JFrog EU Data Act Addendum

Last Updated: January 21, 2026

This JFrog EU Data Act Addendum (“Addendum”) forms part of the JFrog Cloud Terms and Conditions available at https://jfrog.com/cloud-terms-and-conditions/ or the Cloud agreement entered between JFrog and Customer who qualifies as an EU Customer Entity (the “Agreement”). The Addendum is hereby incorporated within the Agreement. Capitalized terms not otherwise defined herein will have the meaning set forth in the Agreement.

1. SWITCHING REQUEST AND TRANSITION SERVICES.
   1. Switching Request.Pursuant to the Agreement, Customer maintains full administrative control over Customer Data including the right to view, modify, download or delete it. Customer may submit a request to JFrog to switch to another Destination Provider (a “Switching Request”). The Switching Request must be submitted two months prior to Customer’s planned Switch initiation date.
   2. Transition Services.Following the acceptance of the Switching Request, Customer may also request Transition Services by providing sixty (60) days’ written notice to JFrog (the “Notice Period”). JFrog will review and verify valid requests for Transition Services. Following expiration of the Notice Period and verification of the request, JFrog will provide Transition Services for thirty (30) days. Either Party may request an extension of the Transition Period up to a total of seven (7) months. If JFrog requires an extension due to technical infeasibility, JFrog will justify such request to Customer within fourteen (14) business days of receiving the initial notice (collectively, the “Transition Period”). During the Transition Period and subject to payment of the Early Termination Fee, JFrog will continue to maintain the continuity of service, the service levels and security of the JFrog Platform as set forth in the Agreement, provide assistance as described in JFrog’s Documentation, which provides Customer with instructions concerning the export of Customer Data. Early Termination Fees are the fees defined in the Order form.
      Upon completion of the Transition Period, the Agreement will terminate and Customer will have thirty (30) days to retrieve its Customer Data, unless the parties mutually agree in writing to extend such period.
2. FEES FOR TRANSITION SERVICES AND EARLY TERMINATION
   Customer and JFrog agree on the following fee structure for early termination due to a Switching Request:
   1. Early Termination Charges for Fixed-Term Commitments
      1. Acknowledgement of Commercial Model: Customer acknowledges and agrees that the pricing, discounts, and/or ramped-pricing models offered by JFrog for a fixed-term Subscription (“Fixed-Term Commitment“) are provided in consideration for, and are conditional upon, Customer’s commitment to the full duration of that Subscription Term.
      2. Early Termination Fees: If Customer elects to terminate this Agreement early by exercising its switching rights under the EU Data Act such termination will pay proportionate Early Termination Fees. Early Termination Fees are equal to the total of all Subscription Fees for the remainder of such Subscription Term(s), with no credits or refunds available. Such payment is due prior to the commencement of Transition Services.
      3. Clarification: For the avoidance of doubt, this Early Termination Fee is a commercially agreed-upon compensation for the early termination of a Fixed-Term Commitment and is separate from, and does not include, any “switching charges” (e.g., data egress fees) as defined and governed by Article 29 of the EU Data Act.
      4. Additional Cost Provision: If Customer fails to provide a Switch Completion Notice, Customer will (i) continue to incur standard service fees for the Subscription in accordance with the Agreement, including all overage fees and (ii) be required to reimburse JFrog for any switching-related credits or fee waivers previously provided to Customer in connection with its Switch.

      Customer may purchase additional Professional Services beyond the reasonable Transition Services provided at JFrog’s then current rates, subject to the parties’ mutual agreement and execution of a Statement of Work.

3. GENERAL.
   The charges and compensation amounts set forth in this Agreement represent the parties’ reasonable estimate of actual costs and damages, calculated in accordance with the fair, reasonable, and non-discriminatory principles required under the EU Data Act. These amounts are intended as liquidated damages, not penalties, and reflect: (a) the technical and organizational costs of data provision; (b) reasonable profit margins as permitted under applicable law; (c) the commercial value of data access rights; and (d) the administrative burden of compliance with responding to the Switching Request. The parties agree these amounts are proportionate to the anticipated losses and provide appropriate incentives for performance.All terms and conditions of the Agreement will remain in full force and effect except as amended herein. In the event of any conflict or inconsistency between the terms of this Addendum and the terms of the main Agreement, the terms of this Addendum will prevail solely with respect to the parties’ rights and obligations under the EU Data Act. Should any provision of this Addendum be or become invalid, illegal, or unenforceable, the validity of the remaining provisions shall not be affected. The parties shall use all reasonable endeavors to replace the invalid, illegal, or unenforceable provision with a valid provision that achieves, to the greatest extent possible, the economic, legal, and commercial objectives of the invalid provision.

EXHIBIT A

DEFINITIONS

“Data Processing Services” means services that enable ubiquitous and on-demand network access to a shared pool of configurable, scalable and elastic computing resources of a centralised, distributed or highly distributed nature that can be rapidly provisioned and released with minimal management effort or service provider interaction.

“Destination Provider” means the provider of Data Processing Services Customer has opted to Switch to.

“EU Customer Entity” means a Customer that has a European Economic Area (“EEA”) shipping address, and to which the EU Data Act applies.

“EU Data Act” means Regulation (EU) 2023/2854 of the European Parliament and of the Council of 13 December 2023).

“Exempted Data” means JFrog Materials and Usage Data, as well as any data excluded from Switching Data such as data specific to the internal functioning of the Services or that are protected by intellectual property rights under the Agreement or constitute a trade secret of JFrog or any third party.

“On-premises ICT Infrastructure” means information and communications technology infrastructure and computing resources owned, rented or leased by Customer, and operated by Customer or by a third-party.

“Switch” or “Switching” means ceasing the access to the JFrog Platform by moving Switching Data to either (i) another Data Processing Service offered by a Destination Provider, or (ii) an On-premises ICT Infrastructure.

“Switching Data” means (a) Customer Data, and (b) additional data related to Customer’s usage of the JFrog Platform necessary for the implementation of Customer Data in an On-premises ICT Infrastructure or the Destination Provider’s environment, excluding any Exempted Data.

“Switch Completion Notice” is a formal written notification issued by the customer to JFrog, confirming that the Customer’s Switching to either (i) an alternative Data Processing Service offered by a Destination Provider, or (ii) an On-premises ICT Infrastructure has been successfully completed.

“Switching Process” means the process commencing on JFrog’s receipt of a complete written request for a Switch and concluding upon the earlier of JFrog’s receipt of the Switch Completion Notice or the end of the Transition Period.

“Transition Services” means JFrog’s reasonable assistance provided to an EU Entity Customer to: (a) switch to another provider of the same service type; or (b) migrate to customer On-Premises ICT Infrastructure.