Terms of Service

LeapXpert SaaS Customer Terms of Service

THESE SAAS TERMS OF SERVICE (this “Agreement”) are entered into by and between the LeapXpert Affiliate set forth on the applicable Order Form (“LeapXpert
”) and the entity placing an order for or accessing the Services (“Customer”). The “Effective Date” of this Agreement is the effective date of the first Order Form referencing this Agreement. In consideration of the terms and conditions set forth below, the parties agree as follows:
 

1. DEFINITIONS   

   “Affiliate” means any entity that directly or indirectly controls, is controlled by, or is under common control with the subject party. “Control,” for purposes of this definition, means direct or indirect ownership or control of more than 50% of the voting interests of the subject party.

   “Agreement” means this Master Services Agreement, together with all Order Forms, the DPA (as defined below), and the Privacy Policy, as well as any other exhibits attached hereto, as amended from time to time by the parties.

   “Applicable Law” means all applicable laws, regulations, rules, codes, rulings, directives, and interpretations of any applicable governmental or regulatory entity, or self-regulatory entity, as these may be amended and supplemented from time to time.

   “Confidential Information” means all information disclosed by one party to the other party, orally, in writing or electronically, that is designated as “confidential” (or with a similar legend), or which a reasonable person should understand to be confidential given the nature of the information and circumstances of disclosure. Confidential Information does not include any information that: (a) was publicly known and made generally available in the public domain prior to the time of disclosure by the disclosing party; (b) becomes publicly known and made generally available through no action or inaction of the receiving party; (c) is already in the possession of the receiving party at the time of disclosure by the disclosing party; (d) is obtained by the receiving party from a third party without a breach of such third party’s obligations of confidentiality; or (e) is independently developed by the receiving party without use of or reference to the disclosing party’s Confidential Information.

   “Customer Data” means all electronic data, text, pictures, sound, graphics, video, documents, or other materials, including, without limitation, Personal Data of Users and End Users, exchanged between the Customer’s Users and an End User through the Product as a result of Customer’s or an End User’s use of the Services.

   “Data Protection Law” means any law, statute, declaration, decree, directive, legislative enactment, order, ordinance, regulation, rule or other binding restriction (including any and all legislative and/or regulatory amendments or successors thereto), to which a party is subject and which is applicable to a party’s information protection and privacy obligations, and any other laws and regulations implementing, derogating from or made under them, in each case as amended or re-enacted and in force from time to time.

   “Documentation” means the documents provided by LeapXpert for the Product, in either printed text or machine-readable form, including technical documentation, manuals and publications, feature specification(s), training materials, and all other related materials for aiding the Use of the Product.

   “End User(s)” mean client(s) and/or potential client(s) having a business relationship, or potential business relationship, with the Customer and with whom a User Uses the Product with, including, but not limited to, those employed or retained by the Customer’s client, wherever located throughout the world.

   “Intellectual Property Rights” means any unpatented invention, patent application, patent, design right, rights to inventions, copyright and related rights, database right, know-how or trade secret right, moral rights, trademark, service mark, trade name, domain name right, mask work right rights in get-up, goodwill and the right to sue for passing off or unfair competition, rights in designs, rights in computer software, database rights, know-how and trade secrets and any other intellectual property and proprietary rights, including all applications for (and rights to apply for and be granted), renewals or extensions of, such rights and all similar or equivalent rights or forms of protection which subsist or will subsist, now or in the future, in any part of the world.

   “Personal Data” means data relating to an individual who is or can be identified either from the data or from the data in conjunction with other information that is in, or is likely to come into, the possession of the data controller (as defined under applicable Data Protection Laws).

   “Product” means LeapXpert’s communication platform, including the Leap Work application, mobile application, SaaS offering, and any new or successor software or work product provided by LeapXpert.

   “Services” means the services, Product or any other deliverables or output identified in an Order Form or otherwise produced, provided and/or made available to the Customer by LeapXpert.

   “Update” means, the generally available updates, upgrades, hot fixes, patches, workarounds to the Services provided by LeapXpert to all subscribing customers, but excludes separately priced new products or modules.

   “Use” means: (i) in relation to any Product, the right to access, load, execute, store, transmit, display, use and copy or otherwise utilise to the extent necessary for operating such Product for Customer’s internal business purposes in accordance with the Documentation and the Order Form; and (ii) in relation to any Documentation, the right to use, copy, distribute, amend, translate, or otherwise deal with the Documentation as reasonably necessary for the internal use among the Users of the Customer and its Affiliates (and Used and Using shall be construed accordingly).

   “User(s)” means the Customer and its Affiliates’ employee and independent contractor who Uses the Product.

2. SERVICES
   1. Provision of Services.  LeapXpert shall make the Services available to the Customer pursuant to this Agreement, the applicable order form(s) (“Order Form”), and the Documentation, and provide such Services in accordance with this Agreement, including, if applicable, the Data Processing Addendum (“DPA
      ”), the LeapXpert End User Privacy Policy (“Privacy Policy”), and any Applicable Law relating to LeapXpert’s business, during the Term. During the Term, LeapXpert grants to Customer a limited, non-exclusive, revocable right to access and Use the Services and Products only for its internal business purposes, subject to the terms and conditions of this Agreement and in accordance with applicable law.
   2. End Users.  As part of the Services, the Customer may provide the ability for Customer’s End Users to access and Use the Product throughout the Term, subject to the terms and conditions of this Agreement. Customer will be fully responsible for the acts and omissions of its End Users, and shall ensure that each End User complies with this Agreement and the Acceptable Use Policy, as posted at
      https://www.leapxpert.com/terms/, which is incorporated into this Agreement by this reference. Notwithstanding anything to the contrary in this Agreement, LeapXpert has no direct or indirect warranty, indemnity or other liability or obligations of any kind to End Users.
   3. Customer Credentials. Customer acknowledges that it may need to register to use all or part of the Services and provide information about Customer to register for and/or use certain Services. Customer agrees to keep such information current, accurate and complete so that LeapXpert may send notices, statements, and other information to Customer via email or through the Services, which notifications will be subject to this Agreement and the Privacy Policy. Customer will be responsible for maintaining the confidentiality of User login information and credentials for accessing the Services and will notify LeapXpert promptly of any loss, misuse, or unauthorized disclosure of such login information and/or credentials of which Customer becomes aware. LeapXpert and its Affiliates will not be liable for any damage or loss that may result from Customer’s breach of the foregoing obligations.
   4. Prohibited Use.  Except as may be expressly permitted in the Documentation, Customer agrees that it will not, and will not permit any User or End User to: (i) reproduce, license, resell, transfer, modify, customize, disassemble, decompile, prepare derivative works of, create improvements, derive innovations from, reverse engineer or attempt to gain access to any underlying technology of the Services (e.g., any source code, process, data set or database, management tool, development tool, server or hosting site, etc); (ii) frame or mirror any portion of the Services, or otherwise incorporate any portion of the Services into any product or service; (iii) knowingly or negligently use the Services in a way that abuses, interferes with, or disrupts LeapXpert’s networks or the Services; (iv) transmit through the Services any Customer Data that may infringe the intellectual property or other rights of third parties; (v) remove, alter or obscure any proprietary notices on the Product or Deliverables; (vi) build or benchmark a competitive product or service, or copy any features, functions or graphics of the Services; (vii) circumvent or attempt to circumvent any technological protection measures intended to restrict access to or use of any portion of the Services; (viii) take any action that imposes an unreasonable or inappropriately large load on the Services, including by obtaining multiple application programming interface keys; and (ix) Use the Services in violation of any LeapXpert policy or in a manner that violates Applicable Law, including but not limited to anti-spam, export control, privacy, and anti-terrorism laws and regulations and laws requiring the consent of subjects of audio and video recordings, and Customer agrees that it and its Users are solely responsible for compliance with all such laws and regulations.
   5. Compliance with License. Customer hereby grants LeapXpert the right to periodically audit and review Customer’s Use of the Services, via remote connection or on-site inspection, to ensure compliance with the terms of this Agreement. Customer shall at all times cooperate in good faith with such reviews and shall promptly remedy any acts of non-compliance with such License and/or this Agreement as a material term hereof. Such audit shall be conducted (a) during the Customer’s normal business hours, (b) at LeapXpert’s expense, and (c) shall be done in a manner so as not to materially interfere with the Customer’s business. If the audit reveals any overuse of the software licenses granted to the Customer, LeapXpert will provide immediate notice to the Customer of the alleged deficiency and may invoice the Customer for the number of licenses required to bring it into compliance under this Agreement.
   6. True-Up Users. If Customer exceeds the number of Users permitted on the applicable Order Form (such additional users referred to as “True-Up Users”), Customer must notify LeapXpert of the maximum number of True-Up Users during the applicable calendar quarter within ten (10) days following the end of each quarter in which Customer has True-Up Users. LeapXpert will then invoice Customer for such True-Up Users at the rate stated in the applicable Order Form. The effective date of the True-Up Users shall be the first day of the subsequent calendar quarter. Upon payment, True-Up Users shall be deemed Users under this Agreement and for any renewals. 
3. CUSTOMER DATA
   1. Use of Customer Data. As between the parties, Customer and its licensors retain all right, title, and interest (including any and all intellectual property rights) in and to the Customer Data and any modifications made thereto in the course of the operation of the Services. Subject to the terms of this Agreement, Customer hereby grants to LeapXpert and its Affiliates a non-exclusive, worldwide, royalty-free right to process the Customer Data solely to the extent necessary to provide, maintain, and improve the Services and perform all related obligations owed to Customer under this Agreement, or as may be required by law. Customer is solely responsible for the accuracy, content and legality of all Customer Data. Customer warrants that Customer has and will have sufficient rights in the Customer Data to grant the rights to LeapXpert under this Agreement. 
   2. Data Protection. The parties will comply with the terms of the DPA, as posted at https://www.leapxpert.com/terms/
      , which is incorporated into this Agreement by this reference, with respect to the provision and processing of Personal Data as defined in the DPA. LeapXpert will use commercially reasonable and appropriate technical and organizational
      measures in the Services to protect the Customer Data from unauthorized access, processing, loss, or disclosure. LeapXpert measures are designed to provide a level of security appropriate to the risk of processing the Customer Data
      within the Services. Customer understands that LeapXpert and its Affiliates will process Customer Data in accordance with applicable data protection laws, this Agreement, including the DPA, and the Privacy Policy.
4. INTELLECTUAL PROPERTY
   1. Ownership Rights. Customer Data is Customer’s Confidential Information under this Agreement. Customer and its licensors retain all right, title and interest in and to the Customer Data and all of Customer’s Confidential Information provided under this Agreement, and LeapXpert obtains no rights in the foregoing except for the express rights granted in this Agreement. LeapXpert and its licensors retain all right, title, and interest in and to Services and Usage Data (as defined below). Customer acknowledges that the Services are offered as online, hosted solutions, and that Customer has no right to obtain a copy of the underlying computer code for any Services, except (if applicable) for any downloadable Software, in object code format. LeapXpert may freely use and incorporate into LeapXpert’s products and services any suggestions, enhancement requests, recommendations, corrections, or other feedback provided by Customer or by any Users or End Users relating to LeapXpert’s products or services. Feedback and any other suggestions are provided by Customer exclusively “AS IS,” in Customer’s sole discretion, and will not be used by LeapXpert in any way that identifies or permits identification of Customer, its Affiliates, Users, or End Users.
   2. Usage Data. Notwithstanding anything to the contrary in this Agreement, LeapXpert may collect and use any data that is derived from the use of the Services or characteristics such as country of domicile, company size, or industry, in each case that is anonymized and aggregated such that such data could no longer directly or indirectly identify Customer, Customer’s Users or End Users, or any natural person (“Usage Data
      ”).
   3. Updates. LeapXpert may update the Services from time to time and Customer may receive notifications of Updates. Any Updates to the Services are subject to this Agreement. Customer agrees that its purchase of licenses to the Services is neither contingent upon the delivery of any future functionality or features, nor dependent upon any oral or written comments made by LeapXpert with respect to future functionality or features.
   4. Third-Party Services. LeapXpert or other third parties may make available third-party products or services (“Third-Party Services”). These Third-Party Services may integrate with the Services and are not licensed by LeapXpert pursuant to this Agreement, but are governed by the third party provider’s terms and conditions and privacy policies that accompany them, which Customer may be required to separately accept. LeapXpert does not warrant or support Third-Party Services, unless expressly provided otherwise in an Order Form. LeapXpert is not responsible for any disclosure, modification or deletion of Customer Data resulting from access by such third party. The Services may contain features designed to interoperate with Third-Party Services. LeapXpert cannot guarantee the continued availability of such Third-Party Services and may cease supporting them if, for example and without limitation, the Third-Party Service provider ceases to make the Third-Party Service available for interoperation with the corresponding Service features in a manner acceptable to LeapXpert. Customer understands that LeapXpert is not responsible for providing technical support for the Third-Party Services and that LeapXpert is not responsible for the data hosting and data transfer practices followed by the providers of such Third-Party Services.
5. FEES AND PAYMENT
   1. Fees and Payment. In consideration for the provision of Services, Customer agrees to pay to LeapXpert the fees and charges set out in each Order Form (the “Fees”). LeapXpert shall invoice the Customer for the Fees according to the payment terms specified in the Order Form. Invoices will be delivered to the Customer by email and are due and payable in full within thirty (30) days from receipt of the invoice or as stated in the applicable Order Form. Payment obligations are non-cancellable, regardless of utilization by the Customer and, except as expressly permitted in this Agreement, Fees paid are non-refundable. Customer will pay the Fees through an accepted payment method as specified in the applicable Order Form. Unless otherwise set forth in the Order Form, Customer’s subscription to the Services will renew automatically in accordance with the renewal terms and conditions set forth in Section 6.3 below. During the Term, the Customer shall not be entitled to reduce their Services or User count.
   2. Late Payments.  Any undisputed amounts not paid when due will be subject to interest from and including the date payment is due through and including the date that LeapXpert receives payment at a simple rate of one and one-half (1.5%) percent per month. If undisputed Fees are more than thirty (30) days overdue, then, following written notification from LeapXpert, LeapXpert may suspend Customer’s access to all or part of the Services until such unpaid Fees are paid in full. 
   3. Payment Disputes. LeapXpert will not exercise its rights under Section 5.2 (Late Payments), 6.5 (Termination for Cause) or Section 6.4(i) (Suspension of Service) with respect to non-payment by Customer if Customer is disputing the applicable charges reasonably and in good faith and is cooperating diligently to resolve the dispute. If the parties are unable to resolve such a dispute within thirty (30) days, each party will have the right to seek any remedies it may have under this Agreement, irrespective of any terms that would limit remedies on account of a dispute. For clarity, any undisputed amounts must be paid in full.
   4. Taxes.  Fees are stated exclusive of any taxes, levies, duties, or similar governmental assessments of any nature, including, for example, value-added, sales, use or withholding taxes, assessable by any jurisdiction (collectively, “Taxes
      ”). Customer will be responsible for paying all Taxes associated with the Fees, except for those taxes based on our net income. Should any Fees be subject to withholding tax by any government, Customer will reimburse LeapXpert for such
      withholding tax. 
   5. Orders by Affiliates. Customer’s Affiliates may purchase Services directly from LeapXpert by executing an Order Form which is governed by the terms of this Agreement. Such Order Form will establish a new and separate agreement between the Customer’s Affiliate and the LeapXpert entity signing such Order Form. If the Affiliate resides in a different country than Customer, then the Order Form may include modifications to terms applicable to the transaction(s) (including but not limited to tax terms and governing law).
   6. Purchases from LeapXpert Partners. Customer may procure use of the Services from a third-party authorized reseller of LeapXpert, including third party marketplaces (“LeapXpert Partner
      ”) pursuant to a separate agreement with the LeapXpert Partner. Customer’s use of any Services procured through a LeapXpert Partner will be subject to the terms of this Agreement, and all fees payable (including all applicable taxes) for
      such use will be payable to the LeapXpert Partner pursuant to the terms agreed to between Customer and LeapXpert Partner. Customer understands and agrees that, if Customer purchased the Services subscriptions via a LeapXpert Partner,
      service credits and refunds payable under this Agreement may be payable or applied by LeapXpert Partner acting on behalf of LeapXpert in proportion to the fees paid by Customer to the LeapXpert Partner, and the discharge by the LeapXpert
      Partner of such obligations will relieve LeapXpert of the same under this Agreement.
6. TERM, TERMINATION, AND SUSPENSION
   1. Agreement Term. This Agreement is effective as of the Effective Date and will remain effective until all Services ordered under the Agreement have expired or been terminated or the Agreement terminates in accordance with this Section 6.  Access to the Services commences on the start date specified in the relevant Order Form and continue for the Subscription Term (as defined below) specified therein.
   2. Subscription Term. Unless otherwise set forth on the applicable Order Form, the initial subscription term for the Services commences on the start date specified in the relevant Order Form and continues for a period of three (3) years (“Subscription Term
      ”).
   3. Renewal. Unless a party gives written notice of non-renewal at least sixty (60) days prior to the expiration of the relevant Subscription Term, the Subscription Term will automatically renew for additional one (1) year periods. LeapXpert reserves the right to increase the Fees at the beginning of each Subscription Term, including any automatically renewed term. Any Fees for a renewed Subscription Term are due upon the date of renewal.
   4. Suspension. LeapXpert may suspend Customer’s access to the Services on the following grounds: (i) late payment/non-payment of undisputed Fees, per the process noted in Section 5.2 above; (ii) non-renewal of the Services by Customer; (iii) Customer’s or its Users’ breach of Section 2 (Prohibited Use); or (iv) in the event suspension is deemed necessary by LeapXpert to prevent or address the introduction of Malicious Software (as defined in Section 8.2 below), a security incident, or other harm to Customer, LeapXpert, or LeapXpert’s other customers. LeapXpert will notify Customer of any such suspension, use diligent efforts to attempt to limit, where commercially feasible, the suspension to affected Users or Services, and will immediately restore the availability of the same as soon as the issues leading to the suspension are resolved. Such suspension will in no way affect Customer’s other obligations under this Agreement.
   5. Termination for Cause. Either party may terminate this Agreement by written notice to the other party in the event that (i) such other party materially breaches this Agreement and does not cure such breach within thirty (30) days of such notice, or (ii) immediately in the event the other party becomes the subject of a petition in bankruptcy or any other proceeding relating to insolvency, receivership, liquidation or assignment for the benefit of creditors.
   6. Pilot Trial Customers. LeapXpert may offer a pilot trial to Customer at no cost to trial certain Services. Upon the expiration of a Customer’s pilot trial, if Customer does not wish to proceed with a subscription to the Services, LeapXpert may immediately suspend Customer’s access to the Services. Notwithstanding anything to the contrary in this Agreement, LeapXpert will have no obligation to process, maintain, store, or otherwise retain Customer Data beyond the end of the pilot trial period.
7. CONFIDENTIALITY
   1. Each party will protect the other’s Confidential Information from unauthorized use, access, or disclosure in the same manner as it protects its own Confidential Information of similar nature or importance, and in any event, using no less than reasonable care. Except as otherwise permitted by this Agreement, the receiving party may use the disclosing party’s Confidential Information solely to exercise its rights and perform its obligations under this Agreement, and will disclose such Confidential Information solely (i) to those of its respective employees, representatives, and agents who are bound by obligations to maintain the confidentiality of, and not misuse, such Confidential Information; (ii) as necessary to comply with an order or subpoena of any administrative agency or court of competent jurisdiction; or (iii) as reasonably necessary to comply with any applicable law or regulation. The provisions of this section will supersede any non-disclosure agreement by and between the parties entered into prior to this Agreement that would purport to address the confidentiality of any information shared by the parties, including Customer Data, and such agreement will have no further force or effect with respect to the foregoing. The receiving party acknowledges that disclosure of Confidential Information would cause substantial harm for which damages alone may not be a sufficient remedy, and therefore that upon any such disclosure by the receiving party, the disclosing party will be entitled to seek appropriate equitable relief in addition to whatever other remedies it might have at law.
8. WARRANTIES; DISCLAIMER OF WARRANTIES
   1. Service Warranty. LeapXpert warrants that the Services will perform in all material respects in accordance with the Documentation. Provided that Customer provides written notice of a claim within thirty (30) days after first becoming aware of a breach of the foregoing warranty, LeapXpert will use diligent efforts to correct the Services so the foregoing warranty is met, and if LeapXpert is unable to make such corrections in a timely manner, either party may terminate the applicable Order Form, and Customer, as its sole and exclusive remedy, will be entitled to receive a refund of any unused Fees that Customer has pre-paid for the applicable Services purchased thereunder. This warranty will not apply if the error or non-conformance was caused by Customer’s breach of this Agreement or Customer’s or its End Users’ misuse of the Services, modifications to the Services by anyone other than LeapXpert or its representatives, or third-party hardware, software, or services used in connection with the Services.
   2. Service Warranty. LeapXpert warrants that the Services will perform in all material respects in accordance with the Documentation. Provided that Customer provides written notice of a claim within thirty (30) days after first becoming aware of a breach of the foregoing warranty, LeapXpert will use diligent efforts to correct the Services so the foregoing warranty is met, and if LeapXpert is unable to make such corrections in a timely manner, either party may terminate the applicable Order Form, and Customer, as its sole and exclusive remedy, will be entitled to receive a refund of any unused Fees that Customer has pre-paid for the applicable Services purchased thereunder. This warranty will not apply if the error or non-conformance was caused by Customer’s breach of this Agreement or Customer’s or its End Users’ misuse of the Services, modifications to the Services by anyone other than LeapXpert or its representatives, or third-party hardware, software, or services used in connection with the Services.
   3. Warranty Disclaimer. EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, NEITHER PARTY MAKES ANY OTHER WARRANTIES, EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, AND ALL SUCH WARRANTIES ARE HEREBY DISCLAIMED, INCLUDING BUT NOT LIMITED TO WARRANTIES OF MERCHANTABILITY, TITLE, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT.
9. LIMITATION OF LIABILITY
   1. SUBJECT TO APPLICABLE LAW AND NOTWITHSTANDING ANYTHING ELSE IN THIS AGREEMENT, IN NO EVENT WILL EITHER PARTY BE LIABLE FOR SPECIAL, INCIDENTAL, INDIRECT OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION DOWNTIME COSTS, LOSS OF DATA, RESTORATION COSTS, LOST PROFITS, OR COST OF COVER) REGARDLESS OF WHETHER SUCH CLAIMS ARE BASED ON CONTRACT, TORT, WARRANTY OR ANY OTHER LEGAL THEORY.
   2. EXCEPT FOR AN ACTION BROUGHT FOR GROSS NEGLIGENCE, WILLFUL MISCONDUCT, OR FRAUD, EACH PARTY’S AGGREGATE LIABILITY AND THAT OF ITS AFFILIATES, OFFICERS, EMPLOYEES, AGENTS, SUPPLIERS AND LICENSORS, UNDER THIS AGREEMENT WILL NOT EXCEED THE FEES RECEIVED BY OR PAYABLE TO LEAPXPERT IN THE TWELVE MONTHS PRECEDING THE CLAIM.
   3. THE PARTIES AGREE THAT THIS SECTION 9 WILL APPLY REGARDLESS OF THE FORM OF ACTION, WHETHER IN CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY OR OTHERWISE AND WILL APPLY EVEN IF ANY LIMITED REMEDY SPECIFIED IN THIS AGREEMENT IS FOUND TO HAVE FAILED OF ITS ESSENTIAL PURPOSE. THE MONETARY CAP SET FORTH IN THIS SECTION WILL APPLY ACROSS THIS AGREEMENT AND ANY AND ALL SEPARATE AGREEMENT(S) ON AN AGGREGATED BASIS, WITHOUT REGARD TO WHETHER ANY INDIVIDUAL CUSTOMER AFFILIATES HAVE EXECUTED A SEPARATE ORDER FORM.
10. INDEMNIFICATION
    1. Indemnification by LeapXpert. LeapXpert will defend Customer and its Affiliates, from any third party claim alleging that Customer’s use of the Services as contemplated hereunder infringes such third party’s patent, copyright and/or trademark intellectual property rights (an “IP Claim
       ”), and will indemnify and hold harmless Customer and its Affiliates from and against any damages and costs awarded against Customer or its Affiliates, or agreed in settlement by LeapXpert (including reasonable attorneys’ fees) resulting
       from such IP Claim. LeapXpert will have no liability or obligation with respect to any IP Claim if such claim is caused in whole or in part by (i) unauthorized use of the Services by Customer, its Affiliates or Users; (ii) modification
       of the Services by anyone other than LeapXpert or its representatives; (iii) or the combination, operation or use of the Services with other data, hardware or software not provided by LeapXpert. If Customer’s use of the Services results
       (or in LeapXpert’s opinion is likely to result) in an IP Claim, LeapXpert may at its own option and expense (a) procure for Customer the right to continue using the foregoing items as set forth hereunder; (b) replace or modify them
       to make them non-infringing; or (c) if options (a) or (b) are not commercially reasonably as determined by LeapXpert, then either Customer or LeapXpert may terminate Customer’s subscription to the Services, whereupon LeapXpert will
       refund Customer, on a pro-rated basis, any Fees Customer has previously paid LeapXpert for the corresponding unused portion. The sections above state LeapXpert’s entire liability and Customer’s exclusive remedy with respect to an IP
       Claim.
    2. Indemnification by Customer. Customer will defend LeapXpert and its Affiliates from any third party claim (“Claim”), and will indemnify and hold harmless LeapXpert and its Affiliates from and against any damages and costs awarded against LeapXpert and its Affiliates, or agreed in settlement by Customer (including reasonable attorneys’ fees) resulting from such Claim, to the extent caused by: (i) Customer’s or its Affiliate’s unauthorized supply, disclosure, or processing of Customer Data, including Personal Data therein, (ii) Customer’s or its Affiliate’s violation of laws applicable to Customer’s or its Affiliate’s business.
    3. Indemnification Procedures. In the event of a potential indemnity obligation under this Section 10, the indemnified party will: (i) promptly notify the indemnifying party in writing of the claim, (ii) allow the indemnifying party the right to control the investigation, defence, and settlement (if applicable) of such claim at the indemnifying party’s sole cost and expense, and (iii) upon request of the indemnifying party, provide all necessary cooperation at the indemnifying party’s expense. Failure by the indemnified party to notify the indemnifying party of a claim under this section will not relieve the indemnifying party of its obligations under this Section, however, the indemnifying party will not be liable for any litigation expenses that the indemnified party incurred prior to the time when notice is given or for any damages and/or costs resulting from any material prejudice caused by the delay or failure to provide notice to the indemnifying party in accordance with this section. The indemnifying party may not settle any claim that would bind the indemnified party to any obligation (other than payment covered by the indemnifying party or ceasing to use infringing materials) or require any admission of fault by the indemnified party, without the indemnified party’s prior written consent, such consent not to be unreasonably withheld, conditioned or delayed. Any indemnification obligation under this Section 10 will not apply if the indemnified party settles or makes any admission with respect to a claim without the indemnifying party’s prior written consent.
11. MISCELLANEOUS
    1. Export Compliance. The Services, Products, and derivatives thereof may be subject to export laws and regulations of the United States and other jurisdictions. LeapXpert and Customer each represents that it is not on any U.S. government denied-party list. Customer will not permit any User or End User to access or use any Service or Product in a U.S.-embargoed country or region (currently the Crimea, Luhansk or Donetsk regions, Cuba, Iran, North Korea, or Syria) or in violation of any U.S. export law or regulation.
    2. Anti-Corruption. Neither party has received or been offered any illegal or improper bribe, kickback, payment, gift, or thing of value from an employee or agent of the other party in connection with this Agreement. Reasonable gifts and entertainment provided in the ordinary course of business do not violate the above restriction.
    3. Federal Government End Use Restrictions. If Customer is a U.S. federal government department or agency or contracting on behalf of such department or agency, the Services are a “commercial item” as that term is defined at 48 C.F.R. §2.101. Consistent with 48 C.F.R. §12.212 or 48 C.F.R. §227.7202-1 through 227.7202-4, as applicable, the Services are licensed to Customer with only those rights as provided under the terms and conditions of this Agreement.
    4. Assignment. Neither party may assign any of its rights or obligations hereunder, whether by operation of law or otherwise, without the other party’s prior written consent (not to be unreasonably withheld); provided, however, either party may assign this Agreement in its entirety (including all Order Forms), without the other party’s consent to its Affiliate or in connection with a merger, acquisition, corporate reorganization, or sale of all or substantially all of its assets. Any attempted assignment in violation of this section will be null and void.
    5. Entire Agreement. This Agreement, together with any Order Form, the Privacy Policy, and the DPA, constitutes the entire agreement and supersedes any and all prior agreements or communications between Customer and LeapXpert, including but not limited to Customer proposal documents and purchase orders, regarding the subject matter hereof. In the event of a conflict between the Privacy Policy, any Order Form, and this Agreement, the order of precedence will be, first, the Privacy Policy, second, the Order Form, third, the DPA, and fourth, this Agreement. If any provision in this Agreement is held by a court of competent jurisdiction to be unenforceable, such provision will be modified by the court and interpreted so as to best accomplish the original provision, and the remaining provisions of this Agreement will remain in effect.
    6. Publicity Rights. LeapXpert may identify Customer as a LeapXpert customer in its promotional materials. Customer may request that LeapXpert stop doing so by submitting an email to legal@leapxpert.com at any time. Please note that it may take us up to thirty (30) days to process a request.
    7. Relationship of the Parties. The parties are independent contractors. This Agreement does not create a partnership, franchise, joint venture, agency, fiduciary or employment relationship among the parties.
    8. Survival. Sections 1 (Definitions), 2 (Prohibited Use), 4 (Intellectual Property), 5 (Fees and Payment), 6 (Term, Termination and Suspension), 7 (Confidentiality), 8.3 (Warranty Disclaimer), 9 (Limitation of Liability), 10 (Indemnification), 11.3 (Entire Agreement), 11.8 (Survival), 11.9 (Notices), 11.13 (Governing Law) and 11.14 (Dispute Resolution) will survive any termination of the Agreement. Termination of this Agreement will not limit either party’s liability for obligations accrued as of or prior to such termination or for any breach of this Agreement.
    9. Notices. All notices to be provided by one party to the other under this Agreement may be delivered in writing by (i) nationally recognized overnight delivery service or US mail to the mailing address provided on the Order Form; or (ii) electronic mail to the e-mail address provided for Customer. The address for a notice to LeapXpert is: LeapXpert, Inc., 230 Park Avenue, Fl 3, New York, NY 10169 with a copy to legal@leapxpert.com by electronic mail. All notices will be deemed to have been given immediately upon delivery by electronic mail, or if otherwise delivered upon receipt or, if earlier, five (5) business days after being deposited in the mail or with a courier as permitted above.
    10. iOS Terms. The following terms apply regarding the use of any iOS-compatible version of the Products:
        • Apple Inc. (“Apple”) is not a party to this Agreement, does not own the Products, and is not responsible for the Products. Apple is not providing any warranty for the Products.
        • Apple is not responsible for maintenance or other support services for the Products and will not be responsible for any other claims, liabilities, damages, or other expenses regarding the Products and Services. Any inquiries or complaints relating to the Products, including those pertaining to intellectual property rights, must be directed to LeapXpert in accordance with Section 11.9. 
        • Customer is granted a non-transferable license to use the Products on an Apple-branded product owned or controlled by Customer or its Users, or as otherwise permitted by Apple’s App Store Terms of Service. However, the Products may also be accessed and used by other accounts associated with a User via Apple’s Family Sharing or volume purchasing programs. In addition, Customer must comply with the terms of any applicable third-party agreement when using the Products, such as your wireless data service agreement. 
        • Apple and Apple’s subsidiaries are third-party beneficiaries of this Agreement and, upon Customer’s acceptance of this Agreement, will have the right to enforce it against Customer. 
        • Regardless of the above, LeapXpert’s right to enter, rescind, or terminate any variation, waiver or settlement under this Agreement is not subject to the consent of any third party.
    11. Force Majeure. Neither party will be liable to the other for any delay or failure to perform any obligation under this Agreement if the delay or failure results from any cause beyond such party’s reasonable control, including but not limited , acts of God, acts of government, acts of terror or civil unrest, Internet failures, or acts undertaken by third parties not under the performing party’s control, including, without limitation, denial of service attacks (“Force Majeure Event
        ”). In the event that a Force Majeure Event continues for a period of thirty (30) consecutive days, the other party may terminate this Agreement and all Order Forms on written notice to the non-performing party. If LeapXpert is the party
        experiencing the Force Majeure Event and as a result thereof is unable to provide the Services or Products for the period noted herein, and Customer terminates this Agreement and all Order Forms, then LeapXpert will provide Customer
        a refund of fees paid by Customer pro-rated as of the date the Force Majeure Event commenced.
    12. Governing Law. This Agreement is governed by the laws of the State of New York without regard to conflict of laws principles. The parties hereby submit to the exclusive personal jurisdiction of the federal and state courts of the State of New York, New York County for any claims or dispute relating to this Agreement.
    13. Dispute Resolution. Any dispute, claim or controversy arising out of or relating to this Agreement or the breach, termination, enforcement, interpretation, or validity thereof, including the determination of the scope or applicability of this Agreement to arbitrate, will be determined by arbitration in New York, New York. The arbitration will be administered by JAMS pursuant to its arbitration rules and procedures. Judgment on the Award may be entered in any court having jurisdiction. This section will not preclude parties from seeking provisional remedies in aid of arbitration from a court of appropriate jurisdiction.

LeapXpert Acceptable Use Policy

Last Updated: November 1, 2023

This Acceptable Use Policy (this “AUP”) applies to you (“you,” or “your”) as an End User (as defined below) of the Services provided by the applicable LeapXpert entity under the Customer Terms (defined below) (“LeapXpert,” “we,” “us,” or “our”) and governs your access and use of our communication and federated messaging orchestration tools, including our software, applications, and platform (each, a “Product”, and collectively, the “Services”). Please read these terms carefully. 

You may only use the Services if you are compliant with this AUP and any applicable laws. By using the Services, you affirm that you are at least eighteen years old and are the intended recipient of Customer’s invitation to the Services.

You are able to access and use the Services on behalf or for the benefit of the entity that you are associated with (the “Customer”). The Customer has separately agreed to our Customer Terms of Service or entered into a written agreement with us (in either case, the “Customer Terms”), which permitted the Customer to obtain subscriptions to Services so that you and other users could join. Any capitalized terms that are not defined in this AUP are defined in the Customer Terms.

The Relationship Between You, the Customer, and Us

AS BETWEEN US AND THE CUSTOMER, YOU AGREE THAT IT IS SOLELY THE CUSTOMER’S RESPONSIBILITY TO (A) OBTAIN ANY RIGHTS, PERMISSIONS OR CONSENT FROM YOU AND ANY OTHER END USERS THAT ARE NECESSARY FOR THE LAWFUL USE OF PERSONAL DATA AND THE OPERATION OF THE SERVICES; (B) ENSURE THAT THE TRANSFER AND PROCESSING OF PERSONAL DATA UNDER THE CONTRACT IS LAWFUL; AND (C) RESPOND TO AND RESOLVE ANY DISPUTE WITH YOU AND ANY END USER RELATING TO OR BASED ON PERSONAL DATA, THE SERVICES OR THE CUSTOMER’S FAILURE TO FULFIL THESE OBLIGATIONS. 

You acknowledge that Customer may provision or deprovision your access to the Services, enable or disable third party integrations, manage permissions, retention and export settings, transfer or assign company accounts, or consolidate company accounts with other company accounts. This AUP shall remain effective until the Customer’s subscription for you expires or terminates, or your access to the Services has been terminated by the Customer or us. Please contact the Customer if you wish to cancel your subscription to the Services. Your right to use the Services will immediately cease upon the termination of the Customer Terms, and LeapXpert may, without liability, deactivate or delete your account and all associated materials. 

Access to the Services 

Subject to your compliance with this AUP and the Customer Terms, (1) you are permitted on a non-exclusive, revocable, non-transferable and non-sublicensable basis to use the Services solely for Customer’s internal use and (2) you may be permitted on a non-exclusive, revocable, non-transferable and non-sublicensable basis to use the Product on your mobile device solely for Customer’s internal use. If you fail to comply with any of the terms of this AUP or the Customer Terms, you must immediately stop using the Services, including by deleting the Product from your device. 

Registration Information

You may need to register to use all or part of the Services. You may be required to provide information about yourself in order to register for and/or use certain Services. You agree that any such information shall be accurate. You may also be asked to choose a username and password. You are entirely responsible for maintaining the security of your username and password and agree not to disclose such to any third party. We will not be liable for any losses caused by any unauthorized use of your Customer account. You will promptly notify Customer if you become aware of or reasonably suspect any illegal or unauthorised activity or a security breach involving your account, including any loss, theft or unauthorised disclosure or use of a username, password or account.

Personal Data and/or Information

Your submission of Customer Data is governed by our Privacy Policy, which is hereby incorporated into this AUP by reference, as updated by us from time to time. You represent and warrant that (a) you possess the necessary rights and consents to use or exploit Customer Data on the Services, under applicable law and contractual and fiduciary relationships (such as proprietary and confidential information learnt or disclosed as part of employment relationships or under non-disclosure agreements); (b) neither the Customer Data nor the use of any Customer Data infringes, misappropriates, or violates any rights of any individual or entity; and (c) Customer Data is and continues to be collected, stored, transferred, processed, disclosed, and otherwise handled by in accordance with all applicable laws, including privacy and data protection laws.

You acknowledge that we are not responsible for the content of any Customer Data or the way you choose to use the Services to process any Customer Data.

Usage Data 

We may monitor, collect, use, and store information (including anonymous and aggregate statistics) regarding the use of the Services and information provided through the Services (collectively, “Usage Data”). We may analyze Usage Data in connection with your access and use of the Services, and may disclose your Usage Data to anyone for any reason or purpose. 

Prohibited Use

You agree that you will not (or cause anyone else to): 

• Reproduce, license, resell, transfer, modify, customize, disassemble, decompile, prepare derivative works of, create improvements, derive innovations from, reverse engineer or attempt to gain access to any underlying technology of the Services (e.g., any source code, process, data set or database, management tool, development tool, server or hosting site, etc);
• Frame or mirror any portion of the Services, or otherwise incorporate any portion of the Services into any product or service;
• Knowingly or negligently use the Services in a way that abuses, interferes with, or disrupts LeapXpert’s networks, your accounts, or the Services;
• Engage in activity that is illegal, fraudulent, false, or misleading;
• Transmit through the Services any material that may infringe the intellectual property or other rights of third parties;
• Remove, alter or obscure any proprietary notices;
• Build or benchmark a competitive product or service, or copy any features, functions or graphics of the Services; 
• Circumvent or attempt to circumvent any technological protection measures intended to restrict access to or use of any portion of the Services;
• Take any action that imposes an unreasonable or inappropriately large load on the Services, including by obtaining multiple application programming interface keys;
• Use the Services to communicate any message or material that is harassing, libelous, threatening, obscene, indecent, would violate the intellectual property rights of any party or is otherwise unlawful, that would give rise to civil liability, or that constitutes or encourages conduct that could constitute a criminal offense, under any applicable law or regulation; 
• Upload or transmit any software, content or code that does or is intended to harm, disable, hijack, destroy or adversely affect performance of the Services in any way or which does or is intended to harm or extract information or data from other software or networks of LeapXpert or other End Users of Services; 
• Engage in any activity or use the Services or account in any manner that could damage, disable, overburden, impair or otherwise interfere with or disrupt the Services, or any servers or networks connected to the Services or LeapXpert’s security systems; 
• Falsify or alter any unique string identifying you or the Customer as a user of any application programming interface, or otherwise obscure the source of calls coming from you or the Customer; or
• Use the Services in violation of any LeapXpert policy or in a manner that violates applicable law, including but not limited to anti-spam, export control, privacy, and anti-terrorism laws and regulations and laws requiring the consent of subjects of audio and video recordings, and you agree that you and Customer are solely responsible for compliance with all such laws and regulations.

Temporary Suspension

We reserve the right to restrict functionalities or suspend the Services (or any part thereof), and your rights to access and use the Services and remove, disable or quarantine any content if (a) we reasonably believe that you have violated this AUP or Customer has violated the Customer Terms; or (b) we suspect or detect any malicious software connected to your account or use of the Services by you or Customer. Unless legally prohibited from doing so or where we are legally required to take immediate action, we will use commercially reasonable efforts to contact you via email to notify you when taking any of the foregoing actions. We shall not be liable to you, Customer or any other third party for any modification, suspension or discontinuation of your rights to access and use the Services. We may refer any suspected fraudulent, abusive, or illegal activity by you to law enforcement authorities at our sole discretion.

Ownership of LeapXpert Property

LeapXpert, and suppliers (as applicable) own and shall retain ownership of the Services, and any underlying or other technology and intellectual property embodied or contained in, used to provide or support, or otherwise associated or provided in connection with, the Services, including all proprietary rights related thereto, and all trade names, trademarks, service marks, trade dress, logos, icons, insignia, symbols, interface and other designs, domain names and corporate names, and the like (whether registered or unregistered) (“LeapXpert Marks”) associated or displayed with the Services, together with the goodwill associated with any of the foregoing LeapXpert Marks (all of the foregoing, collectively “LeapXpert Property”). No rights to use the LeapXpert Marks are provided to you herein. 

LEAPXPERT DATA PROCESSING AGREEMENT

THIS DATA PROCESSING AGREEMENT and its Annexes (this “DPA”) is entered into pursuant to the LeapXpert Terms of Service, by and between the LeapXpert Affiliate set forth on the applicable Order Form (“LeapXpert
”) and the entity placing an order for or accessing the Services (“Customer”) (the “Agreement“). All capitalized terms herein shall have the same definitions as in the Agreement. In the event of a conflict between this DPA and the Agreement, the terms of this DPA will control. In consideration of the terms and conditions set forth below, the parties agree as follows:

1. DEFINITIONS 

   “California Personal Information” means Personal Data that is subject to the protection of the CCPA.

   “CCPA” means California Civil Code Sec. 1798.100 et seq. (also known as the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 or “CPRA”).

   “Controller” means the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data.

   “Data Protection Laws” means all applicable worldwide legislation relating to data protection and privacy which applies to the respective party in the role of Processing Personal Data in question under the Agreement, including without limitation European Data Protection Laws, the CCPA, and other applicable U.S. federal and state privacy laws, in each case as amended, repealed, consolidated, or replaced from time to time.

   “Data Subject” means the individual to whom Personal Data relates.

   “Europe” means the European Union, the European Economic Area and/or their member states, Switzerland, and the United Kingdom.

   “European Data” means Personal Data that is subject to the protection of European Data Protection Laws.

   “European Data Protection Laws” means data protection laws applicable in Europe, including: (i) Regulation 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation) (“GDPR”); (ii) Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector; and (iii) applicable national implementations of (i) and (ii); or (iv) GDPR as it forms parts of the United Kingdom domestic law by virtue of Section 3 of the European Union (Withdrawal) Act 2018 (“UK GDPR”); and (v) Swiss Federal Data Protection Act on 19 June 1992 and its Ordinance (“Swiss DPA”); in each case, as may be amended, superseded or replaced.

   “Instructions” means the written, documented instructions issued by a Controller to a Processor, and directing the same to perform a specific or general action with regard to Personal Data (including, but not limited to, depersonalizing, blocking, deletion, making available).

   “Permitted Affiliates” means any of Customer’s Affiliates that (i) are permitted to Use the Services and/or Product pursuant to the Agreement, but have not signed their own separate agreement with LeapXpert and are not a “Customer” as defined under the Agreement, (ii) qualify as a Controller of Customer Personal Data Processed by LeapXpert, and (iii) are subject to European Data Protection Laws

   “Personal Data” means (i) any information relating to an identified or identifiable individual; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person; or  (ii) any information that is otherwise protected similarly as personal data, personal information, or personally identifiable information under applicable Data Protection Laws.

   “Personal Data Breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Data transmitted, stored, or otherwise Processed by LeapXpert and/or its Sub-Processors in connection with the provision of the Services. “Personal Data Breach” will not include unsuccessful attempts or activities that do not compromise the security of Customer Personal Data, including unsuccessful log-in attempts, pings, port scans, denial of service attacks, and other network attacks on firewalls or networked systems.

   “Processing” means any operation or set of operations which is performed on Personal Data, encompassing the collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, or erasure of Personal Data. The terms “Process”, “Processes” and “Processed” will be construed accordingly.

   “Processor” means a natural or legal person, public authority, agency or other body which Processes Personal Data on behalf of the Controller.

   “Standard Contractual Clauses” means the standard contractual clauses annexed to the European Commission’s Decision (EU) 2021/914 of 4 June 2021 currently found at https://eur-lex.europa.eu/eli/dec_impl/2021/914, as may be amended, superseded, or replaced.

   “Sub-Processor” means any Processor engaged by LeapXpert or its Affiliates to assist in fulfilling its obligations with respect to the provision of the Services and/or the Product under the Agreement.

   “UK Addendum” means the International Data Transfer Addendum issued by the UK Information Commissioner under section 119A(1) of the Data Protection Act 2018 currently found at https://ico.org.uk/media/for-organisations/documents/4019539/international-data-transfer-addendum.pdf, as may be amended, superseded, or replaced.

2. CUSTOMER RESPONSIBILITIES
   1. Compliance with Laws. Within the scope of the Agreement and in its Use of the Services, Customer will be responsible for complying with all requirements that apply to it under applicable Data Protection Laws with respect to Customer Personal Data and the Instructions it issues to LeapXpert. In particular but without prejudice to the generality of the foregoing, Customer acknowledges and agrees that it will be solely responsible for: (i) the accuracy, quality, and legality of Customer Personal Data and the means by which Customer acquired such Customer Personal Data; (ii) complying with all necessary transparency and lawfulness requirements under applicable Data Protection Laws for the collection and use of the Customer Personal Data, including obtaining any necessary consents and authorizations; (iii) ensuring Customer has the right to transfer, or provide access to, the Customer Personal Data to LeapXpert for Processing in accordance with the terms of the Agreement (including this DPA); (iv) ensuring that Customer’s Instructions to LeapXpert regarding the Processing of Customer Personal Data comply with applicable laws, including Data Protection Laws; and (v) complying with all laws (including Data Protection Laws) applicable to any communications or other Content created, sent or managed through the Services. Customer will inform LeapXpert without undue delay if Customer is not able to comply with its responsibilities under this Section 2 or applicable Data Protection Laws.
   2. Controller Instructions. The parties agree that the Agreement (including this DPA), together with Customer’s Use of the Services in accordance with the Agreement, constitute Customer’s complete Instructions to LeapXpert in relation to the Processing of Customer Personal Data, so long as Customer may provide additional instructions during the Term via an executed Order Form or SOW that are consistent with the Agreement, the nature, and lawful Use of the Services.
   3. Security. Customer is responsible for independently determining whether the data security provided for in the Services adequately meets its obligations under applicable Data Protection Laws. Further, as set forth in the Agreement, Customer is also responsible for its secure use of the Services, including protecting the security of Customer Personal Data in transit to and from the Services.
3. LEAPXPERT’S RESPONSIBILITIES
   1. Compliance with Instructions. LeapXpert agrees to only Process Customer Personal Data for the purposes described in this DPA or as otherwise agreed within the scope of Customer’s lawful Instructions, except where and to the extent otherwise required by applicable law. LeapXpert shall not be responsible for compliance with any Data Protection Laws applicable to Customer or Customer’s industry that are not generally applicable to LeapXpert unless otherwise agreed by the parties and memorialized in an executed Order Form or SOW.
   2. Conflict of Laws. If LeapXpert should become aware that it cannot Process Customer Personal Data in accordance with Customer’s Instructions due to a legal requirement under any applicable law, LeapXpert will (i) promptly notify Customer of such legal requirement to the extent permitted by the applicable law; and (ii) where necessary, cease all Processing (other than merely storing and maintaining the security of the affected Customer Personal Data) until such time as Customer issues new Instructions with which LeapXpert is able to comply. If this provision is invoked, LeapXpert will not be liable to Customer under the Agreement for any failure to perform the applicable Services until such time as Customer issues new lawful Instructions with regard to the Processing.
   3. Security; Technical and Organizational Measures. LeapXpert agrees to implement and maintain appropriate technical and organizational measures to protect Customer Personal Data from Personal Data Breaches, as described under Annex 1 to this DPA (“TOMs
      “). Notwithstanding any provision to the contrary, LeapXpert may modify or update the Security Measures at its discretion provided that such modification or update does not result in a material degradation in the protection
      offered by the TOMs. 
   4. Confidentiality. LeapXpert agrees to ensure that any Personnel whom it authorizes to Process Customer Personal Data is subject to appropriate confidentiality obligations (whether a contractual or statutory duty) with respect to that Customer Personal Data.
   5. Personal Data Breaches. LeapXpert agrees to notify Customer without undue delay after it becomes aware of any Personal Data Breach and agrees to provide timely information relating to the Personal Data Breach as it becomes known or reasonably requested by Customer. At Customer’s request, LeapXpert will promptly provide Customer with such reasonable assistance as necessary to enable Customer to notify relevant Personal Data Breaches to competent authorities and/or affected Data Subjects, if Customer is required to do so under Data Protection Laws.
   6. Deletion or Return of Customer Personal Data. LeapXpert agrees to delete or return all Customer Personal Data (including copies thereof) Processed pursuant to this DPA upon termination or expiration of the Term of the applicable Services and Customer’s written request. The foregoing shall apply except (i) where LeapXpert is required by applicable law to retain some or all of the Customer Personal Data, or (ii) where LeapXpert has archived Customer Personal Data on back-up systems, which data LeapXpert will securely isolate and protect from any further Processing and delete in accordance with its deletion practices. 
4. DATA SUBJECT REQUESTS
   1. The parties agree that Customer shall be responsible for any and all obligations relating to responding to requests from Data Subjects to exercise their rights under applicable Data Protection Laws (“Data Subject Requests
      ”). To the extent that Customer is unable to independently address a Data Subject Request by itself or through the Services, then, upon Customer’s written request, LeapXpert agrees to provide reasonable assistance to Customer
      to respond to such Data Subject Requests or requests from data protection authorities relating to the Processing of Customer Personal Data under the Agreement. Customer agrees to reimburse LeapXpert for the commercially
      reasonable costs arising from this assistance.
   2. If a Data Subject Request or other communication regarding the Processing of Customer Personal Data under the Agreement is made directly to LeapXpert, it will promptly inform Customer and will advise the Data Subject to submit their request to Customer. Customer will be solely responsible for responding substantively to any such Data Subject Requests or communications involving Customer Personal Data.
5. SUB-PROCESSORS
   1. Customer acknowledges and agrees that LeapXpert may engage Sub-Processors to Process Customer Personal Data on its behalf, and may do so in three ways. First, LeapXpert may engage Sub-Processors to assist with hosting and infrastructure. Second, LeapXpert may engage with Sub-Processors to support product features and integrations. Third, LeapXpert may engage with its Affiliates as Sub-Processors for service and support. Some Sub-Processors will apply to the Services as default, and some Sub-Processors will apply only to certain Products and features set forth in an applicable Order Form or SOW.
   2. The parties acknowledge that LeapXpert has currently appointed, as Sub-Processors, the third parties and LeapXpert Affiliates listed in Annex 1 to this DPA. Customer may request to receive notifications by email if LeapXpert adds or replaces such Sub-Processors, and LeapXpert agrees to notify Customer at least thirty (30) days prior to any such change.
   3. LeapXpert agrees to give Customer the opportunity to object to the engagement of new Sub-Processors on reasonable grounds relating to the protection of Customer Personal Data within thirty (30) days of LeapXpert notifying Customer under Section 5.2. If Customer so notifies LeapXpert of such an objection, the parties will discuss the concerns in good faith with a view to achieving a commercially reasonable resolution. If no such resolution can be reached, LeapXpert will, at its sole discretion, either not appoint the new Sub-Processor, or permit Customer to suspend or terminate the affected Services in accordance with the termination provisions of the Agreement without liability to either party (but without prejudice to any fees incurred by Customer prior to suspension or termination). The parties agree that by complying with this sub-section, LeapXpert fulfils its obligations under Sections 9 of the Standard Contractual Clauses.
   4. Where LeapXpert engages Sub-Processors, it shall impose data protection terms on the Sub-Processors that provide at least the same level of protection for Customer Personal Data as those in this DPA (including, where appropriate, the Standard Contractual Clauses), to the extent applicable to the nature of the services provided by such Sub-Processors. LeapXpert will remain responsible for each Sub-Processor’s compliance with the obligations of this DPA and for any acts or omissions of such Sub-Processor that cause LeapXpert to breach any of its obligations under this DPA.
6. DATA TRANSFERS. Customer acknowledges and agrees that LeapXpert may access and Process Customer Personal Data on a global basis as necessary to provide the Services in accordance with the Agreement, and in particular that Customer Personal Data may be transferred to and Processed by LeapXpert, Inc. in the United States and to other jurisdictions where LeapXpert Affiliates and Sub-Processors have operations. Wherever Customer Personal Data is transferred outside its country of origin, each party will ensure such transfers are made in compliance with the requirements of Data Protection Laws.
7. DEMONSTRATION OF COMPLIANCE. As set forth in this Section 7, Customer may provide to LeapXpert a security assessment questionnaire related to Services, which LeapXpert will accurately and promptly complete. The questionnaire may include questions seeking verification of compliance with the terms and conditions of this DPA.  Upon request, LeapXpert will also supply a copy of its most recent third-party assessment, such as an ISO 27001/2, SSAE 18 SOC 2, or similar assessment, if LeapXpert has had such an assessment.  If, after the original security questionnaire assessment, Customer determines that further assessment is warranted, Customer may request, no more than annually and with thirty (30) days’ prior written notice, at Customer’s cost, an assessment related to Services provided with a scope to be mutually agreed upon.  During such a review, Customer may examine policies, procedures and other materials related to specific Services performed, to the extent that such review does not compromise confidentiality obligations to any other customers of LeapXpert.
8. ADDITIONAL PROVISIONS FOR EUROPEAN DATA
   1. Scope. This Section of the DPA will apply only with respect to European Data.
   2. Roles of the Parties. When Processing European Data in accordance with the Instructions, the parties acknowledge and agree that Customer is the Controller of European Data and LeapXpert is the Processor.
   3. Instructions. LeapXpert agrees to notify Customer without undue delay if it believes that the Instructions infringe European Data Protection Laws (where applicable).
   4. Sub-Processor Agreements. For the purposes of Clause 9(c) of the Standard Contractual Clauses, Customer acknowledges that LeapXpert may be restricted from disclosing Sub-Processor agreements, but LeapXpert agrees to use reasonable efforts to require any relevant Sub-Processor to permit it to disclose the Sub-Processor agreement to Customer and will provide (on a confidential basis) all information it reasonably can.
   5. Data Protection Impact Assessments and Consultation with Supervisory Authorities. To the extent that the required information is reasonably available to LeapXpert, and Customer does not otherwise have access to the required information, LeapXpert agrees to provide reasonable assistance with any data protection impact assessments, and prior consultations with supervisory authorities (for example, the French Data Protection Agency (CNIL), the Berlin Data Protection Authority (BlnBDI) and the UK Information Commissioner’s Office (ICO)) or other competent data privacy authorities to the extent required by European Data Protection Laws.
   6. Transfer Mechanisms for Data Transfers. 
      1. LeapXpert agrees to not transfer European Data to any country or recipient not recognized as providing an adequate level of protection for Personal Data (within the meaning of applicable European Data Protection Laws), unless it first takes all such measures as are necessary to ensure the transfer is in compliance with applicable European Data Protection Laws. Such measures may include (without limitation) transferring such data to a recipient that is covered by a suitable framework or other legally adequate transfer mechanism recognized by the relevant authorities or courts as providing an adequate level of protection for Personal Data, to a recipient that has achieved binding corporate rules authorization in accordance with European Data Protection Laws, or to a recipient that has executed appropriate standard contractual clauses, in each case as adopted or approved in accordance with applicable European Data Protection Laws.
      2. Customer acknowledges that in connection with the performance of the Services, LeapXpert, Inc. may be a recipient of European Data in the United States. Subject to sub-section 8.6.3 below, the parties agree that the Standard Contractual Clauses will be incorporated by reference and form part of the Agreement as follows:
         1. EEA Transfers. In relation to European Data that is subject to the GDPR (i) Customer is the “data exporter” and LeapXpert, Inc. is the “data importer”; (ii) the Module Two terms apply to the extent the Customer is a Controller of European Data and the Module Three terms apply to the extent the Customer is a Processor of European Data; (iii) in Clause 7, the optional docking clause applies; (iv) in Clause 9, Option 2 applies and changes to Sub-Processors will be notified in accordance with Section 5, “Sub-Processors”, of this DPA; (v) in Clause 11, the optional language is deleted; (vi) in Clauses 17 and 18, the parties agree that the governing law and forum for disputes for the Standard Contractual Clauses will be determined in accordance with the “Governing Law and Forum” Section of the Agreement, or, if such section does not specify an EU Member State, the Republic of Ireland (without reference to conflicts of law principles); (vii) the Annexes of the Standard Contractual Clauses will be deemed completed with the information set out in the Annexes of this DPA; and (viii) if and to the extent the Standard Contractual Clauses conflict with any provision of this DPA, the Standard Contractual Clauses will prevail to the extent of such conflict.
         2. UK Transfers. In relation to European Data that is subject to the UK GDPR, the Standard Contractual Clauses will apply in accordance with sub-section (a) and the following modifications (i) the Standard Contractual Clauses will be modified and interpreted in accordance with the UK Addendum, which will be incorporated by reference and form an integral part of the Agreement; (ii) Tables 1, 2 and 3 of the UK Addendum will be deemed completed with the information set out in the Annexes of this DPA and Table 4 will be deemed completed by selecting “neither party”; and (iii) any conflict between the terms of the Standard Contractual Clauses and the UK Addendum will be resolved in accordance with Section 10 and Section 11 of the UK Addendum.
         3. Swiss Transfers. In relation to European Data that is subject to the Swiss DPA, the Standard Contractual Clauses will apply in accordance with sub-section (a) and the following modifications (i) references to “Regulation (EU) 2016/679” will be interpreted as references to the Swiss DPA; (ii) references to “EU”, “Union” and “Member State law” will be interpreted as references to Swiss law; and (iii) references to the “competent supervisory authority” and “competent courts” will be replaced with the “the Swiss Federal Data Protection and Information Commissioner ” and the “relevant courts in Switzerland”.
      3. Where the LeapXpert contracting entity under the Agreement is not LeapXpert, Inc., such contracting entity (not LeapXpert, Inc.) will remain fully and solely responsible and liable to Customer for the performance of the Standard Contractual Clauses by LeapXpert, Inc., and Customer will direct any instructions, claims or enquiries in relation to the Standard Contractual Clauses to such contracting entity. If LeapXpert cannot comply with its obligations under the Standard Contractual Clauses or is breach of any warranties under the Standard Contractual Clauses or UK Addendum (as applicable) for any reason, and Customer intends to suspend the transfer of European Data to LeapXpert or terminate the Standard Contractual Clauses or UK Addendum, Customer agrees to provide LeapXpert with reasonable notice to enable LeapXpert to cure such non-compliance and reasonably cooperate with LeapXpert to identify what additional safeguards, if any, may be implemented to remedy such non-compliance. If LeapXpert has not or cannot cure the non-compliance, Customer may suspend or terminate the affected part of the Services in accordance with the Agreement without liability to either party (but without prejudice to any fees you have incurred prior to such suspension or termination).
9. ADDITIONAL PROVISIONS FOR CALIFORNIA PERSONAL INFORMATION
   1. Scope. This Section of the DPA will apply only with respect to California Personal Information.
   2. Roles of the Parties. When processing California Personal Information in accordance with the Instructions, the parties acknowledge and agree that Customer is a Business and LeapXpert is a Service Provider for the purposes of the CCPA.
   3. Responsibilities. LeapXpert certifies that it will Process California Personal Information as a Service Provider strictly for the purpose of performing the Services under the Agreement (the “Business Purpose
      ”) or as otherwise permitted by the CCPA, including as described in the LeapXpert Privacy Policy.  Further, LeapXpert certifies that it (i) will not Sell or Share California Personal Information; (ii) will not Process California
      Personal Information outside the direct business relationship between the parties, unless required by applicable law; and (iii) will not combine the California Personal Information included in Customer Personal Data with
      personal information that it collects or receives from another source (other than information it receives from another source in connection with its obligations as a Service Provider under the Agreement).
   4. Compliance. LeapXpert acknowledges and agrees that it will (i) comply with obligations applicable to it as a Service Provider under the CCPA and (ii) provide California Personal Information with the same level of privacy protection as is required by the CCPA. LeapXpert agrees to notify Customer if it makes a determination that it can no longer meet its obligations as a Service Provider under the CCPA.
   5. Not a Sale. The parties acknowledge and agree that the disclosure of California Personal Information by the Customer to LeapXpert does not form part of any monetary or other valuable consideration exchanged between the parties.
10. GENERAL PROVISIONS
    1. Severability. If any individual provisions of this DPA are determined to be invalid or unenforceable, the validity and enforceability of the other provisions of this DPA will not be affected.
    2. Limitation of Liability. Each party and each of their Affiliates’ liability, taken in aggregate, arising out of or related to this DPA (and any other DPAs between the parties) and the Standard Contractual Clauses (where applicable), whether in contract, tort or under any other theory of liability, will be subject to the limitations and exclusions of liability set out in the Agreement. In no event will either party’s liability be limited with respect to any individual’s data protection rights under this DPA (including the Standard Contractual Clauses) or otherwise.
    3. Governing Law. This DPA will be governed by and construed in accordance with the “Governing Law and Forum” Section of the Agreement, unless required otherwise by Data Protection Laws.
11. PARTIES TO THIS DPA
    1. Permitted Affiliates. By signing the Agreement, Customer agrees that it is entering into this DPA (including, where applicable, the Standard Contractual Clauses) on behalf of itself and in the name and on behalf of its Permitted Affiliates, if any. For the purposes of this DPA only, and except where indicated otherwise, the term “Customer” will include Customer and such Permitted Affiliates.
    2. Authorization. The legal entity agreeing to this DPA as Customer represents that it is authorized to agree to and enter into this DPA for and on behalf of itself and, as applicable, each of its Permitted Affiliates.
    3. Remedies. The parties agree that (i) solely the Customer entity that is the contracting party to the Agreement will exercise any right or seek any remedy any Permitted Affiliate may have under this DPA on behalf of its Affiliates, and (ii) the Customer entity that is the contracting party to the Agreement will exercise any such rights under this DPA not separately for each Permitted Affiliate individually but in a combined manner for itself and all of its Permitted Affiliates together. The Customer entity that is the contracting entity is responsible for coordinating all Instructions, authorizations and communications with us under the DPA and will be entitled to make and receive any communications related to this DPA on behalf of its Permitted Affiliates.  
    4. Other rights. The parties agree that Customer will, when reviewing compliance with this DPA pursuant to the “Demonstration of Compliance” Section above, take all reasonable measures to limit the impact on LeapXpert and its Affiliates by combining several audit requests carried out on behalf of the Customer entity that is the contracting party to the Agreement and all of its Permitted Affiliates in one single audit.

Annex 1 – Details of Processing/Transfer

1. LIST OF PARTIES

   Data Exporter:

   Name: The Customer, as defined in the Agreement (on behalf of itself and Permitted Affiliates) 

   Address: The Customer’s address, as set out in the Order Form or SOW

   Contact person’s name, position and contact details: The Customer’s contact details, as set out in the Order Form, SOW, and/or as otherwise communicated to LeapXpert

   Activities relevant to the data transferred under these Clauses: Processing of Personal Data in connection with Customer’s use of the LeapXpert Services under the Agreement

   Role (controller/processor): Controller

   Data Importer:

   Name: LeapXpert, Inc.

   Address: 230 Park Ave, Fl 3, New York, NY 10169 

   Contact person’s name, position and contact details: Michael Harkness, Privacy Officer, LeapXpert, Inc., 230 Park Ave, Fl 3, New York, NY 10169

   Activities relevant to the data transferred under these Clauses: Processing of Personal Data in connection with Customer’s use of the LeapXpert Services under the Agreement

   Role (controller/processor): Processor

2. DESCRIPTION OF TRANSFER

   Categories of Data Subjects Whose Personal Data is Transferred:

   Customer may submit Personal Data to the Services, the extent of which is determined and controlled by Customer in its sole discretion, and which may include, but is not limited to Personal Data relating to: Customer’s Users and End Users authorized by Customer to use the Services.

   Categories of Personal Data Transferred:

   Customer may submit Personal Data to the Services, the extent of which is determined and controlled by Customer in its sole discretion, and which may include, but is not limited to the following categories of Personal Data: (i) first and last name, (ii) title, (iii) position, (iv) employer, (v) contact information (company, email, phone, physical business address), (vi) ID data, (vii) professional life data, (viii) personal life data, and (ix) localization data.

   Frequency of the Transfer:

   The frequency of the transfer is on a continuous basis for the duration of the Agreement.

   Nature of the Processing:

   As set forth in the Agreement.

   Purpose(s) of the Data Transfer and Further Processing:

   LeapXpert will process Personal Data as necessary to provide the Services pursuant to the Agreement, as further specified in the Order Form or SOW, and as further instructed by the Customer in use of the Services. 

   Period for which Personal Data will be Retained:

   Subject to the ‘Deletion or Return of Personal Data’ section of this DPA, LeapXpert will Process Personal Data for the duration of the Agreement, unless otherwise agreed in writing. 

3. COMPETENT SUPERVISORY AUTHORITY

   For the purposes of the Standard Contractual Clauses, the supervisory authority that will act as competent supervisory authority will be determined in accordance with GDPR.

4. TECHNICAL AND ORGANIZATIONAL MEASURES

   LeapXpert maintains and enforces various policies, standards and processes designed to secure Personal Data and other data to which LeapXpert employees are provided access, and updates such policies, standards, and processes from time to time consistent with industry standards. Further, LeapXpert will maintain commercially reasonable administrative, physical, and technical safeguards for protection of the security, confidentiality and integrity of Personal Data uploaded to the Services, as described in LeapXpert’s SOC 2 report, any applicable penetration test reports, or otherwise as described in the Documentation made reasonably available by LeapXpert. LeapXpert will not materially decrease the overall security of the Services during a Subscription Term. Data Subject Requests shall be handled in accordance with Section 4 of the DPA.

5. SUB-PROCESSOR TRANSFERS

   As per above, LeapXpert’s Sub-Processors will process Personal Data as necessary to provide the Services pursuant to the Agreement, as further specified in the Order Form or SOW, and as further instructed by the Customer in use of the Services.

   Subject to the ‘Deletion or Return of Personal Data’ section of this DPA, LeapXpert’s Sub-Processors will Process Personal Data for the duration of the Agreement, unless otherwise agreed in writing.

   Identities of the Sub-Processors used for the provision of the Services and their country of location are set forth in the table below:

   Purpose of Processing	Sub-Processors	Locations
   All Services: Support services, including technical support, from LeapXpert’s Affiliates	LeapXpert, Inc. LeapXpert UK Limited LeapXpert Vietnam Co., Ltd LeapXpert Singapore Pte. Ltd. LeapXpert HK Limited	United States United Kingdom Vietnam Singapore Hong Kong
   LeapXpert FMOP SaaS Services: Hosting provider	Amazon Web Services, Inc.	US Customers: United States EMEA Customers: Ireland APAC Customers: Hong Kong
   	Microsoft Azure	US Customers: United States EMEA Customers: Ireland APAC Customers: Hong Kong