FAQ for Tealium Master Services Agreement
Thank you for taking the time to review this FAQ. It was designed to provide you with helpful information about Tealium’s tag management and data orchestration services delivered on our SaaS platform (the “Services”) and the accompanying Master Services Agreement that was drafted to describe unique aspects and functionality of the Tealium Services (“MSA”). We hope this FAQ will provide you with some helpful context as you review the MSA. This FAQ is provided for informational purposes only and will not form part of the contract being contemplated between the parties.
The Tealium Services
What am I buying?
Multi-tenant Offering. The Services are a cloud based multi-tenancy tag management and data orchestration solution. That means that the Services are provided to all our customers on a shared architecture, code base, and infrastructure. Because of the multi-tenant nature of the Services, we can’t provide custom service offerings for you, but we do offer several different types of products, specialized configurations, and various geographic hosting locations available for you to choose from.
Pricing. All costs and the payment schedule will be listed in the Service Order. The Services are a standard “pay in advance” subscription service, with the payment based on annual volume purchased (as opposed to seats or users). If you exceed the annual volume purchased, you will be charged for “overages” as set forth in your Service Order. Implementation costs are separate.
Why use the Tealium MSA?
Specially-crafted Documents. As described in this FAQ, the Tealium Services are a multi-tenant “one-for-all” model. Our MSA was carefully drafted to accommodate and describe the unique features of the Services, including definitions and descriptions of our products, our security measures, our SLAs, use of Customer Data, and the fact that we don’t access the data you store in your account unless you ask us to. We regularly review our MSA and have created a fair and balanced agreement based on customer feedback and industry accepted positions.
What is the structure of the MSA? Our MSA is made up of four main documents – The Service Order, the Terms of Service, a Data Protection Ageement and the Customer Protection Package; and may also include a Statement of Work if we’re providing additional Technical Services.
- The Service Order (“SO”) contains the specifics of what Services you are purchasing, including the volume and time commitment, along with invoice schedules and payment timeframes.
- When we provide Technical Services, for example when we provide implementation services, or training services, we would include a Statement of Work (“SOW”) that contains some additional terms and details about the scope of the of the additional Technical Services we will provide.
- The Terms of Service (“TOS”) contains most of the legal terms that govern our relationship, including the definitions we use to describe the Services, covenants about the use of the Services, Tealium’s warranties, provisions about intellectual property (you own your Customer Data, and Tealium owns its technology and platform), both of our obligations about confidential information and indemnity, and the insurance that Tealium carries with respect to its business, among other things.
- Our Customer Protection Package (“CPP”) is made a part of the MSA by reference and contains the following three documents:
- The Service Level Agreement (“SLA”) contains our commitment to availability across all of our Services, your remedies in the unlikely event we do not meet our commitment, and how we address support issues.
- The Acceptable Use Policy (“AUP”) contains standard guidelines for your use of the Services, which really boil down to not being a bad actor on the internet.
- The Data Security Statement (“DSS”) contains our formalization of our organizational and technical security measures designed to protect your data.
- The Data Processing Agreement (“DPA”) which reflects our data processing policies in compliance with applicable privacy laws and regulations.
Please also see our FAQ for our CPP which contains additional information on those three documents.
- We also have a Business Associate Agreement (“BAA”) for our customers who wish the usage of our Services to be contained in a HIPPA-compliant Private Cloud.
Can the Tealium MSA be Modified? While we would anticipate that Customers may want to talk through our documents to understand our positions, our expectation is that no modifications are needed to our MSA as we have carefully crafted our documents to reflect our policies and procedures as we are delivering our Services, while trying to be fair and balanced to our Customers. Tealium does not offer custom service offerings because the Service is a shared, multi-tenant solution and we are unable to apply, for example, different security terms to only your specific account (found in the DSS). Our indemnification and limitation of liability have been specifically balanced to reflect an acceptable risk based on the underlying transaction and we are unable to approve a higher risk level on an individual basis (found in the TOS). Our service levels and delivery methods are standard across all of our products and we cannot change our processes or levels for just one Customer (found in the SLA). For specific changes to payment and other commercial terms, your Tealium representative can discuss available options (found in the SO).
Can the Tealium DPA be Modified? The DPA covers all personal data (a subset of Customer Data) you upload to our Services. Our DPA reflects our privacy program for personal data we process in the Services and addresses certain obligations each party has under applicable data protection laws. Our DPA also addresses additional requirements of the European Union’s Regulation 2016/679 (“GDPR”), the Australian Privacy Act 1988 (Cth.), and the California Consumer Privacy Act, Cal. Civ. Code §§ 1798.100 et seq. as amended (“CCPA”). We use our DPA instead of using our customers’ data processing agreements for the same reasons that we use our DSS as stated above. Even though Tealium is certified under the EU-US and Swiss-US Privacy Shield framework, the DPA includes the standard contractual clauses.
We drafted our DPA specifically to satisfy the requirements of applicable data protection laws, including those of Article 28(3) of the GDPR. Because we do not have access or visibility to your Customer Data, you play an important role in how some of the requirements of GDPR are satisfied. For example, we are transparent about the comprehensive technical and organizational measures we implement, including the many audits and certifications we undergo and make available to you, but ultimately you play an indispensable role in determining whether the Services are appropriate for your specific use case and whether or not our Services meet requirements applicable to your particular personal data.
Since our DPA is being provided uniformly across all our products and customers, we are unable to alter our DPA for one Customer. We are confident that our DPA will more than address all our Customer’s privacy issues, including addressing compliance under applicable laws.
Master Services Agreement
This Master Services Agreement (“Agreement” or “MSA”) is entered into by and between Tealium Inc., a Delaware corporation (“Tealium”) and the customer identified in the Service Order that references or incorporates this document (“Customer”) and is effective as of the date of such Service Order (the “Effective Date”). The MSA consists of the terms of service set forth below and any attachments, addenda or exhibits referenced in (or attached to) this MSA and any Service Orders and SOWs (as defined below) that reference this MSA. Customer’s use of the Services constitute Customer’s agreement to the terms of the MSA.
Terms of Service
1. Definitions. The following defined terms are used in the MSA:
“Additional Usage Fee” or “Overage Fee” means the fee or fees identified on the applicable Service Orders that will apply if Customer’s use of the Services exceeds the Authorized Usage Level.
“Affiliate” means an entity controlled by, controlling, or under common control with, a Party.
“Attribute” means a unique characteristic of a Visitor or a particular visit to Customer’s Digital Property that collects in the Tealium customer data platform. Examples of Attributes include visit duration, favorite product, active browser, badged visitor, exit URL, and date of purchase. Attribute limitations will be specified in the applicable Service Order.
“AUP” means Tealium’s Authorized Use Policy located at https://tealium.com/terms/CPP-Tealium_Customer_Protection_Package_EMEA_v31MAR2020/
“Authorized Usage Level” means the maximum number of Sessions, Events, Attributes, or other usage units (as specified on the applicable Service Order) that can be initiated using the Services without incurring an Additional Usage Fee.
“Collect Tag” means the single, specific piece of Code that enables the collection of data from Digital Properties and transmission of that data to the Services.
“Confidential Information” means any information disclosed by one Party to the other in writing and marked “confidential” or disclosed orally and, within ten (10) business days of disclosure, reduced to writing and marked “confidential” and information which is not marked as “confidential” which should, under the circumstances, be understood to be confidential by a person exercising business judgment. Confidential Information includes without limitation; (a) matters of a technical nature such as trade secret processes or devices, know-how, data, formulas, inventions (whether or not patentable or copyrighted), specifications and characteristics of products or services planned or being developed, and research subjects, methods and results; (b) matters of a business nature such as information about costs, profits, pricing, policies, markets, sales, suppliers, customers, product plans, and marketing concepts, plans or strategies; (c) matters of a human resources nature such as employment policies and practices, personnel, compensation and employee benefits; (d) other information of a similar nature not generally disclosed by Disclosing Party to the public; and (e) Customer Data.
“Connector” means a connection between Tealium servers and a Customer-selected vendor’s servers as implemented in connection with the Tealium AudienceStream or EventStream Services.
“Connector Action” means a specific configuration in a Connector that enables a specific stream of Event or Visitor data to a Customer selected destination.
“Connector Call” means Event or Visitor data transmitted from a Tealium server via a Connector Action.
“Customer Data” means electronic data and information submitted by or for Customer to the Services including enhancement and output thereof derived from use of the Services.
“Data Protection Claims” means any claims arising from a party’s breach of (a) Section 6 (Confidential Information) with respect to Customer Data where such breach results in a Security Incident, (b) Section 7.3 (Data Protection) or any breach of obligations under the DSS or DPA, and (c) Section 8.2 (Data Security and Privacy) or any breach of obligations under the DSS or DPA.
“Data Retention Period” means the period of time event-related or audience-related data will be retained in a Customer-selected Tealium data storage Service. Customer Data will be retained for the Data Retention Period specified in the applicable Service Order. If no period is specified in the applicable Service Order the Data Retention Period is 13 months.
“DPA” means the Data Processing Agreement agreed between the parties.
“DSS” means the Data Security Statement located at https://tealium.com/terms/CPP-Tealium_Customer_Protection_Package_EMEA_v31MAR2020/
“Digital Property” means a domain, native app, mobile app, connected device, or digital instance on which the Services are deployed that are (a) owned and administered by Customer, (b) owned by an Affiliate of Customer and administered by Customer, or (c) owned and administered by an Affiliate of Customer provided such Affiliate executes a Service Order agreeing to be bound by the terms of this MSA.
“Documentation” means Tealium’s published technical documentation and usage guides for the applicable Service made available in Tealium’s online help files or through the Service.
“Event” means any call made to Tealium’s data collection servers, or any row of data uploaded to Tealium by or on behalf of Customer using Tealium’s omnichannel capability, or any Connector Call, or other API call made to Tealium by or on behalf of Customer.
“Excluded Claims” means (a) a party’s breach of its obligations in Section 6 (Confidential Information) (but excluding obligations and/or claims relating to Customer Data); (b) Customer’s breach of Section 7.2 (Customer Negative Covenants – the “Won’t Do’s”); (c) either party’s express obligations under Section 10 (Indemnification); and (d) either party’s liability for gross negligence or willful misconduct resulting in an action in tort.
“Force Majeure” means any cause beyond such Party’s control, including but not limited to the weather, unavailability of utilities or communications services (including access to the Internet), civil disturbances, acts of civil or military authorities, or acts of God.
“Highly Sensitive Data” means Personal Data whose unauthorized disclosure or use could entail a serious potential security or privacy risk for a data subject, including but not limited to government issued identification numbers such as national insurance numbers, passport numbers, driver’s license numbers, or similar identifier, or credit or debit card numbers, medical or financial information, biometric data, and/or financial, medical or other account authentication data, such as passwords or PINs.
“Impressions” means any instance where the Tealium ViewThrough cookie is either read or written.
“Malicious Code” means computer instructions or software code whose purpose is to disrupt, damage or interfere with the Services or any Party’s computer or communications systems, networks, facilities or equipment, or to provide unauthorized access to such systems, networks, facilities or equipment. Examples of Malicious Code include, without limitation, any code containing viruses, Trojan horses, worms, traps, spyware, back doors, disabling devices or similar destructive code or code that self-replicates.
“Non-Tealium Products” means third party systems or services with whom Customer may have a contractual right to connect, many of whom may be listed on the Tealium website (which list may vary from time to time) under “integrations” or “marketplace”.
“Personal Data” or “Personally Identifiable Information” has the meaning set forth in applicable law, or if no definition, means information about an individual that can be used to identify, contact or locate a specific individual, or can be combined with other information that is linked to a specific individual to identify, contact or locate a specific individual.
“Predict Model Versions” or “Model Versions” means unique versions of training models created in Tealium Predict.
“Reseller Agreement” means the Reseller Agreement that must be separately signed by Reseller and Tealium and is then incorporated into this MSA.
“Security Incident” as provided in the DSS, means any unauthorized or unlawful breach of security that leads to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or access to Customer Data, but does not include any Unsuccessful Security Incident.
“Services” means any and all services, including use of the Code, purchased by Customer as specified in one or more Service Orders and provided by Tealium under the MSA.
“Service Order” means a service order, including any attachments attached thereto or incorporated therein by reference, and signed by Tealium and Customer, which sets forth the Services and Technical Services to be provided by Tealium, the Service Term, the price, the payment terms, the Authorized Usage Level(s), and other terms relevant to delivery of the Services.
“Service Data” means query logs, and any data (other than Customer Data) relating to the operation, support and/or about Customer’s use of the Services.
“Session” means a discrete visit to a Digital Property by a Visitor where the Visitor does not leave the Digital Property and no more than thirty (30) minutes of inactivity between two (2) consecutive Visitor actions on the Digital Property occurs.
“SLA” means the Tealium Service Level Addendum located at https://tealium.com/terms/CPP-Tealium_Customer_Protection_Package_EMEA_v31MAR2020/
“SOW” means a statement of work agreed by the Parties describing the Technical Services to be performed, and any dependencies, technical specifications or other information related to the Technical Services.
“Tealium Network” means components involved in the provision of Services, which include but are not limited to, physical or virtual network devices, applications, hardware or software, servers, databases and networks.
“Technology” means any proprietary technology, including internet design, content, software tools, hardware designs, algorithms, software (in source and object forms), user interface designs, architecture, class libraries, objects, and documentation (both printed and electronic), know-how, trade secrets, and any related intellectual property rights (including without limitation copyright, author’s rights, patent, trade secret, and trademark rights) throughout the world and any derivatives, improvements, enhancements, or extensions of such technology conceived, reduced to practice, or developed during the Term by the owner of such technology.
“Technical Services” means certain implementation, deployment, configuration, consulting, training, educational services provided by Tealium to Customer that may be described in an SOW and subject to the MSA.
“User Data” means the login details and contact information of the authorized users of the Services.
“Visitor” means an individual who accesses Digital Properties on which the Services are implemented.
“Visitor Profile Data” means Tealium provided data concerning Visitors associated with Tealium’s AudienceStream Service.
“Visitor Profile Term” means the trailing period of time in which a Visitor must visit a Digital Property in order to be included in a given set of Visitor Profile Data. If a specific Visitor Profile Term is not defined on a given Service Order, the applicable Visitor Profile Term will be the thirteen (13) month period immediately preceding the time of measurement.
2. Services, Service Levels and Customer Assistance.
2.1 Services. During each applicable Service Term, Tealium will provide the Services to Customer. Each Service Order specifies an Authorized Usage Level and a Service Term. Customer will ensure that either (a) its use of the Services does not exceed its Authorized Usage Level or (b) if its use of the Services exceeds the Authorized Usage Level, it will pay the Additional Usage Fee invoiced by Tealium according to the terms of the applicable Service Order and Section 4 below. During the applicable Service Term, (x) Customer is authorized to use the Services on all Digital Properties in accordance with this MSA, (y) Tealium grants Customer a limited, non-exclusive, non-transferable (with no right to sublicense) right and license to copy the Code only for insertion in Digital Properties for use in connection with the Services, and (z) if Customer subscribes to any Tealium Services without also subscribing to Tealium iQ Services Customer may deploy the Collect Tag only for use in conjunction with the purchased Services and only for transmitting data to Tealium. Tealium does not grant any other rights to the Code. Tealium reserves all rights not expressly granted under the MSA.
2.2 Service Level Agreement. Tealium will provide the Services in accordance with the terms set forth in the SLA. Except as otherwise provided in this MSA, the remedies set forth in the SLA are Tealium’s sole liability, and Customer’s sole and exclusive remedy, for any failure of Tealium to provide the Services in accordance with the performance metrics set forth in the SLA.
2.3 Customer Assistance. Customer will supply Tealium personnel with such information, resources, and assistance as Tealium may request. Customer acknowledges and agrees that Tealium’s ability to successfully provide the Services in a timely manner is contingent upon its timely receipt from Customer of such information, resources and assistance as may be requested by Tealium. Tealium will have no liability for deficiencies or delays in the Services resulting from the acts or omissions of Customer, its agents, or employees or performance of the Services in accordance with Customer’s instructions.
2.4 Regions. Customer may specify the location(s) where Customer Data (except User Data) will be hosted within the Tealium Network from the following list, as updated by Tealium from time to time: (i) California, USA; (ii) Virginia, USA; (iii) Dublin, Ireland; (iv) Frankfurt, Germany; (v) Tokyo, Japan; and (vi) Sydney, Australia (each a “Region”). Once Customer has made its choice, by properly configuring the Services, Tealium will not transfer the hosting of Customer Data from Customer’s selected Region(s) except under Customer’s further instructions or as necessary to comply with the law or a valid and binding order of a law enforcement agency (such as a subpoena or court order). User Data will be hosted in California, USA in all cases.
2.5 Technical Services. Tealium will provide the Technical Services pursuant to each Service Order thereunder, and the SOW if applicable.
2.6 Resellers. If Customer is a Tealium approved reseller who has signed a Reseller Agreement (a “Reseller”), then Reseller may purchase Services for resale to specified end-users by submitting a Reseller Service Order in accordance with the terms of the Reseller Agreement and otherwise complying with the Reseller Agreement.
3. Non-Tealium Products or Services. The Services include the ability to connect to and exchange data with Non-Tealium Products. Tealium does not support Non-Tealium Products, and Customer will decide whether or not to enable them. Any use of Non-Tealium Products in connection with the Services is solely between Customer and the applicable third party provider. If Customer’s use of the Services includes use of Connectors, then Customer covenants that (a) it has a contractual relationship with the vendor to which the Connector may exchange Customer Data giving Customer the right to exchange Customer Data with such vendor, and (b) it will comply with all obligations and restrictions imposed by such vendor(s). Customer acknowledges that modification and connectivity of the vendor specific API is controlled by such vendor.
4. Payments. Customer will pay the undisputed fees set forth in the invoices in the amounts and at the times stated in each Service Order. Unless otherwise specified in the applicable SOW, Customer agrees to reimburse Tealium for travel, lodging and meal expenses incurred in the course of providing Technical Services at any location other than Tealium’s site. Tealium will invoice Customer for expenses incurred. Any payment not received when due will accrue interest on the outstanding amount at a rate of three (3) times the French legal interest rate calculated as from the day following the due date on the invoice. Customer will pay to Tealium all expenses incurred by Tealium in exercising its rights to late payments under this MSA, including, but not limited to, the fixed statutory allowance of forty euro (€40) for recovery costs, attorneys’ fees and the additional fees of any collection agency retained by Tealium. All sums payable under this MSA are exclusive of: (a) VAT, GST or any relevant local sales or use taxes; (b) income taxes assessed by any governmental agencies, including, but not limited to withholdings and royalties; and (c) other taxes and similar fees imposed on the delivery of Services, (collectively “Taxes”). Customer will be responsible for the payment of all Taxes except for taxes on Tealium’s income. Except as expressly provided in this MSA, all fees due hereunder are non-refundable and are not contingent on any additional services or products to be provided by Tealium.
5. Intellectual Property.
5.1 Customer Proprietary Rights. Customer Data is owned by Customer. Customer Data is Customer Confidential Information. Tealium will not sell Customer Data. Tealium may use Customer Data only as necessary for Tealium (a) to provide and monitor performance of the Services, (b) to monitor usage of the Services by Customer, (c) to prevent or address support, security and technical issues, (d) to comply with the terms of the MSA, and (e) as otherwise permitted by Customer. Tealium may use aggregated, anonymized Customer Data to improve the Services and develop and provide additional products and services. Neither this MSA nor its performance transfers from Customer to Tealium any Customer Technology.
5.2 Tealium Proprietary Rights. Tealium, or its licensors, retains all right, title and interest in and to the Services including all Technology that is a part of the Services or that Tealium makes, develops, conceives or reduces to practice, whether alone or jointly with others, in the course of performing the Services and all Tealium Technology is Tealium Confidential Information. All suggestions, enhancement requests, feedback, recommendations, and other input provided by Customer relating to the Services or Tealium Technology (altogether the “Feedback”) will be owned by Tealium. Accordingly, Customer shall assign to Tealium all such Feedback, including the intellectual property rights associated thereto, as soon as they are created. This assignment is worldwide, for the whole duration of legal protection of the Feedback by intellectual property rights, is on an exclusive basis, for all business purposes with respect to all media and means, and includes the right: (a) of reproduction in any manner whatsoever including editing and rewriting, digitalization, graphic reproduction by any means and according to any technique on any medium; (b) of representation including the right to disseminate, broadcast, edit, publish and distribute, the total or partial downloading or uploading, whether temporary or permanent, onto any type of network; (c) of use, consultation, licensing, sub-licensing, assignment and marketing of the Feedback in any manner whatsoever; (d) of customization, modification, adaptation, upgrading, making derivative works, addition or removal of all or part of the Feedback; (e) of translation, either directly or by a third party, into any written or spoken language whether for public release or not or any type of computer language. Neither this MSA nor its performance transfers from Tealium to Customer any Tealium Technology.
5.3 Service Data. Tealium may collect and use Service Data to develop, improve, support, and operate its products and services.
6.1 Obligations. Each Party agrees that it will (a) hold the other Party’s Confidential Information in confidence using the same standard of care it uses to protect its own confidential information of a similar nature, but in no event less than reasonable care; (b) not disclose the Confidential Information of the other to any third party without the other’s prior written consent, except as expressly permitted under this MSA; (c) limit access to the other’s Confidential Information to those of its employees or agents having a need to know who are bound by confidentiality obligations at least as restrictive as those set forth herein; and (d) use the other Party’s Confidential Information solely to perform its obligations or receive its benefits under this MSA. The obligations set forth in this Section 6 will apply during the Term set forth in Section 12.1 and will continue for a period that will end five (5) years after the expiration or termination of the MSA. Following termination of the MSA or upon request of the disclosing Party, all Confidential Information in any form and any copies thereof in the custody and control of the receiving Party will be deleted, destroyed or returned.
6.2 Exclusions. The restrictions on the use and disclosure of Confidential Information will not apply to any Confidential Information, or portion thereof, which (a) is or becomes publicly known through no act or omission of the receiving Party; (b) is lawfully received from a third party without restriction on disclosure; (c) is already known by the receiving Party without a duty of confidentiality at the time it is disclosed by the disclosing Party, as shown by the receiving Party’s written records; or (d) is independently developed by the receiving Party without reference to the disclosing Party’s Confidential Information, as shown by the receiving Party’s written records. Notwithstanding the foregoing, either Party may make disclosures as required or requested by a court of law or any governmental entity or agency, provided that, to the extent permitted under applicable law, such Party provides the other with reasonable prior notice to enable such Party to seek confidential treatment of such information; and either Party may disclose the terms and conditions of the MSA to potential investors, acquisition partners and its legal counsel and accountants in connection with a proposed financing or acquisition, provided that each such third party is bound by confidentiality obligations at least as restrictive as those set forth herein.
7. Customer’s Use Obligations.
7.1 General. Customer warrants that it will use the Services only in accordance with this MSA (including all addenda) and in accordance with all applicable laws and government regulations. Customer will use the Services only for its own and its Affiliates (as applicable) internal business operations and only on Digital Properties.
7.2 Restrictions. Customer warrants that it will not do, or permit any third party to do, any of the following: (a) make the Services available for use by or for the benefit of any third party (other than Customer’s contractors or consultants acting on behalf of Customer); (b) modify, reverse engineer, disassemble, decompile (except within the strict limits and conditions of applicable law), reproduce or create derivative works from the Services or Tealium Technology; (c) use or access the Services in order to develop a competitive or similar product or service or otherwise copy any features or functions of the Services; (d) interfere with or disrupt or attempt to interfere with or disrupt the integrity or the performance of the Services; (e) gain or provide unauthorized access to the Services or its related systems or networks; (f) introduce into the Services, the Tealium Technology or the Tealium system or computer network any Malicious Code, either directly or through a third party to whom Customer provides or from whom Customer receives Customer Data.
7.3 Data Protection. Customer will not transmit to Tealium nor require Tealium to process any Highly Sensitive Data. In the event that Customer causes Personal Data to be transferred under the MSA, Customer will comply with all applicable laws and regulations, or any equivalent, applicable legislation. Customer agrees that it has the authorization necessary for Personal Data to be processed pursuant to the MSA, prior to transfer to Tealium. Customer will establish user login credentials such as usernames, passwords and PINs (“Account Credentials”) for Customer’s employees and contractors to access and use the Services. Customer is solely responsible for protecting the confidentiality of Customer’s Account Credentials. Customer is solely responsible for, and Tealium will have no liability for, actions taken by non-Tealium personnel who have accessed Customer’s account within the Services using Customer’s Account Credentials.
8. Tealium Warranties.
8.1 General. Tealium warrants that it will (a) perform the Technical Services in a professional and workmanlike manner in accordance with recognized industry standards; (b) provide the Services substantially in accordance with the Documentation; (c) make the Services available in accordance with Tealium’s obligations under applicable laws and government regulations, including any applicable privacy laws described further in Section 8.2 below; and (d) not introduce into Customer’s system or computer network any Malicious Code.
8.2 Data Security and Privacy. Tealium will maintain an information security program (including the adoption and enforcement of internal policies and procedures) designed to (a) secure Customer Data against accidental or unlawful loss, access or disclosure, (b) identify foreseeable and internal risks to security and unauthorized access to the Tealium Network, and (c) minimize security risks, including through risk assessment and regular testing. The Tealium information security program is further described in the DSS. Tealium will process Personal Data, including Personal Data included in Customer Data, in accordance with the DPA.
8.3 Notice of Warranty Deficiencies. Customer must notify Tealium of any warranty deficiencies under Sections 8.1(a) or (b) above within sixty (60) days after performance of the relevant Services. The remedy for breach of Section 8.1(a) is Tealium will re-perform the Services without expense to Customer. Regarding any Services provided by Tealium that are advisory, no specific result is assured or warranted by Tealium. The remedy for breach of Sections 8.1(b), (c) and (d) is that Tealium will cure or remediate the breach within a reasonable time after notice from Customer of the breach, and if Tealium is unable to cure or remediate the breach within a reasonable time then Customer may terminate the Service Order for the affected Service and receive a refund of prepaid fees prorated for the unexpired Service Term.
8.4 Disclaimer. Except for the warranties expressly set forth in Sections 8.1 and 8.2 above and in the SLA, Tealium grants no other warranties to Customer in connection with the Services provided.
9. Insurance. During the Term, Tealium agrees to maintain in force appropriate insurance coverages including but not limited to commercial general liability. Such insurance coverages will be maintained with insurers having an A.M. Best rating of A- or better or an equivalent rating from a recognized insurance company rating agency. Tealium will provide certificates of insurance showing types of insurance and policy limits upon request.
10. Indemnification Obligations.
10.1 Tealium Indemnity of Customer. Tealium will defend, at its expense, a third party action, suit, or proceeding (a “Claim”) against Customer to the extent such Claim alleges that the Services infringe a valid patent, copyright (including author’s rights), registered trademark or trade secret of a third party enforceable in the United States, Canada, a European Economic Area member country, the United Kingdom, Australia, Japan, or Singapore. In addition, Tealium will indemnify the Customer for all losses, liabilities, damages, and expenses (including reasonable attorneys’ fees) finally awarded to a third party by a court of competent jurisdiction or agreed to by Tealium in a settlement that are directly attributable to such Claim. Tealium will have no defense or payment obligation or other liability for any Claim arising from: (a) use of the Services in a manner contrary to the terms of the MSA; (b) modification of the Services by anyone other than Tealium or a third party authorized in writing by Tealium to modify the Services; (c) the combination of the Services with any other products, services, hardware, software, or other materials (including, without limitation, Non-Tealium Products) if such Services would not be infringing without such combination.
If Customer’s use of the Services under the terms of the MSA infringes or Tealium determines that such use may infringe, then Tealium, at its sole option and expense, may either (e) procure for Customer a license to continue using the Services in accordance with the terms of the MSA; (f) replace or modify the allegedly infringing Services to avoid the infringement; or (g) if neither (e) nor (f) are commercially feasible, then terminate the Services and refund any prepaid unused amounts on a pro-rata basis. The provisions of this Section 10.1 constitute Tealium’s exclusive obligation and Customer’s exclusive remedy for third-party infringement claims.
10.2 Customer Indemnity of Tealium. Customer will defend Tealium from and against any Claim arising from or relating to Customer’s collection or use of Customer Data or Tealium’s processing of Customer Data in accordance with Customer’s instructions, and will indemnify and hold harmless Tealium from and against any penalties, fines, damages and costs awarded against Tealium or agreed in settlement by Customer (including reasonable attorneys’ fees) resulting from such Claim.
10.3 Indemnification Procedures. Each Party’s indemnification obligations set forth in this Section 10 are conditioned upon (a) the Indemnified Party providing the Indemnifying Party with information and assistance for the defense of such Claim including any settlement, (b) the Indemnifying Party being notified promptly in writing of the Claim (provided that failure to provide such prompt notice will not relieve the Indemnifying Party from its liability or obligation hereunder, except to the extent of any material prejudice as a direct result of such failure), and (c) the Indemnifying Party having sole control of the defense of such Claim and all negotiations for its settlement or compromise (provided, however, the Indemnified Party will have the right to participate in the defense of such Claim at its own expense, and that the Indemnifying Party must obtain the prior written consent of the Indemnified Party before settling a Claim against the Indemnified Party to the extent that such settlement fails to fully release the Indemnified Party from liability for the Claim or includes an admission of guilt or payment by the Indemnified Party).
11. Limitation of Liability.
11.1 Except for (i) Customer’s payment obligations under Section 4, (ii) either Party’s gross negligence or willful misconduct, (iii) breach of either Party’s warranties under Sections 7 & 8 and (iv) Tealium’s indemnity obligations under Section 10, and subject to the special limitations in Section 11(b) below, neither Party’s aggregate liability for claims arising out of the MSA or its performance hereunder will exceed the amount of fees paid or payable by Customer to Tealium under the MSA with respect to the six (6) months preceding the claim.
11.2 Each Party’s aggregate liability to the other Party for claims arising out of its breach of its obligations under the data security addendum or Section 6 (Confidentiality) or Tealium’s breach of its obligations under Section 8.1(b) and Section 8.2. (Data Security) will not exceed the amount of fees paid or payable by Customer to Tealium under the MSA during the twenty-four (24) months preceding the claim.
11.3 Notwithstanding any provision of this MSA to the contrary, neither Party will be liable to the other for any loss of business profits, depreciation of stock price, loss of data, business interruption, or other indirect damages arising from or relating to the Services, or otherwise under the MSA.
12. Term and Termination.
12.1 Term. The term of this MSA (the “Term”) begins on the Effective Date and continues until the expiration of all the Service Terms of all Service Orders unless earlier terminated in accordance with this MSA.
12.2 Service Terms. Each Service Order will provide for a service term (each a “Service Term”). Termination of one Service Order will not affect the Service Term of any other Service Order.
12.3 Termination for Breach. Without prejudice to other rights and remedies under the MSA or by operation of law, either Party may terminate a Service Order as of right upon written notice to the other Party, for any material breach by the other Party if such breach is not cured within thirty (30) days following written notice of such breach from the non-breaching Party. Upon termination by Customer for Tealium’s breach, Tealium will refund any unearned portion of prepaid usage fees. If Customer is late in paying fees that are due, Tealium may, without terminating a Service Order, deny or otherwise suspend Services until Customer makes the overdue payments.
12.4 Effect of Termination. Upon expiration or termination of any Service Order, Tealium will stop providing Services provided under such Service Order, all licenses granted by Tealium thereunder will terminate, Customer will cease all use of the Services, and Customer will remove all copies of Code from all Digital Properties. Any payment obligations of Customer, and the provisions of Sections 4, 5, 6, 7.2, 7.3, and Sections 10-21 inclusive will survive termination or expiration of the Service Order.
13. Notices. All notices permitted or required under the MSA will be in writing, and will be deemed effective when: (a) delivered by personal delivery, (b) confirmed by the recipient, for notices delivered by electronic mail, or (c) three (3) days after being sent by certified or registered mail (return receipt requested) or overnight courier. Notices will be sent to the addresses set forth in the applicable Service Order or such other address as either Party may specify in writing in accordance with this paragraph. Notices to Tealium must be sent to [email protected].
14. Law and Jurisdiction. The MSA (and any dispute arising out of or in connection with it) will be construed and enforced in accordance with the laws of France without regard to its conflict of laws principles. The Parties expressly disclaim the application of the United Nations Convention on the International Sale of Goods to this MSA.
In the event of any dispute arising between the parties in connection with validity, interpretation, or performance of the MSA, or more generally any dispute related to the MSA, the Parties shall first seek to resolve the dispute in good faith through informal discussion.
IF SUCH DISPUTE CANNOT BE RESOLVED INFORMALLY IT SHALL BE EXCLUSIVELY SETTLED, IN FIRST INSTANCE, BY THE INTERNATIONAL CHAMBER OF THE PARIS COMMERCIAL COURT, AND, IN APPEAL BY THE INTERNATIONAL COMMERCIAL CHAMBER OF THE PARIS COURT OF APPEAL. TO THE EXTENT PERMISSABLE, PROCEEDINGS SHALL BE CONDUCTED IN THE ENGLISH LANGUAGE.
15. Severability; Waiver. If any term or provision of the MSA is held to be invalid or unenforceable by any court of competent jurisdiction, such provision will be construed to effectuate to the greatest possible extent the Parties’ expressed intent, and the remainder of the MSA will not be affected and will remain valid and enforceable. The failure of either Party to exercise or enforce any right or provision of the MSA will not constitute a waiver of such right or provision, and any waiver granted by a Party in one instance does not constitute a waiver for other instances.
16. Independent Contractors. The relationship between the Parties is solely that of independent contractors, and neither Party will have any authority to bind or commit the other. Nothing in the MSA will be deemed or construed to create a joint venture, partnership, employment, or agency relationship between the Parties for any purpose.
17. Assignment. Neither the MSA nor any of the rights or duties arising out of the MSA may be assigned by Tealium or Customer without the prior written consent of the other Party, such consent not to be unreasonably withheld; except that either Party may, without such consent, assign the MSA and its rights and duties arising out of the MSA to the transferee, or other successor in interest, in connection with the sale or transfer of all or substantially all of its assets or in connection with any reincorporation, merger, acquisition, re-organization, or consolidation provided the assigning Party promptly notifies the non-assigning Party in writing.
18. Headings. The headings used for the sections of this MSA are for information purposes and convenience only and do not define, limit, construe, or describe the scope or extent of the sections.
19. Entire Agreement. This MSA (including any attachments or exhibits attached to or incorporated by reference) constitutes the entire agreement between the Parties with regard to the subject matter hereof, and supersedes and replaces any prior or contemporaneous agreements between the Parties regarding such subject matter. No oral or written representation that is not expressly contained in this MSA is binding on Tealium or Customer. This MSA will control over any different or additional terms and conditions in any purchase order or other non-Tealium ordering document. No amendment to this MSA or any Service Order will be binding on either Party unless in writing and signed by both Parties.
20. Force Majeure. Neither Party will be liable for any delay or failure of performance of any particular obligation under this MSA which delay or failure is caused by a Force Majeure.
21. E-signing. The Parties expressly acknowledge and agree that the MSA may be validly executed using an e-signature device which meets the requirements of Regulation (EU) 910/2014 on Electronic Identification and Trust Services for Electronic Transactions in the Internal Market, and shall be deemed an original. Consents by Customer to any amendments, changes or modifications to contractual documents, incorporated in the MSA via hyperlinks, may be validly provided by email issued by Customer’s authorized representative. The Parties acknowledge and agree that the executed MSA as well as any consents to amendments granted pursuant to this section would qualify as valid evidence between the Parties.