Terms of use

Last updated: June 02, 2023

This Terms of Service (the “Terms of Service”) is entered into by and between Incognia US Inc. ("Incognia") and the counterparty (“Client”), which is the organization identified in the sign-in page of Incognia’s Platform or in an order form or similar document (“Order Form”) referring to the terms of this Terms of Service  (each a “Party” or together the “Parties”). Client wishes to obtain, and Incognia wishes to provide, a subscription to Incognia’s location-based behavioral services described in this Terms of Service  and the Order Form (the “Services”). This Terms of Service  and its Annex I - Data Processing Agreement (“DPA”) - regulate the parties obligations and sets forth the terms and conditions under which Incognia will provide the Services. This Terms of Service take effect when Incognia and the Client execute an Order Form (or in the date specified in such Order Form) referring to this Terms of Service, or, if no such Order Form is executed, when the Client clicks an “I Accept” button or checkbox in Incognia’s platform (the “Effective Date”).

1. Services; Conditions. Subject to this Terms of Service , Incognia grants Client the right to use the Services during the Term. The Services include a limited, revocable, non-exclusive, non-transferrable, royalty-free, (i) right to use Incognia’s software development kit , which is Incognia’s proprietary set of software development tools, including but not limited to computer programs, sample code, documentation, or base codes (“SDK”), the use of which is authorized by Incognia to Client to allow the collection and processing of data and for the provision of the Services, and (ii) right to access Incognia’s application programming interfaces (“APIs”) and web platform by which the Services are performed and made available (“Incognia Platform”). Client will use the Services only for its own business purposes and, regarding the Services, will not (or permit any third party to): (a) reverse assemble, reverse engineer, decompile or otherwise attempt to derive source code or any component thereof; (b) circumvent, disable, or otherwise interfere with features, including those related to security or access; (c) use any robot, spider, search or retrieval application, or any other manual or automatic device or process to retrieve, index, data-mine, or in any way reproduce or circumvent the navigational structure or presentation thereof; (d) modify or prepare derivative works; (e) assign, copy, reproduce, modify, sell, lease, pledge, transfer, sublicense, market, commercially exploit, or otherwise dispose of in any way, on temporary or permanent basis or any component thereof other than as expressly provided in this Terms of Service ; (f) use in any manner that infringes the intellectual property or other rights of Incognia or any other party; (g) store or transmit any defamatory, violent, obscene, pornographic, illegal or otherwise offensive content, (h) cause or permit any third party to do any of the foregoing; and/or (i) use in any way not specifically permitted under this Terms of Service. Client recognizes that the Services are not provided by a “consumer reporting agency” and do not constitute a “consumer report” under the Fair Credit Reporting Act.

2. Client Covenants and Responsibilities. Client is solely responsible and liable for all uses of the Services resulting from access provided to Client, directly or indirectly, whether such access or use is permitted by or in violation of this Terms of Service. Client is responsible for obtaining and maintaining any equipment and ancillary services needed to connect to, access or otherwise use the Services, including, without limitation, modems, hardware, servers, software, operating systems, networking, web servers and the like (collectively, “Equipment”). Client is responsible for maintaining the security of Equipment, Client’s account information, passwords and files, keeping its Incognia Platform administrators’ credentials updated, and for all uses of Client’s account or the Equipment. Client shall use the Services in compliance with applicable law including, without limitation, those laws related to privacy and data protection. Client understands and agrees that, in order to ensure compliance with applicable law and Incognia’s internal policies, Incognia may conduct usage reviews of Client’s use of the Services, and Client agrees to cooperate fully with any such reviews. 
3. Integrations and Updates. As a condition for using the Services, Client is solely responsible for integrating the SDK, APIs (and its updates) and for adopting all reasonable measures so that its Users’ Devices have the most up-to-date version of the SDK in each of its applications in which want to make use of the Services, considering Incognia technical documentation and updated software versions. Updated versions of the SDK, APIs and other tools eventually provided will be made available through the Incognia Platform. Client shall perform all the integrations and updates in accordance with the technical documentation provided by Incognia and abide by the following deadlines for SDK and APIs updates (“Update Deadlines”)  ( a) Update for compatibility persistence: 6 (six) months from the release of the updated version; and (b) critical update, which occur when an exceptional event that generates risks to Client’s application, security, Users, or Incognia Services or database: seventy-two (72) hours after event written communication. Non-compliance with the Update Deadlines is subject to immediate suspension of the Incognia Services under Incognia discretion without prejudice to other remedies provided in this Terms of Service and continuous payment of amounts due, including any agreed minimum fee. 
4. Incognia Covenants and Responsibilities. Incognia shall Provide the services in a diligent manner, employing reasonable commercial efforts to perform the services properly. 
5. Data Collection and Privacy Practices. Personal data processing under this Agreement will be carried out in accordance with the limits set forth in the applicable privacy and data protection laws and regulations and in accordance with the DPA, which is an integral and inseparable part of this Terms of Service, as if transcribed herein.
6. Ownership. Incognia or its licensors, as the case may be, shall retain and own all right, title and interest and all intellectual property rights (including but not limited to the SDK, source code, its modules, packages, operating structure, APIs, Incognia Platform, business model, algorithms, trade dress, look and feel, technical documentation and all information related to its usage and operation, material models, documentation, reports, tables, data compilations, manuals and other elements resulting directly from the delivery of the Services) in and to the Services, any software underlying the Services, any hosting environment made available to Subscriber, aggregated data collected by the Services, any related documentation, modification, derivation, improvement or development thereof, and all copies thereof ("Incognia Intellectual Property"). Nothing in this Terms of Service  shall be interpreted to provide Client with any rights in the foregoing, except the limited right to use the Services subject to the terms of this Terms of Service . Incognia reserves the right to add, remove or update content, features or software utilized in the Services and will use commercially reasonable efforts to notify Client of such changes, upon which the Client shall, included but not limited to, perform the relevant update or integration as set forth in section 3. If Client sends or transmits any communications or materials to Incognia suggesting or recommending changes to the Services or Incognia Intellectual Property, including without limitation, new features or functionality relating thereto, or any comments, questions, suggestions, or the like (”Feedback”), Incognia is free to use such Feedback irrespective of any other obligation or limitation between the Parties governing such Feedback. Client hereby assigns to Incognia on Client’s behalf, and on behalf of its employees, contractors and/or agents, all right, title, and interest in, and Incognia is free to use, without any attribution or compensation to any party, any ideas, know-how, concepts, techniques, or other intellectual property rights contained in the Feedback, for any purpose whatsoever, although Incognia is not required to use any Feedback.
7. Fees, Payment and Taxes. Client shall pay Incognia the fees specified in an Order Form (“Fees”). Unless otherwise specified in an Order Form, payment for all Fees will be invoiced upon mutual execution of the Order Form and all Fees will be due monthly, payable in U.S. dollars within thirty (15) days from the date of the invoice, which will be issued by the fifth (5th) business day of each month. The fees mentioned in the Order Form will be adjusted on an annual basis, as of each Order Form execution date, to account for inflation. The adjustment will be made, if positive, on the basis of the higher official consumer price of the applicable jurisdiction, unless otherwise settled in the Order Form. If Client purchases professional services, Fees do not include travel, lodging, and other related expenses, which will be billed at actual cost. Fees are non-refundable and exclusive of all taxes; other than taxes on Incognia’s net income, Client shall pay (and Incognia shall have no liability for), any taxes, tariffs, duties and other charges or assessments imposed or levied by any government or governmental agency in connection with this Terms of Service, including, without limitation, any federal, provincial, state and local sales, use, goods and services, value-added, withholding, and personal property taxes on any payments due in connection with the Services provided hereunder. In the event that a payment by Client is not received until its due date, Incognia shall be entitled to interest on the amount owing at a rate of 2% per month, or the highest rate allowed by applicable law, whichever is more, from the due date of payment until the date of actual receipt by Incognia and, if necessary, Client shall bear all reasonably attorneys’ fees actually incurred by Incognia in collecting any such overdue amounts.
8. Term and Termination. This Terms of Service  is effective on the Effective Date and will continue until terminated unless agreed otherwise in the applicable Order Form (the “Term”). Unless otherwise expressly provided on an Order Form, either Party may terminate this Terms of Service  for convenience without any penalty or charge upon ninety (90) days’ prior written notice to the other Party, period during which the Services will be rendered regularly. In addition, this Terms of Service  may be terminated by either Party on delivery of written notice of termination to the other Party, as follows: (1) if the other Party materially breaches this Terms of Service  and such breach is not capable of being cured; (2) if the other Party materially breaches this Terms of Service , such breach is capable of being cured and the breaching Party fails to cure such breach within thirty (30) days after receipt of written notice of such breach from the non­breaching Party; or (3) if the other Party: (a) makes a general assignment for the benefit of creditors, (b) admits in writing its inability to pay debts as they come due, (c) voluntarily files a petition or similar document initiating any bankruptcy or reorganization proceeding, or (d) involuntarily becomes the subject of a petition in bankruptcy or reorganization proceeding and such proceeding shall not have been dismissed or stayed within sixty (60) days after such filing. Termination of the Terms of Service  shall terminate all rights granted in this Terms of Service . Upon termination of the Terms of Service  (i) Client will cease all use of the Services and have the SDK removed from its application (including application versions used by its Users on their devices), and  (ii) Client will pay Incognia any remaining fees and not be entitled to any refunds or credits for unused Services.
9. Temporary Suspension. Without prejudice to other provisions of in this Terms of Service, Incognia may temporarily suspend Client’s access to any portion or all of the Services if: (i) Incognia reasonably determines that (A) there is a threat or attack on any of the Services; (B) Client’s use of the Services disrupts or poses a security risk to Incognia or any of its other Clients; (C) Client is using the Services for fraudulent or illegal activities; or (D) Incognia’s provision of the Services to Client is prohibited by applicable law; or (ii) Client fails to pay applicable fees in accordance with Section 5 (any such suspension described in subclause (i) or (ii), a “Service Suspension”). Incognia shall provide written notice of any Service Suspension to Client and to provide updates regarding resumption of access to the Services following any Service Suspension. Incognia shall resume providing access to the Services as soon as reasonably possible after the event giving rise to the Service Suspension is cured. Incognia will have no liability for any damage, liabilities, losses, or any other consequences that Client may incur as a result of a Service Suspension.
10. Confidentiality. In connection with this Terms of Service , each Party (a “Disclosing Party”) has provided or may provide Confidential Information to the other Party (a “Receiving Party”). Except as set forth below, “Confidential Information” means all non-public, confidential or proprietary information of or about Disclosing Party that is received by Receiving Party which relates to Disclosing Party’s business (including without limitation, business plans, financial data, pricing information, marketing, Client information, personal information), technology (including without limitation, source code, algorithms, processes, technical data, product plans, research, software, and other confidential intellectual property), products, services, trade secrets, know-how, formulae, processes, ideas, and inventions, or other information which should be reasonably understood by Receiving Party as the confidential or proprietary information of Disclosing Party. Confidential Information includes any documents or reports created by the Receiving Party that include, summarize, or refer to Confidential Information. The terms of this Terms of Service  are the Confidential Information of Incognia. Confidential Information will not include any information that Receiving Party can document: (i) is or becomes generally known to the public without fault of Receiving Party; (ii) was in its possession or known by it without any obligation of confidentiality prior to receipt pursuant to this Terms of Service ; (iii) is independently developed by Receiving Party without use of or reference to the Confidential Information; or (iv) is rightfully obtained by Receiving Party from a third party without any obligation of confidentiality to Disclosing Party.
1. Receiving Party’s Obligations. Confidential Information of Disclosing Party may be used by Receiving Party solely for the purposes anticipated in this Terms of Service  and may not be used for any other purpose. Receiving Party will hold Disclosing Party’s Confidential Information in strictest confidence and may not use or disclose Disclosing Party’s Confidential Information, except as expressly permitted herein, without the prior written consent of Disclosing Party, which consent may be granted or refused in Disclosing Party’s sole discretion. Receiving Party will take all reasonable measures to protect the Confidential Information of Disclosing Party from becoming known to the public or falling into the possession of persons other than those persons authorized to have any such Confidential Information, which measures shall include the highest degree of care that Receiving Party uses to protect its own information of a similar nature, but in no event less than a reasonable degree of care. Receiving Party may disclose Disclosing Party’s Confidential Information only to its Representatives who have a legitimate “need to know,” have been advised of the obligations of confidentiality under this Terms of Service  and are bound in writing to obligations of confidentiality no less strict than those set out in this Terms of Service . “Representatives” include any person acting on behalf of either Party as individual contractors, directors, legal and accounting advisors, employees, and Affiliates. An “Affiliate” is a business entity controlling, controlled by or under common control, directly or indirectly, with a Party. For purposes of defining Affiliate only, “control” means ownership of more than fifty percent (50%) of the voting stock or other voting ownership interest in an entity. Receiving Party will be liable for any breach of this Terms of Service  by its Representatives. Nothing in this Terms of Service  will prohibit Receiving Party from disclosing Confidential Information of Disclosing Party if legally required to do so by judicial or governmental order or in a judicial or governmental proceeding (“Required Disclosure”); provided that Receiving Party shall: (i) where permitted, give Disclosing Party reasonable notice of such Required Disclosure prior to disclosure; (ii) cooperate with Disclosing Party in the event that it elects to contest such disclosure or seek a protective order with respect thereto; and (iii) in any event only disclose the exact Confidential Information, or portion thereof, specifically requested by the Required Disclosure
2. Confidentiality Period; Return of Confidential Information; Remedies. The confidentiality obligations with respect to any disclosure made on or after the Effective Date will survive and continue for a period of five (5) years after the Terms of Service  terminates, except that the obligations with respect to Confidential Information constituting a trade secret shall survive for so long as such information remains a trade secret under applicable law. Immediately upon either the written request by Disclosing Party at any time or the termination of this Terms of Service, Receiving Party shall cease all use of and return to Disclosing Party all copies or extracts of Disclosing Party’s Confidential Information, in any medium, or certify, in writing by an authorized officer of Receiving Party, the destruction of the same. Receiving Party acknowledges and agrees that due to the unique nature of Disclosing Party’s Confidential Information, there can be no adequate remedy at law for any breach of its confidentiality obligations, that any such breach may allow Receiving Party or third parties to compete unfairly with Disclosing Party resulting in irreparable harm to Disclosing Party and, therefore, that upon any such breach or any threat of breach of confidentiality, Disclosing Party will be entitled to seek appropriate equitable relief in addition to whatever remedies it might have at law. Each Party agrees that monetary damages would be inadequate to compensate the other Party for any breach of confidentiality. Receiving Party will notify Disclosing Party in writing immediately upon the occurrence of any such unauthorized release or other breach of which it is aware.

• Indemnifications.

1. Incognia will defend, indemnify, and hold harmless, Client or its officers, directors, employees or agents from any and all losses, damages, costs and expenses including reasonable attorneys’ fees to the extent that based on a claim that the Services when used in accordance with the terms of this Terms of Service , infringes any patent, copyright, or trademark of a third party (a “Claim”). Incognia shall have no obligation to indemnify, defend or hold harmless hereunder to the extent that a Claim is caused by or results from any: (i) use of the Services not in accordance with this Terms of Service  or for purposes not intended by Incognia and not specifically permitted pursuant to this Terms of Service ; or (ii) use of the Services other than the most updated, unaltered and unmodified version of the Services as made available by Incognia to Client as an update or upgrade or after the termination of this Terms of Service. Following notice of a Claim or upon facts which in Incognia’s sole opinion are likely to give rise to such Claim, Incognia shall in its sole discretion and at its sole option, elect to (A) procure for Client the right to continue to use the Services, at no additional cost to Client, (B) replace the Services so that they become non-infringing, but functionally equivalent, (C) modify the Services to avoid the alleged infringement in a manner so that it remains functionally equivalent, or (D) terminate this Terms of Service .

2. Client will defend, indemnify, and hold harmless Incognia, its affiliates and their respective officers, directors, agents and employees from any and all losses, damages, costs and expenses including reasonable attorneys’ fees relating to or arising out of (i) a breach of this Terms of Service  by the Client or anyone on its behalf, including, without limitation, breach of its representations and warranties under this Terms of Service  or misuse of the Services or (ii) the lawful collection and transmission of data that Client provides to Incognia in order to provide the Services. A Party's (“Indemnifying Party”) indemnification obligations are subject to the other Party (“Indemnified Party”): (a) notifying the Indemnifying Party of any Claim promptly after it obtains knowledge of such Claim; (b) providing the Indemnifying Party with reasonable assistance, information and cooperation in defending the lawsuit or proceeding; and (c) giving the Indemnifying Party full control and sole authority over the defense and settlement of such Claim, provided any such settlement is solely for monetary damages and does not admit any liability on behalf of the Indemnified Party. The Indemnified Party may be represented in any such suit by counsel of its own choosing at its own expense.

1. Representations and Warranties. Each Party represents and warrants that: (i) the execution and performance of this Terms of Service  does not conflict with any contractual or legal obligations it has; and (ii) it shall comply with applicable law. Incognia further represents and warrants that it has rights necessary to provide the services specified in the Order Form. Client further represents and warrants that it has and shall during the Term have all right, license and consent required under applicable law to provide Incognia with (and access to) any data (including but not limited to personal data) collected or processed by the Services in accordance with the terms of this Terms of Service . Client represents and warrants that neither it nor its owners have been designated by or are otherwise subject to restriction in accordance with export controls or economic sanctions laws and regulations administered by the United States Department of Commerce, United States Department of State, United States Department of Treasury or other applicable export controls or sanctions laws and regulations. Client covenants that it shall not—directly or indirectly—sell, export, reexport, transfer, divert, or otherwise dispose of any products, software, or technology (including products derived from or based on such technology) received from Incognia to any restricted destination, entity, person or end-use requiring an export license. Client also represents and warrants it has all the required authorizations, licenses, or applicable legal requirements to provide its service or products and represents and warrants that Incognia services will not be associated to an unlawful activity regarding Client’s service or products.

2. Disclaimers; Limitation of Liability. CLIENT ACKNOWLEDGES THAT THE SERVICES ARE PROVIDED ON AN "AS-IS" AND "AS AVAILABLE" BASIS. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, INCOGNIA DISCLAIMS ALL OTHER REPRESENTATIONS, WARRANTIES, TERMS AND CONDITIONS, WHETHER EXPRESS OR IMPLIED, REGARDING THE SERVICES, RELATED DOCUMENTATION OR INFORMATION, AND OTHER MATERIALS AND SERVICES, AND SPECIFICALLY DISCLAIMS THE IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR PURPOSE, SATISFACTORY QUALITY, MERCHANTABLE QUALITY, NON-INFRINGEMENT AND THOSE ARISING FROM COURSE OF PERFORMANCE, DEALING, USAGE OR TRADE. INCOGNIA DOES NOT WARRANT THAT THE FUNCTIONS CONTAINED IN THE SERVICES OR IN ANY UPDATE WILL MEET THE REQUIREMENTS OF CLIENT OR THAT THE OPERATION OF THE SERVICES WILL BE UNINTERRUPTED OR ERROR FREE, OR FREE FROM OTHER PROGRAM LIMITATIONS. INCOGNIA PROVIDES NO WARRANTY REGARDING ANY USE OF THE SERVICES NOT IN ACCORDANCE WITH THIS TERMS OF SERVICE OR FOR PURPOSES NOT INTENDED BY INCOGNIA AND NOT SPECIFICALLY PERMITTED BY THIS TERMS OF SERVICE . INCOGNIA’S ASSESSMENTS ARE RISK ANALYSIS THAT RELY ON STATISTICAL METHODS BASED ON MATH FORMULAS AND HEURISTICS CREATED BY INCOGNIA CONDITIONED BY MODELS AND METRICS SET OUT BY THE CLIENT, HENCE, CONSIST OF A RISK PROBABILITY ASSESSMENT, BEING UP TO THE CLIENT HOW TO USE SUCH ASSESSMENT, INCLUDING USING IT TO APPROVE OR DENY A TRANSACTION INITIATED BY AN USER. IN NO EVENT, SHALL INCOGNIA OR ITS AFFILIATES OR ANY OF THEIR RESPECTIVE DIRECTORS, OFFICERS, EMPLOYEES, OR AGENTS BE LIABLE FOR INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES, OR ANY PENALTIES, CLAIMS FOR LOST DATA, REVENUE, PROFITS, COSTS OF PROCUREMENT OR SUBSTITUTE GOODS OR SERVICES OR BUSINESS OPPORTUNITIES, ARISING OUT OF THIS TERMS OF SERVICE OR ANY ADDENDUM THERETO, UNDER ANY CAUSE OF ACTION OR THEORY OF LIABILITY, WHETHER IN CONTRACT OR IN TORT INCLUDING NEGLIGENCE, EVEN IF INCOGNIA HAD BEEN ADVISED OF SUCH DAMAGES. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL INCOGNIA’S MAXIMUM AND AGGREGATE LIABILITY HEREUNDER FOR ANY CAUSE OF ACTION OR THEORY OF LIABILITY EXCEED THE AMOUNTS PAID BY CLIENT TO INCOGNIA HEREUNDER DURING THE PRECEDING 6 MONTH PERIOD PRIOR TO THE DATE THE CAUSE OF ACTION AROSE.

 

1. Miscellaneous.
1. Relationship. This Terms of Service  is not intended to create, nor should it be construed as creating, an agency, joint venture, partnership or similar relationship between the Parties. Incognia will act solely as an independent contractor of Client and neither Party shall have the right to act for or bind the other Party in any way or to represent that the other Party is in any way responsible for any acts or omissions of such Party.
2. Publicity. Each Party recognizes and concedes that all trademarks, service marks or other designations (“Proprietary Marks”) constitute such Party’s exclusive property. Each Party grants the other Party a nonexclusive, non-transferable, non-sublicensable, royalty-free license during the Term to use, solely to identify the other Party as a Client or supplier, as the case may be. Except as set forth herein, neither Party shall use the Proprietary Marks of the other Party without the prior written consent of the other Party. Any uses of the other Party’s Proprietary Marks shall be in accordance with the granting Party’s reasonable trademark usage policies. Each Party shall cease, or adjust the manner of, its use of any of the other Party’s Proprietary Marks at the request of the other Party in its sole discretion. The granting Party may withdraw any approval or license of any use of its Proprietary Marks at any time in its sole discretion.
3. Successors and Assigns. This Terms of Service  shall bind and inure to the benefit of each Party’s permitted successors and assigns. Either Party may assign any of its rights or obligations without prior written consent of other Party only in the event of: (a) a sale or other transfer of all or substantially all of the assets of such Party, (b) a transfer to an entity controlled by, controlling, or under common control with such Party. Any attempt to assign this Terms of Service  in any other event without prior written consent of the other Party will be null and void.
4. Law and Jurisdiction. This Terms of Service  will be construed and governed by the laws of the State of California, without giving effect to its conflicts of law principles. The parties hereby submit to the personal jurisdiction of, and agree that any legal proceeding with respect to or arising under this Terms of Service  will be brought solely in, the state courts of the State of California for the county of Santa Clara or the United States District Court for the Northern District of California, if such court has subject matter jurisdiction. Notwithstanding the foregoing, either party will at all times have the right to commence proceedings in any other court of its choice with the appropriate jurisdiction for interim injunctive relief. If any legal action or proceeding is commenced in connection with any dispute arising under, relating to or otherwise concerning this Terms of Service , the prevailing party, as determined by the court, will be entitled to recover its attorneys’ and experts’ fees and all costs and necessary disbursements actually incurred in connection with such action or proceeding.
5. Force Majeure. With the exception of payment obligations, neither Party shall be liable hereunder by reason of any delay or failure in the performance of its obligations if such delay arises out of causes beyond its control including, without limitation, use of the internet and electronic communications, acts of God or of the public enemy, fires, floods, epidemics, riots, quarantine restrictions, strikes, freight embargoes, earthquakes, electrical outages, computer or communications failures, internet failures or malfunction, severe weather, war, governmental action, labor conditions, and acts or omissions of subcontractors or third parties (“Force Majeure Event”). The Party prevented from performing its obligations or duties because of a Force Majeure Event shall promptly notify the other Party of the occurrence and particulars of such Force Majeure Event and shall provide the other Party, from time to time, with its best estimate of the duration of such Force Majeure Event and, if applicable, with notice of the termination thereof.
6. Severability and Waiver. If any provision of this Terms of Service  is found invalid or unenforceable, that provision will be enforced to the maximum extent permissible so as to effect the intent of the Parties and the remainder of this Terms of Service  will remain in full force and effect. Neither Party will be deemed to have waived any of its rights under this Terms of Service  by lapse of time or by any statement or representation other than by an explicit written waiver. No waiver of a breach of this Terms of Service t will constitute a waiver of any prior or subsequent breach of this Terms of Service .
7. Construction; Integration; Counterparts. This Terms of Service  will not be construed in favor of or against either Party by reason of authorship. This Terms of Service, including its exhibits, constitutes the entire Terms of Service between the Parties, and supersedes and replaces all prior or contemporaneous understandings or agreements, written or oral, regarding such subject matter. This Terms of Service may be executed in counterparts, each of which shall be deemed an original, but all of which together shall constitute a single instrument. In the event of any conflict between this Terms of Service  and any other document applicable to the services, the order of prevalence will be the Order Form followed by this Terms of Service. 
8. Notices. Any notice, request or other communication required or permitted hereunder shall be in writing and shall be deemed to have been duly given if: (i) personally delivered to the address in the Order Form, upon receipt; (ii) sent by e-mail to the e-mail address indicated in the Order Form or otherwise provided by Incognia; or (iii) sent by registered mail upon delivery and only if sent to the address in the Order Form.
9. Survival. All provisions of this Terms of Service  that are by their nature intended to survive the expiration or termination of this Terms of Service  or an Order Form, including without limitation, obligations with respect to indemnification, confidentiality, and proprietary rights, shall survive such expiration or termination.
10. Changes. Incognia reserves the right to make changes to the terms of this Terms of Service  by posting a revised version on its website or by otherwise notifying the Client in accordance with Section 15.8 or through Incognia’s platform. If the Client continues to access the Services after ten (10) days after the acknowledgment of such changes, the Client is deemed to have accepted such changes and is bound to the version of this Terms of Service .

 

ANNEX  I - DATA PROCESSING AGREEMENT  (DPA)

 

This Data Processing Agreement ("DPA") is an integral and inseparable part of Terms of Services and is entered into between Incognia US Inc. (“Incognia” or “Processor”), and the counterparty (“Client” or “Controller”) identified in an order form or in the sign-in page of Incognia’s Platform, collectively referred to as “Parties” and separately “Party”. 

WHEREAS

(A) Incognia is a location technology company that provides anti-fraud services;

(B) The Parties intend to enter into the Terms of Services for the provision of anti-fraud services by Incognia to the Client;

(C) In order to provide the services, Incognia will process personal data of the Client's Users on its behalf and under its determinations;

(D) During the performance of the Terms of Services, Incognia and the Client will act as Processor and Controller, respectively;

The Parties agree with this DPA to provide for the responsibilities and obligations of the Parties regarding the processing of personal data carried out during the performance of the Terms of Service, in accordance with the applicable privacy laws, especially provisions of the General Data Protection Regulation (“GDPR”),  California Consumer Privacy Act (“CCPA”) and the following clauses:

1. Definitions 

1.1 Capitalized terms and expressions used in this DPA shall have the following meaning:

1.1.1 Authority: Any Data Protection Authority or Agency that is responsible for ensuring, implementing, and monitoring the enforcement of the applicable privacy laws.

1.1.2 CCPA: California Consumer Privacy Act. It will be applicable when processing data of data subjects located in the United States territory.

1.1.3 Data Subject: natural person to whom the processed Personal Data refers. For the purposes of this DPA, the Data subject is the user of the Client's application.

1.1.4 GDPR: General Data Protection Regulation. It will be applicable when processing data of data subjects located out of the United States territory.

1.1.5 Personal Data: data relating to the identified or identifiable natural person, processed by Incognia on behalf of the Client, in connection with the Terms of Services.

1.1.6 Personal Data Breach: a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Data transmitted, stored or otherwise processed.

1.1.7 Processor Privacy Policy: document that presents information related to the processing of Personal Data carried out by Incognia during the provision of its services. The updated version of the Privacy Policy is available on the Incognia website at the link <https://www.incognia.com/policies/incognia-policy>.

1.1.8 Sub-processor: third party hired by the Processor to assist it in processing personal data on behalf of the Controller.

1.2 Any other terms mentioned in this DPA and not detailed in this clause must adhere to the meanings described in the Terms of Services and in the Section 4 of the GDPR, and its cognate terms must be interpreted accordingly.

2. Purpose and Compliance with Applicable Legislation

2.1 This DPA is applicable to the processing of Personal Data by the Processor on behalf of the Controller for the execution of the services described in the Terms of Services and in the Order Form, for meeting the general anti-fraud purpose determined by the Controller.

2.2 The Parties will comply with all applicable personal data protection laws and regulations in force in Europe and/or United States on the date of signature of this DPA or that enter into force during its term, including, but not limited to GDPR, CCPA, as well as all regulations and guidelines published by Authorities. 

3. Processing of Personal Data

3.1 The Personal Data covered by this DPA will be collected by the Processor through the SDK integrated into the Controller's Application, as well as through API interactions.

3.2 The categories of Personal Data necessary for the provision of Incognia Services that are subject to processing are detailed in the Processor's Privacy Policy, which is an integral part of this Annex I.

3.3 The processing of Personal Data to be performed by the Processor aims to generate a risk analysis for each Controller’s Request, under the terms of the Terms of Services.

3.3.1 The Personal Data collected by the Processor may be used to improve the solution algorithms, for network effect purposes, and to generate improvements to the infrastructure, achieving the processing purposes indicated by the Controller through more secure and assertive analyses.

3.4 The Personal Data collected by the Processor will not be shared with the Controller or any unauthorized third party and will be encrypted and processed exclusively by the Processor to achieve the Controller’s processing purposes set out in the Terms of Services and in this DPA. 

3.5 A summary of the risk analysis and its respective evidence will be made available to the Controller through the Processor's Platform. 

3.5.1 The risk analysis summary described in the previous item refers to the risk result plus the respective evidence applicable to each type of situation, such as, but not limited to: device integrity analysis (root detection, emulator, location spoofing, vpn, proxy, among others); device reputation analysis (systematic behavior, origin of the application, etc.); behavior analysis (for example, whether the user authenticates from a trusted location consistent with its history).

4. Obligations of the Processor Incognia

4.1.The Processor must restrict the processing of Personal Data to the determinations imposed by the Controller, according to the Terms of Services and this DPA to achieve the data processing purposes defined by the Controller. The Processor should only make decisions that are related to its expertise and necessary for the provision of services.

4.2 The Processor shall take reasonable measures to ensure that access to Personal Data is restricted only to its professionals who need to carry out the processing for the purposes of performing the Terms of Services and this DPA. The Processor must ensure that these employees have signed a commitment and are subject to professional or statutory obligations of confidentiality.

4.3 The Processor shall implement security, technical and administrative measures capable of protecting Personal Data from unauthorized access and from accidental or unlawful situations of destruction, loss, alteration, communication, or any form of inappropriate or illicit processing.

4.3.1 When assessing the appropriate level of security, the Processor must consider the nature, scope, context, purposes, and risks presented by the processing, in particular the risk of a Personal Data Breach.

4.4 Upon request, the Processor shall assist the Controller in the preparation of any personal data protection impact assessment to the extent exclusively related to the processing of Personal Data covered by this DPA.

5. Obligations of the Controller

5.1 The Controller ensures that it has provided notice to and/or has obtained any necessary consents (i.e., including from Users), all as required under applicable law to permit Incognia to process Personal Data in accordance with the terms of this DPA

5.2 The Controller remains responsible for the transmission of any data to the Processor. 

5. Rights of the Data Subject

5.1 The Controller shall guarantee and respond to the Data subjects' rights, as well as notify the Processor, without undue delay, to inform which deadlines, guidelines and procedures must be adopted by the Processor to assist the Controller in meeting the rights requests.

5.1.1 The Processor shall act in accordance with lawful guidelines determined by the Controller and in accordance with the provisions of the applicable privacy laws, guaranteeing the protection of  industrial and trade secrets.

5.2 Whenever it receives requests for rights from Data Subjects, the Processor will notify the Controller within 48 (forty-eight) hours so that it fulfills its legal obligation to respond to the Data Subject's request. The Processor will provide all necessary assistance to the Controller, under the terms of the previous clause.

6. Personal Data Breach

6.1 The Processor shall notify the Controller without undue delay as soon as it becomes aware of a Personal Data Breach that has relevant impact on the Controller. 

6.2 The Controller will be responsible to notify the Data Subjects and/or the Authority, when applicable.

6.2 The Processor shall cooperate with the Controller providing the information regarding the event and take reasonable measures, as instructed by the Controller, to assist in the investigation, mitigation, and correction of the Personal Data Breach.     

7. Storage of Personal Data

7.1 The Personal Data processed by the Processor to provide the services will be stored in cloud computing through a cloud server hired to act as a Sub-processor exclusively for this purpose, as provided in the Processor's Privacy Policy.

7.2 With the exception of the previous item, the Processor shall not share any Personal Data with Sub-processors unless previously notified to the Controller.

8. Deletion of Personal Data

8.1 The Processor shall, upon termination of the Terms of Service, in any case, promptly stop processing the Personal Data and delete it, in accordance with the deadlines and provisions set out in its Privacy Policy.

8.2 Upon request, the Processor must provide the Controller with a written statement that it has complied with the provisions referred to in the previous clause.

9. Periodic Assessment

9.1 The Processor undertakes to, when requested and provided that the trade secret and intellectual property are respected, make available to the Controller all the information necessary to demonstrate compliance with this DPA and with applicable laws.

9.1.1 The Processor, upon prior notice of 30 (thirty) business days, must allow and contribute to any assessments to be carried out by the Controller to confirm that the Processor is acting in accordance with this DPA.

10. International Transfer

10.1 The Personal Data collected may be stored on servers with a high standard of security located in other countries, pursuant to clause 7 and as provided in the Processor's Privacy Policy.

10.2 The international transfer of Personal Data must be performed in accordance with the applicable transfer mechanisms provided for the applicable privacy laws.

11. Transparency

11.1 The Parties shall adopt measures to ensure transparency in the processing of Personal Data, making available to the Data Subjects information about the processing of their Personal Data.

11.2 The Controller shall make information available in its privacy policies on the use of Personal Data by third parties to support its activities related to preventing fraud.

12. Communications

12.1 All notices, requests and communications in general relating to this DPA must be in writing and delivered by postal delivery via registered mail or by email; all with acknowledgment of receipt and directed to the Data Protection Officer (DPO) of the Parties.

12.2 Communications will be considered delivered: (i) by email, on the date they were sent; (ii) when sent/delivered to the physical addresses, on the date of protocol with acknowledgement of receipt.

12.3 Any change in the contacts and addresses of either Party must be communicated in writing to the other Party.

13. General Provisions

13.1 This DPA will be valid while the Terms of Services are in force or while the processing of the Personal Data object of this DPA takes place.

13.2 Any changes to this DPA must be made in writing and agreed by the Parties.

13.3 If the Authority publishes any guidance, regulation or interpretation that is contrary to the provisions of this DPA or in any way makes the processing of Personal Data unfeasible or unlawful in the manner provided for in this DPA, the Parties must reach a consensus to adjust the processes and if conform to the new guidelines.

13.4 All provisions of this DPA shall be interpreted in conjunction with the provisions of the Terms of Services. If there is a discrepancy between the Terms of Services and this document, the provisions of this DPA shall remain.

14. Legislation and Jurisdiction

14.1 This DPA and all issues related to it will be governed, interpreted, and resolved in accordance with the applicable privacy laws, in particular the GDPR, CCPA (USA) and rules issued by the Authority and/or official inspection bodies and agencies.

14.2 The Parties hereby elect the forum chosen in the Terms of Services, to the detriment of any other, however privileged it may be, as competent to resolve doubts and issues related to this DPA.

---

Previous versions

• 2022-06-01
• 2020-10-26