Last Updated: May 24th, 2018
HUDDLE END USER LICENSE AGREEMENT
2.3 You and Huddle shall comply with their obligations, and have their rights, as set out in Schedule1 (Data Protection) to this Agreement.
2.7 You shall not use the Services if you are under the age of 16, or permit any third party to use the Services if they are under the age of 16.
3. POSTING CONTENT; USER CONDUCT
You acknowledge and agree that all information, data, text, photographs, images, files, software, sounds, recordings, graphics, video, messages, tags and other materials, in whatever form and technical structure, whether publicly posted or privately transmitted or stored using the Services (“Content”), are the sole responsibility of the person(s) originating such Content and introducing such Content into the Services. We reserve the right, but shall have no obligation, to pre-screen, reject, review, quarantine, delete or move any Content posted or submitted to the Services, without obligation to any person.
You further agree to NOT:
(a) use our products or the Services for illegal purposes or for promotion of dangerous activities;
(b) impersonate any person or entity or falsely state or otherwise misrepresent your affiliation with Huddle or any other person or entity;
(c) upload, post or otherwise transmit any Content that you do not have a right to transmit under any law or under contractual duties (such as insider trading regulations, internal corporate policies or nondisclosure agreements);
(d) upload, post or otherwise transmit any Content that infringes any patent, trademark, trade secret, copyright or other proprietary rights of any party;
(e) upload, post or otherwise transmit any material that contains software viruses or any other computer code, files or programs designed to interrupt, destroy or limit the functionality of any computer software or hardware or telecommunications equipment;
(f) interfere with or disrupt the Services or servers or networks connected to the Services, or disobey any requirements, procedures, policies or regulations of networks connected or applicable to the Services;
(g) violate through use of the Services any applicable local, state, national or international law;
(h) “stalk” or otherwise harass another person or user of the Services, or take any action invasive to another’s privacy (by posting, for example, another’s photograph, address, email, phone number or any other contact information) without permission from such other person;
(i) promote or provide instructional information about illegal activities, promote physical harm or injury against any government, legal entity, group or individual;
(j) solicit passwords or personal identifying information from other users for unintended, commercial or unlawful purposes;
(k) exceed the scope of the Services you (or your employer or principal pursuant to a Subscriber Agreement) have signed up for, for example, accessing and using non-public portions of the website, groups or features that you do not have a right to use, or deleting, adding to or otherwise changing another person’s entries or other Content when you have not been granted the right to do so;
(l) access (or attempt to access) any of the Services by any means other than through the interface(s) provided by Huddle, or access (or attempt to access) any of the Services through any automated means (including use of scripts, web crawlers or the like) or otherwise engage the Services in a manner reasonably likely to be harmful to the systems operating the Services or the access or use of the Services by others;
(m) reproduce, duplicate, copy, sell, trade, resell or exploit for any commercial purposes, any portion or use of, or access to, the Services; and
(n) you further agree NOT to upload or display publicly Content that:
(i) contains nudity, sexually graphic material, or material that is otherwise deemed explicit by Huddle; or
(ii) contains threatening, abusive, harassing, defamatory, libellous, invasive, hateful, or racially, ethnically or otherwise objectionable.
If you encounter any of these prohibited uses, we encourage you to report them to us immediately.
Without limiting the generality of the foregoing, you agree not to access, use, copy, reverse engineer, create derivative works from, share or assist any third party to use the Services or any component thereof to design, create, program, market or promote any product, software or service in competition with Huddle (including but not limited to independent or internal networks).
In order to enable Huddle to operate the Services, we must obtain from you certain licence and other rights to the Content you submit (so that our processing, maintenance, storage, technical reproduction, back-up and distribution, and related handling of your Content does not infringe applicable copyright and other laws). Accordingly, by using the Services and posting Content, you grant Huddle a licence to display, perform and distribute your Content, and to modify (for technical purposes) and reproduce such Content to enable Huddle to operate the Services. You also agree that Huddle has the right to elect not to process, post, store, display, publish or transmit any Content in our sole discretion. You agree that these rights and licences are royalty free, irrevocable and worldwide, and include a right for Huddle to make such Content available to, and pass these rights along to, others with whom Huddle has contractual relationships related to the provision of the Huddle Services, solely for the purpose of providing such services, and to otherwise permit access to your Content to third parties if Huddle determines such access is necessary to comply with its legal obligations or to (a) respond to your requests for service; (b) enforce this Agreement; (c) respond to claims that your Content violates the rights of third parties; or (d) protect the rights, property, or personal safety of us, other Users, or the public. Where we are required to access and disclose your account information and Content, Huddle will, to the extent we are permitted to do so, give you as much notice of this disclosure as possible.
Copyright notices in the United States
We will not knowingly publish content in violation of applicable copyright law. If you believe content has been displayed, reproduced, printed or otherwise distributed by us through this website in violation of any third-party copyright, please notify us in writing. Send your notice to Huddle, Inc., 535 Mission Street, 17th Floor, San Francisco, CA 94105; FAO Legal Officer, and include the following:
a. electronic or physical signature of a person authorized to act for the copyright owner
b. description of the copyrighted work
c. description of where the infringing content is located on this website
d. your office or home address, telephone number and email address
e. a statement of good faith belief that the use of the work is not permitted by the copyright owner, and
f. a statement under penalty of perjury that the above is true and you are authorized to act for the owner.
We retain the right to implement limits on the amount of storage available to you, the number of users with whom you may share Content, the nature of Content permitted to be uploaded or displayed, and other limitations at any time. Huddle may engage certain affiliates, subcontractors or other third parties to provide all or part of the Services to you, and you hereby acknowledge and agree that such third-party involvement is acceptable. Further, you acknowledge that in using the Services to send message or transmit other Content, you will be causing communications to be sent through computer networks owned by Huddle and third parties that are located throughout the United Kingdom and other countries. In performing the required technical steps to provide the Services to our users, Huddle may make such changes to your Content as are necessary to conform and adapt that Content to the technical requirements of connecting networks, devices, services or media.
We reserve the right at any time and in our sole discretion to modify or discontinue, temporarily or permanently, the Services or any part thereof (including Software), with or without notice. We may take any measures we deem necessary or appropriate in connection with operation of the Services, including for maintenance or security reasons, which may affect availability of the Services. You agree we shall not be liable to you or to any third party for any modification, suspension or discontinuance of any part of the Services. Huddle may install software updates from time to time with the intention of improving, enhancing, repairing and/or further developing the Services, and you agree to permit us to deliver these to you (and you to receive them) as part of your use of the Services.
7. COMPLIANCE WITH LAWS
You acknowledge and agree that your access to and use of the Services may be subject to applicable foreign, national and/or local laws, ordinances, rules, and regulations, as well as the rules and regulations of non-governmental regulators such as the Financial Services Authority (each such agency, a "Regulatory Agency"). You agree to comply with all laws, ordinances, rules, regulations, and/or requirements imposed by any government or Regulatory Agency on your use, transmission, and disclosure of any data or information via the Services. You also represent and warrant that any data, media, or other content you disseminate through the Services does not violate the intellectual property rights or other proprietary rights of any third party.
We may include the use of third party resources and/or links to third party websites as part of the Services. We have no control over such sites and resources and, accordingly, you acknowledge and agree that (a) we are not responsible for the availability of such external sites or resources; (b) we do not endorse and are not responsible or liable for any content or other materials available from such sites or resources and (c) we shall not be responsible or liable, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with use of or reliance on any such content or materials available on or through any such site or resource.
YOU EXPRESSLY UNDERSTAND AND AGREE THAT:
(a) YOUR USE OF THE SERVICES IS AT YOUR SOLE RISK. THE SERVICES ARE PROVIDED ON AN “AS IS” AND “AS AVAILABLE” BASIS. TO THE MAXIMUM EXTENT PERMITTED BY LAW, HUDDLE EXPRESSLY DISCLAIMS ALL WARRANTIES AND CONDITIONS OF ANY KIND, WHETHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO THE IMPLIED WARRANTIES AND CONDITIONS OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT.
(b) HUDDLE DOES NOT WARRANT THAT (i) THE SERVICES WILL MEET ALL OF YOUR REQUIREMENTS; (ii) THE SERVICES WILL BE UNINTERRUPTED, TIMELY, OR ERROR-FREE; OR (iii) ERRORS IN THE SOFTWARE WILL BE CORRECTED.
(c) ANY TRANSMISSION OF CONTENTS THROUGH THE USE OF THE SERVICES IS DONE AT YOUR OWN DISCRETION AND RISK AND YOU WILL BE SOLELY RESPONSIBLE FOR ANY DAMAGE TO YOUR COMPUTER OR OTHER DEVICE OR LOSS OF DATA THAT RESULTS FROM ANY SUCH TRANSMISSION.
12. LIMITATION OF LIABILITY
1.1 In this Schedule
“Applicable Law” means any applicable:
(a) statute, regulation, regulatory requirement, by law, ordinance, subordinate legislation or other law (regardless of its source) or mandatory guidance or code of practice (including in each case any judicial or administrative interpretation of it), in force from time to time in any applicable jurisdiction; or
(b) judgment of a relevant court of law, or sanction, directive, order or requirement of any regulatory authority;
“Controller” (or data controller), “Processor” (or data processor), “Data Subject”, “international organisation”, “Personal Data” and “processing” all have the meanings given to those terms in DP Laws (and related terms such as “process” shall have corresponding meanings);
“Data Subject Request” means a request made by a Data Subject to exercise any rights of Data Subjects under DP Laws;
“DPIA” means a data protection impact assessment, as described in DP Laws;
“DP Laws” means:
(a) any laws or regulations implementing Council Directives 95/46/EC (Data Protection Directive) or 2002/58/EC (ePrivacy Directive); and
(b) the Regulation of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation), and/or any corresponding or equivalent national laws or regulations,
in each case, as in force and applicable, and as may be amended, supplemented or replaced from time to time;
“Huddle” means Ninian Solutions Limited, a company organized under the laws of the United Kingdom with offices located at 2nd Floor Aldgate Tower, 2 Leman Street, London E1 8FA;
“Huddle Personnel” means individuals used by or on behalf of Huddle in performing its obligations under this Agreement, including Sub-Processors’ personnel;
“Personal Data Breach” means a breach of security or other action or inaction leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Protected Data
“Protected Data” means Personal Data processed by Huddle under this Agreement as a Processor on behalf of Subscriber as a Controller;
“Sub-Processor” means another Processor engaged by Huddle for carrying out processing activities in respect of the Protected Data on behalf of Subscriber; and
“Supervisory Authority” means any local, national or multinational agency, department, official, parliament, public or statutory person or any government or professional body, regulatory or supervisory authority, board or other body responsible for administering DP Laws.
Compliance with DP Laws/this Agreement
1.2 Each party shall comply with DP Laws applicable to them. Huddle shall procure that any Sub-Processor that has access to or otherwise processes Protected Data shall comply with Huddle’s obligations under this Agreement.
1.3 Where Huddle processes Protected Data, Huddle shall:
1.3.1 (and shall procure that any person acting under its authority who has access to Protected Data) process the Protected Data only on and in accordance with Subscriber’s documented instructions (“Processing Instructions”); and
1.3.2 immediately inform Subscriber of any legal requirement under DP Laws that would require Huddle to process the Protected Data otherwise than only on the Processing Instructions, or if any Subscriber instruction infringes DP Laws.
The details of the Protected Data processing carried out by Huddle are set out in the Appendix (Data Processing Details) to this Schedule.
1.4 Huddle shall implement and maintain appropriate technical and organisational measures in relation to the processing of Protected Data by or on behalf of Huddle:
1.4.1 such that the processing will meet the requirements of DP Laws and ensure the protection of the rights of Data Subjects; and
1.4.2 so as to ensure a level of security in respect of Protected Data processed by it is appropriate to the risks that are presented by the processing, in particular from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to Protected Data transmitted, stored or otherwise processed.
1.5 Huddle shall not engage another Processor to perform processing activities in respect of the Protected Data on behalf of Subscriber without Subscriber’s prior written consent and, if Subscriber gives its consent, Huddle shall appoint the Sub-Processor under a binding written contract (“Processor Contract”) which imposes the same data protection obligations as are contained in this Agreement on the Sub-Processor, in particular under paragraph 1.4 and the conditions in this paragraph 1.5 for engaging another Processor.
1.6 Without prejudice to the generality of paragraph 1.5, Subscriber specifically consents to any group company of Huddle acting as Sub-Processors. Subscriber generally consents to other third parties acting as Sub-Processors (“Third Party Sub-Processors”). Huddle will provide Subscriber with information as to Sub-Processors engaged in the provision of the Services upon written request from Subscriber.
1.7 In the event that Huddle intends to engage any new Third Party Sub-Processor, Huddle shall notify Subscriber of such intention no less than 30 days prior to the intended appointment date and shall include in such notification the date the third party is to be appointed as a Sub-Processor (the “Intended Appointment Date”) and information as to the identity of the intended Third Party Sub-Processor, its location and a summary of the processing to be performed by the intended Third Party Sub-Processor (each an “Appointment Notice”). In the event that Subscriber objects to the appointment of the third party as a Sub-Processor, Subscriber may notify Huddle of such objection within 30 days of receiving the relevant Appointment Notice and such notification shall have the effect of terminating this Agreement on the Intended Appointment Date. In the event that this Agreement terminates pursuant to this paragraph 1.7, Subscriber shall have no claim against Huddle in relation to such termination or the objection to the third party as a Sub-Processor.
1.8 Huddle shall:
1.8.1 promptly upon request by Subscriber provide the relevant details of any such Processor Contract to Subscriber; and
1.8.2 where that Sub-Processor fails to fulfil its data protection obligations in accordance with the Processor Contract, remain fully liable to Subscriber for the performance of that Sub-Processor’s obligations.
1.9 Huddle shall ensure that Huddle Personnel processing Protected Data have signed agreements requiring them to keep Protected Data confidential and take all reasonable steps to ensure the reliability of Huddle Personnel processing Protected Data.
1.10 Huddle shall implement and maintain appropriate technical and organisational measures to assist Subscriber in the fulfilment of Subscriber’s obligations to respond to Data Subject Requests relating to Protected Data, including to ensure that all Data Subject Requests it receives are recorded and then referred to Subscriber within three days of receipt of the request.
1.11 Huddle shall provide reasonable assistance, information and cooperation to Subscriber to ensure compliance with Subscriber’s obligations under DP Laws with respect to: (i) security of processing; (ii) notification by Subscriber of breaches to the Supervisory Authority or Data Subjects; and (iii) DPIAs and prior consultation with a Supervisory Authority regarding high risk processing.
1.12 Huddle shall not transfer any Protected Data to any country outside the European Economic Area or to any international organisation (an “International Recipient”) without Subscriber’s prior written consent and, if Subscriber consents to the transfer of Protected Data to an International Recipient, Huddle shall ensure that such transfer (and any onward transfer): (i) is pursuant to a written contract including provisions relating to security and confidentiality of the Protected Data; (ii) is effected by way of a legally enforceable mechanism for transfers of Personal Data as may be permitted under DP Laws from time to time;(iii) complies with paragraph 1.4.1; and (iv) otherwise complies with DP Laws.
1.13 Without prejudice to the generality of the foregoing, Subscriber consents to Huddle processing Protected Data in or from the USA, provided that Huddle maintains for the duration of such processing, a suitable mechanism for transfers of Personal Data as may be permitted under DP Laws from time to time, or there otherwise exists a derogation or safeguard that allows for the processing in accordance with DP Laws.
Records of Processing
1.14 Huddle shall maintain complete, accurate and up to date written records of all categories of processing activities carried out on behalf of Subscriber containing such information as required under DP Laws and any other information Subscriber reasonably requires (“Processing Records”), and shall make available to Subscriber on request in a timely manner such information (including the Processing Records) as is reasonably required by Subscriber to demonstrate compliance by Huddle with its obligations under DP Laws and this Agreement, which Subscriber may disclose to the Supervisory Authority or any other relevant regulatory authority.
Audits and Inspections
1.15 Huddle shall (and shall procure that its Sub-Processors shall) allow for and contribute to audits, including inspections, conducted by Subscriber or another auditor mandated by Subscriber for the purpose of demonstrating compliance by Huddle with its obligations under DP Laws and under this Schedule, subject to Subscriber giving Huddle reasonable prior notice of such audit and/or inspection, and ensuring that any auditor is subject to binding obligations of confidentiality.
Personal Data Breaches
1.16 In respect of any Personal Data Breach (actual or suspected), Huddle shall notify Subscriber of the breach without undue delay and provide Subscriber without undue delay (wherever possible, within 36 hours of becoming aware of the breach) with such details relating to the breach as Subscriber reasonably requires.
Deletion/Return of Protected Data
1.17 Huddle shall without delay, at Subscriber’s written request, either securely delete or return all the Protected Data to Subscriber in hardcopy or electronic form as determined by Subscriber after the end of the provision of the relevant services related to processing or, if earlier, as soon as processing by Huddle of any Protected Data is no longer required for Huddle’s performance of its obligations under this Agreement, and securely delete existing copies (unless storage of any data is required by Applicable Law, and if so Huddle shall notify Subscriber of this).
DATA PROCESSING DETAILS
Description of processing: Huddle is a content collaboration and storage platform. Huddle processes Subscriber’s Content, which may or may not contain Personal Data, to capture, transfer, store, index, search, audit, provide previews, and otherwise make available documents which Users choose to upload to the platform.
- Length of processing: For the Term of the Agreement
- Purpose of processing: For the performance of the obligations of Huddle as set out in this Agreement.
- Types of Personal Data being processed: Such Personal Data as Users upload to the Huddle platform.
- Special categories of Personal Data being processed: Such special categories of Personal Data as Users upload to the Huddle platform.
- Types of Data Subjects: Users, People invited to become Users, Individuals whose Personal Data is contained in documents uploaded to the Huddle platform.