Effective from January 14, 2019
THIS AGREEMENT GOVERNS YOUR ACQUISITION AND USE OF OUR SERVICES.
BY ACCEPTING THESE TERMS OF SERVICE, EITHER BY REGISTERING ON WWW.BROWSERSTACK.COM OR BY CLICKING A BOX INDICATING YOUR ACCEPTANCE OR BY EXECUTING AN ORDER FORM OR ANY OTHER DOCUMENTATION THAT REFERENCES THIS AGREEMENT, YOU AGREE TO THE TERMS OF THIS AGREEMENT. IF YOU ARE ENTERING INTO THIS AGREEMENT ON BEHALF OF A COMPANY OR OTHER LEGAL ENTITY, YOU REPRESENT THAT YOU HAVE THE AUTHORITY TO BIND SUCH ENTITY AND ITS AFFILIATES TO THESE TERMS AND CONDITIONS, IN WHICH CASE THE TERMS “YOU” OR “YOUR” SHALL REFER TO SUCH ENTITY AND ITS AFFILIATES. IF YOU DO NOT HAVE SUCH AUTHORITY, OR IF YOU DO NOT AGREE WITH THESE TERMS AND CONDITIONS, YOU MUST NOT ACCEPT THIS AGREEMENT AND MAY NOT USE THE SERVICES.
IF YOU REGISTER FOR A FREE TRIAL FOR OUR SERVICES, THE APPLICABLE PROVISIONS OF THIS AGREEMENT WILL ALSO GOVERN THAT FREE TRIAL.
This Agreement was last updated on January 14, 2019. It is effective between You and Us as of the date of Your acceptance of this Agreement.
The parties hereby agree to the following with respect to Your use, and BrowserStack’s provision, of the Service (as defined below).
OVERVIEW
- Introduction. BrowserStack offers Services designed to enable customers to test their websites and mobile applications across an array of web browsers, operating systems and physical device environments. Once Customer’s test is complete, BrowserStack only stores limited elements of Customer Content, as further described in Section 3.2.
Definitions.
“Account-Related Information” means contact information, payment information, and biographical information about Customer’s representatives and contacts used for marketing, opening new user accounts to use BrowserStack’s Services, and to maintain existing accounts.
“Customer Content” means (i) data or content in the Customer Properties that Customer chooses to test (and for mobile applications, the application package itself); (ii) data Customer submits or creates as part of a test, including test scripts and Screenshots; and (iii) any other data Customer submits to BrowserStack in connection with the use of the Services (not including Account-Related Information).
“Customer Property” means a website or mobile application submitted to the Services for testing.
“Documentation” means the technical user documentation provided with the Services.
“Laws” means all applicable local, state, federal, foreign and international laws, regulations and conventions, including, without limitation, those related to data privacy and data transfer, international communications, and the exportation of technical or personal data.
“Order Form” means each order form referencing this Agreement.
“Open Source Software” means any open source, community or other free code or libraries of any type, including, without limitation, any code which is made generally available on the Internet without charge (such as, for example purposes only, any code licensed under any version of the MIT, BSD, Apache, Mozilla or GPL or LGPL licenses).
“Personal Information” means any information that identifies, relates to, describes, or is capable of being associated with, or could reasonably be linked, directly or indirectly, to an identified or identifiable living natural person, including but not limited to: (i) Identifiers such as a real name, alias, postal address, unique personal identifier, online identifier Internet Protocol address, email address, account name, social security number, driver’s license number, government identification card number, passport number, or other similar identifiers; (ii) any patient, medical records or other protected or regulated health information; (iii) any financial information (including bank account or payment card numbers) or any other information subject to regulation or protection under specific laws or regulations; or (iv) information defined as “personal information,” “personally identifiable information,” “personal data,” or similar expressions under applicable privacy laws or data security Laws.
“Parallel Tests” means the number of tests that Customer’s Permitted Users (as defined below) are collectively running on Test Environments at a given point in time.
“Screenshot” means an image or video of the Test Environment display captured using the Services.
“Services” means BrowserStack’s proprietary software-as-a-service solution(s), as described in the applicable Order Form. Subject to the terms herein, references to the Services also include the Documentation.
“Test Environment” means virtual machines, physical electronic devices, and device emulators on which Customer may use the Services to run tests.
BROWSERSTACK SERVICES
- Access to Services. Customer will purchase and BrowserStack will provide the specific Services as specified in the applicable Order Form. Customer may access and use these Services during the Subscription Term (as defined below) solely for its own benefit and in accordance with the terms and conditions of this Agreement, the Documentation and any scope of use restrictions designated in the applicable Order Form (including any limits on Parallel Tests and Permitted Users). As part of its use of the Services and if required, Customer may copy and use the Documentation for Customer’s internal use in connection with the use of the Services.
- Permitted Users
- a) In General. Use of and access to the Services is permitted by and only by the number of employees of Customer specified in the applicable Order Form (“Permitted Users”). If Customer is given passwords to access the Services on BrowserStack’s systems, Customer will require that all Permitted Users keep user ID and password information strictly confidential and not share such information with any unauthorized person. User IDs are granted to individual, named persons and may not be shared. User IDs may only be reassigned to a new Permitted User if the prior Permitted User will no longer use the Services. Customer will be responsible for any and all actions taken using Customer’s accounts and passwords.
- b) Contractors and Affiliates. Customer may permit individuals serving as its independent contractors and consultants who are not competitors of BrowserStack (“Contractors”) and individual employees, contractors, or consultants of Affiliates (as defined below) to serve as Permitted Users, provided Customer remains responsible for compliance by each such Contractor or Affiliate Permitted User with all of the terms and conditions of this Agreement and any such use of the Services by such Contractor or Affiliate Permitted User is for the sole benefit of Customer. Use of the Services by Permitted Users of Affiliates, Contractors and Customer in the aggregate must be within the restrictions in the applicable Order Form. “Affiliate” means any entity controlling, controlled by, or under common control with the referenced entity, where the term “control” means the possession, direct or indirect, of the power to direct or cause the direction of the management and policies of an entity, whether through the ownership of voting securities, by contract, or otherwise.
- General Restrictions. Customer will not (and will not permit any third party to): (a) rent, lease, provide access to or sublicense the Services to a third party; (b) use the Services to provide, or incorporate the Services into, any product or service provided to a third party; (c) reverse engineer, decompile, disassemble, or otherwise seek to obtain the source code or non-public APIs to the Services, except to the extent expressly permitted by applicable law (and then only upon advance notice to BrowserStack); (d) copy or modify the Services or any Documentation, or create any derivative work from any of the foregoing; (e) remove or obscure any proprietary or other notices contained in the Services (including any reports or data printed from the Services); or (f) publicly disseminate information regarding the performance of the Services.
- Trial Subscriptions. If Customer receives free access or a trial or evaluation subscription to one or more Services (a “Trial Subscription”), then Customer may use the Services in accordance with the terms and conditions of this Agreement for a period of thirty (30) days or such other period granted by BrowserStack (the “Trial Period”). Trial Subscriptions are permitted solely for Customer’s use to determine whether to purchase a paid subscription to the Services. Certain Trial Subscriptions may include pre-release and beta products (“Beta Releases”). Trial Subscriptions may not include all functionality and features accessible as part of a paid Subscription. If Customer does not enter into a paid Subscription Term, this Agreement and Customer’s right to access and use the Services will terminate at the end of the Trial Period. BrowserStack has the right to terminate a Trial Subscription at any time for any reason. NOTWITHSTANDING ANYTHING TO THE CONTRARY IN THIS AGREEMENT, BROWSERSTACK WILL HAVE NO WARRANTY, INDEMNITY, DATA ARCHIVING, SERVICE LEVEL, OR SUPPORT OBLIGATIONS WITH RESPECT TO TRIAL SUBSCRIPTIONS.
CUSTOMER CONTENT
- Rights in Customer Content. As between the parties, Customer will retain all right, title and interest (including any and all intellectual property rights) that Customer may have in and to the Customer Content as submitted to or accessed through the Services. Subject to the terms of this Agreement, Customer hereby grants to BrowserStack a non-exclusive, worldwide, royalty-free right to use, copy, store, transmit, modify, create derivative works of and display the Customer Content solely to the extent necessary to provide the Services to Customer. For clarity, BrowserStack tests Customer Properties, but does not operate the live Customer Properties run by Customer.
- Storage by BrowserStack. Upon termination of a test, the Test Environment will be deleted (or, for physical, non-emulated devices, reset to factory settings). As a result, any Customer Content resident in a Test Environment will be deleted after completion of the test. Notwithstanding the foregoing, certain Customer Content is stored by BrowserStack as follows:
- a. BrowserStack will retain any Screenshots and output (such as reports or log data) created using the Services to allow Customer to access the Screenshots and output for later use by Customer.
- b. If Customer uploads a mobile application for use with the Services, BrowserStack will retain a copy of that application for use by Customer in subsequent tests.
- c. BrowserStack may retain short-term technical backups as part of providing the Services.
Any Customer Content will be retained subject to BrowserStack’s data retention policies and confidentiality obligations under this Agreement. Except as set forth above, the Services do not provide a solution for storage of Customer Content or backups. Customer agrees that Customer Content shall include only copies of Customer’s data, and not any data that Customer needs for backup or archival purpose.
- Customer Obligations.
- a) In General. Customer will ensure that Customer’s use of each Service and all Customer Content is at all times compliant with Customer’s privacy policies and all applicable local, state, federal and international laws, regulations and conventions, including, without limitation, those related to data privacy and data transfer, international communications, and the exportation of technical or personal data. Customer is solely responsible for the accuracy, content and legality of all Customer Content. Customer represents and warrants to BrowserStack that Customer has all necessary rights, consents and permissions to collect, share and use all Customer Content as contemplated in this Agreement (including granting BrowserStack the rights in Section 3.1), and that no Customer Content will violate or infringe (i) any third party intellectual property, publicity, privacy or other rights or (ii) any Laws. If specified in the Documentation, Customer will submit certain types of Customer Content (e.g., mobile applications) in the format required by BrowserStack.
- b) No Personal Information. Customer acknowledges that the Services are not designed for use with (and do not require) Personal Information included in Customer Content. Customer specifically agrees not to use the Services to collect, store, process or transmit any Personal Information other than Account-Related Information, and will not submit to the Services any Customer Content containing any Personal Information. BrowserStack will have no liability under this Agreement for Personal Information included within Customer Content, or any security incident or breach regarding such Personal Information, notwithstanding anything to the contrary herein.
- c) Customer Content Guidelines. Customer will not use the Services with any Customer Content that (i) is deceptive, fraudulent, illegal, obscene, defamatory, libelous, threatening, harmful to minors, pornographic, indecent, harassing, hateful, religiously, racially or ethnically offensive, that encourages illegal or tortious conduct or that is otherwise inappropriate in BrowserStack’s discretion; (ii) contains viruses, bots, worms, scripting exploits or other similar materials; or (iii) could otherwise cause damage to BrowserStack or any third party.
- Indemnification by Customer. Customer will indemnify, defend and hold harmless BrowserStack from and against any and all claims, costs, damages, losses, liabilities and expenses (including reasonable attorneys’ fees and costs) arising out of or in connection with any claim arising from or relating to (a) any Customer Content or acts or omissions of Customer that constitute a breach or alleged breach by Customer of Section 3.3 (Customer Obligations) or (b) any service or product offered by Customer in connection with or related to the Services. This indemnification obligation is subject to Customer receiving (i) prompt written notice of such claim (but in any event notice in sufficient time for Customer to respond without prejudice); (ii) the exclusive right to control and direct the investigation, defense, or settlement of such claim; and (iii) all necessary cooperation of BrowserStack at Customer’s expense. Notwithstanding the foregoing sentence, BrowserStack may participate in the defense of any claim by counsel of its own choosing, at its cost and expense and Customer will not settle any claim without BrowserStack’s prior written consent, unless the settlement fully and unconditionally releases BrowserStack and does not require BrowserStack to pay any amount, take any action, or admit any liability.
DATA PROTECTION.
In accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR), the data protection terms relating to processing of Account-Related Information and Customer Content are contained in Exhibit A (Data Protection Addendum). To the extent that there is any conflict between any provision of the Agreement and the contents of Exhibit A, the contents of Exhibit A shall prevail in respect of such conflict in so far as the matters of data protection are concerned.
OWNERSHIP.
- BrowserStack Technology. This is a subscription agreement for access to and use of the Services. Customer acknowledges that it is obtaining only a limited right to the Services and that irrespective of any use of the words “purchase”, “sale” or like terms in this Agreement no ownership rights are being conveyed to Customer under this Agreement. Customer agrees that BrowserStack or its suppliers retain all right, title and interest (including all patent, copyright, trademark, trade secret and other intellectual property rights) in and to the Services, all Documentation, Professional Services deliverables and any and all related and underlying technology and documentation and any derivative works, modifications or improvements of any of the foregoing, including as may incorporate Feedback (collectively, “BrowserStack Technology”). Except as expressly set forth in this Agreement, no rights in any BrowserStack Technology are granted to Customer. Further, Customer acknowledges that the Services are offered as an on-line, hosted solution, and that Customer has no right to obtain a copy of any of the Services.
- Feedback. Customer, from time to time, may submit comments, questions, suggestions or other feedback relating to any BrowserStack product or service to BrowserStack (“Feedback”). BrowserStack may freely use or exploit Feedback in connection with any of its products or services without the need to pay compensation for any use of such Feedback.
- Usage Data. Notwithstanding anything to the contrary herein, Customer agrees that BrowserStack may obtain technical data about Customer’s use of the Services that is non-personally identifiable with respect to Customer (“Usage Data”), and BrowserStack may use the Usage Data to analyze, improve, market, support and operate the Services and otherwise for any business purpose during and after the term of this Agreement. For clarity, this Section 5.3 does not give BrowserStack the right to identify Customer as the source of any Usage Data.
SUBSCRIPTION TERM, FEES & PAYMENT
- Subscription Term. Each Service is provided on a subscription basis for a set term designated on the Order Form (each, a “Subscription Term”) as more fully specified in the applicable Order Form.
- Fees and Payment. All fees are as set forth in the applicable Order Form and will be subject to the applicable payment terms set forth in the applicable Order Form. All fees are non-refundable. Customer is required to pay any sales, use, GST, value-added, withholding, or similar taxes or levies, whether domestic or foreign, other than taxes based on the income of BrowserStack. Customer must make all payments without any setoffs, withholdings, or deduction of any kind. Any late payments will be subject to a service charge equal to 1.5% per month of the amount due or the maximum amount allowed by law, whichever is less.
- Suspension of Service. In addition to any of BrowserStack’s other rights or remedies (including but not limited to any termination rights set forth herein), BrowserStack reserves the right to suspend Customer’s access to the Services if: (i) Customer’s account is thirty (30) days or more overdue; (ii) BrowserStack determines that Customer has breached Section 2.3 (General Restrictions) or Section 3.3 (Customer Obligations); or (iii) BrowserStack determines that suspension is necessary to prevent harm or liability to other customers or third parties, or to preserve the security, stability, availability or integrity of the Services. BrowserStack will have no liability for taking action as permitted above in this section. However, unless this Agreement has been terminated, BrowserStack will cooperate with Customer to restore access to the Services once it verifies that Customer has resolved the condition requiring suspension.
TERM AND TERMINATION
- Term. This Agreement is effective as of the Effective Date and expires on the date of expiration or termination of all Subscription Terms.
- Termination for Cause. Either party may terminate this Agreement (including all related Order Forms) if the other party (a) fails to cure any material breach of this Agreement (including a failure to pay fees) within thirty (30) days after written notice; (b) ceases operation without a successor; or (c) seeks protection under any bankruptcy, receivership, trust deed, creditors’ arrangement, composition, or comparable proceeding, or if any such proceeding is instituted against that party (and not dismissed within sixty (60) days thereafter).
- Effect of Termination. Upon any expiration or termination of this Agreement, Customer will immediately cease any and all use of and access to all Services (including any and all related BrowserStack Technology) and delete (or, at BrowserStack’s request, return) any and all copies of the Documentation, any BrowserStack passwords or access codes and any other BrowserStack Confidential Information in its possession. Provided this Agreement was not terminated for Customer’s breach, Customer may retain and use internally copies of all reports exported from any Service prior to termination. Customer acknowledges that following termination it will have no further access to any Customer Content input into any Service, and that BrowserStack may delete any such data as may have been stored by BrowserStack at any time. Except where an exclusive remedy is specified, the exercise of either party of any remedy under this Agreement, including termination, will be without prejudice to any other remedies it may have under this Agreement, by law or otherwise.
- Survival. The following Sections will survive any expiration or termination of this Agreement: 2.3 (General Restrictions), 2.4 (Trial Subscriptions), 3.2 (Storage by BrowserStack), 3.4 (Indemnification by Customer), 5 (Ownership), 6.2 (Fees and Payment), 7 (Term and Termination), 8.2 (Warranty Disclaimer), 10 (Confidential Information) and 12 (General Terms).
LIMITED WARRANTY
- Limited Warranty. BrowserStack warrants, for Customer’s benefit only, that each Service will operate in substantial conformity with the applicable Documentation. BrowserStack’s sole liability (and Customer’s sole and exclusive remedy) for any breach of this warranty will be, at no charge to Customer, for BrowserStack to use commercially reasonable efforts to correct the reported non-conformity, or if BrowserStack determines such remedy to be impracticable, either party may terminate the applicable Subscription Term and Customer will receive as its sole remedy a refund of any fees Customer has pre-paid for use of such Service for the terminated portion of the applicable Subscription Term. The limited warranty set forth in this Section 8.1 will not apply: (i) unless Customer makes a claim within thirty (30) days of the date on which Customer first noticed the non-conformity, (ii) if the error was caused by misuse, unauthorized modifications or third-party hardware, software or services, or (iii) to use provided based on a Trial Subscription.
- Warranty Disclaimer. EXCEPT FOR THE LIMITED WARRANTY IN SECTION 8.1, ALL SERVICES AND THE BROWSERSTACK CODE ARE PROVIDED “AS IS”. NEITHER BROWSERSTACK NOR ITS SUPPLIERS MAKES ANY OTHER WARRANTIES, EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, INCLUDING BUT NOT LIMITED TO WARRANTIES OF MERCHANTABILITY, TITLE, FITNESS FOR A PARTICULAR PURPOSE OR NONINFRINGEMENT. BROWSERSTACK DOES NOT WARRANT THAT CUSTOMER’S USE OF ANY SERVICE WILL BE UNINTERRUPTED OR ERROR-FREE, NOR DOES BROWSERSTACK WARRANT THAT IT WILL REVIEW THE CUSTOMER CONTENT FOR ACCURACY OR THAT IT WILL PRESERVE OR MAINTAIN THE CUSTOMER CONTENT WITHOUT LOSS. BROWSERSTACK WILL NOT BE LIABLE FOR DELAYS, INTERRUPTIONS, SERVICE FAILURES OR OTHER PROBLEMS INHERENT IN USE OF THE INTERNET AND ELECTRONIC COMMUNICATIONS OR OTHER SYSTEMS OUTSIDE THE REASONABLE CONTROL OF BROWSERSTACK. CUSTOMER MAY HAVE OTHER STATUTORY RIGHTS, BUT THE DURATION OF STATUTORILY REQUIRED WARRANTIES, IF ANY, WILL BE LIMITED TO THE SHORTEST PERIOD PERMITTED BY LAW.
- Specific Disclaimers. TO THE EXTENT PERMITTED BY LAW, BROWSERSTACK IS NOT RESPONSIBLE FOR ANY DELAYS, DELIVERY FAILURES, OR ANY OTHER LOSS OR DAMAGE RESULTING FROM (I) THE TRANSFER OF DATA OVER PUBLIC COMMUNICATIONS NETWORKS AND FACILITIES, INCLUDING THE INTERNET, OR (II) ANY DELAY OR DELIVERY FAILURE ON THE PART OF ANY OTHER SERVICE PROVIDER NOT CONTRACTED BY US, AND CUSTOMER ACKNOWLEDGES THAT THE SERVICE MAY BE SUBJECT TO LIMITATIONS, DELAYS AND OTHER PROBLEMS INHERENT IN THE USE OF SUCH COMMUNICATIONS FACILITIES. CUSTOMER ACKNOWLEDGES THAT BROWSERSTACK CANNOT GUARANTEE THE ABSOLUTE PREVENTION OF CYBER-ATTACKS SUCH AS HACKING, SPYWARE, AND VIRUSES. ACCORDINGLY, BROWSERSTACK SHALL NOT BE LIABLE FOR ANY UNAUTHORIZED DISCLOSURE, LOSS OR DESTRUCTION OF CUSTOMER DATA ARISING FROM SUCH RISKS AS LONG AS SUCH RISK CANNOT BE ATTRIBUTED TO NEGLIGANCE OR FAILURE ON BROWSERSTACK’S PART.
LIMITATION OF REMEDIES AND DAMAGES
- Consequential Damages Waiver. EXCEPT FOR EXCLUDED CLAIMS (DEFINED BELOW), NEITHER PARTY (NOR ITS SUPPLIERS) WILL HAVE ANY LIABILITY ARISING OUT OF OR RELATED TO THIS AGREEMENT, THE SERVICES, THE DOCUMENTATION, OR THE BROWSERSTACK CODE FOR ANY LOSS OF USE, LOST DATA, LOST PROFITS, FAILURE OF SECURITY MECHANISMS, INTERRUPTION OF BUSINESS, OR ANY INDIRECT, SPECIAL, INCIDENTAL, RELIANCE, OR CONSEQUENTIAL DAMAGES OF ANY KIND, EVEN IF INFORMED OF THE POSSIBILITY OF SUCH DAMAGES IN ADVANCE.
- Liability Cap. BROWSERSTACK’S AND ITS SUPPLIERS’ ENTIRE LIABILITY TO CUSTOMER ARISING OUT OF OR RELATED TO THIS AGREEMENT, THE SERVICES, THE DOCUMENTATION, OR THE BROWSERSTACK CODE AT ANY TIME WILL NOT EXCEED $1 UNDER THIS AGREEMENT.
- Excluded Claims. “Excluded Claims” means any claim arising (a) from Customer’s breach of Section 2.3 (General Restrictions); (b) under Section 3.3 (Customer Obligations) and Section 3.4 (Indemnification by Customer); or (c) from a party’s breach of its obligations in Section 10 (Confidential Information) (but excluding claims related to Customer Content).
- Nature of Claims and Failure of Essential Purpose. The parties agree that the waivers and limitations specified in this Section 9 apply regardless of the form of action, whether in contact, tort (including negligence), strict liability or otherwise and will survive and apply even if any limited remedy specified in this Agreement is found to have failed of its essential purpose.
CONFIDENTIAL INFORMATION.
Each party (as “Receiving Party”) agrees that all code, inventions, know-how, business, technical and financial information it obtains from the disclosing party (“Disclosing Party”) constitute the confidential property of the Disclosing Party (“Confidential Information”), provided that it is identified as confidential at the time of disclosure or should be reasonably known by the Receiving Party to be confidential or proprietary due to the nature of the information disclosed and the circumstances surrounding the disclosure. Any BrowserStack Technology, performance information relating to any Service, and the terms and conditions of this Agreement will be deemed Confidential Information of BrowserStack without any marking or further designation. Customer Content will be deemed Confidential Information of Customer without the need for any marking or further designation. Except as expressly authorized herein, the Receiving Party will (1) hold in confidence and not disclose any Confidential Information to third parties and (2) not use Confidential Information for any purpose other than fulfilling its obligations and exercising its rights under this Agreement. The Receiving Party may disclose Confidential Information to its employees, agents, contractors and other representatives having a legitimate need to know (including, for BrowserStack, its subcontractors), provided that such representatives are bound to confidentiality obligations no less protective of the Disclosing Party than this Section 10 and that the Receiving Party remains responsible for compliance by any such representative with the terms of this Section 10. The Receiving Party’s confidentiality obligations will not apply to information that the Receiving Party can document: (i) was rightfully in its possession or known to it prior to receipt of the Confidential Information; (ii) is or has become public knowledge through no fault of the Receiving Party; (iii) is rightfully obtained by the Receiving Party from a third party without breach of any confidentiality obligation; or (iv) is independently developed by employees of the Receiving Party who had no access to such information. The Receiving Party may make disclosures to the extent required by administrative or judicial process, applicable law, or court order, provided the Receiving Party notifies the Disclosing Party in advance and cooperates in any effort to obtain confidential treatment. The Receiving Party acknowledges that disclosure of Confidential Information would cause substantial harm for which damages alone would not be a sufficient remedy, and therefore that upon any such disclosure by the Receiving Party the Disclosing Party will be entitled to seek appropriate equitable relief in addition to whatever other remedies it might have at law.
GENERAL TERMS
- Assignment. This Agreement will bind and inure to the benefit of each party’s permitted successors and assigns. Neither party may assign this Agreement without the advance written consent of the other party, except that either party may assign this Agreement in connection with a merger, reorganization, acquisition or other transfer of all or substantially all of such party’s assets or voting securities. Any attempt to transfer or assign this Agreement except as expressly authorized under this Section 11.1 will be null and void.
- Severability. If any provision of this Agreement will be adjudged by any court of competent jurisdiction to be unenforceable or invalid, that provision will be limited to the minimum extent necessary so that this Agreement will otherwise remain in effect.
- Governing Law; Jurisdiction and Venue. This Agreement will be governed by the laws of the State of California and the United States without regard to conflicts of laws provisions thereof, and without regard to the United Nations Convention on the International Sale of Goods. All disputes relating to or arising out of this Agreement shall be resolved in a state or federal court located in or encompassing San Mateo County, California, USA, and the parties hereby consent to the jurisdiction of such courts.
- Attorneys’ Fees and Costs. The prevailing party in any action to enforce this Agreement will be entitled to recover its attorneys’ fees and costs in connection with such action.
- Notice. Any notice or communication required or permitted under this Agreement will be in writing to the parties at the addresses set forth on the Order Form or at such other address as may be given in writing by either party to the other in accordance with this Section and will be deemed to have been received by the addressee (i) if given by hand, immediately upon receipt; (ii) if given by overnight courier service, the first business day following dispatch or (iii) if given by registered or certified mail, postage prepaid and return receipt requested, the second business day after such notice is deposited in the mail.
- Amendments; Waivers. No supplement, modification, or amendment of this Agreement will be binding, unless executed in writing by a duly authorized representative of each party to this Agreement. No waiver will be implied from conduct or failure to enforce or exercise rights under this Agreement, nor will any waiver be effective unless in a writing signed by a duly authorized representative on behalf of the party claimed to have waived. No provision of any purchase order or other business form employed by Customer will supersede the terms and conditions of this Agreement, and any such document relating to this Agreement will be for administrative purposes only and will have no legal effect.
- Entire Agreement. This Agreement is the complete and exclusive statement of the mutual understanding of the parties and supersedes and cancels all previous written and oral agreements and communications relating to the subject matter of this Agreement. Customer acknowledges that the Services are on-line, subscription-based products, and that in order to provide improved customer experience BrowserStack may make changes to the Services, and BrowserStack will update the applicable Documentation accordingly.
- Force Majeure. Neither party will be liable to the other for any delay or failure to perform any obligation under this Agreement (except for a failure to pay fees) if the delay or failure is due to unforeseen events that occur after the signing of this Agreement and that are beyond the reasonable control of such party (each, a “Force Majeure Event”), such as a strike, blockade, war, act of terrorism, riot, natural disaster, failure or diminishment of power or telecommunications or data networks or services, or refusal of a license by a government agency.
- Independent Contractors. The parties to this Agreement are independent contractors. There is no relationship of partnership, joint venture, employment, franchise or agency created hereby between the parties. Neither party will have the power to bind the other or incur obligations on the other party’s behalf without the other party’s prior written consent.
- Export Control. In its use of the Services, Customer agrees to comply with all export and import laws and regulations of the United States and other applicable jurisdictions. Without limiting the foregoing, (i) Customer represents and warrants that it is not listed on any U.S. government list of prohibited or restricted parties or located in (or a national of) a country that is subject to a U.S. government embargo or that has been designated by the U.S. government as a “terrorist supporting” country, (ii) Customer will not (and will not permit any of its users to) access or use the Services in violation of any U.S. export embargo, prohibition or restriction, and (iii) Customer will not submit to the Services any information that is controlled under the U.S. International Traffic in Arms Regulations.
- Government End-Users. Elements of the Services are commercial computer software. If the user of the Services is an agency, department, or other entity of the United States Government, the use, duplication, reproduction, release, modification, disclosure, or transfer of the Services, or any related documentation of any kind, including technical data and manuals, is restricted by a license agreement or by the terms of this Agreement in accordance with Federal Acquisition Regulation 12.212 for civilian purposes and Defense Federal Acquisition Regulation Supplement 227.7202 for military purposes. All Services and BrowserStack Code were developed fully at private expense. All other use is prohibited.
- Counterparts. This Agreement may be executed in counterparts, each of which will be deemed an original and all of which together will be considered one and the same agreement. Facsimile signatures, signatures on an electronic image (such as .pdf or .jpg format), and electronic signatures shall be deemed to be handwritten signatures.
Exhibit A
DATA PROTECTION ADDENDUM
Definitions.
- The following definitions and rules of interpretation apply in this Schedule.
- Appropriate Technical and Organisational Measures: has the meaning given to such term in Data Protection Legislation (including, as appropriate, the measures referred to in Article 32(1) of the GDPR).
- Authorised Person: the personnel authorised on Customer’s behalf to provide instructions to BrowserStack in relation to the Processing provisions in this Exhibit.
- Business Purpose: the provision of the Services.
- Data: any data or information, in whatever form, including but not limited to images, still and moving, and sound recordings.
- Data Controller: has the meaning given to such term in Data Protection Legislation.
- Data Processor: has the meaning given to such term in Data Protection Legislation.
- Data Protection Legislation: means applicable laws and regulations relating to the privacy and security of Personal Information, including but not limited to GDPR, as such laws shall be amended, revised or replaced from time to time.
- Data Protection Officer: a data protection officer appointed pursuant to Data Protection Legislation.
- Data Subject: an individual who is the subject of Personal Data (including any User).
- Delete: to remove or obliterate Personal Data such that it cannot be recovered or reconstructed.
- EEA: European Economic Area.
- GDPR: General Data Protection Regulation (EU) 2016/679.
- BrowserStack System: any information technology system or systems owned or operated by BrowserStack to which Customer Content is delivered or on which the Services are performed.
- Personal Data Breach: means any “personal data breach” as defined in the GDPR in respect of the Personal Information within Account-Related Information which is caused by BrowserStack.
- “Non-PI Security Breach” means the acquisition, access, use, or disclosure of Account-Related Information or Customer Content not containing Personal Information in a manner that violates the security requirements in this Exhibit and compromises the security of Account-Related Information or Customer Content.
- Processing: has the meaning given to such term in Data Protection Legislation, and Processed and Process shall be interpreted accordingly.
- Representatives: Party’s employees, officers, representatives, advisers or subcontractors involved in the provision or receipt of the Services.
- Restricted Transfer: any transfer of Personal Data in Account-Related Personal Information to countries outside of the EEA which are not subject to an adequacy decision by the European Commission, where such transfer would be prohibited by Data Protection Legislation.
- Security Features: any security feature, including any encryption, pseudonymisation, key, PIN, password, token or smartcard.
- Standard Contractual Clauses: the contractual clauses dealing with the transfer of Personal Data outside the EEA, which have been approved by (i) the European Commission under Data Protection Legislation, or (ii) by a competent supervisory authority under Data Protection Legislation.
- Sub-processor: has the meaning given to such term in Clause 12.1 of this Section.
- The following definitions and rules of interpretation apply in this Schedule.
Provision of Services
- BrowserStack shall not act on any specific instructions given by Customer from time to time during the Term in respect of Processing Account-Related Information unless they are:
- in writing (including by electronic means); and
- given by an Authorised Person.
- BrowserStack shall Process Account-Related Information for the Business Purpose only and in compliance with Customer instructions from time to time, which may be:
- Specific Instructions; or
- the general instructions set out in this Agreement
unless required to do otherwise by law, in which case, where legally permitted, BrowserStack shall inform Customer of such legal requirement before Processing.
- BrowserStack’s privacy practices regarding Account-Related Information are governed by the then-current version of BrowserStack’s privacy policy at https://www.browserstack.com/privacy, as it is amended from time to time, and which is incorporated by reference herein.
- BrowserStack shall not act on any specific instructions given by Customer from time to time during the Term in respect of Processing Account-Related Information unless they are:
Parties’ obligations
- BrowserStack shall only make copies of the Account-Related Information and Customer Content to the extent reasonably necessary for the Business Purpose (which, for clarity, may include for generating logs in relation to Customer’s use of the Services, back-up, mirroring (and similar availability enhancement techniques), security, disaster recovery and testing the Services).
- In general, Customer Content and any logs created by BrowserStack relating to Customer Content will be kept and stored for 60 days from the date of upload/creation, after which point it will then be automatically deleted. Customer may also retrieve and delete Customer Content using BrowserStack API.
- At Customer’s request and cost, BrowserStack shall provide to Customer a copy of all Customer Content held by BrowserStack in a commonly used format.
- Any proposal by BrowserStack to in any way use or make available Customer Content other than as provided for pursuant to this Agreement shall be subject to prior written approval of Customer.
- Customer acknowledges that BrowserStack is under no duty to investigate the completeness, accuracy or sufficiency of (i) any instructions received from Customer, or (ii) any Customer Content.
- Customer shall:
- ensure that Customer is entitled to transfer Account-Related Information to BrowserStack so that BrowserStack may lawfully process and transfer (if applicable) Account-Related Information in accordance with this Agreement;
- ensure that the relevant Data Subjects have been informed of, and have given their consent to, such use, processing, and transfer as required by Data Protection Legislation;
- notify BrowserStack in writing without delay of any situation or envisaged development that shall in any way influence, change or limit the ability of BrowserStack to process Account-Related Information as set out in this Agreement;
- ensure that Account-Related Information sent to BrowserStack to Process pursuant to this Agreement is:
- (a) obtained lawfully, fairly and in a transparent manner in relation to the Data Subject (including in respect of how consent is obtained);
- (b) collected and processed for specified, explicit and legitimate purposes, and not further processed in a manner incompatible with those purposes;
- (c) adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed;
- (d) accurate, and where necessary kept up to date;
- (e) erased or rectified without delay where it is inaccurate, having regard to the purposes for which they are processed;
- (f) kept in a form which permits identification of Data Subjects for no longer than is necessary for the purposes for which the Personal Information within the Account-Related Information is processed (subject to circumstances where Personal Information may be stored for longer periods insofar as it will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, and subject to the implementation of Appropriate Technical and Organisational Measures);
- (g) processed in a manner that ensures appropriate security of the Account-Related Information, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using Appropriate Technical and Organisational Measures; and
- provide such information and such assistance to BrowserStack as may be reasonably required, and within the timescales reasonably specified by BrowserStack, to allow to comply with BrowserStack’s obligations under Data Protection Legislation.
- Account-Related Information provided to BrowserStack shall not be kept by Customer for a period that is longer than necessary.
BrowserStack employees
- BrowserStack shall take reasonable steps to ensure the reliability of all its employees who have access to Customer Content and Account-Related Information, and to ensure that such employees have committed themselves to a binding duty of confidentiality in respect of Customer Content and Account-Related Information.
Records
- BrowserStack shall keep at its normal place of business records (including in electronic form) relating to all categories of Processing activities carried out on behalf of Customer, containing:
- the general description of the security measures taken in respect of Customer Content and Account-Related Information, including details of any Security Features and the Appropriate Technical and Organisational Measures;
- the name and contact details of BrowserStack; any sub-supplier; and where applicable BrowserStack representatives; and where applicable any Data Protection Officer appointed by BrowserStack;
- the categories of Processing done by BrowserStack on behalf of Customer; and
- details of any non-EEA Personal Data transfers, and the safeguards in place in respect of such transfers.
- BrowserStack shall keep at its normal place of business records (including in electronic form) relating to all categories of Processing activities carried out on behalf of Customer, containing:
Data Subject Requests
- Taking into account the nature of BrowserStack’s Processing of Customer Content and Account-Related Information and at Customer cost, BrowserStack shall assist Customer by employing Appropriate Technical and Organisational Measures, insofar as this is possible, in respect of the fulfilment of Customer’s obligations to respond to requests from a Data Subject exercising his/her rights under Data Protection Legislation regarding Account-Related Information.
- BrowserStack shall, at Customer’s cost, notify Customer as soon as reasonably practicable if it receives:
- a request from a Data Subject for access to that person’s Personal Data (relating to the Services);
- any communication from a Data Subject (relating to the Services) seeking to exercise rights conferred on the Data Subject by Data Protection Legislation in respect of Personal Data; or
- any complaint or any claim for compensation arising from or relating to the Processing of such Personal Data.
- BrowserStack shall not disclose the Personal Data to any Data Subject or to a third party other than at the request of Customer, as provided for in this Exhibit, or as required by law in which case BrowserStack shall to the extent permitted by law inform Customer of that legal requirement before Customer discloses the Personal Data to any Data Subject or third party.
- BrowserStack shall not respond to any request from a Data Subject except on the documented instructions of Customer or an Authorised Person or as required by law, in which case BrowserStack shall to the extent permitted by law inform Customer of that legal requirement before BrowserStack respond to the request.
Data Protection Officer
- BrowserStack shall appoint a Data Protection Officer, if required to do so pursuant to Data Protection Legislation in connection with the performance of the Services, and provide Customer with the contact details of such Data Protection Officer.
- Customer shall appoint a Data Protection Officer, if required to do so pursuant to Data Protection Legislation, and provide BrowserStack with the contact details of such Data Protection Officer.
Security
- BrowserStack shall, in accordance with requirements under Data Protection Legislation, implement Appropriate Technical and Organisational Measures to safeguard the Account-Related Information from unauthorised or unlawful Processing or accidental loss, alteration, disclosure, destruction or damage, and that, having regard to the state of technological development and the cost of implementing any measures (and the nature, scope, context and purposes of Processing, as well as the risk to Data Subjects), such measures shall be proportionate and reasonable to ensure a level of security appropriate to the harm that might result from unauthorised or unlawful Processing or accidental loss, alteration, disclosure, destruction or damage and to the nature of the Personal Data to be protected.
- BrowserStack shall maintain reasonable and appropriate administrative, physical, and technical safeguards to protection Customer Content and Account-Related Information and provide assurances that they can only be accessed by persons and systems that are authorised by BrowserStack and necessary to meet the Business Purpose, and that all equipment used by BrowserStack for the Processing of Customer Content or Account-Related Information shall be maintained by BrowserStack in a physically secure environment.
- Customer shall make a back-up copy of Screenshots as often as is reasonably necessary and record the copy on media from which Screenshots can be reloaded in the event of any corruption or loss of Customer Content.
Breach reporting
- BrowserStack shall promptly inform Customer if any of Account-Related Information or Customer Content is lost or destroyed or becomes damaged, corrupted, or unusable, or if there is any accidental, unauthorised or unlawful disclosure of or access to any of Account-Related Information or Customer Content. In such case, BrowserStack will use commercially reasonable efforts to restore Account-Related Information or Customer Content at Customer’s expense (except where the incident was caused by BrowserStack’s negligent act or omission, in which case it will be at BrowserStack expense), and will comply with all of its obligations (if any) under Data Protection Legislation in this regard.
- BrowserStack must inform Customer of any Personal Data Breaches, or any complaint, notice or communication in relation to a Personal Data Breach, without undue delay. Taking into account the nature of BrowserStack’s Processing of the Account-Related Information and the information available to BrowserStack and at Customer cost BrowserStack will provide sufficient information and assist Customer in ensuring compliance with Customer’s obligations in relation to notification of Personal Data Breaches (including the obligation to notify Personal Data Breaches to the applicable supervisory authority within seventy two (72) hours), and communication of Personal Data Breaches to Data Subjects where the breach is likely to result in a high risk to the rights of such Data Subjects. Taking into account the nature of BrowserStack’s Processing of the Personal Data in Account-Related Information and the information available to BrowserStack and at Customer cost, BrowserStack shall co-operate with Customer and take such reasonable commercial steps as are directed by Customer to assist in the investigation, mitigation and remediation of each such Personal Data Breach.
Restricted transfers
- A Restricted Transfer may not be made by BrowserStack (other than transfers to BrowserStack Affiliates and by any agents and contractors for the purposes of performing the Services, and Customer shall use commercially reasonable efforts to obtain explicit consent from relevant Data Subjects in respect of such potential transfers) without the prior written consent of Customer (such consent not to be unreasonably withheld, delayed or conditioned), and if such consent has been obtained (or is unnecessary), such Restricted Transfer may only be made where there are Appropriate Technical and Organisational Measures in place with regard to the rights of Data Subjects (including but not limited to the Standard Contractual Clauses, Privacy Shield, binding corporate rules, or any other model clauses approved by the applicable supervisory authority).
- Subject to Clause 10.3, in the event of any Restricted Transfer by BrowserStack to a contracted Sub-processor, to any Affiliate of Customer or otherwise (“Data Importer”) for which Customer’s consent has been obtained (or is unnecessary), BrowserStack and Customer shall ensure that (i) Customer (where the Restricted Transfer is being made at the request of Customer) or BrowserStack acting as agent for and on behalf of Customer (where the Restricted Transfer is being made at the request of BrowserStack), and (ii) the Data Importer, shall enter into the Standard Contractual Clauses in respect of such Restricted Transfer.
- Clauses 10.1 or 10.2 shall not apply to a Restricted Transfer if other compliance steps (which may include, but shall not be limited to, obtaining explicit consents from Data Subjects) have been taken to allow the relevant Restricted Transfer to take place without breach of applicable Data Protection Legislation.
Sub-processors
- Customer agrees and acknowledges that BrowserStack may have Account-Related Information and Customer Content Processed by any of BrowserStack Affiliates and by any agents and contractors for the purpose of providing the Service (a “Sub-processor”). A list of the categories of Sub-processors used by BrowserStack is maintained on BrowserStack’s website at https://www.browserstack.com/sub-processors. If Customer objects to such sub-processing arrangements, then Customer must notify BrowserStack and, if Customer does so confirm, Customer acknowledges that Customer may no longer be able to avail of some or all of BrowserStack Services.
- BrowserStack must enter into a data processing contract with the Sub-processor which places the same data protection obligations on the Sub-processor as BrowserStack has in this Exhibit (in particular, providing sufficient guarantees to implement Appropriate Technical and Organisational Measures in such a manner that the Processing of Account-Related Information will meet the requirements of Data Protection Legislation).
- With respect to each Sub-processor, BrowserStack shall, before the Sub-processor first Processes Account-Related Information), ensure that the Sub-processor is capable of providing the level of protection for Account-Related Information required by this Exhibit.
- BrowserStack will remain fully liable to Customer in respect of any failure by the Sub-processor to fulfil its data protection obligations regarding Account-Related Information.
Warranties
- BrowserStack warrant and undertake to Customer that:
- BrowserStack will Process Account-Related Information in compliance with BrowserStack’s obligations under Data Protection Legislation;
- BrowserStack will maintain Appropriate Technical and Organisational Measures against the unauthorised or unlawful Processing of Account-Related Information and Customer Content and against the accidental loss or destruction of, or damage to, Account-Related Information and Customer Content; and
- BrowserStack will discharge its obligations under this Section with all due skill, care and diligence.
- Customer hereby warrants and undertakes that:
- Customer has complied with and shall comply with its obligations under Data Protection Legislation;
- Customer has the right to transfer (or to authorise Users to transfer) Personal Information and Customer Content to BrowserStack in accordance with the terms of this Agreement;
- Customer shall and shall cause, appropriate notices to be provided to, and valid consents to be obtained from, Data Subjects, in each case that are necessary for BrowserStack to Process (and have Processed by Sub-processors) Personal Data in Account-Related Information under or in connection with this Agreement, including Processing outside the EEA on the basis of any of the legal conditions for such transfer and Processing set out in Clause 10 above;
- Customer shall not, by act or omission, cause BrowserStack to violate any Data Protection Legislation, notices provided to, or consents obtained from, Data Subjects as a result of BrowserStack or its Sub-processors Processing Personal Data; and
- notwithstanding anything contained in this Agreement, Customer shall pay in immediately available funds BrowserStack costs incurred or likely to be incurred, at BrowserStack’s option in advance under this Section (where matters are to be at Customer’s cost).
- BrowserStack warrant and undertake to Customer that:
Consequences of termination on Customer Content
- Upon termination or expiry of this Agreement, at the choice of Customer, BrowserStack shall Delete or return all Customer Content to Customer and Delete existing copies of Customer Content, unless legally required/entitled to store Customer Content for a period of time. If Customer make no such election within a ten (10) day period of termination or expiry of this Agreement, BrowserStack may Delete any of Customer Content in BrowserStack’s possession; and if Customer elect for destruction rather than return of Customer Content, BrowserStack shall as soon as reasonably practicable ensure that all Customer Content is Deleted from BrowserStack System, unless legally required/entitled to store Customer Content for a period of time.