This Service and Subscription Agreement (hereinafter, the "Agreement") is entered into between Continuous Labs SpA, operating as VeriFlow.me ("Provider"), and the client entity that subscribes to a Service Order ("Client"). This Agreement governs the Client's access to and use of the Provider's platform and services.
1. Definitions
- "Authorized User" means an individual (employee, contractor, or agent of the Client) whom the Client authorizes to use the Services on its behalf.
- "Client Data" means all electronic data, text, messages, communications, or other materials, including Personal Data, submitted to and stored in the Services by the Client and its Authorized Users in connection with the Client's use of the Services.
- "Confidential Information" means all information disclosed by one party ("Disclosing Party") to the other party ("Receiving Party"), whether orally or in writing, that is designated as confidential or that reasonably should be understood to be confidential given the nature of the information and the circumstances of disclosure. Client Data shall be deemed Confidential Information of the Client.
- "Documentation" means the technical and user documentation, in any format, made available to the Client by the Provider, which describes the functionality of the Platform.
- "Personal Data" means any information relating to an identified or identifiable natural person ("Data Subject"). This term shall encompass the definitions provided in applicable Data Protection Laws, including, but not limited to, the General Data Protection Regulation (EU) 2016/679 ("GDPR"), the California Consumer Privacy Act ("CCPA"), and the Health Insurance Portability and Accountability Act ("HIPAA").
- "Platform" means the Provider's proprietary software-as-a-service (SaaS) solution, known as VeriFlow.me, which provides professional credential verification services.
- "Subscription Term" means the period during which the Client has agreed to subscribe to the Services, as specified in the applicable Service Order.
- "Service Fees" means the fees payable by the Client for the right to access and use the Services during the Subscription Term, according to the company's B2B SaaS business model.
2. The VeriFlow.me Service and License Grant
2.1. Provision of the Service: Subject to the terms and conditions of this Agreement, the Provider will provide the Client with the professional credential verification services available through the Platform, as described in the Documentation (the "Services").
2.2. License Grant: The Provider grants the Client a limited, non-exclusive, non-transferable, worldwide right to access and use the Platform and the Documentation during the Subscription Term, solely for its internal business operations.
3. Client Responsibilities and Acceptable Use
3.1. Account Security: The Client is responsible for maintaining the confidentiality of the Authorized Users' credentials and for all activities that occur in their accounts. The Client agrees to immediately notify the Provider of any unauthorized use of its accounts.
3.2. Acceptable Use Policy: The Client shall not (and shall not permit any third party to): (a) reverse engineer, decompile, disassemble, or otherwise attempt to discover the source code of the Platform; (b) use the Services to conduct competitive analysis or create a competing product or service; (c) introduce any malicious code, files, or programs into the Platform; or (d) use the Services for any illegal purpose or in violation of any applicable law or regulation.
3.3. Lawfulness of Data and Consent: This clause is of vital importance and establishes a clear delineation of responsibilities. The Client represents and warrants that it has and will maintain a valid legal basis (e.g., data subject consent, contractual necessity, legal obligation, or legitimate interest) for the collection, processing, and transfer of Personal Data to the Provider for the purposes of providing the Services. The Client is solely responsible for ensuring that its instructions for the processing of Personal Data, including professional credential data, licenses, and certifications, comply with all applicable Data Protection Laws, including, but not limited to, GDPR, CCPA, and HIPAA.
4. Fees, Payment Terms, and Taxes
4.1. Service Fees: The Client shall pay the Provider the Service Fees specified in the applicable Service Order, in accordance with the subscription tiers and B2B SaaS pricing model.
4.2. Invoicing and Payment: Fees will be billed in monthly cycles, according to the terms. Payments are due within 30 days of the invoice date. Late payments will be subject to interest of 1.5% per month or the maximum permitted by law, whichever is lower.
4.3. Taxes: The Service Fees do not include taxes. The Client is responsible for paying all taxes, levies, duties, or similar governmental assessments, including, but not limited to, value-added, sales, use, or withholding taxes, applicable to its purchases.
5. Term and Termination
5.1. Subscription Term: The initial Subscription Term will be specified in the Service Order and will automatically renew for successive equivalent periods, unless either party notifies the other of its intent not to renew at least 30 days before the end of the current term.
5.2. Termination for Cause: Either party may terminate this Agreement with immediate effect if the other party commits a material breach and fails to cure it within 30 days of receiving written notice.
5.3. Effect of Termination: Upon termination or expiration of this Agreement, all of the Client's rights to access and use the Services will cease. The Provider will securely return or delete the Client Data in accordance with the procedures and timelines set forth in the Data Processing Addendum (DPA).
6. Confidentiality and Intellectual Property Rights
6.1. Confidentiality: The Receiving Party will protect the Disclosing Party's Confidential Information with the same degree of care it uses to protect its own confidential information (but no less than reasonable care). Client Data is explicitly defined as Confidential Information of the Client.
6.2. Intellectual Property Rights: The Provider owns all rights, titles, and interests in the Platform, the Documentation, and all underlying technology. The Client owns all rights, titles, and interests in the Client Data. This Agreement does not grant any implied licenses.
7. Representations, Warranties, and Disclaimers
7.1. Mutual Warranties: Each party represents and warrants that it has the legal authority to enter into this Agreement.
7.2. Provider Warranties: The Provider warrants that the Services will be provided in a professional manner and will perform substantially in accordance with the Documentation and the applicable Service Level Agreement (SLA).
7.3. Disclaimer: EXCEPT AS EXPRESSLY SET FORTH IN THIS SECTION, THE SERVICES ARE PROVIDED "AS IS" AND "AS AVAILABLE." THE PROVIDER DISCLAIMS ALL OTHER WARRANTIES, WHETHER EXPRESS, IMPLIED, OR STATUTORY.
8. Limitation of Liability and Indemnification
8.1. Limitation of Liability: IN NO EVENT SHALL THE AGGREGATE LIABILITY OF EITHER PARTY ARISING OUT OF OR RELATED TO THIS AGREEMENT EXCEED THE TOTAL AMOUNT PAID BY THE CLIENT HEREUNDER DURING THE TWELVE (12) MONTHS PRECEDING THE INCIDENT GIVING RISE TO THE LIABILITY. THIS LIMITATION SHALL NOT APPLY TO INDEMNIFICATION OBLIGATIONS, BREACHES OF CONFIDENTIALITY, OR VIOLATION OF THE OTHER PARTY'S INTELLECTUAL PROPERTY RIGHTS.
8.2. Indemnification:
- By the Provider: The Provider will defend and indemnify the Client against any third-party claim alleging that the Client's use of the Platform infringes a third-party's intellectual property right.
- By the Client: The Client will defend and indemnify the Provider against any third-party claim arising from (i) the Client Data, or (ii) the Client's breach of its obligations under Section 3.3 (Lawfulness of Data and Consent).
9. Governing Law and Dispute Resolution
This Agreement shall be governed by and construed in accordance with the laws of the State of Chile, without regard to its conflict of law principles. Any dispute arising from this Agreement shall be resolved exclusively in the courts located in Chile.
10. General Provisions
10.1. Force Majeure: Neither party shall be liable for any failure or delay in performance due to causes beyond its reasonable control.
10.2. Assignment: Neither party may assign this Agreement without the prior written consent of the other party, except in the case of a merger, acquisition, or sale of all or substantially all of its assets.
10.3. Entire Agreement and Order of Precedence: This Agreement, together with all Service Orders, the DPA, and the SLA, constitutes the entire agreement between the parties. In the event of a conflict between the terms of these documents, the order of precedence shall be: (1) the Data Processing Addendum (DPA), (2) this Service and Subscription Agreement, and (3) the applicable Service Order.