“Affiliate” means any legal entity directly or indirectly controlling, controlled by, or under common control with a party hereto, for so long as such control lasts. Control of a legal entity shall exist through the: (i) direct or indirect control of more than 50% of the nominal value of the issued equity share capital of such legal entity; or (ii) control of more than 50% of such legal entity’s equity shares entitling the holders of such shares to vote for the election of directors or persons performing similar functions.
“Aggregated Anonymized Data” means data and information derived from Client’s use of the Keyfactor Services that is used by Keyfactor in an aggregate and anonymized manner in order to improve the provision and operation of the Keyfactor Services.
“Authorized User(s)” means Client’s employees, consultants, contractors, affiliates and agents (i) who are authorized by Client to access and use the Keyfactor Services under the rights granted to Client pursuant to this Agreement and (ii) for whom access to the Keyfactor Services has been purchased hereunder. For Keyfactor Services that are specifically designed to allow Client’s customers, suppliers or other third parties to access the Keyfactor Services to interact with Client, such third parties will be considered “Authorized Users” subject to the terms of this Agreement.
“CCPA” means the California Consumer Privacy Act of 2018, a sweeping piece of legislation designed to give California consumers increased control over their Personal Information and which requires that affected companies comply with certain requirements, facilitate consumer data requests, update their privacy policies and assure that their vendors comply as well.
“Client Data” means, other than Aggregated Anonymized Data, information, data, and other content, including Client Personal Data (as that term is defined in the GDPR) and/or Client Personal Information (as that term may be defined in the CCPA, PIPEDA and/or other U.S. state-based legislation or comparable legislation in Canada), in any form or medium, that is submitted, posted, or otherwise transmitted by or on behalf of Client or an Authorized User through the Keyfactor Services.
“Client-Hosted Services” means Keyfactor Services accessed by Client through use of downloaded Software.
“Data Protection and Privacy Laws” means all federal, state, provincial, foreign, national and international laws, rules, regulations, directives and governmental or data protection authority decisions, in each case, having the force of law, applicable to the collection, processing, use, storage, transmission and/or disclosure of Personal Data, Personal Information, personally identifiable information, sensitive personal information and Special Categories of Personal Data, including, without limitation, the GDPR, the Privacy and Electronic Communications Directive 2002, as amended (or “ePrivacy Directive”), the (UK) Data Protection Act 2018, the UK GDPR (2021), the (Swiss) Federal Act on Data Protection of 19 June 1992, The Privacy Act (Australia) 1988, PIPEDA, the California Consumer Privacy Act of 2018 (“CCPA”), Japan Act on the Protection of Personal Information Protection (“APPI”), theColorado Privacy Act, the Virginia Consumer Data Protection Act (“VCDPA”) and the Utah Consumer Privacy Act, etc., all of which as they may be amended, supplemented and/or superseded from time to time.
“Documentation” means Keyfactor’s user manuals, handbooks, and guides relating to the Keyfactor Services provided by Keyfactor to Client either electronically or in hard copy form/end user documentation relating to the Keyfactor Services.
“Effective Date” means the date Client’s subscription begins pursuant to the terms of the applicable Order Form.
“Force Majeure Event” shall have the meaning given in Section 9(c).
“GDPR” means the General Data Protection Regulation (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, as may be amended from time to time, which lays down rules relating to the protection of natural persons with regard to the processing of Personal Data and rules relating to the free movement of personal data.
“Intellectual Property Rights” means copyrights (including rights in software), patents, trademarks, trade names, service marks, business names (including internet domain names), design rights, database rights, semi-conductor topography rights, rights in undisclosed or confidential information (such as know-how, trade secrets and inventions, whether patentable or not) and all other intellectual property or similar proprietary rights of whatever nature (whether registered or not and including applications to register or rights to apply for registration) which may now or in the future subsist anywhere in the universe.
“Keyfactor Cloud Service” means the combination of hardware and software owned, licensed, subscribed to, or managed by Keyfactor to which Keyfactor grants Client and Authorized Users access as part of the Keyfactor-Hosted Services that are described in an Order Form.
“Keyfactor-Hosted Services” means Keyfactor Services accessed by Client through the Keyfactor Cloud Service.
“Keyfactor IP” means the Keyfactor Services, the Documentation, and any and all intellectual property provided to Client or any Authorized User in connection with the foregoing, including, but not limited to the Keyfactor platforms and related integration. For the avoidance of doubt, Keyfactor IP includes Aggregated Anonymized Data and any information, data, or other content derived from Keyfactor’s monitoring of Client’s access to or use of the Keyfactor Services but does not include Client Data.
“Keyfactor Services” means the services described in an Order Form.
“Order Effective Date” means the date Client’s subscription begins pursuant to the terms of the applicable Order Form.
“Order Form” means ordering documentation used to purchase Software, Keyfactor-Hosted Services, Client-Hosted Services, Keyfactor Services and/or Professional Services. For the avoidance of doubt, the term Order Form shall include any ordering instrument—whether a Keyfactor sales order form or quote provided to Client directly, or an invoice or other ordering document provided to Client by a Keyfactor-authorized reseller, if applicable—that Client and Keyfactor and/or Client and the authorized reseller utilize to facilitate Client’s purchase of the applicable Software or Services.
“Personal Data” means any information relating to an identified or identifiable natural person (i.e., Data Subject) who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
“Personal Data Breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed.
“Personal Information” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.
“PIPEDA” means the Personal Information Protection and Electronic Documents Act, as may be amended from time to time, a Canadian Act to support and promote electronic commerce by protecting personal information that is collected, used or disclosed in certain circumstances, by providing for the use of electronic means to communicate or record information or transactions.
“Professional Services” means the professional services described in any Statement of Work that may be agreed to between Client and Keyfactor. Professional Services shall be limited to training, implementation and implementation related services as well as any comparable services to which the Parties may agree from time to time. In the event Client desires to engage Keyfactor to provide consulting services, data management services or for the creation of custom deliverables, Client and Keyfactor shall enter into an amendment to this Agreement and a new Order Form for such services.
“Purchase Order” means any order that Client issues to Keyfactor under this Agreement for the purpose of purchasing Keyfactor Services.
“Software” means downloadable software utilized for providing Client-Hosted Services.
“Standard Contractual Clauses” or “SCCs” means the Standard Contractual Clauses for the transfer of personal data to third countries as published in the Decision of the European Commission of 4 June 2021 (Decision 2021/914) pursuant to the General Data Protection Regulation (EU) 2016/679.
“Statement of Work” means a document that establishes the scope of Professional Services to be performed, defines the context, describes specific tasks, activities and deliverables, and identifies the responsibilities of the Parties.
“Term” shall have the meaning given in Section 7(a).