This Master Subscription Agreement, including all exhibits and appendices hereto (this “Agreement”) governs your use of Passthrough’s Services. Capitalized terms have the definition set forth herein. By executing an Order Form that references this Agreement, You agree to the terms of this Agreement and will be referred to as “You” or “Customer” in this Agreement. "Party" or "Parties" shall mean, individually, Customer or Passthrough as the context requires and, collectively, Customer and Passthrough.
Passthrough provides an online fund subscription management platform. We provide tools and materials to assist You and/or any third party on whose behalf you are acting with the organization, preparation, tracking, execution, and storage of documents and related information. Any documents, materials, or other information made available by Passthrough are for informational purposes only.
In addition, Passthrough provides an online product to collect customer data and analyze it for compliance with statutes and regulation intended to prevent perpetration of financial crimes.
If You are entering into this Agreement on behalf of a company or other legal entity, You represent that You have the authority to bind such entity and its affiliates to these terms and conditions, in which case the terms “You” and "Customer" shall also refer to such entity and its affiliates. If You do not have such authority, or if You do not agree with this Agreement, You must not accept this Agreement and may not use the Services.
You may not access the Services if You are a competitor of Passthrough, except with Passthrough’s prior written consent. In addition, You may not access the Subscription Services for purposes of monitoring their availability, performance or functionality, or for any other benchmarking or competitive purposes.
This Agreement is immediately effective between You and Passthrough as of the date You sign an initial Order Form governed by this Agreement ("Effective Date").
For good and valuable consideration, the receipt and sufficiency of which is hereby acknowledged, the Parties agree as follows:
“Affiliate” means any entity which directly or indirectly controls, is controlled by, or is under common control with the subject entity.
“Customer Data” means any data, information or other materials submitted by Customer through the Subscription Services including within a Sandbox Account. Customer Data excludes any data or information supplied by or relating to an Investor that the Investor has authorized Passthrough to use for purposes other than subscribing to an investment in the Customer’s Fund.
“Customer Trademarks” means any trademarks that Customer provides Passthrough for the purpose of referring to Customer within the user interface for the Subscription Service.
“Documentation” means Passthrough’s then current on-line help, guides, and manuals published by Passthrough and made generally available by Passthrough for the Subscription Services. Documentation shall include any updated Documentation that Passthrough provides.
“Fees” means the pecuniary compensation Customer is required to pay Passthrough for use or receipt of the Services.
“Fund” means a collective investment fund that invests primarily in securities not registered under the US Federal Securities Laws, whether a venture capital fund, growth equity fund, buyout fund, distressed debt fund, mezzanine fund, or other type of investment fund.
“KYC/AML” is a service that combines components of the Subscription Service and the Professional Services that Passthrough will provide to Customer at an additional charge pursuant to a mutually executed Order Form.
“Investor” means an individual or an entity that provides funds for investment purposes to the Customer through execution of a subscription agreement.
“Order Form” means the ordering documents for Customer purchases from Passthrough that are executed hereunder by Customer and Passthrough from time to time. Order Forms shall be deemed incorporated herein.
“Passthrough” means Passthrough, Inc., a Delaware corporation.
“Passthrough Platform” means the SaaS-based fund closing and KYC/AML platform created by Passthrough.
“Professional Services” includes but is not limited to training, consulting, investor onboarding and/or implementation of subscription documents and services relating to the KYC/AML feature that Passthrough provides to Customer pursuant to a mutually executed Order Form.
“Provider” means a third-party service provider (e.g., law firm or accounting firm), that Customer authorizes to use the Services for the benefit of Customer. Providers shall be deemed Users for purposes of this Agreement.
“Related Party” means directors, officers, employees, Affiliates, successors, assigns of a party.
“Sanctions Lists” are lists of Persons prohibited from engaging in or restricted in their performance of certain business activities and dealings that are issued by various government authorities and may include, subject to Passthrough’s sole discretion, the lists set forth at www.passthrough.com/sanctions-lists
“Sandbox Account” is a full instance of Passthrough’s Subscription Service software account used to perform integration development or testing environment that is separate from Passthrough’s production data.
“Services” means Professional Services and Subscription Services, including KYC/AML if purchased by Customer.
“Subscription Services” means the generally available online, web-based applications and services on passthrough.com or other Passthrough systems that are ordered by Customer pursuant to a mutually executed Order Form.
“Term” means, generally the agreed time period during which the Services are provided. Specifically, with respect to Subscription Services, it means the time period during which Customer may use and access the Subscription Services beginning on the effective date and as set forth in the applicable Order Form. The Subscription Services may automatically deactivate and become non-operational at the end of the Term, and Customer shall not be entitled to access the Subscription Services unless the Term is renewed.
“Users” means Persons who are authorized by Customer to use the Subscription Services on Customer’s behalf or for Customer’s benefit. Users may include but are not limited to employees, consultants, contractors and agents of Customer, or third parties with which Customer transacts business. Users may not include employees, consultants, contractors, representatives or agents of a Passthrough competitor.
2.1 Passthrough shall make the Services available to Customer and its Users pursuant to this Agreement and the applicable Order Form for the duration of the Term.
2.2 Customer agrees that its purchases hereunder are neither contingent on the delivery of any future functionality or feature nor dependent on any oral or written comments made by Passthrough or its representatives regarding future functionality or features.
2.3 Customer shall be responsible for Users' compliance with this Agreement.
2.4 Customer shall not:
2.4.1 Except as permitted by this Agreement, directly or indirectly: sell, rent, lease, transfer, assign, distribute, display, host, outsource, disclose or otherwise commercially exploit or make any aspect of the Services available to any third party other than Users.
2.4.2 Modify, make derivative works of, disassemble, reverse compile, reverse engineer, or subvert the intrinsic security, integrity, or performance of any part of the Services for any purpose including without limitation discovering data to which Customer is not authorized or re-identifying anonymous data.
2.4.3 Access or use the Services to build a similar or competitive product or service.
2.4.4 Copy any features, function or graphics of the Services for any purpose other than what is expressly authorized under this Agreement.
2.4.5 Use the Services in any manner or for any purpose that infringes, misappropriates, or otherwise violates any intellectual property right or other right of any person.
2.4.6 Interfere with or disrupt the integrity or performance of the Services.
2.4.7 Use any e-mail addresses and other contact information provided in connection with the Services:
a. for marketing or advertising purposes, or
b. to send, store, access, post, transmit, link to, or otherwise distribute any spam, unlawful, infringing, obscene or libelous materials, or malware.
2.5 Customer acknowledges and agrees that Passthrough retains all rights, titles, and interests in and to anything used or developed in connection with performing or providing the Services, including but not limited to software programs, interfaces, tools, specifications, ideas, concepts, inventions, processes, techniques, and know-how.
2.6 To the extent Passthrough delivers any output to Customer during the course of performing or providing the Services, Passthrough grants Customer a non-exclusive, non-transferable, worldwide, royalty-free, limited-term license to use those deliverables during the Term.
2.7 Except as expressly stated herein, no aspect of the Services may be copied, reproduced, distributed, republished, downloaded, displayed, posted or transmitted in any form or by any means, including but not limited to electronic, mechanical, photocopying, recording, or other means.
2.8 Customer shall make reasonable efforts to prevent unauthorized access to, or use of, the Services, and notify Passthrough promptly of any such unauthorized access or use.
2.9 In connection with Customer’s use of the Services, Customer shall be responsible for:
2.9.1 the accuracy and legality of Customer Data, including the means by which Customer acquired such data;
2.9.2 complying with all applicable local, state, national and foreign laws, treaties, regulations and conventions, and
2.9.3 any acquisition, implementation, support, or maintenance of third-party products or services purchased by Customer that may interact with the Services.
2.10 Customer’s right to use the Services is subject to and contingent upon Customer’s compliance with the Terms and Conditions specified in the applicable Order Form.
2.11 Access to a Sandbox Account
2.11.1 Where Company gives the Customer access to a Sandbox Account, Customer acknowledges and agrees that:
a. Such access is provided for demonstration and evaluation purposes only.
b. Customer shall not be permitted to use the Sandbox Account for production use.
2.11.2 The Sandbox Account is provided on an “as is” and “as available” basis, without any warranty whatsoever.
2.11.3 Passthrough reserves the right to modify the Sandbox Account at any time without prior notice to the Customer.
2.11.4 In its sole discretion, Passthrough may delete Customer Data stored within a Sandbox Account at any time.
2.11.5 Appendix A does not apply to the use of a Sandbox Account.
2.11.6 Passthrough reserves the right to revoke access to a Sandbox Account at any time, without prior notice.
3.1 Passthrough will control the manner and means by which the Professional Services are performed and reserves the right to determine which personnel are assigned to perform the Professional Services.
3.2 Passthrough may, in its sole discretion, use third parties to perform the Professional Services.
4.1 As part of the KYC/AML service, Passthrough may provide Customer with the following Subscription Services for KYC/AML:
4.1.1 A Sandbox Account to review the KYC/AML workflow.
4.1.2 Software for Investors to submit data about themselves, their investing entity(ies) and the underlying owner(s), officer(s) and director(s).
4.1.3 Automated initial and periodical screening of an Investor’s data against the Sanctions Lists.
4.1.4 Automated initial and periodical screening of Investor’s data to identify:
a. Investors who at the time of screening are generally identified as having been entrusted with prominent public function(s) (“PEP”).
b. Investors that, based on a review of media and other generally available public records, may present a level of adverse risk as assessed by Customer.
4.2 As part of the KYC/AML service, Passthrough may provide Customer with the following Professional Services:
4.2.1 Periodical reviews to determine quality of documentary Investor data.
4.2.2 Periodical assessment of risk associated with the results from screenings listed in sub-paragraph 4.1 and 4.2.1 above.
4.2.3 Initial training to Customer and/or its Providers on how to utilize the KYC/AML service.
4.2.4 Periodical KYC/AML training, the content of which must be mutually agreed upon.
4.3 In its sole discretion, Passthrough may select a provider of databases necessary to perform the Subscription Services described in sub-paragraph 4.1, above. Passthrough may change such provider in its sole discretion, without providing any notice to Customer.
4.4 In its sole discretion, Passthrough may modify, replace or discontinue the parameters employed to perform the Subscription Services described in sub-paragraph 4.1, above, without providing any notice to Customer.
4.5 Information provided about Investors to Customer in connection with the KYC/AML service:
4.5.1 Is Confidential Information, as defined below.
4.5.2 Is for Customers’ use as part of the KYC/AML service and must not be made public by the Customer unless required by applicable law.
4.5.3 Shall be used exclusively for the purposes of detecting or preventing crime, including without limitation:
a. Money laundering,
b. Fraud,
c. Sanctions breaches,
d. Bribery,
e. Corruption, and
f. purposes ancillary thereto.
4.5.4 Will not be used for pre-employment screening, credit referencing, or any other purpose that may constitute a Consumer Report, as such term is defined under relevant Federal and state law. Customer will indemnify Passthrough and/or its data provider on demand for all direct damages and losses incurred as a result of or arising from the Customer’s breach of this provision.
4.6 Passthrough gives no opinion, makes no recommendation and provides no legal or compliance advice in relation to any Investor about whom Passthrough provides any information generally and, specifically, in connection with any aspect of the KYC/AML service, including without limitation information provided in connection with the Subscription Services offered as part of KYC/AML.
4.7 Any information provided by Passthrough about an Investor in connection with Services to a Customer should not be used to draw any automatic conclusion, or relied upon in isolation to make a decision, relating to any Investor flagged or not flagged in the course of Customer's use of the KYC/AML service.
4.8 The component Services enumerated in sub-paragraph 4.1 and 4.2, above may be offered to Customer and priced individually or in combination as specified in a mutually executed Order Form.
5.1 Customer may authorize Provider(s) to use the Services. A Provider's provision of services to Customer related to its use of Services, including but not limited to any terms, conditions, warranties or representations associated with the services it provides and any exchange of data between Customer and such Provider is solely between Customer and the applicable Provider, provided it is not inconsistent with this Agreement.
5.2 Passthrough shall have no liability or obligation for, and does not endorse or accept any responsibility for, any Provider, the contents or use of third-party websites or any transactions completed with any Providers or any third parties.
5.3 Customer is responsible for all acts and omissions by any Provider or other User.
6.1 As between the Parties, Passthrough shall own and retain all right, title and interest in and to the Services and to Passthrough Confidential Information (defined below), including all intellectual property rights. Customer may not duplicate, copy, or reuse any portion of the Services, or visual design elements or concepts without prior written permission from Passthrough. No rights are granted to Customer hereunder other than as expressly set forth in this Agreement.
6.2 As between the Parties, Customer shall own all right, title, and interest in and to any Customer Data and Customer Confidential Information. Customer grants to Passthrough the free, non-exclusive, worldwide right to use, host, store, reproduce, modify, adapt, transmit, communicate, publish, publicly perform, publicly display, distribute, and create derivative works (including but not limited to those resulting from translations, adaptations or other changes Passthrough may make so that Customer’s content works better with the Services) of the Customer Data and Customer Confidential Information without attribution for the purposes of operating, providing, supporting, improving, or developing the Services, including developing additional functionality or services.
6.3 Subject to the confidentiality obligations of this Agreement, Customer agrees that Passthrough may use Customer Data to create aggregated and/or anonymized data, provided that such data does not include information that directly identifies Customer or Customer's Users (“Anonymous Data”), and use and share such Anonymous Data for Passthrough’s legitimate business purposes. Anonymous Data is not Customer Data hereunder and is owned by Passthrough. Customer shall be solely responsible for ensuring that Customer has obtained any legally required third-party consents and made all required disclosures in connection with the foregoing grant.
6.4 Customer acknowledges that Passthrough will process personal information on behalf of Customer pursuant to the Data Processing Agreement attached hereto as Appendix B.
7.1 Subject to the terms and conditions of this Agreement,
7.1.1 Each Party hereby grants to the other a limited, nonexclusive, non-transferable, royalty-free, non-sublicensable right and license to identify the other as a user or customer, as applicable, and to use the other's name and logo in Customer or vendor lists, press releases, blog posts, advertisements, and on their respective websites.
7.1.2 Customer grants Passthrough a non-exclusive, non-transferable, royalty-free, non-sublicensable right to use Customer Trademarks for the purpose of referring to Customer within the Passthrough Platform in connection with the provision of Services.
7.2 Customer may provide Passthrough with suggestions, enhancement requests, recommendations or other feedback regarding the Services or Passthrough Platform (“Feedback”). Customer hereby grants Passthrough an irrevocable, fully-paid, nonexclusive, worldwide, perpetual, sublicensable, transferable, royalty-free right and license to use and incorporate such Feedback into the Services and Passthrough Platform, provided Passthrough, in its sole discretion, decides to do so.
7.3 If Customer is provided access to Passthrough’s API or SDK, the terms of the API Addendum (Appendix C) will apply.
8.1 Customer agrees to pay in advance for Fees in full, without deduction or setoff of any kind, in U.S. Dollars, unless otherwise specified in an Order Form. All Fees under this Agreement are non refundable except as otherwise set forth herein.
8.2 Passthrough's Fees are exclusive of all taxes, levies, or duties imposed by taxing authorities and Customer shall be responsible for payment of all such taxes, levies, or duties, even if such amounts are not listed by Passthrough. If an applicable tax authority requires Passthrough to pay any taxes that should have been payable by Customer, Passthrough will advise Customer in writing, and Customer will promptly reimburse Passthrough for the amounts paid.
8.3 Except as otherwise provided in an Order Form, payment is due within thirty (30) days of Customer’s receipt of the applicable invoice (“Due Date”). If payment is not received by the Due Date, Passthrough reserves the right to, in addition to taking any other action at law or equity, to:
8.3.1 Charge interest on past due amounts at the highest annualized interest rate allowed by law, but no less than one and a half percent (1.5%) per 30-day month.
8.3.2 Charge all expenses of recovery (including attorneys’ fees).
8.3.3 Suspend Customer’s access to the Services until all overdue amounts, including any interest assessed on overdue amounts, are paid in full, and/or
8.3.4 Terminate the applicable Order Form.
8.4 Except as otherwise provided in the applicable Order Form, Fees for any renewal Term shall be:
8.4.1 Subject to an automatic seven percent (7%) increase above the applicable pricing in the prior Term, unless Passthrough provides notice of different pricing at least sixty (60) days prior to the applicable renewal Term, and
8.4.2 Charged automatically at the start of each renewal Term unless otherwise agreed by the Parties.
9.1 During the Term, Passthrough shall provide Customer support to be accessed in the manner and times set forth in the applicable Order Form. Passthrough reserves the right, from time to time, to make modifications to support services (or particular components thereof).
9.2 Passthrough will endeavor to notify Customer of any material modifications to the support services by posting a notice on the Passthrough website.
9.3 Passthrough shall use reasonable commercial efforts to correct at no additional charge any error reported by Customer on a timely basis that was caused by Passthrough and for which Passthrough can reasonably identify a root cause.
9.4 Passthrough shall review all requests for improvements and new functionality, but Passthrough shall have no obligation to provide any modifications to the Services.
10.1 Each Party represents and warrants that:
10.1.1 It has the power and authority to enter into this Agreement.
10.1.2 This Agreement and each Order Form is entered into by an employee or agent of such Party with all necessary authority to bind such Party to this Agreement.
10.1.3 The execution of this Agreement does not violate any other agreement by which it is bound, and
10.1.4 It is a legal entity in good standing in the jurisdiction of its formation.
10.2 Customer represents and warrants that:
10.2.1 It is not a competitor of Passthrough or a Passthrough Affiliate with respect to any of the Services, and
10.2.2 It shall not become Passthrough’s or a Passthrough Affiliate’s competitor with respect to any of the Services, except with Passthrough’s prior written consent.
10.2.3 In addition, Customer represents and warrants that it will not access the Subscription Services for purposes of monitoring their availability, performance or functionality, or for any other benchmarking or competitive purposes.
10.3 Customer represents and warrants that it, its subsidiaries, directors, officers, or employees are not each an individual or entity (“Person”) that is, or is owned or controlled by Person(s) that is (are):
10.3.1 The target of any sanctions administered or enforced by the U.S. Department of the Treasury’s Office of Foreign Assets Control, the U.S. Department of State, the European Union, or His Majesty’s Treasury of the United Kingdom (collectively, “Sanctions”), or
10.3.2 Is located, organized or resident in a country or territory that is the subject of comprehensive territorial Sanctions (currently, Crimea, Cuba, Iran, North Korea, Syria, and the so-called Donetsk People’s Republic and Luhansk People’s Republic ).
10.4 Passthrough warrants that
10.4.1 The Subscription Services:
a. will perform substantially as described in the applicable Documentation when used in the hardware, software and browser operating environment described therein and supported by Passthrough, and
b. the configuration and functionality of the Subscription Services will conform to this Agreement and Appendix A.
10.4.2 In the event of a breach of 10.4.1 a. or b., above, Customer’s sole and exclusive remedies are those described in Section 14 titled “Term and Termination,” except that the only available remedy for failure to comply with the parameters set forth in Appendix A will be those set forth in the Remedies provision of that Appendix.
10.4.3 Notwithstanding the foregoing, Passthrough is not obligated to correct any errors (including those relating to Appendix A) caused by:
a. unauthorized modification to the Subscription Services,
b. Customer modifications that directly or indirectly impact Passthrough’s ability to provide the Services,
c. using the Subscription Services other than as described in the Documentation,
d. non-Passthrough software, or
e. combining the Subscription Services with any other hardware or software not authorized in writing by Passthrough.
EXCEPT AS EXPRESSLY PROVIDED HEREIN, NEITHER PARTY MAKES ANY WARRANTIES OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, AND EACH PARTY SPECIFICALLY DISCLAIMS ALL IMPLIED WARRANTIES, INCLUDING ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT, AND ANY WARRANTIES ARISING OUT OF COURSE OF DEALING, COURSE OF PERFORMANCE OR USE OF TRADE TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW. PASSTHROUGH SHALL HAVE NO RESPONSIBILITY FOR DETERMINING THAT CUSTOMER’S PROPOSED USE OF THE SERVICES COMPLIES WITH APPLICABLE LAWS AND REGULATIONS IN CUSTOMER’S JURISDICTION(S). CUSTOMER ACKNOWLEDGES AND AGREES PASSTHROUGH IS NOT ENGAGED IN PROVIDING LEGAL, COMPLIANCE, ACCOUNTING, TAX, OR FINANCIAL SERVICES OR ADVICE. NO ADVICE OR INFORMATION, WHETHER ORAL OR WRITTEN, PROVIDED BY PASSTHROUGH WILL CREATE ANY WARRANTY OR CONDITION NOT EXPRESSLY STATED IN THIS AGREEMENT.
12.1 LIMIT ON DAMAGES. EXCEPT FOR A BREACH BY CUSTOMER OF OBLIGATIONS IN SECTION 2, THE AGGREGATE, CUMULATIVE LIABILITY OF EACH PARTY (INCLUDING ITS DIRECTORS, OFFICERS, EMPLOYEES, REPRESENTATIVES, AGENTS AND SUPPLIERS) UNDER THIS AGREEMENT, WHETHER IN CONTRACT, TORT, OR ANY OTHER THEORY OF LIABILITY, SHALL BE LIMITED TO THE FEES PAID OR PAYABLE BY CUSTOMER TO PASSTHROUGH DURING THE TWELVE (12) MONTH PERIOD IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO SUCH CLAIM (PROVIDED THAT, IF NO FEES ARE PAID OR PAYABLE, SUCH AMOUNTS WILL BE LIMITED TO FIVE THOUSAND DOLLARS (U.S. $5,000.00)). THE FOREGOING SHALL NOT LIMIT CUSTOMER’S PAYMENT OBLIGATIONS UNDER SECTION 8.
12.2 NO INDIRECT DAMAGES. EXCEPT FOR A BREACH BY CUSTOMER OF OBLIGATIONS IN SECTION 2, IN NO EVENT SHALL EITHER PARTY OR THIRD-PARTY PROVIDERS OF PASSTHROUGH (INCLUDING THEIR DIRECTORS, OFFICERS, EMPLOYEES, REPRESENTATIVES, AGENTS AND SUPPLIERS) BE LIABLE TO ANYONE FOR ANY INDIRECT, PUNITIVE, SPECIAL, EXEMPLARY, INCIDENTAL, OR CONSEQUENTIAL DAMAGES, OR FOR ANY DAMAGES FOR LOSS OF DATA, REVENUE, PROFITS, USE OR OTHER ECONOMIC ADVANTAGE, ARISING OUT OF, OR IN ANYWAY CONNECTED WITH THIS AGREEMENT, INCLUDING BUT NOT LIMITED TO THE USE OR INABILITY TO USE THE SERVICES, REGARDLESS OF CAUSE, WHETHER IN AN ACTION IN CONTRACT OR NEGLIGENCE OR OTHER TORTIOUS ACTION, EVEN IF THE PARTY FROM WHICH DAMAGES ARE BEING SOUGHT OR THE THIRD-PARTY PROVIDER HAVE BEEN PREVIOUSLY ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THE FOREGOING SHALL NOT APPLY TO THE EXTENT PROHIBITED BY APPLICABLE LAW.
12.3 ALLOCATION OF RISK. The provisions of this Agreement fairly allocate the risks between Passthrough, on the one hand, and Customer, on the other. Customer acknowledges and agrees that the pricing of Services reflects this allocation or risk and the limitation of liability specified herein, and that Passthrough would not enter into this Agreement without such allocation and limitation.
13.1 Passthrough shall defend, indemnify and hold Customer harmless against any claims, actions, suits, proceedings, and demands (each a "Claim") made or brought against Customer by anyone other than a Customer’s Related Party against Customer and its Related Parties where the Claim expressly asserts that Services provided infringe such third party’s patent, trademark or copyright arising under the laws of the United States or that Passthrough misappropriated such third party’s trade secrets in the development of the Services that were provided.
13.2 In the event that Passthrough believes the Services, or any part thereof, could be the subject of an infringement or a misappropriation claim as to which Section 13.1 applies, then Passthrough (without admitting any responsibility or liability) may, in its sole discretion:
13.2.1 Procure for Customer the right to continue using the Services or any applicable part thereof under the terms of this Agreement.
13.2.2 Replace or modify the Services, or any applicable part thereof, with a different version (or part thereof).
13.2.3 Modify such Services, or applicable part thereof, or
13.2.4 Terminate this Agreement with respect to the portion of the Services that could be subject to the Claim, and refund any prepaid, unused Fees for such portion of the Services for the remainder of the then-current Term.
13.3 SECTION 13.1 REPRESENTS PASSTHROUGH’S SOLE LIABILITY FOR, AND CUSTOMER’S EXCLUSIVE REMEDY FOR, INTELLECTUAL PROPERTY INFRINGEMENT CLAIMS OF ANY KIND IN CONNECTION WITH THE SERVICES DELIVERED UNDER OR IN CONNECTION WITH THIS AGREEMENT.
13.4 Passthrough Indemnification Exclusions. Passthrough shall not have any indemnification obligation for any Claim pursuant to this Agreement to the extent a Claim is based upon:
13.4.1 any modification to the Services by anyone other than Passthrough or its agents (provided that Passthrough shall not be liable if Passthrough or its agents made such modifications using requirements documents, written specifications or other written materials submitted by Customer or its agents or representatives);
13.4.2 any modification of the Services or the use, combination, or operation of the Services with equipment, devices, software, systems or data if such equipment, devices, software, systems or data has not been expressly authorized by this Agreement;
13.4.3 use of the Services in violation of this Agreement;
13.4.4 Customer’s continued use of any version of the Services other than the then-current, unaltered version, if infringement would have been avoided by use of a current, unaltered version thereof that has been made available to Customer;
13.4.5 Customer’s continued use of the Services after being notified of allegedly infringing activity or being informed of modifications that would have avoided the alleged infringement;
13.4.6 third party software or services, Customer software, or Customer Data.
13.5 Indemnification by Customer. Customer shall defend, indemnify and hold Passthrough harmless against any Claims made or brought against Passthrough by anyone other than a Passthrough Related Party against Passthrough and its Related Parties where the third party asserts:
13.5.1 misappropriation, misuse or breach of applicable law related to Customer’s provision of Customer Data to Passthrough;
13.5.2 that Customer's breach of Section 2 of this Agreement violates the rights of such third party;
13.5.3 that Customer failed to comply with applicable laws, rules or regulations in its performance of this Agreement, or
13.5.4 that any third party equipment, devices, software, systems, or data Customer combined, operated or used with the Services infringes or violates the rights of such third party.
13.6 Indemnification Procedure
13.6.1 Promptly after a Party seeking indemnification obtains knowledge of the existence or commencement of a Claim, the party to be indemnified will notify the other party of the Claim in writing, provided however, that the indemnifying party’s indemnity obligations will be waived only if and to the extent that its ability to conduct the defense are materially prejudiced by a failure to give notice.
13.6.2 The indemnifying party will assume the sole control of defense and settlement of the claim at the indemnifying party’s expense, provided, however, that the indemnified party:
a. may join in the defense and settlement of the Claim and employ counsel at its own expense, and
b. will reasonably cooperate with the indemnifying party in the defense and settlement of the Claim.
13.6.3 The indemnifying party may not settle any Claim without the indemnified party’s written consent unless the settlement:
a. includes a release of all covered Claims pending against the indemnified party;
b. contains no admission of liability or wrongdoing by the indemnified party, and
c. imposes no obligations upon the indemnified party other than an obligation to stop using any infringing items.
13.6.4 If both the indemnified party and the indemnifying party are named parties in any action relating to the Claim and the counsel chosen by the indemnifying party cannot represent both the indemnified party and indemnifying party due to any present or potential conflict in representing the interests of both parties, then the indemnifying party will retain separate counsel for the indemnified party.
13.7 THIS SECTION 13 STATES THE ENTIRE LIABILITY OF THE INDEMNIFYING PARTY AND THE INDEMNIFIED PARTY’S EXCLUSIVE REMEDY WITH RESPECT TO ANY CLAIM BY A THIRD PARTY DESCRIBED IN THIS SECTION.
14.1 Term of Agreement. This Agreement shall commence on the Effective Date listed in the Order Form.
14.2 Term. Except as specified otherwise in an Order Form, a standard Term is for one (1) year commencing on the effective date of such Order Form. Except as specified otherwise in an Order Form, Customer's subscription to the Services will automatically renew for additional one (1) year periods unless either party notifies the other of its intent not to renew in writing at least thirty (30) days prior to the expiration of the then-current Term. In the event that any Term expires before Customer makes a payment for a renewal Term, Passthrough reserves the right to charge: (a) a proportionate fee for the elapsed time period during which the Term was expired plus (b) a reactivation fee to process the renewal.
14.3 Termination Rights.
14.3.1 Either Party may terminate this Agreement (including all related Order Forms):
a. upon breach of this Agreement if such breach has not been cured within 30 days of written notice from the non-breaching Party specifying the breach in detail and, if Passthrough is the non-breaching Party, Passthrough may terminate Customer's password, account, access to and/or use of the Services;
b. immediately upon written notice if the other Party seeks protection of a bankruptcy, insolvency, receivership, liquidation, assignment for the benefit of creditors or similar proceeding, or if any such proceeding is instituted against such party;
c. immediately if either Party undergoes a change of control in favor of a competitor of the other Party, or
d. immediately if either Party ceases operation without a successor.
14.3.2 Passthrough may immediately terminate this Agreement if Customer breaches any of the terms of this Agreement, including those relating to Passthrough’s intellectual property (including Customer’s non-compliance with the license grant or any license restrictions).
14.3.3 If this Agreement is terminated by Customer in accordance with subsection 14.3.1 a., Passthrough will refund Customer any prepaid fees covering the remainder of the then-current Term of all Order Forms after the effective date of termination, without any additional fee, interest or penalty.
14.3.4 In no event will termination relieve Customer of its obligation to pay any Fees or funds payable to Passthrough for the period prior to the effective date of termination.
14.4 Effect of Termination.
14.4.1 Upon termination of this Agreement:
a. the Term for the Services shall immediately end;
b. Customer will no longer have the right to use the Services, and any licenses or access granted to Customer relating to same shall automatically cease to exist as of the date of termination, and
c. if any Fees were owed prior to termination, other than for termination by Customer for Passthrough’s uncured breach, Customer must pay those Fees immediately.
14.4.2 Within thirty (30) days of termination of this Agreement, upon Customer's request, provided Customer is not in breach of the Agreement including but not limited to payment obligations, Passthrough will make available to Customer a file of the Customer Data, excluding Customer Data in the Sandbox Account (whether deleted from the Sandbox Account or not), then in its possession.
14.4.3 Customer agrees and acknowledges that, thirty (30) days following the effective termination date of this Agreement or if Customer's account is thirty (30) days or more past due, Passthrough will have no obligation to maintain or produce Customer Data under this Agreement, and may, in Passthrough’s sole discretion, delete or destroy all copies of Customer Data in the Services or otherwise in Passthrough’s possession or control, unless legally prohibited.
14.5 Survival. The following provisions shall survive any termination of this Agreement: Sections 1, 2.2, 2.3, 2.4, 2.5, 4, 6, 7.2, 8, 11, 12, 13, 14.4, 14.5,15, and 16, provided that Sections 12 and 13 shall only survive to the extent applicable to a Claim.
15.1 Each Party may have access to information that is confidential to the other Party. As used herein, "Confidential Information" means all confidential and proprietary information of a Party ("Disclosing Party") disclosed to the other Party ("Receiving Party"), whether orally or in writing, that is clearly identified as confidential at the time of conveyance as well as any information that, based on the circumstances under which it was disclosed, a reasonable person would believe to be confidential, including but not limited to the terms and conditions of this Agreement (including pricing and other terms reflected in an Order Form hereunder), the Customer Data, the Services, business and marketing plans, technology and technical information, product designs, trade secrets and business processes.
15.2 Party's Confidential Information shall not include information that:
15.2.1 is or becomes a part of the public domain through no act or omission of the other Party;
15.2.2 was in the other Party's lawful possession prior to the disclosure and had not been obtained by the other Party either directly or indirectly from the Disclosing Party;
15.2.3 is lawfully disclosed to the other Party by a third party, including information relating to a third party directly disclosed by such third party at any time in the course of the provision of Services and/or for which Passthrough may independently obtain subsequent consent to disclose;
15.2.4 is independently developed by the other Party without use of or reference to the other Party's Confidential Information.
15.3 The Parties agree to use all reasonable care to prevent disclosure of the other Party's Confidential Information to any third party.
15.4 Notwithstanding the foregoing, Customer acknowledges and agrees that Passthrough may disclose Customer's Confidential Information to its employees, consultants, Providers and other third-party providers, provided that Passthrough has a non-disclosure agreement in place with such third-party provider.
15.5 This Section 15 constitutes the entire understanding of the Parties and supersedes all prior or contemporaneous agreements, representations or negotiations, whether oral or written, with respect to Confidential Information.
15.6 If Receiving Party receives a request from a court or other governmental body to disclose any Confidential Information of Disclosing Party ( a “Disclosure Request”), the Receiving Party is permitted to disclose such Confidential Information only to the extent necessary to comply with the Disclosure Request or as otherwise required by law.
15.6.1 If permissible and practical in light of the nature of such Disclosure Request, Receiving Party shall provide Disclosing Party with prior notice of such Disclosure Request and reasonable assistance, at Disclosing Party's expense, if Disclosing Party wishes to seek protection or confidential treatment of the Confidential Information relevant to the Disclosure Request.
15.6.2 If the Receiving Party receives a Disclosure Request as part of a proceeding to which the Disclosing Party is a party, and the Disclosing Party is not contesting the Disclosure Request or is requesting the Disclosure Request, the Disclosing Party shall reimburse the Receiving Party for its reasonable cost and fees incurred in compiling and providing secure access to the Confidential Information relevant to the Disclosure Request.
15.7 Each party acknowledges and agrees that should it breach its obligations under this Section 15, the other party may suffer harm which may not be adequately compensated by monetary damages. In such an event, the non-breaching party may, in addition to seeking monetary damages, seek specific performance and injunctive or other equitable relief without the necessity of posting bond.
15.8 Upon any termination of this Agreement, the Receiving Party shall continue to maintain the confidentiality of the Disclosing Party's Confidential Information for two (2) years and, upon request, return to the Disclosing Party or destroy to the extent possible all materials containing such Confidential Information.
15.9 Notwithstanding anything to the contrary in this Agreement, Passthrough may retain Customer Data, or any portion of it, if required by applicable laws or pursuant to Passthrough’s retention policies.
16.1 This Agreement shall be governed by and construed in accordance with the laws of the state of New York, excluding that body of law applicable to choice of law. If any provision of this Agreement is found by a court of competent jurisdiction to be unenforceable, then such provision(s) shall be construed to reflect the intentions of the invalid or unenforceable provision(s), with all other provisions remaining in full force and effect. Disputes between the Parties, including any affirmation of an arbitration award, shall be brought exclusively in a New York court, and each Party consents to the personal jurisdiction of the state and federal courts in New York, New York.
16.2 Save as otherwise set out in this Section, any dispute, claim or controversy arising out of or relating to this Agreement or the breach, termination, enforcement, interpretation or validity thereof, including the determination of the scope or applicability of this Agreement to arbitrate, or the parties’ relationship in anyway, shall be determined by arbitration in New York, New York before a single arbitrator. The arbitration shall be administered by JAMS pursuant to its Streamlined Arbitration Rules and Procedures. Judgment on the award may be entered in any court having jurisdiction in New York. This clause shall not preclude parties from seeking provisional remedies in aid of arbitration from a court of appropriate jurisdiction.
16.3 This Agreement together with any applicable Order Form, represent the Parties' entire understanding relating to the use of the Services and supersedes any prior or contemporaneous, conflicting or additional, communications. In the event of a conflict between the terms of a duly signed, applicable Order Form and this Agreement, the terms of such Order Form shall prevail. Subject to sub-section 16.10, below, no amendments or waivers regarding this Agreement or the applicable Order Form shall be effective unless in writing and signed by authorized representatives of the Parties hereto.
16.4 No joint venture, partnership, employment, or agency relationship exists between Passthrough and Customer as a result of this Agreement or use of the Services.
16.5 Customer may not assign any of its rights or obligations hereunder, whether by operation of law or otherwise, without the prior written consent of Passthrough (not to be unreasonably withheld). Any attempted assignment in breach of this Section shall be void. This Agreement shall bind and inure to the benefit of the Parties and permitted assigns.
16.6 In the ordinary course of its business, Passthrough uses third-party service providers (collectively, “Vendors”) to support the provision of the Services. In addition, Passthrough may provide the Services or support through one or more Affiliates. Passthrough reserves the right to engage and substitute Vendors and Affiliates as it deems appropriate to provide the Services and support hereunder.
16.7 Neither Party shall be liable to the other for any delay or failure to perform hereunder (excluding payment obligations) during any period in which such performance is delayed or rendered impracticable or impossible due to circumstances beyond such Party's reasonable control, including acts of God, acts of government, flood, fire, earthquakes, civil unrest, acts of terror, strikes or other labor problems (excluding those involving such Party's employees), internet or other Services disruptions involving hardware, software or power systems not within such Party's possession or reasonable control, and denial of services attacks.
16.8 Passthrough may give notice by means of a Customer notification on the Passthrough website, electronic mail to Customer's email address on record in Passthrough's account information, or by written communication sent by first class mail or pre-paid post to Customer's physical address. Customer may give notice to Passthrough at any time by letter sent by e-mail to support@passthrough.com or by letter delivered first class mail to Passthrough at 228 Park Ave S PMB 42032, New York, NY 10003-1502. All notices shall be deemed to have been given five days after mailing (if sent by first class mail) or twenty-four (24) hours after sending by email.
16.9 The failure of either Party to enforce any right or provision in this Agreement shall not constitute a waiver of such right or provision unless acknowledged and agreed to by such party in writing. In the event of any litigation of any controversy or dispute arising out of or in connection with this Agreement, its interpretation, its performance, or the like, the prevailing party shall be awarded reasonable attorneys' fees and expenses, court and arbitration costs, and reasonable costs for expert and other witnesses attributable to the prosecution or defense of that controversy or dispute. Any rights not expressly granted herein are reserved.
16.10 Passthrough reserves the right to alter the terms of this Agreement at any time. Customer agrees to review the latest version of the Agreement on Passthrough's website periodically to remain aware of any modifications to the Agreement. The Agreement available on the website will be dated so as to make clear what version is current, and such version will control all prior and current provisions of Services. Any use of the Services after alteration of the Agreement will constitute continued acceptance by Customer of such changes. Customer's sole remedy should Customer not agree with the altered Agreement shall be to cease Customer's use of the Services and to comply with Customer's termination obligations outlined in Section 14 of this Agreement.
Customers designating Goodwin Procter as their registered legal counsel on Passthrough are strongly encouraged to read Appendix D - Disclaimer Notice for the co-branded Passthrough website.
Service Level Agreement
2. Scheduled Maintenance.
2.1.1 Generally. Passthrough will schedule non-emergency, service-affecting maintenance (“Scheduled Maintenance”) during the Maintenance Windows and with advance notice as set forth below:
2.2 Emergency Scheduled Maintenance. If Passthrough reasonably believes that an emergency necessitates immediate attention, then Passthrough may perform emergency scheduled maintenance with notice, if possible, and will provide status updates as soon as practicable.
3. Remedies. If the Uptime Percentage in a calendar month falls below the Uptime Minimum, Customer will be entitled to a credit against future Passthrough fees (“Service Credit”) as set forth here:
4. Procedures.
4.1 Submission. For Customer to be eligible for a Service Credit, Passthrough must receive an email by the end of the second billing cycle (i.e., two full calendar quarters after the incident occurred) that:
4.1.1.1 includes the words “SLA Credit Request” in the subject line;
4.1.1.2 identifies the dates and times when the Subscription Services was not Available; and
4.1.1.3 includes any logs and other material that document the errors and corroborate the claimed outage (any confidential or sensitive information in these logs should be removed or replaced with asterisks)
4.2 Issuances of Service Credits. Passthrough will issue the applicable Service Credit to Customer’s account following its good faith and reasonable confirmation of the Uptime Percentage of such request.
4.3 Miscellany. Provided that Passthrough has not acted or failed to act in a manner constituting bad faith, gross negligence, fraud or willful misconduct, Section 3 (Remedies) states Customer’s sole and exclusive remedy for Passthrough’s failure to meet obligations under this Exhibit.
5. Other Exclusions. The Uptime Minimum does not apply to any unavailability, suspension or termination of Subscription Services performance issues that result from any of the following (collectively, the “Other Exclusions”): (a) factors outside of Passthrough’s reasonable control, including any force majeure event or Internet access or related problems beyond the demarcation point of the Passthrough site, (b) any actions or inactions of Customer or any third party, (c) Customer’s software or other technology and/or third party equipment, software, applications or other technology (other than third party equipment within Passthrough’s direct control); or (d) Passthrough’s suspension and termination of Customer’s right to use the Subscription Services in accordance with the Agreement.
DATA PROCESSING ADDENDUM
Last Updated: June 21, 2023
This Data Processing Addendum (“DPA”) forms part of, and is incorporated into, the Master Subscription Agreement or other written or electronic agreement between Passthrough, Inc. (“Passthrough”) and Customer (collectively, the “Parties”) for the provision of services to Customer (“Agreement”). This DPA applies to the Processing of Investor Personal Data by Passthrough in the context of the Agreement.
1. Definitions and Interpretation
For purposes of this DPA, the terms below shall have the meanings set forth below. Capitalized terms that are used but not otherwise defined in this DPA shall have the meanings set forth in the Agreement.
1.1. “Customer Affiliate” means an entity that owns or controls, is owned or controlled by or is or under common control or ownership with Customer, where control is defined as the possession, directly or indirectly, of the power to direct or cause the direction of the management and policies of an entity, whether through ownership of voting securities, by contract or otherwise;
1.2. “Customer Group Member” means Customer or any Customer Affiliate;
1.3. “Investor Personal Data” means any Personal Data Processed by Passthrough on behalf of a Customer Group Member pursuant to or in connection with the Agreement;
1.4. “Data Protection Laws” means all laws and regulations applicable to the Processing of Personal Data under this DPA, in each case as amended or replaced from time to time, including as applicable the GDPR, the Data Protection Act 2018 of the United Kingdom, the Swiss Federal Act on Data Protection, the California Consumer Privacy Act, as amended by the California Privacy Rights Act (“CCPA”), the Virginia Consumer Data Protection Act, the Connecticut Data Privacy Act, the Utah Consumer Privacy Act, and the Colorado Privacy Act;
1.5. “EEA” means the European Economic Area;
1.6. “EU Standard Contractual Clauses” means Standard Contractual Clauses for the transfer of Personal Data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and the Council approved by European Commission Implementing Decision (EU) 2021/914 of 4 June 2021, as currently set out at https://eurlex.europa.eu/eli/dec_impl/2021/914/oj;
1.7. “GDPR” means the General Data Protection Regulation 2016/679 together with any national implementing laws in any Member State of the EEA (“EU GDPR”) and the EU GDPR in such form as incorporated into the laws of the United Kingdom (“UK GDPR”);
1.8. “Information Security Incident” means a breach of Passthrough’s security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Investor Personal Data in Passthrough’s possession, custody or control;
1.9. “Investment” means a subscription for an interest in one or more of the investment offerings that use Passthrough’s online fund subscription management platform and related services;
1.10. “Investor” means an individual or an entity (including its directors, partners, trustees, employees, agents or representatives from time to time) who subscribes for an Investment;
1.11. “Sub-processor” means another Processor engaged by a Processor to carry out Processing on behalf of a Controller;
1.12. The terms “Controller”, “Data Subject”, “Personal Data”, “Processing” (or “Process”), “Processor” and “Supervisory Authority” shall have the same meaning as in the Data Protection Laws. The term “Personal Data” includes “personal information,” “personally identifiable information,” and equivalent terms as such terms may be defined by applicable Data Protection Laws. The term “Controller” includes a “business” as defined under the CCPA and the term “Processor” includes a “service provider” as that term is defined under the CCPA.
2. Role of the Parties
2.1. Notwithstanding any other provision in this DPA, Customer acknowledges and agrees that if Investors request or consent to the reuse of their Personal Data submitted through the Passthrough’s portal to facilitate the subscription process in connection with other potential Investments not sponsored by Customer, Passthrough may reuse such Personal Data for the purposes authorized by the Investor and to fulfill Passthrough’s independent relationship with such Investor. Passthrough will be a Controller in relation to such Processing and such Personal Data will not be Investor Personal Data for any purpose under this DPA or the Agreement. In all other circumstances, Passthrough is a Processor/service provider of Investor Personal Data in the provision of the Services to Customer, and Customer is a Controller/business; if Customer is itself acting as a Processor for Investor Personal Data on behalf of a fund entity that is the Controller of such data, Passthrough will Process such data as a Sub-processor to Customer.
2.2. Schedule 1 to this DPA sets out a description of the Processing of Investor Personal Data by Passthrough as a Processor (or Sub-processor) in the provision of the Services to Customer.
3. Processing of Personal Data
3.1. Customer shall, in its use of the Services, Process Investor Personal Data in accordance with the Data Protection Laws. For the avoidance of doubt, Customer’s instructions for the Processing of Investor Personal Data shall comply with Data Protection Laws. Customer warrants and represents that it is and will at all relevant times remain duly and effectively authorized to give the instructions set out in this DPA on behalf of each relevant Customer Affiliate and to receive any communications or notifications in relation to this DPA on behalf of the relevant Customer Affiliate. Except where Data Protection Laws require a Customer Affiliate to exercise a right or seek any remedy under this DPA against Passthrough directly by itself, the Parties agree that solely Customer shall exercise any such right or seek any such remedy on behalf of the relevant Customer Affiliate.
3.2. Passthrough shall, in its provision of the Services, Process Investor Personal Data in accordance with the Data Protection Laws. Passthrough shall Process Investor Personal Data on behalf of and only in accordance with Customer’s documented instructions for the following purposes: (i) Processing in accordance with the Agreement and applicable Order Form(s); and (ii) Processing to comply with other documented reasonable instructions provided by Customer (e.g., via email) where such instructions are consistent with the terms of the Agreement.
3.3. If Data Protection Laws preclude Passthrough from complying with Customer’s instructions, Passthrough will inform Customer of its inability to comply with the instructions. Passthrough will also immediately inform Customer if, in its opinion, an instruction from Customer infringes the Data Protection Laws.
3.4. Except as permitted by Data Protection Laws or this DPA, Passthrough shall not (a) “sell” or “share” (as defined by the CCPA) Investor Personal Data; (b) Process Investor Personal Data outside of the direct business relationship between the Parties or for any purpose other than to provide the Services in accordance with the Agreement, unless required by applicable laws; or (c) combine Investor Personal Data with Personal Data Passthrough receives from any other person. The Parties acknowledge and agree that the disclosure of Investor Personal Data by Customer to Passthrough does not form part of any monetary or other valuable consideration exchanged between the Parties.
3.5. Passthrough shall provide Investor Personal Data with the same level of privacy protection as is required by the applicable Data Protection Laws and notify Customer if it can no longer comply with its obligations under this DPA. Customer has the right to take reasonable steps to ensure that Passthrough uses Investor Personal Data in a manner consistent with Customer’s obligations under the Data Protection Laws by exercising Customer’s audit rights as set forth in this DPA. Upon notice to Passthrough, Customer may take reasonable and appropriate steps to remediate Passthrough’s use of Investor Personal Data in violation of this DPA, and Passthrough shall reasonably cooperate with Customer in taking such steps.
4. Confidentiality
4.1. Passthrough will require Passthrough’s employees who access Investor Personal Data to commit to protect the confidentiality of the data.
5. Cross-Border Transfers of Personal Data
5.1. To the extent Customer transfers any Investor Personal Data originating from the EEA to Passthrough in connection with the Services, the Parties hereby agree that, where Customer is a Controller and Passthrough is a Processor, Module Two (Controller to Processor Module) of the EU Standard Contractual Clauses and all other sections of the EU Standard Contractual Clauses having general application (hereinafter, “C2P SCCs”) shall apply and are hereby incorporated into this DPA by this reference. Where Customer is a Processor and Passthrough is a Sub-processor to Customer, Module Three (Processor to Processor Module) of the EU Standard Contractual Clauses and all other sections of the EU Standard Contractual Clauses having general application (hereinafter, “P2P SCCs”) shall apply to such transfers and the Parties agree to comply with the P2P SCCs, which are hereby incorporated into this DPA by this reference. In furtherance of the foregoing, the Parties agree that, for purposes of the C2P SCCs and the P2P SCCs:
5.1.1. where Passthrough is a Processor, Passthrough shall comply with all the obligations of the “data importer” under the C2P SCCs. Where Passthrough is a Sub-processor to Customer, Passthrough shall comply with all the obligations of the “data importer” under the P2P SCCs. In each case, Customer shall comply with the obligations, and shall have the rights, of the “data exporter” under the C2P SCCs and the P2P SCCs, respectively;
5.1.2. the optional docking clause in Clause 7 will not apply;
5.1.3. in Clause 9(a), Option 2 will apply and the time period for prior notice of Sub-processor changes will be as set forth in Section 7.2 of this DPA;
5.1.4. the optional redress clause in Clause 11(a) is struck;
5.1.5. for the purpose of Clause 17, Option 1 is selected and the EU Standard Contractual Clauses shall be governed by the laws of Ireland;
5.1.6. for the purpose of Clause 18(b), the Parties agree to submit to the jurisdiction of the courts of Ireland;
5.1.7. for the purposes of Annex I, Section A (List of Parties), (i) the data exporter’s and the data importer’s identity and contact details and, where applicable, information about their respective data protection officer and/or representative in the EEA are those set forth in the Agreement or as otherwise communicated by each Party to the other Party; (ii) Customer is either the Controller (under the C2P SCCs) or the Processor (under the P2P SCCs), and Passthrough is a Processor (under the C2P SCCs and the P2P SCCs, as applicable); (iii) the activities relevant to the data transferred under the EU Standard Contractual Clauses relate to the provision of the Services pursuant to the Agreement; and (iv) each of Customer’s and Passthrough’s entering into this DPA shall be treated as, respectively, Customer’s and Passthrough’s signature of Annex I, Section A, of the C2P SCCs and the P2P SCCs as of the date this DPA is entered into;
5.1.8. for the purposes of Annex I, Section B (Description of Transfer): (i) Schedule 1 to this DPA sets out a description of the Processing of Investor Personal Data; (ii) the frequency of the transfer is continuous (for as long as Customer uses the Services); (iii) Investor Personal Data will be retained in accordance with Clause 8.5 of the EU Standard Contractual Clauses and this DPA; (iv) information about Passthrough’s Sub-processors is included in Section 7 of this DPA.
5.1.9. for the purposes of Annex I, Section C, the competent supervisory authority is the authority communicated by Customer to Passthrough; and
5.1.10. for the purposes of Annex II, data importer has implemented appropriate technical and organizational measures to protect the security, confidentiality and integrity of Investor Personal Data, including as described in Section 6 of this DPA, Schedule 2 of this DPA and here: https://www.passthrough.com/security, or as otherwise made reasonably available by Passthrough to Customer.
5.2. In respect of transfers of Investor Personal Data originating from the United Kingdom and that is subject to the UK GDPR, the UK International Data Transfer Addendum to the EU Standard Contractual Clauses (version B.1.0) issued by the UK Information Commissioner (“UK Addendum”) will be deemed entered into (and incorporated into this DPA by this reference) and completed as follows: (i) In Table 1 of the UK Addendum, the Parties’ details and key contact information are located in Sections 5.1.7 of this DPA; (ii) In Table 2 of the UK Addendum, information about the version of the EU Standard Contractual Clauses, modules and selected clauses which the UK Addendum is appended to is located in Section 5.1 of this DPA; (iii) In Table 3 of the UK Addendum, the list of parties and the description of the transfer are located in Section 5.1 of this DPA; Annex II (Technical and Organizational Security Measures) is located in Section 5.1.10 of this DPA; and information about Sub-processors is located at Section 7 of this DPA; and (iv) for the purposes of Table 4 of the UK Addendum, both the importer and the exporter may end the UK Addendum in accordance with its terms. Each of Customer’s and Passthrough’s entering into this DPA shall be treated as, respectively, Customer’s and Passthrough’s signature of the UK Addendum.
5.3. Insofar as the transfer of Investor Personal Data is subject to the Swiss Federal Act on Data Protection, the Parties agree to comply with the EU Standard Contractual Clauses and the following provisions shall apply: (i) the Federal Data Protection and Information Commissioner (FDPIC) will be the competent supervisory authority under Clause 13 of the EU Standard Contractual Clauses; (ii) the Parties agree to abide by the GDPR standard in relation to all Processing of Investor Personal Data that is governed by the Swiss Federal Act on Data Protection; (iii) the term ‘Member State’ in the EU Standard Contractual Clauses will not be interpreted in such a way as to exclude Data Subjects in Switzerland from the possibility of suing for their rights in their place of habitual residence (Switzerland) in accordance with Clause 18(c) of the EU Standard Contractual Clauses; and (iv) references to the ‘GDPR’ in the EU Standard Contractual Clauses will be understood as references to the Swiss Federal Act on Data Protection insofar as the transfer of Investor Personal Data is subject to the Swiss Federal Act on Data Protection.
6. Security
6.1. Passthrough shall in relation to Investor Personal Data implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk presented by the Processing, including, where required, the measures referred to in Article 32(1) of the GDPR or in other Data Protection Laws and as described in Schedule 2 of this DPA. Passthrough may update these measures from time to time provided that Passthrough will not materially decrease the overall security of the Services during the term of the Agreement. Customer is responsible for reviewing the information made available by Passthrough relating to data security and making an independent determination as to whether the Services meet Customer’s requirements under Data Protection Laws.
6.2. Passthrough shall notify Customer without undue delay, but within no later than 48 hours, upon Passthrough becoming aware of an Information Security Incident affecting Investor Personal Data, by sending notice to Customer, and providing Customer with sufficient information to allow Customer to meet any obligations to report or inform Data Subjects of the Information Security Incident under the Data Protection Laws. Passthrough shall provide reasonable co-operation to Customer and take such reasonable commercial steps as are directed by Customer to assist in the investigation, mitigation and remediation of each such Information Security Incident. Passthrough’s notification of or response to an Information Security Incident under this Section will not be construed as an acknowledgement by Passthrough of any fault or liability with respect to the Information Security Incident.
7. Sub-processing
7.1. Customer hereby authorizes Passthrough to appoint (and permit each Sub-processor appointed in accordance with this Section 7 to appoint) Sub-processors in accordance with this Section 7.
7.2. The Sub-processors appointed by Passthrough as at the date of this DPA are set out at https://www.passthrough.com/sub-processors (“Sub-processors List”). Passthrough will inform Customer of any intended changes concerning the addition or replacement of any appointed Sub-processors (a “New Sub-Processor”) at least fifteen (15) days in advance, along with reasonably detailed information about such New Sub-Processor by posting to the Sub-Processors List website https://www.passthrough.com/sub-processors (which shall have a mechanism allowing Customer to subscribe to notifications of new Sub-Processors as provided in this DPA here (“Notification Mechanism”) and sending email notification to Customers who have subscribed to the Notification Mechanism. If Customer does not subscribe to such notifications, Customer shall be deemed to have received notice of a New Sub-Processor when such changes are posted to the Sub-Processors List.
7.3. Customer will have an opportunity to object to the appointment of a New Sub-Processor within ten (10) days after receipt of notice of a New Sub-Processor in accordance with Section 7.2, provided that such objection must be on reasonable, substantial grounds, directly related to such New Sub-Processor's ability to comply with substantially similar obligations to those set out in this DPA. If Customer does not so object, the engagement of the New Sub-Processor shall be deemed accepted by Customer. If Customer notifies Passthrough in writing of any objections to the proposed appointment, the Parties agree to discuss commercially reasonable alternative solutions in good faith. If the Parties cannot reach a resolution within sixty (60) days from the date of Passthrough’s receipt of Customer’s written objection, the Parties may terminate the Agreement.
7.4. With respect to each Sub-processor, Passthrough shall, prior to the Processing of Investor Personal Data by each Sub-processor, carry out reasonable due diligence to ensure that each Sub-processor is capable of providing sufficient guarantees to safeguard Investor Personal Data as required by the Data Protection Laws. Passthrough will enter into an agreement with each Sub-processor that imposes on the Sub-processor substantially the same obligations that apply to Passthrough under this DPA. Where any of its Sub-processors fails to fulfil its data protection obligations, Passthrough will be liable to Customer for the performance of its Sub-processors’ obligations.
8. Data Subject Rights
8.1. Taking into account the nature of the Processing, Passthrough will assist Customer by implementing appropriate technical and organizational measures, insofar as this is possible, for the fulfillment of Customer’s obligations to respond to requests to exercise Data Subject rights under the Data Protection Laws. Passthrough will (i) promptly notify Customer (but no later than within two (2) business days) if Passthrough becomes aware of a Data Subject under any Data Protection Laws in respect of Investor Personal Data; and (ii) unless otherwise required by Data Protection Laws, not respond to that request except, except that Customer authorizes Passthrough to redirect the Data Subject request as necessary to allow Customer to respond directly; and (iii) provide reasonable and timely assistance to Customer in responding to any such right requests or communications.
9. Data Protection Impact Assessment and Prior Consultation
9.1. Upon Customer’s written request, Passthrough will provide reasonable assistance to Customer with the fulfillment of Customer’s own obligations under Data Protection Laws to conduct data protection impact assessments and prior consultations with Supervisory Authorities, in each case solely in relation to the Processing of Investor Personal Data and taking into account the nature of the Processing and information available to Passthrough. Passthrough may charge a fee (based on Passthrough’s reasonable costs) for any such assistance.
10. Deletion or Return of Investor Personal Data
10.1. Subject to Section 10.2 below, upon termination or expiration of the Agreement (or portion thereof) and in any event within thirty (30) days after the end of the provision of Services Passthrough will cease Processing all Investor Personal Data related to such terminated Services and will securely delete all Investor Personal Data and existing copies in its possession as set out in the Agreement, except as required by Data Protection Laws and provided that any Investor Personal Data stored on back-up systems will be deleted in accordance with Passthrough’s backup deletion cycle. If Customer wishes to change this instruction regarding data deletion, then Customer has the right to request a change by sending Passthrough written notice as provided for in the Agreement.
10.2. Notwithstanding anything to the contrary in this Section, Passthrough may retain Investor Personal Data, or any portion of it, if required by applicable law or regulation, including applicable Data Protection Laws, provided such Investor Personal Data remains protected in accordance with the terms of the Agreement, this DPA, and applicable Data Protection Laws.
11. Audits
11.1. Passthrough will provide Customer with all information reasonably necessary to enable Customer to demonstrate compliance with its obligations under the Data Protection Laws, and allow for and contribute to audits, including inspections, conducted by Customer or an auditor mandated by Customer, to the extent that such information is within Passthrough's control and Passthrough is not precluded from disclosing it by applicable law, a duty of confidentiality, or any other obligation owed to a third party, and provided that such audits shall be carried out with reasonable notice during regular business hours not more often than once per year unless otherwise required by applicable Data Protection Laws or a Supervisory Authority.
11.2. Following receipt by Passthrough of an audit request, the Parties will discuss and agree in advance on the reasonable start date, scope and duration of and security and confidentiality controls applicable to any audit. Passthrough may charge a fee (based on Passthrough’s reasonable costs) for any audit. Passthrough will provide Customer with further details of any applicable fee, and the basis of its calculation, in advance of any such audit. Customer will be responsible for any fees charged by any auditor appointed by Customer to execute any such audit.
12. General Terms
12.1. In the event of any conflict or inconsistency between this DPA and the EU Standard Contractual Clauses or the UK Addendum, the provisions of the EU Standard Contractual Clauses or the UK Addendum, as applicable, shall prevail.
12.2. Subject to Section 12.1, with regard to the subject matter of this DPA, in the event of inconsistencies between the provisions of this DPA and any other agreements between the Parties, including the Agreement and including (except where explicitly agreed otherwise in writing, signed on behalf of the Parties) agreements entered into or purported to be entered into after the date of this DPA, the provisions of this DPA shall prevail.
12.3. Each Party’s liability towards the other Party under or in connection with this DPA will be limited in accordance with the provisions of the Agreement.
12.4. If any provision of this DPA is found by any court or administrative body of competent jurisdiction to be invalid or unenforceable, then the invalidity or unenforceability of such provision does not affect any other provision of this DPA and all provisions not affected by such invalidity or unenforceability will remain in full force and effect.
SCHEDULE 1
DETAILS OF PROCESSING
1. Subject matter and duration of the Processing
The subject matter of the Processing of Investor Personal Data is the provision of the Services to Customer. Investor Personal Data will be Processed for the duration of the Agreement, subject to Section 10 of the DPA.
2. Nature and purpose of the Processing
Passthrough shall host, maintain and otherwise Process Investor Personal Data only in connection with the provision of Services pursuant to the terms of the Agreement and this DPA.
3. Types of Investor Personal Data
Regarding Investors who are natural persons: names, contact details and other information contained in any subscription documents or forms completed by Investors in connection with an Investment or otherwise collected by Passthrough on behalf of Customer pursuant to the Agreement, including country of citizenship, place of residence, marital status, education, date of birth, social security numbers, government IDs, accredited Investor status, financial information (such as bank details), tax exemption status, tax IDs, information contained in W8 and W9 forms, address of employer and nature of employment, possession of financial licenses, level of financial sophistication, Investor’s annual income and/or net worth, capital commitment amount, status as a custodian of a minor, past convictions under securities laws.
Regarding directors, partners, trustees, employees, agents or other representatives of an Investor who complete subscription documentation on behalf of an Investor: names, contact details and IP addresses.
4. Categories of Data Subjects Investors
5. Obligations and rights of Customer and Customer Affiliates The obligations and rights of Customer and Customer Affiliates are set out in the Agreement and the DPA.
SCHEDULE 2
SECURITY MEASURES
As from the Addendum Effective Date, Passthrough will implement and maintain the security measures set out in this Schedule 2 in relation to Investor Personal Data Processed under the DPA.
API Addendum to Master Subscription Agreement
This API Addendum to Master Subscription Agreement (this “Addendum”) is an addendum to and governed by the Master Subscription Agreement between You and Passthrough (the “MSA”). Capitalized terms not defined herein have the meanings set forth in the MSA.
“API” means Passthrough’s application programming interface for accessing functionality of the Subscription Services and other services provided by Passthrough.
“Customer Platform” means Customer’s software platform or service that will integrate or communicate with Passthrough through the API.
“SDK” means Passthrough’s software development kit for implementing the API and other functionality in connection with use of the Subscription Services and other services provided by Passthrough.
2.1 Subject to the terms and conditions of the MSA and this Addendum, Passthrough hereby grants to Customer (a) a limited, nonexclusive, non-transferable, royalty-free, non-sublicensable right and license, during the term of the MSA, to access and use the API in connection with Customer’s use of the Services, and (b) if the SDK is provided by Passthrough, a limited, nonexclusive, non-transferable, royalty-free, non-sublicensable right and license, during the term of the MSA, to use the SDK to integrate the Customer Platform with the Subscription Services and distribute and otherwise make available the SDK as part of such integration. The API and SDK shall be considered “Services” under the MSA.
2.2 If Passthrough makes the API available to Customer through use of an API key, Customer may not share the API key with any third party, must keep the API key and all related log-in information secure, and must use the API key as Customer’s sole means of accessing the API. The API key may be revoked at any time by Passthrough.
2.3 Prior to providing any Investor with access to Passthrough services via the API or in any other way integrated into the Customer Platform, Customer will cause each Investor to agree to Passthrough’s Terms and Conditions set forth at https://www.passthrough.com/terms and Privacy Policy set forth at https://www.passthrough.com/privacy in a manner approved by Passthrough and will notify Passthrough of such agreement in the manner specified by Passthrough.
Disclaimer Notice for the co-branded Passthrough website
By designating Goodwin as your registered legal counsel on Passthrough, Passthrough will provide members of Goodwin with access to your Passthrough account and will facilitate certain interactions and processes in Passthrough for Goodwin.
Goodwin’s role as your registered legal counsel on Passthrough is subject to the following understandings. Please let your Goodwin attorney know immediately if you do not accept the below conditions.
Your Privacy Choices