Terms of Service & DPA

Last updated on December 14, 2023.

Terms of Service

1. Definitions

"Add-ons" — New product or module releases provided to platform subscribers at agreed prices.

"Agreement" — The Order Form, Terms of Service, and incorporated reference documents.

"Bespoke Modifications" — Customer-specific development explicitly identified in writing within an Order Form or SOW.

"Bribery Laws" — Dutch laws and regulations regarding bribery and corruption, plus equivalent laws in relevant jurisdictions.

"Commencement Date" — Customer's Order Form signature date or online subscription button click date.

"Contributing Users" — Billable users representing accounts within source code management tools (GitHub, Bitbucket, etc.) that contributed code within the preceding 3 months.

"Customer" — Party identified in the Order Form.

"Customer Data" — Materials uploaded or hosted by Customer within the Product, excluding Non-Viberglass Materials.

"Documentation" — Product or Professional Services descriptions available at https://github.com/ilities/viberglass/wiki.

"Fees" — Amounts specified in the Order Form.

"Initial Subscription Term" — One year from Commencement Date unless otherwise defined or earlier terminated.

"Intellectual Property Rights" — Patents, copyrights, design rights, trademarks, service marks, know-how, database rights, and similar registrations worldwide.

"Non-Viberglass Materials" — Third-party controlled materials or open source software subject to separate licensing agreements.

"Malicious Code" — Viruses, worms, time bombs, Trojans, and harmful programs or scripts.

"Materials" — Services, data, information, content, software code, IP rights, websites, tools, and related items.

"Order Form" — Parties' agreed written order document.

"Product" — The Viberglass Platform, an agent orchestrator and ticket management platform for AI-powered bug fixing and small-scale feature development.

"Professional Services" — Services detailed in Order Form, including applicable Bespoke Modifications and Tools.

"Viberglass" — Ilities.dev B.V., trading as Viberglass, Netherlands company at Broerenstraat 45 41, 6811EB Arnhem.

"Viberglass Materials" — Materials provided by Viberglass for the Product or Professional Services, excluding Customer Data.

"Viberglass Platform Subscription" — Product subscription commencing on Commencement Date.

"Viberglass Platform Subscription Fee" — Fee for platform subscription per Order Form.

"Subscription Term" — Period from Commencement Date until termination per Agreement.

"Third Party Solution" — Third-party products or services or proprietary or non-proprietary licensed code not developed by Customer.

"Tools" — Pre-existing Viberglass proprietary materials or newly developed materials for Professional Services without confidential or customer-specific information.

"Update" — Maintenance update, patch, or bug fix not constituting an Add-On.

"Users" — Individuals authorized to access or use the Product on Customer's behalf with supplied login credentials.

2. The Product and Services

2.1 Provision of the Viberglass Platform Subscription

Upon payment of applicable fees, Viberglass grants Customer a non-exclusive, non-transferable license for the Subscription Term allowing Users to access and use the Product, Updates, and Documentation supporting internal business operations. The license covers the subscribed edition per pricing page. Viberglass also grants non-exclusive, non-transferable rights to use Professional Services results per Order Form for the Subscription Term.

User access limits correspond to the subscribed edition. Customers acknowledge purchases are not contingent on future functionality or dependent on Viberglass's comments regarding unreleased features.

2.2 Customer Responsibilities

Customers must:

  • Ensure User compliance with Documentation and Agreement terms
  • Prevent unauthorized Product access or use through reasonable efforts
  • Notify Viberglass promptly of unauthorized access
  • Accept responsibility for Customer Data use, including compliance with applicable laws
  • Use the Product and Professional Services per Agreement terms and applicable regulations
  • Obtain appropriate Third Party Solution licenses covering Viberglass's performance obligations
  • Comply with Third Party Solution license terms

Viberglass makes no representations regarding Third Party Solution suitability or security adequacy. Customers bear sole responsibility for Third Party Solution assessment.

For data privacy-regulated Customer Data, customers must obtain all necessary consents.

Customers shall not:

  • Make the Product or Professional Services available beyond authorized Users
  • Sell, resell, rent, lease, or license the Product or Professional Services
  • Interfere with Product or Professional Services integrity or performance
  • Attempt unauthorized Product access or underlying system penetration
  • Share User login credentials to circumvent subscriber limits

2.3 Third-Party Solutions

When accessing Third Party Solutions via the Product, customers acknowledge:

  • Viberglass bears no responsibility for Third Party Solution interruptions or performance
  • Customers hold sole responsibility for Third Party Solution licensing and data access

2.4 Additional Services

Customers requiring Bespoke Modifications, program changes, new modules, Add-Ons, or additional Professional Services or consulting may order through mutually agreed Order Form or SOW, subject to additional fees.

3. Fees and Payment

3.1 Fees

Fees per Order Form, excluding VAT and sales taxes, are non-cancellable and non-refundable.

3.2 Expenses

Customers reimburse Viberglass's reasonable pre-approved Professional Services expenses, supported by documentation provided with invoices.

3.3 Overage

Customers exceeding purchased User, Contributing User, or license limits receive invoiced pro-rata fees from overage commencement through Subscription Term end.

3.4 Invoicing and Payment

Fees invoice in advance per Order Form. Unless stated otherwise, payment is due 30 days from invoice date. Payment occurs via electronic transfer, Stripe, or other Viberglass payment processors.

Overdue amounts exceeding 30 days accrue 8% above ECB base rate monthly (or maximum legal rate, whichever is lower) from due date until payment. Customers cannot dispute card payments via chargeback. Unwarranted chargebacks permit Viberglass to terminate the Agreement without liability.

3.5 Suspension of Access

Viberglass may suspend Product access or Professional Services delivery for charges 30 or more days overdue, excluding good faith disputes resolved within 60 days.

3.6 Taxes

Customers pay all applicable taxes on the Product and Professional Services, separately invoiced, excluding Viberglass income-based taxes. Customers provide exemption certificates when applicable.

4. Proprietary Rights

4.1 Reservation of Rights

The Product, Professional Services, and Intellectual Property Rights remain Viberglass or licensor property. Customers possess only specified Agreement rights. Viberglass uses reasonable efforts ensuring open source components are correctly licensed.

4.2 Restrictions

Customers and Users cannot:

  • Grant third-party Product or Professional Services access beyond permitted terms
  • Copy, modify, or create derivative works based on the Product, Professional Services, or Documentation
  • Rent, lease, lend, sell, license, sublicense, publish, frame, mirror, or distribute Product or Professional Services content
  • Reverse engineer, disassemble, decompile, decode, adapt, or derive Product or Professional Services software components
  • Access the Product or Professional Services to build competing products or services or copy Product or Professional Services content, features, functions, or graphics

4.3 License to Feedback

Viberglass receives a royalty-free, worldwide, transferable, sublicensable, irrevocable, perpetual license to customer feedback regarding Product or Professional Services operation.

4.4 Customer Data

Customers own Customer Data; Viberglass receives rights to use it fulfilling Agreement obligations.

4.5 Non-Viberglass Materials

Non-Viberglass Materials use is exclusively governed by applicable third-party terms. Viberglass grants no IP Rights regarding Non-Viberglass Materials. Customers bear sole responsibility for appropriately licensing third-party data sources.

4.6 Suspension

Viberglass may temporarily suspend Customer Product license or User access upon reasonably determining:

  • Customer or User use disrupts or poses security risk to Viberglass or other customers
  • Customer or User breaches the Agreement or applicable law
  • Customer ceased ordinary business operations, made creditor assignments, or underwent bankruptcy or reorganization proceedings
  • Viberglass's provision becomes legally prohibited
  • Third parties suspended or terminated Viberglass's access to required third-party services

Viberglass uses reasonable efforts providing suspension notice and access resumption updates. Viberglass bears no liability for suspension damages, losses, data loss, or profit loss.

5. Confidentiality and Data Protection

5.1 Confidential Information

Confidential Information encompasses orally or written confidential or proprietary information identified as confidential or reasonably appearing confidential. Customer Confidential Information includes Customer Data; Viberglass Confidential Information covers Product and Professional Services information; both parties' Confidential Information includes Agreement terms, business and marketing plans, technology and technical information, product plans and designs, and business processes.

Confidential Information excludes:

  • Publicly available information through no receiving party fault
  • Information lawfully in receiving party's possession prior to disclosure
  • Information lawfully disclosed by third parties without restrictions
  • Information independently developed by receiving party
  • Information required by law to disclose

5.2 Protection of Confidential Information

Parties must:

  • Maintain other party's Confidential Information confidentiality
  • Apply care protecting confidentiality matching their own confidential information standards (minimum: reasonable care)
  • Restrict use or disclosure except per Agreement authorization or obligation performance

Parties may disclose Confidential Information to employees or consultants with need-to-know, provided those parties commit to equivalent confidentiality obligations.

5.3 Compelled Disclosure

Receiving parties may disclose if legally compelled, provided prior notice to the disclosing party (to the extent legally permitted) and reasonable assistance at the disclosing party's cost if contesting disclosure.

5.4 Obligations on Termination

Upon Agreement expiration or termination, parties must:

  • Immediately cease other party's Confidential Information use
  • Cease Product and Professional Services use
  • Within 30 days, upon request, confirm permanent Confidential Information destruction, erasure, or return in writing

Viberglass may retain personal data per applicable laws, court orders, subpoenas, or legal processes.

5.5 Personal Data

Viberglass processes customer personal data per the Data Processing Addendum (Annex 1) below.

5.6 Analytics

Viberglass may use Customer Data internally for trend analysis, testing, optimization, visualization, support, license compliance, and diagnostics. Viberglass will not sell or publish Customer Data.

6. Warranties, Remedies and Disclaimers

6.1 Viberglass Warranties

The Product materially conforms to Documentation. Professional Services materially align with Order Form or SOW descriptions. Viberglass took commercially reasonable steps preventing Malicious Code or internal disruptive components. Upon warranty breach, Viberglass will use commercially reasonable efforts promptly repairing the Product or Professional Services.

6.2 Mutual Warranty

Each party represents having legal power entering the Agreement.

6.3 Disclaimer

EXCEPT AS EXPRESSLY PROVIDED HEREIN, THE PRODUCT AND PROFESSIONAL SERVICES ARE PROVIDED ON AN "AS IS" BASIS WITHOUT WARRANTY OF ANY KIND (EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE). EACH PARTY SPECIFICALLY DISCLAIMS IMPLIED WARRANTIES INCLUDING MERCHANTABILITY, NON-INFRINGEMENT, AND FITNESS FOR PARTICULAR PURPOSES TO MAXIMUM APPLICABLE LAW EXTENT. VIBERGLASS DOES NOT WARRANT PRODUCT OR PROFESSIONAL SERVICES SATISFYING CUSTOMER REQUIREMENTS, BEING DEFECT- OR ERROR-FREE, OR PROVIDING UNINTERRUPTED ACCESS.

6.4 Non-Viberglass Materials Disclaimer

THE CONTINUED AVAILABILITY, COMPATIBILITY WITH THE PRODUCT AND PROFESSIONAL SERVICES AND PERFORMANCE OF THE NON-VIBERGLASS MATERIALS, THIRD PARTY SOLUTION OR CUSTOMER DATA IS OUTSIDE THE CONTROL OF VIBERGLASS, with no responsibility for resulting Product or Professional Services unavailability or degradation.

7. Indemnification

7.1 Viberglass Indemnification

Viberglass defends Customers against third-party claims that Customer's Product or Professional Services use infringes intellectual property rights, and indemnifies from finally awarded damages or settlement amounts.

Viberglass's obligations apply only when:

  • Customer promptly notifies Viberglass in writing
  • Viberglass controls defense and settlement negotiations
  • Customer provides reasonable necessary assistance, information, and authority

Viberglass bears no obligation if Claims result from:

  • Customer's Product or Professional Services combination, operation, or use with non-Viberglass Materials
  • Customer's Product or Professional Services alteration or modification
  • Customer's continued allegedly infringing activity after notification or provided non-infringing modifications
  • Non-Viberglass Materials or Third Party Solutions
  • Customer Data
  • Third-party actions or omissions

7.2 Remedy for Infringement

For Claim-subjected Product or Professional Services use rights or reasonably believed Claims, Viberglass may:

  • Procure continued Product or Professional Services use rights
  • Modify Product or Professional Services rendering them non-infringing but substantially functionally equivalent
  • Terminate the Agreement (if commercially impracticable alternatives exist), refunding prepaid Professional Services amounts for unused portions and prorated prepaid Product amounts

7.3 Customer Indemnification

Customers defend and indemnify Viberglass against Claims by third parties alleging Customer Data or Customer-provided information infringes third-party intellectual property, privacy, or data protection rights, or Customer Responsibilities breach (per 2.2).

8. Limitation of Liability

IN NO EVENT SHALL EITHER PARTY HAVE ANY LIABILITY TO THE OTHER FOR ANY LOST PROFITS OR REVENUES, LOSS OF DATA (EXCLUDING PERSONAL DATA) OR FOR ANY INDIRECT, SPECIAL, INCIDENTAL, CONSEQUENTIAL, COVER OR PUNITIVE DAMAGES (HOWEVER CAUSED, WHETHER CONTRACT, TORT, OR OTHER THEORIES, REGARDLESS OF DAMAGE POSSIBILITY NOTIFICATION), EXCEPT FOR VIBERGLASS'S FRAUD, WILLFUL MISCONDUCT, OR NEGLIGENCE LEADING TO DEATH OR PERSONAL INJURY.

VIBERGLASS'S LIABILITY FOR DAMAGES UNDER THIS AGREEMENT FOR ANY CAUSE WHATSOEVER SHALL NOT EXCEED THE FEES PAID BY CUSTOMER FOR THE VIBERGLASS PLATFORM SUBSCRIPTION DURING THE 12-MONTH PERIOD IMMEDIATELY PRECEDING THE INCIDENT.

Customers acknowledge fees reflect Agreement risk allocation and Viberglass would not enter into the Agreement without these limitations.

9. Term and Termination

9.1 Term of Agreement

Unless otherwise terminated, the Agreement commences on Commencement Date or Customer's Order Form signature (whichever earlier). The Agreement continues until Initial Subscription Term end, then automatically renews for successive one-year periods unless either party gives 60 days' advance termination notice or earlier termination per Agreement.

9.2 Termination for Cause

Parties may terminate for cause by:

  • Providing 30 days' written notice of material breach, if uncured at notice expiration
  • Upon other party's bankruptcy, insolvency, receivership, liquidation, or creditor assignment proceedings

Customer termination for cause results in Viberglass refunding prorated prepaid amounts for post-termination periods. Viberglass termination for cause requires Customer paying unpaid fees through remaining subscription period. Termination never relieves Customer of pre-termination fee obligations.

9.3 Surviving Provisions

Sections 1, 3, 4, 5, 6, 7, 8, and 10 survive termination or expiration.

10. General Provisions

10.1 Export Compliance

Parties must comply with U.S., EU, and applicable jurisdiction export laws. Each party represents non-listing on U.S. or EU prohibited person or entity lists.

10.2 Update to Terms of Service

Viberglass reserves the right to modify these Terms at any time. Material changes are email-notified; acceptance constitutes continued use 30 days after notification or indicated agreement to updated terms.

10.3 Force Majeure

Parties are not in default for performance failures solely from supervening conditions beyond reasonable control (acts of God, civil commotion, strikes, labor disputes, governmental demands or requirements). Delays or non-performance exceeding 60 days permit termination without penalty.

10.4 Relationship of the Parties

Parties are independent contractors. This Agreement creates no partnership, franchise, joint venture, agency, fiduciary, or employment relationship.

10.5 No Third-Party Beneficiaries

No third-party beneficiaries exist to this Agreement.

10.6 Notices

Unless specified otherwise, all notices, permissions, and approvals are written, delivered to Order Form or purchase-time addresses or email.

10.7 Severability

Court findings of provision illegality result in modification accomplishing original objectives to maximum law extent, with remaining provisions remaining effective.

10.8 Anti Corruption

Customers ensure they and associated personnel do not breach Bribery Laws regarding Product or Professional Services provision. Customers must maintain adequate breach-prevention procedures.

10.9 Assignment

Customers cannot assign Agreement rights, wholly or partially, by contract, law, or operation, without prior written consent. Consent shall not be unreasonably withheld or delayed. Control changes constitute assignments.

10.10 Order of Precedence

Order Form conflicts with these terms result in Order Form applying to the extent of the conflict.

10.11 Governing Law; Venue

Agreement and disputes are exclusively governed by Netherlands law with exclusive Dutch Court jurisdiction.

Annex 1: Data Processing Addendum ("DPA")

1. Purpose

This DPA forms part of the Customer-Viberglass Agreement, reflecting parties' Personal Data processing terms per EU/UK Data Protection Law requirements.

2. Definitions

"Controller" — Person(s) determining Personal Data processing purpose and means.

"Data Subject" — Identified or identifiable natural person whose Personal Data is processed.

"EEA" — European Economic Area.

"EU/UK Data Protection Law" — EU Regulation 2016/679 (GDPR); UK GDPR per UK European Union (Withdrawal) Act 2018; EU e-Privacy Directive (Directive 2002/58/EC); applicable national data protection laws per above, as amended or superseded.

"Personal Data" — Customer Data constituting "personal data" per EU/UK Data Protection Law.

"Personal Data Breach" — Security breach leading to accidental or unlawful Personal Data destruction, loss, alteration, unauthorized disclosure, or access.

"Processor" — Person processing Personal Data on Controller behalf.

"Restricted Transfer" — For EU GDPR: EEA-to-non-adequate-determination country transfers. For UK GDPR: UK-to-non-adequacy-regulation country transfers.

"Standard Contractual Clauses" — For EU GDPR: EU Commission Implementing Decision 2021/914 SCCs. For UK GDPR: International Data Transfer Addendum per UK GDPR Article 46.

3. Controller and Processor

Customer is Personal Data controller; Viberglass is processor. Viberglass controls ancillary Personal Data (billing, marketing, support) per its Privacy Notice at viberglass.io/privacy-policy.

4. Details of the Processing

Processing details are described in Schedule 1 below. Viberglass may update processing descriptions or the DPA for Product or Professional Services updates or EU/UK Data Protection Law compliance. Acceptance constitutes continued use 30 days after notification.

5. Processing of Personal Data

Viberglass's Processor Obligations

Viberglass and subprocessors:

  • Process Personal Data only fulfilling Agreement obligations per Customer documented instructions (unless statutory or member state law requires otherwise; Viberglass shall inform Customer of legal requirements prior to processing, unless public interest prohibits notification).
  • Reasonably assist Customer ensuring Articles 32-36 GDPR compliance per processing nature and available information.
  • Will not disclose Personal Data to third parties except at Customer request or statutory/legal requirement.
  • Transfer Personal Data outside EEA per "Transfers of Personal Data Outside the EEA" terms below.

Customer's Controller Obligations

Customers additionally:

  • Maintain appropriate privacy notices regarding Personal Data collection and use.
  • Comply with EU/UK Data Protection Law regarding Personal Data processing and Agreement exercise, and with this DPA and Agreement terms.
  • State that Customer-sourced data complies with collection, storage, and processing requirements including fair processing information provision and Data Subject consents per EU/UK Data Protection Law, and that Personal Data processing instructions always align with EU/UK Data Protection Law.
  • Will not withhold, delay, or condition Agreement change agreement requested for Viberglass or subprocessor EU/UK Data Protection Law compliance.

6. Security Measures

Parties apply appropriate, industry-standard technical and organizational measures preventing unauthorized or unlawful Personal Data access or processing, accidental loss, destruction, or damage. Viberglass applies Platform Security Measures (available upon request), updatable over time. Viberglass and subprocessors take all reasonable steps ensuring Article 32 GDPR processing security compliance.

7. Personal Data Breach Notifications

Viberglass promptly notifies Customer of known or reasonably suspected security breaches leading to Personal Data Breach. Viberglass notifies Customer without undue delay (no later than 72 hours post-awareness) and provides required details including breach nature, investigations, likely consequences, and measures taken or recommended.

8. Audits

Viberglass makes available information demonstrating DPA obligation compliance, permitting reasonable audits determining Viberglass DPA compliance. Audits (maximum annual frequency, absent breach suspicion) may be conducted by Customer, Customer-mandated auditors, or competent jurisdiction public authorities, subject to reasonable and appropriate confidentiality obligations.

9. Confidentiality

Viberglass and subprocessors ensure Personal Data recipients commit to confidentiality or are under statutory confidentiality obligations.

10. Transfer of Personal Data to Third Party Providers

Viberglass-Appointed Subprocessors

Product and Professional Services include hosting elements; Viberglass uses third-party providers for certain services. Subprocessors access certain data including relevant Personal Data, but only process for specifically contracted Viberglass service provision. Viberglass uses commercially reasonable efforts ensuring subprocessors utilize reasonable industry-recognized security measures.

Customer-Appointed Third Party Providers

Customers may subscribe third-party services integrating with Product or Professional Services. Customers acknowledge Viberglass lacks contractual Third Party Solution relationships and no responsibility for transferred Personal Data or third-party data retention. Customers ensure Product and Professional Services integration use complies with applicable Third Party Solution service terms.

11. Processing of Personal Data by Subprocessors

Viberglass may only authorize subprocessors under written agreements on substantially equivalent DPA terms. Viberglass informs Customers 30 days ahead of additional Personal Data-processing subprocessor appointments; Customers have objection opportunity. No 10-day-received objections deem acceptance.

12. Restricted Transfers

Personal Data may be transferred or stored outside Customer or Authorized Users' location for Services and Agreement obligation performance. For EU GDPR Personal Data, EU SCCs apply (Module Two, Netherlands law governs). For UK GDPR Personal Data, UK SCCs apply. Standard Contractual Clauses prevail over contradicting Agreement provisions.

13. Subject Access Requests

Viberglass promptly assists Customer with data protection rights notices, requests, and inquiries at Customer's reasonable expense. Viberglass will not respond to subject access requests without Customer prior written approval unless legally or regulator-required.

14. Return or Deletion of Personal Data

Termination, expiry, or Customer request immediately obliges Viberglass and subprocessors to return all Personal Data to Customer or delete Personal Data in Customer-agreed manner, at Customer's election, unless laws bind Viberglass or subprocessors otherwise. Non-election within 30 post-termination days results in Viberglass deletion.

15. Costs

Viberglass and subprocessor EU/UK Data Protection Law compliance obligation costs are borne by Viberglass or subprocessors to the extent jurisdiction-specific processor compliance requires. Customer-requested Viberglass compliance activities exceeding processor-required activities entitle Viberglass to reasonable costs.

16. Warranty and Liability

By Personal Data processing via Product use, Customers state collection and processing does not breach person or entity rights including publicity, privacy, or EU/UK Data Protection Law rights, Customer is entitled transferring relevant Personal Data to Viberglass, and Viberglass is entitled transferring Personal Data to subprocessors or Third Party Solutions for lawful use, processing, and transfer per DPA and Agreement.

Viberglass's Personal Data processing Product or Professional Services liability limits to direct losses from any DPA Personal Data obligation Viberglass breach, or Viberglass or acting person's lawful Customer processing instruction-contrary or outside actions.

17. Governing Law

Agreement and disputes are exclusively governed by Netherlands law with exclusive Dutch Court jurisdiction.

Schedule 1 — Details of the Processing

Processing subject matter: User log-in details, logs, and usage data.

Processing duration: Agreement duration plus 30 days for Customer Personal Data return or deletion election.

Processing nature and purpose: Viberglass Platform access and use management.

Personal Data type: Email address, password, name, company, User-related log data.

Data subject categories: Users.

Schedule 4 — Standard Contractual Clauses Details

Data Exporter

Order Form-identified Customer entities, acting as Controller.

Data Importer

Ilities.dev B.V., trading as Viberglass
Broerenstraat 45 41, 6811EB Arnhem, Netherlands
Data protection contact: privacy@viberglass.io

Competent Supervisory Authority

EU GDPR applies: Clause 13 SCC-determined competent authority. UK GDPR applies: UK Information Commissioner's Office.