Terms and Conditions
TERMS AND CONDITIONS
Last Revised: July 2024
Welcome, and thank you for your interest in Loom Analytics (“Loom Analytics”, “Loom,” “we,” or “us”) and our website at www.loomanalytics.com, along with our related networks, applications, mobile applications, and other services provided by us (collectively, the “Service”). These Terms of Service are a legally binding contract between you and Loom regarding your use of the Service. As used herein, “you” or “your” means any individual, entity, university, organization, or company (“Organization”) accessing or using the Service as well as any individual end user accessing and using the Service, as applicable and hereby agreeing to these Terms.
PLEASE READ THE FOLLOWING TERMS CAREFULLY.
BY CLICKING “I ACCEPT,” OR BY DOWNLOADING, INSTALLING, OR OTHERWISE ACCESSING OR USING THE SERVICE, YOU AGREE THAT YOU HAVE READ AND UNDERSTOOD, AND, AS A CONDITION TO YOUR USE OF THE SERVICE, YOU AGREE TO BE BOUND BY, THE FOLLOWING TERMS AND CONDITIONS, INCLUDING LOOM’S PRIVACY POLICY (Terms of Service and Privacy Policy hereinafter referred to as “TERMS”). IF YOU ARE NOT ELIGIBLE, OR DO NOT AGREE TO THE TERMS, THEN YOU DO NOT HAVE OUR PERMISSION TO USE THE SERVICE. YOUR USE OF THE SERVICE, AND LOOM’S PROVISION OF THE SERVICE TO YOU, CONSTITUTES AN AGREEMENT BY LOOM AND BY YOU TO BE BOUND BY THESE TERMS.
1. Loom Service Overview. The Service enables users to transform recorded voice conversations into transcribed notes that can be searched and shared. You may choose whether to use the free version of the Service (“Free Service”) or the subscription-based paid version of the Service for which you may be required to pay fees (the “Paid Service”).
2. Eligibility. You must be at least 18 years old to use the Service. By agreeing to these Terms, you represent and warrant to us that: (a) you are at least 18 years old; (b) you have not previously been suspended or removed from the Service; and (c) your registration and your use of the Service is in compliance with any and all applicable laws and regulations. If you are an Organization, the individual accepting these Terms on your behalf represents and warrants that they have authority to bind you to these Terms and you agree to be bound by these Terms.
3. Accounts and Registration.
3.1 General. To access most features of the Service, you must register for an account. When you register for an account, you may be required to provide us with some information about yourself, such as your name, email address, phone number, or other contact information. For Organizations, if you wish to designate individual users to access and use the Service under your account (such users, “Authorized Users”), you may also be required to provide us with additional information about such Authorized Users. You agree that the information you provide to us is accurate and that you will keep it accurate and up-to-date at all times, and that you have all necessary rights and approvals to provide such information. When you register, you will be asked to provide a password. You are responsible for maintaining the confidentiality of your account and password, and you accept responsibility for all activities that occur under your account. If you believe that your account is no longer secure, then you must immediately notify us at support@loomanalytics.com.
3.2 Authorized Users.
a. You are responsible for: (i) identifying and authenticating all of your Authorized Users (ii) approving access by your Authorized Users to the Service and designating appropriate access controls in connection with your account, (iii) controlling against unauthorized access by your Authorized Users, and (iv) all activities that occur under your Authorized Users’ usernames, passwords or accounts as a result of your Authorized Users’ access and use of the Service.
b. If you received your credentials to access and use the Service (including certain features thereof) from your Organization or otherwise are accessing the Service under your Organization’s account, you acknowledge and agree that your access to the Service as provided by your Organization is subject to the agreement between Loom and your Organization with respect to the Service. You also acknowledge that your Organization may terminate the access to the Service that they provide to you at any time. Loom will have no liability to you in connection with any such removal or termination.
c. If the domain of the email address associated with your account is owned by an Organization and was assigned to you as an employee, contractor or member of the Organization (for example: yourname@youremployer.com), you acknowledge and agree that we may identify your account to the Organization, migrate your account to the Organization’s account, and/or restrict or terminate access to your account. Loom will have no liability to you in connection with any such disclosure, restriction, or termination.
d. When you join an Organization as an Authorized User, you must do the following:
-Use it in compliance with your organization’s terms and policies. Please note that your account is subject to the Organization’s control. The Organization administrators may prevent you from later disassociating your account from the Organization account. They may also restrict or terminate your access at their sole discretion.
-Acknowledge that all the data under your account is owned by the Organization and the Organization administrators have the right to access, disclose, restrict and remove information in your account. This includes the data that predates when you joined the Organization account.
4. General Payment Terms. Use of the Service will require you to pay fees. All fees shall state their currency as per their respective country. You will comply with any terms and instructions that are set out in any invoice you may receive.
4.1 Price. Loom reserves the right to determine pricing for the Service. Loom will make reasonable efforts to keep pricing information published on the website up to date. We encourage you to check our website periodically for current pricing information. Loom may at any time change the fees for any feature of the Service, including additional fees or charges, at its sole discretion, if Loom gives you advance notice of changes, then they apply. Loom, at its sole discretion, may make promotional offers with different features and different pricing to any of Loom’s customers. These promotional offers, unless made to you, will not apply to your offer or these Terms.
4.2 Authorization. You authorize Loom and its third party payment processors to charge all sums for the orders that you make and any level of Service you select as described in these Terms or published by Loom, including all applicable taxes and charges, to the payment method specified in your account. If you pay any fees with a credit card, Loom or its third party payment processors may seek pre-authorization of your credit card account prior to your purchase to verify that the credit card is valid and has the necessary funds or credit available to cover your purchase. If you pay by direct deposit payment must be made to the designated bank account along with any other instructions provided by Loom.
4.3 Delinquent Accounts. Loom may suspend or terminate access to the Service, including fee-based portions of the Service, for any account for which any sums are due but unpaid. Without limiting the generality of the foregoing, if you have been provided access to the Service (including certain features thereof) via your Organization and your Organization has not paid all sums due, we may suspend or terminate your access to the Service. In addition to the amount due for the Service, a delinquent account may be charged with fees or charges that are incidental to any chargeback or collection of any the unpaid amount, including collection fees.
4.4 Inactive Accounts. Loom may suspend or terminate access to the Service for any account that is inactive for 90 days.
5. Licenses
5.1 Limited License. Subject to your complete and ongoing compliance with these Terms, Loom grants you a personal, non-exclusive, non-transferable and limited right to access and use the Service. If any term, condition or provision of this agreement shall be deemed unlawful, invalid, void or for any reason unenforceable, the validity and enforceability of the remaining terms, conditions and provisions shall survive.
5.2 License Restrictions. Except and solely to the extent such a restriction is impermissible under applicable law, you may not: (a) reproduce, distribute, publicly display, or publicly perform the Service; (b) make modifications to the Service; (c) interfere with or circumvent any feature of the Service, including any security or access control mechanism; (d) access or use the Service in violation of any usage restrictions or other limitations associated with the level of Service you (or your Organization) have selected to access and purchased, if applicable. If you are prohibited under applicable law from using the Service, you may not use it.
6. Feedback. If you choose to provide input and suggestions regarding problems with or proposed modifications or improvements to the Service (“Feedback”), then you hereby grant Loom an unrestricted, perpetual, irrevocable, non-exclusive, fully-paid, royalty-free right to exploit the Feedback in any manner and for any purpose, including to improve the Service and create other products and services.
7. Ownership; Proprietary Rights. The Service is owned and operated by Loom. The visual interfaces, graphics, design, compilation, information, data, computer code (including source code or object code), products, software, services, and all other elements of the Service (“Materials”) provided by Loom are protected by intellectual property and other laws. All Materials included in the Service are the property of Loom or its third party licensors. Except as expressly authorized by Loom, you may not make use of the Materials. Loom reserves all rights to the Materials not granted expressly in these Terms.
8. Third Party Terms
8.1 Third Party Services and Linked Websites. Loom may provide tools through the Service that enable you to import and export information, including User Content, to third party services, including through features that may allow you to link your account on Loom with an account on the third party service, such as Dropbox. By using one of these tools, you agree that Loom may transfer that information to the applicable third party service. Third party services are not under Loom’s control, and, to the fullest extent permitted by law, Loom is not responsible for any third party service’s use of your information. The Service may also contain links to third party websites. Linked websites are not under Loom’s control, and Loom is not responsible for their content.
9. User Content
9.1 User Content Generally. Certain features of the Service may permit users to upload content to the Service (including by syncing your account with Third Party Accounts as further described in Section 9.1), including voice recordings, audio recordings, documents, data, text, images, transcriptions, and other types of works (“User Content”), and to otherwise publish User Content on the Service. To the extent you desire to use the Service in connection with materials or information located on Dropbox, or other third-party accounts (collectively, “Third Party Accounts”), you hereby grant Loom permission to access the Third Party Accounts in connection with Loom’s provision of the Service. As between you and Loom, you retain any copyright and other proprietary rights that you may hold in the User Content that you post to the Service.
9.2 Recordings. The Service may provide a feature that allows you to record and/or upload User Content of individuals. The laws regarding the notice and notification requirements of such User Content vary by location. You acknowledge and agree that you are solely responsible for providing any notices to, and obtaining consent from, individuals in connection with any recordings as required under applicable law.
9.3 Limited License Grant to Loom. Customer retains all ownership rights to the User Content processed using the Service. You grant Loom, its subsidiaries, affiliates or any partner or third party, a worldwide, non-exclusive, royalty-free, fully paid right and license to host, store, transfer, reproduce, modify, export, process, transform, publish, and distribute your User Content, in whole or in part, in any media formats and through any media channels now known or hereafter developed in a manner that is under your control. Customer may delete User Content from their account where it may be stored. Once it has been permanently deleted from the user account either by direct action by the user or on expiration of the specified retention period, no record of the User Content is retained and the User Content cannot be recreated by the service.
9.4 License Grant to Users. By providing User Content to or via the Service to other users of the Service, you grant those users in your Organization a non-exclusive license to access, use, modify, and distribute that User Content as permitted by these Terms and the functionality of the Service.
9.5 Access to User Content and Results. Loom may at its sole discretion permit you to share certain User Content or the results of processing User Content with other users of the Service, share User Content or the results of processing User Content outside of the Service, or even make certain User Content or the results of processing User Content public for all (even non-Service users) to view.
9.6 User Content Representations and Warranties. Loom disclaims any and all liability in connection with User Content. You are solely responsible for your User Content and the consequences of providing User Content via the Service. By providing User Content via the Service, you affirm, represent, and warrant that:
a. you are the creator and owner of the User Content, or have the necessary licenses, rights, consents, and permissions to authorize Loom and users of the Service to use and distribute your User Content as necessary to exercise the licenses granted by you in this Section, in the manner contemplated by Loom, the Service, and these Terms;
b. your User Content, and the use of your User Content as contemplated by these Terms, does not and will not: (i) infringe, violate, or misappropriate any third party right, including any copyright, trademark, patent, trade secret, moral right, privacy right, right of publicity, or any other intellectual property or proprietary right; (ii) slander, defame, libel, or invade the right of privacy, publicity or other property rights of any other person; or (iii) cause Loom to violate any law or regulation; and
c. your User Content could not be deemed by a reasonable person to be objectionable, profane, indecent, pornographic, harassing, threatening, embarrassing, hateful, or otherwise inappropriate.
9.7 User Content Disclaimer. We are under no obligation to edit or control User Content that you or other users post or publish, and will not be in any way responsible or liable for User Content. Loom may, however, at any time and without prior notice, screen, remove, edit, or block any User Content that in our sole judgment violates these Terms or is otherwise objectionable. You understand that when using the Service you will be exposed to User Content from a variety of sources and acknowledge that User Content may be inaccurate, offensive, indecent, or objectionable. You agree to waive, and do waive, any legal or equitable right or remedy you have or may have against Loom with respect to User Content. If notified by a user or content owner that User Content allegedly does not conform to these Terms, we may investigate the allegation and determine in our sole discretion whether to remove the User Content, which we reserve the right to do at any time and without notice. For clarity, Loom does not permit copyright-infringing activities on the Service.
9.8 Monitoring Content. Loom does not control and does not have any obligation to monitor: (a) User Content; (b) any content made available by third parties; or (c) the use of the Service by its users. Loom is not responsible for the use of any User Content by users or any third parties. You acknowledge and agree that Loom reserves the right to, and may from time to time, monitor any and all information transmitted or received through the Service for operational and other purposes. If at any time Loom chooses to monitor the content, Loom still assumes no responsibility or liability for content or any loss or damage incurred as a result of the use of content.
9.9 Machine Learning. Loom shall have the right to collect and analyze data and other information relating to the provision, use and performance of various aspects of the Service and related systems and technologies (“Usage Data”). The Service may be implemented using artificial intelligence or machine learning systems with features and implementations designed to generate statistics, calibrate data models, and improve algorithms in the course of processing User Content and Usage Data (“Machine Learning”). Nothing in these Terms prohibits Company from using such Machine Learning for testing, tuning, optimizing, validating, or otherwise enhancing the analytics, models, or algorithms underlying the Service. Nothing in these Terms gives you any rights in or to any part of the Service or the Machine Learning generated by Company or the Machine Learning generated in the course of providing the Service.
10. Communications.
10.1 Text Messaging. Loom and those acting on our behalf may send you text (SMS) messages at the phone number you provide us. These messages may be used for two factor authentication. Standard data and message rates may apply whenever you send or receive such messages, as specified by your carrier and Loom is not responsible for these charges.
10.2 Push Notifications. You agree to receive push notifications, which are messages an app sends you on your mobile device when the app is not on. You can turn off notifications by visiting your mobile device’s “settings” page.
10.3 Email. We may send you emails in the course of delivering the service to notify when User Content has been processed, shared with you or for other operational purposes. We may also send emails concerning our products and services. You may opt out of promotional emails by following the unsubscribe instructions in the promotional email itself.
11. Prohibited Conduct. BY USING THE SERVICE YOU AGREE NOT TO:
a. use the Service for any illegal purpose or in violation of any local, state, national, or international law;
b. use the Service or any portion thereof for the direct or indirect benefit of any third parties without prior written consent of Loom;
c. use the Service in connection with any direct or indirect commercial purposes, including in connection with any paid transcription workflow or as a value-added component of a commercial product or service without prior written consent of Loom;
d. harass, threaten, demean, embarrass, or otherwise harm any other user of the Service;
e. violate, or encourage others to violate, any right of a third party (including by act or omission), including by infringing or misappropriating any third party intellectual property or proprietary right;
f. interfere with security-related features of the Service, including by: (i) disabling or circumventing features that prevent or limit use or copying of any content; or (ii) reverse engineering or otherwise attempting to discover the source code of any portion of the Service except to the extent that the activity is expressly permitted by applicable law;
g. interfere with the operation of the Service or any user’s enjoyment of the Service, including by: (i) uploading or otherwise disseminating any virus, adware, spyware, worm, or other malicious code; (ii) making any unsolicited offer or advertisement to another user of the Service; (iii) collecting personal information about another user or third party without consent; or (iv) interfering with or disrupting any network, equipment, or server connected to or used to provide the Service;
h. perform any fraudulent activity including impersonating any person or entity, claiming a false affiliation, accessing any other Service account without permission, or falsifying your age or date of birth;
i. sell or otherwise transfer the access granted under these Terms or any Materials (as defined in Section 6) or any right or ability to view, access, or use any Materials; or
j. attempt to do any of the acts described in this Section 11 or assist or permit any person in engaging in any of the acts described in this Section 11.
12. Digital Millennium Copyright Act
12.1 DMCA Notification. We comply with the provisions of the Digital Millennium Copyright Act applicable to Internet service providers (17 U.S.C. §512, as amended). If you have an intellectual property rights-related complaint about material posted on the Service, you may contact our Designated Agent at the following address:
Loom Analytics
Suite 720, 200 Yorkland Blvd., North York ON, M2J5C1
Email: privacy@loomnalytics.com
Any notice alleging that materials hosted by or distributed through the Service infringe intellectual property rights must include the following information:
a. an electronic or physical signature of the person authorized to act on behalf of the owner of the copyright or other right being infringed;
b. a description of the copyrighted work or other intellectual property that you claim has been infringed;
c. a description of the material that you claim is infringing and where it is located on the Service;
d. your address, telephone number, and email address;
e. a statement by you that you have a good faith belief that the use of the materials on the Service of which you are complaining is not authorized by the copyright owner, its agent, or the law; and
f. a statement by you that the above information in your notice is accurate and that, under penalty of perjury, you are the copyright or intellectual property owner or authorized to act on the copyright or intellectual property owner’s behalf.
12.2 Infringers. Loom will promptly terminate the accounts of users that are determined by Loom to be infringers.
13. Modification of these Terms. We reserve the right to change these Terms on a going-forward basis at any time. Please check these Terms periodically for changes. If a change to these Terms materially modifies your rights or obligations, we may require that you accept the modified Terms in order to continue to use the Service. Material modifications are effective upon your acceptance of the modified Terms. Immaterial modifications are effective upon publication. Except as expressly permitted in this Section 13, these Terms may be amended only by a written agreement signed by authorized representatives of the parties to these Terms. Disputes arising under these Terms will be resolved in accordance with the version of these Terms that was in effect at the time the dispute arose.
14. Term, Termination and Modification of the Service
14.1 Term. These Terms are effective beginning when you accept the Terms or first download, install, access, or use the Service, and ending when terminated as described in Section 14.2.
14.2 Termination. If you violate any provision of these Terms, your authorization to access the Service and these Terms automatically terminate. In addition, Loom may, at its sole discretion, terminate these Terms or your account on the Service, or suspend or terminate your access to the Service, at any time for any reason or no reason, with or without notice. You may terminate your account and these Terms at any time by contacting customer service at support@loomanalytics.com
14.3 Effect of Termination. Upon termination of these Terms: (a) your license rights will terminate and you must immediately cease all use of the Service; (b) you will no longer be authorized to access your account or the Service; (c) you must pay Loom any unpaid amount that was due prior to termination; and (d) all payment obligations accrued prior to termination and Sections 6, 7, 10, 14.3, 15, 16, 17, 18, 19, and 20 will survive.
14.4 Modification of the Service. Loom reserves the right to modify or discontinue the Service at any time (including by limiting or discontinuing certain features of the Service), temporarily or permanently, without notice to you. Loom will have no liability for any change to the Service or any suspension or termination of your access to or use of the Service.
15. Indemnity. To the fullest extent permitted by law, you are responsible for your use of the Service, and you will defend and indemnify Loom Analytics and its officers, directors, employees, consultants, contractors, affiliates, subsidiaries and agents (together, the “Loom Analytics Entities”) from and against every claim brought by a third party, and any related liability, damage, loss, and expense, including reasonable attorneys’ fees and costs, arising out of or connected with: (a) your unauthorized use of, or misuse of, the Service; (b) your violation of any portion of these Terms, any representation, warranty, or agreement referenced in these Terms, or any applicable law or regulation; (c) your violation of any third party right, including any intellectual property right or publicity, confidentiality, other property, or privacy right; (d) the nature of content of Data processed by the Service; or (e) any dispute or issue between you and any third party. We reserve the right, at our own expense, to assume the exclusive defense and control of any matter otherwise subject to indemnification by you (without limiting your indemnification obligations with respect to that matter), and in that case, you agree to cooperate with our defense of those claims.
16. Disclaimers; No Warranties
THE SERVICE AND ALL MATERIALS AND CONTENT AND TRANSCRIPTIONS AVAILABLE THROUGH THE SERVICE ARE PROVIDED “AS IS” AND ON AN “AS AVAILABLE” BASIS. LOOM DISCLAIMS ALL WARRANTIES OF ANY KIND, WHETHER EXPRESS OR IMPLIED, RELATING TO THE SERVICE AND ALL MATERIALS AND CONTENT AND TRANSCRIPTIONS AVAILABLE THROUGH THE SERVICE, INCLUDING: (A) ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, QUIET ENJOYMENT, OR NON-INFRINGEMENT; AND (B) ANY WARRANTY ARISING OUT OF COURSE OF DEALING, USAGE, OR TRADE. LOOM DOES NOT WARRANT THAT THE SERVICE OR ANY PORTION OF THE SERVICE (OR YOUR ACCESS THERETO), OR ANY DATA, MATERIALS OR CONTENT OFFERED THROUGH OR PROCESSED BY THE SERVICE, WILL BE UNINTERRUPTED, SECURE, OR FREE OF ERRORS, VIRUSES, OR OTHER HARMFUL COMPONENTS, AND LOOM DOES NOT WARRANT THAT ANY OF THOSE ISSUES WILL BE CORRECTED. LOOM IS NOT RESPONSIBLE FOR THE FAILURE TO STORE OR MAINTAIN ANY USER DATA, CONTENT OR TRANSCRIPTIONS, USER COMMUNCIATIONS, ACCOUNT INFORMATION, OR PERSONAL SETTINGS. LOOM MAKES NO WARRANTY ABOUT THE COMPLETENESS OR ACCURACY OF THE TRANSCRIPTION.
NO ADVICE OR INFORMATION, WHETHER ORAL OR WRITTEN, OBTAINED BY YOU FROM THE SERVICE OR LOOM ENTITIES OR ANY MATERIALS OR CONTENT AVAILABLE THROUGH THE SERVICE WILL CREATE ANY WARRANTY REGARDING ANY OF THE LOOM ENTITIES OR THE SERVICE THAT IS NOT EXPRESSLY STATED IN THESE TERMS. WE ARE NOT RESPONSIBLE FOR ANY DAMAGE THAT MAY RESULT FROM THE SERVICE AND YOUR DEALING WITH ANY OTHER SERVICE USER. YOU UNDERSTAND AND AGREE THAT YOU USE ANY PORTION OF THE SERVICE AT YOUR OWN DISCRETION AND RISK, AND THAT WE ARE NOT RESPONSIBLE FOR ANY DAMAGE TO YOUR PROPERTY (INCLUDING YOUR COMPUTER SYSTEM OR MOBILE DEVICE USED IN CONNECTION WITH THE SERVICE) OR ANY LOSS OF, USE OR DISCLOSURE OF DATA, INCLUDING USER CONTENT.
THE LIMITATIONS, EXCLUSIONS AND DISCLAIMERS IN THIS SECTION APPLY TO THE FULLEST EXTENT PERMITTED BY LAW. Loom does not disclaim any warranty or other right that Loom is prohibited from disclaiming under applicable law.
17. Limitation of Liability
TO THE FULLEST EXTENT PERMITTED BY LAW, IN NO EVENT WILL THE LOOM ENTITIES BE LIABLE TO YOU FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL OR PUNITIVE DAMAGES (INCLUDING DAMAGES FOR LOSS OF PROFITS, GOODWILL, OR ANY OTHER INTANGIBLE LOSS) ARISING OUT OF OR RELATING TO YOUR ACCESS TO OR USE OF, OR YOUR INABILITY TO ACCESS OR USE, THE SERVICE OR ANY MATERIALS OR CONTENT ON THE SERVICE, WHETHER BASED ON WARRANTY, CONTRACT, TORT (INCLUDING NEGLIGENCE), STATUTE, OR ANY OTHER LEGAL THEORY, AND WHETHER OR NOT ANY LOOM ENTITY HAS BEEN INFORMED OF THE POSSIBILITY OF DAMAGE.
EXCEPT AS PROVIDED IN SECTION 19.5 AND TO THE FULLEST EXTENT PERMITTED BY LAW, THE AGGREGATE LIABILITY OF THE LOOM ENTITIES TO YOU FOR ALL CLAIMS ARISING OUT OF OR RELATING TO THE USE OF OR ANY INABILITY TO USE ANY PORTION OF THE SERVICE OR OTHERWISE UNDER THESE TERMS, WHETHER IN CONTRACT, TORT, OR OTHERWISE, IS LIMITED TO THE GREATER OF: (A) THE AMOUNT YOU HAVE PAID TO LOOM FOR ACCESS TO AND USE OF THE SERVICE IN THE 6 MONTHS PRIOR TO THE EVENT OR CIRCUMSTANCE GIVING RISE TO CLAIM; OR (B) $100.
EACH PROVISION OF THESE TERMS THAT PROVIDES FOR A LIMITATION OF LIABILITY, DISCLAIMER OF WARRANTIES, OR EXCLUSION OF DAMAGES IS INTENDED TO AND DOES ALLOCATE THE RISKS BETWEEN THE PARTIES UNDER THESE TERMS. THIS ALLOCATION IS AN ESSENTIAL ELEMENT OF THE BASIS OF THE BARGAIN BETWEEN THE PARTIES. EACH OF THESE PROVISIONS IS SEVERABLE AND INDEPENDENT OF ALL OTHER PROVISIONS OF THESE TERMS. THE LIMITATIONS IN SECTIONS 15, 16 and 17 WILL APPLY EVEN IF ANY LIMITED REMEDY FAILS OF ITS ESSENTIAL PURPOSE.
18. Privacy and Information Security
18.1 Privacy Policy. You acknowledge and agree that except as described in these Terms, any User Content, data, recordings, and information you enter into or upload to the Service or that we collect in connection with the Service (“Data”) will be processed as described in the Loom Privacy Policy. Please read the Privacy Policy carefully.
18.2 Data Processing. To the extent User Content falls within the scope of the EU General Data Protection Regulation or the United Kingdom General Data Protection Regulation, the terms of the Data Processing Attachment in Appendix 1 of these Terms (“DPA”) apply to the processing of any Customer Personal Data (as defined in the DPA). To the extent Data falls within the scope of any U.S. state privacy laws or their implementing regulations, the terms of the U.S. State Data Processing Agreement in Appendix 5 (“U.S. State DPA”) apply to the processing of any Personal Data (as defined in the U.S. State DPA).
18.3 Data. As between you and Loom, data that you enter into or upload to the Service is and will remain owned by you. You hereby grant Loom the right to collect, process, transmit, store, use, and disclose data to provide the Service and as otherwise set forth in these Terms and the Loom Privacy Policy. When you join Organization, your data is owned by the Organization as specified in section 3.2 above.
18.4 Use of Aggregated Data. You acknowledge and agree that Loom may collect, create, process, transmit, store, use, and disclose aggregated and/or deidentified data derived from Data or use of the Services (“Aggregated Data”) for its business purposes, including for machine learning and training, industry analysis, benchmarking, and analytics. All Aggregated Data will be in an aggregated and/or deidentified form only and will not identify you. Nothing in these Terms gives you any rights in or to any part of the Service or Aggregated Data.
18.5 Compliance. You are solely responsible (a) for Data as entered into, supplied, accessed, or used by you and (b) for complying with any privacy and data protection laws and regulations applicable to Data or your use of the Service. You represent and warrant that you have obtained and will maintain all rights, consents, and authorizations required to grant Loom the rights and licenses set forth in Section 18 and to enable Loom to exercise its rights under the same without violation or infringement of the rights of any third party.
18.6 Information Security. Loom will employ commercially reasonable security measures that are designed to protect Data in its possession or control against unlawful or unauthorized access, use, alteration, or disclosure.
19. Dispute Resolution and Arbitration
ARBITRATION NOTICE. Except for certain kinds of disputes described in Section 19, you agree that disputes arising under these Terms will be resolved by binding, individual arbitration, and BY ACCEPTING THESE TERMS, YOU AND LOOM ARE EACH WAIVING THE RIGHT TO A TRIAL BY JURY OR TO PARTICIPATE IN ANY CLASS ACTION OR REPRESENTATIVE PROCEEDING. YOU AGREE TO GIVE UP YOUR RIGHT TO GO TO COURT to assert or defend your rights under this contract (except for matters that may be taken to small claims court). Your rights will be determined by a NEUTRAL ARBITRATOR and NOT a judge or jury.
The right to arbitrate disputes under the Agreement shall survive the termination of the Agreement.
19.1 Generally. All disputes and differences concerning the validity, scope, meaning construction or effect of this Agreement or any dispute or disagreement between the parties hereto as to any matter relating to this Agreement which cannot be settled by mutual discussion shall be settled by arbitration. In the interest of resolving disputes between you and Loom in the most expedient and cost effective manner, and except as described in Section 19.2 and 19.3, you and Loom agree that every dispute arising in connection with these Terms will be resolved by binding arbitration. Arbitration is less formal than a lawsuit in court. Arbitration uses a neutral arbitrator instead of a judge or jury, may allow for more limited discovery than in court, and can be subject to very limited review by courts. Arbitrators can award the same damages and relief that a court can award. This agreement to arbitrate disputes includes all claims arising out of or relating to any aspect of these Terms, whether based in contract, tort, statute, fraud, misrepresentation, or any other legal theory, and regardless of whether a claim arises during or after the termination of these Terms. YOU UNDERSTAND AND AGREE THAT, BY ENTERING INTO THESE TERMS, YOU AND LOOM ARE EACH WAIVING THE RIGHT TO A TRIAL BY JURY OR TO PARTICIPATE IN A CLASS ACTION. The arbitration award shall be final and binding on both the parties hereto other than a right to appeal on a question of law with leave as provided for pursuant to Section 45(1) of the Arbitration Act. The judgment on the award may be entered by any court having jurisdiction to do so.
19.2 Exceptions. Despite the provisions of Section 19.1, nothing in these Terms will be deemed to waive, preclude, or otherwise limit the right of either party to: (a) pursue an enforcement action through the applicable federal, state, or local agency if that action is available; (b) seek injunctive relief in a court of law in aid of arbitration; or (c) to file suit in a court of law to address an intellectual property infringement claim.
19.3 Opt-Out. If you do not wish to resolve disputes by binding arbitration, you may opt out of the provisions of this Section 19 within 30 days after the date that you agree to these Terms by sending a letter to Loom Analytics, Attention: Legal Department -Arbitration Opt-Out, Address: Suite 720, 200 Yorkland Blvd., North York ON, M2J5C1, email: privacy@loomanalytics.com that specifies: your full legal name, the email address associated with your account on the Service, and a statement that you wish to opt out of arbitration, (“Opt-Out Notice”). Once Loom receives your Opt-Out Notice, this Section 19 will be void and any action arising out of these Terms will be resolved as set forth in Section 20.2. The remaining provisions of these Terms will not be affected by your Opt-Out Notice.
19.4 Arbitrator. Any arbitration between you and Loom will be settled under the Federal Arbitration Act and administered by the Canadian Arbitration Association (“CAA”) under its Canadian Arbitration Association Rules (collectively, “CAA Rules”) as modified by these Terms. The CAA Rules and filing forms are available online at https://canadianarbitrationassociation.ca/, by calling the CAA at +1-(416) 362-8555, or by contacting Loom. The arbitrator has exclusive authority to resolve any dispute relating to the interpretation, applicability, or enforceability of this binding arbitration agreement.
19.5 Notice of Arbitration; Process. A party who intends to seek arbitration must first send a written notice of the dispute to the other party by certified Mail or by Federal Express or equivalent service (signature required) or, only if that other party has not provided a current physical address, then by electronic mail (“Notice of Arbitration”). Loom’s address for Notice is: Loom Analytics: Suite 720, 200 Yorkland Blvd., North York ON, M2J5C1. The Notice of Arbitration must: (a) describe the nature and basis of the claim or dispute; and (b) set forth the specific relief sought (“Demand”). The parties will make good faith efforts to resolve the claim directly, but if the parties do not reach an agreement to do so within 30 days after the Notice of Arbitration is received, you or Loom may commence an arbitration proceeding. All arbitration proceedings between the parties will be confidential unless otherwise agreed by the parties in writing.
19.6 Fees. Each party shall bear its own arbitration costs and expenses provided however that the arbitrators may modify the allocation fees, costs and expenses in the award in the cases where fairness dictates other than an equal allocation between the parties, in which case the payment of any fees will be decided by Schedule A of the CAA Rules. Any arbitration hearing will take place at a location to be agreed upon in Toronto, Canada. If the arbitrator finds that either the substance of your claim or the relief sought in the Demand is frivolous or brought for an improper purpose then the payment of all fees will be paid by You. In that case, you agree to reimburse Loom for all monies previously disbursed by it that are otherwise your obligation to pay under the CAA Rules. Regardless of the manner in which the arbitration is conducted, the arbitrator must issue a reasoned written decision sufficient to explain the essential findings and conclusions on which the decision and award, if any, are based. The arbitrator may make rulings and resolve disputes as to the payment and reimbursement of fees or expenses at any time during the proceeding and upon request from either party made within 14 days of the arbitrator’s ruling on the merits.
19.7 No Class Actions. YOU AND LOOM AGREE THAT EACH MAY BRING CLAIMS AGAINST THE OTHER ONLY IN YOUR OR ITS INDIVIDUAL CAPACITY AND NOT AS A PLAINTIFF OR CLASS MEMBER IN ANY PURPORTED CLASS OR REPRESENTATIVE PROCEEDING. Further, unless both you and Loom agree otherwise, the arbitrator may not consolidate more than one person’s claims, and may not otherwise preside over any form of a representative or class proceeding.
19.8 Enforceability. If Section 19.7 or the entirety of this Section 19 is found to be unenforceable, or if Loom receives an Opt-Out Notice from you, then the entirety of this Section 19 will be null and void and, in that case, exclusive jurisdiction and venue described in Section 20.2 will govern any action arising out of or related to these Terms.
20. Miscellaneous
20.1 General Terms. These Terms, together with the Privacy Policy and any other agreements expressly incorporated by reference into these Terms, are the entire and exclusive understanding and agreement between you and Loom regarding your use of the Service. You may not assign or transfer these Terms or your rights under these Terms, in whole or in part, by operation of law or otherwise, without our prior written consent. We may assign these Terms at any time without notice or consent. The failure to require performance of any provision will not affect our right to require performance at any other time after that, nor will a waiver by us of any breach or default of these Terms, or any provision of these Terms, be a waiver of any subsequent breach or default or a waiver of the provision itself. Use of section headers in these Terms is for convenience only and will not have any impact on the interpretation of any provision. Throughout these Terms the use of the word “including” means “including but not limited to”. If any part of these Terms is held to be invalid or unenforceable, the unenforceable part will be given effect to the greatest extent possible, and the remaining parts will remain in full force and effect.
20.2 Governing Law. These Terms are governed by the laws of the Canada without regard to conflict of law principles. You and Loom submit to the personal and exclusive jurisdiction of the courts of Ontario, Canada for resolution of any lawsuit or court proceeding permitted under these Terms. We operate the Service from our offices in Canada, and we make no representation that Materials included in the Service are appropriate or available for use in other locations.
20.3 Additional Terms. Your use of the Service is subject to all additional terms, policies, rules, or guidelines applicable to the Service or certain features of the Service that we may post on or link to from the Service (the “Additional Terms”). All Additional Terms are incorporated by this reference into, and made a part of, these Terms.
20.4 Consent to Electronic Communications. By using the Service, you consent to receiving certain electronic communications from us as further described in our Privacy Policy. Please read our Privacy Policy to learn more about our electronic communications practices. You agree that any notices, agreements, disclosures, or other communications that we send to you electronically will satisfy any legal communication requirements, including that those communications be in writing.
20.5 Contact Information. The Service is offered by Loom Analytics. You may contact us by emailing us at contact@loomanalytics.com.
20.6 Notice to California Residents. If you are a California resident, under California Civil Code Section 1789.3, you may contact the Complaint Assistance Unit of the Division of Consumer Services of the California Department of Consumer Affairs in writing at 1625 N. Market Blvd., Suite S-202, Sacramento, California 95834, or by telephone at (800) 952-5210 in order to resolve a complaint regarding the Service or to receive further information regarding use of the Service.
20.7 No Support. We are under no obligation to provide support for the Service. In instances where we may offer support, the support will be subject to published policies.
21. Force Majeure
No Party hereto shall be liable for any failure to perform any obligation under this Agreement as long as and to the extent that performance has been delayed, hindered or prevented by an event of force majeure.
The terms Force Majeure shall mean, without limitation, acts of God, strikes, labour unrest, actions of any government or Governmental department, whether municipal or otherwise, prohibiting or restricting services, fire or natural calamity and/or any cause beyond the reasonable control of either of the parities affected. Both the parties shall take reasonable steps to prevent or minimize the effect from the force majeure.
Any party affected by an event of force majeure shall forthwith after the occurrence let the other party know in writing giving full particulars thereof. A party failing to give such notice shall be deemed to have waived its right to claim it was so affected. If force majeure lasts for two (2) consecutive months or more, either Party, by notice in writing to the other may terminate this Agreement with immediate effect.
22. Severability
If any provision of this Agreement is void or unenforceable, the remainder of this Agreement will remain in full force and effect. Section headings are for reference only and shall not affect the meaning or interpretation of this Agreement.
APPENDIX 1
Data Processing Agreement
This Data Processing Agreement (“DPA”) is incorporated into and made part of the Terms of Service (“Terms”) between you (“Customer”) and Loom Analytics (“Company” or “Loom”). Unless otherwise defined in this DPA, capitalized terms will have the meaning given to them in the Terms. This DPA prevails over any conflicting term of the Terms, but does not otherwise modify the Terms.
1. Definitions
1.1 In this DPA:
a. ““Controller,” “Data Subject,” “Personal Data,” “Personal Data Breach,” “Processing,” “Processor,” and “Supervisory Authority,” have the meaning given to them in the GDPR.
b. “Customer Personal Data” means any Data that constitutes Personal Data, the Processing of which is subject to Data Protection Law, for which Customer or Customer’s customers are the Controller, and which is Processed by Company to provide the Service;
c. “Data Protection Law” means the General Data Protection Regulation (EU) 2016/679 (“GDPR”), the United Kingdom General Data Protection Regulation, and e-Privacy Directive 2002/58/EC (as amended by Directive 2009/136/EC), and their national implementations in the European Economic Area (“EEA”), Switzerland and the United Kingdom, each as applicable, and as may be amended or replaced from time to time;
d. “Data Subject Rights” means Data Subjects’ rights to information, access, rectification, erasure, restriction, portability, objection, and not to be subject to automated individual decision-making in accordance with Data Protection Law;
e. “International Data Transfer” means any transfer of Customer Personal Data from the EEA, Switzerland or the United Kingdom to an international organization or to a country outside of the EEA, Switzerland and the United Kingdom;
f. “Subprocessor” means a Processor engaged by Company to Process Customer Personal Data; and
g. “Standard Contractual Clauses” means the clauses annexed to EU Commission Implementing Decision EU 2021/914 of June 4, 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European parliament and of the Council;
h. “UK Addendum” means the addendum to the Standard Contractual Clauses issued by the UK Information Commissioner under Section 119A(1) of the UK Data Protection Act 2018;
i. “User Content” means voice recordings, audio recordings, documents, data, text, photographs, transcriptions, and other types of works.
2. Scope and applicability
2.1 This DPA applies to Processing of Customer Personal Data by Company to provide the Service.
2.2 The subject matter, nature and purpose of the Processing, the types of Customer Personal Data and categories of Data Subjects are set out in Appendix 2.
2.3 Customer is a Controller and appoints Company as a Processor on behalf of Customer in relation to the purposes set out in Appendix 2. Customer is responsible for compliance with the requirements of Data Protection Law applicable to Controllers.
2.4 If Customer is a Processor on behalf of other Controller(s), then Customer is the single point of contact for Company; must obtain all necessary authorizations from such other Controller(s); undertakes to issue all instructions and exercise all rights on behalf of such other Controller(s); and is responsible for compliance with the requirements of Data Protection Law applicable to Processors.
2.5 Customer acknowledges that Company may Process Personal Data relating to the operation, support, or use of the Service for its own business purposes, such as billing, account management, data analysis, benchmarking, technical support, product development, and compliance with law. Company is the Controller for such Processing and will Process such data in accordance with Data Protection Law. Such Processing shall not be subject to the terms of this DPA.
3. Instructions
3.1 Company will Process Customer Personal Data to provide the Service and in accordance with Customer’s documented instructions.
3.2 The Controller’s instructions are documented in this DPA, the Terms, and any applicable statement of work. The Parties acknowledge that the Processor may process Personal Data on behalf of the Controller during the term of this Agreement. A description of the Personal Data and the processing activities undertaken by the Processor is set out in APPENDIX 2.
3.3 Customer may reasonably issue additional instructions as necessary to comply with Data Protection Law. Company may charge a reasonable fee to comply with any additional instructions.
3.4 Unless prohibited by applicable law, Company may inform Customer if Company is subject to a legal obligation that requires Company to Process Customer Personal Data in contravention of Customer’s documented instructions.
4. Personnel
4.1 Company personnel authorized to Process Customer Personal Data are subject to an obligation of confidentiality.
5. Security and Personal Data Breaches
5.1 Taking into account the state-of-the-art, the costs of implementation and the nature, scope, context and purposes of Controlling and Processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, Company will implement appropriate technical and organizational measures to provide a level of security appropriate to the risk, including the measures listed in Appendix 3.
5.2 Customer acknowledges that the security measures in Appendix 3 are appropriate in relation to the risks associated with Customer’s intended Processing, and will notify Company prior to any intended Processing for which Company’s security measures may not be appropriate.
5.3 Company will notify Customer and relevant authorities without undue delay after becoming aware of a Personal Data Breach involving Customer Personal Data.
6. Subprocessing
6.1 Customer hereby authorizes Company to engage Subprocessors. A list of Company’s current Subprocessors is available at https://www.loomanalytics.com/subprocessors.
6.2 Customer may object to the addition of a Subprocessor based on reasonable grounds relating to a potential or actual violation of Data Protection Law by providing written notice detailing the grounds of such objection within thirty (30) days following Company’s notification of the intended change. Customer and Company will work together in good faith to address Customer’s objection. If Company chooses to retain the Subprocessor, Company will inform Customer at least thirty (30) days before authorizing the Subprocessor to Process Customer Personal Data, and Customer may immediately discontinue using the relevant part of the Service, and may terminate the relevant part of the Service within thirty (30) days.
7. Assistance
7.1 Taking into account the nature of the Processing, and the information available to Company, Company will assist Customer, including, as appropriate, by implementing technical and organizational measures, with the fulfillment of Customer’s own obligations under Data Protection Law to: comply with requests to exercise Data Subject Rights; conduct data protection impact assessments, and prior consultations with Supervisory Authorities; and notify a Personal Data Breach.
7.2 Company will maintain records of Processing of Customer Personal Data in accordance with Data Protection Law.
7.3 Company may charge a reasonable fee for assistance under this Section 7. If Company is at fault, Company and Customer shall each bear their own costs related to assistance.
8. Compliance
8.1 Company shall maintain a program to provide compliance with the obligations set out in this DPA.
9. International Data Transfers
Any data that you provide to us is stored and processed in, and transferred between, any of the countries in which Loom and its agents, contractors and affiliated organizations have offices, in order to enable Loom to use that personal data as set out in the Privacy Notice.
In order to ensure the protection of your personal data outside of the country you reside in we rely on appropriate or suitable safeguards when applicable, including:
Using standard contractual clauses approved by relevant authorities as ensuring adequate safeguards.
Transferring personal data to countries that have been deemed to provide an adequate level of protection for personal data by relevant authorities.
Transferring personal data when it is necessary for the performance of a contract between you and us, or if the transfer is necessary for the performance of a contract between us and a third party and the contract was entered into in your interest.
Transferring personal data when it is necessary to establish, exercise or defend legal claims.
10. Notifications
10.1 Customer will send notifications, requests and instructions under this DPA to Company’s legal department via email to privacy@Loomanalytics.com. Company will send notifications under this DPA to Customer’s contact email address.
11. Liability
11.1 To the extent permitted by applicable law, where Company has paid damages or fines, Company is entitled to claim back from Customer that part of the compensation, damages or fines, corresponding to Customer’s part of responsibility for the damages or fines.
12. Termination and return or deletion
12.1 This DPA is terminated upon the termination of the Terms.
12.2 Upon termination of the Terms of Service, the Company will, upon Customer’s request, return Customer Personal Data in Company’s possession to the Customer or securely destroy such Customer Personal Data unless applicable laws prevent the Company from returning or destroying all or part of Customer Personal Data.
13. Modification of this DPA
13.1 This DPA may only be modified by a written amendment signed by both Company and Customer.
14. Invalidity and severability
14.1 If any provision of this DPA is found by any court or administrative body of competent jurisdiction to be invalid or unenforceable, then the invalidity or unenforceability of such provision does not affect any other provision of this DPA and all provisions not affected by such invalidity or unenforceability will remain in full force and effect.
APPENDIX 2
A. DESCRIPTION OF THE PROCESSING
1. Data Subjects
The Customer Personal Data Processed concern the following categories of Data Subjects (please specify):
# CATEGORY
1 Employees, contractors, or students of Organizations who use the Service
2 Other meeting participants where the Service is used by one of the above data subjects
2. Categories of Customer Personal Data
The Customer Personal Data Processed concern the following categories of data (please specify):
# CATEGORY
1 Registration information including email address, phone number, and volunteered first and last name
2 User Content stored by the user that may include personal data
3. Sensitive data
The Customer Personal Data Processed concern the following special categories of data (please specify):
# CATEGORY
User Content stored by the user that may include sensitive data
4. Processing operations
The Customer Personal Data will be subject to the following basic Processing activities (please specify):
# CATEGORY
The Service creates transcriptions and data analytics from User Content using proprietary technologies for and other technologies. User Data may be ingested directly using web application, upload of User Content files or synchronization with other applications including cloud storage that store or capture User Content. User Content is processed in cloud infrastructure and delivered to the Loom Analytics web application where it may be consumed or downloaded in a variety of formats.
B. DESCRIPTION OF TRANSFER
Categories of data subjects whose personal data is transferred:
1 Employees, contractors, or students of Organizations who use the Service
2 Other meeting participants where the Service is used by one of the above data subjects
Categories of personal data transferred:
1 Registration information including email address and volunteered first and last name
2 User Content stored by the user that may include personal data
Personal data transferred (if applicable) and applied restrictions or safeguards that fully take into consideration the nature of the data and the risks involved, such as for instance strict purpose limitation, access restrictions (including access only for staff having followed specialized training), keeping a record of access to the data, restrictions for onward transfers or additional security measures.
3 The Service may Process voiceprints to recognize users and tag their name within the transcript only upon the entry of the individual’s name by the Customer themselves.
The frequency of the transfer (e.g. whether the data is transferred on a one-off or continuous basis):
Continuous
Nature of the processing:
Processing operations as detailed in the Terms
Purpose(s) of the data transfer and further processing:
1 The Service creates legible notes and data analytics from recorded voice conversations and video using proprietary technologies for automated speech recognition (ASR), keyword extraction and voice to text synchronization and other technologies. Data may be ingested directly via User Content using web application, upload of User Content files or synchronization with other applications including cloud storage or online video conferencing that store or capture recorded audio. User Content is processed in cloud infrastructure and delivered to the Loom Analytics web application where it may be consumed or downloaded in a variety of formats.
The period for which the personal data will be retained, or, if that is not possible, the criteria used to determine that period:
As detailed in the Privacy Policy.
C. COMPETENT SUPERVISORY AUTHORITY
The competent authority for data transfers subject to the DPA is the Information Commissioner’s Office (ICO) in the UK and respective Data Protection Authorities (DPA) in EU countries.
APPENDIX 3
Security Measures
The Service is provisioned using a cloud-based platform and we employ best practices and appropriate technical and organizational measures to safeguard Personal Data. The Company regularly monitors compliance with these measures. A summary of security measures includes:
Physical Access Controls
User Content is hosted on secure cloud servers that maintain a variety of certifications and third-party assessments. The cloud infrastructure is managed and controlled in data centers throughout the world and the data centers are secured with physical controls to prevent unauthorized access.
Access to the Company’s office is restricted to authorized personnel and security cameras are positioned to record video of ingress/egress points.
System Access Controls
We maintain separate production and development/staging environments. Access to production environments is limited to authorized personnel and access is logged.
Data Access Controls
To troubleshoot and address Customer issue(s), the Company support team will request and obtain explicit permission from Customer and approval from appropriate system administrator(s) before accessing specific User Content that is related to the Customer reported issue(s). Access to User Content to troubleshoot customer issues is further restricted to select support personnel assisting with the issue(s). These types of support requests are logged.
Transmission Controls
Communication over the internet with Company via web application are transmitted over secure encrypted connection. Company uses HTTPS for communications and industry standard encryption algorithms for stored User Content and passwords.
Input Controls
Customer is authenticated by passwords that are required to meet minimum complexity. Two factor authentication may be enabled by the user. Administrator users have mandatory two-factor authentication enabled. Company uses encrypted tokens to validate user sessions or logins.
Data Backups
We have daily backup of databases and User Content is stored in persistent encrypted storage. A user can choose to retain or delete their data on a periodic basis as per their preference.
Data Segregation
Company logically segregates Customer Personal Data so that the Customers will only be able to access their own data and not Personal Data belonging to other Customers. User Content is also only visible to the user who created the data and their Admins. Data is not shared between different users or teams.
APPENDIX 4
List of subprocessors
The controller has authorized the use of the subprocessors listed on the page https://www.loomanalytics.com/subprocessors
APPENDIX 5
U.S. STATE PRIVACY LAW DATA PROCESSING AGREEMENT
This U.S. Privacy Law Data Processing Agreement (“U.S. State DPA”) is incorporated and made part of the Terms of Service (the “Terms”) between you, on behalf of you and your affiliates (“Customer”), and Loom Analytics (“Company”) (each a “Party” and collectively the “Parties”) for so long as Company processes Personal Data on behalf of Customer. This U.S. State DPA prevails over any conflicting terms of the Terms.
1. Definitions. For the purposes of this U.S. State DPA-
1.1. “State Privacy Laws” means, collectively, all U.S. state privacy laws and their implementing regulations, as amended or superseded from time to time, that apply generally to the processing of individuals’ Personal Data and that do not apply solely to specific industry sectors (e.g., financial institutions), specific demographics (e.g., children), or specific classes of information (e.g., health or biometric information). State Privacy Laws includes but is not limited to the following:
1.1.1. California Consumer Privacy Act of 2018 as amended by the California Privacy Rights Act of 2020 (California Civil Code §§ 1798.100 to 1798.199) (“CPRA”);
1.1.2. Colorado Privacy Act (Colorado Rev. Stat. §§ 6-1-1301 to 6-1-1313) (“ColoPA”);
1.1.3. Connecticut Personal Data Privacy and Online Monitoring Act (Public Act No. 22-15) (“CPOMA”);
1.1.4. Utah Consumer Privacy Act (Utah Code Ann. §§ 13-61-101 to 13-61-404) (“UCPA”); and
1.1.5. Virginia Consumer Data Protection Act (Virginia Code Ann. §§ 59.1-575 to 59.1-585) (“VCDPA”).
1.2. “Personal Data” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with an identified or identifiable natural person. Where applicable, Personal Data shall be interpreted consistent with the same or similar term under State Privacy Laws.
1.3. “Share,” “Shared,” and “Sharing” have the meaning defined in the CPRA.
1.4. “Sale” and “Selling” have the meaning defined in the State Privacy Laws.
1.5. “Controller” means “Controller” or “Business” as those terms are defined in the State Privacy Laws.
1.6. “Processor” means “Processor,” “Service Provider,” or “Contractor” as those terms are defined in the State Privacy Laws.
1.7. “Consumer” has the meaning defined in the State Privacy Laws.
1.8. “Processing,” “Process,” and “Processed” have the meaning defined in the State Privacy Laws.
1.9. “Customer Personal Data” means Personal Data provided by Customer to, or which is collected on behalf of Customer by, Company to provide services to Customer pursuant to the Terms.
1.10. In the event of a conflict in the meanings of defined terms in the State Privacy Laws, the meaning from the law applicable to the state of residence of the relevant Consumer applies.
2. Scope, Roles, and Termination.
2.1. Applicability - This U.S. State DPA applies only to Company’s Processing of Customer Personal Data for the nature, purposes, and duration set forth in Appendix 2.
2.2. Roles of the Parties - For the purposes of the Terms and this U.S. State DPA, Customer is the Party responsible for determining the purposes and means of Processing Customer Personal Data as the Controller and appoints Company as a Processor to Process Customer Personal Data on behalf of Customer for the limited and specific purposes set forth in Appendix 2.
2.3. Obligations at Termination - Upon termination of the Terms, except as set forth therein or herein, Company will discontinue Processing and destroy or return Customer Personal Data in its or its subcontractors and sub-processors possession without undue delay. Company may retain Customer Personal Data to the extent required by law but only to the extent and for such period as required by such law and always provided that Company shall ensure the confidentiality of all such Customer Personal Data.
3. Compliance.
3.1. Compliance with Obligations - In addition to the representations and warranties set forth in the Terms, Company further represents and warrants that Company, its employees, agents, subcontractors, and sub-processors (a) shall comply with the obligations of the State Privacy Laws, (b) shall provide the level of privacy protection required by the State Privacy Laws, (c) shall provide Customer with all reasonably-requested assistance to enable Customer to fulfill its own obligations under the State Privacy Laws, and (d) understand and shall comply with this U.S. State DPA. Upon the reasonable request of Customer, Company shall make available to Customer all information in Company’s possession necessary to demonstrate Company’s compliance with this subsection.
3.2. Compliance Assurance - Customer has the right to take reasonable and appropriate steps to ensure that Company uses Customer Personal Data consistent with Customer’s obligations under applicable State Privacy Laws and the security measures attached hereto at Appendix 3 and incorporated herein.
3.3. Compliance Monitoring - Customer has the right to monitor Company’s compliance with this U.S. State DPA through measures, including, but not limited to, ongoing manual reviews, automated scans, regular assessments, audits, or other annual technical and operational testing at least once every 12 months.
3.4. Compliance Remediation - Company shall notify Customer no later than five business days after determining that it can no longer meet its obligations under applicable State Privacy Laws. Upon receiving notice from Company in accordance with this subsection, Customer may direct Company to take reasonable and appropriate steps to stop and remediate unauthorized use of Customer Personal Data.
4. Restrictions on Processing.
4.1. Limitations on Processing - Company will Process Customer Personal Data solely as instructed in the Terms and this U.S. State DPA. Except as expressly permitted by the State Privacy Laws, Company is prohibited from (i) Selling or Sharing Customer Personal Data, (ii) retaining, using, or disclosing Customer Personal Data for any purpose other than for the specific purpose of performing the Services specified in Appendix 5, (iii) retaining, using, or disclosing Customer Personal Data outside of the direct business relationship between the Parties, and (iv) combining Customer Personal Data with Personal Data obtained from, or on behalf of, sources other than Customer, except as expressly permitted under applicable State Privacy Laws.
4.2. Confidentiality - Company shall ensure that its employees, agents, subcontractors, and sub-processors are subject to a duty of confidentiality with respect to Customer Personal Data.
4.3. Subcontractors; Sub-processors -Company’s current subcontractors and sub-processors are available at https://www.loomanalytics.com/subprocessors. Company shall notify Customer of any intended changes concerning the addition or replacement of subcontractors or sub-processors. Further, Company shall ensure that Company’s subcontractors or sub-processors who Process Customer Personal Data on Company’s behalf agree in writing to the same or equivalent restrictions and requirements that apply to Company in this U.S. State DPA and the Terms with respect to Customer Personal Data, as well as to comply with the applicable State Privacy Laws.
4.4. Right to Object - Customer may object in writing to Company’s appointment of a new subcontractor or sub-processor on reasonable grounds by notifying Company in writing within 30 calendar days of receipt of notice in accordance with Section 4.3. In the event Customer objects, the Parties shall discuss Customer’s concerns in good faith with a view to achieving a commercially reasonable resolution.
5. Consumer Rights.
5.1. Company shall provide commercially reasonable assistance to Customer for the fulfillment of Customer’s obligations to respond to State Privacy Law-related Consumer rights requests regarding Customer Personal Data.
5.2. Customer shall inform Company of any Consumer request made pursuant to the State Privacy Laws that they must comply with. Customer shall provide Company with the information necessary for Company to comply with the request.
5.3. Company shall not be required to delete any Customer Personal Data to comply with a Consumer’s request directed by Customer if retaining such information is specifically permitted by applicable State Privacy Laws; provided, however, that in such case, Company will promptly inform Customer of the exceptions relied upon under applicable State Privacy Laws and Company shall not use Customer Personal Data retained for any purpose other than provided for by that exception.
6. Deletion of Customer Personal Data
6.1. Upon direction by Customer, and in any event no later than 30 days after receipt of a request from Customer, Company shall promptly delete Customer Personal Data as directed by Customer, unless Company is required by law to retain such data, in which case Company shall, on ongoing basis, isolate and protect the security and confidentiality of such Personal Data and prevent any further processing except to the extent required by such law and shall destroy or return to Customer all other Personal Data not required to be retained by Company by law.
7. Deidentified Data
7.1. In the event that Customer discloses or makes available Deidentified data (as such term is defined in the State Privacy Laws) to Company, Company shall not attempt to reidentify the information.
8. Security
8.1. Company and Customer shall implement and maintain no less than commercially reasonable security procedures and practices, appropriate to the nature of the information, to protect Customer Personal Data from unauthorized access, destruction, use, modification, or disclosure.
8.2. Company shall fully comply with the security measures attached at Appendix 3.
9. Sale of Data
9.1. The Parties acknowledge and agree that the exchange of Personal Data between the Parties does not form part of any monetary or other valuable consideration exchanged between the Parties with respect to the Terms or this U.S. State DPA.
10. Changes to Applicable Privacy Laws.
10.1. The Parties agree to cooperate in good faith to enter into additional terms to address any modifications, amendments, or updates to applicable statutes, regulations or other laws pertaining to privacy and information security, including, where applicable, the State Privacy Laws.