1. SERVICES AND SUPPORT

1.1 Subject to the terms and conditions of this Agreement, HeatMap will provide Customer with access to the Services through the internet. The Services are subject to modification from time to time at HeatMap’s sole discretion, for any purpose deemed appropriate by HeatMap. HeatMap will use reasonable efforts to give Customer prior written notice of any such modification. HeatMap reserves the right to monitor Customer’s Services usage to ensure that Customers do not exceed the service capacity indicated in the applicable Order Form.
1.2 HeatMap will undertake commercially reasonable efforts to provide the Services. Notwithstanding the foregoing, HeatMap reserves the right to suspend Customer’s access to the Services: (i) for scheduled or emergency maintenance, or (ii) in the event Customer is in breach of this Agreement, including failure to pay any amounts due to HeatMap.
1.3 HeatMap will use reasonable efforts to provide Customer with its standard support services as indicated on Customer’s Order Form.

2. RESTRICTIONS AND RESPONSIBILITIES

2.1 Customer will not, and will not permit any third party to: reverse engineer, decompile, disassemble or otherwise attempt to discover the source code, object code or underlying structure, ideas or algorithms of the Services or any software, documentation or data related to the Services (“Software”) (provided that reverse engineering is prohibited only to the extent such prohibition is not contrary to applicable law); modify, translate, or create derivative works based on the Services or Software; use the Services or Software for timesharing or service bureau purposes or for any purpose other than for its own benefit; or use the Services or Software other than in accordance with this Agreement and in compliance with all applicable laws and regulations (including but not limited to any European privacy laws), intellectual property, consumer and child protection, obscenity or defamation).
2.2 Customer will cooperate with HeatMap in connection with the performance of this Agreement by making available such personnel and information as may be reasonably required, and taking such other actions as HeatMap may reasonably request. Customer will also cooperate with HeatMap in establishing a password or other procedures for verifying that only designated employees of Customer have access to any administrative functions of the Services.
2.3 Customer will be responsible for maintaining the security of Customer account, passwords (including but not limited to administrative and user passwords) and files, and for all uses of Customer account with or without Customer’s knowledge or consent.

3. CONFIDENTIALITY

3.1 Each party (the “Receiving Party”) understands that the other party (the “Disclosing Party”) has disclosed or may disclose information relating to the Disclosing Party’s technology or business (hereinafter referred to as “Confidential Information” of the Disclosing Party).
3.2 The Receiving Party agrees: (i) not to divulge to any third person any such Confidential Information, (i) to give access to such Confidential Information solely to those employees with a need to have access thereto for purposes of this Agreement, and (iii) to take the same security precautions to protect against disclosure or unauthorized use of such Confidential Information that the party takes with its own proprietary information, but in no event will a party apply less than reasonable precautions to protect such Confidential Information. The Disclosing Party agrees that the foregoing will not apply with respect to any information that the Receiving Party can document (a) is or becomes generally available to the public without any action by, or involvement of, the Receiving Party, or (b) was in its possession or known by it prior to receipt from the Disclosing Party, or (c) was rightfully disclosed to it without restriction by a third party, or (d) was independently developed without use of any Confidential Information of the Disclosing Party. Nothing in this Agreement will prevent the Receiving Party from disclosing the Confidential Information pursuant to any judicial or governmental order, provided that the Receiving Party gives the Disclosing Party reasonable prior notice of such disclosure to contest such order. In any event, HeatMap may collect data with respect to and report on the aggregate response rate and other aggregate measures of the Services’ performance.
3.3 Customer acknowledges that HeatMap does not wish to receive any Confidential Information from Customer that is not necessary for HeatMap to perform its obligations under this Agreement, and, unless the parties specifically agree otherwise, HeatMap may reasonably presume that any unrelated information received from Customer is not proprietary nor Confidential Information.
3.4 Both Parties will have the right to disclose the existence (including but not limited to mentioning Parties names and logos in marketing and advertising material) but not the terms and conditions of this Agreement, unless such disclosure is approved in writing by both Parties prior to such disclosure, or is included in a filing required to be made by a Party with a governmental authority (provided such party will use reasonable efforts to obtain confidential treatment or a protective order) or is made on a confidential basis as reasonably necessary to potential investors or acquirors.

4. INTELLECTUAL PROPERTY RIGHTS

Except as expressly set forth herein, HeatMap alone (and its licensors, where applicable) will retain all intellectual property rights relating to the Service or the Software or any suggestions, ideas, enhancement requests, feedback, recommendations or other information provided by Customer or any third party relating to the Service and/or the Software, which are hereby assigned to HeatMap. Customer will not copy, distribute, reproduce or use any of the foregoing except as expressly permitted under this Agreement. Customer is hereby granted a non-exclusive, nontransferable, revocable right to use the Resulting Data for its internal analysis purposes only. This Agreement is not a sale and does not convey to Customer any rights of ownership in or related to the Service or Software, or any intellectual property rights.

5. PAYMENT OF FEES

5.1 Customer will pay HeatMap the applicable fees as set forth on the Order Form (the “Fees”). To the extent applicable, Customer will pay HeatMap for additional services, such as integration fees or other consulting fees. All payments will be made in accordance with the Payment Schedule and the Method of Payment. If not otherwise specified, payments will be due within thirty (30) days of invoice.
5.2 Unpaid Fees are subject to a finance charge of one percent (1.0%) per month, or the maximum permitted by law, whichever is lower, plus all expenses of collection, including reasonable attorneys’ fees. Fees under this Agreement are exclusive of all taxes, including national, state or provincial and local use, sales, value-added, property and similar taxes, if any. Customer agrees to pay such taxes (excluding US taxes based on HeatMap’s net income) unless Customer has provided HeatMap with a valid exemption certificate. In the case of any withholding requirements, Customer will pay any required withholding itself and will not reduce the amount paid to Customer on account thereof.
5.3 HeatMap has a No Refund Policy. In particular, you will not be refunded the remainder of any fees that you have paid for the Services if your access to or use of the Service is terminated or suspended.

6. TERMINATION

6.1 Subject to earlier termination as provided in the Order Form, this Service Agreement is for the Service Term as specified in the Order Form.
6.2 HeatMap may terminate this Agreement upon thirty (30) days prior notice to Customer. Additionally, either party may terminate this Agreement, without notice, (i) upon the institution by or against the other party of insolvency, receivership or bankruptcy proceedings, (ii) upon the other party's making an assignment for the benefit of creditors, or (iii) upon the other party's dissolution or ceasing to do business.
6.3 All sections of this Service Agreement which by their nature should survive termination will survive termination, including, without limitation, restrictions, accrued rights to payment, confidentiality obligations, intellectual property rights, warranty disclaimers, and limitations of liability.

7. WARRANTY DISCLAIMER

WITHOUT LIMITING HEATMAP’S OBLIGATIONS UNDER SECTION 1.2, THE SERVICES AND HEATMAP CONFIDENTIAL INFORMATION AND ANYTHING PROVIDED IN CONNECTION WITH THIS AGREEMENT ARE PROVIDED "AS-IS," WITHOUT ANY WARRANTIES OF ANY KIND. HEATMAP HEREBY DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING, WITHOUT LIMITATION, ALL IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT.

8. LIMITATION OF LIABILITY

IN NO EVENT WILL HEATMAP BE LIABLE FOR ANY INDIRECT, PUNITIVE, INCIDENTAL, SPECIAL, OR CONSEQUENTIAL DAMAGES ARISING OUT OF OR IN ANY WAY CONNECTED WITH THE USE OF THE SERVICES OR ANYTHING PROVIDED IN CONNECTION WITH THIS AGREEMENT, THE DELAY OR INABILITY TO USE THE SERVICES OR ANYTHING PROVIDED IN CONNECTION WITH THIS AGREEMENT OR OTHERWISE ARISING FROM THIS AGREEMENT, INCLUDING WITHOUT LIMITATION, LOSS OF REVENUE OR ANTICIPATED PROFITS OR LOST BUSINESS OR LOST SALES, WHETHER BASED IN CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY, OR OTHERWISE, EVEN IF HEATMAP HAS BEEN ADVISED OF THE POSSIBILITY OF DAMAGES. THE TOTAL LIABILITY OF HEATMAP, WHETHER BASED IN CONTRACT, TORT (INCLUDING NEGLIGENCE OR STRICT LIABILITY), OR OTHERWISE, WILL NOT EXCEED, IN THE AGGREGATE, THE LESSER OF (i) TEN THOUSAND DOLLARS, OR (ii) THE FEES PAID TO HEATMAP HEREUNDER IN THE THREE MONTH PERIOD ENDING ON THE DATE THAT A CLAIM OR DEMAND IS FIRST ASSERTED. THE FOREGOING LIMITATIONS WILL APPLY NOTWITHSTANDING ANY FAILURE OF ESSENTIAL PURPOSE OF ANY LIMITED REMEDY.

9. U.S. GOVERNMENT MATTERS

Notwithstanding anything else, Customer may not provide to any person or export or re-export or allow the export or re-export of the Services or any software or anything related thereto or any direct product thereof (collectively “Controlled Subject Matter”), in violation of any restrictions, laws or regulations of the United States Department of Commerce, the United States Department of Treasury Office of Foreign Assets Control, or any other United States or foreign agency or authority. Without limiting the foregoing Customer acknowledges and agrees that the Controlled Subject Matter will not be used or transferred or otherwise exported or re-exported to countries as to which the United States maintains an embargo (collectively, “Embargoed Countries”), or to or by a national or resident thereof, or any person or entity on the U.S. Department of Treasury’s List of Specially Designated Nationals or the U.S. Department of Commerce’s Table of Denial Orders (collectively, “Designated Nationals”). The lists of Embargoed Countries and Designated Nationals are subject to change without notice. Use of the Service is representation and warranty that the user is not located in, under the control of, or a national or resident of an Embargoed Country or Designated National. The Controlled Subject Matter may use or include encryption technology that is subject to licensing requirements under the U.S. Export Administration Regulations. As defined in FAR section 2.101, any software and documentation provided by HeatMap are “commercial items” and according to DFAR section 252.227‑7014(a)(1) and (5) are deemed to be “commercial computer software” and “commercial computer software documentation.” Consistent with DFAR section 227.7202 and FAR section 12.212, any use modification, reproduction, release, performance, display, or disclosure of such commercial software or commercial software documentation by the U.S. Government will be governed solely by the terms of this Service Agreement and will be prohibited except to the extent expressly permitted by the terms of this Agreement.

10. MISCELLANEOUS

If any provision of this Agreement is found to be unenforceable or invalid, that provision will be limited or eliminated to the minimum extent necessary so that this Agreement will otherwise remain in full force and effect and enforceable. This Agreement is not assignable, transferable or sublicensable by Customer except with HeatMap’s prior written consent. HeatMap may transfer and assign any of its rights and obligations under this Agreement with written notice to Customer. Both parties agree that this Agreement is the complete and exclusive statement of the mutual understanding of the parties and supersedes and cancels all previous written and oral agreements, communications and other understandings relating to the subject matter of this Agreement, and that all waivers and modifications must be in a writing signed by both parties, except as otherwise provided herein. No agency, partnership, joint venture, or employment is created as a result of this Agreement and Customer does not have any authority of any kind to bind HeatMap in any respect whatsoever. In any action or proceeding to enforce rights under this Agreement, the prevailing party will be entitled to recover costs and attorneys’ fees. All notices under this Agreement will be in writing and will be deemed to have been duly given when received, if personally delivered; when receipt is electronically confirmed, if transmitted by facsimile or e-mail; and upon receipt, if sent by certified or registered mail (return receipt requested), postage prepaid. HeatMap will not be liable for any loss resulting from a cause over which it does not have direct control. This Agreement will be governed by the laws of the State of Delaware, U.S.A. without regard to its conflict of laws provisions. The federal and state courts sitting in the County of Kent, Delaware, U.S.A. will have proper and exclusive jurisdiction and venue with respect to any disputes arising from or related to the subject matter of this Agreement. Customer agrees to participate in press announcements, case studies, trade shows, or other forms reasonably requested by HeatMap. HeatMap is permitted to disclose that Customer is one of its customers to any third-party at its sole discretion.

1. OVERVIEW

This Data Processing Agreement (“DPA”) includes: (i) the provisions set forth herein; (ii) our Terms and Conditions and our Privacy Policy, and/or (iii) any special Service Agreement signed between you and HeatMap, Inc, incorporated in the State of Delaware, United States of America.
This DPA identifies how HeatMap will process Your Data in connection with your use of HeatMap’s site and/or service (collectively “Service”), as well as either party’s obligations with respect to applicable Data Protection Legislation (defined below). This DPA will remain in effect throughout your use of the Service, and may be updated pursuant to the modifications provision of the Terms and Conditions as may be deemed necessary by HeatMap.
In the event you do not agree with any term of the DPA, of the Terms and Conditions, or of the Privacy Policy, you must stop using the Service immediately and remove HeatMap's tracking code from your site.
HeatMap will process Your Data pursuant to the terms set forth herein and as required by European Directives 95/46/EC and 2002/58/EC (as amended by Directive 2009/136/EC) and any legislation or regulation pursuant to them, or which amends, replaces, re-enacts or consolidates any of them (including the General Data Protection Regulation (Regulation (EU) 2016/279)), and all other applicable laws relating to processing of personal data and privacy that may exist in any relevant jurisdiction (“Data Protection Legislation”). Any capitalized, undefined terms that are not defined herein shall have the meaning set forth in the Agreement. For purposes of the DPA “Your Data” shall mean “Personal Data” as defined by the Data Protection Legislation. Additionally, “Controller”, “Processor”, “Data Subject”, “Processing”, “Sub-processor”, and “Appropriate Technical and Organizational Measures” shall also have the meanings specified in the Data Protection Legislation. “Website Visitors” shall extend to any type of websites (including, but not limited to, websites, web applications, web services, web portals) and any type of visitors (including, but not limited to, anonymous users, paid users, free users) whenever the Customer includes HeatMap’s tracking code.

2. DATA PROTECTION LEGISLATION COMPLIANCE

For Visitors of Customer’s Website. The parties agree that HeatMap is Processor of Personal Data and that the Customer is Controller of Personal Data, and that the Customer accordingly allows HeatMap to process Personal Data: (i) for website analytics purposes for Customer’s Website Visitors; (ii) as specified in the Agreement and HeatMap’s Privacy Policy; and (iii) as permitted by Data Protection Legislation.
For Customers using the Service. The parties agree that HeatMap is both Processor and Controller of Personal Data: (i) to access and use of the Service; (ii) for analytics purposes of the use of the Service; (iii) as specified in the Agreement and HeatMap’s Terms and Conditions; and (iv) as permitted by Data Protection Legislation.
Appropriate Technical and Organizational Measures. Both parties agree to use Appropriate Technical and Organizational measures to ensure the proper treatment of Personal Data and the ability to accordingly respond to Data Subject requests pertaining to use of Personal Data. Specifically, and among other rights that may be available to Data Subjects, the parties agree that Data Subjects have a right to: consent withdrawal, access to and modification of Personal Data, object to processing of their Personal Data and erasure of their Personal Data. HeatMap shall implement and maintain appropriate technical and organizational measures to protect Data against unauthorized or unlawful processing, including protecting against loss, destruction, modification, or disclosure. These measures will be reasonable and appropriate with respect to the Data which HeatMap processes.

3. DATA SUBJECTS REQUEST AND DISPUTE RESOLUTION

Both parties will comply with Data Subject requests as required by applicable Data Protection Legislation and any other applicable law.
For Visitors of Customer’s Website. Because HeatMap’s Service has been designed since its inception with “Privacy by Design”, the Customer understands that HeatMap does not store any Personal Data for Customer’s Website Visitors, and that HeatMap cannot identify a single Website Visitor (as outlined in the Privacy Policy), and that, as such, HeatMap is unable to provide data for Data Subject requests. In the case that HeatMap unknowingly receives uncharacterized Personal Data from the Customer (for instance via the URL of the visited page), the Customer will be responsible for correcting their implementation of the Service to obfuscate Personal Data, and for immediately notifying our Data Protection Officer here to remove all the relevant data. As HeatMap supports several ways for a Customer's Website Visitor to not be tracked (and documented on the Privacy Policy page), the Customer agrees that they are ultimately responsible as a Controller for deciding whether or not to include HeatMap’s tracking code for a Website Visitor.
For Customers using the Service. The Customer agrees to immediately forward here each Data Subject request to our Data Protection Officer.
In all cases, the Customer agrees to promptly notify HeatMap of all Data Subject disputes and work in good faith to resolve any dispute to the Data Subject satisfaction. You are not to resolve any dispute or conflict on HeatMap’s behalf.

4. PERSONAL DATA BREACH

If either party becomes aware of a Potential Data Breach that causes destruction, loss, modification, disclosure, or access to it will immediately notify the other party. The party that was subject to the Personal Data Breach shall notify Data Subjects and appropriate parties as required by the Data Protection Legislative. The party subject to the Personal Data Breach shall conduct an investigation regarding the same and will use industry standard technology, methods and other related practices to mitigate the effects and to mitigate the effects of any Personal Data Breach and shall use industry standard measures to prevent any further breaches in the future.

5. SUB-PROCESSORS

In the event either party engages a third-party Sub-processor to assist with the performance of its duties under this DPA that party shall ensure that any Sub-processor complies with applicable laws, rules, and regulations, and maintain no less stringent requirements than those of this DPA.

6. AUDIT

Both parties shall, as reasonably requested and reasonably necessary or required by applicable law, allow the other party to conduct an audit or inspection during the term of the Agreement to confirm compliance with this DPA, which may include providing reasonable access to the premises, resources and personnel used by You in connection with the provision of the Service, specifically to verify the processing Data in accordance with that party’s obligations under the DPA and applicable Data Protection Legislation. Such audit shall consist solely of: (i) written information (such as security policies) and (ii) interviews with personnel as may be reasonably necessary to verify compliance.
For clarity, no access to any part of a party’s IT system, data hosting service providers, sites, or centers, or infrastructure will be permitted.

7. CONFLICTS

The terms and conditions of this Data Processing Agreement shall prevail over any additional or conflicting terms in the Agreement with respect to the treatment of Personal Data. Unless otherwise modified herein, the remaining terms of the Agreement shall remain in full force and effect. In the event of a conflict between the terms of this DPA and another Agreement provision the terms of this DPA shall control with respect to the treatment of Personal Data.

8. ENFORCEMENT

This DPA is deemed agreed upon and enforceable between the parties as of the date You sign up for the Site or Service, and through such sign up agree to the terms and conditions of use, including any click-wrap, shrink-wrap, or other permissions given that reference the Terms and Conditions and Privacy Policy, of which this is incorporated by reference. If you would like a signed copy for Your own records or execution You may request one by contacting support@heatmap.com

9. PRIVACY POLICY

HeatMap, Inc. uses Cookies. To learn more please refer to the detailed Privacy Policy.