Terms of Service or General Terms and Conditions for ChangeEngine (“GTC”)
If a valid agreement exists between you (“Customer”) and ChangeEngine related to the subject matter hereof, those terms take precedence over these terms unless otherwise agreed by the Parties in relation to a specific Order Form. These GTC may be updated from time to time as explained herein. Refer to these GTC regularly to ensure compliance. These GTC can be found at www.changeengine.com/terms-of-service. Acceptance. Please read these GTC carefully before using www.changeengine.com (the “Website”) or the products or services offered by ChangeEngine (the “Services”). These GTC take effect when you click an “I Accept” button or checkbox presented with these GTC or when you use any of the Services or Website, whichever occurs first. If you are agreeing to these GTC on behalf of Customer, you represent to ChangeEngine that you have legal authority to bind Customer. Modifications to this Agreement. ChangeEngine may modify these GTC at any time by posting a revised version on this website (www.changeengine.com/terms-of-service) or otherwise providing notice to Customer. By continuing to use the Services after the effective date of any modifications to these GTC, Customer agrees to be bound by the modified terms. United States Federal Government Agency: If you are a United States federal government agency, use of the Services is subject to this amendment. Revised February 1, 2022
- DEFINITIONS Capitalized terms used in this document are defined in the Glossary.
USAGE RIGHTS AND RESTRICTIONS
- Grant of Rights. ChangeEngine grants to Customer a non-exclusive, non-transferable and world-wide right to use the Cloud Service (including its implementation and configuration), Cloud Materials (as applicable) and Documentation solely for Customer’s and its Affiliates’ internal business operations. Permitted uses and restrictions of the Cloud Service also apply to Cloud Materials and Documentation.
- Authorized Users. Customer may permit Authorized Users to use the Cloud Service. Usage is limited to the Usage Metrics and volumes stated in the Order Form. Access credentials for the Cloud Service may not be used by more than one individual, but may be transferred from one individual to another if the original user is no longer permitted to use the Cloud Service. Customer is responsible for breaches of the Agreement caused by Authorized Users.
Acceptable Use Policy. With respect to the Cloud Service, Customer will not:
- disassemble, decompile, reverse-engineer, copy, translate or make derivative works,
- transmit any content or data that is unlawful or infringes any intellectual property rights, or
- circumvent or endanger its operation or security.
- Verification of Use. Customer will monitor its own use of the Cloud Service and report any use in excess of the Usage Metrics and volume. ChangeEngine may monitor use to verify compliance with Usage Metrics, volume and the Agreement.
- Suspension of Cloud Service. ChangeEngine may suspend or limit use of the Cloud Service if continued use may result in material harm to the Cloud Service or its users. ChangeEngine will promptly notify Customer of the suspension or limitation. ChangeEngine will limit a suspension or limitation in time and scope as reasonably possible under the circumstances.
- Third Party Web Services. The Cloud Service may include integrations with web services made available by third parties (other than ChangeEngine’ Affiliates) that are accessed through the Cloud Service and subject to terms and conditions with those third parties. These third party web services are not part of the Cloud Service and the Agreement does not apply to them.
- Mobile Access to Cloud Service. If applicable, Authorized Users may access certain Cloud Services through mobile applications obtained from third-party websites such as Android or Apple app store. The use of mobile applications may be governed by the terms and conditions presented upon download/access to the mobile application and not by the terms of the Agreement.
CUSTOMER AND PERSONAL DATA
FEES AND TAXES
TERM AND TERMINATION
THIRD PARTY CLAIMS
LIMITATION OF LIABILITY
INTELLECTUAL PROPERTY RIGHTS
Data Processing Agreement
PERSONAL DATA PROCESSING AGREEMENT FOR CHANGEENGINE CLOUD SERVICES
This Data Processing Addendum (“DPA”) is entered into BETWEEN (1) Customer; and(2) ChangeEngine.
SECURITY OF PROCESSING
DATA EXPORT AND DELETION
CERTIFICATIONS AND AUDITS
DOCUMENTATION; RECORDS OF PROCESSING
Schedule 1 Description of the Processing
This Schedule 1 applies to describe the Processing of Personal Data for the purposes of the Standard Contractual Clauses (2010), New Standard Contractual Clauses and applicable Data Protection Law.
A. LIST OF PARTIES
B. DESCRIPTION OF TRANSFER
C. COMPETENT SUPERVISORY AUTHORITY
Schedule 2 Technical and Organizational Measures
This Schedule 2 applies to describe the applicable technical and organizational measures for the purposes of the Standard Contractual Clauses (2010), New Standard Contractual Clauses and applicable Data Protection Law.
ChangeEngine will apply and maintain the Technical and Organizational Measures.
To the extent that the provisioning of the Cloud Service comprises New SCC Relevant Transfers, the Technical and Organizational Measures set out in Schedule 2 describe the measures and safeguards which have been taken to fully take into consideration the nature of the personal data and the risks involved. If local laws may affect the compliance with the clauses, this may trigger the application of additional safeguards applied during transmission and to the processing of the personal data in the country of destination (if applicable: encryption of data in transit, encryption of data at rest, anonymization, pseudonymization).
TECHNICAL AND ORGANIZATIONAL MEASURES
The following sections define ChangeEngine's current technical and organizational measures. ChangeEngine may change these at any time without notice so long as it maintains a comparable or better level of security. Individual measures may be replaced by new measures that serve the same purpose without diminishing the security level protecting Personal Data.
Physical Access Control. Unauthorized persons are prevented from gaining physical access to premises, buildings or rooms where data processing systems that process and/or use Personal Data are located.
System Access Control. Data processing systems used to provide the Cloud Service must be prevented from being used without authorization.
Data Access Control. Persons entitled to use data processing systems gain access only to the Personal Data that they have a right to access, and Personal Data must not be read, copied, modified or removed without authorization in the course of processing, use and storage.
Data Transmission Control. Except as necessary for the provision of the Cloud Services in accordance with the Agreement, Personal Data must not be read, copied, modified or removed without authorization during transfer. Where data carriers are physically transported, adequate measures are implemented at ChangeEngine to provide the agreed-upon service levels (for example, encryption and lead-lined containers).
Data Input Control. It will be possible to retrospectively examine and establish whether and by whom Personal Data have been entered, modified or removed from ChangeEngine data processing systems.
Job Control. Personal Data being processed on commission (i.e., Personal Data processed on a customer’s behalf) is processed solely in accordance with the Agreement and related instructions of the customer.
Availability Control. Personal Data will be protected against accidental or unauthorized destruction or loss.
Data Separation Control. Personal Data will be protected against accidental or unauthorized destruction or loss.
Data Integrity Control. Personal Data will remain intact, complete and current during processing activities.
Ready to give your people team super powers?
Get started with a customized product demo.