Software and Services Agreement

Software and Services Agreement (US)
Software and Services Agreement (English EEA Version)
OneQA data protections

Software and Services Agreement (US)
Software and Services Agreement (English EEA Version)
OneQA data protection

OneQA Software and Services Agreement

Last Updated: May 15, 2019 (US Version)

This OneQA Software and Services Agreement document ("SSA") governs your access to and use of the OneQA desktop software application and related services, including the OneQA web services (each a “Licensed Service” and collectively, the "Licensed Services"), that are provided by Fluke Electronics Corporation and its subsidiaries or affiliates thereof transacting under such or other brands or in their own names (collectively, "Fluke" or "we" or "us" or “our”). PLEASE READ THIS SSA CAREFULLY. IT CONTAINS IMPORTANT TERMS THAT AFFECT YOU AND YOUR USE OF THE LICENSED SERVICES. YOU REPRESENT AND WARRANT THAT YOU ARE ENTERING INTO THIS SSA IN THE COURSE OF CARRYING ON BUSINESS OR FOR BUSINESS PURPOSES (AND NOT AS A CONSUMER). HOWEVER IN THE EVENT THAT ANY CONSUMER LAWS APPLY UNDER APPLICABLE LAW, THIS SSA DOES NOT AFFECT OR PREJUDICE ANY STATUTORY RIGHTS YOU MAY HAVE UNDER APPLICABLE LAW. IF YOU ARE ENTERING INTO THIS SSA ON BEHALF OF A COMPANY OR OTHER LEGAL ENTITY, YOU REPRESENT AND WARRANT THAT YOU HAVE THE AUTHORITY TO BIND SUCH COMPANY OR ENTITY TO THE TERMS OF THIS SSA, IN WHICH CASE THE TERMS "YOU" OR "YOUR" SHALL ALSO REFER TO THE COMPANY OR ENTITY WHICH YOU REPRESENT OR ARE EMPLOYED BY, ITS AFFILIATES AND EACH OF THEIR DIRECTORS, OFFICERS, EMPLOYEES, AGENTS AND REPRESENTATIVES. BY CLICKING THE "CREATE ACCOUNT" BUTTON, OR INSTALLING, ACCESSING, USING OR UPDATING THE LICENSED SERVICES, YOU AGREE TO BE BOUND BY THE TERMS OF THIS SSA ON YOUR OWN BEHALF AND, AS APPLICABLE, ON BEHALF OF THE COMPANY OR ENTITY WHICH EMPLOYS YOU OR WHICH YOU REPRESENT. IF YOU DO NOT AGREE TO THE TERMS OF THIS SSA, DO NOT INSTALL, ACCESS OR USE THE LICENSED SERVICES. PLEASE NOTE THAT, IF YOU DO NOT AGREE TO THE TERMS OF THIS SSA, YOU DO NOT HAVE ANY RIGHT OR LICENSE TO INSTALL, ACCESS OR USE THE LICENSED SERVICES.

1. Information Practices and Privacy Notice.

1.1 Information Practices. Fluke collects information, including personally identifiable information and personal data, in connection with the access to and use of the Licensed Services. The information and personal data that is collected in connection with the Licensed Services will be used and shared by us for various purposes, including without limitation to provide, maintain and improve the Licensed Services that we ordinarily provide or which you have specifically requested and as is reasonably necessary to operate our business.

1.2 Privacy Notice. For more information about how Fluke collects, uses, and shares information, please refer to our Privacy Notice(and any successor or related locations designated by us and as it may be updated by us from time to time) (“Fluke Privacy Notice”). The Fluke Privacy Notice applies to your Account Information and Service Usage Information. The Fluke Privacy Notice does not apply to User Content.

1.3 Aggregation. You agree that Fluke may aggregate all or any portion of the information, including personal data, we collect so that it cannot reasonably be used to identify you (collectively, the "Aggregated Data"), and that we shall own exclusive rights, including without limitation all intellectual property rights, in and to the Aggregated Data and shall be entitled to the unrestricted use and sharing of the Aggregated Data for any purpose, commercial or otherwise, subject to compliance with applicable data protection and privacy law.

1.4 Transfers of Personal Data to the United States. By installing, accessing and using the Licensed Services, you consent to the processing and transfer of your personal data in and to the United States and other countries (including countries that may provide a lower level of legal protection for your information) in the manner described in the Fluke Privacy Notice.

2. Use of the Licensed Services; Eligibility; Registration; Account.

2.1 General. You may access and use the Licensed Services provided you do so in accordance with this SSA. You will comply with the terms of this SSA and all laws, rules and regulations applicable to your use of the Licensed Services.

2.2 Eligibility. The Licensed Services are not targeted towards, nor intended for use by, anyone under the age of 18 (or the age of majority in your country or jurisdiction of residence). By accepting the terms of this SSA, you represent and warrant that you (a) are 18 years of age or older (or have reached the age of majority in your country or jurisdiction of residence); and (b) have the right, capacity, and authority to accept and be bound by this SSA and that, in doing so, you will not violate any other agreement to which you are a party.

2.3 Your account. In order to access and use the Licensed Services, you will be required to register for an account. When registering for an account, you agree not to create an account name that incorporates a trademark or service mark without authorization from the mark owner. Fluke reserves the right, in its discretion, to reclaim account names, or to take other reasonable action as necessary, on behalf of any business or individual that holds legal claim, including trademark and service mark rights, in a name. In consideration of your use of the Licensed Services, you agree to (a) provide accurate, current and complete Account Information; (b) maintain and promptly update your Account Information; (c) maintain the security of your password and accept all risks of unauthorized access to your account and the information you provide to us except as a result of Fluke’s breach of this SSA; and (d) promptly notify us if you discover or otherwise suspect any security breaches related to the Licensed Services. Whenever reference is made in this SSA to the “discretion” of Fluke, such reference shall mean the “sole and absolute discretion” of Fluke.

3. Ownership; Licensed Services Plans and License; License Restrictions.

3.1 Ownership. Unless otherwise indicated in this SSA, through the Licensed Services, or otherwise by Fluke, you acknowledge that we or our licensors own all right, title and interest in and to the Licensed Services (except any Tools you purchase and own) and all content and other materials provided by Fluke or our third-party licensors in connection with the Licensed Services, including, without limitation, (a) the Fluke and OneQA logos and any other trademarks, service marks, service or trade names, logos, and other designations of Fluke that we may make available to you in connection with this SSA; and (b) all designs, text, graphics, pictures, photos, videos, code, information, data, templates, scripts, software, sound files, other files, items or materials and the selection and arrangement thereof (collectively, "Content"), and all related technology and intellectual property rights, and are protected by U.S. and international copyright and other applicable laws.

3.2 Licensed Services Plans and Licensed Services. Our Licensed Services are offered in different types of plans, as specified in our Licensed Services Plan Pricing page (and any successor or related locations designated by us and as it may be updated by us from time to time)(each a “Licensed Services Plan” and collectively, “Licensed Services Plans”). Each Licensed Service is offered as a subscription for a one‑year term (“Term”), with service fees due annually. During the Term of your Licensed Services Plan, subject to the terms and conditions of this SSA, Fluke grants you a limited, revocable, non-exclusive, non-transferable (except as specified under Section 4.3), non-sublicensable license to install, access and use the Licensed Services and Content in the regular course of your work solely in accordance with this SSA. Licensed Services are licensed as specified in the Licensed Services Plans. Any use of the Licensed Services or Content other than as specifically authorized under this SSA, without the prior written permission of Fluke, is strictly prohibited and will terminate the licenses granted herein with or without notice. Such unauthorized use may also violate applicable laws, including without limitation copyright and trademark laws and applicable communications regulations and statutes.

Fluke may provide updates and upgrades to the Licensed Services from time to time. The terms of this license will govern any updates or upgrades provided by Fluke that modify, replace or supplement the original Licensed Services, unless such update or upgrade is accompanied by a separate license in which case the terms of that separate license will govern.

3.3 License Restrictions. Except as expressly set out in this SSA or to the extent applicable law does not allow any of the following restrictions, the license granted to you under Section 3.2 of this SSA does not allow you to do or attempt to do any of the following: (a) access or use the Licensed Services or Content on any desktop computer you do not own or lawfully control; (b) distribute, copy, license, rent, sell, publish, lease, assign or otherwise transfer the Licensed Services, Content or any other proprietary materials of Fluke to any third party; (c) download (other than page caching) any portion of the Licensed Services, Content or any information contained therein, except as expressly permitted on the Licensed Services or in this SSA; (d) reverse engineer, decompile, disassemble, or attempt to discover any source code or trade secrets related to the Licensed Services, Content or any other proprietary materials of Fluke; (e) use any data mining, robots or similar data gathering or extraction methods; (f) modify, alter or create any derivative works of the Licensed Services or Content or based on any other proprietary materials of Fluke; (g) remove, alter, or obscure any copyright, trademark, service mark or other proprietary rights notice on or in the Licensed Services or Content; (h) work around any technical limitations on or in the Licensed Services or Content; or (i) use the Licensed Services or Content for purposes for which it was not designed or intended. Except as expressly set out in this SSA or otherwise by Fluke, nothing in this SSA shall be construed as conferring any license to intellectual property rights, whether by estoppel, implication or otherwise.

4. Licensed Services Payment Terms.

4.1 License Fees. All Licensed Services Plans require an annual fee, which you may pay online via credit cards or via purchase orders. Note that if you opt to pay the annual fee by credit card (whether online or via a purchase order), your Term will automatically renew for an additional Term at the end of each Term, until you cancel your Licensed Services Plan or this SSA is terminated. If you opt to pay the annual fee by any method other than credit cards, your Term will not automatically renew and you must sign up for an additional Term if you wish to continue to access and use the Licensed Services.

4.2 Automatically Recurring Payments During the Term. IF YOU PURCHASE AN AUTOMATICALLY RENEWING LICENSED SERVICES PLAN USING A CREDIT CARD (WHETHER ONLINE OR VIA PURCHASE ORDERS), YOU AGREE THAT FLUKE (OR OUR THIRD PARTY PAYMENT PROCESSOR) IS AUTHORIZED TO CHARGE YOU, AND YOU WILL PAY, ON AN ANNUAL BASIS, THE APPLICABLE FEES FOR YOUR LICENSED SERVICES PLAN (IN ADDITION TO ANY APPLICABLE TAXES AND OTHER CHARGES) DURING THE TERM. YOU MUST MAINTAIN PROPER AND COMPLETE INFORMATION FOR A DESIGNATED PAYMENT METHOD AT ALL TIMES.

4.3 Processing Renewals of Licensed Services Plans. IF YOU RENEW A LICENSED SERVICES PLAN FOR A NEW TERM, YOU EXPRESSLY ACKNOWLEDGE AND AGREE THAT FLUKE (OR OUR THIRD-PARTY PAYMENT PROCESSOR) IS AUTHORIZED TO CHARGE YOUR DESIGNATED PAYMENT METHOD, AND YOU WILL PAY, THE APPLICABLE FEES FOR YOUR LICENSED SERVICE PLAN (IN ADDITION TO ANY APPLICABLE TAXES AND OTHER CHARGES) ON A RECURRING ANNUAL BASIS, BASED ON THE PAYMENT OPTION YOU CHOOSE, FOR THE NEW TERM.

4.4 No Refunds; Effects of Cancellation.PURCHASES OF LICENSED SERVICES PLANS ARE FINAL AND PAYMENTS CANNOT BE CANCELLED DURING THE TERM. IF YOU CANCEL YOUR PURCHASE, YOU MAY TRANSFER THE LICENSED SERVICES PLANS TO ANOTHER USER WITHIN THE COMPANY OR ENTITY (OR ITS AFFILIATES) THAT YOU REPRESENT OR ARE EMPLOYED BY FOR THE REMAINDER OF THE TERM BY CALLING US AT (888) 403-3361 OR (440) 542-3646 OR EMAILING US AT [email protected]. IF WE TERMINATE THIS SSA FOR OUR CONVENIENCE, WE WILL PROVIDE A REFUND OF ANY UNUSED PRE-PAID FEES ON A PRO RATA BASIS FOR THE REMAINING PRE-PAID TERM. EXCEPT AS SPECIFICALLY SET FORTH ABOVE, FLUKE IS NOT OBLIGATED TO ISSUE REFUNDS OR CREDITS FOR A PARTIALLY USED TERM. THIS DOES NOT AFFECT ANY STATUTORY RIGHTS YOU MAY HAVE UNDER APPLICABLE LAW.

4.5 No-cost Trials. Your subscription to the Licensed Services may start with a no-cost trial for a limited period (“No-cost Trial”). The specific terms of your No-cost Trial will be provided in the marketing materials describing the particular trial or at registration and are incorporated into this SSA by reference and are legally binding. For combinations with other offers, restrictions may apply. No-cost Trials are for new and former customers only. Fluke may offer no-cost trials of certain featured services to existing customers. Fluke reserves the right, in its discretion and subject to applicable law, to determine your No-cost Trial eligibility and to modify or cancel a No-cost Trial or a No-cost Trial offer at any time. IF YOU REGISTER FOR A NO-COST TRIAL, WE WILL MAKE THE APPLICABLE LICENSED SERVICE(S) AVAILABLE TO YOU ON A TRIAL BASIS FREE OF CHARGE UNTIL THE EARLIER OF (A) THE END OF THE NO-COST TRIAL PERIOD FOR WHICH YOU HAVE REGISTERED; (B) THE START DATE OF ANY PAID SUBSCRIPTION TO A LICENSED SERVICES PLAN; OR (C) TERMINATION BY FLUKE IN ITS DISCRETION. WE WILL NOT AUTOMATICALLY CONVERT YOUR NO-COST TRIAL INTO A PAID SUBSCRIPTION, AND FLUKE MAKES NO GUARANTEE AND UNDERTAKES NO OBLIGATION TO ALERT YOU OF THE EXPIRATION OF YOUR NO-COST TRIAL. IF YOU WISH TO CONTINUE YOUR ACCESS TO THE LICENSED SERVICES AFTER THE EXPIRATION OF THE NO-COST TRIAL WITHOUT INTERRUPTION, YOU MUST PURCHASE A SUBSCRIPTION TO A LICENSED SERVICES PLAN PRIOR TO THE EXPIRATION OF YOUR NO-COST TRIAL. IF YOUR NO-COST TRIAL EXPIRES PRIOR TO THE START OF YOUR PAID SUBSCRIPTION, FLUKE IS NOT RESPONSIBLE OR LIABLE FOR ANY ASSOCIATED LOSS, DAMAGE, INJURY OR HARM ARISING FROM THE EXPIRATION OF THE NO-COST TRIAL OR OTHERWISE IN CONNECTION WITH ANY TERMINATION OF YOUR LICENSED SERVICES, EXCEPT TO THE EXTENT SUCH LIABILITY CANNOT BE EXCLUDED OR LIMITED UNDER APPLICABLE LAW.

4.6 Payment and Billing Information; Late Fees. By providing a credit card or other payment method that we accept, you represent and warrant that you are authorized to use the designated payment method and you hereby authorize Fluke (or our third party payment processor) to charge your payment method for the total amount of the applicable annual fee for your Licensed Services Plan (including any Applicable Taxes and other charges) during the Term (each, a “Payment”). If the payment method cannot be verified, is invalid or is otherwise not acceptable, your access to the Licensed Services may be suspended or cancelled, in accordance with applicable law. You must resolve any problem we encounter with the Payment to resume your access to and use of the Licensed Services. In the event you wish to change or update payment information associated with your Fluke account, you may do so at any time by logging into your account and editing your payment information. You acknowledge and agree that the amount billed and charged may vary due to changes to your Licensed Services Plans, promotional discounts, or changes in Applicable Taxes, other charges, including late Payment charges, and you hereby authorize Fluke (or our third-party payment processor) to charge your payment method for the corresponding amount. All amounts payable by you under this SSA will be paid to us without set-off or counterclaim, and without any deduction or withholding.

4.7 Suspension or Termination; Late Fees; Access to User Content post-Term or Termination. Fluke may suspend or terminate, in its discretion but subject to applicable law, your or any Permitted User’s right to access or use any or all of the Licensed Services or Content immediately on notice if we determine that (a) you fail to pay any amounts due for any of your Licensed Services Plans; (b) you are, or any Permitted User is in breach of the terms of this SSA; or (c) your or a Permitted User’s use of the Licensed Services or Content (i) could be fraudulent; (ii) could subject us or any third party to liability; (iii) poses a risk to the security of the Licensed Services, Content or any third party; or (iv) could negatively impact our Licensed Services or Content, or our or any third party’s systems. Any use of the Licensed Services Plans other than as specifically authorized under this SSA, without the prior written permission of Fluke, is strictly prohibited, constitutes a breach of this SSA, and may result in termination of any or all Licensed Service Plans, at Fluke’s discretion. Such unauthorized use may also violate applicable laws, including without limitation copyright and trademark laws and applicable communications regulations and statutes. Note that Payments not paid when due will bear interest at the rate of 1.5% per month (19.56% per annum) or the maximum rate permitted by applicable law, whichever is less, computed and compounded daily from the date due until the date paid. You are responsible for any additional amounts incurred by Fluke or others associated with collecting any overdue Payments, including without limitation reasonable attorneys’ fees. Fluke reserves all rights and remedies to enforce and collect on all amounts payable by you to Fluke under this SSA. You may download your User Content at any time before the end of the Term. On expiry or termination of this SSA for any reason, you will have ninety (90) days (“Post-Term Period”) to request access to your User Content for a fee or to request to renew your subscription. Fluke will have no obligation to (a) provide access to your User Content during the Post-Term Period, or to allow you to renew your subscription, if any Payments remain outstanding during the Post-Term Period, or if this SSA is terminated for your breach pursuant to Section 19.2; or (b) maintain any User Content after the Post-Term Period.

4.8 Pricing and Availability. Prices are shown in the currency of your country of residence or as specified in our Licensed Services Plans and Applicable Taxes and other charges, if any, are additional. We reserve the right to adjust prices as we may determine in our discretion, at any time and without notice; provided, however, that if we change the amounts or other charges associated with your Licensed Services Plan, we will provide advance notice of such changes. We will not, however, be able to notify you of changes in any Applicable Taxes. Unless your Licensed Services Plan automatically renews, if you renew your Term at the end of each Term, such renewal will confirm your acceptance of such changes in effect at the time of your renewal.

4.9 Taxes and VAT. Each party will be responsible for identifying and paying all taxes, duties and other governmental fees and charges (and any penalties, interest, and other additions thereto) that are imposed on that party in connection with this SSA. We may charge and you will pay applicable sales tax, VAT and other related taxes on Licensed Services Plans where we have determined that we have a legal duty to collect such taxes from you (“Applicable Taxes”). If a Licensed Services Plan is subject to Applicable Taxes, you agree that the amount of Applicable Taxes shown at checkout may be adjusted. Several factors may cause this, such as variances between processor programs and changes in the rates of Applicable Taxes.

4.10 No Resale. You are not permitted to resell or otherwise transfer (except as specified under Section 4.4 above) your Licensed Services Plan without the express written permission of Fluke, which Fluke is under no obligation to provide.

5. Permitted Users. You will ensure that all of your Permitted Users agree to the terms of this SSA and have been notified of how Fluke collects, uses, and shares personal data, as described in the Fluke Privacy Notice before providing your Permitted Users with access to the Licensed Services. All references to “you” or “your” in this SSA shall also be construed to refer to your Permitted Users. You are responsible for (a) identifying and authenticating all Permitted Users; (b) approving access by such Permitted Users to the Licensed Services; (c) ensuring Permitted Users’ compliance with this SSA; (d) controlling against unauthorized access or use by Permitted Users; (e) maintaining the confidentiality of user names, passwords and account information; and (f) providing or obtaining any necessary notifications or consents from Permitted Users as required by applicable law, including for any features of OneQA enabled devices and tools (“Tools”). Fluke is not responsible for any harm caused by your Permitted Users, including individuals who were not authorized to have access to the Licensed Services but who were able to gain access because user names, passwords or accounts were not terminated on a timely basis in your local identity management infrastructure, your local computers, or otherwise by you or on your behalf. You are responsible for all activities that occur under or in connection with your and your Permitted Users’ user names, passwords or accounts (except as a result of Fluke’s breach of this SSA) or as a result of your or your Permitted Users’ access to the Licensed Services and Content, and agree to notify Fluke immediately in writing of any unauthorized use. You agree to make every reasonable effort to prevent unauthorized third parties from accessing the Licensed Services and Content.

6. Administrators. You must designate one or more Permitted Users as an administrator (“Administrator”) of your account. You agree that the Administrator may, on your behalf, grant and revoke the access and use rights of other Permitted Users, at any time and for any reason, and set permission levels, roles, or otherwise manage your account. You may change your Administrator(s) at any time and for any reason.

7. Equipment. You are solely responsible for providing and maintaining at your own expense all Tools, equipment, software, services, and other items necessary to access and use the Licensed Services (including without limitation any computer or device hardware or software, modems, telephone service, and Internet access).

8. User Content. The Licensed Services include features and areas in which you or other Permitted Users may create, upload, transmit or store User Content. You understand that your User Content may be viewable by others, including other Permitted Users. You agree that you are solely responsible for your User Content, for your use of such interactive features and areas and that you use them at your own risk, and that if you wish to impose restrictions on individuals or entities with whom you share your User Content, you will need to impose those obligations directly on those individuals or entities through arrangements other than this SSA. You are solely responsible for any decision made by you in connection with any User Content including determining that you have all necessary consents to share the User Content on the Licensed Services. Fluke makes no representation or warranty (a) as to the integrity or value of any User Content; and (b) except as set out in Section 4.7, that it will retain any User Content or other information associated with User Content in the event that the Licensed Services (or any features or portions thereof) are suspended, terminated, discontinued (temporarily or permanently), or otherwise made unavailable or in the event that this SSA is suspended or terminated, for any reason whatsoever.

9. Acceptable Use. By using the Licensed Services, you agree not to create, upload, transmit, store, distribute or otherwise publish through the Licensed Services any of the following:

User Content that is reasonably likely to be unlawful, libelous, defamatory, obscene, pornographic, indecent, lewd, suggestive, harassing, threatening, invasive of privacy or publicity rights, abusive, inflammatory, fraudulent or otherwise objectionable;
User Content that is reasonably likely to constitute, encourage or provide instructions for a criminal offense, violate the rights of any party (including any right to privacy), or that would otherwise create liability or violate any local, state, national or international law;
User Content that may infringe any patent, trademark, trade secret, copyright or other intellectual or proprietary right of any party. By uploading or transmitting any User Content, you represent and warrant that you have the lawful right to distribute and reproduce such User Content;
User Content that contains or depicts any statements, remarks or claims that do not reflect your honest views and experiences;
User Content that impersonates any person or entity or otherwise misrepresents your affiliation with a person or entity;
unsolicited promotions, political campaigning, advertising or solicitations;
personal or private information of any third party (except information related to Permitted Users), including, without limitation, addresses, phone numbers, email addresses, Social Security numbers, health or medical information and credit card numbers or other financial or personal information, except as specifically authorized by us and such third party;
viruses, corrupted data or other harmful, disruptive or destructive files; or
User Content that Fluke determines in its discretion to be objectionable or inappropriate or which restricts or inhibits any other person from using or enjoying the Licensed Services, or which may expose Fluke or our users or other customers to any harm, disrepute or liability of any type.

You further agree that you will not violate any applicable law, rule, regulation, contract, intellectual property or third-party right or commit a tort in connection with your use of the Licensed Services, and that you are solely responsible for your conduct while using the Licensed Services. You agree that you will abide by this SSA and will not:

use the Licensed Services in any manner that could interfere with, disrupt, negatively affect or inhibit other users or customers of Fluke from fully enjoying the Licensed Services, or that could damage, disable, overburden or impair the functioning of the Licensed Services in any manner;
send any unsolicited or unauthorized advertising, solicitations, promotional materials, spam, junk mail, chain letters or pyramid schemes, or harvest or collect the email addresses or other contact information of other users or customers of Fluke from the Licensed Services for the purpose of sending spam or other commercial messages;
use any robot, spider, crawler, scraper or other automated means or interface not provided by us to access the Licensed Services or to extract data;
reverse engineer any aspect of the Licensed Services or do anything that might discover source code or bypass or circumvent measures employed to prevent or limit access to any area, content or code of the Licensed Services (except as otherwise expressly provided by law);
use or attempt to use another user's or customer’s account without express written authorization from such user or customer (as the case may be) and Fluke;
attempt to circumvent any content filtering techniques Fluke employs, or attempt to access any service or area of the Licensed Services that you are not expressly authorized to access;
attempt to indicate in any manner that you have a relationship with us or that we have endorsed you or any products or services for any purpose;
engage in any harassing, intimidating, predatory or stalking conduct;
develop any third-party applications that interact with the Licensed Services without our prior written consent, to the full extent permitted by applicable law; or
use the Licensed Services for any illegal or unauthorized purpose or engage in, encourage, or promote any activity that violates this SSA.

Except as otherwise provided under applicable law, Fluke is not responsible or liable for the conduct of, or your interactions with, any users of the Licensed Services (whether online or offline), nor is Fluke responsible or liable for any associated loss, damage, liability, injury or harm. As a provider of interactive services, Fluke is not liable for any statements, representations or User Content provided by our users through the interactive area of the Licensed Services. Although Fluke has no obligation to screen, edit or monitor any User Content, Fluke reserves the right, and has discretion, to remove, screen or edit any User Content uploaded to or stored on the Licensed Services at any time and for any reason without notice, and you are solely responsible for creating backup copies of and replacing any User Content you upload, transmit or store on the Licensed Services at your sole cost and expense. Any use of the Licensed Services in violation of this SSA may result in, among all other rights and remedies available to Fluke under law, termination or suspension of your rights to use the Licensed Services.

10. Rights in User Content.You retain all ownership rights in the User Content you submit to Fluke through the Licensed Services. By uploading or transmitting User Content through the Licensed Services, you grant Fluke, to the fullest extent permitted by applicable law, a nonexclusive, royalty-free, perpetual, irrevocable and fully transferable and sublicensable license to use, reproduce, modify, adapt, or translate the User Content, in whole or in part, throughout the world to provide, maintain and improve the Licensed Services and other products and services offered by or on behalf of Fluke from time to time. By uploading or transmitting User Content to the Licensed Services, you represent and warrant that (a) such User Content is not subject to any third-party confidentiality obligations that would be breached by the access, use, storage and sharing contemplated by this SSA; (b) you own and control all the right, title and interest in and to the User Content that you create, upload or transmit or you otherwise have all rights in and to the User Content that are necessary to grant the rights contemplated by this SSA; (c) the User Content is accurate and not misleading or harmful in any manner; and (d) the User Content, and your use, uploading and transmitting thereof, does not and will not violate this SSA or any applicable law, rule or regulation.

11. Confidentiality. Fluke agrees to treat the User Content as your confidential information and will disclose such content only for the purposes of performing our obligations under this SSA and as otherwise permitted under this SSA and the Fluke Privacy Notice. If Fluke is under an obligation to disclose User Content pursuant to applicable law or legal process, Fluke will provide User Content as required.

12. Trademarks. “FLUKE”, the FLUKE logo, “ONEQA“, and the ONEQA logos and any other Fluke product or service names, logos or slogans that may appear in or on the Licensed Services are trademarks of Fluke in the United States and in other countries, and may not be copied, imitated or used, in whole or in part, , except in connection with use provided by Fluke in connection with the Licensed Services without the prior written permission of Fluke. Third-party marks appearing in or on the Licensed Services are owned by their respective companies and may not be used without permission of the applicable trademark holder. You may not use any metatags or other "hidden text" utilizing "Fluke" or any other name, trademark or product or service name of Fluke without our prior written permission. In addition, the look and feel of the Licensed Services, including all page headers, custom graphics, button icons and scripts, are the service mark, trademark and/or trade dress of Fluke and may not be copied, imitated or used, in whole or in part, without our prior written permission. All other trademarks, registered trademarks, product names and company names or logos mentioned in or on the Licensed Services are the property of their respective owners. Reference to any products, services, processes or other information, by name, trademark, manufacturer, supplier or otherwise does not constitute or imply endorsement, sponsorship or recommendation by Fluke.

13. Third-Party Content. Fluke may provide third-party content on the Licensed Services and may provide links to web pages and content of third parties (collectively, "Third-Party Content") as a service to those interested in this information. Fluke does not control, endorse or adopt any Third-Party Content and makes no representations or warranties of any kind regarding the Third-Party Content, including without limitation regarding its accuracy or completeness. You acknowledge and agree that Fluke is not responsible or liable in any manner for any Third-Party Content and undertakes no responsibility to update or review any Third-Party Content. Users use such Third-Party Content at their own risk and are urged to review any applicable terms and conditions and privacy policies relating to Third-Party Content prior to using any Third-Party Content.

14. Advertisements and Promotions; Third-Party Products and Licensed Services. Fluke may display advertisements and promotions from third parties in or on the Licensed Services or may otherwise provide information about or links to third-party products or services on the Licensed Services. Your business dealings or correspondence with, or participation in promotions of, such third parties, and any terms, conditions, warranties or representations associated with such dealings or promotions, are solely between you and such third party. Fluke makes no representations or warranties of any kind regarding the third-party advertisements, promotions and information, including without limitation regarding their accuracy or completeness. You acknowledge and agree that Fluke is not responsible or liable in any manner for any loss or damage of any sort incurred as the result of any such dealings or promotions or as the result of the presence of third-party information in or on the Licensed Services. Users transact with such third parties at their own risk and are urged to review any applicable terms and conditions and privacy policies relating to such transactions and dealings prior to entering into any such transactions or dealings.

15. Feedback. You may submit to Fluke questions, comments, suggestions, ideas, plans, notes, drawings, original or creative materials or other information or materials about Fluke or the Licensed Services (collectively, "Feedback"). Feedback, whether submitted through the Licensed Services or otherwise is non-confidential and shall become the sole property of Fluke. Fluke shall own exclusive rights, including all intellectual property rights, in and to such Feedback and shall be entitled to the unrestricted use and dissemination of this Feedback for any purpose, commercial or otherwise, without acknowledgment or compensation to you.

16. No Warranty.THE LAWS OF SOME STATES OR JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES. TO THE EXTENT THAT THOSE LAWS APPLY, THE EXCLUSIONS SET FORTH BELOW AND IN THIS SSA MAY NOT APPLY TO YOU.

EXCEPT TO THE EXTENT PROHIBITED BY APPLICABLE LAW, OR TO THE EXTENT ANY STATUTORY RIGHTS APPLY THAT CANNOT BE EXCLUDED, LIMITED OR WAIVED, YOU EXPRESSLY ACKNOWLEDGE AND AGREE THAT: (A) THE LICENSED SERVICES AND CONTENT MAY CONTAIN BUGS, ERRORS, AND DEFECTS; (B) USE OF THE LICENSED SERVICES AND CONTENT IS AT YOUR SOLE RISK; AND (C) THE ENTIRE RISK AS TO SATISFACTORY QUALITY, PERFORMANCE, ACCURACY AND EFFORT IS WITH YOU. ACCORDINGLY, THE LICENSED SERVICES AND CONTENT ARE PROVIDED "AS IS," "AS AVAILABLE," WITH ALL FAULTS, DEFECTS AND ERRORS AND WITHOUT WARRANTY OF ANY KIND. TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, FLUKE MAKES NO REPRESENTATIONS AND DISCLAIMS ALL WARRANTIES AND CONDITIONS (EXPRESS, LEGAL, OR IMPLIED AND ARISING BY LAW OR OTHERWISE) REGARDING THE LICENSED SERVICES, THE CONTENT AND THEIR PERFORMANCE OR SUITABILITY FOR YOUR INTENDED USE, INCLUDING WITHOUT LIMITATION ANY EXPRESS OR IMPLIED WARRANTY OF MERCHANTABILITY, QUALITY, FITNESS FOR A PARTICULAR PURPOSE, ACCURACY, TITLE, OR NON-INFRINGEMENT. EXCEPT FOR LIABILITY WHICH CANNOT BE EXCLUDED BY LAW, FLUKE SHALL HAVE NO LIABILITY OF ANY KIND FOR THE USE OF, OR INABILITY TO USE, THE LICENSED SERVICES OR ANY SERVICE THAT THE LICENSED SERVICES IS INTENDED TO ACCESS OR FOR ANY LOSS, CORRUPTION OR OTHER LIMITATION OF ACCESS TO OR USE OF DATA. TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, FLUKE MAKES NO REPRESENTATIONS AND DISCLAIMS ALL WARRANTIES AND CONDITIONS (EXPRESS, LEGAL, OR IMPLIED AND ARISING BY LAW OR OTHERWISE) THAT THE LICENSED SERVICES OR CONTENT WILL BE DELIVERED FREE OF ANY INTERRUPTIONS, DELAYS, OMISSIONS OR ERRORS (“FAULTS”) OR IN A SECURE MANNER OR THAT ANY FAULTS WILL BE CORRECTED. NO VERBAL OR WRITTEN INFORMATION OR ADVICE GIVEN BY FLUKE OR OUR AUTHORIZED REPRESENTATIVES SHALL CREATE A WARRANTY. IN THE EVENT THAT THE LICENSED SERVICES OR CONTENT PROVE DEFECTIVE, YOU ASSUME THE ENTIRE COST OF ALL NECESSARY SERVICING, REPAIR, OR CORRECTION. HOWEVER, TO THE EXTENT THE LAWS OF SOME STATES OR JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES IN THE EVENT THAT THE SERVICES PROVE DEFECTIVE, BUT DO PERMIT FLUKE TO LIMIT THE CONSEQUENCES OF SUCH WARRANTIES, FLUKE LIMITS ITS LIABILITY TO THE REPAIR OR REPLACEMENT OR THE RESUPPLY, AT ITS ELECTION, OF SUCH GOODS OR SERVICES.

17. Indemnification. You agree to defend, indemnify, and hold harmless Fluke and our subsidiaries, affiliates, licensors, independent contractors and service providers, and each of their respective members, managers, partners, equity owners, directors, officers, employees, representatives and agents (each a “Representative” and collectively, "Representatives") from and against all third party claims, suits, proceedings, actions, damages, losses, costs, liabilities and expenses (including but not limited to reasonable attorneys' fees, and whether pending, threatened, settled or otherwise) arising out of or related to your use of, or inability to use, the Licensed Services.

18. Limitation of Liability. THE LAWS OF SOME STATES OR JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF CERTAIN DAMAGES. TO THE EXTENT THOSE LAWS APPLY, THE EXCLUSIONS AND LIMITATIONS SET FORTH BELOW AND IN THIS SSA MAY NOT APPLY TO YOU.

TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, NO REPRESENTATIVE SHALL HAVE ANY LIABILITY TO YOU (WHETHER IN CONTRACT, WARRANTY, TORT, NEGLIGENCE, EXTRA-CONTRACTUAL OR CIVIL LIABILITY OR OTHERWISE) FOR ANY DAMAGES SUSTAINED BY YOU ARISING FROM OR RELATED TO THIS SSA OR YOUR USE OR INABILITY TO USE THE LICENSED SERVICES, INCLUDING WITHOUT LIMITATION ANY INDIRECT, INCIDENTAL, CONSEQUENTIAL, SPECIAL OR PUNITIVE DAMAGES OR LOSS OF DATA, REVENUE, PROFIT, ANTICIPATED SAVINGS OR OTHER ECONOMIC LOSSES, EVEN IF SUCH REPRESENTATIVE HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. IN THE EVENT OF ANY CLAIM BY YOU AGAINST ANY REPRESENTATIVE, TO THE EXTENT NOT PROHIBITED BY LAW, YOU SHALL BE PERMITTED TO RECOVER ONLY DIRECT DAMAGES FOR THE GREATER OF 500.00 USD OR THE AMOUNT YOU PAID FOR THE LICENSED SERVICES IN THE PAST SIX MONTHS. NOTWITHSTANDING ANYTHING ELSE SET OUT IN THIS SSA, TO THE EXTENT REQUIRED BY APPLICABLE LAW, FLUKE DOES NOT EXCLUDE OR LIMIT OUR LIABILITY UNDER THIS SSA FOR (A) DEATH OR PERSONAL INJURY CAUSED BY NEGLIGENCE; (B) FRAUD OR FRAUDULENT MISREPRESENTATION; OR (C) ANY OTHER LIABILITY WHICH CANNOT BE EXCLUDED OR LIMITED BY LAW.

19. Termination of the SSA.

19.1 Termination for Convenience. Subject to and in addition to cancellation terms in Section 4.4 and without prejudice to any other rights or remedies under this SSA or at law, you may terminate this SSA at any time by providing thirty (30) days prior written notice (a) ceasing access to and use of the Licensed Services and (b) destroy all copies of the OneQA desktop software application comprised in the Licensed Services and any Content within your possession or control. Fluke reserves the right to change, suspend, remove, discontinue, or disable access to any or all of the Licensed Services or functionality of any or all of the Licensed Services at any time, with or without notice, and to terminate your license to use the Licensed Services at any time, for any or no reason.

19.2 Termination for Cause. Either party may terminate this SSA for cause if the other party commits a material breach of this SSA (other than failure to pay any amounts due under this SSA), which (a) is not capable of remedy; or (b) is capable of remedy, and the other party has failed to remedy that breach within 30 days after receipt of notice from the other party. We may also terminate this SSA immediately on notice (a) for cause in accordance with Section 4.7; or (b) in order to comply with applicable law or requests of governmental entities.

19.3 Consequences of Termination. Subject to Section 4.7, in the event of termination of this SSA (a) except to the extent access to the Licensed Services is provided to enable you to access your User Content during the Post-Term Period in accordance with Section 4.7, the licenses and rights granted to you herein will automatically terminate and you must immediately cease all use of the Licensed Services and Content and destroy all copies of the OneQA desktop software application comprised in the Licensed Services and any Content within your possession or control; and (b) you remain responsible for all Payments you have incurred up to the date of termination and are responsible for any fees you incur during the Post-Term Period described in Section 4.7 . You agree that Fluke will not be liable for any modification, suspension or discontinuance of the Licensed Services (or any part thereof).

19.4 Survival. The following Sections will survive the termination of this SSA: Sections 1, 2, and 4 – 24 (inclusive).

20. Remedy. We reserve the right to seek all remedies available by law and in equity for any violation of this SSA. Any rights not expressly granted herein are reserved.

21. Governing Law; Jurisdiction. To the full extent permitted by applicable law, this SSA is governed by the laws of the State of Washington, USA, without regard to its choice or conflicts of law principles that might refer the interpretation or enforcement of this SSA to the laws of any other jurisdiction. You hereby irrevocably consent, and irrevocably waive any right to object, to the jurisdiction of the state and federal courts located in King County, Washington with respect to any proceeding regarding this SSA or the Licensed Services. You will not prosecute any action, suit, proceeding or claim arising under or by reason of this SSA or the Licensed Services except in such courts. The parties expressly exclude the application of the UN Convention on Contracts for the International Sale of Goods to this SSA.

22. Miscellaneous.

22.1 Severability. If any provision of this SSA is found to be invalid or unenforceable, such provision will be deemed to be restated to reflect the original intention of the parties to the maximum extent possible and in accordance with applicable law, and the remaining provisions, terms, covenants, and restrictions of this SSA will remain in full force and effect.

22.2 Assignment. You may not assign this SSA or any of your rights under this SSA without the prior written consent of Fluke, which may be granted or conditioned in our discretion, and any attempted assignment without such consent shall be null and void. Subject to the foregoing restriction, this SSA will be fully binding upon, inure to the benefit of, the parties and their respective successors and assigns, and be enforceable by Fluke and our respective successors and assigns.

22.3 No Waivers. Any failure by Fluke to insist upon or enforce performance by you of any of the provisions of this SSA or to exercise any rights or remedies under this SSA or otherwise by law will not be construed as a waiver or relinquishment of any right to assert or rely upon the provision, right or remedy in that or any other instance; rather, the provision, right or remedy will be and shall remain in full force and effect.

22.4 Entire Agreement. This SSA, and the terms and policies incorporated by reference, sets forth the entire agreement between you and Fluke with respect to its subject matter.

22.5 Force Majeure. We will not be in breach of this SSA or liable for any delay or failure to perform any obligation under this SSA to the extent that and for so long as such delay or failure results from any cause that is beyond our reasonable control, including acts of God, riots, war or armed conflict, acts of terrorism, labor disputes or other industrial disturbances, acts or orders of government, local government or regulatory bodies, electrical or power outages, utilities or other telecommunications failures, fire, flood, storm or earthquake, or other disaster.

22.6 No Third-Party Rights. Nothing in this SSA is intended to confer on any individual or entity that is not party to this SSA any right to enforce any term of this SSA except that the provisions of Section 17 which are intended for the benefit of Representatives shall be enforceable by each Representative in their own right.

22.7 Language. All communications and notices made or given pursuant to this SSA must be in the English language. If we provide a translation of the English language version of this SSA, the English language version of this SSA will take precedence to the extent of any conflict.

23. Definitions. Capitalized terms as defined here or in the body of the Agreement.

“Account Information” means information about you that you provide to us in connection with the registration or administration of your account, including names, user names, phone numbers, email addresses and billing information associated with your account.

“Permitted User” means any individual or entity that directly or indirectly (a) accesses or uses User Content; or (b) otherwise accesses or uses the Licensed Services, in each case under your account. Permitted Users may include, for example, directors, officers, employees, agents and representatives of the company or entity that has entered into this SSA.

“Service Usage Information” means information about you that you provide to us in connection with your access to and use of the Licensed Services, including how often the Licensed Services are used, the duration and quality of use, and other types of information referred to in the Fluke Privacy Notice.

“User Content” means all designs, text, sound files, pictures, photos, videos, graphics, code, information, data, templates, scripts, software, other items, files or materials, including but not limited to information related to the Tools and users thereof, that you or any Permitted User transfers to us by the Licensed Services in connection with your account and any computational results that you or any Permitted User derives from the foregoing through their use of the Licensed Services. User Content does not include Account Information or Service Usage Information.

24. Contact Us. If you have any questions, complaints, or claims with respect to the Licensed Services, please contact us at:

Fluke Electronics Corporation
Attn: OneQA
P.O. Box 9090
Everett, Washington 98206-9090

Email: [email protected]

With copies to:

Fluke Electronics Corporation
Attn: General Counsel
P.O. Box 9090
MS-203A
Everett, Washington 98206-9090

Email: [email protected]

OneCal Software and Services Agreement

Last Updated: May 15, 2019 (English EEA Version)

This OneCal Software and Services Agreement document ("SSA") governs your access to and use of the OneCal desktop software application and related services, including the OneCal web services (each a “Licensed Service” and collectively, the "Licensed Services"), that are provided by Fluke Electronics Corporation and its subsidiaries or affiliates thereof transacting under such or other brands or in their own names (collectively, "Fluke" or "we" or "us" or “our”). PLEASE READ THIS SSA CAREFULLY. IT CONTAINS IMPORTANT TERMS THAT AFFECT YOU AND YOUR USE OF THE LICENSED SERVICES. YOU REPRESENT AND WARRANT THAT YOU ARE ENTERING INTO THIS SSA IN THE COURSE OF CARRYING ON BUSINESS OR FOR BUSINESS PURPOSES (AND NOT AS A CONSUMER). HOWEVER IN THE EVENT THAT ANY CONSUMER LAWS APPLY UNDER APPLICABLE LAW, THIS SSA DOES NOT AFFECT OR PREJUDICE ANY STATUTORY RIGHTS YOU MAY HAVE UNDER APPLICABLE LAW. IF YOU ARE ENTERING INTO THIS SSA ON BEHALF OF A COMPANY OR OTHER LEGAL ENTITY, YOU REPRESENT AND WARRANT THAT YOU HAVE THE AUTHORITY TO BIND SUCH COMPANY OR ENTITY TO THE TERMS OF THIS SSA, IN WHICH CASE THE TERMS "YOU" OR "YOUR" SHALL ALSO REFER TO THE COMPANY OR ENTITY WHICH YOU REPRESENT OR ARE EMPLOYED BY, ITS AFFILIATES AND EACH OF THEIR DIRECTORS, OFFICERS, EMPLOYEES, AGENTS AND REPRESENTATIVES. BY CLICKING THE "CREATE ACCOUNT" BUTTON, OR INSTALLING, ACCESSING, USING OR UPDATING THE LICENSED SERVICES, YOU AGREE TO BE BOUND BY THE TERMS OF THIS SSA ON YOUR OWN BEHALF AND, AS APPLICABLE, ON BEHALF OF THE COMPANY OR ENTITY WHICH EMPLOYS YOU OR WHICH YOU REPRESENT. IF YOU DO NOT AGREE TO THE TERMS OF THIS SSA, DO NOT INSTALL, ACCESS OR USE THE LICENSED SERVICES. PLEASE NOTE THAT, IF YOU DO NOT AGREE TO THE TERMS OF THIS SSA, YOU DO NOT HAVE ANY RIGHT OR LICENSE TO INSTALL, ACCESS OR USE THE LICENSED SERVICES.

1. Information Practices and Privacy Notice.

1.2 Privacy Notice. For more information about how Fluke collects, uses, and shares information, please refer to our Privacy Notice (and any successor or related locations designated by us and as it may be updated by us from time to time) (“Fluke Privacy Notice”). The Fluke Privacy Notice applies to your Account Information and Service Usage Information. The Fluke Privacy Notice does not apply to User Content.

1.5 Data Protection Appendix. This SSA incorporates the OneCal Data Protection Appendix, available here [CMS1], when the GDPR or analogous privacy legislation applies to your access to and use of the Licensed Services.

2. Use of the Licensed Services; Eligibility; Registration; Account.

3. Ownership; Licensed Services Plans and License; License Restrictions.

3.1 Ownership. Unless otherwise indicated in this SSA, through the Licensed Services, or otherwise by Fluke, you acknowledge that we or our licensors own all right, title and interest in and to the Licensed Services (except any Tools you purchase and own) and all content and other materials provided by Fluke or our third-party licensors in connection with the Licensed Services, including, without limitation, (a) the Fluke and OneCal logos and any other trademarks, service marks, service or trade names, logos, and other designations of Fluke that we may make available to you in connection with this SSA; and (b) all designs, text, graphics, pictures, photos, videos, code, information, data, templates, scripts, software, sound files, other files, items or materials and the selection and arrangement thereof (collectively, "Content"), and all related technology and intellectual property rights, and are protected by U.S. and international copyright and other applicable laws.

3.2 Licensed Services Plans and Licensed Services. Our Licensed Services are offered in different types of plans, as specified in our Licensed Services Plan Pricing page [CMS2] (and any successor or related locations designated by us and as it may be updated by us from time to time) (each a “Licensed Services Plan” and collectively, “Licensed Services Plans”). Each Licensed Service is offered as a subscription for a one‑year term (“Term”), with service fees due annually. During the Term of your Licensed Services Plan, subject to the terms and conditions of this SSA, Fluke grants you a limited, revocable, non-exclusive, non-transferable (except as specified under Section 4.3), non-sublicensable license to install, access and use the Licensed Services and Content in the regular course of your work solely in accordance with this SSA. Licensed Services are licensed as specified in the Licensed Services Plans. Any use of the Licensed Services or Content other than as specifically authorized under this SSA, without the prior written permission of Fluke, is strictly prohibited and will terminate the licenses granted herein with or without notice. Such unauthorized use may also violate applicable laws, including without limitation copyright and trademark laws and applicable communications regulations and statutes.

4. Licensed Services Payment Terms.

4.4 No Refunds; Effects of Cancellation. PURCHASES OF LICENSED SERVICES PLANS ARE FINAL AND PAYMENTS CANNOT BE CANCELLED DURING THE TERM. IF YOU CANCEL YOUR PURCHASE, YOU MAY TRANSFER THE LICENSED SERVICES PLANS TO ANOTHER USER WITHIN THE COMPANY OR ENTITY (OR ITS AFFILIATES) THAT YOU REPRESENT OR ARE EMPLOYED BY FOR THE REMAINDER OF THE TERM BY CALLING US AT (888) 403-3361 OR (440) 542-3646 OR EMAILING US AT [email protected]. If we terminate this SSA for our convenience, we will provide a refund of any unused pre-paid fees on a pro rata basis for the remaining pre-paid Term. EXCEPT AS SPECIFICALLY SET FORTH ABOVE, FLUKE IS NOT OBLIGATED TO ISSUE REFUNDS OR CREDITS FOR A PARTIALLY USED TERM. THIS DOES NOT AFFECT ANY STATUTORY RIGHTS YOU MAY HAVE UNDER APPLICABLE LAW.

5. Permitted Users. You will ensure that all of your Permitted Users agree to the terms of this SSA and have been notified of how Fluke collects, uses, and shares personal data, as described in the Fluke Privacy Notice before providing your Permitted Users with access to the Licensed Services. All references to “you” or “your” in this SSA shall also be construed to refer to your Permitted Users. You are responsible for (a) identifying and authenticating all Permitted Users; (b) approving access by such Permitted Users to the Licensed Services; (c) ensuring Permitted Users’ compliance with this SSA; (d) controlling against unauthorized access or use by Permitted Users; (e) maintaining the confidentiality of user names, passwords and account information; and (f) providing or obtaining any necessary notifications or consents from Permitted Users as required by applicable law, including for any features of OneCal enabled devices and tools (“Tools”). Fluke is not responsible for any harm caused by your Permitted Users, including individuals who were not authorized to have access to the Licensed Services but who were able to gain access because user names, passwords or accounts were not terminated on a timely basis in your local identity management infrastructure, your local computers, or otherwise by you or on your behalf. You are responsible for all activities that occur under or in connection with your and your Permitted Users’ user names, passwords or accounts (except as a result of Fluke’s breach of this SSA) or as a result of your or your Permitted Users’ access to the Licensed Services and Content, and agree to notify Fluke immediately in writing of any unauthorized use. You agree to make every reasonable effort to prevent unauthorized third parties from accessing the Licensed Services and Content.

9. Acceptable Use. By using the Licensed Services, you agree not to create, upload, transmit, store, distribute or otherwise publish through the Licensed Services any of the following:

User Content that is reasonably likely to be unlawful, libelous, defamatory, obscene, pornographic, indecent, lewd, suggestive, harassing, threatening, invasive of privacy or publicity rights, abusive, inflammatory, fraudulent or otherwise objectionable;
User Content that is reasonably likely to constitute, encourage or provide instructions for a criminal offense, violate the rights of any party (including any right to privacy), or that would otherwise create liability or violate any local, state, national or international law;
User Content that may infringe any patent, trademark, trade secret, copyright or other intellectual or proprietary right of any party. By uploading or transmitting any User Content, you represent and warrant that you have the lawful right to distribute and reproduce such User Content;
User Content that contains or depicts any statements, remarks or claims that do not reflect your honest views and experiences;
User Content that impersonates any person or entity or otherwise misrepresents your affiliation with a person or entity;
unsolicited promotions, political campaigning, advertising or solicitations;
personal or private information of any third party (except information related to Permitted Users), including, without limitation, addresses, phone numbers, email addresses, Social Security numbers, health or medical information and credit card numbers or other financial or personal information, except as specifically authorized by us and such third party;
viruses, corrupted data or other harmful, disruptive or destructive files; or
User Content that Fluke determines in its discretion to be objectionable or inappropriate or which restricts or inhibits any other person from using or enjoying the Licensed Services, or which may expose Fluke or our users or other customers to any harm, disrepute or liability of any type.

use the Licensed Services in any manner that could interfere with, disrupt, negatively affect or inhibit other users or customers of Fluke from fully enjoying the Licensed Services, or that could damage, disable, overburden or impair the functioning of the Licensed Services in any manner;
send any unsolicited or unauthorized advertising, solicitations, promotional materials, spam, junk mail, chain letters or pyramid schemes, or harvest or collect the email addresses or other contact information of other users or customers of Fluke from the Licensed Services for the purpose of sending spam or other commercial messages;
use any robot, spider, crawler, scraper or other automated means or interface not provided by us to access the Licensed Services or to extract data;
reverse engineer any aspect of the Licensed Services or do anything that might discover source code or bypass or circumvent measures employed to prevent or limit access to any area, content or code of the Licensed Services (except as otherwise expressly provided by law);
use or attempt to use another user's or customer’s account without express written authorization from such user or customer (as the case may be) and Fluke;
attempt to circumvent any content filtering techniques Fluke employs, or attempt to access any service or area of the Licensed Services that you are not expressly authorized to access;
attempt to indicate in any manner that you have a relationship with us or that we have endorsed you or any products or services for any purpose;
engage in any harassing, intimidating, predatory or stalking conduct;
develop any third-party applications that interact with the Licensed Services without our prior written consent, to the full extent permitted by applicable law; or
use the Licensed Services for any illegal or unauthorized purpose or engage in, encourage, or promote any activity that violates this SSA.

10. Rights in User Content. You retain all ownership rights in the User Content you submit to Fluke through the Licensed Services. By uploading or transmitting User Content through the Licensed Services, you grant Fluke, to the fullest extent permitted by applicable law, a nonexclusive, royalty-free, perpetual, irrevocable and fully transferable and sublicensable license to use, reproduce, modify, adapt, or translate the User Content, in whole or in part, throughout the world to provide, maintain and improve the Licensed Services and other products and services offered by or on behalf of Fluke from time to time. By uploading or transmitting User Content to the Licensed Services, you represent and warrant that (a) such User Content is not subject to any third-party confidentiality obligations that would be breached by the access, use, storage and sharing contemplated by this SSA; (b) you own and control all the right, title and interest in and to to the User Content that you create, upload or transmit or you otherwise have all rights in and to the User Content that are necessary to grant the rights contemplated by this SSA; (c) the User Content is accurate and not misleading or harmful in any manner; and (d) the User Content, and your use, uploading and transmitting thereof, does not and will not violate this SSA or any applicable law, rule or regulation.

12. Trademarks. “FLUKE”, the FLUKE logo, “ONECAL“, and the ONECAL logos and any other Fluke product or service names, logos or slogans that may appear in or on the Licensed Services are trademarks of Fluke in the United States and in other countries, and may not be copied, imitated or used, in whole or in part, , except in connection with use provided by Fluke in connection with the Licensed Services without the prior written permission of Fluke. Third-party marks appearing in or on the Licensed Services are owned by their respective companies and may not be used without permission of the applicable trademark holder. You may not use any metatags or other "hidden text" utilizing "Fluke" or any other name, trademark or product or service name of Fluke without our prior written permission. In addition, the look and feel of the Licensed Services, including all page headers, custom graphics, button icons and scripts, are the service mark, trademark and/or trade dress of Fluke and may not be copied, imitated or used, in whole or in part, without our prior written permission. All other trademarks, registered trademarks, product names and company names or logos mentioned in or on the Licensed Services are the property of their respective owners. Reference to any products, services, processes or other information, by name, trademark, manufacturer, supplier or otherwise does not constitute or imply endorsement, sponsorship or recommendation by Fluke.

13. Third-Party Content. Fluke may provide third-party content on the Licensed Services and may provide links to web pages and content of third parties (collectively, "Third-Party Content") as a service to those interested in this information. Fluke does not control, endorse or adopt any Third-Party Content and makes no representations or warranties of any kind regarding the Third-Party Content, including without limitation regarding its accuracy or completeness. You acknowledge and agree that Fluke is not responsible or liable in any manner for any Third-Party Content and undertakes no responsibility to update or review any Third-Party Content. Users use such Third-Party Content at their own risk and are urged to review any applicable terms and conditions and privacy policies relating to Third-Party Content prior to using any Third-Party Content.

14. Advertisements and Promotions; Third-Party Products and Licensed Services. Fluke may display advertisements and promotions from third parties in or on the Licensed Services or may otherwise provide information about or links to third-party products or services on the Licensed Services. Your business dealings or correspondence with, or participation in promotions of, such third parties, and any terms, conditions, warranties or representations associated with such dealings or promotions, are solely between you and such third party. Fluke makes no representations or warranties of any kind regarding the third-party advertisements, promotions and information, including without limitation regarding their accuracy or completeness. You acknowledge and agree that Fluke is not responsible or liable in any manner for any loss or damage of any sort incurred as the result of any such dealings or promotions or as the result of the presence of third-party information in or on the Licensed Services. Users transact with such third parties at their own risk and are urged to review any applicable terms and conditions and privacy policies relating to such transactions and dealings prior to entering into any such transactions or dealings.

15. Feedback. You may submit to Fluke questions, comments, suggestions, ideas, plans, notes, drawings, original or creative materials or other information or materials about Fluke or the Licensed Services (collectively, "Feedback"). Feedback, whether submitted through the Licensed Services or otherwise is non-confidential and shall become the sole property of Fluke. Fluke shall own exclusive rights, including all intellectual property rights, in and to such Feedback and shall be entitled to the unrestricted use and dissemination of this Feedback for any purpose, commercial or otherwise, without acknowledgment or compensation to you.

16. No Warranty. THE LAWS OF SOME STATES OR JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES. TO THE EXTENT THAT THOSE LAWS APPLY, THE EXCLUSIONS SET FORTH BELOW AND IN THIS SSA MAY NOT APPLY TO YOU.

EXCEPT TO THE EXTENT PROHIBITED BY APPLICABLE LAW, OR TO THE EXTENT ANY STATUTORY RIGHTS APPLY THAT CANNOT BE EXCLUDED, LIMITED OR WAIVED, YOU EXPRESSLY ACKNOWLEDGE AND AGREE THAT: (A) THE LICENSED SERVICES AND CONTENT MAY CONTAIN BUGS, ERRORS, AND DEFECTS; (B) USE OF THE LICENSED SERVICES AND CONTENT IS AT YOUR SOLE RISK; AND (C) THE ENTIRE RISK AS TO SATISFACTORY QUALITY, PERFORMANCE, ACCURACY AND EFFORT IS WITH YOU. ACCORDINGLY, THE LICENSED SERVICES AND CONTENT ARE PROVIDED "AS IS," "AS AVAILABLE," WITH ALL FAULTS, DEFECTS AND ERRORS AND WITHOUT WARRANTY OF ANY KIND. TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, FLUKE MAKES NO REPRESENTATIONS AND DISCLAIMS ALL WARRANTIES AND CONDITIONS (EXPRESS, LEGAL, OR IMPLIED AND ARISING BY LAW OR OTHERWISE) REGARDING THE LICENSED SERVICES, THE CONTENT AND THEIR PERFORMANCE OR SUITABILITY FOR YOUR INTENDED USE, INCLUDING WITHOUT LIMITATION ANY EXPRESS OR IMPLIED WARRANTY OF MERCHANTABILITY, QUALITY, FITNESS FOR A PARTICULAR PURPOSE, ACCURACY, TITLE, OR NON-INFRINGEMENT. EXCEPT FOR LIABILITY WHICH CANNOT BE EXCLUDED BY LAW, FLUKE SHALL HAVE NO LIABILITY OF ANY KIND FOR THE USE OF, OR INABILITY TO USE, THE LICENSED SERVICES OR ANY SERVICE THAT THE LICENSED SERVICES IS INTENDED TO ACCESS OR FOR ANY LOSS, CORRUPTION OR OTHER LIMITATION OF ACCESS TO OR USE OF DATA. TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, FLUKE MAKES NO REPRESENTATIONS AND DISCLAIMS ALL WARRANTIES AND CONDITIONS (EXPRESS, LEGAL, OR IMPLIED AND ARISING BY LAW OR OTHERWISE) THAT THE LICENSED SERVICES OR CONTENT WILL BE DELIVERED FREE OF ANY INTERRUPTIONS, DELAYS, OMISSIONS OR ERRORS (“FAULTS”) OR IN A SECURE MANNER OR THAT ANY FAULTS WILL BE CORRECTED. NO VERBAL OR WRITTEN INFORMATION OR ADVICE GIVEN BY FLUKE OR OUR AUTHORIZED REPRESENTATIVES SHALL CREATE A WARRANTY. IN THE EVENT THAT THE LICENSED SERVICES OR CONTENT PROVE DEFECTIVE, YOU ASSUME THE ENTIRE COST OF ALL NECESSARY SERVICING, REPAIR, OR CORRECTION. HOWEVER, TO THE EXTENT THE LAWS OF SOME STATES OR JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES IN THE EVENT THAT THE SERVICES PROVE DEFECTIVE, BUT DO PERMIT FLUKE TO LIMIT THE CONSEQUENCES OF SUCH WARRANTIES, FLUKE LIMITS ITS LIABILITY TO THE REPAIR OR REPLACEMENT OR THE RESUPPLY, AT ITS ELECTION, OF SUCH GOODS OR SERVICES.

17. Indemnification. You agree to defend, indemnify, and hold harmless Fluke and our subsidiaries, affiliates, licensors, independent contractors and service providers, and each of their respective members, managers, partners, equity owners, directors, officers, employees, representatives and agents (each a “Representative” and collectively, "Representatives") from and against all third party claims, suits, proceedings, actions, damages, losses, costs, liabilities and expenses (including but not limited to reasonable attorneys' fees, and whether pending, threatened, settled or otherwise) arising out of or related to your use of, or inability to use, the Licensed Services.

19. Termination of the SSA.

19.1 Termination for Convenience. Subject to and in addition to cancellation terms in Section 4.4 and without prejudice to any other rights or remedies under this SSA or at law, you may terminate this SSA at any time by providing thirty (30) days prior written notice (a) ceasing access to and use of the Licensed Services and (b) destroy all copies of the OneCal desktop software application comprised in the Licensed Services and any Content within your possession or control. Fluke reserves the right to change, suspend, remove, discontinue, or disable access to any or all of the Licensed Services or functionality of any or all of the Licensed Services at any time, with or without notice, and to terminate your license to use the Licensed Services at any time, for any or no reason.

19.3 Consequences of Termination. Subject to Section 4.7, in the event of termination of this SSA (a) except to the extent access to the Licensed Services is provided to enable you to access your User Content during the Post-Term Period in accordance with Section 4.7, the licenses and rights granted to you herein will automatically terminate and you must immediately cease all use of the Licensed Services and Content and destroy all copies of the OneCal desktop software application comprised in the Licensed Services and any Content within your possession or control; and (b) you remain responsible for all Payments you have incurred up to the date of termination and are responsible for any fees you incur during the Post-Term Period described in Section 4.7 . You agree that Fluke will not be liable for any modification, suspension or discontinuance of the Licensed Services (or any part thereof).

19.4 Survival. The following Sections will survive the termination of this SSA: Sections 1, 2, and 4 – 24 (inclusive).

20. Remedy. We reserve the right to seek all remedies available by law and in equity for any violation of this SSA. Any rights not expressly granted herein are reserved.

22. Miscellaneous.

22.4 Entire Agreement. This SSA, and the terms and policies incorporated by reference, sets forth the entire agreement between you and Fluke with respect to its subject matter.

23. Definitions. Capitalized terms as defined here or in the body of the Agreement.

“Account Information” means information about you that you provide to us in connection with the registration or administration of your account, including names, user names, phone numbers, email addresses and billing information associated with your account.

“Permitted User” means any individual or entity that directly or indirectly (a) accesses or uses User Content; or (b) otherwise accesses or uses the Licensed Services, in each case under your account. Permitted Users may include, for example, directors, officers, employees, agents and representatives of the company or entity that has entered into this SSA.

“Service Usage Information” means information about you that you provide to us in connection with your access to and use of the Licensed Services, including how often the Licensed Services are used, the duration and quality of use, and other types of information referred to in the Fluke Privacy Notice.

“User Content” means all designs, text, sound files, pictures, photos, videos, graphics, code, information, data, templates, scripts, software, other items, files or materials, including but not limited to information related to the Tools and users thereof, that you or any Permitted User transfers to us by the Licensed Services in connection with your account and any computational results that you or any Permitted User derives from the foregoing through their use of the Licensed Services. User Content does not include Account Information or Service Usage Information.

24. Contact Us. If you have any questions, complaints, or claims with respect to the Licensed Services, please contact us at:

Fluke Electronics Corporation
Attn: OneCal
P.O. Box 9090
Everett, Washington 98206-9090

Email: [email protected]

With copies to:

Fluke Electronics Corporation
Attn: General Counsel
P.O. Box 9090
MS-203A
Everett, Washington 98206-9090

Email: [email protected]

OneQA data protection

THIS DATA PROTECTION APPENDIX ("APPENDIX") FORMS PART OF THE ONEQA SOFTWARE AND SERVICES AGREEMENT ("SSA") THAT GOVERNS ACCESS TO AND USE OF THE ONEQA DESKTOP SOFTWARE APPLICATION AND RELATED SERVICES, INCLUDING THE ONEQA WEB SERVICES, WHEN THE GDPR APPLIES TO YOUR ACCESS TO END USE OF THE LICENSED SERVICES.

1. DEFINITIONS AND INTERPRETATION

1.1 Definitions

this Appendix, the following terms shall have the following meanings, and all other capitalised terms used but not defined in this Appendix shall have the meanings set out in the SSA:

“Appropriate Safeguards” means such legally enforceable mechanism(s) for transfers of Personal Data as may be permitted under Data Protection Laws from time to time, including the Controller-Controller Standard Contractual Clauses and the Controller-Processor Standard Contractual Clauses (as applicable);

"Client”means you or, if you are entering into the SSA on behalf of a company or other legal entity, such entity;

"Co-Controller Data” means Personal Data disclosed or otherwise made available by or on behalf of one party to the other for the purposes set out in Schedule 2 (Co-Controller Data – Data Sharing Details) (as may be updated from time to time) or Personal Data that is otherwise obtained, derived or created from that Personal Data in connection with the performance of each party’s respective obligations under the SSA, but excluding all Processor Data;

"Complaint” means a complaint or request relating to either party’s obligations under Data Protection Laws relevant to the SSA, including any compensation claim from a Data Subject or any notice, investigation or other action from a Supervisory Authority;

"Controller-Controller Standard Contractual Clauses” means Schedule 4 (Controller-Controller Standard Contractual Clauses), attached to and forming part of this Appendix and known as Set II for the transfer of personal data to third countries under Directive 95/46/EC pursuant to the European Commission Decision of 27 December 2004, amending Decision 2001/497/EC as regards the introduction of an alternative set of standard contractual clauses for the transfer of personal data to third countries;

"Controller-Processor Standard Contractual Clauses” means Schedule 5 (Controller-Processor Standard Contractual Clauses), attached to and forming part of this Appendix pursuant to the European Commission Decision of 5 February 2010 on standard contractual clauses for the transfer of personal data to processors established in third countries under Directive 95/46/EC;

"Data Protection Losses” means all liabilities, including all:

(a). costs (including legal costs), claims, demands, actions, settlements, charges, procedures, expenses, losses and damages (including relating to material or non-material damage); and

(b). to the extent permitted by applicable law:

(i) administrative fines, penalties, sanctions, liabilities or other remedies imposed by a Supervisory Authority;

(ii) compensation to a Data Subject ordered by a Supervisory Authority; and

(iii) the reasonable costs of compliance with investigations by a Supervisory Authority;

"Data Protection Laws” means all laws, regulations, legislative and regulatory requirements applicable to the processing, privacy, and/or use of Personal Data (including the privacy of electronics communications), as applicable to Fluke, the Client and/or the Licensed Services including, without limitation, but only to the extent to which each is applicable:

(a) legislation implementing Council Directive 95/46/EC (“Data Protection Directive”);

(b) Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (“GDPR”);

(d) all other related national, international, regional, municipal laws, regulations or secondary legislation giving effect to or corresponding with the Data Protection Directive, GDPR or ePrivacy Directive or other data privacy or data protection laws, regulations or secondary legislation in any territory in which the Licensed Services are provided or which are otherwise applicable,

each case as amended, replaced or updated from time to time and together with any subordinate or related legislation made under any of the foregoing;

"Data Subject Request” means a request made by a Data Subject to exercise any rights of Data Subjects under Data Protection Laws;

"DPIA” means a data protection impact assessment, in accordance with Data Protection Laws;

"EEA” means the European Economic Area;

"Fluke” means Fluke Electronics Corporation;

"Personal Data Breach” means any breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, any Co-Controller Data or Processor Data (as applicable);

"Processor Data” means Personal Data received from or on behalf of the Client in connection with the performance of Fluke‘s obligations under the SSA;

"Rate Card” means Fluke’s rate card in force and as updated and notified to the Client from time to time;

Sub-Processor” means another Data Processor engaged by Fluke for carrying out processing activities in respect of Processor Data on behalf of the Client; and

1.2 Interpretation

this Appendix:

1.2.1 “Data Controller” (or “controller”), “Data Processor” (or “processor”), “Data Subject”, “international organisation”, “Personal Data” and “processing” all have the meanings given to those terms in Data Protection Laws (and related terms such as “process” have corresponding meanings);

1.2.2 to the extent that a term of this Appendix requires the performance by a party of an obligation “in accordance with Data Protection Laws” (or similar), unless otherwise expressly agreed in this Appendix, this requires performance in accordance with the relevant requirements of such Data Protection Laws as are in force and applicable at the time of performance (if any);

1.2.3 clause, Schedule and paragraph headings shall not affect the interpretation of this Appendix;

1.2.4 a person includes a natural person, corporate or unincorporated body (whether or not having separate legal personality);

1.2.5 a reference to a company shall include any company, corporation or other body corporate, wherever and however incorporated or established;

1.2.6 unless the context otherwise requires, words in the singular shall include the plural and in the plural shall include the singular;

1.2.7 unless the context otherwise requires, a reference to one gender shall include a reference to the other genders;

1.2.8 references to clauses and Schedules are to clauses and Schedules of this Appendix, and references to paragraphs are to paragraphs of the Schedules, unless expressly stated otherwise;

1.2.9 any words following the terms including, include, in particular or for example or any similar phrase shall be construed as illustrative and shall not limit the generality of the related general words; and

1.2.10 subject to clause 1.3, the provisions of the SSA shall apply to this Appendix, and all notifications under or pursuant to this Appendix shall be made in accordance with the notice requirements as set out in the SSA.

1.3 Order of precedence

1.3.1. In the case of conflict or ambiguity between:

(a). any provision contained in the body of this Appendix and any provision contained in the Schedules, the provision in the body of this Agreement shall take precedence, except in the case of Schedule 4 (Controller-Controller Standard Contractual Clauses) and Schedule 5 (Controller-Processor Standard Contractual Clauses), in which case the provision in those Schedules (as applicable) shall take precedence; and

(b). any of the provisions of this Appendix and the provisions of the SSA, the provisions of this Appendix shall take precedence.

2. CONTROLLER AND PROCESSOR STATUS

2.1 Data Co-Controller Status

2.1.1. The parties acknowledge and agree that each party may disclose or make available to the other party Co-Controller Data, and to the extent they do so:

(a) each party is a Data Controller of the Co-Controller Data that the party receives;

(b) each party shall process the Co-Controller Data as separate and independent Data Controllers and not jointly as joint Controllers; and

2.2 Data Controller / Data Processor Status

2.2.1 The parties acknowledge and agree that to the extent Fluke processes Processor Data:

(a) the Client is the Data Controller and Fluke is the Data Processor of such Processor Data;

(b) Fluke shall process Processor Data only for purposes set out in Schedule 3 (Processor Data – Data Processing Details) and not determine the purposes for the processing of Processor Data; and

3. Co-CONTROLLER DATA Terms

3.1 Details of data sharing

3.1.1 The processing of Co-Controller Data to be carried out by the parties under this Appendix shall comprise the processing set out in Schedule 2 (Co-Controller Data – Data Sharing Details), as may be updated from time to time.

3.2 Compliance with Data Protection Laws and obligations

3.2.1 Each party shall be individually and separately responsible for complying, and will comply with, the obligations that apply to it as a Data Controller under Data Protection Laws in relation to the Co-Controller Data, in particular but without limitation ensuring that there is a lawful basis on which Co-Controller Data is processed by it (including its transfer to the other party under the SSA).

3.2.2 Each party shall ensure all Co-Controller Data are accurate prior to any sharing with the other party under the SSA, and shall notify the other party within a reasonable time in the event it receives updates or corrections to any of such Co-Controller Data, where it is reasonable to do so.

3.3 Assistance, information and co-operation

3.3.1 Each party shall provide reasonable assistance, information and co-operation as regards data protection matters where requested by the other party in respect of Co-Controller Data shared between them pursuant to the SSA, including but without limitation in respect of any matter which in the reasonable opinion of the other party is required for ensuring that party’s continued compliance with the Data Protection Laws. The Client shall pay Fluke’s costs, if any, for providing reasonable assistance, information and co-operation under this clause 3.3.1, calculated on a time and materials basis in accordance with the Rate Card.

3.4 International data transfers

3.4.1 If a party determines that it is necessary to transfer Co-Controller Data to a country outside the EEA, that party shall be responsible for ensuring that such transfer complies with Data Protection Laws, including that such transfer is effected by way of a legally enforceable mechanism for transfers of Personal Data as may be permitted under Data Protection Laws from time to time.

3.4.2 To the extent that the disclosure or making available of Co-Controller Data by the Client to Fluke involves the transfer of Co-Controller Data outside the EEA, the Controller-Controller Standard Contractual Clauses shall constitute an Appropriate Safeguard and shall only apply to Co-Controller Data that is transferred outside the EEA and to the extent that another Appropriate Safeguard is not applicable to the Co-Controller Data. If the Controller-Controller Standard Contractual Clauses apply, nothing in this Appendix shall modify the Controller-Controller Standard Contractual Clauses.

4. PROCESSOR DATA Terms

4.1 Compliance with Data Protection Laws and obligations

4.1.1 Fluke shall process Processor Data in compliance with the obligations of Data Processors under Data Protection Laws, in respect of the performance of its obligations under this clause 4.

4.1.2 The Client warrants, represents and undertakes that:

(a) it complies, and shall comply, with all Data Protection Laws in connection with the processing of Processor Data, the Licensed Services and the exercise and performance of its respective rights and obligations under this clause 4; and

(b) it has undertaken due diligence in relation to Fluke’s processing operations, and it is satisfied that:

(i) Fluke’s processing operations are suitable for the purposes for which the Client proposes to use the Licensed Services and engage Fluke to process Processor Data; and

(ii) Fluke has sufficient expertise, reliability and resources to implement technical and organisational measures that meet the requirements of Data Protection Laws.

4.1.3 The Client shall not unreasonably withhold, delay or condition its agreement to any change to the SSA requested by Fluke in order to ensure the Licensed Services and Fluke (or any Sub-Processor) can comply with Data Protection Laws, and no longer than one (1) month.

4.2 Details of processing and instructions

4.2.1 Insofar as Fluke processes Processor Data on behalf of the Client, Fluke:

(a) unless required to do otherwise by applicable law, shall, and shall take steps to ensure each person acting under its authority shall, process Processor Data only on and in accordance with the Client’s documented instructions as set out in this clause 4 and Schedule 3 (Processor Data – Data Processing Details), as updated from time to time (“Processing Insructions”);

(b) if applicable law requires Fluke to process Processor Data other than in accordance with the Processing Instructions, shall notify the Client of any such requirement before processing the Processor Data unless applicable law prohibits such information on important grounds of public interest; and

(c) shall inform the Client if Fluke becomes aware of a Processing Instruction that, in Fluke’s opinion, infringes Data Protection Laws:

(i) provided that doing so shall be without prejudice to clauses 4.2.1(a) and 4.2.1(b); and

(iii) it being agreed that to the maximum extent permitted by mandatory law, Fluke shall have no liability howsoever arising (whether in contract, tort (including negligence) or otherwise) for any losses, costs, expenses or liabilities (including any Data Protection Losses) arising from or in connection with any processing in accordance with the Client’s Processing Instructions following Fluke informing the Client of an infringing Processing Instruction.

4.3 Technical and organisational measures

4.3.1 Fluke shall implement and maintain, at its cost and expense, the technical and organisational measures:

(a) in relation to the processing of Processor Data by Fluke, as set out in and substantially in compliance with Schedule 1 (Security Measures) and Schedule 3 (Processor Data – Data Processing Details); and

(b) taking into account the nature of the processing, to assist the Client insofar as is possible in the fulfilment of the Client’s obligations to respond to Data Subject Requests relating to Processor Data.

4.3.2 Any additional technical and organisational measures requested by the Client shall be at the Client’s cost and expense and only to the extent reasonably possible to be implemented.

4.4 Security of processing

4.4.1 Fluke shall, in respect of Processor Data, comply with the requirements regarding security of processing as set out in Data Protection Laws as applicable to Data Processors and in this Appendix including clause 4.3.

4.5 Using staff and other processors

4.5.1 The Client agrees that Fluke may engage Sub-Processors to perform processing activities in respect of Processor Data as is necessary for the provision of the Licensed Services. The Sub-Processors currently appointed by Fluke are listed in Schedule 3 (Processor Data – Data Processing Details). Fluke will inform the Client of any addition to or change of the appointed Sub-Processors by giving no less than thirty (30) days’ advance notice, and the Client will have fourteen (14) days after such notice to object to such addition or change. In the case of an objection from the Client, Fluke may choose from the following options to cure the objection:

(a). Fluke will cancel its plans to use the objectionable Sub-Processor(s) or will offer an alternative to provide the Licensed Services without such Sub-Processor(s); or

(b). Fluke will take the corrective steps requested by the Client in its objection (which remove the Client's objection) and proceed to use the objectionable Sub-Processor(s); or

(c). Fluke may cease to provide or the Client may agree not to use (temporarily or permanently) the particular aspect of the Licensed Services that would involve the use of the objectionable Sub-Processor(s), subject to an agreement of Fluke and the Client to adjust the payments due under the SSA, considering the reduced scope of the Licensed Services.

If none of the above options are reasonably available and the objection has not been resolved to the mutual satisfaction of the Client and Provider within thirty (30) days after Fluke’s receipt of the Client’s objection, either party may terminate the SSA and the Client will be entitled to a pro-rata refund of pre-paid fees for the Licensed Services not performed as of the date of termination.

4.5.2 Fluke shall engage Sub-Processors under a written contract containing materially the same obligations as this clause 4, including without limitation clause 4.7 below.

4.5.3 Fluke shall take reasonable steps to ensure that all Fluke personnel who have access to Processor Data are reliable and that all Fluke personnel authorised to process Processor Data are subject to a binding written contractual obligation with Fluke to keep the Processor Data confidential except where disclosure is required in accordance with applicable law, in which case Fluke shall, where practicable and not prohibited by applicable law, notify the Client of any such requirement before such disclosure.

4.6 Assistance with the Client’s compliance and Data Subject rights

4.6.1 Fluke shall refer all Data Subject Requests it receives in respect of Processor Data to the Client within three (3) Business Days of actual receipt of the request, and the Client shall pay Fluke’s costs, if any, for recording and referring the Data Subject Requests in accordance with this clause 4.6.1, calculated on a time and materials basis in accordance with the Rate Card.

4.6.2 Fluke shall, in respect of Processor Data, provide such reasonable assistance as the Client reasonably requires, taking into account the nature of processing performed by and the information available to Fluke, to comply with the Client’s obligations under Data Protection Laws with respect to:

(a). security of processing;

(b). DPIAs;

(c). prior consultation with a Supervisory Authority regarding high risk processing; and

(d). notifications to the Supervisory Authority and/or communications to Data Subjects by the Client in response to any Personal Data Breach,

4.7 International data transfers

4.7.1 The Client agrees that Fluke may transfer Processor Data outside the EEA or to any international organisation(s) (individually or collectively, an “International Recipient”), provided all transfers by Fluke of Processor Data to an International Recipient and any onward transfer shall to the extent required under Data Protection Laws be effected by way of Appropriate Safeguards and in accordance with Data Protection Laws. The foregoing sentence shall constitute Processing Instructions with respect to international data transfers for the purposes of clause 4.2.1(a).

4.7.2 The Controller-Processor Standard Contractual Clauses shall constitute an Appropriate Safeguard and shall only apply to Processor Data that is transferred outside the EEA and to the extent that another Appropriate Safeguard is not applicable to the Processor Data. If the Controller-Processor Standard Contractual Clauses apply, nothing in this Appendix shall modify the Controller-Processor Standard Contractual Clauses.

4.8 Records, information and audit

4.8.1 Fluke shall maintain, in accordance with Data Protection Laws binding on Fluke, written records of all categories of processing activities carried out on behalf of the Client.

4.8.2 Fluke shall, in accordance with Data Protection Laws, make available to the Client such information as is reasonably necessary to demonstrate Fluke’s compliance with the obligations of Data Processors under Data Protection Laws, and allow for and contribute to audits, including inspections, by the Client or another auditor mandated by the Client for this purpose, subject to the Client:

(a). giving Fluke reasonable prior notice of such information request, audit or inspection being required by the Client;

(b). ensuring that all information obtained or generated by the Client or its auditor(s) in connection with such information requests, inspections and audits is kept strictly confidential, save for disclosure to the Supervisory Authority or as otherwise required by applicable law;

(c). ensuring that such audit or inspection is undertaken during normal business hours, with minimal disruption to Fluke’s business, a Sub-Processor’s business, or the business of other clients of Fluke; and

(d). paying Fluke’s costs for assisting with the provision of information and allowing for and contributing to inspections and audits, calculated on a time and materials basis in accordance with the Rate Card.

4.9 Notification of Personal Data Breaches and Complaints

4.9.1 In respect of any Personal Data Breach involving Processor Data, Fluke shall, without undue delay:

(a). notify the Client of the Personal Data Breach; and

(b). provide the Client with details of the Personal Data Breach.

4.9.2 Each party shall promptly, and in any event within three (3) Business Days, inform the other if it receives a Complaint and provide the other party with full details of such Complaint.

4.10 Deletion or return of Processor Data and copies

4.10.1 Fluke shall, at the Client’s written request, either delete or return all the Processor Data to the Client within a reasonable time after the end of the provision of the relevant Licensed Services related to processing, and delete any other existing copies thereof unless storage of any data is required by applicable law, in which case Fluke shall inform the Client of any such requirement. The Client acknowledges and agrees that any request made by the Client under this clause 4.10.1 must be made within ninety (90) days after the end of the provision of the relevant Licensed Services related to processing.

4.10.2 The Client shall pay Fluke’s costs, if any, for deleting or returning Processor Data under clause 4.10.1, calculated on a time and materials basis in accordance with the Rate Card.

5. Liability, indemnities and compensation claims

5.1 The Client shall indemnify and keep indemnified Fluke in respect of all Data Protection Losses suffered or incurred by, awarded against or agreed to be paid by, Fluke and any Sub-Processor arising from or in connection with any:

5.1.1 non-compliance by the Client with the Data Protection Laws;

5.1.2 processing of Processor Data carried out by Fluke or any Sub-Processor pursuant to any Processing Instruction that infringes any Data Protection Law; or

5.1.3 breach by the Client of any of its obligations under this Appendix,

5.2 Fluke shall be liable for Data Protection Losses howsoever arising, whether in contract, tort (including negligence) or otherwise under or in connection with this Appendix:

5.2.1 only to the extent caused by the processing of Co-Controller Data or Processor Data by Fluke under this Appendix and directly resulting from Fluke’s breach of clauses 2, 3 or 4; and

5.2.2 in no circumstances for any portion of the Data Protection Losses (or the circumstances giving rise to them) contributed to or caused by any breach of this Appendix by the Client (including a breach of clause 4.2.1(c)(ii)).

5.3 If a party receives a compensation claim from a person relating to processing of Co-Controller Data or Processor Data, it shall promptly provide the other party with notice and full details of such claim, and each party shall:

5.3.1 make no admission of liability nor agree to any settlement or compromise of the relevant claim without the prior written consent of the other party, which consent shall not be unreasonably withheld, conditioned or delayed; and

5.3.2 consult fully with the other party in relation to any such action, but the terms of any settlement or compromise of the claim will be exclusively the decision of the party that is responsible under this Appendix for paying the compensation.

5.4 The parties agree that the Client shall not be entitled to claim back from Fluke any part of any compensation paid by the Client in respect of such damage to the extent that the Client is liable to indemnify Fluke in accordance with clause 5.1.

5.5 This clause 5 is intended to apply to the allocation of liability for Data Protection Losses as between the parties, including with respect to compensation to Data Subjects, notwithstanding any provisions under Data Protection Laws to the contrary, except:

5.5.1 to the extent not permitted by applicable law (including Data Protection Laws); and

5.5.2 that it does not affect the liability of either party to any Data Subject.

SCHEDULE 1
Security Measures

Description of Technical and Organizational Security Measures Implemented by Fluke

Technical Measures to Ensure Security of Processing
1. Inventory and Control of Hardware Assets	Actively manage all hardware devices on the network so that only authorised devices are given access, and unauthorised and unmanaged devices are found and prevented from gaining access.
2. Inventory and Control of Software Assets	Actively manage all software on the network so that only authorised software is installed and can execute, and that unauthorised and unmanaged software is found and prevented from installation or execution.
3. Continuous Vulnerability Management	Continuously acquire, assess, and take action on new information in order to identify vulnerabilities, remediate, and minimize the window of opportunity for attackers.
4. Controlled Use of Administrative Privileges	Maintain processes and tools to track, control, prevent, and correct the use, assignment, and configuration of administrative privileges on computers, networks, applications, and data.
5. Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers	Implement and actively manage (track, report on, correct) the security configuration of mobile devices, laptops, servers, and workstations using a configuration management and change control process in order to prevent attackers from exploiting vulnerable services and settings.
6. Maintenance, Monitoring, and Analysis of Audit Logs	Collect, manage, and analyse audit and security logs of events that could help detect, understand, or recover from a possible attack.
7. Email and Web Browser Protections	Deploy automated controls to minimise the attack surface and the opportunities for attackers to manipulate human behaviour through their interaction with web browsers and email systems or content.
8. Malware Defenses	Control the installation, spread, and execution of malicious code at multiple points in the enterprise, while optimising the use of automation to enable rapid updating of defense, data gathering, and corrective action.

Technical Measures to Ensure Security of Processing

1. Inventory and Control of Hardware Assets

Actively manage all hardware devices on the network so that only authorised devices are given access, and unauthorised and unmanaged devices are found and prevented from gaining access.

2. Inventory and Control of Software Assets

Actively manage all software on the network so that only authorised software is installed and can execute, and that unauthorised and unmanaged software is found and prevented from installation or execution.

3. Continuous Vulnerability Management

Continuously acquire, assess, and take action on new information in order to identify vulnerabilities, remediate, and minimize the window of opportunity for attackers.

4. Controlled Use of Administrative Privileges

Maintain processes and tools to track, control, prevent, and correct the use, assignment, and configuration of administrative privileges on computers, networks, applications, and data.

5. Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers

Implement and actively manage (track, report on, correct) the security configuration of mobile devices, laptops, servers, and workstations using a configuration management and change control process in order to prevent attackers from exploiting vulnerable services and settings.

6. Maintenance, Monitoring, and Analysis of Audit Logs

Collect, manage, and analyse audit and security logs of events that could help detect, understand, or recover from a possible attack.

7. Email and Web Browser Protections

Deploy automated controls to minimise the attack surface and the opportunities for attackers to manipulate human behaviour through their interaction with web browsers and email systems or content.

8. Malware Defenses

Control the installation, spread, and execution of malicious code at multiple points in the enterprise, while optimising the use of automation to enable rapid updating of defense, data gathering, and corrective action.

9. Limitation and Control of Network Ports, Protocols, and Licensed Services

Manage (track, control, correct) the ongoing operational use of ports, protocols, services, and applications on networked devices in order to minimise windows of vulnerability and exposure available to attackers.

10. Data Recovery Capabilities

Maintain processes and tools to properly back up Personal Data with a proven methodology to ensure the confidentiality, integrity, availability, and recoverability of that data.

11. Secure Configuration for Network Devices, such as Firewalls, Routers, and Switches

Implement, and actively manage (track, report on, correct) the security configuration of network infrastructure devices using a configuration management and change control process in order to prevent attackers from exploiting vulnerable services and settings.

12. Boundary Defenses

Detect, prevent, and correct the flow of information transferring networks of different trust levels with a focus on Personal Data.

13. Data Protection

Maintain processes and tools used to prevent data exfiltration, mitigate the effects of exfiltrated data, and ensure the confidentiality and integrity of Personal Data.

14. Controlled Access Based on the Need to Know

Maintain processes and tools to track, control, prevent, and correct secure access to critical or controlled assets (e.g. information, resources, systems) according to the formal determination of which persons, computers, and applications have a need and right to access these critical or controlled assets based on an approved classification.

15. Wireless Access Control

Maintain processes and tools to track, control, prevent, and correct the secure use of wireless local area networks (WLANs), access points, and wireless client systems.

16. Account Monitoring and Control

Actively manage the life cycle of system and application accounts, their creation, use, dormancy, and deletion in order to minimise opportunities for unauthorised, inappropriate, or nefarious use.

Organisational Measures to Ensure Security of Processing
1. Implement a Comprehensive Information Security Programme	Through the implementation of a Comprehensive Information Security Programme (CISP), maintain various administrative safeguards to protect Personal Data. These measures are designed to ensure: security, confidentiality and integrity of Personal Data protection against unauthorized access to or use of (stored) Personal Data in a manner that creates a substantial risk of identity theft or fraud that employees, contractors, consultants, temporaries, and other workers who have access to Personal Data only process such data on instructions from the data controller.
2. Implement a Security Awareness and Training Programme	For all functional roles (prioritizing those mission critical to the business, its security, and the protection of Personal Data), identify the specific knowledge, skills and abilities needed to support the protection and defense of Personal Data; develop and execute an integrated plan to assess, identify gaps, and remediate through policy, organisational planning, training, and awareness programmes.
3. Application Software Security	Manage the security life cycle of all in-house developed and acquired software in order to prevent, detect, and correct security weaknesses.
4. Incident Response and Management	Protect the organisation's information, including Personal Data, as well as its reputation, by developing and implementing an incident response infrastructure (e.g., plans, defined roles, training, communications, management oversight, retainers, and insurance) for quickly discovering an attack and then effectively containing the damage, eradicating the attacker's presence, and restoring the integrity of the organisation’s network and systems.
5. Security and Privacy Assessments, Penetration Tests, and Red Team Exercises	Test the overall strength of the organisation’s defense (the technology, processes, and people) by simulating the objectives and actions of an attacker; as well as, assess and validate the controls, policies, and procedures of the organisation’s privacy and Personal Data protections.
6. Physical Security and Entry Control	Require that all facilities meet the highest level of data protection standards possible, and reasonable, under the circumstances relevant to the facility and the data it contains, process, or transmits.

Organisational Measures to Ensure Security of Processing

1. Implement a Comprehensive Information Security Programme

Through the implementation of a Comprehensive Information Security Programme (CISP), maintain various administrative safeguards to protect Personal Data. These measures are designed to ensure:

security, confidentiality and integrity of Personal Data
protection against unauthorized access to or use of (stored) Personal Data in a manner that creates a substantial risk of identity theft or fraud
that employees, contractors, consultants, temporaries, and other workers who have access to Personal Data only process such data on instructions from the data controller.

2. Implement a Security Awareness and Training Programme

For all functional roles (prioritizing those mission critical to the business, its security, and the protection of Personal Data), identify the specific knowledge, skills and abilities needed to support the protection and defense of Personal Data; develop and execute an integrated plan to assess, identify gaps, and remediate through policy, organisational planning, training, and awareness programmes.

3. Application Software Security

Manage the security life cycle of all in-house developed and acquired software in order to prevent, detect, and correct security weaknesses.

4. Incident Response and Management

Protect the organisation's information, including Personal Data, as well as its reputation, by developing and implementing an incident response infrastructure (e.g., plans, defined roles, training, communications, management oversight, retainers, and insurance) for quickly discovering an attack and then effectively containing the damage, eradicating the attacker's presence, and restoring the integrity of the organisation’s network and systems.

5. Security and Privacy Assessments, Penetration Tests, and Red Team Exercises

Test the overall strength of the organisation’s defense (the technology, processes, and people) by simulating the objectives and actions of an attacker; as well as, assess and validate the controls, policies, and procedures of the organisation’s privacy and Personal Data protections.

6. Physical Security and Entry Control

Require that all facilities meet the highest level of data protection standards possible, and reasonable, under the circumstances relevant to the facility and the data it contains, process, or transmits.

SCHEDULE 2
Co-Controller Data – Data Sharing DETAILS

1, Types of Personal Data

1.1 The Personal Data shared between the parties as separate and independent Data Controllers, constituting Co-Controller Data under this Appendix, concern the following categories of data:

1.1.1 the names and contact details (including email and telephone number) of Permitted Users (as defined in the SSA) and Fluke personnel; and

1.1.2 any other Personal Data contained in User Content, Account Information and Service Usage Information (as such terms are defined in the SSA).

2. Categories of Data subjects

2.1 The Personal Data shared between the parties as separate and independent Data Controllers concern the following categories of Data Subjects:

2.1.1 prospective, current and former directors, officers, employees, agents, representatives and contractors of the Client and its subsidiaries and affiliates, including Permitted Users; and

2.1.2 current and former directors, officers, employees, agents, representatives and contractors of Fluke and its subsidiaries and affiliates.

3. Co-Controller Purposes

3.1 Personal Data shall be shared between the parties as separate and independent Data Controllers for the following purposes:

3.1.1 for Fluke to improve the Licensed Services;

3.1.2 for Fluke to use and disseminate Feedback for its own commercial purposes or otherwise;

3.1.3 for Fluke to aggregate Personal Data it collects for its own commercial purposes or otherwise; and

3.1.4 for Fluke to conduct marketing where it has a lawful basis to do so.

3.2 The context for and purposes for the processing of Personal Data is the provision of the applicable Licensed Services.

4. Recipients

4.1 The Personal Data shared between the parties as separate and independent Data Controllers may be disclosed only to the following recipients or categories of recipients:

4.1.1 the parties’ respective subsidiaries and affiliates; and

4.1.2 the parties’ respective cloud providers for storage of the Co-Controller Data.

SCHEDULE 3
Processor Data – DATA PROCESSING DETAILS

1. subject-matter of processing

1.1 The subject-matter of the processing of Personal Data under this Appendix is the Licensed Services.

2. duration of the processing

2.1 The duaration of the processing is the duration of the provision of the Licensed Services or as per Client’s instructions.

3. nature and purpose of the processing

3.1 The nature and purpose of the processing carried out by Fluke as a Data Processor for the Client is those processing operations which are necessary to enable Fluke to provide the Licensed Services to the Client in accordance with the SSA, including:

3.1.1 to administer subscriptions for the Client’s subscription to the Licensed Services;

3.1.2 to provide technical support to Permitted Users who access and use the Licensed Services; and

3.1.3 to provide remote implementation and setup services to Permitted Users.

4. typeS of Personal Data

4.1 The Personal Data processed by Fluke as a Data Processor for the Client consists of the following Personal Data relating to Permitted Users (as defined in the SSA);

4.1.1 name;

4.1.2 contact details, including email and telephone number;

4.1.3 identification (ID) number;

4.1.4 profile picture; and

4.1.5 procedural picture of Permitted Users using the Tools or other devices or equipment in connection with the Licensed Services.

5. categories of Data Subjects

5.1 The Personal Data processed by Fluke as a Data Processor for the Client concern the following categories of Data Subjects:

5.1.1 prospective, current and former directors, officers, employees, agents, representatives and contractors of the Client and its subsidiaries and affiliates;

5.1.2 prospective, current and former directors, officers, employees, agents, representatives and contractors of the Client’s service providers and contractors; and

5.1.3 any other Permitted Users.

6. technical and organizational measures

6.1 See Schedule 1, which shall form a part of this Schedule 3.

7. approved sub-processors

7.1 The following are Sub-Processors approved by the Client under this Appendix:

7.1.1 Fluke’s subsidiaries and affiliates;

7.1.2 Fluke’s cloud provider for storage of the Processor Data; and

7.1.3 Fluke’s third party developers.

SCHEDULE 4
CONTROLLER-CONTROLLER STANDARD CONTRACTUAL CLAUSES

Data transfer agreement between:

The entity identified as “Client” in the Data Protection Appendix to the SSA (the “data exporter”)

and

The entity identified as “Fluke” in the Data Protection Appendix to the SSA (the “data importer”)

each a “party”; together “the parties”.

DEFINITIONS

For the purposes of the clauses:

(a). “personal data”, “special categories of data/sensitive data”, “process/processing”, “controller”, “processor”, “data subject” and “supervisory authority/authority” shall have the same meaning as in Directive 95/46/EC of 24 October 1995 (whereby “the authority” shall mean the competent data protection authority in the territory in which the data exporter is established);

(b). “the data exporter” shall mean the controller who transfers the personal data;

(c). “the data importer” shall mean the controller who agrees to receive from the data exporter personal data for further processing in accordance with the terms of these clauses and who is not subject to a third country’s system ensuring adequate protection;

(d). “clauses” shall mean these contractual clauses, which are a free-standing document that does not incorporate commercial business terms established by the parties under separate commercial arrangements.

The details of the transfer (as well as the personal data covered) are specified in Annex B, which forms an integral part of the clauses.

1. Obligations of the data exporter

1.1 The data exporter warrants and undertakes that:

1.1.1 The personal data have been collected, processed and transferred in accordance with the laws applicable to the data exporter.

1.1.2 It has used reasonable efforts to determine that the data importer is able to satisfy its legal obligations under these clauses.

1.1.3 It will provide the data importer, when so requested, with copies of relevant data protection laws or references to them (where relevant, and not including legal advice) of the country in which the data exporter is established.

1.1.4 It will respond to enquiries from data subjects and the authority concerning processing of the personal data by the data importer, unless the parties have agreed that the data importer will so respond, in which case the data exporter will still respond to the extent reasonably possible and with the information reasonably available to it if the data importer is unwilling or unable to respond. Responses will be made within a reasonable time.

1.1.5 It will make available, upon request, a copy of the clauses to data subjects who are third party beneficiaries under clause 3, unless the clauses contain confidential information, in which case it may remove such information. Where information is removed, the data exporter shall inform data subjects in writing of the reason for removal and of their right to draw the removal to the attention of the authority. However, the data exporter shall abide by a decision of the authority regarding access to the full text of the clauses by data subjects, as long as data subjects have agreed to respect the confidentiality of the confidential information removed. The data exporter shall also provide a copy of the clauses to the authority where required.

2. Obligations of the data importer

2.1 The data importer warrants and undertakes that:

2.1.1 It will have in place appropriate technical and organisational measures to protect the personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure or access, and which provide a level of security appropriate to the risk represented by the processing and the nature of the data to be protected.

2.1.2 It will have in place procedures so that any third party it authorises to have access to the personal data, including processors, will respect and maintain the confidentiality and security of the personal data. Any person acting under the authority of the data importer, including a data processor, shall be obligated to process the personal data only on instructions from the data importer. This provision does not apply to persons authorised or required by law or regulation to have access to the personal data.

2.1.3 It has no reason to believe, at the time of entering into these clauses, in the existence of any local laws that would have a substantial adverse effect on the guarantees provided for under these clauses, and it will inform the data exporter (which will pass such notification on to the authority where required) if it becomes aware of any such laws.

2.1.4 It will process the personal data for purposes described in Annex B, and has the legal authority to give the warranties and fulfil the undertakings set out in these clauses.

2.1.5 It will identify to the data exporter a contact point within its organisation authorised to respond to enquiries concerning processing of the personal data, and will cooperate in good faith with the data exporter, the data subject and the authority concerning all such enquiries within a reasonable time. In case of legal dissolution of the data exporter, or if the parties have so agreed, the data importer will assume responsibility for compliance with the provisions of clause 1.1.5.

2.1.6 At the request of the data exporter, it will provide the data exporter with evidence of financial resources sufficient to fulfil its responsibilities under clause 3 (which may include insurance coverage).

2.1.7 Upon reasonable request of the data exporter, it will submit its data processing facilities, data files and documentation needed for processing to reviewing, auditing and/or certifying by the data exporter (or any independent or impartial inspection agents or auditors, selected by the data exporter and not reasonably objected to by the data importer) to ascertain compliance with the warranties and undertakings in these clauses, with reasonable notice and during regular business hours. The request will be subject to any necessary consent or approval from a regulatory or supervisory authority within the country of the data importer, which consent or approval the data importer will attempt to obtain in a timely fashion.

2.1.8 It will process the personal data, at its option, in accordance with:

(a). the data protection laws of the country in which the data exporter is established, or

(b) the relevant provisions^[1] of any Commission decision pursuant to Article 25(6) of Directive 95/46/EC, where the data importer complies with the relevant provisions of such an authorisation or decision and is based in a country to which such an authorisation or decision pertains, but is not covered by such authorisation or decision for the purposes of the transfer(s) of the personal data^[2], or

(c). the data processing principles set forth in Annex A.

(d). Data importer to indicate which option it selects: 2.1.8 (c)

(e). Initials of data importer: Fluke

2.1.9 It will not disclose or transfer the personal data to a third party data controller located outside the European Economic Area (EEA) unless it notifies the data exporter about the transfer and

(a). the third party data controller processes the personal data in accordance with a Commission decision finding that a third country provides adequate protection, or

(b). the third party data controller becomes a signatory to these clauses or another data transfer agreement approved by a competent authority in the EU, or

(c). data subjects have been given the opportunity to object, after having been informed of the purposes of the transfer, the categories of recipients and the fact that the countries to which data is exported may have different data protection standards, or

(d). with regard to onward transfers of sensitive data, data subjects have given their unambiguous consent to the onward transfer

3. Liability and third party rights

3.1 Each party shall be liable to the other parties for damages it causes by any breach of these clauses. Liability as between the parties is limited to actual damage suffered. Punitive damages (i.e. damages intended to punish a party for its outrageous conduct) are specifically excluded. Each party shall be liable to data subjects for damages it causes by any breach of third party rights under these clauses. This does not affect the liability of the data exporter under its Data Protection Laws.

3.2 The parties agree that a data subject shall have the right to enforce as a third party beneficiary this clause and clauses 1.1.2, 1.1.4, 1.1.5, 2.1.1, 2.1.3, 2.1.4, 2.1.5, 2.1.8, 2.1.9, 3.1, 4, 6.4 and 7 against the data importer or the data exporter, for their respective breach of their contractual obligations, with regard to his personal data, and accept jurisdiction for this purpose in the data exporter’s country of establishment. In cases involving allegations of breach by the data importer, the data subject must first request the data exporter to take appropriate action to enforce his rights against the data importer; if the data exporter does not take such action within a reasonable period (which under normal circumstances would be one month), the data subject may then enforce his rights against the data importer directly. A data subject is entitled to proceed directly against a data exporter that has failed to use reasonable efforts to determine that the data importer is able to satisfy its legal obligations under these clauses (the data exporter shall have the burden to prove that it took reasonable efforts).

4. Law applicable to the clauses

These clauses shall be governed by the law of the country in which the data exporter is established, with the exception of the laws and regulations relating to processing of the personal data by the data importer under clause 2.1.8, which shall apply only if so selected by the data importer under that clause.

5. Resolution of disputes with data subjects or the authority

5.1 In the event of a dispute or claim brought by a data subject or the authority concerning the processing of the personal data against either or both of the parties, the parties will inform each other about any such disputes or claims, and will cooperate with a view to settling them amicably in a timely fashion.

5.2 The parties agree to respond to any generally available non-binding mediation procedure initiated by a data subject or by the authority. If they do participate in the proceedings, the parties may elect to do so remotely (such as by telephone or other electronic means). The parties also agree to consider participating in any other arbitration, mediation or other dispute resolution proceedings developed for data protection disputes.

5.3 Each party shall abide by a decision of a competent court of the data exporter’s country of establishment or of the authority which is final and against which no further appeal is possible.

6. Termination

6.1 In the event that the data importer is in breach of its obligations under these clauses, then the data exporter may temporarily suspend the transfer of personal data to the data importer until the breach is repaired or the contract is terminated.

6.2 In the event that:

6.2.1 the transfer of personal data to the data importer has been temporarily suspended by the data exporter for longer than one month pursuant to clause 6.1;

6.2.2 compliance by the data importer with these clauses would put it in breach of its legal or regulatory obligations in the country of import;

6.2.3 the data importer is in substantial or persistent breach of any warranties or undertakings given by it under these clauses;

6.2.4 a final decision against which no further appeal is possible of a competent court of the data exporter’s country of establishment or of the authority rules that there has been a breach of the clauses by the data importer or the data exporter; or

6.2.5 a petition is presented for the administration or winding up of the data importer, whether in its personal or business capacity, which petition is not dismissed within the applicable period for such dismissal under applicable law; a winding up order is made; a receiver is appointed over any of its assets; a trustee in bankruptcy is appointed, if the data importer is an individual; a company voluntary arrangement is commenced by it; or any equivalent event in any jurisdiction occurs

6.2.6 then the data exporter, without prejudice to any other rights which it may have against the data importer, shall be entitled to terminate these clauses, in which case the authority shall be informed where required. In cases covered by clauses 6.2.1, 6.2.2, or 6.2.4 above the data importer may also terminate these clauses.

6.3 Either party may terminate these clauses if (i) any Commission positive adequacy decision under Article 25(6) Article 46(2) of Directive 95/46/EC (or any superseding text) is issued in relation to the country (or a sector thereof) to which the data is transferred and processed by the data importer, or (ii) Directive 95/46/EC (or any superseding text) becomes directly applicable in such country.

6.4 The parties agree that the termination of these clauses at any time, in any circumstances and for whatever reason (except for termination under clause 6.3 does not exempt them from the obligations and/or conditions under the clauses as regards the processing of the personal data transferred.

7. variation of these clauses

The parties may not modify these clauses except to update any information in Annex B, in which case they will inform the authority where required. This does not preclude the parties from adding additional commercial clauses where required.

8. Description of the Transfer

The details of the transfer and of the personal data are specified in Annex B. The parties agree that Annex B may contain confidential business information which they will not disclose to third parties, except as required by law or in response to a competent regulatory or government agency, or as required under clause 1.1.5. The parties may execute additional annexes to cover additional transfers, which will be submitted to the authority where required. Annex B may, in the alternative, be drafted to cover multiple transfers.

ANNEX A to the Controller-Controller STANDARD CONTRACTUAL CLAUSES

DATA PROCESSING PRINCIPLES

Purpose limitation: Personal data may be processed and subsequently used or further communicated only for purposes described in Annex B or subsequently authorised by the data subject.
Data quality and proportionality: Personal data must be accurate and, where necessary, kept up to date. The personal data must be adequate, relevant and not excessive in relation to the purposes for which they are transferred and further processed.
Transparency: Data subjects must be provided with information necessary to ensure fair processing (such as information about the purposes of processing and about the transfer), unless such information has already been given by the data exporter.
Security and confidentiality: Technical and organisational security measures must be taken by the data controller that are appropriate to the risks, such as against accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure or access, presented by the processing. Any person acting under the authority of the data controller, including a processor, must not process the data except on instructions from the data controller.
Rights of access, rectification, deletion and objection: As provided in Article 12 of Directive 95/46/EC, data subjects must, whether directly or via a third party, be provided with the personal information about them that an organisation holds, except for requests which are manifestly abusive, based on unreasonable intervals or their number or repetitive or systematic nature, or for which access need not be granted under the law of the country of the data exporter. Provided that the authority has given its prior approval, access need also not be granted when doing so would be likely to seriously harm the interests of the data importer or other organisations dealing with the data importer and such interests are not overridden by the interests for fundamental rights and freedoms of the data subject. The sources of the personal data need not be identified when this is not possible by reasonable efforts, or where the rights of persons other than the individual would be violated. Data subjects must be able to have the personal information about them rectified, amended, or deleted where it is inaccurate or processed against these principles. If there are compelling grounds to doubt the legitimacy of the request, the organisation may require further justifications before proceeding to rectification, amendment or deletion. Notification of any rectification, amendment or deletion to third parties to whom the data have been disclosed need not be made when this involves a disproportionate effort. A data subject must also be able to object to the processing of the personal data relating to him if there are compelling legitimate grounds relating to his particular situation. The burden of proof for any refusal rests on the data importer, and the data subject may always challenge a refusal before the authority.
Sensitive data: The data importer shall take such additional measures (e.g. relating to security) as are necessary to protect such sensitive data in accordance with its obligations under clause 2.
Data used for marketing purposes: Where data are processed for the purposes of direct marketing, effective procedures should exist allowing the data subject at any time to “opt-out” from having his data used for such purposes.
Automated decisions: For purposes hereof “automated decision” shall mean a decision by the data exporter or the data importer which produces legal effects concerning a data subject or significantly affects a data subject and which is based solely on automated processing of personal data intended to evaluate certain personal aspects relating to him, such as his performance at work, creditworthiness, reliability, conduct, etc. The data importer shall not make any automated decisions concerning data subjects, except when:

8.1 (a) such decisions are made by the data importer in entering into or performing a contract with the data subject, and

(b) the data subject is given an opportunity to discuss the results of a relevant automated decision with a representative of the parties making such decision or otherwise to make representations to that parties.

8.2 where otherwise provided by the law of the data exporter.

ANNEX B to the Controller-CONTROLLER STANDARD CONTRACTUAL CLAUSES

DESCRIPTION OF THE TRANSFER

Data subjects

The personal data transferred concern the categories of data subjects identified in Schedule 2 (Co-Controller Data – Data Sharing Details) to the Data Protection Appendix to the SSA.

Purposes of the transfer(s)

The transfer is made for the purposes identified in Schedule 2 (Co-Controller Data – Data Sharing Details) to the Data Protection Appendix to the SSA.

The context for and purposes for the Processing of Personal Data is the provision of the applicable services under the SSA.

Categories of data

The personal data transferred concern the categories of data identified in Schedule 2 (Co-Controller Data – Data Sharing Details) to the Data Protection Appendix to the SSA.

Recipients

The personal data transferred may be disclosed only to the recipients or categories of recipients identified in Schedule 2 (Co-Controller Data – Data Sharing Details) to the Data Protection Appendix to the SSA.

Data protection registration information of data exporter (where applicable)

[If applicable to Client, Client to insert details of its registration with the supervisory authority in its jurisdiction. If no registration is required, insert “N/A” in this section]

Additional useful information (storage limits and other relevant information)

[Parties to insert any additional information they consider relevant in the circumstances. Otherwise, insert “N/A” in this section]

Contact points for data protection enquiries

Data importer: As set out in the SSA

Data exporter: As set out in the SSA

SCHEDULE 5
CONTROLLER-PROCESSOR STANDARD CONTRACTUAL CLAUSES

For the purposes of Article 26(2) of Directive 95/46/EC for the transfer of personal data to processors established in third countries which do not ensure an adequate level of data protection.

The entity identified as “Client” in the Data Protection Appendix to the SSA (the “data exporter”)

and

The entity identified as “Fluke” in the Data Protection Appendix to the SSA (the “data importer”)

each a “party”; together “the parties”,

HAVE AGREED on the following Contractual Clauses (the Clauses) in order to adduce adequate safeguards with respect to the protection of privacy and fundamental rights and freedoms of individuals for the transfer by the data exporter to the data importer of the personal data specified in Appendix 1.

Clause 1
Definitions

For the purposes of the Clauses:

(a) 'personal data', 'special categories of data', 'process/processing', 'controller', 'processor', 'data subject' and 'supervisory authority' shall have the same meaning as in Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data;

(b) 'the data exporter' means the controller who transfers the personal data;

(c) 'the data importer' means the processor who agrees to receive from the data exporter personal data intended for processing on his behalf after the transfer in accordance with his instructions and the terms of the Clauses and who is not subject to a third country's system ensuring adequate protection within the meaning of Article 25(1) of Directive 95/46/EC;

(d) 'the subprocessor' means any processor engaged by the data importer or by any other subprocessor of the data importer who agrees to receive from the data importer or from any other subprocessor of the data importer personal data exclusively intended for processing activities to be carried out on behalf of the data exporter after the transfer in accordance with his instructions, the terms of the Clauses and the terms of the written subcontract;

(e) 'the applicable data protection law' means the legislation protecting the fundamental rights and freedoms of individuals and, in particular, their right to privacy with respect to the processing of personal data applicable to a data controller in the Member State in which the data exporter is established;

(f) 'technical and organisational security measures' means those measures aimed at protecting personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing.

Clause 2
Details of the transfer

The details of the transfer and in particular the special categories of personal data where applicable are specified in Appendix 1 which forms an integral part of the Clauses.

Clause 3
Third-party beneficiary clause

1. The data subject can enforce against the data exporter this Clause, Clause 4(b) to (i), Clause 5(a) to (e), and (g) to (j), Clause 6(1) and (2), Clause 7, Clause 8(2), and Clauses 9 to 12 as third-party beneficiary.

2. The data subject can enforce against the data importer this Clause, Clause 5(a) to (e) and (g), Clause 6, Clause 7, Clause 8(2), and Clauses 9 to 12, in cases where the data exporter has factually disappeared or has ceased to exist in law unless any successor entity has assumed the entire legal obligations of the data exporter by contract or by operation of law, as a result of which it takes on the rights and obligations of the data exporter, in which case the data subject can enforce them against such entity.

3. The data subject can enforce against the subprocessor this Clause, Clause 5(a) to (e) and (g), Clause 6, Clause 7, Clause 8(2), and Clauses 9 to 12, in cases where both the data exporter and the data importer have factually disappeared or ceased to exist in law or have become insolvent, unless any successor entity has assumed the entire legal obligations of the data exporter by contract or by operation of law as a result of which it takes on the rights and obligations of the data exporter, in which case the data subject can enforce them against such entity. Such third-party liability of the subprocessor shall be limited to its own processing operations under the Clauses.

4. The parties do not object to a data subject being represented by an association or other body if the data subject so expressly wishes and if permitted by national law.

Clause 4
Obligations of the data exporter

The data exporter agrees and warrants:

(a) that the processing, including the transfer itself, of the personal data has been and will continue to be carried out in accordance with the relevant provisions of the applicable data protection law (and, where applicable, has been notified to the relevant authorities of the Member State where the data exporter is established) and does not violate the relevant provisions of that State;

(b) that it has instructed and throughout the duration of the personal data processing services will instruct the data importer to process the personal data transferred only on the data exporter's behalf and in accordance with the applicable data protection law and the Clauses;

(c) that the data importer will provide sufficient guarantees in respect of the technical and organisational security measures specified in Appendix 2 to this contract;

(d) that after assessment of the requirements of the applicable data protection law, the security measures are appropriate to protect personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing, and that these measures ensure a level of security appropriate to the risks presented by the processing and the nature of the data to be protected having regard to the state of the art and the cost of their implementation;

(e) that it will ensure compliance with the security measures;

(f) that, if the transfer involves special categories of data, the data subject has been informed or will be informed before, or as soon as possible after, the transfer that its data could be transmitted to a third country not providing adequate protection within the meaning of Directive 95/46/EC;

(g) to forward any notification received from the data importer or any subprocessor pursuant to Clause 5(b) and Clause 8(3) to the data protection supervisory authority if the data exporter decides to continue the transfer or to lift the suspension;

(h) to make available to the data subjects upon request a copy of the Clauses, with the exception of Appendix 2, and a summary description of the security measures, as well as a copy of any contract for subprocessing services which has to be made in accordance with the Clauses, unless the Clauses or the contract contain commercial information, in which case it may remove such commercial information;

(i) that, in the event of subprocessing, the processing activity is carried out in accordance with Clause 11 by a subprocessor providing at least the same level of protection for the personal data and the rights of data subject as the data importer under the Clauses; and

(j) that it will ensure compliance with Clause 4(a) to (i).

Clause 5
Obligations of the data importer

The data importer agrees and warrants:

(a) to process the personal data only on behalf of the data exporter and in compliance with its instructions and the Clauses; if it cannot provide such compliance for whatever reasons, it agrees to inform promptly the data exporter of its inability to comply, in which case the data exporter is entitled to suspend the transfer of data and/or terminate the contract;

(b) that it has no reason to believe that the legislation applicable to it prevents it from fulfilling the instructions received from the data exporter and its obligations under the contract and that in the event of a change in this legislation which is likely to have a substantial adverse effect on the warranties and obligations provided by the Clauses, it will promptly notify the change to the data exporter as soon as it is aware, in which case the data exporter is entitled to suspend the transfer of data and/or terminate the contract;

(c) that it has implemented the technical and organisational security measures specified in Appendix 2 before processing the personal data transferred;

(d) that it will promptly notify the data exporter about:

(i) any legally binding request for disclosure of the personal data by a law enforcement authority unless otherwise prohibited, such as a prohibition under criminal law to preserve the confidentiality of a law enforcement investigation,

(ii) any accidental or unauthorised access, and

(iii) any request received directly from the data subjects without responding to that request, unless it has been otherwise authorised to do so;

(e) to deal promptly and properly with all inquiries from the data exporter relating to its processing of the personal data subject to the transfer and to abide by the advice of the supervisory authority with regard to the processing of the data transferred;

(f) at the request of the data exporter to submit its data processing facilities for audit of the processing activities covered by the Clauses which shall be carried out by the data exporter or an inspection body composed of independent members and in possession of the required professional qualifications bound by a duty of confidentiality, selected by the data exporter, where applicable, in agreement with the supervisory authority;

(g) to make available to the data subject upon request a copy of the Clauses, or any existing contract for subprocessing, unless the Clauses or contract contain commercial information, in which case it may remove such commercial information, with the exception of Appendix 2 which shall be replaced by a summary description of the security measures in those cases where the data subject is unable to obtain a copy from the data exporter;

(h) that, in the event of subprocessing, it has previously informed the data exporter and obtained its prior written consent;

(i) that the processing services by the subprocessor will be carried out in accordance with Clause 11;

(j) to send promptly a copy of any subprocessor agreement it concludes under the Clauses to the data exporter.

Clause 6
Liability

1. The parties agree that any data subject, who has suffered damage as a result of any breach of the obligations referred to in Clause 3 or in Clause 11 by any party or subprocessor is entitled to receive compensation from the data exporter for the damage suffered.

2. If a data subject is not able to bring a claim for compensation in accordance with paragraph 1 against the data exporter, arising out of a breach by the data importer or his subprocessor of any of their obligations referred to in Clause 3 or in Clause 11, because the data exporter has factually disappeared or ceased to exist in law or has become insolvent, the data importer agrees that the data subject may issue a claim against the data importer as if it were the data exporter, unless any successor entity has assumed the entire legal obligations of the data exporter by contract of by operation of law, in which case the data subject can enforce its rights against such entity.

The data importer may not rely on a breach by a subprocessor of its obligations in order to avoid its own liabilities.

3. If a data subject is not able to bring a claim against the data exporter or the data importer referred to in paragraphs 1 and 2, arising out of a breach by the subprocessor of any of their obligations referred to in Clause 3 or in Clause 11 because both the data exporter and the data importer have factually disappeared or ceased to exist in law or have become insolvent, the subprocessor agrees that the data subject may issue a claim against the data subprocessor with regard to its own processing operations under the Clauses as if it were the data exporter or the data importer, unless any successor entity has assumed the entire legal obligations of the data exporter or data importer by contract or by operation of law, in which case the data subject can enforce its rights against such entity. The liability of the subprocessor shall be limited to its own processing operations under the Clauses.

Clause 7
Mediation and jurisdiction

1. The data importer agrees that if the data subject invokes against it third-party beneficiary rights and/or claims compensation for damages under the Clauses, the data importer will accept the decision of the data subject:

(a) to refer the dispute to mediation, by an independent person or, where applicable, by the supervisory authority;

(b) to refer the dispute to the courts in the Member State in which the data exporter is established.

2. The parties agree that the choice made by the data subject will not prejudice its substantive or procedural rights to seek remedies in accordance with other provisions of national or international law.

Clause 8

Cooperation with supervisory authorities

1. The data exporter agrees to deposit a copy of this contract with the supervisory authority if it so requests or if such deposit is required under the applicable data protection law.

2. The parties agree that the supervisory authority has the right to conduct an audit of the data importer, and of any subprocessor, which has the same scope and is subject to the same conditions as would apply to an audit of the data exporter under the applicable data protection law.

3. The data importer shall promptly inform the data exporter about the existence of legislation applicable to it or any subprocessor preventing the conduct of an audit of the data importer, or any subprocessor, pursuant to paragraph 2. In such a case the data exporter shall be entitled to take the measures foreseen in Clause 5 (b).

Clause 9

Governing Law

The Clauses shall be governed by the law of the Member State in which the data exporter is established.

Clause 10
Variation of the contract

The parties undertake not to vary or modify the Clauses. This does not preclude the parties from adding clauses on business related issues where required as long as they do not contradict the Clause.

Clause 11

Subprocessing

1. The data importer shall not subcontract any of its processing operations performed on behalf of the data exporter under the Clauses without the prior written consent of the data exporter. Where the data importer subcontracts its obligations under the Clauses, with the consent of the data exporter, it shall do so only by way of a written agreement with the subprocessor which imposes the same obligations on the subprocessor as are imposed on the data importer under the Clauses. Where the subprocessor fails to fulfil its data protection obligations under such written agreement the data importer shall remain fully liable to the data exporter for the performance of the subprocessor's obligations under such agreement.

2. The prior written contract between the data importer and the subprocessor shall also provide for a third-party beneficiary clause as laid down in Clause 3 for cases where the data subject is not able to bring the claim for compensation referred to in paragraph 1 of Clause 6 against the data exporter or the data importer because they have factually disappeared or have ceased to exist in law or have become insolvent and no successor entity has assumed the entire legal obligations of the data exporter or data importer by contract or by operation of law. Such third-party liability of the subprocessor shall be limited to its own processing operations under the Clauses.

3. The provisions relating to data protection aspects for subprocessing of the contract referred to in paragraph 1 shall be governed by the law of the Member State in which the data exporter is established.

4. The data exporter shall keep a list of subprocessing agreements concluded under the Clauses and notified by the data importer pursuant to Clause 5 (j), which shall be updated at least once a year. The list shall be available to the data exporter's data protection supervisory authority.

Clause 12

Obligation after the termination of personal data processing services

1. The parties agree that on the termination of the provision of data processing services, the data importer and the subprocessor shall, at the choice of the data exporter, return all the personal data transferred and the copies thereof to the data exporter or shall destroy all the personal data and certify to the data exporter that it has done so, unless legislation imposed upon the data importer prevents it from returning or destroying all or part of the personal data transferred. In that case, the data importer warrants that it will guarantee the confidentiality of the personal data transferred and will not actively process the personal data transferred anymore.

2. The data importer and the subprocessor warrant that upon request of the data exporter and/or of the supervisory authority, it will submit its data processing facilities for an audit of the measures referred to in paragraph 1.

Appendix 1 to the CONTROLLER-PROCESSOR Standard Contractual Clauses

Data exporter

The data exporter is the entity identified as the “Client” in the Data Protection Appendix to the SSA, and who maintains a subscription to the services provided by data importer in accordance with the SSA.

Data importer

The data importer is the entity identified as “Fluke” in the Data Protection Appendix to the SSA, provider of the services provided by data importer in accordance with the SSA.

Data subjects

The personal data transferred concern the categories of data subjects identified in Schedule 3 (Processor Data – Data Processing Details) to the Data Protection Appendix to the SSA.

Categories of data

The personal data transferred concern the categories of data identified in Schedule 3 (Processor Data – Data Processing Details) to the Data Protection Appendix to the SSA.

Processing operations

The personal data transferred will be subject to the processing activities identified in Schedule 3 (Processor Data – Data Processing Details) to the Data Protection Appendix to the SSA.

Appendix 2 to the CONTROLLER-PROCESSOR Standard Contractual Clauses

This Appendix forms part of the Clauses and must be completed by the parties.

Description of the technical and organisational security measures implemented by the data importer in accordance with Clauses 4(d) and 5(c) (or document/legislation attached):

The technical and organisational security measures implemented by the data importer are described in Schedule 1 (Security Measures) to the Data Protection Appendix to the SSA.

[1] “Relevant provisions” means those provisions of any authorisation or decision except for the enforcement provisions of any authorisation or decision (which shall be governed by these clauses).

[2] However, the provisions of Annex A.5 concerning rights of access, rectification, deletion and objection must be applied when this option is chosen and take precedence over any comparable provisions of the Commission Decision selected.