By accepting this Subscription agreement (the “Agreement”), such as by clicking a box indicating acceptance or otherwise manifesting acceptance, you (the “Subscriber”) agree to the terms of this Agreement. If you are entering into this Agreement on behalf of a company the term “Subscriber” shall refer to such entity, and you represent that you are authorized to bind such entity and its Corporate Affiliates to these terms and conditions. If you do not have such authority, or if you do not agree with these terms and conditions, you must not accept this Agreement and may not use the Services.

Subscriber may not use or access the Services if it is a direct competitor of eComEngine, except with eComEngine’s prior written consent.

This Agreement was last updated in May 2018. It is effective between Subscriber and eComEngine as of the date Subscriber accepts this Agreement.

1. Definitions. All defined terms apply to this Agreement except where expressly stated otherwise. For ease of reference, some terms are defined elsewhere in this Agreement.
   1. “Claims” or “Claim” means, collectively, lawsuits, actions, complaints, claims, assertions of liability (whether oral or written), losses, damages, liabilities, awards, costs and expenses.
   2. “Competitor of eComEngine” means any person or entity that offers products or services to third parties in the field of Amazon seller support and software tools.
   3. “Confidential Information” is defined in section 12.B of this Agreement.
   4. “Corporate Affiliate” is another corporate entity that is controlled by, under the control of, or under common control with, another corporate entity, with control being at least 51% ownership of voting stock or membership.
   5. “Days” means calendar days, not business days, unless expressly stated otherwise.
   6. “Intellectual Property” means all intellectual property rights and includes patentable inventions, copyrights, trade secrets, trademarks, service marks, certification marks, and domain name rights. Intellectual Property also includes all patents and patent applications, and the reissues, divisions, continuations, renewals, extensions, continuations-in-part, and improvements thereof.
   7. “Methodology” is defined in section 4 of this Agreement.
   8. “Named Users” means specific, named individuals who are authorized by Subscriber to use the Services, and who have been supplied user identifications and passwords for the Services. Named Users may be Subscriber’s employees or contractors, subject to the terms of this Agreement, including its confidentiality and trade secret provisions.
   9. “Party” means one of the parties to the Agreement. “Parties” means both parties to the Agreement: Subscriber and eComEngine.
   10. “Services” means the online usage of the Software features and capabilities selected by Subscriber. Subscription fees are determined based upon the Software features and capabilities selected by Subscriber.
   11. “Software” means eComEngine’s Amazon seller support and software tools.
   12. “Subscriber” means the person or corporate entity entering into this Agreement with eComEngine. If a person is entering into this Agreement for his or her sole use of the Services he or she is the Subscriber. If that person is entering into this Agreement on behalf of a company or other legal entity, that company or other legal entity is the Subscriber; in that case, the person entering into this Agreement represents that he or she has the authority to bind such entity and its Corporate Affiliates to this Agreement.
   13. “Subscriber Data” means all electronic data or information submitted by Subscriber as part of Subscriber’s use of the Services.
   14. “Subscription” means the license purchased by the Subscriber to use the Services.
   15. “Subscription Term” means the time-length of the term of the Subscription purchased by Subscriber. Unless expressly indicated otherwise by eComEngine in writing, a Subscription is for one month measured from the date of the purchase of the Subscription by Subscriber. A Subscription Term automatically renews for an additional month unless terminated before renewal.
2. Services.
   1. Provision of Services. eComEngine shall make the Services available to Subscriber pursuant to this Agreement for the duration of the Subscription Term. This Agreement is not contingent on including future functionality or features with the Services and is not entered into in reliance on any promise or representation by eComEngine or its agents concerning any future functionality or features of the Services.
   2. Adding to a Subscription. A Subscriber can subscribe for additional Services at any time via the user interface. When additional Services are added the system will automatically cause those Services to have the same Subscription renewal date as the initial Subscription.
   3. eComEngine has the Services hosted by a third party (the “Services Hosting Provider”), which also hosts the Subscriber Data. eComEngine bears responsibility for the Services Hosting Provider as if eComEngine was hosting the Services, including the Subscriber Data. All references in this Agreement to eComEngine regarding the Services and Subscriber Data implicitly include its Services Hosting Provider in all permissions granted to eComEngine. For example, eComEngine’s use of a Services Hosting Provider shall not be a breach of any confidentiality obligation imposed on eComEngine. eComEngine may change the Services Hosting Provider at any time in eComEngine’s sole discretion, and it may take some or all of the functions of the Services Hosting Provider in-house at eComEngine at eComEngine’s sole discretion.
   4. eComEngine may hire another company to provide limited services on its behalf (“Subprocessor”), provided that eComEngine complies with the provisions of this Clause. Any such Subprocessors will be permitted to process personal data only to deliver the services eComEngine has retained them to provide, and they shall be prohibited from using personal data for any other purpose. eComEngine remains responsible for its Subprocessors’ compliance with the obligations of the Data Processing Agreement (“DPA”) included as Appendices 1-3. Any Subprocessors to whom eComEngine transfers personal data will have entered into written agreements with eComEngine requiring that the Subprocessor abide by terms substantially similar to the DPA. A list of Subprocessors is available upon request. If the Subscriber requires prior notification of any updates to the list of subprocessors, the Subscriber can request such notification in writing by emailing gdpr@ecomengine.com. eComEngine will update the list within thirty (30) days of any such notification if the Subscriber does not legitimately object within that timeframe. Legitimate objections must contain reasonable and documented grounds relating to a Subprocessor’s non-compliance with applicable Data Protection Legislation. If, in eComEngine’s reasonable opinion, such objections are legitimate, the Subscriber may, by providing written notice to eComEngine, terminate the Agreement.
   5. Subscription License Grant. For as long as Subscriber does not breach any terms of this Agreement and fail to cure such breach pursuant to this Agreement, eComEngine grants to Subscriber a nontransferable (except as provided expressly herein) license, subject to all of the Terms of this Agreement, for the Subscription Term, to use the Services. Under no circumstances shall Subscriber be entitled to receive the object or source code to the Software, even if eComEngine breaches the Agreement. This license grant is limited to the express terms of this Agreement; no other uses of the Services or Software are impliedly licensed. This Agreement sometimes refers to the license to use the Services as the “Subscription.”
   6. Use of Subscription by Corporate Affiliates. Subscriber may name as Named Users individuals who are employed by Corporate Affiliates of the Subscriber. In that case, Subscriber agrees that all such Corporate Affiliates are bound by the terms of this Agreement.
   7. Limitations on License Grant.
      1. Subscriber may not sublicense or rent the Services to others.
      2. Subscriber may use the Services for its internal business purposes only.
      3. Subscriber may not timeshare the Services with another entity.
      4. Subscriber may not reverse engineer or decompile the Services.
      5. Subscriber may not modify the Services or make derivative works from the Services.
      6. Subscriber may not use the Services or the Methodology to create similar software or services.
      7. Subscriber shall not use the Methodology to create software or services that Subscriber directly or indirectly licenses to others or to perform consulting services for others.
      8. Subscriber shall treat the Services as Confidential Information.
      9. The Parties agree the Agreement constitutes a license, not a sale, of the Services. Any attempt by Subscriber to transfer the license to the Services, except as expressly permitted by the Agreement or permitted in writing by eComEngine, shall cause immediate termination of the Subscription.
   8. Exceeding the License Grant. Should Subscriber exceed the license grant for the Services (e.g., violate any prohibition contained in section 2.G of this Agreement) and not cure that violation (if this Agreement permits cure) within the time provided in this Agreement for cure of a contract breach, and should eComEngine undertake litigation against Subscriber to protect eComEngine’s interests, in such litigation the prevailing Party shall be entitled to recover its reasonable attorneys’ fees and costs.
3. Intellectual Property Ownership; Trade Secret Property. The Software and Services are and shall remain the exclusive Intellectual Property of eComEngine. Subscriber does not acquire any ownership stake in the Software or Services because of this Agreement. Subscriber acknowledges, shall not challenge, and shall not voluntarily aid any third party in challenging eComEngine’s Intellectual Property ownership of the Software and Services. eComEngine will own and have all rights to any suggestions, recommendations or improvements to the Software or Services described by Subscriber, unless otherwise agreed to in writing.
4. Methodology. The Software and Services contain a methodology for creating Amazon seller support and software tools (“Methodology”). Like the Software and Services, the Methodology is and shall remain exclusively the Intellectual Property of eComEngine. Subscriber’s right to use the Methodology is limited to the express license to the Services granted herein. Subscriber shall not use the Methodology aside from using the Services as expressly licensed in the Agreement. Except where indicated otherwise, all references to the Software or Services in this Agreement include the Methodology.
5. Services Use by Subscriber’s Contractors. Subscriber’s contractors may exercise on Subscriber’s behalf Subscriber’s entire license rights to the Services, provided that (i) the entire use of the Services by Subscriber’s employees and contractors remains within the parameters stated in the Agreement, (ii) those contractors agree to not further disclose, transfer or allow access to the Services to third parties, (iii) such contractor usage is solely for Subscriber’s internal business purposes, and (iv) the contractors abide by the limitations in section 12.B of this Agreement (“Confidentiality”). Subscriber shall be liable for any breach of this Agreement by its contractors.
6. Subscriber Responsibilities.
   1. Subscriber’s Computer Environment. Subscriber is solely responsible for providing a proper environment and proper utilities for the computer system on which it will access the Services.
   2. Internet Browser Compatibility. eComEngine will endeavor to make the Services compatible with recent versions of the most popular Internet browsers, but eComEngine has no responsibility to make the Services compatible with all Internet browsers or older versions of popular Internet browsers.
   3. File Conversion. Except as agreed otherwise in writing, eComEngine is not responsible for converting Subscriber’s data files for use with the Services.
   4. Data. Subscriber is solely responsible for the accuracy, completeness and integrity of all data that it submits to or derives from the Services. Subscriber shall indemnify and defend eComEngine against any Claim made against eComEngine by a third party asserting that the Services did not function properly or that it did not produce an accurate, complete or proper output. Sections 7 and 9 are the sole rights and sole remedies Subscriber has for any Claim by Subscriber concerning the function of the Services, even if Subscriber’s Claim is based upon a Claim made against Subscriber by a third party.
7. eComEngine’s Warranties and Covenants, Remedies and Disclaimer.
   1. Uptime Warranty. During the Term, eComEngine warrants and covenants that the Services will remain available and functional online, with exceptions for commercially reasonable downtime in line with other commercial software services for non-critical business functions, including such commercially reasonable downtime for maintenance and for repairing occasional technical difficulties (this is the “Uptime Warranty”).
   2. Subscriber Data Security Warranty. By accepting this agreement, Subscriber also acknowledges receipt of and agrees and affirmatively consents to eComEngine’s Privacy Policy, available at https://www.ecomengine.com/privacy-policy/.  In accordance with that policy and this agreement, eComEngine shall maintain commercially reasonable administrative, physical, and technical safeguards for protection of the security, confidentiality and integrity of Subscriber Data. eComEngine shall not (i) modify Subscriber Data, (ii) disclose Subscriber Data except as compelled by law in accordance with Section 12.B(8) (“Compelled Disclosure”) or as expressly permitted in writing by Subscriber or by this Agreement, or (iii) access Subscriber Data except to provide the Services or prevent or address service or technical problems, or at Subscriber’s request. (This is the “Subscriber Data Security Warranty.”) Nevertheless, despite the foregoing, should there occur a breach in the security of Subscriber Data (a “Subscriber Data Security Breach”), such as but not limited to disclosure by eComEngine of Subscriber Data to an unauthorized third party or eComEngine permitting an unauthorized third party to have access to Subscriber Data, then eComEngine’s sole notice obligation shall be to give notice to Subscriber of that Data Security Breach. It shall be Subscriber’s sole responsibility (and not eComEngine’s responsibility) to give notice of the Subscriber Data Security Breach to any other person or party as required by applicable law or as may be prudent for legal or business reasons. eComEngine shall have no responsibility for or liability for a Subscriber Data Security Breach other than as stated expressly in this Agreement.
   3. Exclusive Remedy for Breach – Repair. Should eComEngine breach the Uptime Warranty or the Subscriber Data Security Warranty, Subscriber’s sole remedy shall be for eComEngine to repair the Services by restoring them to the standard of the applicable warranty.
   4. Exclusive Remedy for Breach – Refund. Should eComEngine be unable to repair or replace the Services within such 30 Days after Notice of failure to meet the Uptime Warranty or the Subscriber Data Security Warranty, or any longer time permitted by Subscriber, then Subscriber may elect to terminate its Subscription to the Services and, in that case, eComEngine shall pay to Subscriber a pro-rata refund from eComEngine for the Subscription fee it paid for the Services. That refund shall be prorated to cover the period of the Subscription Term from the date of delivery to eComEngine of the notice of termination to the end of the Subscription Term. eComEngine shall pay any refund within 30 Days of the effective date of termination. In the case of Subscription termination, Subscriber’s access to the Services will terminate immediately.
   5. Warranty Disclaimer. eComEngine provides only the covenants and warranties stated expressly in this Agreement. ECOMENGINE MAKES NO OTHER COVENANTS OR WARRANTIES AS TO THE SERVICES, AND IT DISCLAIMS EACH OF THE FOLLOWING WARRANTIES THAT MIGHT OTHERWISE BE IMPLIED BY LAW: (i) IMPLIED WARRANTY OF MERCHANTIBILITY; (ii) IMPLIED WARRANTY OF FITNESS FOR A PARTICULAR PURPOSE, EVEN IF ECOMENGINE HAS BEEN ADVISED OF SUCH PURPOSE; (iii) IMPLIED WARRANTY OF NON-INFRINGEMENT, NON-MISAPPROPRIATION, AND NON-INTERFERENCE; (iv) IMPLIED WARRANTY OF ACCURACY OF THE WORK PRODUCT; AND (v) IMPLIED WARRANTY OF SYSTEM INTEGRATION. Subscriber agrees that no representations, warranties or covenants have been made to it regarding the Services other than those stated in the Agreement.
8. Audit. eComEngine may audit the business records and computer systems of Subscriber to ascertain whether Subscriber’s use of the Services has been and is within the scope of the Subscription granted to Subscriber, including but not limited to (i) the limitation of usage to specific Named Users and (ii) the confidentiality, trade secret, and non-circumvention obligations. eComEngine shall provide Subscriber at least 30 Days’ notice prior to the audit. eComEngine may use contracted professionals to assist in the audit or to conduct it on behalf of eComEngine, such as accountants and computer technicians. eComEngine shall be responsible to Subscriber for ensuring that any such contracted professionals maintain the confidentiality of Subscriber’s Confidential Information. Subscriber shall cooperate in any such audit by making relevant business records and computer systems available to eComEngine and organized for review. Subscriber shall not destroy evidence of the extent of its use of the Services between the time of receipt of notice of an audit and the completion of the conduct of the audit; doing so shall create a presumption that Subscriber was willfully using the Services in excess of its license rights. eComEngine may not audit more than once per calendar year unless a past audit by eComEngine has demonstrated that the Subscriber was using the Services in excess of its license rights. If eComEngine’s audit does not uncover any exceeding of license rights, each Party shall bear all of its costs associated with the audit. If eComEngine’s audit reveals usage of the Services in excess of Subscriber’s license rights, the Subscriber shall pay to eComEngine its out-of-pocket costs associated with the audit plus eComEngine’s then-current list price for the unlicensed usage of the Services – the price eComEngine charges to a Subscriber who does not presently have a Subscription to the Services and who is not entitled to any discounts. Subscriber shall pay such sums within 30 Days of written notice of the audit results from eComEngine, and Subscriber shall pay interest at a rate of 1.5% per month on any sum not paid within such 30 Days. Should eComEngine deem it necessary to utilize legal services to collect the sum due from Subscriber, eComEngine shall be entitled to collect its reasonable attorneys’ fees and costs from Subscriber – both legal fees spent before and after the filing of suit. eComEngine’s rights and remedies stated in this section do not limit the other causes of action and remedies eComEngine may have under the Agreement or applicable law.
9. Limitation on Liability.
   1. FOR ALL CLAIMS ARISING FROM OR RELATED TO THIS AGREEMENT OR ITS SUBJECT MATTER, IN NO EVENT SHALL EITHER PARTY BE LIABLE TO THE OTHER FOR THE PAYMENT OF ANY CONSEQUENTIAL, INCIDENTAL, OR PUNITIVE DAMAGES, OR DAMAGES FOR LOST BUSINESS, LOST PROFITS, INTERRUPTED OPERATIONS, OR LOST OR DAMAGED DATA, EVEN IF THE PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. ECOMENGINE’S ENTIRE LIABILITY TO SUBSCRIBER FOR ALL CLAIMS ARISING FROM OR RELATED TO THIS AGREEMENT OR ITS SUBJECT MATTER, WHETHER IN CONTRACT, TORT OR OTHERWISE, SHALL NOT EXCEED THE TOTAL AMOUNT OF SUBSCRIPTION FEES PAID BY SUBSCRIBER TO ECOMENGINE UNDER THIS AGREEMENT.
   2. Exception to Liability Limitations. The forgoing limitations of liability do not limit any of the obligations expressly stated in this Agreement for a Party to defend the other Party or to indemnify the other Party.
   3. THE LIMITATIONS OF LIABILITY, DISCLAIMERS OF WARRANTIES, EXCLUSIVITY OF REMEDIES, AND OTHER LIMITATIONS IN THIS AGREEMENT ARE AN ESSENTIAL ELEMENT OF THE BARGAIN BETWEEN THE PARTIES (WITHOUT WHICH THE TRANSACTIONS CONTEMPLATED BY THIS AGREEMENT WOULD NOT OCCUR) AND WILL APPLY EVEN IF A REMEDY, WARRANTY, OR COVENANT FAILS IN ITS ESSENTIAL PURPOSE.
10. Intellectual Property.
    1. Markings. Subscriber shall not remove, obscure or alter any Intellectual Property marking, confidentiality marking or legal notice displayed on any display or print-out of the Services. Subscriber shall not permit others to do so.
    2. Intellectual Property Infringement by eComEngine. eComEngine shall defend and indemnify Subscriber against any third-party Claim based upon an allegation that the Services as provided to Subscriber by eComEngine infringe upon or misappropriate any third party’s U.S. copyright or trade secret or infringe a third party’s U.S. patent. The foregoing obligations do not cover any patent claim based upon a combination of the Software or Services (as applicable) with any other good, software or service. If an infringement or misappropriation Claim is asserted, or if eComEngine believes one is likely, eComEngine shall have the right, but not the obligation, (i) to procure a license from the person claiming or likely to claim infringement or misappropriation, and (ii) to modify or replace the Services to avoid the Claim of infringement or misappropriation. Modification or replacement of the Services for this purpose will not materially impair the Services operation or materially reduce its functionality or performance. THE FOREGOING STATES ECOMENGINE’S ENTIRE LIABILITY AND SUBSCRIBER’S SOLE REMEDY IN CONNECTION WITH ANY INTELLECTUAL PROPERTY INFRINGEMENT CLAIM ARISING OUT OF OR RELATED TO THE SERVICES.
11. Term and Termination; Renewal. The Agreement will remain in effect for the Subscription Term unless terminated earlier by a Party for a reason stated below.
    1. Term. Unless expressly indicated otherwise by eComEngine in writing, the Subscription Term is for one month measured from the date of the purchase of the Subscription by Subscriber.
    2. Automatic Subscription Renewal. The Subscription shall automatically renew after each Subscription Term for an additional month unless the Subscriber notifies eComEngine before the end of the Subscription Term that it chooses not to have the Subscription renew. A renewal starts a new, one-month Subscription Term. eComEngine may charge the Subscriber’s credit card on file with eComEngine for the monthly license fee for the Subscription renewal at eComEngine’s then-current Subscription rate. If this credit card charge fails, eComEngine may immediately terminate the Services and notify Subscriber of such termination. Upon receipt of such notification, Subscriber may reinitiate the Services by providing a valid and working credit card sufficient to pay the renewal charge within 10 Days of such termination notice; such interruption in the Services shall not reset the date for renewal of the Subscription.
    3. This Agreement may be terminated as follows:
       by either Party, upon Notice, if the other Party is in material breach of any of its obligations and the breach is not capable of being cured;
       by Subscriber providing notice of non-renewal prior to the end of any Subscription Term;
       by eComEngine providing notice of non-renewal at least 10 days prior to the end of any Subscription Term; and
       regardless of subsections 11.A-11.C, if Subscriber breaches section 2.G of this Agreement (“Limitations on License Grant”), then eComEngine may terminate this Agreement immediately, by giving Notice to Subscriber, without any opportunity for cure by Subscriber.
    4. Services Termination. eComEngine may and will terminate usage of the Services immediately upon the effective date of termination.
    5. Return of Subscriber Data. Upon written request by Subscriber made before termination of the Services or within 30 Days after the effective date of termination of the Services, eComEngine shall provide to Subscriber for download a file of the Subscriber Data in comma separated value (.csv) format along with attachments in their native format. After such 30-Day period, eComEngine shall have no obligation to maintain or provide any of the Subscriber Data. After such 30-Day period, unless prohibited by law, eComEngine may permanently delete the Subscriber Data.
    6. Termination of this Agreement shall not bar either Party from pursuing any cause of action or remedy it may have available against the other Party for breach of the Agreement.
12. General Terms.
    1. Assignment. Either Party may assign the Agreement to a Corporate Affiliate, successor to its business or purchaser of substantially all of its assets. Nevertheless, Subscriber may not assign this Agreement to any Competitor of eComEngine; this prohibition includes assignment to Corporate Affiliates of Subscriber. Subscriber will not be relieved from liability under this Agreement by virtue of a permitted assignment unless eComEngine approves the assignment and transfer of liability in writing. eComEngine will not withhold such approval unreasonably. For Subscriber, any assignment shall not expand the license rights specified in this Agreement.
    2. Confidentiality.
       “Confidential Information” means, collectively: (a) the trade secrets of a Discloser; (b) information that Discloser has kept confidential; (c) information that Discloser is obligated to keep confidential to some extent by law; and (d) information that a third party has provided to Discloser under an obligation of confidentiality.
       Confidential Information of Subscriber. The Subscriber Data is the Confidential Information of Subscriber.
       “Recipient” means the Party receiving Confidential Information.
       “Discloser” means the Party that discloses, transmits or allows access to Confidential Information to Recipient.
       The Methodology and the Subscriber Data are Confidential Information and do not need to be marked as such to have such status. For any other information to have Confidential Information status, Discloser must mark it conspicuously as “Confidential Information” or with other words that convey the same meaning, unless federal, state or local law makes that type of information confidential (e.g., “protected health information” under HIPAA).
       Exclusions from Confidential Information. Confidential Information shall not include information that (a) constitutes general skills and experience gained under this Agreement; (b) is already known by Recipient at the time of disclosure as established through written evidence pre-dating this agreement; (c) is publicly available at the time of disclosure or subsequently becomes publicly available through no fault of Recipient; (d) is required to be disclosed by governmental or judicial order; (e) is rightfully acquired by Recipient from a third party who is not in breach of an agreement to keep such information confidential; or (f) is developed by personnel of Recipient independently of, and without access or exposure to, the Confidential Information.
       Confidentiality Obligation. Except as otherwise provided herein, Recipient shall not disclose Confidential Information, allow access to it or transfer it to third parties, or use it for any reasons other than performing this Agreement or exercising the license rights granted to it under this Agreement. Recipient shall take reasonable efforts to protect the confidentiality of Confidential Information, and shall protect it at least as carefully as it protects its sensitive confidential information. If a Recipient believes that there has been an unauthorized disclosure, access, transfer or use of Confidential Information, it shall notify Discloser as soon as possible.
       Compelled Disclosure. The Recipient may disclose Confidential Information of the Discloser if it is compelled by law to do so, provided the Recipient gives the Discloser prior notice of such compelled disclosure (to the extent legally permitted) and reasonable assistance, at the Discloser’s cost, if the Discloser wishes to contest the disclosure. If the Recipient is compelled by law to disclose the Discloser’s Confidential Information as part of a legal proceeding (except for litigation initiated by one Party against the other Party), the Discloser shall reimburse the Recipient for its attorneys’ fees and costs incurred in relation to this order and for Recipient’s reasonable cost of compiling and providing secure access to such Confidential Information.
       Recipient may disclose Confidential Information to its contractors provided that such contractors adhere to rules stated in this section 12.B, and such contractors use the Confidential Information solely to perform Recipient’s obligations under this Agreement. A Recipient who discloses Confidential Information to a contractor shall be liable for the contractor’s handling of the Confidential Information as if the contractor was an employee of Recipient. Under no circumstances may Recipient disclose Confidential Information to a competitor of Discloser.
       Term of Confidentiality. The confidentiality obligations under this Agreement shall survive with respect to Confidential Information until such information is excluded from the definition of Confidential Information pursuant to Section 12.B.6.
    3. Taxes. Subscriber shall be solely liable for and pay the taxes resulting from this Agreement or any activities hereunder (exclusive of U.S. taxes (federal, state and/or local) on eComEngine’s gross and/or net income), even if eComEngine does not collect the tax from the Subscriber. Any taxes for which Subscriber is liable shall not reduce the amount due to eComEngine under this Agreement. If either Party determines that a tax will be imposed for which Subscriber is responsible under this Agreement, eComEngine may require Subscriber to prepay the tax to eComEngine or the taxing authority, as appropriate, before eComEngine continues with performing this Agreement. If Subscriber claims exemption from any taxes, at eComEngine’s request, Subscriber shall provide eComEngine with documentation sufficient to support tax exemption. Subscriber shall indemnify, hold harmless and defend eComEngine from any Claim asserted by a taxing authority arising from or related to taxes owed (exclusive of taxes on eComEngine’s gross and/or net income) or purported tax exemptions, including all penalties and interest.
    4. Agreement Modification or Replacement. The Parties may agree to amend or replace this Agreement at any time in the future, including at any renewal (including automatic renewal as provided in section 12.B) of Subscriber’s Subscription to the Services. Any such agreement must be in writing and assented to by an affirmative act by the party receiving the proposal for amendment or replacement. This Agreement shall not be supplemented or modified by Subscriber’s boilerplate contracting documents, including purchase orders, work orders, order acknowledgments and shipping documents. The boilerplate terms in such documents shall have no contractual effect unless eComEngine agrees to them expressly and in writing.
    5. Disputes.
       Resolving Disputes. This Agreement and the Parties’ relationship shall be governed by and construed under the laws of the Commonwealth of Virginia and applicable federal law, and Virginia’s choice of law rules shall not change this governing law. Any litigation between the Parties shall occur only in the state courts for the County of Henrico, Virginia, or the federal courts in the U.S. District Court for the Eastern District of Virginia (Richmond Division). IN ANY LITIGATION, EACH PARTY WAIVES TRIAL BY JURY. Subscriber consents to such personal jurisdiction and irrevocably stipulates that, by entering into this Agreement, such courts have personal jurisdiction over the Subscriber for all Claims arising from or related to this Agreement or its subject matter. In any state court litigation, depositions and interrogatory responses may be used in support or defense of motions for summary judgment. If Subscriber institutes litigation in any court other than those expressly permitted by this subsection, Subscriber shall pay all of eComEngine’s attorneys’ fees, costs and expenses incurred in its attempting to enforce this subsection’s mandatory personal jurisdiction provision.
    6. Limitation on Time to Assert a Claim. Each Party shall assert each Claim against the other Party arising from or related to the Services within two years of the later of the accrual of the Claim. A counterclaim is not barred if the Claim filed by the other Party is timely under this section. Otherwise, all Claims not made within the time provided by this section are waived and barred.
    7. Notices. Any Notice to Subscriber shall be provided at the address given in the online form created to initiate or renew the Subscription. Any notice to eComEngine shall be directed to this contact and address:
       eComEngine, LLC
       9702 Gayton Rd., Ste 230
       Henrico, VA 23238
       (800) 757-6840
       Email: info@ecomengine.com
    8. Each Party may change its address by the means provided herein for giving Notice. Any Notices sent pursuant to this Agreement shall be in writing (including email), and become effective when the email is received, delivered by hand, or by FedEx or similar commercial carrier.
    9. Force Majeure. eComEngine shall not be liable for any failure or delay caused by events beyond eComEngine’s reasonable control, including, without limitation, Subscriber’s failure to perform its obligations in a timely fashion. Should eComEngine be delayed from performing its obligations because of an event beyond its reasonable control, eComEngine may and shall resume performance when the obstacle to performance is removed.
    10. Severability. If any term or provision of this Agreement shall be found to be illegal or unenforceable, the remainder of the Agreement will remain in effect.
    11. Headings. The headings in this Agreement are only finding aids; they shall not be considered in interpreting this Agreement.
    12. Waiver. No waiver, by either Party, of any breach by the other Party of any of the terms of this Agreement shall be a waiver of any other breach of the same or other provisions; no such waiver shall be effective unless in a writing signed by the waiving Party.
    13. Drafter. This Agreement shall not be interpreted based upon any rule of construction against the drafter.
    14. Authorized Signer. Each person signing this Agreement represents and covenants that he or she has authority to do so on behalf of any entity on whose behalf that person purports to be acting.
    15. Survival of Terms. Any terms of this Agreement that by their nature extend beyond the termination of this Agreement remain in effect post-termination. These surviving provisions include sections 1, 2.H, 3-4, 6.D, 7.C-7.E, 8-10, and 12.

Appendix 1: Data Protection Agreement

For the purposes of Article 26(2) of Directive 95/46/EC for the transfer of personal data to processors established in third countries which do not ensure an adequate level of data protection, and pursuant to the requirements laid out in Article 28 of the EU General Data Protection Regulation, aka “GDPR”:

The Subscriber (the data exporter) and eComEngine (the data importer) each a “party”; together “the parties”, HAVE AGREED on the following Contractual Clauses (the Clauses) in order to adduce adequate safeguards with respect to the protection of privacy and fundamental rights and freedoms of individuals for the transfer by the data exporter to the data importer of the personal data specified in Appendix 2.

Clause 1

Definitions

For the purposes of the Clauses:

1. ‘personal data’, ‘special categories of data’, ‘process/processing’, ‘controller’, ‘processor’, ‘data subject’ and ‘supervisory authority’ shall have the same meaning as in Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data
2. ‘the data exporter’ means the controller who transfers the personal data;
3. ‘the data importer’ means the processor who agrees to receive from the data exporter personal data intended for processing on his behalf after the transfer in accordance with his instructions and the terms of the Clauses and who is not subject to a third country’s system ensuring adequate protection within the meaning of Article 25(1) of Directive 95/46/EC;
4. ‘the subprocessor’ means any processor engaged by the data importer or by any other subprocessor of the data importer who agrees to receive from the data importer or from any other subprocessor of the data importer personal data exclusively intended for processing activities to be carried out on behalf of the data exporter after the transfer in accordance with his instructions, the terms of the Clauses and the terms of the written subcontract;
5. ‘the applicable data protection law‘ means the legislation protecting the fundamental rights and freedoms of individuals and, in particular, their right to privacy with respect to the processing of personal data applicable to a data controller in the Member State in which the data exporter is established;
6. ‘technical and organizational security measures’ means those measures aimed at protecting personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing.

Clause 2

Details of the transfer

The details of the transfer and in particular the special categories of personal data where applicable are specified in Appendix 2 which forms an integral part of the Clauses.

Clause 3

Third-party beneficiary clause

1. The data subject can enforce against the data exporter this Clause, Clause 4(b) to (i), Clause 5(a) to (e), and (g) to (j), Clause 6(1) and (2), Clause 7, Clause 8(2), and Clauses 9 to 12 as third-party beneficiary.
2. The data subject can enforce against the data importer this Clause, Clause 5(a) to (e) and (g), Clause 6, Clause 7, Clause 8(2), and Clauses 9 to 12, in cases where the data exporter has factually disappeared or has ceased to exist in law unless any successor entity has assumed the entire legal obligations of the data exporter by contract or by operation of law, as a result of which it takes on the rights and obligations of the data exporter, in which case the data subject can enforce them against such entity.
3. The data subject can enforce against the subprocessor this Clause, Clause 5(a) to (e) and (g), Clause 6, Clause 7, Clause 8(2), and Clauses 9 to 12, in cases where both the data exporter and the data importer have factually disappeared or ceased to exist in law or have become insolvent, unless any successor entity has assumed the entire legal obligations of the data exporter by contract or by operation of law as a result of which it takes on the rights and obligations of the data exporter, in which case the data subject can enforce them against such entity. Such third-party liability of the subprocessor shall be limited to its own processing operations under the Clauses.
4. The parties do not object to a data subject being represented by an association or other body if the data subject so expressly wishes and if permitted by national law.

Clause 4

Obligations of the data exporter

The data exporter agrees and warrants:

1. that the processing, including the transfer itself, of the personal data has been and will continue to be carried out in accordance with the relevant provisions of the applicable data protection law (and, where applicable, has been notified to the relevant authorities of the Member State where the data exporter is established) and does not violate the relevant provisions of that State;
2. that it has instructed and throughout the duration of the personal data processing services will instruct the data importer to process the personal data transferred only on the data exporter’s behalf and in accordance with the applicable data protection law and the Clauses;
3. that the data importer will provide sufficient guarantees in respect of the technical and organizational security measures specified in Appendix 3 to this contract;
4. that after assessment of the requirements of the applicable data protection law, the security measures are appropriate to protect personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing, and that these measures ensure a level of security appropriate to the risks presented by the processing and the nature of the data to be protected having regard to the state of the art and the cost of their implementation;
5. that it will ensure compliance with the security measures;
6. that, if the transfer involves special categories of data, the data subject has been informed or will be informed before, or as soon as possible after, the transfer that its data could be transmitted to a third country not providing adequate protection within the meaning of Directive 95/46/EC;
7. to forward any notification received from the data importer or any subprocessor pursuant to Clause 5(b) and Clause 8(3) to the data protection supervisory authority if the data exporter decides to continue the transfer or to lift the suspension;
8. to make available to the data subjects upon request a copy of the Clauses, with the exception of Appendix 3, and a summary description of the security measures, as well as a copy of any contract for subprocessing services which has to be made in accordance with the Clauses, unless the Clauses or the contract contain commercial information, in which case it may remove such commercial information;
9. that, in the event of subprocessing, the processing activity is carried out in accordance with Clause 11 by a subprocessor providing at least the same level of protection for the personal data and the rights of data subject as the data importer under the Clauses; and
10. that it will ensure compliance with Clause 4(a) to (i).

Clause 5

Obligations of the data importer

The data importer agrees and warrants:

1. to process the personal data only on behalf of the data exporter and in compliance with its instructions and the Clauses; if it cannot provide such compliance for whatever reasons, it agrees to inform promptly the data exporter of its inability to comply, in which case the data exporter is entitled to suspend the transfer of data and/or terminate the contract;
2. that it has no reason to believe that the legislation applicable to it prevents it from fulfilling the instructions received from the data exporter and its obligations under the contract and that in the event of a change in this legislation which is likely to have a substantial adverse effect on the warranties and obligations provided by the Clauses, it will promptly notify the change to the data exporter as soon as it is aware, in which case the data exporter is entitled to suspend the transfer of data and/or terminate the contract;
3. that it has implemented the technical and organizational security measures specified in Appendix 3 before processing the personal data transferred;
4. that it will promptly notify the data exporter about:
   1. any legally binding request for disclosure of the personal data by a law enforcement authority unless otherwise prohibited, such as a prohibition under criminal law to preserve the confidentiality of a law enforcement investigation,
   2. any accidental or unauthorized access, and
   3. any request received directly from the data subjects without responding to that request, unless it has been otherwise authorized to do so;
   4. to deal promptly and properly with all inquiries from the data exporter relating to its processing of the personal data subject to the transfer and to abide by the advice of the supervisory authority with regard to the processing of the data transferred;
   5. at the request of the data exporter to submit its data processing facilities for audit of the processing activities covered by the Clauses which shall be carried out by the data exporter or an inspection body composed of independent members and in possession of the required professional qualifications bound by a duty of confidentiality, selected by the data exporter, where applicable, in agreement with the supervisory authority;
   6. to make available to the data subject upon request a copy of the Clauses, or any existing contract for subprocessing, unless the Clauses or contract contain commercial information, in which case it may remove such commercial information, with the exception of Appendix 3 which shall be replaced by a summary description of the security measures in those cases where the data subject is unable to obtain a copy from the data exporter;
   7. that, in the event of subprocessing, it has previously informed the data exporter and obtained its prior written consent;
   8. that the processing services by the subprocessor will be carried out in accordance with Clause 11;
   9. to send promptly a copy of any subprocessor agreement it concludes under the Clauses to the data exporter.

    

   Clause 6

   Liability

   1. The parties agree that any data subject, who has suffered damage as a result of any breach of the obligations referred to in Clause 3 or in Clause 11 by any party or subprocessor is entitled to receive compensation from the data exporter for the damage suffered.
   2. If a data subject is not able to bring a claim for compensation in accordance with paragraph 1 against the data exporter, arising out of a breach by the data importer or his subprocessor of any of their obligations referred to in Clause 3 or in Clause 11, because the data exporter has factually disappeared or ceased to exist in law or has become insolvent, the data importer agrees that the data subject may issue a claim against the data importer as if it were the data exporter, unless any successor entity has assumed the entire legal obligations of the data exporter by contract of by operation of law, in which case the data subject can enforce its rights against such entity. The data importer may not rely on a breach by a subprocessor of its obligations in order to avoid its own liabilities.
   3. If a data subject is not able to bring a claim against the data exporter or the data importer referred to in paragraphs 1 and 2, arising out of a breach by the subprocessor of any of their obligations referred to in Clause 3 or in Clause 11 because both the data exporter and the data importer have factually disappeared or ceased to exist in law or have become insolvent, the subprocessor agrees that the data subject may issue a claim against the data subprocessor with regard to its own processing operations under the Clauses as if it were the data exporter or the data importer, unless any successor entity has assumed the entire legal obligations of the data exporter or data importer by contract or by operation of law, in which case the data subject can enforce its rights against such entity. The liability of the subprocessor shall be limited to its own processing operations under the Clauses.

    

   Clause 7

   Mediation and jurisdiction

   1. The data importer agrees that if the data subject invokes against it third-party beneficiary rights and/or claims compensation for damages under the Clauses, the data importer will accept the decision of the data subject:
      1. to refer the dispute to mediation, by an independent person or, where applicable, by the supervisory authority;
      2. to refer the dispute to the courts in the Member State in which the data exporter is established.
   2. The parties agree that the choice made by the data subject will not prejudice its substantive or procedural rights to seek remedies in accordance with other provisions of national or international law.

    

   Clause 8

   Cooperation with supervisory authorities

   1. The data exporter agrees to deposit a copy of this contract with the supervisory authority if it so requests or if such deposit is required under the applicable data protection law.
   2. The parties agree that the supervisory authority has the right to conduct an audit of the data importer, and of any subprocessor, which has the same scope and is subject to the same conditions as would apply to an audit of the data exporter under the applicable data protection law.
   3. The data importer shall promptly inform the data exporter about the existence of legislation applicable to it or any subprocessor preventing the conduct of an audit of the data importer, or any subprocessor, pursuant to paragraph 2. In such a case the data exporter shall be entitled to take the measures foreseen in Clause 5 (b).

    

   Clause 9

   Governing Law

   The Clauses shall be governed by the law of the Member State in which the data exporter is established.

    

   Clause 10

   Variation of the contract

   The parties undertake not to vary or modify the Clauses. This does not preclude the parties from adding clauses on business related issues where required as long as they do not contradict the Clause.

    

   Clause 11

   Subprocessing

   1. The data importer shall not subcontract any of its processing operations performed on behalf of the data exporter under the Clauses without the prior written consent of the data exporter. Where the data importer subcontracts its obligations under the Clauses, with the consent of the data exporter, it shall do so only by way of a written agreement with the subprocessor which imposes the same obligations on the subprocessor as are imposed on the data importer under the Clauses. Where the subprocessor fails to fulfil its data protection obligations under such written agreement the data importer shall remain fully liable to the data exporter for the performance of the subprocessor’s obligations under such agreement.
   2. The prior written contract between the data importer and the subprocessor shall also provide for a third-party beneficiary clause as laid down in Clause 3 for cases where the data subject is not able to bring the claim for compensation referred to in paragraph 1 of Clause 6 against the data exporter or the data importer because they have factually disappeared or have ceased to exist in law or have become insolvent and no successor entity has assumed the entire legal obligations of the data exporter or data importer by contract or by operation of law. Such third-party liability of the subprocessor shall be limited to its own processing operations under the Clauses.
   3. The provisions relating to data protection aspects for subprocessing of the contract referred to in paragraph 1 shall be governed by the law of the Member State in which the data exporter is established.
   4. The data exporter shall keep a list of subprocessing agreements concluded under the Clauses and notified by the data importer pursuant to Clause 5 (j), which shall be updated at least once a year. The list shall be available to the data exporter’s data protection supervisory authority.

    

   Clause 12

   Obligation after the termination of personal data processing services

   1. The parties agree that on the termination of the provision of data processing services, the data importer and the subprocessor shall, at the choice of the data exporter, return all the personal data transferred and the copies thereof to the data exporter or shall destroy all the personal data and certify to the data exporter that it has done so, unless legislation imposed upon the data importer prevents it from returning or destroying all or part of the personal data transferred. In that case, the data importer warrants that it will guarantee the confidentiality of the personal data transferred and will not actively process the personal data transferred anymore.
   2. The data importer and the subprocessor warrant that upon request of the data exporter and/or of the supervisory authority, it will submit its data processing facilities for an audit of the measures referred to in paragraph 1.

    

   Appendix 2

   This Appendix forms part of the Clauses and must be completed by the parties

   The Member States may complete or specify, according to their national procedures, any additional necessary information to be contained in this Appendix

   Data exporter

   The data exporter is (please specify briefly your activities relevant to the transfer):

   Data Exporter is (i) the legal entity that has executed the Standard Contractual Clauses as a Data Exporter and, (ii) all Affiliates of Customer established within the European Economic Area (EEA) and Switzerland that have purchased Covered Services on the basis of the Subscriber Agreement.

   Data importer

   The data importer is (please specify briefly activities relevant to the transfer):

   eComEngine, which processes personal data upon the instruction of the data exporter in accordance with the terms of the Subscriber Agreement.

   Data subjects

   The personal data transferred concern the following categories of data subjects (please specify):

   • Customers with whom the Controller transacts business on the Amazon Marketplace

   Categories of data

   The personal data transferred concern the following categories of data (please specify):

   • Contact Data
   • Customer History

   Processing operations

   The personal data transferred will be subject to the following basic processing activities (please specify):

   • The objective of Processing of Personal Data by data importer is the performance of the Covered Services pursuant to the Subscriber Agreement.

   Appendix 3

   This Appendix forms part of the Clauses and must be completed by the parties.

   Description of the technical and organizational security measures implemented by the data importer in accordance with Clauses 4(d) and 5(c) of Appendix 1:

    

   Confidentiality (Article 32 Paragraph 1 Point b GDPR)

   • Physical Access Control
     No unauthorized access to Data Processing Facilities, e.g.: magnetic cards, combination lock, biometric fingerprint scans, facility security services and entrance security staff, alarm systems, video/CCTV Systems
   • Electronic Access Control
     No unauthorized use of the Data Processing and Data Storage Systems, e.g.: (secure) passwords, automatic blocking/locking mechanisms, user access control, encryption of storage media
   • Internal Access Control (permissions for user rights of access to and amendment of data)
     No unauthorized Reading, Copying, Changes or Deletions of Data within the system, e.g. rights authorization concept, need-based rights of access, logging of system access events
   • Pseudonymization (Article 32 Paragraph 1 Point a GDPR; Article 25 Paragraph 1 GDPR)
     Once personal data is no longer needed for the performance of the services, it is put through a pseudonymization process.

   Integrity (Article 32 Paragraph 1 Point b GDPR)

   • Data Transfer Control
     No unauthorized Reading, Copying, Changes or Deletions of Data with electronic transfer or transport, e.g.: Encryption, Virtual Private Networks (VPN), electronic signature;

   Availability and Resilience (Article 32 Paragraph 1 Point b GDPR)

   • Prevention of accidental or willful destruction or loss,
     g.: Backup Strategy (online/offline; on-site/off-site), Uninterruptible Power Supply (UPS), virus protection, firewall, reporting procedures and contingency planning

   Procedures for regular testing, assessment and evaluation (Article 32 Paragraph 1 Point d GDPR; Article 25 Paragraph 1 GDPR)

   • Data Protection Management;
     Annual review of all security and data protection mechanisms and policies.
   • Incident Response Management;
     eComEngine shall notify the Subscriber without undue delay, and take any corrective action to resolve the incident.
   • Data Protection by Design and Default (Article 25 Paragraph 2 GDPR);
     All of our product development processes incorporate the identification of any expansion in the processing or storing of personal data and, when such is identified, it is always carried out in accordance with existing data protection practices.

   Order or Contract Control
   No third party data processing as per Article 28 GDPR without corresponding instructions from the Client, as outlined in Section 2.D of the Subscriber agreement.