to Customer, as a condition to Customer’s use thereafter of such Social Media Platform. If Customer does not sign such addendum within the foregoing time frame SINCH shall have no obligation to provide, or continue to provide, the Service with respect to such Social Media Platform and may at any time in its own discretion suspend or terminate Customer’s use of such Social Media Platform.

Part B – Business Terms

B1. Supply of the Service

B1.1. Other Services Required. As further stated in the Order Form or in the Documentation, the Service may require connection through a separate API and in such cases it cannot be used as a stand-alone product or service. In order for Customer to use the Service, Customer must separately enter in an agreement with SINCH for the right to use the other Services. Unless and until Customer has entered into an agreement with SINCH to obtain the right to use other Services, SINCH shall have no obligation to provide the Service, and SINCH shall not be liable for any failure to do so, and any Messages that Customer submits to the SINCH Network for transmission via the Service may be blocked or deleted by SINCH.

B1.2. Third party use. Customer shall not subcontract, sub-license, license, sell, lease, rent or otherwise make the Service available to third parties.

B2. Customer Responsibilities

B2.1. Access and Connectivity

(a) SINCH Network connection. Customer is solely responsible, at its own expense, for establishing and maintaining its equipment, software, facilities, and its connection to the SINCH Network and this obligation is a condition to Customer’s use of the Service.

(b) Other Conditions to Customer’s Use of the Service. Subject to Section A2.7, Customer must independently establish its physical and functional presence on each Social Media Platform as to which Message transmission is available from SINCH and as to which Customer desires to use the Service. Customer’s required actions in this regard include, but might not be limited to, depending on the specific nature and requirements of a Social Media Platform, (a) Customer’s establishment of a social media landing page on the Social Media Platform; (b) Customer’s creation of a Customer Messaging Application on the Social Media Platform; (c) Customer providing to SINCH the relevant credentials and technical interface information required to permit SINCH to establish a technical communication path with Customer’s Application so that SINCH can make available SINCH’s Webhook to Customer for Customer’s integration of such Webhook into the Customer Messaging Application; and (d) Customer’s integration of Webhook into the Customer Messaging Application so that the Customer Messaging Application may send Opt-In Information to the SINCH Network via such Webhook. Sinch may at its discretion offer onboarding services.

(c) SINCH Dashboard. SINCH may, in its sole discretion, provide Customer with access to an SINCH world wide web interface (“Sinch Dashboard”) which access will enable Customer to obtain statistical reports detailing Service activity. Access to the Sinch Dashboard is provided to Customer for informational purposes only, and the data and information displayed are provided without warranties of any kind regarding completeness or accuracy. Customer agrees not to use or rely on such data and information in accounting for monies due between the parties or for billing purposes.

(d) Traffic Forecasts. Customer shall provide to SINCH timely and accurate forecasts of proposed maximum Message volumes, including peak hour, monthly and quarterly volumes. If the actual Message traffic exceeds one hundred and twenty percent (120%) of the forecasted volume (“Burst”) SINCH may without any liability to Customer immediately suspend access to, and operation of, the Service. If Customer does not submit such forecasts SINCH may, at its sole discretion, determine the volume of Messages that constitutes a Burst.

B2.2. Commercial Messages. Customer shall not use the Service for mobile to mobile, peer to peer messaging purposes. Customer shall use the Service solely to promote or facilitate, directly or indirectly, the goods, services or image of Customer pursuing a commercial activity.

B2.3. SINCH Webhook integrations and On-boarding. Subject to Customer’s full compliance with Section B2.1 above, SINCH shall provide to Customer Webhook via a URL provided by SINCH to Customer for the purpose of Customer integrating such Webhook into the Customer Messaging Application on the Social Media Platform. Webhook, as so integrated, will be used for the purpose of Customer transmitting Opt-In Information to the SINCH Network and for any other transmission between the Customer Messaging Application and the SINCH Network as may be available pursuant to, and in accordance with, the Documentation. SINCH will provide to Customer an on-boarding guide to assist Customer with Customer’s integration of Webhook into the Customer Messaging Application and other set-up requirements relating to transmission between the Customer Messaging Application and the SINCH Network via the Webhook in accordance with the Documentation.

B2.4. Fees. Customer shall be fully responsible for any fees imposed by any Social Media Platform Provider with respect to Customer’s use of such Social Media Platform Provider’s Social Media Platform. In the event any Social Media Platform Provider imposes any fees on SINCH with respect to Customer’s use of such Social Media Platform, SINCH shall have the right to charge Customer, and Customer shall pay, the amount of any such fee (including any additional fees), which shall be invoiced by SINCH to Customer.

Glossary

1.1 “Customer Messaging Application” means a messaging application created or established by Customer on a Social Media Platform for purposes of communicating with End Users who are members of that Social Media Platform.

1.2 “Customer Service” means a marketing, advertising, promotional or informational program or initiative, or other project, conducted by Customer utilizing the Service.

1.3 “End User” means a person or entity that is a user and/or recipient of a Customer Service.

1.4 “Message” means a multimedia digital message containing Customer Data in a form for delivery via Internet Protocol (IP) or other technology, protocols or standards used to transmit digital content or information supplied by Customer to the SINCH Network for transmission as a personalized notification or mass notification.

1.5 “Service Provider” means any entity, including, but not limited to, SINCH suppliers and/or internet service providers that directly or indirectly are used in the supply of the Service which shall include, but not be limited to, Social Media Platform Providers.

1.6 “Social Media Platform” means a third party social media platform on which platform Customer is permitted to, and can, create a social media messaging application for the purpose of sending and receiving Messages to and from End Users on such platform.

1.7 “Social Media Platform Provider” means a third party provider of a Social Media Platform (for example, Facebook). For the purposes of this Supplement, a Social Media Platform Provider shall also be a Service Provider.

1.8 “Social Channel ID” means the particular form of identification assigned by a Social Media Platform to an End User designating such End User with respect to such End User’s access to, presence on, and use of such Social Media Platform.

1.9 “Webhook” means the webhook provided by SINCH to Customer, and integrated by Customer into Customer’s Message Application in connection with the SINCH Service.

The post Social Channels Supplemental Terms and Conditions appeared first on Sinch.

These supplemental terms and conditions (“Supplement”) are part of an agreement for certain SINCH services (“Agreement”) between SINCH and the Customer and apply solely to the SINCH services referencing this Supplement, including any SAAS services (“Service”) and not any other SINCH product or service.

Capitalized terms are defined in the Glossary below. Capitalized terms not defined in this Supplement shall have the meanings ascribed to them in the GTC.

Legal Terms

1. License

1.1. In addition to Section 2.2 of the GTC, SINCH grants to Customer a personal, restricted, non-exclusive, non-transferrable and non-assignable license to use the Service through its Product Users in object code and to make the Product available to the End Users, both in accordance with this Agreement and the applicable Documentation for the Term of the Agreement.

1.2. With respect to Test Accounts and if applicable, the Customer is granted a limited, revocable, non-exclusive, non-transferable license to access and use the Service only for testing, non-productive testing, evaluation and demonstration purposes during a test term subject to the Customer’s continued compliance with this Agreement, it being understood that Customers are not charged any fees during the test term. The scope of the Customer’s right to use the Service shall be determined by SINCH in its sole discretion and shall be limited to the Features and Functionalities made available by SINCH in the Test Account of the Product. SINCH shall, at all times, be entitled to change the scope of the Customer’s rights.

2. Add Ons

2.1. Details regarding the Features and Functionalities of the Service is set out in the Order Form. If the Customer wishes to make use of additional and available Features and Functionalities other than as agreed between Customer and SINCH, Customer may at any time request the purchase of Add-Ons for which the Parties shall sign a new Order Form. Upon request, SINCH shall inform the Customer of which Add-Ons are available and the applicable costs.

2.2. SINCH at any time reserves the right to retroactively charge any amounts corresponding to the use of such additional Features and Functionalities in excess of the amounts or volume allowed under the relevant Order Form. In such event, SINCH shall send a correcting invoice, which shall be payable in accordance with the relevant provisions provided in the Agreement.

3. Activation and Customized Services

3.1. Unless Customized Services relating to the activation, installation or set-up of the Product are requested pursuant Section 3.2 below, the Customer shall be responsible for performing the necessary activation, installation, set-up or software development works to install a version of the Product and integrate such Product in the Customer’s systems. For the avoidance of doubt, any such installation or integration shall be in accordance with the Documentation or any other written instructions provided by SINCH.

3.2. The Customer may request SINCH to perform certain Customized Services and SINCH may in its sole discretion agree to provide such Customized Services. In such case, the Parties shall enter into a Statement of Work detailing the scope of the Customized Services to be provided and the applicable fees which may be on a time and material basis or fixed price basis as determined by the Parties. Any such Customized Services shall be provided in accordance with this Agreement, expressly including the applicable Statement of Work.

3.3. The Customized Services shall be delivered “as is” and shall be deemed accepted by the Customer upon delivery thereof by SINCH.

4. Customer Data

4.1. The Customer acknowledges that the Product consists of certain algorithms and artificial intelligence and that for a proper and seamless functioning of the Product, the Customer is responsible to feed the Product with sufficient Customer Data. Except for Customer Data inputted by End Users, Customer Data may only be inputted by Product Users and in accordance with the guidelines provided in the Documentation.

4.2. The Customer shall solely be liable and responsible for the accuracy and correctness of Customer Data. SINCH shall not be liable for damages or liability resulting from incorrect Customer Data inputted in the Product.

4.3. All Customer Data shall remain property of the Customer. The Customer hereby grants SINCH the right to use such Customer Data (including any other content and information provided, transmitted or uploaded through the Service) for the performance of its obligations under this Agreement and to improve the functioning and provision of the Service. After termination or expiration of the Agreement, if applicable, SINCH may retain limited plain text snippets of the Client Data solely for technical reasons relating to the functioning of the Product. Such text snippets shall be held in strict confidence and shall not be made available to third Parties. If such text snippets contain Client Personal Data, SINCH shall anonymize or pseudonymize such text snippets to the fullest extent possible.

4.4. The Customer warrants to SINCH that the Customer Data shall not infringe the intellectual property rights or other legal rights of any third party, and shall not breach the provisions of any law, statute or regulation, in any jurisdiction and under any applicable law.

4.5. The Customer acknowledges and agrees that its shall solely be responsible for the Customer Data that is distributed or accessible through the Product. SINCH shall in no event be responsible or held liable for any such Customer Data. In particular, the Customer represents and warrants that no Customer Data is distributed through the Product that in any manner in SINCH’s sole discretion: (i) violates any applicable, local, state, national, regional or international law, statute, ordinance or regulations; (ii) is illegal, criminal, deceptive, fraudulent or any other action that is unlawful, harmful, threatening, abusive, harassing, tortious, violent, defamatory, vulgar, obscene, invasive of others privacy, hateful racially, ethnically or otherwise objectionable; (iii) adversely or negatively affects or reflects SINCH’s name, reputation or goodwill.

4.6. The Customer acknowledges and agrees that any violation by the Customer of the provision of this Section 4 shall entitle SINCH, at its sole option (i) to immediately terminate (or alternatively, at SINCH’s option, refuse or suspend any access to and use of the Product) for material breach, without any formalities being required and without prejudice to any other rights or remedies available to SINCH pursuant to this Agreement or under applicable law; and/or (ii) immediately remove or block the concerning Customer Data.

5. Third Party Components and Hosting

5.1. The Customer acknowledges and agrees that in order to use the Service, it needs appropriate hardware, networks, operating systems, data transmittal lines with appropriate communication applications and environments.

5.2. The Customer acknowledges and agrees that in order to use the Service, it may need to obtain, at Customer’s expense, the right to use any software owned by third parties by either (i) purchasing from SINCH the right to use such third party software, provided and to the extent SINCH has the right to license such third party software to Customer and offers such opportunity to Customer, or (ii) licensing or otherwise obtaining from the vendors of such third party software the right to use such third party software. If Customer elects to license such third party software from SINCH, such license shall be executed and attached to the Order Form. Any third party software licensed thereunder or otherwise included in the Service shall be exclusively governed by the terms of the applicable third party software, and (without limitation) any warranties, indemnification and maintenance and support provided hereunder by SINCH in respect of the Service shall not apply in respect of such third party software (except as expressly otherwise agreed to in writing by SINCH).

5.3. The Product will be hosted by SINCH in the datacentres of SINCH’s Hosting Partners. The Customer represents and warrants that it accepts the applicable terms and conditions of the Hosting Partners that will be made available by SINCH or the Hosting Partner (as applicable) to the Customer. The Customer acknowledges and agrees that the Hosting Partners retains the right to unilaterally change any such terms and conditions (including the hyperlink to such terms and conditions).

5.4. SINCH does not give any direct, indirect, explicit or implicit, warranty whatsoever to provide un-interrupted availability to the Service, unless stated in an Order Form.

5.5. The Customer acknowledges that the hosting services and the Products might not be available during periods of planned maintenance by SINCH or the Hosting Partner. If reasonably feasible, any planned maintenance will be performed outside of Business Days and SINCH will inform the Customer as soon as reasonable possible of any planned maintenance.

5.6. SINCH and the Hosting Partner reserve the right to conduct any unplanned maintenance at any time if necessary for security reasons or other reasons requiring immediate maintenance. SINCH or the Hosting Partner will not be held liable for any damages resulting from such unavailability of the Service.

6. Maintenance Services

6.1. As from the Effective Date and subject to the timely payment of all applicable fees, SINCH shall provide third-line Maintenance Services in relation to the Product in the Customer’s production environment in accordance with the provisions set out below.

6.2. If an Incident is encountered by the Customer, the Customer shall first review and assess the Incident. If such assessment shows that the Incident is not an Out of Scope Incident, a Product User may notify SINCH of such Incident by using a web based ticketing systems (such as “Jira” and “Slack”, as made available by SINCH) and the Product User shall specify the details of the Incident (in the format as provided by SINCH). Upon receipt of a ticket, SINCH may in its sole discretion determine whether the Incident is an Out of Scope Incident or not and SINCH’s classification shall be binding and final. SINCH reserves the right to charge the Customer any costs that are made in respect of investigating the nature of an Incident on a time and material basis.

6.3. Maintenance Services for Out of Scope Incidents are not included in the fees, however, Product Users are entitled to ask any questions regarding the Service and SINCH shall answer any Product User’s request in good faith, without any binding commitment whatsoever.

6.4. For Incidents that are not an Out of Scope Incident, SINCH shall use its best efforts to resolve the Incident in accordance with the service level objectives set out as an appendix attached to the Order Form. For the avoidance of doubt, SINCH may in its sole discretion assign a priority level to each Incident.

6.5. For priority 1 and priority 2 Incidents (a “Severe Incident”), the Customer shall appoint one (1) Product User who will act as a single point of contact (SPOC) for SINCH.

6.6. Incidents caused by one the following are not included in the Maintenance Services, however the Customer may request SINCH to provide Customized Services regarding such incidents for which SINCH may charge additional fees (non-exhaustive) (i) Out of Scope Incidents; (ii) abuse or misuse of the Product; (iii) modification or addition to the Product not performed by or with the consent of SINCH; (iv) incorrect installation of a fix by a party different than SINCH; (v) incorrect configuration not performed by or with the consent of SINCH; (vi) the use of incorrect data or data structures; (vii) any installation other than a supported release; (viii) any other environment than the Customer’s production environment.

6.7. The provisions of this Section shall not apply to Test Accounts.

7. Intellectual Property Rights

7.1. In addition to the provision in Section 10.1 of the GTC, SINCH is and remains the sole and exclusive proprietary owner of all Intellectual Property Rights related to the Product and the Services (including any new versions, updates, customizations, enhancements, modifications or improvements made to the Product or the Services). Except for the limited license granted pursuant to this Supplement, no other rights in respect of SINCH’s Intellectual Property Rights shall be granted or transferred to the Customer in connection with this Agreement. Nothing in this Agreement shall convey any title or proprietary right or Intellectual Property Rights in or over the Product or Services to the Customer or any third party. The Customer shall not in any way acquire any title, rights of ownership, copyrights, Intellectual Property Rights or other proprietary rights of whatever nature in the Product or Services. The Customer agrees not to remove, suppress or modify in any way any proprietary marking, including any trademark or copyright notice, on or in the Product, or visible during its operation or on media. The Customer shall incorporate or reproduce such proprietary markings in any permitted back-up or other copies.

7.2 The provision in Section 7.1 above and in Section 10.1 of the GTC regarding intellectual property rights in and related to the Service equally apply to the Customized Services and any related new version, updates, upgrades, customizations, enhancements, modifications or improvements made to or related to the Customized Services.

7.3. The Customer agrees not to remove, suppress or modify in any way any proprietary marking, including any trademark or copyright notice, on or in the Service, or visible during its operation or on media. The Customer shall incorporate or reproduce such proprietary markings in any permitted back-up or other copies.

8. Third Party Claims

The Customer shall indemnify, defend and hold SINCH harmless from and against any damages, losses, costs and expenses (including reasonable attorney fees) suffered or incurred by SINCH (including its Affiliates, agents, contractors, directors, employees or representatives) arising out of or relating to Customer Data, including (without limitation) Customer’s or End Users’ infringement of any third party’s intellectual property rights or any other rights of such third party.

9. Termination

The provision in Section 6.3 of the GTC equally applies in case the Customer breaches or violates the terms and conditions of the Hosting Partner or the applicable third party software.

10. Disclaimer

The disclaimer in Section 7.5 of the GTC relating to the Service equally applies to the Customized Services.

11. Limitation of Liability

In addition to Section 9.3 of the GTC, SINCH shall not be held liable in any way, neither contractually nor extra-contractually, for discontinuing an older release of the Product or for damages caused by the wrongful (or out of scope) use of the Product.

12. Survival

The provisions of this Supplement that are expressly or implicitly intended to survive termination, shall survive expiration or termination of the Agreement.

Glossary

In this Supplement, unless otherwise specified, the following definitions will apply:

1.1 “Add-On” means an addition of a certain Feature or Functionality that is not included in the applicable Order Form. SINCH reserves the right at all times to determine which specific Feature and Functionality it may separately offer. Upon request, SINCH shall inform the Customer of the available Add-Ons.

1.2 “Business Day” means a normal working day of SINCH from 8.30 a.m. to 5.30 p.m. from Monday to Friday, excluding relevant public holidays.

1.3 “Customer Data” means all data proprietary to or held by the Customer which is inputted or uploaded by the Customer, the Product Users or the End Users when using the Product and as processed or stored by SINCH as a result of the Customer, the Product User or the End User using the Product. Customer Data shall also include (i) output data resulting from the processing by the Product of the entered data by the Customer, the Product User or the End User, and (ii) meta-data collected by SINCH related to the usage of the outcomes of the Product (such as click-through rates or number of times certain outcomes where clicked on by the End Users). For avoidance of doubt, Customer Data does not include data generated by the Product or Service.

1.4 “Effective Date” means the effective date as set forth in the Order Form.

1.5 “End User” means any individual to whom the Product will be made available by the Customer and who will be able to use the Product as an end user, e.g. the End User of the Product available in a channel such as web, messaging or telephone.

1.6 “Features or Functionalities” means the features or functionalities available in the Product as included in the applicable Order Form such as (without limitation) number of chatbots, number of test bots, number of documents, number of Product Users, volumes of messages, communication channel through which the Products can be made available to End Users and any other variable specified in the Order Form. SINCH reserves the right to add or remove Features or Functionalities at any time.

1.7 “Hosting Partner” means any provider of hosting services SINCH might contract in the future as will be notified to the Customer from time to time.

1.8 “Incident” means a malfunctioning of the Product.

1.9 “Maintenance Services” are the maintenance and support services related to the Product provided by SINCH to the Customer as described in Section 6.

1.10 “Out of Scope Incident” means an Incident that is not caused by or related to the Product such as (without limitation) Incidents due to malfunctioning of interfaces, Incidents caused by non-supported data formats and Incidents caused by problems in third party software.

1.11 “Product User” means a physical person in Customer’s organization (employees and contractors) who is granted access to the Product by the Customer for the purposes of (i) using the Product by feeding it with content (such as, without limitation, Customer Data) in order to use the Product and (ii) receiving Maintenance Services. The amount of Product Users is strictly limited to the amount corresponding to the applicable Subscription Plan as identified in the Order Form.

1.12 “Product” means the Product as identified in the Order Form.

1.13 “CustomizedServices” mean development, implementation and integration services (including, but not limited to customizations), Maintenance Services or such other services in relation to the Product to be delivered by SINCH to the Customer as may be agreed between the Parties from time to time and set out in the Order Form and/or a Statement of Work.

1.14 “Resolution Time” means the period starting at the end of the Response Time and ending when a resolution to an Incident has been provided by SINCH to the Customer.

1.15 “Response Time” means the period starting from the moment when SINCH has investigated an Incident and the Incident Report provided by the Customer and ending when SINCH has provided a written acknowledgement that the Incident report has been received and understood.

1.16 “Service” means SINCHs provision of the Product and applicable Documentation as described in the Order Form.

1.17 “Statement of Work” means a written document that Parties may enter into from time to time describing the Customized Services that SINCH is to provide in connection with the Service.

1.18 “Test Account” means an account with a limited scope of Features and Functionalities (as made available by SINCH in its sole discretion) to which a Customer subscribes free of charge, but which is only available during a test term and for limited use of the Service only (as set out in the Agreement).

The post SAAS SUPPLEMENTAL TERMS AND CONDITIONS appeared first on Sinch.