Terms of Service
Effective as of November 4, 2021
Welcome to the Finicast Planning, Business Intelligence, and Collaboration in one Platform (“Finicast Platform”)! These Terms of Service (“Terms”) of Finicast, Inc. (“Finicast,” “we,” “our,” or “us”) are an agreement that describes your rights and responsibilities as a Finicast customer.
More specifically, these Terms govern how you may access and use: (i) finicast.com,its subdomains, and any other website where these Terms are posted (collectively, the “Website”); (ii) Finicast Platform, which is an online hosted solution;(iii) Finicast’s “Software, ”meaning, collectively, our browser extensions, mobile applications (“Mobile App”), other downloadable apps, application programming interfaces (“APIs”), and tools and documentation; and (iv) the services and resources available or enabled via (i) through (iii) (in which (i) through (iv) are each a “Service” and, collectively, our “Services”).
If you are an individual and you access or use the Services on behalf of a company, principal, or other entity, such as your employer (each, together with its affiliates, an “Organization”),then: (i) these Terms are an agreement between us and you and us and that Organization; (ii) you represent and warrant that you have the authority to bind that Organization to these Terms (and if you do not have the authority, you may not access or use the Services); (iii) your acceptance of these Terms will bind such Organization to these Terms; (iv) your individual right to access and use the Services may be suspended or terminated (and ownership and administration of your Finicast Account may be transferred) if you cease to be associated with, or cease to use an email address associated with or provisioned by, that Organization; (v) we may disclose information regarding you and your use of the Services with such Organization; (vi) if at any time we are notified that authority or consent by the Organization for you to enter into these Terms or use the Services does not exist or has been withdrawn, we reserve the right to promptly terminate your use of the Services (without any right of refund to the Organization); and (vii) the terms “you” and “your”, as used in these Terms, refer to both you and such Organization. If you sign up for the Services using an email address associated with or provisioned by an Organization, or if an Organization pays fees due in connection with your access to or use of the Services (or reimburses you for payment of such fees), or otherwise, then we may deem you, in our sole discretion, to be accessing and using the Services on behalf of that Organization.
PLEASE BE AWARE THAT SECTION 14 OF THESE TERMS CONTAINS PROVISIONS GOVERNING HOW ANY DISPUTES BETWEEN US WILL BE RESOLVED. IN PARTICULAR, IT CONTAINS AN ARBITRATION AGREEMENT WHICH WILL, WITH LIMITED EXCEPTIONS, REQUIRE DISPUTES BETWEEN US TO BE SUBMITTED TO BINDING AND FINAL ARBITRATION. UNLESS YOU OPT OUT OF THEARBITRATION AGREEMENT: (1) YOU WILL ONLY BE PERMITTED TO PURSUE CLAIMS AND SEEK RELIEF AGAINST US ON AN INDIVIDUAL BASIS, NOT AS A PLAINTIFF OR CLASS MEMBER IN ANY CLASS OR REPRESENTATIVE ACTION OR PROCEEDING; AND (2) YOU ARE WAIVING YOUR RIGHT TO PURSUE CLAIMS AND SEEK RELIEF IN A COURT OF LAW AND TO HAVE A JURY TRIAL.
1. Our Service
This policy governs the commercial arrangement entered into by users (referred to as “Customer”) of certain services and software offerings (together, “Services”) provided by Finicast, Inc. (“Finicast,” “we,” or “us”). In order for you to use the Service for a term longer than 6 months, we may require entering into a separate written customer agreement (“Customer Agreement”) with the Organization. The Customer Agreement will authorize the Organization to provide you access to the Service, subject to the Customer Agreement and these Terms.
You may use the Services only if you can form a legally binding contract with us(and on behalf of your Organization as applicable), and only in compliance with these Terms and all applicable local, state, national, and international laws, rules and regulations. To use the Services, you must be at least 13 years old, and in some circumstances even older (please check your local law for the age of digital consent). You represent and warrant that you meet the applicable age requirements and are competent to agree to these Terms, or, if you are unable to form a binding contract under applicable law, you represent and warrant that you have your parent’s or legal guardian’s permission to use the Services, and that your parent or legal guardian is agreeing to these Terms concurrently. If you are a parent or legal guardian of a Finicast User (defined below) who is unable to form a binding contract under applicable law, you are agreeing to these Terms and you are responsible for such Finicast User’s activity on the Services. In our sole discretion, the Services may not be available to any users who were previously removed from a Service.
1.2 Access, Restrictions, and Use
Subject to your compliance with these Terms and the Customer Agreement, you may access and use the Services during the free trial period or longer with the execution of the Customer Agreement, except as may be limited by your Organization as described above. Except as we otherwise agree in writing or to the extent a restriction is prohibited by law, you agree not to do, and not to assist, permit or enable any third party or Application (defined below) to do, any of the following:
- upload any Restricted Content to the Services (defined below);
- disassemble, reverse engineer, decode, or decompile any part of the Services;
- use any robot, spider, scraper, data mining tool, data gathering or extraction tool, or any other automated means, to access, collect, copy or record the Services;
- copy, rent, lease, sell, loan, transfer, assign, sublicense, resell, distribute, modify, alter, or create derivative works of any part of the Services or any of our Intellectual Property (defined below);
- use the Services in a manner that impacts: (i) the stability of our servers; (ii) the operation or performance of the Services or any other user’s use of the Services; or (iii) the behavior of other applications using the Services;
- use the Services in any manner or for any purpose (including, without limitation, by providing Finicast with access to any Content) that: (i) violates or promotes the violation of any applicable law, regulation, legal requirement, contractual obligation, or right of any person including, but not limited to, intellectual property rights, rights of privacy, or rights of personality; (ii) is fraudulent, false, deceptive, or defamatory; (iii) promotes hatred, violence, or harm against any individual or group; (iv) otherwise may be harmful or objectionable (in our sole discretion) to us, our providers, our suppliers, or our users;
- overload, flood, spam, or mail-bomb the Services; or otherwise use the Services in a manner that interferes with or creates an undue burden on a Service, including by sending unsolicited communications, promotions, advertisements, or spam;
- use or display the Services in competition with us, to develop competing products or services, for benchmarking or competitive analysis of the Services, or otherwise to our detriment or disadvantage;
- attempt to interfere with, compromise the system integrity or security of, or decipher any transmissions to or from, the servers running Finicast, except as previously agreed to in a separate writing by the Organization and Finicast;
- transmit viruses, worms, or other software agents through the Services;
- impersonate another person or misrepresent your affiliation with a person or entity, hide or attempt to hide your identity, or otherwise use the Services for any invasive or fraudulent purpose;
- share passwords or authentication credentials for the Services, or otherwise circumvent the measures we may use to prevent or restrict access to the Services or enforce limitations on use of the Services; or
- identify or refer to us or the Services in a manner that could reasonably imply an endorsement, relationship, or affiliation with or sponsorship between you or a third party and us, other than your permitted use of the Services under these Terms, without our express written consent.
1.3 Finicast Accounts
Your account on the Services (your “Finicast Account”) gives you access to the services and functionality that we may establish and maintain from time to time. We may maintain different types of Finicast Accounts for different types of users (each such user, a “Finicast User”). You acknowledge that you do not own your Finicast Account.
You may not use another user’s Finicast Account without such user’s permission. When registering with the Services, you must:(a) provide true, accurate, current and complete information about yourself and(b) maintain and promptly update your registration or profile data to keep it true, accurate, current and complete. You are solely responsible for the activity that occurs on your Finicast Account, and you must keep your Finicast Account password(s) strong and secure. You agree to notify us immediately of any breach of security or unauthorized use of your Finicast Account. Any individual with administrator-level access to your Finicast Account can modify your Finicast Account settings. We will not be liable for any losses caused by any unauthorized use of your Finicast Account, or for any changes to your Finicast Account, including your ability to access your Finicast Account or Your Content (defined below), made by any individual with administrator-level access to your Finicast Account.
You may control certain aspects of your Finicast Account profile and how you interact with the Services by changing the settings in your settings page. By providing us with your email address, you consent to our using the email address to send you Service-related notices, including any notices required by law, in lieu of communication by postal mail. We may also use your email address to send you other marketing or advertising messages, such as changes to features of the Services and special offers. If you do not want to receive such email messages, you may opt out or change your preferences by contacting Finicast Support at email@example.com or by clicking the unsubscribe link within each marketing or advertising message. Opting out will not prevent you from receiving Service-related notices.
1.4 Your Content
As between us and you, you (or your licensors) will own any and all information, data, and other content, in any form or medium, that is collected, downloaded, or otherwise received, directly or indirectly, from you (or on your behalf) byor through Finicast (“Your Content”). For an Organizational account, we may assume, in our sole discretion, that all of Your Content belongs to that Organization.
If you are an individual using the Services on behalf of an Organization and are collaborating with other employees or other individuals who have access to Your Content under your Finicast Account, or if you share Your Content with other individuals within or outside of such Organization, the content on your Finicast Account that you make available to such other individuals (as well as other information, such as the names and contact information of other individuals who have access to your workspace(s) or Your Content within the Services) will be visible, accessible, and, depending on their designated level of access, editable by such individuals.
You can remove Your Content from your Finicast Account by deleting it. However, in certain instances, some of Your Content may not be completely removed. We are not responsible or liable for the removal or deletion of any of Your Content, or any failure to remove or delete such content.
In connection with Your Content, you represent and warrant that: (i) you have all necessary rights, licenses and consents to provide, receive, access and/or use Your Content and any other content you provide, receive, access and/or use through or in connection with the Services; (ii) Your Content does not and will not contain any social security numbers or other government-issued identification numbers, protected health information subject to the Health Insurance Portability and Accountability Act (HIPAA) or other information regarding an individual’s medical history, mental or physical condition, or medical treatment or diagnosis by a health care professional; health insurance information; biometric information; passwords for online accounts; credentials to any financial accounts; tax return data; credit reports or consumer reports; any payment card information subject to the Payment Card Industry Data Security Standard; information subject to the Gramm-Leach-Bliley Act, Fair Credit Reporting Act or the regulations promulgated under either such law; information subject to restrictions under Applicable Data Protection Laws (defined below) governing personal information of children, including, without limitation, all information about children under thirteen (13) years of age; or any information that falls within any special categories of data (as defined in Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016) (“Restricted Content”); and (iii) Your Content and our use thereof as contemplated by these Terms and the Services will not violate any law or infringe any rights of any third party, including but not limited to any intellectual property rights and privacy rights.
We take no responsibility and assume no liability for Your Content. You shall be solely responsible for Your Content and the consequences of posting it, publishing it, sharing it, or otherwise making it available on the Services. You shall be solely responsible and indemnify us for Your Content.
To the extent you receive our Services, subject to your compliance with these Terms and the terms of the Customer Agreement, during the term of the Customer Agreement, we grant to you a non-exclusive, non-transferable, non-sublicensable right and license to use our Services solely as reasonably necessary for your use of the Services in accordance with these Terms. Some Software may be offered under opensource licenses that we will make available to you upon your request. There may be provisions in the open source licenses that expressly override some of these terms.
Subject to your compliance with these Terms and the terms of the Customer Agreement, during the term of the Customer Agreement, Finicast grants you a limited, non-exclusive, non-transferable, non-sublicensable, revocable license to download, install and use a copy of the Mobile App on a single mobile device that you own or control and to run such copy of the Mobile App solely for your own personal or internal business purposes. Furthermore, with respect to any Mobile App accessed through or downloaded from the Apple AppStore (an “App Store Sourced Application”), you will only use such AppStore Sourced Application (a) on an Apple-branded product that runs iOS (Apple’s proprietary operating system) and (b) as permitted by the “Usage Rules” set forth in the Apple App Store Terms of Service. Notwithstanding the first sentence in this section, with respect to any Mobile App accessed through or downloaded from the Google Play store (a “Google Play Sourced Application”), you may have additional license rights with respect to use of such Google Play Sourced Application on a shared basis within your designated family group.
1.6 Service Changes, Suspension, and Termination
These Terms commence on the date when you accept (as described in the preamble above)and remain in full force and effect while you use the Services during the term of the Customer Agreement, unless terminated earlier in accordance with these Terms. We may change the Services, stop providing the Services or features of the Services to you or to our users generally, or create usage limits for the Services. We may permanently or temporarily terminate or suspend your access to the Services without notice and liability, without cause or for any reason, including if in our sole determination you violate any provision of these Terms. You agree that all terminations for cause shall be made in our sole discretion and that we shall not be liable to you or any third party for any termination of your Finicast Account or license. These Terms, including the license to use the Services granted herein will terminate immediately upon termination or expiration of the Customer Agreement for any reason. Upon termination of these Terms, your right to use the Services will automatically terminate immediately. You understand that any termination of this Agreement may involve deletion of Your Content associated therewith from our databases, if any. Upon termination, you continue to be bound by these Terms. All provisions of these Terms which by their nature should survive, shall survive termination of this license, including without limitation, ownership provisions, warranty disclaimers, and limitation of liability.
2. Our Intellectual Property
You acknowledge and agree that the Services and all materials and content displayed or made available on or through the Services, and all software, algorithms, code, technology and intellectual property underlying and included in or with the Services, and all intellectual property rights therein and thereto throughout the world (collectively and individually, our “Intellectual Property”), are our (or our licensors’ as applicable)sole and exclusive property. Except as explicitly provided herein, nothing in these Terms will be deemed to create a license in or under any intellectual property rights, and you agree not to access, sell, license, rent, modify, distribute, copy, reproduce, transmit, publicly display, publicly perform, publish, adapt, edit or create derivative works from any of our Intellectual Property.
and all related graphics, logos, service marks and trade names used on or in connection with the Services are the trademarks of Finicast and may not be used without permission in connection with your or any third-party products or services. Other trademarks, service marks and tradenames that may appear on or in the Service are the property of their respective owners.
You may choose to, or we may invite you to submit, comments, suggestions, enhancement requests, recommendations or other feedback or ideas about the Services, including without limitation about how to improve the Services or our products (“Feedback”). You hereby grant to Finicast a royalty-free, worldwide, transferable, sublicensable, irrevocable, perpetual license to use or incorporate into the Services any such Feedback. Finicast will not identify you as the source of any Feedback. You further acknowledge that, by acceptance of your submission, we do not waive any rights to use similar or related ideas previously known to us, or developed by our employees, or obtained from sources other than you.
3.1 License to Our Developer Tools
Subject to your compliance with these Terms and our Developer Policy, available at finicast.com/developer-policy, which is incorporated herein by reference, during the term of the Customer Agreement, we grant to you a non-exclusive, non-transferable, non-sublicensable right and license to use the Services, our APIs and related tools and documentation in order to develop, test, and support your applications that integrate with our Services (your “Applications”).
3.2 Responsibility for Your Applications
4. Charges and Payment
Unless otherwise specified by us in writing, the Service fees are payable by the Organization and are outlined in the Customer Agreement and/or corresponding Order form.
We have implemented commercially reasonable technical and organizational measures designed to secure Your Content from accidental loss and from unauthorized access, use, alteration or disclosure. However, we cannot guarantee that unauthorized third parties will never be able to defeat those measures or use Your Content for improper purposes. You understand that Internet technologies have the inherent potential for disclosure. You acknowledge that you provide Your Content at your own risk. You can learn more about our security practices at finicast.com/security.
7. DMCA Notice
We respect artist and content owner rights, and it is our policy to respond to alleged infringement notices that comply with the Digital Millennium Copyright Act of 1998 (“DMCA”). It is Finicast’s policy to terminate membership privileges of any user who repeatedly infringes copyright upon prompt notification to Finicast by the copyright owner or the copyright owner’s legal agent.
Without limiting the foregoing, if you believe that your copyrighted work, including any material on any dashboard, report or form made publicly available, has been copied in a way that constitutes copyright infringement and is accessible via the Services, please notify our copyright agent as set forth in the DMCA. For your complaint to be valid under the DMCA, you must provide all of the following information in writing:
- An electronic or physical signature of a person authorized to act on behalf of the copyright owner;
- Identification of the copyrighted work that you claim has been infringed;
- Identification of the material that is claimed to be infringing and where it is located on the Services;
- Information reasonably sufficient to permit us to contact you, such as your address, telephone number, and, e-mail address;
- A statement that you have a good faith belief that use of the material in the manner complained of is not authorized by the copyright owner, its agent, or law; and
- A statement, made under penalty of perjury, that the above information is accurate, and that you are the copyright owner or are authorized to act on behalf of the owner.
The above information must be submitted to our DMCA Agent using the following contact information:
Finicast, Inc. (Attn: Copyright Agent)
Address:1850 Gateway Drive, Suite 150, San Mateo, CA 94404
UNDER FEDERAL LAW, IF YOU KNOWINGLY MISREPRESENT THAT ONLINE MATERIAL IS INFRINGING,YOU MAY BE SUBJECT TO CRIMINAL PROSECUTION FOR PERJURY AND CIVIL PENALTIES,INCLUDING MONETARY DAMAGES, COURT COSTS, AND ATTORNEYS’ FEES.
Please note that the preceding requirements do not constitute legal advice. In accordance with the DMCA and other applicable law, we have adopted a policy of terminating, in appropriate circumstances, users who are deemed to be repeat infringers. We may also at our sole discretion limit access to the Services and/or terminate the Finicast Accounts of any Finicast Users who infringe any intellectual property rights of others, whether or not there is any repeat infringement.
8. Third-Party Services
8.2 App Store
You acknowledge and agree that the availability of the Mobile App and the Services is dependent on the third party from whom you received the Mobile App license, e.g., the Apple App Store or Google Play (each, an “App Store”). You acknowledge that the Agreement is between you and Finicast and not with the App Store. Finicast, not the App Store, is solely responsible for the Services, including the Mobile App, the content thereof, maintenance, support services, and warranty therefor, and addressing any claims relating thereto (e.g., product liability, legal compliance or intellectual property infringement). In order to use the Mobile App, you must have access to a wireless network, and you agree to pay all fees associated with such access. You also agree to pay all fees (if any) charged by the App Store in connection with the Services, including the Mobile App. You agree to comply with, and your license to use the Mobile App is conditioned upon your compliance with all terms of agreement imposed by the applicable App Store when using any Service, including the Mobile App. You acknowledge that the App Store (and its subsidiaries) are third-party beneficiaries of the Agreement and will have the right to enforce it.
8.3 Accessing and Downloading the Mobile App from iTunes
The following applies to any App Store Sourced Application accessed through or downloaded from the Apple App Store:
(a) You acknowledge and agree that (i) the Agreement is concluded between you and Finicast only, and not Apple, and (ii) Finicast, not Apple, is solely responsible for the App Store Sourced Application and content thereof. Your use of the App Store Sourced Application must comply with the App Store Terms of Service.
(b) You acknowledge that Apple has no obligation whatsoever to furnish any maintenance and support services with respect to the App Store Sourced Application.
(c) In the event of any failure of the App Store Sourced Application to conform to any applicable warranty, you may notify Apple, and Apple will refund the purchase price for the App Store Sourced Application to you and to the maximum extent permitted by applicable law, Apple will have no other warranty obligation whatsoever with respect to the App Store Sourced Application. As between Finicast and Apple, any other claims, losses, liabilities, damages, costs or expenses attributable to any failure to conform to any warranty will be the sole responsibility of Finicast.
(d) You and Finicast acknowledge that, as between Finicast and Apple, Apple is not responsible for addressing any claims you have or any claims of any third party relating to the App Store Sourced Application or your possession and use of the App Store Sourced Application, including, but not limited to: (i) product liability claims; (ii) any claim that the App Store Sourced Application fails to conform to any applicable legal or regulatory requirement; and (iii) claims arising under consumer protection or similar legislation.
(e) You and Finicast acknowledge that, in the event of any third-party claim that the App Store Sourced Application or your possession and use of that App Store Sourced Application infringes that third party’s intellectual property rights, as between Finicast and Apple, Finicast, not Apple, will be solely responsible for the investigation, defense, settlement and discharge of any such intellectual property infringement claim to the extent required by the Agreement.
(f) You and Finicast acknowledge and agree that Apple, and Apple’s subsidiaries, are third-party beneficiaries of the Agreement as related to your license of the App Store Sourced Application, and that, upon your acceptance of the terms and conditions of the Agreement, Apple will have the right (and will be deemed to have accepted the right) to enforce the Agreement as related to your license of the App Store Sourced Application against you as a third-party beneficiary thereof.
(g) Without limiting any other terms of the Agreement, you must comply with all applicable third-party terms of agreement when using the App Store Sourced Application.
You agree to defend, indemnify and hold us and our affiliates, agents, suppliers or licensors (and our and their employees, contractors, agents, officers and directors) (each, a “Finicast Party” and collectively, the “Finicast Parties”) harmless from and against any and all claims, damages, obligations, losses, liabilities, costs or debt, and expenses (including but not limited to attorney’s fees) arising from: (i) your access to or use of the Services; (ii) your violation of any aspect of these Terms, including without limitation your breach of any of your representations and warranties; (iii)your violation of any third-party right, including without limitation any right of privacy or intellectual property rights; (iv) your violation of any applicable law, rule or regulation; (v) Your Content, including without limitation any misleading, false, or inaccurate information in Your Content;(vi) your willful misconduct; or (vii) any third party’s access to or use of the Services with your username(s), password(s) or other security code(s). Finicast reserves the right, at its own cost, to assume the exclusive defense and control of any matter otherwise subject to indemnification by you, in which event you agree to fully cooperate with Finicast in asserting any available defenses. This provision does not require you to indemnify any of the Finicast Parties for any unconscionable commercial practice by such party or for such party’s fraud, deception, false promise, misrepresentation or concealment, or suppression or omission of any material fact in connection with any Services provided here under. You agree that the provisions in this section will survive any termination of your Finicast Account, these Terms, the Customer Agreement and/or your access to the Services.
10. No Warranty
OUR SERVICES ARE PROVIDED ON AN “AS IS” AND “AS AVAILABLE” BASIS. USE OF OUR SERVICES IS AT YOUR OWN RISK. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, OUR SERVICES ARE PROVIDED WITHOUT WARRANTIES OF ANY KIND, WHETHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, IMPLIED WARRANTIES OF MERCHANT ABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT. NO ADVICE OR INFORMATION, WHETHER ORAL ORWRITTEN, OBTAINED BY YOU FROM US OR THROUGH OUR SERVICES WILL CREATE ANY WARRANTY NOT EXPRESSLY STATED HEREIN. WITHOUT LIMITING THE FOREGOING, WE, OUR SUBSIDIARIES, OUR AFFILIATES, AND OUR LICENSORS DO NOT WARRANT THAT ANY CONTENT ON OUR SERVICES IS ACCURATE, RELIABLE OR CORRECT; THAT OUR SERVICES WILL MEET YOUR REQUIREMENTS; THAT OUR SERVICES WILLBE AVAILABLE AT ANY PARTICULAR TIME OR LOCATION, UNINTERRUPTED OR SECURE; THAT ANY DEFECTS OR ERRORS WILL BE CORRECTED; OR THAT OUR SERVICES ARE FREE OF VIRUSES OR OTHER HARMFUL COMPONENTS. YOUWILL BE SOLELY RESPONSIBLE FOR ANY DAMAGE TO YOUR COMPUTER SYSTEM OR MOBILE DEVICE OR LOSS OF DATA THAT RESULTS FROM YOUR USE OF OUR SERVICES OR ANY DOWNLOAD OF CONTENT THROUGH THE USE OF OUR SERVICES. FEDERAL LAW, SOME STATES OR PROVINCES ANDOTHER JURISDICTIONS DO NOT ALLOW THE EXCLUSION AND LIMITATIONS OF CERTAIN IMPLIED WARRANTIES, SO THE ABOVE EXCLUSIONS MAY NOT APPLY TO YOU. THESE TERMS GIVE YOU SPECIFIC LEGAL RIGHTS,AND YOU MAY ALSO HAVE OTHER RIGHTS WHICH VARY BY JURISDICTION. THE DISCLAIMERS AND EXCLUSIONS UNDER THESE TERMS WILL NOT APPLY TO THE EXTENT PROHIBITED BY APPLICABLE LAW.
11. Limitation of Liability
TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT WILL WE OR OUR AFFILIATES, AGENTS, SUPPLIERS OR LICENSORS (OR OUR OR THEIR EMPLOYEES, CONTRACTORS, AGENTS, OFFICERS OR DIRECTORS) BE LIABLE FOR ANY INDIRECT, PUNITIVE, INCIDENTAL, SPECIAL, CONSEQUENTIAL OR EXEMPLARY DAMAGES, INCLUDINGWITHOUT LIMITATION DAMAGES FOR LOSS OF PROFITS, GOODWILL, USE, DATA OR OTHER INTANGIBLE LOSSES, ARISING OUT OF OR RELATING TO THE USE OF, OR INABILITY TOUSE, OUR SERVICES. UNDER NOCIRCUMSTANCES WILL WE BE RESPONSIBLE FOR ANY DAMAGE, LOSS OR INJURY RESULTING FROM HACKING, TAMPERING OR OTHER UNAUTHORIZED ACCESS OR USE OF OUR SERVICES OR YOUR FINICAST ACCOUNT OR THE INFORMATION CONTAINED THEREIN.
TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, WE ASSUME NO LIABILITY ORRESPONSIBILITY FOR ANY (I) ERRORS, MISTAKES, OR INACCURACIES OF CONTENT; (II) PERSONAL INJURY OR PROPERTY DAMAGE, OF ANY NATURE WHATSOEVER, RESULTING FROM YOUR ACCESS TO OR USE OF OUR SERVICES; (III) ANY UNAUTHORIZED ACCESS TO OR USEOF OUR SECURE SERVERS AND/OR ANY AND ALL PERSONAL INFORMATION STORED THEREIN;(IV) ANY INTERRUPTION OR CESSATION OF TRANSMISSION TO OR FROM OUR SERVICES; (V)ANY BUGS, VIRUSES, TROJAN HORSES, OR THE LIKE THAT MAY BE TRANSMITTED TO OR THROUGH OUR SERVICES BY ANY THIRD PARTY; (VI) ANY ERRORS OR OMISSIONS IN ANY CONTENT OR FOR ANY LOSS OR DAMAGE INCURRED AS A RESULT OF THE USE OF ANY CONTENT POSTED, EMAILED, TRANSMITTED, OR OTHERWISE MADE AVAILABLE THROUGH OURSERVICES; AND/OR (VII) YOUR DATA OR THE DEFAMATORY, OFFENSIVE, OR ILLEGAL CONDUCT OF ANY THIRD PARTY.
IN NO EVENT WILL WE OR OUR AFFILIATES, AGENTS, SUPPLIERS OR LICENSORS (OR OUR OR THEIR EMPLOYEES, CONTRACTORS, AGENTS, OFFICERS OR DIRECTORS) BE LIABLE TO YOUFOR ANY CLAIMS, PROCEEDINGS, LIABILITIES, OBLIGATIONS, DAMAGES, LOSSES OR COSTSIN AN AMOUNT EXCEEDING THE AMOUNT (IN THE AGGREGATE) OF THE FEES RECEIVED BYFINICAST FROM THE ORGANIZATION FOR YOUR LICENSE TO THE SERVICES OR $100.00,WHICHEVER IS GREATER.
THIS LIMITATION OF LIABILITY SECTION APPLIES WHETHER THE ALLEGED LIABILITY IS BASED ON CONTRACT, TORT, NEGLIGENCE, STRICT LIABILITY, OR ANY OTHER BASIS, EVEN IF WEHAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THE ABOVE LIMITATIONS OR EXCLUSIONS MAY NOT APPLY TO YOU. THIS AGREEMENT GIVES YOU SPECIFIC LEGAL RIGHTS, AND YOU MAY ALSO HAVE OTHER RIGHTS WHICH VARY FROM STATE TO STATE. THE DISCLAIMERS, EXCLUSIONS, AND LIMITATIONSOF LIABILITY UNDER THIS AGREEMENT WILL NOT APPLY TO THE EXTENT PROHIBITED BYAPPLICABLE LAW.
12.1 Confidential Information
From time to time, either party to these Terms (the “Disclosing Party”) may disclose or make available to the other(the “Receiving Party”) non-public, proprietary, or confidential information of the Disclosing Party (“Confidential Information”). Confidential Information includes any information that reasonably should be understood to be confidential given the nature of the information and the circumstances of disclosure, including non-public business, product, technology and marketing information. Confidential Information does not include any information that: (i) is or becomes generally available to the public other than as a result of the Receiving Party's breach of this confidentiality section; (ii) is or becomes available to the Receiving Party on anon-confidential basis from a third-party source, provided that such third party is not and was not prohibited from disclosing such Confidential Information; (iii) was in the Receiving Party's possession prior to the Disclosing Party's disclosure thereof; or (iv) was or is independently developed by the Receiving Party without using any of the Disclosing Party’s Confidential Information.
12.2 Protection and Use of Confidential Information
12.3 Compelled Access or Disclosure
If the Receiving Party is required by applicable law or legal process to disclose any Confidential Information, it shall, prior to making such disclosure, use commercially-reasonable efforts to notify the Disclosing Party of such requirements to afford the Disclosing Party the opportunity to seek, at the Disclosing Party's sole cost and expense, a protective order or other remedy.
12.4 Injunctive Relief
Each of the parties to these Terms acknowledges that the other party will be irreparably harmed if Confidential Information of the other is distributed in breach of this Section, and that such other party would not have an adequate remedy at law in the event of such an actual or threatened breach. Therefore, each of the parties agrees that the other party shall be entitled to seek injunctive relief against any actual or threatened breaches of this Section by the other party without the necessity of showing actual damages or showing that monetary damages would not afford an adequate remedy.
13. Governing Law
You agree that: (i) we will be deemed solely based in California; and (ii) the Services will be deemed passive that do not give rise to personal jurisdiction over us, either specific or general, in jurisdictions other than California. These Terms will be governed by the internal substantive laws of the State of California, without respect to its conflict of laws principles. The parties acknowledge that these Terms evidence a transaction involving interstate commerce. Notwithstanding the preceding sentences with respect to the substantive law, any arbitration conducted pursuant to Section 14of these Terms will be governed by the Federal Arbitration Act (9 U.S.C. §§ 1-16). The application of the United Nations Convention on Contracts for the International Sale of Goods is expressly excluded. You agree to submit to the personal jurisdiction of the federal and state courts located in San Francisco, California for any actions for which we retain the right to seek injunctive or other equitable relief in a court of competent jurisdiction to prevent the actual or threatened infringement, misappropriation or violation of a our copyrights, trademarks, trade secrets, patents, or other intellectual property or proprietary rights, as set forth in the Arbitration provision below, including any provisional relief required to prevent irreparable harm. You agree that San Francisco, California is the proper forum for any appeals of an arbitration award or for trial court proceedings in the event that the arbitration provision below is found to be unenforceable.
14. Arbitration and Class Action/Jury Trial Waiver
READTHIS SECTION (“ARBITRATION AGREEMENT”) CAREFULLY BECAUSE IT REQUIRES THEPARTIES TO ARBITRATE THEIR DISPUTES AND LIMITS THE MANNER IN WHICH YOU CAN SEEKRELIEF FROM US.
For any dispute with us, you agree to first contact us at firstname.lastname@example.org and attempt to resolve the dispute with us informally. In the unlikely event that we have not be enable to resolve a dispute we have with you after sixty (60) days, we each agree to resolve any claim, dispute, or controversy (excluding any claims for injunctive or other equitable relief as provided below) arising out of or in connection with or relating to these Terms, or the breach or alleged breach thereof (collectively, “Claims”), by binding arbitration by JAMS, under the Optional Expedited Arbitration Procedures then in effect for JAMS, except as provided herein. JAMS may be contacted at www.jamsadr.com. The arbitration will be conducted in San Francisco, California, unless you and we agree otherwise. If you are using Finicast for commercial purposes, each party will be responsible for paying any JAMS filing, administrative and arbitrator fees in accordance with JAMS rules, and the award rendered by the arbitrator will include costs of arbitration, reasonable attorneys’ fees and reasonable costs for expert and other witnesses. If you are an individual using Finicast for non-commercial purposes: (i) JAMS may require you to pay a fee for the initiation of your case, unless you apply for and successfully obtain a fee waiver from JAMS; (ii) the award rendered by the arbitrator may include your costs of arbitration, your reasonable attorney’s fees, and your reasonable costs for expert and other witnesses; and (iii) you may sue in a small claims court of competent jurisdiction without first engaging in arbitration, but this does not absolve you of your commitment to engage in the informal dispute resolution process. Any judgment on the award rendered by the arbitrator may be entered in any court of competent jurisdiction. NOTHING IN THIS SECTION WILL BE DEEMED AS PREVENTING US FROM SEEKING INJUNCTIVE OR OTHER EQUITABLERELIEF FROM THE COURTS AS NECESSARY TO PREVENT THE ACTUAL OR THREATENED INFRINGEMENT, MISAPPROPRIATION, OR VIOLATION OF OUR DATA SECURITY, INTELLECTUALPROPERTY RIGHTS OR OTHER PROPRIETARY RIGHTS.
14.2 Authority of Arbitrator
The arbitrator shall have exclusive authority to (a) determine the scope and enforceability of this Arbitration Agreement and (b) resolve any dispute related to the interpretation, applicability, enforceability or formation of this Arbitration Agreement including, but not limited to, any assertion that all or any part of this Arbitration Agreement is void or voidable. The arbitration will decide the rights and liabilities, if any, of you and Finicast. The arbitration proceeding will not be consolidated with any other matters or joined with any other cases or parties. The arbitrator shall have the authority to grant motions dispositive of all or part of any claim. The arbitrator shall have the authority to award monetary damages and to grant any non-monetary remedy or relief available to an individual under applicable law, the arbitral forum’s rules, and the Agreement (including the Arbitration Agreement). The arbitrator shall issue a written award and statement of decision describing the essential findings and conclusions on which the award is based, including the calculation of any damages awarded. The arbitrator has the same authority to award relief on an individual basis that a judge in a court of law would have. The award of the arbitrator is final and binding upon you and us.
14.3 Class Action/Jury Trial Waiver
WITH RESPECT TO ALL PERSONS AND ENTITIES, REGARDLESS OF WHETHER THEY HAVE OBTAINED OR USED OUR SERVICES FOR PERSONAL, COMMERCIAL OR OTHER PURPOSES, ALL CLAIMS MUST BE BROUGHT IN THE PARTIES’ INDIVIDUAL CAPACITY, AND NOT AS A PLAINTIFF ORCLASS MEMBER IN ANY PURPORTED CLASS ACTION, COLLECTIVE ACTION, PRIVATE ATTORNEY GENERAL ACTION OR OTHER REPRESENTATIVE PROCEEDING. THIS WAIVER APPLIES TO CLASS ARBITRATION, AND, UNLESS WE AGREE OTHERWISE, THE ARBITRATOR MAY NOT CONSOLIDATE MORE THAN ONE PERSON’S CLAIMS. YOU AGREE THAT, BY ENTERING INTO THIS AGREEMENT, YOU AND WE ARE EACH WAIVING THE RIGHT TO A TRIAL BY JURY OR TO PARTICIPATE IN A CLASS ACTION, COLLECTIVE ACTION, PRIVATE ATTORNEY GENERAL ACTION, OR OTHER REPRESENTATIVE PROCEEDING OF ANY KIND.
14.4 30-Day Right to Opt Out.
You have the right to opt out of the provisions of this Arbitration Agreement by sending written notice of your decision to opt out to: email@example.com,within thirty (30) days after first becoming subject to this Arbitration Agreement. Your notice must include your name and address, your Finicast username (if any), the email address you used to set up your Finicast Account (if you have one), and an unequivocal statement that you want to opt out of this Arbitration Agreement. If you opt out of this Arbitration Agreement, all other parts of this Agreement will continue to apply to you. Opting out of this Arbitration Agreement has no effect on any other arbitration agreements that you may currently have, or may enter in the future, with us.
If any part or parts of this Arbitration Agreement are found under the law to be invalid or unenforceable, then such specific part or parts shall be of no force and effect and shall be severed and the remainder of the Arbitration Agreement shall continue in full force and effect.
14.6 Survival of Agreement.
This Arbitration Agreement will survive the termination of your relationship with Finicast.
Not withstanding any provision in these Terms or the Customer Agreement to the contrary, we agree that if Finicast makes any future material change to this Arbitration Agreement, you may reject that change within thirty (30) days of such change becoming effective by writing Finicast at the following address: 1850 Gateway Drive, Suite 150, San Mateo, CA 94404.
15. U.S. Government Restricted Rights
If the Services are being used by the U.S. Government, the Services are commercial computer software and documentation developed exclusively at private expense, and (i) if acquired by or on behalf of a civilian agency, will be subject to the terms of this computer software license as specified in 48 C.F.R. 12.212 of the Federal Acquisition Regulations and its successors; and (ii) if acquired by or on behalf of units of the Department of Defense (“DOD”) will be subject to the terms of this commercial computer software license as specified in 48 C.F.R. 227.7202-3, DOD FAR Supplement and its successors.
16. Export Controls
You understand and acknowledge that the Services may be subject to export control laws and regulations. You agree to comply with all applicable export and re-export control and trade and economic sanctions laws, including the Export Administration Regulations maintained by the U.S. Department of Commerce, trade and economic sanctions maintained by the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC), and the International Traffic in Arms Regulations maintained by the U.S. State Department. Neither you, nor any person to which you make the Services available or that is acting on your behalf, or, if you are an Organization, any of your subsidiaries, or any of your or their directors, officers or employees, or any person owning 50% or more of your equity securities or other equivalent voting interests, is (i) a person on the List of Specially Designated Nationals and Blocked Persons or any other list of sanctioned persons administered by OFAC or any other governmental entity, or(ii) a national or resident of, or a segment of the government of, any country or territory for which the United States maintains trade and economic sanctions or embargoes.
17. Publicity Rights
We may identify you as a Finicast customer in our promotional materials. We will promptly stop doing so upon your request sent to firstname.lastname@example.org.
These Terms, and any rights and licenses granted hereunder, may not be transferred or assigned by you without our prior express written consent, but may be assigned by us without restriction. Any attempted transfer or assignment in violation hereof will be null and void.
18.2Notification Procedures and Changes to these Terms
18.3 Force Majeure
Finicast shall not be liable for any delay or failure to perform resulting from causes outside its reasonable control, including, but not limited to, acts of God, pandemics, war, terrorism, riots, embargos, acts of civil or military authorities, fire, floods, accidents, strikes or shortages of transportation facilities, fuel, energy, labor or materials.
Where Finicast requires that you provide an e-mail address, you are responsible for providing Finicast with your most current e-mail address. In the event that the last e-mail address you provided to Finicast is not valid, or for any reason is not capable of delivering to you any notices required/ permitted by the Agreement, Finicast’s dispatch of the e-mail containing such notice will nonetheless constitute effective notice. You may give notice to Finicast at the following address: 1850 Gateway Drive, Suite 150, San Mateo, CA94404. Such notice shall be deemed given when received by Finicast by letter delivered by nationally recognized overnight delivery service or first class postage prepaid mail at the above address.
18.5 Entire Agreement/Severability
These Terms, together with any amendments and any additional agreements you may enter into with us in connection with the Services, will constitute the entire agreement between you and us concerning the Services. None of our employees or representatives are authorized to make any modification or addition to these Terms. Any statements or comments made between you and any of our employees or representatives are expressly excluded from these Terms and will not apply to you or us or your use of the Services. If any provision of these Terms is deemed invalid by a court of competent jurisdiction, the invalidity of such provision will not affect the validity of the remaining provisions of these Terms, which will remain in full force and effect, except that in the event of unenforceability of the universal Class Action/Jury Trial Waiver, the entire arbitration agreement will be unenforceable.
18.6 No Waiver
No waiver of any term of these Terms will be deemed a further or continuing waiver of such term or any other term, and our failure to assert any right or provision under these Terms will not constitute a waiver of such right or provision.
18.7 California Residents
If you are a California resident, in accordance with Cal. Civ. Code §1789.3, you may report complaints to the Complaint Assistance Unit of the Division of Consumer Services of the California Department of Consumer Affairs by contacting them in writing at 1625 North Market Blvd., Suite N 112 Sacramento, CA 95834, or by telephone at (800) 952-5210 or (916) 445-1254.
If you have any questions about these Terms, please contact us at email@example.com.
Data Processing Policy
This Data Processing Policy, including the California Disclosure and Security Measures, (altogether, the “Policy”) explain Finicast’s data protection and practices in compliance with applicable laws.
For purposes of this Policy, the terms below have the meanings set forth below.
1.1 Affiliate means any entity that directly or indirectly controls, is controlled by, or is under common control with the subject entity, where “control” refers to the power to direct or cause the direction of the subject entity, whether through ownership of voting securities, by contract or otherwise.
1.2 Applicable Data Protection Laws means the laws of any jurisdiction applicable to the confidentiality, privacy and/or security of Personal Data or processing thereof, including, without limitation, the CCPA.
1.3 CCPA means the California Consumer Privacy Act of 2018 and any regulations promulgated thereunder, in each case, as amended from time to time.
1.4 Information Security Incident means a breach of Finicast’s security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Data in Finicast’s possession, custody or control.
1.5 Personal Data means any information that Customer provides to Finicast for the provision of the Service that constitutes “personal information”, “personally identifiable information”, “personal data” or similar information governed by the CCPA or other Applicable Data Protection Laws, except that Personal Data does not include such information pertaining to Customer’s personnel or representatives who are end users of the Services or business contacts of Finicast.
1.6 Security Measures has the meaning given in Section 4.1 (Finicast’s Security Measures).
1.7 Subprocessors means third parties engaged by Finicast who are authorized under this Policy to process Personal Data in relation to the Service.
2. Duration and Scope of Disclosure
2.1 This Policy will remain in effect until, and automatically expire upon, Finicast’s deletion of all Personal Data.
2.2 Appended, the California Disclosure applies to Personal Data or the processing there of subject to the CCPA.
3. Personal Data Processing
Finicast will process Personal Data only incompliance with Applicable Data Protection Laws and only as necessary to perform its obligations and exercise its rights as a data processor.
4.1 Finicast Security Measures. Finicast will implement and maintain reasonable technical and organizational measures designed to protect Personal Data against Information Security Incidents, including, without limitation, the measures described in appended Security Measures. Such Security Measures shall comply with Applicable Data Protection Laws.
4.2 Information Security Incidents. If Finicast becomes aware of an Information Security Incident, Finicast will (a) notify Customer of the Information Security Incident without undue delay after becoming aware of the Information Security Incident and (b) take reasonable steps to identify the cause of such Information Security Incident, minimize harm and prevent a recurrence. Notifications made pursuant to this Section 4.2 will describe, to the extent possible, details of the Information Security Incident, including steps taken to mitigate the potential risks and steps Finicast recommends Customer take to address the Information Security Incident.
5. Data Subject Rights
5.1 Customer’s Responsibility for Requests. If Finicast receives any request from an individual in relation to the data subject’s Personal Data, Finicast will notify Customer in writing of such requests promptly and in no event later than five (5) days of Finicast’s receipt thereof, and Finicast shall not take any action in response to such request except in accordance with Customer’s written instructions.
5.2 Finicast’s Data Subject Request Assistance. Finicast will (taking into account the nature of the processing of Personal Data) provide Customer with self-service functionality through the Service or other reasonable assistance as necessary for Customer to perform its obligation under Applicable Data Protection Law to fulfill requests by individuals to exercise their rights under Applicable Data Protection Laws within any deadlines imposed thereunder.
6.1 Customer may audit Finicast’s compliance with its obligations under this Policy up to once per year and on such other occasions as may be required by Applicable Data Protection Laws.
6.2 If the controls or measures to be assessed in the requested audit are addressed in an SOC 2 Type 2, ISO, NIST or similar audit report performed by a qualified third party auditor within twelve (12) months of Customer’s audit request and Finicast has certified in writing that there are no known material changes in the controls audited, Customer agrees to accept such report lieu of requesting an audit of such controls or measures.
6.3 The audit must be conducted during regular business hours, and may not unreasonably interfere with Finicast business activities.
6.4 Any audits are at Customer’s expense unless the audit identifies noncompliance with this Policy in any material respect, in which case Finicast will reimburse Customer for its out-of-pocket costs and expenses associated with the portion of the audit covering Finicast specifically.
7.1 Consent to Subprocessor Engagement. Subject to this Policy, Customer generally authorizes the engagement of Subprocessors.
7.2 Current Subprocessors. All Subprocessors engaged by Finicast as of the date of this Policy, if any, and a description of their functions are as follows:
7.3 New Subprocessors. When engaging any Subprocessor, Finicast will enter into a written contract with such Subprocessor containing data protection obligations not less protective than those in this Policy with respect to Personal Data. Finicast shall be liable for all obligations subcontracted to, and all acts and omissions of, the Subprocessor. Finicast shall not permit any Subprocessor to process Personal Data in or from any location outside of the United States, Canada or the European Union without Customer’s prior written consent.
7.4 Opportunity to Object to Subprocessor Changes. When any new Subprocessor not listed in Section 7.2 is engaged during the term of this engagement, Finicast will notify Customer of the engagement (including the name and location of the relevant Subprocessor and the activities it will perform) at least 10 days prior to such engagement. If Customer objects to such engagement in a written notice to Finicast within 10 days of being informed thereof on reasonable grounds relating to the protection of Personal Data, Customer and Finicast will work together in good faith to find a mutually acceptable resolution to address such objection. If the parties are unable to reach a mutually acceptable resolution within a reasonable timeframe, Customer may, as its sole and exclusive remedy, terminate the commercial arrangement and cancel the Service by providing written notice to Finicast and receive a refund of any prepaid fees under the commercial arrangement.
Upon termination of Customer’s access to the Service, Finicast shall delete or cause the deletion of all Personal Data in the care, custody or control of Finicast and any Subprocessor as soon as reasonably practicable, except to the extent retention thereof is required bylaw.
9. Prohibited Data
Customer represents and warrants to Finicast that Customer has not provided and will not provide, without Finicast’s prior written consent, the following for Customer to Process: any social security numbers or other government-issued identification numbers, protected health information subject to the Health Insurance Portability and Accountability Act(HIPAA) or other information regarding an individual’s medical history, mental or physical condition, or medical treatment or diagnosis by a healthcare professional; health insurance information; biometric information; passwords for online accounts; credentials to any financial accounts; tax return data; credit reports or consumer reports; any payment card information subject to the Payment Card Industry Data Security Standard; information subject to the Gramm-Leach-Bliley Act, Fair Credit Reporting Act or the regulations promulgated under either such law; information subject to restrictions under Applicable Data Protection Laws governing Personal Data of children, including, without limitation, all information about children under 13 years of age.
1. Finicast shall not retain, use, or disclose any Personal Data that constitutes “personal information” under the CCPA (“CA Personal Information”) for any purpose other than for the specific purpose of providing the Service, or as otherwise permitted by CCPA ,including retaining, using, or disclosing the CA Personal Information for a commercial purpose (as defined in CCPA) other than providing the Services.
2. Finicast shall not (a) sell any CA Personal Information; (b) retain, use or disclose any CA Personal Information for any purpose other than for the specific purpose of providing the Service, including retaining, using, or disclosing the CA Personal Information for a commercial purpose (as defined in the CCPA) other than provision of the Service; or (c) retain, use or disclose the CA Personal Information outside of the direct business relationship between Finicast and Customer. Finicast hereby certifies that it understands its obligations under this Section 2 and will comply with them.
3. Provision of the Services encompasses the processing authorized in Section 3 of the Policy.
4. The parties acknowledge and agree that Finicast’s access to CA Personal Information is not part of the consideration exchanged by the parties entering this commercial arrangement.
At all times that the Finicast processes Personal Data, Finicast will have implemented and maintain the following Security Measures:
1. Formal written information security policies and procedures designed to protect the confidentiality, availability and integrity of Personal Data and any systems that store or otherwise process it, which are aligned with an industry-standard control framework (e.g., NIST SP 800-53, ISO 27001, SOC 2Type 2, CIS Critical Security Controls); approved by executive management; reviewed and updated at least annually; and communicated to all personnel with access to Personal Data.
2. Organizational management and dedicated staff responsible for the development, implementation and maintenance of Finicast’s information security program.
3. Training all personnel with access to Personal Data on their and the Finicast’s data protection obligations.
4. Audit and risk assessment procedures for the purposes of periodic review and assessment of risks to Finicast’s organization, monitoring and maintaining compliance with Finicast’s policies and procedures, and reporting the condition of its information security and compliance to internal senior management.
5. Data security controls which include at a minimum, but may not be limited to, logical segregation of data, restricted(e.g. role-based) access and monitoring, and utilization of commercially available and industry standard encryption technologies for Personal Data that is (a) transmitted over public networks (i.e. the Internet) or when transmitted wirelessly; or (b) at rest or stored on portable or removable media (i.e. laptop computers, CD/DVD, USB drives, back-up tapes).
6. Logical access controls designed to manage electronic access to data and system functionality based on authority levels and job functions (e.g. granting access on a need-to-know basis, use of unique IDs and passwords for all users, periodic review and revoking/changing access when employment terminates or changes in job functions occur).
7. Password controls designed to manage and control password strength, expiration and usage including prohibiting users from sharing passwords and requiring that Finicast passwords that are assigned to its employees: (i) be at least eight (8) characters in length, (ii) not be stored in readable format on Finicast’s computer systems;(iii) must be changed every ninety (90) days; (iv) must have defined complexity;(v) must have a history threshold to prevent reuse of recent passwords; and(vi) newly issued passwords must be changed after first use.
8. Physical and environmental security of data center, server room facilities and other areas containing Personal Data designed to: (i) protect information assets from unauthorized physical access, (ii) manage, monitor and log movement of persons into and out of Finicast facilities, and (iii) guard against environmental hazards such as heat, fire and water damage.
9. Change management procedures and tracking mechanisms designed to test, approve and monitor all changes to Finicast’s technology and information assets.
10. Incident / problem management procedures designed to allow Finicast to investigate, respond to, mitigate and notify of events related to Finicast’s technology and information assets.
11. Network security controls that provide for the use of enterprise firewalls, and intrusion detection systems and other traffic and event correlation procedures designed to protect systems from intrusion and limit the scope of any successful attack.
12. Vulnerability assessment and threat protection technologies and scheduled monitoring procedures designed to identify, assess, mitigate and protect against identified security threats, viruses and other malicious code.
13. Business resiliency/continuity and disaster recovery procedures designed to maintain service and/or recovery from foreseeable emergency situations or disasters.