Contracts
- GoodData Cloud Terms of Service
- GoodData Platform Terms of Use
- GoodData Platform Free Terms of Use
- GoodData Platform Trial Terms of Use
- GoodData.CN PoweredBy Data as a Service Program Agreement
- GoodData Privacy Policy
- GoodData Cookie Policy
- GoodData Data Processing Addendum
- GoodData List of Sub-processors
- GoodData Business Associate Agreement
- GoodData Ancillary Services Terms of Use
- GoodData Community and University Terms of Use
- GoodData Enterprise Shield Add-Ons Terms
- GoodData Patents
- GoodData Platform Product Specific Terms
- GoodData Cloud Product Specific Terms
- GoodData Cloud Support Policies and Service Level Commitment
- GoodData.CN Support Policies
- GoodData Platform Support Policies and Service Level Commitment
- GoodData.CN Product Specific Terms
- GoodData Vulnerability Reporting Policy
- FREE Terms of Use
- Pay-By-Link Additional Terms
- Whistleblowing at GoodData
- CCPA Employee and Applicant Privacy Notice
GoodData Cloud Terms of Service
Version 1.15
Effective October 15th 2024
DownloadTable of Contents
GoodData Cloud Terms of Service
Last Updated: October 15, 2024
BY USING THE SERVICES OR CLICKING THAT YOU AGREE OR ACCEPT THIS AGREEMENT, THE ENTITY IDENTIFIED DURING THE REGISTRATION PROCESS FOR THE SERVICES OR IDENTIFIED IN THE ORDER (THE "COMPANY") AGREES TO BE BOUND BY THE TERMS OF THIS GOODDATA CLOUD TERMS OF SERVICE (THIS “AGREEMENT“) AND ALL OTHER SUPPLEMENTAL TERMS ATTACHED HERETO OR REFERENCED HEREIN. IF YOU DO NOT HAVE THE AUTHORITY TO ENTER INTO THIS AGREEMENT, OR IF THE COMPANY DOES NOT AGREE WITH THESE TERMS AND CONDITIONS, NEITHER YOU NOR THE COMPANY MAY USE THE SERVICES, AS DEFINED BELOW.
1. Definitions.
(b) "Applicable Data Protection Law" means all applicable international, federal, national and state privacy and data protection laws that apply to the processing of Personal Data that is the subject matter of the Agreement (including, where applicable, European Data Protection Law and the CCPA).
(c) “CCPA” means the California Consumer Privacy Act of 2018, Cal. Civil Code § 1798.100 et seq.
(d) “Customer” means any entity that accesses or uses the Data Product (i) with whom Company has a legal agreement directly (including any of a customer’s affiliates covered by such agreement) ("Direct Customer"), or (ii) who is a customer of a such a customer, with a legal agreement between them to that effect, in sequence and in perpetuity (i.e., Company’s customer through multiple tiers) (“Indirect Customer”). References to “Company’s Customers” or “Customers” will include Direct Customers and Indirect Customers collectively.
(e) “Customer Data” means any and all data and information that is entered or loaded into the hosted version of the Services by or for Company or a Customer (if applicable). Customer Data excludes data once it has been exported from the Services and Usage Data.
(f) “Data Product” means Company’s product or service offering integrating or embedding the Services (if applicable), which at all times represents a significant functional and value enhancement to the Services such that the primary reason for a user to use the Data Product is other than the right to receive a license or access to the functionality of the Services available via the Data Product. “Data Product” includes all modifications and derivative works thereof, however made, including a Customer’s product or service which integrates with or embeds the Company’s Data Product.
(g) “Deliverables” means the guides, configurations, code (including SQL queries) or other deliverables that GoodData provides to Company in connection with Professional Services. For clarity, GoodData may use compilers, assemblers, interpreters and similar tools to develop Deliverables. The term “Deliverables” do not include such tools.
(h) “Documentation” means the online product documentation, user instructions and help files made available to Company by GoodData.
(i) “European Data Protection Law” means the EU General Data Protection Regulation 2016/679 ("GDPR") and any applicable national laws made under the GDPR.
(j) “GoodData” means the entity specified in the relevant Order.
(k) “GoodData Technology” means the Services, Development Tools, Trial Services, Previews, Deliverables, Usage Data, Documentation, and all derivatives thereof.
(l) “License Key” means a serial number that enables Company to activate and use on-premise versions of the Services.
(m) "Order(s)" means the mutually executed document that describes the Services and/or Professional Services that Company licenses or purchases from GoodData in accordance with the terms and conditions of this Agreement.
(n) "Personal Data" means Customer Data that is “personal data,” “personal information,” “personally identifiable information,” or an equivalent term, as defined by Applicable Data Protection Law.
(o) "Product Specific Terms” means product entitlements descriptions and related terms available at https://www.gooddata.com/legal/product-specific-terms/cloud for hosted versions of the Services or https://www.gooddata.com/legal/#product-specific-terms-cn for on-premise versions of the Services, as may be updated from time to time.
(q) “Security Breach” means an unlawful or unauthorized use or acquisition of Personal Data due to GoodData’s failure to comply with the GoodData Security Program. The term Security Breach excludes: (a) unsuccessful attempts to penetrate computer networks or servers maintained by or for GoodData; (b) immaterial incidents that occur on a routine basis, such as general “pinging” or “denial of service” attacks; and (c) GoodData’s good-faith receipt of Highly Sensitive Personal Data or PHI in violation of Section 4(c) (Restrictions on Personal Data Processing).
(r) “Services” means the GoodData Cloud offering provided to Company by GoodData as specified in an Order. GoodData Cloud is made available as a hosted offering and as on-premise software (also known as GoodData.CN).
(s) “Third Party Applications” means separate services or applications (and other consulting services related thereto), procured by Company from a party other than GoodData that can be used in connection with the Services.
(t) “Usage Data” means anonymized, de-identified or aggregated information collected or generated by or on behalf of GoodData which GoodData may use pursuant to Section 3(e).
(u) “User(s)” means an individual such as an employee, consultant, contractor, or agent who is authorized to access and use the Services by Company, a Customer (where applicable), and who is bound by applicable terms and conditions meeting the requirements set forth in this Agreement. References to “Company’s Users” or “Users” will include all users collectively, including users authorized by Company, Direct Customers, and Indirect Customers.
2. Access and Licenses.
3. Intellectual Property Rights.
4. Company’s Obligations; Restrictions.
5. Confidential Information.
(c) Time Limit. Upon any termination or expiration of this Agreement, the receiving party will continue to maintain the confidentiality of the disclosing party's Confidential Information for three years from date of receipt, except that source code will be held in confidence in perpetuity.
6. Fees and Payment.
7. Security.
8. Indemnification.
9. Warranties; Disclaimers.
10. Limitation of Liability.
(a) TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT WILL EITHER PARTY OR ANY OF ITS AFFILIATES, LICENSORS, SERVICE PROVIDERS, OR SUPPLIERS BE LIABLE UNDER OR IN CONNECTION WITH THIS AGREEMENT OR ITS SUBJECT MATTER UNDER ANY LEGAL OR EQUITABLE THEORY, INCLUDING BREACH OF CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY, AND OTHERWISE, FOR ANY: (i) LOSS OF PRODUCTION, USE, BUSINESS, REVENUE, OR PROFIT OR DIMINUTION IN VALUE; (ii) COST OF REPLACEMENT GOODS OR SERVICES; OR (iii) CONSEQUENTIAL, INCIDENTAL, INDIRECT, EXEMPLARY, SPECIAL, ENHANCED, RELATING TO GOODWILL OR REPUTATION, OR PUNITIVE DAMAGES, REGARDLESS OF WHETHER SUCH PERSONS WERE ADVISED OF THE POSSIBILITY OF SUCH LOSSES OR DAMAGES OR SUCH LOSSES OR DAMAGES WERE OTHERWISE FORESEEABLE, AND NOTWITHSTANDING THE FAILURE OF ANY AGREED OR OTHER REMEDY OF ITS ESSENTIAL PURPOSE. BECAUSE SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES, THE FOREGOING LIMITATION MAY NOT APPLY.
(b) EACH PARTY’S AGGREGATE LIABILITY HEREUNDER SHALL IN NO EVENT EXCEED THE AMOUNT OF FEES PAID BY COMPANY FOR THE SERVICES DURING THE TWELVE (12) MONTH PERIOD IMMEDIATELY PRIOR TO THE EVENT GIVING RISE TO THE LIABILITY. GOODDATA’S AGGREGATE LIABILITY ARISING OUT OF OR IN CONNECTION WITH TRIAL SERVICES WILL NOT EXCEED $100 USD.
(c) Exceptions. Notwithstanding Sections 10(a) and 10(b), nothing in this Agreement limits or excludes the liability or obligations of party for: (i) death or personal injury caused by such party or its gross negligence, willful misconduct, fraud, or fraudulent misrepresentation; (ii) each party’s indemnity obligations hereunder; (iii) a violation of GoodData’s or its licensor’s intellectual property rights (including breach of the licenses and rights granted herein); or (iv) Company’s express payment obligations.
11. Suspension and Termination.
(a) Term. This Agreement will commence on the Effective Date set forth in the initial Order and shall remain in effect until expiration of all Services or until terminated in accordance with Section 11(b) (“Term”).
(b) Termination. Either party may terminate this Agreement upon written notice if the other party materially breaches this Agreement and fails to correct the breach within 30 days following written notice specifying the breach. Either party may terminate an Order or SOW upon written notice if the other party materially breaches this Agreement or the applicable Order or SOW and fails to cure the breach within 30 days following written notice specifying the breach. Professional Services are separately ordered from the Services and are not required for the Services. A breach by a party of its obligations with respect to Professional Services will not by itself constitute a breach by that party of its obligations with respect to the Services even if enumerated in the same Order.
(c) Effect of Termination. Upon termination or expiration of this Agreement all rights and licenses granted to Company hereunder, will immediately cease and each party will return or destroy (or in the case of electronic information, render practicably inaccessible) the Confidential Information of the other. Additionally, each party will cease using the other party’s Marks. GoodData will make Customer Data available to Company for a period of thirty (30) days after termination in the current format that it is stored in the Services. Thereafter, GoodData will have no obligation to maintain or provide Company with copies of Customer Data. Termination of this Agreement will not limit either party from pursuing any other remedies available to it, including injunctive relief, nor will such termination relieve any obligation to pay all fees that have accrued or are otherwise owed under this Agreement. The parties’ rights and obligations under Sections 1, 3, 5, 6, 7 (to the extent GoodData retains any Customer Data), and 8-12 will survive the expiration or earlier termination of this Agreement.
GoodData shall have no obligations with regards to any Customer Data uploaded by Company during a Trial Term. The Trial Services contain sample data solely for the demonstration purposes. GoodData makes no warranty regarding the sample data usage during the Trial Term. ANY CUSTOMER DATA ENTERED INTO THE SERVICES DURING THE TRIAL TERM AND ANY CHANGES MADE TO THE CUSTOMER DATA BY OR FOR COMPANY DURING THE TRIAL TERM MAY BE PERMANENTLY LOST UNLESS COMPANY: (A) PURCHASES PAID SERVICES, OR (C) EXPORTS ITS CUSTOMER DATA BEFORE THE END OF THE TRIAL TERM.
(d) Suspension. In addition to any of its other rights or remedies (including, without limitation, any termination rights) set forth in this Agreement, GoodData reserves the right to suspend provision of the Services (i) if Company has received notice of overdue payment and the payment remains overdue thirty (30) days or more after receiving such notice; (ii) if Company or a Customer breach Sections 3 (Intellectual Property Rights) or 4 (Company Obligations; Restrictions); (iii) if GoodData reasonably determines suspension is necessary to avoid material harm to Company or Customers, including if the Services is experiencing attacks or disruptions outside of GoodData’s control; or (iv) as required by law or at the request of governmental entities.
12. General.
(a) Disputes, and Arbitration. This Section 12(a) will only apply to Company if the GoodData entity which is a party to this Agreement is GoodData Corporation per the relevant Order. Subject to Section 12(c) (Injunctive Relief and IP Claims), any dispute, claim or controversy arising out of or relating to this Agreement (including all SOWs and Orders) or the breach, termination, enforcement, interpretation or validity thereof, including the determination of the scope or applicability of this agreement to arbitrate, will be determined by arbitration in San Francisco, California, before one arbitrator. The arbitration will be administered by JAMS pursuant to its Comprehensive Arbitration Rules and Procedures. Judgment on the award may be entered in any court having jurisdiction. This clause will not preclude parties from seeking provisional remedies in aid of arbitration from a court of appropriate jurisdiction. The arbitrator may, in the award, allocate all or part of the costs of the arbitration, including the fees of the arbitrator and the reasonable attorneys’ fees of the prevailing party (as defined by California Civil Code Section 1717). Company may only resolve disputes with GoodData on an individual basis and will not bring a claim in a class, consolidated, or representative action.
(b) Contracting Entity Governing Law. The parties agree to first seek to amicably manage and resolve misunderstandings or disputes by escalating the same to their respective executives for timely consideration. “GoodData” as a party to this Agreement will mean the GoodData contracting entity specified in the relevant Order. In the case of Trial Services, GoodData Corporation will be the contracting entity. This Agreement and all relations, disputes, claims and other matters arising hereunder (including non-contractual disputes or claims) will be governed exclusively by, and construed exclusively in accordance with, the laws of the jurisdictions set forth in the following table, as determined by the GoodData contracting entity (as indicated in the first column), without regard to conflicts of laws provisions. To the extent permitted by law, choice of laws rules and the United Nations Convention on Contracts for the International Sale of Goods will not apply. For the purposes of adjudicating any action or proceeding to enforce the terms of this Agreement, the parties hereby irrevocably consent to the exclusive jurisdiction of, and venue in, any national or provincial court of competent jurisdiction located in the venue indicated in the table corresponding to GoodData contracting entity (subject to Section 12(a) (Disputes and Arbitration)). The prevailing party in any claim or dispute between the parties under this Agreement will be entitled to reimbursement of its reasonable attorneys’ fees and costs.
GoodData Contracting Entity | Jurisdiction | Notice Address |
GoodData Ireland | Ireland | Attn: Head of Legal 12 Merrion Square Dublin 2 Dublin, Ireland with copy to legal@gooddata.com |
GoodData Corporation, a Delaware corporation | The State of California | Attn: Head of Legal 333 Kearny Street Floor 2 San Francisco, CA 94108 with copy to legal@gooddata.com |
(c) Injunctive Relief and IP Claims. Any breach of the confidentiality provisions herein or one party’s breach of the other party’s intellectual property rights will result in harm and economic loss to the other party not compensable by monetary damages. Either party will be entitled to seek an injunction against such breach or threatened breach from a court of law, in addition to other legal or equitable remedies, and without the need to post a bond or other financial security for such injunctive relief or the necessity of proving that other available remedies may be inadequate. Notwithstanding anything to the contrary in Section 12(a), either party may bring a lawsuit in a court of law for claims of intellectual property rights infringement.
(f) Assignment. Neither party may transfer or assign its rights under this Agreement without the prior consent of the other party, except claims for monetary payment. Notwithstanding the foregoing, a party may assign this Agreement in connection with the sale, merger or other corporate combination involving all or substantially all of the assets of the assigning party to a third party provided that the assignee assumes all of the assigning party’s obligations and liabilities hereunder. Any attempted assignment in violation of this paragraph is void. This Agreement will inure to the benefit of and be binding upon the parties and their respective successors and permitted assigns.
(g) Severability. If any provision or part of this Agreement is determined by a court of competent jurisdiction to be illegal, invalid or unenforceable, the parties intend that the court will modify the provision to the minimum extent necessary to make it valid and enforceable, or if it cannot be made valid and enforceable, the parties intend that the court will sever and delete the illegal, invalid, or unenforceable provision or part from this Agreement. Any change to or deletion of a provision or part of this Agreement under this Section will not affect the validity or enforceability of the remaining provisions of this Agreement, which will continue in full force and effect.
(h) Waiver of Breach. No delay or omission by either party to exercise any right or power arising upon the other party’s nonperformance or breach will impair that right or power or be construed as a waiver of it. Any waiver must be in writing and signed by the waiving party. A waiver on one occasion will not be construed as a waiver of any subsequent event of nonperformance or breach.
(i) Force Majeure. Except for the obligation to make payments, performance under this Agreement will be postponed automatically to the extent that either party is prevented from meeting its obligations by causes beyond its reasonable control, including but not limited to acts of God, labor disputes or other industrial disturbances, systemic electrical, telecommunications, or other utility failures, earthquake, storms or other elements of nature, blockages, embargoes, riots, public health emergencies (including pandemics and epidemics), acts or orders of government, acts of terrorism, or war.
(j) Notices and Consent to Electronic Communication. Company will receive electronic communications and notifications from GoodData in connection with the products and services to be provided hereunder and the Agreement generally. Company agrees that any such communication will satisfy any applicable legal communication requirements, including that such communications be in writing. GoodData may provide Company with notices by email to the email address that Company registered with (and/or other alternate email address associated with Company’s account if provided), or by regular mail. Company will be deemed to have received any email sent to the email address then associated with Company’s account when GoodData sends the email. All notices and requests in connection with this Agreement required to be given by Company to GoodData will be sent via email to legal@gooddata.com.
(k) No Agency. Neither party has the right to bind or act for the other in any capacity. The relationship under this Agreement will not create any legal partnership, franchise relationship, distributor relationship, or other form of legal association between the parties that would impose a liability between the parties or to third parties.
(l) Records. During the Term of this Agreement and for one year thereafter, Company will retain records of Company’s activities under this Agreement sufficient to show Company’s compliance with this Agreement. During this period, GoodData will have the right to audit Company’s records relating to Company’s performance under this Agreement and to verify that Company has fulfilled Company’s obligations under this Agreement, and Company will reasonably cooperate with GoodData or its third-party auditor (provided such auditor is subject to a confidentiality agreement). Any such audit will be conducted during normal business hours on a date mutually acceptable to both parties, will not unreasonably interfere with Company’s business activities, and GoodData will provide at least ten (10) business days’ prior notice. The audit will be conducted at GoodData’s expense, unless the audit reveals that Company has materially breached Company’s obligations under Section 2(b)-(c), the audit reveals that Company has underpaid GoodData by more than 5% for the Services fees payable by Company for the period audited, or that Company has materially failed to maintain accurate records. If Company has underpaid GoodData any sums, Company will promptly pay GoodData the outstanding amounts due plus interest at a monthly effective rate of 2% for the period of the underpayment. In the event that Company self-discloses such underpayment, and the disclosure is not immediately after the notification of an audit, all interest will be waived, and Company’s obligation will be limited to the underpayment. Such audits will not be conducted more than once in any period of 12 consecutive months, or twice during the same time period in the event that an audit reveals a material breach of Company’s obligations hereunder.
(m) Entire Agreement. This Agreement, including all exhibits and attachments, together with any Orders and SOWs, contains the complete and exclusive statement of the agreement between the parties with respect to the subject matter herein. Company has not relied on any statement, promise or representation made or given by or on behalf of GoodData that is not set out in this Agreement. Company’s Orders are not contingent on, and Company has not relied on, the delivery of any future functionality regardless of any verbal or written communication about GoodData’s future plans. If there is any conflict of inconsistency, the following order will apply: Order, SOW, the Agreement. The terms of this Agreement apply to the exclusion of any other terms that Company may seek to impose or incorporate, or which are implied by trade, custom, practice or course of dealing. Any purchase order submitted by Company is for Company’s internal purposes only and its terms and conditions are superseded and replaced by this Agreement.
(n) Changes to this Agreement. GoodData reserves the right to revise this Agreement from time to time. GoodData will date and post the most current version of this Agreement on the GoodData Legal Center, available at https://www.gooddata.com/legal. Any changes will be effective upon posting the revised version of this Agreement (or such later effective date as may be indicated at the top of the revised Agreement). If, in GoodData's sole discretion, GoodData deems a revision to this Agreement to be material, GoodData may notify Company via the Services. Notice of other changes may be provided via the GoodData Legal Center. Company’s continued access or use of any portion of the Services constitutes Company’s acceptance of such changes. If Company does not agree to any of the changes, GoodData is not obligated to continue providing the Services, and Company must stop using the Services. Except as otherwise set forth in this Agreement, no modification, amendment, or waiver of any provision of this Agreement will be effective unless it specifically references this Agreement, explicitly expresses a desire to amend this Agreement, is set forth in writing and is signed by the parties.
(o) Counterparts. This Agreement may be signed in counterparts and electronically, each of which will be considered an original document, but together which will constitute one complete document.
(p) Controlling Language. This Agreement has been prepared and executed in the English language only, which language will be controlling in all respects. Any translations of the provisions of this Agreement into any other language are for reference only and will have no legal or other effect. Any notice that is required or permitted to be given by one party to the other under this Agreement must be in the English language and in writing. All proceedings related to this Agreement will be conducted in the English language. Les parties aux présentes ont formellement demandé à ce que la présente convention et tous les documents auxquels celui-ci réfère soient rédigés et signés en langue anglaise.
(q) US Government Rights. GoodData Technology is commercial computer software and all services are commercial items. “Commercial computer software” has the meaning set forth in Federal Acquisition Regulation (“FAR”) 2.101 for civilian agency purchases and the Department of Defense (“DOD”) FAR Supplement (“DFARS”) 252.227-7014(a)(1) for defense agency purchases. If software is licensed or the services are acquired by or on behalf of a civilian agency, GoodData provides the commercial computer software and/or commercial computer software documentation and other technical data subject to the terms of this Agreement as required in FAR 12.212 (Computer Software) and FAR 12.211 (Technical Data) and their successors. If the software is licensed or the services are acquired by or on behalf of any agency within the DOD, GoodData provides the commercial computer software and/or commercial computer software documentation and other technical data subject to the terms of this Agreement as specified in DFARS 227.7202-3 and its successors. Only if this is a DOD prime contract or DOD subcontract, the Government acquires additional rights in technical data as set forth in DFARS 252.227-7015. This U.S. Government Rights clause is in lieu of, and supersedes, any other FAR, DFARS or other clause or provision that addresses Government rights in computer software or technical data.
(r) Third Party Disputes. If Company obtains access to the Services through a GoodData authorized partner (“Partner”) as part of such Partner’s product or service or otherwise through such Partner, GoodData will not be responsible for its Partner dealings. In the event that Company has a dispute with a Partner (except in the case where a dispute arises as a result of GoodData’s willful misconduct or gross negligence) Company releases GoodData and its affiliates from claims, demands and damages of every kind and nature, known and unknown, suspected and unsuspected, disclosed and undisclosed, arising out of or in any way connected with such disputes. Company will not be deemed a third-party beneficiary to any agreement or dealings between GoodData and any Partner. For the avoidance of doubt, this Agreement will directly supersede anything to the contrary set forth in the Uniform Commercial Code which would otherwise enable Company to seek direct recourse from GoodData for such disputes.
(s) By law, Customers (if any) may have certain rights that cannot be limited by a contract like this Agreement. This Agreement is in no way intended to restrict those rights.
GoodData Platform Terms of Use
Version 2.6
Effective October 15th 2024
DownloadTable of Contents
1. Definitions.
All capitalized terms not otherwise defined herein shall have the meaning set forth below.
(i) “GoodData” means the entity specified in the relevant Order.
2. Access and Licenses.
3. Intellectual Property Rights.
4. Company's Obligations; Restrictions.
(c) Restrictions on Personal Data Processing. GoodData may offer Company additional security and compliance add-on(s) intended for the processing of Protected Health Information subject to the Health Insurance Portability and Accountability Act (“HIPAA”) (where “Protected Health Information” or “PHI” has the meaning set forth in HIPAA); or (ii) Special Categories of Personal Data (as defined by applicable regulation, including the EU General Data Protection Regulation or similar concepts under the California Consumer Privacy Act) or such other personally identifiable information or data (collectively the, "Sensitive Personal Data"). Unless Company subscribes to the relevant add-on(s), Company and its Customers will not process through the Services, and GoodData will not have any liability to Company or Company’s Customers for PHI under HIPAA, Sensitive Personal Data and/or Highly Sensitive Personal Data. “Highly Sensitive Personal Data” means user credentials, social security numbers, driver’s license numbers, bank account numbers or any data subject to PCI-DSS.
5. Confidential Information.
(a) Confidential Information Defined. As used herein, “Confidential Information” means non-public information provided under this Agreement that the party disclosing the information designates at the time of disclosure as being confidential, or, if disclosed orally or visually, is identified as such prior to disclosure, or which, under the circumstances surrounding the disclosure, the receiving party knows or has reason to know should be treated as confidential without the need to be marked as such. Without limiting the foregoing, Confidential Information will include any information regarding a party’s financial condition, business opportunities, plans for development of future products, unreleased versions of products, know-how, technology, Customer information, Customer Data, and login credentials for the Services. The GoodData Technology and Professional Services will be deemed GoodData Confidential Information. Notwithstanding the foregoing and except for Personal Data, nothing received by a receiving party will be construed as Confidential Information which: (i) is generally available to the public without breach of this Agreement; (ii) is lawfully obtained from a third party without a duty of confidentiality; (iii) is rightfully known to the receiving party prior to such disclosure; or (iv) is, at any time, developed by the receiving party independent of any such disclosure(s) from the disclosing party.
(b) Non-Disclosure. The parties agree to use all reasonable care to prevent disclosure of the other party's Confidential Information to any third party. Notwithstanding the foregoing, either party may disclose Confidential Information to its employees, consultants, and other third-party providers solely to the extent necessary to exercise its rights or obligations under this Agreement (or any Order or SOW), provided that the party has a non-disclosure agreement in place with such third-party provider that protects such Confidential Information against disclosure in a manner no less protective than this Agreement and provided that the each party remains responsible for any breach of this Section 5 by such providers, as if they were that party’s own employees. The foregoing notwithstanding, a receiving party may disclose the other party’s Confidential Information to the minimum extent legally required if the information is required by law to be disclosed in response to a valid order of a court of competent jurisdiction or authorized government agency, provided that the receiving party must give the disclosing party prompt written notice, obtain or allow for a reasonable effort by the disclosing party to obtain a protective order prior to disclosure, and reasonably cooperate with disclosing party at disclosing party’s request.
(c) Time Limit. Upon any termination or expiration of this Agreement, the receiving party will continue to maintain the confidentiality of the disclosing party's Confidential Information for three years from date of receipt, except that source code will be held in confidence in perpetuity and Customer Data will be held in confidence for so long as it is in GoodData’s possession.
6. Fees and Payment.
(a) Fees. In consideration for the Subscription Services access rights granted to Company and any Professional Services, by GoodData under this Agreement, Company will pay GoodData the fees stated in any applicable Order. Except as explicitly stated otherwise in this Agreement, all fees paid are non-refundable and not subject to any set-off.
(b) Payment Terms. Unless otherwise agreed in an Order or SOW, payments to GoodData will be made no later than 30 days following receipt of invoice from GoodData. If any fee payments become past due, GoodData reserves the right to temporarily suspend all Services usage rights until outstanding payments are paid in full. GoodData also reserves the right to charge a fee equivalent to 2% per month on all amounts past due. All payments will be made in the currency designated in the relevant Order and by bank-to-bank wire transfer, all charges prepaid, or by check drawn on a United States (for USD) or European Union (EU) or European Economic Area (EEA) (for Euros) bank. Company is free to determine, in Company’s sole discretion, the prices at which Company offers the Subscription Services to Company’s Customers.
(c) Taxes. Company will be responsible for and will indemnify and hold GoodData harmless against all international, country, state, province and/or local taxes of any government, including, but not limited to, sales and use tax (exclusive of taxes on GoodData’s net income), duties and assessments arising on or measured by amounts payable to GoodData or arising out of or measured by amounts sold by Company. If any applicable law requires Company to withhold amounts from any payments to GoodData: (i) Company will effect such withholding, remit such amounts to the appropriate authorities and promptly furnish GoodData with tax receipts evidencing the payments of such amounts; and (ii) in the event GoodData is required to remit the withholding, GoodData will make such payment, and the sum payable by Company upon which the deduction or withholding is based will be increased to the extent required such that GoodData receives the gross amount owed by Company notwithstanding such withholding.
(d) Currency Control. Company represents and warrants that, as of the Effective Date of this Agreement, no currency control laws applicable in countries other than the United States where Company conducts the activities under the Agreement will prevent the payment to GoodData of any sums due under this Agreement. If any such laws come into effect and the local government of the territory where payment will be made does not permit that payment be made in the currency set forth in the relevant Order, Company will notify GoodData immediately, and if so instructed by GoodData, deposit all monies due GoodData to the account of GoodData in a local bank of GoodData’s choice in the affected country.
7. Security.
8. Indemnification.
(a) Company’s Obligations. Subject to the remainder of this Section, Company shall: (i) defend and hold harmless GoodData against any claim, action, suit or proceeding (each, a “Claim”) brought by a third party (including Customers or Users) to the extent that it is based upon a claim related to: (A) the processing of Customer Data by GoodData (or otherwise arising out of use of Company's Customer Data) in connection with the Subscription Services, (B) Company's or its Customer's branded service offering, (C) Company's or its Customer's distribution of the Subscription Services, (D) Company's or its Customer’s use of the Subscription Services or (E) other materials supplied by Company or its Customers for use alongside the Subscription Services (including, without limitation, any product related documentation that is not GoodData Technology); and (ii) indemnify GoodData (and require that Your Customers indemnify GoodData) from any resulting liabilities, losses, damages, fines, penalties, judgments, settlement amounts, costs and expenses incurred by GoodData in connection with such Claim(s).
(b) GoodData Obligations. Subject to the remainder of this Section 8, GoodData will: (i) defend and hold harmless Company and its Affiliates (including Company’s and its Affiliates’ directors, officers, and employees) against any Claim brought by a third party that the Services infringes any patent, trademark or copyright of such third party, or misappropriates a trade secret (but only to the extent that such misappropriation is not a result of Company’s actions) under the laws of the United States (“Infringement Claim”); and (ii) indemnify Company from any resulting liabilities, losses, damages, fines, penalties, judgments, settlement amounts, costs and expenses incurred by Company in connection with such Infringement Claims.
(c) Exclusions. Notwithstanding the foregoing, GoodData will have no obligation under this Section 8 or otherwise with respect to any Claim(s) which would not have arisen but for: (i) a combination of GoodData Technology with non-GoodData products or services; (ii) use of the Services in violation of this Agreement, an Order, or the Documentation; (iii) any modification to the Subscription Services made by GoodData pursuant to Company specifications, Company, a Customer, or a User; or (iv) trade secret misappropriation that is the result of Company’s actions. Additionally, GoodData will have no obligations or liability toward Company whatsoever for any use of the Services: (A) after Company’s access rights to the Services have been effectively terminated; or (B) 30 days after a new version of the Services has been made available to Company and Company has been notified of a need to upgrade due to a potential legal issue with an older version of the Services. THIS SECTION 8 STATES COMPANY’S SOLE AND EXCLUSIVE REMEDY AND GOODDATA’S ENTIRE LIABILITY FOR ANY THIRD-PARTY INFRINGEMENT CLAIMS OR ACTIONS.
(d) Indemnification Procedures. The indemnifying party hereunder will provide the aforementioned obligations in Sections 8(a) or (b) provided that the indemnified party: (i) promptly provides the indemnifying party with notice of such Claim provided that the indemnifying party’s indemnity obligations will be waived only if and to the extent that its ability to conduct the defense are materially prejudiced by a failure to give such notice; (ii) allows the indemnifying party sole control over the defense thereof and related settlement negotiations; and (iii) reasonably cooperates in response to the indemnifying party’s requests for assistance. Neither party may settle or compromise an indemnifiable claim without the indemnified party’s prior written consent, not to unreasonably be withheld.
(e) Remedies for Impacted Services. Should the Services become, or in GoodData’s opinion be likely to become, the subject of an Infringement Claim, GoodData will, at GoodData’s option and expense either: (i) procure the rights necessary for Company to make continued use of the affected Services in accordance with this Agreement; (ii) replace or modify the affected Services to make it non-infringing; or (iii) terminate access to the affected Services, and refund any pre-paid fees attributable to such Services.
9. Warranties; Disclaimers.
10. Limitation of Liability.
(a) TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT WILL EITHER PARTY OR ANY OF ITS AFFILIATES, LICENSORS, SERVICE PROVIDERS, OR SUPPLIERS BE LIABLE UNDER OR IN CONNECTION WITH THIS AGREEMENT OR ITS SUBJECT MATTER UNDER ANY LEGAL OR EQUITABLE THEORY, INCLUDING BREACH OF CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY, AND OTHERWISE, FOR ANY: (i) LOSS OF PRODUCTION, USE, BUSINESS, REVENUE, OR PROFIT OR DIMINUTION IN VALUE; (ii) COST OF REPLACEMENT GOODS OR SERVICES; OR (iii) CONSEQUENTIAL, INCIDENTAL, INDIRECT, EXEMPLARY, SPECIAL, ENHANCED, RELATING TO GOODWILL OR REPUTATION, OR PUNITIVE DAMAGES, REGARDLESS OF WHETHER SUCH PERSONS WERE ADVISED OF THE POSSIBILITY OF SUCH LOSSES OR DAMAGES OR SUCH LOSSES OR DAMAGES WERE OTHERWISE FORESEEABLE, AND NOTWITHSTANDING THE FAILURE OF ANY AGREED OR OTHER REMEDY OF ITS ESSENTIAL PURPOSE. BECAUSE SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES, THE FOREGOING LIMITATION MAY NOT APPLY.
(b) EACH PARTY’S AGGREGATE LIABILITY HEREUNDER SHALL IN NO EVENT EXCEED THE AMOUNT OF FEES PAID BY COMPANY FOR THE SUBSCRIPTION SERVICES DURING THE TWELVE (12) MONTH PERIOD IMMEDIATELY PRIOR TO THE EVENT GIVING RISE TO THE LIABILITY.
(c) Exceptions. Notwithstanding Sections 10(a) and 10(b), nothing in this Agreement limits or excludes the liability or obligations of party for: (i) death or personal injury caused by such party or its gross negligence, willful misconduct, fraud, or fraudulent misrepresentation; (ii) each party’s indemnity obligations hereunder; (iii) a violation of GoodData’s or its licensor’s intellectual property rights (including breach of the licenses and rights granted herein); or (iv) Company’s express payment obligations.
11. Suspension and Termination.
12. General.
(a) Disputes, and Arbitration. This Section 12(a) will only apply to Company if the GoodData entity which is a party to this Agreement is GoodData Corporation per the relevant Order. Subject to Section 12(c) (Injunctive Relief and IP Claims), any dispute, claim or controversy arising out of or relating to this Agreement (including all SOWs and Orders) or the breach, termination, enforcement, interpretation or validity thereof, including the determination of the scope or applicability of this agreement to arbitrate, will be determined by arbitration in San Francisco, California, before one arbitrator. The arbitration will be administered by JAMS pursuant to its Comprehensive Arbitration Rules and Procedures. Judgment on the award may be entered in any court having jurisdiction. This clause will not preclude parties from seeking provisional remedies in aid of arbitration from a court of appropriate jurisdiction. The arbitrator may, in the award, allocate all or part of the costs of the arbitration, including the fees of the arbitrator and the reasonable attorneys’ fees of the prevailing party (as defined by California Civil Code Section 1717). Company may only resolve disputes with GoodData on an individual basis and will not bring a claim in a class, consolidated, or representative action.
(b) Contracting Entity Governing Law. The parties agree to first seek to amicably manage and resolve misunderstandings or disputes by escalating the same to their respective executives for timely consideration. “GoodData” as a party to this Agreement will mean the GoodData contracting entity specified in the relevant Order. This Agreement and all relations, disputes, claims and other matters arising hereunder (including non-contractual disputes or claims) will be governed exclusively by, and construed exclusively in accordance with, the laws of the jurisdictions set forth in the following table, as determined by the GoodData contracting entity (as indicated in the first column), without regard to conflicts of laws provisions. To the extent permitted by law, choice of laws rules and the United Nations Convention on Contracts for the International Sale of Goods will not apply. For the purposes of adjudicating any action or proceeding to enforce the terms of this Agreement, the parties hereby irrevocably consent to the exclusive jurisdiction of, and venue in, any national or provincial court of competent jurisdiction located in the venue indicated in the table corresponding to GoodData contracting entity (subject to Section 12(a) (Disputes and Arbitration)). The prevailing party in any claim or dispute between the parties under this Agreement will be entitled to reimbursement of its reasonable attorneys’ fees and costs.
GoodData Contracting Entity | Jurisdiction | Notice Address |
GoodData Ireland | Ireland | Attn: Head of Legal 12 Merrion Square Dublin 2 Dublin, Ireland with copy to legal@gooddata.com |
GoodData Corporation, a Delaware corporation | The State of California | Attn: Head of Legal 333 Kearny Street Floor 2 San Francisco, CA 94108 with copy to legal@gooddata.com |
(c) Injunctive Relief and IP Claims. Any breach of the confidentiality provisions herein or one party’s breach of the other party’s intellectual property rights will result in harm and economic loss to the other party not compensable by monetary damages. Either party will be entitled to seek an injunction against such breach or threatened breach from a court of law, in addition to other legal or equitable remedies, and without the need to post a bond or other financial security for such injunctive relief or the necessity of proving that other available remedies may be inadequate. Notwithstanding anything to the contrary in Section 12(a), either party may bring a lawsuit in a court of law for claims of intellectual property rights infringement.
(d) Anti-Corruption Laws. Company will not engage in any deceptive or unethical trade practices or any act which might harm GoodData’s reputation or the reputation of the GoodData Technology. Company will comply with all applicable anti-corruption laws and regulations (“Anti-Corruption Laws”) including but not limited to the United States Foreign Corrupt Practices Act and the UK Bribery Act, irrespective of whether Company is legally subject to it. Company will not cause GoodData to violate any Anti-Corruption Laws in connection with any activities related to this Agreement (collectively, the “Activities”). Company will not, in connection with the Activities, pay, offer, promise, or authorize the payment or transfer of anything of value, directly or indirectly, to any other person or entity for the purpose of improperly obtaining or retaining business, for any other advantage for GoodData, or for any other purpose prohibited by any Anti-Corruption Laws.
(e) Export Controls. The GoodData Technology is of United States origin and is provided subject to the U.S. Export Administration Regulations and the regulations of other jurisdictions (e.g., the European Union). Diversion contrary to applicable law is prohibited. Without limiting the foregoing, Company warrants that: (i) Company is not, and Company is not acting on behalf of, any person who is a citizen, national, or resident of, or who is controlled by the government of any country to which the United States or other applicable government body has prohibited export transactions (e.g., Iran, North Korea, etc.); (ii) Company is not, and Company is not acting on behalf of, any person or entity listed on a relevant list of persons to whom export is prohibited (e.g., the U.S. Treasury Department list of Specially Designated Nationals and Blocked Persons, the U.S. Commerce Department Denied Persons List or Entity List, etc.); and (iii) Company will not use any GoodData Technology for, and will not permit any GoodData Technology to be used for, any purpose prohibited by applicable law. Company will, at Company’s own expense, obtain and arrange for the maintenance in full force and effect of all governmental approvals, stamps, consents, licenses, authorizations, declarations, filings, and registrations as may be necessary or advisable for the performance of all the terms and conditions of this Agreement, including, but not limited to, all approvals which may be required to realize the intent and purpose of this Agreement.
(f) Assignment. Neither party may transfer or assign its rights under this Agreement without the prior consent of the other party. Notwithstanding the foregoing, a party may assign this Agreement in connection with the sale, merger or other corporate combination involving all or substantially all of the assets of the assigning party to a third party provided that the assignee assumes all of the assigning party’s obligations and liabilities hereunder. Any attempted assignment in violation of this paragraph is void. This Agreement will inure to the benefit of and be binding upon the parties and their respective successors and permitted assigns.
(g) Severability. If any provision or part of this Agreement is determined by a court of competent jurisdiction to be illegal, invalid or unenforceable, the parties intend that the court will modify the provision to the minimum extent necessary to make it valid and enforceable, or if it cannot be made valid and enforceable, the parties intend that the court will sever and delete the illegal, invalid, or unenforceable provision or part from this Agreement. Any change to or deletion of a provision or part of this Agreement under this Section will not affect the validity or enforceability of the remaining provisions of this Agreement, which will continue in full force and effect.
(h) Waiver of Breach. No delay or omission by either party to exercise any right or power arising upon the other party’s nonperformance or breach will impair that right or power or be construed as a waiver of it. Any waiver must be in writing and signed by the waiving party. A waiver on one occasion will not be construed as a waiver of any subsequent event of nonperformance or breach.
(i) Force Majeure. Except for the obligation to make payments, performance under this Agreement will be postponed automatically to the extent that either party is prevented from meeting its obligations by causes beyond its reasonable control, including but not limited to acts of God, labor disputes or other industrial disturbances, systemic electrical, telecommunications, or other utility failures, earthquake, storms or other elements of nature, blockages, embargoes, riots, public health emergencies (including pandemics and epidemics), acts or orders of government, acts of terrorism, or war.
(j) Notices and Consent to Electronic Communication. Company will receive electronic communications and notifications from GoodData in connection with the products and services to be provided hereunder and the Agreement generally. Company agrees that any such communication will satisfy any applicable legal communication requirements, including that such communications be in writing. GoodData may provide Company with notices by email to the email address that Company registered with (and/or other alternate email address associated with Company’s account if provided), or by regular mail. Company will be deemed to have received any email sent to the email address then associated with Company’s account when GoodData sends the email. All notices and requests in connection with this Agreement required to be given by Company to GoodData will be sent via email to legal@gooddata.com.
(k) No Agency. Neither party has the right to bind or act for the other in any capacity. The relationship under this Agreement will not create any legal partnership, franchise relationship, distributor relationship, or other form of legal association between the parties that would impose a liability between the parties or to third parties.
(l) Records. During the Term of this Agreement and for one year thereafter, Company will retain records of Company’s activities under this Agreement sufficient to show Company’s compliance with this Agreement. During this period, GoodData will have the right to audit Company’s records relating to Company’s performance under this Agreement and to verify that Company has fulfilled Company’s obligations under this Agreement, and Company will reasonably cooperate with GoodData or its third-party auditor (provided such auditor is subject to a confidentiality agreement). Any such audit will be conducted during normal business hours on a date mutually acceptable to both parties, will not unreasonably interfere with Company’s business activities, and GoodData will provide at least ten (10) business days’ prior notice. The audit will be conducted at GoodData’s expense, unless the audit reveals that Company has materially breached Company’s obligations under Section 2(b)-(c), the audit reveals that Company has underpaid GoodData by more than 5% for the Services fees payable by Company for the period audited, or that Company has materially failed to maintain accurate records. If Company has underpaid GoodData any sums, Company will promptly pay GoodData the outstanding amounts due plus interest at a monthly effective rate of 2% for the period of the underpayment. In the event that Company self-discloses such underpayment, and the disclosure is not immediately after the notification of an audit, all interest will be waived, and Company’s obligation will be limited to the underpayment. Such audits will not be conducted more than once in any period of 12 consecutive months, or twice during the same time period in the event that an audit reveals a material breach of Company’s obligations hereunder.
(m) Entire Agreement. This Agreement, including all exhibits and attachments, together with any Orders and SOWs, contains the complete and exclusive statement of the agreement between the parties with respect to the subject matter herein. Company has not relied on any statement, promise or representation made or given by or on behalf of GoodData that is not set out in this Agreement. Company’s Orders are not contingent on, and Company has not relied on, the delivery of any future functionality regardless of any verbal or written communication about GoodData’s future plans. If there is any conflict of inconsistency, the following order will apply: Order, SOW, the Agreement. The terms of this Agreement apply to the exclusion of any other terms that Company may seek to impose or incorporate, or which are implied by trade, custom, practice or course of dealing. Any purchase order submitted by Company is for Company’s internal purposes only and its terms and conditions are superseded and replaced by this Agreement.
(n) Changes to this Agreement. GoodData reserves the right to revise this Agreement from time to time. GoodData will date and post the most current version of this Agreement on the GoodData Legal Center, available at https://www.gooddata.com/legal. Any changes will be effective upon posting the revised version of this Agreement (or such later effective date as may be indicated at the top of the revised Agreement). If, in GoodData's sole discretion, GoodData deems a revision to this Agreement to be material, GoodData may notify Company via the Subscription Services. Notice of other changes may be provided via the GoodData Legal Center. Company’s continued access or use of any portion of the Services constitutes Company’s acceptance of such changes. If Company does not agree to any of the changes, GoodData is not obligated to continue providing the Services, and Company must stop using the Services. Except as otherwise set forth in this Agreement, no modification, amendment, or waiver of any provision of this Agreement will be effective unless it specifically references this Agreement, explicitly expresses a desire to amend this Agreement, is set forth in writing and is signed by the parties.
(o) Counterparts. This Agreement may be signed in counterparts and electronically, each of which will be considered an original document, but together which will constitute one complete document.
(p) Controlling Language. This Agreement has been prepared and executed in the English language only, which language will be controlling in all respects. Any translations of the provisions of this Agreement into any other language are for reference only and will have no legal or other effect. Any notice that is required or permitted to be given by one party to the other under this Agreement must be in the English language and in writing. All proceedings related to this Agreement will be conducted in the English language. Les parties aux présentes ont formellement demandé à ce que la présente convention et tous les documents auxquels celui-ci réfère soient rédigés et signés en langue anglaise.
(q) US Government Rights. GoodData Technology is commercial computer software and all services are commercial items. “Commercial computer software” has the meaning set forth in Federal Acquisition Regulation (“FAR”) 2.101 for civilian agency purchases and the Department of Defense (“DOD”) FAR Supplement (“DFARS”) 252.227-7014(a)(1) for defense agency purchases. If software is licensed or the services are acquired by or on behalf of a civilian agency, GoodData provides the commercial computer software and/or commercial computer software documentation and other technical data subject to the terms of this Agreement as required in FAR 12.212 (Computer Software) and FAR 12.211 (Technical Data) and their successors. If the software is licensed or the services are acquired by or on behalf of any agency within the DOD, GoodData provides the commercial computer software and/or commercial computer software documentation and other technical data subject to the terms of this Agreement as specified in DFARS 227.7202-3 and its successors. Only if this is a DOD prime contract or DOD subcontract, the Government acquires additional rights in technical data as set forth in DFARS 252.227-7015. This U.S. Government Rights clause is in lieu of, and supersedes, any other FAR, DFARS or other clause or provision that addresses Government rights in computer software or technical data.
(r) Third Party Disputes. If Company obtains access to the Services through a GoodData authorized partner (“Partner”) as part of such Partner’s product or service or otherwise through such Partner, GoodData will not be responsible for its Partner dealings. In the event that Company has a dispute with a Partner (except in the case where a dispute arises as a result of GoodData’s willful misconduct or gross negligence) Company releases GoodData and its affiliates from claims, demands and damages of every kind and nature, known and unknown, suspected and unsuspected, disclosed and undisclosed, arising out of or in any way connected with such disputes. Company will not be deemed a third-party beneficiary to any agreement or dealings between GoodData and any Partner. For the avoidance of doubt, this Agreement will directly supersede anything to the contrary set forth in the Uniform Commercial Code which would otherwise enable Company to seek direct recourse from GoodData for such disputes.
(s) By law, Customers may have certain rights that can’t be limited by a contract like this Agreement. This Agreement is in no way intended to restrict those rights.
GoodData Platform Free Terms of Use
Version 1.10
Effective February 6th 2023
DownloadTable of Contents
THIS DOCUMENT CONTAINS GOODDATA PLATFORM FREE TERMS OF USE. BY CLICKING “I ACCEPT,” YOU CONFIRM THAT YOU HAVE READ AND AGREE TO ALL CONTENTS OF THIS DOCUMENT.
IF YOU DO NOT ACCEPT THE GOODDATA PLATFORM FREE TERMS OF USE AND YOU DO NOT HAVE AN APPLICABLE SEPARATE SIGNED AGREEMENT WITH GOODDATA, YOU MAY NOT USE, ACCESS OR COPY THE GOODDATA PLATFORM AND YOU MUST DELETE ANY COPIES OF IT FROM YOUR SYSTEMS.
GOODDATA PLATFORM FREE TERMS OF USE
THESE GOODDATA PLATFORM FREE TERMS OF USE (THIS “AGREEMENT“) CONSTITUTE AN AGREEMENT BETWEEN THE ENTITY THAT YOU REPRESENT AND ALL AFFILIATES THEREOF (COLLECTIVELY “YOU” OR “YOUR”), AND GOODDATA CORPORATION (“GOODDATA”). THIS AGREEMENT GOVERNS THE ACCESS TO AND USE OF THE GOODDATA PLATFORM FREE SUBSCRIPTION SERVICES BY YOU AND YOUR CUSTOMERS. BY CLICKING TO SIGNIFY YOUR ACCEPTANCE OF THIS AGREEMENT, OR BY YOUR SETTING UP A USER ACCOUNT, OR ACCESSING OR USING THE SUBSCRIPTION SERVICE IN ANY MANNER, YOU AGREE TO BE BOUND BY ALL OF THESE PROVISIONS HEREIN, AND ALL OTHER SUPPLEMENTAL TERMS.
YOU REPRESENT AND WARRANT THAT YOU (I) HAVE READ AND UNDERSTAND THIS AGREEMENT, (II) HAVE THE AUTHORITY TO ENTER INTO THIS AGREEMENT ON YOUR ENTITY’S BEHALF; (II) NEITHER YOU NOR YOUR AFFILIATES HAVE BEEN A PAYING CUSTOMER OF GOODDATA IN THE PREVIOUS TWELVE (12) MONTHS OF SIGNING THIS AGREEMENT; (III); AND (IV) ACCEPT THIS AGREEMENT ON YOUR ENTITY’S BEHALF. IF YOU DO NOT AGREE WITH THE TERMS OF THIS AGREEMENT, YOU SHOULD NOT INDICATE ACCEPTANCE AND MAY NOT USE THE SUBSCRIPTION SERVICES.
YOU ACKNOWLEDGE RECEIPT OF OUR PRIVACY POLICY AND BY ORDERING THE SUBSCRIPTION SERVICES ON OUR WEBSITE, USING OUR WEBSITE, OR OTHERWISE ENGAGING IN ANY ELECTRONIC TRANSACTION WITH RESPECT TO THE SUBSCRIPTION SERVICES, THEN YOU AGREE TO RECEIVE ANY UPDATES TO OUR PRIVACY POLICY BY ACCESSING OUR WEBSITE.
1. Definitions.
(a) “Affiliates” means any entity that directly or indirectly controls, is controlled by, or is under common control with the subject entity; for purposes of this definition, “control” means direct or indirect ownership or control of more than 50% of the voting interests of the subject entity.
2. Overview.
3. Technology License Grant.
4. Intellectual Property Rights.
6. Confidential Information.
7. Security; Transmission.
8. Indemnification.
9. Limitation of Liability.
10. Suspension and Termination.
11. General.
GoodData Platform Trial Terms of Use
Version 1.3
Effective August 23rd 2021
DownloadTable of Contents
Updated: 07/01/2020
- modify, alter, tamper with, repair or otherwise create derivative works of the Platform;
- reverse engineer, disassemble, decompile the Platform or the Subscription Services used to provide or access the Platform, or attempt to discover or recreate the source code used to provide or access the Platform, except and only to the extent that the applicable law expressly permits doing so;
- use the Platform in any manner or for any purpose other than as expressly permitted by the Agreement or this TOU, the Privacy Policy, or any other policy, instruction or terms applicable to the Platform;
- sell, lend, rent, resell, lease, sublicense or otherwise transfer any of the rights granted to You with respect to the Platform to any third party;
- remove, obscure or alter any proprietary rights notice pertaining to the Platform;
- use the Platform to: (i) store or transmit inappropriate content, such as content that violates the intellectual property rights or rights to the publicity or privacy of others; (ii) store or transmit any content that contains or is used to initiate a denial of Platform attack, Subscription Services viruses or other harmful or deleterious computer code, files or programs such as Trojan horses, worms, time bombs, cancelbots, or spyware; or (iii) otherwise violate the legal rights of a third party;
- interfere with or disrupt servers or networks used by GoodData to provide the Platform or used by other users to access the Platform, or violate any third-party regulations, policies or procedures of such servers or networks or harass or interfere with another user’s full use and enjoyment of any Subscription Services or the Platform;
- access or attempt to access GoodData’s other accounts, computer systems or networks not covered by these TOU, through password mining or any other means;
- cause, in GoodData’s sole discretion, inordinate burden on the Platform or GoodData’s system resources or capacity;
- use the Platform, or permit such to be used, for purposes of product benchmarking or other comparative analysis intended for publication without GoodData's prior written consent; or
- share passwords or other access information or devices or otherwise authorize any third party to access or use the Platform.
5. Confidential Information.
6. Report Abuse.
7. TOU Changes.
8. Consent to Electronic Communications and Solicitation.
9. Updates to the Platform.
10. Privacy.
11. Proprietary Rights; Intellectual Property; Feedback.
12. Indemnity.
13. Governing Law; Limitation of Liability.
14. Suspension and Termination of Your Use of the Platform.
15. General.
GoodData.CN PoweredBy Data as a Service Program Agreement
Version 1.11
Effective October 15th 2024
DownloadTable of Contents
GOODDATA POWEREDBY DATA AS A SERVICE PROGRAM AGREEMENT
2. Licenses.
3. Intellectual Property Rights.
4. Confidential Information.
5. Fees and Payment.
6. Indemnification.
7. Warranties and Disclaimers.
9. Term and Termination.
GoodData Contracting Entity | Jurisdiction | Notice Address |
GoodData Ireland | Ireland | Attn: Head of Legal 12 Merrion Square Dublin 2 Dublin, Ireland with copy to legal@gooddata.com. |
GoodData Corporation, a Delaware corporation | The State of California | Attn: Head of Legal 333 Kearny Street Floor 2 San Francisco, CA 94108 |
GoodData Privacy Policy
Version 2.24
Effective October 18th 2024
DownloadTable of Contents
GoodData Privacy Policy
INTRODUCTION
PERSONAL DATA WE COLLECT FROM YOU
Personal Data You May Choose to Provide to GoodData
Personal Data that are Collected Passively
Data Collected from Downloadable Products
Information About Your Customers
HOW WE USE PERSONAL DATA WE COLLECT FROM YOU
Customer Relationship
Authentication and Personalization in Usage of the GoodData Products and Services
Schedule Notices and Alert Emails
Workspace Invitations
Referrals
Improvement of Our Services
Improvement of Our Products and Your Ease of Use
- Analyze the user journey to identify pain points and improvement opportunities for the user experience
- Monitor the usage of individual software features in order to help us prioritize feature development
- Make decisions about product functionality and Our product roadmap based on overall usage trends and pattern
- Analyze the performance of the product and functionality of the features
- Analyze the adoption of the platform, usage trends, and customer contract limits
- Control access to downloadable products
- Track entitlements and verify compliance with any license limitations or restriction
Feedback Collection
Marketing
Transactional Emails and Newsletters
Forums
Customer Testimonials
GoodData may post Your testimonials, which may contain personal data, on a GoodData Site. We obtain Your consent prior to posting Your testimonials.
Job Applications
GoodData collects Your personal data for the purposes of managing GoodData's recruitment related activities as well as for organizational planning purposes globally. Consequently, GoodData may use Your personal data in relation to the evaluation and selection of applicants; including, for example, setting up and conducting interviews and tests, evaluating and assessing the results thereto, and as is otherwise needed in the recruitment processes including the final recruitment. If you are a California resident and you apply for a job at GoodData please see our CCPA Employee and Applicant Privacy Notice for additional information.
WHEN WE SHARE YOUR PERSONAL DATA
Third Party Agents
Joint Offerings
Legal Obligations
YOUR RIGHTS AND CHOICES
Removal and Objection
Correcting, Updating and Accessing
Cookies
PERSONAL DATA RETENTION
LINKS TO OTHER WEBSITES
SECURITY
WHISTLEBLOWING
In terms of processing personal data related to activities associated with whistleblowing, please refer to the relevant passage in the Whistleblowing at GoodData section.
NOTIFICATION OF CHANGES
CONTACT US
333 Kearny Street, Floor 2
San Francisco, CA 94108, USA
JURISDICTION-SPECIFIC PROVISIONS
California
- Identifiers, including name, address, email address, account name, Social Security Number, IP address - and an ID number assigned to Your account
- Customer records, phone number, billing address, credit or debit card information, employment or education information
- Commercial information, including purchases of our services, downloads of Our downloadable products, and engagement with the services and Our downloadable products
- Internet activity, including history of visiting and interacting with Our service, the GoodData Site, browser type, browser language and other information collected automatically
- Geolocation data, including location enabled services such as WiFi and GPS
- Inferences, including information about interests and preferences
- Commercial Information
- Customer Records
- Demographic Data
- Location Data
- Identifiers
- Inferences
- Internet activity
The CCPA provides California residents with specific rights regarding their personal information. If You are a resident of California, You have the following rights:
The right to notice. You have the right to be notified which categories of personal data are being collected and the purposes for which the personal data is being used.
The right to request. Under CCPA, You have the right to request that We disclose information to You about Our collection, use, sale, disclosure for business purposes and share of personal information. In particular, You have the right to request the following from Us:
- The categories of personal data We have collected about You
- The categories of sources from which the personal data was collected
- The categories of personal data about You that We disclosed for a business purpose or sold
- The categories of third parties to whom the personal data was disclosed for a business person or sold
- The business or commercial purpose for collecting or selling the personal data
- The specific pieces of personal data We have collected about You
The right to delete. You have the right to request the deletion of Your personal data. However, this is not an absolute right and We may have legal grounds for keeping such data. Once We receive and confirm Your request, We will delete (and direct Our Service Providers to delete) Your personal information from our records, unless an exception applies.
The right to correct. You may ask us to correct inaccurate information that we have about you.
To exercise any of these rights, please submit a request to privacy@gooddata.com or you may contact Us at:
333 Kearny Street, Floor 2
San Francisco, CA 94108, USA
In the request, please specify which right You are seeking to exercise and the scope of the request. Unless otherwise provided by applicable law, we will disclose and deliver the required information free of charge within 45 days of receiving Your verifiable request. The time period to provide the required information may be extended once by an additional 45 days when reasonably necessary and with prior notice. We may require specific information from You to help us verify Your identity and process Your request. If We are unable to verify Your identity, We may deny Your requests to know or delete.
Authorized Agent. You can designate an authorized agent to submit requests on Your behalf. However, We will require written proof of the agent’s permission to do so and verify Your identity directly.
Any disclosures We provide will only cover the 12-month period preceding the verifiable request's receipt.
For data portability requests, We will select a format to provide Your personal information that is readily usable and should allow You to transmit the information from one entity to another entity without hindrance.
Canada
European Union, United Kingdom and Switzerland
- Right of access
- Right to rectification
- Right to erasure (Right to be forgotten)
- Right of restriction of processing
- Right to data portability
- Right to object
- Right to access details around any automated individual decision-making, including profiling*.
With respect to personal data received or transferred pursuant to the DPF Principles, GoodData is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, GoodData may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
In compliance with the DPF Principles, GoodData commits to resolve complaints about Our collection or use of Your personal information. EU, UK and Swiss individuals with inquiries or complaints regarding Our DPF policy should first contact Us at: privacy@gooddata.com.
GoodData Cookie Policy
Version 1.13
Effective July 30th 2024
DownloadTable of Contents
Updated: 7/30/2024
What are Cookies?
Why do we use cookies?
- log you into our Website;
- to protect your security;
- to help us detect and fight spam, abuse and other activities that violate GoodData’s user agreements and term; and
- to authenticate your access to the Website.
COOKIE TABLE
Types of cookie | Use of cookies | Who serves these cookies on our Website? |
Strictly necessary cookies: These cookies are strictly necessary to provide you with services available through our Websites, to analyze traffic and to use some of its features, such as access to secure areas. | We use these "Strictly necessary" cookies to:
| HubSpot ZeroBounce Intercom Storylane |
Website and Content Experience cookies: These cookies provide us with information on how our Websites are being used, to help us improve the quality and relevance of content we place on our Websites. Additionally, they also allow us to show you embedded videos, remember your preferences and actions, so that the Websites do not bother you with the same request repeatedly (e.g. filling a form to download a PDF file) and provide feedback about such actions to our affiliated entities. | We use 'Website and Content Experience' cookies to:
| Google Analytics HotJar G2 HubSpot FigPii Storylane |
Communications cookies: These cookies remember what content you visited on our Websites, to help us serve to you only relevant marketing content that addresses your needs and interests. Our marketing content (i.e. banners) will appear on other websites. When visiting our Website, plugins are embedded in a manner which ensures that a connection to the servers of the respective plugin provider will only be established if you click on the plugin. Your internet browser establishes a direct connection to the respective plugin provider’s servers only when you activate the plugins. This way, the plugin provider receives information that your internet browser has accessed the respective site of our Website, even when you do not maintain a user account with the provider or are not logged in. Log files (including the IP address) are transmitted directly from your internet browser to a server of the respective plugin provider and may be stored there. This server may be located outside the EU or EEA (e.g. in the U.S.). We have no influence on the scope of data gathered and stored by the plugin provider through the plugin. If you do not wish for the plugin providers to receive, save, and use data gathered through this Website, you should not use the respective plugins. You can also block the plugins from being loaded with browser add-ons (so-called script blockers). | We may use "Communication" cookies to:
We may use Communication cookies to track your browser across other sites, building up a profile of your interests and possibly other personal data - but we have ensured that this only happens if you have requested us to share information with the respective social network. Our website uses social media plug-ins (“Plugins”) by the following providers: X plugin is operated by X Corp, 1355 Market St, Suite 900, San Francisco, CA 94103, USA. Find an overview of X plugins at: https://developer.x.com/en/docs/twitter-for-websites/tweet-button/overview. You can find out more about the purpose and scope of the data collection as well as about processing and use of your data by X here: https://x.com/en/privacyLinkedIn plugin is operated by LinkedIn Corporation, Building 1000(LSNS), 1000 W Maude Ave, Sunnyvale, CA 94085, USA. Find an overview of LinkedIn plugins at: https://developer.linkedin.com/product-catalog/plugins. You can find out more about the purpose and scope of the data collection as well as about processing and use of your data by LinkedIn here: https://www.linkedin.com/legal/privacy-policy Facebook plugin is operated by Meta Platforms, Inc., 1 Hacker Wy, Menlo Park, CA 94025, USA. Find an overview of Facebook plugins at: https://developers.facebook.com/docs/plugins/share-button. You can find out more about the purpose and scope of the data collection as well as about processing and use of your data by Meta here: https://www.facebook.com/privacy/policy/ | Medium GoogleAds X |
What about other tracking technologies, like web beacons?
Do you use Flash Cookies or Local Shared Objects?
Do you serve targeted advertising?
How can I refuse cookies?
How can I control cookies?
- Google Analytics is a web analytics service provided by Google, Inc. (“Google”). Google uses cookies to help us analyze how users use the website. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. In case of activation of IP anonymization, Google will truncate/anonymize the last octet of the IP address for Member States of the European Union as well as for other parties to the Agreement on the European Economic Area. Only in exceptional cases, the full IP address is sent to and shortened by Google servers in the USA. On behalf of the website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on your activity for us and third parties who help operate and provide services related to the website. Google will not associate your IP address with any other data held by Google. You may refuse the use of these cookies by selecting the appropriate settings on your browser as discussed in this policy. However, please note that if you do this, you may not be able to use the full functionality of the website. Furthermore you can prevent Google’s collection and use of data (cookies and IP address) by downloading and installing the browser plug-in available under https://tools.google.com/dlpage/gaoptout?hl=en-GB or here. Further information concerning the terms and conditions of use and data privacy can be found at http://www.google.com/analytics/terms/gb.html or at https://www.google.de/intl/en_uk/policies/.
- Google Ads is provided by Google LLC located at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Find further information on this tool here. You may object to the collection or processing of your data by this tool by contacting Google using the contact form.
How often will you update this Cookie Policy?
GoodData Data Processing Addendum
Version 3.4
Effective October 16th 2024
DownloadTable of Contents
1. Definitions.
2. Data Protection.
Where (i) GoodData is the data exporter (see section 2.3.), (ii) GDPR or Swiss DPA apply to international data transfers from EEA / Switzerland to countries outside the EEA and (iii) an international transfer of Personal Data cannot take place on the basis of an adequacy decision pursuant to Art 45 (3) GDPR, GoodData will enter into respective EU Standard Contractual Clauses as the case may be with data importers outside the EEA.
To the extent Personal Data solely subject to the Swiss DPA is to be internationally transferred, all references to the GDPR within the EU Standard Contractual Clauses shall be understood to be references to the Swiss DPA and the Swiss Federal Data Protection and Information Commissioner shall act as competent supervisory authority.
- Upon termination or expiry of the Agreement, GoodData shall (at Company's election) destroy or enable Company to retrieve all Personal Data in its possession or control as Processor (including any Personal Data subcontracted to a third party for processing).
- Providing Company services includes provision of data storage/warehouse and unless agreed otherwise by the Parties, GoodData shall enable Company to retrieve its Personal Data within thirty (30) days of Company's Agreement termination or expiry.
- GoodData shall delete all Personal Data within ninety (90) days of the termination of this Addendum or the Agreement, or upon Company's written request.
3. Company Affiliates.
4. Liability.
5. Term.
A. LIST OF PARTIES
B. DESCRIPTION OF TRANSFER
- Prospects, customers, business partners and vendors of data exporter (who are natural persons);
- Employees or contact persons of data exporter’s prospects, customers, business partners and vendors; and
- Employees, agents, advisors, freelancers of data exporter (who are natural persons).
- First and last name
- Title
- Position
- Employer
- Contact information (company, email, phone, physical business address)
- ID data
- Professional life data
- Personal life data (including but not limited to home addresses, personal phone numbers, resumes, attendance records, bank details)
- Connection data
- Localisation data
- Support Data
- Provision of infrastructure and/or software as a service
- Provision of the professional services pursuant to Agreement between data exporter and data importer
C. COMPETENT SUPERVISORY AUTHORITY
The competent supervisory authority is the supervisory authority that is competent to act as lead for Company (as data exporter).
ANNEX II
PRODUCT: GOODDATA PLATFORM - TECHNICAL AND ORGANISATIONAL MEASURES INCLUDING TECHNICAL AND ORGANISATIONAL MEASURES TO ENSURE THE SECURITY OF THE DATA
13. Incident Reporting and Response Process. GoodData proactively monitors the Platform for security incidents, including alert notifications generated by GoodData systems and those of its infrastructure partners, open source and industry alerts and community alerts. When an alert is raised, the risk level is assessed first by internal GoodData personnel. Based on this assessment, the GoodData security team will select and launch the prescribed response process. Documented internal escalation procedures and communication protocols clarify when and how an internal escalation takes place, and who is notified. For events classified as an “Incident” (meaning an event impacting the Platform that triggers an alert and requiring prompt or immediate investigation by GoodData), GoodData personnel will respond to the incident within thirty (30) minutes from receipt of a triggered notice on a 24x7, 365 day, annual basis.
14. Data Breach Notice Procedures. GoodData will use all commercially reasonable efforts to notify Company in writing within seventy-two (72) hours after confirming or determining reasonable suspicion of an Incident involving unauthorized access to Customer Data, and will take all necessary steps and measures to promptly remediate any vulnerabilities involving Customer Data as soon as GoodData becomes aware of the security incident. Company must sign up and consent to receive security- and support-related emails from GoodData at the Online Support Portal.
15. Continuous Improvement. As the industry standards, regulations and technology evolve, GoodData will from time to time implement changes to improve its information security program. GoodData reserves the right to update or replace any of its information security practices, providing that such change (i) adequately addresses GoodData commitments outlined in this document and (ii) does not materially reduce the level of information security of the Platform.
16. Applicability of this Annex II. GoodData will make all commercially-reasonable efforts to ensure the information security of the Platform; however, to the extent that in the Agreement, a Statement of Work, or any other agreement, Company requests or requires that GoodData modifies its standard practices in a way that is inconsistent with the terms of this Annex II, this Annex II will not apply. To the extent that Company implements changes to the Platform configuration which are inconsistent with the terms of this Annex II, this Annex II will not apply.
17. Shared Responsibilities for Information Security. GoodData’s obligations under this Annex II apply solely to the extent that Company complies with its own responsibilities under the Agreement, including all applicable Statements of Work. Company acknowledges that it is responsible for ensuring the security of its own network, equipment, and Customers. Company understands the need to comprehensively assess risks related to its usage of the Platform and implement applicable security controls including complementary user entity controls to achieve a desired level of security. These complementary user entity controls include but are not limited to controls related to user access management, user security considerations such as endpoint protection, implementation of supplementary user access technical safeguards offered by GoodData such as SSO, IP whitelisting and custom session expiration, change management of Company's implementation, and notification to GoodData in case of a suspected or confirmed data security incident by sending email to security@gooddata.com, each of which will facilitate the achievement of Company's desired level of security.
18. Additional Safeguards for Protection of Sensitive Personal Data. If the Customer Data includes Sensitive Personal Data, GoodData will employ additional safeguards for protection of such Sensitive Personal Data. These safeguards are available under the Enterprise Shield package, which Company must purchase in order to be able to upload Sensitive Personal Data to the GoodData platform. The Enterprise Shield package employs more stringent logical access controls, formal assurance, and security review of the implementation, along with coverage of the implementation by SOC 2 Type II audit, and a complete audit trail of access to data by GoodData personnel and access to platform events audit log by Company.
GoodData List of Sub-processors
Version 3.2
Effective June 19th 2023
DownloadTable of Contents
Name | Purpose of processing | Location of processing |
Datacenter providers (applicable for GoodData Platform and GoodData Cloud; location depends on Company's choice) | ||
Rackspace US, Inc. | Datacenter (private cloud) provider | United States*, United Kingdom |
Amazon Web Services, Inc. | Datacenter and IaaS (public cloud) provider | United States*+, Canada, Australia, EU (Germany and Ireland) |
Google, Inc. | IaaS (public cloud) provider | United States |
Identity provider (applicable for GoodData Cloud Trial, optional for GoodData Cloud paid plans) | ||
Auth0, Inc. | Identity Provider | United States |
Outsourced Professional Services providers (applicable if Company purchases Professional Services with GoodData) | ||
Microsoft Corporation | Desktop-as-a-Service environment provider | United States, Germany |
BigHub s.r.o. | Professional Services Outsourcing | Czech Republic |
Bizztreat s.r.o. | Professional Services Outsourcing | Czech Republic |
*default location and Subprocessors for GoodData Platform
+default location and Subprocessors for GD Cloud
GoodData Group | |
---|---|
GoodData Corporation | United States of America |
GoodData s.r.o. | Czech Republic (EU) |
GoodData Ireland | Ireland (EU) |
GoodData Business Associate Agreement
Version 1.0
Effective August 6th 2021
DownloadTable of Contents
- Definitions. Terms used in this BAA that are specifically defined in HIPAA shall have the same meaning as set forth in HIPAA. A change to HIPAA which modifies any defined HIPAA term, or which alters the regulatory citation for the definition shall be deemed incorporated into this BAA. As used herein:
- “Electronic Protected Health Information” and/or “ePHI” has the meaning given to the term under the Privacy Rule at 45 CFR § 160.103, and includes, without limitation, any ePHI provided by You or created or received by GoodData on Your behalf.
- “HIPAA” means the Health Insurance Portability and Accountability Act of 1996, Public Law 104-91, as amended, and related HIPAA regulations (45 CFR Parts 160, 162 and 164).
- “Individual” has the meaning given to the term under the Privacy Rule at 45 CFR § 160.103. It also includes a person who qualifies as a personal representative in accordance with 45 CFR § 164.502(g).
- “Service Agreement” means the underlying agreement(s) that outline the terms of the services that GoodData agrees to provide to You and that fall within the functions, activities or services described in the definition of “Business Associate” at 45 CFR § 160.103.
- “Privacy Rule” means the Standards for Privacy of Individually Identifiable Health Information, codified at 45 CFR Parts 160 and Subparts A and E of Part 164, and any other applicable provision of HIPAA and any amendments to HIPAA.
- “Protected Health Information” and/or “PHI” has the meaning given to the term under the Privacy Rule at 45 CFR § 164.103, and includes, without limitation, any PHI provided by You or received by GoodData on Your behalf. Unless otherwise stated in this BAA, any provision, restriction, or obligation in this BAA related to the use of PHI shall apply equally to ePHI.
- “Secretary” means the Secretary of the Department of Health and Human Services or his or her designee.
- “Security Rule” means the Security Standards for the Protection of Electronic Protected Health Information, codified at 45 CFR Part 160 and Subparts A and C of Part 164, and any other applicable provision of HIPAA.
- “Unsecured PHI” means PHI that is not rendered unusable, unreadable, or indecipherable to unauthorized individuals through the use of a technology or methodology specified by the Secretary from time to time.
- Applicability. This BAA shall be applicable only in the event and to the extent that GoodData is a Business Associate with respect to You.
- GoodData Obligations and Permitted Uses and Disclosures.
- GoodData will only use or disclose PHI for the purpose of performing GoodData’s obligations to You as permitted under this BAA or as Required by Law.
- Except as otherwise limited in the Service Agreement or this BAA, GoodData may use or disclose PHI to perform functions, activities, or services for, or on Your behalf, provided that such use or disclosure would not violate the Privacy Rule if done by You.
- To the extent that GoodData is carrying out an obligation of Yours under the Privacy Rule, GoodData will comply with the requirements of the Privacy Rule that apply to You in the performance of such obligation.
- So long as such use or disclosure does not violate the Privacy Rule or this BAA, GoodData may:
- Use PHI as is necessary for the proper management and administration of GoodData‘s organization, or to carry out the legal responsibilities of GoodData, as provided in 45 CFR § 164.504(e)(4); and
- Disclose PHI for these purposes, in accordance with the provisions of 45 CFR § 164.504(e)(4)(ii), if either (i) the disclosure is Required by Law or (ii) GoodData obtains reasonable assurances from the person to whom GoodData discloses the PHI that the PHI will be held confidentially and used or further disclosed only as required by law or for the purposes for which it was disclosed to the person and that the person will notify GoodData of any instances of which it is aware in which the confidentiality of the information has been breached.
- GoodData will develop, implement, maintain, and use appropriate safeguards to prevent any use or disclosure of the PHI other than as provided by this BAA. GoodData will implement administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity and availability of ePHI.
- GoodData will report to You any use or disclosure of PHI not authorized by this BAA of which it becomes aware, including any Breach of Unsecured PHI. In addition, GoodData will report to You any Security Incident of which it becomes aware involving or potentially involving Your ePHI. Notice shall be provided to You within fifteen (15) business days of becoming aware of the non-authorized use or disclosure or Security Incident.
- The parties acknowledge and agree that this section constitutes notice by GoodData to You of the ongoing existence and occurrence of attempted but Unsuccessful Security Incidents (as defined herein) for which no additional notice to You shall be required. For purposes of this paragraph, “Unsuccessful Security Incidents” shall include, but shall not be limited to, pings and other broadcast attacks on GoodData’s firewall, port scans, unsuccessful log-on attempts, denials of service and any combination of the above, so long as no such incident results in unauthorized access to, use of, or disclosure of, PHI.
- GoodData agrees to mitigate, to the extent reasonably practicable, any harmful effect that is known to GoodData of any (A) use or disclosure of PHI or ePHI by GoodData in violation of the requirements of this BAA, (B) Breach of Unsecured PHI or (C) Security Incident related to ePHI in violation of the requirements of this BAA.
- All PHI maintained by GoodData for You will be available to You in a time and manner that reasonably allows You to comply with the requirements under 45 CFR § 164.524. GoodData shall not be obligated to provide any such information directly to any individual or person other than You.
- All PHI maintained by GoodData for You will be available to You in a time and manner that reasonably allows You to comply with the requirements under 45 CFR § 164.526.
- You acknowledge that GoodData is not required under this BAA to make disclosures of PHI to individuals or any person other than You, and that GoodData does not, therefore, expect to maintain documentation of such disclosure as described in 45 CFR § 164.528. In the event that GoodData does make such disclosure, it shall document the disclosure as would be required for You to respond to a request by an individual for an accounting of disclosures in accordance with 45 CFR § 164.504(e)(2)(ii)(G) and § 164.528, and shall provide such documentation to You promptly on Your request. In the event that a request for an accounting is made directly to GoodData, GoodData shall, within fifteen (15) Business Days, forward such request to You.
- To the extent required by applicable law, GoodData shall make its internal practices, books and records relating to the use and disclosure of PHI available to the Secretary for purposes of determining Your compliance with the Privacy Rule.
- GoodData will ensure that any agents, including subcontractors, to whom it provides PHI or ePHI agree in writing to the same restrictions and conditions, including but not limited to those relating to termination of the contract for improper disclosure, that apply to GoodData with respect to such information. Further, GoodData shall take reasonable steps to cure a material breach of an agent or subcontractor or terminate its association and/or agreement with the agent or subcontractor. GoodData shall not provide any PHI or ePHI to any third party other than GoodData’s agents and subcontractors as necessary for performance under the Service Agreement without Your express written permission or as otherwise required by law.
- GoodData agrees that GoodData does not and will not have any ownership rights in any of the PHI.
- Customer Obligations. You shall notify GoodData of:
- Any change in its notice of privacy practices, to the extent that such change may affect GoodData's use or disclosure of PHI;
- Any change in, or revocation of, permission by individual to use or disclose PHI, to the extent that such change may affect GoodData's use or disclosure of PHI; and
- Any restriction to the use or disclosure of PHI agreed by You, including, but not limited to, any restriction agreed by You under 45 CFR § 164.522, to the extent that such restriction may affect GoodData's use or disclosure of PHI.
- You shall not instruct or request that GoodData use or disclose any PHI in any manner not permitted by this BAA.
- Term; Termination.
- This BAA shall be effective as of the date on which the Service Agreement becomes effective and shall continue until terminated by You or until any underlying Service Agreement expires or is terminated; provided however, that the requirements of this BAA shall continue to apply to GoodData to the extent that it maintains Your PHI or ePHI after such termination as provided in Section 5.3.
- If GoodData violates a material term of this BAA, as determined by You, You may terminate this BAA, provided that You have provided written notice of the violation to GoodData and GoodData has not cured the violation within thirty (30) days of receiving written notice of the violation from You.
- Upon termination of this BAA for any reason, GoodData shall, if feasible, return or destroy all PHI received from You or created or received by GoodData on behalf of You that GoodData still maintains in any form. If return or destruction of PHI is not feasible, GoodData will retain the PHI, subject to all of the protections of this BAA, and limit further uses and disclosures of the PHI to those purposes that make the return or destruction of the PHI infeasible for so long as GoodData maintains the PHI.
- Miscellaneous
- This BAA may be also executed in counterparts, and, if so executed, each counterpart shall be considered part of the entire, original document and shall have the same force and effect as if executed in one original document. Facsimile, PDF (Portable Document Format) signatures, and/or electronic mail signatures or online acceptance will be deemed original signatures under the terms of this BAA.
- Nothing express or implied in this BAA is intended to confer, nor shall anything herein confer, upon any person other than You, GoodData, or their respective successors or assigns, any rights, remedies, obligations or liabilities whatsoever.
- The parties are independent contractors and nothing in this BAA shall be deemed to make them partners or joint venturers.
- GoodData will comply with all appropriate federal and state security and privacy laws, to the extent that such laws apply to GoodData.
- All notices which are required or permitted to be given pursuant to this BAA shall be in writing and shall be sufficient in all respects if delivered personally, by electronic mail, by facsimile (with a confirmation by registered or certified mail placed in the mail no later than the following day), or by registered or certified mail, postage prepaid, addressed to a party as indicated below:
If to GoodData: If to You: GoodData Corporation
ATTENTION: Legal Department
1 Post Street, Suite 400
San Francisco, CA 94104
With a copy to legal@gooddata.comto the email address provided during Your registration - Notice shall be deemed to have been given upon transmittal thereof as to communications which are personally delivered or transmitted by electronic mail or facsimile and, as to communications made by United States mail, on the third day after mailing. The above addresses may be changed by giving notice of such change in the manner provided above for giving notice.
- Any ambiguity in this BAA shall be resolved to permit the parties to comply with HIPAA.
- If any provision of this BAA is determined by a court of competent jurisdiction to be invalid, void, or unenforceable, the remaining provisions hereof shall continue in full force and effect.
- Unless otherwise specified in the Service Agreement and except to the extent preempted by federal law, this BAA shall be governed by the law of the State of California, without regard to applicable conflict of law principles.
GoodData Ancillary Services Terms of Use
Version 1.0
Effective August 6th 2021
DownloadTable of Contents
Updated: 07/01/2020
5. Relationship of the Parties.
6. Fees and Compensation.
7. Ownership.
8. Warranty.
9. Entire TOU.
GoodData Community and University Terms of Use
Version 1.3
Effective August 12th 2021
DownloadTable of Contents
The online community provided by GoodData Corporation (“we” or “GoodData”) at community.gooddata.com is designed to create and support an online community where GoodData users, customers or partners can share their experiences about GoodData services, easily receive information about GoodData services, and get a peer-to-peer support and thought leadership on best practices (“GoodData Community”).
Separately, the online educational portal provided by GoodData at university.gooddata.com is designed to provide individuals, customers, and partners with a centralized source of training materials for GoodData products and services (“GoodData University”) including videos, live streams, papers, and quiz questions and answers (“University Content”).
These Portal Terms of Use and all materials referred to or linked to here (“Terms”) are the terms that apply to all persons or entities using the GoodData Community or GoodData University (“you”), but only in relation to your use of GoodData Community or GoodData University (together, the “Portals”). If you do not accept these Terms, you shall not access or use the Portals.
Every Portal user agrees to abide by these Terms and is responsible for any violations. You are not allowed to assist or engage others in a way that would violate these Terms.
We reserve the right to modify these Terms in our sole discretion at any time without giving you prior notice. Your use of the Portals following any such modification constitutes your agreement to follow and be bound by these Terms as modified. You agree to review the Terms on a regular basis and always remain in compliance.
1. Access to the Portals.
You may not use a username that: (i) belongs to someone else, (ii) impersonates another person, (iii) is misleading, (iv) violates any intellectual property or other proprietary rights, (v) is vulgar or offensive, (vi) uses ‘GoodData’ as all or part of it, unless we provide express permission to do so, or (vii) we reject, which we may choose to do in our discretion. All information you provide in your profile must be accurate. Your account will be accessed through a username and password that you will create (your "Credentials"). Your Credentials are solely for your use. You are responsible for maintaining the confidentiality of your Credentials and you are fully and solely responsible for all activities that occur under your Credentials, whether authorized by you or not. It is your responsibility to take adequate precautions with your Credentials. If you believe your access to or use of the Portals has been breached, compromised, or unauthorized, notify us immediately at security@gooddata.com.
The Portals are not intended for users under the age of thirteen (13). By creating your account for one of the Portals, you represent and warrant that you are at least thirteen (13) years of age.
2. Your Conduct and Content.
You are not permitted to sell, rent, lease, assign, sublicense, distribute, transmit, broadcast, commercially exploit, grant a security interest in, or otherwise transfer any right in the Portals or Portal Content. (“Portal Content” means all content, including without limitation, language, data, information, and images, provided through or disclosed by use of the Portals, whether by us, our customers, or other users of the Portals, together with the University Content. Portal Content does not include Your Content, as defined herein).
In addition, you may not (directly or indirectly) use the Portals in a manner that is in violation of these Terms, including without limitation, posting content that:
- is confidential, proprietary or considered Personal Information under applicable law;
- is threatening, abusive, harassing, stalking, or defamatory;
- is deceptive, false, misleading or fraudulent;
- is invasive of another's privacy or otherwise violates another’s legal rights (such as rights of privacy and publicity);
- contains vulgar, obscene, indecent or unlawful material;
- infringes a third party's intellectual property right(s);
- uploads files that contain viruses, corrupted files, or any other similar software or programs that may damage the operation of another person's computer;
- downloads any file that you know, or reasonably should know, cannot be legally distributed in that way;
- falsifies or deletes any author attributions, legal or proprietary designations, labels of the origin or source of software, or other material contained in a file that is uploaded;
- harvests or otherwise collects information about others, including email addresses, without their consent;
- damages, disables, overburdens, or impairs any GoodData website or interferes with any other party's use and enjoyment of the Portals or any GoodData website or product;
- mirrors or frames the Portals’ websites, or any part of them, on any other GoodData website or webpage;
- attempts to gain unauthorized access to the Portals, or access the Portals by any means other than through the interface that we provide to you; and/or
- is in violation of any applicable law or regulation, or a third-party’s rights.
(b) Suspension and Notice of Violations. We may immediately suspend your use of the Portals, without notice, for actual or suspected violations of the terms contained in this Section 2 (Your Conduct and Content). If you know of usage that is in violation of these Terms, please let us know at support@gooddata.com.
(c) Claims of Copyright Infringement. We may, in our sole discretion, suspend the access or terminate the accounts of users who violate others' intellectual property rights. If you have a good faith belief that your intellectual property rights have been infringed upon in the Portals, you may send GoodData a written copyright infringement notice via mail or email to support@gooddata.com.
(d) Our Use of Your Content. You grant to us and certain third parties all rights, licenses and permissions necessary to display, reproduce, disseminate, and otherwise use all content, including without limitation, language, data, information, and images, provided through or disclosed through use of the Portals, by you (“Your Content”) in connection with a Portal. We may edit or remove Your Content, or block or disable replies on a topic, at any time in our sole discretion. GoodData alone (and its licensors, where applicable) shall own all rights, title and interest, including all related intellectual property rights in and to GoodData’s technology. If you choose to post feedback, such as suggestions to improve GoodData products or services on the Portals, GoodData may act on your feedback, including by incorporating it in GoodData products or services, without any obligation to you.
(e) Privacy. Your use of Portals is subject to the GoodData Privacy Policy effective at the time of your use, which is incorporated herein as though set forth in full.
(f) Content Posted by Third Parties. GoodData cannot control and has no obligation to control Portal Content, and does not guarantee the accuracy, integrity or quality of such Portal Content. You understand that by using the Portals you may be exposed to Portal Content that you may find offensive, indecent, incorrect or objectionable, and you agree that under no circumstances will GoodData be liable in any way for any Portal Content, including without limitation any errors or omissions, or any loss or damage of any kind incurred as a result of your use of any Portal Content. You understand that you must evaluate and bear all risks associated with the use of, or reliance on, any Portal Content. You may report objectionable materials at support@gooddata.com.
(g) Cookies. Your use of Portals’ websites is subject to the GoodData Cookie Policy and to the Cookie Policy of any third-party service provider used to deliver the Portals which are in effect at the time of your use. Such cookie policies are incorporated herein as though set forth in full.
3. International Use.
4. GoodData’s Proprietary Rights.
5. Third-Party Sites and Products.
6. Term and Termination.
7. Your Representations and Warranties.
8. Indemnification.
9. Disclaimers; Limitations of Liability.
(b) Disclaimer of Warranties. WE AND OUR AGENTS MAKE NO REPRESENTATIONS OR WARRANTIES ABOUT THE SUITABILITY, RELIABILITY, AVAILABILITY, TIMELINESS, SECURITY OR ACCURACY OF THE GOODDATA PRODUCTS OR SERVICES, THE PORTALS, OR THE PORTAL CONTENT FOR ANY PURPOSE. THE PORTALS ARE PROVIDED "AS IS" WITHOUT WARRANTY OR CONDITION OF ANY KIND. WE DISCLAIM ALL WARRANTIES AND CONDITIONS OF ANY KIND WITH REGARD TO THE PORTALS AND THE PORTAL CONTENT, INCLUDING ALL IMPLIED WARRANTIES OR CONDITIONS OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. FURTHER, GOODDATA AND ITS AFFILIATES DO NOT WARRANT THE ACCURACY OR COMPLETENESS OF THE INFORMATION, TEXT, GRAPHICS, LINKS OR OTHER INFORMATION CONTAINED IN THE PORTALS. SOME JURISDICTIONS DO NOT ALLOW LIMITATIONS ON IMPLIED WARRANTIES, SO THE ABOVE LIMITATIONS MAY NOT APPLY TO YOU. GOODDATA DOES NOT WARRANT THAT THE PORTALS WILL BE AVAILABLE AT ANY TIME OR FROM ANY PARTICULAR LOCATION, WILL BE SECURE OR ERROR-FREE, THAT DEFECTS WILL BE CORRECTED, OR THAT THE PORTALS ARE FREE OF VIRUSES OR OTHER POTENTIALLY HARMFUL COMPONENTS. NO ADVICE OR INFORMATION, WHETHER ORAL OR WRITTEN, OBTAINED FROM GOODDATA OR THE PORTALS SHALL CREATE ANY WARRANTY NOT EXPRESSLY STATED IN THESE TERMS OF SERVICE. Some jurisdictions don’t allow the exclusion of implied warranties, so some of the above exclusions may not apply to you.
(c) No Indirect Damages. TO THE EXTENT PERMITTED BY LAW, IN NO EVENT SHALL WE BE LIABLE FOR ANY INDIRECT, PUNITIVE, OR CONSEQUENTIAL DAMAGES, INCLUDING LOST PROFITS OR BUSINESS OPPORTUNITIES.
(d) Limitation of Liability. IF, NOTWITHSTANDING THE OTHER TERMS OF THESE TERMS WE ARE DETERMINED TO HAVE ANY LIABILITY TO YOU OR ANY THIRD PARTY, THE PARTIES AGREE THAT OUR AGGREGATE LIABILITY WILL BE LIMITED TO ONE HUNDRED DOLLARS.
YOU UNDERSTAND AND AGREE THAT ABSENT YOUR AGREEMENT TO THIS LIMITATION OF LIABILITY, WE WOULD NOT PROVIDE THE PORTALS TO YOU. Some jurisdictions don’t allow the exclusion or limitation of liability for consequential or incidental damages, so some of the above may not apply to you.
10. General.
(b) Applicable Law. If you use the Portals for business purposes: These Terms and your relationship with GoodData under these Terms shall be governed by the laws of the State of California, U.S.A., without regard to its conflict of laws provisions. You and GoodData agree to submit to the exclusive jurisdiction of the courts located within the county of San Francisco County, California, U.S.A., to resolve any legal matter arising from these Terms. Notwithstanding this, you agree that GoodData shall still be allowed to apply for injunctive remedies (or an equivalent type of urgent legal relief) in any jurisdiction.
If you use the Portals for personal purposes: The courts in some countries will not apply California law to some types of disputes. If you reside in one of those countries, then where California law is excluded from applying, your country’s laws will apply to such disputes related to these terms. Otherwise, you agree that the laws of California, U.S.A., excluding California’s choice of law rules, will apply to any disputes arising out of or relating to these Terms or the Portals. Similarly, if the courts in your country will not permit you to consent to the jurisdiction and venue of the courts in San Francisco County, California, U.S.A., then your local jurisdiction and venue will apply to such disputes related to these terms. Otherwise, all claims arising out of or relating to these Terms will be litigated exclusively in the federal or state courts of San Francisco County, California, U.S.A., and you and GoodData consent to personal jurisdiction in those courts.
(c) Compliance with Applicable Laws. You shall comply with all applicable foreign and domestic laws (including without limitation, export laws), governmental regulations, ordinances, and judicial administrative orders. Export laws and regulations of the United States and any other relevant local export laws and regulations may apply to the Portal Content and the GoodData products and services. You will comply with the sanctions programs administered by the Office of Foreign Assets Control (OFAC) of the US Department of the Treasury. You will not directly or indirectly export, re-export, or transfer the Portal Content or the GoodData products and services to prohibited countries or individuals or permit use of the Portal Content or the GoodData products and services by prohibited countries or individuals.
(d) Severability. If any part of these Terms is determined to be invalid or unenforceable by applicable law, then the invalid or unenforceable provision will be deemed superseded by a valid, enforceable provision that most closely matches the intent of the original provision, and the remainder of these Terms will continue in effect.
(e) Consent to Electronic Communications and Solicitation. You understand and expressly agree that we may send you communications or data regarding the Portals via electronic mail. You agree that all such notices, disclosures and other communications that GoodData provides to you electronically satisfy any legal requirement that such communications be in writing.
(f) Entire Agreement. These Terms constitute the entire agreement between us for the Portals and supersede all other proposals and agreements, whether electronic, oral or written, between us. We object to and reject any additional or different terms proposed by you, including those contained in your purchase order, acceptance or website. It is the express wish of both you and us that these Terms and all related documents be drafted in English.
(g) No Third Party Beneficiaries. Nothing in these Terms, express or implied, is intended to or shall confer upon any person or entity (other than the parties hereto) any right, benefit or remedy of any nature whatsoever under or by reason of these Terms.
GoodData Enterprise Shield Add-Ons Terms
Version 1.0
Effective February 22nd 2022
DownloadTable of Contents
1. DESCRIPTION
2. YOUR RESPONSIBILITIES UNDER MANAGED ENTERPRISE SHIELD
2.1. You are required to separately purchase Professional Services implementation package and/or Success Advisory services to allow GoodData to develop and maintain the Data Product.
2.2. You will not implement any changes to the Data Product beyond the customization of dashboards, reports and metrics. For any changes to the data loading and data transformation processes, You will engage GoodData personnel as described in 2.1
2.3. When integrating the Data Product into Your environment, You will follow the applicable requirements in accordance with the Protocol. Furthermore, You should consider GoodData’s recommendation with respect to the requirements of the Protocol, as well as Your internal security and compliance standards and practices, and decide whether a corrective action is needed.
2.4. You will at all times remain responsible for following Your own internal security and compliance processes, standards, and policies in areas outside the scope of the Data Product’s implementation in accordance with the Protocol.
2.5. You assume full responsibility for the confidentiality, integrity, and availability of Your Customer Data in the Subscription Services to the extent it may be affected by Your or Your Users acts or omissions, including Your settings, configurations, or modifications to the Subscription Services, the Data Product, or any systems used to access or upload Customer Data to the Subscription Services.
3. SELF-SERVICE ENTERPRISE SHIELD INITIAL IMPLEMENTATION PROCESS
3.2. Scenario 2. This Section 3.2 describes the Self-Service Enterprise Shield implementation for existing Managed Enterprise Shield customers and new customers whose Data Product relies on ADS:
3.3. Scenario 3. This Section 3.3 describes the Self-Service Enterprise Shield implementation for existing customers who use ADS and do not have any Enterprise Shield Add-Ons:
3.3.1. Setup Package and PS Hours. If Your Data Product relies on ADS You will be required to purchase an Enterprise Shield “Setup Package” and Professional Services hours in order for GoodData to review the Data Product and implement any changes necessary to bring the Data Product into Compliance with the Protocol.
3.3.2. GoodData will provide You with all credentials and access tokens necessary to manage the Data Product. Whenever possible and practical, You must change the passwords, rotate the keys and to implement additional technical safeguards, such as IP whitelisting and access monitoring using the audit events API.
3.3.3. Upon delivery, You will assume responsibility for the Data Product’s Compliance with the Protocol going forward subject to Section 6 below.
4. YOUR RESPONSIBILITIES UNDER SELF-SERVICE ENTERPRISE SHIELD
4.3. You assume full responsibility for the confidentiality, integrity, and availability of Your Customer Data in the Subscription Services to the extent it may be affected by Your or Your Users acts or omissions, including Your settings, configurations, or modifications to the Subscription Services, the Data Product, or any systems used to access or upload Customer Data to the Subscription Services.
5. PROTOCOL REVIEWS AND MAINTENANCE REQUIREMENTS UNDER SELF-SERVICE ENTERPRISE SHIELD
5.1.2. In addition to the Protocol review conducted during the initial implementation as described in Section 2, You may request additional Protocol reviews no more than once in any 12 month period for no additional charge. More frequent Protocol reviews must be charged against Success Advisory hours. These subsequent reviews may be planned by You at Your own discretion and must be aligned with changes to the Data Product that may potentially bring it out of Compliance.
5.2. Protocol Compliance. During the applicable Subscription Term, You will: (a) ensure that the Data Product Complies with the Protocol throughout the Data Product’s lifecycle, and (b) monitor the GoodData Documentation portal, release notes, and service notifications and advisories.
5.3. Failure to Comply. If the Data Product is not in Compliance with the Protocol, then with respect to Sensitive Personal Data, GoodData will not be liable for any warranties, indemnities, or other liabilities or obligations under the Agreement that may arise during or result from any period of non-Compliance.
6. PROFESSIONAL SERVICES AND CUSTOMER SUCCESS ADVISORY HOURS
6.2. Scope of Services. Success Advisory services are limited to consultation and advice (including diagnostics and troubleshooting), but do not include any changes to Your production environment, implementation work, or software development conducted by GoodData personnel. You must engage GoodData’s Professional Services team for any services outside the scope of Success Advisory services and purchase the requisite number of Professional Services hours.
7. SWITCHING FROM SELF-SERVICE ENTERPRISE SHIELD TO MANAGED ENTERPRISE SHIELD
7.2. If You need assistance in deploying the Data Product into production, You must switch to the Managed Enterprise Shield Add-On as described above until the Data Product Goes Live.
8. DEFINITIONS
8.1. “Comply” or “Compliance” (and derivatives thereof) will mean that (a) a Protocol review has been requested and completed, and (b) following a Protocol review, (i) all requirements for which the Data Product has been deemed “Non-Compliant” by GoodData have been corrected (if any); and (ii) all requirements for which the Data Product has been deemed “Partially Compliant” (if any) have been addressed. The terms “Non-Compliant” and “Partially Compliant” are defined in Section 4 above.
8.2. “Data Product” means Your software product or software-as-a-service solution which is integrated into, or interacts directly with, the Subscription Services.
8.3. “Go-Live” and derivatives thereof refer to a Data Product becoming generally available to Your Users.
8.4. “Protocol” means (a) the GoodData Enterprise Shield security and compliance protocol published on the GoodData Support Portal, which describes appropriate measures and safeguards with respect to a Data Product’s use of the Subscription Services in conjunction with Sensitive Personal Data based on industry standards and best practices; and (b) additional security or compliance requirements GoodData may provide specific to You. The Protocol may not include Your internal processes, controls, policies, or standards.
GoodData Patents
Version 1.1
Effective April 27th 2022
DownloadTable of Contents
- US Patent No. 9,870,543
- US Patent No. 10,810,522
- US Patent No. 9,286,329
- US Patent No. 10,121,157
GoodData Platform Product Specific Terms
Version 1.5
Effective October 24th 2024
DownloadTable of Contents
GoodData Platform Product Specific Terms
Last updated October 24,2024
Free | The Free Subscription Plan includes:
No additional purchases are possible in the Free Subscription Plan. |
Growth | The Growth Subscription Plan includes:
|
Enterprise | The Enterprise Subscription Plan includes:
|
- 1TB of ADS storage in production environment (“PROD”);
- 50GBs of ADS storage in development environment (“DEV”); and
- 50GBs of ADS storage in testing environment (“TEST”).
- Managed Enterprise Shield. Under this Add-On, the GoodData Professional Services team manages the initial development of the Data Product via an implementation package , and the GoodData Customer Success team handles daily maintenance and ad-hoc updates under a “Success Advisory Package”. Company does not directly administer its Data Product. For any new development or major changes, Company will need to purchase additional Professional Services hours. During the applicable Subscription Services Term, GoodData remains fully responsible for the Data Product’s Compliance with the Protocol subject to its compliance with the relevant Managed Enterprise Shield terms and conditions.
- Self-Service Enterprise Shield. Company can switch from the Managed Enterprise Shield Add-On as described above to the Self-Service Enterprise Shield Add-On once the Data Product Goes Live. Company can also start with the Self-Service Enterprise Shield Add-On if it chooses to develop its Data Product independently. In either case, once the Data Product Goes Live, Company will manage daily maintenance and ad-hoc updates, submit its Data Product for periodic Protocol reviews as described below, and will otherwise become fully responsible for the Data Product’s Compliance with the Protocol. The Enterprise Shield Add-On is applicable per one Data Product, covers up to 1000 Workspaces, and can be purchased repeatedly.
- Self-Service Enterprise Shield customers with ADS may only use Automated Data Distribution for loading Customer Data from ADS to Workspace
- No customer code: Self-Service customers may not use CloudConnect executors (legacy technology) and may only use Ruby bricks developed by GoodData. If GoodData develops a custom Ruby brick for Company, GoodData will continue maintaining the brick as instructed by Company and subject to maintenance fees.
- During the transition period from Managed to Self-Service Enterprise Shield or initial implementation of Self-Service Enterprise Shield by the GoodData Professional Services team, Company may have access to an administrative account solely for the purposes of User and Customer Data provisioning. Prior to the completion of the transition, any modifications to Company's solution and/or its Customer Data flow by Company are strictly prohibited and GoodData disclaims any and all warranties or liability to Company if it makes any such prohibited modifications.
Workspace Power Tier | Compute Units* |
Basic | 12 |
Strong | 150 |
Premium | 300 |
Ultra | 1500 |
GoodData Cloud Product Specific Terms
Version 1.13
Effective October 24th 2024
DownloadTable of Contents
GoodData Cloud Subscription Plans | |
GoodData Cloud Trial |
|
GoodData Cloud Internal Analytics Subscription Plans | |
GoodData Cloud Internal Analytics - Startup |
|
GoodData Cloud Internal Analytics - Professional |
|
GoodData Cloud Internal Analytics - Enterprise |
|
GoodData Cloud Embedded Analytics Subscription Plans | |
GoodData Cloud Embedded Analytics - Professional |
|
GoodData Cloud Embedded Analytics - Enterprise |
|
An User means an employee, consultant, contractor, or agent who is authorized to access and use GoodData Cloud by Company.
GoodData Cloud allows the Company to either connect its existing OIDC-supported identity and access management tool (“IAM tool”) provider or use the IAM tool offered by GoodData (except for Enterprise Subscription plans, available only for GoodData Cloud deployments in the United States region), to define Users and User access rights to GoodData Cloud components. Company acknowledges that notwithstanding its selected IAM tool and/or the region for GoodData Cloud deployment, the first User account in the Company's GoodData Cloud instance is always deployed by GoodData in the United States region. Company may purchase additional access for Users through the GoodData IAM tool as an add-on.
FlexQuery and FlexCache
FlexQuery is the computational component of GoodData Cloud. FlexQuery utilizes FlexCache, an multi-tiered analytics cache. FlexCache feature includes a number of query set results (“Result(s)”) as specified in the table above. Company may purchase additional Results for FlexCache as an add-on in the quantities of 5,000 Results. Company that requires more than 10,000 Results in its Subscription Plan needs to purchase a dedicated cluster.
Usage Analytics
Usage Analytics Add-On provides high-level information about Company's usage of Subscription Services. Usage Analytics Add-On cannot be used together with HIPAA Add-On or if the Company opts out from Usage Data collecting. Company acknowledges that notwithstanding the region for GoodData Cloud deployment, Usage Analytics feature always runs in the data center in the United States region. Usage Analytics may be affected by individual User preferences settings on User devices. If Company customizes or develops any enhancements for the Usage Analytics Add-On, GoodData does not provide a guarantee that such customized solution will remain compatible with subsequent updates or versions of the Usage Analytics Add-On or functioning if GoodData discontinues the Usage Analytics Add-On.
GoodData Cloud Support Policies and Service Level Commitment
Version 1.9
Effective October 20th 2023
DownloadTable of Contents
Last Updated: October 20, 2023
GoodData Cloud Trial Support Policy
1. Scope of Support.
2. Community Support Forums.
3. Updates to the Support Policy.
GoodData Cloud Startup and Professional Support Policy
1. Scope of Support.
2. Community Support Forums.
3. GoodData Support.
4. Updates to the Support Policy.
GoodData Cloud Enterprise Support Policy
1. Scope of Support.
3. How Requests Are Logged and Tracked.
4. Severity Levels and Response Times.
Table 1: Severity Levels and Target Response Times | |
Severity Levels | Target Response Times |
Severity Level 1 | Within 1 hour, 24x7, 365 |
Severity Level 2 | Within 4 **Business Hours |
Severity Level 3 | Next **Business Day |
- Severity Level 1 is an emergency condition related to an error in the Services that makes the use or continued use of any one or more functions of the Services impossible. In such cases, Support personnel will provide incremental updates in the Support ticketing system for all Company Support tickets classified as a Severity Level 1 issue every 20-30 minutes until the Services is operational again. Examples include the Services being completely inaccessible to Company Users due to an error on GoodData end.
- Severity Level 2 is, other than any Severity Level 1 issue, any condition that makes the use or continued use of any one or more critical areas of functionality of the Services inoperable and threatens future productivity. Example is inability to create new Workspaces or reports.
- Severity Level 3 is, other than any Severity Level 1 or Severity Level 2 issue, a minor problem condition or documentation error that the Company can easily circumvent or avoid. Examples include product enhancements, usage questions, and cosmetic problems.
5. GoodData Support Forums.
6. Updates to the Support Policy.
GoodData Cloud Startup and Professional Availability
1. Availability.
2. Notices.
3. Subscription Services Technical Limits.
4. Updates.
GoodData Cloud Enterprise Service Level Commitment
1. Availability.
2. Downtime Measured.
3. Notices.
4. Updates.
GoodData.CN Support Policies
Version 1.3
Effective October 19th 2023
DownloadTable of Contents
GOODDATA SUPPORT POLICY FOR GOODDATA.CN GROWTH EDITION
1. Scope of Support.
2. Community Support Forums.
3. Updates to the Support Policy.
GOODDATA SUPPORT POLICY FOR GOODDATA.CN ENTERPRISE
1. Scope of Support.
2. Contacting GoodData Support.
3. How Requests Are Logged and Tracked.
4. Response Times.
5. Updates to the Support Policy.
GoodData Platform Support Policies and Service Level Commitment
Version 1.1
Effective July 12th 2022
DownloadTable of Contents
GoodData Support Policies and Service Level Commitment for GoodData Platform
GOODDATA SUPPORT POLICY FOR GOODDATA PLATFORM FREE SUBSCRIPTION PLAN
1. Scope of Support.
2. Community Support Forums.
3. Updates to the Support Policy.
GOODDATA SUPPORT POLICY FOR GOODDATA PLATFORM GROWTH SUBSCRIPTION PLAN
1. Scope of Support.
2. Community Support Forums.
3. GoodData Support.
4. Updates to the Support Policy.
GOODDATA SUPPORT POLICY FOR GOODDATA PLATFORM ENTERPRISE PLAN
1. Scope of Support.
2. Contacting GoodData Support.
3. How Requests Are Logged and Tracked.
4. Severity Levels and Response Times.
Table 1 Severity Levels and Target Response Times | |
Severity Levels | Target Response Times |
Severity Level 1 | Within 1 hour, 24x7, 365 |
Severity Level 2 | Within 4 **Business Hours |
Severity Level 3 | Next **Business Day |
- Severity Level 1 is an emergency condition related to an error in the Subscription Services that makes the use or continued use of any one or more functions of the Subscription Services impossible. In such cases, Support personnel will provide incremental updates in the Support ticketing system for all customer Support tickets classified as a Severity Level 1 issue every 20-30 minutes until the Subscription Services is operational again. Examples include the Subscription Services being completely inaccessible to Your Users due to an error.
- Severity Level 2 is, other than any Severity Level 1 issue, any condition that makes the use or continued use of any one or more critical areas of functionality of the Subscription Services inoperable and threatens future productivity. Examples are failures of data connectors that prevent loading or syncing of new data into customer Workspaces.
- Severity Level 3 is, other than any Severity Level 1 or Severity Level 2 issue, a minor problem condition or documentation error that the customer can easily circumvent or avoid. Examples include product enhancements, usage questions, and cosmetic problems.
5. GoodData Support Portal.
6. GoodData Support Forums.
7. Updates to the Support Policy.
GOODDATA SERVICE LEVEL COMMITMENT
1. Availability.
2. Scheduled and Unscheduled Maintenance.
3. Downtime Measured.
4. Notices.
5. Exclusion of Trial and Demo Accounts.
6. Subscription Services “Platform Limits".
7. Updates to the Service Level Commitment.
GoodData.CN Product Specific Terms
Version 1.9
Effective October 24th 2024
DownloadTable of Contents
GoodData.CN Product Specific Terms
GoodData.CN Editions | |
GoodData.CN ENTERPRISE Edition | The GoodData.CN ENTERPRISE Edition includes:
|
GoodData Vulnerability Reporting Policy
Version 1.3
Effective October 18th 2024
DownloadTable of Contents
GoodData Vulnerability Reporting Policy
- Please report any potential security vulnerabilities to us via security@gooddata.com. When appropriate or necessary due to the nature of the issue, feel free to encrypt your report using our public PGP key.
- Our team will confirm the receipt and forward the report to the Security Operations Team for their review and investigation. Based on the nature of your report, we will get back to you as soon as practicable to validate and confirm the issue.
- If the issue is identified by us as a qualifying issue (as further defined below) and accepted by us, we will schedule a fix in line with our internal patch management practices. We will keep you informed about the progress.
- Please note that any information about the issue while we are working on the fix is considered to be GoodData confidential information and cannot be disclosed unless otherwise approved by GoodData in writing.
Please be aware that you must comply with the legal terms applicable to the specific product or services (see: https://www.gooddata.com/legal/) at all times; particularly, you must not take any actions that might cause an overload, disruption or denial of service of our systems, resulting in an unauthorized access to data belonging to another customer or have a similarly adverse effect on our services or other customers.
Safe Harbor
You are expected, as always, to comply with all laws applicable to you, and not to disrupt or compromise any data beyond what this policy permits.
That said, if legal action is initiated by a third party, including law enforcement, against you because of your reporting under this policy, and you have sufficiently complied with this policy (i.e. have not made intentional or bad faith violations), we will take steps to make it known that your actions were conducted in compliance with this policy.
Although we consider submitted reports both confidential and potentially privileged documents, and protected from compelled disclosure in most circumstances, please be aware that a court could, despite our objections, order us to share information with a third party.
Please contact us at security@gooddata.com before engaging in conduct that may be inconsistent with or unaddressed by this policy. We reserve the sole right to make the determination of whether a violation of this policy is accidental or in good faith, and proactive contact to us before engaging in any action is a significant factor in that decision. If in doubt, ask us first!
Guidance for Reporting
When reporting a potential security vulnerability, please always provide the following information:
- Description of the issue (“what have you observed”);
- Potential impact of the issue (“what is the risk to GoodData or our customers”);
- Detailed reproduction steps (“how can we check that the issue is valid”); and
- Your contact details.
Qualifying and Non-Qualifying Issues
The table below lists the types of vulnerabilities for which we are accepting the reports. Please do not submit any potential issues which are listed as non-qualifying; we will not be following up on such reports. Thank you for your understanding.
Qualifying Issues | Non-Qualifying Issues |
|
|
Hall of Fame
We would like to recognize the following professionals for their valuable contributions to GoodData security:
2017
- Stanko Jankovic
2020
- Robin Joseph
2021
- VISA Security team
- Robin Joseph
2022
- Deepak Kumar
- VISA Security Team
2024
- eSecurify Technologies
FREE Terms of Use
Version 1.0
Effective October 6th 2020
DownloadTable of Contents
THIS DOCUMENT CONTAINS GOODDATA FREE TERMS OF USE, DATA PROCESSING ADDENDUM WITH STANDARD CONTRACTUAL CLAUSES, AND SUPPORT TERMS. BY CHECKING THE BOX "I HAVE READ AND AGREE TO THE GOODDATA TERMS OF USE AND PRIVACY POLICY" ON THE FREE SIGNUP PAGE, YOU CONFIRM THAT YOU HAVE READ AND AGREE TO ALL CONTENTS OF THIS DOCUMENT.
(a) “Affiliates” means any entity that directly or indirectly controls, is controlled by, or is under common control with the subject entity; for purposes of this definition, “control” means direct or indirect ownership or control of more than 50% of the voting interests of the subject entity)
(b) “Customer” means a customer of Yours to whom you offer the Subscription Services along with your product or offering and whom is bound by applicable terms and conditions meeting the requirements set forth in this Agreement.
(c) “Customer Data” means any and all data and information that is entered or loaded into the Subscription Services by or for You or a Customer. Customer Data excludes Usage Data.
(d) “Deliverables” means the guides, code (including SQL queries) or other deliverables that GoodData provides to You in connection with Subscription Services. For clarity, GoodData may use compilers, assemblers, interpreters and similar tools to develop Deliverables. The term “Deliverables” does not include such tools.
(e) “Supplemental Terms” means any operating rules, policies and procedures that may be published from time to time on our website by us, each of which is incorporated by reference and each of which may be modified from time to time without notice to You.
(f) “Third Party Applications” means separate services or applications (and other consulting services related thereto), procured by You from a party other than GoodData that can be used in connection with the Subscription Services.
(g) “Usage Data” means anonymized, de-identified or aggregated data information collected or generated by or on behalf of GoodData for purposes of providing, measuring or improving GoodData products and services, including development of analytics, benchmarking performance, or preparing statistics or system metrics. For the avoidance of doubt, "Usage Data" shall not include any personally identifiable information of You or any Customer.
(e) Updates to Subscription Services. GoodData reserves the right, in its sole and absolute discretion, to make necessary unscheduled changes, updates or enhancements to the Subscription Services at any time. GoodData may add or remove functionalities or features and may suspend or stop a Subscription Service altogether.
(f) Subscription Service Notices. GoodData and its third party providers may send You electronic communications about the Subscription Services. If You choose to opt-out of receiving such messages, or do not register to receive communications, You accept all liability caused by or associated with foregoing such communications.
(g) Account Passwords. You will generate and grant password(s) for each of You and Your Customers access to and use of the Subscription Services. GoodData will not incur any liability to You if You or Your Customer fails to maintain the confidentiality of its password for the Subscription Services. You agree to immediately notify GoodData of any unauthorized use of the Subscription Services by contacting GoodData at: support@gooddata.com.
(h) Tools, SDKs, and Other Software. GoodData may, in its sole discretion, make available to You for Your convenience certain software tools, software development kits (SDKs), and similar software for download (“Other Software”). Such Other Software are not deemed GoodData Technology, or Subscription Services, and such Other Software will be separately licensed to You. To the extent any Other Software contains components authored by third parties and licensed to GoodData, they may be subject to additional terms, which terms may be set forth in the third party notice file(s) that may accompany the Other Software. You acknowledge and agrees that Your use of such Other Software is subject to Your compliance with any such additional terms.
(i) Previews. GoodData may make available to You certain products, features, services, software, regions or cloud providers that are not yet generally available, including such products, features, services, software, regions or cloud providers that are labeled as “private preview,” “public preview,” “pre-release” or “beta” (collectively, “Previews”). You may access and use Previews solely for your internal evaluation purposes and in accordance with the Preview Terms. In the event of any conflict between this Agreement and the Preview Terms, the Preview Terms shall govern and control solely with respect to the Previews.
(j) Third Party Applications. GoodData may also provide URL links or interconnectivity within the Subscription Services to facilitate Your use of Third Party Applications, at Your sole discretion. Notwithstanding the foregoing, any procurement or use of Third Party Applications are solely between You and the applicable third party and GoodData will have no liability for such Third Party Applications.
(k) Marketing. GoodData may use and display Your name, logo, trademarks, and service marks on GoodData’s website and in GoodData’s marketing materials in connection with identifying You as a customer of GoodData. Upon Your written request, GoodData will promptly remove any such marks from GoodData’s website and, to the extent commercially feasible, GoodData’s marketing materials. If GoodData reasonably requests, You agree to participate in a case study, press release and/or similar activities.
(b) Restrictions. You shall not (i) copy, edit, modify, adapt, translate, port, reproduce (except as necessary for installation), distribute, transfer, lend, sell, sublicense, assign or otherwise transfer any of the GoodData Technology, or any component thereof; (ii) prepare any derivative work based upon the GoodData Technology or any component thereof; (iii) reverse engineer, disassemble, or decompile the GoodData Technology or any component thereof, or attempt to discover or disclose the source code of the GoodData Technology or any component thereof except as permitted by applicable law notwithstanding this prohibition; (iv) encumber, time-share, rent, or lease the rights granted under this Agreement; (vi) use the GoodData Technology in a manner that is in violation of any third party rights of privacy or intellectual property rights; or (vii) remove, obscure, or alter any notice of intellectual property rights present on or in the GoodData Technology or any component thereof.
(c) Feedback. From time to time, GoodData may request that You provide GoodData with verbal and/or written suggestions, comments or other feedback related to GoodData’s existing or prospective GoodData Technology or Subscription Services, including, without limitation, design input, and troubleshooting or other assistance provided in response to support requests (collectively, “Feedback”). You and Your Customers are not obligated to provide GoodData with Feedback. You hereby assign to GoodData all right, title and interest in and to such Feedback. All Feedback is provided “AS IS.” You make no warranties whatsoever about any Feedback.
(d) Trademark License. Each party hereby grants to the other, subject to the terms and conditions set forth in this Agreement, a temporary, limited, revocable, nonexclusive, non-transferable, worldwide license, without the right to sublicense, to use, during the Term of this Agreement, their respective trademarks, service marks and logos (collectively referred to as “Marks”) on their respective web sites and in mutually agreed-upon collateral sales materials. You will only use and display GoodData’s Marks and copyrighted information in accordance with the applicable guidelines provided by GoodData. Each party will ensure that proper trademark and copyright notices are displayed at all times. All of the benefit and goodwill associated with a party’s use of the other party’s Marks will inure entirely to the Mark owner.
(e) Customer Data. You shall own and retain ownership of all right, title, and interest in and to the Customer Data. Subject to the terms of this Agreement, You hereby grant to GoodData and its Affiliates a non-exclusive, worldwide, royalty-free right to collect, store, process and disclose the Customer Data solely to the extent necessary to provide the services to You or as may be required by law. The foregoing license includes the right to share Your contact information with third party service providers solely for the purposes of providing You or Your Customers with information about the Subscription Services. You shall ensure that GoodData has the right to access and use Your and Your Customers’ account information and any data You or Your Customer upload to the Subscription Services for the purposes of delivering the Subscription Services, responding to any technical problems, troubleshooting, and testing. You are solely responsible for the accuracy, content and legality of all Customer Data. You warrant that You have and will have sufficient rights in the Customer Data to grant the rights to GoodData under this Agreement and that the Customer Data and its use in the Subscription Services will not violate the rights of any third party.
(b) Restrictions. You will not make any representations or warranties regarding the GoodData Technology and Subscription Services beyond those contained in this Agreement or published materials made available to You as part of the Program. You shall not engage in, and shall contractually restrict each Customer from engaging in: (A) sending or storing infringing, obscene, threatening, libelous, or otherwise unlawful or tortious material, including material harmful to children or violative of third party privacy rights; (b) sending or storing material containing malware or any other harmful computer code, files, scripts, agents or programs; (C) interfering with or disrupting the integrity or performance of the Subscription Services or the data contained therein, or unreasonably burdens the infrastructure utilized by GoodData to deliver the Subscription Services.
(c) Access; Security. You are responsible for all activities conducted under all login credentials assigned to or created by You and Your personnel, including as a result of any sharing of login credentials, or failure to adequately safeguard login credentials. You shall not (i) permit the concurrent use of a single login credential, or time-sharing of the GoodData Technology; (ii) attempt to circumvent the authentication required to access the GoodData Technology or other security measures of the GoodData Technology, or (iii) authorize or permit any person or entity to do any of the foregoing.
(d) No Personal Information. You expressly acknowledge and agree that You and Your Customers shall not submit to or process via the Subscription Services, and GoodData shall neither accept nor have any liability to You or Your Customers for, any data that is Personal Information (as defined below) or any Protected Health Information subject to the Health Insurance Portability and Accountability Act (“HIPAA”) (where “Protected Health Information” or “PHI” has the meaning set forth in HIPAA), unless and until You purchase the GoodData platform and services package intended for the processing and distribution of such data. As used herein, “Personal Information” means personal information as defined under applicable regulation, including the EU General Data Protection Regulation or California Consumer Privacy Act.
(e) Suspension. GoodData may immediately and upon notice suspend all or portion of Your or Your Customer’s access to the Subscription Services (without any liability to You or Your Customer in connection with such suspension), if GoodData has a good faith belief that You or Your Customer has breached the restrictions in this Section 5.
1.2. Workspace Data Upload Rate means the daily average of the number of Customer Data uploads into a Workspace measured on a monthly basis.
1.3. Users mean Your and/or Your Customers’, employees, consultants, contractors, or agents who are authorized by Your or Yours Affiliates to access and use the Subscription Services and who have been supplied user identifications and passwords by You for such purpose, in accordance with this Schedule A.
1.4. Workspace Customer Data Size means the total size of Customer Data uncompressed stored analytic data in the Workspace database. Technical artifacts like indexes, projections, and caches are not included.
...PRODUCT | ...DESCRIPTION | ...QUANTITY |
---|---|---|
GOODDATA FREE Workspace | Workspace Customer Data Size of up to 100MB per Workspace Workspace Data Upload Rate of 4 uploads per day Computational power for 2 simultaneous individual reports | 5 |
GOODDATA FREE Support | GOODDATA FREE Support for 6 months from the effective date of this Schedule A | n/a |
'personal data', 'special categories of data', 'process/processing', 'controller', 'processor', 'data subject' and 'supervisory authority' shall have the same meaning as in the applicable data protection law on the protection of individuals with regard to the processing of personal data and on the free movement of such data.
'the data exporter' means the controller who transfers the personal data.
'the data importer' means the processor who agrees to receive from the data exporter personal data intended for processing on his behalf after the transfer in accordance with his instructions and the terms of the Clauses and who is not subject to a third country's system ensuring adequate protection within the meaning of Article 25(1) of Directive 95/46/EC.
'the subprocessor' means any processor engaged by the data importer or by any other subprocessor of the data importer who agrees to receive from the data importer or from any other subprocessor of the data importer personal data exclusively intended for processing activities to be carried out on behalf of the data exporter after the transfer in accordance with his instructions, the terms of the Clauses and the terms of the written subcontract.
'the applicable data protection law' means the legislation protecting the fundamental rights and freedoms of individuals and, in particular, their right to privacy with respect to the processing of personal data applicable to a data controller in the Member State in which the data exporter is established.
'technical and organizational security measures' means those measures aimed at protecting personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing.
- Prospects, customers, business partners and vendors of data exporter (who are natural persons);
- Employees or contact persons of data exporter’s prospects, customers, business partners and vendors; and
- Employees, agents, advisors, freelancers of data exporter (who are natural persons).
- First and last name
- Title
- Position
- Employer
- Contact information (company, email, phone, physical business address)
- ID data
- Professional life data
- Personal life data (including but not limited to home addressed, personal phone numbers, resumes, attendance records, bank details, medical information)
- Connection data
- Localization data
Pay-By-Link Additional Terms
Version 1.1
Effective August 31st 2023
DownloadTable of Contents
General terms
Privacy Policy
Delivery Information
Refund and Cancellation Policy
Contact Information
Whistleblowing at GoodData
Version 1.3
Effective September 10th 2024
DownloadTable of Contents
Effective: December 15, 2023
- Via email at whistleblowing@gooddata.com
- Verbally through the phone number +420 778 760 979
- Personally at GoodData's office in Brno (Moravské nám. 690/15 602 00 Brno-Veveří) and/or in Prague (Karolinská 650/1, 186 00 Praha-Karlín) or at another location agreed upon with the incident resolver (you can arrange this through the contact details provided for the incident resolvers above), where the submission of the report will be allowed within a reasonable period after your request, but no later than 14 days.
- Utilizing the reporting system of the Czech Ministry of Justice, available at the following address: https://oznamovatel.justice.cz/.
- Making a report through public disclosure, such as in the media (limited to cases explicitly outlined in § 7 para. 1 letter c) of the Whistleblower Protection Act).
Processing personal data in the whistleblowing agenda
Following personal data categories are typically processed in connection with whistleblowing: name, surname, date of birth, and contact address of the whistleblower; personal data present in the content of the report, including, for example, the identification of the person against whom the report is directed.
Ochrana oznamovatelů v GoodData
- E-mailem na whistleblowing@gooddata.com
- Zavoláním na číslo +420 778 760 979
- Osobně v kanceláři GoodData v Brně (Moravské nám. 690/15 602 00 Brno-Veveří) a/nebo v Praze (Karolinská 650/1, 186 00 Praha-Karlín) nebo na jiném místě dohodnutém s příslušnou osobou, (schůzku si můžete domluvit s příslušnou osobou prostřednictvím uvedených kontaktních údajů výše). Schůzka s Vámi bude uskutečněna v rozumné lhůtě po oznámení Vašeho požadavku, nejpozději však do 14 dnů.
- Systému Ministerstva spravedlnosti dostupného na následující adrese https://oznamovatel.justice.cz/.
- Veřejného zveřejnění, a to například v médiích. Tato možnost je však omezena na případy explicitně uvedené v § 7 odst. 1 písm. c) zákona o ochraně oznamovatelů.
Zpracování osobních údajů
V souvislosti s agendou ochrany oznamovatelů získává GoodData osobní údaje především od oznamovatele, případně na základě vlastní činnosti GoodData při posuzování oznámení.
Účelem zpracování osobních údajů je přijímání, posuzování a vyřizování případů oznámení, vedení evidence oznámení, předcházení protiprávní činnosti (zejména korupci, podvodům nebo neetickému jednání) a vymáhání dodržování právních a interních předpisů a povinností.
V souvislosti s agendou ochrany oznamovatelů jsou obvykle zpracovávány následující kategorie osobních údajů: jméno, příjmení, datum narození a kontaktní adresa oznamovatele; osobní údaje vyskytující se v obsahu oznámení, včetně např. identifikace osoby, proti které oznámení směřuje.
Příjemcem osobních údajů týkajících se agendy ochrany oznamovatelů je určená příslušná osoba, která jednotlivá oznámení přijímá, eviduje, posuzuje jejich oprávněnost, prošetřuje apod. K některým osobním údajům (s výjimkou identifikace oznamovatele) mohou mít na základě rozhodnutí příslušné osoby přístup také pověření a náležitě poučení zaměstnanci GoodData.
Externí příslušné osoby působí jako zpracovatelé osobních údajů zpracovávaných v souvislosti s agendou ochrany oznamovatelů u GoodData.
Osobní údaje mohou být dále poskytnuty soudu, státnímu zastupitelství, policejnímu orgánu, Národnímu bezpečnostnímu úřadu, finančnímu úřadu a finančnímu ředitelství, Úřadu pro ochranu osobních údajů a dalším subjektům na základě zákonných povinností.
UPOZORNĚNÍ: Vzhledem ke specifičnosti zpracování v této oblasti GoodData upozorňuje, že výkon některých práv souvisejících se zpracováním osobních údajů (zejména práva na přístup) a informačních povinností může být omezen z důvodu zákonné povinnosti chránit identitu oznamovatele a dalších osob uvedených v oznámení, aby nedošlo k případnému narušení šetření oznámených informací.
CCPA Employee and Applicant Privacy Notice
Version 1.0
Effective June 26th 2024
DownloadTable of Contents
LAST UPDATED: June 26, 2024
CCPA Employee and Applicant Privacy Notice
GoodData Corporation (“GoodData,” “we” or “us”) hereby adopts this California Consumer Protection Act Employee and Applicant Privacy Notice (the “Notice”) in accordance with the California Consumer Privacy Act of 2018 (“CCPA”, as amended). Any terms defined in the CCPA maintain the same meaning when referenced in this Notice, unless specifically defined otherwise herein.
This Notice exclusively pertains to GoodData's collection, utilization, and sharing of employment-related personal information, and is applicable solely to California residents. This Notice does not extend to individuals residing in other U.S. states or countries, or those who do not engage with GoodData in an employment-related capacity.
This notice is a part and supplement to GoodData's general Privacy Policy. For further details about our privacy practices including what rights you have please see our Privacy Policy and in particular the California Notice of Collection section.
It's important to note that this Notice does not constitute a contractual agreement for contractors nor does it alter the terms of employment for candidates hired by GoodData.
1. Definitions
“Personal Information” or “PI” has the meaning as defined in the CCPA and includes information that is collected by GoodData about you in the course of your application for employment, direct services pursuant to a contract, or other employment-related purposes and encompasses any information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with you.
“Process”, “processed” or “processing” means any operation or set of operations which is performed on Personal Information, whether or not by automated means, such as collecting, recording, organizing, structuring, storing, adapting or altering, retrieving, consulting, using, disclosing by transmission, disseminating or otherwise making available, aligning or combining, restricting, erasing, or destroying of Personal Information.
“Employees”, “employee” or “you” means an identified or identifiable natural person who is a California resident and who is acting as a GoodData job applicant, employee, owner, director, officer, or contractor. In this context “job applicant” refers to any person who has submitted their candidacy with GoodData; “employee” refers to any person who is employed at GoodData as a full or part-time employee or temporary worker; and “contractor” means a natural person who provides any service to GoodData pursuant to a written contract directly with GoodData.
2. Personal Information Categories and Collection Purpose
When an individual applies to join GoodData or during their employment or service with GoodData under a direct contract, GoodData may gather the subsequent categories of Personal Information. GoodData gathers and utilizes this Personal Information solely in accordance with legal permissions and obligations.
A. Identifiers and Contact Information (Including Sensitive Information)
- Collect and process employment applications, including confirming eligibility for employment, background and related checks, and onboarding
- Process payment or payroll and employee benefit plan and program administration, including enrollment and claims handling
- Maintain personnel records
- Comply with record retention requirements required by law
- Communicate with employees and/or employees’ emergency contacts and plan beneficiaries
- Comply with applicable state and federal labor, employment, tax, benefits, workers’ compensation, disability, equal employment opportunity, unemployment claim information requests, workplace safety, and related laws
- Prevent unauthorized access to or use of the GoodData’s property, including the information systems, electronic devices, network, and data
- Ensure employee productivity and adherence to GoodData policies
- Investigate complaints, grievances, and suspected violations of GoodData policy
- Use in the event of a substantial corporate transaction, such as a merger, asset sale, or consolidation
- Respond to valid requests for data pursuant to a subpoena, court order, legal process, law enforcement requests, legal claims, and government inquiries
- Carry out our contractual obligations or enforce our rights arising from any contracts between us
Within this category, a separate dataset of information can be identified, which pertains to characteristics protected under California or federal law, including the following: race, skin color, national origin, religion (includes religious dress and grooming practices), sex/gender (includes pregnancy, childbirth, breastfeeding and/ or related medical conditions), gender identity, gender expression, sexual orientation, marital status, medical condition (such as genetic characteristics, cancer or a record or history of cancer), disability (such as mental and physical including HIV/AIDS, or cancer), military or veteran status, request for family care leave, request for leave for an employee’s own serious health condition, request for pregnancy disability leave, and age.
Collection Purpose:
- Comply with applicable state and federal Equal Employment Opportunity laws
- Design, implement, and promote GoodData’s diversity and inclusion programs
- Investigate complaints, grievances, and suspected violations of GoodData policy
- Administer the employee benefit plan and program design and administration, including leave of absence administration
B. Online Activity Information
This category includes without limitation (i) username and password, account name or number, and other online or device identifiers, (ii) all activity on GoodData’s information systems, such as internet browsing history activity, search history, intranet activity, email communications, stored documents and emails and information regarding interactions with websites and applications, our systems, and networks, and (iii) all activity on GoodData-provided communications systems including call logs, chat logs, and direct messages, application use on company systems, browsing and search history on GoodData systems, email communications via GoodData email systems, and other information regarding an employee’s use of GoodData-issued programs, applications, and systems.
- Facilitate the efficient and secure use of GoodData’s information systems
- Ensure compliance with GoodData information systems policies and procedures
- Comply with applicable state and federal laws
- Prevent unauthorized access to, use, or disclosure/removal of the GoodData’s property, records, data, and information
- Enhance employee productivity
- Investigate complaints, grievances, and suspected violations of GoodData policies
- Verify and maintain the quality, safety, and performance of our products and services, including product and service testing, research, and development
- To monitor work-related software licenses and credentials, including provisioning software licenses for use in the course of an employee’s work-related responsibilities
C. Geolocation Data
This category includes badge access at GoodData offices.
- Improve safety of employees, customers, and the public with regard to access of GoodData properties and equipment therein
- Preventing unauthorized access, use, or loss of GoodData property
- Ensure employee productivity and adherence to GoodData policies
- Investigate complaints, grievances, and suspected violations of GoodData policy
D. Professional and Employment-related Information and Education Information
This category includes without limitation (i) data submitted with employment applications including, employment history, employment recommendations, etc., (ii) background check and criminal history, (iii) work authorization, (iv) professional licenses, (v) educational degrees, (vi) fitness for duty data and reports (upon return from a medical leave of absence), (vii) performance and disciplinary records, (viii) salary and bonus data, (ix) benefit plan enrollment, participation, and claims information and (x) leave of absence information including religious and family obligations, physical and mental health data concerning employee and his/her/their family members. The education information category includes education history and transcripts that are not publicly available.
- Collect and process employment applications, including confirming eligibility for employment, background and related checks, and onboarding
- Employee benefit plan and program design and administration, including leave of absence administration
- Determine compensation, bonus, and other incentive programs
- Maintain personnel records and comply with record retention requirements
- Communicate with employees and/or employees’ emergency contacts and plan beneficiaries
- Evaluate an individual’s appropriateness for hire or promotion to a new position
- Comply with applicable state and federal labor, employment, tax, benefits, workers compensation, disability, equal employment opportunity, workplace safety, and related laws
- Business management
- Prevent unauthorized access to or use of GoodData property, including GoodData information systems, electronic devices, network, and data
- Ensure employee productivity and adherence to GoodData policies
- Respond to client or potential client requests for proposals
- Recruiting, retention, and promotion of employees
- Manage professional development
- Manage conflicts of interest
- Investigate complaints, grievances, and suspected violations of GoodData policies
E. Financial Information
This category includes bank account, billing address, and information about your income and account balances.
- Process payroll
- Manage company expenses, corporate credit cards and expense reimbursements, as well as administering equity, compensation, bonus, and insurance programs
3. Contact and Updates of the Notice
If you have questions about the GoodData privacy policies and procedures, rights you may have regarding your Personal Information or if you would like to make a request about your Personal Information or you wish to exercise your rights under the CCPA please contact GoodData’s Legal Department at privacy@gooddata.com or you may contact Us at:
GoodData Corporation
Attn: Legal Department
333 Kearny Street, Floor 2
San Francisco, CA 94108, USA
This Notice is subject to modification to accommodate alterations in our business operations, legal requirements, or regulatory responsibilities. Therefore, it is advisable to review this Notice regularly for updates. If GoodData plans to gather further categories of your Personal Information or utilize the Personal Information already obtained for supplementary purposes, you will be informed accordingly. Any revisions to this Notice will take effect from the date of communication to you.