JFrog CCPA Addendum
Last Updated: August 16, 2020
This CCPA Addendum (this “Addendum”) forms an integral part of the agreement (“Agreement”) between You (“Customer”) and JFrog (“Supplier”) for Your purchase or use of Supplier’s products and services. The following shall apply in connection with the Agreement”
- Definitions. For purposes of this Addendum, the following terms shall mean as follows:
- “CCPA” means the California Consumer Privacy Act of 2018.
- “Business”, “Consumer”, “Delete”, “Personal Information”, “Process”,“Request to Delete”, “Request to Know” “Sell”, and “Service Provider” shall have the meaning set forth in the CCPA.
- “Services” means the services and activities provided by JFrog pursuant to or in connection with the Agreement.
- Customer’s Obligations. Customer shall, in its use of the Services and provision of Personal Information to Supplier and/or the Services, comply at all times with the obligations, requirements and laws applicable to Businesses and Customer shall indemnify, hold harmless and defend Supplier and its affiliates for any breach or violation related thereto.
- Prohibited Use. Supplier shall not Sell Customer’s Personal Information. Supplier further agrees not to retain, use or disclose Personal Information obtained from Customer: (i) outside the direct relationship between Customer and Supplier, and (ii) for any purposes other than for the specific purposes of performing the Services specified in the Agreement. For the avoidance of doubt, Customer hereby approves and consents: (i) to the transfer of Personal Information by Supplier to other Supplier’s entities (including, without limitation, affiliates and subsidiaries), service providers, third parties and vendors, in order to provide the Services to Customer; and (ii) that Supplier will use and process the Personal Information in order to (a) provide the Services to Customer; (b) for internal use by the Service Provider to build or improve the quality of its services; (c) to detect data security incidents, or protect against fraudulent or illegal activity; and (d) collect and analyze anonymous information.
- Deletion of Personal Information. Upon Customer’s written request, and subject to, and in accordance with the provisions of the CCPA, this Addendum and all applicable laws and requirements, Supplier, as a Service Provider, agrees to promptly Delete Customer Personal Information. If Service Provider receives a Request to Know or a Request to Delete from a Consumer, Service Provider shall inform the Consumer that the request cannot be acted upon because the request has been sent to a Service Provider. To exercise Customer’s rights under the CCPA, Customer can:
- Email Supplier at Privacy@jfrog.com; or
- Call Supplier at +1-408-329-1540
- Relationship with Agreement. Notwithstanding anything to the contrary in the Agreement and/or in any agreement between the parties and to the maximum extent permitted by law: (A) Supplier’s (including, without limitation, Supplier’s affiliates’ and subsidiaries’) entire, total and aggregate liability, related to personal data or information, privacy, or for breach of, this Addendum and/or CCPA, including, without limitation, any indemnification obligation under the Agreement or applicable law regarding data protection or privacy, shall be limited to the amounts paid to Supplier under the Agreement within the six (6) months preceding the event that gave rise to the claim. This limitation of liability is cumulative and not per incident; (B) in no event will Supplier and/or Supplier affiliates and/or their third-party providers, be liable under, or otherwise in connection with, this Addendum for: (i) any indirect, exemplary, special, consequential, incidental or punitive damages; (ii) any loss of profits, business, or anticipated savings; (iii) any loss of, or damage to data, reputation, revenue or goodwill; and/or (iv) the cost of procuring any substitute goods or services; and (C) the foregoing exclusions and limitations on liability set forth in this Section shall apply: (i) even if Supplier, Supplier affiliates or third-party providers, have been advised, or should have been aware, of the possibility of losses or damages; (ii) even if any remedy in this Addendum fails of its essential purpose; and (iii) regardless of the form, theory or basis of liability (such as, but not limited to, breach of contract or tort).
- Duration and Survival. This Addendum will become legally binding upon the date Supplier commence to process Your Personal Information which is subject to the CCPA. This Addendum shall automatically terminate upon the termination or expiration of the Agreement under which the Services are provided. Section 6 (Relationship with Agreement) and this Section 7 (Duration and Survival) of this Addendum shall survive the termination or expiration of this Addendum for any reason. This Addendum cannot, in principle, be terminated separately to the Agreement, except where the processing of Personal Information ends before the termination of the Agreement, in which case, this Addendum shall automatically terminate. In any event, upon termination, to the extent required or allowed by applicable law, Supplier may retain one copy of the Personal Information for evidence purposes and/or for the establishment, exercise or defense of legal claims and/or to comply with applicable laws and regulations.