Tech Services Terms of Use

This Online Ordering and Digital Dine In Addendum (the “Addendum”) is incorporated into the Terms of Service to cover the Online Ordering Services and Digital Dine In Services. All capitalized terms used and not defined herein shall have the meanings ascribed to them in the Terms of Service or Order Form. The parties expressly agree that the terms of this Addendum will apply to your use of Online Ordering and Digital Dine In Services. The Online Ordering and Digital Dine In Services shall be considered a Tech Service.

1. ONLINE ORDERING AND DIGITAL DINE IN SERVICES

   a. The Tech Services. The Online Ordering and Digital Dine In Services are defined as the (i) “Kiosk Services” which allows you to list your menu items for sale on our proprietary kiosk platform and allow for customers to make purchases and use various promotions, (ii) “Online Ordering” which allows you to work with us and to list your menu items for sale on our proprietary website ordering platform and allow for customers to make purchases and use various promotions, and/or (iii) “Digital Dine In Services” which allows you to use QR code and mobile ordering.For the avoidance of doubt the product “Direct Orders” is a combination of all Online Ordering and Digital Dine In Services.

   b. Customer Service and Disputes. You are solely responsible for providing all end customers support for items sold through the Online Ordering and Digital Dine In Services. In the event there is a dispute between you and the end customer, we will, in a reasonable manner, investigate the dispute. At the end of our investigation, we may, in our reasonable discretion, decide among other things, to issue a re-order, credit, partial refund, or full refund to such end customer. We shall only be responsible for any refund, credit, or reorder directly caused by our gross negligence or willful misconduct. We shall not be responsible for your actions, or the actions of any end customers (including the failure to pick up the items), Third Party Providers, including Stripe or any other payment processors. We may provide additional guidelines and rules as it relates to refunds and disputes effective with 5 days notice, unless due to extraordinary circumstances in which such guidelines and rules may be in effect immediately.

   c. Your Obligations. You must make items available for purchase through the platform during your normal business hours and ensure the menu of available Items is accurate. In addition, except as otherwise stated, you must: (i) prepare, handle, store, label, and package all items in accordance with applicable laws, including without limitation food safety laws, alcohol laws, and packaging laws; (ii) identify all items properly and correctly, especially if items are subject to age restrictions; (iii) property make sure all items meet the requirements in the item listing or as required by the end customer; (iv) ensure that the contents of the menu include item information which is accurate and comply with applicable laws (including any notifications about ingredients, nutritional information, allergen information, alcoholic content (if applicable), etc.); (v) if the end customer needs to prepare or assemble items, include instructions for such assembly or preparation which are accurate and in accordance with all applicable laws; (vi) list for sale, sell, or use any Third party Vendors to deliver any Restricted Items[1]; and (vii) if being delivered by a Third Party Vendor, ensure that all items are appropriately packaged and it meets all Third Party Vendor requirements, including (a) ensuring the items are able to fit into a midsize vehicle and do not exceed 50 lb per package, (b) items are appropriately labeled, (c) reasonable protection to prevent tampering or damage, and (d) appropriate preservation methods so that the items are delivered in a safe condition.

   [1] Restricted Items are defined as the following: (i) people or animals of any size, (ii) illegal items under applicable laws; (iii) drugs, pharmaceutical products, controlled substances, or over-the-counter medications, vitamins, or supplements; (iv) hemp-derived CBD or any marijuana; (v) fragile items; (vi) dangerous or hazardous items, including but not limited to, weapons, explosives, items that are poisonous or flammable (including paints or adhesives containing a flammable liquid), substances and material identified in the Hazardous Materials Table in 49 CFR section 172.10, or material determined to be hazardous under 49 U.S.C. section 5103 et. seq. and transported in a quantity requiring placarding according to regulations prescribed under 49 CFR, Subtitle B, Chapter I, Subchapter C; (vii) stolen goods; (viii) nicotine or tobacco products; (ix) sexual aids, adult toys and movies; (xi) money, gift cards, or transferable securities; (xii) regulated species (e.g., plants, noxious weeds, prohibited seeds, etc.); or (xiii) any items for which you do not have permission to send.

2. PROMOTIONS AND MARKETING

   a. Marketing. At our discretion, we may showcase your listed items via the Online Ordering and Digital Dine In Services through various promotional activities (e.g., through SMS messages, emails, social media channels, websites, advertisements, or blogs). In certain circumstances, you may also be able to choose to pay for the promotion of your items or your store. However, there shall be no additional charges for any marketing unless such marketing is approved by you.

   b. Promotions. Subject to availability, you may, at your discretion, choose to enhance promotion placement, provide coupons to potential end customers, and to engage in other promotional services. To the extent you choose to participate in any promotions, you will ensure that you honor the terms of any such promotion.

3. INTELLECTUAL PROPERTY

   a. User Content. Users of the Online Ordering and Digital Dine In Services (whether you or others) may provide us with content, including without limitation text, photos, images, music, audio, videos, fonts, logos, stickers, code and any other materials (“User Content"). Your User Content stays yours, except for the limited rights that enable us to provide, improve, promote and protect the Tech Services as described in this Agreement. User Content includes without limitation content you post to the Online Ordering. When you provide User Content via the Tech Services, you grant us (including our third party hosting providers acting on our behalf) a non-exclusive, worldwide, perpetual, irrevocable, royalty-free, sublicensable, transferable right and license to use, host, store, reproduce, modify, create derivative works of (such as those resulting from translations, adaptations or other changes we make so that User Content works better with the Tech Services), communicate, publish, publicly display, publicly perform and distribute User Content for the limited purposes of allowing us to provide, improve, promote and protect the Tech Services.

   b. Order Data. Any and all Order Data made through the Online Ordering and Digital Dine In Services shall be owned separately by both parties. “Order Data” shall mean any and all end user order information, including without limitation Personal Data, collected by a party as part of the Kiosk Services or Online Ordering. “Personal Data” shall mean any information exchanged under this Addendum that (i) identifies or can be used to identify an individual (including without limitation, names, telephone numbers, addresses, signatures, email addresses or other unique identifiers); or (ii) that can reasonably be used to authenticate an individual (including without limitation, name, contact information, precise location information, access credentials, persistent identifiers and any information that may be considered ‘personal data’ or ‘personal information’ under applicable law).

   c. Ownership of User Content. You represent and warrant that you own all rights to your User Content or otherwise have (and will continue to have) all rights and permissions necessary to use, share, display, transfer and license your User Content via the Tech Services and in the manner set forth in this Agreement. If we use your User Content in the ways described in this Agreement, you represent and warrant that such use will not infringe or violate the rights of any third party, including without limitation any copyrights, trademarks, privacy rights, publicity rights, contract rights, trade secrets or any other intellectual property or proprietary rights. Also, content on the Tech Services may be protected by others' intellectual property, trade secret or other rights. Please do not copy, upload, download or share content unless you have the right to do so.

4. PRIVACY

   In certain circumstances you may directly receive Personal Data in your use of the Online Ordering and Digital Dine In Services. However, except as otherwise authorized in writing or as required to fulfill the order, you agree not to access, collect, store, retain, transfer, use, disclose, or otherwise process in any manner Order Data you collect under the Online Ordering and Digital Dine In Services. You may not allow any third party to copy, modify, rent, lease, sell, distribute, reverse engineer, or otherwise attempt to gain access to the source code of the Kiosk Services or Online Ordering; damage, destroy or impede the services provided through the Online Ordering; transmit injurious code; or bypass or breach any security protection on the Online Ordering or Kiosk Services. Both parties agree to the terms of Exhibit A to this Addendum, which applies solely as it relates to the Direct Order Services.

5. FEES

   For your use of the Online Ordering and Digital Dine In Services, you shall be charged the fees set forth in the Order Form or as otherwise communicated to you (“Fees”). Except for any monthly fees as described in the Order Form, all other Fees including Payment Processing fees shall automatically be deducted from your payments from the third party payment processor. We reserve the right to change the Fees upon 7 days prior written notice to you. Unless otherwise agreed to in writing, all fees shall be processed instantaneously when the services are performed. You hereby appoint us as your limited agent to withdraw and deposit any Fees that are owed by you. Notwithstanding the above, this section does not prohibit us from charging any new fees to you or your contractors or affiliates, any Third Party Vendor, or any end customer.

6. TERM

   The Term of the Online Ordering and Digital Dine In Services shall be for the duration stated in the Order Form, or if there is no duration stated in the Order Form, the Online Ordering and Digital Dine In Services shall be offered on a Monthly Plan.

7. PAYMENT PROCESSING

   a. Payment Processing Services, The Payment Processing Services are provided as part of the Online Ordering and Digital Dine In Services. The Payment Processing Services are provided by our third party payment processing partner, Stripe, and any procurement by you will be subject to a separate merchant agreement which will be solely between you and the third party processor. If you use Payment Processing Services you agree that you will comply with the terms and conditions of any applicable merchant agreements and all applicable card network rules (i.e. Visa, American Express, Discover, Mastercard), policies, laws and regulations, at all times while using such Payment Processing Services. We are a “Partner Application” as defined in the Stripe Terms of Service. By using the Online Ordering and Digital Dine In Services and agreeing to the Addendum, you also agree to be bound by Stripe’s terms of service and any other terms and conditions that you enter into between you and Stripe. Your use of the Online Ordering and Digital Dine In Services are also fully contingent on passing any know-your-customer, or background checks required by Stripe. You are still responsible for all Fees and other payment obligations during the term of the Online Ordering and Digital Dine In Services regardless of whether you can pass Stripe’s know-your-customer or background check. We reserve the right to change the third party’s payment processor at any time and you will provide us with any information required to set up a payment account with any such alternate payment processor. In cases where suspicious activity is detected (e.g. fraud, money laundering, collusion), we reserve the right to withhold payout.

   b. Third Party Processor. The Payment Processing Services are subject to the Stripe Connected Account Agreement, which includes the Stripe Terms of Service, and any other related agreements (including any terminal products purchased via Stripe) entered into between you and Stripe (collectively, the “Stripe Services Agreement”) and subject to certain fees and surcharges communicated to you during the enrollment process and as may be updated by us from time to time. You agree to be bound by the Stripe Privacy Policy: https://stripe.com/privacy. By enrolling and using the Payment Processing Services, you agree to be bound by the Stripe Services Agreement, as the same may be modified by Stripe from time to time. As a condition of us enabling Payment Processing Services via Stripe, you agree to provide us and Stripe accurate and complete information about you and your business, and you authorize us to share it and transaction information related to your use of the Payment Processing Services provided by Stripe and as otherwise authorized pursuant to the terms of the Agreement.

   c. Compliance. To the extent permitted by law, we may collect any obligations you owe us under this Agreement by deducting the corresponding amounts from funds payable to you arising from the settlement of transactions through the Payment Processing Services. Fees will be assessed at the time a transaction is processed and will be first deducted from the funds received for such transactions. If the settlement amounts are not sufficient to meet your obligations to us, we may charge or debit the bank account or credit card registered in your account for any amounts owed to us. Your failure to fully pay amounts that you owe us on demand will be a breach of this Addendum and the Agreement. You will be liable for our costs associated with collection in addition to the amount owed, including without limitation attorneys' fees and expenses, costs of any arbitration or court proceeding, collection agency fees, and any applicable interest. In addition to the amount due, delinquent accounts may be charged with fees that are incidental to the collection of delinquent accounts and chargebacks including, but not limited to, collection fees and convenience fees and other third parties charges. You hereby explicitly agree that all communication in relation to delinquent accounts will be made by electronic mail or by phone, as provided to us by you. Such communication may be made by us or by anyone on its behalf, including but not limited to a third party collection agent.

   d. Guarantee. Additionally, we may require a personal guarantee from a principal of a business for funds owed under this Agreement. If we require a personal guarantee we will specifically inform you. In addition to the amount due, delinquent accounts may be charged with fees that are incidental to the collection of delinquent accounts and chargebacks including, but not limited to, collection fees and convenience fees and other third parties charges. You hereby explicitly agree that all communication in relation to delinquent accounts will be made by electronic mail or by phone, as provided to us by you. Such communication may be made by us or by anyone on its behalf, including but not limited to a third party collection agent.

   e. Changes. It is your responsibility to determine what, if any, taxes apply to each transaction you complete via the Payment Processing Services, including, for example, sales, use, value added, and similar taxes. It is also your responsibility to withhold, collect, report and remit the correct taxes to the appropriate tax authorities. We are not responsible for withholding, collecting, reporting, or remitting any sales, use, value added, or similar tax arising from any transaction you complete via the Tech Services.

   f. Payment. You shall be paid for all items sold minus any Fees or other charges authorized by you on a regular basis as stated in the Order Form, except as prevented by third party processing delays, acts of nature, network outages, or any other situation not under our reasonable control. In such circumstances we will make all reasonable efforts to ensure your delayed payment is processed promptly. While we strive to be accurate in the calculations of all Fees and items sold, you authorize us to automatically deduct, claw back, and adjust any errors in fees charged or amounts paid to you. You expressly understand and agree that we shall not be liable for any payments and monetary transactions that occur through your use of the Online Ordering and Digital Dine In Services. You expressly understand and agree that all payments and monetary transactions are handled by Stripe. You agree that we shall not be liable for any issues regarding financial and monetary transactions (including any fraudulent transactions, money laundering, collusion) between you and any other party, including Stripe.

   g. Payment Responsibility.You are responsible for all transactions (one-time, recurring, and refunds) processed through the Payment Processing Services and/or Stripe. We are not liable for loss or damage from fraudulent or invalid transactions processed with your Stripe account. This includes transactions that were not processed due to a network communication error, or any other reason. If you process a transaction, it is your responsibility to verify that the transaction was successfully processed. You represent and warrant that you shall comply with all data security standards (including any standard related to the physical compliance requirements of using any Hardware) adopted by the PCI Security Standards Council, LLC and any amendments thereto, the EMV standards, and the security rules of each payment card association, including, without limitation, American Express, the Visa Cardholder Information Security Program, the MasterCard Site Data Protection Program and Discover Network’s Information and Security Compliance. You accept and agree to fully cooperate with us, Stripe, any card association, payment processor with respect to any investigation and/or additional requirements related to any suspected data incident, fraudulent transaction, chargeback, or any other payment processing transaction.

   h. Disclaimer of Liability. You understand that we use the Stripe API to run the Online Ordering and Digital Dine In Services and that the Stripe API is subject to change at any time and such changes may adversely affect the Online Ordering and Digital Dine In Services. You understand and agree that we are not responsible for the Stripe API and you shall not hold us liable for any adverse effects that actions (whether intentional or unintentional) on the part of Stripe may cause to your Stripe account, your account with us, or your business.

8. TAXES

   a. You are responsible and liable for determining any and all Taxes (as defined below) required to be assessed, incurred, collected, paid or withheld for all sales and other transactions arising from the use of the Tech Services. You also are responsible and liable for (a) determining whether Taxes apply to your sale of menu items, products and services, payments received, and any other transactions arising from or out of your use of the Tech Services, and (b) calculating, collecting, reporting or remitting any Taxes to the appropriate tax and revenue authorities. Any guidance, estimates, or other information provided on the Tech Services related to Taxes is not intended to be tax advice and purely for informational purposes and shall not be taken as tax advice. We specifically disclaim any and all liability for such Taxes.

   b. We may be obligated under applicable laws to report certain information to tax and revenue authorities (“Tax Information”) and/or you with respect to your use of the Tech Services. Upon request, you shall provide us with the necessary information to complete any applicable Tax Information reporting and recertify such information from time to time, as may be required by applicable law. If you use our Tech Services you acknowledge that we may report to the applicable tax and revenue authorities the required Tax Information (including the total amount of payments you received during the relevant reporting period). We also may, but are not obligated to, send to you the Tax Information that is reported.

   c. Taxes include any and all present or future taxes, charges, fees, levies or other assessments, including, without limitation, income, telecommunications, value-added, goods and services tax or similar taxes, gross receipts, excise, real or personal property, sales, withholding, social security, occupation, use, severance, environmental, license, net worth, payroll, employment, franchise, transfer and recording taxes, fees and charges, imposed by any domestic or foreign taxing authority (“Taxes”).

9. INDEMNIFICATION

   Unless prohibited by applicable law, you agree to indemnify and defend us and our affiliates (including their respective officers, directors, employees and agents) and hold them harmless against any liabilities, damages and costs (including reasonable attorney fees and final settlement amounts) from any claims or legal proceedings (including actions by government authorities) arising out of or relating to: (i) any infringement or misappropriation of the intellectual property of any third party for any User Content you post on the Online Ordering, (ii) breach of any PCI obligations, any card holder association rules, or payment processor terms, or the violation of any applicable laws (including any data privacy laws and Tax laws), (iii) any claims from the use of Order Data, (iv) the breach of any third party agreements (including with any Third Party Vendors), and (v) any fines, fees, penalties, assessments or other expenses levied by the payment processor related to your use of the Direct Orders Services.

10. DELIVERY AND THIRD PARTY VENDORS

    Depending on the location, the Online Ordering and Digital Dine In Services may allow for product deliveries by third party couriers (each also a “Third Party Vendor” as that term is defined in the Agreement). We have no control over the Third Party Vendor and therefore, we cannot be responsible for their actions or inactions, including the timeliness of the delivery, accuracy of the delivery or whether the products delivered are tamper free. By deciding to opt in to deliveries and using a Third Party Vendor as a courier, you shall be subject to their terms and conditions, including any fees and costs for their services. For the avoidance of doubt, if required by Third Party Vendors, we may charge additional fees or surcharges.

11. RATINGS

    You acknowledge and agree that (i) after receiving the purchased items, the end consumer may be prompted to provide customer feedback, and (ii) the Online Ordering and Digital Dine In Services may allow for communications between you and the end customer. We reserve the right to use, share, and display such feedback and communications in any manner in connection with our and our affiliates business, without your attribution or approval. In addition, we may, but shall not be required to review or monitor any feedback or communications between you and the end customers.

12. ADDITIONAL COMPLIANCE

    In addition, we may create and require compliance with additional policies, rules and regulations when participating in the Online Ordering and Digital Dine In Services. We will provide you with 3 days prior written notice before such policies, rules, or regulations take into effect. Notwithstanding anything to the contrary, we may modify or discontinue the Online Ordering and Digital Dine In Services at any time, and we can suspend or terminate your use of the Online Ordering and Digital Dine In Services at any time with or without notice to you.

13. INSURANCE

    At your sole expense, during the Term, you agree to maintain commercial general liability insurance policy in the amount of at least $1,000,000 per occurrence and $2,000,000 in the annual aggregate (which includes products- completed operations, spoilage, and food borne illness coverage). All policies must (i) name or cover Company and its affiliates as an additional insured and (ii) be primary insurance and any insurance carried by Company or its affiliates will be excess insurance only. If we ask, you agree to furnish us with a certificate of insurance in such coverage, such certificate to be in a form reasonably acceptable to us.

14. DISCLAIMER AND LIMITATION OF LIABILITY

    IT IS UNDERSTOOD THAT THE ONLINE ORDERING AND DIGITAL DINE IN SERVICES AND THE PAYMENT PROCESSING SERVICES MAY CONTAIN ERRORS, MAY NOT FUNCTION PROPERLY. THE PAYMENT PROCESSING SERVICES ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE. WE AND OUR SUPPLIERS SPECIFICALLY DISCLAIM ALL IMPLIED WARRANTIES OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE. YOUR USE OF THE ONLINE ORDERING AND DIGITAL DINE IN SERVICES AND THE PAYMENT PROCESSING SERVICES IS AT YOUR OWN RISK. NOTWITHSTANDING ANYTHING TO THE CONTRARY IN THE AGREEMENT, OUR AND OUR AFFILIATES TOTAL LIABILITY ARISING OUT OF OR RELATED TO YOUR USE OF THE ONLINE ORDERING AND DIGITAL DINE IN SERVICES AND THE PAYMENT PROCESSING SERVICES SHALL BE LIMITED TO $500. YOU AGREE THAT WE WON’T BE RESPONSIBLE FOR YOUR LOSS OF PROFITS, REVENUES, BUSINESS OPPORTUNITIES, GOODWILL, OR ANTICIPATED SAVINGS, INDIRECT OR CONSEQUENTIAL LOSS, OR PUNITIVE DAMAGES IN CONNECTION WITH YOUR USE OF THE PAYMENT PROCESSING SERVICES. THESE LIMITATIONS SHALL APPLY NOTWITHSTANDING ANY FAILURE OF ESSENTIAL PURPOSE OF ANY LIMITED REMEDY

This Boost Addendum (the “Addendum”) is incorporated into the Terms of Service to cover the Otter Boost Services. All capitalized terms used and not defined herein shall have the meanings ascribed to them in the Terms of Service or Order Form. The parties expressly agree that the terms of this Addendum will apply to your use of Otter Boost Services. The Otter Boost Services shall be considered a Tech Service.

1. BOOST OPERATIONS

   a. YOU UNDERSTAND AND AGREE THAT WE WILL BE MAKING DECISIONS ON YOUR BEHALF AS TO WHAT PROMOTIONS TO OFFER OR NOT OFFER YOUR END CONSUMERS ON THIRD PARTY VENDOR DELIVERY PLATFORMS SUCH AS UBER EATS, DOORDASH, GRUBHUB, POSTMATES, JUST EAT, AND OTHERS. THESE PROMOTIONS WILL BE SOLELY FUNDED BY YOU. YOU FURTHER UNDERSTAND THAT THERE IS NO GUARANTEE THAT THE PROMOTIONS WILL GENERATE ANY ADDITIONAL REVENUE OR PROFIT FOR YOUR RESTAURANT AND MAY LEAD TO LOSS OF REVENUE.

   b. We agree to use commercially reasonable efforts to provide the Otter Boost Services (defined below) in connection with one or more of your online restaurant storefronts, including your virtual brands, as designated by you (collectively, “Restaurants”). In exchange for the fees outlined in this Addendum, we will provide the following services (collectively, the “Otter Boost Services”): (i) reviewing available promotions offered by Third Party Vendors; (ii) triggering such promotions; (iii) and any other act reasonably necessary to manage your promotions on Third Party Vendors. Except as otherwise provided to us in writing, you are requesting we provide the Otter Boost Services for all your brands. The Otter Boost Services shall be considered a Tech Service.

   c. You will be solely responsible for the production and supply of all food, beverages, and/or products (collectively, “Products”) to be sold by your Restaurants. You agree to prepare for sale, and facilitate the sale to the end user of such Products out of your restaurant or kitchen facility, including handling any order changes or cancellations by end users. Each Restaurant shall be associated with one or more online food, beverage, or product ordering platforms operated by each Third Party Vendor.

2. FEES AND PAYMENT

   a. In consideration of the Otter Boost Services, you agree to pay us the recurring fee described in such Otter Order Form every subscription term (“Pay Period”) as part of this Addendum for each location Subscribed. “Subscribed” shall be defined as any Restaurant that runs a promotion using the Otter Boost Services for at least once in a day in a given Pay Period. Please note that in certain cases we may require a minimum recurring fee as described in your Order Form. We reserve the right to increase the Recurring Fee by providing you with at least thirty (30) days prior written notice (email sufficient) prior to the end of each Term.

   b. The parties agree to reconcile the amounts due under this Addendum every Pay Period including allowing for offsets against amounts payable by each party and their affiliates. At our request, you agree to make available to us Product order and sales data generated by Third Party Vendors as reasonably necessary to enable us to accurately complete the reconciliation. All amounts are due 30 days from the date of invoice. You agree that we may use a third party provider to process amounts paid hereunder. You are responsible for all refunds, credits, chargebacks, penalty charges, or any retrieval costs (“Refunds”) (including issues with the quality of the Products).

   c. As the seller of the Products, you agree to pay all applicable taxes assessed on the sale of Products to end users (including, but not limited to, all sales, use, VAT or similar taxes against the full retail price of the Product), and, if we ask, you agree to provide us with reasonable evidence that you are collecting and paying such taxes. A party shall be solely responsible for any taxes assessed on its income related to this Addendum.

3. RIGHTS AND RESTRICTIONS

   a. You hereby grant us a limited, non-exclusive and non-transferable license during the Term to use Your Materials (as defined below), on a royalty-free basis, for the sole purpose of providing the Otter Boost Services as set forth herein. “Your Materials” means your trademarks, service marks, trade names, logos, slogans, Product recipes, photographs, menu descriptions and any other materials you provide us in connection with this Addendum. Notwithstanding anything to the contrary herein, Your Materials, and all intellectual property rights therein, will remain your property. Any goodwill generated from our use of Your Materials shall insure to the benefit of you and your licensors.

   b. In order to perform our obligations under the Addendum, we may need access to one or more of your accounts with Third Party Vendors for the Restaurant(s). As such, you hereby appoint us as your agent, and grant us permission to access your Third Party Vendor accounts solely to perform our obligations hereunder (including marketing and promotions). You can revoke our rights in this Section by providing us with written notice (at which time the Addendum will automatically terminate 24 hours from your notice to us).

   c. You understand that the services of Third Party Vendors are provided by third parties and as such, we have no responsibility for the Third Party Vendors, or the technology or services they provide. You agree that we will not be liable to you or to any third party for any modification, suspensions, or discontinuance of any Third Party Vendors. Notwithstanding anything to the contrary, if you materially breach the Tech Services terms of use and such terms of use are terminated in accordance therein, we may also immediately terminate this Addendum or suspend your access to the Tech Services without any further obligation or liability.

4. REPRESENTATIONS AND WARRANTIES

   a. You represent and warrant that you (and any third party you contract with to prepare Products for your Restaurants, if applicable): (1) will comply with all applicable laws related to Product food safety, including time or temperature controls and Product packaging and merchantability, including ensuring that Products are prepared with a consistent standard of the highest quality and are not adulterated or misbranded, (2) will not violate any obligations to any third party by entering into and performing under this Addendum, and (3) have the right to use, and allow our use of your authorized Third Party Vendor accounts, including the right to appoint us as your agent to access and use your accounts as described in this Addendum.

   b. YOU AGREE THAT WE ARE NOT LIABLE FOR ANY COSTS, EXPENSES, OR LOSSES FROM YOUR INABILITY TO DISTRIBUTE PRODUCTS THROUGH ANY PARTICULAR THIRD PARTY VENDOR. EXCEPT AS EXPRESSLY SET FORTH ABOVE, WE DO NOT MAKE ANY COMMITMENTS OR WARRANTIES ABOUT THE OTTER BOOST SERVICES WE PROVIDE, NOR DO WE GUARANTEE THE ACTUAL OR POTENTIAL SALES, INCOME OR PROFIT OF A RESTAURANT HEREUNDER. WE DO NOT PROVIDE ANY IMPLIED WARRANTIES, SUCH AS THE IMPLIED WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY, AND FITNESS FOR A PARTICULAR PURPOSE, UNLESS REQUIRED UNDER APPLICABLE LAW.

5. INDEMNITY; LIMITS OF LIABILITY

   a. Unless prohibited by applicable law, you agree to indemnify and defend (at our option) Otter and our affiliates (including their respective officers, directors, employees and agents), and hold them harmless against any claims or legal proceedings (including actions by government authorities), liabilities, damages and costs (including reasonable attorney fees and final settlement amounts) arising out of or relating to: (i) the Products (including any claims relating to product and food safety or taxes owed in connection with the sale of the Products), (ii) of illness, injury, death, or damage as a result of the consumption or use of any Product, (iii) risks against which you are insured or required to be insured against pursuant to this Addendum, (iv) allegation that Your Materials infringe, misappropriate or otherwise violate a third party’s intellectual property or publicity rights, or (v) an allegation that, if true, would constitute your breach of this Addendum.

   b. YOU HEREBY RELEASE US AND OUR AFFILIATES FOR ANY LOSSES, CLAIMS (KNOWN OR UNKNOWN), EXPENSES, OR LIABILITY RESULTING FROM YOUR USE OF THE OTTER BOOST SERVICES, INCLUDING LOST RESTAURANT REVENUE. FURTHER, YOU AGREE TO INDEMNIFY, DEFEND AND HOLD US AND OUR AFFILIATES HARMLESS FOR ANY LOSSES, COSTS AND EXPENSES OF ANY KIND, INCLUDING REASONABLE ATTORNEYS’ FEES, CLAIM, DEMAND OR ACTION ARISING FROM OR RELATED TO THE OTTER BOOST SERVICES. THIS OBLIGATION SHALL SURVIVE ANY TERMINATION OR EXPIRATION OF THE ADDENDUM.

   c. TO THE FULLEST EXTENT PERMISSIBLE BY APPLICABLE LAW, NEITHER PARTY WILL BE LIABLE TO THE OTHER PARTY OR ANY THIRD PARTY FOR ANY CONSEQUENTIAL, INDIRECT, SPECIAL, PUNITIVE, INCIDENTAL, OR SIMILAR DAMAGES, WHETHER FORESEEABLE OR UNFORESEEABLE, REGARDLESS OF THE CAUSE OF ACTION UPON WHICH THEY ARE BASED, INCLUDING CLAIMS FOR LOSS OF GOODWILL OR LOST PROFITS, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES OCCURRING. THE TOTAL, AGGREGATE LIABILITY OF EACH PARTY IN CONNECTION WITH THIS ADDENDUM WILL NOT EXCEED THE AMOUNTS PAID BY YOU DURING THE FIRST 12 MONTHS OF THIS ADDENDUM. NOTHING IN THIS SECTION WILL APPLY TO EITHER PARTY’S OBLIGATIONS TO INDEMNIFY, DEFEND, OR HOLD HARMLESS IN THIS ADDENDUM. NOTHING IN THIS SECTION WILL LIMIT A PARTY’S LIABILITY FOR GROSS NEGLIGENCE, WILLFUL MISCONDUCT OR UNLAWFUL ACTIVITY.

6. INSURANCE

   At your sole expense, during the Term, you agree to maintain commercial general liability insurance policy in the amount of at least one million dollars per occurrence and two million dollars in the annual aggregate (which includes products-completed operations, spoilage, and food borne illness coverage). All policies must (i) name or cover Otter and its affiliates as an additional insured and (ii) be primary insurance and any insurance carried by Otter or its affiliates will be excess insurance only. If we ask, you agree to furnish us with a certificate of insurance in such coverage, such certificate to be in a form reasonably acceptable to us.

This Hardware Addendum (the “Addendum”) is incorporated into the Terms of Service to cover Hardware (as defined below) purchases and leases. All capitalized terms used and not defined herein shall have the meanings ascribed to them in the Terms of Service or Order Form. The parties expressly agree that the terms of this Addendum will apply to your use of Hardware.

1. HARDWARE

   a. Delivery, Risk of Loss, and Title. Subject to your payment of fees and compliance with all other terms and conditions of the Order Form, Agreement, and this Addendum, we will use commercially reasonable efforts to deliver Hardware to the address specified in such Order Form. If our inventory of Hardware is inadequate to meet customer demand, we reserve the right, in its sole discretion, to allocate available Hardware among its customers in such a manner as we deem equitable and without liability to you. We will not be liable to you for any delay in the delivery of Hardware. The Hardware shall be deemed accepted on the date delivered. You agree to pay all fees in accordance with each Order Form. The risk of loss for all purchased Hardware shall transfer to you at such time the Hardware is actually shipped. Title to purchased Hardware shall transfer to you once we have received payment in full. You are also responsible for the physical security of the Hardware and to make sure the Hardware is not used by any unapproved parties. You shall report all stolen or lost Hardware immediately at https://tryotter.com/customer-support.

   b. Use of the Hardware. You expressly agree that you will use the Hardware exclusively in connection with the Tech Services. You agree that all leased Hardware belongs to us or other third parties and will not be deemed fixtures or in any way part of any premises. We may remove or change the interoperability of the Tech Services on any of the provided Hardware at our discretion. You acknowledge that any addition to, removal of, or change to the Hardware may interrupt your Tech Services. You may not sell, lease, abandon, or give away the Hardware, or permit any other service provider to use the Hardware, including Hardware for which an Unreturned Equipment Fee has been paid. If allowed under applicable laws, you agree that you will not allow anyone other than us or our agents to service or repair the Hardware. If you are leasing Hardware, you are responsible for loss, repair, replacement, and other costs, damages, fees, and charges if you do not return the Hardware to us in an undamaged condition. “Hardware” is defined as all equipment provided to you (either leased or sold) for use of the Tech Services, including but not limited to any tablets or printers. It is your responsibility to (i) regularly inspect your Hardware for any physical damage or any safety concerns, and if relevant, (ii) ensure compliance with physical PCI or other payment processing requirements.

   c. Ownership of Leased Hardware. For avoidance of doubt, all leased Hardware remains Otter owned, and we retain title to all Hardware, at all times, including but not limited to after payment of an Unreturned Equipment Fee. “Unreturned Equipment Fee” refers to the current Hardware price actually offered for sale (without any discounts or promotions) by Otter (or if the Hardware is no longer sold, the price the Hardware was offered for sale without any discounts or promotions) plus a 10% administrative fee for all leased Hardware that is not returned within 60 days after termination of the Tech Services. The payment of an Unreturned Equipment Fee shall not result in a sale of, or the transfer of title to, any Hardware, and such Hardware shall remain the property of ours, and we retain title to Hardware at all times. We do not relinquish ownership of (including title to) Hardware by the payment of an Unreturned Equipment Fee. Even if an Unreturned Equipment Fee has been paid, Hardware shall not be resold, used, or operated in any manner. If you pay an Unreturned Equipment Fee and subsequently return the Hardware undamaged (with the exception of normal wear and tear), you will be refunded your Unreturned Equipment Fee within 30 days. You hereby grant to Otter a purchase money security interest in all rental Hardware and all accompanying accessories shipped to you, as security for the performance by you of all of your obligations arising under this Addendum and the Terms.

   d. Export Control. You agree to comply with all applicable export laws and export controls and complete all required undertakings (including obtaining any necessary export license or other governmental approval). You warrant that it shall not, directly or indirectly, export or re-export the Hardware or the underlying software or technology to or make the Hardware or the underlying software or technology accessible from, any jurisdiction or country to which export, or re-export is prohibited by law, rule, or regulation. You acknowledge that shipments of the Hardware may be subject to export laws and that such laws could delay or preclude delivery of Hardware in the future.

2. HARDWARE WARRANTY

   a. Limited Warranty for Leased and Purchased Hardware. Subject to the provisions of this Addendum, we warrant that, during the Warranty Period, all components of the Hardware shall be free from faulty workmanship and defective materials under normal use and service for a period of 1 year (“Hardware Warranty”). The Hardware Warranty is the only express warranty provided by us. The Hardware Warranty may be modified only by express written agreement between the parties and may not be modified or amended by any course of dealing between the parties or custom and practice in the industry. Your remedies and our aggregate liability with respect to the Hardware Warranty are set forth in and limited by this Addendum and the Agreement.

   b. Warranty Claims and Exclusions. For each claim of breach of the Hardware Warranty received by us during the Warranty Period, we will, at its sole option: (1) repair the Hardware such that it meets the Hardware Warranty, (2) replace the Hardware with comparable Hardware, or (3) refund the amount paid to you for the Hardware upon its return by you. All replacement or repaired Hardware shall be warranted for the remainder of the original Warranty Period. The Hardware Warranty does not apply to consumable items (e.g., batteries). The Hardware Warranty will be rendered void if the serial numbers, warranty data or quality assurance decals on the Hardware are removed or altered. The Hardware Warranty shall not apply, and we shall have no obligations thereunder, if the defect or fault giving rise to the claim is caused by any of the following after the delivery date: (a) accident, unusual physical, electrical or electromagnetic stress, neglect, or misuse, (b) failure of electric power or environmental controls, (c) rough handling during transportation, (d) your failure to maintain the Hardware in accordance with our specifications, or (e) modifications, alterations or repairs by you or a party other than us (unless specifically authorized by us in writing).

   c. RMA. If Hardware must be returned to us for repair or replacement under the Hardware Warranty, prior to such return, you must contact us at www.tryotter.com/customer-support/form to verify the existence of a warrantable defect in the Hardware and to obtain a Return Merchandise Authorization (“RMA”) number and the correct return shipping address. You shall deliver the Hardware to us with the RMA number on the package. You assume the risk of damage to or loss of returned Hardware in transit. You are responsible for removing all Confidential Information from Hardware prior to its return, and we shall have no responsibility or liability with regard to data or information contained in returned Hardware. If we reasonably determine that the returned Hardware is not defective or faulty within the terms of the Hardware Warranty or a warranty exclusion applies, you shall pay or reimburse us for all costs of handling, transportation, diagnostics and repairs at our then prevailing rates.

   d. Warranty Disclaimer. Your access and use of the Hardware may be interrupted from time to time for any of several reasons, including the malfunction of equipment, periodic updating, maintenance or repair of the Hardware, other actions that we may elect to take, or issues with Third Party Vendors. You agree that we are not liable to you or to any third party for any interruption, modification, suspension, or discontinuance of the Hardware. We do not make any other commitments or warranties about our Hardwares or how they will perform for you other than as expressly stated in the Addendum, unless required under applicable law. Unless otherwise stated in this Addendum, you acknowledge and agree that the Hardware is provided “as-is.” We do not warrant that the Hardware shall be uninterrupted, virus free, or shall meet any of your specific needs or requirements and shall have no liability for any errors to Your Data. We do not provide any implied warranties, such as the implied warranties of non-infringement, merchantability, and fitness for a particular purpose, unless required under applicable law.

3. TERM AND PAYMENT

   The Term of the leased Hardware shall be for the duration stated in the Order Form, or if there is no duration stated in the Order Form, the Hardware shall be offered on a Monthly Plan. The amount of the fee shall be as stated in the Order Form.

4. INDEMNIFICATION

   Unless prohibited by applicable law, you agree to indemnify us and our affiliates (including their respective officers, directors, employees and agents) and hold them harmless against any third party liabilities, fines, fees, penalties, damages and costs (including reasonable attorney fees and final settlement amounts) from any claims or legal proceedings (including actions by government authorities) arising out of or relating to: (i) your breach of this Addendum; (ii) your unlawful use of the Tech Services or our Hardware; or (iii) your gross negligence or willful misconduct.

This Data Processing Addendum (“DPA”) to any agreement that links to this DPA (the “Agreement”) relating to certain Tech Services (as defined in Schedule 1) between the customer receiving the Tech Services (“Customer”) and the entity performing the Tech Services as described in the Agreement (“Vendor”), to reflect the parties’ agreement about the Processing of Personal Data, when applicable, in accordance with the requirements of Data Protection Laws. References to the Agreement will be construed as including without limitation this DPA. In event of any conflict or inconsistency between the provisions of the Agreement and DPA, the terms of this DPA shall prevail.

1. DEFINITIONS

   “Data Protection Laws” means all applicable laws data privacy and security laws and regulations, including, but not limited to the General Data Protection Regulation (Regulation (EU) 2016/679) (“GDPR”), California Consumer Privacy Act of 2018, as amended (“CCPA”), Personal Data Protection Act 2012 (Singapore) and the Privacy Act 1998 (Cth) (“Australian Privacy Principles”); “Personal Data” means information relating to an identified or identifiable natural person, or as otherwise defined by Data Protection Laws; “Data Subject,” “Controller,” “Processor,” and Processing” shall have the meaning as defined under the GDPR, or the applicable Data Protection Laws. Any capitalized terms not defined herein shall have the respective meanings given to them in the Agreement.

2. PROCESSING OF PERSONAL DATA

   a. Roles of the Parties. The parties agree that Customer is solely responsible for determining the purposes and means of the processing of Personal Data, and Vendor is Customer’s processor responsible for Processing Personal Data on behalf of the Controller. Vendor shall only take action pursuant to instructions of Customer with regards to Processing Personal Data and transferring Personal Data to the United States, India or to other jurisdictions authorized by Customer. Vendor may engage sub-processors to Process Personal Data pursuant to the requirements set forth in Section 2e and f “Sub-Processors” below. With respect to Customer Personal Data, Vendor is a service provider under the Data Protection Laws.

   b. Customer’s Processing of Personal Data. Customer is solely responsible for its compliance with Data Protection Laws, including without limitation the lawfulness of any transfer of Personal Data to Vendor and Vendor’s Processing of Personal Data. For the avoidance of doubt, but not by way of limitation, Customer’s instructions for the Processing of Personal Data must comply with Data Protection Laws. Customer shall have sole responsibility for the accuracy, quality, and legality of Personal Data and the means by which Customer acquired Personal Data, including providing any required notices to, and obtaining any necessary consent from Data Subjects. Customer takes full responsibility to keep the amount of Personal Data provided to Vendor to the minimum necessary for the performance of the Tech Services. Customer shall be solely responsible for establishing and maintaining any data processing registers or overview as required by any applicable law, including without limitation Data Protection Laws. Customer acknowledges and consents that certain business operations necessary for the fulfillment of Vendor’s Tech Services hereunder may have been transferred or will be transferred in the future to one or more dedicated Vendor affiliates independently managing the provision of such Tech Services. Except as otherwise not prohibited under Data Protection Laws, Vendor will not (a) sell Customer Personal Data; (b) retain, use or disclose any Customer Personal Data for any purpose other than for the specific purpose of providing the Tech Services or as otherwise not prohibited under the Data Protection Laws; (c) retain, use or disclose the Customer Personal Data outside of the direct business relationship between Vendor and Customer, (d) combine any Personal Data that Vendor receives from, or on behalf of, another source.

   c. Customer’s Right to Issue Instructions. Vendor shall only Process Personal Data in accordance with Customer’s instructions. Subject to the terms of this DPA and with mutual agreement of the parties, Customer may issue written instructions concerning the type, extent and procedure of Processing. Customer is responsible for ensuring that all individuals who provide written instructions to Vendor are authorized by Customer to issue instructions to Vendor. Customer’s initial instructions for the Processing of Personal Data are defined by the Agreement, Schedule 1 to this DPA, and any applicable Order Form or statement of work regarding the software and Tech Services. Any changes of the subject matter of Processing and of procedures shall be agreed upon by the parties in writing prior to becoming effective.

   d. Details of Processing. The initial nature and purpose of the Processing, duration of the Processing, categories of Data Subjects, and types of Personal Data are set forth on Schedule 1.

   e. Vendor Sub-Processors. Customer agrees that Vendor may engage sub-processors to Process Personal Data in accordance with the DPA. When engaging sub-processors, Vendor shall enter into agreements with the sub-processors to bind them to obligations which are substantially similar or more stringent than those set out in this DPA. To the extent required, Customer explicitly mandates Vendor to sign such agreements directly with the sub-processors. Customer will not directly communicate with Vendor’s sub-processors about the software or Tech Services, unless agreed to by Vendor, in Vendor’s sole discretion.

   f. Objection Right. This Section shall apply only where and to the extent that Customer is established within the EEA, or where otherwise required by Data Protection Laws applicable to the Customer. Upon written request by Customer, Vendor shall provide to Customer a list of all relevant third-party sub-processors. Such list is considered the Confidential Information of Vendor. If Customer reasonably objects to the addition of a new sub-processors (e.g., such change causes Customer to be non-compliant with applicable with Data Protection Laws), Customer shall notify Vendor in writing of its specific objections within thirty (30) days of receiving such notification. If Customer does not object within such period, the addition of the new sub- processor and, if applicable, the accession to this DPA shall be considered accepted. If Customer does object to the addition of a new sub-processor and Vendor cannot accommodate Customer’s objection, Customer may terminate the Tech Services and software in writing within sixty (60) days of receiving Vendor’s notification.

   g. Return or Deletion of Customer Personal Data. Unless otherwise required by Data Protection Laws, Vendor will destroy (or return, if mandated by Data Protection Laws) the Customer Personal Data upon termination or expiration of the Tech Services within a reasonable period.

3. REPRESENTATIONS AND WARRANTIES

   Customer represents, warrants, and covenants that (a) the Personal Data has been collected and transferred to Vendor in accordance with Data Protection Laws; (b) prior to its transfer to Vendor, the Personal Data has been maintained, retained, secured, and protected in accordance with Data Protection Laws; (c) Customer will respond to inquiries from Data Subjects and from applicable regulatory authorities concerning the Processing of the Personal Data, and will alert Vendor of any inquiries from Data Subjects or from applicable regulatory authorities that relate to Vendor’s Processing of the Personal Data; (d) prior to the collection of Personal Data, the Customer has obtained all necessary consents from a Data Subject for Vendor’s Processing of Personal Data in accordance with this DPA; (e) Customer will make available a copy of this Agreement to any Data Subject or regulatory authorities as required by Data Protection Laws or upon the reasonable request of a Data Subject or a regulatory authority; (f) Customer shall be solely responsible and liable for its compliance with Data Protection Laws; (g) the Processing does not violate or breach the terms of any Customer agreement; and (h) Customer will only transfer and provide Vendor with such Personal Data required and requested by Vendor in writing to perform the Tech Services. Vendor will not be liable for any harm or damages resulting from Vendor’s compliance with unlawful instructions received from Customer. If required by Data Protection Laws, Vendor will immediately inform Customer if, in Vendor’s opinion, any Processing instructions from Customer infringe on Data Protection Laws.

4. RIGHTS OF DATA SUBJECTS

   To the extent legally required, Vendor shall promptly notify Customer if it receives a request from a Data Subject to exercise any of the Data Subject’s rights (i.e. right to access, rectification, restriction of Processing, data portability... etc.) under any Data Protection Law. To the extent applicable, Vendor shall provide Customer with commercially reasonable cooperation and assistance in relation to any such complaint, notice, or communication. Vendor shall correct erroneous Personal Data as directed by Customer in writing or pursuant to a process mutually agreed to in writing by the parties. Customer shall use its best efforts to respond to and resolve promptly all requests from Data Subjects which Vendor provides to Customer. If Data Protection Laws require Vendor to take any corrective actions without the involvement of Customer, Vendor shall take such corrective actions and inform Customer. Customer shall be responsible for any reasonable costs arising from Vendor’s provision of such assistance under this Section. To the extent legally permitted, Customer shall be responsible for any costs arising from Vendor’s provision of such assistance. To the extent required by Data Protection Laws, Vendor will, upon reasonable notice and at Customer's expense, provide reasonably requested information regarding the Tech Services to enable Customer to carry out data protection impact assessments and/or prior consultations with data protection authorities.

5. VENDOR PERSONNEL

   Vendor shall train personnel engaged in the Processing of Personal Data of the confidential nature of the Personal Data and provide appropriate training based on their responsibilities. Vendor shall execute written agreements with its personnel to maintain the confidentiality of Personal Data, including post the termination of the personnel engagement. Vendor shall use commercially reasonable efforts to limit access to Personal Data to personnel who require such access to perform the Agreement. If required by Data Protection Laws, Vendor shall appoint a data protection officer. Upon request, Vendor will provide the contact details of the appointed person.

6. SECURITY

   Vendor will implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk posed by the Processing of Personal Data, taking into account the costs of implementation; the nature, scope, context, and purposes of the Processing; and the risk of varying likelihood and severity of harm to the Data Subjects. In assessing the appropriate level of security, Vendor shall weigh the risks presented by processing, in particular from accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to personal data transmitted, stored or otherwise processed. Upon becoming aware of a Personal Data Breach, if the Vendor is obligated by Data Protection Laws, Vendor will notify Customer without undue delay and will provide information and cooperation relating to the Personal Data Breach as reasonably requested by Customer. Such information will be considered the Confidential Information of Vendor. “Personal Data Breach” means a breach of security of the Tech Services leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Customer Personal Data under our control.

7. AUDIT

   a. Audit Requests. If required under Data Protection Laws, and subject to Section 7(c), upon Customer’s written request, Vendor will provide Customer with the most recent summary audit report(s) (if available) concerning the compliance and undertakings in this Agreement. Vendor's policy is to share methodology, and executive summary information, not raw data, private information. Vendor will reasonably cooperate with Customer by providing available additional information to help Customer better understand such compliance and undertakings. To the extent it is not possible to otherwise satisfy an audit obligation mandated by applicable Data Protection Laws and subject to Section 7(c), only the legally mandated entity (such as a governmental regulatory agency having oversight of Customer’s operations) may conduct an onsite visit of the facilities used to provide the Tech Services. Unless mandated by Data Protection Laws, no audits are allowed within a data center for security and compliance reasons. After conducting an audit under this Section 7 or after receiving a Vendor report under this Section 7, Customer must notify Vendor of the specific manner, if any, in which Vendor does not comply with any of the security, confidentiality, or data protection obligations in this DPA, if applicable. Any such information will be deemed Confidential Information of Vendor.

   b. Sub-Processors. Customer may not audit Vendor’s sub-processors without Vendor’s and Vendor’s sub- processor’s prior agreement. Customer agrees its requests to audit sub-processors may be satisfied by Vendor or Vendor’s sub-processors presenting up-to-date attestations, reports or extracts from independent bodies, including without limitation external or internal auditors, Vendor’s data protection officer, the IT security department, data protection or quality auditors or other mutually agreed to third parties or certification by way of an IT security or data protection audit. Onsite audits at sub-processors premises may be performed by Vendor acting on behalf of Controller.

   c. Audit Process. Unless otherwise required by Data Protection Laws, Customer may request a summary audit report(s) or audit Vendor no more than once annually. Customer must provide at least four (4) weeks’ prior written notice to Vendor of a request for summary audit report(s) or request to audit. The scope of any audit will be limited to Vendor’s policies, procedures and controls relevant to the protection of Customer’s Personal Data and defined in Schedule 1. Subject to Section 7(b), all audits will be conducted during normal business hours, at Vendor's principal place of business or other Vendor location(s) where Personal Data is accessed, processed or administered, and will not unreasonably interfere with Vendor's day-to-day operations. An audit will be conducted at Customer‘s sole cost and by a mutually agreed upon third party who is engaged and paid by Customer, and is under a non-disclosure agreement containing confidentiality provisions substantially similar to those set forth in the Agreement, obligating it to maintain the confidentiality of all Vendor Confidential Information and all audit findings. Further, Customer agrees to pay the costs of any support provided by Vendor (including internal resources) based on Vendor’s then-current rates. Before the commencement of any such on-site audit, Vendor and Customer shall mutually agree upon the timing, and duration of the audit. Vendor will reasonably cooperate with the audit, including providing auditor the right to review but not to copy Vendor security information or materials during normal business hours. Customer shall, at no charge, provide to Vendor a full copy of all findings of the audit. The results of the audit will be considered “Confidential Information” of Vendor.

8. DATA TRANSFER

   Customer hereby directs Vendor to transfer and process Personal Data in the United States and in other locations around the world where Vendor or its sub-processors maintain data processing operations as necessary to provide the Tech Services or as otherwise set forth in the Agreement. If required under Data Protection Laws, such measures may include (without limitation) transferring Personal Data to a recipient in a country that provides adequate protection for personal data, to a recipient that has achieved binding corporate rules authorization, or to a recipient that has executed standard contractual clauses adopted or approved by the European Commission. In addition, Customer hereby authorizes, appoints, and directs the Vendor, as agent for Customer, to enter into Controller to Processor Standard Contractual Clauses or any other legal document reasonably necessary for the Vendor to provide Tech Services.

9. LIMITATIONS OF LIABILITY

   To the fullest extent allowed under any Data Protection Law, each party’s and all of its affiliates’ liability, taken together in the aggregate, arising out of or related to this DPA whether in contract, tort or under any other theory of liability, is subject to the “Limits of Liability” section of the Agreement, and any reference in such section to the liability of a party means the aggregate liability of that party and all of its affiliates under the Agreement and this DPA. For the avoidance of doubt, Vendor’s and its affiliates’ total liability for all claims from the Customer arising out of or related to the Agreement and each DPA shall apply in the aggregate for all claims under both the Agreement and this DPA. If required by Data Protection Laws, Vendor shall be liable for the acts and omissions of its sub-processors to the same extent Vendor would be liable if performing the Tech Services of each sub-processor directly under the terms of this DPA.

10. GOVERNING LAW

    The parties agree that (1) governing law of this DPA, and (2) the forum for all disputes in respect of this DPA, shall be the same as set out in the Agreement, unless otherwise required by applicable Data Protection Laws.