Last Updated: February 22, 2024
These Terms of Services (“Terms of Service”), together with the Data Processing Addendum (as that term is defined below), and, if applicable, any sales agreement form constitutes a binding agreement (collectively, the “Agreement”) between Vandra, LLC (“Vandra”) and the operator of the e-commerce site that is accepting these Terms of Service (“Merchant” or “you”) for the Vandra Application (as that term is defined below)
PLEASE READ THIS AGREEMENT CAREFULLY. THIS AGREEMENT GOVERNS YOUR USE OF THE VANDRA APPLICATION. BY CLICKING ON THE “CREATE ACCOUNT” BUTTON, EXECUTING A SALES AGREEMENT, COMPLETING THE REGISTRATION OR ONBOARDING PROCESS, OR ACCESSING OR USING THE APPLICATION, YOU REPRESENT THAT (1) YOU HAVE READ, UNDERSTAND, AND AGREE TO BE BOUND BY THIS AGREEMENT, (2) YOU ARE OF LEGAL AGE TO FORM A BINDING CONTRACT WITH VANDRA, (3) THE INFORMATION YOU PROVIDED ON THE SALES AGREEMENT OR IN CONNECTION WITH YOUR REGISTRATION OR ONBOARDING IS ACCURATE AND COMPLETE, AND (4) YOU HAVE THE AUTHORITY TO ENTER INTO THE AGREEMENT PERSONALLY OR ON BEHALF OF THE COMPANY YOU HAVE NAMED AS THE USER, AND TO BIND THAT COMPANY TO THE AGREEMENT. THE TERM “YOU” OR “USER” REFERS TO THE INDIVIDUAL OR LEGAL ENTITY, AS APPLICABLE, IDENTIFIED AS THE USER WHEN YOU REGISTERED FOR THE APPLICATION. IF YOU DO NOT AGREE TO BE BOUND BY THIS AGREEMENT, YOU DO NOT HAVE SUCH AUTHORITY OR ARE NOT OF LEGAL AGE TO FORM A BINDING CONTRACT WITH VANDRA, YOU MAY NOT ACCESS OR USE THE APPLICATION.
1. Definitions.
1.1. Account Information” means information about Merchant that Merchant provides to Vandra in the creation or administration of its Vandra account, such as names, usernames, login credentials, phone numbers, email addresses and billing information associated with a Vandra account.
1.2. “Application” means Vandra’s digital marketing tools, and similar technological solutions, services, and algorithms, including support and other services made generally available by Vandra and accessed or used by Merchant.
1.3. “Sales Agreement” means any online or written form or other communication provided by Vandra evidencing Merchant’s subscription to the Application.
1.4. “Authorized User” means any individual who is an employee of Merchant or an affiliate, partner, service provider or such other person or entity as may be authorized by Merchant to access the Application pursuant to Merchant’s rights under this Agreement.
1.5. “Confidential Information” means certain information regarding the Disclosing Party’s business, technology, products, or services, or other confidential or proprietary information, in whatever form (written, oral or visual)
1.6. “Data Notice” means that Vandra shall immediately refer to Merchant any correspondence, inquiry, complaint, request, or demand (collectively or individually, concerning the Processing of Merchant Personal Data)
1.7. “Disclosing Party” means the party disclosing confidential information to the other party.
1.8. “Documentation” means the online user guides and other technical material relating to the use of the Application, including any applicable service descriptions that are made available by Vandra to Merchant, as may be updated from time to time.
1.9. “Feedback” means Merchant or Authorized Users comments or suggestions that are provided in connection with the Application, whether written or oral.
1.10. “Intellectual Property Rights” means any and all intellectual property, industrial property, and other proprietary rights throughout the world, including all rights in, to, or arising out of patents, patent applications, inventions
(whether patentable or not), invention disclosures, trade secrets, know-how, proprietary information, works of authorship, copyrights, mask works, moral rights, trademarks, service marks, software, data, technology, layout designs and design rights, and all registrations, applications, renewals, extensions, or reissues of any of the foregoing.
1.11. “Merchant Communications” means communications sent via the Application, including website advertisements and similar communications facilitated through the Merchant Store.
1.12. “Merchant Data” means any data, information, programs, and other content provided or transmitted by Merchant or its Authorized Users to the Application, including, without limitation, Merchant Marketing Content and personal data, including personal data of end customers and prospects.
1.13. “Merchant Marketing Content” means trademarks, trade names, service marks, slogans, logos, other source identifiers, and marketing and promotional content, including content in Merchant Communications provided or transmitted by Merchant or its Authorized Users to the Application in connection with the advertising, promotion, and sale of products and services.
1.14. “Merchant Store” means the e-commerce store operated by Merchant (including on third party platforms such as Shopify) where Merchant uses the Application.
1.15. “Receiving Party” means the party receiving confidential information from the other party.
2. Modification of the Agreement. Vandra may amend the Agreement from time to time due to changes to the Application, to account for developments under the law, or for any other reason. When material modifications are made, Vandra may (and where required by law, will) send an email to you at the last email address you provided to us pursuant to the Agreement to provide an updated copy of the Agreement. Vandra may require you to provide consent to the updated Agreement in a specified manner before further use of the Application is permitted. If you do not agree to any change(s) after receiving a notice of such change(s), you shall stop using the Application. Otherwise, your continued use of the Application constitutes your acceptance of such change(s).
3. Access Rights and Restrictions
3.1. Access. Subject to the terms and conditions of the Agreement, Vandra grants Merchant a non-exclusive, nontransferable, non- sublicensable, revocable right to access and use the Application during the Term (as defined below). Merchant may permit its Authorized Users to use the Application provided that Merchant shall be responsible for each Authorized User’s compliance with and breach of the Agreement.
3.2. Restrictions. Merchant will not, and will not permit any Authorized User or other party to: (i) modify, adapt, alter, translate, or create derivative works of the Application ; (ii) sublicense, lease, rent, loan, distribute, or otherwise transfer the Application or Documentation to any third party; (iii) reverse engineer, decompile, disassemble, or otherwise derive or determine or attempt to derive or determine the source code (or the underlying ideas, algorithms, structure or organization) of the Application , except to the extent expressly permitted by applicable law (and then only upon advance written notice to Vandra); (iv) bypass, delete, or disable any copy protection or security mechanisms of the Application ; (v) use or demonstrate the Application in any other way that is in competition with Vandra; (vi) remove any notice of proprietary rights from the Application ; (vii) attempt to gain unauthorized access to, or disrupt the integrity, performance or security of the Application or the data contained therein; or, (viii) use or copy the Application or Documentation, except as expressly allowed herein. Vandra shall have the right, but not the obligation, to review and monitor all use of the Application to ensure compliance with the terms and conditions of this Agreement.
3.3. Downtime. Merchant acknowledges that access to and use of the Application may be suspended for the duration of any scheduled or unscheduled downtime or unavailability of any portion or all of the Application for any reason, including as a result of power outages, system failures or other interruptions, or any other acts, omissions or failures on the part of Vandra.
3.4. Third-Party Products and Application. Merchant may use the Application to interact with non-Vandra products or services including webshop or e-commerce platforms, such as Shopify (“Third-Party Services”). If Merchant chooses to integrate the Application with any Third-Party Services, Merchant will ensure that Merchant’s use of Application or of such integration complies with the terms and conditions set by the provider of the Third-Party Services (“Provider”). Any acquisition by Merchant of such Third-Party Services, and any exchange of data
between Merchant and any Provider of Third-Party Services is solely between Merchant and the applicable Provider. Vandra does not warrant or support any Third-Party Services, whether or not they are designated by Vandra as “certified” or otherwise. Vandra is not responsible for any disclosure, modification or deletion of Merchant Data resulting from access by such Third-Party Services or its Provider. Further, some Third-Party Services may require Merchant or Vandra to provide certain Merchant Data that Vandra is processing on Merchant’s behalf back to the
Provider. In these cases, VANDRA CONSIDERS MERCHANT’S REQUEST TO INTEGRATE WITH THE THIRD-PARTY SERVICE AS INSTRUCTION TO PROVIDE THIS DATA TO THE PROVIDER ACCORDING TO THE PROVIDER’S TERMS AND CONDITIONS. If Merchant does not want this data to be provided to the Provider, Merchant will immediately request the suspension of the integration with the respective Provider. Merchant hereby represents and warrants to Vandra that Merchant will, at any and all times, comply with any terms and conditions governing the use of Third-Party Services, including the Shopify Terms of Service.
4. Use of the Application.
4.1. Setup Responsibilities. Merchant shall be responsible for setting up and configuring the Application, including without limitation any provisioning of access to the Application to its Authorized Users. Merchant shall be responsible for obtaining and maintaining, at Merchant’s expense, all of the necessary telecommunications, computer hardware, software, services and Internet connectivity required by Merchant or any Authorized User to access the Application from the Internet. In the event that Vandra assists or advises Merchant with any Application setup, configuration or support, in no event shall such assistance or advice be construed as legal advice.
4.2. Merchant Account. Merchant is solely responsible for protecting and safeguarding Merchant’s account and passwords and/or keys or other access protocols that have been provided to Merchant or that are generated in connection with Merchant’s use of the Application. Merchant shall use commercially reasonable efforts to prevent unauthorized access to or use of its account and the Application. Merchant is solely and fully responsible for all activities, including accrued charges, that occur in connection with its account and its use of the Application. In the event Merchant believes Merchant’s account or the Application have been compromised, including any unauthorized use or access of the Application or any other known or suspected breach of security, Merchant shall immediately notify Vandra by email to privacy@vandra.com, but in no event more than twenty-four (24) hours following discovery of such breach.
4.3. Suspension, Limitation and Termination of Access. Vandra shall be entitled, without liability to Merchant, to immediately suspend, terminate or limit Merchant’s access to the Application at any time in the event that Vandra determines, in its reasonable discretion, that (i) the Application are being used by Merchant, or its Authorized Users, in violation of any applicable laws or regulations or this Agreement; (ii) the Application are being used by Merchant in an unauthorized, inappropriate, or fraudulent manner; (iii) the use of the Application by Merchant adversely affects Vandra’s equipment or service to others; (iv) Vandra is prohibited by an order of a court or other governmental agency from providing the Application ; (v) there is a denial of service attack or any other event which Vandra determines, in its sole discretion, may create a risk to the Application or to any other customers if the Application were not suspended; (vi) there is a security incident or other disaster that impacts the Application or the security of the Application , Merchant’s account or Merchant Data; or (vii) any payment amount due under this Agreement is not received by Vandra within fifteen (15) days after it was due. Without limiting the generality of this Section, Vandra shall have no liability for any damages, liabilities or losses as a result of any suspension, limitation or termination of Merchant‘s right to use the Application pursuant to this Section 4.3.
5. Intellectual Property.
5.1. Ownership. Merchant acknowledges and agrees that the Application (including the Documentation) are protected by copyright and other laws relating to Intellectual Property Rights, and that the Application embody valuable confidential information of Vandra and its suppliers, the development of which required the expenditure of considerable time and financial resources. All right, title, and interest in and to the Application, and all worldwide Intellectual Property Rights therein and associated therewith, are the exclusive property of Vandra and its suppliers. All rights in and to the Application not expressly granted to Merchant in this Agreement are reserved by Vandra and its suppliers. Except as expressly set forth herein, no express or implied license or right of any kind is granted to Merchant regarding the Application, or any part thereof, including any right to obtain possession of any software, source code, data or other technical material related to the Application.
5.2. Continuous Development. Merchant acknowledges that Vandra may continually develop, deliver and provide to Merchant on-going innovation to the Application in the form of new features, functionality, and efficiencies. Accordingly, Vandra reserves the right to modify the Application from time to time. Some modifications will be
provided to Merchant at no additional charge. In the event Vandra adds additional functionality to a particular Application, Vandra may condition the implementation of such modifications on Merchant’s payment of additional fees, provided that Merchant may continue to use the version of the Application that Vandra makes generally available (without such features) without paying additional fees.
5.3. Feedback. In the event that Merchant or its Authorized Users provide any comments or suggestions in connection with the Application, whether written or oral (collectively, the “Feedback”), Vandra, in its sole discretion, shall be entitled to use the Feedback without restriction, and such Feedback will not be treated as confidential to Merchant. Merchant hereby grants Vandra, on behalf of itself and its Authorized Users, a worldwide, non-exclusive, irrevocable, perpetual, royalty-free right and license to incorporate the Feedback into Vandra products and services.
5.4. Aggregated Data. Vandra may collect and derive from Merchant Data aggregated data that does not identify Merchant, any third-party entity or any natural persons, and use and disclose such aggregated data for Vandra’s legitimate business purposes, which may include but is not limited to Application improvement, service and product development, research and marketing. Additionally, Vandra may collect and review Merchant Marketing Content to improve and enhance the Application and for other development, diagnostic and corrective purposes.
6. Fees and Payment Terms.
6.1. Fees. Merchant shall pay Vandra the then-current usage fees for the Application as set forth in the Sales Agreement or as otherwise set forth when accessing through a Third-Party Service such as the Shopify e-commerce platform (“Fees”).
6.2. Payment. Vandra shall bill Merchant for the applicable Fees either directly or through a Third-Party Service such as through the Shopify App Usage charge functionality. Vandra shall be entitled to suspend performance or discontinue access to the Application at any time if any amounts due are not paid in full.
6.3. Increases. Vandra will provide Merchant not less than fourteen (14) days advance notice of any increase in Fees. Customer’s continued use of the Application after a Fee increase notice will constitute Merchant’s agreement to the increase in Fees.
6.4. Taxes. All Commission amounts are exclusive of all applicable sales, use, value-added and other taxes, and all applicable duties, tariffs, assessments, export and import fees, or other similar charges, and Merchant will be responsible for payment of all such taxes (other than taxes based on Vandra’s income), fees, duties, and charges and any related penalties and interest, arising from the payment of the Fees and the delivery of the Application . To the extent that Vandra charges any of the aforementioned taxes, they are calculated using the tax rates that apply based on the billing address provided by Merchant. Such amounts are in addition to the Fees and will be billed to Merchant’s authorized payment method. If Merchant is exempt from payment of any such taxes, Merchant must provide Vandra with evidence of exemption. If Merchant is not charged any of the aforementioned taxes by Vandra, Merchant is responsible for determining if taxes are payable, and if so, self-remitting such taxes to the appropriate tax authorities in Merchant’s jurisdiction. Merchant will make all payments to Vandra free and clear of, and without reduction for, any withholding taxes. Any such taxes imposed on amounts due to Vandra will be Merchant’s sole responsibility, and Merchant will provide Vandra with official receipts issued by the appropriate taxing authority, or such other evidence as Vandra may reasonably request, to establish that such taxes have been paid. Merchant shall indemnify, defend, and hold Vandra harmless in connection with any proceedings brought by any taxing authorities in connection with this Agreement.
7. Merchant Data and Processing.
7.1. Merchant Data. Merchant Data, and all worldwide Intellectual Property Rights therein, is, as between Vandra and Merchant, the exclusive property of Merchant. Merchant grants Vandra a non-exclusive, sublicensable, transferable, worldwide, royalty-free and fully paid license to process and use the Merchant Data as necessary for purposes of providing the Application and as otherwise permitted in this Agreement. Merchant warrants that Merchant is the owner or legal custodian of, or otherwise has the right and has or will obtain the necessary permissions, valid consents and releases to lawfully transmit, store and use all Merchant Data in connection with the Application and to grant the rights granted to Vandra under this Agreement.
7.2. Merchant Personal Data. Vandra shall collect, use, disclose and otherwise process Merchant Personal Data (as defined in the Data Processing Addendum), and safeguard the privacy, confidentiality and security of Merchant Personal Data in accordance with the requirements set forth in the Data Processing Addendum, which is hereby incorporated into this Agreement by reference. The Data Processing Addendum does not apply to Account Information, and Vandra’s use of Account Information shall be in accordance with the privacy notice or statement posted on Vandra’s website. The term “Account Information” means information about Merchant that Merchant provides to Vandra in the creation or administration of its Vandra account, such as names, usernames, login credentials, phone numbers, email addresses and billing information associated with a Vandra account.
7.3. Merchant Responsibilities. Merchant is encouraged to make its own back-ups of the Merchant Data and Merchant agrees that the Application are not intended to serve a back-up or archive system of Merchant Data. Merchant shall have the sole responsibility for the accuracy, quality, integrity, legality, reliability, and appropriateness of all Merchant Data and the means by which Merchant acquired Merchant Data, and for the adequate security, protection and backup of Merchant’s Data. Merchant shall not use the Application, or allow others to use the Application, to collect directly or indirectly from individuals that access or use the Merchant’s website any sensitive or special categories of Personal Data.
7.4. Merchant Communications. Merchant shall comply with all applicable laws and regulations applicable to Merchant’s use of the Application , including Merchant Communications and Merchant Marketing Content, which laws and regulations shall include but not be limited to any applicable laws that govern wiretapping, online promotions, offers, gift cards, coupons, and/or gift certificates, data privacy and protection, intellectual property, and the sending or transmission of electronic marketing messages, and laws and regulations that apply to commerce, in each jurisdiction in which Merchant will be sending marketing communications to a resident of the jurisdiction. Merchant acknowledges and agrees that Vandra does not control or monitor Merchant Communications, or guarantee the accuracy, integrity, security or quality of such Merchant Communications and is not responsible for obtaining any necessary consents or permissions from recipients of Merchant Communications. Upon request, Merchant shall provide reasonable proof of compliance with the provisions set forth in this Section and Vandra shall have no obligation to provide Application where Vandra reasonably believes that Merchant has not so complied.
8. Representations, Warranties, and Disclaimers.
8.1. Mutual Representations and Warranties. Vandra and Merchant each represents and warrants that: (i) it has full corporate right, power, and authority to enter into this Agreement and (ii) the execution of this Agreement by and the performance of its obligations and duties hereunder do not and will not violate any agreement to which it is a party or is otherwise bound.
8.2. Merchant Representations and Warranties. Merchant represents and warrants that: (i) Merchant has a legally sufficient privacy policy that is made available to end customers and potential customers and prospects prior to their provision of any Merchant Personal Data to Merchant or Vandra; (ii) the Merchant Data and use of the Merchant Data (a) will not infringe, misappropriate, or otherwise violate the Intellectual Property Rights or other rights of any third party, (b) will not constitute defamation, invasion of privacy or publicity, or otherwise violate any similar rights of any third party, and (c) will not be used in any activity in violation of the law or to promote such activities, including, without limitation, in a manner that might be illegal or harmful to any person or entity; (iii) it will not distribute, share, or facilitate the distribution of unauthorized data, malware, viruses, Trojan horses, spyware, worms, or other malicious or harmful code; and (iv) Merchant will comply with and will at all times honor the terms and conditions of any on-line coupon or similar marketing offer, deal or advertisement to market Merchant’s products and services offered or otherwise promoted via the Application .
8.3. No Warranty. CUSTOMER ACKNOWLEDGES AND AGREES THAT THE APPLICATION IS PROVIDED “AS IS,” “AS AVAILABLE,” AND WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING BUT (NOT LIMITED TO) ANY WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, WHICH WARRANTIES ARE HEREBY DISCLAIMED.
CUSTOMER ACKNOWLEDGES AND AGREES THAT THE APPLICATION MAY NOT MEET CUSTOMER’S REQUIREMENTS, MAY NOT BE COMPATIBLE WITH ANY PARTICULAR INFORMATION SYSTEM, AND MAY NOT RESULT IN ANY ACTUAL BUSINESS OPPORTUNITIES, REVENUE OR SAVINGS. CUSTOMER FURTHER ACKNOWLEDGES AND AGREES THAT THE APPLICATION MAY NOT BE CONTINUOUSLY AVAILABLE AND MAY CONTAIN ERRORS, BUGS, AND OTHER GLITCHES THAT MAY NOT BE CORRECTED. THE APPLICATION AND SUPPORT SERVICES MAY BE SUBJECT TO LIMITATIONS, DELAYS, AND OTHER PROBLEMS INHERENT IN THE USE OF THE INTERNET AND ELECTRONIC COMMUNICATIONS AND VANDRA IS NOT RESPONSIBLE FOR ANY DELAYS, DELIVERY FAILURES, VIRUSES, LOSS OR COMPROMISE TO CUSTOMER DATA, OR OTHER DAMAGE RESULTING FROM SUCH PROBLEMS. THE ENTIRE RISK AS TO THE USE OF THE APPLICATION IS ASSUMED BY CUSTOMER.
9. Allocation of Risk and Limitation of Liability.
9.1. Limitation of Liability. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT WILL VANDRA, NOR ANY OF ITS AFFILIATES, SUBCONTRACTORS, LICENSORS, VENDORS OR SUPPLIERS, NOR ANY OF ITS THIRD PARTY PARTNERS, BE LIABLE TO CUSTOMER OR ANY OTHER THIRD PARTY FOR LOST REVENUES, LOST PROFITS OR OTHER SPECIAL, INCIDENTAL, INDIRECT, PUNITIVE, CONSEQUENTIAL, RELIANCE OR EXEMPLARY DAMAGES ARISING FROM CUSTOMER’S OR ANY OTHER THIRD PARTY’S USE OF OR INABILITY TO USE THE APPLICATION INCLUDING, BUT NOT LIMITED TO, LOSS OF TECHNOLOGY, LOSS OF DATA OR INTERRUPTION OR LOSS OF USE DAMAGES WHETHER OR NOT VANDRA HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGE OR LOSS. THE MAXIMUM AGGREGATE LIABILITY OF VANDRA, ITS LICENSORS AND VENDORS ARISING OUT OF OR IN CONNECTION WITH THIS AGREEMENT, WHETHER IN CONTRACT, TORT (INCLUDING NEGLIGENCE, STRICT LIABILITY OR OTHERWISE), SHALL NOT EXCEED THE LOWER OF (1) ONE HUNDRED DOLLARS ($100.00) OR (2) THE ACTUAL FEES PAID BY CUSTOMER FOR THE APPLICATION FOR THE TWO (2) MONTH PERIOD IMMEDIATELY PRECEDING THE INITIAL EVENT GIVING RISE TO LIABILITY HEREUNDER, LESS ANY DAMAGES PREVIOUSLY PAID BY VANDRA TO CUSTOMER IN THAT TWO (2) MONTH PERIOD.
9.2. Basis of the Bargain. The parties agree that the limitations of liability set forth in this Section 9 shall survive and continue in full force and effect despite any failure of consideration or of an exclusive remedy. The parties acknowledge that the Fees have been set and the Agreement entered into in reliance upon these limitations of liability and that all such limitations form an essential basis of the bargain between the parties.
10. CONFIDENTIALITY
10.1. Confidential Information. During the term of this Agreement, each party (the “Disclosing Party”) may provide the other party (the “Receiving Party”) with certain information regarding the Disclosing Party’s business, technology, products, or services, or other confidential or proprietary information (collectively, “Confidential Information”) in whatever form (written, oral or visual) that is furnished or made available to the Receiving Party by or on behalf of the Disclosing Party that (a) if in tangible form, the Disclosing Party has labeled in writing as proprietary or confidential, (b) if in oral or visual form, the Disclosing Party has identified as proprietary or confidential at the time of disclosure, or (c) is of a character that is commonly and reasonably regarded as confidential and/or proprietary. For the avoidance of doubt, the Application, Documentation, and all enhancements and improvements thereto, will be considered Confidential Information of Vandra.
10.2. Protection of Confidential Information. The Receiving Party agrees that it will not use or disclose to any third party any Confidential Information of the Disclosing Party, except for exercising its rights and performing its obligations under this Agreement. The Receiving Party will limit access to the Confidential Information to its employees and contractors who have a need to know, who are subject to confidentiality obligations no less restrictive than those set forth herein and who have been informed of the confidential nature of such information. In addition, the Receiving Party will protect the Disclosing Party’s Confidential Information from unauthorized use, access, or disclosure in the same manner that it protects its own proprietary information of a similar nature, but in no event with less than reasonable care. At the Disclosing Party’s request or upon termination of this Agreement, the Receiving Party will return to the Disclosing Party or destroy (or permanently erase in the case of electronic files) all copies of the Confidential Information that the Receiving Party does not have a continuing right to use under this Agreement, and, upon request, the Receiving Party shall provide to the Disclosing Party written notice certifying compliance with this sentence, unless prohibited by applicable law.
10.3. Exceptions. The confidentiality obligations set forth in this section will not apply to any information that: (i) is or becomes generally available to the public through no fault of the Receiving Party; (ii) is lawfully provided to the Receiving Party by a third party free of any confidentiality duties or obligations; (iii) the Receiving Party can prove, by clear and convincing evidence, was already known to the Receiving Party without restriction at the time of disclosure; or (iv) the Receiving Party can prove, by clear and convincing evidence, was independently developed by employees and contractors of the Receiving Party who had no access to the Confidential Information. In addition, the Receiving Party may disclose Confidential Information to the extent that such disclosure is necessary for the Receiving Party to enforce its rights under this Agreement or is required by law or by the order of a court or similar judicial or administrative body, provided that the Receiving Party promptly (to the extent legally permitted) notifies the Disclosing Party in writing of such required disclosure and reasonably cooperates with the Disclosing Party if the Disclosing Party seeks an appropriate protective order.
10.4. Remedies. Any breach or threatened or attempted breach of this Section 10 may result in immediate, irreparable harm for which monetary damages would be an inadequate remedy. If a court of competent jurisdiction finds that the Receiving Party has breached (or attempted or threatened to breach) any of the obligations set forth in this Section 10, the Receiving Party agrees that, without any additional findings of irreparable injury or other conditions to injunctive relief, it will not oppose the entry of an appropriate order compelling its performance and restraining it from any further breaches (or attempted or threatened breaches).
11. Indemnification. Merchant will indemnify, defend and hold Vandra, its officers, directors, affiliates, subsidiaries, licensors, agents and employees (each a “Vandra Party”) harmless from and against any and all losses, damages, liability, costs and expenses awarded by a court or agreed upon in settlement, as well as all reasonable and related attorneys’ fees and court costs arising out of or relating to Merchant’s access to, or use of, the Application.
12. Term and Termination.
12.1. Term. These Terms commence on the earlier of Merchant’s (i) registration of an account with Vandra to use the Application, or (ii) access to, or use of, the Application, and shall continue until terminated by a party as set forth in this Section 12.
12.2. Termination. Either party may immediately terminate the Agreement for any reason and without penalty by terminating Merchant’s access to the Application, in the case of Vandra, or by removing the Vandra access codes, blocking Vandra’s API access or uninstalling the Application, in the case of Merchant.
12.3. Effect of Termination. Upon termination or expiration of this Agreement for any reason: (i) all rights and obligations of both parties, including all licenses granted hereunder, shall immediately terminate (except that all payment obligations accrued prior to termination or expiration shall survive); and (ii) each party shall comply with the obligations to return or destroy all Confidential Information of the other party, as set forth in Section 10.2. Additionally, Vandra shall have no obligation to retain any Merchant Data after any termination or expiration of this Agreement and may delete all Merchant Data, unless required by applicable law. All liabilities accrued under this Agreement prior to the effective date of termination and the following Sections will survive expiration or termination of this Agreement for any reason: Sections 1-2, Sections 4-6, Sections 8-11, Section 12.3, and Section 13.
13. Miscellaneous.
13.1. Marketing. Merchant agrees that Vandra may refer to Merchant by name, logo and trademark in Vandra’s marketing materials and website. Merchant acknowledges and agrees that Vandra does not certify or endorse, and has no obligation to certify or endorse, any of Merchant’s products, services, or content.
13.2. Governing Law and Venue. This Agreement and any action related thereto will be governed and interpreted by and under the laws of the State of Ohio, without giving effect to any conflicts of laws principles that require the application of the law of a different jurisdiction. Merchant hereby expressly consents to the personal jurisdiction and venue in the state and federal courts located in Cleveland, Ohio for any lawsuit arising from or related to this Agreement. The United Nations Convention on Contracts for the International Sale of Goods does not apply to this Agreement. Merchant may not bring any suit or action against Vandra for any reason whatsoever more than one (1) year after the cause of action accrued.
13.3. Export. Merchant agrees not to export, re-export, or transfer, directly or indirectly, any software, technology or information forming a part of the Application or the Documentation in violation of any export control or other laws and regulations of the United States or any other relevant jurisdiction.
13.4. Severability. If any provision of this Agreement is, for any reason, held to be invalid or unenforceable, the other provisions of this Agreement will remain enforceable and the invalid or unenforceable provision will be deemed modified so that it is valid and enforceable to the maximum extent permitted by law.
13.5. Waiver. Any waiver or failure to enforce any provision of this Agreement on one occasion will not be deemed a waiver of any other provision or of such provision on any other occasion.
13.6. No Assignment. Merchant may not assign its rights or delegate any obligations hereunder without the express prior written consent of Vandra. Any assignment by Merchant without the prior written consent of Vandra shall be null and void. Vandra may assign its rights or obligations hereunder without notice or consent; provided, however, that
the Application shall continue to operate as specified in this Agreement. This Agreement shall inure to the benefit of each party’s permitted successors and assigns.
13.7. Force Majeure. Without limiting any other provision in the Agreement, Vandra, or any Vandra Party, is not responsible or liable to any Merchant for delay or failure to perform its obligations hereunder in the event that any of Vandra or Vandra Parties’ operations or activities are affected by any cause or event beyond the sole and reasonable control of the applicable Vandra Party (as determined by such party in its sole discretion), including, without limitation, by reason of any acts of God, equipment failure, threatened or actual terrorist acts, air raid, act of public enemy, war (declared or undeclared), civil disturbance, insurrection, riot, epidemic, pandemic, fire, explosion, earthquake, flood, hurricane, unusually severe weather, blackout, embargo, labor dispute or strike (whether legal or illegal), labor or material shortage, transportation interruption of any kind, work slowdown, any law, rule, regulation, action, order, or request adopted, taken, or made by any governmental or quasi-governmental entity (whether or not such governmental act proves to be invalid), or any other cause, whether or not specifically mentioned above.
13.8. Independent Contractors. Each party’s relationship to the other party is that of an independent contractor, and neither party is an agent or partner of the other. Neither party will have, and will not represent to any third party that it has, any authority to act on behalf of the other.
13.9. Third-Party Beneficiaries. There are no third-party beneficiaries under the Agreement.
13.10. Notices. Where Vandra requires Merchant to provide an email address, Merchant is responsible for providing Vandra with its most current email address. In the event that the last email address provided to Vandra is not valid, or for any reason is not capable of delivering to Merchant any notices required or permitted by the Agreement, Vandra’s dispatch of the email containing such notice will nonetheless constitute effective notice. Merchant may give notice to Vandra at the following email address: legal@vandra.com. Notice shall be deemed to have been duly given on the first business day following successful email transmission to Vandra.
13.11. Entire Agreement and Order of Precedence. The applicable Sales Agreement, Data Processing Agreement, and these Terms constitute the final, complete and exclusive agreement of the parties with respect to the subject matters hereof and supersedes and merges all prior discussions between the parties with respect to such subject matters. In the event of a conflict, the Agreement documents shall govern in the order of precedence stated in the preceding sentence. Any terms and conditions that may be contained in any acknowledgement, invoice, purchase order or other Merchant-provided form are specifically null and void. Except as otherwise set forth in the Agreement, no modification of or amendment to this Agreement, or any waiver of any rights under this Agreement, will be effective unless in writing and signed by an authorized signatory of Merchant and Vandra.
* * * * * * * * * *
Data Processing Addendum
This Data Processing Addendum (“DPA”) applies to the extent that Vandra has access to, or otherwise Processes, Merchant Personal Data for, or on the behalf of, Merchant. This DPA is intended to supplement the Agreement and in the event of a conflict between this DPA and the Agreement, the terms and conditions set forth in this DPA shall supersede and control with respect to the conflict. For the avoidance of doubt, the terms or conditions set forth in the Agreement that are not otherwise addressed herein shall remain in full force and effect.
1. Definitions. For purposes of this DPA, the following terms shall apply:
1.1. Application means the professional, technology, or consulting services, or other products, goods, or services that Vandra furnishes to Merchant pursuant to the Agreement.
1.2. California Consumer Privacy Act (CCPA) means the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (CPRA) and other applicable amendments and includes all CCPA regulations.
1.3. Merchant Personal Data means Personal Data, in any form or format, that Vandra has access to, or otherwise Processes, for, or on the behalf of, Merchant pursuant to the Agreement and Application rendered thereunder.
1.4. Data Protection Law means all laws, statutes, and regulations applicable to the Processing of Merchant Personal Data, including the CCPA, the Connecticut Data Privacy Act, the Virginia Consumer Data Protection Act.
1.5. Data Subject means the natural person whose Personal Data is Processed by Vandra.
1.6. Documented Instructions means the Processing terms and conditions set forth in the Agreement and this DPA.
1.7. Information System means any information or telecommunication system, network, equipment, hardware, or software employed or otherwise used with respect to the Processing of Merchant Personal Data.
1.8. Personal Data means any information or data that, alone or in combination with other information or data, can be used to reasonably identify a particular individual, household, or device, and is subject to, or otherwise afforded protection under, an applicable Data Protection Law.
1.9. Process means any action performed on Merchant Personal Data, including collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure, transfer or otherwise making available, alignment or combination, restriction, deletion, or destruction.
1.10. Sale or Sell shall be ascribed the meaning set forth in the CCPA.
1.11. Share or Sharing shall be ascribed the meaning set forth in the CCPA.
1.12. Security Event means a breach of security of an Information System leading to a compromise to the security, confidentiality, availability, or integrity of Merchant Personal Data.
1.13. Subprocessor means any third party engaged by Vandra to Process Merchant Personal Data on its behalf.
2. Data Protection.
2.1. General Obligations. Merchant retains all rights, title, and interest in Merchant Personal Data. Merchant acknowledges and agrees that Merchant will be solely responsible for the accuracy, quality, and legality of Merchant Personal Data. Merchant hereby appoints Vandra to Process Merchant Personal Data on Merchant’s behalf and grants Vandra a limited, revocable, nonexclusive right to Process Merchant Personal Data in accordance with the Documented Instructions. In the event Vandra is compelled by law to Process Merchant Personal Data beyond, or in conflict with, the Documented Instructions, Vandra shall notify Merchant of the same prior to such Processing, unless such prior notification is expressly prohibited by law. Vandra shall, promptly and without delay, notify Merchant if, in Vandra’s reasonable judgment, the Documented Instructions infringe upon any applicable Data Protection Law.
2.2. CCPA/CPRA Disclaimer. Each party acknowledges and agrees that the disclosure of Merchant Personal Data to the other does not constitute, and is not the intent of either party for such disclosure to constitute, a Sale or Sharing of Merchant Personal Data, and if valuable consideration, monetary or otherwise, is being provided by either party, such valuable consideration, monetary or otherwise, is being provided for the rendering of Application and not for the disclosure of Merchant Personal Data. Vandra shall (i) not collect, retain, use, or disclose Merchant Personal Data for any purpose (including for any commercial purpose) other than for the specific purpose of performing the services set forth in the Agreement, unless otherwise required by law, (ii) shall not Sell or Share Merchant Personal Data, except as necessary to satisfy its obligations under the Agreement, (iii) shall not collect, retain, use, or disclose Merchant Personal Data outside the direct business relationship between Vandra and Merchant, unless expressly permitted by law, (iv) shall not combine Merchant Personal Data that Vandra receives from Merchant with Personal Data that Vandra receives from or on behalf of another party, or collects from its own interaction with a Data Subject, except as permitted by law, and (iv) shall, at Merchant’s reasonable request, cease any unauthorized Processing of Merchant Personal Data and grant Merchant authorization to assess and remediate any such unauthorized Processing. This DPA is Vandra’s certification, to the extent the CCPA or any other applicable Data Protection Law requires such a certification, that Vandra understands and will comply with the Processing limitations with respect to Merchant Personal Data that are set forth in the Documented Instructions. The parties acknowledge and agree that the “business purpose” for which Vandra Processes Merchant Personal Data is to assist Merchant engage in marketing, promote its products, and similar activities.
3. Confidentiality and Information Security.
3.1. Confidentiality. Vandra shall (i) maintain the confidentiality of all Merchant Personal Data and ensure that all individuals who are authorized to Process Merchant Personal Data on its behalf have committed themselves to confidentiality, (ii) limit access to Merchant Personal Data to only those individuals who have a business need for such access, and (iii) take reasonable steps to ensure the reliability of all individuals who have access to Merchant Personal Data.
3.2. Information Security. Vandra shall implement and maintain commercially reasonable technical, physical, and administrative security controls to protect and safeguard Merchant Personal Data, including written policies that describe such security controls and set forth responsibilities and obligations applicable to individuals who have access to an Information System.
4. Cooperation and Assistance; Return of Merchant Personal Data.
4.1. General Assistance. Vandra shall provide reasonable assistance to Merchant to enable Merchant to (i) comply with its obligations and responsibilities under any applicable Data Protection Law, including with respect to Data Subjects exercising their rights and privileges under applicable Data Protection Laws, (ii) undertake data protection impact assessments, and (iii) comply with requests or demands from supervisory authorities.
4.2. Data Notice and Response. Vandra shall, immediately and without delay, refer to Merchant any correspondence, inquiry, complaint, request, or demand (collectively or individually, a “Data Notice”) concerning the Processing of Merchant Personal Data and shall not respond to any such Data Notice unless otherwise required by law. Notwithstanding the foregoing, in response to any such Data Notice, Vandra may furnish Merchant’s email contact information and request the Data Notice be submitted directly to Merchant. Upon written request from Merchant, Vandra shall promptly (and in any event within thirty (30) business days) provide access to, amend, correct, delete, or cease Processing, Merchant Personal Data in its custody or control.
4.3. Return or Destruction of Merchant Personal Data. Upon termination of the Application, Vandra shall, within a maximum period of sixty (60) calendar days and at Merchant’s choice: (i) return to Merchant all Merchant Personal Data and all copies thereof by secure file transfer in such a format as required by Merchant, or (ii) destroy, and certify the destruction of, all other copies of Merchant Personal Data, unless storage of such data is required by law. Notwithstanding the foregoing, Vandra may destroy Merchant Personal Data that is stored in a back-up or archived format in accordance with its normal retention schedule, provided such Merchant Personal Data is otherwise retained in accordance with this DPA.
5. Security Event Procedures. Vandra shall, to the extent legally required, provide written notice to Merchant of any Security Event, and this written notification shall, to the greatest extent possible, include a description of (i) the nature of the Security Event, (ii) the categories of Merchant Personal Data affected by the Security Event, (iii) the approximate number of individuals affected by the Security Event, (iv) any potential legal or regulatory consequences that may arise from the Security Event, and (v) the measures taken or proposed to be taken to address the Security Event. In the event of a Security Event, Vandra shall designate a senior employee to serve as Vandra’s single point of contact from whom Merchant can obtain more information about the Security Event. Vandra shall provide reasonable assistance to Merchant to investigate or otherwise respond to a Security Event, and enable Merchant to meet any legal obligation it may have to give notice of the Security Event to any affected Data Subject, a governmental or regulatory authority, or any other individual or entity.
6. Audits. Vandra (i) shall upon request (but not more frequently than annually) respond to questionnaires and similar requests for information provided by Merchant to demonstrate Vandra’s compliance with Vandra’s obligations under this DPA, (ii) may use (in Vandra’s sole discretion) independent external auditors to verify the adequacy of its written information security program and, at least annually, provide (if available) Merchant with its most recent third-party attestations, certifications, and reports relevant to the establishment, implementation, and effectiveness of Vandra’s information security program. If the information and reports described in the foregoing (i) and (ii) do not demonstrate, in Merchant’s reasonable judgment, Vandra’s compliance with its obligations and responsibilities set forth in this DPA, Merchant may conduct an inspection, test (including a penetration test), or audit of Vandra’s business operations, or have the same conducted by a qualified third party subject to a nondisclosure agreement, provided (i) Merchant furnishes Vandra at least thirty (30) days’ advanced written notice, (ii) the inspection, test, or audit is conducted during Vandra’s regular business hours, and (iii) the inspection, test, or audit is conducted in a manner that does not materially interrupt Vandra’s business operations. Merchant shall be solely responsible for all reasonable costs and fees associated with the inspection, test, or audit described herein. Merchant shall immediately provide the results or conclusions of any inspection, test, or audit conducted to Vandra.
7. Subprocessors. Merchant hereby acknowledges and agrees that Vandra may authorize the use of Subprocessors to assist with its provision of Application to Merchant, provided Vandra executes with any such Subprocessor a written agreement that contains terms and conditions that are substantially similar to the terms and conditions set forth in this DPA. Vandra shall undertake all reasonable efforts to ensure that any such Subprocessor can comply, and is in compliance, with the terms and conditions set forth in this DPA. Vandra shall, at any and all times, remain liable to Merchant for any and all acts or omissions of a Subprocessor.