Last updated: March 10, 2021 (see previous version).
PLEASE READ THE FOLLOWING TERMS AND CONDITIONS CAREFULLY BEFORE
ACCESSING OR USING THE SUBSCRIPTION SERVICES (DEFINED BELOW).
THE TERMS AND CONDITIONS OF THIS AGREEMENT (DEFINED BELOW) GOVERN USE
OF THE SUBSCRIPTION SERVICES UNLESS YOU AND METABASE, INC. (“METABASE”)
HAVE EXECUTED A SEPARATE AGREEMENT GOVERNING USE OF THE SUBSCRIPTION
Metabase is willing to provide the Subscription Services to you only
upon the condition that you accept all the terms contained in this
Agreement. By clicking on the checkbox marked “Subscribe” on the
registration page or by accessing or using the Subscription Services,
you have indicated that you understand this Agreement and accept all of
its terms. If you are accepting the terms of this Agreement on behalf of
a company or other legal entity, you represent and warrant that you have
the authority to bind that company or other legal entity to the terms of
this Agreement, and, in such event, “you” and “your” will refer to that
company or other legal entity. If you do not accept all the terms of
this Agreement, then you must not accept this Agreement and you may not
use the Subscription Services.
“Agreement” means this Subscription Services Agreement, together
with the Data Processing Addendum attached as Exhibit A.
“Customer Application Data” means data input into the Subscription
Services by you and your Authorized Users. Customer Application Data
includes the log-in credentials for each Authorized User and queries
submitted by your Authorized Users.
“Customer Business Data” means the data on your external databases
that you and your Authorized Users retrieve or access in the course of
using the Subscription Services.
“Customer Data” means, collectively, the Customer Application Data,
the Customer Business Data and the Customer Metadata.
“Customer Metadata” means data that describes the Customer Data.
Customer Metadata may include data such as the number of datasets in a
database, the average data size of a dataset, what database software a
user connects to or Metabase-generated descriptions of a given dataset.
“Order” means the order schedule presented to you at the time you
purchase your initial subscription to the Subscription Services or the
payment confirmation furnished to you at the time of each renewal, as
“Subscription Services” means Metabase’s cloud-based business
intelligence and analytics platform as specified in an Order.
2.1 Subscription Services. Subject to your compliance with the terms
and conditions of this Agreement, during the Subscription Term (as
defined below): (i) Metabase will: provide you with Subscription
Services, and you may access and use the Subscription Services solely
for your internal business purposes within the usage limits specified in
the applicable Order; and (ii) Metabase will provide the support
services applicable to the service tier that you have subscribed to, in
accordance with Metabase’s policies from time to time.
2.2 Authorized Users. The Subscription Services may only be accessed
and used by your employees and independent contractors, who may only
access and use the Subscription Services for the sole purpose of
performing their job functions or services (as applicable) for you
(“Authorized Users”), and only up to the number of Authorized Users
specified in the applicable Order. The log-in credentials for each
Authorized User are for a single individual only and cannot be shared or
used by more than 1 person. You are responsible for all actions taken
under an Authorized User’s account, whether or not such action was taken
or authorized by the Authorized User.
2.3 Restrictions. You, on behalf of yourself and your Authorized
Users, agree not to: (1) copy, modify, alter, decompile or reverse
engineer the Subscription Services (including the source code, object
code, and underlying structure and algorithms thereof); (2) resell or
otherwise make the Subscription Services available to any third party;
(3) use the Subscription Services either directly or indirectly to
support any activity that is illegal or that violates the proprietary
rights of others; (4) interfere with or disrupt the Subscription
Services or attempt to gain access to any systems or networks that
connect thereto (except as required to access and use the Subscription
Services); (5) deactivate, impair, or circumvent any security or
authentication measures of the Subscription Services; (6) use the
Subscription Services or its output to train, calibrate, or validate, in
whole or in part any other systems, programs or platforms, or for
benchmarking, software-development, or other competitive purposes; or
(7) permit any third parties to do any of the above. You are responsible
for the use of the Subscription Services by your Authorized Users, and
their compliance with this Agreement.
3. Customer Data.
3.1 Customer Data. As between you and Metabase, you own all
worldwide right, title and interest in and to all Customer Data. You
grant to Metabase a non-exclusive license to access and use the Customer
Data to provide the Subscription Services to you and your Authorized
Users. In addition, you grant to Metabase a non-exclusive license to
access and use the Customer Application Data and Customer Metadata (but
not the Customer Business Data) to develop and improve Metabase’s
products and services (including the Subscription Services) as set forth
metabase.com/hosting/privacy_policy. You acknowledge and agree that
your use of the Subscription Services is subject to Metabase’s Privacy
Policy. You are solely responsible for the content of all Customer Data.
You represent and warrant that (1) you have, and will continue to have,
during the term of this Agreement, all necessary rights, authority and
licenses for the access to and use of the Customer Data as contemplated
by this Agreement and the software and systems on or through which you
have requested us to provide services; and (2) Metabase’s use of the
Customer Data in accordance with this Agreement will not violate any
applicable laws or regulations or cause a breach of any agreement or
obligation between you and any third party. The Data Processing Addendum
set forth in Exhibit A is hereby incorporated herein by reference.
3.2 Security; Backup. Metabase will maintain (and will require its
third party service providers to maintain) reasonable administrative,
physical and technical safeguards intended to protect the Customer Data
against accidental loss and unauthorized access or disclosure, in
accordance with applicable industry standards. Metabase will follow its
standard archival procedures for Customer Data. In the event of any loss
or corruption of Customer Data, Metabase will use its commercially
reasonable efforts to restore the lost or corrupted Customer Data from
the latest backup of such Customer Data maintained by Metabase. Metabase
will not be responsible for any loss, destruction, alteration,
unauthorized disclosure or corruption of Customer Data caused by you or
by any Authorized User or third party. METABASE’S EFFORTS TO RESTORE
LOST OR CORRUPTED CUSTOMER DATA PURSUANT TO THIS SECTION 3.2 WILL
CONSTITUTE METABASE’S SOLE LIABILITY AND YOUR SOLE AND EXCLUSIVE REMEDY
IN THE EVENT OF ANY LOSS OR CORRUPTION OF CUSTOMER DATA IN CONNECTION
WITH THE SUBSCRIPTION SERVICES.
4. Subscription Fees & Payment.
4.1 Subscription Fees. You will pay the fees and charges stated in
the Order (“Subscription Fees”) for use of the Subscription
Services. The base Subscription Fee for each Subscription Term will be
specified in the Order (“Base Subscription Fee”) and is payable and
charged at the beginning of each Subscription Term.
4.2 Verification; True-Up. If specified in the Order, Subscription
Fees will be calculated based on units of use of the Subscription
Services such as number of users or amount of data processed (each, a
“Unit”). Where applicable, the Base Subscription Fee includes the
number of Units specified in the Order for each Subscription Term.
Metabase may create and maintain logs reflecting usage of the
Subscription Services under your account. Metabase may access and review
such logs from time to time to verify your compliance with applicable
usage limitations and other terms of this Agreement, and Metabase may
use such logs to prevent or limit unauthorized use of the Subscription
Services. Without limiting any of Metabase’s other rights or remedies,
if your actual usage of the Subscription Services exceeds the Units
covered by the Base Subscription Fee prepaid by you for a Subscription
Term, Metabase will charge you for the difference between the Units
covered by the Base Subscription Fee and the number of Units actually
used by you during that Subscription Term (“Additional Units Fee”).
4.3 Payment Terms. If you have provided us with credit card details,
we will charge that credit card: (i) at the start of each Subscription
Term, for the Base Subscription Fee; and (ii) within thirty (30) days of
our invoice for any Additional Units Fee payable by you (if any). We
will issue a payment confirmation to you with respect to any charges we
have made to your credit card. If we issue an invoice to you, all
invoices are payable as specified in the Payment Terms section of the
Order (or if not so specified, within thirty (30) days of receipt). All
amounts are stated and shall be paid in US dollars and are exclusive of
taxes, duties, levies, tariffs, and other governmental charges
(collectively, “Taxes”). You are responsible for payment of all
Taxes and any related interest and/or penalties resulting from any
payments made to us, other than any taxes based on Metabase’s net
income. All past due amounts will incur interest at a rate of 1% per
month or the maximum rate permitted by law, whichever is less. Except as
expressly set forth in this Agreement, all payments, once paid, are
5. TERM AND TERMINATION
5.1 Subscription Term. This Agreement will commence on the date you
accept it and, unless terminated earlier by either party in accordance
with the terms of this Agreement, will continue for the initial
subscription term specified in the Order. At the end of such initial
subscription term and each renewal subscription term thereafter, subject
always to timely payment of the Subscription Fees, this Agreement will
automatically renew for additional renewal subscription terms having the
duration specified in the Order (or if no renewal term length is stated
in the Order, having the same duration as the Initial Subscription
Term), unless either party provides 15 days’ prior written notice of
non-renewal. Such initial subscription term and each renewal
subscription term are each individually referred to herein as a
5.2 Termination for Breach. Each party will have the right to
terminate this Agreement if the other party breaches this Agreement and
fails to cure such breach within 10 days after written notice thereof.
If you terminate this Agreement for breach, Metabase will refund the
unused portion of the Subscription Fees that you had paid for the
Subscription Services for the remainder of the then-current Subscription
Term (if any).
5.3 Additional Remedies. Without limiting other available remedies,
Metabase reserves the right to suspend or disable your and your
Authorized Users’ access to the Subscription Services if any undisputed
amounts payable under this Agreement more than 30 days past due.
Metabase also reserves the right to suspend or disable access to the
Subscription Services if Metabase determines (in its discretion) that:
(1) your or any Authorized User’s use of the Subscription Services
disrupts, harms, or poses a security risk, or may cause harm, in each
case to Metabase, the Subscription Services or any third party; or (2)
you or any Authorized User has used, or is using, the Subscription
Services in breach of this Agreement.
5.4 Effect of Termination. Upon any expiration or termination of
this Agreement, your (and your Authorized Users’) right to access and
use the Subscription Services will automatically terminate, except that
the Authorized Users will be permitted to access the Subscription
Services for 30 days following termination solely to download any
Customer Data stored thereon. Metabase will have no liability for any
costs, losses, damages, or liabilities arising out of or related to
Metabase’ exercise of its termination rights under this Agreement. Any
payment obligations as of the expiration or termination will remain in
effect. The obligations and provisions of Sections 2.3, 3, 4, 5.4 and
Sections 6 through 12 (inclusive) will survive any expiration or
termination of this Agreement.
6. Confidentiality. Each party understands that the other party may
need to disclose certain non-public information relating to the
disclosing party’s business that is marked or identified as
“confidential” at the time of disclosure, or that is of any nature
described in this Agreement as confidential
(“Confidential Information”) in connection with the use and/or
performance of the Subscription Services. Metabase Confidential
Information includes the non-public portions of the Subscription
Services and any related documentation and pricing information. During
the term of this Agreement and for three (3) years thereafter, each
party agrees to take reasonable precautions to protect the disclosing
party’s Confidential Information from unauthorized disclosure, not to
use such Confidential Information except as authorized or as necessary
to perform its obligations under this Agreement and to not disclose
(without the disclosing party’s prior authorization, including any such
authorization given under this Agreement) to any third person any such
Confidential Information (other than on a need to know basis to the
receiving party’s employees, consultants and service providers who are
subject to confidentiality obligations that are at least as protective
of the disclosing party’s Confidential Information as this Agreement) or
as specifically permitted under this Agreement. Confidential Information
does not include any information that the receiving party can show: (1)
through no fault of the receiving party, is or becomes generally
available to the public, or (2) was in its possession or was known prior
to receipt from the disclosing party, or (3) was rightfully disclosed to
it without restriction by a third party, or (4) was independently
developed without use of any Confidential Information of the disclosing
party. The receiving party may disclose Confidential Information if the
disclosure is necessary to comply with a valid court order or subpoena
(in which case the receiving party will, unless prohibited by law or
legal process, promptly notify the disclosing party and cooperate with
the disclosing party if the disclosing party chooses to contest the
disclosure requirement, seek confidential treatment of the information
to be disclosed, or to limit the nature or scope of the information to
be disclosed). Upon termination of this Agreement will promptly return
to the disclosing party or destroy all copies of the disclosing party’s
Confidential Information in its possession or control, except that the
receiving party may retain one (1) copy of the disclosing party’s
Confidential Information for the sole purpose of monitoring its
compliance under this Agreement. Notwithstanding the foregoing, upon
termination, Metabase will not retain the Customer Data except as
necessary to comply with Section 5.4.
7.1 Metabase IP. As between Metabase and you, Metabase owns all
worldwide right, title and interest in and to the Subscription Services
and the Usage Data, including all Intellectual Property Rights therein.
For purposes of this Agreement, “Intellectual Property Rights” means
patent rights (including patent applications and disclosures),
copyrights, trade secrets, know-how and any other intellectual property
rights recognized in any country or jurisdiction in the world.
7.2 Feedback. If you provide any ideas, suggestions, or
recommendations regarding the Subscription Services (“Feedback”),
Metabase will be free to use, disclose, reproduce, license or otherwise
distribute, and exploit such Feedback as it sees fit, entirely without
obligation or restriction of any kind. By providing Feedback, you grant
to Metabase a worldwide, perpetual, irrevocable, fully-paid,
royalty-free, nonexclusive license to use and exploit in any manner such
7.3 Usage Data. You acknowledge and agree that Metabase may generate
de-identified data with respect to the use and performance of the
Subscription Services and may retain and use such de-identified usage
and performance data for its internal business purposes, such as
developing and improving Metabase’s products and services (including the
8. NO WARRANTY. THE SUBSCRIPTION SERVICES ARE PROVIDED AS “AS IS,”
WITHOUT WARRANTY OF ANY KIND. METABASE DISCLAIMS ALL WARRANTIES, EXPRESS
OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY IMPLIED WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT,
AND ANY WARRANTIES ARISING OUT OF COURSE OF DEALING OR USAGE OF TRADE.
NO ADVICE OR INFORMATION, WHETHER ORAL OR WRITTEN, OBTAINED FROM
METABASE OR ELSEWHERE WILL CREATE ANY WARRANTY NOT EXPRESSLY STATED IN
THIS AGREEMENT. METABASE DISCLAIMS ANY WARRANTY THAT THE SUBSCRIPTION
SERVICES WILL BE ERROR-FREE OR UNINTERRUPTED OR THAT ALL ERRORS WILL BE
CORRECTED. You assume sole responsibility and liability for results
obtained from the use of the Subscription Services and for conclusions
drawn from such use. Metabase will have no liability for any claims,
losses, or damages caused by errors or omissions in any Customer Data or
any results produced by the Subscription Services based upon Customer
9. Limitation of Liability. IN NO EVENT WILL METABASE BE LIABLE FOR
ANY SPECIAL, INCIDENTAL, EXEMPLARY, PUNITIVE OR CONSEQUENTIAL DAMAGES,
OR FOR ANY LOSS OF USE, LOSS OF DATA, LOSS OF PROFITS OR LOSS OF
GOODWILL, OR THE COSTS OF PROCURING SUBSTITUTE PRODUCTS, WHETHER OR NOT
FORESEEABLE, ARISING OUT OF OR IN CONNECTION WITH THIS AGREEMENT OR THE
USE OR PERFORMANCE OF THE SUBSCRIPTION SERVICES, WHETHER SUCH LIABILITY
ARISES FROM ANY CLAIM BASED UPON CONTRACT, WARRANTY, TORT (INCLUDING
NEGLIGENCE), PRODUCT LIABILITY OR OTHERWISE, AND WHETHER OR NOT METABASE
HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH LOSS OR DAMAGE. METABASE’S
TOTAL AGGREGATE LIABILITY ARISING UNDER THIS AGREEMENT, FROM ALL CAUSES
OF ACTION AND ALL THEORIES OF LIABILITY, WILL NOT EXCEED THE AMOUNTS
PAID TO METABASE BY YOU FOR THE SUBSCRIPTION SERVICES DURING THE 12
MONTH PERIOD PRIOR TO THE FIRST CLAIM FOR LIABILITY HEREUNDER. The
parties agree that the limitations and exclusions contained in this
Section 9 and elsewhere in this Agreement will survive and apply even if
any exclusive remedy specified in this Agreement is found to have failed
of its essential purpose.
10. U.S. Government End Users. The Subscription Services are
“commercial computer software” and “commercial computer software
documentation,” respectively, as such terms are used in FAR 12.212 and
DFARS 227.7202. If access to the Subscription Services is being
acquired by or on behalf of the U.S. Government, then, as provided in
FAR 12.212 and DFARS 227.7202-1 through 227.7202-4, as applicable, the
U.S. Government’s rights in the Subscription Services will be only those
specified in this Agreement.
11. Force Majeure. Metabase will not be in breach of this Agreement
if its performance is prevented or delayed for circumstances beyond its
reasonable control, including but not limited to acts of God, inclement
weather, flood, lightning or fire, strikes or other labor disputes or
industrial action, act or omission of government or other competent
authority, terrorism, war, riot, or civil commotion, unavailability of
supply or power outage, hackers, viruses, disruption in transmission, or
disruption in telecommunications services.
12. General. This Agreement will be governed by and construed in
accordance with the laws of the State of California, without regard to
or application of conflict of laws rules or principles. The United
Nations Convention on Contracts for the International Sale of Goods will
not apply. Any legal action or proceeding arising under this Agreement
will be brought exclusively in the federal or state courts located in
the Northern District of California and each party irrevocably consents
to the personal jurisdiction thereof and venue therein. You may not
assign or transfer this Agreement, or any rights granted hereunder, by
operation of law or otherwise, without Metabase’s prior written consent,
and any attempt by you to do so, without such consent, will be void.
Metabase may freely assign this Agreement. Except as expressly set forth
in this Agreement, the exercise by either party of any of its remedies
under this Agreement will be without prejudice to its other remedies
under this Agreement or otherwise. All notices or approvals required or
permitted under this Agreement will be in writing and delivered by
confirmed email transmission, by overnight delivery service, or by
certified mail, and in each instance will be deemed given upon receipt.
All notices or approvals will be sent to the addresses set forth in the
applicable Order or to such other address as may be specified by either
party to the other in accordance with this Section. The failure by
either party to enforce any provision of this Agreement will not
constitute a waiver of future enforcement of that or any other
provision. Any waiver, modification or amendment of any provision of
this Agreement will be effective only if in writing and signed by
authorized representatives of both parties. If any provision of this
Agreement is held to be unenforceable or invalid, that provision will be
enforced to the maximum extent possible, and the other provisions will
remain in full force and effect. This Agreement, together with the
Orders, is the complete and exclusive understanding and agreement
between the parties regarding its subject matter, and supersedes all
proposals, understandings or communications between the parties, oral or
written, regarding its subject matter, unless you and Metabase have
executed a separate agreement governing use of the Subscription
Services. Any terms or conditions contained in any purchase order or
other ordering document that are inconsistent with or in addition to the
terms and conditions of this Agreement are hereby rejected by Metabase
and will be deemed null. The parties to this Agreement are independent
contractors and this Agreement will not establish any relationship of
partnership, joint venture, employment, franchise, or agency between the
parties. Neither party will have the power to bind the other or incur
obligations on the other’s behalf without the other’s prior written
13. Contact Information. If you have any questions regarding this
Agreement, you may contact Metabase at firstname.lastname@example.org.
1. Exhibit A
Data Processing Addendum
This Data Processing Addendum (“DPA”) forms part of the attached
Subscription Services Agreement (the “Agreement”) between you
(“Customer”) and Metabase.
1. Subject Matter and Duration.
1.1 Subject Matter. This DPA reflects the parties’ commitment to
abide by Data Protection Laws concerning the Processing of Customer
Personal Data in connection with Metabase’s performance of its
obligations under the Agreement. All capitalized terms that are not
expressly defined in this DPA will have the meanings given to them in
the Agreement. If and to the extent language in this DPA conflicts with
the Agreement, this DPA shall control.
1.2 Duration and Survival. This DPA will become legally binding upon
the effective date of the Agreement. Metabase will Process Customer
Personal Data until the relationship terminates as specified in the
Agreement. Metabase’s obligations and Customer’s rights under this DPA
will continue in effect so long as Metabase Processes Customer Personal
2.1 “Customer Personal Data” means Personal Data within Customer
Business Data Processed by Metabase on behalf of Customer.
2.2 “Data Protection Laws” means all applicable data privacy, data
protection, and cybersecurity laws, rules and regulations to which the
Customer Personal Data are subject. “Data Protection Laws” shall
include, but not be limited to, the California Consumer Privacy Act of
2018 (“CCPA”) and the EU General Data Protection Regulation 2016/679
(“GDPR”); in each case, to the extent applicable.
2.3 “Personal Data” shall have the meaning assigned to the terms
“personal data” and/or “personal information” under Data Protection
2.4 “Process” or “Processing” means any operation or set of
operations which is performed on Personal Data or sets of Personal Data,
whether or not by automated means, such as collection, recording,
organization, structuring, storage, adaptation or alteration, retrieval,
consultation, use, disclosure by transmission, dissemination, or
otherwise making available, alignment or combination, restriction,
erasure, or destruction.
2.5 “Security Incident(s)” means the breach of security leading to
the accidental or unlawful destruction, loss, alteration, unauthorized
disclosure of, or access to Customer Personal Data attributable to
2.6 “Services” means any and all services that Metabase performs
under the Agreement.
2.7 “Third Party(ies)” means Metabase’s authorized contractors,
agents, vendors and third-party service providers (i.e., sub-processors)
that Process Customer Personal Data.
3.1 Documented Instructions. Metabase and its Third Parties shall
Process Customer Personal Data only in accordance with the documented
instructions of Customer or as specifically authorized by this DPA, the
Agreement, or any applicable Order. Metabase will, unless legally
prohibited from doing so, inform Customer in writing if it reasonably
believes that there is a conflict between Customer’s instructions and
applicable law or otherwise seeks to Process Customer Personal Data in a
manner that is inconsistent with Customer’s instructions.
3.2 Authorization to Use Third Parties. To the extent necessary to
fulfill Metabase’s contractual obligations under the Agreement, Customer
hereby authorizes (i) Metabase to engage Third Parties and (ii) Third
Parties to engage sub-processors.
3.3 Metabase and Third-Party Compliance. Metabase agrees to (i)
enter into a written agreement with Third Parties regarding such Third
Parties’ Processing of Customer Personal Data that imposes on such Third
Parties data protection and security requirements for Customer Personal
Data that are compliant with Data Protection Laws; and (ii) remain
responsible to Customer for Metabase’s Third Parties’ failure to perform
their obligations with respect to the Processing of Customer Personal
3.4 Right to Object to Third Parties. Where required by Data
Protection Laws, Metabase will notify Customer prior to engaging any new
Third Parties that Process Customer Personal Data by updating its
subprocessor list at: metabase.com/hosting/subprocessors and allow
Customer ten (10) days to object. If Customer has legitimate objections
to the appointment of any new Third Party related to privacy or data
protection, the Parties will work together in good faith to resolve the
grounds for the objection for no less than thirty (30) days.
3.5 Confidentiality. Any person or Third Party authorized to Process
Customer Personal Data must contractually agree to maintain the
confidentiality of such information or be under an appropriate statutory
obligation of confidentiality.
3.6 Personal Data Inquiries and Requests. Where required by Data
Protection Laws, Metabase agrees to provide reasonable assistance and
comply with reasonable instructions from Customer related to any
requests from individuals exercising their rights in Customer Personal
Data granted to them under Data Protection Laws (e.g., access,
rectification, erasure, data portability, etc.). If a request is sent
directly to Metabase, Metabase shall notify Customer without undue
3.7 Sale of Customer Personal Data Prohibited. Metabase shall not
sell Customer Personal Data as the term “sell” is defined by the CCPA.
Metabase shall not disclose or transfer Customer Personal Data to a
Third Party or other parties that would constitute “selling” as the term
is defined by the CCPA.
3.8 Data Protection Impact Assessment and Prior Consultation. Where
required by Data Protection Laws, Metabase agrees to provide reasonable
assistance at Customer’s expense to Customer where, in Customer’s
judgement, the type of Processing performed by Metabase requires a data
protection impact assessment and/or prior consultation with the relevant
data protection authorities.
3.9 Demonstrable Compliance. Metabase agrees provide information
that is reasonably necessary to demonstrate compliance with this DPA
upon reasonable request.
Information Security Program. Metabase agrees to implement
commercially reasonable technical and organizational measures
designed to protect Customer Personal Data consistent with Data
Security Incidents. Upon becoming aware of a Security Incident,
Metabase agrees to provide written notice without undue delay and
within the time frame required under Data Protection Laws to
Customer by email to the email address associated with your account.
Where possible, such notice will include all available details
required under Data Protection Laws for Customer to comply with its
own notification obligations to regulatory authorities or
individuals affected by the Security Incident.
Audits. Where Data Protection Laws afford Customer an audit
right, Customer (or its appointed representative) may, not more than
once annually, carry out an audit of Metabase’s Processing of
Customer Personal Data by having Metabase complete a data protection
questionnaire of reasonable length. Any such audit shall be subject
to Metabase’s security and confidentiality terms and guidelines.
Data Deletion. At the expiry or termination of the Agreement,
Metabase will, at Customer’s option, delete or return all Customer
Personal Data (excluding any back-up or archival copies which shall
be deleted in accordance with Metabase’s data retention schedule),
except where Metabase is required to retain copies under applicable
laws, in which case Metabase will isolate and protect that Customer
Personal Data from any further Processing except to the extent
required by applicable laws.
8. Processing Details.
Subject Matter: The subject matter of the Processing is the Services
pursuant to the Agreement.
Duration: The Processing will continue until the expiration or
termination of the Agreement.
Categories of Data Subjects: Data subjects whose Personal Data will be
Processed pursuant to the Agreement.
Nature and Purpose of the Processing: The purpose of the Processing of
Customer Personal Data by Metabase is the performance of the Services.
Types of Customer Personal Data: Customer Personal Data that is
Processed pursuant to the Agreement.