How does Clym Handle Your Data Privacy

Last Updated: October 11, 2022

Terms of Service

These Terms of Service, the Order Form, and any additional document incorporated herein are collectively referred to as the “Agreement” and is a legally binding agreement between Clym Inc. (“Clym”), and you (the “Customer”). Customer and Clym may each be referred to as a “Party” and collectively referred to as the “Parties”.

1. Definitions.

“Affiliate” means a person or entity that owns is owned by or is under common control of a Party. “Control” means that a person or entity owns more than 50% of the equity interest of any entity and/or has the ability to control the management of such an entity.

"Availability" means the total available minutes in a given calendar month less any minutes attributable to a Scheduled Downtime.

“Authorized Users” means individuals who are authorized by Customer to use the Platform and Services with varying levels of control and access specified by Customer and who have been supplied user identifications and passwords by Customer. Authorized Users may include the employees, consultants, contractors, agents, or other designees of Customer and its Affiliates, but shall not include any employee or agent of any Clym competitor.

“Critical Malfunction” means Clym administrative interfaces at www.clym.io are unreachable, or external, mission-critical endpoints (including Consent Management or Subject Rights Portal) are returning errors.

“Customer Information” means all information and data submitted to Clym by or on behalf of Customer in connection with the creation and management of Customer’s account for the Services.

“Documentation” means the instruction manuals, guides, and frequently asked questions available at www.clym.io.

“Monthly Users” means the average number of unique users who access the Customer’s consent management service on a monthly basis as measured for a trailing three-month period.

“Platform” means the Clym proprietary Software as a Service including but not limited to hosted software SDKs, libraries, APIs, and user interfaces.

“Order Form” means a document issued by Clym and executed or otherwise agreed upon by authorized representatives of the Customer, which specifies, among other things and as applicable, a description of the Services, the Fees, and any other details specifically related to the Services.

"Scheduled downtime" means regular Platform maintenance, upgrades, and may take place on Sunday mornings between midnight and 4 AM U.S. Eastern Time.

“Services” means access to the Platform and services, via an account, that are ordered by and paid for by Customer under an Order Form and made available by Clym, including user guides, documentation, and help/training materials provided by Clym.

“Service Start Date” means, for each Order Form, the earlier of (i) the date set forth on the Order Form or (ii) the first date on which Customer is granted access to the Services purchased pursuant to the Order Form.

“Software as a Service” (“SaaS”) means a software delivery model in which a hosted software platform is made available on a subscription basis.

“Usage Data” means all data, information, and statistics collected by Clym related to the Customer’s consent and data activity, including, without limitation, those pertaining to the consents, traffic, and PII storage.

2. Clym Services.

2.1 Services. During the Term (as defined herein), subject to the terms and conditions of this Agreement for such Services, and solely for Customer’s business purposes, Clym shall make the Services available to Customer in accordance with an executed Order Form.

2.2. Updates and Functionalities. Customer acknowledges that, from time to time, Clym may apply updates to the Services and that such updates may result in changes in the appearance and/or functionality of such Platform and Services. Excluding the addition of wholly new products, Clym will provide, implement, configure, install, support, and maintain at its own cost any and all updates, upgrades, enhancements, improvements, releases, corrections, bug fixes, patches, and modifications to the Services (collectively, the “Updates”). In no way is Clym required to customize its Services for Customer, and Clym does not represent or warrant that its Platform or Services will be compatible with Customer’s systems.

2.3 Acceptable Use Policy.

Customer shall:

a. be responsible for Authorized Users’ compliance with this Agreement;

b. use commercially reasonable efforts to prevent unauthorized access to or use of the Platform or Services, including keeping passwords and usernames confidential and not permitting any third-party to access or use its or any of its Authorized Users’ usernames, passwords, or Customer account for the Services;

c. be solely responsible and liable for all activity knowingly conducted through its Customer account in connection with the Services;

d. promptly notify Clym if Customer becomes aware of or reasonably suspects any security breach, including any loss, theft, or unauthorized disclosure or use of Customer’s (or any Authorized User’s) username, password, or Customer account;

e. use, or otherwise access in connection with Customer’s use thereof, the Services only in accordance with applicable laws and government regulations; and

Customer must not:

a. make the Platform or Services available to anyone other than its Authorized Users;

b. sell, trade, or otherwise transfer the Platform or Services to another party;

c. use the Services to store or transmit any content that may be infringing, defamatory, threatening, harmful, or otherwise tortious or unlawful, including any content that may violate intellectual property, privacy, rights of publicity, or other laws, or send spam or other unsolicited messages in violation of applicable law; upload to, or transmit from, the Platform or Services any data, file, software, or link that contains or redirects to a virus, Trojan horse, worm, or other harmful component;

d. attempt to reverse engineer, decompile, hack, disable, interfere with, disassemble, modify, copy, translate, or disrupt the features, functionality, integrity, or performance of the Platform or Services (including any mechanism used to restrict or control the functionality of the Platform or Services), any third-party use of the Platform or Services, or any third-party data contained therein (except to the extent such restrictions are prohibited by applicable law);

e. attempt to modify or cause to be hidden any Clym “powered by” branding without prior written consent.

f. attempt to gain unauthorized access to the Platform or Services or related systems or networks or to defeat, avoid, bypass, remove, deactivate, or otherwise circumvent any software protection or monitoring mechanisms of the Platform or Services;

g. access the Platform or Services in order to build a similar or competitive product or service to Platform or Services; or

h. commit any act or do anything which might: (i) reasonably be considered immoral, deceptive, or obscene; (ii) injure, tarnish, damage or otherwise negatively affect the reputation and goodwill associated with Clym;

i. knowingly implement Clym in a manner which is inconsistent with data privacy laws of Customer's website visitor(s) or application user(s); or

j. authorize, assist, or encourage any third-party to do any of the above.

Customer agrees that Clym may, with prior written notice to Customer, suspend or terminate access to the Platform or Services for a violation of this Section 2.3 or for any abusive practices that degrade the performance of any Service for Customer and/or other Clym customers. In the event of such a suspension, if Customer does not reasonably resolve issue within thirty (30) days, Clym may terminate this Agreement.

2.4 Non-Exclusivity. Customer acknowledges that the rights granted to it under this Agreement and any Order Form are non-exclusive and that nothing in this Agreement or any Order Form will be interpreted or construed to prohibit or in any way restrict Clym’s right to license, sell, or otherwise make available the Platform or Services to any third-party.

3. Intellectual Property.

3.1 Platform and Services. As between Customer and Clym, Clym retains all right, title, and interest in and to the Platform and Services. Nothing herein shall be construed to restrict, impair, encumber, alter, deprive, or adversely affect the Services or any of Clym’s rights or interests therein or any other Clym intellectual property, brands, information, content, processes, methodologies, products, goods, services, materials, or rights, tangible or intangible. All rights, title, and interest in and to the Services not expressly granted in this Agreement are reserved by Clym.

3.2 Feedback. Customer may from time to time provide suggestions, comments, or other feedback to Clym with respect to the Services (“Feedback”). Feedback, even if designated as confidential by Customer and, notwithstanding Article 5 of this Agreement, shall not create any confidentiality obligation for Clym. Customer shall, and hereby does, grant to Clym a non- exclusive, worldwide, perpetual, irrevocable, transferable, royalty-free, license to use the Feedback for the purpose of improving its Platform or Services.

3.3 Customer and Usage Data. Customer hereby grants Clym a limited, worldwide, non- exclusive, non-transferable (except as set forth in Section 10.1) license, with the right of sublicense, to access, use, reproduce, electronically distribute, transmit, perform, format, display, store, archive, index the Customer’s Usage Data and Customer Information for the sole purpose of providing and developing the Platform and Services to Customer and supporting Customer’s use of the Platform and Services. Clym may use aggregated and anonymized Usage Data for analytics, provided that such Usage Data cannot be in any way linked to Customer or any individual person or used to identify Customer or any individual person. Subject only to the limited license expressly granted herein, Customer and its Authorized Users shall retain all right, title and interest in and to, and all intellectual property rights in the Customer Information. Nothing in this Agreement will confer on Clym any right of ownership or interest in or to or the intellectual property rights in the Customer Information. All Customer Information will be processed by Clym according to the DPA available at www.clym.io.

3.4 Privacy Policy. Customer is solely responsible for the Customer Information submitted to the Platform. Clym may use the Customer Information or Usage Data to provide the Services, as provided herein and in accordance with applicable data privacy laws. Customer is a Business and Clym is a Service Provider for purposes of the California Consumer Privacy Act. Clym shall not:
(a) sell the Customer Information or Usage Data; (b) retain, use or disclose the Customer Information or Usage Data for any purpose other than for the specific purpose of performing the Services; (c) retain, use or disclose the Customer Information or Usage Data for a commercial purpose other than providing the Services; or (d) retain, use or disclose the Customer Information or Usage Data outside of the direct business relationship between Customer and Clym. Clym certifies that it understands these restrictions and will comply with them.

4. Fees and Payment.

4.1 Fees. Customer will pay all fees as and when described in the Order Form(s) (the “Fees”).

4.2 Invoicing. Clym shall collect payment from Customer through an online payment in the form of a credit card; as of the date of this Agreement, Clym utilizes Stripe as its payment processor. Customer may access any current or past due invoices through utilizing Clym’s platform.

4.3 Auto-Renewal. Customer agrees and authorizes Clym to issue a recurring charge for Customer’s utilization of the Platform and Services absent termination consistent with Article 6.

4.4 Re-Pricing of Fees and Fee True-Up. In the event it is determined that the Customer’s usage exceeds the quantity set forth in the Order Form, Customer agrees that Clym may adjust the Fees set forth within the Order Form and Customer shall pay any additional Fees commensurate with the actual quantities and prices listed as attached to the Order Form, unless otherwise agreed to by the Parties.

4.5 Late Payment. If any undisputed amounts invoiced hereunder as Fees or otherwise are not received by Clym by the due date, then at Clym’s discretion, such charges may accrue late interest at the rate of 10% per year or the maximum rate permitted by law, whichever is lower, from the date such payment was due until the date paid. In addition, upon 30 days’ written notice to Customer provided after the due date of any undisputed fees, Clym may suspend Customer’s access to the Services, if any, if Clym has not received the amounts invoiced hereunder at the expiration of such period as defined in the Order Form.

4.6 Taxes and Withholdings. Customer is responsible for paying all taxes, assessments, charges, fees, and levies that may be levied or based upon Customer’s subscription to the Services, and any interest, fines, and penalties with respect thereto, imposed by any governmental authority. If Clym has the legal obligation to pay or collect Taxes for which Customer is responsible under this Section 4.6, the appropriate amount shall be invoiced to and paid by Customer, unless Customer provides Clym with a valid tax exemption certificate authorized by the appropriate taxing authority.

4.7 No-Charge Trial Period. Clym may at its sole discretion offer a no-charge trial period during which Customers may use the Clym Services and Platform for a period of time as defined in the order days from the date of registration without pre-paying in advance (“No-Charge Trial Period”).

a. Customer is required to provide valid payment information in order to create an Account and access the Clym Platform and Services for the trial period.

b. Customers who participate in a No-Charge Trial Period must cancel their subscription by the end of the No-Charge Trial Period to avoid incurring charges. If Customer does not cancel before the No-Charge Trial Period expires, Customer authorizes Clym to bill the Customer’s payment method on file for the full cost of the plan described during the registration process. The subscription will automatically renew and continue, unless and until Customer cancels their subscription or Clym terminates this Agreement pursuant to Section 6.3. Customer will not receive a notice from Clym that Customer’s No-Charge Trial Period is about to end or has ended.

c. Customers may cancel their subscription at any time during the No-Charge Trial Period by following the steps described in the registration process. Upon cancellation of Customer’s account, Customer will immediately lose all access to the Clym Services and Platform.

5. Confidential Information and Security Requirements.

5.1 Confidential Information. Each Party will use the same degree of care that it uses to protect the confidentiality of its own confidential information of a like-kind (but in no event less than reasonable care consistent with industry standards) and will not disclose or use any Confidential Information (as defined below) of the other Party for any purpose outside of the scope of this Agreement, and each Party shall limit access to Confidential Information to those of its, or its Affiliates’, employees, contractors, and agents who need such access for purposes consistent with this Agreement and who have signed confidentiality agreements with the receiving Party containing protections no less stringent than those herein. In this Agreement, “Confidential Information” means all information, data, and financial information relating to the business, commercial strategies, pricing, personnel, customers, products, or services of each Party. Confidential Information includes (i) Each party’s proprietary system offerings, including the Platform and/or Services, along with documentation and plans related thereto; (ii) Passwords, authorization keys, or codes used to access or operate such system offerings; (iii) Any results, Usage Data, or statistics collected through the use of the system offerings; or (iv) Any nonpublic business information that is either marked physically or identified orally as “confidential” or “proprietary.” For the avoidance of doubt, Customer Information and Usage Data will be the Confidential Information of Customer.

Confidential Information excludes any information that

a. was in the receiving party’s possession before receiving it from the disclosing party;

b. is provided to the receiving party by a third-party without restriction on use or disclosure and without breaching any rights of the disclosing party;

c. is or becomes generally known or available to, or accessible by, the public through no act or omission of the receiving party; or

d. was or is independently developed by the receiving party without reference to the disclosing party’s Confidential Information.

In the event that the receiving party or any representative of the receiving party becomes legally compelled (by law, rule, regulation, subpoena, or similar court process) to disclose any of the Confidential Information, the receiving party will (if permitted to do so) provide the discloser with notice of such circumstances and will limit such disclosure to the required disclosure.

5.2 Security Requirements. Clym has implemented technical and organizational security measures consistent with the standards, practices, and controls reasonable for the Services. However, Clym cannot guarantee that unauthorized third-parties will never be able to defeat those measures and expressly denies any responsibility for damages, monetary or otherwise, resulting from unauthorized third-party access to Customer’s account or use, alteration, or disclosure of the Customer Information or Usage Data except in the event of Clym' gross negligence or willful misconduct.

5.3 Multi-Factor Authentication. Multi-Factor Authentication is a security system that requires more than one level of authentication before accounts can be accessed. It was developed to add extra security steps to the login process, to keep accounts safe and verify users before they can gain access to accounts. Users that provide their mobile phone numbers for authentication purposes agree to receive an SMS or other message as part of the process. Carrier message and data rates may apply.

6. Term and Termination.

6.1 Term of Agreement. This Agreement shall commence on the Service Start Date (the “Effective Date”) and shall continue in effect until all Order Forms have expired or this Agreement has been terminated in accordance with this Article 6 (the “Term”).

6.2 Term of Order Forms. The term of each Order Form shall start on the Service Start Date specified on the Order Form and shall continue for the term specified therein. Except as expressly stated otherwise in an Order Form, all Order Forms shall automatically renew for subsequent one-year renewal periods, unless a Party gives the other Party written notice of non- renewal at least 30 days prior to the end of the then-current term. Upon renewal, Clym reserves the right to increase the Fees for Services by providing Customer written notice thereof (which notice may be provided by email) at least 30 days prior to the end of the then-current term.

6.3 Termination for Cause. Either Party may terminate this Agreement for cause (i) upon 30 days' written notice to the other Party of a material breach if such breach remains uncured at the expiration of such period; or (ii) immediately if the other Party becomes the subject of a petition in bankruptcy or any other proceeding relating to insolvency, receivership, liquidation, or assignment for the benefit of creditors. No refund shall be issued in the event of termination of Customer for cause by Clym.

6.4 Termination for Convenience. For any Customer which initiated automatic account provisioning through the Order Form available at www.clym.io (or any other page on this website) Clym may terminate this Agreement for convenience upon 60 days’ written notice to the Customer. In the event of Clym’s termination for convenience, Clym will issue the Customer a pro-rata refund of Fees paid for Services not rendered.

6.5 Effects of Termination. Upon termination of this Agreement for any reason, all Order Forms will automatically terminate and: (i) Customer will immediately cease all use of the Services; (ii) Customer will have no further access to its Customer account provided by Clym, and (iii) Customer will pay Clym all unpaid Fees owing to Clym. If Customer terminates this Agreement in accordance with Section 6.3, Clym will refund to Customer any unearned Fees that Customer paid in advance for the Services. If Clym terminates this Agreement in accordance with Section 6.3, then, without limiting any other remedies that may be available, Customer will pay any unpaid Fees covering the remainder of the term of each Order Form after the date of termination. In no event will termination relieve Customer of its obligation to pay any amounts and Fees payable to Clym for the period prior to the date of termination and other obligations that survive termination of this Agreement. At such time that all unpaid Fees owing to Clym have been received by Clym, Clym shall return to Customer all Customer Information and Usage Data in a form to be agreed upon by the parties at no additional charge to Customer.

6.6 Survival. Any provision of this Agreement that, either by its terms or to give effect to its meaning, must survive, and such other provisions that expressly or by their nature are intended to survive termination shall survive the expiration or termination of this Agreement. Without limiting the foregoing, Section 4.1 as well as Articles 3, 5, 7-10 shall survive the expiration or termination of this Agreement.

7. Warranties and Warranty Disclaimer.

7.1 Mutual Warranties. Each Party represents and warrants that it has the power and authority to enter into this Agreement and to perform its obligations and duties under this Agreement and that doing so is not in conflict with any other agreement.

7.2 Clym Warranties. Clym warrants that (i) subject to Section 2.2, the Services will materially perform in accordance with the applicable documentation and the functionality of the Services will not be materially decreased during the term of the applicable Order Form; and (ii) the Services do not contain any malicious code or viruses. For any breach of the above warranty, Customer’s exclusive remedies are those described in Section 6.3. (iii) the Services do not knowingly infringe the intellectual property of any third-party.

7.3 Disclaimer. SOME COUNTRIES AND JURISDICTIONS DO NOT ALLOW THE DISCLAIMER OF IMPLIED TERMS IN CONTRACTS WITH CONSUMERS AND AS A RESULT, THE CONTENTS OF THIS SECTION 7.3 MAY NOT APPLY TO CUSTOMER. EXCEPT AS EXPRESSLY PROVIDED HEREIN, TO THE GREATEST EXTENT PERMITTED BY APPLICABLE LAW, CLYM EXPRESSLY EXCLUDES AND DISCLAIMS ALL WARRANTIES AND CONDITIONS OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE. WITHOUT LIMITING THE GENERALITY OF THE FOREGOING, CLYM SPECIFICALLY DISCLAIMS ALL EXPRESS OR IMPLIED WARRANTIES OF DESIGN, MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, QUALITY, AND NON-INFRINGEMENT, THAT THE SERVICES WILL MEET CUSTOMER’S REQUIREMENTS, OR THAT THE SERVICES WILL ALWAYS BE AVAILABLE, ACCESSIBLE, UNINTERRUPTED, TIMELY, SECURE, ACCURATE, COMPLETE, OR ERROR-FREE. IN ADDITION, CLYM DOES NOT WARRANT ANY CONNECTION TO OR TRANSMISSION FROM THE INTERNET. NO ADVICE OR INFORMATION, WHETHER ORAL OR WRITTEN, OBTAINED FROM CLYM OR ELSEWHERE NOR ANY COURSE OF DEALING WILL CREATE ANY WARRANTY OR CONDITION NOT EXPRESSLY STATED IN THIS AGREEMENT. EXCEPT AS EXPRESSLY PROVIDED HEREIN, THE SERVICES ARE PROVIDED ON AN “AS IS” AND “AS AVAILABLE” BASIS. THESE LIMITATIONS SHALL APPLY NOTWITHSTANDING THE FAILURE OF ESSENTIAL PURPOSE OF ANY LIMITED REMEDY PROVIDED HEREIN. THE SERVICES AND ANY INFORMATION PROVIDED BY CLYM ARE NOT LEGAL ADVICE AND CUSTOMER IS RESPONSIBLE FOR ITS OWN COMPLIANCE WITH APPLICABLE LAWS AND REGULATIONS.

CLYM DISCLAIMS ANY AND ALL RESPONSIBILITY OR LIABILITY IN RELATION TO THE CONTENT MADE AVAILABLE THROUGH THE SERVICES, INCLUDING USAGE DATA, CUSTOMER INFORMATION, AND ANY CONTENT OR SERVICES PROVIDED BY THIRD-PARTIES. CLYM DOES NOT CONTROL OR VET CUSTOMER INFORMATION AND IS NOT RESPONSIBLE FOR WHAT CUSTOMERS POST, TRANSMIT, OR SHARE ON OR THROUGH THE SERVICES. CLYM EXPRESSLY DENIES ANY RESPONSIBILITY RESULTING FROM HACKING, TAMPERING, OR OTHER UNAUTHORIZED ACCESS OR USE OF THE SERVICES OR THE INFORMATION CONTAINED THEREIN AS WELL AS YOUR CUSTOMER ACCOUNT AND CUSTOMER INFORMATION.

8. Mutual Indemnification.

8.1 Indemnification by Clym. Clym shall defend, indemnify, and hold harmless Customer its Affiliates, directors, officers, employees, and agents from and against all claims, losses, damages, penalties, liability, and costs, including reasonable attorneys’ fees, of any kind or nature that are in connection with or arising out of a third-party claim alleging that the use of the Services or Platform as permitted hereunder infringes a valid intellectual property right (a “Claim”) and shall indemnify Customer for any damages finally awarded against, and for reasonable attorneys’ fees incurred by Customer in connection with any such Claim.

Clym will have no liability for any Claim to the extent it arises from:

a. a modification of the Platform or Services by or at the direction of Customer or an Authorized User;

b. use of the Platform or Services in violation of this Agreement or applicable law;

c. use of the Platform or Services by Customer after Clym notifies Customer to discontinue use because of an infringement or misappropriation claim;

d. the customer's combination, operation, or use of the Platform or Services with any other software, program, or device not provided or specified by Clym to the extent such infringement would not have arisen but for such combination, operation, or use; or

e. Customer’s use of the Platform or Services in a manner that is inconsistent with its intended use.

If a Service has become, or in Clym’s opinion is likely to become, the subject of any such Claim, Clym may at its option and expense:

a. procure for Customer the right to continue using the Service as set forth hereunder;

b. replace or modify the Service or certain functionalities to make it non-infringing; or

c. if options (a) or (b) are not reasonably practicable, terminate either this Agreement or the Order Form for such Service.

This Section 8.1 sets forth Clym’s sole liability (and the Customer's sole remedy) regarding infringement or misappropriation of third-party rights.

8.2 Indemnification by Customer. Subject to Clym’s compliance with Section 8.3, Customer shall defend, indemnify, and hold harmless Clym, its Affiliates, directors, officers, employees, and agents from and against all claims, losses, damages, penalties, liability, and costs, including reasonable attorneys’ fees, of any kind or nature that are in connection with or arising out of a third-party claim (i) alleging that Customer’s use of the Services infringes or violates the intellectual property rights, privacy rights, or other rights of a third-party or violates any applicable law; (ii) relating to, or arising from, Customer Information, Usage Data, or Customer’s breach of Section 2.3 or Section 7.1.

8.3 Indemnification Procedure. The indemnified Party shall (i) promptly give written notice of the claim to the indemnifying Party, although failure to provide prompt notice will not relieve the indemnifying Party of its obligation to indemnify unless the indemnifying Party is materially prejudiced by the delay; (ii) give the indemnifying Party sole control of the defense and settlement of the claim (provided that the indemnifying Party may not settle or defend any claim without the indemnified Party’s prior written consent unless it unconditionally releases the indemnified Party of all liability); and (iii) provide the indemnifying Party with reasonable cooperation and assistance at the indemnifying Party’s expense.

9. Limitation of Liability.

EXCEPT AS EXPRESSLY PROVIDED HEREIN, IN NO EVENT SHALL EITHER PARTY'S AGGREGATE LIABILITY TO THE OTHER FOR ALL CLAIMS OF ANY KIND, INCLUDING ANY CLAIMS ARISING OUT OF OR RELATED TO THIS AGREEMENT, WHETHER BY STATUTE, CONTRACT, TORT, OR UNDER ANY OTHER THEORY OF LIABILITY, EXCEED THE FEES PAID BY CUSTOMER FOR THE SERVICES SUBJECT TO THE CLAIM DURING THE TWELVE (12) MONTH PERIOD PRIOR TO THE FIRST EVENT OR OCCURRENCE GIVING RISE TO SUCH LIABILITY.

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL EITHER PARTY, ITS DIRECTORS, EMPLOYEES, AGENTS, OR LICENSORS BE LIABLE FOR ANY INDIRECT, PUNITIVE, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR EXEMPLARY DAMAGES, INCLUDING DAMAGES FOR LOSS OF PROFITS, GOODWILL USE, OR DATA OR OTHER INTANGIBLE LOSSES, THAT RESULT FROM THE USE OF, OR INABILITY TO USE, THE SERVICES OR ANY OTHER ASPECT OF THIS AGREEMENT.

ANY CLAIMS OR DAMAGES THAT ONE PARTY MAY HAVE AGAINST THE OTHER PARTY SHALL ONLY BE ENFORCEABLE AGAINST THE PARTIES TO THIS AGREEMENT AND NOT ANY OTHER ENTITY OR ITS OFFICERS, DIRECTORS, REPRESENTATIVES OR AGENTS.

THE FOREGOING LIMITATIONS OF LIABILITY DO NOT APPLY TO THE INDEMNITY OBLIGATIONS SET FORTH IN THIS AGREEMENT. THE PARTIES ACKNOWLEDGE AND AGREE THAT THE ESSENTIAL PURPOSE OF THIS SECTION 9 IS TO ALLOCATE THE RISKS UNDER THESE TERMS BETWEEN THE PARTIES AND LIMIT THEIR POTENTIAL LIABILITY GIVEN THE FEES CHARGED UNDER THIS AGREEMENT, WHICH WOULD HAVE BEEN SUBSTANTIALLY HIGHER IF CLYM WERE TO ASSUME

ANY FURTHER LIABILITY OTHER THAN AS SET FORTH HEREIN. THE PARTIES HAVE RELIED ON THESE LIMITATIONS IN DETERMINING WHETHER TO ENTER INTO THESE TERMS. NOTHING IN THIS AGREEMENT IS INTENDED TO EXCLUDE OR RESTRICT OR SHALL BE CONSTRUED AS EXCLUDING OR RESTRICTING THE LIABILITY OF CLYM FOR (I) DEATH OR PERSONAL INJURY CAUSED BY THE NEGLIGENCE OF CLYM, ITS EMPLOYEES, OR ITS AGENTS; (II) WILLFUL MISCONDUCT, FRAUD, OR GROSS NEGLIGENCE OF CLYM OR ITS EMPLOYEES; OR

(III) ANY LIABILITY THAT CANNOT BE LIMITED OR EXCLUDED BY APPLICABLE LAW.

10. General.

10.1 Assignment. Neither Party may assign or otherwise transfer any of its rights or obligations hereunder, (except by merger, sale of assets, change of control, operation of law or otherwise) without the prior written consent of the other Party (not to be unreasonably withheld), and any attempted assignment without such consent will be void. Notwithstanding the foregoing, either Party may assign this Agreement in its entirety (including all exhibits), without the consent of the other Party, in connection with a merger, acquisition, corporate reorganization, or sale of all or substantially all of its shares or assets. In the event of such assignment, Party will notify the other Party in writing.

10.2 Relationship of the Parties. No agency, partnership, joint venture, or employment relationship is created as a result of this Agreement and neither Party has any authority of any kind to bind the other in any respect.

10.3 Publicity. INTENTIONALLY DELETED IN ITS ENTIRETY.

10.4 Force Majeure. Except for payment obligations, neither Party shall be liable for any failure to perform its obligations hereunder where such failure results from any cause beyond such Party’s reasonable control, including the elements; fire; flood; severe weather; earthquake; vandalism; accidents; sabotage; power failure; denial of service attacks or similar attacks; Internet failure; acts of God and the public enemy; acts of war; acts of terrorism; riots; civil or public disturbances; strikes lockouts or labor disruptions; and any laws, orders, rules, regulations, acts or restraints of any government or governmental body or authority, civil or military, including the orders and judgments of courts.

10.5 Counterparts and Interpretation. This Agreement may be executed in any number of counterparts, all of which taken together shall constitute one single agreement between the Parties. Headings are for convenience only and are not to be considered in construing or interpreting this Agreement. This Agreement shall be construed and interpreted fairly, in accordance with the plain meaning of its terms, and there shall be no presumption or interference against the Party drafting this Agreement in construing or interpreting the provisions hereof.

10.6 Amendment. No amendment, supplement, restatement, or termination of any provision of this Agreement shall be valid unless it is in writing and signed by each Party to this Agreement at the time of the amendment, supplement, restatement, or termination.

10.7 Severability. Each provision of this Agreement is severable. If any provision of this Agreement is or becomes illegal, invalid, or unenforceable in any jurisdiction, the illegality, invalidity, or unenforceability of that provision will not affect the legality, validity, or enforceability of the remaining provisions of this Agreement or of that provision in any other jurisdiction.

10.8 Notices. For purposes of service messages and notices about the Services, Clym may place a banner notice across the Services or website to alert Customer. Alternatively, notice may consist of an email from Clym to an email address associated with Customer’s account, even if Clym has other contact information. For communication about Customer’s account and services associated with Clym, Clym may contact Customer or its Authorized Users through its Customer account or through other means including email, mobile number, telephone, or delivery services such as the postal service. Customer acknowledges and agrees that Clym shall have no liability associated with or arising from Customer’s failure to maintain accurate contact or other information, including, but not limited to, Customer’s failure to receive critical information about the Services. Notices to Clym must be delivered by email to admin@clym.io with a duplicate copy sent via registered mail to the following address: Clym 950 S. Kanner Hwy, Unit 401, Stuart, FL 34994; Attention: Legal. This contact information provided may be updated by giving notice in accordance with this Section 10.8.

10.9 Waivers. No waiver of any provision of this Agreement is binding unless it is in writing and signed by all Parties to this Agreement, except that any provision that does not give rights or benefits to particular Parties may be waived in writing, signed only by those Parties who have rights under, or hold the benefit of, the provision being waived if those Parties promptly send a copy of the executed waiver to all other Parties. No failure to exercise and no delay in exercising, any right or remedy under this Agreement will be deemed to be a waiver of that right or remedy. No waiver of any breach of any provision of this Agreement will be deemed to be a waiver of any subsequent breach of that provision or of any similar provision.

10.10 Governing Law, Jurisdiction and Venue. This Agreement and each of the documents contemplated by or delivered under or in connection with this Agreement are governed exclusively by, and will be enforced, construed, and interpreted exclusively in accordance with, the laws applicable in the State of Delaware. Each of the parties irrevocably consents to the exclusive personal jurisdiction of the federal and state courts located in Delaware, as applicable, for any matter arising out of or relating to this Agreement, except that in actions seeking to enforce any order or any judgment of such federal or state courts located in Delaware, such personal jurisdiction shall be nonexclusive.

10.11 Binding Arbitration. It is the intention of the Parties to use their reasonable best efforts to informally resolve, where possible, any dispute, claim, demand or controversy arising out of the performance of this Agreement by mutual negotiation and cooperation, a period of which shall be no less than five (5) business days from first notice of any such dispute. In the event the Parties are unable to informally resolve any such dispute, including relating to this Agreement, the Parties agree to arbitrate any controversy, claim or dispute between them arising out of or in any way related to this Agreement and any disputes upon termination of the relationship, including claims for violation of any local, state or federal law, statute, regulation or ordinance or common law. The arbitration will be conducted in Kent County, Delaware, by a single neutral arbitrator and in accordance with the American Arbitration Association’s (“AAA”) then current Commercial Arbitration Rules’ expedited procedures for resolution.

Notwithstanding the provision in the preceding or subsequent paragraph with respect to applicable substantive law, the arbitration conducted pursuant to the terms of this Agreement shall be governed by the Federal Arbitration Act (9 U.S.C., Secs. 1-16). The arbitrator shall have the power to enter any award that could be entered by a judge of the trial court of the State of Delaware, and only such power, and shall follow the law. In the event the arbitrator does not follow the law, the arbitrator will have exceeded the scope of his or her authority and the parties may, at their option, file a motion to vacate the award in court. The parties agree to abide by and perform any award rendered by the arbitrator. Judgment on the award may be entered in any court having jurisdiction thereof. The prevailing party shall be entitled to costs and attorneys’ fees.

Entire Agreement. The terms of this Agreement, together with any and all Exhibits and other terms incorporated by reference constitute the entire agreement between the Parties with respect to the subject matter thereof and supersede any prior or inconsistent agreements, negotiations, representations, and promises, written or oral, with respect to the subject matter and is binding upon the Parties and their permitted successors and assigns. In the event of any conflict between this Agreement and the terms of an Order Form, the provisions of the Order Form shall prevail. The terms of this Agreement will apply to all orders submitted to Clym and shall supersede any additional terms that may be incorporated in a purchase order form or any other Customer-generated form. Any such Customer terms shall be null and void.

Last Updated: October 7, 2022

Data Processing Agreement

This Customer Data Processing Agreement set forth obligations between Clym Inc. (“Clym”) and ________________ (“Customer”, collectively the “Parties”) with regard to data protection aspects of the services provided by Clym under the Terms of Service (“Agreement”) between Parties on the basis of mandatory requirements of the General Data Protection Regulation 2016/679 of 27 April 2016 (the “GDPR”)

All capitalized terms not defined in this DPA shall have the meanings set forth in the Agreement. Customer enters into this DPA on behalf of itself and, to the extent required under Data Protection Laws, in the name and on behalf of its Authorized Affiliates (defined below).

The parties agree as follows:

1. Definitions

“Affiliate” means an entity that directly or indirectly Controls, is Controlled by, or is under common Control with an entity.

“Authorized Affiliate” means any of Customer Affiliate(s) permitted to or otherwise receiving the benefit of the Services pursuant to the Agreement.

“Control” means an ownership, voting, or similar interest representing fifty percent (50%) or more of the total interests than outstanding of the entity in question. The term “Controlled” shall be construed accordingly.

“Controller” means an entity that determines the purposes and means of the processing of Personal Data.

“Customer Data” means any data that Clym and/or its Affiliates processes on behalf of Customer in the course of providing the Services under the Agreement.

“Data Protection Laws” means all data protection and privacy laws and regulations applicable to the processing of Personal Data under the Agreement, including, where applicable, EU Data Protection Law.

“EU Data Protection Law” means (i) prior to May 25, 2018, Directive 95/46/EC of the European Parliament and of the Council on the protection of individuals with regard to the processing of Personal Data and on the free movement of such data (“Directive”) and on and after May 25, 2018, Regulation 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data (General Data Protection Regulation) (“GDPR”); and (ii) Directive 2002/58/EC concerning the processing of Personal Data and the protection of privacy in the electronic communications sector and applicable national implementations of it (in each case, as may be amended, superseded or replaced).

“Standard Contractual Clauses” means standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council published by the European Commission, setting out appropriate safeguards, including enforceable data subject rights and effective legal remedies, pursuant to Article 46(1) and Article 46 (2)(c) of Regulation (EU) 2016/679 and, with respect to data transfers from controllers to processors and/or processors to processors, standard contractual clauses pursuant to Article 28(7) of Regulation (EU) 2016/679.

“Personal Data” means any Customer Data relating to an identified or identifiable natural person to the extent that such information is protected as personal data under applicable Data Protection Law.

“Processor” means an entity that processes Personal Data on behalf of the Controller.

“Processing” has the meaning given to it in the GDPR and “process”, “processes” and “processed” shall be interpreted accordingly.

“Security Incident” means any unauthorized or unlawful breach of security that leads to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or access to Personal Data.

“Services” means any product or service provided by Clym to Customer pursuant to and as more particularly described in the Agreement.

“Sub-processor” means any Processor engaged by Clym or its Affiliates to assist in fulfilling its obligations with respect to providing the Services pursuant to the Agreement or this DPA. Sub-processors may include third parties or any Clym Affiliate.

2. Scope and Applicability of this DPA

2.1 This DPA applies where and only to the extent that Clym processes Personal Data on behalf of the Customer in the course of providing the Services and such Personal Data is subject to Data Protection Laws of the European Union, the European Economic Area and/or their member states, Switzerland and/or the United Kingdom. The parties agree to comply with the terms and conditions in this DPA in connection with such Personal Data.

2.2 Role of the Parties. As between Clym and Customer, Customer is the Controller of Personal Data and Clym shall process Personal Data only as a Processor on behalf of Customer. Nothing in the Agreement or this DPA shall prevent Clym from using or sharing any data that Clym would otherwise collect and process independently of Customer's use of the Services.

2.3 Customer Obligations. Customer agrees that (i) it shall comply with its obligations as a Controller under Data Protection Laws in respect of its processing of Personal Data and any processing instructions it issues to Clym; and (ii) it has provided notice and obtained all consents and rights necessary under Data Protection Laws for Clym to process Personal Data and provide the Services pursuant to the Agreement and this DPA.

2.4 Clym Processing of Personal Data. As a Processor, Clym shall process Personal Data only for the following purposes: (i) processing to perform the Services in accordance with the Agreement; (ii) processing to perform any steps necessary for the performance of the Agreement; and (iii) to comply with other reasonable instructions provided by Customer to the extent they are consistent with the terms of this Agreement and only in accordance with Customer’s documented lawful instructions. The parties agree that this DPA and the Agreement set out the Customer’s complete and final instructions to Clym in relation to the processing of Personal Data and processing outside the scope of these instructions (if any) shall require prior written agreement between Customer and Clym.

2.5 Nature of the Data. Clym handles Customer Data provided by Customer. Such Customer Data may include special categories of data depending on how the Services are used by the Customer. The Customer Data may be subject to the following process activities: (i) storage and other processing necessary to provide, maintain and improve the Services provided to Customer; (ii) to provide customer and technical support to Customer; and (iii) disclosures as required by law or otherwise set forth in the Agreement.

2.6 Clym Data. Notwithstanding anything to the contrary in the Agreement (including this DPA), the Customer acknowledges that Clym shall have a right to use and disclose data relating to and/or obtained in connection with the operation, support, and/or use of the Services for its legitimate business purposes, such as billing, account management, technical support, product development, and sales and marketing. To the extent any such data is considered personal data under Data Protection Laws, Clym shall be considered the Controller of such data and accordingly shall process such data in compliance with Data Protection Laws.

3. Subprocessing

3.1 Authorized Sub-processors. The Customer agrees that Clym may engage Sub-processors to process Personal Data on the Customer's behalf. The Sub-processors currently engaged by Clym and authorized by Customer are listed on the website.

3.2 Sub-processor Obligations. Clym shall: (i) enter into a written agreement with the Sub-processor imposing data protection terms that require the Sub-processor to protect the Personal Data to the standard required by Data Protection Laws; and (ii) remain responsible for its compliance with the obligations of this DPA and for any acts or omissions of the Sub-processor that cause Clym to breach any of its obligations under this DPA.

3.3 Changes to Sub-processors. Clym shall provide Customer reasonable advance notice (for which email shall suffice) if it adds Sub-processors.

3.4 Objection to Sub-processors. Customers may object in writing to Clym’s appointment of a new Sub-processor on reasonable grounds relating to data protection by notifying Clym promptly in writing within five (5) calendar days of receipt of Clym’s notice in accordance with Section 3.3. Such notice shall explain the reasonable grounds for the objection. In such an event, the parties shall discuss such concerns in good faith with a view to achieving a commercially reasonable resolution. If this is not possible, either party may terminate the applicable Services that cannot be provided by Clym without the use of the objected-to-new Sub-processor.

4. Security

4.1 Security Measures. Clym shall implement and maintain appropriate technical and organizational security measures to protect Personal Data from Security Incidents and to preserve the security and confidentiality of the Personal Data, in accordance with Clym's security standards described in Data Security and published on the website (“Security Measures”).

4.2 Confidentiality of Processing. Clym shall ensure that any person who is authorized by Clym to process Personal Data (including its staff, agents, and subcontractors) shall be under an appropriate obligation of confidentiality (whether a contractual or statutory duty).

4.3 Security Incident Response. Upon becoming aware of a Security Incident, Clym shall notify the Customer without undue delay and shall provide timely information relating to the Security Incident as it becomes known or as is reasonably requested by the Customer.

4.4 Updates to Security Measures. The customer acknowledges that the Security Measures are subject to technical progress and development and that Clym may update or modify the Security Measures from time to time provided that such updates and modifications do not result in the degradation of the overall security of the Services purchased by the Customer.

5. International Transfers

5.1 Processing Locations. Clym may store and process data in data centers located inside and outside the European Union. All other Customer Data may be transferred and processed in the United States and anywhere in the world where the Customer, its Affiliates, and/or its Sub-processors maintain data processing operations.

5.2 Transfer Mechanism: In the event that Customer seeks to transfer Personal Information from the EEA to Clym operations outside of the EEA, the UK, or such other country with an adequate level of data protection, Clym and Customer hereby agree to enter into the Standard Contractual Clauses (SCC). Clym shall apply additional legal, technical and organizational safeguards as appropriate for the data transfers contemplated under this DPA.

Where Personal Data is transferred outside the United Kingdom, each Company Group Member (as "data exporter") and each Contracted sub-processor, as appropriate, (as "data importer") in addition to the conditions above the Parties hereby agree to enter into the Standard Contractual Clauses. For purposes of the UK International Data Transfer Addendum, governing authority shall be the Information Commissioner's Officer (ICO) of the UK, and governing law of England and Wales shall apply.

In this context, Module 2 will apply, a signature of this agreement will be deemed to be a signature of the SCC, data listed in Privacy Policy and “Security Measures'' listed in “Data Security" on the website will be deemed to be Annex I.B. and Annex II of the SCC respectively. In addition, the following shall apply: the optional Clause 7 (docking clause) is included; Clause 9 (a) is included as Option 2, pursuant to which the data importer’s notice must occur at least two weeks prior to the sub-processors engagement; the duration of transfer shall be the duration of the Agreement or until this DPA is terminated, whichever is sooner; Clause 11 (a) is included without the option. Governing law shall be a law of Hungary, and the Hungarian Data Protection Authority (The National Authority for Data Protection and Freedom of Information) shall be the governing authority; Clause 13: For the purposes of the Clauses the Customer shall be the data exporter and the Clauses shall be governed by the law of Hungary.

5.3 Amendments to the SCC and Other Measures. Unless the Customer notifies Clym otherwise, if the European Commission amends the SCC after the Effective Date, the amended SCC will supersede and replace the SCC executed between the Parties by virtue of this section. In addition, if and to the extent a court of competent jurisdiction or Supervisory Authority orders (for whatever reason) that the measures described in this DPA cannot be relied on for the purpose of lawfully transferring Personal Data to Third Countries, Customer agrees that Clym may implement any additional measures or safeguards that may be reasonably required to enable a lawful transfer.

6. Return or Deletion of Data

6.1 Upon deactivation of the Services and based on Customer written request all Personal Data shall be deleted, save that this requirement shall not apply to the extent Clym is required by the applicable law to retain some or all of the Personal Data, or to Personal Data it has archived on back-up systems, which such Personal Data Clym shall securely isolate and protect from any further processing, except to the extent required by applicable law.

7. Cooperation

7.1 To the extent that Customer is unable to independently access the relevant Personal Data within the Services, Clym shall (at Customer's expense) taking into account the nature of the processing, provide reasonable cooperation to assist Customer by appropriate technical and organizational measures, in so far as is possible, to respond to any requests from individuals or applicable data protection authorities relating to the processing of Personal Data under the Agreement. In the event that any such request is made directly to Clym, Clym shall not respond to such communication directly without the Customer's prior authorization, unless legally compelled to do so. If Clym is required to respond to such a request, Clym shall promptly notify the Customer and provide it with a copy of the request unless legally prohibited from doing so.

7.2 To the extent Clym is required under Data Protection Law, Clym shall (at Customer's expense) provide reasonably requested information regarding Clym's processing of Personal Data under the Agreement to enable the Customer to carry out data protection impact assessments or prior consultations with data protection authorities as required by law.

8. Audit

8.1 When the Customer is given a right for audit under applicable data protection legislation, Clym will allow the Customer, either directly or via third-party consultants to audit Clym’s compliance with this DPA, on-site or remote, upon prior written notice of at least 10 (ten) working days, but not more than once a year.

8.2 Conditions of the audit. The audits shall be limited to 5 (five) business days. The customer agrees that Clym has the right to reject the access or remove from evidence all information related to other Clym Customers and personal data processed on their behalf. Both parties shall bear their own expenses for the audit. Except when Clym is required to provide the client with evidence of compliance as required by Article 28 of the GDPR or other applicable legislation, Clym has a right to charge the Customer for an audit in accordance with Clym policies.

9. Indemnification and Liability

9.1 Indemnity. Customer shall defend, indemnify, and hold harmless Clym against any claims, proceedings, material or moral damages, and losses, whether direct or indirect, including court fees and lawyers' fees, incurred as a result of a data subject’s claim for compensation under Article 82 GDPR or other applicable data protection law.

9.2 Other than specified in this section, neither Party provides any indemnity under this DPA. In particular, if either Party is held liable, individually or jointly, for an administrative fine under Article 83 GDPR or for any other penalty for infringement of applicable data protection law, then that Party shall ensure that the Penalty is paid and shall not seek, and will not be entitled to recover, indemnity for the Penalty from the other Party, notwithstanding any provision to the contrary in this DPA.

10. Miscellaneous

10.1 Except for the changes made by this DPA, the Agreement remains unchanged and in full force and effect. If there is any conflict between this DPA and the Agreement, this DPA shall prevail to the extent of that conflict.

10.2 This DPA is a part of and incorporated into the Agreement so references to "Agreement" in the Agreement shall include this DPA.

10.3 This DPA shall be governed by and construed in accordance with governing law and jurisdiction provisions in the Agreement unless required otherwise by Data Protection Laws.

Clym Inc.

Last Updated: October 6, 2022

This Privacy Policy explains how Clym Ltd., its subsidiaries and affiliated companies, (collectively, “Clym,” “we,” or “us”) collects, uses, and discloses information about you. This Privacy Policy applies when you use our website(s), mobile application(s), and other products and services covered by this Privacy Policy (collectively, our “Services”), contact our customer service team, engage with us on social media, or otherwise interact with us.

We may change this Privacy Policy from time to time. If we make changes, we will notify you by revising the date at the bottom of this policy and, in some cases, we may provide you with additional notice (such as adding a statement to our website or providing you with a notification). We encourage you to review this Privacy Policy regularly to stay informed about our information practices and the choices available to you.

CONTENTS

Collection of Information
Use of Information
Sharing of Information
Third-Party Embeds
Transfer of Information to the United States and Other Countries
Your Choices
Your California Privacy Rights
Additional Disclosures for Individuals in Europe
Contact Us

COLLECTION OF INFORMATION
DATA WE COLLECT

Data provided by Customers:

Account Registration. When you register for an Account, we may ask for your contact information, including items such as name, company name, address, email address, and telephone number. We might also ask you to provide information about the company, its address, phone number, VAT, DPO contact data (Service Data) that you may choose to make public or not. If you choose to refer a friend to our Services, we may also collect your friend’s email address so that we may send them a referral or promotional code to sign up for our Services.
Payment Information. When you add your financial account information to your Account, that information is directed to our third-party payment processor. We do not store your financial account information on our systems; however, we have access to, and may retain, subscriber information through our third-party payment processor.
Communications. If you contact us directly, we may receive additional information about you such as your name, email address, phone number, the contents of the message and/or attachments you may send us, and any other information you may choose to provide.

The personal information that you are asked to provide, and the reasons why you are asked to provide it, will be made clear to you at the point we ask you to provide your personal information.

Data provided by End Users:

Account Registration. When an End User register for an Account with Clym, we may ask for contact information, including items such as name, email address.
Data collected by the Customer. Clym Services allows Customers to decide what data they want to collect about the End Users. The collection and use of this data will be subject to Customer privacy policy. For this type of data Clym plays the role of data processor, does not control the data that is collected, it’s purposes and ways the data is handled and use.
Communications. If the End User contact us directly, we may receive additional information about you such as name, email address, phone number, the contents of the message and/or attachments he/she may send us, and any other information he/she may choose to provide.

The personal information that the End User is asked to provide to Clym, and the reasons why he/she is asked to provide it, will be made clear at the point we ask him/her to provide such personal information.

Data we collect when Customers or the End Users use of Clym Services:

Cookies. We only use essential, functional or analytics cookies that help us provide you with the service.
First-party cookies. The data we collect includes internet protocol (IP) addresses, browser type, web pages, operating system, date/time stamp. To collect this information, a cookie is set on your computer or device when you visit Clym Services or, in case of an End User, when he/she visits a website that implements Clym Services. Cookies contain a small amount of information that allows our web servers to recognize you. We store information that we collect through cookies. To provide our Customers with the Clym Service, End Users & Customers are tracked across different websites and services.
Third-party cookies. We might use other third-party services in order to provide you with Clym Services or to analyze our traffic. These services, might set up their own cookies to remember you. In case these cookies are not essentials to deliver our service, we’ll ask for your consent before loading them. Please review the Cookie policy for a complete list of cookies we use.
Usage of our Services. When you use Clym Services, we collect information about your engagement with and utilization of our Services, such as: sites that use Clym Services; features that are used; IP/location; browser agent data. We use this data to operate the Clym Services, protect the security and safety of Clym Services and our customers, maintain and improve the performance and utilization of the Clym Services, develop new features and provide customer support. You can read more about our usage of cookies in our Cookie Policy.

Data we receive from Third Parties:

Third-Party Identity Providers. If you choose to link our Clym Services to a third-party identity provider, we will receive information about the End User account, such as an authentication token, email, name from the third-party identity provider, to authorize linking.
Third-Party Partners. We may receive information about you from our third-party partners such as contact data from events’ organizers. We may use the data to contact you and present Clym Services, but only to the extent of the consent you provided and the third-party partner passed it to us.

Information We Derive

We may derive information or draw inferences about you based on the information we collect. For example, we may make inferences about your location based on your IP address or infer reading preferences based on your reading history.

USE OF INFORMATION

We use the information we collect to provide, maintain, and improve our Services. We also may use the information we collect to:

Create and maintain your Clym account;
Process transactions and send related information, such as confirmations, receipts, and user experience surveys;
Send you technical notices, security alerts, and support and administrative messages;
Respond to your comments and questions and provide customer service;
Monitor and analyze trends, usage, and activities in connection with our Services;
Detect, investigate, and prevent security incidents and other malicious, deceptive, fraudulent, or illegal activity and protect the rights and property of Clym and others;
Comply with our legal and financial obligations; and
Carry out any other purpose described to you at the time the information was collected.

SHARING OF INFORMATION

We share personal information in the following circumstances or as otherwise described in this policy:

We may share personal information with vendors, service providers, and consultants that need access to personal information in order to perform services for us, such as companies that assist us with web hosting, storage, and other infrastructure, analytics, payment processing, fraud prevention and security, customer service, communications, and marketing.
We may disclose personal information if we believe that disclosure is in accordance with, or required by, any applicable law or legal process, including lawful requests by public authorities to meet national security or law enforcement requirements. If we are going to disclose your personal information in response to legal process, we will give you notice so you can challenge it (for example by seeking court intervention), unless we are prohibited by law or believe doing so may endanger others or cause illegal conduct. We will object to legal requests for information about users of our Services that we believe are improper.
We may share personal information if we believe that your actions are inconsistent with our user agreements or policies, if we believe that you have violated the law, or if we believe it is necessary to protect the rights, property, and safety of Clym, our users, the public, or others.
We share personal information with our lawyers and other professional advisors where necessary to obtain advice or otherwise protect and manage our business interests.
We share personal information with your consent or at your direction.
We also share aggregated or de-identified information that cannot reasonably be used to identify you.

THIRD-PARTY EMBEDS

Clym does not host some of the content displayed on our Services. Users have the ability to post content that is actually hosted by a third party, but is embedded in our pages (an “Embed”). When you interact with an Embed, it can send information about your interaction to the hosting third party just as if you were visiting the third party’s site directly. For example, when you load a Clym post page with a YouTube video Embed and watch the video, YouTube receives information about your activity, such as your IP address and how much of the video you watch. Clym does not control what information third parties collect through Embeds or what they do with the information. This Privacy Policy does not apply to information collected through Embeds. The privacy policy belonging to the third party hosting the Embed applies to any information the Embed collects, and we recommend you review that policy before interacting with the Embed.

SECURITY

Clym takes reasonable precautions such as policy-based access control and encryption to protect Data in our possession from loss, misuse, and unauthorized access. Clym follows generally accepted industry standards to protect the Data, both during transmission and once received by Clym. However, no method of transmission over the Internet or method of electronic storage is 100% secure.

TRANSFER OF INFORMATION TO OTHER COUNTRIES

Clym is headquartered in the United States, and we have operations and service providers in the United States and other countries. Therefore, we and our service providers may transfer your personal information to, or store or access it in, jurisdictions that may not provide levels of data protection that are equivalent to those of your home jurisdiction. For example, we transfer personal data to Amazon Web Services, one of our service providers that processes personal information for us in various data center locations across the globe. We will take steps to ensure that your personal information receives an adequate level of protection in the jurisdictions in which we process it.

YOUR CHOICES

Account Information

You may access, correct, delete and export your account information at any time by contacting us at using the Clym privacy widget embedded in this website. Please note that if you choose to delete your data, we may continue to retain certain information about you as required by law or for our legitimate business purposes.

Cookies

Many web browsers are set to accept cookies by default, and Clym uses its own platform for its cookie consent management, and you can control your cookie settings by utilizing the Clym platform available on this and every other website page. For more information, visit our Cookie Policy.

Communications Preferences

You may opt out of receiving certain communications from us, such as digests, newsletters, and activity notifications, by following the instructions in those communications or the Clym platform, as discussed above. If you opt out, we may still send you administrative emails, such as those about your account or our ongoing business relations.

Mobile Push Notifications

With your consent, we may send push notifications to your mobile device. You can deactivate these messages at any time by changing the notification settings on your mobile device.

YOUR EUROPEAN DATA PROTECTION RIGHTS

If you are located in the European Economic Area (“EEA”), the United Kingdom, or Switzerland, you have certain rights and protections under applicable law regarding the processing of your personal data, and this section applies to you.

Legal Basis for Processing

When we process your personal data, we will do so in reliance on the following lawful bases:

To perform our responsibilities under our contract with you (e.g., providing the products and services you requested).
When we have a legitimate interest in processing your personal data to operate our business or protect our interests (e.g., to provide, maintain, and improve our products and services, conduct data analytics, and communicate with you).
To comply with our legal obligations (e.g., to maintain a record of your consents and track those who have opted out of non-administrative communications).
When we have your consent to do so (e.g., when you opt in to receive non-administrative communications from us).
When consent is the legal basis for our processing your personal data, you may withdraw such consent at any time.

Data Retention

We store personal data associated with your account for as long as your account remains active. If you close your account, we will delete your account data within 14 days. We store other personal data for as long as necessary to carry out the purposes for which we originally collected it and for other legitimate business purposes, including to meet our legal, regulatory, or other compliance obligations.

Data Subject Requests

Subject to certain limitations, you have the right to request access to the personal data we hold about you and to receive your data in a portable format, the right to ask that your personal data be corrected or erased, and the right to object to, or request that we restrict, certain processing. To exercise your rights, please utilize the capabilities of the Clym platform or email us at privacy@clym.io.

Questions or Complaints

If you have a concern about our processing of personal data that we are not able to resolve, you have the right to lodge a complaint with the Data Protection Authority where you reside. Contact details for your Data Protection Authority can be found using the links below:

For individuals in the EEA:
https://edpb.europa.eu/about-edpb/board/members_en
For individuals in the UK:
https://ico.org.uk/global/contact-us/
For individuals in Switzerland: https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/contact.html

Please be advised that if you are a resident of the European Union, in case you allow Clym to collect and process certain personal data from you, you have the following rights:

Right of Access. You have the right to obtain from us confirmation as to whether or not personal data concerning you are processed, and, where that is the case, you have the right to request and get access to that personal data.
Right to Rectification. You have the right to obtain from us the rectification of inaccurate personal data and you have the right to provide additional personal data to complete any incomplete personal data.
Right to Erasure (“Right to be Forgotten”). In certain cases, you have the right to obtain from us the erasure of your personal data.
Right to Restriction of Processing. You have the right to obtain from us restriction of processing, applicable for a certain period and/or for certain situations.
Right to Data Portability. You have the right to receive from us in a structured format your personal data and you have the right to (let) transmit such personal data to another controller.
Right to Object. In certain cases, you have the right to object to processing of your personal data, including with regards to profiling. You have the right to object at further processing of your personal data in so far as such data have been collected for direct marketing purposes.
Right to be Not Subject to Automated Individual Decision-Making. You have the right to not be subject to a decision based solely on automated processing.
Right to Filing Complaints. You have the right to file complaints with the applicable data protection authority on our processing of your personal data.
Right to Compensation of Damages. In case we breach applicable legislation on processing of your personal data, you have the right to claim damages from us for any damages such breach may cause with you.

YOUR CALIFORNIA PRIVACY RIGHTS

The California Consumer Privacy Act or “CCPA” (Cal. Civ. Code § 1798.100 et seq.) affords consumers residing in California certain rights with respect to their personal information. If you are a California resident, this section applies to you.

In the preceding 12 months, we have collected the following categories of personal information: identifiers, commercial information, internet or other electronic network activity information, and inferences. For details about the precise data points we collect and the categories of sources of such collection, please see the Collection of Information section above. We collect personal information for the business and commercial purposes described in the Use of Information section above. In the preceding 12 months, we have disclosed the following categories of personal information for business purposes to the following categories of recipients:

Identifiers:

Google Analytics
Hubspot
Microsoft Clarity

Commercial Information:

Hubspot

Internet or Other Electronic Activity Information:

Google Analytics
Hubspot
Microsoft Clarity

Inferences:

Google Analytics
Microsoft Clarity

Clym does not sell your personal information.

Subject to certain limitations, you have the right to (1) request to know more about the categories and specific pieces of personal information we collect, use, and disclose about you, (2) request deletion of your personal information, (3) opt out of any sales of your personal information, if we engage in that activity in the future, and (4) not be discriminated against for exercising these rights. You may make these requests by emailing us at privacy@clym.io or by completing the form listed in the Clym platform. We will verify a webform request by asking you to provide identifying information. We will not discriminate against you if you exercise your rights under the CCPA.

If we receive your request from an authorized agent, we may ask for evidence that you have provided such agent with a power of attorney or that the agent otherwise has valid written authority to submit requests to exercise rights on your behalf. This may include requiring you to verify your identity. If you are an authorized agent seeking to make a request, please contact us by using the Clym platform or via email at privacy@clym.io or by calling 1-866-275-2596.

CONTACT US

If you have any questions about this Privacy Policy, please contact us privacy@clym.io.

If you are from the EEA, Switzerland, or the United Kingdom, please contact us at privacy@clym.io or contact our EU representative at:

1126 bp. Beethoven utca 6.
Budapest, Hungary

Regulations

Solutions

Features

What makes Clym different? Schedule a Demo or watch an introduction to Clym.

Request a Demo→

Documentation

News

Clym legal documents

Questions?