This is the contract between you (the Customer) and Wooly, Inc. (Wooly or Company). It describes the software, data, and other services that we provide and other important aspects of our business relationship. By using any of the Services, you are agreeing to these terms.
1.1 Wooly is the provider of a Subscription Service known as “Wooly” or the "Service". Generally, the Wooly service: (1) receives information from the Customer regarding the identification and activities of their contacts, customers or other end users (“End Users”), (2) uses the information received from the Customer and which may include information Customer obtains from its End Users (“Customer Data”) to process certain information from publicly available websites and sources that contain other information about Customer’s End Users, and (3) provides software, data, and services (“Services”) to help the Customer understand, delight, engage, and service their End Users.
2.1 Subject to the terms of this Agreement and duration of the Subscription Services, Wooly (“Company”) will use commercially reasonable efforts to provide Customer the Subscription Services and technical support in accordance with the Company’s standard practice.
2.3 The limits that apply to you will be specified in your Order Form, this Agreement, or for free trial accounts these limits may also be specified only from within the product itself. If we make modifications that would negatively impact you, these modifications will not apply until the start of your next renewal Subscription Term for paid Customers. Limits on trial accounts can be modified at any time. On renewal, the current usage limits will apply unless otherwise agreed upon.
2.4 As part of the registration process, Customer will identify an administrative user name and password for Customer’s account. Company reserves the right to refuse registration of, or cancel passwords it deems inappropriate.
2.5 We make the Subscription Service available 24 hours a day, 7 days a week, except for planned downtimes. For paid Customers, phone, email and in-app support is included at no cost. We accept email and in-app support questions 24 Hours per Day x 7 Days per Week. In-app support is available via the chat widget in the lower right hand corner of your account. We typically respond to email and in-app support questions within one business day; and usually much sooner.
2.6 If there are a specific number of hours included in the Consulting Services, those hours will expire as indicated in the applicable description.
2.7 The Customer grants to Wooly the right to add your name and logo to our customer list and website.
3.1 Customer will not, directly or indirectly: reverse engineer, decompile, disassemble or otherwise attempt to discover the source code, object code or underlying structure, ideas, know-how or algorithms relevant to the Services or any software, documentation or data related to the Services (“Software”); modify, translate, or create derivative works based on the Services or any Software (except to the extent expressly permitted by Company or authorized within the Services); use the Services or any Software for timesharing or service bureau purposes or otherwise for the benefit of a third party; or remove any proprietary notices or labels. With respect to any Software that is distributed or provided to Customer for use on Customer premises or devices, Company hereby grants Customer a non-exclusive, non-transferable, non-sublicensable license to use such Software during the Term only in connection with the Services.
3.2 Further, Customer may not remove or export from the United States or allow the export or re-export of the Services, Software or anything related thereto, or any direct product thereof in violation of any restrictions, laws or regulations of the United States Department of Commerce, the United States Department of Treasury Office of Foreign Assets Control, or any other United States or foreign agency or authority. As defined in FAR section 2.101, the Software and documentation are “commercial items” and according to DFAR section 252.2277014(a)(1) and (5) are deemed to be “commercial computer software” and “commercial computer software documentation.” Consistent with DFAR section 227.7202 and FAR section 12.212, any use modification, reproduction, release, performance, display, or disclosure of such commercial software or commercial software documentation by the U.S. Government will be governed solely by the terms of this Agreement and will be prohibited except to the extent expressly permitted by the terms of this Agreement.
3.3 Customer represents, covenants, and warrants that Customer will use the Services only in compliance with Company’s standard published policies and privacy policies then in effect (the “Policy”) and all applicable laws and regulations. Customer hereby agrees to indemnify and hold harmless Company against any damages, losses, liabilities, settlements and expenses (including without limitation costs and attorneys’ fees) in connection with any claim or action that arises from an alleged violation of the foregoing or otherwise from Customer’s use of Services. Although Company has no obligation to monitor Customer’s use of the Services, Company may do so and may prohibit any use of the Services it believes may be (or alleged to be) in violation of the foregoing.
3.4 Customer shall be responsible for obtaining and maintaining any equipment and ancillary services needed to connect to, access or otherwise use the Services, including, without limitation, modems, hardware, servers, software, operating systems, networking, web servers and the like (collectively, “Equipment”). Customer shall also be responsible for maintaining the security of the Equipment, Customer account, passwords (including but not limited to administrative and user passwords) and files, and for all uses of Customer account.
3.5 Grant. Subject to the terms and conditions of this Agreement, Company grants to Customer a limited, non-exclusive, non-transferable, non-sublicensable license to internally use the Software in connection with the Services.
3.6 Restrictions. Customer acknowledges that the Software and its structure, data, organization, and source code constitute valuable trade secrets of the Company and its suppliers. Accordingly, Customer agrees not to disclose, distribute, sublicense, lease, rent, loan, resell or otherwise transfer the data received from the Service.
3.7 Data Restrictions. Customer will not, and will require any and all third parties to which it provides any data from the Service to not, use such data for the purposes of cookie tracking, ad exchanges, ad networks, data brokerages, sending electronic communications (including email) in violation of applicable law, or any other activity or purpose identified as prohibited by Company in any communication sent to Customer. If Company informs Customer that a specified activity or purpose is prohibited, Customer will ensure that any and all Data Recipients immediately cease processing of any such data for the prohibited activity or purpose.
3.9 No Sensitive Personal Information. Customer agrees not to use Wooly to collect, manage, or process of Sensitive Information which includes personal identifiers (Social Security numbers, passport numbers, driver’s license numbers), certain restricted demographic details (race, ethnicity, religion), certain financial data (credit or debit card numbers, personal financial account info), and medical, physical or mental health information.
4.1 Each party (the “Receiving Party”) understands that the other party (the “Disclosing Party”) has disclosed or may disclose business, technical or financial information relating to the Disclosing Party’s business (hereinafter referred to as “Proprietary Information” of the Disclosing Party). Proprietary Information of Company includes non-public information regarding features, functionality and performance of the Service. Proprietary Information of Customer includes Customer Data and any non-public data provided by Customer to Company to enable the provision of the Services. The Receiving Party agrees: (i) to take reasonable precautions to protect such Proprietary Information, and (ii) not to use (except in performance of the Services or as otherwise permitted herein) or divulge to any third person any such Proprietary Information. The Disclosing Party agrees that the foregoing shall not apply with respect to any information after five (5) years following the disclosure thereof or any information that the Receiving Party can document (a) is or becomes generally available to the public, or (b) was in its possession or known by it prior to receipt from the Disclosing Party, or (c) was rightfully disclosed to it without restriction by a third party, or (d) was independently developed without use of any Proprietary Information of the Disclosing Party or (e) is required to be disclosed by law.
4.2 Customer shall own all right, title and interest in and to the Customer Data. Company shall own and retain all right, title and interest in and to (a) the Services and Software, all improvements, enhancements or modifications thereto, (b) any software, applications, inventions or other technology developed in connection with Implementation Services or support, and (c) all intellectual property rights related to any of the foregoing.
4.3 Notwithstanding anything to the contrary, Company shall have the right collect and analyze data and other information relating to the provision, use and performance of various aspects of the Services and related systems and technologies (including, without limitation, information concerning Customer Data and data derived therefrom), and Company will be free (during and after the term hereof) to (i) use such information and data to improve and enhance the Services and for other development, diagnostic and corrective purposes in connection with the Services and other Company offerings, and (ii) disclose such data solely in aggregate or other de-identified form in connection with its business. No rights or licenses are granted except as expressly set forth herein.
5.1 Customer will pay Company the then applicable fees described in the Order Form for the Services and Implementation Services in accordance with the terms therein (the “Fees”). If Customer’s use of the Services exceeds the Service Capacity set forth on the Order Form or otherwise requires the payment of additional fees (per the terms of this Agreement), Customer shall be billed for such usage and Customer agrees to pay the additional fees in the manner provided herein. Company reserves the right to change the Fees or applicable charges and to institute new charges and Fees at the end of the Initial Service Term or then current renewal term, upon thirty (30) days prior notice to Customer (which may be sent by email). If Customer believes that Company has billed Customer incorrectly, Customer must contact Company no later than 60 days after the closing date on the first billing statement in which the error or problem appeared, in order to receive an adjustment or credit. Inquiries should be directed to Company’s customer support department.
5.2 Company may choose to bill through an invoice, in which case, full payment for invoices issued in any given month must be received by Company fifteen (15) days after the mailing date of the invoice (which may be sent by email). Unpaid amounts are subject to a finance charge of 1.5% per month on any outstanding balance, or the maximum permitted by law, whichever is lower, plus all expenses of collection and may result in immediate termination of Service. Customer shall be responsible for all taxes associated with Services other than U.S. taxes based on Company’s net income.
6.1 Subject to earlier termination as provided below, this Agreement is for the Initial Service Term as specified in the Order Form. Once the initial term has expired, the Customer will be on a month-to-month contract thereafter, unless either party requests termination at least thirty (30) days prior to the end of the then-current term.
6.2 All sections of this Agreement which by their nature should survive termination will survive termination, including, without limitation, accrued rights to payment, confidentiality obligations, warranty disclaimers, and limitations of liability.
6.3 This Agreement will remain in effect until the Customer’s subscription has expired or it has been terminated as provided in this Section. Customer may terminate this Agreement, effective immediately upon written notice to the Company, if the Company breaches any provision of this Agreement and does not cure the breach within thirty (30) days after receiving written notice thereof. The Company may terminate this Agreement, effective immediately upon written notice to Customer, if Customer breaches any provision of this Agreement. Upon termination or expiration of this Agreement for any reason, all licensed rights granted in this Agreement will immediately cease to exist and the Customer’s account and right to access and use the Software and any data will terminate immediately. The Customer will irrecoverably delete any and all data it received from the Software. Customer's obligation to pay any fees applicable to the balance of the Customer's then-current subscription term, will survive any expiration or termination of this Agreement for any reason. The Company may, but is not obligated to, delete stored Customer data.
7.2 Wooly may monitor use of the Subscription Service by our customers and use data gathered in an aggregated and anonymous manner, provided that such information does not incorporate any Customer Data and / or identify you or any data you provide.
7.3 We will maintain appropriate administrative, physical and technical safeguards to protect our visitors, Customers, and Customer Data. The Customer consents to processing Customer Data in the United States.
7.4 Social Media Data. The Services enable Customer to retrieve publicly-available information about their customers including without limitation social media information, profile information, gender, company, job titles, photos, physical addresses, and website URLs ("Social Media Data") based on email addresses provided into the Services. This data may be provided from or through sub-processors, social networks, or other public sources. To provide this data we may transfer Personal Information to companies that help us provide our Service. Any transfers are covered by this Service Agreement and data protection agreements with our partners.
7.5. The Customer owns and maintains all rights to data they provide. This Agreement does not grant ownership rights to such data. The Customer does grant permission to Wooly to use Customer Data only as necessary to provide the Service to you and as permitted by this Agreement. If you are using the Service on behalf of a third-party, then you represent and warrant that you have all necessary rights and permissions to do so.
Company shall use commercially reasonable efforts consistent with prevailing industry standards to maintain the Services in a manner which minimizes errors and interruptions in the Services and shall perform the Implementation Services in a professional and workmanlike manner. Services may be temporarily unavailable for scheduled maintenance or for unscheduled emergency maintenance, either by Company or by third-party providers, or because of other causes beyond Company’s reasonable control, but Company shall use reasonable efforts to provide advance notice in writing or by e-mail of any scheduled service disruption.
HOWEVER, COMPANY DOES NOT WARRANT THAT THE SERVICES WILL BE UNINTERRUPTED OR ERROR FREE; NOR DOES IT MAKE ANY WARRANTY AS TO THE RESULTS THAT MAY BE OBTAINED FROM USE OF THE SERVICES. EXCEPT AS EXPRESSLY SET FORTH IN THIS SECTION, THE SERVICES AND IMPLEMENTATION
SERVICES ARE PROVIDED “AS IS” AND COMPANY DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT.
Company shall hold Customer harmless from liability to third parties resulting from infringement by the Service of any United States patent or any copyright or misappropriation of any trade secret, provided Company is promptly notified of any and all threats, claims and proceedings related thereto and given reasonable assistance and the opportunity to assume sole control over defense and settlement; Company will not be responsible for any settlement it does not approve in writing. The foregoing obligations do not apply with respect to portions or components of the Service (i) not supplied by Company, (ii) made in whole or in part in accordance with Customer specifications, (iii) that are modified after delivery by Company, (iv) combined with other products, processes or materials where the alleged infringement relates to such combination, (v) where Customer continues allegedly infringing activity after being notified thereof or after being informed of modifications that would have avoided the alleged infringement, or (vi) where Customer’s use of the Service is not strictly in accordance with this Agreement. If, due to a claim of infringement, the Services are held by a court of competent jurisdiction to be or are believed by Company to be infringing, Company may, at its option and expense (a) replace or modify the Service to be non-infringing provided that such modification or replacement contains substantially similar features and functionality, (b) obtain for Customer a license to continue using the Service, or (c) if neither of the foregoing is commercially practicable, terminate this Agreement and Customer’s rights hereunder and provide Customer a refund of any prepaid, unused fees for the Service.
NOTWITHSTANDING ANYTHING TO THE CONTRARY, EXCEPT FOR BODILY INJURY OF A PERSON, COMPANY AND ITS SUPPLIERS (INCLUDING BUT NOT LIMITED TO ALL EQUIPMENT AND TECHNOLOGY SUPPLIERS), OFFICERS, AFFILIATES, REPRESENTATIVES, CONTRACTORS AND EMPLOYEES SHALL NOT BE
RESPONSIBLE OR LIABLE WITH RESPECT TO ANY SUBJECT MATTER OF THIS AGREEMENT OR TERMS AND CONDITIONS RELATED THERETO UNDER ANY CONTRACT, NEGLIGENCE, STRICT LIABILITY OR OTHER THEORY: (A) FOR ERROR OR INTERRUPTION OF USE OR FOR LOSS OR INACCURACY OR CORRUPTION OF DATA OR COST OF PROCUREMENT OF SUBSTITUTE GOODS, SERVICES OR TECHNOLOGY OR LOSS OF BUSINESS; (B) FOR ANY INDIRECT, EXEMPLARY, INCIDENTAL, SPECIAL OR CONSEQUENTIAL DAMAGES; (C) FOR ANY MATTER BEYOND COMPANY’S REASONABLE CONTROL; OR (D) FOR ANY AMOUNTS THAT, TOGETHER WITH AMOUNTS ASSOCIATED WITH ALL OTHER CLAIMS, EXCEED THE FEES PAID BY CUSTOMER TO COMPANY FOR THE SERVICES UNDER THIS AGREEMENT IN THE 12 MONTHS PRIOR TO THE ACT THAT GAVE RISE TO THE LIABILITY, IN EACH CASE, WHETHER OR NOT COMPANY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES
11.1 Neither party will be responsible for failure or delay of performance if caused by: an act of war, hostility, or sabotage; act of God; electrical, internet, or telecommunication outage that is not caused by the obligated party; government restrictions; or other event outside the reasonable control of the obligated party. Each party will use reasonable efforts to mitigate the effect of a force majeure event.
11.2 We will comply with all U.S. state and federal laws (where applicable) in our provision of the Service and processing of Customer Data. We reserve the right at all times to disclose any information as necessary to satisfy any law, regulation, legal process or governmental request. The Customer will comply with all laws in their use of the Service.
11.3 If any provision of this Agreement is found to be unenforceable or invalid, that provision will be limited or eliminated to the minimum extent necessary so that this Agreement will otherwise remain in full force and effect and enforceable. This Agreement is not assignable, transferable or sublicensable by Customer except with Company’s prior written consent. Company may transfer and assign any of its rights and obligations under this Agreement without consent. This Agreement is the complete and exclusive statement of the mutual understanding of the parties and supersedes and cancels all previous written and oral agreements, communications and other understandings relating to the subject matter of this Agreement, and that all waivers and modifications must be in a writing signed by both parties, except as otherwise provided herein. No agency, partnership, joint venture, or employment is created as a result of this Agreement and Customer does not have any authority of any kind to bind Company in any respect whatsoever. In any action or proceeding to enforce rights under this Agreement, the prevailing party will be entitled to recover costs and attorneys’ fees. All notices under this Agreement will be in writing and will be deemed to have been duly given when received, if personally delivered; when receipt is electronically confirmed, if transmitted by facsimile or e-mail; the day after it is sent, if sent for next day delivery by recognized overnight delivery service; and upon receipt, if sent by certified or registered mail, return receipt requested. This Agreement shall be governed by the laws of the State of Utah without regard to its conflict of laws provisions.
THIS GDPR ADDENDUM -- DATA PROCESSING AGREEMENT (the "Data Processing Agreement”) is made and entered into by and between the Customer (“Controller”) and Wooly, Inc. (“Processor”) (individually, a “Party”; collectively, the “Parties”).
1. Definitions. The following terms have the meanings set out below:
Data Breach: Means a breach of security leading to the accidental, unauthorized, or unlawful destruction, loss, alteration, disclosure of, access to, or other Processing of Information transmitted, stored, or otherwise Processed.
Data Protection Authority: Any representative or agent of the government who has the authority to enforce local data privacy and security laws.
Data Subject: A natural person whose Information is Processed pursuant to this Data Processing Agreement.
GDPR: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
Information: All data Processed by Processor pursuant to this Data Processing Agreement, including Personal Data and Sensitive Data.
Personal Data: Means any Information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
Process or Processing: Means any operation or set of operations which is performed on Information or on sets of Information, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
Sensitive Data: Any Information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning health or data concerning a natural person's sex life or sexual orientation, or Information relating to criminal convictions and offences.
Subprocessor: Any entity which Processes Information on behalf of the Processor.
2. Term. The term of this Data Processing Agreement (the “Term”) shall commence on the Effective Date and continue until either party terminates the Data Processing Agreement. Either party may terminate this Data Processing Agreement for convenience 30 days after providing written notice of termination. Doing so does not impact the any Order or Services Agreement unless agreed to in writing by both parties.
3. Purpose of Processing. Personal Data will be Processed for purposes of providing the services set out and otherwise agreed to in the Data Processing Agreement, Services Agreement, and any applicable Order.
4. Nature of Processing. The subject-matter of Processing of Personal Data by Processor is the provision of the services to the Controller that involves the Processing of Personal Data. Personal Data will be subject to those Processing activities as may be specified in the Data Processing Agreement, Services Agreement, and any applicable Order.
5. Categories of Information Involved. Contact Information, including name, email, phone number, and social media data, the extent of which is determined and controlled by the Customer in its sole discretion. Information may also include transaction and order information.
6. Categories of Data Subjects Involved. Controller’s contacts, customers, and other end users that may include Controller’s employees, contractors, collaborators, prospects, suppliers and subcontractors.
7. Rights of the Controller. Controller, or Controller’s designee, has the right to audit and inspect Processor’s premises and policies to make sure Processor complies with the requirements in this Data Processing Agreement or under the GDPR. The costs of such audit or inspect will be estimated by the Processor and covered by the Controller.
8. Controller’s Obligations. Controller will comply with the obligations applicable to it under the GDPR, including obtaining any applicable consents from Data Subjects prior to Processing by Processor.
9. Processor’s Obligations. Processor will comply with the obligations applicable to it under the GDPR. Specifically, Processor agrees and warrants that it will:
Only Process Information in accordance with this Agreement and Controller’s documented instructions.
Process Information in accordance with applicable privacy and security laws and regulations.
Not transfer Information outside of the countries approved by Controller.
Not transfer Information to another organization without the Controller’s documented approval.
Implement appropriate technical, physical, and organizational security measures to reasonably ensure the confidentiality, integrity, and availability of Information Processed pursuant to this Agreement.
Not use any undocumented Subprocessors. A list of Subprocessors is available upon request and the Customer may request notification of any changes therein. All Subprocessors must provide written proof that it will comply with Section 8. Processor’s Obligations, and Section 9. Confidentiality as if it were the Data Processor.
Notify Controller when any law or legal requirement prevents Processor from fulfilling its obligations under this Agreement, or from complying with Controller’s instructions. In either situation, Controller may suspend the Processing of Information by Processor and may terminate any further Processing pursuant to this Agreement.
Maintain internal records of all Processing conducted on behalf of Controller. At a minimum, such records will list the categories of Information Processor Processes pursuant to this Agreement and the methods used to reasonably preserve the confidentiality, integrity, and accessibility of such Information.
Make available to the Controller all information necessary to demonstrate Processor’s compliance with its obligations under this Agreement. The Processor shall permit audits and inspections conducted by Controller or any auditor appointed by the Controller for the purposes of verifying the Processor’s compliance with its obligations under this Agreement. The costs of such audit will be estimated by the Processor and covered by the Controller.
Immediately notify the Controller, in writing, of the following:
A Data Subject’s request to access, rectify, erase, transport, object to, or restrict Information Processed pursuant to this Agreement;
Any request or complaint received from Data Controller’s customers or employees;
Any question, complaint, investigation, or other inquiry from a Data Protection Authority; and
Any request for disclosure of Information from a public entity related in any way to Data Processor’s Processing of Information under this Agreement.
Processor will assist Data Controller in fulfilling its obligations to respond to (i)-(iv) above.
Cooperate with Controller to comply with applicable privacy and security laws and regulations and this Agreement.
Upon termination of this Agreement or upon Controller’s request to delete or return Information, Processor will delete or return existing copies of Information unless local law requires storage of the Information. In instances where local law requires the Processor to store Information, Data Processor will protect the confidentiality, integrity, and accessibility of the Information; will not actively Process the Information anymore; and will continue to comply with this Agreement.
10. Confidentiality. All Information subject to this Data Processing Agreement is “Confidential Information”. In connection with the performance of this Data Processing Agreement, either Party (each a “Recipient”) may have access to or be provided with Confidential Information of the other Party (the “Discloser”). The Recipient shall use the Confidential Information of the Discloser solely in connection with the performance of this Data Processing Agreement. The Recipient shall limit its disclosure of the Confidential Information to Recipient’s directors, officers, and employees that need such Information pursuant to this Data Processing Agreement. The Recipient is responsible for compliance with the terms and conditions of this Data Processing Agreement by its directors, officers, and employees. The Recipient will protect the Confidential Information from unauthorized use, access, or disclosure in the same manner as the Recipient protects its own confidential or proprietary Information of a similar nature but in any event with no less than reasonable care. The Recipient shall certify the destruction of all copies of the Discloser’s Confidential Information upon request of the Discloser, with the exception that the Recipient may maintain one (1) copy of the Discloser’s Confidential Information solely to the extent necessary for the Recipient to comply with laws or regulations applicable to such Recipient (and the Recipient shall destroy such retained Confidential Information of Discloser after the legal or regulatory retention purpose expires or otherwise no longer exists). The Recipient’s obligations under this section shall continue for a period of two years after the expiration or termination of this Data Processing Agreement.
11. Liability. Neither Party will be liable to the other for any consequential, special, exemplary, or punitive damages (including damages for loss of data, revenue, and/or profits) whether foreseeable, or unforeseeable, arising out of this Data Processing Agreement regardless of whether the liability is based on breach of contract, tort, strict liability, breach of warranties or otherwise. The limitations on liability set forth above do not apply to liability arising from fraud.
12. Indemnification. Each Party will defend, indemnify, and hold the other Party, its affiliates, and their respective successors, directors, officers, employees, and agents harmless from and against all claims, actions, demands, or legal proceedings of any kind for all damages, taxes, penalties, fines, costs, losses, liabilities, and fees (including attorney fees) incurred by the Party’s negligent or willful acts or omissions that violate the terms of this Data Processing Agreement or the GDPR.