1. Definitions

“Agreement”shall mean these OS1 Terms for Subscribers, the OS1 Privacy Policy and any documents and materials referenced in any of the foregoing.

“Application”shall mean a Developer Application or a Delhivery Application as defined below.

“Developer” shall mean a person or entity that has developed an application and entered into an agreement with us to distribute such application to Subscriber’s through the OS1 Platform.

“Developer Application”shall mean any application made available by a Developer for Subscribers through the OS1 Platform. Each Developer Application is subject to the EULA or any related documentation made available by the Developer to the Subscriber.

“Delhivery Application” shall mean any application made directly available by Delhivery under these terms and is not a Developer Application.

“EULA” shall mean the terms and conditions, including but not limited to any privacy and data protection terms, applicable to an end user’s use of a Developer Application and that governs the relationship between you and a Developer.

“Subscriber” / “Customer” or “you” shall mean an individual or entity who uses / procures an Application through the OS1 Platform.

2. Applicable Terms

Your use of the OS1 Platform is subject to this Agreement. By doing any of the following, you acknowledge and agree to be bound by this Agreement:

• create an account with us on the OS1 Platform;
• purchase, license, or use as a free trial any Application through the OS1 Platform; or
• otherwise indicate acceptance of this Agreement in any implied manner or any clicking a box indicating acceptance.

At the time of signing up, if you are domiciled in India the contracting entity for this Agreement will be Delhivery Limited, India and if you are domiciled anywhere else in the world, the contracting entity will be Delhivery USA LLC. Delhivery Limited and Delhivery USA LLC (as the case may be) will hereinafter be referred to as “Delhivery”, “we”, “us” or “our”).

If the individual entering into this Agreement is doing so on behalf of a company or other legal entity, such individual hereby represents and warrants that they have legal authority to bind the company or legal entity to this Agreement. In such a case, the company or legal entity is the Customer and references to “you” shall be applicable to such Customer. If the individual does not have authority to bind the company or other legal entity, or if the individual does not agree with this Agreement or any part of it, the individual may not agree to this Agreement and neither the individual or the company or the legal entity may access or use the OS1 Platform.

Your purchase, license or use of any Developer Application will be subject to the terms set out in Annexure I to this Agreement - Developer Application Terms.

Your purchase, license or use of any Delhivery Application will be subject to the terms set out in Annexure II to this Agreement - Delhivery Application Terms.

3. Pricing

You agree to pay all fees for Applications and related services ordered through the OS1 Platform.

Any consideration or payment obligations for use of the Developer Application by you must be as per the terms agreed upon between you and the Developer. We shall not be liable for any fees, refunds, cancellations, or fee disputes relating to the Developer Application or related services. Delhivery solely facilitates the payment by you to the Developer through the OS1 Platform.

4. Indemnity and Liability

You will defend, indemnify, and hold us harmless from and against any liabilities, losses, damages, judgments, fines, penalties, costs and expenses (including reasonable attorneys' fees and court costs), as incurred, arising out of or in any way connected to: (i) your access to and use of the OS1 Platform and any related material; (ii) breach or violation of this Agreement, (iii) breach or violation of any applicable laws, regulations, rules and orders of any governmental or regulatory body; (iv) breach of any agreement between you and the Developer; (v) any third party claim attributable to you, and (vi) any claim related to use of an Application..

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT WILL DELHIVERY, OR OUR AFFILIATES, AGENTS, DIRECTORS, EMPLOYEES, SUPPLIERS OR LICENSORS BE LIABLE TO YOU FOR ANY SPECIAL, INCIDENTAL, EXEMPLARY, PUNITIVE OR CONSEQUENTIAL DAMAGES (INCLUDING LOSS OF USE, DATA, BUSINESS OR PROFITS) OR FOR THE COST OF PROCURING SUBSTITUTE PRODUCTS OR SERVICES ARISING OUT OF OR IN CONNECTION WITH THIS AGREEMENT OR THE USE OR PERFORMANCE OF THE OS1 PLATFORM, WHETHER SUCH LIABILITY ARISES FROM A CLAIM BASED UPON CONTRACT, WARRANTY, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY OR OTHERWISE, AND WHETHER OR NOT WE HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH LOSS OR DAMAGE. OUR TOTAL LIABILITY TO YOU FROM ALL CAUSES OF ACTION AND UNDER ALL THEORIES OF LIABILITY WILL BE LIMITED TO AND WILL NOT EXCEED ONE HUNDRED DOLLARS (USD 100) IN CASE YOU ARE CONTRACTING WITH DELHIVERY USA LLC. OR INR TEN THOUSAND (INR 10,000) IF YOU ARE CONTRACTING WITH DELHIVERY LIMITED, INDIA.

SOME STATES AND JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THE ABOVE LIMITATIONS OR EXCLUSIONS MAY NOT APPLY TO YOU. THIS AGREEMENT GIVE YOU SPECIFIC LEGAL RIGHTS, AND YOU MAY ALSO HAVE OTHER RIGHTS WHICH VARY FROM STATE TO STATE. THE DISCLAIMERS, EXCLUSIONS, AND LIMITATIONS OF LIABILITY UNDER THIS AGREEMENT WILL NOT APPLY TO THE EXTENT PROHIBITED BY APPLICABLE LAW.

5. Export Control

You must comply with all applicable export and re-export control laws and regulations, including the U.S. Export Control Laws. You represent and warrant that you are not located in a country or region embargoed by the U.S. Government or identified on OFAC's List of Specially Designated Nationals, or any other sanction list of any other country, and will not permit the use of any Application or OS1 Platform by any person or entity identified on those lists. You must not provide, export, re-export, or transfer any part of the Applications to any embargoed country or region, or to governments or governmental instrumentalities of any embargoed country or region, absent a license or other necessary governmental authorization.

6. Updates to the Terms

You acknowledge that we continuously work towards evolving and improving the OS1 Platform and the services available to you through the OS1 Platform. Accordingly, we may modify any of the terms, at any time and in our sole discretion, by posting an updated version on our website os1.delhiver.com. The “Last Updated” date above will also be updated to help you identify the latest version of the Terms applicable to you. If any modification is unacceptable to you, you may terminate this Agreement. Your continued access and use of the OS1 Platform or any Application following such an update to the terms will constitute your acceptance of the modification.

7. Term and Termination

The term of this Agreement shall commence upon your initial acceptance, and continue until: (a) you terminate your account using the methods provided on the OS1 Platform, or by sending us an email requesting account termination to support@os1.delhivery.com; or (b) we terminate this Agreement upon written notice to you, which termination may occur at any time for any or no reason

8. Assignment

You may not assign or transfer this Agreement without our prior written consent. Any attempt by you to assign or transfer this Agreement, without such consent, will be null and void. We may assign or transfer this Agreement.

9. Governing Law and Dispute Resolution

This Agreement, and any claim, controversy or dispute related to this Agreement shall be governed by and construed in accordance with the following laws (as set out in the table below), without regard to any choice or conflicts of law provisions that would mandate the application of the laws of any other jurisdiction. Any dispute, claim, suit, action or proceeding arising out of or relating to this Agreement or its subject matter, including breach thereof, will be finally settled exclusively as set forth below. The United Nations Convention for the International Sale of Goods does not apply to this Agreement.

Any arbitration under this Agreement will take place on an individual basis – class arbitrations and class actions are not permitted. You understand that by agreeing to this Agreement, you and Delhivery are waiving the right to trial by jury or to participate in a class action or class arbitration. Nothing herein restricts the right to bring an action in a court of proper jurisdiction for injunctive or other equitable relief, pending a final decision by the arbitrator.

10. General

Notices

Any notice, request, consent, claim, demand, or other communication to be given or delivered to a party under or by reason of a provision of this Agreement shall be in writing in accordance with this clause. Delhivery may provide you with notice under this Agreement by (a) posting a notice on our website getos1.com or (b) sending a message to the email address then associated with your account on the OS1 Marketplace. Notices provided by posting on the website will be effective upon posting and notices provided by email will be effective when Delhivery sends out the email. It is your responsibility to keep the email address associated with your account current.

Relationship of Parties

You and Delhivery are entering into this agreement on a principal-to-principal basis. Both parties are independent contractors, and no partnership, joint venture, or agency relationship is created between the parties hereunder. You shall not provide any representation or warranty on behalf of Delhivery nor incur any obligations on behalf of Delhivery.

Waiver

Any waiver by Delhivery under this Agreement must be in writing. The failure by Delhivery to enforce any right or provision hereunder does not constitute a present or future waiver of such provision or right, nor will it limit our right to enforce such term at a later time.

Language

All communications and notices made or given pursuant to this Agreement must be in English language. If any translation of the English version is provided, the English version will always supersede in the event of any conflict.

Severability

If any provision hereunder is held by a court or other tribunal of competent jurisdiction to be invalid, illegal or unenforceable for any reason, such provision shall be limited to the minimum extent such that the remaining provisions under the Terms will continue in full force and effect.

Entire Agreement

This Agreement constitutes the entire and exclusive understanding and agreement between the relevant Delhivery entity and you regarding the OS1 Marketplace and any related services

Interpretation

For the purposes of this Agreement: (a) any reference to any provision of a statute shall be construed as a reference to that provision as amended, re-enacted or extended at the relevant time; (b) the term “including” means “including without limitation” and is intended by way of example and not limitation; (c) all headings are intended solely for the convenience of the parties, and none will be deemed to affect the meaning or construction of any provision hereof; (d) the word “or” is not exclusive; and (e) the words “herein,” “hereof,” “hereby,” “hereto,” and “hereunder” refer to this Agreement as a whole.

11. ANNEXURE I - DEVELOPER APPLICATION TERMS

Use of Developer Application

You acknowledge and agree that Delhivery neither controls nor endorses, nor is Delhivery responsible for, any Developer Application (even if the Developer Application has been approved by Delhivery) or any related services related to the Developer Application.

You agree and acknowledge that use of the Developer Application is subject to the EULA, privacy policy, and any other document between you and the Developer and not this Agreement or any other document with Delhivery. Delhivery shall not be responsible or liable for the Developer Application nor any services related to the same.

Your right to use and any licenses or subscription to the Developer Application is subject to the terms and conditions of the EULA or, as applicable, your agreement with the Developer. You expressly acknowledge that Delhivery is not a party to such EULA or agreement and merely facilitates the interaction between any Customer and a Developer.

Delhivery may disable or discontinue Developer Application listings, permissions and integration at any time, for any or no reason, with or without notice to you.

You acknowledge and agree that:

• you must use your own discretion when you access or use Developer Applications and any related services;
• you should read the EULA, privacy policies and other information associated with any Developer Applications and related services as these will govern your use of the same;
• Delhivery does not own or control any of these Developers or the Developer Applications or related services
• you will not hold Delhivery responsible or liable for any such Developer Applications, services or acts or omissions of Developers, under any circumstances;
• you shall refer to the Developer and any documentation accompanying the Developer Application to find out how the Developer Application interacts with your data and your organization;
• any maintenance and support of the Developer Application shall be provided by the Developer and only to the extent described in the EULA or as otherwise communicated to you by the Developer. You agree and acknowledge that Delhivery has no responsibility for providing such support and maintenance. Failure of a Developer to provide support and maintenance will not entitle you to any refund of fees paid, if any, for the Developer Application; and
• you represent and warrant that you will use the OS1 Marketplace and any Developer Application in compliance with all applicable laws.

Disclaimer

DELHIVERY DOES NOT IN ANY WAY WARRANT THE ACCURACY, RELIABILITY, SECURITY, COMPLETENESS, USEFULNESS, NON-INFRINGEMENT, OR QUALITY OF ANY DEVELOPER APPLICATION OR RELATED SERVICES (INCLUDING WITHOUT LIMITATION THE CONTENT CONTAINED THEREIN). DELHIVERY SHALL NOT BE RESPONSIBLE FOR A DEVELOPER APPLICATION EVEN IF IT COMPLIES WITH OS1 GUIDELINES AND POLICIES. YOU ACKNOWLEDGE THAT ANY RISKS ASSOCIATED WITH USING OR RELYING ON DEVELOPER APPLICATIONS SHALL BE BORNE BY YOU. ANY INFORMATION THAT DEVELOPER COLLECTS, STORES AND PROCESSES FROM YOU OR FROM YOUR INTERACTION WITH THE DEVELOPER APPLICATION OR FROM THE SYSTEMS YOU USE TO ACCESS THE DEVELOPER APPLICATION WILL BE SUBJECT TO THE EULA, DEVELOPER PRIVACY POLICY AND OTHER SIMILAR TERMS THAT THE DEVELOPER MAKES AVAILABLE TO YOU. THE SAME SHALL NOT BE SUBJECT TO ANY AGREEMENTS BETWEEN YOU AND DELHIVERY OR THE DELHIVERY PRIVACY POLICY. YOUR RELATIONSHIP WITH THE DEVELOPER AND YOUR USE OF THE DEVELOPER APPLICATION AND THE DEVELOPER HAVING ACCESS TO YOUR DATA ARE AT YOUR OWN RISK AND GOVERNED SOLELY BY THE EULA. YOU REMAIN RESPONSIBLE FOR COMPLIANCE OF ANY TERMS BETWEEN YOU AND THE DEVELOPER. IF YOU HAVE ANY QUESTIONS ABOUT DEVELOPER APPLICATIONS OR THE TERMS THAT GOVERN THE USE OF THE SAME, YOU SHOULD CONTACT THE DEVELOPER DIRECTLY.

DELHIVERY DOES NOT WARRANT OR MAKE ANY REPRESENTATIONS ABOUT DEVELOPER APPLICATIONS OR ANY RELATED DEVELOPER SERVICES. ANY WARRANTY OR REPRESENTATION MADE REGARDING ANY DEVELOPER APPLICATION OR RELATED DEVELOPER SERVICES IS MADE DIRECTLY BY SUCH DEVELOPER.

FEDERAL LAW, SOME STATES, PROVINCES, AND OTHER JURISDICTIONS DO NOT ALLOW THE EXCLUSION AND LIMITATIONS OF CERTAIN IMPLIED WARRANTIES, SO THE ABOVE EXCLUSIONS MAY NOT APPLY TO YOU. THE TERMS GIVE YOU SPECIFIC LEGAL RIGHTS, AND YOU MAY ALSO HAVE OTHER RIGHTS WHICH VARY FROM STATE TO STATE. THE DISCLAIMERS AND EXCLUSIONS UNDER THIS AGREEMENT WILL NOT APPLY TO THE EXTENT PROHIBITED BY APPLICABLE LAW.

12. ANNEXURE II - DELHIVERY APPLICATION TERMS

Delhivery Applications made available to you through the OS1 Platform are not Developer Applications and are directly offered by Delhivery under the following terms (“Terms”):

1. DEFINITIONS

   1. “Affiliate” means an entity that, directly or indirectly, owns or controls, is owned or is controlled by, or is under common ownership or control with a Party. As used herein, “control” means the power to direct the management or affairs of an entity and “ownership” means the beneficial ownership of more than fifty percent (50%) of the voting equity securities or other equivalent voting interests of an entity.
   2. “Confidential Information” means all information agreed in writing by both Parties to be confidential or clearly identified as confidential by the disclosing party at the time of disclosure. The pricing for any Delhivery Application is the Confidential Information of both Parties. All technology and specifications relating to the SaaS Solution are the Confidential Information of Delhivery. Notwithstanding the foregoing,“Confidential Information” shall not include information that: (a) is or becomes a part of the public domain through no act or omission of the receiving party; (b) was in the receiving party's lawful possession prior to the disclosure and had not been obtained by the receiving party either directly or indirectly from the disclosing party; (c) is lawfully disclosed to the receiving party by a third party without restriction on the disclosure; or (d) is independently developed by the receiving party, without reference to the disclosing party's Confidential Information.
   3. “Customer Content” means (a) any data or content that is transferred by the Customer to the Delhivery Application. For clarity, Customer Content does not include Customer's Delhivery Application account information, any data that is derived by Delhivery consequent to the Customer's use of the Delhivery Application, or any data generated by Customer relating solely to the use of the Delhivery Application (e.g., error logs).
   4. “DPA” means the Data Processing Agreement for the Delhivery Application, a current version of which is attached as Schedule 1.
   5. “Feedback” means all suggested improvements, enhancement requests, ideas for new functionality or customizations, recommendations, corrections, or other feedback that the Customer provides to Delhivery relating to the SaaS Solution.
   6. “Service Data” means query logs and any data (other than Customer Content) relating to the Customer's use of the Delhivery Application or the operation, maintenance or support thereof.
   7. “Services” means any consulting, implementation, customisations, or other professional services in relation to a Delhivery Application that is ordered by the Customer.

2. LICENSE AND USE OF A DELHIVERY APPLICATION

   1. 2.1. Delhivery hereby grants to the Customer a worldwide, non-exclusive, non-assignable license (without the right to sub-license) to access and use the Delhivery Application solely for Customer's internal business operations subject to these Terms.
   2. 2.2.The license granted to the Customer under clause 4.1 above is subject to the Customer warranting and representing that it shall not (and not allow any of its representatives to):
      • copy, modify, pledge, sell, display, distribute, transfer, assign, or sublicense the Delhivery Application for any reason to any third party;
      • interfere with, bypass or disable any features or functionality that are embedded in or included in the Delhivery Application;
      • access or use the Delhivery Application for the purpose of performing or disclosing any benchmarking or use it in any way to build similar or competitive products or services;
      • to use the Delhivery Application at any point in time by more than the number of concurrent or other users as mutually agreed by the Parties;
      • access or use the Delhivery Application in any unlawful manner, for any unlawful purpose or in any manner inconsistent with these Terms;
      • remove, amend, or destroy any Marks or use the Marks in any manner other than as stated under these Terms;
      • use the Delhivery Application in any way which could cause damage or injury to any person or property;
      • use the Delhivery Application to store, transmit, publish, or make available any content that is false, defamatory, harassing, obscene, illegal, violating privacy rights or any third party rights, or containing any viruses, malware or any other malicious code;
      • use any scraping, data harvesting, web crawlers, or other data extraction methods to extract data from the Delhivery Application;
      • conduct any load testing or penetration testing on the SaaS Software by any third party;
      • apply any procedure or process to any technology available on the Delhivery Application in order to ascertain or derive the source code for it or any trade secret or process contained in it;
      • use the Delhivery Application in violation of any applicable laws including any applicable privacy laws;
      • decompile, disassemble, or reverse engineer the Delhivery Application or permit or authorize a third party to do so; or
      • modify or create derivative works of any technology available on the Delhivery Application.
   3. 2.3. Restrictions of Certain Data:Customer agrees that: (i) Delhivery is not acting on Customer's behalf as a partner, associate, or subcontractor; (ii) the Delhivery Application should in no case be used to store, maintain, process or transmit protected health information (“PHI”) or payment cardholder information; (iii) the Delhivery Applications should in no case be used in any manner that would require Delhivery to be compliant with the Health Insurance Portability and Accountability Act of 1996, as amended and supplemented (“HIPAA”) or Payment Card Industry Data Security Standard requirements (“PCI-DSS”); (iv) to the extent required under applicable law, Customer will obtain any consents from Customer's end users that are required for Customer to pass the Customer Data to Delhivery or onto a Delhivery Application.
   4. 2.4. The Customer warrants and represents that (i) the Delhivery Application will only be used by authorized users as agreed upon and not by any other third party; (ii) it has all rights in the Customer Content and (iii) none of the Customer Content violates these Terms, any applicable law or any intellectual property right of any third party.

   The above-mentioned restrictions under clauses 2.2, 2.3, and 2.4 are collectively referred to as Delhivery's “Acceptable Use Policy” for all Delhivery Applications. The Customer must comply with Delhivery's Acceptable Use Policy and must ensure that all their representatives using the Delhivery Application comply with it. A breach of the Acceptable Use Policy will be considered a material breach of the Agreement and in addition to the other rights Delhivery might have under law, Delhivery shall have the right to terminate the Agreement & these Terms immediately without any liability.

   5. 2.5. Customer is required to accept all patches, bug fixes, updates, maintenance, and service packs necessary for the proper function and security of the Delhivery Application. Delhivery is not responsible for performance or security issues encountered with the Delhivery Application that result from Customer's failure to accept such updates that are necessary for the proper function and security of the Delhivery Application. Except for emergency or security related maintenance activities, Delhivery will coordinate with the Customer on scheduling such updates, where possible, based on Delhivery's next available standard maintenance window.
   6. 2.6. If the Customer obtains or uses any third-party products or services in connection with its use of the Delhivery Application, Customer is solely responsible for evaluating and assessing such products or services to determine whether they meet their requirements. Any use of such third-party products or services are solely between the Customer and the applicable third party, and Delhivery will have no liability with respect to such third party's products or services.
   7. 2.7. Customer acknowledges and agrees that Delhivery may engage third-party service providers to provide services to the Customer in connection with the Delhivery Application.
   8. 2.8. Usage conditions for application programming interface (API) Delhivery Applications (“Intelligence Services”)
   1. 2.8.1 Intelligence Services offered under this Agreement will be activated for restricted access by the Customer through the provision of credentials, specific tokens, API keys, product keys, usernames / password or other forms of authentication, licensing, access control and/or encryption provided by Delhivery (“MACs”). These MACs will act as a secret license key for the Customer and the usage will be monitored based on the invocation of these means.
   2. 2.8.2 Delhivery has the sole right and proprietorship to introduce new Intelligence Services and upgrade the existing services. Delhivery also can deprecate any of the Intelligence Services based on its internal decision and will not be obligated to any Customer beyond the contractual timeline agreed upon.
   3. 2.8.3 The output received from Delhivery by the Customer using Intelligence Services by the Customer under this Agreement shall be termed as “Content”.
   4. 2.8.4 Customer agrees not to create copies of the Intelligence Services to hide the actual usage of Delhivery’s Intelligence Services.
   5. 2.8.5 The Customer may temporarily and securely store limited amounts of Content solely to improve the performance of the merchant implementation due to network latency, for a maximum of 24 hours and in a manner that does not:
      1. • permit use of Content outside of the Intelligence Services.
      2. • manipulate or aggregate Content or portion of the Intelligence Services.
      3. • prevent Delhivery from accurately tracking usage; and/ or does not modify the attribution in any way.
   6. 2.8.6 Customer shall not pre-fetch, retrieve, cache, index, copy or store any Content, or portion of the Intelligence Services with the exception being Customer may store limited amounts of Content solely to improve the performance of the Customer implementation due to network latency, and only if Customer does so temporarily, securely, and in a manner that (a) does not permit use of the Content outside of the Intelligence Services; (b) does not manipulate or aggregate any Content or portion of the Intelligence Services; (c) does not prevent Delhivery from accurately tracking usage; and (e) does not modify attribution in any way.
   7. 2.8.7 Customer shall not use, distribute, or sell any content outside of the implementation or incorporate or embed Delhivery’s products to build commercial applications and products without express written confirmation from Delhivery specifying use cases and target customers.
   8. 2.8.8 Customer shall not create or offer a “wrapper” for the Intelligence Services, unless Customer obtains Delhivery’s written consent to do so. For example, Customer are not permitted to: (a) use or provide any part of the Intelligence Services or Content in a service that Customer offers to others; or (b) create a Customer implementation that re-implements or duplicates the Intelligence Services. Customer is not “wrapping” the Intelligence Services if the Customer implementation provides substantial additional features or content beyond the Intelligence Services, and those additional features or content constitute the primary defining characteristic of the Customer implementation.
   9. 2.8.9 Customer shall not use the Intelligence Services or Content with any products, systems, or applications for or in connection with planning, allocation, routing of e-commerce shipments for the purpose of delivery to a given address but the Customer directly or by any third party.
   10. 2.8.10 Customer will not use the Intelligence Services in a manner that gives access to mass downloads or bulk feeds of any Content.
   11. 2.8.11 The Customer undertakes that MACs provided for use of Intelligence Services not be made public or disclosed to any third party by the Customer. Further the Customer undertakes to adequately protect this information in order to ensure that it is not intentionally or unintentionally disseminated to the public or third parties.

3. SERVICE LEVEL AGREEMENT

   1. The Service Level Terms sets forth the Uptime and Service Availability and shall be as set out at __________. The Service Level Terms shall not apply to any use of a Delhivery Application during the free trial or for any delay or failure caused by Customer's incorrect implementation of the Delhivery Application.

4. CHANGES TO THE DELHIVERY APPLICATION

   1. Delhivery may in its sole discretion, make changes to the Delhivery Application (such as infrastructure, security, technical configurations, application features, etc.) that it deems necessary to comply with applicable law or is required to maintain or enhance:
      1. the quality of Delhivery's products or services to its customers (including to reflect changes in technology or industry practices);
      2. the competitive strength or market for Delhivery's products or services; or
      3. the Delhivery Application's cost efficiency or performance.
   2. While the changes set out herein are at Delhivery's discretion, no changes will result in any material reduction in the level of performance or availability of the applicable Delhivery Application for the Customer.

5. AUTHORIZED USERS

   1. During the configuration and set-up process for the Delhivery Application, the Customer will identify an admin for the Customer's account with Delhivery. Delhivery shall reserve the right to refuse registration of or cancel credentials or delete an account as it deems inappropriate.
   2. Customer shall ensure that all users using the Delhivery Application are users authorized to use the Delhivery Application as agreed upon by the Parties (“Authorized Users”). Authorized User subscriptions are for designated Authorized Users (unless otherwise agreed upon by the Parties) and cannot be shared or used by more than one user.

6. ACCOUNT RESPONSIBILITY

   1. The Customer shall ensure that each Authorized User is abiding by these Terms and the terms of the Agreement and Delhivery's Acceptable Use Policy. The Customer shall be responsible for any unauthorized use of the Delhivery Application by an Authorized User or any person using the Customer's credentials.
   2. The Customer shall, and ensure that all Authorized Users, keep their files and account credentials (including but not limited to admin credentials) secure at all times and not disclose such credentials to any unauthorized other person.
   3. The Customer shall implement and maintain security measures relating to its access credentials to ensure that no unauthorized person or application may gain access to the Delhivery Application. Delhivery shall not be liable or responsible for any loss of information due to any irresponsible act such as loss of the password by any user of the Customer. However, Customer must contact Delhivery immediately in case of any unauthorized access to the Customer account or if the Customer believes the account credentials to be stolen.

7. OWNERSHIP

   1. Customer owns all right, title and interest in and to the Customer Content and all intellectual property rights embodied therein. Except as provided in this clause, Delhivery does not obtain any rights to Customer Content under these Terms. Customer hereby grants to Delhivery a worldwide, royalty-free license to use, host, perform, display and create derivative works from the Customer Content for the purposes of (a) providing the Services and performing its obligations and exercising its rights under these Terms; (b) complying with applicable laws and regulations; (c) operating, analyzing and improving the Services.
   2. Delhivery or its licensors retain all ownership and intellectual property rights to the Delhivery Application, including any related technology, programs, features and functionalities, and derivative works thereof, and to anything developed or delivered by or on behalf of Delhivery (including but not limited to ideas, methods, concepts, know-how, structures, techniques, inventions, developments, processes, discoveries, improvements and other information and materials) under these Terms. Subject to the Customer complying with these Terms, Delhivery hereby grants a limited license as set out under clause 3 these Terms for the Customer's use of the Delhivery Application.
   3. Notwithstanding anything to the contrary in these Terms, Delhivery may collect Service Data to develop, support, modify, improve, and operate its products and services, including the Delhivery Application.
   4. Customer hereby grants a perpetual, irrevocable, non-exclusive, royalty-free, fully paid-up, sublicensable, transferable, worldwide license to any Feedback provided by the Customer under these Terms or in relation to the Delhivery Application in Delhivery and Delhivery's Affiliates' business and for Delhivery to disclose such Feedback to others without restriction or payment. To avoid doubts, we may use the Feedback for any purpose, including incorporating the Feedback into, or using the Feedback to develop and improve Delhivery's products/services and our other offerings without attribution or compensation.

8. TRIAL USE AND PILOT ACCESS

   1. Delhivery may make available certain Delhivery Applications for trial, non-production purposes for a duration as specified by Delhivery from time to time. All Delhivery Applications used for trial purposes are provided on an “as is” and “as available” basis and may not be used with production data that has not been masked, anonymised, or otherwise rendered unreadable. If the Customer uses any production data without these measures, Delhivery shall not be responsible for the same. Delhivery does not provide technical or other support or offer any warranties for services offered on trial basis. The Delhivery Application is provided on a trial basis solely for the Customer to evaluate and test the Delhivery Application for Customer's internal business purposes.
   2. If at the expiry of the trial period, the Customer fails to or does not choose to upgrade to the paid version of a Delhivery Application, Delhivery shall delete the Customer account and all Customer Data within a period of 15 days from the date of expiry of the trial period.

9. FEES AND PAYMENT

   1. All fees payable to Delhivery are due within 15 days from the invoice date. All payment obligations are non-cancellable and must be paid without setoff or deduction, and all amounts paid are non-refundable. Customer will pay any sales, value-added or other similar taxes imposed by applicable law that Delhivery must pay based on the services / solutions ordered. Fees shall be as provided by Delhivery or as listed for the Delhivery Application.
   2. Customer will reimburse Delhivery for its reasonable, out-of-pocket travel and related expenses incurred in performing any Services.
   3. Any late payments shall be subject to an interest of 18% per annum or the maximum amount allowed by law, whichever is lesser. If Customer utilizes a credit card to pay for the Delhivery Application and if a Customer's credit card expires or is canceled or the charge is otherwise denied, Delhivery will attempt to reprocess the charges. Customer is responsible for updating its credit card or bank information to ensure payment can be made.
   4. Disputes: If Customer believes that Delhivery has incorrectly billed Customer, Customer shall use reasonable endeavors to contact Delhivery in writing within 15 days of the date of receipt of invoice for the charge in dispute, specifying the error. To the fullest extent permitted by applicable law, Customer waives any and all claims relating to the fees unless Customer has properly notified Delhivery of the dispute. The foregoing does not waive any of Customer's rights with its credit card issuer or bank, which are subject to Customer's agreement with such entity.
   5. Consent to Third Party Payment Processing: The fees payable for the Delhivery Application will be processed by a third-party payment processing service (“Payment Processor”). Customer consents to the use of such Payment Processor, subject to the applicable third party terms, and to the transfer of Customer's bank or credit card information (including bank account or credit card holder's name, bank account or credit card number, card expiration date, CVV number, and billing address) to such Payment Processor. Any terms governing the processing of Customer payment data are between Customer and such Payment Processor, and Customer should consult the applicable third party terms

10. WARRANTIES AND DISCLAIMERS

    1. Delhivery warrants that the Delhivery Application will operate in substantial conformity with these Terms and any applicable documentation (if any). If the Services provided to the Customer do not perform as warranted, Customer must promptly provide written notice to Delhivery and describe the deficiency in the Services.
    2. EXCEPT AS EXPRESSLY SET OUT IN CLAUSE 10.1 ABOVE, THE DELHIVERY APPLICATION IS PROVIDED ON AN “AS IS” AND “AS AVAILABLE” BASIS. CUSTOMER SHALL USE THE DELHIVERY APPLICATION AT ITS OWN RISK. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, THE DELHIVERY APPLICATION IS PROVIDED WITHOUT WARRANTIES OF ANY KIND, WHETHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO, ANY WARRANTIES OF TITLE, MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, SATISFACTORY QUALITY, ACCURACY, OR NON-INFRINGEMENT. WE DO NOT WARRANT THAT THE DELHIVERY APPLICATION WILL BE UNINTERRUPTED, SECURE, ERROR-FREE, ACCURATE, COMPLETE, AVAILABLE AT ALL TIMES, THAT ANY DEFECTS OR ERRORS WILL BE CORRECTED, OR THAT THE DELHIVERY APPLICATION IS FREE OF VIRUSES OR OTHER HARMFUL COMPONENTS.
    3. FEDERAL LAW, SOME STATES, PROVINCES, AND OTHER JURISDICTIONS DO NOT ALLOW THE EXCLUSION AND LIMITATIONS OF CERTAIN IMPLIED WARRANTIES, SO THE ABOVE EXCLUSIONS MAY NOT APPLY. THE TERMS GIVE SPECIFIC LEGAL RIGHTS, AND CUSTOMER MAY ALSO HAVE OTHER RIGHTS WHICH VARY FROM JURISDICTION TO JURISDICTION. THE DISCLAIMERS AND EXCLUSIONS UNDER THESE TERMS WILL NOT APPLY TO THE EXTENT PROHIBITED BY APPLICABLE LAW.
    4. FOR ANY BREACH OF THE SERVICES WARRANTY, THE CUSTOMER'S EXCLUSIVE REMEDY AND DELHIVERY'S ENTIRE LIABILITY SHALL BE THE CORRECTION OF THE DEFICIENT SERVICES THAT CAUSED THE BREACH OF WARRANTY, OR, IF DELHIVERY CANNOT SUBSTANTIALLY CORRECT THE DEFICIENCY IN A COMMERCIALLY REASONABLE MANNER, CUSTOMER MAY END THE DEFICIENT SERVICES AND DELHIVERY WILL REFUND THE FEES FOR THE TERMINATED SERVICES THAT THE CUSTOMER MAY HAVE PREPAID FOR THE PERIOD FOLLOWING THE EFFECTIVE DATE OF TERMINATION. THIS WILL NOT APPLY IF THE ERROR OR NON-CONFORMANCE WAS CAUSED BY MISUSE OF THE DELHIVERY APPLICATION, ANY MODIFICATIONS TO THE DELHIVERY APPLICATION BY ANYONE OTHER THAN DELHIVERY, OR THIRD-PARTY HARDWARE, SOFTWARE, OR SERVICES USED IN CONNECTION WITH THE DELHIVERY APPLICATION.

11. CONFIDENTIALITY

    1. Each Party may have access to Confidential Information of the other Party. Parties shall use such Confidential Information only to the extent required for the performance of their obligations under these Terms.
    2. Each Party agrees not to disclose the other Party's Confidential Information except to those employees, agents or subcontractors who are required to protect it against unauthorized disclosure in a manner no less protective than required under these Terms.
    3. Nothing shall prevent either Party from disclosing Confidential Information to a governmental entity as required by law.
    4. The obligations of confidentiality under this clause shall apply for a period of 3 years on and from the expiry of these Terms or the relevant SOW, whichever is later.

12. DATA PROTECTION

    1. Personal Data. Customer hereby acknowledges and agrees that Delhivery's performance of these Terms may require Delhivery to process, transmit and/or store Customer's personal data or the personal data of Customer employees and affiliates.

       By submitting personal data to Delhivery, Customer agrees that Delhivery and its affiliates may process, transmit and/or store personal data to the extent necessary for, and for the purpose of, enabling Delhivery to perform its obligations to under these Terms.

       In relation to all personal data provided by or through Customer to Delhivery, the Customer will be responsible as sole Data Controller for complying with all applicable data protection or similar laws such as EU Directive 95/46/EC and laws implementing that Directive that regulate the processing of Personal Data and special categories of data as such terms are defined in that Directive. Customer agrees to obtain all necessary consents and make all necessary disclosures before including any personal data in the Customer Content.

       Customer confirms that Customer is solely responsible for any personal data that may be contained in the content / data of the Customer on the Delhivery Application, including any information which any Authorized User shares on behalf of third parties.

       Customer is solely responsible for determining the purposes and means of processing Customer Personal Data by Delhivery under these Terms, and Customer shall ensure that such processing by Delhivery according to Customer's instructions will not place Delhivery in breach of any applicable data protection laws. Prior o processing, Customer will inform Delhivery about any special categories of data or sensitive personal data contained within Customer personal data and any restrictions or special requirements in the processing of such special categories of data, including any cross border transfer restrictions. Customer is responsible for ensuring that the Delhivery Application meets such restrictions or special requirements.

       Parties will comply with the DPA which is incorporated by reference under these Terms.

    2. Delhivery's Personal Data Obligations.In performing its obligations under these Terms, Delhivery will comply with its Privacy Policy, available atgetos1.com and incorporated herein by reference. The Privacy Policy is subject to change at Delhivery's discretion; however, no such changes will result in any material reduction in the level of protection provided for Customer's data during the period for which fees for the Services have been paid. Delhivery reserves the right to provide the Delhivery Applications from its host locations, and/or through use of subcontractors, worldwide. Delhivery will only process Customer personal data in a manner that is reasonably necessary to provide Delhivery Application. Customer agrees to provide any notices and obtain any consent related to Delhivery's use of the data for provisioning the Delhivery Application, including those related to the collection, use, processing, transfer and disclosure of personal information. Customer shall have sole responsibility for the accuracy, quality, integrity, legality, reliability, appropriateness and retains ownership of all of customer data

       Customer agrees that Delhivery may collect and use non-personal, anonymous, aggregated, statistical, performance or de-identified data (other than Customer Content), and other performance information for legitimate business purposes, such as support, and reporting, research, improvements to Delhivery Applications, industry partnerships, and other legitimate internal business purposes.

13. INDEMNIFICATION

    1. Indemnity by Delhivery. Delhivery will defend the Customer from and against any claim initiated by a third party alleging that the Delhivery Application in accordance with this Agreement infringes a third party's intellectual property rights and indemnify the Customer and from and against any actual liabilities, damages, costs and expenses (including reasonable attorneys' fees) awarded against the Customer or agreed in settlement arising out of or as a result from such third-party claim. Should the Delhivery Application become or, in Delhivery's reasonable opinion be likely to become, the subject of any such claim, Delhivery may, at its option and expense: (i) procure for the Customer the right to continue to use the Delhivery Application; (ii) replace or modify the Delhivery Application to render its use non-infringing; or (iii) terminate this Agreement and refund to the Customer any prepaid fees covering the remainder of the Term after the termination date. This shall be the Customer's sole and exclusive remedy for any type of claim or demands arising out of, or in any way related to, these Terms.
    2. Delhivery will not indemnify the Customer as set out in clause 14.1, if the Customer (i) alters the Delhivery Application in any way or uses it outside the scope of use identified in the solution's documentation or specifications; (ii) uses a version of the Delhivery Application which has been superseded (specifically if the infringement claim could have been avoided by using an unaltered current version of the Delhivery Application which has been made available to the Customer); (iii) to the extent the claim arises from Customer's use of the Delhivery Application in combination with any other software, service or technology not provided by Delhivery; or (iv) to the extent the claim arises from the use of any Delhivery Application during the trial period.
    3. Indemnity by Customer. The Customer will defend, indemnify and hold Delhivery harmless from and against any and all claims, liabilities, damages, costs and expenses (including reasonable attorneys' fees) incurred by Delhivery and arising out of or relating to: (i) Customers data on the Delhivery Application (including the Customer Content) and its use by the Customer, including any such claim involving alleged infringement or misappropriation of any third party's intellectual property rights; (ii) Customer's use of the Delhivery Application (including any activities under the Customer's account and any use thereof by Authorized Users); (iii) Customer's breach of Delhivery's Acceptable Use Policy; (iv) any product, service or technology used by the Customer in connection with or related to the Delhivery Application; or (v) any breach of these Terms or violation of applicable Law by the Customer.
    4. Indemnity Procedure. Any Party entitled to indemnification under this clause 14 (“Indemnified Party”) will give written notice to the indemnifying party of any matters giving rise to a claim for indemnification; provided that the failure of any party entitled to indemnification hereunder to give notice as provided herein shall not relieve the indemnifying party of its obligations under this clause 14 except to the extent that the indemnifying party is actually prejudiced by such failure to give notice. In case any action, proceeding or claim is brought against an Indemnified Party in respect of which indemnification is sought hereunder, the indemnifying party shall be entitled to participate in and, unless in the reasonable judgment of the Indemnified Party a conflict of interest between it and the indemnifying party may exist with respect of such action, proceeding or claim, to assume the defense thereof with counsel reasonably satisfactory to the Indemnified Party. In the event that the indemnifying party advises an Indemnified Party that it will contest such a claim for indemnification hereunder, or fails, within thirty (30) days of receipt of any indemnification notice to notify, in writing, such person of its election to defend, settle or compromise, at its sole cost and expense, any action, proceeding or claim (or discontinues its defense at any time after it commences such defense), then the Indemnified Party may, at its option, defend, settle or otherwise compromise or pay such action or claim. In any event, unless and until the indemnifying party elects in writing to assume and does so assume the defense of any such claim, proceeding or action, the Indemnified Party's costs and expenses arising out of the defense, settlement, or compromise of any such action, claim or proceeding shall be losses subject to indemnification hereunder. The Indemnified Party shall cooperate fully with the indemnifying party in connection with any negotiation or defense of any such action or claim by the indemnifying party and shall furnish to the indemnifying party all information reasonably available to the Indemnified Party which relates to such action or claim. The indemnifying party shall keep the Indemnified Party fully apprised at all times as to the status of the defense or any settlement negotiations with respect thereto.
    5. This clause 14 states the indemnifying party's sole liability to and the exclusive remedy against the other party for any type of claim or demands arising out of, or in any way related to these Terms.

14. SUSPENSION AND TERMINATION

    1. Delhivery may terminate this Agreement or revoke Customer access to the Delhivery Application by providing a 30 day advance notice to the Customer.
    2. Delhivery reserves the right to immediately suspend or terminate the Customer's use of the Delhivery Application:
       1. if Delhivery in its reasonable opinion believes that there is a significant threat to the functionality, security, integrity, or availability of the Delhivery Application or to Delhivery's other customers;
       2. if Delhivery in its reasonable opinion believes that the Customer or any Authorized User has violated the Acceptable Use Policy;
       3. if Delhivery needs to do so to comply with applicable law or any requests from governmental bodies;
       4. if Customer ceases to operate in the ordinary course, makes an assignment for the benefit of creditors or similar disposition of Customer's assets, or becomes the subject of any bankruptcy, reorganization, liquidation, dissolution, or similar proceeding; or
       5. if Delhivery has not received the full amount as stated in Delhivery's invoice to the Customer within the agreed payment timelines.
    3. Wherever possible and lawfully permitted, Delhivery shall provide the Customer with advance notice of any suspension or termination.
    4. Effect of Termination: Upon termination of these Terms or termination of the Agreement,
       1. Customer must pay within 30 days all amounts that have accrued prior to such termination, as well as all sums remaining unpaid for the Delhivery Application plus related taxes and expenses.
       2. Customer shall no longer have rights to access or use the Delhivery Application, including any associated programs and services; however, at the Customer's request, and for a period of up to 30 days after termination, Delhivery will make available Customer's Content for the purpose of retrieval by the Customer. At the end of such 30-day period, and except as may be required by law, Delhivery will render inaccessible any of the Customer's Content any applications that remain in the Delhivery Application and may delete all such data subject to Delhivery's data retention policy.
       3. Customer must cease any and all access to the Delhivery Application.
    5. Provisions that survive termination or expiration of this Agreement are those relating to limitation of liability, indemnification, payment, and others which by their nature are intended to survive

15. EXPORT CONTROL

    1. Customer shall comply with all export laws and regulations of the United States and other applicable export and re-export control laws and regulations, including the U.S. Export Control Laws. Customer represents and warrants that it is not located in a country or region embargoed by the U.S. Government or identified on OFAC's List of Specially Designated Nationals, or any other sanction list of any other country, and Customer will not permit the use of the Delhivery Application by any person or entity identified on those lists. Customer will not provide, export, re-export, or transfer any part of the Application to any embargoed country or region, or to governments or governmental instrumentalities of any embargoed country or region, absent a license or other necessary governmental authorization.
    2. Customer acknowledges that the Delhivery Application is designed with capabilities for the Customer and Customer's Authorized User to access the Delhivery Application without regard to geographic location. The Customer shall solely be responsible for the authorization and management of Authorized User accounts, as well as export control and any legal requirements for the transfer of any Customer data

16. FORCE MAJEURE

    1. Neither Party shall be responsible for failure or delay of performance (including any downtime) if caused by: an act of war, hostility, or sabotage; act of God; pandemic; epidemics; lockdowns; electrical, internet, or telecommunication outage; government restrictions (including the passage of any laws or denial / cancellation of any export, import or other license or other government acts affecting the solution); acts or omissions of internet traffic carriers; or other event outside the reasonable control of such party. Both Parties will use reasonable efforts to mitigate the effect of a force majeure event. If such event continues for more than 30 days, the Parties shall mutually discuss a resolution. If Parties are unable to reach a mutual resolution, then, either Party may cancel unperformed services upon written notice of 10 days. This clause 18 does not excuse either Party's obligation to take reasonable steps to follow its normal disaster recovery procedures or Customer's obligation to pay for the Delhivery Application or any related Services.

17. THIRD PARTY LIABILITY

    1. Customer acknowledges that Delhivery's business partners or other third-party service providers, including any third party firms retained by Customer to provide consulting or implementation services or applications that interact with the Delhivery Application, are independent of Delhivery and are not Delhivery's agents. Delhivery is not liable for, bound by, or responsible for any problems with the services arising due to, any acts of any such business partner or third party, unless the business partner or third party is providing services as a subcontractor of Delhivery.

18. AUDIT RIGHTS

    1. Delhivery may (through itself or through an authorized third party) audit the Customer's use of the Delhivery Application (such audit may also be conducted through the use of software tools) to assess whether Customer's use of the Delhivery Application is in accordance with the OS1 policies and these Terms. Customer agrees to cooperate with Delhivery's audit and provide reasonable assistance and access to all information required by Delhivery for such audit. Customer agrees to pay within 30 days of written notification any fees applicable to Customer's use of the Delhivery Application which are beyond the agreed rights including any excess in the number of Authorized Users). Without limiting other rights, if Customer does not pay, Delhivery shall have the right to terminate these Terms immediately without any liability and claim damages from the Customer. Delhivery shall not be responsible for any costs ncurred by the Customer in cooperating with the audit.

13. Data Processing

This Data Processing Agreement (“DPA”) reflects the parties' agreement with respect to the Processing of Personal Data by Delhivery on behalf of the Customer in connection with use by Customer of a Delhivery Application. This DPA applies to personal data processed by Delhivery in connection with your use of any Delhivery Application.

1. DEFINITIONS

   1. “Customer Personal Data” means Personal Data that is Processed by Delhivery in connection with the performance of its obligations set out under the MSSA.
   2. “Data Protection Laws” means, in respect of a party, all data protection and privacy laws applicable to that party in relation to their rights or obligations under this Agreement, including the General Data Protection Regulation 2016/679 (“GDPR”), the Data Protection Act 2018 (“UK GDPR”), and California Consumer Privacy Act (“CCPA”);
   3. “Instructions” means the written, documented instructions issued by a Controller to a Processor, and directing the same to perform a specific or general action with regard to Customer Personal Data. Customer acknowledges that the Agreement (including the MSSA and this DPA) constitute the Customer's complete Instructions to Delhivery in relation to the Processing of Customer Personal Data.
   4. “Personal Data” means information about an individual that (a) can be used to identify, contact or locate a specific individual; or (c) is defined as “personal data” or “personal information” under applicable Data Protection Laws relating to the collection, use, storage or disclosure of information about an identifiable individual.
   5. “Personal Data Breach” means any accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Customer Personal Data.
   6. “Process” or “Processing”means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
   7. “Service Provider” shall have such meaning as defined in the CCPA.
   8. “Subprocessor” means any entity which provides Processing services to Delhivery in furtherance of Delhivery's processing of Customer Personal Data.
   9. “Processor”, “Controller”,“Data Subject”, and “Supervisory Authority”shall have the same meaning given to them or correlative terms under applicable Data Protection Laws
   10. All capitalized terms not defined in this DPA shall have the meaning set forth in the MSSA.

2. ROLES OF THE PARTIES

   1. In relation to the Processing of the Customer Personal Data, the parties acknowledge that, where Delhivery provides the SaaS Solution and any related Services as agreed in the MSSA, the Customer shall be the Controller and Delhivery shall be the Processor of such information.

3. DETAILS OF PROCESSING

   1. For the sake of clarity, Schedule 1 to this DPA sets out the purpose of Processing, categories of Personal Data Processed and the categories of data subjects subject to this DPA.

4. CUSTOMER RESPONSIBILITIES

   1. Customer will be responsible for complying with all requirements that apply to it under applicable Data Protection Laws and the Instructions Customer issues to Delhivery with respect to its Processing of the Customer Personal Data.
   2. Customer will be solely responsible for:
      1. The accuracy, quality, and legality of Customer Personal Data and the means by which such personal Data was acquired by the Customer;
      2. Complying with all necessary transparency and lawfulness requirements under applicable Data Protection Laws for the collection and use of the Customer Personal Data, including obtaining any necessary consents and authorizations;
      3. Ensuring the right to transfer, or provide access to, the Personal Data to Delhivery for Processing in accordance with the terms of the Agreement; and
      4. Ensuring that Instructions regarding the Processing of Personal Data comply with applicable Data Protection Laws.
   3. Customer is responsible for independently determining whether the data security provided for in the SaaS Solution adequately meets Customer obligations under applicable Data Protection Laws. Customer is also responsible for secure use of the SaaS Solution, including protecting the security of Personal Data in transit to and from the SaaS Solution (including to securely backup or encrypt any such Personal Data).

5. DELHIVERY RESPONSIBILITIES

   1. Delhivery will comply with all Data Protection Laws relating to its Processing of any Customer Personal Data.
   2. Delhivery will only Process Customer Personal Data:
      1. for the purposes of performing its obligations under the Agreement;
      2. pursuant to Customer's Instructions; or
      3. as required to comply with any Data Protection Laws to which Delhivery is subject.
   3. For purposes of CCPA, Delhivery is a Service Provider of the Customer. Without limiting the generality of the foregoing Sections 5.1 and 5.2, Delhilvery will not do any of the following:
      1. sell or share Customer Personal Data under the meaning of CCPA;
      2. retain, use, or disclose Customer Personal Data for any purpose other than for the business purposes and related purposes as specified in the MSSA;
      3. retain, use, or disclose Customer Personal Data outside of the direct business relationship between the Delhivery and Customer;
      4. combine Customer Personal Data with Personal Data that it receives from, or on behalf of, another person or persons, or collects from its own interaction with the consumer, provided that Delhivery may combine Personal Data to perform any business purpose permitted by the CCPA;
   4. If Delhivery engages any other person to assist it in processing Customer Personal Data, or if any other person engaged by Delhivery engages another person to assist in processing Customer Personal Data for that business purpose, Delhivery such engagement shall be pursuant to a written contract binding the other person to observe all the requirements set forth in Section 5.3.
   5. Conflict of Laws: If Delhivery becomes aware that any Instruction of the Customer, infringes applicable law, Delhivery shall inform Customer of the same.
   6. Security: Delhivery will implement appropriate technical and organizational measures to protect Customer Personal Data from Personal Data Breaches such as preventing unauthorized access (access control), ensuring access logs, encryption of data, etc so as to ensure a level of security in respect to the Customer Personal Data Processed appropriately to the risks that are presented by the Processing (in particular from accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Customer Personal Data transmitted, stored or otherwise Processed, having regard to the nature of the Customer Personal Data and the state of technological development and the cost of implementing any measures.
   7. Confidentiality: Delhivery will ensure that any personnel authorized to Process Customer Personal Data on behalf of Delhivery is subject to appropriate confidentiality obligations and are suitably trained to ensure adherence to Data Protection Laws.
   8. Cooperation with Customer: Delhivery, at all times, will provide reasonable assistance, cooperation, and information to the Customer in responding to any request from a Data Subject, any notification to be provided by the Customer of a Personal Data Breach to a Supervisory Authority or a Data Subject; carrying out any personal data protection impact assessments; or any other Customer obligation under the applicable Data Protection Laws.
   9. Direct Data Subject Request: In the event a genuine Data Subject Request regarding the Processing of Customer Personal Data is made directly to Delhivery, then Delhivery, will promptly inform the Customer and will advise the Data Subject to submit such request to the Customer.
   10. Personal Data Breach: Delhivery will notify the Customer without undue delay after becoming aware of any Customer Personal Data Breach and will provide timely information relating to such Personal Data Breach with a level of detail reasonably necessary and required for the Customer to fulfil any obligations under Data Protection Laws. To the extent, it is not practically possible to provide all the information as part of the initial breach notification, Delhivery will provide the information as soon as the same is reasonably available. At Customer's request, Delhivery will provide such reasonable assistance as necessary to enable the Customer to notify relevant Personal Data Breaches to competent authorities and/or affected Data Subjects.
   11. Destruction of Customer Personal Data: Delhivery will delete (or permanently de-identify) the Customer Personal Data at the Customer's request, except that Delhivery shall be entitled to retain copies of the Customer Personal Data to the extent it is required to do so under applicable law.

6. SUB-PROCESSING

   1. Customer acknowledges that Delhivery shall be required to engage Sub-processors to Process Customer Personal Data on Delhivery's behalf and Customer provides a general authorisation for the same under this Agreement.
   2. Where Delhivery appoints any Sub-processor, Delhivery shall ensure that the terms on which such Sub-processor is appointed comply with the Data Protection Laws and are no less onerous than the obligations set out herein. Delhivery shall also impose adequate data protection and security terms on the Sub-processor that provide at least the same level of protection as those in this DPA.
   3. At all times, Delhivery will remain responsible for each Sub-processor's compliance with these obligations and for any acts or omissions to act of such Sub-processor.

7. DATA TRANSFER

   1. Customer acknowledges and agrees that Delhivery may access and Process Customer Personal Data on a global basis as necessary to provide the SaaS Solution or related Services in accordance with the Agreement, and in particular that Customer Personal Data may be transferred to and Processed by Delhivery in the United States and to other jurisdictions where Delhivery and its Sub-processors have operations. Wherever Customer Personal Data is transferred outside its country of origin, each party will ensure such transfers are made in compliance with the requirements of Data Protection Laws.

8. CUSTOMER AUDIT RIGHTS

   1. No more than on one (1) occasion in any calendar year, on prior written notice of at least 7 working days, Delhivery shall make available to you all necessary information to demonstrate Delhivery's compliance with its obligations under this DPA, and allow for audits, including inspections, by you (or another auditor mandated by you, provided that such auditor enters into a non-disclosure agreement with Delhivery on terms acceptable to Delhivery) for this purpose, provided that any such audit takes place during normal business hours and does not result in interference with (a) Delhivery's operations and services, and (b) with the confidentiality or security of the data of Delhivery's other customers. Any costs of such audit shall be borne by the Customer.

14. Details of Processing

1. Subject-matter of Processing:Customer has requested and Delhivery has agreed to provide the SaaS Solution and related Services under the MSSA, which may involve the Processing of the Customer Personal Data.
2. Purpose of Processing:The nature and purpose of the Processing are to enable Delhivery to provide the Customer with the SaaS Solution and Services.
3. Types of Customer Personal Data Processed:Delhivery will Process the following types of Customer Personal Data (this is not an exhaustive list). Such Customer Personal Data shall be determined and Controlled by the Customer:
   1. Identification, biographical and contact data (such as name, address, phone number, email account, and other contact details);
   2. Financial data (such as transaction information, account details);
   3. Technical data (such as IP address, operational data, geographic location, cookie data, device and browser information); and/o
   4. Special Categories of Personal Data (if applicable): Subject to any applicable restrictions and/or conditions in the MSSA, Customer may include “special categories of personal data” or similarly sensitive personal data (as described or defined in Data Protection Laws) in Customer Personal Data, the extent of which is determined and controlled by the Customer in their sole discretion.
4. Categories of Data Subjects:The categories of Data Subjects are determined and controlled by the Customer and may include, but are not limited, to the following:
   1. Customer's business partners, customers, potential customers (who are natural persons);
   2. Customer's employees, workers, vendors, independent contractors (who are natural persons); and/or
   3. Employees and/or contact persons of Customer's vendors, independent contractors, business partners, customers and/or potential customers.