Last Updated: April 2021

Thank you for using WhiteSource products and services. These Terms of Service (the “Terms”) constitute a binding agreement between you and WhiteSource Software, Inc., if you are an entity incorporated under the laws of the United States or Canada, or between you and White Source Ltd. in any other case (“WhiteSource”, “us”, “our” or “we”) and shall govern your use of the products and services made available to you on our websites and any other sub-domain operated by us (the “Service(s)”), as well as all information and data made available to you in connection with the Services (“Data”, and together with the Services, the “Platform”).

1.  Acceptance of Terms

By using or accessing any part of the Platform, you expressly acknowledge and agree to these Terms, our privacy policy (available at: https://www.whitesourcesoftware.com/privacy-policy/ (the “Privacy Policy“)) and any and all other applicable policies and notices, as are made available to you from time to time. In addition, if you are entering into these Terms on behalf of a company or other legal entity, you hereby warrant that you have authority to bind such entity to these Terms, in which case the terms “you” or “your” shall refer to such entity. You hereby waive any applicable rights to require an original (non-electronic) signature or delivery or retention of non-electronic records, to the extent not prohibited under applicable law. If you do not agree to these Terms or you do not have authority to enter into these Terms, you must not accept these Terms and may not use any part of the Platform.

We may amend these Terms at any time by posting an amended version of these Terms on our website. You can determine when these Terms were last modified by checking the “Last updated” notice on the top of this page. Your continued use of the Platform shall constitute your consent to any changes made. If you do not agree to the new or different terms, you should not use the Platform.

2. Accounts; Security

You may need to set up an account in order to use the Platform (an “Account”). When you are setting up your Account, you must give us accurate and complete information. Opening an Account will require us to obtain your name, e-mail address, and, in certain instances, your country location and/or company. Our use of any personal data you provide to us as part of the Account registration process is governed by the terms of our Privacy Policy. You may not use someone else’s Account without permission. This means that you cannot set up an Account using someone else’s name or contact information, or a phony name or phony contact information. You are solely responsible for the activity that occurs in your Account, and you must keep your Account password secured. If you find out that someone is using your Account without your permission, you must let us know immediately. You may not transfer your Account to someone else. We are not liable for any damages or losses caused by someone using your Account without your permission.

3.  License to Use our Platform; Restrictions on Use

You may use the Platform in accordance with these Terms, provided that:

• you are over 18 years old; and
• you do not copy or modify the Platform or any part thereof, including without limitation, any features, functions, graphics, data or information; and
• you follow all the rules and restrictions set forth in these Terms and our Privacy Policy.

We grant you a personal, non-exclusive, non-sublicensable, non-assignable, non-transferable, revocable right to use the Platform solely for your internal business operations and in accordance with these Terms.

You agree not to, and shall not permit any third party to: (i) access any part of the Platform without our consent, (ii) modify, translate, broadcast, transfer (by sale, resale, license, sublicense, download or otherwise), reverse engineer, decompile, disassemble, create derivative works of or copy any part of the Platform or otherwise seek to obtain or use the source code or non-public APIs of any part of the Platform, except to the extent expressly permitted by applicable law (and then only upon advance written notice to WhiteSource), (iii) remove, alter or obscure any proprietary notices, labels or marks on any component or portion of the Platform, (iv) market, sell, resell, rent, reproduce, display, distribute or lease any part of the Platform, (v) interfere with or disrupt the integrity or performance of any part of the Platform, (vi) use any part of the Platform for the benefit of any unauthorized third party including use of the Platform to operate as a service bureau, or hosting service, and/or (vii) attempt to gain unauthorized access to any part of the Platform, or their related systems or networks; (viii) breach any applicable local, national or international law, rule or regulation; (ix) access or use the Platform in the following territories: North Korea, Crimea, Cuba, Sevastopol, Sudan, Iran, Syria, Lebanon, Iraq, Libya, and the Palestinian Authority; or (x) transmit to the Platform any data, or send or upload any materials to the Platform that contain viruses, Trojan horses, worms, time-bombs, keystroke loggers, spyware, adware or any other harmful programs or similar computer code designed to adversely affect the operation of any computer software or hardware.

Further, without our prior written consent, you may not access or use any part of the Platform if you are a competitor of ours, or for the purpose of developing a competitive product or service to those provided by WhiteSource or for any benchmarking or other competitive purposes.

This license shall remain in effect until and unless these Terms are terminated by you or us (see section ‎10 for information about termination).

4.  Proprietary Rights

The Platform is licensed and not sold to you under these Terms and you acknowledge that WhiteSource and its licensors retain all right, title and interest (including all copyright, trade secret, trademark, patent and other intellectual property rights) (“WhiteSource IP”), and including all modifications, upgrades, customizations and derivative works made to the WhiteSource IP, in and to the Platform anywhere in the world (even after installation onto a computer owned by you or integration into your system), and that you have no rights in or to any part of the Platform other than the right to use in accordance with these Terms.

If you give us feedback, suggestions, comments, ideas or any other information relating to the Platform, for example recommendations for improvements or features (“Feedback”), that Feedback is solely owned by us and may become part of the Platform without any obligation or payment to you or restriction of any kind; provided that any such Feedback may not include a reference to you or to any other individual. We reserve all rights in and to the Platform unless we expressly state otherwise. The Platform contains proprietary and confidential information that is protected by applicable intellectual property and other laws.

In the event that you breach the terms of the license granted to you herein and such breach results in the creation of derivative works of any part of the Platform (“Derivative Works”), you hereby assign with full right and title guarantee all such Derivative Works to us. Such assignment does not preclude us from taking any legal or other action against you for contravention of these Terms, including for infringement of our intellectual property rights.

The content on the Platform is provided to you “as is” for your internal business use only and may not be exploited for any other purposes whatsoever without our prior written consent. If you download or print a copy of the content from our Platform, you must retain all copyright and other proprietary notices contained therein.

All brand, product and service names used in the Platform which identify WhiteSource or our licensors and our or their proprietary products and services are the trademarks or service marks of WhiteSource or our licensors. Nothing in the Platform shall be deemed to confer on any person any license or right on the part of WhiteSource or such Platform with respect to any such image, logo or name. We reserve all rights not expressly granted herein to the Platform.

5.  Project Data and Rights you give us

We claim no intellectual property rights in and to your applications, project, code, software, products or any material you provide or otherwise transmit to us via the Platform (“Customer IP”). For the avoidance of doubt, as between the parties, Customer retains full ownership of the Customer IP. You will be solely responsible for the accuracy, quality and legality of the information transmitted to us via the Platform.

To enable your use of the Platform, we need to inspect portions of your project and send parts of it to our servers. This information includes, but is not limited to, information relating to the project (such as the project name and metadata), information on dependencies, how the dependencies are being used and how they are referenced by the project and WhiteSource-related files and environmental information (“Project Information”). We may also collect Project Information for each of the project’s dependencies (“Dependency Information”). For these purposes, we require, and you hereby grant us, a worldwide, non-exclusive, royalty free license to store, use, reproduce, display and transmit the Project Information, the Dependency Information and any other materials transmitted via the Platform to the extent necessary to enable your use of the Platform, including monitoring services. This license shall remain in effect for as long as you have access to the Platform.

In addition, we may (i) compile statistical and other information related to the performance, operation and use of the Platform based, inter alia, on Project Information, the Dependency Information for our internal business use (e.g., monitor usage), and (ii) use data from the Platform cloud environment in an aggregated and anonymized form to create statistical analyses, for research and development purposes and to improve and market the Services (collectively, the “Analysis Data”). We may make Analysis Data available in a form that does not identify you or any other individual. You understand and acknowledge that certain portions of the Platform may contain a feature that sends Analysis Data along with other technical information regarding the operation of the Platform to WhiteSource. For the avoidance of doubt, this license granted to us will not expire upon termination of these Terms, or where you delete the relevant project from your Project Information.

6. Confidentiality

Either party hereunder (a “Disclosing Party“) may disclose to the other party (a “Receiving Party“) certain confidential information regarding its technology and business, including these Terms and its pricing (“Confidential Information”). Confidential Information  shall not include any information that was: (a) already in the possession of the Receiving Party without an obligation of confidentiality; (b) developed independently by the Receiving Party, as demonstrated by the Receiving Party, without use of, or reference to, the Disclosing Party’s Confidential Information; (c) obtained from a source other than the Disclosing Party without an obligation of confidentiality; or (d) publicly available when received, or thereafter became publicly available (other than through any unauthorized disclosure by the Receiving Party).

The Receiving Party agrees to hold all Confidential Information in strict confidence and not to disclose such Confidential Information to third parties other than its affiliates, employees, agents, consultants or subcontractors who have a need to know in connection with these Terms and will not use such Confidential Information for any purposes whatsoever other than the performance of these Terms. The Receiving Party agrees to advise and require its respective employees, agents, and subcontractors of their obligations to keep all Confidential Information confidential and shall remain responsible at all times for any breach of this Section 6 by any of its employees, agents, and subcontractors as if such breach was made by Receiving Party directly. The Receiving Party agrees to treat the Confidential Information it receives with the same degree of care as it treats its own Confidential Information and in any event no less than a reasonable degree of care.

In addition, the Receiving Party may disclose Confidential Information if legally compelled by a court or other competent authority to disclose Confidential Information, provided that the Receiving Party gives the Disclosing Party reasonable prior written notice of such requirement prior to such disclosure and reasonable assistance in obtaining an order protecting the information from disclosure and discloses only such minimal portion of the Confidential Information required to be disclosed.

The provisions of this Section 6 shall survive the termination or expiration of these Terms for a period of 5 (five) years, except that trade secrets shall be protected according to the applicable law.

7. Warranty; Disclaimer of Warranties

7.1.      Each party represents and warrants that: (i) it is duly organized under applicable law and has sufficient authority to enter into these Terms; (ii) it shall comply with applicable federal, state, local, or other laws and regulations applicable to the performance by it of its obligations under these Terms and shall obtain all applicable permits, consents and licenses required of it in connection with its obligations under these Terms. WhiteSource further represents and warrants that its Platform does not, to its actual knowledge, infringe the intellectual property rights of any third party.

7.2. EXCEPT AS EXPRESSLY SET FORTH HEREIN, YOUR USE OF AND RELIANCE ON THE PLATFORM IS AT YOUR OWN RISK. THE PLATFORM IS PROVIDED ON AN “AS IS” AND “AS AVAILABLE” BASIS. WHITESOURCE AND ITS AFFILIATES, SUPPLIERS AND PARTNERS EXPRESSLY DISCLAIM TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, ALL WARRANTIES OF ANY KIND, WHETHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF TITLE, MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT AND THOSE ARISING BY STATUTE OR FROM A COURSE OF DEALING OR USAGE OF TRADE.

WHITESOURCE AND ITS AFFILIATES, LICENSORS AND PARTNERS MAKE NO WARRANTY THAT (I) THE SERVICES OR ANY PRODUCTS PURCHASED THROUGH THE PLATFORM WILL MEET YOUR REQUIREMENTS; (II) THE PLATFORM WILL BE UNINTERRUPTED OR ERROR-FREE; (III) THAT THERE WILL BE NO ERRORS IN THE PLATFORM OR THAT WHITESOURCE WILL FIX ANY ERRORS; (IV) THE PLATFORM WILL BE ABLE TO FIND AND MONITOR ALL VULNERABILITIES IN ALL DEPENDENCIES (INCLUDING ALL OPEN SOURCE DEPENDENCIES) INCLUDED OR USED IN YOUR APPLICATION; OR (V) WE HAVE THE ABILITY TO FIX ALL VULNERABILITIES DISCOVERED USING THE PLATFORM. WHITESOURCE WILL NOT BE LIABLE OR RESPONSIBLE FOR: (A) ANY TECHNICAL PROBLEMS OF THE INTERNET (INCLUDING WITHOUT LIMITATION SLOW INTERNET CONNECTIONS OR OUTAGES); AND/OR (B) ANY ISSUE THAT IS ATTRIBUTABLE TO YOUR HARDWARE OR SOFTWARE OR YOUR INTERNET OR DATA SERVICE PROVIDER.

ANY MATERIALS OBTAINED THROUGH USE OF THE PLATFORM ARE OBTAINED AT YOUR OWN DISCRETION AND RISK AND WHITESOURCE SHALL NOT BE RESPONSIBLE FOR ANY DAMAGE CAUSED TO YOUR COMPUTER OR DATA RESULTING FROM USE OF THE PLATFORM OR ANY CONTENT OBTAINED FROM THE PLATFORM.

YOU FURTHER ACKNOWLEDGE THAT WHITESOURCE DOES NOT OFFER A WARRANTY OR MAKE ANY REPRESENTATION REGARDING ANY CONTENT, REPORTS, INFORMATION, OR RESULTS THAT YOU OBTAIN THROUGH USE OF OUR PLATFORM (“COLLECTIVELY, “REPORTS”), OR THAT THE REPORTS ARE COMPLETE OR ERROR-FREE. THE REPORTS DO NOT CONSTITUTE LEGAL OR ANY OTHER PROFESSIONAL ADVICE AND WE DO NO NOT GUARANTEE IT IS A COMPLETE SOURCE OF ALL VULNERABILITIES AND LICENSE ISSUES FOR ALL DEPENDENCIES OR THAT IT IS RELEVANT OR SUITED TO ALL THE DEPENDENCIES INCLUDED OR USED BY YOUR APPLICATION, AND YOU UNDERSTAND THAT ANY DETERMINATION REGARDING THE SUBJECT MATTER OF ANY REPORT AND/OR ANY SOFTWARE COMPONENT THAT YOU USE OR ARE CONSIDERING TO USE SHALL BE MADE IN YOUR SOLE DISCRETION. YOU FURTHER ACKNOWLEDGE THAT THE SUGGESTIONS MADE BY US IN RELATION TO FIXES (WHETHER FOR UPDATES, PATCHES OR MONITORING SERVICES) ARE PROVIDED FOR GENERAL INFORMATION ONLY AND HAVE NOT BEEN MADE WITH YOUR PARTICULAR REQUIREMENTS IN MIND. IT IS THEREFORE NOT INTENDED TO AMOUNT TO ADVICE ON WHICH YOU SHOULD SOLELY RELY. WE WILL NOT BE LIABLE TO YOU FOR OUR FAILURE TO FIND, FIX AND MONITOR DEPENDENCIES, OR FOR ANY DAMAGE OR LOSS SUFFERED AS A RESULT OF A FIX DEPLOYED. THIS SECTION APPLIES WHETHER OR NOT THE SERVICES PROVIDED TO YOU UNDER THE PLATFORM ARE FREE OF CHARGE.

SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO THE ABOVE EXCLUSION MAY NOT APPLY TO YOU. YOU MAY ALSO HAVE OTHER LEGAL RIGHTS, WHICH VARY AMONG JURISDICTIONS.

8. Limitation of Liability

TO THE FULLEST EXTENT PERMITTED UNDER LAW, WHITESOURCE AND ITS AFFILIATES, SUPPLIERS AND PARTNERS HAVE NO OBLIGATION OR LIABILITY (WHETHER ARISING IN CONTRACT, WARRANTY, TORT (INCLUDING NEGLIGENCE), PRODUCT LIABILITY OR OTHERWISE) FOR ANY INDIRECT, INCIDENTAL, SPECIAL, PUNITIVE, OR CONSEQUENTIAL DAMAGES, OR LIABILITIES (INCLUDING, BUT NOT LIMITED TO, LIABILITY CONCERNING ANY LOSS OF DATA, REVENUE OR PROFIT), ARISING FROM OR RELATED TO THESE TERMS OR YOUR USE OF THE PLATFORM, DOCUMENTATION OR DATA, OR ANY REPORT OR CONTENT PROVIDED BY OR THROUGH THE PLATFORM, EVEN IF WE HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES IN ADVANCE. THE FOREGOING LIMITATION APPLIES TO DAMAGES ARISING FROM (I) YOUR USE OR INABILITY TO USE OUR PLATFORM; (II) COST OF PROCUREMENT OF SUBSTITUTE SERVICES RESULTING FROM ANY SERVICES PURCHASED THROUGH OR FROM OUR PLATFORM; (III) THIRD PARTY CONTENT MADE AVAILABLE TO YOU THROUGH THE PLATFORM; OR (IV) ANY OTHER MATTER RELATING TO THE PLATFORM. SOME JURISDICTIONS MAY NOT ALLOW THE LIMITATION OR EXCLUSION OF INCIDENTAL, CONSEQUENTIAL OR OTHER TYPES OF DAMAGES, SO SOME OF THE ABOVE LIMITATIONS MAY NOT APPLY.

NOTWITHSTANDING ANYTHING TO THE CONTRARY CONTAINED HEREIN, EXCEPT FOR A PARTY’S BREACH OF ITS CONFIDENTIALITY UNDERTAKINGS, NEIGTHER PARTY’S LIABILITY AND THE LIABILITY OF EACH OF ITS OFFICERS, DIRECTORS, INVESTORS, EMPLOYEES, AGENTS, ADVERTISERS, LICENSORS, SUPPLIERS, SERVICE PROVIDERS AND OTHER CONTRACTORS TO THE OTHER PARTY OR ANY THIRD PARTIES UNDER ANY CIRCUMSTANCE SHALL EXCEED THE HIGHER OF(i) THE AMOUNT OF FEES ACTUALLY PAID BY YOU TO US IN CONNECTION WITH THE TWELVE (12) MONTHS PERIOD PRECEDING THE EVENT GIVING RISE TO THE CLAIM, OR (ii) $100.

9. Indemnity

9.1. By WhiteSource. WhiteSource will indemnify, defend and hold you and your officers, directors, agents, and employees harmless from and against any damages losses, expenses, and fines (including reasonable attorneys’ fees, costs, and expenses) (“Damages”) awarded against you by a court of competent jurisdiction, or paid in settlement (subject to Section 9.3 below), in connection with a claim suit or proceeding by a third party (“Claim”) that the Platform, as used by you in accordance with these Terms, infringes any copyright, patent, trade secret or any other intellectual property right of a third party; provided, however, that WhiteSource’s indemnification obligations shall not extend to claims based on: (i) an unauthorized modification or use of the Platform made by any third party other than WhiteSource, where the Platform, without such modification or unauthorized use, would not be infringing; (ii) the combination of the Platform with any other software, data or program(s) not supplied by WhiteSource, where the Platform, without such combination, would not be infringing; or (iii) the use by you of any version of the Platform which is not the latest available version of the Platform that was made available by WhiteSource. If any Claims of infringement arise, or WhiteSource believes a Claim of infringement is possible, WhiteSource shall have the right at its sole option and expense to: (a) obtain for you the right to continue the use of the Platform; (b) replace or modify the allegedly infringing part of the Platform so that it becomes non-infringing while giving substantially equivalent performance; or (c) if WhiteSource determines that the foregoing remedies are not commercially reasonable, terminate these Terms and you will be refunded of any prepaid fees on a pro rata basis. The Indemnification as stated in this Section, shall be considered as our entire liability and your exclusive remedy for infringement.

9.2. By You. You will indemnify, defend and hold harmless WhiteSource and its officers, directors, agents, and employees from and against any Damages (i) in connection with a third party Claim alleging that use of the Project Information, the Dependency Information or your application, software or code, as used by us in accordance with these Terms infringes or misappropriates any intellectual property or privacy rights of a third party; and (ii) or arising from your unauthorized use of the Platform, unless such use is otherwise agreed to in writing by the parties.

9.3. If a party hereunder is entitled to indemnification pursuant to this Section 9 (the “Indemnified Party”), the Indemnified Party shall give the other party (the “Indemnifying Party”) prompt written notice and provide the Indemnifying Party, at Indemnifying Party’s option, control of the defense against the Claim at its own expense, and by counsel reasonably satisfactory to the Indemnified Party. The Indemnified Party shall cooperate, at the expense of the Indemnifying Party, with the Indemnifying Party and its counsel in the defense and the Indemnified Party shall have the right to participate fully, at its own expense, in the defense of such Claim. Any compromise or settlement of a Claim shall require the prior written consent of both parties hereto, such consent not to be unreasonably withheld or delayed.

10. Suspension and Termination

10.1. We may suspend your permission to use the Platform or block any IP Address, without notice upon any material or persistent violation of these Terms, if required to avoid harm to WhiteSource or any third party, upon your failure to pay any fees when due (subject to prior written notice in such case), upon the request of law enforcement or government agencies, or for engagement by you in fraudulent or illegal activities.

10.2. We may further terminate your use of and access to the Platform and your Account for material breach of these Terms, in which case we will not refund any fees you may have paid for access to the Platform (if applicable).

Upon any termination, (i) all rights granted to you under these Terms, including the license in Section ‎3, shall terminate, (ii) you must immediately uninstall, permanently delete or remove from all computer equipment in your possession or control, and destroy or return to us all copies of, any of the documentation, data, and our software used in the provision of the Platform, and (iii) we will delete your Account, disable your passwords and will bar you from further use of the Platform. You agree that we will have no liability to you or any third party for termination of your Account or access to the Platform. Upon your written request, we may provide you with limited access to your Account for 30 additional days following termination to allow you to download your data from the Platform. Any data contained in your Account thereafter shall be deleted. Any outstanding balance through the date of termination and other unpaid fees will become immediately due and payable in full (subject to Section 10.3. below).

10.3. You may terminate these Terms in case of our material breach of these Terms by providing us with a 30-day prior written notice to allow us to cure any such material breach. In case of termination by you pursuant to this Section 10.3, we shall refund to you all prepaid amounts on a pro rata basis. Except as specified in this Section 10.3. all fees are non-refundable.

11. Third Party Terms

Certain portions of the Platform may utilize the services and/or products as well as links to other websites of third-party vendors and business partners, which services and/or products may include software, information, data or other services. Some of these vendors and partners require users who utilize such features to agree to additional terms and conditions. Your use of such features constitutes your agreement to be bound by those additional terms and conditions. Those third party terms are subject to change at such third party’s discretion.

You must use your own discretion when you go to other websites or use third parties’ products or services.

12. Additional Third-Party Terms for Deliverables

The following paragraph shall apply in case of downloadable Services or products from our website or in connection with on-premise installation of the Platform only (Deliverables).

The Platform may contain or may be provided in conjunction with Open Source Software, including some or all of those detailed in the notices file provided with the Platform. To the extent so indicated by an Open Source License referenced in such notices file, the Open Source Software corresponding to such Open Source License, is licensed directly to you by its respective licensors and is subject to its respective Open Source License, and not to these Terms. Any terms included in such Open Source License shall be deemed to be imposed by reference herein and shall supersede any conflicting provisions herein, solely with respect to the corresponding Open Source Software which is governed by such Open Source License.

If, and to the extent, an Open Source License detailed in the notices file requires that the source code of its corresponding Open Source Software be made available to you, and such source code was not delivered to you with the Platform, then only during the period prescribed in such Open Source License you can request to obtain from WhiteSource such source code by contacting us at the email address: OSS@whitesourcesoftware.com.You are solely responsible to flow-down the foregoing provisions on Open Source Software to any additional end user to which WhiteSource provides the Platform.

13. Independent Contractors

You and WhiteSource are independent contractors. Nothing in these Terms creates a partnership, joint venture, agency, or employment relationship between you and WhiteSource. You must not under any circumstances make, or undertake, any warranties, representations, commitments or obligations on behalf of WhiteSource.

14. Additional Features and Products; Updates and Upgrades

These Terms will apply to any new services, features or functionality (including Revisions as defined below) as may be offered by us from time to time, unless they come with separate or additional terms, in which case you will be required to agree to such separate or additional terms before being permitted to use the new services, features or functionality.

We may from time to time offer features and services for free (“Free Services”), but we may add paid subscription plans to the Free Services in the future either in addition to the free option or instead of it. You are responsible for monitoring your use of the Free Services in accordance with your subscription plan. Any paid subscription plan may be accompanied by additional licenses, terms of sale and warranty provisions. If any time you exceed the limit of your subscription plan, we reserve the right to charge you for the relevant fees owed as a result of your use outside the scope of your plan.

We may from time to time provide updates or upgrades to the Platform (each a “Revision”), but are not under any obligation to do so. Such Revisions will be supplied according to our then-current policies, which may include automatic updating or upgrading without any additional notice to you. You consent to any such automatic updating or upgrading of the Platform.

15. Assignment

Neither party will assign or transfer any rights, licenses or obligations under these Terms without the prior written consent of the other party, provided, however, that WhiteSource may assign these Terms (i) pursuant to a merger or sale of all or substantially all of its assets or capital stock; or (ii) to any successor or assignee of all or substantially all of WhiteSource’s business. Subject to the foregoing conditions, these Terms shall be binding upon and inure to the benefit of each party and its respective successors and assigns. Except as permitted by the foregoing, any attempted assignment or transfer shall be null and void.

16. Governing Law & Jurisdiction

These Terms shall be (i) construed and governed in accordance with the laws of the State of New York (except for conflict of law provisions) and competent courts of New York, New York, USA shall have jurisdiction in any conflict or dispute arising out of these Terms if you are an entity incorporated under the laws of the United States or Canada; or (ii) construed and governed in accordance with the laws of England and Wales (except for conflict of law provisions) and competent courts of London, United Kingdom shall have jurisdiction in any conflict or dispute arising out of these Terms if you are incorporated outside of the US and Canada; provided that WhiteSource may in any event seek injunctive relief in any court of competent jurisdiction. The application of the United Nations Convention of Contracts for the International Sale of Goods is expressly excluded. The failure of either party to enforce any rights granted hereunder or to take action against the other party in the event of any breach hereunder shall not be deemed a waiver by that party as to subsequent enforcement of rights or subsequent actions in the event of future breaches.

17. General

These Terms shall constitute the entire agreement between you and WhiteSource concerning your use of the Platform. If any provision of these Terms is deemed invalid by a court of competent jurisdiction, the invalidity of such provision shall not affect the validity of the remaining provisions of these Terms, which shall remain in full force and effect. Any terms and conditions that may be included in your purchase order, including any electronic invoicing portals and vendor registration processes, shall be deemed to be solely for administrative purposes and shall have no legal effect. No waiver of any term of these Terms shall be deemed a further or continuing waiver of such term or any other term, and a party’s failure to assert any right or provision under these Terms shall not constitute a waiver of such right or provision. YOU AGREE THAT ANY CAUSE OF ACTION THAT YOU MAY HAVE ARISING OUT OF OR RELATED TO THE PLATFORM MUST COMMENCE WITHIN ONE (1) YEAR AFTER BECOMING AWARE OF THE CAUSE OF ACTION. OTHERWISE, SUCH CAUSE OF ACTION IS PERMANENTLY BARRED.

Dated: October, 2020

This privacy policy (“Privacy Policy”) governs how we, White Source Ltd. (“WhiteSource” “we”, “our” or “us”) use, collect and store information pertaining to you (“User”, “you”) in the following use cases:

1. When you browse or visit of one of our following websites: https://app.whitesourcesoftware.com, https://app-eu.whitesourcesoftware.com, https://bolt.whitesourcesoftware.com, https://renovate.whitesourcesoftware.com, https://saas.whitesourcesoftware.com, https://vuln.whitesourcesoftware.com, https://www.whitesourcesoftware.com and any other sub-domain operated by us (“Website”);
2. When you create an account and/or log in to our Platform or use our Services (as these terms are defined in our Terms of Service, available at https://renovate.whitesourcesoftware.com/terms-of-service/);
3. When you request a free trial;
4. When you commence direct communications with us (for example through our help desk chat or Contact Us page on the Website);
5. When we use your log data;
6. When you submit your resume for one of the positions offered on our Website;
7. When we use the personal data of our service providers and our suppliers (e.g., contact details).
8. When we acquire your Personal Data from third-party sources (such as lead-generation companies).

We greatly respect your privacy, which is why we make every effort to provide a platform that would live up to the highest of user privacy standards. Please read this Privacy Policy carefully, so you can fully understand our practices in relation to Personal Data. “Personal Data” means any information that can be used, alone or together with other data, to uniquely identify any living human being. Please note that this is a master privacy policy and some of its provisions only apply to individuals in certain jurisdictions. For example, the legal basis in the table below is only relevant for GDPR-protected individuals.

Table of contents:

1. What Personal Data we Collect, Why we Collect it, and How it is Used
2. Period of Storage of Collected Information
3. How we Protect your Personal Data
4. How we share your Personal Data
5. Information About You that we Get from Third-Parties
6. Additional Information Regarding Transfers of Personal Data
7. Your Rights; How to Delete your Account;
8. Analytic Tools;
9. Links to and Interaction with Third Party Products;
10. Specific Provisions Applicable Under California Law;
11. Use by Children
12. Contact Us

This Privacy Policy may be updated from time to time and therefore we ask you to check back periodically for the latest version of the Privacy Policy, as indicated below. If there will be any significant changes made to the use of your Personal Data in a manner different from that stated at the time of collection, we will notify you by posting a notice on our Website or by other means.

1. WHAT PERSONAL DATA WE COLLECT, WHY WE COLLECT IT, AND HOW IT IS USED

1. 2. PERIOD OF STORAGE OF COLLECTED INFORMATION

• Retention Personal Data. Your personal data (as described above) will be stored until we: (i) no longer need the information and proactively delete it or (ii) you send a valid deletion request. Please note that we will retain it for a longer or shorter period in accordance with data retention laws.

• Additional Information on Data Retention. Other circumstances in which we will retain your personal data for longer periods of time include: (i) where we are required to do so in accordance with legal, regulatory, tax or accounting requirements, or (ii) for us to have an accurate record of your dealings with us in the event of any complaints or challenges, or (iii) if we reasonably believe there is a prospect of litigation relating to your personal data or dealings. We have an internal data retention policy to ensure that we do not retain your personal data perpetually. Regarding retention of cookies, you can read more in our cookie policy (available in the link provided above).

3. HOW WE PROTECT YOUR PERSONAL DATA

We have implemented appropriate technical, organizational and security measures designed to reduce the risk of accidental destruction or loss, or the unauthorized disclosure or access to such information appropriate to the nature of the information concerned. However, please note that we cannot guarantee that the information will not be exposed as a result of unauthorized penetration to our servers. Nevertheless, we make commercially reasonable efforts to make the collection and security of such information consistent with this Privacy Policy and all applicable laws and regulations. As the security of information depends in part on the security of the computer, device or network you use to communicate with us and the security you use to protect your user IDs and passwords, please make sure to take appropriate measures to protect this information.

4. HOW WE SHARE YOUR PERSONAL DATA 

In addition to the recipients described in the table above, we may share your personal data as follows:

• To the extent necessary, with regulators, to comply with all applicable laws, regulations and rules, and requests of law enforcement, regulatory and other governmental agencies or if required to do so by court order;
• If, in the future, we sell or transfer some or all of our business or assets to a third party, we will (to the minimum extent required) disclose information to a potential or actual third-party purchaser of our business or assets, or in the event of bankruptcy or a comparable event, we reserve the right to transfer or assign Personal Data in connection with the foregoing events.
• Where you have provided your consent to us sharing the Personal Data (e.g., where you provide us with marketing consents or opt-in to optional additional services or functionality).
• Where we receive requests for information from law enforcement or regulators, we carefully validate these requests before any Personal Data is disclosed.

For more information on the recipients of your personal data, please contact us at: dpo@whitesourcesoftware.com

5. INFORMATION ABOUT YOU THAT WE GET FROM THIRD-PARTIES 

• If you access our Services through connected third party applications (such as Google, GitHub, GitLab or Microsoft), we will receive certain information (including Personal Data, as described in Section 1) about you from the provider of such third party applications. The scope of information we receive depends on your third party application privacy settings.
• If you access our Services from a third-party application or connect our Services to a third-party application, you should also read that third-party application’s terms of service and privacy policy.
• If you are unclear about what information a third-party application is sharing with us, please go to the third-party application to find out more about their privacy practices.

6. ADDITIONAL INFORMATION REGARDING TRANSFERS OF PERSONAL DATA

• Internal transfers: We ensure transfers with the affiliated companies of WhiteSource will be covered by an agreement entered into by members of the WhiteSource group which contractually obliges each member to ensure that personal data receives an adequate and consistent level of protection wherever it is transferred to. 

• External transfers: Where we transfer your personal data outside of the EU/EEA, for example to third parties who help provide our products and services, we will obtain contractual commitments and or assurances from them to protect your Personal Data or rely on adequacy decisions issued by the European Commission. Some of these assurances are well recognized certification schemes, which you can read more about here: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en; and

• Where we receive requests for information from law enforcement or regulators, we carefully validate these requests before any personal data is disclosed.

7. YOUR RIGHTS; HOW TO DELETE YOUR ACCOUNT  

• Rights. The following rights (which may be subject to certain exemptions or derogations), shall apply to individuals who are protected by the GDPR. Some of these rights may also apply under your applicable law:

• You have a right to access personal data held about you. Your right of access may normally be exercised free of charge, however we reserve the right to charge an appropriate administrative fee where permitted by applicable law;
• You have the right to request that we rectify any personal data we hold that is inaccurate or misleading;
• You have the right to request the erasure/deletion of your personal data (e.g., from our records). Please note that there may be circumstances in which we are required to retain your personal data, for example for the establishment, exercise or defense of legal claims;
• You have the right to object, to or to request restriction, of the processing;
• You have the right to data portability. This means that you may have the right to receive your personal data in a structured, commonly used and machine-readable format, and that you have the right to transmit that data to another controller;
• You have the right to object to profiling;
• You have the right to withdraw your consent at any time. Please note that there may be circumstances in which we are entitled to continue processing your data, in particular if the processing is required to meet our legal and regulatory obligations. Also, please note that the withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal;
• You also have a right to request certain details of the basis on which your personal data is transferred outside the European Economic Area, but data transfer agreements and/or other details may need to be partially redacted for reasons of commercial confidentiality;
• You have a right to lodge a complaint with your local data protection supervisory authority (i.e., your place of habitual residence, place or work or place of alleged infringement) at any time or before the relevant institutions in your place of residence. We ask that you please attempt to resolve any issues with us before you contact your local supervisory authority and/or relevant institution.

You can exercise your rights by contacting us at dpo@whitesourcesoftware.com. Subject to legal and other permissible considerations, we will make every reasonable effort to honor your request promptly or inform you if we require further information in order to fulfill your request. When processing your request, we may ask you for additional information to confirm your identity and for security purposes, before disclosing the Personal Data requested to you. We reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive. In the event that your request would adversely affect the rights and freedoms of others (for example, would impact the duty of confidentiality we owe to others) or if we are legally entitled to deal with your request in a different way than initial requested, we will address your request to the maximum extent possible, all in accordance with applicable law.

• Deleting your account. you ever decide to delete your Account, you may do so by emailing dpo@whitesourcesoftware.com. If you terminate your Account, any association between your Account and information we store will no longer be accessible through your Account. However, in certain portions of the Services, any public activity on your Account relating to such Services will remain stored on our servers (or on third party servers) prior to deletion and will remain accessible to the public.

8. ANALYTIC TOOLS

Google Analytics. The Website may use a tool called “Google Analytics” to collect information about use of the Website. Google Analytics collects information such as how often users visit this site, what pages they visit when they do so, and what other sites they used prior to coming to this Website. We use the information we get from Google Analytics to maintain and improve the Website and our products. We do not combine the information collected through the use of Google Analytics with personally identifiable information. Google’s ability to use and share information collected by Google Analytics about your visits to this Website is restricted by the Google Analytics Terms of Service, available at http://www.google.com/analytics/terms/us.html/, and the Google Privacy Policy, available at http://www.google.com/policies/privacy/. You may learn more about how Google collects and processes data specifically in connection with Google Analytics at http://www.google.com/policies/privacy/partners/. You may prevent your data from being used by Google Analytics by downloading and installing the Google Analytics Opt-out Browser Add-on, available at https://tools.google.com/dlpage/gaoptout/.

9. LINKS TO AND INTERACTION WITH THIRD PARTY PRODUCTS

The Website may enable you to interact with or contain links to your third party account and other third party websites, and services that are not owned or controlled by us (each, a “Third Party Service”). We are not responsible for the privacy practices or the content of such Third Party Services. Please be aware that Third Party Services may collect Personal Information from you. Accordingly, we encourage you to read the terms and conditions and privacy policy of each Third Party Service that you choose to use or interact with.

10. SPECIFIC PROVISIONS APPLICABLE UNDER CALIFORNIA LAW
    • Access Requests. California Civil Code Section 1798.83 (and other, similar state statutes) permits our customers who are California residents (or residents of states with similar statutes) to request certain information regarding our disclosure of Personal Data to third parties for their direct marketing purposes. To make such a request, please send an email to dpo@whitesourcesoftware.com. Please note that we are only required to respond to one request per customer each year.
    • Deletion Of Content From California Residents. If you are a California resident under the age of 18 and a registered user, California Business and Professions Code Section 22581 permits you to remove content or Personal Data you have publicly posted. If you wish to remove such content or Personal Data and you specify which content or Personal Data you wish to be removed, we will do so in accordance with applicable law.  Please be aware that after removal you will not be able to restore removed content. In addition, such removal does not ensure complete or comprehensive removal of the content or Personal Data you have posted and that there may be circumstances in which the law does not require us to enable removal of content.
    • Our California Do Not Track Notice. We do not currently respond or take any action with respect to web browser “do not track” signals or other mechanisms that provide consumers the ability to exercise choice regarding the collection of personal information about an individual consumer’s online activities over time and across third-party web sites or online services. We may allow third parties, such as companies that provide us with analytics tools, to collect personal information, subject to applicable law, about an individual consumer’s online activities over time and across different web sites when a consumer uses the Services.

11. USE BY CHILDREN 

We do not offer our products or services for use by children. If you are under 18, you may not use the Website, or provide any information to the Website without the involvement of a parent or a guardian. We do not knowingly collect information from, and/or about children.

12. CONTACT US 

If you have any questions, concerns or complaints regarding our compliance with this notice and the data protection laws, or if you wish to exercise your rights, we encourage you to first contact us at dpo@whitesourcesoftware.com.