Terms of Service
These Terms of Service (the “TOS”) are entered into between Customer and Pico Privacy. “Customer” means the entity on behalf of which these TOS are accepted or, if that does not apply, the individual accepting these TOS. “Pico Privacy” means Pico Privacy, LLC. These TOS are effective as of the date of the first Order Form between the parties, or as of the date which Customer first creates an account with Pico Privacy, whichever is earliest (the “Effective Date”). The “Agreement” means these TOS together with all incorporated contracts, associated Order Forms, and the DPA. A glossary of defined terms can be found at the end of these TOS.
If you (the person accepting these TOS) are doing so on behalf of your employer or another entity, you agree that: (i) you have full legal authority to bind your employer or such entity to these TOS, and (ii) you agree to these TOS on behalf of your employer or such entity. If you are accepting these TOS using an email address from your employer or another entity, then: (i) you will be deemed to represent that party, (ii) your acceptance of these TOS will bind your employer or that entity to these terms, and (iii) the word “you” or “Customer” in these TOS will refer to your employer or that entity.
By clicking on the “Agree” (or similar button or checkbox) that is presented to you at the time of placing an Order Form or creating an account, or by using or accessing the Services, you confirm you are bound by these TOS. If you do not wish to be bound by these TOS, do not click “Agree” (or similar button or checkbox), create an account, or use or access the Services.
The parties agree as follows:
1. Pico Privacy Responsibilities.
1.1. Pico Privacy will make the Services available to Customer pursuant to the terms of the applicable Order Form between the parties and in accordance with this Agreement.
1.2. Pico Privacy will maintain appropriate administrative, physical and technical safeguards for protection of the security, confidentiality, and integrity of Customer Data, including measures designed to prevent unauthorized access to or disclosure of Customer Data (other than by Customer’s personnel). Both parties shall comply with the terms of the DPA, which is incorporated into and made part of the Agreement. Thirty (30) days after termination or expiration of these TOS, Pico Privacy will have no obligation to maintain or provide any Customer Data.
1.3. Each party will take all steps reasonably necessary to enable the other party to comply (or demonstrate its compliance) with applicable privacy laws and regulations (including providing needed documentation).
1.4. The Services and any other communication or information provided by Pico Privacy are not legal advice and are not intended to be perceived as legal advice. Customer shall seek its own legal counsel for any matters requiring legal advice.
2. Customer Responsibilities.
2.1. Customer shall comply with this Agreement and all applicable laws and regulations. Customer shall use commercially reasonable efforts to prevent unauthorized access to or use of the Services and shall notify Pico Privacy promptly of any such unauthorized access or use. Customer is responsible for its personnel’s and agents’ compliance with Customer’s obligations under this Agreement.
2.2. Customer is responsible for the accuracy, quality, and legality of Customer Data, the means by which Customer acquired Customer Data, and its use of Customer Data with the Services or any Third-Party App. Customer will ensure that all necessary rights and permissions are established for the transfer and/or processing of Customer Data in connection with the Services in compliance with all applicable laws, regulations, and self-regulatory requirements.
2.3. Customer shall not (a) make any part of the Services available to, or use the Services for the benefit of, any third party; (b) sell, resell, license, sublicense, distribute, make available, rent, or lease the Services; (c) modify, copy, or create derivative works of the Services (or any part thereof); (d) disassemble, reverse-engineer, or decompile the Services; (e) access the Services for purposes of monitoring their availability, performance, or functionality, or for any other benchmarking or competitive purposes; (f) use the Services to store or transmit materials that are unlawful, misleading, libelous, obscene, hateful, or violative of others' privacy rights; (g) introduce viruses or other malware to the Services, Pico Privacy's systems, or end users; or (h) use the Services in a manner that violates its agreement with any third party or could reasonably be expected to damage the Services or reflect unfavorably on the reputation of Pico Privacy or its partners. Customer will not export, re-export, or transfer the Services, in whole or in part, to any country, person, or entity subject to U.S. export restrictions.
3. Payment and Taxes.
3.1. Customer will pay all fees specified in Order Forms or otherwise agreed to via the Platform. If paying by credit card, Customer will promptly provide credit card billing details and hereby authorizes Pico Privacy to charge the credit card for Services. Pico Privacy reserves the right to charge interest on late payments at the lower of 1.5% of the outstanding balance per month, or the maximum permitted by law. Pico Privacy's fees do not include any present or future taxes, levies, fees or duties of any kind ("Taxes"). Except for any Tax that Pico Privacy has charged to Customer, Customer is responsible for remitting all Taxes based on or arising from this Agreement (other than Taxes based on Pico Privacy's net income), without setoff or deduction from the fees. If Pico Privacy is held responsible for such Taxes, Customer will reimburse Pico Privacy for such payments.
4. Data, Proprietary Rights, and Licenses.
4.1. Customer grants Pico Privacy a worldwide, limited-term right and license to host, copy, use, transmit, and display Customer Data as appropriate for Pico Privacy to provide and ensure proper operation of the Services and associated systems in accordance with this Agreement. Subject to the limited licenses granted herein, Pico Privacy acquires no right, title, or interest from Customer under this Agreement in or to any Customer Data.
4.2. Subject to the limited rights expressly granted herein, Pico Privacy reserves all of its right, title, and interest (including all intellectual property rights) in and to the Services, and, as between Pico Privacy and Customer, Pico Privacy owns all system performance metrics, any identifiers created or sourced by Pico Privacy, and any other data within or related to the Services that is not Customer Data (collectively, "Pico Privacy Data"). Pico Privacy reserves all of its right, title, and interest (including all intellectual property rights) in and to Pico Privacy Data, and Customer may only use Pico Privacy Data during the Term and as necessary to use the Services as permitted by this Agreement, and may not export Pico Privacy Data.
4.3. Customer acknowledges that the Services may engage in artificial intelligence and machine learning, including the use of algorithms or other methods that may be trained by exposure to Customer Data, and that the results and output of such learning, which results and outputs will contain no Customer Data, are Pico Privacy Data. Pico Privacy may track and analyze usage of the Services for purposes of security and improving the Services, and Customer will not restrict Pico Privacy from improving or creating services on the basis of general learning and know-how gained from the provision of the Services. Pico Privacy may use any suggestions or feedback from Customer perpetually and irrevocably without accounting, attribution, or compensation.
4.4. Pico Privacy may collect, produce, use, or retain aggregated or other deidentified data generated from Customer Data or Customer's use of the Services (e.g., to create reports on industry or end user trends), provided that such data does not identify, or is not reasonably capable of identifying, Customer or any individual or household. Such data and reports are Pico Privacy Data.
5. Privacy.
5.1. Each party will take all steps reasonably necessary to enable the other party to comply (or demonstrate its compliance) with applicable privacy laws and regulations (including providing needed documentation).
5.2. Customer will conspicuously post and comply with a legally sufficient privacy notice on its properties where data is collected and used in association with the Services. The privacy notice must accurately describe Customer's practices relating to data collection, sharing, and use.
5.3. CCPA Service Provider Disclosure. In light of the California Consumer Privacy Act of 2018 (as amended from time to time, including as amended by the California Privacy Rights Act, the "CCPA") and to ensure that adequate contractual terms are in place between the parties to comply with the CCPA, the parties acknowledge and agree that, in its provision of the Services, Pico Privacy will act as Customer's service provider in processing Personal Information on behalf of Customer.
5.3.1. For purposes of this section 5.3: (i) "commercial purpose," "personal information," "sell," and, "service provider" have the meanings given to them in the CCPA and (ii) "Personal Information," with respect to the information of California consumers, has the meaning given in the CCPA to "personal information," but specifically any Customer Data constituting personal information.
5.3.2. With respect to the Services, except as otherwise permitted by the CCPA, Pico Privacy is prohibited from: (i) selling Personal Information and (ii) retaining, using, or disclosing Personal Information other than (a) for a business purpose under the CCPA on behalf of Customer and the specific purpose of performing the Services, as further described in the Documentation, or as otherwise permitted under the CCPA, or (b) as may otherwise be permitted for service providers or under a comparable exemption from "sale" in the CCPA, as reasonably determined by Pico Privacy. Pico Privacy may, however, disclose the Personal Information to its own service providers, if any, where Pico Privacy has carried out adequate due diligence on each such service provider and included terms in the contract between Pico Privacy and such service provider that are equivalent to those set out in this section 5.3.2
5.3.3. Pico Privacy shall promptly and in good faith take such actions and provide such information and assistance as Customer may reasonably request and as directly related to the Services to enable Customer to honor requests of individuals to exercise their rights under the CCPA.
6. Confidentiality.
6.1. “Confidential Information” means information that the disclosing party identifies as confidential or the receiving party should reasonably understand to be confidential given the circumstances and the type of information. Confidential Information does not include information that the receiving party can demonstrate (a) it knew without restriction before receipt from the disclosing party, (b) is publicly available through no fault of the receiving party, (c) it rightfully received from a third party without a duty of confidentiality or (d) is independently developed without use of the disclosing party’s Confidential Information. The receiving party will use the same degree of care that it uses to protect the confidentiality of its own confidential information of like kind (but not less than reasonable care) to (i) not use any Confidential Information for any purpose outside the scope of this Agreement and (ii) except as otherwise authorized by the disclosing party in writing, limit access to Confidential Information to those of its and its affiliates’ employees and contractors, who need that access for purposes consistent with this Agreement and who have signed confidentiality agreements with the receiving party containing protections not materially less protective of the Confidential Information than those herein. If compelled to do so by law, the receiving party may disclose the disclosing party’s Confidential Information as long as it provides reasonable prior notice to the disclosing party (unless legally prohibited). The terms of the Agreement will be Confidential Information of both parties.
6.2. It is expressly agreed that a remedy at law for breach of the obligations relating to confidential information is inadequate and that, in addition to any other remedies permitted by this Agreement, each party is entitled to injunctive relief to prevent the breach, threatened breach, or continued breach thereof.
7. Mutual Indemnity.
7.1. Pico Privacy will indemnify, defend and hold harmless Customer and its officers, directors, employees and representatives from any Liabilities arising out of any unaffiliated third-party claim that the Services in the form made available by Pico Privacy infringe such third party's intellectual-property rights.
7.2. Customer will indemnify, defend, and hold harmless Pico Privacy and its officers, directors, employees and representatives from any Liabilities arising out of any unaffiliated third-party claim arising out of or from Customer Data or any other Customer information or materials, or Customer's violation of applicable laws or regulations or infringement of the intellectual property or other rights of a third party.
7.3. Each party's indemnification obligations are conditioned on (a) the indemnified party providing the indemnitor with prompt written notice of any claim (provided that the failure to promptly notify will only relieve the indemnitor of its obligation to the extent it can demonstrate material prejudice from such failure), (b) the indemnitor having sole control and authority with respect to the defense and settlement of any such claim, and (c) the indemnified party cooperating fully with the indemnitor, at the indemnitor's sole cost and expense. The indemnitor will not, without the prior written consent of the indemnified party, agree to any settlement of any such claim that does not include a complete release of the indemnified party from all liability or that imposes any liability, obligation or restriction on the indemnified party. The indemnified party may participate with its own counsel, at its own expense. This section 7 states the indemnifying party's sole liability to, and the indemnified party's exclusive remedy against, the other party for any third party claim described in this section.
7.4. Pico Privacy will have no obligation for claims arising out of or from (a) Services that are modified by Pico Privacy in compliance with Customer's specifications, (b) the combination of the Services with products or services not supplied by Pico Privacy, where the cause of action would not have arisen but for such combination, (c) the unauthorized adaptation or modification of the Services, where the cause of action would not have arisen but for such adaptation or modification, (d) Customer's failure to follow instructions provided by Pico Privacy which would have cured the cause of action, provided that following such instructions would not have caused Customer substantial, additional cost, (e) use of the Services other than as described in the Agreement or Documentation, (f) Customer's breach of this Agreement, or (e) Customer's continued use of a version of the Services other than the most recently released version, where the cause of action would not have arisen if such most recently released version had been used. If any of the subsections above apply, Customer will indemnify, defend and hold harmless Pico Privacy and its officers, directors, employees and representatives from and against any Liabilities arising out of such claims.
7.5. If the Services are held in a suit or proceeding to infringe any intellectual-property or other rights of a third party, or Pico Privacy reasonably believes that it is likely to be found to do so, then Pico Privacy may, at its sole cost, expense and option, either (a) procure the right to continue using the Services or (b) modify the Services so that they become non-infringing without affecting the basic functionality of the Services; provided, however, that if (a) and (b) are not practicable, Pico Privacy may, in its sole discretion, terminate this Agreement with respect to the applicable portion of the Services by giving Customer 30 days' written notice, upon which termination Pico Privacy will refund the portion of any prepayment that reflects the remaining subscription term.
8. Term, Termination, and Renewal.
8.1. The Term of the Agreement commences on the Effective Date and terminates upon the expiry or termination of all associated Order Forms, or, if no Order Forms are ever created, upon the date Customer’s access to the Services is removed.
8.2. Unless otherwise specified in an Order Form, either party may terminate this Agreement and any Order Form immediately if (a) the other party becomes the subject of a petition in bankruptcy or any other proceeding relating to insolvency, receivership, liquidation or assignment for the benefit of creditors; or (b) the other party is in material breach of this Agreement, has been given notice of such material breach, and has failed to cure within 30 days (or 5 days in the case of failure to pay fees as described in this Agreement). If this Agreement or an Order Form is terminated for Customer’s uncured breach, Customer will promptly pay any minimum amounts that would have been due for the full duration of the Term as it existed prior to the early termination. Pico Privacy may suspend access to and use of the Services if Pico Privacy reasonably believes that Customer’s continuing use of the Services may cause risk of litigation or otherwise be harmful to Pico Privacy. Upon the termination or expiration of this Agreement, Customer’s right to use the Services will terminate, and Customer will promptly return (or at Pico Privacy’s election, delete) Pico Privacy’s Confidential Information (including any Pico Privacy Data).
8.3. Except as otherwise specified in an Order Form, all Order Forms will automatically renew for additional one (1) month periods, unless either party gives the other notice of non-renewal at least seven (7) days before the end of the relevant subscription term.
9. Notices.
9.1. Notices must be in writing and are effective when (a) delivered personally or (b) sent by email to the address provided in this Agreement (the email associated with the Free Account or listed on the latest Order Form for Customer, and legal@picoprivacy.com for Pico Privacy) if the sending party does not receive an error notice and the email includes in the subject line "LEGAL NOTICE." For the avoidance of doubt, if the sending party receives an error notice because the receiving party has changed its email address without formally notifying the sending party, the email notice is deemed effective if the sending party is using the last email address provided by the other party for the express purpose of receiving notices. In that case, the sending party will attempt to reach the receiving party by phone.
10. DISCLAIMER OF WARRANTIES. EXCEPT AS EXPRESSLY SET FORTH HEREIN, PICO PRIVACY PROVIDES ALL SERVICES "AS IS" AND "AS AVAILABLE," WITHOUT WARRANTY OF ANY KIND, AND DISCLAIMS ALL EXPRESS AND IMPLIED WARRANTIES, INCLUDING WITHOUT LIMITATION WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, PERFORMANCE, ACCURACY, RELIABILITY, TITLE, NON-INFRINGEMENT OR ANY WARRANTY FROM USAGE OF TRADE, COURSE OF PERFORMANCE OR COURSE OF DEALING. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS AGREEMENT.
11. LIMITATION OF LIABILITY. EXCEPT WITH RESPECT TO LIABILITIES ARISING OUT A PARTY'S GROSS NEGLIGENCE OR WILLFUL MISCONDUCT: (A) NEITHER PARTY WILL BE LIABLE TO THE OTHER FOR PUNITIVE, INCIDENTAL, INDIRECT, SPECIAL, RELIANCE OR CONSEQUENTIAL DAMAGES, INCLUDING LOST BUSINESS, REVENUE OR ANTICIPATED PROFITS, REGARDLESS OF THE CAUSE OF ACTION AND WHETHER OR NOT THE PARTY WAS ADVISED OF THE POSSIBILITY OF SUCH LOSS OR DAMAGES, AND (B) EXCEPT WITH RESPECT TO CUSTOMER'S OBLIGATION TO PAY ANY MINIMUM FEES AND FOR SERVICES ALREADY PROVIDED, IN NO EVENT WILL A PARTY'S AGGREGATE LIABILITY ARISING OUT OF OR RELATED TO THIS AGREEMENT EXCEED THE AMOUNT PAID OR OWED BY CUSTOMER UNDER THIS AGREEMENT FOR THE 12 MONTHS PRECEDING THE INCIDENT GIVING RISE TO THE LIABILITY (THE "STANDARD CAP"). AS TO EACH PARTY'S INDEMNIFICATION OBLIGATIONS, IN NO EVENT WILL A PARTY'S TOTAL CUMULATIVE LIABILITY UNDER THIS AGREEMENT EXCEED TWO TIMES THE STANDARD CAP. THESE LIMITATIONS OF LIABILITY APPLY EVEN IF ANY REMEDY SPECIFIED IN THIS AGREEMENT IS FOUND TO HAVE FAILED ITS ESSENTIAL PURPOSE.
12. Free Users.
12.1. Section 7.1 of the TOS and any provisions of the DPA related to audit rights shall not apply to Customers during any period in which such Customers use exclusively free services.
12.2. If Customer is using a Free Account, Pico Privacy may alter which of the Services provides, what features are enabled, or terminate the Free Account at any time.
12.3. Services associated with a Free Account are provided to Customer without charge up to certain limits as described on Pico Privacy’s website. Customer agrees that usage over these limits requires Customer’s purchase of additional resources or services. Pico Privacy may, in its sole discretion and for any or no reason, terminate Customer’s access to the Free Services or any part thereof.
12.4. Customer agrees that any termination of or material changes to Customer’s access to the Free Services may be without prior notice, and Customer agrees that Pico Privacy will not be liable to Customer or any third party for such termination. Customer is solely responsible for exporting Customer Data from the Free Services prior to termination of Customer’s access to the Free Services for any reason. Pico Privacy may change the limits that apply to Customer’s use of the Free Services at any time in its sole discretion without notice to Customer, regardless of whether or not the Free Services are used in conjunction with other products or services for which Customers pays us a fee.
13. Miscellaneous.
13.1. Priority. Any conflict between the terms of these TOS and any related contract document shall be resolved by giving priority to contract documents in the following order of precedence: (1) any fully executed amendment between the parties (2) any addendum, such as the DPA (3) the most recent Order Form; and (4) these TOS.
13.2. Marketing. Except as otherwise set forth in an Order Form, neither party will make any public statement relating to this Agreement without the prior written approval of the other, except that Pico Privacy may include Customer's name and logo in its marketing, promotional materials, and customer lists (including on its website).
13.3. Support Access. Pico Privacy may access Customer’s account or Customer Data in order to provide support as needed or requested by Customer.
13.4. Force Majeure. Neither party will be liable for failure or delay in performance due to a Force Majeure Event. If either party is not able to perform its material obligations hereunder within forty-five (45) days after the Force Majeure Event has been resolved or removed, then the other party may immediately terminate this Agreement. Such termination, however, does not affect the rights or obligations of either party that have arisen or accrued prior to such termination. Termination of this Agreement pursuant to this section is not a termination for cause.
13.5. Relationship of the Parties. The relationship between the parties is that of independent contractors. Nothing contained in this Agreement will be construed as creating any agency, partnership, joint venture, or other form of joint enterprise, employment, or fiduciary relationship between the parties, and neither party shall have authority to contract for or bind the other party in any manner whatsoever.
13.6. No Third-Party Beneficiaries. This Agreement is for the sole benefit of the parties hereto and their respective successors and permitted assigns and nothing herein, express or implied, is intended to or will confer upon any other person or entity any legal or equitable right, benefit, or remedy of any nature whatsoever, under or by reason of this Agreement.
13.7. Severability. In the event that any provision hereof is held invalid or unenforceable, such invalid or unenforceable provision shall not invalidate or affect the other provisions of this Agreement. The other provisions of this Agreement shall remain in effect and be construed as if the invalid or unenforceable provision were not a part hereof, provided that if the invalidation or unenforceability of such provision shall, in the opinion of either party, have an adverse material effect on such party’s rights or obligations hereunder, then this Agreement may be terminated by such party upon thirty (30) days’ written notice party to the other party.
13.8. Waiver. Failure by either party to enforce a provision of, or exercise a right under, this Agreement shall not be construed as a waiver of any such provision unless expressly authorized in writing by the waiving party. A failure to enforce a provision or exercise a right that is not waived in writing shall not affect the validity of this Agreement, or any part thereof, or the right of either party at any time to enforce any provision of, or exercise any right under, this Agreement. Likewise, a waiver of a breach of any provision of this Agreement shall not affect or waive a subsequent breach of the same provision or a breach of any other provision in this Agreement.
13.9. Entire Agreement. This Agreement, together with all documents incorporated by reference and evidencing transactions between the parties, constitutes the entire agreement between the parties with respect to the subject matter hereof and supersedes any prior agreements, negotiations, or understandings, whether oral, electronic or written. This Agreement may be modified by Pico Privacy, with notice made available generally to Customer via the Pico Privacy Platform, customer portal, or otherwise, and otherwise cannot be modified, changed or amended except in writing signed by a duly authorized representative of each party. Notwithstanding any obligation or right referenced as surviving expiration or termination of a nondisclosure agreement previously executed by the parties, any such nondisclosure agreement is superseded by the terms of this Agreement in entirety, with no surviving obligations or rights for either party. Each Order Form executed by Customer and Pico Privacy is incorporated herein by reference and is a part of this Agreement. Additional, supplementary or conflicting terms supplied by Customer including, without limitation, those contained on or incorporated in any purchase order are specifically and expressly rejected by Pico Privacy unless it has assented in writing to such terms.
13.10. Assignment. Neither party may assign or otherwise transfer their rights or obligations pursuant to this Agreement, or any of either party's rights or obligations hereunder, without the prior written consent of the other party, which consent shall not be unreasonably withheld. Any transfer or assignment in violation of this provision is void. Notwithstanding anything to the contrary in this Agreement, either party may assign this Agreement in its entirety, without consent of the other party, to its affiliate or in connection with a merger, acquisition, corporate reorganization, or sale of all or substantially all of its assets. Subject to the foregoing, this Agreement shall bind and inure to the benefit of the parties, their respective successors and permitted assigns.
13.11. Jurisdiction. The parties agree this Agreement is governed by the laws of the State of Colorado without regard to choice or conflicts of law rules. Any action arising under or related to this Agreement will be resolved in, and the parties consent to personal jurisdiction in, the state or federal courts in Denver, Colorado. The prevailing party is entitled to recover all reasonable fees, costs and expenses of enforcing its rights, including reasonable attorneys’ fees. Claims must be brought in the initiating party’s individual capacity, not as a plaintiff or class member in any class action or similar proceeding.
13.12. Survival. Sections 3, 4, and 6 through 14 will survive the termination or expiration of this Agreement.
14. Definitions. The following definitions apply to this Agreement and any related contract document:
14.1. “Confidential Information” is defined in section 6.1.
14.2. “Customer Data” means any data which Customer provides to Pico Privacy for processing through Customer’s use of the Services. This includes but is not limited to data provided via (a) collection through javascript and software development kits that Pico Privacy provides to Customer to deploy on Customer’s properties in connection with Customer’s use of the Services; (b) upload or import through various methods (e.g., API); or (c) connection through integration(s) between the Services other proprietary or third-party systems or sources used by Customer. Customer Data may include personal data.
14.3. “DPA” means the Data Processing Addendum, found at https://www.picoprivacy.com/legal/dpa.
14.4. "Free Account” means a user account on the Pico Privacy Platform is receiving all or part of the Services with no associated fees.
14.5. “Force Majeure Event” means an act of God, sabotage, war, strikes, lockouts, terrorism, military operations, national emergency, civil commotion, pandemic, communication systems failures, or the order, requisition, request or recommendation of any governmental agency or acting governmental authority having jurisdiction, or governmental regulation or priority, or any other cause beyond the affected party’s reasonable control.
14.6. “Pico Privacy Data” is defined in section 4.2.
14.7. “Liabilities” means any actual, out-of-pocket liability or expense (including reasonable attorneys' fees).
14.8. “Order Form” means an ordering document (online or otherwise) entered into between Customer and Pico Privacy specifying the Services to be provided.
14.9. “Platform” means the web interfaces, API, and any other software products owned, licensed, or under development by Pico Privacy.
14.10. “Services” means the Platform together with any professional services applicable to this agreement.
14.11. The “Term” is the length of time described in section 8.1.
***