Crate.io Inc. Master Hosted Service Agreement

IMPORTANT – CAREFULLY READ ALL THE TERMS AND CONDITIONS OF THIS MASTER HOSTED SERVICES AGREEMENT (THIS “MHSA”). THIS MHSA SETS FORTH THE TERMS AND CONDITIONS UNDER WHICH CRATE.IO WILL MAKE THE SERVICES AVAILABLE TO CUSTOMER. THE SPECIFIC DETAILS OF THE SERVICES PURCHASED BY CUSTOMER ARE SET OUT IN ONE OR MORE ORDER FORMS ACCEPTED BY THE PARTIES. THE MHSA, TOGETHER WITH ANY ORDER FORM EXECUTED BY THE PARTIES, CONSTITUTE THE ENTIRE AGREEMENT BETWEEN CUSTOMER AND CRATE.IO GOVERNING THE PROVISION AND USE OF THE SERVICES (THE “AGREEMENT”). BY SIGNING AN ORDER FORM, CLICKING “I ACCEPT”, OR BY USING THE SERVICES, CUSTOMER AGREES TO THE TERMS OF THE AGREEMENT.

1. DEFINITIONS

As used in this MHSA and in any Order Form associated herewith:
“Additional Services” means either Professional Services, Support Services or both, as set out in the relevant Order Forms.

“Affiliate” means any entity that directly or indirectly controls, is controlled by, or is under common control with a Party, where “control” means the ownership or control of more than fifty percent (50%) of the voting interests of such entity.

“Authorized Reseller” means a third-party reseller expressly authorized by Crate.io to resell subscriptions to the Services by executing Order Forms with Customers and managing billing and invoicing activities, without providing any part of the Services.

“Crate.io” means Crate.io, Inc., a Delaware corporation, or the Crate.io Affiliate identified in the applicable Order Form.

“Crate.io Technology” means all Crate.io's or its licensor’s proprietary technology (including software, processes, algorithms, user interfaces, know-how, techniques, designs and other tangible or intangible technical material or information) used by Crate.io to provide the Services including all updates, upgrades and enhancements and related Intellectual Property Rights.

“Customer” means the entity identified as customer in an applicable Order Form.

“Customer Data” means any data, information or material that Customer or its Users submit, upload, store, transmit or otherwise process through the Services in the course of using the Services including all data processed or generated by Customer through the Services.

“Data Protection Law” means all laws, regulations and legally binding guidance relating to data protection, privacy and security in force from time to time including but not limited to Regulation (EU) 2016/679 (“GDPR”), the GDPR as it applies in the UK, the Data Protection Act 2018, the Swiss Federal Act on Data Protection (“FADP”) and the CCPA in each case only to the extent applicable to the provision of the Services and Additional Services by Crate.io to the Customer.

“Deliverables” means any reports, configurations, scripts, documentation, technical materials, or other work product created by Crate.io specifically for Customer in the course of providing Professional Services under an applicable Order Form, excluding the Services, Crate.io Technology, and any generic tools, templates, methodologies, know-how, or materials developed or used by Crate.io in performing such Professional Services.

“Documentation” means the user guides, technical manuals, API documentation, and other written materials made available by Crate.io, whether online or in the interface of the Services.

“Fair Use Policy” means Crate.io’s reasonable usage guidelines governing the acceptable use of shared Service resources, as published and updated from time to time at https://cratedb.com/legal/fair-use-policy.

“Fees” means any sums, fees or charges specified on an Order Form or otherwise payable to Crate.io under this Agreement, including without limitation Services fees, usage-based charges, and Professional Service fees.

“Indexation Rate” means the annual percentage rate used to increase the Fees, as specified in the applicable Order Form. If no index is specified in the applicable Order Form, the Indexation Rate shall be based on the percentage change in the Consumer Price Index (All Items) published by the national statistical authority of the country of the billing entity, for the twelve (12) months immediately preceding the applicable adjustment date, or, if not available, a comparable successor index.

“Initial Term“ means the initial subscription period for the Services commencing on the Order Effective Date and continuing for the duration specified in the applicable Order Form.

“Intellectual Property Rights” means unpatented inventions, patent applications, patents, design rights, copyrights, trademarks, trade names, domain name rights, mask work rights, know-how and other trade secret rights, and all other intellectual property rights, derivatives thereof, and forms of protection of a similar nature anywhere in the world.

“Internal Business Purposes” means use of the Services solely to support the Customer’s internal operations and excludes any use of the Services to provide services, functionality, or access to third parties, or to embed the Services in a commercial offering, except as expressly permitted under a separate agreement.

“Open-Source Components” means any software, libraries, code, scripts, or other materials distributed under an open-source license that are incorporated into, embedded in, or used by the Services. Open-Source Components may be provided under various licenses, including but not limited to Apache 2.0, MIT, PostgreSQL License, and similar permissive licenses.

“Order Effective Date” means the date identified in an Order Form as the date on which such Order Form shall be effective.

”Order Form“ means a written document or online ordering process (including an electronic subscription, click-through acceptance, or other digital ordering mechanism), that references this MHSA and is entered into or accepted by Customer either directly with Crate.io or through an Authorized Reseller, and that specifies the Services, Professional Services (if any), Fees, Subscription Term, and related commercial terms.

“Professional Services” means any implementation, set-up, configuration, optimization, migration, consulting services, training and any other services offered by Crate.io from time to time that are set forth in an Order Form.

“Renewal Term” means each subsequent one-year (i.e. 12 months) renewal period for the Services following the Initial Term beginning on successive Order Effective Date anniversaries, unless a different renewal period is agreed by the Parties in the applicable Order Form.

“Security Policy” means Crate.io’s then current security framework and privacy policy as published and modified from time to time at https://cratedb.com/security and at https://cratedb.com/legal/privacy-policy or any successor URL designated by Crate.io.

“Services” means the software-as-a-service offerings operated by Crate.io and made available to Customer via remote access over the internet, as described in the applicable Order Form together with the Documentation provided by Crate.io.

"Service Level Agreement" or “SLA” means the availability and performance commitments applicable to the Services, as published and modified by Crate.io from time to time at https://cratedb.com/legal/service-level-agreement or any successor URL designated by Crate.io.

“Subscription Term” means the Initial Term together with all Renewal Terms.

“Support Policy” means Crate.io’s then-current support terms describing the scope of support, severity levels, response times, working hours, exclusions, customer obligations, and update practices, as published and modified by Crate.io from time to time at https://cratedb.com/legal/support-policy or any successor URL designated by Crate.io.

“Support Services” means the technical support, troubleshooting assistance, maintenance releases, patches, updates, and response obligations that Crate.io provides to Customer during the Subscription Term in accordance with the Support Policy. Support Services expressly exclude Professional Services and any activities or responsibilities identified in the Support Policy as outside the scope of support.

”User“ means Customer’s and Customer’s Affiliate’s employees, representatives, consultants, contractors or agents acting on behalf of Customer who are authorized to use the Services and have been provided with user credentials by Customer (or by Crate.io at Customer’s request); Users may access and use the Services solely for Customer’s Internal Business Purposes and in accordance with the Agreement.
Interpretation. Unless the context otherwise requires, words in the singular include the plural and words in the plural include the singular. References to one gender include all genders. The words “include”, “includes” and “including” shall be deemed to be followed by the words “without limitation”. Section headings are for convenience only and shall not affect the interpretation of this Agreement.

2. ORDER PROCESS

The Services and any Professional Services are ordered through Order Forms entered into or accepted by Customer with either Crate.io or an Authorized Reseller. Each Order Form must reference this MHSA to be valid and shall describe the Customer, the Services, the applicable Fees, the Initial Term, the Order Effective Date and any additional commercial terms agreed by the Parties. No Order Form is binding unless fully accepted by Customer and Crate.io (or an Authorized Reseller acting on Crate.io’s behalf) either by signature, electronic acceptance, click-through confirmation, or other online ordering mechanism. Crate.io shall provide the Services in accordance with each valid Order Form and this MHSA. In the event of any conflict between the terms of this MHSA and the terms of an Order Form, the Order Form shall prevail, but only with respect to the commercial terms it governs (including scope, pricing, payment terms and Subscription Term). For all other matters, the terms of this MHSA shall apply. For clarity, any Customer purchase order or similar document (“PO”) shall be deemed issued solely for administrative convenience. No PO shall modify, supplement, or supersede this MHSA or any Order Form, and Crate.io’s invoices shall remain valid and payable irrespective of whether a PO or PO number is issued or included therein.

3. GRANT OF RIGHTS AND RESTRICTIONS

Crate.io grants Customer a limited, non-exclusive, non-transferable, non-sublicensable right to access and use the Services during the Subscription Term and to permit its Users to do so, solely for Customer’s Internal Business Purpose and only up to the usage parameters defined in the applicable Order Form; Customer’s right to use the Services includes the right to access and use Crate.io Technology solely as integrated within the Services, and not as a standalone product or component.

Services tiers to which the Customer is entitled—including any workloads, metrics, or other usage parameters—are set forth in the applicable Order Form.

Except as otherwise expressly permitted under this Agreement, Customer shall not (i) license, sublicense, sell, resell, transfer, assign, distribute or otherwise commercially exploit or make the Services available to any third party in any way; (ii) modify, copy, translate or make derivative works of the Services or the Crate.io Technology; (iii) "frame" or "mirror" or display the Services on any external site or service; or (iv) reverse engineer, decompile, disassemble or otherwise attempt to access the Services or the Crate.io Technology except to the limited extent permitted by applicable law; (v) attempt to circumvent, disable, or interfere with any license keys, usage limitations, or technical restrictions embedded in the Services; or (vi) use the Services to build a competitive product or service, or to build any product using ideas, features, functions, or graphics similar to those of the Services. Notwithstanding the foregoing, Customer may copy, license, sell and distribute tangible copies of outputs or reports generated through Customer’s authorized use of the Services to third parties, provided such outputs or reports do not contain Crate.io Technology or Documentation, do not identify Crate.io, and provided Customer disclaims all warranties and liabilities on behalf of Crate.io. Customer shall not use the Services to: (i) store infringing, obscene, threatening, libelous, or otherwise unlawful or tortious material; (ii) store material containing software viruses, worms, Trojan horses or other harmful computer code; (iii) interfere with or disrupt the integrity or performance of the Services; or (iv) attempt to gain unauthorized access to the Services or its related systems or networks.

Customer acknowledges that the Services may include or interoperate with Open-Source Components. Customer shall not obtain any rights to such Open-Source Components beyond those granted by the applicable open-source licenses. Nothing in this Agreement shall restrict Customer’s rights under such licenses.

Fair Use. Customer shall use the Services in a manner consistent with normal and reasonable usage of a multi-tenant cloud service. Customer’s use of the Services is subject to Crate.io’s Fair Use Policy. If Customer’s usage materially exceeds normal usage patterns, exceeds the applicable usage parameters, violates the Fair Use Policy, or adversely impacts the stability, performance, or availability of the Services, Crate.io may require Customer to reduce such usage, upgrade its subscription, implement reasonable technical adjustments, throttle the applicable workloads, or suspend the affected portion of the Services upon notice where practicable.

4. PROVISION OF THE SERVICES; SUPPORT AND AVAILABILITY

Provision of the Services. Crate.io shall make the Services available to Customer via secure remote access over the internet. The Subscription Term begins on the Order Effective Date, unless a different commencement date is explicitly specified in the Order Form.

Service Level Agreement. The availability and performance targets applicable to the Services are set forth in Crate.io’s then-current SLA and incorporated herein by reference. The SLA sets forth Customer’s sole and exclusive remedies for any failure by Crate.io to meet the applicable service levels. Except as expressly provided in the SLA, Crate.io makes no guarantees regarding availability, performance, or uptime of the Services. Crate.io may update the SLA from time to time, provided that no such update will materially reduce the service levels applicable to Customer during an active Subscription Term.

Security. Crate.io will provide the Services in accordance with its then-current Security Policy. The Security Policy applies to Crate.io in hosting and operating the Services and to Customer with respect to its access to and use of the Services. Nothing in the Security Policy creates additional warranties beyond those set forth in this Agreement. Customer is responsible for maintaining the confidentiality of its access credentials and for all activities conducted through its User accounts.

Support Services During the Subscription Term, Crate.io will provide Support Services for the Services in accordance with Crate.io’s then-current Support Policy. The Support Policy governs Crate.io’s response targets, severity classifications, scope of assistance, and Customer obligations. Support Services are limited to issues arising from the availability or operation of the Services and do not include support for any Customer applications, Customer Data, Customer environment, or any activities expressly excluded under the Support Policy. Any such activities may be made available as Professional Services under an Order Form. Customer shall provide all information, logs, access, and reasonable cooperation required by Crate.io to diagnose and resolve support issues as described in the Support Policy. Crate.io will have no obligation to provide Support Services where such cooperation is not provided or where issues cannot be reproduced due to limitations in information provided by Customer.

Updates and Modifications. Crate.io may enhance, update, modify, or otherwise change the Services from time to time, including the addition, modification or removal of features or functionality and/or modification of the architecture, infrastructure, or technical implementation of the Services. Crate.io will use commercially reasonable efforts to provide Customer at least thirty (30) days’ prior notice of any change that Crate.io reasonably believes will have a material adverse impact on Customer’s use of the Services. Crate.io will not materially reduce the core functionality of the Services during a Subscription Term unless required to comply with applicable law or for security or technical reasons.

Exclusions. Crate.io shall have no obligation to provide Support Services or meet any service levels for any issues, defects, or errors arising from or relating to: (a) any hardware, software, systems, networks, environments, or interfaces not provided or expressly supported by Crate.io, including any third-party or other software installed alongside or interoperating with the Services; (b) Customer Data or Customer applications; (c) use of the Services other than in accordance with this Agreement, the applicable Order Form, the Documentation, the Support Policy or the SLA; (d) Customer’s negligence, misuse, abuse, misapplication, unauthorized modification, or failure to follow reasonable instructions or recommendations provided by Crate.io; (e) issues that cannot be reproduced or reasonably investigated due to insufficient information, lack of access, or Customer’s failure to provide reasonable cooperation as required under the Support Policy; or (f) events or causes beyond Crate.io’s reasonable control, including failures of Customer-controlled infrastructure or force majeure events.

Subcontractors. Crate.io may use subcontractors and third-party service providers, including third party cloud infrastructure providers (“Hosting Partner”), to perform portions of the Services. Crate.io shall remain responsible for ensuring that its subcontractors comply with the obligations applicable to Crate.io under this Agreement. Notwithstanding the foregoing, any failure, interruption, or degradation of the Services attributable to a Hosting Partner shall be governed exclusively by the SLA, including its Limitations section. Crate.io's liability in respect of such events shall be limited to the remedies expressly set out in the SLA, and no additional liability shall arise under this Agreement in connection therewith. In the event of such an incident, Crate.io shall: (i) notify the Customer as soon as reasonably practicable; (ii) use all reasonable endeavours to remedy the incident or mitigate its effects; and (iii) pursue, where available, any remedies against the relevant provider.

Beta Features. From time to time, Crate.io may make available certain features, functionality, or services identified as beta, preview, early access, or similar (“Beta Features”). Beta Features are provided for evaluation purposes only and may be modified or discontinued at any time. Beta Features are provided “as is” without any warranties, service level commitments, or support obligations unless otherwise expressly stated. Crate.io shall have no liability arising from or relating to Customer’s use of Beta Features.

Service Suspension. Crate.io may temporarily suspend Customer’s access to the Services if: (i) Customer’s use of the Services poses a security risk to the Services or to any third party; (ii) Customer’s use of the Services violates applicable law or the terms of this Agreement; (iii) Customer’s usage materially degrades the performance or availability of the Services for other customers; (iv) suspension is necessary to prevent harm to the Services or Crate.io’s infrastructure; or (v) Customer’s use materially exceeds or violates the Fair Use Policy. Crate.io will use reasonable efforts to provide notice prior to suspension where practicable and will limit the suspension to the minimum scope and duration reasonably necessary.

5. PROFESSIONAL SERVICES

If Professional Services are included in any Order Form, Crate.io may produce Deliverables for Customer. Unless otherwise specified in the applicable Order Form, any Deliverables and all Intellectual Property Rights therein (excluding Customer Data) shall be owned exclusively by Crate.io. Crate.io grants Customer a limited, non-exclusive, non-transferable, non-sublicensable right to use such Deliverables solely for Customer’s Internal Business Purposes and solely in connection with Customer’s authorized use of the Services. Customer acknowledges and agrees that (i) updates, upgrades, and improvements to the Services may impact the operation of any Deliverables, and that Crate.io does not guarantee future compatibility and (ii) additional Fees may apply if Customer requests additional Professional Services from Crate.io to ensure compatibility between such Deliverables and new versions of the Services.

6. CUSTOMER’S RESPONSIBILITIES

Customer is responsible for all activity conducted through its User accounts and for ensuring that its Users comply with this Agreement. Customer shall ensure that all User credentials and authentication mechanisms implemented in its environment are kept confidential and are not shared between individuals. Customer is solely responsible for the legality, accuracy, quality and integrity of Customer Data, and for obtaining all necessary rights, consents, and permissions required for the submission, processing, and use of Customer Data in connection with the Services. Customer is responsible for implementing appropriate administrative, technical, and organizational measures within its control to protect access to the Services, including managing User permissions, access controls, and authentication credentials.

Customer shall comply with all applicable laws and regulations in connection with its use of the Services, including those relating to data protection, privacy, export control and international communications.

Customer shall promptly notify Crate.io of any actual or suspected unauthorized access to or use of the Services, User accounts or access credentials or of any other actual or suspected security incident vulnerability, defect, unauthorized use, or misuse relating to the Services of which Customer becomes aware.

Customer shall not use the Services in any manner that infringes third-party rights, violates applicable laws, or interferes with the operation, availability or security of the Services.

7. FEES

Fees. Customer shall pay all Fees as specified on each executed Order Form. All payment obligations are non-cancelable, and all amounts paid are nonrefundable unless otherwise explicitly provided in the Agreement. For the sake of clarity, Fees for unused or partially unused Professional Services, including any packaged Professional Services are nonrefundable and cannot be carried forward to any subsequent period.

Annual Fee Indexation. Unless otherwise provided in the Order Form, on each anniversary of the Order Effective Date during the Subscription Term, the Fees for the following annual period shall be automatically increased in accordance with the Indexation Rate specified in the Order Form based on the percentage change published for the twelve (12) months immediately preceding such anniversary date. The increased Fees shall apply automatically and shall not require execution of an amended Order Form or additional notice.

Usage Measurement. Crate.io may monitor and measure Customer’s usage of the Services for billing and compliance purposes. Crate.io’s measurements will be final and binding for billing purposes unless Customer demonstrates a material error.

Invoicing and Payment Terms. Unless otherwise specified in an Order Form: (a) Subscription Fees and packaged Professional Services Fees are invoiced annually in advance; (b) usage-based Fees and time-and-materials Professional Services Fees are invoiced monthly in arrears. All invoices are due and payable within thirty (30) days from the invoice date and payments shall be made in the currency specified in the applicable Order Form.

Taxes. Crate.io's Fees are exclusive of all taxes, levies, or duties imposed by taxing authorities (such as, without limitation, withholding taxes, VAT, Service Tax, GST, excise taxes, sales and transactions taxes, and gross receipts tax), and Customer shall be responsible for payment of all such taxes, levies, or duties, excluding taxes based solely on Crate.io's income.

Late Payment. Any overdue amounts may accrue interest at the lesser of (i) 1.5% per month or (ii) the maximum rate permitted by law. Crate.io may suspend access to the Services for unpaid amounts that remain outstanding for more than thirty (30) days after notice. Customer shall be responsible for reasonable collection costs.

Authorized Reseller. If Customer purchases the Services through an Authorized Reseller, then:
(a) Customer’s payment obligations shall be owed to the Authorized Reseller, and Customer shall have no payment obligations directly to Crate.io for such Services, unless the Authorized Reseller fails to pay Crate.io;(b) Crate.io’s obligations to provide the Services to Customer shall remain subject to Crate.io’s receipt of the applicable Fees from the Authorized Reseller; (c) the terms of this Agreement shall govern Customer’s use of the Services, and the Authorized Reseller has no authority to modify the terms of this MHSA, make any commitments on behalf of Crate.io, or grant any rights in the Services beyond those expressly granted herein; (d) Customer acknowledges that any dispute relating to invoicing, pricing, refunds, or payment terms shall be handled directly with the Authorized Reseller; and (e) Crate.io may suspend or terminate the Services if the Authorized Reseller fails to pay Crate.io the applicable Fees for Customer’s subscription, even if Customer has paid the Authorized Reseller. Crate.io shall have no liability arising from or relating to any dispute between Customer and the Authorized Reseller regarding pricing, billing, payment, or refunds.

8. TERM AND TERMINATION

Term of the MHSA. The MHSA becomes effective on the Order Effective Date and remains in force until terminated in accordance with this Section 8 (Term and Termination). Either Party may terminate the MHSA upon written notice if no Order Form is then in effect.

Subscription Term of Order Forms; Renewals. Each Order Form begins on its Order Effective Date and continues for the Initial Term stated therein. Unless otherwise stated, each Order Form automatically renews for successive Renewal Terms unless either Party gives written notice of non-renewal at least ninety (90) days before the end of the Initial Term or any Renewal Terms. Any additional Services, Users, capacity or usage added during a Subscription Term shall be coterminous with that Subscription Term. Upon expiration or termination of an Order Form, Customer must immediately cease all use of the Services.

Termination for Cause. Either party may terminate an Order Form or this Agreement (and any Order Form then in effect), if the other party breaches any material term of that Order Form or the Agreement if the breach is not cured within thirty (30) days after written notice.

Financial Consequences of Termination. If an Order Form is terminated by Crate.io for Customer’s breach, Customer shall pay all Fees that would have become due for the remainder of the Subscription Term of that Order Form. Except as expressly stated in this Agreement, no refunds will be issued for any fees paid. Termination or expiration of an Order Form does not terminate this MHSA unless no other Order Form remains in effect.

Survival. Termination or expiration of this Agreement shall not relieve either party of obligations that by their nature or term survive termination or expiration; including, without limitation: payment obligations; confidentiality obligations; intellectual property ownership provisions; indemnification obligations; disclaimers of warranties; limitations of liability; governing law and jurisdiction; and any other provisions which by their nature are intended to survive

Effect of Termination. Upon termination or expiration of this Agreement: (a) Customer’s right to access the applicable Services shall cease, (b) each Party shall return or destroy the other Party’s Confidential Information.

9. CUSTOMER DATA

Customer retains all rights, title, and interest in and to Customer Data; Crate.io does not own or acquire any rights in Customer Data except for the limited rights expressly granted under this Agreement.

Crate.io hosts and processes Customer Data solely for the purpose of providing the Services in accordance with this Agreement and the applicable Data Processing Agreement (if applicable). Crate.io shall implement appropriate technical and organizational measures to protect Customer Data against unauthorized access, loss, or destruction.

Customer is solely responsible for the accuracy, quality, integrity, legality, reliability, and for obtaining all rights, permissions, and consents required to submit Customer Data to the Services to authorize Crate.io to process such Customer Data in accordance with this Agreement.
Customer hereby grants Crate.io a limited, non-exclusive, worldwide, royalty-free license during the Subscription Term to use host, process, copy, transmit, and display Customer Data as necessary to provide the Services.

To the extent Customer provides diagnostic information or other materials that may contain Customer Data, Customer hereby grants Crate.io a limited, non-exclusive, worldwide , royalty-free license during the Subscription Term to (a) use such information solely to diagnose issues, provide support, and improve the Services, and (b) generate and use aggregated, anonymized, or de-identified data for statistical, analytical service improvement, and industry benchmarking provided such data does not identify Customer or any individual.

Customer may access and export Customer Data at any time during the Subscription Term. Upon termination or expiration of an applicable Order Form, Crate.io will make Customer Data available for export for thirty (30) days, after which Crate.io may delete such Customer Data in accordance with its data retention and deletion policies, unless applicable law requires otherwise.

10. PERSONAL DATA

Customer acknowledges and agrees that the Services are not designed to process personal data and will not knowingly submit any personal data to the Services. However, in the event that Customer Data does contain personal data and in respect of the processing of personal data in the provision of the Support Services, the Parties agree as follows:

Definitions. All defined terms used in this Section 10 (Personal Data), are as defined in this Agreement. All other terms shall be interpreted in accordance with applicable Data Protection Law.

Roles of the Parties. For the purposes of applicable Data Protection Law, Customer acts as the data controller and Crate.io acts as the data processor with respect to personal data processed in connection with the Services and Additional Services. Each of Customer and Crate.io agrees to comply with their respective obligations under Data Protection Law in respect of any and all personal data processing.

Description of Processing. Crate.io processes personal data solely as necessary to provide, operate, maintain, secure, and support the Additional Services, to manage the customer relationship, and to perform its obligations under this Agreement and Order Form(s) which Customer agrees form its complete instructions in respect of personal data processing. Personal data of Users of the Services will comprise name and email address provided as part of the support ticket.

Lawful Basis and Customer Responsibility. Customer is responsible for ensuring that personal data submitted to the Additional Services is collected and processed lawfully, that appropriate notices have been provided to data subjects, and that all necessary rights, consents, and legal bases exist to authorize Crate.io to process such personal data in accordance with this Agreement.

Security Measures. Crate.io shall implement and maintain appropriate technical and organizational measures to protect personal data against unauthorized or unlawful processing and against accidental loss, destruction, or damage, as further described in Crate.io’s Security Policy. A breach of security resulting in a personal data breach will be notified to Customer without undue delay and include information relating to the breach as required by applicable Data Protection Law.

Subprocessors. Customer grants Crate.io a general authorization to engage subprocessors on the condition that the requirements of Article 18(4) of the GDPR are complied with and any changes to the subprocessors engages are notified in writing to Customer no less than 30 days prior to their appointment, giving Customer the opportunity to make reasonable objections. As at the date of this Agreement, Crate.io has engaged Atlassian Corporation, the owner of Jira which supports the CrateDB Support Centre portal and located at Level 6, 341 George Street, Sydney, Australia and the third-party Hosting Partner selected by Customer as set out in the Order Forms.

Retention. Crate.io shall retain personal data for the duration of the Subscription Term and thereafter only as required to comply with applicable legal obligations. Upon termination of the applicable Order Form, personal data shall be deleted or returned in accordance with Customer’s written instructions.

International Transfers. Where Crate.io transfers personal data outside the jurisdiction from which it was originally collected, it shall ensure that such transfers comply with applicable Data Protection Law, including the implementation of appropriate safeguards.

Assistance. Crate.io will provide reasonable assistance and cooperation to the Customer where mandated by applicable Data Protection Law.

11. CONFIDENTIALITY

“Confidential Information” means any non-public business, technical, financial, or operational information disclosed by one party (“Disclosing Party”) to the other (“Receiving Party”), whether orally, in writing, or by observation. Confidential Information includes trade secrets, know-how, software, product plans, research, customer lists, pricing, security information, as well as confidential information of third parties in the Disclosing Party’s possession. Confidential Information does not include aggregated or anonymized data derived from Customer Data that does not identify Customer, Affiliates or any individual.

Exceptions. Confidential Information does not include any information that the Receiving Party can demonstrate: (a) is or becomes publicly available without breach of this Agreement (b) was known to the Receiving Party without confidentiality obligations prior to disclosure, (c) is received from a third party without breach of confidentiality, (d) was independently developed by the Receiving Party without use of or reference to the Confidential Information, or (e) must be disclosed pursuant to law, subpoena, or court order, provided that the Receiving Party gives prompt notice and cooperates with the Disclosing Party in seeking protective measures. Feedback or suggestions provided by Customer regarding the Services are not Confidential Information.

Non-disclosure and Non-use. The Receiving Party shall not, during and after the Subscription Term of this Agreement, use the Confidential Information for any purpose other than performing its obligations under this Agreement, nor disclose the Confidential Information to any third party except to its employees, Affiliates, contractors, or subprocessors who have a need to know and are bound by confidentiality obligations at least as protective as those contained herein. The Receiving Party shall use at least the same degree of care that it uses to protect its own similar confidential information, and no less than reasonable care. These obligations continue for five (5) years after termination, except for trade secrets, which remain protected for as long as allowed by law. These obligations are in addition to, and supplement any prior non-disclosure agreement between the Parties. In case of conflict this Agreement governs disclosure made in connection with the Services.

12. INTELLECTUAL PROPERTY OWNERSHIP

Crate.io and its licensors shall own all rights, title and interest, including all related Intellectual Property Rights, in and to the Crate.io Technology and the Services. No rights are granted in the Services except those expressly stated in Section 3 (Grant of Rights and Restrictions).

Crate.io shall own all suggestions, ideas, enhancement requests, feedback, or recommendations provided by Customer or its Users relating to the Services and Crate.io may use such feedback without restriction or obligation to Customer.

This Agreement does not transfer any rights of ownership in or related to the Services, the Crate.io Technology or any Intellectual Property Rights owned by Crate.io. Except as expressly provided herein, Customer is not granted any rights in or to the Services, the Crate.io Technology, or any related Intellectual Property Rights. Customer shall not claim any rights in any derivative works, tools, templates, know-how, or methodologies used or developed by Crate.io in providing the Services or Professional Services.

All trademarks, service marks, logos, and product names of Crate.io are the exclusive property of Crate.io or its licensors, and no right or license is granted to use them.

Nothing in this Agreement affects Customer’s ownership of Customer Data.

13. INDEMNIFICATION

Customer Indemnification; Customer shall indemnify, defend and hold harmless Crate.io, its Affiliates and licensors , and their respective officers, directors, employees and agents from and against any and all third party claims, costs, damages, losses, liabilities and expenses (including reasonable attorneys' fees) to the extent arising out of or relating to: (i) Customer Data including any allegation that such Customer Data infringes any Intellectual Property Rights, privacy rights or violate applicable law (ii) a claim arising from the breach by Customer or its Users of this Agreement including any violation of the use and restrictions; (iii) Customer’s violation of applicable law. provided in any such case that Crate.io (a) promptly gives notice of the claim to Customer; (b) gives Customer sole control of the defense and settlement of the claim (provided that Customer may not settle such claim unless such settlement unconditionally releases Crate.io of all liability and does not adversely affect Crate.io's business or Services); (c) provides to Customer all available information and reasonable assistance; and (d) has not compromised or settled such third-party claim.

Crate.io Indemnification; Crate.io shall indemnify and hold harmless Customer and their respective officers, directors, employees, and agents from and against any and all costs, damages, losses, liabilities and expenses (including attorneys' fees and costs) to the extent arising out of or in connection with a third party claim alleging that the Customer’s authorized use of the proprietary, non-open-source portions of Crate.io Technology infringes any Intellectual Property Right, provided in any such case that Customer (a) promptly gives notice of the claim to Crate.io; (b) gives Crate.io sole control of the defense and settlement of the claim (provided that Crate.io may not settle such claim unless such settlement unconditionally releases Customer of all liability and does not adversely affect Customer's business); (c) provides to Crate.io all available information and reasonable assistance; and (d) has not compromised or settled such third-party claim. If the Crate.io Technology becomes, or in Crate.io’s opinion is likely to become, the subject of an infringement claim, Crate.io may, at its option and expense, either (a) procure for Customer the right to continue using the Crate.io Technology, (b) replace or modify the Crate.io Technology so that it becomes non-infringing, or (c) accept termination of the licenses granted hereunder and give Customer a refund for the fees paid by Customer less a reasonable allowance for the period of time Customer has used the Crate.io Technology. Notwithstanding the foregoing, Crate.io will have no obligation under this Section 13 (Indemnification) or otherwise with respect to any infringement claim based upon (i) any use of the Crate.io Technology not in accordance with this Agreement or the Documentation, (ii) any use of the Crate.io Technology in combination with other products, equipment, software, or data not supplied by Crate.io, (iii) use of a version of the Services other than the most current version made available by Crate.io, when the infringement would have been avoided by using such current version; or (iv) any modification of the Services by any person other than Crate.io or its authorized agents or subcontractors.

For clarity, Crate.io shall have no indemnification obligations arising from or relating to any Open-Source Components, including claims based on their use, combination, modification, redistribution, or licensing terms.

THIS SECTION 13 (INDEMNIFICATION) STATES CRATE.IO’S ENTIRE LIABILITY AND CUSTOMER’S SOLE AND EXCLUSIVE REMEDY FOR INFRINGEMENT CLAIMS AND ACTIONS.

14. REPRESENTATIONS & WARRANTIES

Each party represents and warrants that it has the legal power and authority to enter into this Agreement.

Crate.io further represents and warrants that for a period of ninety (90) days from the Order Form Effective Date (the “Warranty Period”), the Services will perform substantially in accordance with the Documentation when used in accordance with this Agreement and the Documentation. If during the Warranty Period the Services fail to conform to the foregoing warranty, Customer must promptly notify Crate.io in writing and provide sufficient detail to allow Crate.io to reproduce and diagnose the issue. Customer’s sole and exclusive remedy and Crate.io’s sole obligation shall be for Crate.io to use reasonable commercial efforts to correct the non-conformity or, if Crate.io is unable to correct the non-conformity within a commercially reasonable period, for Customer to terminate the applicable Order Form and Crate.io shall refund to Customer any prepaid fees for the period following termination.

The warranty set forth in this Section does not apply to: (i) any Services that have been modified by Customer or any third party; (ii) any non-conformity caused by Customer’s hardware, operating environment, or misuse; or (iii) use of the Services in violation of this Agreement or the Documentation or (iv) any Open-Source Components.

Professional Services provided by Crate.io under an Order Form will be performed in a professional and workmanlike manner. Crate.io warrants that any Deliverables provided as part of the Professional Services will materially conform to the specifications expressly set forth in the applicable Order Form or statement of work, if any, for a period of thirty (30) days following delivery of the applicable Deliverable (the “Professional Services Warranty Period”). Customer must notify Crate.io in writing of any breach of this warranty during the Professional Services Warranty Period, providing sufficient detail to allow Crate.io to reproduce and verify the alleged non-conformity. Crate.io’s sole obligation and Customer’s exclusive remedy for breach of the foregoing warranty shall be, at Crate.io’s option: (i) re-performance of the applicable Professional Services; (ii) correction of the affected Deliverable; or (iii) if Crate.io is unable to do so within a commercially reasonable period, termination of the applicable Professional Services portion of the Order Form and refund of the fees paid for the non-conforming Professional Services. This warranty applies only to Deliverables used in accordance with this Agreement and the applicable Order Form.

15. DISCLAIMER OF WARRANTIES

EXCEPT AS EXPRESSLY STATED IN THIS AGREEMENT, CRATE.IO AND ITS AFFILIATES OR LICENSORS MAKE NO OTHER REPRESENTATION, WARRANTY, OR GUARANTY AS TO THE RELIABILITY, QUALITY, SUITABILITY, AVAILABILITY, ACCURACY OR COMPLETENESS OF THE SERVICES, ANY PROFESSIONAL SERVICES OR DELIVERABLES. CRATE.IO AND ITS AFFILIATES OR LICENSORS DO NOT WARRANT THAT THE SERVICES, THE PROFESSIONAL SERVICES OR DELIVERABLES PROVIDED UNDER THIS AGREEMENT (A) WILL BE SECURE, TIMELY, UNINTERRUPTED OR ERROR-FREE OR OPERATE IN COMBINATION WITH ANY HARDWARE, SOFTWARE SERVICES, SYSTEM OR DATA NOT SPECIFIED IN THE DOCUMENTATION, OR (B) WILL MEET CUSTOMER’S REQUIREMENTS OR EXPECTATIONS. SUBJECT TO THE EXPRESS WARRANTIES SET FORTH IN SECTION 14 (REPRESENTATION AND WARRANTIES) THE SERVICES AND ANY PROFESSIONAL SERVICES AND DELIVERABLES ARE PROVIDED TO CUSTOMER STRICTLY ON AN "AS IS" AND “AS AVAILABLE” BASIS. ALL CONDITIONS, REPRESENTATIONS AND WARRANTIES, OTHER THAN THE EXPRESS WARRANTIES SET FORTH IN SECTION 14 (REPRESENTATION AND WARRANTIES) WHETHER EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, ARE HEREBY DISCLAIMED TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, INCLUDING, WITHOUT LIMITATION, ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT OF THIRD-PARTY RIGHTS. CUSTOMER IS SOLELY RESPONSIBLE FOR BACKING UP AND PROTECTING CUSTOMER DATA WITHIN ITS OWN ENVIRONMENT AND FOR MAINTAINING ADEQUATE TECHNICAL AND SECURITY SAFEGUARDS UNDER CUSTOMER’S CONTROL. THE SERVICES MAY BE SUBJECT TO LIMITATIONS, DELAYS, AND OTHER PROBLEMS INHERENT IN THE USE OF THE INTERNET AND ELECTRONIC COMMUNICATIONS. CRATE.IO IS NOT RESPONSIBLE FOR DELAYS, DELIVERY FAILURES, OR OTHER DAMAGE RESULTING FROM SUCH PROBLEMS. CRATE.IO MAKES NO WARRANTIES OF ANY KIND WITH RESPECT TO OPEN-SOURCE COMPONENTS, WHICH ARE PROVIDED “AS IS” AND “AS AVAILABLE” UNDER THEIR RESPECTIVE LICENSES.

16. LIMITATION OF LIABILITY

NOTWITHSTANDING ANYTHING TO THE CONTRARY IN THIS MHSA, BUT ONLY TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW:
(a) NOTHING IN THE AGREEMENT LIMITS OR EXCLUDES EITHER PARTY'S LIABILITY FOR (i) DEATH OR PERSONAL INJURY CAUSED BY ITS GROSS NEGLIGENCE, OR THE GROSS NEGLIGENCE OF ITS EMPLOYEES, AGENTS, OR SUBCONTRACTORS; (ii) FRAUD OR FRAUDULENT MISREPRESENTATION; OR (iii) ANY OTHER LIABILITY THAT CANNOT BE EXCLUDED OR LIMITED BY LAW.
(b) EXCEPT FOR (i) FEES DUE UNDER APPLICABLE ORDER FORMS (ii) EACH PARTY’S INDEMNIFICATION OBLIGATIONS UNDER SECTION 13 (INDEMNIFICATION), AND (iii) CUSTOMER’S BREACH OF SECTION 3(GRANT OF RIGHTS AND RESTRICTIONS), NEITHER PARTY’S TOTAL AGGREGATE LIABILITY ARISING FROM OR RELATING TO THE AGREEMENT WILL EXCEED THE FEES ACTUALLY PAID OR PAYABLE BY CUSTOMER UNDER THE APPLICABLE ORDER FORM IN THE 12-MONTH PERIOD IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO THE LIABILITY.
(c) IN NO EVENT WILL EITHER PARTY OR ITS AFFILIATES, OWNERS, OFFICERS, DIRECTORS, EMPLOYEES, OR LICENSORS BE LIABLE OR OTHERWISE OBLIGATED TO THE OTHER PARTY OR ANYONE ELSE FOR ANY LOSS OF PROFITS, REVENUE, OPPORTUNITIES, ECONOMIC ADVANTAGE, GOODWILL, DATA OR USE, OR FOR ANY INDIRECT, CONSEQUENTIAL, INCIDENTAL, SPECIAL OR PUNITIVE DAMAGES OF ANY KIND, ARISING OUT OF OR IN ANY WAY RELATED TO THE AGREEMENT, REGARDLESS OF CAUSE, EVEN IF THE PARTY FROM WHICH DAMAGES ARE BEING SOUGHT OR THAT PARTY’S AFFILIATES OR LICENSORS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES, AND EVEN IF A REMAINING AVAILABLE REMEDY FAILS ITS ESSENTIAL PURPOSE.
(d) THE TERMS OF THIS SECTION “LIMITATION OF LIABILITY” APPLY REGARDLESS OF THE FORM OF ACTION, AND WHETHER THE ASSERTED LIABILITY, CLAIM, OR DAMAGES ARE BASED ON CONTRACT (INCLUDING BREACH OF WARRANTY), TORT (INCLUDING NEGLIGENCE), STATUTE, OR ANY OTHER LEGAL OR EQUITABLE THEORY.
(e) THE PROVISIONS OF THIS SECTION “LIMITATION OF LIABILITY” ALLOCATE RISKS UNDER THIS AGREEMENT BETWEEN CUSTOMER AND CRATE.IO, AND THE FEES CHARGED FOR THE SERVICE ARE BASED ON THIS ALLOCATION OF RISKS AND THESE LIMITATIONS OF LIABILITY.

17. MARKETING

Customer grants Crate.io the right to use Customer’s name, mark and logo on Crate.io’s website, in Crate.io marketing materials, solely to identify Customer as a Crate.io customer subject to Customer’s prior written consent, which shall not be unreasonably withheld or delayed.

18. AUDIT RIGHTS

Crate.io may, upon at least ten (10) business days’ prior written notice, audit Customer’s use of the Services to verify compliance with the usage metrics and restrictions set out in this Agreement. Any such audit shall be conducted no more than once per twelve (12) months, during normal business hours, and in a manner that does not unreasonably interfere with Customer’s operations.

Customer shall provide Crate.io with reasonable cooperation and access to information necessary to confirm its authorized use of the Services, which may include usage logs, reports, configuration information, or other data generated through Customer’s use of the Services. Crate.io may also rely on data automatically collected by the Services for audit purposes.

If an audit shows that Customer has used the Services in excess of the usage metrics purchased under the applicable Order Form, Customer shall promptly pay the fees corresponding to such excess usage at Crate.io’s then-current list price. If the excess usage exceeds five percent (5%) of the purchased amounts, Customer shall also reimburse Crate.io for the reasonable costs of conducting the audit.
All information received or reviewed in connection with an audit shall be treated as Confidential Information.

19. NOTICE

All notices required to be provided under this Agreement must be delivered in writing by nationally recognized overnight delivery service, by electronic mail, to the other party to the addresses or emails defined in the relevant Order Form A copy of any Customer's notice shall be sent via email to legal@crate.io. All notices shall be deemed to have been given upon receipt or, if earlier, two (2) business days after being deposited in the mail as required above. Either party may change its address by giving timely notice of the new address to the other party pursuant to this Section and identifying in such notice the date on which such change is effective.

20. ASSIGNMENT

Customer may not assign its rights or obligations under this MHSA or an Order Form, in whole or in part, to any third party except upon prior written consent of Crate.io. Any purported assignment in violation of this section shall be void. Notwithstanding the foregoing, Crate.io may assign or transfer this MHSA and/or any Order Form, in whole or in part, by operation of law or otherwise, to any of its Affiliates, or in connection with any merger, reorganization, restructuring, change of control, sale of assets, or similar transaction, upon simple written notice to Customer, and without requiring Customer’s consent. Subject to the foregoing, this Agreement and each and all of the provisions hereof bind and benefit the parties and their respective heirs, executors, administrators, legal representatives, successors and assigns.

21. GENERAL

Governing Law and Jurisdiction. This Agreement shall be governed by California law and controlling United States federal law, without regard to the choice or conflicts of law provisions of any jurisdiction. Except as set forth below in this Section 21 (General) , the federal and state courts seated in San Francisco and Santa Clara Counties, California, will have sole and exclusive jurisdiction for all purposes in connection with any action or proceeding that arises from, or relates to, this Agreement, and each party hereby irrevocably waives any objection to such exclusive jurisdiction. Notwithstanding anything in this Agreement to the contrary, Crate.io may seek injunctive or other equitable relief in any court of competent jurisdiction to protect any actual or threatened misappropriation or infringement of its intellectual property rights or those of its licensors, and Customer hereby submits to the exclusive jurisdiction of such courts and waives any objection thereto on the basis of improper venue, inconvenience of the forum or any other grounds.

Force Majeure. Neither party will be responsible for any failure or delay in its performance under this Agreement due to causes beyond its reasonable control, including, but not limited to, labor disputes, strikes, lockouts, shortages of or inability to obtain labor, energy, raw materials or supplies, war, terrorism, riot, acts of God or governmental action, or any other similar events that could not reasonably have been anticipated or prevented. The affected Party shall use commercially reasonable efforts to mitigate the effects of the force majeure event and to resume performance as soon as reasonably practicable.

Export Laws. Customer agrees to comply fully with all relevant export laws and regulations of the United States (“Export Laws”) to ensure that neither the Services, nor any direct product thereof are: (a) exported or re-exported directly or indirectly in violation of Export Laws; or (b) used for any purposes prohibited by the Export Laws, including but not limited to nuclear, chemical, or biological weapons proliferation.
No Partnership. No joint venture, partnership, employment, or agency relationship exists between Customer and Crate.io as a result of this Agreement or use of the Services.

Non-Waiver. The failure of either party to enforce any right or provision in this Agreement shall not constitute a waiver of such right or provision unless acknowledged and agreed to by such party in writing.

Master Hosted Service Agreement

Contents