Terms & Conditions

1.0 Definitions

1. “Access Information”: means the username, password, and other log-in information for access to the Bambuser Solution.
2. “Agreement”: means the Bambuser LiveShopping Agreement with its appurtenant appendices (which include these Terms), setting forth the Customer’s order specification of Services and, if any, additional products/services.
3. “Authorized Users”: means the Customer’s employees, consultants or agents using the Bambuser Solution or any part thereof on the Customer’s or its affiliate’s behalf and for the Customer’s or its affiliate’s benefit only.
4. “Bambuser App”: means the application used to broadcast a live show.
5. “Bambuser Dashboard”: means the dashboard enabling the Customer to set up live shows and assign Hosts. The Customer can also add and remove Authorized Users, add products to be displayed in the live shows, moderate the product display and moderate the chat function. Any show can be immediately unpublished on the Bambuser Dashboard.
6. “Bambuser Player”: means the embedded java script library that creates the customized player on the Customer’s website for the live stream show.
7. “Bambuser Solution”: means any Bambuser product(s) as defined in Appendix A (Technical Specification), appurtenant to the Agreement. The Bambuser Solution includes: Bambuser App, Bambuser Player and Bambuser Dashboard.
8. “Commencement Date”: means the Effective Date or the date upon which Bambuser has fulfilled its obligations so that the Customer can start using the Bambuser Solution.
9. “Confidential Information”: means information of a confidential or secret nature that may be disclosed, orally or in writing, during the term of the Agreement to a Party by the other Party that relates to the business of the other Party or to the business of any parent, subsidiary, affiliate, customer or supplier of the other Party. Such Confidential Information includes, inventions, marketing plans, product information and plans, product designs, business strategies, trade secrets, know-how, financial information, sales figures, forecasts, personnel information, customer lists and data, and domain names.
10. “Content”: means any text, images, graphics, photos, video, audio, and any other content, information or data, created, derived from or accessible via use of the Bambuser Solution, including; (i) backdrop; (ii) welcome, pause and thank you screen, (iii) trade names, trademarks, logotypes or similar; (iv) live chat messaging; (v) music, and (vi) any other content that the Host or the Show Moderator features performing the live stream show, including all live show segments.
11. “Customer Data”: means any data and information submitted to Bambuser under the Agreement by or for the Customer, its affiliates and/or any Authorized User or End User.
12. “End Users”: means the individuals participating in the live show without being an Authorized User, i.e. consumers. The End Users may watch the live show e.g. from Customer’s website.
13. “Force Majeure”: means an event beyond a Party’s control, which could not reasonably have been foreseen by the Party prior to entering into the Agreement or prevented by the Party, including civil war, fire, flood, interruption in public transport, communications or general energy supply, act of government, act of terror, strike, act of public authority, new or amended legislation, failure by internet service provider or Bambuser’s sub-suppliers.  
14. “Host”: means the person presenting and displaying products and/or other content in the live stream as agreed with the Customer. A Host is an Authorized User with specific access to the Bambuser App to: (i) go live; (ii) pause and end live streamed show; and (iii) highlight products selected to the live show.
15. “Intellectual Property Rights”: means all intellectual property rights of any nature anywhere in the world (whether registered or not and including any applications) including copyright and neighboring rights (including copyright in computer software), patents, logos, trademarks or business names, design rights and database rights.
16. “License Fee”: means the license fee which the Customer shall pay for using the Bambuser Solution in accordance with rates listed in Appendix B (Specification of Services).
17. “Privacy Policy”: means Bambuser’s privacy policy available at https://bambuser.com/privacy-policy, as amended from time to time.
18. “Services”: means the services as set out in Appendix B (Specification of Services), Appendix D, (Implementation Services and Onboarding), Appendix F (Additional Services) (if any), and other services which are incidental or ancillary to such services.
19. “Set-up and Onboarding Fees”: means the fees for set-up and onboarding specified in Appendix B (Specification of Services).
20. “Show Moderator”: means the Authorized User that (i) moderates the products displayed in the Content, (ii) moderates and interacts the chat during the live show, and (iii) has the right to immediately unpublish the live show and/or delete comments and block End Users from the chat.
21. “Solution Data”: means anonymized data, including meta-data, analytical, diagnostic and technical data, and usage statistics concerning or generating from the Customer’s use of the Bambuser Solution, however excluding personal data.
22. “Terms”: means these Bambuser StandardTerms of Service.
23. “Tracking Script”: means the software code which enables optimization of Bambuser Solution and gathers End User data for statistical purposes.

2.0 Bambuser’s Provision of the Bambuser Solution and the Services

1. Provision of the Bambuser Solution. Bambuser shall: (i) make the Bambuser Solution available to the Customer pursuant to the Agreement; (ii) provide support or other customized adaptions if such Services are separately purchased by the Customer; (iii) provide the Bambuser Solution in accordance with applicable legislation; and(iv) take commercially reasonable efforts to make the Bambuser Solution available twenty four (24) hours a day, seven (7) days a week, except for: (a)planned downtime (of which Bambuser shall give written notice in advance), (b)what is stated in Section 14.1 and 14.2.

3.0 General Undertakings of the Customer

1. Customer responsibilities. The Customer shall (i) be responsible for any breach of these Terms or the Agreement caused by any Authorized User or, as applicable, End User, (ii) be responsible for the accuracy, quality and legality of Content and Customer Data and the means by which the Customer acquired the Content and Customer Data, (iii) use commercially reasonable efforts to prevent unauthorized access to or use of the Bambuser Solution, and notify Bambuser promptly of any such unauthorized access or use, and (iv) use the Bambuser Solution only in accordance with the Agreement.
2. Limitations of Bambuser’s undertaking. The Customer hereby acknowledges that the Bambuser’s undertaking is limited to provision of the Bambuser Solution to the Customer and agreed Services as listed herein. Accordingly, the Customer shall e.g. (i) embed the correct and correctly configure the javascript library on its website provided by Bambuser, (ii) enable a landing page if necessary for the live show, and (iii) promote and drive traffic to the liveshow to increase sales on its website.
3. Third party compliance. The Customer shall ensure that all End Users, prior to participating in a live show provided by way of the Bambuser Solution: (i) are required to accept usage restrictions which are consistent with, and no less protective than as set out in Section 4.2; and (ii) have obtained information regarding the transmission and use of personal data generated via use of the Bambuser Solution in accordance with the Privacy Policy. Further, the Customer shall ensure adequate moderating of the chat function as further described in Section4.3.

4.0 Use of the Bambuser Solution

1. Right to use. Bambuser grants a limited, revocable, non-sublicensable, non-transferable, and non-exclusive license for the Customer, its affiliates and its Authorized Users to use and operate the Bambuser Solution during the term of, and in accordance with, the Agreement. Bambuser reserves the right to terminate the Customer’s access to the Bambuser Solution in response to a violation or suspected violation of the Agreement.
2. Usage restrictions. The Customer may not: (i) make any part of the Bambuser Solution available to, or use any part of the Bambuser Solution for the benefit of, anyone other than Authorized Users; (ii) sell, resell, license, sublicense, distribute, make available, rent or lease any part of the Bambuser Solution, or include the Bambuser Solution in a service bureau or outsourcing offering; (iii) use the Bambuser Solution to store or transmit (a) infringing, libelous, or otherwise prohibited material (as further set out in Section 5.2), or (b) material in violation of third party privacy rights; (iv) use the Bambuser Solution to store or transmit malicious code; (v) attempt to gain unauthorized access to the Bambuser Solution or its related systems or networks; (vi) permit direct or indirect access to or use of the Bambuser Solution in a way that circumvents a contractual usage limit; (vii) copy the Bambuser Solution or any part, feature, function or user interface thereof; (viii) frame or mirror any part of the Bambuser Solution, other than framing on the Customer’s own intranets or otherwise for its own internal business purposes or as permitted in the Agreement; (ix) access the Bambuser Solution in order to build a competitive product or service; (x) reverse engineer the Bambuser Solution (to the extent such restriction is permitted by law); or (xi) remove any copyright, trademark or other proprietary rights notices associated with or visible via use of the Bambuser Solution. The Customer’s or End Users’ intentional violation of the foregoing, or any use of the Bambuser Solution in breach of the Agreement, that in Bambuser’s judgment imminently threatens the security, integrity or availability of the Bambuser Solution, may result in Bambuser’s immediate suspension of the Bambuser Solution.
3. Show Moderator. The Customer is responsible for administrating and moderating the chat function, and for selecting an individual to operate as Show Moderator. The Customer shall ensure that its organization has adequate resources and knowledge to fulfil its obligation and warrants that it shall adhere to applicable legislation regarding inter alia chat-services. The Customer shall also ensure that the Show Moderator complies with any instructions from Bambuser applicable to moderation of the chat function, live show and product display.
4. Host. The Host will display and/or use all products and/or items as agreed with the Customer during the live show. The broadcasting device that the Host will use shall have login access to the Bambuser App. The Host is further responsible to ensure that no inappropriate, derogatory or illegal statements are made by the Host in the Content that may impair Bambuser’s reputation negatively. The Customer is solely responsible to ensure that there is a signed enforceable agreement with each Host reflecting these Terms, including display of third-party trademarks, prior to launching any Content.

5.0 Content

1. Responsibility for Content. All Content is the Customer’s sole responsibility and the responsibility of the individuals from which such Content originates. Bambuser shall have no responsibility or liability for the deletion or failure to store any Content.
2. Propriety of Content. The Customer shall not transmit, and shall ensure that no Authorized User and/or End Users transmit(s), Content or otherwise conduct or participate in any activities on or via the Bambuser Solution which is likely to be prohibited by law, or violates third party rights. The Customer shall not distribute, and shall ensure that no Authorized User and/or End Users distribute(s), in any way any Content, or otherwise engages in any activity in connection with the Bambuser Solution, that: (i) is hateful, offensive, racist, sexist, bigoted, libelous, defamatory, obscene, abusive, pornographic, lewd, erroneous, stalking, or threatening; (ii) advocates or encourages conduct that could constitute a criminal offense, give rise to civil liability, or otherwise violate any law or regulation; (iii) creates an impression that is incorrect, misleading, or deceptive; or (iv) divulges other people’s privacy, private or personally identifiable information without their express authorization and permission.
3. Unauthorized Content. The Customer is solely responsible for everything disclosed in the Content, including any music and other third-party material, including Intellectual Property Rights vested therein or relating thereto. Use of music is prohibited unless the Customer has obtained appropriate licenses in writing prior to featuring such music in the Content. Unauthorized Content may be blocked, and/or removed at Bambuser’s sole discretion.

6.0 Fees and Payment

1. Fees. The Customer shall pay to Bambuser the fees for the selected Services according to the price list in Appendix B (Specification of Services). Except as otherwise set forth in the Agreement, (i) payment obligations are non-cancellable and paid fees are non-refundable, and (ii) agreed quantities of Services cannot be decreased.
2. Increase Fees. Beginning on the first anniversary of the Effective Date of the Agreement and upon each anniversary thereafter, Bambuser may increase the charges for the fees stated in the Agreement, by an amount not to exceed five per cent (5%) per year upon at least sixty (60) days written notice.
3. Invoicing and payment. Unless otherwise set out in the Agreement, Bambuser will invoice the Set-up and Onboarding Fees on or after the Effective Date and the License Fee monthly in arrears. Unless otherwise set out in the Agreement, fees are due thirty (30) days from the invoice date. The Customer is responsible for providing complete and accurate billing and contact information to Bambuser and notifying Bambuser of any changes to such information.
4. Overdue charges. If any invoiced amount is not received by Bambuser by the due date, without limiting Bambuser’s rights or remedies by applicable law or the Agreement, those charges may accrue late interest at a yearly rate of ten (10) % of the outstanding balance.
5. Suspension of Service. If any charge owing by the Customer is thirty (30) days or more overdue, Bambuser may, without limiting its other rights and remedies by applicable law or the Agreement, suspend the Customer’s access to the Bambuser Solution until such amounts are paid in full, provided that Bambuser has given the Customer at least ten (10) days prior written notice and the Customer fails to pay the relevant amount within that period of time.
6. Taxes. Bambuser’s fees in Appendix B (Specification of Services) are exclusive of any value added taxes, levies, duties or similar governmental assessments of any nature (“Taxes”). The Customer is responsible for paying all Taxes associated with its purchases under the Agreement. If Bambuser has the legal obligation to pay or collect Taxes for which the Customer is responsible under this Section 6.5, Bambuser shall invoice the Customer and the Customer shall pay that amount unless the Customer provides Bambuser with a valid tax exemption certificate authorized by the appropriate taxing authority. For clarity, Bambuser is solely responsible for taxes assessable against it based on its income, property and employees.

7.0 Proprietary Rights and Licenses

1. Reservation of rights. Subject to the limited rights expressly granted in the Agreement, Bambuser reserves all its right, title and interest in and to the Bambuser Solution, the Services and the Solution Data, including all related Intellectual Property Rights.
2. Right to collect Solution Data. Bambuser is entitled to collect, process and use Solution Data. Bambuser may use automated means to isolate information from the Customer’s Content in order to help detect and protect against spam and malware, or to improve the Bambuser Solution. The foregoing shall not be construed as an admission that consent to such data collection activity is legally required.
3. License to Content. The Customer grants to Bambuser a perpetual, irrevocable, worldwide, royalty-free, fully paid-up, sublicensable, non-exclusive, assignable, right and license to use the Content for purposes of providing the Bambuser Solution in accordance with the Agreement.
4. License to use feedback. The Customer grants to Bambuser a worldwide, perpetual, irrevocable, royalty-free license to use and incorporate into any of its products or services any suggestion, enhancement request, recommendation, correction or other feedback provided by the Customer, its affiliates, either directly or through an Authorized User or End User relating to the Bambuser Solution.
5. Open source. The Bambuser Solution may include open source software as well as other third-party products as communicated by Bambuser from time to time. In case separate terms and conditions apply for the Customer’s use of the Bambuser Solution, Bambuser will present them to the Customer, in which case such terms and conditions shall take priority over the Agreement.
6. Publicity. Upon the Customer’s approval in the main body of the Agreement, Bambuser is granted a perpetual, irrevocable, worldwide, royalty-free, fully paid-up, non-exclusive right and license to use the Customer’s name, trade names, trademarks, and service marks and Content for marketing purposes.

8.0 Confidentiality and Insider Regulation

1. Confidentiality undertaking. Each Party undertakes to, both during the term of the Agreement and after its termination, not to disclose the other Party’s Confidential Information and/or to use the other Party’s Confidential Information for any other purposes than for the purposes of the Agreement.
2. Exceptions from confidentiality. The foregoing shall not apply to any Confidential Information which: (i) is in the public domain at the time of disclosure or later becomes part of the public domain through no fault of the receiving Party; (ii) was known to the receiving Party prior to disclosure by the disclosing Party or is independently developed by the receiving Party (without any use of Confidential Information), in each case as evidenced by the receiving Party; (iii) is disclosed to the receiving Party by a third party who had the right to furnish such Confidential Information; (iv) is required to be disclosed by operation of law or court order and is not protected by any claim of privilege, provided the receiving Party attempts to notify the disclosing Party prior to disclosure and any available governmental or judicial protection is obtained by the receiving Party; (v) is required to be disclosed under a Party’s contract with a recognized stock exchange; or (vi) has received the other Party’s prior written approval to disclose Confidential Information.
3. Notification of disclosure. If a Party is obliged to disclose or provide Confidential Information according to Section 8.2 (iv) or (v), such Party shall, if possible, confer with the other Party before doing so.
4. Business records. All business records, papers and documents kept or made by a Party, whether in hard copy or electronically, relating to the business of the other Party or its affiliates or the Confidential Information, correspondence included, shall remain the property of the other Party or such affiliate as the case may be and shall in connection with the termination of the Agreement for whatever reason be destroyed or returned to the other Party without prior request.
5. Insider regulation. The Customer confirms knowledge of that shares of Bambuser are listed on Nasdaq First North Growth Market and that Bambuser therefore have certain obligations in accordance with applicable laws, rules and regulations for listed companies, among them the EU market abuse regulation, the stock exchange rule book for issuer, and other legislation regarding i.e. insider information and insider trading, such as Law (2016:1307) on penalties for market abuse in the securities market. The Customer further confirms knowledge of the applicable insider regulation and that information received from Bambuser, regardless if it constitutes Confidential Information or not, may be considered to be insider information which would be likely to have a significant effect on the prices of financial instruments and therefore must be treated strictly confidential. The Customer and all persons taking part of this information is therefore to be considered insider in Bambuser and, in accordance with the insider regulation, prohibited to (i) for own or behalf on others, direct or indirect acquire or dispose shares or other financial instruments related to Bambuser, or revoke or change a trade order placed before the person gained access to the insider information (so-called insider trading), (ii) recommend someone else to engage in insider trading or induce someone to forward a recommendation or to exhort to engage in insider trading, and (iii) unlawfully disclose insider information to another person except where the disclosure is made in the normal exercise of an employment and the recipient is not obliged reveal this (e.g. according to law or agreement).
6. Consequences of breach of insider regulation. Breach of applicable regulations is penal sanctioned. Insider trading can lead to prison up to six (6) years and unauthorized disclosure of insider information can lead to fine or prison up to two (2) years. Attempt is also penal sanctioned. Alternatively, violations of the insider trading ban or the prohibition of unauthorized disclosure of inside information may result in an administrative penalty. For persons up to a maximum amount of five (5) MEUR or three (3) times the profit gained from the infringement, or three (3) times the costs avoided as a consequence of the infringement. For legal persons, the amount is no more than fifteen (15) MEUR or fifteen per cent (15%) of the turnover of the legal person or group, or three times the profit gained from the infringement, or three (3) times the costs avoided as a consequence of the infringement.

9.0 Representations and Indemnification

1. Representations. Each Party represents that it has validly entered into the Agreement and has the legal power to do so. The Customer represents that all information submitted to Bambuser in connection with the Bambuser Solution, including account and billing information, is accurate, complete and truthful, and that it shall promptly update any provided information that becomes inaccurate. Furthermore, the Customer represents that it has all necessary rights and licenses to transmit and provide the Content and Customer Data for use in the Bambuser Solution as set out in the Agreement.
2. Indemnification by Customer for third party claims. The Customer agrees to fully indemnify, defend and hold harmless Bambuser, its affiliates, officers, directors, employees and agents of Bambuser and its affiliates, directly or indirectly caused by or incurred by reason of a third party allegation, lawsuit, claim or proceeding, arising out of or related to (i) Content; (ii) Customer Data; (iii) the Customer’s/Authorized Users’/End Users’ (a) conduct, or (b) use of the Bambuser Solution or (iv) breach of the Agreement. Bambuser may assume the exclusive defense and control of any matter for which the Customer is required to indemnify Bambuser at the Customer’s expense. The Customer shall cooperate with Bambuser’s defense of such claims and shall under no circumstances settle or compromise any such claims without the prior written consent of Bambuser.
3. Indemnification by Bambuser for infringement claims. Bambuser shall indemnify, defend and hold the Customer harmless from and against any finally awarded claims that the Bambuser Solution, as used within the scope of and in accordance with the Agreement, infringes the Intellectual Property Rights of any third party, provided that (i) the Customer notifies Bambuser promptly in writing of the claim; (ii) Bambuser has sole control of the defense and all related settlement negotiations; and (iii) the Customer provides Bambuser with all necessary assistance, information, and authority to perform the above. Bambuser shall have no liability for any claim of infringement based on (i) modification of the Bambuser Solution by the Customer to the extent the infringement would have been avoided without such modification; or (iii) the combination or use of the Bambuser Solution with materials not provided by Bambuser or in breach of the Agreement to the extent such infringement would have been avoided by use of the Bambuser materials alone or if applicable terms were complied with. In the event the Bambuser Solution is held to, or Bambuser believes is likely to be held to, infringe any third party’s Intellectual Property Rights, Bambuser shall have the right at its sole option and expense to (i) substitute or modify the Bambuser Solution so that it is non-infringing, while retaining in all material aspects equivalent features and functionality; or (ii) obtain a license for the Customer to continue using the Bambuser Solution under commercially reasonable terms; or (iii) if (i) and (ii) are not reasonably practicable, terminate the Agreement.

10.0 Limitation of Liability

1. No warranty. To the maximum extent possible under applicable law, Bambuser disclaims all warranties of any kind with respect to the Bambuser Solution, whether express or implied, including any implied warranties of merchantability, fitness for a particular purpose, title and non-infringement, except as specified in Section 9.1 herein. Specifically, Bambuser makes no warranty that (i) the Bambuser Solution shall meet the Customer’s requirements, goals or needs, or (ii) the Bambuser Solution access shall be uninterrupted, timely, secure or error-free.
2. Limitation of Bambuser’s liability. Bambuser’s maximum aggregate liability for all claims, liabilities or obligations arising under or relating to the Agreement, regardless of the number of claims, shall not exceed an amount equal to all amounts paid by the Customer to Bambuser under the twelve (12) months preceding the first incident out of which the liability arose.
3. General limitation of liability. In no event shall either Party be liable to the other Party for any punitive, indirect, special, incidental or consequential damages (including lost revenue, lost profits, lost data or lost savings.
4. Exceptions. The limitations of liability set out in this Section 10 shall not apply (i) in case damage is caused by intent or gross negligence; (ii) for claims arising from or related to either Party’s indemnification obligations under the Agreement or (ii) in case of either Party’s breach of the confidentiality obligations under the Agreement.

11.0 Liability Insurance

1. Bambuser general liability insurance. Bambuser will carry commercial general liability, public liability, and/or foreign general liability insurance, written on an occurrence (not claims-made) basis, covering all operations by or on behalf of Customer arising out of or connecting with the Agreement, providing coverage for bodily injury, property damage and products/completed operations liability, claims by one insured against another insured, and contractual liability.
2. Customer general liability insurance. During the term of the Agreement, the Customer shall, at its own expense, maintain a valid general liability insurance covering the Customer and, where applicable, the Customer’s employees and subcontractors which may be engaged in connection with the Agreement. Where applicable, the Customer shall also, at its own expense, maintain a valid professional liability insurance. The insurance coverage shall be to such extent as to cover the liability in damages under the Agreement. Upon request, the Customer shall provide Bambuser with evidence of the existence of such insurance.

12.0 Correspondence

1. Notices. All notices, claims etc. under the Agreement must be delivered by courier, registered post or e-mail to the addresses indicated in the Agreement (or to such addresses/e-mail addresses as may later be given by written notice in accordance with this Section 12.1). A notice shall be deemed to have been received by a Party when (i) delivered by registered post, unless, in fact, it has been received by the recipient sooner, the third (3) business day from mailing, if mailed from Sweden, and the fifth (5) business day from mailing, if mailed from outside of Sweden, and (ii) delivered by e-mail, on the day of dispatch, with confirm of receipt from authorized representative.

13.0 Term and Termination

1. Term. The Agreement shall enter into force on the Effective Date and shall after the initial term be automatically renewed until written notice is given as set forth in the main body of the Agreement.
2. Early termination by both Parties. Either Party may terminate the Agreement with immediate effect by notice in writing to the other Party on the occurrence of any of the following events. (i) If the other Party commits a material breach of any term of the Agreement and that breach is irremediable, or if that breach is remediable fails to remedy that breach within a period of fourteen (14) days after being notified in writing to do so. (ii) If bankruptcy or insolvency proceedings are instituted against the other Party and such proceedings are not dismissed within thirty (30) calendar days from the date of proceedings, or the other Party makes an assignment for the benefit of its creditors. (iii) Due to a Force Majeure event, in case such force majeure event lasts for more than thirty (30) calendar days.
3. Termination by Bambuser. Bambuser may terminate the Agreement in the event (i) the Customer generally fails to pay its debts as they become due or acknowledges in writing that it is unable to do so, or (ii) it is required by, or for failure to comply with, applicable law, regulation, court or governing agency order, Bambuser Code of Conduct or ethical requirements.
4. Termination by the Customer. The Customer may terminate the Agreement in the event Bambuser materially changes the Bambuser Solution or these Terms as further set out in Section 14.2.
5. Effect of termination. The rights of either Party under this Section 13 are in addition to any other rights and remedies permitted by law or under the Agreement. Breach of the Agreement may result in pursuit of all available remedies for Intellectual Property Rights (including intellectual property rights infringement), the availability of which the Customer hereby acknowledges. Upon termination for any reason, the Customer shall immediately cease all use and distribution, and destroy all copies, of the Bambuser Solution.
6. Survival. Access to and rights of use associated with Bambuser Solution shall terminate upon termination of the Agreement. Sections 5.1, 7.4, 6, 7, 8, 9, 10, 11, 12, 13.6, 14, 15 and any other Section that by its nature is permanent shall survive any termination or expiration of the Agreement.

14.0 Miscellaneous

1. Force Majeure. A Party shall be released from the consequences of failure to fulfil certain obligations under the Agreement due to any Force Majeure events. As soon as practicable following the affected Party's notice, the Parties shall consult with each other in good faith and use all reasonable endeavors to agree appropriate terms to mitigate the effects of a Force Majeure event and to facilitate the continued performance of the Agreement. The affected Party shall notify the other Party as soon as possible after the Force Majeure event ceases or no longer causes the affected Party to be unable to comply with its obligations under the Agreement. Following such notification, the Agreement shall continue to be performed on the terms existing immediately prior to the occurrence of the Force Majeure event unless agreed otherwise, in writing by the Parties.
2. Service discontinuance and modifications. Bambuser may from time to time modify or discontinue access to, temporarily or permanently, any part, feature, or functionality of the Bambuser Solution. Bambuser shall not be liable for any such modification, suspension or discontinuance, even if certain features or functions, the Customer’s settings, and/or any Content the Customer has contributed or has come to rely on, are permanently lost. Bambuser reserves the right to make modifications to these Terms periodically. If changes are made, the Customer will be notified. The Customer’s continued use of and access to the Bambuser Solution after notice of such modifications indicates its acceptance of and agreement to the modified Terms.
3. Amendments. Except for as otherwise stated herein, any amendments to the Agreement must be made in writing and signed by authorized representatives of the Parties to be binding.
4. Assignment. The Customer’s right and obligations under the Agreement shall not be assigned by the Customer, in whole or in part, without Bambuser’s prior written consent. Any such purported assignment, delegation or transfer without such written consent shall be void. Bambuser may at any time assign its rights and obligations under the Agreement, in whole or in part, to any third party without prior consent or notice.
5. Subcontractors. The Customer may not engage a subcontractor to carry out its undertakings under the Agreement without Bambuser’s prior written approval. Notwithstanding any such consent, the Customer shall be liable for the work, acts and omissions of its subcontractors as for its own work and shall be responsible for the continuous and active monitoring of the quality of such work.
6. Limitation. The Parties agree that regardless of any statute or law to the contrary, any claim or cause of action arising out of or related to the Agreement must be filed within one (1) year after the Party becomes, or should have been, aware of such claim or cause of action arose or be forever barred.
7. Injunctive relief. The Customer acknowledges and agrees that breach of the Agreement, or any unauthorized use, disclosure or distribution of the Bambuser Solution, may cause irreparable harm to Bambuser, the extent of which would be difficult to ascertain, and that Bambuser shall be entitled to seek immediate injunctive relief (in addition to any other available remedies), in any court of competent jurisdiction under the applicable laws thereto.
8. Entire agreement. The Agreement, including its appendices, constitutes the entire Agreement between the Parties and supersedes any previous written or oral agreement between the Parties in relation to the subject matters dealt with in the Agreement.
9. Severability. If any section (or part of a section) of the Agreement is held by a court of competent jurisdiction to be invalid, illegal or unenforceable, it shall, insofar as it is severable from the remainder of the Agreement, be deemed omitted from the Agreement, and the remaining provisions of the Agreement shall remain in effect.

15.0 Governing Law and Dispute Resolution

1. Governing law. The Agreement and any disputes between the Parties and related to or concerning the Agreement shall be governed by the substantive laws of Sweden, excluding its conflict of law principles.
2. Dispute resolution. Any dispute, controversy or claim arising out of or in connection with the Agreement, or the breach, termination or invalidity thereof, shall be finally settled by arbitration administered by the Arbitration Institute of the Stockholm Chamber of Commerce (the “SCC”). The Rules for Expedited Arbitrations shall apply, unless the SCC in its discretion determines, taking into account the complexity of the case, the amount in dispute and other circumstances, that the Arbitration Rules shall apply. In the latter case, the SCC shall also decide whether the Arbitral Tribunal shall be composed of one (1) or three (3) arbitrators. The seat of arbitration shall be Stockholm, Sweden. The language to be used in the arbitral proceedings shall be Swedish or English.
3. Confidentiality during proceedings. The Parties shall keep confidential and shall not disclose to any third parties, without the prior written consent of the other Party, the existence of the arbitral proceedings, any arbitral awards and any Confidential Information and material produced or disclosed by another Party in the arbitral proceedings. Notwithstanding the aforesaid, the disclosure of information to third parties shall not be restricted under this section, if the disclosure of information is required by law, by a competent regulatory or governmental body or other public authority, or is necessary to protect or pursue a legal right of a Party. Furthermore, disclosure of information to professional, financial or legal advisors of a Party shall not be restricted under this section, provided that the recipient of the information is bound by a confidentiality obligation. The aforesaid shall not limit the Parties’ right to (i) seek interim orders or injunctions or any other provisional remedies available under the applicable law; (ii) collect uncontested claims from the other Party; or (iii) enforce an arbitral award in any competent court of law.

 BACKGROUND AND PURPOSE

This Data Processing Agreement (“DPA") sets out the terms and conditions for the Processing of Personal Data within the scope of Services where Bambuser acts as a Processor to Customer, acting as the Controller.Except as may be otherwise required under Data Protection Laws, Customer, on behalf of any other Controller (e.g., where applicable, companies within Customer’s company group or other Controllers designated by Customer, in both cases subject to agreement between Customer and Bambuser), shall serve as a single point of contact for Bambuser with regard to all matters under this DPA and shall be responsible for the internal coordination, review and submission of instructions or requests to Bambuser as well as the onward distribution of any information, notifications and reports provided by Bambuser hereunder.

Unless otherwise stipulated, the provisions of the DPA shall take precedence over the provisions of the Agreement with respect to the subject matter hereof.

‍

IT IS AGREED as follows:

1. DEFINITIONS

Without prejudice to any definition of a term set out in Data Protection Laws, any terms not defined herein shall be given the meaning provided in the Agreement. In this DPA, the following definitions apply:

Affiliate of an entity means any other entity that is: (i) directly or indirectly owning or controlling such entity; or (ii) under the same direct or indirect ownership or control as such entity; or (iii) directly or indirectly controlled by such entity; for so long as such ownership or control lasts. Ownership or control shall exist through direct or indirect ownership of fifty percent (50%) or more of the nominal value of the issued equity share capital or of fifty percent (50%) or more of the shares entitling the holders to vote for the election of the members of the board of directors or persons performing similar functions.

Agreement means the agreement to which this DPA is appended or applies, under which Bambuser provides services to the Customer.

Controller shall have the meaning defined in Data Protection Laws.

Processor shall have the meaning defined in Data Protection Laws.

Data Protection Laws means any applicable UK,  EU and EU member state national, or US (state or Federal) other national, data protection legislation as amended from time to time, including but not limited to: (a) the UK Data Protection Act 2018 (“2018 DPA”); (b) Regulation (EU) 2016/697 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“GDPR”); (c) any legislation supplementing or replacing the 2018 DPA, the GDPR or such other laws; and (d) any national legislation and court or government decisions applicable to the Processing of Personal Data and the instructions and binding orders of a Supervisory Authority.

Data Subject means an individual whose Personal Data is being Processed by Bambuser under this DPA and the Agreement.

Personal Data means any information relating to an identified or identifiable natural person, as defined in any Data Protection Laws.

Personal Data Breach means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Data transmitted, stored or otherwise Processed by Processor or any and all incidents adversely impacting the integrity or security of information.

Processing or “Process” means any processing action or combination of actions concerning Personal Data, as defined in Data Protection Laws.

Standard Contractual Clauses mean the contractual clauses issued by the European Commission permitting the lawful transfer of Personal Data to international organizations and countries not part of the European Economic Area or European Union or not approved by the European Commission.

Supervisory Authority means any competent supervisory authority under Data Protection Laws.

‍

2. RESPONSIBILITIES

2.1. Both Parties will comply with all applicable requirements of the Data Protection Laws. This DPA is in addition to, and does not relieve, remove or replace, a Party’s obligations or rights under the Data Protection Laws.

2.2. Both Parties will comply with all applicable requirements of the Data Protection Laws. With respect to California Consumer Privacy Act of 2018 ("CCPA"), Customer is defined as a “business” and Customer is engaging Bambuser as its “service provider” as defined in the CCPA. This DPA is in addition to, and does not relieve, remove or replace, a Party’s obligations or rights under the Data Protection Laws.

2.3. Bambuser shall Process Personal Data with all due care and skill, diligence and prudence, in a workmanlike manner in accordance with high professional standards, and in compliance with applicable Data Protection Laws. Bambuser must not use the Personal Data for any other purposes than those specified in the Agreement, this DPA and Customer’s documented instructions from time to time. Customer’s written instructions for Processing are set out in Appendix 1.

2.4. More specifically, Bambuser shall:

a) Process the Personal Data only on documented instructions from Customer, unless required to deviate from such instructions in order to comply with applicable Data Protection Laws which Bambuser is subject to. In such a case, Bambuser shall inform Customer of that legal requirement before Processing, unless such Data Protection Laws prohibit such information on important grounds of public interest;

b) ensure that persons authorized to process the Personal Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality;

c) assist Customer by appropriate technical and organizational measures, in so far as this is possible, for the fulfilment of  Customer's obligation to respond to requests for exercising any Data Subject’s rights under Data Protection Laws;

d) assist Customer in ensuring compliance with its legal obligations in respect of Personal Data, such as, with Customer's data security, data protection impact assessment and prior consulting obligations set out by Data Protection Laws;

e) make available to Customer all information necessary to demonstrate compliance with Bambuser's obligations set out in this DPA and in applicable Data Protection Laws, and allow for and contribute to audits, including inspections, conducted by Customer as set forth in this DPA; and

f) Process Personal Data only during the term of this DPA.

2.5. Bambuser shall implement technical, physical, and organizational measures to make sure a high level of security of the Personal Data that it is Processing and to protect Personal Data against unauthorized or unlawful Processing and against accidental loss, destruction, damage, alteration, or disclosure. Bambuser's security measures shall at all times meet the requirements of applicable Data Protection Laws.  

2.6. Subject to the terms of the Agreement, Bambuser shall implement and maintain technical and organizational measures to secure conformity with applicable Data Protection Laws to which Bambuser is subjected, inter alia, measures for:

a) pseudonymization and/or encryption of Personal Data;

b) ensuring confidentiality, integrity, availability and resilience of systems and services processing Personal Data;

c) restoring availability and access to Personal Data in a timely manner in the event of a Personal Data Breach or other unexpected event interrupting Bambuser's processing of Personal Data;

d) regularly testing, assessing and evaluating the effectiveness, readiness and integrity of technical and organizational measures for ensuring the security of the Processing; and

e) conforming with current business practices, standards or recommendations concerning privacy protection and information safety.

2.7. A description of Bambuser’s technical and organizational measures applicable upon the date of signing hereof is available at https://bambuser.com/docs/agreement-details/#technical-and-organizational-measures.

2.8. Bambuser shall ensure that any person acting under the authority of Bambuser who has access to Personal Data shall not Process them except on documented instructions from Customer.

2.9. Customer (and/or, as the case may be, companies affiliated with Customer as may be agreed with Bambuser) is the Controller for all Personal Data which Customer (or persons on its behalf) shares with Bambuser for Processing under the Agreement and this DPA. In its capacity as Controller, Customer confirms (on its own part and, as applicable, on behalf of each other Controller) that: a) without prejudice to Bambuser’s responsibilities as a Processor hereunder, Customer is solely responsible for any Personal Data provided or made accessible to Bambuser under this DPA and the means by which it has been acquired and collected as well as the accuracy, quality, legality and integrity thereof; b) Customer is entitled to provide access to the Personal Data to Bambuser for the purposes hereof and, consequently, that it has and will maintain a lawful basis for Bambuser’s Processing of Personal Data for purposes of performance of the services under the Agreement and in accordance with this DPA; c) all instructions from Customer for the Processing of Personal Data hereunder shall comply with applicable Data Protection Laws, shall be reasonable and documented in writing, and shall relate to and be consistent with the services agreed to be provided by Bambuser under the Agreement, and Customer accepts that Bambuser disclaims any obligation or liability with regard to any instructions or requests being in violation of any of the aforesaid.

2.10. Customer is responsible for providing Bambuser with instructions for the Processing of Personal Data under this DPA. Bambuser shall only Process Customer's Personal Data in accordance with this DPA and Customer’s instructions applicable from time to time. If Bambuser deems that instructions violate Data Protection Laws, Bambuser shall notify Customer thereof as soon as practicably possible. Bambuser shall for the avoidance of doubt not be obliged to perform a certain measure if, according to Bambuser’s reasonable assessment, this would result in a breach of Data Protection Laws. Notwithstanding the foregoing, Bambuser shall not be obliged to perform any own investigations, surveys or assessments in order to establish whether instructions comply with Data Protection Laws or not. Bambuser reserves the right to charge Customer on a time and material basis for any work caused by Customer, and/or costs incurred, pursuant to the above or for other work or measures (including measures or work requested to be performed by Customer) not expressly covered in the DPA or which is in addition to Bambuser’s standard business undertakings pertaining to its Processing of Personal Data.

‍

3. TRANSFER OF PERSONAL DATA

3.1. Bambuser shall ensure that no Personal Data is transferred, released, assigned, disclosed or otherwise made available to any third party without Customer's consent.

3.2. Processing activities (including storage) shall take place on the location(s) set out in Appendix 1. It is acknowledged that Bambuser, either itself or using sub-processors, as part of the services under the Agreement, may need to perform services from locations in countries and territories outside the UK and EEA. In case of such performance, then Customer (for its own part and on behalf of other Controllers referenced herein being established in the UK and EEA) hereby gives its general consent, mandate, authorization and instruction to Bambuser for the purposes of conducting transfers outside the UK and EEA, as set forth below in Section 4 (Sub-processors). Bambuser or its sub-processors may Process Personal Data outside the UK and EEA only pursuant to the requirements and conditions set out in Chapter V to the GDPR and the Standard Contractual Clauses.

4. SUB-PROCESSORS

4.1. Bambuser may only engage sub-processors for Processing of Personal Data under the Agreement in accordance with the below. Customer acknowledges that appointment of sub-processors (as well as appointment of new sub-processors from time to time), is necessary in order for Bambuser to perform its services under the Agreement. Bambuser is responsible for ensuring that all Processing of Personal Data performed by a sub-processor is governed by a written agreement with the sub-processor that corresponds to the requirements of this DPA and applicable Data Protection Laws, including but not limited to Article 28 of the GDPR. Subject to and considering the above, Customer (also on behalf of other Controllers, where applicable) hereby gives its general written consent and mandate (also for the purpose of the Standard Contractual Clauses, as applicable) to Bambuser to use sub-processors, and for the sub-processors to use sub-processors, in respect of: i) Affiliates, ii) other sub-processors used in Bambuser’s regular business and service delivery; and iii) otherwise any sub-processor of Bambuser. Bambuser will maintain a list of its permitted sub-processors; such list may be updated from time to time and Bambuser will notify Customer in the event Bambuser adds a sub-processor to the list with thirty (30) days prior written notice. Customer shall have the right to object to the use of a sub-processor by written notice to Bambuser, such objection to be made in good faith and based on justifiable grounds, without undue delay from the time Customer was notified of the use of such sub-processor. The Parties will in good faith discuss possible activities to mitigate the risks raised in such objection from Customer. Customer acknowledges and accepts that its objection to a sub-processor may adversely affect Bambuser’s ability to perform the services under the Agreement, therefore Bambuser shall be entitled to use such sub-processor despite Customer’s objection as removal of such sub-processor would affect all Bambuser’s customers. In the event the Parties are not able to reach an agreement in relation to such sub-processor, Customer may terminate the Agreement with immediate effect. Unless otherwise agreed in writing by Bambuser, Bambuser is under no obligation to refund any payments made in advance for services under the Agreement. The sub-processors engaged by Bambuser on the effective date of the Agreement are set out in Appendix 1.

‍

5. DATA BREACH

5.1. In the event of a Personal Data Breach, Bambuser shall without undue delay submit a written notice to Customer including the following information;  

a) a description of the nature of the Personal Data Breach including, the categories and approximate number of Data Subjects concerned, and the categories and approximate number of data records concerned;

b) name and contact details of the person responsible for Bambuser’s data protection matters;

c) a description of likely consequences and/or realized consequences of the Personal Data Breach; and

d) a description of actions taken by Bambuser (and/or its sub-processors) to assess and address the Personal Data Breach; to mitigate its possible adverse effects; or to prevent the reoccurrence of the Personal Data Breach.

5.2. Where, and in so far as, it is not possible to provide the information requested in Section 5.1 at the same time, Bambuser may provide the requested information in phases without undue further delay. Furthermore, Bambuser shall document any Personal Data Breaches and upon Customer’s request make the documentation available for Customer to ensure its compliance with applicable Data Protection Laws.

5.3. Bambuser shall take all the necessary steps to protect the Personal Data when made aware of a Personal Data Breach. Pursuant to the submission of a notice to Customer in accordance with Section 5.1, Bambuser shall, in consultation with Customer, take appropriate measures to secure the Personal Data and limit any possible detrimental effect to the Data Subjects. Bambuser shall cooperate with Customer, and with any third parties designated by Customer, to respond to the Personal Data Breach. The objective of the Personal Data Breach response will be to restore the confidentiality, integrity, and availability of the Personal Data Processed by Bambuser, to establish root causes and corrective actions, preserving evidence and to mitigate any damage caused to Data Subjects or Customer.

‍

6. RECORDS

6.1. Bambuser shall maintain and update a record in an electronic form (“Record”), of all Personal Data Processing carried out under this DPA and the Agreement on behalf of Customer.

6.2. Bambuser shall provide Customer with the Record without undue delay as from the Customer’s request.

6.3. In case of a request by Data Subjects or a Supervisory Authority concerning Processing of Personal Data under this DPA (including requests to block, delete, transfer, amend Personal Data or any other actions), Bambuser shall, without undue delay, inform Customer of all such requests and shall assist Customer in its response or other action concerning such request. Bambuser may only correct, delete, amend or block the Personal Data Processed on behalf of Customer when instructed to do so by Customer or required by Data Protection Laws.

6.4. Bambuser shall notify Customer of any changes in its activities that may materially affect the data protection, security or integrity of Customer’s Personal Data Processed hereunder.

‍

7. AUDITS

7.1. If Customer has reasonable grounds to suspect non-compliance with this DPA or Data Protection Laws on Bambuser’ part, or if otherwise required under Data Protection Laws, Bambuser shall, upon Customer’s written request, make all necessary information available to demonstrate compliance herewith and allow for audits, including inspections, to be performed by Customer or its appointed representative. Customer shall endeavor to perform such audit without causing significant disruption to Bambuser’s regular operations (e.g. to perform any such measures under reasonable time, place and manner conditions, during regular business hours) and subject always to Bambuser’s security policies. Customer will primarily rely on applicable existing audit reports or other available verification, if any, to confirm Bambuser’s compliance and avoid unnecessary repetitive audits; unless required under Data Protection Laws, audits will not be made more than once in any twelve-month period. The audit shall not grant Customer access to trade secrets or proprietary information unless required in order to comply with Data Protection Laws (and Bambuser will never be obliged, with regard to any information request or audit, to provide access to prices, pricing structures or other commercial information). Customer shall notify, within a reasonable period of time (at least thirty (30) days), Bambuser in advance of such audit unless otherwise required by a Supervisory Authority. Customer and any persons conducting an audit must enter into adequate confidentiality undertakings prior to such audit and the audit must be conducted so as not to jeopardize the security of information belonging to other customers. In the event that Customer proposes to use a representative/third party auditor, then Bambuser may oppose such appointment only if such representative/auditor is a competitor of Bambuser or Bambuser has other justifiable grounds for objection. Notwithstanding the foregoing, Customer accepts that any requirements that Customer (itself or on behalf of any Controller referenced herein) may have with regard to the purposes of Processing Personal Data hereunder, or any requests for information, assistance or activities from Bambuser made by Customer or on its behalf hereunder, that extend beyond Bambuser’s ordinary course of business, routines or policies, or what is otherwise commercially reasonable, shall be specifically agreed in writing and may be subject to additional fees and charges. Insofar as possible, Bambuser shall procure that Customer is similarly entitled to conduct audits in respect to sub-processors (or be provided with corresponding information from such sub-processors). Customer is however aware of and acknowledges that the scope of such audits/information may not correspond with the above and/or that conditions may apply.

‍

8. TERM AND TERMINATION

8.1. This DPA shall automatically terminate upon any termination or expiration of the Agreement, provided no separate assignments for Processing of Personal Data independent of the Agreement have been concluded by and between the Parties in accordance with Appendix 1. The terms of the DPA will however continue to apply for as long as any Personal Data is Processed by Bambuser.

8.2. Upon termination of this DPA, or upon Customer's written request, Bambuser shall destroy or return, either to Customer or to a third party designated by Customer, all Personal Data, unless otherwise required by Data Protection Laws. Bambuser shall verify in writing to Customer that such destruction or return has taken place, and, upon written request, provide Customer with written statement confirming that such Personal Data, including all copies thereof, have been permanently destroyed.

‍

9. LIMITATION OF LIABILITY

9.1. Subject to the below, the provisions on limitations of liability for Bambuser set out in the Agreement shall apply to this DPA.  

9.2. The Parties shall cooperate and provide assistance in the event of an enforcement action or investigation by a Supervisory Authority with regards to activities conducted under this DPA, including promptly notifying the other Party of the threat and commencement of such measures. The Parties shall make all reasonable efforts to minimize the risk of damage incurred by the Parties due to such event.

9.3. WITHOUT PREJUDICE TO ANY EXPRESS RIGHT OR REMEDY AVAILABLE TO DATA SUBJECTS PROVIDED UNDER DATA PROTECTION LAWS, ANY LIABILITY FOR BAMBUSER ARISING OUT OF OR IN CONNECTION WITH THIS DPA (WHETHER IN CONTRACT, TORT OR OTHERWISE) IS, AS BETWEEN THE PARTIES, LIMITED TO DIRECT DAMAGES (EXCLUDING ANY INDIRECT, CONSEQUENTIAL, SPECIAL OR INCIDENTAL COST, LOSS OR DAMAGE OF ANY KIND) AND SUBJECT TO ANY APPLICABLE PROVISIONS ON LIMITATION OF LIABILITY CONTAINED IN THE AGREEMENT. CUSTOMER’S AND ANY OTHER CONTROLLER’S CLAIMS IN THE AGGREGATE, AND THE TOTAL AND AGGREGATE LIABILITY SHALL, IN ANY EVENT, FOR ANY CALENDAR YEAR BE CAPPED AT AN AMOUNT CORRESPONDING TO THE TOTAL FEES PAID BY CUSTOMER UNDER THE AGREEMENT FOR THE APPLICABLE SERVICES DURING TWELVE (12) MONTHS PRECEDING THE DATE OF THE OCCURRENCE OF THE CLAIM FORMING BASIS FOR LIABILITY. FOR CLARITY, ANY CLAIM, OR MULTIPLE INTERLINKED CLAIMS, SHALL BE SUBJECT TO THE LIABILITY CAP APPLICABLE AT THE DATE ON WHICH THE EVENT OR CIRCUMSTANCE FORMING THE BASIS FOR THE CLAIM(S) FIRST OCCURRED.

‍

10. GOVERNING LAW AND DISPUTES

10.1. This DPA and its appendices shall be considered to be part of the Agreement and therefore governed and construed in accordance with the same laws as the Agreement. Disputes shall be resolved in accordance with the provisions on dispute resolution contained in the Agreement.

‍

appendix 1

The Parties agree the following:

‍