JFrog CCPA Addendum

Last Updated: January 2, 2022
icon download

Download DPA

This California Consumer Privacy Act (CCPA) Addendum (“CCPA Addendum”) is hereby incorporated by reference into, and becomes a binding part of the Terms of Service for JFrog’s Cloud Services (the “Cloud Services”) available here, or any other existing agreement between the Customer (“Customer” or “Business”) and JFrog (“JFrog” or “Service Provider”) for the provision by JFrog of any of its Cloud Services (the “Agreement”). All capitalized terms not defined herein will have the meaning set forth in the Agreement.

  1. Definitions.
    For purposes of this Addendum, the following terms shall mean as follows:

    1. “CCPA” means the California Consumer Privacy Act of 2018.
    2. “Business”, “Consumer”, “Delete”, “Personal Information”, “Process”,“Request to Delete”, “Request to Know”Sell”, and “Service Provider” shall have the meaning set forth in the CCPA.
    3. “Services” means the services and activities provided by JFrog pursuant to or in connection with the Agreement.
  2. Subject Matter.
    This CCPA Addendum applies to the Processing by JFrog of Customer Personal Information in connection with the Agreement and the provision of the Cloud Services to Customer, where such Processing is subject to the provisions of the CCPA, and as stipulated in JFrog Privacy Policy.
  3. Customer’s Obligations.
    Customer shall, in its use of the Cloud Services and provision of Personal Information to JFrog and/or the Cloud Services, comply at all times with the obligations, requirements and laws applicable to Businesses and Customer shall indemnify, hold harmless and defend JFrog and its Affiliates for any breach or violation related thereto.
  4. Prohibited Use.
    1. JFrog shall not Sell Customer’s Personal Information. JFrog further agrees not to retain, use, or disclose Personal Information obtained from Customer: (i) outside the direct relationship between Customer and JFrog, and (ii) for any purposes other than for the specific purposes of performing the Cloud Services specified in the Agreement.
    2. For the avoidance of doubt, Customer hereby approves and consents: (i) to the transfer of Personal Information by JFrog to other Service Provider’s entities (including, without limitation, Affiliates and subsidiaries), service providers, third parties and vendors, in order to provide the Cloud Services to Customer; and (ii) that JFrog will use and process the Personal Information in order to (a) provide the Cloud Services to Customer; (b) for internal use by the Service Provider to build or improve the quality of its services; (c) to detect data security incidents, or protect against fraudulent or illegal activity; and (d) collect and analyze anonymous information.
  5. Deletion of Personal Information.
    Upon Customer’s written request, and subject to, and in accordance with the provisions of the CCPA, this CCPA Addendum and applicable laws and requirements, JFrog, as a Service Provider, agrees to promptly Delete Customer Personal Information. If the Service Provider receives a Request to Know or a Request to Delete from a Consumer, Service Provider shall inform the Consumer that the request cannot be acted upon because the request has been sent to a Service Provider. To exercise Customer’s rights under the CCPA, Customer can: email JFrog at privacy@jfrog.com; or call JFrog at +1-408-329-1540.
  6. Relationship with Agreement.
    Notwithstanding anything to the contrary in the Agreement and/or in any agreement between the parties and to the maximum extent permitted by law:

    1. JFrog’s and its Affiliates’ liability, taken together in the aggregate, arising out of or related to this Addendum, whether in contract, tort or under any other theory of liability, is subject to the ‘Limitation of Liability’ section of the Agreement;
    2. in no event will JFrog and/or JFrog Affiliates and/or their third-party providers, be liable under, or otherwise in connection with, this CCPA Addendum for: (i) any indirect, exemplary, special, consequential, incidental, or punitive damages; (ii) any loss of profits, business, or anticipated savings; (iii) any loss of, or damage to data, reputation, revenue or goodwill; and/or (iv) the cost of procuring any substitute goods or services; and
    3. the foregoing exclusions and limitations on liability set forth in this Section shall apply: (i) even if JFrog, JFrog Affiliates or third-party providers, have been advised, or should have been aware, of the possibility of losses or damages; (ii) even if any remedy in this CCPA Addendum fails of its essential purpose; and (iii) regardless of the form, theory or basis of liability (such as, but not limited to, breach of contract or tort).
  7. Duration and Survival.
    This CCPA Addendum will become legally binding upon the date JFrog commences to process Customer’s Personal Information which is subject to the CCPA. This CCPA Addendum shall automatically terminate upon the termination or expiration of the Agreement under which the Cloud Services are provided. Section 6 and this Section 7 shall survive the termination or expiration of this CCPA Addendum for any reason. This CCPA Addendum cannot, in principle, be terminated separately to the Agreement, except where the processing of Personal Information ends before the termination of the Agreement, in which case, this CCPA Addendum shall automatically terminate. In any event, upon termination, to the extent required or allowed by applicable law, JFrog may retain one copy of the Personal Information for evidence purposes and/or for the establishment, exercise, or defense of legal claims and/or to comply with applicable laws and regulations.