Tigris Subscription Agreement

Last updated: December 13, 2023

This Tigris Subscription Agreement (the "Agreement") contains the terms and conditions that govern access to and use of the Tigris Object Storage Service (as defined below) and creates a binding contract between User (as defined below) and Tigris Data Inc. ("Tigris Data," "we," or "us"). Please see Section 23 for definitions of certain capitalized terms used in this Agreement.

Terms

PLEASE READ THE FOLLOWING TERMS CAREFULLY:

BY CLICKING “I ACCEPT,” OR BY ACCESSING OR USING THE TIGRIS OBJECT STORAGE SERVICE, YOU (“User” or “you”) AGREE THAT YOU HAVE READ AND UNDERSTOOD, AND, AS A CONDITION TO YOUR USE OF THE TIGRIS OBJECT STORAGE SERVICE, YOU AGREE TO BE BOUND BY, THE TERMS OF THIS AGREEMENT AND TIGRIS DATA’S PRIVACY POLICY, WHICH IS INCORPORATED HEREIN BY REFERENCE. IF AN INDIVIDUAL IS ACCEPTING THIS AGREEMENT ON BEHALF OF A COMPANY OR OTHER LEGAL ENTITY, SUCH INDIVIDUAL (AN “ENTERPRISE USER”) REPRESENTS THAT THEY HAVE THE AUTHORITY TO BIND SUCH ENTITY TO THE TERMS OF THIS AGREEMENT, AND THE TERMS “User” AND “you” AS USED IN THIS AGREEMENT WILL REFER TO SUCH ENTITY. IF THE INDIVIDUAL ACCEPTING THIS AGREEMENT IS NOT ELIGIBLE, DOES NOT AGREE TO THE TERMS OF THIS AGREEMENT, OR DOES NOT HAVE SUCH AUTHORITY, SUCH INDIVIDUAL MUST NOT ACCEPT THIS AGREEMENT AND USER MAY NOT USE THE TIGRIS OBJECT STORAGE SERVICE. USER’S USE OF THE TIGRIS OBJECT STORAGE SERVICE, AND TIGRIS DATA’S PROVISION OF THE TIGRIS OBJECT STORAGE SERVICE TO USER, CONSTITUTES AN AGREEMENT BY TIGRIS DATA AND BY USER TO BE BOUND BY THIS AGREEMENT.

ARBITRATION NOTICE. Except for certain kinds of disputes described in Section 20, User agrees that disputes arising under this Agreement will be resolved by binding, individual arbitration, and BY ACCEPTING THIS AGREEMENT, USER AND TIGRIS DATA ARE EACH WAIVING THE RIGHT TO A TRIAL BY JURY OR TO PARTICIPATE IN ANY CLASS ACTION OR REPRESENTATIVE PROCEEDING.

  1. Tigris Object Storage Service Overview. Tigris Data makes available a global object storage service that enables developers to quickly and easily store and access any amount of data for a wide range of use cases (collectively, the “Tigris Object Storage Service”).
  2. Eligibility. You must be at least 18 years old to use the Tigris Object Storage Service. By agreeing to this Agreement, you represent and warrant to us that: (a) you are at least 18 years old; (b) you have not previously been suspended or removed from the Tigris Object Storage Service; and (c) your registration and your use of the Tigris Object Storage Service is in compliance with any and all Laws.
  3. Accounts and Registration.

    3.1 Accounts. Unless you have purchased or are accessing the Tigris Cloud Service through an authorized reseller of Tigris Data, in order to access the Tigris Object Storage Service, you must register for an account. You may also register and log into the Tigris Object Storage Service through third party identity providers such as GitHub or Google.

    3.2 Accuracy of Information. When you register for an account, you may be required to provide us with some information about yourself, such as your name, email address and other contact information. You agree that the information you provide to us is accurate, complete, and not misleading, and that you will keep it accurate and up to date at all times.

    3.3 Account Security. You are responsible for the security of your account, and are fully responsible for all activities that occur through the use of your credentials. If you believe that your account is no longer secure, then you should immediately notify us at support@tigrisdata.com.
  4. End Users. Enterprise Users may be permitted to invite other users to register for accounts in order to access the Tigris Object Storage Service and Customer Content (such other users, “End Users”). User is responsible for each End User’s use of and access to the Tigris Object Storage Service and the Customer Content and for each End User’s compliance with this Agreement. If User becomes aware of any violation of this Agreement caused by an End User, User will immediately suspend access to the Tigris Object Storage Service and Customer Content by such End User.
  5. Fees. Tigris Data currently provides you with access to and use of the Tigris Object Storage Service for free. Tigris Data in its sole discretion will eventually charge you fees to access and use the Tigris Object Storage Service. Tigris Data will provide you with advance notice of any such changes before they take effect.
  6. Tigris Object Storage Service

    6.1
    Permitted Use. Subject to User’s complete and ongoing compliance with this Agreement, Tigris Data grants User a limited, non-exclusive, non-transferable, non-sublicensable, revocable license during the Term to access and use the Tigris Object Storage Service only for User’s internal use in accordance with this Agreement.

    6.2 Restrictions. Except and solely to the extent such a restriction is impermissible under Law, User may not: (a) provide access to, distribute, sell, or sublicense the Tigris Object Storage Service to a third party; (b) use the Tigris Object Storage Service on behalf of, or to provide any product or service to, third parties; (c) reverse engineer, decompile, disassemble, or seek to access the source code or non-public APIs to the Tigris Object Storage Service, except to the extent expressly permitted by Law (and then only with prior notice to Tigris Data); (d) modify or create derivative works of the Tigris Object Storage Service or copy any element of the Tigris Object Storage Service; (e) remove or obscure any proprietary notices in the Tigris Object Storage Service; (f) interfere with the operation of the Tigris Object Storage Service, circumvent any access restrictions, or conduct any security or vulnerability test of the Tigris Object Storage Service; (g) transmit any viruses or other harmful materials to the Tigris Object Storage Service; (h) take any action that risks harm to others or to the security, availability, or integrity of the Tigris Object Storage Service; or (i) access or use the Tigris Object Storage Service in a manner that violates any Law. Additionally, User must not use the Tigris Object Storage Service with Prohibited Content (or Transmit Prohibited Content to Tigris Data or the Tigris Object Storage Service) or for High Risk Activities. User acknowledges that the Tigris Object Storage Service is not intended to meet any legal obligations for these uses, and that Tigris Data is not a Business Associate as defined under HIPAA. Notwithstanding anything else in this Agreement, Tigris Data has no liability for Prohibited Content, including the transmission of Prohibited Content to the Tigris Object Storage Service, or use of the Tigris Object Storage Service for High Risk Activities.

    6.3 Feedback. We respect and appreciate the thoughts and comments from our users. If User chooses to provide input and suggestions regarding existing functionalities, problems with or proposed modifications or improvements to the Tigris Object Storage Service (“Feedback”), then User hereby grants Tigris Data an unrestricted, perpetual, irrevocable, non-exclusive, fully-paid, royalty-free right and license to use the Feedback in any manner and for any purpose, including to improve the Tigris Object Storage Service and create other products and services. We will have no obligation to provide User with attribution for any Feedback User provides to us.

    6.4 API. The Tigris Object Storage Service includes the Tigris Data application programming interface (“API”). To the extent you use the API, you will comply with our published API documentation and any other information or policies we make available from time to time. In addition to any restrictions or limitations set forth in such documentation (and without limiting this Agreement), you will not use the API in a manner that, in Tigris Data’s discretion, exceeds specified call/query volumes, constitutes abusive or excessive use, or otherwise fails to comply with or is inconsistent with this Agreement.

    6.5 Ownership; Proprietary Rights. The Tigris Object Storage Service is owned and operated by Tigris Data. The visual interfaces, graphics, design, compilation, information, data, computer code (including source code or object code), products, software, services, and all other elements of the Tigris Object Storage Service provided by Tigris Data (“Materials”) are protected by intellectual property and other laws. All Materials included in the Tigris Object Storage Service are the property of Tigris Data or its third-party licensors. Except as expressly authorized by Tigris Data, User may not make use of the Materials. There are no implied licenses in this Agreement and Tigris Data reserves all rights to the Materials not granted expressly in this Agreement.
  7. Service Levels and Support. During the Term, Tigris Data will use commercially reasonable efforts to (a) keep the Tigris Object Storage Service operational, excluding scheduled and emergency maintenance; and (b) implement commercially reasonable measures to secure the Tigris Object Storage Service against unauthorized access to Customer Content and User Data; provided that User is solely responsible for maintaining the security and operability of those systems and devices that User use to access the Tigris Object Storage Service.
  8. Modifications. We reserve the right to modify or discontinue the Tigris Object Storage Service at any time (including by limiting or discontinuing certain features of Tigris Object Storage Service), temporarily or permanently, without notice to you and without liability. You should retain copies of all Customer Content and User Data so that you have permanent copies in the event the Tigris Object Storage Service is modified in such a way that you lose access to same.
  9. Third-Party Terms.

    9.1 Third-Party Services. Tigris Data may provide tools through the Tigris Object Storage Service that enable you to export information, including Customer Content, to third-party services, including through features that allow you to link your account on the Tigris Object Storage Service with an account on the third-party service. By using one of these tools, you hereby authorize Tigris Data to transfer your information and Customer Content to the applicable third-party service. Third-party services are not under Tigris Data’s control, and, to the fullest extent permitted by law, Tigris Data is not responsible for any third-party service’s use of your exported information. Please be sure to review the terms of use and privacy policy of any third-party services before you share any Customer Content or information with such third-party services. Once sharing occurs, Tigris Data will have no control over the information that has been shared.

    9.2 Third-Party Software. The Tigris Object Storage Service may include or incorporate third-party software components that are generally available free of charge under licenses granting recipients broad rights to copy, modify, and distribute those components (“Third-Party Components”). Although the Tigris Object Storage Service is provided to User subject to this Agreement, nothing in this Agreement prevents, restricts, or is intended to prevent or restrict you from obtaining Third-Party Components under the applicable third-party licenses or to limit your use of Third-Party Components under those third-party licenses.
  10. Customer Content

    10.1 Limited License. Except as provided in this Section 10, Tigris Data obtains no rights under this Agreement from User (or User’s licensors) to any Customer Content. By Transmitting Customer Content to Tigris Data or the Tigris Object Storage Service, User consents to Tigris Data’s use of Customer Content to provide the Tigris Object Storage Service to User and hereby grant Tigris Data a worldwide, non-exclusive, irrevocable, royalty-free, fully paid right and license (with the right to sublicense through multiple tiers) to host, store and transfer such Customer Content, in whole or in part, solely to provide the Tigris Object Storage Service to User. Tigris Data will not access or use Customer Content except as necessary to maintain or provide the Tigris Object Storage Service, or as necessary to comply with Laws or a binding order of a governmental body. Tigris Data will not disclose Customer Content to any government or third party except as necessary to comply with Laws or a binding order of a governmental body. For clarity, Tigris Data’s Privacy Policy does not apply to Customer Content.

    10.2 Adequate Rights. User represents and warrants to Tigris Data that: (a) User or User’s licensors owns all right, title, and interest in and to Customer Content; (b) User has all rights in Customer Content necessary to grant the rights contemplated by this Agreement; and (c) none of Customer’s Content or User’s use of the Tigris Object Storage Service will violate the terms of this Agreement.

    10.3 Additional User Responsibilities. User is responsible for all Customer Content, including its content and accuracy, and will comply with Laws and this Agreement when using the Tigris Object Storage Service. User will ensure that all Customer Content and User’s use of all Customer Content and the Tigris Object Storage Service will not violate any of the terms of this Agreement or any Law. User is responsible for properly using the Tigris Object Storage Service and represents and warrants that it has made all disclosures, provided all notices, and has obtained all rights, consents, and permissions necessary for Tigris Data to Process Customer Content and User Data as set forth in this Agreement without violating or infringing Laws, third-party rights, or terms or policies that apply to the Customer Content or User Data. 

    10.4 Customer Content Disclaimer. Tigris Data is under no obligation to edit, monitor or control Customer Content or any Content that any user Transmits to the Tigris Object Storage Service. Tigris Data will not be in any way responsible or liable for any such Content or Customer Content. Tigris Data may, however, at any time and without prior notice, screen, remove, edit, or block any Customer Content that in our sole judgment violates this Agreement, is alleged to violate the rights of third parties, or is otherwise objectionable. You agree to waive, and do waive, any legal or equitable right or remedy you have or may have against Tigris Data with respect to Customer Content. If notified by a user or content owner that Customer Content allegedly does not conform to this Agreement, we may investigate the allegation and determine in our sole discretion whether to remove the Customer Content, which we reserve the right to do at any time and without notice. For clarity, Tigris Data does not permit infringing activities on the Tigris Object Storage Service.
  11. User Data

    11.1 Use of User Data. User grant Tigris Data a non-exclusive, worldwide, sublicensable right to use, copy, store, disclose, transmit, transfer, publicly display, modify, and create derivative works from User Data only as necessary to (a) provide the Tigris Object Storage Service; (b) derive or generate Usage Data; (c) create and compile Aggregated Data; and (d) as otherwise required by Law.

    11.2 Usage Data; Aggregated Data. User acknowledges that Tigris Data may collect, access, use, disclose, transfer, transmit, store, host, and otherwise process Usage Data and Aggregated Data for internal business purposes, such as to: (a) track use of Tigris Object Storage Services for billing purposes; (b) provide support for Tigris Object Storage Services; (c) monitor the performance and stability of the Tigris Object Storage Service; (d) prevent or address technical issues with the Tigris Object Storage Service; (e) to improve Tigris Object Storage Service, its other products and services, and to develop new products and services; and (f) for all other lawful business practices, such as analytics, benchmarking, and reports. Customer will not interfere with the collection of Usage Data.
  12. Communications. We may send you emails concerning our products and services, as well as those of third parties. You may opt out of promotional emails by following the unsubscribe instructions in the promotional email itself.
  13. Prohibited Conduct. BY USING THE TIGRIS OBJECT STORAGE SERVICE, USER AGREES NOT TO:

    13.1 use the Tigris Object Storage Service for or to engage in, promote or encourage any illegal purpose or activity, including child sexual exploitation, child abuse, or terrorism or violence that can cause death, serious harm, or injury to individuals or groups of individuals, or in violation of any local, state, national, or international law;

    13.2 harass, threaten, demean, embarrass, bully, or otherwise harm any other user of the Tigris Object Storage Service;

    13.3 violate, encourage others to violate, or provide instructions on how to violate, any right of a third party, including by infringing or misappropriating any third-party intellectual property right;

    13.4 use the Tigris Object Storage Service for any unlawful, invasive, defamatory, or fraudulent purpose, or to generate, distribute, publish, or facilitate unsolicited mass email, promotions, advertisements, or other solicitations;

    13.5 interfere with security-related features of the Tigris Object Storage Service, including by: (i) disabling or circumventing features that prevent or limit use, printing or copying of any content; or (ii) reverse engineering or otherwise attempting to discover the source code of any portion of the Tigris Object Storage Service except to the extent that the activity is expressly permitted by Law;

    13.6 interfere with the operation of the Tigris Object Storage Service or any user’s enjoyment of the Tigris Object Storage Service, including by: (i) uploading or otherwise disseminating any virus, adware, spyware, worm, or other malicious code; (ii) making any unsolicited offer or advertisement to another user of the Tigris Object Storage Service; (iii) collecting personal information about another user or third party without consent; or (iv) interfering with or disrupting any network, equipment, or server connected to or used to provide the Tigris Object Storage Service;

    13.7 perform any fraudulent activity including impersonating any person or entity, claiming a false affiliation or identity, accessing any other Tigris Object Storage Service account without permission;

    13.8 sell or otherwise transfer the access granted under this Agreement or any Materials or any right or ability to view, access, or use any Materials; 

    13.9 use the Tigris Object Storage Service for or with any High Risk Activities or Prohibited Content; or

    13.10 attempt to do any of the acts described in this Section 13 or assist or permit any person or entity in engaging in any of the acts described in this Section 13.
  14. Intellectual Property Rights Protection

    14.1 Respect of Third Party Rights. Tigris Data respects the intellectual property rights of others, takes the protection of intellectual property rights very seriously, and asks users of the Tigris Object Storage Service to do the same. Infringing activity will not be tolerated on or through the Tigris Object Storage Service.

    14.2 DMCA Notification. We comply with the provisions of the Digital Millennium Copyright Act applicable to Internet service providers (17 U.S.C. § 512, as amended). If you have an intellectual property rights-related complaint about any material on the Tigris Object Storage Service, you may contact our Designated Agent at the following address:

    Tigris Data Inc.
    Attn: Legal Department (IP Notification)
    1250 Borregas Ave, #87, Sunnyvale, CA 94089
    Email: ip-infringement@tigrisdata.com

    14.3 Procedure for Reporting Claimed Infringement. If you believe that any content made available on or through the Tigris Object Storage Service has been used or exploited in a manner that infringes an intellectual property right you own or control, then please promptly send a written “Notification of Claimed Infringement” to the Designated Agent identified above containing the following information:

    a. an electronic or physical signature of the person authorized to act on behalf of the owner of the copyright or other right being infringed;

    b. a description of the copyrighted work or other intellectual property right that you claim has been infringed;

    c. a description of the material that you claim is infringing and where it is located on the Tigris Object Storage Service;

    d. your address, telephone number, and email address;

    e. a statement by you that you have a good faith belief that the use of the materials on the Tigris Object Storage Service of which you are complaining is not authorized by the copyright or other intellectual property right owner, its agent, or Laws; and

    f. a statement by you that the above information in your notice is accurate and that, under penalty of perjury, you are the copyright or other intellectual property right owner or authorized to act on the copyright or intellectual property owner’s behalf.

    Your Notification of Claimed Infringement may be shared by Tigris Data with the user alleged to have infringed a right you own or control as well as with the operators of publicly available databases that track notifications of claimed infringement, and you consent to Tigris Data making such disclosures. You should consult with your own lawyer or see 17 U.S.C. § 512 to confirm your obligations to provide a valid notice of claimed infringement.

    14.4 Repeat Infringers. Tigris Data’s policy is to: (a) remove or disable access to material that Tigris Data believes in good faith, upon notice from an intellectual property rights owner or authorized agent, is infringing the intellectual property rights of a third party by being made available through the Tigris Object Storage Service; and (b) in appropriate circumstances, to terminate the accounts of and block access to the Tigris Object Storage Service by any user who repeatedly or egregiously infringes other people’s copyright or other intellectual property rights. Tigris Data will terminate the accounts of users that are determined by Tigris Data to be repeat infringers. Tigris Data reserves the right, however, to suspend or terminate accounts of users in our sole discretion.

    14.5 Counter Notification. If you receive a notification from Tigris Data that material made available by you on or through the Tigris Object Storage Service has been the subject of a Notification of Claimed Infringement, then you will have the right to provide Tigris Data with what is called a “Counter Notification.” To be effective, a Counter Notification must be in writing, provided to Tigris Data’s Designated Agent through one of the methods identified in Section 14.2 (DMCA Notification), and include substantially the following information:

    a. your physical or electronic signature;

    b. identification of the material that has been removed or to which access has been disabled and the location at which the material appeared before it was removed or access to it was disabled;

    c. a statement under penalty of perjury that you have a good faith belief that the material was removed or disabled as a result of mistake or misidentification of the material to be removed or disabled; and

    d. your name, address, and telephone number, and a statement that you consent to the jurisdiction of Federal District Court for the judicial district in which the address is located, or if you are residing outside of the United States, then for any judicial district in which Tigris Data may be found, and that you will accept service of process from the person who provided notification under Section 14.2 (DMCA Notification) above or an agent of that person.

    A party submitting a Counter Notification should consult a lawyer or see 17 U.S.C. § 512 to confirm the party’s obligations to provide a valid counter notification under the Copyright Act.

    14.6 Reposting of Content Subject to a Counter Notification. If you submit a Counter Notification to Tigris Data in response to a Notification of Claimed Infringement, then Tigris Data will promptly provide the person who provided the Notification of Claimed Infringement with a copy of your Counter Notification and inform that person that Tigris Data will replace the removed Customer Content or cease disabling access to it in 10 business days, and Tigris Data will replace the removed Customer Content and cease disabling access to it not less than 10, nor more than 14, business days following receipt of the Counter Notification, unless Tigris Data’s Designated Agent receives notice from the party that submitted the Notification of Claimed Infringement that such person has filed an action seeking a court order to restrain the user from engaging in infringing activity relating to the material on Tigris Data’s system or network.

    14.7 False Notifications of Claimed Infringement or Counter Notifications. The Copyright Act provides at 17 U.S.C. § 512(f) that: “[a]ny person who knowingly materially misrepresents under [Section 512 of the Copyright Act (17 U.S.C. § 512)] (1) that material or activity is infringing, or (2) that material or activity was removed or disabled by mistake or misidentification, will be liable for any damages, including costs and attorneys’ fees, incurred by the alleged infringer, by any copyright owner or copyright owner’s authorized licensee, or by a service provider, who is injured by such misrepresentation, as the result of [Tigris Data] relying upon such misrepresentation in removing or disabling access to the material or activity claimed to be infringing, or in replacing the removed material or ceasing to disable access to it.” Tigris Data reserves the right to seek damages from any party that submits a Notification of Claimed Infringement or Counter Notification in violation of Laws.
  15. Suspension

    15.1 General. Tigris Data may immediately suspend User’s (and its End Users’) access to the Tigris Object Storage Service if Tigris Data reasonably determines that: (a) User (or any End User) breaches any term of this Agreement; (b) changes to Law or new laws require that Tigris Data suspend the Tigris Object Storage Service (in whole or in part) or otherwise may impose additional liability on the part of Tigris Data; or (c) User’s (or its End Users’) actions or use of the Tigris Object Storage Service (i) risk harm to any of Tigris Data’s other customers or the security, availability, or integrity of the Tigris Object Storage Service; (ii) could adversely impact Tigris Data’s systems, the Tigris Object Storage Service or the systems or content of any other Tigris Object Storage Service user; (iii) could subject any Tigris Data Entity or any third party to liability; or (iv) could be fraudulent. Where practicable, Tigris Data will use reasonable efforts to provide User with prior notice of the suspension. If in Tigris Data’s sole but reasonable discretion the issue that led to the suspension is resolved, Tigris Data will restore User’s (and its End Users’) access to the Tigris Object Storage Service.

    15.2 Effects. If Tigris Data suspends User’s (or any End Users’) right to access or use any portion or all of the Tigris Object Storage Service, (a) User will be responsible for all fees and charges you incur during the period of suspension that Tigris Data bills to Users.
  16. Term; Termination

    16.1 Term. This Agreement is effective beginning when User accepts this Agreement or first accesses or uses the Tigris Object Storage Service and ending when terminated as described in Section 16.2 (the “Term”).

    16.2 Termination. 

    a. For Convenience. User may terminate User’s account and this Agreement for any reason by removing all Customer Content from the Tigris Object Storage Service or contacting customer service at support@tigrisdata.com. We may terminate this Agreement for any reason by providing User at least 30 days’ advance notice.

    b. For Cause. Either party may terminate this Agreement if: (i) the other party fails to cure a material breach of this Agreement (including a failure to pay fees) within 30 days after notice (in which case User will close its account no later than the effective date of termination set forth in such notice); and (ii) upon notice to the other party if the other party (x) ceases operation without a successor; or (y) seeks protection under a bankruptcy, receivership, trust deed, creditors’ arrangement, composition, or comparable proceeding, or if such a proceeding is instituted against that party and not dismissed within 60 days. Tigris Data may also terminate this Agreement for cause immediately upon notice to User if Tigris Data has the right to suspend under Section 15 and the issue giving Tigris Data the right to suspend either is not capable of being remedied or has not been remedied within 30 days of us suspending User’s (or any of its End User’s) access under Section 15.

    16.3 Effect of Termination. 

    a. General. Upon termination of this Agreement: (a) except as provided in clause (d) below, all of User’s rights under this Agreement immediately terminate and User (and its End Users) must immediately cease all use of the Tigris Object Storage Service (and must uninstall any application programming interface made available by Tigris Data); (b) User (and its End Users) will no longer be authorized to access User’s (or any End User’s) account or the Tigris Object Storage Service; (c) User must pay Tigris Data any unpaid amount that was due prior to termination; and (d) all payment obligations accrued prior to termination and Sections 3.3, 4, 5, 6.3, 6.5, 11, 16.3, 17, 18, 19, 20, and  will survive.

    b. Post-Termination. Unless Tigris Data terminates this Agreement pursuant to Section 16.2(b), during the 30 days immediately following the effective date of termination of this Agreement as set forth in a notice of termination (or if terminated by User for convenience by contacting Tigris Data customer service, then 30 days following the date of such contact), Tigris Data will not take action to remove from the Tigris Object Storage Service any Customer Content as a result of the termination, and Tigris Data will allow User (but not End Users) to retrieve Customer Content from the Tigris Object Storage Service provided that User has paid all amounts due under this Agreement. After that 30 day period, Tigris Data will be under no obligation to store or retain any Customer Content and may delete the Customer Content at any time in its sole discretion. For any use of the Tigris Object Storage Service after termination of this Agreement, the terms of this Agreement (including any payment obligations for the Tigris Object Storage Service under Section 5) will apply. Notwithstanding the foregoing, User is solely responsible for retaining copies of (i) any User Data stored on the Tigris Object Storage Service; and (ii) all Customer Content Transmitted to the Tigris Object Storage Service, in each case since upon termination of your account, User (and its End Users) may lose access rights to User’s (and its End Users’) account(s). If User’s account has been terminated for a breach of this Agreement, then User is prohibited from creating a new account on the Tigris Object Storage Service using a different name, email address or other forms of account verification.
  17. Indemnification.

    17.1 General. To the fullest extent permitted by law, User is responsible for its (and its End Users’) use of and access to the Tigris Object Storage Service, and User will defend and indemnify Tigris Data and each other Tigris Data Entity from and against any third-party claim, and any related liability, damage, loss, and expense, including attorneys’ fees and costs, arising out of or connected with: (a) User’s (and each End User’s) use of the Tigris Object Storage Service (including any activities under your or their account); (b) User’s (and any End User’s) violation of any portion of this Agreement, any representation, warranty, or agreement referenced in this Agreement, or any Law; (c) the Customer Content, including any allegation that User (or any End User) or any Customer Content infringes, misappropriates or otherwise violates any third-party right, including any intellectual property right or publicity, confidentiality, other property, or privacy right; or (e) any dispute or issue between User and any End User. We reserve the right, at our own expense, to assume the exclusive defense and control of any matter otherwise subject to indemnification by User (without limiting User’s indemnification obligations with respect to that matter), and in that case, User agrees to cooperate with our defense of those claims.

    17.2 Intellectual Property. Tigris Data will defend User from and against any third-party claim to the extent alleging that the Tigris Object Storage Service as operated by Tigris Data, when used by User (and each End User) as permitted under this Agreement infringes or misappropriates a third party’s U.S. patent, copyright, trademark, or trade secret, and will pay the amount of any damages and costs awarded against User (including reasonable attorneys’ fees) in a final judgement of, or agreed by Tigris Data in a settlement of, the claim; provided that Tigris Data will not have any obligations or liability under this Section 17.2 for (a) infringement or misappropriation resulting from use of the Tigris Object Storage Service in combination with products, services, software, data, content or other items not provided by Tigris Data; (b) unauthorized use of the Tigris Object Storage Service; or (c) if User settles or makes any admissions about a claim without Tigris Data’s prior consent. For any claim covered by this Section 17.2, Tigris Data will, at its election, either: (i) procure the rights to use that portion of the Tigris Object Storage Service alleged to be infringing; (ii) replace the alleged infringing portion of the Tigris Object Storage Service with a non-infringing alternative; (iii) modify the alleged infringing portion of the Tigris Object Storage Service to make it non-infringing; or (iv) terminate the allegedly infringing portion of the Tigris Object Storage Service or this Agreement. This Section 17.2 sets out User’s exclusive remedy and Tigris Data’s entire liability regarding infringement or misappropriation of third-party intellectual property rights.

    17.3 Procedure. The indemnifying party’s obligations in this Section 17 are subject to it receiving: (a) prompt written notice of the claim; (b) except as set forth in Section 17.1, the exclusive right to control and direct the investigation, defense, and settlement of the claim; and (c) all reasonably necessary cooperation of the indemnified party, at the indemnifying party’s expense for reasonable out-of-pocket costs. The indemnifying party may not settle any claim without the indemnified party’s prior consent if settlement would require the indemnified party to admit fault or take or refrain from taking any action (other than relating to use of the Tigris Object Storage Service, when Tigris Data is the indemnifying party). The indemnified party may participate in a claim with its own counsel at its own expense.
  18. Disclaimers; No Warranties by Tigris Data

    18.1 THE TIGRIS OBJECT STORAGE SERVICE AND ALL MATERIALS AND CONTENT AVAILABLE THROUGH THE TIGRIS OBJECT STORAGE SERVICE ARE PROVIDED “AS IS” AND ON AN “AS AVAILABLE” BASIS. TIGRIS DATA DISCLAIMS ALL WARRANTIES OF ANY KIND, WHETHER EXPRESS OR IMPLIED, RELATING TO THE TIGRIS OBJECT STORAGE SERVICE AND ALL MATERIALS AND CONTENT AVAILABLE THROUGH THE TIGRIS OBJECT STORAGE SERVICE, INCLUDING: (a) ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, QUIET ENJOYMENT, OR NON-INFRINGEMENT; (b) ANY WARRANTY ARISING OUT OF COURSE OF DEALING, USAGE, OR TRADE; AND (c) THAT ANY CUSTOMER CONTENT WILL BE SECURE OR NOT OTHERWISE LOST OR ALTERED. TIGRIS DATA DOES NOT WARRANT THAT THE TIGRIS OBJECT STORAGE SERVICE OR ANY PORTION OF THE TIGRIS OBJECT STORAGE SERVICE, OR ANY MATERIALS OR CONTENT OFFERED THROUGH THE TIGRIS OBJECT STORAGE SERVICE, WILL BE UNINTERRUPTED, SECURE, OR FREE OF ERRORS, VIRUSES, OR OTHER HARMFUL COMPONENTS, AND TIGRIS DATA DOES NOT WARRANT THAT ANY OF THOSE ISSUES WILL BE CORRECTED.  THE TIGRIS DATA ENTITIES ARE NOT RESPONSIBLE OR LIABLE FOR THE DELETION OF OR FAILURE TO STORE ANY CUSTOMER CONTENT OR USER DATA OR OTHER COMMUNICATIONS MAINTAINED OR TRANSMITTED THROUGH USE OF THE TIGRIS OBJECT STORAGE SERVICES. USER IS SOLELY RESPONSIBLE FOR SECURING AND BACKING UP THE CUSTOMER CONTENT AND USER DATA.

    18.2 NO ADVICE OR INFORMATION, WHETHER ORAL OR WRITTEN, OBTAINED BY USER FROM THE TIGRIS OBJECT STORAGE SERVICE OR TIGRIS DATA ENTITIES OR ANY MATERIALS OR CONTENT AVAILABLE THROUGH THE TIGRIS OBJECT STORAGE SERVICE WILL CREATE ANY WARRANTY REGARDING ANY OF THE TIGRIS DATA ENTITIES OR THE TIGRIS OBJECT STORAGE SERVICE THAT IS NOT EXPRESSLY STATED IN THIS AGREEMENT. TIGRIS DATA IS NOT RESPONSIBLE FOR ANY DAMAGE THAT MAY RESULT FROM THE TIGRIS OBJECT STORAGE SERVICE OR USER’S (OR ANY END USER’S) DEALING WITH ANY OTHER SERVICE USER. USER UNDERSTANDS AND AGREES THAT USER (AND ALL END USERS) USE ANY PORTION OF THE TIGRIS OBJECT STORAGE SERVICE AT USER’S OWN DISCRETION AND RISK, AND THAT TIGRIS DATA IS NOT RESPONSIBLE FOR ANY DAMAGE TO USER’S (OR ANY END USER’S) PROPERTY (INCLUDING YOUR COMPUTER SYSTEM OR MOBILE DEVICE USED IN CONNECTION WITH THE TIGRIS OBJECT STORAGE SERVICE) OR ANY LOSS OF DATA, MATERIALS OR INFORMATION, INCLUDING CUSTOMER CONTENT.

    18.3 THE LIMITATIONS, EXCLUSIONS AND DISCLAIMERS IN THIS SECTION 18 APPLY TO THE FULLEST EXTENT PERMITTED BY LAW. Tigris Data does not disclaim any warranty or other right that Tigris Data is prohibited from disclaiming under Law.
  19. Limitation of Liability

    19.1 TO THE FULLEST EXTENT PERMITTED BY LAW, IN NO EVENT WILL THE TIGRIS DATA ENTITIES BE LIABLE TO USER FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL OR PUNITIVE DAMAGES (INCLUDING DAMAGES FOR LOSS OF PROFITS, GOODWILL, OR ANY OTHER INTANGIBLE LOSS), OR FOR THE VALUE OF ANY CUSTOMER CONTENT, ARISING OUT OF OR RELATING TO USER’S (OR ANY END USER’S) ACCESS TO OR USE OF, OR USER’S (OR ANY END USER’S) INABILITY TO ACCESS OR USE, THE TIGRIS OBJECT STORAGE SERVICE OR ANY MATERIALS OR CONTENT (INCLUDING CUSTOMER CONTENT) ON THE TIGRIS OBJECT STORAGE SERVICE, WHETHER BASED ON WARRANTY, CONTRACT, TORT (INCLUDING NEGLIGENCE), STATUTE, OR ANY OTHER LEGAL THEORY, AND WHETHER OR NOT ANY TIGRIS DATA ENTITY HAS BEEN INFORMED OF THE POSSIBILITY OF DAMAGE.

    19.2 EXCEPT FOR TIGRIS DATA’S OBLIGATIONS UNDER SECTION 17.2 AND AS PROVIDED IN SECTIONS 20.5 AND 20.6, TO THE FULLEST EXTENT PERMITTED BY LAW THE AGGREGATE LIABILITY OF THE TIGRIS DATA ENTITIES FOR ALL CLAIMS ARISING OUT OF OR RELATING TO THE USE OF OR ANY INABILITY TO USE ANY PORTION OF THE TIGRIS OBJECT STORAGE SERVICE OR OTHERWISE UNDER THIS AGREEMENT, WHETHER IN CONTRACT, TORT, OR OTHERWISE, IS LIMITED TO THE GREATER OF: (a) THE AMOUNT USER HAS PAID TO TIGRIS DATA FOR ACCESS TO AND USE OF THE TIGRIS OBJECT STORAGE SERVICE IN THE 12 MONTHS PRIOR TO THE EVENT OR CIRCUMSTANCE GIVING RISE TO THE CLAIM AND (b) US$100.

    19.3 EACH PROVISION OF THIS AGREEMENT THAT PROVIDES FOR A LIMITATION OF LIABILITY, DISCLAIMER OF WARRANTIES, OR EXCLUSION OF DAMAGES IS INTENDED TO AND DOES ALLOCATE THE RISKS BETWEEN THE PARTIES UNDER THIS AGREEMENT. THIS ALLOCATION IS AN ESSENTIAL ELEMENT OF THE BASIS OF THE BARGAIN BETWEEN THE PARTIES. EACH OF THESE PROVISIONS IS SEVERABLE AND INDEPENDENT OF ALL OTHER PROVISIONS OF THIS AGREEMENT. THE LIMITATIONS IN THIS SECTION 19 WILL APPLY EVEN IF ANY LIMITED REMEDY FAILS OF ITS ESSENTIAL PURPOSE.
  20. Dispute Resolution and Arbitration

    20.1 Generally. Except as described in Section 20.2 and 20.3, User and Tigris Data agree that every dispute arising in connection with this Agreement, the Tigris Object Storage Service, or communications from us will be resolved through binding arbitration. Arbitration uses a neutral arbitrator instead of a judge or jury, is less formal than a court proceeding, may allow for more limited discovery than in court, and is subject to very limited review by courts. This agreement to arbitrate disputes includes all claims whether based in contract, tort, statute, fraud, misrepresentation, or any other legal theory, and regardless of whether a claim arises during or after the termination of this Agreement. Any dispute relating to the interpretation, applicability, or enforceability of this binding arbitration agreement will be resolved by the arbitrator.

    YOU UNDERSTAND AND AGREE THAT, BY ENTERING INTO THIS AGREEMENT, YOU AND TIGRIS DATA ARE EACH WAIVING THE RIGHT TO A TRIAL BY JURY OR TO PARTICIPATE IN A CLASS ACTION.

    20.2 Exceptions. Although we are agreeing to arbitrate most disputes between us, nothing in this Agreement will be deemed to waive, preclude, or otherwise limit the right of either party to: (a) bring an individual action in small claims court; (b) pursue an enforcement action through the applicable federal, state, or local agency if that action is available; (c) seek injunctive relief in a court of law in aid of arbitration; or (d) to file suit in a court of law to address an intellectual property infringement claim.

    20.3 Opt-Out. If you do not wish to resolve disputes by binding arbitration, you may opt out of the provisions of this Section 20 within 30 days after the date that you agree to this Agreement by sending a letter to Tigris Data Inc., Attention: Legal Department – Arbitration Opt-Out, 1250 Borregas Ave, #87, Sunnyvale, CA 94089 that specifies: your full legal name, the email address associated with your account on the Tigris Object Storage Service, and a statement that you wish to opt out of arbitration (“Opt-Out Notice”). Once Tigris Data receives your Opt-Out Notice, this Section 20 will be void and any action arising out of this Agreement will be resolved as set forth in Section 22.2. The remaining provisions of this Agreement will not be affected by your Opt-Out Notice.

    20.4 Arbitrator. This arbitration agreement, and any arbitration between us, is subject the Federal Arbitration Act and will be administered by the JAMS under the rules applicable to consumer disputes (collectively, “JAMS Rules”) as modified by this Agreement. The JAMS Rules and filing forms are available online at www.jamsadr.org, by calling the JAMS at +1-800-352-5267 or by contacting Tigris Data. 

    20.5 Commencing Arbitration. Before initiating arbitration, a party must first send a written notice of the dispute to the other party by certified U.S. Mail or by Federal Express (signature required) or, only if that other party has not provided a current physical address, then by electronic mail (“Notice of Arbitration”). Tigris Data’s address for Notice is: Tigris Data Inc., 1250 Borregas Ave, #87, Sunnyvale, CA 94089. The Notice of Arbitration must: (a) identify the name or account number of the party making the claim; (b) describe the nature and basis of the claim or dispute; and (c) set forth the specific relief sought (“Demand”). The parties will make good faith efforts to resolve the claim directly, but if the parties do not reach an agreement to do so within 30 days after the Notice of Arbitration is received, you or Tigris Data may commence an arbitration proceeding. If you commence arbitration in accordance with this Agreement, Tigris Data will reimburse you for your payment of the filing fee, unless your claim is for more than US$10,000 or if Tigris Data has received 25 or more similar demands for arbitration, in which case the payment of any fees will be decided by the JAMS Rules. If the arbitrator finds that either the substance of the claim or the relief sought in the Demand is frivolous or brought for an improper purpose (as measured by the standards set forth in Federal Rule of Civil Procedure 11(b)), then the payment of all fees will be governed by the JAMS Rules and the other party may seek reimbursement for any fees paid to JAMS.

    20.6 Arbitration Proceedings. Any arbitration hearing will take place in the county and state of your billing address unless we agree otherwise or, if the claim is for US$10,000 or less (and does not seek injunctive relief), you may choose whether the arbitration will be conducted: (a) solely on the basis of documents submitted to the arbitrator; (b) through a telephonic or video hearing; or (c) by an in-person hearing as established by the JAMS Rules in the county (or parish) of your billing address. During the arbitration, the amount of any settlement offer made by you or Tigris Data must not be disclosed to the arbitrator until after the arbitrator makes a final decision and award, if any. Regardless of the manner in which the arbitration is conducted, the arbitrator must issue a reasoned written decision sufficient to explain the essential findings and conclusions on which the decision and award, if any, are based. 

    20.7 Arbitration Relief. Except as provided in Section 20.8, the arbitrator can award any relief that would be available if the claims had been brough in a court of competent jurisdiction. If the arbitrator awards you an amount higher than the last written settlement amount offered by Tigris Data before an arbitrator was selected, Tigris Data will pay to you the higher of: (a) the amount awarded by the arbitrator and (b) US$10,000. The arbitrator’s award shall be final and binding on all parties, except (1) for judicial review expressly permitted by law or (2) if the arbitrator’s award includes an award of injunctive relief against a party, in which case that party shall have the right to seek judicial review of the injunctive relief in a court of competent jurisdiction that shall not be bound by the arbitrator’s application or conclusions of law. Judgment on the award may be entered in any court having jurisdiction.

    20.8 No Class Actions. YOU AND TIGRIS DATA AGREE THAT EACH MAY BRING CLAIMS AGAINST THE OTHER ONLY IN YOUR OR ITS INDIVIDUAL CAPACITY AND NOT AS A PLAINTIFF OR CLASS MEMBER IN ANY PURPORTED CLASS OR REPRESENTATIVE PROCEEDING. Further, unless both you and Tigris Data agree otherwise, the arbitrator may not consolidate more than one person’s claims, and may not otherwise preside over any form of a representative or class proceeding.  

    20.9 Modifications to this Arbitration Provision. If Tigris Data makes any substantive change to this arbitration provision, you may reject the change by sending us written notice within 30 days of the change to Tigris Data’s address for Notice of Arbitration, in which case your account with Tigris Data will be immediately terminated and this arbitration provision, as in effect immediately prior to the changes you rejected will survive.

    20.10 Enforceability. If Section 20.8 or the entirety of this Section 20 is found to be unenforceable, or if Tigris Data receives an Opt-Out Notice from you, then the entirety of this Section 20 will be null and void and, in that case, the exclusive jurisdiction and venue described in Section 22.2 will govern any action arising out of or related to this Agreement.
  21. Modifications to the Agreement. We may, from time to time, change the terms of this Agreement. Please check this Agreement periodically for changes. Revisions will be effective immediately except that, for existing users, material revisions will be effective 30 days after posting or notice to User of the revisions unless otherwise stated. We may require that User accepts the modified Agreement in order to continue to use the Tigris Object Storage Service. If User does not agree to the modified Agreement, then User should remove all Customer Content and discontinue use of the Tigris Object Storage Service. Except as expressly permitted in this Section 21, this Agreement may be amended only by a written agreement signed by authorized representatives of the parties to this Agreement.
  22. Miscellaneous

    22.1 General Terms. This Agreement, including the Privacy Policy and any other agreements expressly incorporated by reference into this Agreement, are the entire and exclusive understanding and agreement between you and Tigris Data regarding your use of the Tigris Object Storage Service. You may not assign or transfer this Agreement or your rights under this Agreement, in whole or in part, by operation of law or otherwise, without our prior written consent. We may assign this Agreement and all rights granted under this Agreement, including with respect to Customer Content and your User Data, at any time without notice or consent. The failure to require performance of any provision will not affect our right to require performance at any other time after that, nor will a waiver by us of any breach or default of this Agreement, or any provision of this Agreement, be a waiver of any subsequent breach or default or a waiver of the provision itself. The parties are independent contractors, not agents, partners, or joint venturers. Use of Section headers in this Agreement is for convenience only and will not have any impact on the interpretation of any provision. Throughout this Agreement the use of the word “including” means “including but not limited to.” If any part of this Agreement is held to be invalid or unenforceable, then the unenforceable part will be given effect to the greatest extent possible, and the remaining parts will remain in full force and effect. Except as set forth in Section 17.1, this Agreement does not create any third-party beneficiary rights in any individual or entity that is not a party to this Agreement.

    22.2 Governing Law. This Agreement is governed by the laws of the State of California without regard to conflict of law principles. You and Tigris Data submit to the personal and exclusive jurisdiction of the state courts and federal courts located within Santa Clara County, California for resolution of any lawsuit or court proceeding permitted under this Agreement.

    22.3 Data Processing Addendum. To the extent Tigris Data will Process Customer Content, User Data, or personal information to provide Tigris Object Storage Services to Customer, each Party will comply with its obligations in the Data Processing Addendum set forth in Schedule 1 hereto, which is incorporated into this Agreement.

    22.4 Force Majeure. Except for payment obligations, neither party is liable for any delay or failure to perform any obligation under this Agreement due to events beyond its reasonable control, such as a strike, blockade, war, pandemic, act of terrorism, riot, Internet or utility failures, refusal of government license, or natural disaster.

    22.5 Confidentiality and Publicity. User may use Tigris Confidential Information only in connection with User’s use of the Tigris Object Storage Service as permitted under this Agreement. User will not disclose Tigris Confidential Information during the Term or at any time during the 5-year period following the end of the Term. User will take all reasonable measures to avoid disclosure, dissemination or unauthorized use of Tigris Confidential Information, including, at a minimum, those measures you take to protect your own confidential information of a similar nature. User will not issue any press release or make any other public communication with respect to this Agreement or your use of the Tigris Object Storage Service without Tigris Data’s prior written consent, in each instance.

    22.6 Privacy Policy. Please read the Tigris Data Privacy Policy (the “Privacy Policy”) carefully for information relating to our collection, use, storage, and disclosure of your personal information. The Tigris Data Privacy Policy is incorporated by this reference into, and made a part of, this Agreement.

    22.7 Additional Terms. Your use of the Tigris Object Storage Service is subject to all additional terms, policies, rules, or guidelines applicable to the Tigris Object Storage Service or certain features of the Tigris Object Storage Service that we may post on or link to from the Tigris Object Storage Service (the “Additional Terms”). All Additional Terms are incorporated by this reference into, and made a part of, this Agreement.

    22.8 Notices.

    a. To User. We may provide any notice to you under this Agreement by posting a notice on the Tigris Object Storage Service, or sending a message to the email address then associated with your account. Notices we provide by posting on the Tigris Object Storage Service will be effective upon posting and notices we provide by email will be effective when we send the email. It is your responsibility to keep your email address current. You will be deemed to have received any email sent to the email address then associated with your account when we send the email, whether or not you actually receive the email.

    b. To Tigris Data. To give us notice under this Agreement, you must contact Tigris Data by email transmission or personal delivery, overnight courier or registered or certified mail to the email address or mailing address, as applicable, listed in Section 22.10. We may update the email address or address for notices to us by posting a notice on the Tigris Object Storage Service. Notices provided by personal delivery will be effective immediately. Notices provided by email transmission or overnight courier will be effective one business day after they are sent. Notices provided registered or certified mail will be effective three business days after they are sent.

    22.9 Consent to Electronic Communications. By using the Tigris Object Storage Service, you consent to receiving certain electronic communications from us as further described in our Privacy Policy. Please read our Privacy Policy to learn more about our electronic communications practices. You agree that any notices, agreements, disclosures, or other communications that we send to you electronically will satisfy any legal communication requirements, including that those communications be in writing.

    22.10 Contact Information. The Tigris Object Storage Service is offered by Tigris Data Inc., located at 1250 Borregas Ave, #87, Sunnyvale, CA 94089. You may contact us by sending correspondence to that address or by emailing us at support@tigrisdata.com.

    22.11 Notice to California Residents. If you are a California resident, then under California Civil Code Section 1789.3, you may contact the Complaint Assistance Unit of the Division of Consumer Services of the California Department of Consumer Affairs in writing at 1625 N. Market Blvd., Suite S-202, Sacramento, California 95834, or by telephone at +1-800-952-5210 in order to resolve a complaint regarding the Tigris Object Storage Service or to receive further information regarding use of the Tigris Object Storage Service.

    22.12 Export. User will comply with all relevant U.S. and foreign export and import Laws in using the Tigris Object Storage Service. User: (a) represents and warrants that it is not listed on any U.S. government list of prohibited or restricted parties or located in (or a national of) a country that is subject to a U.S. government embargo or that has been designated by the U.S. government as a “terrorist supporting” country; (b) agrees not to access or use the Tigris Object Storage Service in violation of any U.S. export embargo, prohibition, or restriction; and (c) will not submit to the Tigris Object Storage Service any information controlled under the U.S. International Traffic in Arms Regulations.

    22.13 Government Users. Elements of the Tigris Object Storage Service are commercial computer software. If the user or licensee of the Tigris Object Storage Service is an agency, department, or other entity of the United States Government, the use, duplication, reproduction, release, modification, disclosure, or transfer of the Tigris Object Storage Service or any related documentation of any kind, including technical data and manuals, is restricted by the terms of this Agreement in accordance with Federal Acquisition Regulation 12.212 for civilian purposes and Defense Federal Acquisition Regulation Supplement 227.7202 for military purposes. The Tigris Object Storage Service were developed fully at private expense. All other use is prohibited.
  23. Definitions

    Aggregated Data” means User Data that has been deidentified or aggregated with other data such that the resulting data no longer reasonably identifies User or a specific individual.

    Customer Content” means any software, data, text, audio, video, images or other information User (or an End User) Transmits to Tigris Data through the API for storage on the Tigris Object Storage Service.

    High Risk Activities” means any activities where use or failure of the Tigris Object Storage Service could lead to death, personal injury, or environmental damage, including life support systems, emergency services, nuclear facilities, autonomous vehicles, or air traffic control.

    Laws” means all applicable relevant local, state, federal and international laws, regulations and conventions.

    Prohibited Content” means any software (whether in object or source code form), data, text, audio, video, images or other information that: (a) is unlawful and/or promotes unlawful activities; (b) defames, harasses, abuses, threatens or incites violence towards any individual or group or could be deemed to do the foregoing by Tigris Data; (c) is pornographic, discriminatory and/or otherwise victimizes and/or intimidates an individual and/or group on the basis of religion, gender, sexual orientation, race, ethnicity, age and/or disability; (d) is spam, is machine- or randomly-generated, constitutes unauthorized or unsolicited advertising, chain letters, any other form of unauthorized solicitation and/or any form of lottery and/or gambling; (e) contains any Restricted Data; (f) contains and/or installs or transmits in any manner any viruses, worms, malware, Trojan horses and/or other content that is designed or intended to disrupt, damage and/or limit the functioning of any software, hardware, and/or telecommunications equipment and/or to damage and/or obtain unauthorized access to any data and/or other information of any third party; (g) infringes upon any intellectual rights of any party; (h) impersonates any person or entity, including any of our employees, personnel or representatives; and/or (i) violates the privacy of any third party.

    Process” means to collect, access, use, disclose, transfer, transmit, store, host, or otherwise process. 

    Restricted Data” means any: (a) special categories of data enumerated in European Union Regulation 2016/679, Article 9(1) or any successor legislation; (b) patient, medical, or other protected health information regulated by the Health Insurance Portability and Accountability Act (as amended and supplemented) (“HIPAA”); (c) credit, debit, or other payment card data subject to the Payment Card Industry Data Security Standards; (d) other information subject to regulation or protection under specific Laws such as the Children’s Online Privacy Protection Act or Gramm-Leach-Bliley Act (or related rules or regulations); (e) social security numbers, driver’s license numbers, or other government ID numbers; or (f) any data that could otherwise be considered sensitive personal information pursuant to relevant and applicable Privacy Laws as defined in the Data Protection Addendum.

    Tigris Confidential Information” means all nonpublic information disclosed by us, our affiliates, business partners, or our or their respective employees, contractors or agents that is designated as confidential or that, given the nature of the information or circumstances surrounding its disclosure, reasonably should be understood to be confidential. Tigris Confidential Information includes: (a) nonpublic information relating to our or our affiliates or business partners’ technology, customers, business plans, promotional and marketing activities, finances and other business affairs; (b) third-party information that we are obligated to keep confidential; and (c) the nature, content and existence of any discussions or negotiations between you and us or our affiliates. Tigris Confidential Information does not include any information that: (i) is or becomes publicly available without breach of this Agreement; (ii) can be shown by documentation to have been known to you at the time of your receipt from us; (iii) is received from a third party who did not acquire or disclose the same by a wrongful or tortious act; or (iv) can be shown by documentation to have been independently developed by you without reference to the Tigris Confidential Information.

    Tigris Data Entities” means, collectively, Tigris Data, its affiliates and their respective shareholders, directors, managers, members, officers, employees, consultants, and agents. 

    Transmit” means to submit, upload, transfer or otherwise transmit.

    Usage Data” means information generated from use of the Tigris Object Storage Service, which data does not identify users, any other natural human persons, or you, such as technical logs, data, and learnings about User’s use of the Tigris Object Storage Service, but excluding any identifiable User Data.

    User Data” means any data or information (other than Customer Content) that: (i) User submit to the Tigris Object Storage Service, including from any third-party platform, add-on, service, or product not provided by Tigris Data that User elects to integrate or enable for use with the Tigris Object Storage Service; and (b) is collected, accessed, used, stored, hosted, or otherwise processed by Tigris Data to provide the Tigris Object Storage Service to User.

Schedule 1 - Data Processing Addendum

Pursuant to the Tigris Subscription Agreement (“the Agreement”), Customer, on behalf of itself and its affiliates, and Tigris Data Inc. (referred in herein as “Vendor”) (each a “Party”; collectively the “Parties”), the Parties hereby adopt this Data Processing Addendum (“DPA”) for so long as Vendor processes Personal Data on behalf of Customer. This DPA prevails over any conflicting terms of the Agreement.

  1. Definitions. For the purposes of this DPA

    1.1 Privacy Laws” means, collectively, all applicable European, U.S. federal and state privacy laws and their implementing regulations, as amended or superseded from time to time, that apply generally to the processing of individuals' Personal Data and that do not apply solely to specific industry sectors (e.g., financial institutions), specific demographics (e.g., children), or specific classes of information (e.g., health or biometric information). Privacy Laws include, but are not limited to, the following:

    1.1.1 The General Data Protection Regulation (EU) 2016/679 (the "GDPR") and its national implementations in the European Economic Area;
    1.1.2 The e-Privacy Directive 2002/58/EC (as amended by Directive 2009/136/EC) and its national implementations in the European Economic Area;
    1.1.3 The UK General Data Protection Regulation, the UK Data Protection Act 2018 and the Privacy and Electronic Communications Regulations;
    1.1.4 California Consumer Privacy Act of 2018 as amended by the California Privacy Rights Act of 2020 (“CCPA”);
    1.1.5 Colorado Privacy Act;
    1.1.6 Connecticut Personal Data Privacy and Online Monitoring Act;
    1.1.7 Delaware Personal Data Privacy Act;
    1.1.8 Indiana Consumer Data Protection Act;
    1.1.9 Iowa Consumer Data Protection Act;
    1.1.10 Montana Consumer Data Privacy Act;
    1.1.11 Oregon Consumer Privacy Act;
    1.1.12 Tennessee Information Privacy Act;
    1.1.13 Texas Data Privacy and Security Act;
    1.1.14 Utah Consumer Privacy Act; and
    1.1.15 Virginia Consumer Data Protection Act.

    1.2 Personal Data” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with an identified or identifiable natural person. Where applicable, Personal Data shall be interpreted consistent with the same or similar term under Privacy Laws.

    1.3 Share,” “Shared,” and “Sharing” have the meaning defined in the CCPA.

    1.4 Sale” and “Selling” have the meaning defined in the Privacy Laws.

    1.5 Controller” means a person or entity that collects individuals’ Personal Data and alone, or jointly with others, determines the purposes and means of the Processing of such Personal Data. Where applicable, Controller shall be interpreted consistent with the same or similar term under the Privacy Laws.

    1.6 Processor” means “Processor,” “Service Provider,” or “Contractor” as those terms are defined in the Privacy Laws.

    1.7 Consumer” means a natural person. Where applicable, Consumer shall be interpreted consistent with the same or similar term under the Privacy Laws.

    1.8 Processing,” “Process,” and “Processed” means any operation or set of operations that are performed on Personal Data or on sets of Personal Data, whether or not by automated means. Where applicable, Processing, Process, and Processed shall be interpreted consistent with the same or similar term under the Privacy Laws.

    1.9 SCCs” means the clauses annexed to the EU Commission Implementing Decision 2021/914 of June 4, 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council , as amended or replaced from time to time.

    1.10 UK Addendum” means the addendum to the SCCs issued by the UK Information Commissioner under Section 119A(1) of the UK Data Protection Act 2018 (version B1.0, in force March 21, 2022).

    1.11 Customer Personal Data” means Personal Data provided by Customer to, or which is collected on behalf of Customer by, Vendor to provide services to Customer pursuant to the Agreement.

    1.12 In the event of a conflict in the meanings of defined terms in the Privacy Laws, the meaning from the law applicable to the state of residence of the relevant Consumer applies.
  2. Scope, Roles, and Termination.

    2.1 Applicability - This DPA applies only to Vendor’s Processing of Customer Personal Data for the nature, purposes, and duration set forth in Appendix A.  

    2.2 Roles of the Parties - For the purposes of the Agreement and this DPA, Customer is the Party responsible for determining the purposes and means of Processing Customer Personal Data as the Controller and appoints Vendor as a Processor to Process Customer Personal Data on behalf of Customer for the limited and specific purposes set forth in Appendix A.

    2.3 Obligations at Termination - Upon termination of the Agreement, except as set forth therein or herein, Vendor will discontinue Processing and destroy Customer Personal Data in its or its subcontractors’ and sub-processors’ possession without undue delay. Vendor may retain Customer Personal Data to the extent required by law but only to the extent and for such period as required by such law and always provided that Vendor shall ensure the confidentiality of all such Customer Personal Data. Vendor may anonymize the Customer Personal Data to satisfy its obligations under this clause.
  3. Compliance.

    3.1 Compliance with Obligations - In addition to the representations and warranties set forth in the Agreement, Vendor, its employees, agents, subcontractors, and sub-processors (a) shall comply with the obligations of the Privacy Laws, (b) shall provide the level of privacy protection required by the Privacy Laws, (c) shall provide Customer with all reasonably-requested assistance to enable Customer to fulfill its own obligations under the Privacy Laws, and (d) understand and shall comply with this DPA. Upon the reasonable request of Customer, Vendor shall make available to Customer all information in Vendor’s possession necessary to demonstrate Vendor’s compliance with this subsection. 

    3.2 Compliance Assurance - Customer has the right to take reasonable and appropriate steps to ensure that Vendor uses Customer Personal Data consistent with Customer’s obligations under applicable Privacy Laws. 

    3.3 Compliance Monitoring - Customer has the right to monitor Vendor’s compliance with this. DPA through measures, including, but not limited to, ongoing manual reviews, automated scans, regular assessments, audits, or other annual technical and operational testing not more than once every 12 months. Vendor shall cooperate fully with any audit initiated by Customer, provided that such audit will not unreasonably interfere with the normal conduct of Vendor’s business. Unless the audit reveals a breach by Vendor of this DPA or applicable Privacy Laws, Customer shall bear the costs of the audit.

    3.4 Compliance Remediation – Vendor shall promptly notify Customer if it determines that it can no longer meet its obligations under applicable Privacy Laws. Upon receiving notice from Vendor in accordance with this subsection, Customer may direct Vendor to take reasonable and appropriate steps to stop and remediate unauthorized use of Customer Personal Data.

    3.5 Security
    - The Parties shall implement and maintain no less than commercially reasonable security procedures and practices, appropriate to the nature of the information, to protect Customer Personal Data from unauthorized access, destruction, use, modification, or disclosure. Without limiting the forgoing, the Parties shall comply with the Security Measures set forth at Appendix B when Processing Customer Personal Data.
  4. Restrictions on Processing.

    4.1 Limitations on Processing - Vendor will Process Customer Personal Data solely as instructed in the Agreement and this DPA. Except as expressly permitted by the Privacy Laws, Vendor is prohibited from (i) Selling or Sharing Customer Personal Data, (ii) retaining, using, or disclosing Customer Personal Data for any purpose other than for the specific purpose of performing the services specified in Appendix A, (iii) retaining, using, or disclosing Customer Personal Data outside of the direct business relationship between the Parties, and (iv) combining Customer Personal Data with Personal Data obtained from, or on behalf of, sources other than Customer, except as expressly permitted under applicable Privacy Laws. 

    4.2 Confidentiality - Vendor shall ensure that its employees, agents, subcontractors, and sub-processors are subject to a duty of confidentiality with respect to Customer Personal Data.

    4.3 Subcontractors; Sub-processorsCustomer hereby authorizes Vendor to engage sub-processors. Vendor’s current subcontractors and sub-processors are set forth in Appendix C. Vendor shall notify Customer of any intended changes concerning the addition or replacement of subcontractors or sub-processors. Further, Vendor shall ensure that Vendor’s subcontractors or sub-processors who Process Customer Personal Data on Vendor’s behalf agree in writing to the same or equivalent restrictions and requirements that apply to Vendor in this DPA and the Agreement with respect to Customer Personal Data, as well as to comply with the applicable Privacy Laws. 

    4.4 Right to Object
    Customer may object in writing to Vendor’s appointment of a new subcontractor or sub-processor on reasonable grounds relating to a potential or actual violation of Privacy Laws by notifying Vendor in writing within 30 calendar days of receipt of notice in accordance with Section 4.3. In the event Customer objects, the Parties shall discuss Customer’s concerns in good faith with a view to achieving a commercially reasonable resolution.
  5. Consumer Rights.

    5.1 Vendor shall provide commercially reasonable assistance to Customer for the fulfillment of Customer’s obligations to respond to Privacy Law-related Consumer rights requests regarding Customer Personal Data. 

    5.2 Where applicable, Vendor shall enable Customer to comply with any Consumer request made pursuant to the Privacy Laws / Customer shall inform Vendor of any Consumer request made pursuant to the Privacy Laws that they must comply with. Customer shall provide Vendor with the information necessary for Vendor to comply with the request.

    5.3 Vendor shall not be required to delete any Customer Personal Data to comply with a Consumer’s request directed by Customer if retaining such information is specifically permitted by applicable Privacy Laws; provided, however, that in such case, Vendor will promptly inform Customer of the exceptions relied upon under applicable Privacy Laws and Vendor shall not use Customer Personal Data retained for any purpose other than provided for by that exception.

    5.4 Taking into account the nature of the Processing, and the information available to Vendor, Vendor shall assist Customer, including, as appropriate, by implementing technical and organizational measures, with the fulfilment of Customer’s own obligations under Privacy Laws to: comply with requests to exercise data subject rights; conduct data protection impact assessments; and prior consultations with supervisory authorities.
  6. International Data Transfers

    6.1 Customer hereby authorizes Vendor to perform international data transfers to any country deemed adequate by the European Commission or the competent authorities, as appropriate; on the basis of adequate safeguards in accordance with Privacy Laws; or pursuant to the SCCs referred to in Sections 6.2 and 6.3.

    6.2 By signing this DPA, Vendor and Customer conclude Module 2 (controller-to-processor) of the SCCs and, to the extent Customer is a Processor on behalf of a third-party Controller, Module 3 (Processor-to-Subprocessor) of the SCCs, which are hereby incorporated and completed as follows: the “data exporter” is Customer; the “data importer” is Vendor; the optional docking clause in Clause 7 is implemented; Option 2 of Clause 9(a) is implemented and the time period therein is 30 calendar days; the optional redress clause in Clause 11(a) is struck; Option 1 in Clause 17 is implemented and the governing law is the law of Ireland; the courts in Clause 18(b) are the Courts of Dublin, Ireland; Annex I, II and III to module 2 of the EEA SCCs are Appendix A, B and C to this DPA respectively. 

    6.3 By signing this DPA, Vendor and Customer conclude the UK Addendum, which is hereby incorporated and applies to international data transfers outside the UK. Part 1 of the UK Addendum is completed as follows: (i) in Table 1, the “Exporter” is Customer and the “Importer” is Vendor, their details are set forth in this DPA, and the Agreement; (ii) in Table 2, the first option is selected and the “Approved EU SCCs” are the SCCs referred to in Section 6.2 of this DPA; (iii) in Table 3, Annexes 1 (A and B) to the “Approved EU SCCs” are  Appendix A, B, C to this DPA respectively; and (iv) in Table 4, both the “Importer” and the “Exporter” can terminate the UK Addendum.

    6.4 If Vendor’s compliance with Privacy Laws applicable to international data transfers is affected by circumstances outside of Vendor’s control, including if a legal instrument for international data transfers is invalidated, amended, or replaced, then Customer and Vendor will work together in good faith to reasonably resolve such non-compliance. In the event that additional, replacement or alternative standard contractual clauses or UK standard contractual clauses are approved by supervisory authorities, Vendor reserves the right to amend the Agreement and this DPA by adding to or replacing, the standard contractual clauses or UK standard contractual clauses that form part of it at the date of signature in order to ensure continued compliance with Privacy Laws.
  7. Deletion of Customer Personal Data

    7.1 Upon direction by Customer, and in any event no later than 180 days after receipt of a request from Customer, Vendor shall promptly delete or anonymize Customer Personal Data, unless Vendor is required by law to retain such data, in which case Vendor shall, on ongoing basis, isolate and protect the security and confidentiality of such Personal Data and prevent any further processing except to the extent required by such law and shall destroy or return to Customer all other Personal Data not required to be retained by Vendor by law.
  8. Security

    8.1 Vendor and Customer shall implement and maintain no less than commercially reasonable security procedures and practices, appropriate to the nature of the information, to protect Customer Personal Data from unauthorized access, destruction, use, modification, or disclosure.

    8.2 Upon becoming aware of an actual unauthorized access, destruction, use, modification, or disclosure of Customer Personal Data (“Security Incident”), the Party experiencing the Security Incident shall notify other Party without undue delay and shall provide timely updates and information relating to the Security Incident as it becomes known or as is reasonably requested by Customer. 

    8.3 Vendor and Customer shall comply with the Data Security Addendum attached at Appendix B.
  9. Exemptions.

    9.1 Notwithstanding any provision to the contrary in the Agreement or this DPA, the terms of this DPA shall not apply to Vendor’s Processing of Customer Personal Data that is exempt from applicable Privacy Laws.
  10. Sale of Data

    10.1 The Parties acknowledge and agree that the exchange of Personal Data between the Parties does not form part of any monetary or other valuable consideration exchanged between the Parties with respect to the Agreement or this DPA.
  11. Changes to Applicable Privacy Laws.

    11.1 The Parties agree to cooperate in good faith to enter into additional terms to address any modifications, amendments, or updates to applicable statutes, regulations or other laws pertaining to privacy and information security, including, where applicable, the Privacy Laws.

Appendix A - Description of the Transfer and Processing Details

LIST OF PARTIES

  1. Data exporter
  • Name: Customer (as defined above).
  • Address: The address for Customer as set forth in the Agreement.
  • Contact person’s name, position and contact details: The contact details for Customer as set forth in the Agreement.
  • Activities relevant to the data transferred under these Clauses: Customer receives Vendor’s services as described in the Agreement and Vendor Processes Personal Data on behalf of Customer in that context.
  • Signature and date: Customer’s signature and date on the Agreement.
  • Role (controller/processor): Controller, or Processor on behalf of Third-Party Controller.
  1. Data importer
  • Name: Tigris Data.
  • Address: The address for Tigris Data as set forth in the Agreement.
  • Contact person’s name, position and contact details: The contact details for Tigris Data as set forth in the Agreement.
  • Activities relevant to the data transferred under these Clauses: Vendor provides its services to Customer as described in the Agreement and Processes Personal Data on behalf of Customer in that context.
  • Signature and date: Tigris Data signature and date on the Agreement.
  • Role (controller/processor): Processor on behalf of Vendor, or Subprocessor on behalf of Third-Party Controller.

DESCRIPTION OF THE TRANSFER

  1. Categories of data subjects whose personal data is transferred.

    Customer may submit Customer Personal Data to the Services (as determined and controlled by the Customer in its sole discretion subject to any constraints set forth in the Agreement), which may relate to the following categories of Data Subjects:
  • Employees, agents, advisors, and contractors of Customer (in each case, who are natural persons).
  • Users of Customer’s systems or users of systems over which the Customer has oversight which are the subject of the Services.
  • Users authorized by Customer to access and use the Services.
  • Any other category of Data Subjects whose Personal Data is contained or embedded within the data, information, and materials Customer submits to the Services or has Tigris Data (or another third party) submit into the Services on its behalf.
  1. Categories of personal data transferred.

    Customer may submit Customer Personal Data to the Services (as determined and controlled by the Customer in its sole discretion subject to any constraints set forth in the Agreement), which may relate to the following categories of Personal Data:
  • First and last name, title, position, employment-related and professional information.
  • Contact information (company, email, phone, physical address).
  • Any other category of Personal Data contained within the data, information, and materials Customer submits to the Services or has Tigris Data(or another third party) submit into the Services on its behalf.
  1. Tigris Object Storage Service is not intended to meet any legal obligations for any Sensitive data.

COMPETENT SUPERVISORY AUTHORITY

  • The competent authority for the Processing of Personal Data relating to data subjects located in the EEA is the supervisory authority of Ireland.
  • The competent authority for the Processing of Personal Data relating to data subjects located in the UK is the UK Information Commissioner.

Appendix B – Security Measures

The Parties will apply at least the following types of security measures to Customer Personal Data:

  1. Physical access control

    Tigris Data shall take reasonable measures to prevent physical access, such as secured buildings, to prevent unauthorized persons from gaining access to personal data.
  2. System access control

    Tigris Data shall take reasonable measures to prevent personal data from being used without authorization. These controls shall vary based on the nature of the processing undertaken and may include, among other controls, authentication via passwords and/or two-factor authentication, and/or logging of access.
  3. Data access control

    Tigris Data shall take reasonable measures to provide that personal data is accessible and manageable only by properly authorized staff, and application access rights are established and enforced to ensure that persons entitled to use a data processing system only have access to the personal data to which they have privilege of access; and, that personal data cannot be read, copied, modified or removed without authorization in the course of processing. Tigris Data shall take reasonable measures to implement an access policy under which access to its system environment, to personal data and other data by authorized personnel only.
  4. Transmission control

    Tigris Data shall take reasonable measures to ensure that it is possible to check and establish to which entities the transfer of personal data by means of data transmission facilities is envisaged so personal data cannot be read, copied, modified or removed without authorization during electronic transmission or transport.
  5. Input control

    Tigris Data shall take reasonable measures to ensure that (i) the personal data source is under the control of data exporter; and (ii) personal data integrated into Tigris Data’s systems are managed by secured file transfer from Tigris Data and data subject.

Appendix C – Sub-Processors

To support delivery of Vendor’s services, Vendor may engage and use third parties as sub-processors to Process certain Customer Personal Data. This Appendix C provides information about the identity, location, and role of each sub-processor.

  • Not Applicable

Ready to embark on your journey with Tigris?

Get started