USA – Washington DC and San Jose Cloud – Legal Documents

All services (“Services”) provided to you (“you”, “your”, “user”) by ALPHA3 CLOUD (“we”, “us”, “our”) apply to and are governed by these Terms of Service, the Acceptable Use Policy, the Privacy Policy, the Data Processing Agreement under the European General Data Protection Regulation (GDPR), the Copyright Notice, the Service Level Agreement and the terms of your Purchase (together the “Agreement”), including any Services provided through the ALPHA3 CLOUD Website and through any email, written or other correspondence relating to such Services.

We retain the right and entitlement to amend, revise or vary the Agreement, including these Terms of Service, and such amendments, revisions and variations will become binding on you as set forth and referred to below. The Agreement forms a legally binding agreement between us and you. Continued use of the Website or accepting the Services offered by us by clicking the box “Please confirm you have read and agree to our Terms of Service.” constitutes acceptance of the Agreement and formation of a legally binding agreement.

Any individual submitting a Purchase on behalf of a company or other legal entity represents and warrants that he or she has the legal authority and entitlement to bind that entity to the Agreement, in which case “you”, “your” and “user” shall mean such company or legal entity. The Agreement is the complete and exclusive agreement between you and us regarding its subject matter and supercedes and replaces any prior agreement, understanding, or communication, written or oral. If you do not accept all of the terms of the Agreement do not accept any of the Services offered by us, through the Website or otherwise. The Agreement imposes significant legal obligations on you and also imposes restrictions on your legal rights. You are advised to consult independent legal advice before entering into the Agreement.

Any Purchase by you or acceptance of Services by us constitutes your agreement to be legally bound to the terms of the Agreement, and you represent and warrant that you have the legal authority to enter into the Agreement.

The Services and Website are provided and offered for adults over the age of 18 only. If you are under age 18 or you are otherwise not able to form legally binding contracts you should not use the Services or the Website. You should confirm with the owner and/or providers of your internet access in relation to the Services and Website that such access is lawful and allowed by the policies and/or terms of service governing the use of any such equipment or internet connection.

By continuing to use the Website and any of the Services offered by us, you are confirming that you are age 18 or over and are lawfully accessing and using the Website and the Services offered via the Website..

Amendment to the Agreement

We reserve the right and entitlement to amend or revise the Agreement at any time. We will notify you in accordance with the Agreement at least thirty (30) days prior to any amendments becoming valid and binding. Upon receipt of such notice, you may either terminate your account under the provisions of clause 10 and receive a refund for any positive account balance or continue to use our Services and be bound by the amended Agreement. After the amended Agreement has become effective, purchase of additional Services or continued use of the Website, including API usage, shall constitute your agreement to be legally bound by all of the terms and conditions of the amended Agreement.

1. Definitions

In this Terms of Service:

• “Acceptable Use Policy” or “AUP” means the ALPHA3 CLOUD Acceptable Use Policy ias of the date you make each Purchase or exchange of Credits for Services, as such may be amended in accordance with the Agreement.
• “Agreement” refers collectively these Terms of Service, the Privacy Policy, the Copyright Notice, the Data Processing Agreement, the Service Level Agreement,the Acceptable Use Policy and each Purchase.
• “Agreement Date” means the earlier of: (i) the date on which you accept these Terms of Service via the Website or (ii) the date you first use the Services, including the purchase of Credits.
• “Business Day” means any day other than a Saturday, a Sunday, or any day which is a public or bank holiday in the United States.
• “ALPHA3 CLOUD” means ALPHA3 CLOUD, LLC, a Rhode Island limited liability company, with an address of 935 Westminster Street. Providence, RI 02906, U.S.A.
• “API“means ALPHA3 CLOUD’s proprietary application programming interface.
• “Beta Testing“refers to your participation in any beta test of a Service that is pre-release.
• “Confidential Information” means all non-public information disclosed by one party to the other at any time irrespective of the date of the Agreement, that the receiving party should reasonably understand to be confidential, including: (i) for you, all information stored or transmitted to or from the ALPHA3 CLOUD network, (ii) for us, any data center or server designs, unpublished prices, unpublished terms of service, internal reports (including for auditing and security purposes), future company development plans, and any other proprietary information, and (iii) for both of us, any information marked as confidential. Confidential Information excludes any information or technology that is developed by one of us without reference to the other’s Confidential Information or becomes available without violation of an applicable law or this Agreement.
• “Copyright Notice”means the ALPHA3 CLOUD Copyright Notice as of the date you make each Purchase or exchange of Credits for Services, as it may be amended in accordance with the Agreement.
• “Credits” means the non-refundable credits you purchased via the WebApp which can be used in exchange for Services only. The credits are expressed in Swiss Francs (CHF), British Pounds (GBP), Euros (EUR) or United States Dollars (USD) on a one credit equals one currency unit basis. Credits are only expressed in relation to one currency equivalent in accordance with your currency selection upon opening an account with ALPHA3 CLOUD.
• “Credit Balance” means the number of Credits you have purchased less the number of Credits exchanged in respect of Services provided in accordance with the Agreement.
• “Data Processing Agreement” or “DPA” means the ALPHA3 CLOUD Data Processing Agreement in effect as of the date you make each Purchase or exchange Credits for Services, as it may be amended in accordance with the Agreement.
• “Junk Mail” means email that is designated by our email systems as such, as well as email reported by other users of ALPHA3 CLOUD and by you as unsolicited.
• “Personal Data” shall have the same meaning as in Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 (as amended from time to time, or replaced by subsequent legislation), or under any equivalent data protection regulation of applicable law. Without limiting the foregoing, Personal Data means any information that could be used to identify a natural person, directly or indirectly, including by reference to a name or personal identification number, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
• “Purchase” means the purchase of Credit that you submit to us via the Website or any other written purchase document which describes the Services you are purchasing and is signed by you whether manually or electronically.
• “Privacy Policy” means the ALPHA3 CLOUD Privacy Policy as of the date you make each Purchase or exchange of Credits for Services, as it may be amended in accordance the Agreement.
• “Service Level Agreement” means the ALPHA3 CLOUD Service Level Agreementas of the date you make each Purchase or exchange of Credits for Services, as it may be amended in accordance with the Agreement.
• “Services” means services provided in exchange for Credits or provided free by ALPHA3 CLOUD as described on the pages of the Website relevant to each service. Services include only those services which are offered via the Website, including but not limited to the provision of virtual servers, core-CPU power, disk data storage, RAM, network data transfer, IP addresses and VLANs. Services are provided in accordance with the Agreement.
• “WebApp” means the WebApp available at https://wdc.alpha3cloud.com/ui/ which forms part of the Website and which you use to purchase Credits and to manage the provision of Services.
• “Website” means any website with a domain name ending in “ALPHA3CLOUD.COM”.

2. Purchase of Credits

• 2.1 You acknowledge and agree that any Purchase made via the Website is for Credits that can be exchanged only for Services. No amounts received by ALPHA3 CLOUD or Credits purchased by you for any Purchase (except under the terms of termination as set out in clause 10 of these Terms of Service) are:
  • 2.1.1 refundable;
  • 2.1.2 exchangeable for cash or any other form of payment; or
  • 2.1.3 useable in any manner other than in exchange for Services.
• 2.2 All Purchases must be made via:
  • 2.2.1 credit or debit card made via the WebApp; or
  • 2.2.2 bank transfer to the correct bank account matching the currency used for your account and using your unique bank transfer ID as available via the payment section of the WebApp.
• 2.3 Invoices are issued by us following any Purchase in a manner we deem appropriate and necessary, and are made available to you via the WebApp.
• 2.4You acknowledge and accept that Services and/or your continued access to the WebApp may be suspended or terminated immediately if any payment in relation to a Purchase is declined, delayed or refused by your financial institution and/or credit card or debit card provider.
• 2.5We will adjust your Credit Balance in line with Services provided to you in accordance with the rates for exchange for those Services as advertised on our Website.
• 2.6 If at any time during the Agreement you fail to meet an appropriate standard of creditworthiness, as determined at our sole discretion, we may either:
  • 2.6.1 require you to make advance Purchase(s) on a regular basis as we deem necessary;
  • 2.6.2 require you to make payments in relation to Purchase(s) by bank transfer that you could otherwise make under these Terms of Service by credit or debit card;
  • 2.6.3 impose a limit on the number of Credits you may Purchase; or
  • 2.6.4 impose restrictions or conditions on your right to use Services as we deem appropriate.
• 2.7 All Purchases must be made in the default currency of your account as selected by you upon account opening. Currency selection for any single account is permanent. Accounts can be opened in Swiss Francs (CHF), British Pounds (GBP), Euros (EUR) or United States Dollars (USD).
• 2.8 The rates of exchange of Credits for Services will only be available to you in the default currency of your account. You may open multiple accounts with different default currencies.
• 2.9 In the event that any payment made by you in relation to a Purchase fails to be honored or accepted by your financial institution and/or our Website’s automated payment gateway, we reserve the right to charge a returned payment fee to cover any administration costs and any other associated costs which we may incur.
• 2.10 We reserve the right, in our sole discretion, to suspend or cancel your access to the WebApp or the API, or to withhold the provision of any Services until payment in full of unpaid amounts has been received by us, including any fees we may charge you for the return of an unhonored payment.
• 2.11 Upon termination of the Agreement, your Credit Balance (unused or otherwise) that you have purchased will not be refunded or returned to you other than as specifically outlined under the terms of termination as set out in clause 10 of these Terms of Service.
• 2.12We may charge interest on any overdue amounts at 1.5% per month (or the maximum legal rate if it is less than 1.5%). If any amount is overdue and we bring legal action or engage a collection agency to collect such overdue amounts, you will be obligated to pay our reasonable costs of collection, including but not limited to legal fees and court costs. All such fees are stated and will be charged in U.S. dollars.

3. Services

• 3.1 Contingent on ALPHA3 CLOUD’s acceptance of your Purchase, and subject to the Agreement, including these Terms of Service, ALPHA3 CLOUD agrees to provide Services to you in exchange for Credits at the rates of exchange outlined on the Website and WebApp.
• 3.2 We reserve the right to vary the rates of exchange of Credits for Services at any time at our sole discretion with immediate effect. Amended rates become applicable to you upon your next Purchase or exchange of Credits for Services.
• 3.3 Services offered via the Website may vary in scope and nature over time. You acknowledge, accept and agree that elements of the Services may be changed, varied, updated, replaced, removed, and supplemented or added as we so determine appropriate.
• 3.4 We provide certain Services on a pre-paid subscription basis for periods of 1 month, 3 months, 6 months and 1 year. Services purchased on a subscription basis are paid for in advance with Credits. Rates of exchange of Credits for Services are as outlined on the Website and WebApp. The number of Credits required to be exchanged for Services is fixed at the time of the exchange for the period of the subscription.
• 3.5 We provide certain Services on a pay-as-you-go basis based on five minute billing cycles. We provide dynamic rates of exchange of Credits for Services which are updated every five minutes and are available via our Website and the WebApp. The number of Credits exchanged for Services on a pay-as-you-go basis is fixed at the time of the exchange for the period of the next five minute billing cycle.
• 3.6Upon expiration of Services purchased on a pre-paid subscription basis, you will automatically continue to be charged for the same Services on a pay-as-you-go basis at the rates of exchange of Credits for Services at that time, unless you cease to utilize our Services in relation to your expired subscription.
• 3.7 We shall provide the Service to you subject to the Agreement until the Service is fully delivered, its term expires, it is terminated or it is suspended under the terms of the Agreement.
• 3.8 The provision of Services is strictly subject to you maintaining a sufficient Credit Balance and you acknowledge, accept and agree that we may suspend or terminate Services to you if you have a Credit Balance for less than 24 hours of usage at your latest Service usage level and pay-as-you-go Service rates of exchange of Credits at that time.
• 3.9 We retain the right to verify your identity at any time. In the event that we are unable to verify your identity using reasonable endeavors, at our sole discretion we may require you to provide further proof of identity, including but not limited to:
  • 3.9.1 an original or certified copy of a photographic ID in the form of a driving license or passport; and/or
  • 3.9.2 an original or certified copy of proof of address as deemed acceptable to us.
• 3.10 If you fail or are unwilling to provide such evidence as reasonably requested by us, we shall be entitled to immediately suspend and/or terminate your use of Services.
• 3.11 We shall not be responsible for any back up, recovery or other step required to ensure that data and information stored on the ALPHA3 CLOUD network and infrastructure as part of the provision of Services to you is recoverable in the case of any data loss, system fault, software failure, hardware failure or other activity which results in any loss of data, information or other item that is being stored as part of our Services.
• 3.12 We may suspend your Services without liability if:
  • 3.12.1 we have reason to believe that that the Services, have, are being or will be used in violation of the Agreement;
  • 3.12.2 you fail to co-operate with reasonable investigations into suspected violations of the Agreement;
  • 3.12.3 we reasonably believe that your Services are being accessed or used by third parties without your authorization;
  • 3.12.4 your Credit Balance is zero and/or insufficient to cover current Services being utilized by you;
  • 3.12.5 we reasonably believe it is necessary in order to protect our network infrastructure and services to other customers;
  • 3.12.6 we discover that you are affiliated with a person or legal entity that has used our Services in the past and had their account terminated; or
  • 3.12.7 we are required to do so by law.
• 3.13 We will endeavor to provide you with reasonable notice of any suspension under this clause unless we reasonably believe that an immediate suspension or shorter notice is required to protect our network infrastructure and services to other customers from significant operational or security risk or because we are compelled to do so by law.
• 3.14 You may be charged a reinstatement fee to remove a suspension of your account.
• 3.15 We are not responsible for any unauthorized access to your data or the unauthorized use of Services under your account. You represent and warrant that you are solely responsible for the use of Services whether or not authorized by you, by any employee of yours, any person to whom you have given access to the Services and/or any person who gains access to your data or Services as a result of a failure by you to use reasonable security precautions. You hereby indemnify us and hold us harmless against all costs, claims, expenses and damages whatsoever arising from any use of or access to your data or Services by any third party.
• 3.16 We do not support any operating systems and/or other software which you run within your virtual servers as part of the Services we offer to you.
• 3.17 We do not monitor and have no liability for the contents of any communications transmitted by you by virtue of our provision of the Services.
• 3.18 We have no obligation to provide security other than as stated in the Agreement. We disclaim any and all warranties not expressly stated in the Agreement, including the implied warranties of merchantability, fitness for a particular purpose, and non-infringement.
• 3.19 Both free Services and Services provided in exchange for Credits are provided to you on an AS IS basis.
• 3.20 We will be the sole arbiter of any dispute regarding the provision of Services and our decision will be final and binding.

4. Use of Services

• 4.1 You acknowledge, accept and agree to the following:
  • 4.1.1 only to use the Services in accordance with the Acceptable Use Policy;
  • 4.1.2 to comply with applicable laws at all times;
  • 4.1.3 not to interfere with the provision of Services;
  • 4.1.4to at all times act in good faith in relation to the provision of Services;
  • 4.1.5 not to continue to use Services if you have had an account with us suspended or terminated at any time;
  • 4.1.6 that you are solely responsible for the suitability of the Service chosen;
  • 4.1.7 to use reasonable security precautions in relation to your use of the Services;
  • 4.1.8 to only share your password with a person or persons whom you have authorized to use your account;
  • 4.1.9that your account is non-transferable and you will be liable for any and all activities undertaken using your user account together with the associated password, whether or not the person undertaking the activities has been authorized by you;
  • 4.1.10to keep current your billing, contact and other account information;
  • 4.1.11that there are inherent risks with Internet connectivity that may result in the loss of your privacy, Confidential Information and/or property;
  • 4.1.12to immediately notify us of any suspected or actual unauthorized use of your account or any security breach; and
  • 4.1.13to be solely and entirely responsible for maintaining at least one current backup copy outside of ALPHA3 CLOUD’s network of all data (including but not limited to operating systems, content and programs) stored on ALPHA3 CLOUD’s network to ensure that the potential for losses is mitigated.
• 4.2You accept, acknowledge and agree that the Services may not be used in any situation where the failure of the Services could lead to death or serious bodily injury of any person, or to other physical or environmental damage. This includes but is not limited to the use of the Services in connection with modes of human mass transportation, nuclear and chemical facilities, critical infrastructure and medical devices whose failure or malfunction could result in harm to persons. Accordingly, in addition to any other disclaimer or limitation of liability in these Terms of Service, we specifically disclaim any express or implied warranty of fitness of the Service for use for such activities.
• 4.3 You accept and agree that you have no right to physical access to the premises from which the Service is provided without our explicit prior permission which will be granted at our sole discretion.
• 4.4You may access the Services via our API in addition to via the WebApp. We reserve the right to change the API or suspend provision of the API at any time without notice.
• 4.5You acknowledge, accept and agree that the provision of Services and the Website are strictly subject to:
  • 4.5.1 your payment of all fees and charges in a prompt and timely manner;
  • 4.5.2 your full compliance with the Agreement, including these Terms of Service;
  • 4.5.3your compliance with all relevant laws and regulations at all times; and
  • 4.5.4 your maintenance of a sufficient Credit Balance to ensure Services remain fully paid up;
  • 4.5.5 your purchase of additional Credits as required via the WebApp once your Credit Balance becomes insufficient to maintain Services for 24 hours based on your Service usage and pay-as-you-go rates of exchange of Credits for Services at that time.
• 4.6 You represent and warrant to us that:
  • 4.6.1you are 18 years of age or older, capable of taking responsibility for your own actions and of sound mind;
  • 4.6.2 you are able to enter into a legally binding agreement with us;
  • 4.6.3 if you are entering into the Agreement on behalf of a company or other legal entity, you have the legal authority and entitlement to bind that entity to the Agreement;
  • 4.6.4 you are the person whose details are provided in connection with your user account;
  • 4.6.5 you are not an undischarged bankrupt or in a voluntary arrangement with your creditors; and
  • 4.6.6 you are not a person to whom ALPHA3 CLOUD is legally prohibited to provide Services.
• 4.7Notwithstanding the provisions of clause 5, you shall effect and maintain sufficient insurance coverage in respect of any case of damage, loss or claim in relation to data loss, system fault, software failure, hardware failure or other activity which results in any loss of data, information or other item that is being stored as part of our Services.
• 4.8 In the event that your Services or your access to the Website are suspended or terminated and you believe that such action has been taken incorrectly, you shall immediately contact us to limit and mitigate against any damage, loss and claim as a result of the suspension or termination.

5. Service Level Agreement

• 5.1 The Service Level Agreement forms a part of the Agreement for Services you Purchase from ALPHA3 CLOUD.
• 5.2 Any credit resulting from the terms and conditions of the Service Level Agreement shall be credited to the Credit Balance for use in the purchase of future Services. No Credits resulting from the Service Level Agreement will be paid to you in cash or in the form of a refund.

6. Beta Services

A Service in Beta Testing is subject to the following terms:

• 6.1 You acknowledge that Beta Testing involves using a pre-release version of any of our Services that may not function properly;
• 6.2 You acknowledge that by Beta Testing you may expose yourself to higher than normal risks of operational failures;
• 6.3 The full commercial release version of the Beta Testing service may change substantially from the pre-release version. This may result in programs, networks and operations that ran on the Beta Testing pre-release version not working with the initial full commercial release or subsequent versions;
• 6.4 You are not entitled to any compensation under the Service Level Agreement for downtime, performance degradation, loss or corruption of data or any other problems that may result from your Beta Testing;
• 6.5 You agree to provide information and feedback on your Beta Testing in a form reasonably requested by us;
• 6.6 You agree that we may use your information and feedback for any purposes, including but not limited to product development. We may use your comments publicly for press and promotional materials with your prior permission;
• 6.7 You agree that any intellectual property inherent in your feedback or product development of our Services arising from your Beta Testing of any Service shall be owned exclusively by ALPHA3 CLOUD;
• 6.8 You agree that any information regarding your Beta Testing, including your experiences and opinions, are Confidential Information of ALPHA3 CLOUD, as defined in these Terms of Service. All information in relation to Beta Testing may only be used for the purpose of providing feedback to ALPHA3 CLOUD;
• 6.9 You should not use Beta Testing for a live production environment. Beta Testing must not be used for critical computing functions, including but not limited to any hazardous environments, life support or weapons systems;
• 6.10 Beta Testing is provided “AS IS” with no warranty whatsoever;
• 6.11 To the extent permitted by applicable law, ALPHA3 CLOUD disclaims any and all warranties with respect to Beta Testing, including the implied warranties of merchantability, fitness for purpose and non-infringement;
• 6.12 The maximum aggregate liability of ALPHA3 CLOUD and its employees, agents, affiliates, or suppliers, for harm to you arising from your Beta Testing shall be the payment of money not to exceed One US Dollar (USD 100.00) or the equivalent in your default currency; and
• 6.13 We reserve the exclusive right to terminate Beta Testing of a Service at any time at our sole discretion.

7. Support

• 7.1 In relation to a fault or disruption with our Services, we will use reasonable endeavors to respond to all requests.
• 7.2We will use reasonable endeavors to resolve faults referred to us in accordance with clause 7.1.
• 7.3 All requests for support should be made to us using the support contact details provided on the Website.
• 7.4 We will provide you with reasonable advance notice for all scheduled maintenance and/or downtime and shall be entitled to undertake said scheduled maintenance and/or downtime without your consent.
• 7.5 In the event, based on our commercially reasonable belief, that emergency maintenance and/or downtime is required, we may do so at any time without the providing commercially reasonable notice to you.

8. Links to Third Party Web sites

• 8.1Links to third party websites on the Website are provided from time to time solely for your convenience. If you use these links, you will be leaving the Website.
• 8.2We have not reviewed all of these third party websites and do not control and are not responsible for such websites or their content or availability.
• 8.3We do not endorse or make any representations about such websites, or any material found therein, or any results that may be obtained from using them.
• 8.4If you decide to access any of the third party websites linked to the Website, you do so entirely at your own risk.
• 8.5You acknowledge and agree that we will not be responsible for the availability of such third party websites and will not be responsible or liable for any content or services available from such third party websites. You should review the privacy statements and terms and conditions of use of third party websites accessible from the Website.

9. Links to the Website

• 9.1 If you would like to link to the Website, you may only do so subject to the following conditions:
  • 9.1.1 you do not remove, distort or otherwise alter the size or appearance of the “ALPHA3 CLOUD” logos or trademarks;
  • 9.1.2 you do not create a frame or any other browser or border environment around the Website;
  • 9.1.3 you do not in any way imply that we are endorsing any products or services other than our own;
  • 9.1.4 you do not misrepresent your relationship with us nor present any false or misleading information about us;
  • 9.1.5 you do not use any “ALPHA3 CLOUD” trademarks and/or logos displayed on the Website without express written permission from us;
  • 9.1.6 you do not link from a website that is not owned by you; and
  • 9.1.7 your website does not contain content that is distasteful, offensive or controversial, infringes any intellectual property rights or other rights of any other person or otherwise does not comply with all applicable laws and regulations.
• 9.2 We expressly reserve the right to revoke the above permission to link to our Website where you are in breach of the Terms of Service or take any other action we deem appropriate. You shall indemnify us fully for any loss or damage suffered by us or any of our affiliated companies resulting from your breach of the terms of your permission to link to the Website.

10. Termination

• 10.1 The Agreement shall commence on the Agreement Date and shall continue until terminated by you or us.
• 10.2You or us may terminate the Agreement by giving thirty (30) days written notice (including without limitation email notice).
• 10.3 We may terminate the Agreement without notice to you and without providing any refund against your Credit Balance if any of the following occurs:
  • 10.3.1 the information you provided about yourself was false, materially inaccurate or incomplete;
  • 10.3.2 you were not 18 years old or did not have the legal capacity to enter into the Agreement at the time of submitting the Purchase for Services either in the capacity as an individual or on behalf of another person or legal entity;
  • 10.3.3 we are precluded from providing the Services to you by law or the decision of a competent legal or governmental authority;
  • 10.3.4 you do not use your account for a continuous period of three (3) months or more;
  • 10.3.5 your Credit Balance is zero (or negative) and you do not purchase any additional Credits within five (5) BusinessDays. In such case, we shall be entitled to immediately delete all data and information previously supplied as part of the Services and in relation to your account;
  • 10.3.6a credit report indicates you no longer meet our criteria for creditworthiness;
  • 10.3.7 you are declared bankrupt, become insolvent, cease trading or otherwise are unable to meet debt and payment obligations as they become due;
  • 10.3.8 you fail to pay any sum due to us as it becomes due and do not remedy the overdue amounts within five (5) BusinessDays of receiving notice from us that you have amounts overdue;
  • 10.3.9 we reasonably decide that your ability to pay has been adversely affected, including because your credit or debit card is declined, or we receive notice of any disputed charges with your credit or debit card provider or your bank;
  • 10.3.10 you violate the Acceptable Use Policy;
  • 10.3.11 your death or the ceasing to exist of a legal entity where applicable; or
  • 10.3.12you fail to comply with any provision of the Agreement and do not remedy the failure within twenty (20) Business Days of our notice to you outlining the failure.
• 10.4 If you do not have overdue payments on termination of the Agreement, we will provide you a reasonable opportunity to migrate out of our Services in an orderly fashion where possible.
• 10.5 You may terminate the Agreement for breach of the Agreement by written notice if any of the following occurs:
  • 10.5.1 we materially fail to provide the Services as agreed and do not remedy the failure within five (5) Business Days of receiving your written notice outlining the failure; or
  • 10.5.2 we materially fail to meet any obligation under the Agreement and do not remedy the failure within twenty (20) Business Days of receiving your written notice outlining the failure.
• 10.6 Upon termination of the Agreement you:
  • 10.6.1 will not have access to any data stored on our network and infrastructure using the Services;
  • 10.6.2 must discontinue use of the Services;
  • 10.6.3 shall remain liable for any amounts outstanding, including a negative Credit Balance at the date of termination; and
  • 10.6.4 must relinquish use of any IP addresses and server names assigned to you by us in relation to the Services and direct any Domain Name Services away from us in relation to you.
• 10.7 Termination of this Agreement for whatever reason shall not affect:
  • 10.7.1 the accrued rights and liabilities of the parties arising in any way out of this Agreement as of the date of termination, including without limitation, the right to recover damages against the other in accordance with the Agreement; and
  • 10.7.2 any provisions expressly surviving termination set forth this Agreement, which shall remain in full force and effect.

11. Taxes, Duty and Value Added Taxation

• 11.1 All amounts payable for Services and Credits are stated exclusive of any VAT unless stated otherwise. We reserve the right and shall be entitled to charge VAT and other taxes and duty as appropriate.
• 11.2 You agree that you are liable for all taxes and duty resulting from your purchase of Credits from us and your use of our Services.

12. Privacy Policy, Intellectual Property Rights and Confidential Information

• • 12.1 All collection, storing and use of your data are governed by the Privacy Policy.
  • 12.2 You agree acknowledge, accept and agree to be bound by the terms and conditions of the Copyright Notice.
  • 12.3 Each of us retains all right, title and interest in and to our respective trade secrets, inventions, copyrights, and other intellectual property. Any intellectual property developed by ALPHA3 CLOUD during the performance of the Services shall belong to ALPHA3 CLOUD unless we have agreed with you in advance in writing that you have an interest in such intellectual property.
  • 12.4 Each of us agrees not to use the other’s Confidential Information except in connection with the delivery or use of Services, the exercise of our and your respective legal rights with regard to the Agreement, or as may be required by applicable law.
  • 12.5 Each of us agrees not to disclose Confidential Information of the other to any third parties except:
    • 12.5.1to our respective service providers, agents, and representatives, provided that such service providers, agents, or representatives agree to confidentiality measures that are at least as stringent as those stated in these Terms of Service;
    • 12.5.2 to law enforcement or government agencies when required to do so by law; and
    • 12.5.3 in response to a subpoena or other compulsory legal process provided that at least 5 Business Days notice is provided prior to the disclosure, unless prohibited from providing such notice by law.

 

13. Notices

• 13.1 All Services and the Website are operated and managed by ALPHA3 CLOUD. For routine communications regarding the Website or Services please contact us using the details provided on the Website.
• 13.2 Notices regarding termination of the Agreement or other legal matters should be sent by email and by recorded postal delivery to:
  • ALPHA3 CLOUD, LLC
    935 Westminster St.
    Providence, RI 02903
    By Email: legal@alpha3cloud.com
• 13.3 ALPHA3 CLOUD will provide notice of amendments to the Acceptable Use Policy, Terms of Service, Privacy Policy, Data Processing Agreement, Copyright Notice and Service Level Agreement by posting them on the Website.
• 13.4 Notices for amendments to the Acceptable Use Policy, Terms of Service, Privacy Policy, Data Processing Agreement, Copyright Notice and Service Level Agreement are deemed received at the time that you next log in to the WebApp or the beginning of the first Business Day following the date delivered.

14. Disclaimer

• 14.1 We take all reasonable care to ensure that the information contained on the Website is accurate, however, we cannot guarantee its accuracy and we reserve the right to change the information on the Website (including these Terms of Service) at any time in accordance with the terms of the Agreement. You should therefore review these Terms of Service for any such changes each time you visit the Website or utilize the Services.
• 14.2 To the best of our knowledge, the information contained within the Website is accurate. Although we take reasonable care to ensure its accuracy, we make no representations or warranties of any kind with respect to the Website or its contents, including any text, graphics, advertisements, links or other items. We will not be liable to any customer or member of the public for any information supplied on the Website. Our Website is provided on an “as is” basis and we do not make any representations or warranties if such information subsequently proves to be inaccurate or out of date. Neither us nor any other contributor to the Website makes any representation or provide any warranty or undertaking,either expressed or implied, as to the condition, quality, performance, accuracy, fitness for purpose, completeness or freedom from viruses of the content contained on the Website, or that such contents will be accurate, up to date, uninterrupted or error free.

15. Liability

• 15.1 All Services, software, content, images, materials and other data or information provided by us are provided on an ‘AS IS’ basis.
• 15.2 We make no representations or warranties whether express, implied, statutory or otherwise with respect to the Services, software, content, images, materials and other data or information.
• 15.3 Except to the extent prohibited by applicable law, we disclaim all warranties including, without limitation, any implied warranties of merchantability, fitness for purpose, satisfactory quality, quiet enjoyment, non-infringement or any warranties arising out of the course of dealing or usage of trade.
• 15.4 We make no representations or warranties that the Services will be uninterrupted, error-free, or completely secure or that data stored using the Services will be secure or otherwise safe from loss or damage.
• 15.5 We shall not be responsible for any interruptions to the Services, including but not limited to, power outages, system failures or other interruptions including those that affect the acceptance and completion of payments for Purchases.
• 15.6 No advice or information obtained from us by you directly, via the Services or any third party shall create any warranty not expressly stated in these Terms of Service.
• 15.7 Nothing in these Terms of Service shall exclude or limit our liability for death or personal injury caused by our negligence or fraud, or any liability which cannot be excluded by applicable law.
• 15.8 We do not warrant and shall not be liable for any damage to, or viruses which may infect, your computer equipment or other property by reason of your access to, browsing or use of the Website.
• 15.9 We do not warrant that functions contained in the Services will be uninterrupted or error free or that defects will be corrected.

16. Limitation of Liability

• 16.1 Other than the payment obligations and indemnity obligations as set out in these Terms of Service, the liability of each party to the other arising from any given event or series of connected events shall be strictly limited to the amount paid by you to us during the immediately preceding month in which the event (or first in a series of connected events) occurred.
• 16.2 You acknowledge, accept and agree that the Service Level Agreement and Credits due under it from time to time are your sole compensation and recourse for damages and/or losses suffered by you and represent our total liability in relation to you in contract or tort (other than fraud) under the Agreement.
• 16.3 You acknowledge, accept and agree that neither party shall be liable in contract or tort (other than fraud) for:
  • 16.3.1 pre-contract or other representations;
  • 16.3.2 damages or losses as a result of disruption or interruptions of any kind to Services and any associated data loss or lack of availability; and
  • 16.3.3loss of business, contracts, anticipated savings, loss of profit, loss of revenue, loss of goodwill, loss of reputation, loss or use of data or any indirect or consequential losses under any circumstances.

17. Indemnity

You shall indemnify and defend us, our agents, affiliates, suppliers, directors, officers, employees and partners (the “ALPHA3 CLOUD Indemnitees”) from and against any legal claims, losses, liabilities, expenses, fines, damages and settlement amounts, including reasonable legal fees and court costs, incurred by ALPHA3 CLOUD Indemnitees arising under any claim as a result of your actual or alleged negligence, wilful misconduct, violation of law, failure to meet the security obligations required by the Agreement, violation of the Acceptable Use Policy or the Terms of Service. These indemnification obligations shall be enforceable provided that we timely communicate to you reasonable details of any claim and cooperate in defending any claim. We reserve the right to choose legal counsel to defend any such claim provided it is reasonable and communicated timely to you. You must comply with reasonable requests from us for assistance and cooperation in defense of any claim. We may not agree to any settlement in relation to any claim without your prior written consent, which may not be unreasonably withheld. Expenses incurred by ALPHA3 CLOUD Indemnitees must be paid by you as they are incurred.

18. Force Majeure

Neither of us will be in violation of the Agreement or liable for any loss or damage that the other may suffer because of any: act of God; power cut; power surge; fire, flood, earthquake, storm, hurricane or other natural disasters, war, invasion, act of foreign enemies, hostilities (whether war is declared or not), civil war, rebellion, revolution, insurrection, military or usurped power or confiscation, terrorist activities, nationalization, government sanction, blockage, embargo, labor dispute, strike, lockout or interruption or failure of electricity or other utilities, or any other delay or failure caused by a third party. In such an event, we reserve the right to cancel or suspend the Website and/or our Services without incurring any liability.

19. Changes to the Agreement

• 19.1 We reserve the right to make changes to the Agreement, including our Acceptable Use Policy, these Terms of Service, the Privacy Policy, the Copyright Notice, the Data Processing Agreement and the Service Level Agreement, provided that changes are consistent with applicable law. Any changes we make during the term of the Agreement will become effective as to you in reference to all Services past, present and future when the earliest of the following occurs:
  • 19.1.1 you make a new/additional Purchase of credits that incorporates the revised Agreement;
  • 19.1.2 you exchange additional Credits for our Services; or
  • 19.1.3 thirty (30) days after our notice to you describing the change.
• 19.2 If you do not wish to continue to use our Services following any such change, you may terminate the Agreement by giving us written notice of termination not later than thirty (30) days following the date that you were notified of the change. If you terminate the Agreement following such a change, for a period of thirty (30) days from the date of receipt by us of your written notice of termination:
  • 19.2.1you may continue to use Services already exchanged for Credits. Any Services not fully delivered at that time will be converted to Credits and added to your Credit Balance based on the original rate of exchange used in relation to said Services; and
  • 19.2.2 you will be entitled to receive your current Credit Balance at that time as a cash refund from us on a one to one basis in the default currency of your account.

20. Further Terms

• 20.1 The illegality, invalidity or unenforceability of a provision of the Terms of Service under the law of any jurisdiction shall not affect: the legality, validity or enforceability of any other provision of the Terms of Service in that jurisdiction, or the legality, validity or enforceability of that or any other provision of the Terms of Service under the law of any other jurisdiction.
• 20.2 If there is a conflict between the terms of any of the documents that comprise the Agreement, the documents will govern in the following order: Terms of Service, the Acceptable Use Policy, the Service Level Agreement, the Copyright Notice, the Privacy Policy and the Data Processing Agreement.
• 20.3 The Agreement constitutes the entire agreement between you and us relating to the provision of the Services, and supercedes any previous agreements, arrangements, undertakings or proposals, written or oral, between us in relation to our provision of Services to you, and all past courses of dealing or industry custom. No oral explanation or information given by any party shall alter the interpretation of the Agreement. In agreeing to these Terms of Service, you have not relied on any representation other than those expressly stated in these Terms of Service.
• 20.4 You may not assign the Agreement without our prior written permission. We may assign the Agreement in whole or in part as part of a sale or corporate reorganization of our company and we may transfer your Confidential Information as part of any such transaction.
• 20.5 Any Purchase may be amended by a formal written agreement signed by both parties, or by an exchange of correspondence, including electronic mail, that includes the express consent of an authorized individual on behalf of each of us.
• 20.6 The relationship between you and us is one of independent contractors and the Agreement is not intended to create any type of partnership, joint venture, employee/employer relationship or franchise. Neither of us is an agent for the other and neither of us has the right to bind the other on any agreement with a third party.
• 20.7 The captions, section headings and titles in the Agreement are for convenience only and are not part of the Agreement.
• 20.8 We may use third party service providers to perform all or any part of the Services, however, we remain responsible to you under the Agreement for services performed by third party service providers to the same extent as if we performed the third party services.
• 20.9 No delay and/or failure by us to enforce our rights or entitlements under the Agreement shall be deemed to be a waiver.
• 20.10 Other than as stated in these Terms of Service, the Agreement may be modified only by a formal document signed by both you and us.
• 20.11 Any waiver of any breach of the Agreement will only be made by us to you expressly in writing. No such waiver shall be considered a waiver of any subsequent breaches.

21. Governing Law and Jurisdiction

The Agreement, including these Terms of Service, will be governed by and construed in accordance with the laws of Rhode Island. We and you and we agree that the courts of Rhode Island will have jurisdiction to settle any dispute arising out of or in connection with the Agreement We and you waive any objection to the courts of Rhode Island being so designated and agree not to claim that the courts of Rhode Island are not a convenient or appropriate forum.

Last Updated: 26 July 2022
Copyright ALPHA3 CLOUD, LLC, 2022. All rights reserved.

This Data Processing Agreement (“DPA”) regulates the processing of customer data, including personal data as per the requirements of the European General Data Protection Regulation (“GDPR”).

This DPA is entered into between us, ALPHA3 CLOUD, LLC (the “Processor”) and you (the “Controller”) and is incorporated into and governed by the Terms of Service and the Agreement.

The parties agree as follows:

1. Definitions

For purposes of this DPA, defined terms referenced herein have the following meaning:

• “Agreement” shall mean the agreement between you and us for the provision of the Services as defined in the Terms of Service.
• “Affiliate” means any corporation or other business entity, now or hereafter existing, who directly or indirectly controls, is controlled by or is under common control with one of the contracting parties. As used herein, “control” means (a) the power, by ownership of voting equity, contract or otherwise, to elect a majority of the board of directors or other governing body of the subject entity or to otherwise direct the management and policies of the subject entity, or (b) the record or beneficial ownership, directly or indirectly, alone or in combination with one or more Affiliate(s), other than by way of security interest only, of more than 50% of the equity or voting rights of the subject entity; and “controlled” has a corresponding meaning.
• “Authorised Affiliate” means any of your Affiliate(s) who are permitted to use the Services pursuant to the terms of the Agreement, but who have not signed the Agreement or a Purchase.
• “Controller” shall mean you.
• “Customer Data” means all files, content, metadata, Personal Data, Confidential Information and any other data stored or processed via the Services as requested by you as the Controller.
• “Data Protection Laws” means any data protection or privacy laws, including the GDPR, applicable to Personal Data processed under or in connection with the Agreement.
• “Data Subject” shall have the meaning as provided in the GDPR or under any equivalent data protection regulation of applicable law. Without limiting the foregoing, Data Subject means a natural person who is the subject of Personal Data.
• “DPA” means this Data Processing Agreement together with Appendices 1 and 2 attached hereto and incorporated herein.
• “Personal Data” means any information that could be used to identify a natural person, directly or indirectly, by reference to a name or personal identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
• “Processor” means us.
• “Services” means services provided in exchange for Credits or provided free by ALPHA3 CLOUD as described on the pages of the Website relevant to each Service. Services include only those services which are offered via the Website, including but not limited to the provision of virtual servers, core-CPU power, disk data storage, RAM, network data transfer, IP addresses and VLANs. Services are provided in accordance with the Agreement.
• “Standard Contractual Clauses” means the EU model clauses for personal data transfer from controllers to processors and third countries (as amended from time to time, or replaced by subsequent legislation).
• “Sub-Processor” means any person or entity engaged by us or any of our Affiliates to process Customer Data in the provision of the Services to you.

Any capitalized term not defined in this DPA shall have the meaning given to it in the Agreement.

2. Purpose

• 2.1 We have agreed to provide the Services to you in accordance with the terms of the Agreement. In providing the Services, we shall process Customer Data on behalf of you. We will process and protect such Customer Data in accordance with the terms of this DPA.

3. Scope

• 3.1 In providing the Services to you pursuant to the terms of the Agreement, we shall process Customer Data only to the extent necessary to provide the Services in accordance with both the terms of the Agreement and this DPA.
• 3.2 The details of the data processing activities to be performed by us, including the special categories of Personal Data where applicable, are specified in Appendix 1 which forms an integral part of this DPA.

4. Obligations of the Processor

• 4.1 We may collect, process or use Customer Data only within the scope of this DPA.
• 4.2 When we process Customer Data on your behalf, we shall take steps to ensure that any natural person acting under our authority who has access to your Customer Data does not process the Customer Data except on instructions from you.
• 4.3 We shall promptly inform you if, in our opinion, any of the instructions regarding the processing of Customer Data provided by you breach any applicable data protection laws. In such a case, you may suspend the transfer of data.
• 4.4 We shall ensure that all employees, agents, officers and contractors involved in the handling of Customer Data: (i) are aware of the confidential nature of the Customer Data and are contractually bound to keep the Customer Data confidential; (ii) have received appropriate training on their responsibilities as a data processor; and (iii) are bound by the terms of this DPA.
• 4.5 We shall implement appropriate technical and organizational procedures to protect Customer Data, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing, as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons.
• 4.6 We shall implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including inter alia as appropriate: (i) the pseudonymization and encryption of Customer Data; (ii) the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services; (iii) the ability to restore the availability and access to Customer Data in a timely manner in the event of a physical or technical incident; and (iv) a process for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing. In accessing the appropriate level of security, account shall be taken of the risks that are presented by processing, including from accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Customer Data transmitted, stored or otherwise processed.
• 4.7 We confirm that we have implemented the technical and organizational security measures specified in Appendix 2 before processing the Personal Data. You accept and agree that these technical and organizational measures are subject to development and review and that we may use alternative suitable measures to those set forth in Appendix 2.
• 4.8 We confirm that, unless you expressly permit, we will not inspect your stored data, and will only measure the volume of your transmitted data for billing purposes or inspect your transmitted data to investigate suspected violations of our Acceptable Use Policy. We will not disclose your data to any third party unless we are required to do so by court or administrative order.
• 4.9 Where Customer Data relating to an EU Data Subject is transferred outside of the EEA, it shall be processed:
  • 4.9.1 in a third country or territory recognised by the EU Commission as having an adequate level of protection;
  • 4.9.2 in accordance to with legally recognised safeguards, such as the EU-US Privacy Shield or Binding Corporate Rules;
  • 4.9.3 in accordance with Standard Contractual Clauses in all other cases.
• 4.10 Taking into account the nature of the processing and the information available to us, we shall have in place appropriate technical and organizational measures, to the extent reasonably possible, for the fulfillment of your obligation to respond to requests for exercising the Data Subject’s rights and your compliance with your data protection obligations in respect of the processing of Customer Data.
• 4.11 We confirm that we and/or our Affiliate(s) have appointed a data protection officer where such appointment is required by applicable data protection legislation. The appointed data protection officer may be reached at dpo@alpha3cloud.com. .

5. Obligations of the Controller

• 5.1 You represent and warrant that you shall comply with the terms of the Agreement, this DPA and all applicable data protection laws.
• 5.2 You represent and warrant that you have obtained any and all permissions and authorizations necessary to permit us, our Affiliates and Sub-Processors to execute their rights or perform their obligations under this DPA.
• 5.3 You shall comply with all applicable data protection laws, including requirements with regards to the transfer of Customer Data under this DPA and the Agreement.
• 5.4 All of your Affiliate(s) who use the Services shall comply with your obligations as set forth in this DPA.
• 5.5 You shall implement appropriate technical and organizational procedures to protect Customer Data, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing, as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons. You shall implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including, inter alia, as appropriate: (i) the pseudonymization and encryption of Customer Data; (ii) the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services; (iii) the ability to restore the availability and access to Customer Data in a timely manner in the event of a physical or technical incident; (iv) a process for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing. In accessing the appropriate level of security, account shall be taken of the risks that are presented by processing, including from accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Customer Data transmitted, stored or otherwise processed.
• 5.6 You shall take steps to ensure that any natural person acting under your authority who has access to Customer Data does not process the Customer Data except on your instructions.
• 5.7 You agree to forward any notification received from the Processor or any Sub-Processor pursuant to Clause 4.3 to the data protection supervisory authority if you decide to continue the processing or seek to lift the suspension.
• 5.8 If you require correction, deletion or blocking of, and/or making available the Customer Data during or after termination of the Agreement, we will process any request to the extent it is lawful, and will reasonably fulfill such request in accordance with standard operational procedures to the extent reasonably possible.
• 5.9 You acknowledge and agree that the processing of instructions from you, including destruction or return of data from us, may result in additional fees to you. In such case, we will notify you of such fees in advance, unless otherwise agreed.

6. Sub-Processors

• 6.1 You acknowledge and agree that: (i) Our Affiliate(s) may be used as Sub-Processors; and (ii) we and each of our Affiliates may engage Sub-Processors in connection with the provision of the Services.
• 6.2 All Sub-Processors who process Customer Data in the provision of the Services to you shall comply with our obligations as set out in this DPA.
• 6.3 Where Sub-Processors are located outside of the EEA, we confirm that such Sub-Processors: (i) are located in a third country or territory recognized by the EU Commission to have an adequate level of protection; (ii) have entered into Standard Contractual Clauses with us; or (iii) have other legally recognized appropriate safeguards in place or Binding Corporate Rules.
• 6.4We will make available to you upon request our current list of Sub-Processors, which will include the identities and addresses of Sub-Processors. During the term of this DPA, we will provide you with prior notification, via email, of any changes to the list of Sub-Processors who may process your Customer Data before authorizing any new or replacement Sub-Processor(s) to process your Customer Data in connection with the provision of the Services.
• 6.5 You may object to the use of a new or replacement Sub-Processor by notifying us in writing within ten (10) Business Days after receipt of our notice of changes. If you object to a new or replacement Sub-Processor, and that objection is not unreasonable, you may terminate the Agreement or applicable Purchase with respect to those Services which cannot be provided by us without the use of such new or replacement Sub-Processor. We will refund you any prepaid fees covering the remainder of the term of the Agreement (or applicable Purchase) following the effective date of termination of the Agreement or with respect to such terminated Services.

7. Liability

• 7.1 The limitations on liability as set forth in the Agreement shall apply to all claims made pursuant to the terms of this DPA.
• 7.2 We shall be liable for any breaches of this DPA caused by the acts and omissions or negligence of our Sub-Processors to the same extent we would be held liable if we were performing the Services of each Sub-Processor directly, subject to the limitations on liability set forth in the terms of the Agreement.
• 7.3 You shall be liable for any breaches of this DPA caused by the acts and omissions or negligence of your Affiliates as if such acts, omissions or negligence had been committed by you.
• 7.4 You shall not be entitled to recover more than once in respect of the same claim.

8. Audit

• 8.1 We shall make available to you, subject to payment of a fee, all information reasonably necessary to demonstrate compliance with our processing obligations and allow for and contribute to audits and inspections.
• 8.2 Any audit conducted by you under this DPA shall consist of examination of the most recent reports, certificates and/or extracts prepared by an independent auditor bound by confidentiality provisions at least as strict as those set out in the Agreement. In the event that provision of the same is not deemed sufficient in your reasonable opinion, you may conduct a more extensive audit which will be: (i) at your expense; (ii) limited in scope to matters specific to you and agreed in advance; (iii) carried out during normal business hours and upon reasonable notice, which shall be not less than 4 weeks unless an identifiable material issue has arisen; and (iv) conducted in a way which does not interfere with our day-to-day business.
• 8.3 This clause shall not modify or limit your rights of audit, but is intended to clarify the procedures in respect of any audit undertaken pursuant thereto.

9. Notification of Data Breach

• 9.1 We shall notify you without undue delay after becoming aware of (and in any event within 72 hours of discovery) any accidental or unlawful destruction, loss, alteration or unauthorized disclosure or access to any Customer Data (“Data Breach”).
• 9.2 We will promptly investigate every Data Breach and take reasonable measures to identify its root cause(s), mitigate its adverse effect and prevent a recurrence. As information becomes available, unless prohibited by law, we will provide you with a description of the DataBreach, the type of Customer Data that was the subject of the Data Breach, and other information you may reasonably request concerning the affected Customer Data.
• 9.3 We will take all commercially reasonable measures to secure the Customer Data, to limit the effects of any Data Breach, and to assist you in complying your obligations under applicable law.

10. Compliance, Cooperation and Response

• 10.1 In the event that we receive a request from a Data Subject in relation to Customer Data, we will refer the Data Subject to you unless otherwise prohibited by law. You shall reimburse us for all costs incurred in providing you reasonable assistance in dealing with a Data Subject request. In the event that we are legally required to respond to the Data Subject, you will fully cooperate with us as applicable.
• 10.2 We will notify you promptly of any request or complaint regarding the processing of Customer Data which adversely impacts you, unless such notification is not permitted under applicable law or a relevant court order.
• 10.3 We may make copies of and/or retain Customer Data in compliance with any legal or regulatory requirement including, but not limited to, retention requirements.
• 10.4 The parties acknowledge that it is your duty to notify us within a reasonable time of any changes to applicable data protection laws, codes or regulations which may affect our contractual duties. We shall respond within a reasonable timeframe in respect of any changes that need to be made to the terms of this DPA. If the parties agree that amendments are required, but we are unable to accommodate the necessary changes, you may terminate the part or parts of the Services which give rise to the non-compliance. To the extent that other parts of the Services provided are not affected by such changes, the provision of those Services shall remain unaffected.
• 10.5 The Controller and the Processor and, where applicable, their representatives, shall cooperate, on request, with the applicable supervisory authority in the performance of their respective obligations under this DPA.

11. Term and Termination

• 11.1 The term of this DPA shall coincide with the commencement of the Agreement and this DPA shall terminate automatically together with the termination or expiration of the Agreement.
• 11.2 We shall within forty-five (45) days of termination of the Agreement, delete all Customer Data from our systems and provide you with certificates of such deletion upon request. Excluded from this provision is Customer Data on Hosting types or Backup options with longer retention periods for which, after termination of the Agreement, we can continue storing Customer Data for as long as the retention period defined for the Hosting type or Backup option plus forty-five (45) days. If you make a request to have Customer Data deleted earlier than the expiration of the extended storage period, we shall delete the Customer Data without undue delay for a charge, unless prohibited from doing so by applicable law.

12. General

• 12.1 This DPA sets out the entire understanding of the parties with regards to the subject matter herein.
• 12.2 Should a provision of this DPA be invalid or become invalid then the legal effect of the other provisions shall be unaffected. The parties agree that a valid provision which closest reflects the parties intent shall replace the invalid provision. The same shall apply to any omissions.
• 12.3 This DPA shall be governed by the law applicable to the terms of the Agreement, subject to the Data Protection Laws of the applicable jurisdiction. The courts that shall have jurisdiction for the resolution of disputes arising under this DPA shall be the same as those set out in the terms of the Agreement.

Last Updated: 26 July 2022 Copyright ALPHA3 CLOUD, LLC, 2022. All rights reserved.

Appendix 1: Data Processing Activities to Be Performed by Us

You as the Controller grant users the right to access the Services in accordance with the terms of the Agreement for transfer of Customer Data identified in sections 3, 4 and 5 below, as it relates to the processing operations identified in section 6 below.

1. Controller

You as the Controller grant users the right to access the Services in accordance with the terms of the Agreement for transfer of Customer Data identified in sections 3, 4 and 5 below, as it relates to the processing operations identified in section 6 below.

2. Processor

We as the Processor received data identified in sections 3, 4 and 5 below, as it relates to the processing operations identified in section 6 below.

3. Data Subjects

You acknowledge and agree that the categories of Data Subjects that use and may process Customer Data via the Services are solely determined by you and your Users use of the Services. Notwithstanding the foregoing, the Customer Data processed typically involves the following categories of Data Subjects:

• Your employees, freelancers and contractors;
• Users, Affiliates and other participants;
• Your partners, suppliers or service providers;
• Your Customers;
• Any individual to whom you have granted the right to access the Services in accordance with the terms of the Agreement;
• Other individuals to the extent identifiable through their use of or registration with the Services, or through content of files or metadata processed with the Services.

4. Categories of Customer Data

To use the Services, we do not require any Customer Data from Users other than their full name, email address, password and IP address in using the Services.

The categories of Customer Data processed are solely determined by you and your Users use of the Services. Customer Data may be stored in database records, metadata and files on file systems which identify or may reasonably be used to identify, Data Subjects.

You agree and acknowledge that you and your Users must strictly abide by the Acceptable Use Policy (AUP) and that Customer Data is only processed via the Services with the prior written consent of the Data Subject.

5. Special categories of Personal Data

We do not require any special categories of Personal Data for using the Services. Your and your Users use of the Services shall solely determine if and which special categories of Personal Data are stored and processed.

You agree and acknowledge that you and your Users must strictly abide by the Acceptable Use Policy (AUP) and that sensitive Personal Data is only processed via the Services with the prior written consent of the Data Subject.

6. Processing operations

The Customer Data processed will be subject to the following basic processing activities:

• Customer Data will be processed to the extent necessary to provide the Services in accordance with both the Agreement and your instructions. We process Customer Data only on behalf of you, the Controller.

Processing operations include, but are not limited to:

• Provision of the Services via our hosting infrastructure. This operation relates to all aspects of Customer Data processed;
• Auditing use of the Services for compliance with the Agreement or applicable law. This operation relates to all aspects of Customer Data processed;
• Finding, analyzing and protecting the Services and Customer Data and users against threats. This operation relates to all aspects of Customer Data processed;
• Provision of technical support, issue diagnosis and defect resolution to ensure the efficient and proper operation of the systems and to identify, analyze and resolve technical issues, both generally in the provision of the Services and specifically in responding to your Support requests. This operation may relate to all aspects of Customer Data processed;
• Complying with your requests for professional services or auditing that involve accessing and processing Customer Data. These operations relate to all aspects of Customer Data processed;
• Fulfilling any other obligation set out in the Agreement. These operations relate to all aspects of Customer Data processed.

Appendix 2: Technical and Organizational Security Measures

The following descriptions provide an overview of the technical and organizational security measures implemented by us. In certain circumstances, in order to protect the integrity of the security measures and in the context of data security, detailed descriptions may not be available. It is acknowledged and agreed that the technical and organizational measures described therein and in our internal Security Policies will be updated and amended from time to time, at our sole discretion. Notwithstanding the foregoing, the technical and organizational measures will not differ from the measures described in the Security Policy in any material, detrimental way.

1. Hosting Infrastructure

We utilize third party Hosting infrastructure in the form of data centers and Infrastructure-as-a-Service (IaaS) with organizations that maintain current ISO 27001 certifications and/or SSAE 16 SOC 1 Type II or SOC 2 Attestation Reports. We will not utilize third party data centers that do not maintain the aforementioned certifications and/or attestations, or other substantially similar or equivalent certifications and/or attestations.

2. Physical Access Control

Technical or organizational measures regarding access control, including regarding legitimatization of authorized persons.

The aim of the entrance control is to prevent unauthorized persons from physically accessing the data processing equipment which processes or uses Customer Data.

We employ measures designed to prevent unauthorized persons from gaining access to data processing systems and the Services in which Customer Data is processed, such as the use of security personnel, secured buildings and data center premises.

For our Services, the structural and substantive security standards comply with the security requirements for data centers.

3. System Access Control

Technical and organizational measures regarding the user ID and authentication:

The aim of the system access control is to prevent unauthorized use of data processing systems used for the processing of Customer Data.

The following may, among other controls, be applied depending upon the particular Services ordered: authentication via passwords and/or two-factor authentication, documented authorization processes, documented change management processes, and logging of access on several levels.

For our Services: (i) log-ins to Services Environments by our employees and Sub-processors are logged; (ii) logical access to the data centers is restricted and protected by firewall/VPN/SSH/SSL; and (iii) intrusion detection systems, centralized logging and alerting, and firewalls are used.

4. Data Access Control

Technical and organizational measures regarding the on-demand structure of the authorization concept, data access rights and monitoring and recording of the same:

Measures regarding data access control are targeted on the basis that only such data can be accessed for which an access authorization exists, and that data cannot be read, copied, changed or deleted in an unauthorized manner during the processing and after the saving of such data.

Customer Data is accessible and manageable only by properly authorized staff, direct database inquiry access is restricted, and application access rights are established and enforced. Access to data necessary for the performance of the particular task is ensured within the systems and applications by a corresponding role and authorization concept.

5. Transmission Control

Technical and organizational measures regarding the transport, transfer, transmission, storage and subsequent review of Customer Data on data media (manually or electronically).

Transmission control is implemented so that Customer Data cannot be read, copied, changed or deleted without authorization, during transfer or while stored on data media, and so that it can be monitored and to determined as to which recipients a transfer of Customer Data is intended.

Except as otherwise specified for the Services or parts thereof, transfers of data outside the Services environment are encrypted. The content of communications (including sender and recipient addresses) sent through certain email or messaging services may not be encrypted. You are solely responsible for the results of your decision to use unencrypted communications or transmissions.

The transfer of Customer Data to a third party (e.g. sub-processors) is only made if a corresponding contract exists, and only for the specific purposes. If Customer Data is transferred to companies located outside the EEA, we provide an adequate level of data protection at the target location or organization in accordance with the European Union’s data protection requirements, e.g. by employing contracts based on the Standard Contractual Clauses.

6. Data Entry Control

Technical and organizational measures regarding recording and monitoring of the circumstances of data entry to enable retroactive review:

Data Entry Controls are implemented so that a retroactive review is enabled.

System inputs are recorded in the form of log files and database records therefore it is possible to review retroactively whether and by whom Customer Data was entered, altered or deleted.

7. Data Backup and Availability Control

Technical and organizational measures regarding data backup (physical/logical):

Data backup and availability controls are implemented to protect Customer Data against accidental destruction and loss.

For our Services: backups are taken on a regular basis where you have chosen a corresponding Hosting type or Backup option as defined in the Agreement.

8. Data Processing Control

Technical and organizational measures to differentiate between the obligations of principal and contractor:

The aim of the data processing control is to provide that Customer Data is processed by a commissioned data processor in accordance with the Instructions of the principal.

Details regarding data processing control are set forth in the Agreement and DPA.

9. Data Segregation

Technical and organizational measures regarding purposes of collection and separated processing:

Customer Data from our different customers environments is logically segregated on our systems or those of Sub-Processors.

Customer Data used for internal purposes only, e.g. as part of the respective customer relationship, may be transferred to a third party such as a sub-processor solely in consideration of contractual arrangements and appropriate data protection regulatory requirements.

Employees are instructed to collect, process and use Customer Data only within the framework and for the purposes of their duties (e.g. service provision).

Customer Data is stored in a way that logically separates it from other customer data.