Legal Information

Legal

Butterfly takes the privacy of each and every employee and manager seriously and information is handled with care.

Master Subscription Agreement

This Master Subscription Agreement, dated as of the Effective Date mentioned on the Order Form, governs the Customer’s purchase and use of the Services mentioned in that Order Form. This Agreement includes (1) each Order Form that provides the type, quantity and payment terms for each of the Services purchased from Service Provider, (2) the Data Processing Agreement in Annex 1 to this Agreement, and (3) any other Documentation, including user guides, manuals and other necessary information in relation to the technical requirements for the use of the Services, provided by Service Provider to Customer. In the event of any conflict or inconsistency among terms, the order of priority shall be the relevant Order Form, this Agreement, the Data Processing Agreement in Annex 1, and then any other Documentation.

Service Provider’s direct competitors are prohibited from accessing and/or using the Services, except with Service Provider’s prior written consent. In addition, the Services may not be accessed for purposes of monitoring their availability, performance or functionality, or for any other benchmarking or competitive purposes.

1. Definitions

Affiliate” means any entity that directly or indirectly controls, is controlled by, or is under common control with the subject entity. “Control,” for purposes of this definition, means direct or indirect ownership or control of more than 50% of the voting interests of the subject entity.

Agreement” means this Master Subscription Agreement, including the Data Processing Agreement in Annex 1 to this Agreement.

Customer” means in the case of an individual accepting this Agreement on his or her own behalf, such individual, or in the case of an individual accepting this Agreement on behalf of a company or other legal entity, the company or other legal entity for which such individual is accepting this Agreement, and Affiliates of that company or entity (for so long as they remain Affiliates) which have entered into Order Forms.

Customer Data” means all (personal and non-personal) electronic data and information submitted by or for Customer to the Services.

Data Protection Legislation” means Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (the “GDPR”), as well as any legislation and/or regulation implementing or created pursuant to the GDPR and Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (the “ePrivacy Directive”), or which amends, replaces, re-enacts or consolidates any of them, and all other national applicable laws that may exist relating to the processing of personal data and privacy.

Documentation” means the applicable usage guides and policies, as updated from time to time, accessible via https://butterfly.ai/ or login to the relevant Service.

Malicious Code” means code, files, scripts, agents or programs intended to do harm, including, for example, viruses, worms, time bombs and Trojan horses.

Contracted Users” means the number of separate Users of a Service that Customer orders as set forth in the Order Form.

Non-Personal Customer Data” means all Customer Data other than personal data within the meaning of the Data Protection Legislation.

Order Form” means an ordering document or online order specifying the Subscriptions purchased by Customer to be provided hereunder, that is entered into between Customer and Service Provider or any of their Affiliates, including any addenda and supplements thereto. By entering into an Order Form hereunder, an Affiliate agrees to be bound by the terms of this Agreement as if it were an original party hereto.

SaaS System” means the master controllers and any other equipment, parts and supplies provided by Service Provider pursuant to this Agreement.

Services” means, collectively, all products (including but not limited to the SaaS System) and all services (including but not limited to the Software as a Service (“SaaS“) services), as described in the Documentation, which are listed in an Order Form and purchased by Customer or Customer’s Affiliate pursuant to that Order Form. The Services may among others include master controllers configured to communicate with the Service Provider network operations center and/or activation kit(s) or other devices listed in the Order Form.

Service Provider” means Appynest Inc., a company incorporated under the laws of New York, with its registered seat located at 604 E 11 street, 3rd floor, New York, NY 10009.

Subscription” means the subscription to a Service purchased by the Customer through an Order Form, which entitles Customer and Users to access and use the Services.

User” means an individual who is authorized by Customer to use a Service, for whom Customer has purchased a subscription to that Service and/or to whom Customer (or, when applicable, Service Provider at Customer’s request) has supplied a user identification and password (for Services utilizing authentication). Users may include, for example, employees and managers of Customer.

2. Purchase of Services

2.1 Service Provider agrees to sell the Services in the form of individual Subscriptions, described in each Order Form, and Customer agrees to pay for those Subscriptions and comply with the terms and conditions set forth in each Order Form and this Agreement. All Subscriptions shall be for use in connection with accessing the SaaS System, for Customer’s internal business purposes. Subsequent purchases of Subscriptions shall be made only from Service Provider, and shall be subject to the terms and conditions of this Agreement.

2.2 The Services purchased shall be accessed and used only in the manner specified, if applicable, in the relevant Order Form(s), notably but without limitation as regards the Subscription Term, the User Type and the Contracted Users.

2.3 In addition to the initial Order Form, the parties may enter into one or more additional Order Forms, each of which provides a general description of the Subscriptions ordered by and to be provided to Customer. For any Order Form to be effective, it must be in writing and signed or otherwise authenticated by Customer. Electronic and fax documents are considered to be in writing for this purpose. All terms and conditions set forth in this Agreement are automatically incorporated in, and deemed part of, each such Order Form.

3. Service Provider Responsibilities

3.1 Provision of the Services. Service Provider shall:

  1. make the Services available to Customer pursuant to this Agreement, and the applicable Order Forms and Documentation;
  2. provide applicable Service Provider standard support for the Services to Customer at no additional charge, and/or upgraded support if applicable and purchased;
  3. use commercially reasonable efforts to make the online Services available 24 hours a day, 7 days a week, except for: (i) planned downtime (of which Service Provider shall give advance electronic notice), and (ii) any unavailability caused by circumstances beyond Service Provider’s reasonable control, including, for example, an act of God, act of government, flood, fire, earthquake, civil unrest, act of terror, strike or other labor problem (other than one involving Service Provider employees), Internet service provider failure or delay, or denial of service attack; and
  4. provide the Services in accordance with laws and government regulations applicable to Service Provider’s provision of its Services to its customers generally (i.e., without regard for Customer’s particular use of the Services), and subject to Customer’s use of the Services in accordance with this Agreement, the Documentation and the applicable Order Form.

3.2 Delivery of the Services. If an Order Form provides a schedule for delivery, that schedule shall be subject to availability of the Services (including but not limited to availability of any devices to be provided pursuant to the Order Form), readiness of the Customer’s site for installation, and scheduling of installers, as applicable. In the event the Services are not available within a reasonable period of time of the scheduled delivery, Customer may at its option cancel the purchase of undelivered Services, or accept postponement of delivery until such time as agreed between the parties.

3.3 Service Provider Personnel. Service Provider shall be responsible for the performance of its personnel (including its employees and contractors) and their compliance with Service Provider’s obligations under this Agreement, except as otherwise specified in this Agreement.

4. Use of Services

4.1 Subscriptions. Unless otherwise provided in the applicable Order Form or Documentation, (i) Services are purchased as a number of Subscriptions, effective as of the relevant Subscription Commencement Date and for the relevant Subscription Term, equal to the number of Contracted Users, all as stated in the applicable Order Form, (ii) Subscriptions for additional Users may be added during a Subscription Term at the same pricing as the underlying Subscription pricing, prorated for the portion of that Subscription Term remaining at the time the Subscriptions are added, and (iii) any added Subscriptions for additional Users shall terminate on the same date as the underlying Subscriptions for that Service. Customer agrees that its purchases of Services under an Order Form are not contingent on the delivery of any future functionality or features, or dependent on any oral or written public comments made by Service Provider regarding future functionality or features.

4.2 Customer Responsibilities. Customer shall:

  1. use the Services solely to support and operate in its internal business the Services purchased from Service Provider and Service Provider’s web-based monitor and control management portal;
  2. be responsible for Users’ compliance with this Agreement, Documentation and Order Forms;
  3. be responsible for the accuracy, quality and legality of Customer Data, the means by which Customer acquired Customer Data and Customer’s use of Customer Data with the Services;
  4. use commercially reasonable efforts to prevent unauthorized access to or use of the Services, and notify Service Provider promptly of any such unauthorized access or use; and
  5. use the Services only in accordance with this Agreement, Documentation, Order Forms and applicable laws and government regulations.

Customer agrees to provide the necessary electric service, wiring, computer equipment and communication line access for access to the Services. Customer agrees to provide, install and maintain, at Customer’s expense, data communication lines therefore. Customer shall be responsible for ongoing charges for Customer’s own use of such data communication lines.

4.3 Usage Restrictions. Customer agrees, for itself and all Users, as a condition of use of the Services, not to use the Services for any purpose that is unlawful or prohibited by this Agreement. Customer and any Users shall not:

  1. make any Service available to anyone other than Customer or Users, or use any Service for the benefit of anyone other than Customer or its Affiliates, unless expressly stated otherwise in an Order Form or the Documentation;
  2. use the Services in any manner that could damage, disable, overburden, or impair any Service Provider or subscriber server, or the network(s) connected to any Service Provider or subscriber server, or interfere with any other party’s use and enjoyment of any of the Services;
  3. sell, resell, license, sublicense, distribute, make available, rent or lease any Service, or include any Service in a service bureau or outsourcing offering;
  4. use a Service to store or transmit infringing, libelous, or otherwise unlawful or tortious material, or to store or transmit material in violation of third-party privacy rights;
  5. use a Service to store or transmit Malicious Code;
  6. interfere with or disrupt the integrity or performance of any Service or third-party data contained therein;
  7. attempt to gain unauthorized access to any part of the Services, including other user accounts, or its related systems or networks;
  8. take any actions, whether intentional or unintentional, that may circumvent, disable, damage or impair the Services’ control or security systems, or allow or assist a third party to do so;
  9. obtain or attempt to obtain any materials or information through any means not intentionally made available through the Services;
  10. permit direct or indirect access to or use of any Services in a way that circumvents a contractual usage limit, or use any Services to access or use any of Service Provider’s intellectual property except as permitted under this Agreement, an Order Form, or the Documentation;
  11. modify, copy, reproduce, alter, transmit or create derivative works based on a Service or any part, feature, function, user interface, associated applications, tools or data thereof;
  12. frame or mirror any part of any Service, other than framing on Customer’s own intranets or otherwise for its own internal business purposes or as permitted in the Documentation; and
  13. except to the extent permitted by applicable law, disassemble, reverse engineer, or decompile a Service, or access it to (i) build a competing product or service, (ii) build a product or service using similar ideas, features, functions or graphics of the Service, (iii) copy any ideas, features, functions or graphics of the Service, or (iv) determine whether the Services are within the scope of any patent.

4.5Use of Passwords; Internet. Customer is responsible for providing the list of managers and administrators who will receive an email inviting them to create their accounts. For the initial managers and administrators Customer will be provided with user identification and password, which enables them to use the Services. Once the Services are up and running, Customer will be able to name managers and administrators, who will receive an email to set up their account and start using the Services. Each User must have a valid email address for the purpose of accessing the Services. Customer and any Users must keep all log-in information strictly confidential. Log-in information may be used only by the assigned User and may not be shared or transferred without Customer’s consent and control.

Customer and any Users are responsible for maintaining the confidentiality of that User’s username and password. Customer and any Users are responsible for any and all activities that occur under all Users’ accounts. Customer agrees to notify Service Provider immediately of any unauthorized use of any Users’ accounts or any other breach of security. Service Provider shall not be liable for any loss that Customer or a User may incur as a result of someone else using any Users’ passwords or accounts, either with or without the applicable Users’ knowledge. Service Provider does not guarantee the security of any information transmitted to or from Customer or any User over the Internet, including through the use of e-mail. Access to the Internet, if employed, is Customer and each User’s sole responsibility and the responsibility of the Internet provider(s) selected. Service Provider does not accept any responsibility for failure of service due to Internet facilities, including related telecommunications or equipment.

4.6 Suspension of Service. Any use of the Services in breach of the foregoing by Customer or any Users, that in Service Provider’s judgment threatens the security, integrity or availability of Service Provider’s services, may result in Service Provider’s immediate suspension of the Services. Prior to any such suspension, Service Provider will use commercially reasonable efforts under the circumstances to provide Customer with notice and an opportunity to remedy such violation or threat.

4.7 Suspension of User access. Service Provider may at any time suspend (or require that Customer suspends) the access of Users to the Services and/or disable their log-in information in the event of such User’s violation of this Agreement. Grounds for doing so are not limited but may include, for example, legal or regulatory reasons, investigation of suspicious activities, or action by authorities, or if Service Provider or Customer have reason to suspect that any such User is engaged in activities that may violate this Agreement, applicable laws, or subscriber policies, or are otherwise deemed harmful to Service Provider, Customer’s organization, Customer’s or Service Provider’s respective network or facilities, or other Users. Service Provider shall not be liable to any User for suspension of any Service, regardless of the grounds.

5. Continuous Development and Innovation

5.1Continuous Development and Innovation. Customer acknowledges and agrees that the Services will evolve and be supplemented, modified, updated, enhanced or replaced over time to keep pace with technological advancements and improvements in the methods of delivering the Services and to innovate and improve the Services and that the Service Provider will, from time to time, develop and provide updates, upgrades, modifications, replacements and reconfigurations of any of the Services, including among others through the addition of novel or the enhancement of existing applications, tools, features and/or functionalities. In this respect, Service Provider reserves the right to upgrade, modify, replace or reconfigure any of the Services, including through the addition of novel functionalities, at any time. Customer will be provided at least seven (7) days’ advance notice for changes that materially and adversely affect any use of the Services.

The parties acknowledge that any such modifications will improve the Services and agree that, in the event that the Service Provider has made any such modifications to a Service during a given year of the relevant Subscription Term as indicated in the Order Form, the fees due for that Service shall, as of the one-year anniversary date of the Order Form’s Effective Date immediately following implementation of such modification, automatically increase to an amount equal to the fees due during the immediately prior Subscription Term plus an additional seven percent (7%).

5.2 Removing a Material Feature or Functionality. In the event that, in the context of the continuous development of and innovation to the Services, Service Provider removes a material feature or functionality of a Service, it shall provide Customer with two (2) months prior notice before implementing such removal, unless security, legal, or system performance considerations require an expedited removal. With regard to such removal, the fee increase of Section 5.1 (“Continuous Development and Innovation“) above shall not apply.

6. Fees and Payment

6.1 Fees. Customer shall pay all fees specified in Order Forms, at the time indicated in each Order Form. For each Service purchased under an Order Form, the fees may consist of any or a combination of (i) a monthly rate per contracted user, (ii) an annual recurring fee, and/or (iii) a one-time fee. Except as otherwise specified herein or in an Order Form and to the greatest extent permissible under applicable law, (i) fees are based on Subscriptions purchased and not actual usage, (ii) payment obligations are non-cancellable and fees paid are non-refundable, and (iii) quantities purchased cannot be decreased during the relevant Subscription Term other than as explicitly provided in this Agreement or in an applicable Order Form.

6.2 Actual Users. Notwithstanding the above, except as otherwise specified in an applicable Order Form, and to the greatest extent permissible under applicable law, monthly fees shall accrue for all actual Users provided that the number of actual Users is greater than the number of Contracted Users. Actual Users are the actual number of Users of a Service that Customer uses. Contracted Users indicated in an Order Form will be adjusted by Customer on a quarterly basis to reflect any increase in actual Users.

6.3 Invoicing and Payment. Customer agrees to pay at the time indicated in each Order Form all fees due from Customer thereunder. If not otherwise indicated in the Order Form, all payments are due thirty (30) days as from the invoice date. Customer is responsible for providing complete and accurate billing and contact information to Service Provider and notifying Service Provider of any changes to such information.

6.4 Overdue Charges. If any invoiced amount is not received by Service Provider by the due date, then without limiting Service Provider’s rights or remedies, (i) those charges may accrue late interest at the rate of 1.5% of the outstanding balance per month, or the maximum rate permitted by applicable law, whichever is lower, and/or (ii) Service Provider may condition future Subscription renewals and Order Forms on payment terms shorter than those specified above.

6.5 Suspension of Service and Acceleration. If any charge owed by Customer under this or any other agreement for Services is 30 days or more overdue, (or 10 or more days overdue in the case of amounts Customer has authorized Service Provider to charge to Customer’s credit card), Service Provider may, without limiting its other rights and remedies, accelerate Customer’s unpaid fee obligations under such agreements so that all such obligations become immediately due and payable, and suspend Services until such amounts are paid in full, provided that, other than for customers paying by credit card or direct debit whose payment has been declined, Service Provider will give Customer at least ten (10) days’ prior notice that its charges are overdue, in accordance with the “Manner of Giving Notice” section below for billing notices, before suspending Services to Customer.

6.6 Payment Disputes. Service Provider will not exercise its rights under the “Overdue Charges” or “Suspension of Service” sections above if Customer is disputing the applicable charges reasonably and in good faith and is cooperating diligently to resolve the dispute.

6.7 Taxes. Service Provider’s fees do not include any taxes, levies, duties or similar governmental assessments of any nature, including, for example, value-added, sales, use or withholding taxes, assessable by any jurisdiction whatsoever (collectively, “Taxes”). Customer is responsible for paying all Taxes associated with its purchases hereunder. Customer agrees to hold Service Provider harmless from all claims and liability arising in connection with Purchaser’s failure to report or pay such Taxes. If Service Provider has the legal obligation to pay or collect Taxes for which Customer is responsible under this section, Service Provider will invoice Customer and Customer shall pay that amount unless Customer provides Service Provider with a valid tax exemption certificate authorized by the appropriate taxing authority. For clarity, Service Provider is solely responsible for taxes assessable against it based on its income, property and employees.

7. Proprietary Right and Licenses

7.1 Reservation of Rights. Subject to the limited rights expressly granted hereunder, Service Provider, its Affiliates, its licensors, its agents and its contractors reserve all of their rights, titles and interests in and to the Services and any associated applications, tools or data, and all additions, modifications and improvements thereto made or specified by Service Provider, its agents or contractors, including all ownership rights and all of their related intellectual property rights. The Services are protected by United States and international copyright, trademark and patent laws, as applicable. By using the Services, neither Customer nor any Users gain any ownership interest in such items. No rights are granted to Customer hereunder other than as expressly set forth herein and all uses of the Services not expressly permitted hereunder are prohibited.

7.2 License by Service Provider to Customer. If Services are obtained pursuant to an Order Form, Service Provider grants Customer and the Users, for the relevant Subscription Term indicated in the Order Form, a limited, non-exclusive, terminable, non-transferable license to access and use the services, tools and applications provided through the Services subject to the terms of this Agreement. The Service may include download areas and product information provided by Service Provider or third-party vendors. All Services, including any updates, enhancements, new features, and/or the addition of any new web properties, are subject to this Agreement.

7.3 License by Customer to Service Provider. Customer grants Service Provider, its Affiliates and applicable contractors a worldwide, limited-term license to host, copy, use, transmit, and display any third-party supplier applications and program code created by or for Customer using a Service or for use by Customer with the Services, and Customer Data, each as appropriate for Service Provider to provide and ensure proper operation of the Services and associated systems in accordance with this Agreement. If Customer chooses to use a third-party supplier application with a Service, Customer grants Service Provider permission to allow the third-party supplier application and its provider to access Customer Data and information about Customer’s usage of the third-party supplier application as appropriate for the interoperation of that third-party supplier application with the Service. Subject to the limited licenses granted herein, Service Provider acquires no right, title or interest from Customer or its licensors under this Agreement in or to any Customer Data, third-party supplier application or such program code.

7.4 License by Customer to Use Feedback. Customer grants to Service Provider and its Affiliates a worldwide, perpetual, irrevocable, royalty-free license to use and incorporate into its services any suggestion, enhancement request, recommendation, correction or other feedback provided by Customer or Users relating to the operation of Service Provider’s or its Affiliates’ services.

8. Notice specific to Software available with the Services

8.1 Any software that is made available to download from the Services (“Software”) is the copyrighted work of Service Provider and/or its suppliers. Use of the Software is governed by the terms of the end user license agreement, if any, which accompanies or is included with the Software (“License Agreement”). In some cases, Customer or a User may be unable to install any Software that is accompanied by or includes a License Agreement, unless it first agrees to the License Agreement terms.

8.2 The Software so provided is made available for download solely for use in accordance with the License Agreement. Any reproduction or redistribution of the Software not in accordance with the License Agreement is expressly prohibited by law, and may result in civil and criminal penalties. Without limiting the foregoing, copying or reproduction of the Software to any other server or location for further reproduction or redistribution is expressly prohibited, unless such reproduction or redistribution is expressly permitted by the License Agreement accompanying such Software.

8.3 Restricted Rights Legend. Any Software downloaded from the Services for or on behalf of the United States of America, its agencies and/or instrumentalities (“U.S. Government”), is provided with Restricted Rights. Use, duplication, or disclosure by the U.S. Government is subject to restrictions as set forth in subparagraph (c)(1)(ii) of the Rights in Technical Data and Computer Software clause at DFARS 252.227-7013 or subparagraphs (c)(1) and (2) of the Commercial Computer Software — Restricted Rights at 48 CFR 52.227-19, as applicable.

9. Security, Privacy and Data Protection

9.1 Security. Service Provider shall maintain appropriate technical and organizational measures, physical safeguards, internal controls, and data security routines for protection of the security, confidentiality and integrity of Customer Data. Those safeguards shall include, but shall not be limited to, measures designed to prevent unauthorized access to or disclosure of Customer Data (other than by Customer or Users).

9.2 Customer Data Responsibility. Customer is solely responsible for the content of all Customer Data. Customer shall secure and maintain all rights in Customer Data necessary for Service Provider to provide the Services to Customer and any Users without violating the rights of any third party or otherwise obligating Service Provider to Customer or to any third party. Service Provider does not and will not assume any obligations with respect to Customer Data or Customer’s use of the Services other than as expressly set forth in this Agreement or as required by applicable law. Without prejudice to the foregoing, Service Provider reserves the right to monitor the content of any Customer Data provided via the Services and, at its sole discretion, to withhold, remove, and discard any such Customer Data without notice in case of non-compliance with the Agreement.

9.3 Privacy and Data Protection. Each party undertakes to comply with its respective obligations under the Data Protection Legislation. To the extent personal data (within the meaning of the Data Protection Legislation) from the European Economic Area (EEA), the United Kingdom and Switzerland are processed by Service Provider, the EU-US and/or Swiss-US Privacy Shield shall apply.

For the processing activities where Service Provider, in the context of its tasks, is a data processor processing personal data on behalf of Customer within the meaning of the Data Protection Legislation, by signing this Agreement, by purchasing a Subscription, or accessing and using the Servicesand the associated website, applications and tools, the parties conclude the Data Processing Agreement under Annex 1 to this Agreement, which complies with Article 28 of the GDPR, and agree to amend such Data Processing Agreement in case of changes to the processing activities performed by Service Provider on behalf of Customer.

In the event the parties undertake processing activities for which they jointly determine the purposes and the means of processing of personal data within the meaning of the Data Protection Legislation, by signing this Agreement, by purchasing a Subscription, or accessing and using the Services and the associated website, applications and tools, the parties commit to agree and conclude in good faith a joint-controllership agreement in compliance with Article 26 of the GDPR.

9.4 Re-use of Non-Personal Customer Data. For the purpose of this section, the term “Processing”, and all derivatives of such term, shall mean any operation or set of operations which is performed on Non-Personal Customer Data or on sets of Non-Personal Customer Data such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination. Customer grants to Service Provider the right to aggregate, Process, or have Processed by a third party, and re-use any and all Non-Personal Customer Data, including for purposes of performing big data analytics and/or generating industry-wide analyses, statistics and reports, to the extent such Processing does not conflict with the normal exploitation of the Customer Data by Customer and does not unreasonably prejudice the legitimate interests of Customer.

9.5 Third-party Requests. The Service Provider shall not disclose Customer Data to a third party (including law enforcement, other government entities, or civil litigants; but excluding Service Provider’s subcontractors) except as Customer directs or unless required by law. Notwithstanding the preceding sentence, in the event of a merger dissolution, reorganization, or similar corporate event, or the sale of all or substantially all of Service Providers assets, Service Provider expects that the information that Service Provider has collected, including Customer Data, would be transferred to the surviving entity in a merger or the acquiring entity. Should a third party contact Service Provider with a demand for Customer Data, Service Provider will attempt to redirect the third party to request that data directly from the Customer. As part of this effort, Service Provider may provide Customer’s basic contact information to such third party. If compelled to disclose Customer Data to a third party, Service Provider will promptly notify Customer and provide a copy of the demand, unless legally prohibited from doing so. Customer shall be responsible for responding to requests by third parties regarding its or any Users’ use of the Services.

9.6 Customer Data Return and Deletion. Customer may extract and/or delete Customer Data at any time. When a Subscription expires or terminates, Service Provider shall retain any Customer Data not deleted for at least ninety (90) days so that Customer may extract it. Customer remains responsible for all storage and other applicable charges during this retention period. Following the expiration of this retention period, Service Provider will delete all Customer Data, including any cached or back-up copies, within thirty (30) days as from the end of the retention period. Customer agrees that Service Provider has no additional obligation to continue to hold, export or return Customer Data and that Service Provider has no liability whatsoever for deletion of Customer Data pursuant to these terms.

10. Confidentiality

10.1 Definition of Confidential Information. “Confidential Information” means all information disclosed by a party (“Disclosing Party”) to the other party (“Receiving Party”), whether orally or in writing, that is designated as confidential or that reasonably should be understood to be confidential given the nature of the information and the circumstances of disclosure. Confidential Information of Customer includes Customer Data. Confidential Information of Service Provider includes the Services, and the terms and conditions of this Agreement and all Order Forms (including pricing). Confidential Information of each party includes business and marketing plans, technology and technical information, product plans and designs, and business processes disclosed by such party. However, Confidential Information does not include any information that (i) is or becomes generally known to the public without breach of any obligation owed to the Disclosing Party, (ii) was known to the Receiving Party prior to its disclosure by the Disclosing Party without breach of any obligation owed to the Disclosing Party, (iii) is received from a third party without breach of any obligation owed to the Disclosing Party, or (iv) was independently developed by the Receiving Party. For the avoidance of doubt, the non-disclosure obligations set forth in this “Confidentiality” section apply to Confidential Information exchanged between the parties in connection with the evaluation of additional Service Provider services.

10.2 Protection of Confidential Information. As between the parties, each party retains all ownership rights in and to its Confidential Information. The Receiving Party shall use the same degree of care that it uses to protect the confidentiality of its own confidential information of like kind (but not less than reasonable care) to (i) not use any Confidential Information of the Disclosing Party for any purpose outside the scope of this Agreement, and (ii) except as otherwise authorized by the Disclosing Party in writing, limit access to Confidential Information of the Disclosing Party to that of its and its Affiliates’ employees and contractors who need that access for purposes consistent with this Agreement and who have signed confidentiality agreements with the Receiving Party containing protections not materially less protective of the Confidential Information than those set forth herein. Neither party shall disclose the terms of this Agreement or any Order Form to any third party other than its Affiliates, legal counsel and accountants without the other party’s prior written consent, provided that a party that makes any such disclosure to its Affiliate, legal counsel or accountants will remain responsible for such Affiliate’s, legal counsel’s or accountant’s compliance with this “Confidentiality” section. Notwithstanding the foregoing, Service Provider may disclose the terms of this Agreement and any applicable Order Form to a subcontractor or third-party supplier to the extent necessary to perform Service Provider’s obligations under this Agreement, under terms of confidentiality materially as protective as set forth herein.

10.3 Compelled Disclosure. The Receiving Party may disclose Confidential Information of the Disclosing Party to the extent compelled by law to do so, provided that the Receiving Party gives the Disclosing Party prior notice of the compelled disclosure (to the extent legally permitted) and reasonable assistance, at the Disclosing Party’s cost, if the Disclosing Party wishes to contest the disclosure. If the Receiving Party is compelled by law to disclose the Disclosing Party’s Confidential Information as part of a civil proceeding to which the Disclosing Party is a party, and the Disclosing Party is not contesting the disclosure, the Disclosing Party will reimburse the Receiving Party for its reasonable cost of compiling and providing secure access to that Confidential Information.

11. Representations, Warranties and Disclaimers

11.1 Representations. Each party represents that it has validly entered into this Agreement and agreed to all terms hereof and has the legal power to do so.

11.2 Service Provider Warranties. Service Provider warrants that during an applicable Subscription Term:

  1. this Agreement, the Order Forms and the Documentation will accurately describe the applicable administrative, physical, and technical safeguards for protection of the security, confidentiality and integrity of Customer Data;
  2. Service Provider will not materially decrease the overall security of the Services;
  3. the Services will perform materially in accordance with the applicable Documentation; and
  4. Service Provider will not materially decrease the overall functionality of the Services.

For any breach of a warranty above, Customer’s exclusive remedies are those described in the “Term and Termination” section below.

11.3 Customer Warranties. Customer represents and warrants that (i) only Customer and the Users shall be permitted to access the Services and any related tools, applications, information and materials provided in connection with the Services; and (ii) Customer shall obtain and maintain in effect all permits, licenses and authorizations necessary for the purchase and intended use of the Services.

11.4 Disclaimers. EXCEPT AS EXPRESSLY PROVIDED HEREIN, NEITHER PARTY MAKES ANY WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, AND EACH PARTY SPECIFICALLY DISCLAIMS ALL IMPLIED WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW. TRIAL VERSIONS OF SERVICES ARE PROVIDED “AS IS,” AND AS AVAILABLE EXCLUSIVE OF ANY WARRANTY WHATSOEVER.

11.5 Original developer or manufacturer warranties. To the extent that the original developer or manufacturer of any (part of a) Service is not Service Provider or any of its Affiliates and such developer or manufacturer makes any warranties covering such (part of a) Service, Service Provider assigns those warranties to Customer and/or the Users, as the case may be, subject to the conditions and limitations provided by the developer or manufacturer. Service Provider will cooperate with Customer, at Customer’s cost, to process any such warranty claim, but Service Provider assumes no other responsibility for such warranties. The foregoing assignment of warranties is expressly in lieu of any and all other warranties pertaining to those (parts of) Services, express or implied, including, but not limited to, any express warranty arising from any description or specification provided for the Services, or any sample or model presented to Customer or its representatives, or any implied warranties of merchantability, fitness for a particular use, purpose or title.

12. Defense Of Claims

12.1 Defense by Service Provider. Subject to subsection 12.4 (“Obligations“) below, Service Providershall defend Customer against any claims made by an unaffiliated third party that the Service used by Customer infringes the third party’s patent, copyright, trademark or any other intellectual property right under any jurisdiction, or makes unlawful use of its trade secret.

12.2 Defense by Customer. Subject to subsection 12.4 (“Obligations“) below, Customer shall defend Service Provider against any claims made by an unaffiliated third party that (i) any Customer Data infringes the third party’s patent, copyright, trademark or any other intellectual property right under any jurisdiction, or makes unlawful use of its trade secret; or (ii) arise from violation by Customer or any User of this Agreement.

12.3 Limitations. Service Provider’s obligations under subsection 12.1 (“Defense by Service Provider“) above shall not apply to a claim or award based on:

  1. Customer Data, modifications Customer makes to the Services, or materials Customer provides or makes available in the course of using the Services;
  2. Customer’s combination of the Services with, or damages based upon the value of, third-party products or services;
  3. Customer’s use of Service Provider’s trademark without the latter’s express written consent, or Customer’s use of the Service after being notified by Service Provider to stop due to a third-party claim; or
  4. Customer’s redistribution of any Services to, or use for the benefit of, any unaffiliated third party.

12.3 Remedies. If Service Provider reasonably believes that a claim under subsection 12.1 (“Defense by Service Provider“) above, may bar Customer’s use of the Service, Service Provider shall seek to: (i) obtain the right for Customer to keep using the Service; or (ii) modify or replace the Service with a functional equivalent. If these options are not commercially reasonable, Service Provider may terminate Customer’s Subscription to the Service and then refund any advance payments made by Customer, corresponding to the portion of the relevant Subscription Term remaining at the time of termination.

12.4 Obligations. Each party must notify the other promptly of a claim under this Section 12. The party seeking protection must (i) give the other sole control over the defense and settlement of the claim; and (ii) give reasonable help in defending the claim. The party providing the protection will reimburse the other for reasonable out-of-pocket expenses that it incurs in giving that help and pay the amount of any resulting adverse final judgment (or settlement that the other consents to). The parties’ respective rights to defense and payment of judgments or settlements under this Section are in lieu of any common law or statutory indemnification rights or analogous rights, and each party waives such common law rights.

13. Limitation of Liability

13.1 Limitation of Liability. The aggregate liability of each party under this Agreement is limited to direct damages up to the amount paid under this Agreement for the Services giving rise to that liability during the twelve (12) months before the liability arose. The foregoing limitation shall apply whether an action is in contract or tort and regardless of the theory of liability, but shall not limit Customer’s and its Affiliates’ payment obligations under this Agreement.

13.2 Exclusion. Neither party shall be liable for indirect, special, incidental, consequential, punitive, or exemplary damages, or damages for lost profits, revenues, business interruption, downtime, or loss of business information, lost or corrupted data including Customer Data, however caused and regardless of theory of liability, including negligence, even if the party knew that such damages were possible.

13.3 Exceptions to limitations. The limits of liability in this Section 13 apply to the fullest extent permitted by applicable law, but shall not apply to: (i) the parties’ obligations under Section 12; or (ii) violation of the other party’s intellectual property rights.

14. Term and Termination

14.1 Term of Agreement. This Agreement commences on the Effective Date mentioned on the Order Form and continues until all Subscription Terms thereunder have expired or have been terminated in accordance with this Agreement.

14.2 Term of Subscriptions. A Subscription shall commence on the Subscription Commencement Date and shall run for a term equal to the Subscription Term, each as specified in the applicable Order Form. Except as otherwise specified in an Order Form, a Subscription shall automatically renew for additional periods equal to the expiring Subscription Term or one year (whichever is shorter), unless either party gives the other party written notice (email acceptable) at least thirty (30) days before the end of the relevant Subscription Term. Customer may elect early termination of a Subscription solely as permitted pursuant to this Section. The Subscription Term of any and all Subscriptions to a particular Service pursuant to an Order Form with an Effective Date subsequent to that of an initial Order Form through which a Subscription to that same Service was purchased, shall be deemed to expire, terminate or renew on the same date as the Subscription Term under such initial Order Form and in accordance with the terms therein.

14.3 Termination. A party may terminate this Agreement for cause (i) upon thirty (30) days written notice to the other party of a material breach of this Agreement or an Order Form, if such breach remains uncured at the expiration of such period, or (ii) if the other party becomes the subject of a petition in bankruptcy or any other proceeding relating to insolvency, receivership, liquidation or assignment for the benefit of creditors.

14.4 Regulatory. In any country where any current or future government regulation or requirement applicable to Service Provider, but not generally to businesses operating there, presents a hardship to Service Provider operating the Services without change, and/or reasonably causes Service Provider to believe this Agreement or the Services may be in conflict with any such regulation or requirement, Service Provider may change the Services or terminate this Agreement. If Service Provider uses this subsection of the Agreement to change the Services, then Customer may terminate this Agreement.

14.5 Refund or Payment upon Termination. If this Agreement is terminated by Customer in accordance with this section, Service Provider shall refund Customer any prepaid fees covering the remainder of the Subscription Term of all Order Forms after the effective date of termination. If this Agreement is terminated by Service Provider in accordance with this section, Customer shall pay any unpaid fees covering the remainder of the Subscription Term of all Order Forms to the largest extent permitted by applicable law. In no event shall termination relieve Customer of its obligation to pay any fees payable to Service Provider for the period prior to the effective date of termination.

14.6 Effect of Termination. Upon expiration or prior termination of the Agreement, and without prejudice to section 9.6 (“Customer Data Return and Deletion“), all rights granted herein shall revert to Service Provider. All access to and use of the Services by Customer and any Users must then cease, and all materials, applications and tools downloaded from the Service must be erased, deleted, or destroyed.

14.7 Surviving Provisions. The sections titled “Fees and Payment,” “Proprietary Rights and Licenses,” “Confidentiality,” “Representations, Warranties and Disclaimers,” “Defense of Claims,” “Limitation of Liability,” “Term and Termination,” “Surviving Provisions” and “General Provisions” shall survive any termination or expiration of this Agreement, and the section titled “Security, Privacy and Data Protection” shall survive any termination or expiration of this Agreement for so long as Service Provider retains possession of Customer Data.

15. Links to Third Party Sites

15.1 The Service may provide links that allow Customer or any Users to leave Service Provider’s site and/or access third-party websites. The linked sites are in many cases not under the control of Service Provider and Service Provider is not responsible for the contents of any linked site or any link contained in a linked site, or any changes or updates to such sites. Service Provider is not responsible for webcasting or any other form of transmission received from any linked site. Service Provider provides these links only as a convenience, and the inclusion of any link does not imply endorsement by Service Provider of the linked site.

16. Communications from or by Service Provider

16.1Communications from Service Provider. Service Provider may periodically contact Customer and/or any User for customer service purposes. By accessing the Services, Customer and each User consent to receive such communications.

16.2Communications by Service Provider. Customer agrees that Service Provider may reference its business relationship with Customer in its marketing or sales materials.

17. General Provisions

17.1 Export Compliance. The Services, other Service Provider technology, and derivatives thereof may be subject to export laws and regulations of the United States and other jurisdictions. Service Provider and Customer each represent that it is not named on any U.S. government denied-party list. Customer shall not permit any User to access or use any Service in a U.S.-embargoed country or region (currently Cuba, Iran, North Korea, Sudan, Syria or Crimea) or in violation of any U.S. export law or regulation.

17.2 Anti-Corruption. Neither party has received or been offered any illegal or improper bribe, kickback, payment, gift, or thing of value from an employee or agent of the other party in connection with this Agreement. Reasonable gifts and entertainment provided in the ordinary course of business do not violate the above restriction.

17.3 Contracting Authority. Any individual accepting these terms on behalf of an entity represents that it has the legal authority to enter into this Agreement on that entity’s behalf.

17.4 Entire Agreement and Order of Precedence. This Agreement and all Order Forms completed by Customer and approved by Service Provider pursuant to this Agreement constitute the complete and exclusive terms of the agreement between Service Provider and Customer regarding the subject matter and supersedes all other prior and contemporaneous agreements, communications, proposals or representations, written or oral, concerning the subject matter hereof. Titles and headings of sections of this Agreement are for convenience only and shall not be used to construe the meaning of any provision of this Agreement. If there is any conflict between the terms of an Order Form and the terms of this Master Subscription Agreement, then the terms of the Order Form shall control. Each Order Form, as supplemented by the terms of this Agreement, constitutes an entire and separate agreement between the parties regarding the Services, including SaaS Services, covered by that Order Form, and supersedes any other prior oral or written understandings and agreements of the parties regarding the Services covered by that Order Form. The parties agree that any provisions contained in Customer’s own purchase order forms, such as preprinted terms and conditions typically found on their reverse side, shall not apply and are superseded in their entirety by the provisions of this Agreement, including the applicable Order Form.

17.5 Modifications. Service Provider may modify this Agreement at any time by posting a revised version on the legal information section of its website https://butterfly.ai/ or an alternate site identified) or by notifying Customer in accordance with this Agreement. Modified terms that relate to changes or additions to the Services or that are required by law will be effective immediately, and by continuing to use the Services Customer shall be bound by the modified terms. All other modified terms will be effective upon renewal (including automatic renewal) of an existing Subscription Term or upon the Subscription Commencement Date for a newly ordered Service.

17.6 Relationship of the Parties. The parties are independent contractors. This Agreement does not create a partnership, franchise, joint venture, agency, fiduciary or employment relationship between the parties. Each party will be solely responsible for payment of all compensation owed to its employees, as well as all employment-related taxes.

17.7 Force Majeure. Without prejudice to Customer’s payment obligations pursuant to this Agreement, failure by a party to perform an obligation under this Agreement by reason of any law, natural disaster, labor controversy, encumbered intellectual property right, war or any similar event beyond a party’s reasonable control shall not constitute a breach hereof.

17.8 Injunctive relief. Customer acknowledges and agrees that the Services and the tools, applications, information and materials provided in connection with the Services possess a special, unique and extraordinary character that makes difficult the assessment of the monetary damages that would be sustained as a result of unauthorized use, and that unauthorized use may cause immediate and irreparable damage to Service Provider or its other customers for which Service Provider or such other customers would not have an adequate remedy at law. Therefore, Customer agrees that, in the event of such unauthorized use, in addition to such other legal and equitable rights and remedies as may be available to Service Provider, Service Provider shall be entitled to injunctive and other equitable relief without the necessity of proving damages or furnishing a bond or other security.

17.9 Notices. Except as otherwise specified in this Agreement, all notices, demands and other communications related to this Agreement shall be in writing and shall be effective upon (i) personal delivery to the party to whom said notice or communication shall have been directed, (ii) the second business day after mailing the notice or communication by certified or registered mail, or (iii) except for notices of termination or an indemnifiable claim (“Legal Notices”), which shall clearly be identifiable as Legal Notices, the day of sending by email.

17.10 Third-Party Beneficiaries. There are no third-party beneficiaries under this Agreement.

17.11 Waiver. No failure or delay by either party in exercising any right under this Agreement shall constitute a waiver of that right. No waiver of any breach hereof shall be deemed a waiver of any other breach hereof. No single or partial exercise of any right or remedy hereunder shall preclude any other or further exercise of any partially exercised right or remedy.

17.12 Severability. If any provision of this Agreement is held by a court of competent jurisdiction to be contrary to law, the provision shall be deemed null and void, and the remaining provisions of this Agreement shall remain in effect.

17.13 Assignment. Neither party may assign any of its rights or obligations hereunder, whether by operation of law or otherwise, without the other party’s prior written consent (not to be unreasonably withheld); provided, however, either party may assign this Agreement in its entirety (including all Order Forms) without the other party’s consent to its Affiliate or in connection with a merger, acquisition, corporate reorganization, or sale of all or substantially all of its assets. Notwithstanding the foregoing, if a party is acquired by, sells substantially all of its assets to, or undergoes a change of control in favor of, a direct competitor of the other party, then such other party may terminate this Agreement upon written notice. In the event of such a termination, Service Provider will refund Customer any prepaid fees covering the remainder of all Subscription Terms for the period after the effective date of such termination. Subject to the foregoing, this Agreement will bind and inure to the benefit of the parties, their respective successors and permitted assigns.

17.14 Governing Law and Jurisdiction. This Agreement shall be construed and enforced under the laws of the State of New York, USA without reference to the choice of law principles thereof. Customer and each User hereby consent to and submit to the exclusive jurisdiction of the federal and state courts located in the State of New York. Customer and each User waive any defenses based upon lack of personal jurisdiction or venue, or inconvenient forum.

Privacy Policy

1. Scope of this Policy

This Policy describes the policies and procedures when a User’s personal data is collected, used, consulted, or otherwise processed in the context of the Service.

This Policy does not apply to information we obtain (i) offline, (ii) by means other than through the Service, or (iii) from any other source. In such cases, please refer to the adequate applicable privacy policy.

This Policy is to be read as consistent with the Terms of Use, End User License Agreement, and any other contract or policy in effect relating to the Service.

2. What are the key notions of this Policy?

In this Policy the following terms are used consistently and shall have the following meaning.

2.1 Key actors

  • You” (including “Your“) or “User” means any person, whether an agent, representative, contractor, employee, manager, or otherwise, to which access has been given to the Service.
  • Your Employer” means the entity that entered into a contractual arrangement with Butterfly, including a Data Processing Agreement, and which proposes the use to the User of the Service for its own purposes. 
  • Butterfly” (including “we” or “us”) means Appynest Inc., a company incorporated under the laws of Delaware, having its registered seat in New York and its office at 67 West Street, unit 324, Brooklyn, NY 11222, United States of America.
  • Controller” shall have the meaning under the GDPR, i.e. “the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law”.
  • Processor” shall have the meaning under the GDPR, i.e. “a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller”.
  • Subprocessors” means a processor engaged by the Processor to carry out certain processing activities on behalf of the Controller.
  • Third Party” shall have the meaning under the GDPR, i.e. “a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data”.
  • Supervisory Authority” shall have the meaning under the GDPR, i.e. “an independent public authority which is established by a Member State pursuant to Article 51” of the GDPR.

 

2.2 Personal Data categories

  • Personal Data” shall have the meaning under the GDPR, i.e. “any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.
  • Basic Data” means the data provided by the User upon subscription to the Service, and in particular the User’s first name, last name, email address, employee ID, slack handle, profile pictures, passwords, Workplace email address.
  • Clear Gifs Information means web beacons used to track online usage patterns relating to the use of the Service or to track which emails are opened by recipients through clear gifs in HTML-based emails sent to Users.
  • “Content” means the free text and open content posted by the User on the Service.
  • Device Identifiers” means small data files or related structures stored on or associated with a Mobile Device, which identify a User’s specific mobile device and includes data stored in connection with hardware, operating systems, other software, or information sent directly to Butterfly by the device, and which are collected when a User access the Service by or through a Mobile Device.
  • Location Data” includes GPS coordinates, latitude, longitude, or similar information regarding the location, collected through the use of the Service by or through a Mobile Device.
  • Log Files” means data recorded automatically by Butterfly’s servers sent by the User’s web browser when using the Service, which include web request, IP address, browser type, referring/exit pages, URLs, number of clicks, how You interact with links on the Service, domain names, landing pages, pages viewed, mobile carrier, and similar information.
  • Non-Personal Data” means data other than personal data, including non-private and/or aggregated information that does not identify a User, or more generally a data subject (including without limitation anonymous usage data and platform types).

 

2.3 General Notions

  • Service” means the service offered by Butterfly through a website or related means featuring analytics that allow business owners and managers to gauge worker satisfaction, including the provision of information about updates, upgrades and enhancements of the service.
  • Policy” or “Privacy Policy” means this privacy policy.
  • GDPR” means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
  • Processing” shall have the meaning under the GDPR (i.e. “any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction”).
  • Data Processing Agreement” means a controller-processor agreement in accordance with Article 30 of the GDPR. 
  • Privacy Shield” means the EU-U.S. Privacy Shield legal framework, designed by the U.S. Department of Commerce and the European Commission and Swiss Administration to provide companies on both sides of the Atlantic with a mechanism to comply with data protection requirements when transferring personal data from the European Union and Switzerland to the United States in support of transatlantic commerce.
  • Standard Contractual Clauses” means sets of standard contractual clauses for transfers as adopted by the European Commission for the international transfer of personal data.
  • Mobile Device” includes without limitation mobile telephones, iPhones, tablets, iPad, Android, and any similar technology or item.
  • EEA” means the European Economic Area.
  • SSL” means to secure socket layer technology.

 

2.4 Cookie-related notions

  • Cookie” or “Cookies” are text files, containing small amounts of information, which are downloaded to Your browsing device (such as a Mobile Device or computer) when You visit a website, and that may convey information about the use of the Service
  • Persistent Cookies” refers to cookies that remain on a hard drive after a web browser is closed to be used by the web browser on subsequent visits to the Service.
  • Session Cookies” refers to cookies that are temporary and disappear after a web browser is closed.
  • Third Party Cookies” refers to cookies that another party places on Your web browser when You use the Service.

 

3. Who processes what Personal Data about You?

In the context of the Service, Your Personal Data is processed by several organisations, including Your Employer, Butterfly and Third Parties. The following sub-sections provide further details.

3.1 Your Employer processing Your Personal Data as a Controller

Through the Service, Your Employer is processing Your Personal Data as a Controller for its own purposes.

Processed data categories

(these categories are defined as part of the key notions)

Processing purpose(s)

Source of data

Legal basis

  • Basic Data
  • Content
  • Log files
  • Device identifier
  • Location data
  • To gather employee feedback in order to gauge worker satisfaction within Your Employer’s organisation, through the provision of an online – personalised – service (the Service), which is delivered to You by Butterfly
  • The ability to provide educational content to users, based on the results and analysis of the content (rating and comments).

Directly from the User through the subscription form and the use of the Service

Legal basis determined by Your Employer

 

3.2 Butterfly processing Your Personal Data as a Processor on behalf of Your Employer

Through the Service, Butterfly processes Your Personal Data on behalf of Your Employer. This is in order for the latter to provide the Service within its organisation and to provide You access to the Service, and to ultimately achieve Your Employer’s processing purposes described above.

Processed data categories

(these categories are defined in the key notions above)

Instructions

Source of data

  • Basic Data
  • Content
  • Log files
  • Device identifier
  • Location data
  • To gather employee feedback through the provision of the Service
  • To personalise the content of the Service
  • To store and remember information to help You more efficiently access Your account
  • To operate, maintain, and offer the features and functionality of the Service
  • To send notices related to the Service (including notices required by law)

Directly from the User through the subscription form and the use of the Service

 

3.3 Butterfly processing Your Personal Data as a Controller for its own purposes

Through the Service, Butterfly processes Your Personal Data for its own purposes, where it determines itself the purposes and means of such processing.

Processed data categories

(these categories are defined in the key notions above)

Processing purpose(s)

Source of data

Legal basis

  • Basic Data
  • To send notices related to the Service (including notices required by law)

Directly from the User through the subscription form

Consent obtained during the subscription process

  • Content
  • Basic Data and  Log Files
  • To maintain, provide, or improve the Service

Directly from the User through the use of the Service

Consent obtained during the subscription process

  • Content
  • Basic data
  • Log Files
  • Device Identifiers
  • Location Data
  • To provide assistance to the User and to resolve support requests

Directly from the User through the use of the Service

Consent obtained during the subscription process

  • Basic Data
  • Content
  • Log Files
  • Device Identifiers
  • To analyse how the Service is used

Directly from the User through the subscription form and use of the Service

Consent obtained during the subscription process

  • Basic Data
  • Log Files
  • Device Identifiers
  • Location Data
  • To diagnose the Service or technical issues to the Service

Directly from the User through the use of the Service

Consent obtained during the subscription process

  • Log Files
  • Location Data
  • To maintain security of the Service

Directly from the User through the use of the Service

Consent obtained during the subscription process

  • Log Files
  • Location Data
  • Device Identifiers
  • Basic Data
  • To monitor metrics including without limitation the total number of visitors, traffic, and demographic patterns relating to the Service

Directly from the User through the use of the Service

Consent obtained during the subscription process

  • Log files
  • Content
  • To track Users and/or track and remove content so as to comply with all applicable law, rules, and regulations, including but not limited to the US Digital Millennium Copyright Act, or otherwise cooperate with law enforcement

Directly from the User through the use of the Service

Consent obtained during the subscription process

  • Session cookie
  • Device Identifiers
  • To identify authenticated users when accessing the web application

Directly from the User through the use of the Service

Consent obtained before browsing the website and the Service

  • Cookies
  • Basic data
  • Location data
  • Log files
  • Device Identifiers
  • To enhance Your navigation of the Service

Directly from the User through the use of the Service

Consent obtained before browsing the website and the Service

  • Cookies
  • Basic data
  • Log files
  • Device identifiers
  • Location data
  • To improve Your experience of the Service

Directly from the User through the use of the Service

Consent obtained before browsing the website and the Service

  • Clear Gifs Information
  • Basic data
  • Content
  • Log files
  • Location data
  • To enable more accurate reporting

Directly from the User through the use of the Service

Consent obtained before submitting survey

  • Clear Gifs Information
  • Device Identifiers
  • Basic data
  • Log files
  • Location Data
  • To improve the Service in general

Directly from the User through the use of the Service

Employees: Consent obtained before submitting survey

Dashboard owners: Consent obtained before first log in to the website and the Service

 

3.4 Google Cloud Platform processing Your Personal Data as a (Sub-)processor of Your Employer or Butterfly for the provision of the Service

In order for Butterfly to achieve one or more of its purposes, it relies on Google Cloud Platform], acting as a Subprocessor and processing Your Personal Data on behalf, under the instructions and authority of Butterfly for storage and back-up purposes. 

Processed data categories

(these categories are defined in the key notions above)

Processing purpose(s)

Source of data

  • Google Cloud Platform

Storage and back-up of data in data centres.

Butterfly

4. Are Cookies placed on Your device when using the Service?

When You use the Service, Butterfly places one or more Cookies on Your device (including Mobile Device) for the purposes described in this Policy.

4.1 Which Cookies are placed on Your device?

The following table and information set out the Cookies which are used for the Service. It also provides details of third parties that set cookies:

 

4.1.1 Strictly necessary Cookies

Cookie Provider

Cookie name

First party or third party Cookie?

Persistent or session Cookie?

Purpose of Cookie

Butterfly

sessionId 

First party cookie

Session cookie

Authentication of user’s session

Butterfly

io

First party cookie

Session cookie

Authentication of user’s communication channel

 

4.1.2 Performance Cookies

Cookie Provider

Cookie name

First party or third party Cookie?

Persistent or session Cookie?

Purpose of Cookie

Google

_ga

Third party cookie

Persistent cookie

Integration of Google Analytics Service

Google

_ga

Third party cookie

Persistent cookie

Integration of Google Analytics Service

Google

_ga

Third party cookie

Session cookie (expires after 1 minute)

Integration of Google Analytics Service

4.1.3 Functionality Cookies

Cookie Provider Cookie name First party or third party Cookie? Persistent or session Cookie? Purpose of Cookie

Intercom

intercom-id-qr816ap9

Third party cookie

Persistent cookie

Integration of Intercom support service

 

4.2 How long are Cookies stored on Your device?

The length of time during which a Cookie will be stored on Your browsing device depends on whether it is a “Persistent” or “Session” Cookie. Session Cookies will only be stored on a device until the web browser is closed. Persistent Cookies remain on the device after You have finished browsing until they expire or are deleted.

4.3 How can You disable Cookies placed on Your device?

You can usually use the web browser to enable, disable or delete Cookies. To do this, follow the instructions provided by the web browser (usually located within the “Help”, “Tools” or “Edit” settings). You can also set Your web browser to refuse all Cookies or to indicate when a Cookie is being sent.

Please note that if You set Your web browser to disable Cookies, You may not be able to access secure areas of the website, other parts of the website may also not work properly and some Service features may not function properly.

You can find out more information about how to change Your browser Cookie settings at www.allaboutCookies.org.

5. On what basis is Your Personal Data processed?

Your Personal Data is processed by Butterfly in the context of the Service on the basis of Your consent given in the framework of Your subscription to or use of the Service, as detailed in this Policy. 

Please note that You are not in any way obligated to provide any information to Butterfly. Also, You have the right to withdraw Your consent at any time You choose and on Your own initiative as described in section 10 of this Policy. You however understand that in such cases, certain features of the Service may be limited or otherwise impacted.

Please note that Your Employer is Processing Your Personal Data for its own purposes, as described under section 3.1. Such Processing takes places on a legal basis determined by Your Employer. Please contact Your Employer should You have any questions in relation thereto.

6. Is Your Personal Data used for direct marketing communications?

If You have explicitly consented, Butterfly may, from time to time, contact You by email with information about our Service.

If You no longer want to receive email marketing from Butterfly, please let us know by sending an email to us at privacy@butterfly.ai. You can also unsubscribe from our marketing emails by clicking on the unsubscribe link in the emails Butterfly sends to You.

7. How long is Your Personal Data stored?

Your Personal Data will be stored for the duration of Your relationship with Butterfly and then put beyond use:

  • 5 years after Your last use of the Service, if You did not close Your account;
  • 2 years after the closing of Your account.

8. How is Your Personal Data shared with Third Parties?

Butterfly will display Your personal data on the Service only in accordance with Your authorisations and security preferences. The information that You provide for inclusion on the Service should reflect how much You want others users to know about You. Please consider this carefully before disclosing any information and recognise that the more content You provide the less anonymous You may be towards other users. You can review and revise Your user information at any time.

Butterfly may share or disclose information with Your consent and solely as described herein, including with Third Party application providers. In certain situations, Butterfly may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

In the event Butterfly shares Your Personal Data in accordance with this Policy, Butterfly is not responsible for any Third Party’s use or disclosure of Your Personal Data. You should only use applications that You trust and that have privacy policies that You consider acceptable.

As described in this Policy, the Service may rely on Third Party tools (such as Google Analytics) in order to study the Service usage and performance. Many of these tools collect the information sent by Your web browser as part of a web page request (including Cookies and Your IP address). These tools receive the information provided to Butterfly and use it as governed by their own privacy policies.

Butterfly offers its Users the possibility to integrate its Service into existing Third Party applications (e.g. Microsoft Teams, Skype for Business etc.). If You choose to make use of this integration, please keep in mind that, in doing so, these Third Party applications will most likely receive some of Your Personal Data either directly by You or provided by Butterfly with Your consent. Therefore, please consider this carefully before disclosing information and only use Third Party applications that have privacy policies that You consider acceptable.

9. Is Your Personal Data transferred outside the EEA?

In the context of the provision of the Service and for the purposes described in this policy, Your Personal Data will be transferred outside the EEA and to countries not providing an “adequate” level of data protection, such as the United States.

When such a transfer happens, we ensure that it takes place in accordance with this Policy and that the necessary safeguards are put in place such as in particular:

  • Ensuring that the transfer is regulated by Standard Contractual Clauses approved by the European Commission as ensuring an adequate protection for Users; or
  • Ensuring that the transfer to the United States of America is done to an organisation that complies with the EU-US and Swiss-US Privacy Shield Framework as implemented by the U.S. Department of Commerce.

Butterfly, located in the United States of America, complies with the EU-US and Swiss-US Privacy Shield Framework as implemented by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from Europe and Switzerland to the United States.  Butterfly has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If Third Parties process personal data on our behalf in a manner inconsistent with the principles of either Privacy Shield framework, we remain liable unless we prove we are not responsible for the event giving rise to the damage.

If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit www.privacyshield.gov.

If you have a question or complaint related to our participation in the EU-U.S. or Swiss-U.S. Privacy Shield, we encourage you to contact us via privacy@butterfly.ai. For any complaints related to the Privacy Shield frameworks that cannot be resolved with us directly, we have chosen to cooperate with the relevant Data Protection Authority, or a panel established by the European DPAs for resolving disputes. Please contact us to be directed to the relevant DPA contacts. As further explained in the Privacy Shield Principles, binding arbitration is available to address residual complaints not resolved by other means. Butterfly is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).

10. What are Your rights?

Once You have provided Your Personal Data, several rights are recognized under the GDPR, which in principle You can exercise free of charge, subject to statutory exceptions. In particular, You have the following rights:

  • Right to withdraw consent. You have the right to withdraw Your consent at any time You choose and on Your own initiative. If You have entered into a contractual arrangement with Butterfly, You can do so directly by contacting Butterfly. If You have not done so, for example because You are an employee of an entity that entered into a contractual arrangement with Butterfly, You can contact your Employer. Your Employer will inform Butterfly of Your request to withdraw Your consent. The withdrawal of Your consent will not affect the lawfulness of the collection and processing of Your data based on Your consent up until the moment where You withdraw Your consent.
  • Right to access, review, and rectify Your data. If You wish to review or rectify any information like Your name, email address, passwords and/or any other preferences, You can do so easily by changing Your settings under the ‘My Account’ section on our website. You may also request a copy of the Personal Data Butterfly holds about You by sending an email to privacy@butterfly.ai. You can access and review this information and, if necessary, ask to rectify Your information.
  • Right to erasure. You have the right to erasure of all the Personal Data processed by Butterfly in case Butterfly no longer needs it for the purposes for which the Personal Data was initially collected or processed, in accordance with the GDPR.   
  • Right to restriction of processing. Under certain circumstances described in the GDPR, You may ask for a restriction of processing of Your Personal Data, such as when You have contested the accuracy of the Personal Data, for the period we need to verify the accuracy of this data.
  • Right to data portability. You have the right to receive the Personal Data processed in a format which is structured, commonly used and machine-readable and to transmit this data to another service provider.
  • Right to object to processing. Where Your Personal Data is processed for direct marketing purposes, You may object to such processing.
  • Right to lodge a complaint with a Supervisory Authority. We are always available for any questions or complaints You may have. However, if You were to have any trouble with the way Your Personal Data is being handled in the context of the Service, You may contact the Supervisory Authority to lodge a complaint.

11. To what extent is Non-Personal Data used by Butterfly?

Butterfly may use Non-Personal Data for purposes that include testing IT systems, research, big data analytics, industry-wide analyses, statistics and reports, improving the Service, developing new products and features. Butterfly may create and publish such analyses and reports, including for commercial gain.

12. What security measures are put in place by Butterfly?

Butterfly implements, and undertakes that its Subprocessors implement, appropriate technical and organisational measures to ensure an appropriate level of security of Your Personal Data, including but without limitation:

  • Socket Layer Technology (“SSL”). SSL is used for the encrypted transmission of data where necessary.
  • Back Up. Continuous and regular data backups help prevent loss and assist in data recovery.
  • Common Web Attacks. Protection against common web attack vectors, firewalls and access restriction are implemented.
  • Secured data centres. Data is hosted in secure SAS 70 audited data centres,

In the event personal information is compromised as a result of a security breach and where the breach is likely to result in a high risk to the rights and freedoms, we will promptly notify those Users as required under the GDPR. 

13. Does a disclaimer of warranties apply?

No method of electronic transmission or storage is completely secure.

To the largest extent permitted under applicable law, the Service is provided “AS IS” and we make no warranty, express or implied, concerning the security or integrity of any User data. All implied warranties, including without limitation the implied warranties of merchantability or fitness for a particular purpose, are hereby disclaimed.

14. What rules apply to children?

The Service is not intended for use by anyone under the age of 13 years.

Butterfly does not knowingly collect or solicit Personal Data from anyone under the age of 13 years or knowingly allow such persons to register for the Service.

In the event Butterfly learns that it has collected Personal Data from a child under the age of 13 years without verification of parental consent, steps will be undertaken promptly to remove that information. If You believe that we have or may have information from or about a child under 13 years of age, please contact Butterfly at privacy@butterfly.ai.

15. Does this Privacy Policy Apply to Third Party websites?

Butterfly shall not be responsible or liable for the practices employed by the owners or users of websites linked to or from the Service. Furthermore, we are not responsible or liable for the information or content on such Third Party websites.

This Privacy Policy is only in effect for the Service and not for any Third Party website and You are subject to the terms of use and privacy and other policies of such Third Party website.

16. Are posts in discussion rooms, blogs, etc. confidential?

Any information posted in a discussion room, group room, blog, or the like is considered publicly accessible and the User should not post any information it wishes to keep confidential.

17. What happens if Butterfly makes modifications to this Privacy Policy?

Butterfly reserves the right to change and update this Privacy Policy from time to time, in its sole discretion. In case this Policy is changed, You should review such changes. The modifications will take effect immediately upon posting on the Service website.

18. How can You contact Butterfly?

Questions, comments, remarks, requests or complaints regarding this Privacy Policy are welcome and should be addressed to: 

privacy@butterfly.ai

or

604 E 11th Street FL 3

Manhattan, NY 10009,

United States of America.