Policies, Terms and Conditions

Effective Date: 1 April 2026

For legacy versions of our terms of service, please click here.

These Global Terms of Service (the "Terms") are entered into by and between You (collectively referred to as "Licensee", "Customer", or "Client" or “Your” or “Yours”) and Us (collectively referred to as "Company", "Disprz", "we", "us" or "our"). The Licensor entity as specified in the Order Form shall be considered as the Company or Disprz. Unless repugnant to the context and meaning hereof, We and You may collectively be referred to as “Parties” and individually as a “ Party.”

These Terms govern Your access to and use of our Software as a Service Platform through our domains (the "Platform"), including any learning content, courses, or materials licensed from Content Providers accessible through the Platform for Your Consumption (the "Marketplace Services") excluding any open source or publicly available artefacts made available on a non-commercial basis (“Opensource Artefacts”). Unless repugnant to the context and the content of the Order Form, the Platform and the Marketplace Services are collectively referred to as the “Services.”

In the event of conflict, the order of precedence shall be: (i) the Order Form; (ii) supplemental documents executed under the Order Form including but not limited to Service Annexure, Statement of Work, etc; (iii) these Terms; (iv) addendums, annexures, appendices, exhibits or schedules (collectively referred to as “Ancillary Documents”) incorporated herein by reference.

By executing an Order Form or accessing the Services, You agree to be bound by these Terms unless a written contract specifies otherwise.

These Terms are divided into Articles as below: (i) Definitions and Interpretations; (ii) General Terms and Conditions; (iii) Co-Licensing Terms; (iv) AI Terms; (v) Region-Specific Terms and Conditions; (vi) Data Processing Terms; (vii) Service Level Agreement; (viii) Information Security Controls and Processes; and (ix) Opensource Artefacts Usage Terms

These Terms are also governed by (i) Cookie Policy; (ii) Privacy Policy; (iii) Anti Bribery and Anti-Corruption Policy; (iv) Modern Slavery Policy; (v) Acceptable Use Policy; and (vi) Code of Conduct for Business Partners.

1. Definitions
   1. In these Terms, the following words, expressions, and abbreviations shall have the meanings set out below, unless context otherwise requires. Where any term was previously undefined or inconsistently defined, the definitions below shall govern:
      1. "Agreement" means the Order Form (sometimes referred to as “Subscription Form”), any supplemental documents executed thereunder, these Terms, and the Ancillary Documents herein.
      2. "Applicable Law" means any statute, law, regulation, ordinance, rule, judgment, order, decree, guideline, policy, or determination having the force of law by any court, statutory authority, regulatory body, judicial or quasi-judicial bodies, or governmental authority having jurisdiction over the matter in question, including any amendments, modifications, re-enactments, or replacements thereof from time to time, and including all subordinate legislation, notifications, circulars, and clarifications issued thereunder, whether in effect as of the Effective Date or thereafter.
      3. "Affiliates" means, with respect to any Party, any other entity that directly or indirectly, through one or more intermediaries, controls, is controlled by, or is under common Control with such Party, where "Control" signifies possession, directly or indirectly, of the power to direct or cause the direction of the management and policies of an entity, whether through ownership of more than fifty percent (50%) of voting securities, by contract, or otherwise.
      4. "Authorized Users" means only Your employees, agents, or contracted personnel, including those of Your Affiliates or Business Subcontractors (if any), who are authorized by You to use Your Platform Instance, as more specifically outlined in the respective Order Form..
      5. "Bug Fixes" means any modification, error correction, patch, or workaround to the Platform created by or for Us to remedy a Defect, which shall include: (i) any reproducible failure of the system to comply with current approved system specifications; (ii) critical system errors; or (iii) unexpected results that render the system, or any material portion thereof, unusable for its intended purpose.
      6. "Business Day" means any day on which clearing banks are open for business in the territory in which We operate excluding weekends, national, federal, state or public holidays. For SLA purposes, one Business Day equals eight (8) business hours.
      7. "Business Subcontractors" means any third-party service providers, consultants, independent contractors, or outsourced personnel engaged by You to support Your internal business operations who require access to the Services, subject to these Terms.
      8. "Cloud" means the multi-tenant, cloud-based infrastructure and proprietary software environment managed, operated and hosted by a professional third-party data centers (such as AWS, Azure, or GCP), which encompasses all hardware, software, networking, and security components used to deliver the Services to You.
      9. "Confidential Information" means any non-public information disclosed by either Party pursuant to the Agreement that (a) is in written, graphic, machine readable or other tangible form and is marked “Confidential,” “Proprietary” or in some other manner to indicate its confidential nature, or (b) in the case of oral or visual disclosure is identified as confidential at the time of disclosure and reduced to tangible form, marked as confidential, and provided to the receiving Party, or (c) under the circumstances, should, in good faith, be considered to be confidential. Notwithstanding the foregoing, without any need for designating the same as confidential or proprietary (i) all technology or proprietary information underlying the Platform belonging to Licensor shall be deemed Confidential Information of Licensor; (ii) all technology or proprietary information underlying the Marketplace Services belonging to Content Providers shall be deemed Confidential Information of such Content Providers, and (iii) all technology or proprietary information underlying the Opensource Artefacts belonging to the third party providers shall be deemed Confidential Information of such third party providers; and all technology or proprietary information underlying the Licensee Data and User Content, shall be deemed Confidential Information of Licensee without any need for designating the same as confidential or proprietary;
      10. "Defect" means any reproducible failure, error, or bug in the Platform that results in an inability to function in substantial accordance with intended use. This includes: (i) Functional Defects, where a feature fails to perform its intended task; (ii) Performance Defects, such as excessive latency or system crashes; and (iii) Security Defects. A Defect excludes non-conformities caused by misuse, unauthorized modification, or incompatibility with third-party software not specified as compatible.
      11. "Documentation" means the documents made available to You or Your Authorized Users by Us via Our websites, the Platform, or through physical or soft copies, from time to time, as part of these Terms.
      12. "Effective Date" means the earlier of: (i) the date on which the Order Form is executed; (ii) the specific date mentioned in the Order Form; (iii) the date on which the Instance is created by Us for providing Services to You; or (iv) the Go-Live Date.
      13. "Force Majeure" means any event beyond a Party's reasonable control that prevents or delays performance of its obligations, including acts of God, war, satellite disruption, flood, fire, terrorism, armed conflict, active hostilities, civil disturbance, pandemics, epidemics, strike, lockouts, or government-mandated lockdowns. In the context of the Services, Force Majeure specifically includes large-scale internet routing failures, widespread grid power outages, and catastrophic failures of third-party cloud infrastructure providers (e.g., AWS, Azure, GCP) not caused by Our negligence.
      14. "Go-Live Date" means the date agreed in the Order Form for each Instance to go live, regardless of any integration or customization.
      15. "Instance" means the Platform instance of each Platform subscription, set up and implemented by Us for You in accordance with these Terms under the respective Order Form.
      16. "Intellectual Property Rights" means all copyrights (including rights in computer software), patents, trademarks, design rights, database rights, semiconductor topography rights, rights in undisclosed or Confidential Information (such as know-how, trade secrets, and inventions whether patentable or not), and all other intellectual property or similar proprietary rights of whatever nature, whether registered or unregistered.
      17. “License Year” shall mean the period of every 365 days commencing from the start of the License Period.
      18. "License Period" means the period specified in the Order Form in respect of each Instance.
      19. "Platform" means the Software as a Service Platform enabling organization-wide autonomous enablement, learning, and skilling initiatives through which the Services are offered by Us to You.
      20. "Shared Instance" means a single, unified infrastructure of the Platform that is collectively subscribed to and accessed by more than one of Your named business entities, Affiliates, or Business Subcontractors under an Order Form through collective access.
      21. "Software" means the software underlying the Platform.
      22. "Term" means the period commencing from the Effective Date until the expiry of the License Period of each Instance as set out in the Order Form.
      23. "Material Breach" means: (i) breach of Intellectual Property Rights; (ii) breach of confidentiality obligations herein; (iii) violation of Applicable Laws; or (iv) non-payment of Charges beyond the Suspension Date.
      24. "Marketplace Services" means any learning content, courses, or materials licensed from Content Providers whose content is accessible through the Platform.
      25. "Content Providers" means any third-party providers of Marketplace Services which are licensed to You by Us through our reseller rights.
      26. "Unauthorized Use" means: (i) use of the Services by any third party through access credentials associated with an Authorized User; (ii) use by any third party (not an Authorized User) through a credential allocated by an Authorized User with admin access; (iii) use by an Authorized User after their cessation of employment using credentials allocated during their employment; (iv) use with an intention to resell the Services without commercial authorization; or (v) use without payment of requisite Charges.
      27. "User Content" means all Authorized User accounts and Authorized User data associated in any manner with You and Your operations.
      28. "Your Data" means all data created by or originating from You or any of Your Authorized Users, and all data that is the output of computer processing or other electronic manipulation of any such data, for the purpose of using the Services or facilitating Your use of the Services.
      29. "Data Fiduciary" or “Data Controller” means the legal person (the Licensee) who determines the purposes and means of the Processing of Personal Data. The Licensee/Data Fiduciary is the owner of all Personal Data provided to the Processor.
      30. "Data Principal" or “Data Subject” means any identified or identifiable natural person to whom the Personal Data relates.
      31. "Data Protection Regulation" means the Personal Data protection legislation applicable in the country in which the Licensor is operating, including any rules thereunder.
      32. "Personal Data" means any data or information about, or relating to, an individual who is identifiable.
      33. "Processing" means wholly or partly automated operation performed on Personal Data, including collection, storage, use, sharing, or destruction.
      34. "Personal Data Breach” means any unauthorized Processing, accidental disclosure, theft, or loss of access to Personal Data that compromises confidentiality, integrity, or availability.
      35. “Processor” or “Data Processor” shall mean the legal person or entity (the Licensor) that Processes Personal Data on behalf of and strictly in accordance with the instructions of the Data Fiduciary (Licensee) for the limited purpose of providing the Services under the Terms.
      36. “Service Availability” means the percentage of total time in a given calendar month during which the core functionalities of the SaaS platform are operable and accessible to the Customer.
2. Interpretation
   1. Unless the context otherwise requires, these Terms shall be construed as follows:
      1. Words using the singular number also include the plural and vice versa;
      2. The terms "hereof", "herein", "hereby", "hereto" and derivative or similar words refer to this entire Agreement;
      3. References to "Section", "Clause", "sub-Clause", "Schedule", "Attachment", “Exhibits”, “Appendix” and "Annexure" refer to the specified part of this Agreement;
      4. A reference to a document or instrument includes the document as novated, altered, supplemented, or replaced from time to time; and Headings, bold, italicized, and other stylized typefaces are for convenience only and shall not be considered for interpretation purposes.

1. Grant of Access: Subject to Your payment of Charges specified in the Order Form, You are hereby granted a limited (during the License Period), territorial, revocable (upon expiry of the License Period or upon earlier suspension and/or termination in accordance with these Terms), non-assignable, non-transferable, non-sublicensable, and non-exclusive right to permit Your Authorized Users to access and use the Platform and/or Services in accordance with the Documentation and in the manner contemplated by these Terms, solely for the purpose of corporate employee learning, development, enablement, and engagement. You agree that access to and use of the Services shall not transfer any rights, title, and interest not expressly granted in these Terms, and such rights, title, and interest in the Services are expressly reserved and shall remain solely and exclusively with Us and/or Our Content Providers.
2. Limitations of Grant: You and Your Authorized Users' access to the Services is limited to the functionality available at the time of signing of the Order Form and does not cover any feature or functionality or additional content planned for release at a future date, unless expressly set out in the Order Form. Enhancements to existing features of the Platform shall be made available at no additional charge. However, new features or functionality not part of Your current subscription may be made available at an additional fee. You will only have access to new features after payment of such additional fee. With regard to any Marketplace Services procured through Us, Your usage of such third-party Marketplace Services shall be governed by the end-user terms as mandated by such third-party Content Providers. You hereby agree that access, use and consumption of Opensource Artefacts through the Platform is subject to Opensource Artefacts Usage Terms.
3. Your Responsibilities: You shall (i) be responsible for Your own and Your Authorized Users' compliance with these Terms; (ii) be solely responsible for the accuracy, quality, integrity, and legality of Your Data; (iii) be responsible for the security and confidentiality of the passwords used to access the Services; (iv) use commercially reasonable efforts to prevent unauthorized access to or Unauthorized Use of the Services; (v) use the Services only in accordance with the Documentation and Applicable Law; (vi) inform Us promptly upon identifying any claim or threatened claims with regard to the Services; and (vii) comply with end-user terms imposed by any third party Content Providers with regard to their respective Marketplace Services. You shall not: (i) use, copy, modify, prepare derivative works from, or distribute the Services except as expressly permitted in these Terms; (ii) reverse assemble, reverse compile, translate, or reverse engineer the Services; (iii) use any of the Services’ components, files, modules, audio-visual content, or related licensed materials separately from the Services; (iv) sublicense, sell, rent, or lease the Services or assign its licenses otherwise than as permitted by these Terms; (v) use the Services to store or transmit infringing, libelous, or otherwise unlawful material, or material in violation of third-party rights; (vi) remove, minimize, block, or modify any trademarks, copyright notices, digital watermarks, or other Intellectual Property Rights notices; (vii) upload any material that may result in the infringement of any third-party Intellectual Property Rights; and (viii) use, challenge, seek to invalidate, or apply to register any name, business name, domain name, or trademark substantially identical to Our Intellectual Property Rights or of our Content Providers.
4. Charges: In consideration of the grant of License, You agree to pay Us the Charges as outlined in the respective Order Form. The Charges are exclusive of all applicable taxes, levies, and duties. Taxes will be charged as per prevailing rates and shall be borne by You. An annual escalation of ten percent (10%) year-on-year shall automatically be applied and invoiced from the expiry of the first License Year, unless otherwise agreed in writing in the Order Form. For incremental usage based on the Minimum Commitment, the charges shall be billed based on the billing cycle in arrears along with the next invoice.
5. Minimum Commitment: Any downward reduction of the Minimum Commitment during the License Period is not allowed. Any reduction during renewal shall result in a price increase as per Our prevailing rates. In case of a Shared Instance, part termination of the Order Form by one or more Licensee may result in upward commercial change if the overall minimum commitment falls below the agreed cumulative value of all the Licensee therein. For incremental usage based on the Minimum Commitment, the charges shall be billed based on the billing cycle in arrears along with the next invoice.
6. Invoicing & Billing:
1. User count for billing shall be derived on a registered user basis, calculated if a user's name is listed at any point in time during a month in the Platform and they had the ability to access and log in during that month, irrespective of actual login activity.
2. If You have a mandatory Purchase Order (PO) process for invoice payments under the Order Form, You shall issue the required PO within five (5) days prior to the commencement of the invoicing period. If You fail to issue the PO within this timeframe, We may raise invoices after the five (5) days have elapsed. Regardless of the PO process, You remain obligated to make payments in accordance with the agreed payment terms.
3. All payments are due within thirty (30) days of receipt of invoice unless a different credit period has been agreed in the Order Form.
4. In the event of any Unauthorized Use attributable to Your act or omission, without prejudice to Our other rights and remedies, You shall be liable to pay Us an amount equal to the fees that would be payable had such use been properly licensed from the beginning of the Unauthorized Use.
7. Suspension Rights: If We have not received payment within thirty (30) days after the due date of the invoices, then without prejudice to Our other rights and remedies:
1. we may, disable and/or suspend Your passwords, account, and access to all or part of the Platform (“Suspension Date”), and We shall be under no obligation to provide any access to the Platform, Services, or Documentation while the invoice(s) concerned remain unpaid; and
2. Interest shall accrue on such due amounts at a rate equal to 18% per annum, commencing on the due date and continuing until such due amounts have been fully paid by You.
3. It is clarified that any suspension action taken by Us as per the clause above shall not relieve You from Your payment obligations of Charges pertaining to the period of suspension, commencing from the Suspension Date until all overdues are paid. Access to the Services is subject to Your payment of Charges, in accordance with the details provided in the respective Order Form executed under these Terms.
8. Integrations and Technical Feasibility
1. All integrations with Your third-party systems, applications, or HRMS tools are strictly subject to Our assessment of technical feasibility and Your enablement of all necessary dependencies. Technical feasibility requires that the third-party system provides open, compatible, documented, and stable APIs or data transfer mechanisms that allow for secure transmission without altering Our core Platform architecture.
2. You shall, at Your own expense, procure and maintain all necessary third-party licenses, subscriptions, and permissions, and provide Us with the required administrative access, API keys, and network clearances. We are not responsible or liable for any interruptions, data degradation, or downtime caused by third-party systems or Your failure to maintain Your dependencies.
9. Change Requests
1. Any requests for customizations, new features, or modifications to the Platform outside of standard updates are subject to Our technical assessment and approval. All such customizations are chargeable over and above Your standard Charges and will be billed at Our then-prevailing professional service rates.
2. We are under no obligation to perform any out-of-scope work or customizations until a formal change order or addendum is executed and accepted by the Parties. Delays caused by Your delay and/or failure to finalize scoping or approve change order fees shall not be deemed a breach of Our service timelines.
10. Training
1. We shall provide You, during the implementation stage, certain training services as outlined in these Terms, to be included as part of the Services in consideration of the Charges. Any additional training services shall be provided for additional charges.
2. During the implementation phase (until the Go-Live Date), We shall provide the necessary support for enabling You to go-live, including one-time virtual training not exceeding four (4) business hours. We shall allocate a non-dedicated and non-exclusive customer success executive to handle queries during the implementation and post-implementation phases.
11. Term: These Terms shall come into force with effect from the Effective Date and, subject to Clause 14 (Termination), shall expire on the completion of the License Period of the last active Instance or Order Form.
12. Termination:
1. In the event of a Material Breach of this Agreement by either Party, the other Party shall provide a written notice of such breach. If the breaching Party fails to cure such breach within thirty (30) days of receipt of the notice ("Cure Period"), the non-breaching Party shall be entitled to terminate this Agreement in full or in part thereof.
2. Either Party shall have the right to terminate this Agreement forthwith if the other Party commits any willful misconduct, fraud, or gross negligence.
3. In the event of a breach (other than Material Breach) of this Agreement by either Party, the other Party shall provide a written notice of such breach. If the breaching Party fails to cure such breach within sixty (60) days of receipt of the notice ("Cure Period"), the non-breaching Party shall be entitled to terminate this Agreement in full or in part thereof.
13. Consequences upon Termination
1. In the event these Terms are terminated for any reason, You agree to promptly discontinue use of the Services with respect to the terminated portion.
2. Upon expiry of the License Period or on any earlier termination, We shall forthwith cease to provide access to the Services to You or any of Your Authorized Users.
3. Upon termination, any rights or authority granted by either Party to the other Party shall terminate with immediate effect, and all payments accrued before or on the effective date of termination will become immediately due and payable.
4. The accrued rights of the Parties as at termination, or the continuation after termination of any provision expressly stated or implicitly surviving termination, shall not be affected or prejudiced in any manner.
14. Intellectual Property Rights
1. Subject to the limited rights expressly granted hereunder, We reserve all rights, title, and interest in and to the Platform, including all related Intellectual Property Rights. You acknowledge that We are and shall be the sole owner of all Intellectual Property Rights in and to any solutions, analytical applications, and/or products developed by Us. All intellectual property in any corrections, enhancements, updates, modifications, versions, translations, or derivatives of the programs in respect of the Software shall remain Our property.
2. We acknowledge that any Intellectual Property Rights already owned by You and residing on the Platform by virtue of You having inserted it shall remain Your sole property. You shall be the sole owner of all Intellectual Property Rights in any content developed by You using the Platform.
3. The Parties acknowledge that the trademark of either Party is the sole property of the respective Party. However, You hereby provide express permission to Us, during the Term, to refer to or use any business name or trademark and logos of Yours in advertisements, promotional literature, or other communications.
4. You recognize that all third-party Intellectual Property Rights including Marketplace Services or Opensource Artefacts, if any, are the exclusive property of their respective owners. Each Party shall inform the other Party of any third-party Intellectual Property Rights that may be required under the terms of this Agreement. Under such circumstances, both Parties shall seek to procure appropriate licenses to use such third-party Intellectual Property Rights from the owner of such third-party Intellectual Property Rights and shall agree on the manner in which the costs of such licenses shall be borne.
5. During this Agreement, We may solicit You or End Users for feedback regarding the Services, including without limitation comments or suggestions regarding the possible creation, modification, correction, improvement, or enhancement of the Services, software, or content (collectively "Feedback"). Feedback incorporated into any Services and materials are hereby irrevocably assigned to Us, where applicable.
6. We respect intellectual property rights and expect You to do the same. If You believe that any content on our Platform infringes Your copyright or of any third party, please notify us at contracts@disprz.com with a written DMCA Notice containing: identification of the copyrighted work, location of the infringing content, Your contact details, a statement of good faith belief that use is unauthorized, a statement of accuracy under penalty of perjury, and Your signature. Upon receiving a valid notice, We may remove or disable access to the content.
15. Confidentiality
1. Each Party may be given access to Confidential Information from the other Party concerning the business and affairs of the other Party. Both Parties agree to hold all Confidential Information of the other in trust and confidence, as they would their own confidential information, and not to disclose Confidential Information except as necessary to carry out or enforce these Terms.
2. The receiving Party shall not, and shall ensure its employees, agents, consultants, sub-contractors, and professional advisers shall not, during the Term or thereafter for one (1) year, disclose to any person or use any Confidential Information obtained from the disclosing Party without prior written consent.
3. Disclosure of Confidential Information shall not constitute a breach where: (i) the information was already publicly available at the time of disclosure; (ii) it was already in the receiving Party's possession from another source not related to a Party under these Terms; or (iii) disclosure is required by law, regulation, or order by any court or regulatory authority.
4. The Parties agree that disclosure or use of Confidential Information in breach of this Clause may give rise to irreparable harm, and each Party has the right to seek remedies of injunction, specific performance, and/or other equitable relief. The provisions of this Clause shall survive termination for one (1) year.
16. Disclaimer of Warranties
1. WE WILL NOT BE LIABLE FOR ANY LOSS OR DAMAGE CAUSED BY A DISTRIBUTED DENIAL-OF-SERVICE ATTACK, VIRUSES, OR OTHER TECHNOLOGICALLY HARMFUL MATERIAL THAT MAY INFECT YOUR COMPUTER EQUIPMENT, COMPUTER PROGRAMS, DATA, OR OTHER PROPRIETARY MATERIAL DUE TO YOUR USE OF THE PLATFORM OR ANY SERVICES SUBJECT TO OUR COMPLIANCE POSTURE TOWARDS INFORMATION SECURITY AND DATA PRIVACY..
2. NEITHER WE NOR ANY PERSON ASSOCIATED WITH US INCLUDING CONTENT PROVIDERS MAKES ANY WARRANTY OR REPRESENTATION WITH RESPECT TO THE COMPLETENESS, SECURITY, RELIABILITY, QUALITY, ACCURACY, OR AVAILABILITY OF THE SERVICES. WITHOUT LIMITING THE FOREGOING, NEITHER WE NOR ANYONE ASSOCIATED WITH US REPRESENTS OR WARRANTS THAT THE PLATFORM, ITS CONTENT, OR ANY SERVICES OR ITEMS OBTAINED THROUGH THE PLATFORM WILL BE ACCURATE, RELIABLE, ERROR-FREE, OR UNINTERRUPTED, THAT DEFECTS WILL BE CORRECTED, THAT OUR PLATFORM OR THE SERVER THAT MAKES IT AVAILABLE ARE FREE OF VIRUSES OR OTHER HARMFUL COMPONENTS, OR THAT THE PLATFORM OR ANY SERVICES OR ITEMS OBTAINED THROUGH THE PLATFORM WILL OTHERWISE MEET YOUR NEEDS OR EXPECTATIONS.
3. WE HEREBY DISCLAIM THAT THE PLATFORM, ITS CONTENT, AND ANY SERVICES OR ITEMS OBTAINED THROUGH THE PLATFORM ARE PROVIDED ON AN "AS IS" AND "AS AVAILABLE" BASIS, WITHOUT ANY WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED. STATUTORY OR OTHERWISE, INCLUDING BUT NOT LIMITED TO ANY WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE. THE FOREGOING DOES NOT AFFECT ANY WARRANTIES WHICH CANNOT BE EXCLUDED OR LIMITED UNDER APPLICABLE LAW.
4. During the Term, You may participate in testing certain new services prior to their general availability. Your use of the beta functionality is at Your own risk, and any liability or claims arising from Your use are expressly disclaimed by Us. Any beta or experimental features, including AI-enabled functionality, are provided "as is", without warranty or support, and may be modified or discontinued at any time.
17. Indemnification & Liability
1. You shall indemnify, defend, and hold Us and Our officers, directors, employees, agents, successors, and assigns harmless from and against all third-party claims, suits, actions, damages, settlements, losses, liabilities, costs (including reasonable attorney's fees), and expenses arising from such Party's breach of the obligations and warranties under these Terms.
2. We shall indemnify, defend, and hold You and Your officers, directors, employees, agents, successors, and assigns harmless against claims brought against You by any third party alleging that Your use of the Platform, in accordance with these Terms, constitutes a direct infringement or misappropriation of the Intellectual Property Rights of a third party.
3. Notwithstanding anything to the contrary contained elsewhere in these Terms, to the fullest extent permitted by Applicable Law:
1. in no event shall either Party, its Affiliates, directors, employees, agents, or licensors be liable for any indirect, incidental, special, consequential, or punitive damages, including but not limited to loss of profits, revenue, data, goodwill, or other intangible losses;
2. in no event shall either Party's total and aggregate liability under these Terms exceed the Charges paid and/or payable in respect of the Platform subscription during the three (3) month period immediately preceding the date of the claim;
3. Subject to the disclaimer set forth in sub-clause (19.3.1), the limitation set forth in sub-clause (19.3.2) shall not apply in respect of: (i) undisputed outstanding payment obligations; (ii) violation of applicable laws; (iii) breach of Confidentiality or Intellectual Property Rights; (iv) gross negligence and/or willful misconduct; and (v) death or bodily injury.
18. Data Privacy and Protection
1. Each Party shall ensure that such Party's performance of its obligations under these Terms complies with all applicable local, state, and federal data privacy laws and regulations, including but not limited to laws relating to consent to make visual and audio recordings of individuals and consent to collect information from individuals.
2. The Parties acknowledge and agree that, with respect to any personal data processed in connection with the Services, You shall be the "data controller" and We shall act as the "data processor". You hereby authorize Us to engage sub-processors as necessary for the performance of the Services, provided that such sub-processors are bound by obligations no less protective than those set forth in these Terms. Our list of subprocessors are available in https://compliance.disprz.ai/
3. BY ACCESSING AND USING THE SERVICES, YOU AGREE THAT SHALL NOT UPLOAD, TRANSMIT, STORE, OR OTHERWISE PROCESS ON OR THROUGH THE PLATFORM ANY PAYMENT CARD DATA SUBJECT TO PCI DSS, PATIENT DATA OR PROTECTED HEALTH INFORMATION (PHI) AS DEFINED UNDER HIPAA, OR ANY DATA SUBJECT TO 21 CFR PART 11, UNLESS SPECIFICALLY AUTHORIZED IN WRITING BY OUR DATA PROTECTION OFFICER.
4. User personal data will be processed by Us strictly in accordance with Our Privacy Policy, Cookie Policy, and the Data Processing Terms.
19. Export and Sanctions Compliance
1. The Services, including any software, technology, data, and related materials, may be subject to export control and economic sanctions laws of the United States, the European Union, India, and other applicable jurisdictions (“Export Control Laws”). You agree to comply with all such applicable laws and regulations in connection with your access to and use of the Services.
2. You represent and warrant that you are not located, organized, or ordinarily resident in, and will not access or use the Services from or on behalf of, any country or territory subject to comprehensive sanctions or embargoes (including, without limitation, Cuba, Iran, North Korea, Syria, and the Crimea, Donetsk, and Luhansk regions), and that you are not listed on or owned or controlled by any party on any applicable government restricted or denied party list.
3. You shall not, directly or indirectly, export, re-export, transfer, or otherwise make available the Services in violation of Export Control Laws, including to any prohibited jurisdiction, end user, or for any prohibited end use (including, without limitation, activities related to nuclear, chemical, or biological weapons, missile systems, or restricted military applications). You further agree not to circumvent such restrictions, including through the use of VPNs, proxies, or similar mechanisms.
4. Disprz reserves the right to monitor compliance with this clause and to suspend or terminate access to the Services immediately, without notice, if it reasonably believes a violation has occurred. You agree to indemnify and hold harmless Disprz and its affiliates against any claims, losses, or liabilities arising from your breach of this clause. This provision may be updated from time to time to reflect changes in applicable laws.
20. Governing Law & Dispute Resolution: As per the provisions in the Region-Specific Terms and Conditions.
21. General Provisions
1. Relationship of Parties: We and You shall work on a principal-to-principal basis and as non-exclusive independent contractors. These Terms do not create a partnership, franchise, joint venture, agency, fiduciary, or employment relationship between Us and You.
2. Complete Agreement: These Terms constitute the entire agreement between Us and You with respect to the subject matter hereof, and supersede and replace all prior or contemporaneous understandings, proposals, representations, or agreements, written or oral, regarding such subject matter.
3. Severability: If any provision of these Terms is held by a court of competent jurisdiction to be contrary to law, the provision shall be modified and interpreted so as best to accomplish the objectives of the original provision to the fullest extent permitted by law, and the remaining provisions shall remain in effect.
4. Amendments, Waivers, and Cumulative Remedies: Any provision of these Terms may be amended, varied, or waived only if such amendment, variation, or waiver is in writing and signed by both Parties (in the case of an amendment or variation) or by the waiving party (in the case of a waiver).
5. Assignment: You shall not assign these Terms, in whole or in part, without Our prior written consent. We may assign these Terms, in whole or in part, at Our sole discretion without Your consent, including to an Affiliate or in connection with a merger, acquisition, corporate reorganization, or sale of all or substantially all of Our assets.
6. Force Majeure: If either You or We fail to perform obligations under these Terms due to Force Majeure, neither Party shall be held responsible for any loss or damage incurred by the other as a result of such failure. Both Parties agree to give notice to the other as soon as possible upon becoming aware of an event that may lead to the invocation of this Clause.
7. Notices: Unless otherwise provided herein, all notices or other communications shall be made in writing by letter (hand-delivered) or email and shall be deemed duly given or made upon personal delivery or dispatch by email. For Us: All notices are to be delivered to legal@disprz.com and contracts@disprz.com via email. For You: All notices are to be delivered to the email address associated with Your account or provided in the Order Form.
8. Class Action and Jury Trial Waiver:
1. You agree that any dispute, claim, or controversy arising out of or relating to your relationship with Disprz, including the interpretation, applicability, or enforcement of this Agreement, shall be resolved solely on an individual basis and You expressly waive any right to participate in any class action, collective action, consolidated action, or representative proceeding, whether as a class member, private attorney general, or in any other representative capacity. You further agree that no such claims may be brought or maintained on a class or representative basis in any forum.
2. To the fullest extent permitted by applicable law, you hereby knowingly, voluntarily, and irrevocably waive any right to a trial by jury in connection with any dispute, claim, or cause of action arising out of or related to this Agreement or the Services. Any such dispute shall be resolved exclusively by a judge or other authorized adjudicator, and not by a jury.
3. You agree that any dispute resolution proceedings will be conducted only on an individual basis and not in a class, consolidated, or representative action. No arbitrator, judge, or other adjudicator shall have the authority to consolidate claims or to hear any class or representative proceeding.
4. If any portion of this clause is found to be unenforceable or invalid under applicable law, such portion shall be severed, and the remaining provisions shall continue in full force and effect to the maximum extent permitted by Applicable Law.

If You and Your associated business entities, Affiliates, or sister organizations (collectively, the "Subscribing Entities") elect to collectively access the Platform through a Shared Instance, the following additional terms shall apply:

1. Shared Instance Access and Scope of Use: We grant You a non-exclusive, non-transferable, revocable, and limited right to access and use such Shared Instance strictly for Your respective internal business purposes, subject to the active subscriptions and terms of Your respective Order Forms. A breach or suspension of one Subscribing Entity may, at Our sole discretion, result in the suspension of the entire Shared Instance.
2. User Access, Segmentation, and Distinct Billing: Access for Your Authorized Users within a Shared Instance shall be segmented based on User-Defined Fields (UDFs). User counts will be tracked and billed separately. Swapping or transferring Authorized User profiles between different Subscribing Entities is strictly prohibited. If a single individual profile is reflected under more than one Subscribing Entity, that profile shall be treated as two distinct billable users.
3. Commingling of Data and Admin Access Risks: You expressly agree that Your employee profiles and PII will be hosted and commingled within the same database environment as the other Subscribing Entities sharing the instance. Any user designated as an Administrator will have technical access to view, modify, or export the data of all users across all Subscribing Entities within that Shared Instance. Except for reasons directly attributable to Our gross negligence or willful misconduct, We shall not be held responsible or liable for any damage, data leaks, or unauthorized access arising out of such commingling.
4. Mandatory Consents and Regulatory Approvals: The absolute burden of data compliance rests on You. You and the Subscribing Entities are solely responsible for obtaining all active consents, approvals, permissions, and lawful authorizations required from regulatory authorities, governmental bodies, and Your Authorized Users. You agree to indemnify and hold Us harmless against any third-party claims or regulatory penalties arising from Your failure to secure such active consents.

These AI Terms apply to You and all Your Authorized Users who access or use the Artificial Intelligence and Generative AI ("GenAI") enabled features of the Platform. By accessing or using the Platform, You and Your Users acknowledge and agree to be bound by these terms.

1. Purpose and Authorized Access: Your Users are granted access to the Platform's GenAI tools solely as authorized by You and strictly for Your internal business, training, and enablement purposes.
2. Account Security and Integrity: You and Your Users are responsible for maintaining the confidentiality of Your login credentials and shall be fully liable for all activity occurring under Your accounts. You and Your Users may not share credentials or attempt to circumvent any security or access controls.
3. Critical Disclaimer:
1. AI Mistakes and Mandatory Human Review: You acknowledge and agree that GenAI is an automated, evolving technology. AI-generated outputs are predictive in nature and may contain inaccuracies, omissions, hallucinated information, or biases. You and Your Users understand and accept that:
1. Human-in-the-Loop Verification: You and Your Users bear the absolute responsibility to review, proofread, and validate all AI-generated content prior to relying on it, publishing it, or distributing it within Your organization.
2. Prohibition on Material/Autonomous Decisions: GenAI outputs must not be used as the sole or automated basis for high-stakes decisions, including but not limited to employment, compliance, grading, legal, safety, medical, or other material decisions without thorough human review.
3. Assumption of Risk: We make no representations or warranties regarding the accuracy, reliability, completeness, non-infringement, legality, or suitability of any AI-generated content. You are solely responsible for reviewing, verifying, and validating such content before relying on it. Your use of and reliance on GenAI features at Your own risk.
4. Proprietary Protection (No Public LLM Training): To protect Your proprietary data, We do not use Your Data or User Content submitted through the Platform's GenAI features to train Our baseline, Platform-wide, or public large language models (LLMs) unless You provide express written consent.
5. Prohibited Content and Unlawful Use: You and Your Users shall not use the GenAI tools to upload, create, or distribute content that is unlawful, harmful, defamatory, harassing, discriminatory, or infringing. Without limitation, You and Your Users shall not generate, store, or transmit content that includes hate speech, extremist messaging, deceptive or fraudulent information, sexually explicit material, depictions of violence, or unauthorized personal data of third parties.
6. Intellectual Property Retention: The Platform, its software, user interfaces, algorithms, and all related intellectual property are and shall remain Our exclusive property. You and Your Users receive no rights other than those expressly granted by the Terms.

Future Modifications: We may update or modify these AI Terms at any time to reflect improvements to the Platform, changing AI regulatory environments, Applicable Laws, or best practices. Continued use of the Platform following such modifications constitutes Your acceptance of the updated terms. 

1. India: If You have signed the Order Form with Heuristix Digital Technologies Private Limited, a company incorporated under the law of the Republic of India and having its registered office at 6th Floor, Olympia Pinnacle, Old Mahabalipuram Road, Okkiyam Thuraipakkam, Chennai – 600 097, Tamil Nadu, India, these Terms shall be governed by and construed in accordance with the laws of India. The Parties shall first attempt to resolve any dispute, controversy, or claim arising out of or in connection with these Terms through good faith negotiations within thirty (30) days of written notice. If the dispute is not resolved through good faith negotiations, it shall be finally settled by arbitration in accordance with the Arbitration and Conciliation Act, 1996, by a sole arbitrator mutually appointed by the Parties. The seat and venue of arbitration shall be Chennai, Tamil Nadu, India, and the language shall be English. Your Data shall be hosted in India. Standard Support under the Service Level Agreement shall be provided during IST business hours, Monday to Friday, 10:00 to 19:00.
2. United States of America: If You have signed the Order Form with Heuristix Digital Technologies LLC, a company incorporated under the law of the State of Delaware and having its registered address at 251, Little Falls Drive, Wilmington, Delaware 19808, USA, and principal office at 395, Pleasant Valley Way, West Orange, New Jersey 07052, USA, these Terms shall be governed by the laws of the State of Delaware, without regard to conflict of law principles. The Parties shall first attempt to resolve any dispute through good faith negotiations within thirty (30) days of written notice. If the dispute remains unresolved, it shall be subject to the exclusive jurisdiction of the courts located in New Castle County, Delaware, and the Parties expressly waive any right to arbitration. Your Data shall be hosted in the United States. Standard Support under the Service Level Agreement shall be provided during Eastern Time business hours, Monday to Friday, 07:30 to 16:30.
3. United Kingdom: If You have signed the Order Form with Heuristix Digital Technologies UK Limited, having its registered office at Unit 7b BBK, Cranbrook House, 61 Cranbrook Road, Ilford, Greater London, IG1 4PG, these Terms shall be governed by and construed in accordance with the laws of England and Wales. The Parties shall first attempt to resolve any dispute through good faith negotiations within thirty (30) days of written notice. If the dispute remains unresolved, it shall be subject to the exclusive jurisdiction of the courts of Ilford, Greater London, and the Parties expressly waive any right to arbitration. Your Data shall be hosted in the United Kingdom. Standard Support under the Service Level Agreement shall be provided during UTC+2 business hours, Monday to Friday, 09:00 to 18:00.
4. Indonesia: If You have signed the Order Form withPT Heuristix Digital Technologies, having its registered office at AXA Tower, 36th Floor, Kuningan City, Jl. Prof. Dr. Satrio Kav. 18, South Jakarta 12940, Indonesia, these Terms shall be governed by the laws of the Republic of Indonesia. The Parties shall first attempt to resolve any dispute through good faith negotiations within thirty (30) days of written notice. If the dispute remains unresolved, it shall be subject to the exclusive jurisdiction of the courts of South Jakarta, and the Parties expressly waive any right to arbitration. Your Data shall be hosted in Indonesia. Standard Support under the Service Level Agreement shall be provided during UTC+8 business hours, Monday to Friday, 10:00 to 19:00. Parties understand that the language of the Agreement shall be bilingual (English and Bahasa Indonesia). The Parties agree to execute the Bahasa Indonesia version of this Agreement at a time agreed among the Parties, as may be required under further implementing regulations of Republic of Indonesia Law No. 24 of 2009 on National Flag, Language, Emblem and Song and the Bahasa Indonesia version shall be treated an integral and inseparable part of the English version. In the event of any inconsistency between the Bahasa Indonesia and English language texts, the English language text shall prevail.
5. United Arab Emirates: If You have signed the Order Form with Heuristix Digital Technologies L.L.C, having its registered office at 11th Floor, Office No. 1104, Ibn Battuta Gate Office Building, Jebel Ali First, Dubai, PO Box 415073, these Terms shall be governed by the laws of the Emirate of Dubai and the applicable federal laws of the United Arab Emirates. The Parties shall first attempt to resolve any dispute through good faith negotiations within thirty (30) days of written notice. If the dispute remains unresolved, it shall be subject to the exclusive jurisdiction of the Dubai Mainland courts, and the Parties expressly waive any right to arbitration. Your Data shall be hosted in the United Arab Emirates or the Kingdom of Saudi Arabia, depending on Your location and as agreed in the applicable Order Form. Standard Support under the Service Level Agreement shall be provided Sunday through Thursday, 08:30 to 17:30 (UTC+4).
6. Singapore: If You have signed the Order Form with Heuristix Digital Technologies Pte. Limited, having its registered office at #36 Robinson Road, #20-01, Singapore 068877, these Terms shall be governed by the laws of the Republic of Singapore. The Parties shall first attempt to resolve any dispute through good faith negotiations within thirty (30) days of written notice. If the dispute remains unresolved, it shall be subject to the exclusive jurisdiction of the courts of Singapore, and the Parties expressly waive any right to arbitration. Your Data shall be hosted in Singapore. StandardSupport under the Service Level Agreement shall be provided during UTC+8 business hours, Monday to Friday, 10:00 to 19:00.
7. Malaysia: If You have signed the Order Form with Heuristix Digital Technologies Sdn. Bhd., having its registered office at LOT 306, 3rd Floor, Tower 2, Faber Towers, Jalan Desa Bahagia, Taman Desa, Kuala Lumpur 58100, Malaysia, these Terms shall be governed by the laws of Malaysia. The Parties shall first attempt to resolve any dispute through good faith negotiations within thirty (30) days of written notice. If the dispute remains unresolved, it shall be subject to the exclusive jurisdiction of the courts of Kuala Lumpur, and the Parties expressly waive any right to arbitration. Your Data shall be hosted in Singapore. Standard Support under the Service Level Agreement shall be provided during UTC+8 business hours, Monday to Friday, 10:00 to 19:00.

1. These Data Processing Terms govern the processing of Personal Data by Us (Processor) on behalf of You (Data Fiduciary/Controller). These terms apply whenever We process Personal Data in connection with the provision of its Services to You as outlined in the Terms.
2. We agree that, we shall:
   1. Process Personal Data strictly in accordance with the these conditions and the written instructions of the Licensee/Data Fiduciary/Data Controller;
   2. Process Personal Data solely for the purpose of providing the Services as per the Terms.
   3. Hold all Personal Data in strict confidence.
   4. Limit access to Personal Data to its personnel who need to know it to perform the Services, ensuring they are trained, supervised, and bound by confidentiality agreements.
   5. Keep detailed, accurate, and up-to-date records regarding the Processing of Personal Data carried out for the Licensee.
   6. Not alter, change, or edit the Personal Data.
      
3. Data Security and Compliance:

• 1. We will develop, maintain, and implement a comprehensive written information security program that complies with industry standards and meets the requirements under Applicable Laws, including the use of technical and organizational measures (such as encryption) to ensure the security and confidentiality of Personal Data.
  2. We will ensure that Personal Data is not transferred, directly or indirectly, outside the applicable jurisdiction without the explicit written consent of the Licensee/Data Fiduciary or appropriate technical and contractual safeguards.
  3. We will ensure the Processing of Personal Data is in strict compliance with Applicable Laws and industry standards.
  4. Sub-processing: We will ensure to impose obligations on any Sub-processor that are identical to those imposed on the Processor under these terms. We understand fully that we are liable to You for the performance of the Sub-processor's obligations.
  5. Breach Management: We will notify You of any Security Breach involving Personal Data in the most expedient time possible, within the timelines prescribed under Applicable Laws from actual knowledge of the Breach. We will act immediately to investigate the Security Breach and to identify, prevent, and mitigate its effects.
  6. Data Return and Destruction: On expiry or termination of the Terms, or upon Your written request, We will immediately cease Processing the Personal Data. Within a maximum period of thirty (30) days from expiry, termination, or written request, we will return or destroy all Personal Data and delete all electronic records except when required to be retained under Applicable Law or for Audit purposes. We will ensure that our Sub-processors also comply with these destruction obligations.
  7. Order of Precedence: In case of any conflict or contradiction between these Data Processing Terms and the main Terms, the terms and conditions of this Data Processing Terms will supersede to the extent they relate to any Personal Data.

This Service Level Agreement (“SLA”) sets forth the support commitments provided by Disprz to the Customer for the Services.

1. Support Categories

1. 1. Disprz classifies support requests into two primary categories:
      1. Helpdesk Tickets: General queries, configuration support, and "how-to" requests.
      2. Bug Tickets: Issues requiring engineering intervention to resolve underlying defects in the product code.
2. Standard Support SLA: The following response and resolution times apply to customers on the Standard Support plan during Standard Support Operating Hours.

   Category 1: Helpdesk Tickets: Helpdesk severity is determined by business impact and the availability of workarounds.

   Severity Level	Definition	First Response SLA	Resolution Time SLA
   Urgent (1)	Critical issue blocking business-as-usual; no workaround (e.g., platform down).	1 Business Hour	8 Business Hours
   High (2)	Major functionality impacted; workaround available (e.g., major feature failure).	2 Business Hours	3 Business Days
   Medium (3)	Partial, non-critical impact; workaround available (e.g., minor errors).	3 Business Hours	5 Business Days
   Low (4)	Minimal impact or cosmetic; workaround available (e.g., typos).	3 Business Hours	10 Business Days

   Category 2: Bug Tickets: Bug SLAs are governed by fixed timelines based on severity and deployment cadence.

   Severity Level	Definition	First Response (with ETA)	Resolution Time SLA
   S1 - Urgent	Complete outage or major system failure affecting core functionality.	1 Business Day	1 Business Day
   S2 - High	Partial outage or degradation of core functionality impacting key workflows.	2 Business Days	15 Business Days
   S3 - Medium	Functional limitations or usability issues affecting non-critical features.	3 Business Days	60 Business Days
   S4 - Low	Cosmetic issues or minor defects that do not impact functionality.	3 Business Days	Based on available resources

3. Premium and Premium Plus Support: SLA commitments for Premium and Premium Plus Support plans are not governed by these standard terms. Such commitments shall be as per the specific Order Form or any written document signed between You and Us.
4. Dependency-Based SLA Tolling and Resumption: The calculation of Turnaround Time (TAT) for all applicable Service Level Agreements (including First Response Time and Resolution Time) shall be automatically tolled (i.e., paused) upon notification by Disprz to the Customer of any dependency on the Customer, including but not limited to requests for log files, URLs, replication details, internal testing, or approvals from the Customer’s IT team. The applicable SLA clock shall resume only upon the Customer’s formal response together with complete provision of the requested information or dependency inputs. For the avoidance of doubt, any ticket lacking sufficient replication parameters or required inputs from the Customer shall not be considered for SLA breach or adverse performance measurement until such parameters or inputs are duly provided.
5. We are committed to maintaining high service standards. Our SLA adherence is measured based on the percentage of incidents meeting the defined response and resolution times. We target an SLA adherence rate of 95% across all severity levels to align with SaaS industry standards. This benchmark is consistent with industry practices and ensures high service reliability and customer satisfaction.
6. Uptime Calculation: Service Availability is calculated as Availability (%) = (Total Time – Downtime) / Total Time × 100, where “Total Time” means the total number of minutes in the applicable calendar quarter, and “Downtime” means any period during which the platform’s core features are unavailable due to an unplanned service interruption attributable to the Service Provider.
7. Exclusions and Target: Downtime shall not include any unavailability, suspension, or degradation of the Service resulting from (i) scheduled maintenance notified in advance, (ii) emergency maintenance undertaken to address critical issues, (iii) outages or failures of third-party or cloud infrastructure providers, (iv) events beyond the Service Provider’s reasonable control, including force majeure events, or (v) issues arising from the Customer’s systems, networks, or use of the Service.
8. The Service Provider shall use commercially reasonable efforts to maintain an aggregated quarterly Service Availability of 99.5% subject to the foregoing exclusions.

1. Information Security Program: We maintain a comprehensive, risk-based information security program designed to protect the confidentiality, integrity, and availability of the Platform and Your Data. This program is aligned with internationally recognized standards, including ISO/IEC 27001:2022 and SOC 2 Type II, and includes administrative, technical, and physical safeguards appropriate to the nature of the Services.

2. Governance and Risk Management: We implement formal security governance practices, including defined security policies, roles, and responsibilities, periodic risk assessments, and continuous monitoring of security risks. Identified risks are evaluated and treated through appropriate mitigation measures, and the overall effectiveness of controls is reviewed on a regular basis.
3. Access Control and Identity Management: Access to systems and Your Data is restricted based on the principle of least privilege and role-based access controls (RBAC). We enforce strong authentication mechanisms, periodic access reviews, and timely revocation of access upon role change or termination. Privileged access is subject to enhanced controls and monitoring.
4. Data Protection and Encryption: We implement appropriate measures to protect Your Data, including encryption of data in transit using industry-standard protocols and encryption of data at rest where applicable. Data is logically segregated to prevent unauthorized access, and controls are in place to prevent unauthorized disclosure, alteration, or destruction.
5. Network and Infrastructure Security: We maintain secure network architectures, including firewalls, intrusion detection and prevention systems, and continuous monitoring of network activity. Vulnerability management processes, including regular scanning and timely patching, are implemented to address identified security weaknesses.
6. Secure Development and Change Management: We follow secure software development lifecycle (SDLC) practices, including code reviews, security testing, and vulnerability assessments. Changes to the Platform are subject to formal change management procedures, including testing, approval, and controlled deployment.
7. Incident Detection and Response: We maintain documented incident response procedures to detect, respond to, and recover from security incidents. Security events are monitored, logged, and analyzed, and appropriate corrective actions are taken in a timely manner. Where required under Applicable Law or contractual obligations, You will be notified of relevant security incidents.
8. Business Continuity and Disaster Recovery: We maintain business continuity and disaster recovery plans designed to ensure the availability and resilience of the Platform. Such plans are periodically tested and updated to support timely recovery of critical systems and data in the event of a disruption.
9. Vendor and Sub-processor Management: We conduct due diligence and risk assessments of third-party service providers and Sub-processors who may have access to Your Data. Appropriate contractual and security obligations are imposed to ensure that such third parties maintain adequate levels of data protection and security.
10. Audit and Compliance: We undergo periodic independent audits and assessments to validate compliance with ISO/IEC 27001:2022 and SOC 2 Type II standards. Upon reasonable request and subject to confidentiality obligations, we may make available relevant documents pertaining to these certifications.
11. Security Awareness and Training: Personnel with access to You Data are required to undergo regular security and privacy training and are bound by confidentiality obligations. We promote a culture of security awareness across its organization.
12. Continuous Improvement: We continuously monitor, evaluate, and improve our information security controls and processes to address evolving threats, technological changes, and regulatory requirements.
13. Your Audit Rights: We will provide You, upon written request, with available third-party compliance reports relevant to the Services (such as SOC 2 Type II, GDPR assessments, or VAPT reports, where applicable). These reports will serve as the primary proof of our compliance. If the above applicable compliance reports are not available or show issues that directly affect the Services and You require further verification for regulatory purposes, You may request an audit, provided that You give Us at least 30 business days’ prior written notice (to the extent permitted by Applicable Laws). Any such audit must be limited to systems and processes directly related to the contracted Services, may not exceed one (1) business day in duration, and may be conducted no more than once per contract year (unless there is a material breach by Us in respect of obligations pertaining to information security and data privacy in line with applicable laws). All audit costs shall be borne by You, including our personnel time, which rates shall be as per the prevailing rates for per person per day. We will address validated audit findings within mutually agreed timelines and will bear rectification costs only for issues that directly relate to its own contractual or regulatory non-compliance. We are not required to allow audits for routine or repeated verification where valid compliance reports have already been provided, nor to provide access to source code, platform architecture, or other customers’ data, or permit any audit activities that may compromise system security, confidentiality, or business operations 

This Article governs the access to and use of Opensource Artefacts made available through Platform:

1. Nature Of Opensource Artefacts: Opensource Artefacts are provided for informational and enablement purposes only. Such artefacts are sourced from third-party providers and are made available on a non-commercial, “as available” basis. Disprz does not guarantee the continued availability, accuracy, completeness, or suitability of any Opensource Artefacts.
2. Third-Party Ownership And Licensing: All Opensource Artefacts remain the intellectual property of their respective authors, licensors, or providers. Disprz does not claim any ownership, copyright, or proprietary rights over such artefacts. Use of Opensource Artefacts is subject to the applicable third-party licenses, and Users agree to comply with all such license terms.
3. No Commercial Rights Granted: Access to Opensource Artefacts through the Platform does not grant Users any commercial rights unless expressly permitted under the applicable third-party license. Disprz does not grant any additional rights beyond those provided by the original licensors.
4. Availability And Modifications: Disprz may, at its sole discretion and without prior notice: (i) modify, restrict, or discontinue access to any Opensource Artefacts; (ii) update or replace artefacts based on changes from third-party providers; and (iii) remove artefacts due to licensing, legal, or operational considerations
5. NO WARRANTIES: Open Source Artefacts are provided “as is” and “as available.” Disprz disclaims all warranties, express or implied, including but not limited to merchantability, fitness for a particular purpose, and non-infringement. Disprz does not warrant that such artefacts are free from errors, vulnerabilities, or harmful components.
6. LIMITATION OF LIABILITY: Disprz shall not be liable for any direct, indirect, incidental, special, or consequential damages arising out of or related to the use of, or inability to use, any Opensource Artefacts, including but not limited to issues arising from third-party changes, discontinuation, or licensing restrictions.
7. RESPONSIBILITY: You are solely responsible for: (i) reviewing and complying with applicable open source licenses; (ii) determining the suitability of Opensource Artefacts for their use; and (iii) ensuring compliance with applicable laws and regulations
8. PRECEDENCE: In the event of any conflict between this Opensource Artefacts Usage Terms and other terms governing the Platform, this Addendum shall prevail with respect to Open Source Artefacts.