Terms of Service Agreement
Terms of Service Agreement
This Terms of Service agreement (the “Agreement”) governs the terms and conditions under which Xdroid International N.V. (“Xdroid”, “we”, “us” or “our”) provides access to its software-as-a-service voice analytics platform, website, applications, APIs, documentation and related services (collectively, the “Service”) to the entity accepting this Agreement (“Customer”, “you” or “your”).
THIS AGREEMENT IS INTENDED FOR BUSINESS-TO-BUSINESS USE ONLY. THE SERVICE IS NOT OFFERED TO CONSUMERS OR FOR PERSONAL, FAMILY OR HOUSEHOLD PURPOSES.
BY CREATING AN ACCOUNT, CLICKING “I AGREE”, ACCESSING OR USING THE SERVICE, OR OTHERWISE ACCEPTING THIS AGREEMENT THROUGH THE XDROID WEBSITE, PORTAL OR CHECKOUT FLOW, CUSTOMER ACKNOWLEDGES THAT IT HAS READ, UNDERSTOOD AND AGREES TO BE BOUND BY THIS AGREEMENT, INCLUDING ALL DOCUMENTS INCORPORATED BY REFERENCE.
THE INDIVIDUAL ACCEPTING THIS AGREEMENT REPRESENTS AND WARRANTS THAT THEY HAVE FULL LEGAL AUTHORITY TO BIND CUSTOMER TO THIS AGREEMENT. IF AN INDIVIDUAL ACCEPTS THIS AGREEMENT USING AN EMAIL ADDRESS OR ACCOUNT ASSOCIATED WITH AN ENTITY, THAT ENTITY SHALL BE DEEMED THE CUSTOMER.
1. Definitions
In this Agreement, the following words and expressions have the meanings set out below.
“Affiliate” means in relation to a party, any company or other legal entity that controls, is controlled by, or is under common control with that party. “Control” means the ability to determine the management policies of an entity through ownership, voting rights, contract or otherwise.
“Applicable Law” means all laws, regulations, directives, decisions, orders, mandatory guidance and regulatory requirements applicable to a party, the Service, Customer Data, Customer use cases or the processing of Personal Data, including data protection, privacy, telecommunications, ePrivacy, call recording, employment, works council, consumer protection, artificial intelligence, export control and sanctions laws.
“Acceptable Use Policy” or “AUP” means the restrictions on Customer use of the Service set out in this Agreement and any separate acceptable use policy made available by Xdroid.
“Authorized User” means an employee, contractor, agent or other individual authorized by Customer to access the Service under Customer account credentials, subject to this Agreement and the applicable Subscription Plan.
“Business Customer” means any legal entity, organization, sole trader, professional, partnership, public-sector body, or other person acting for purposes relating to its trade, business, craft, profession, or organizational activities, and not as a consumer for personal, family, or household purposes.
“Confidential Information” has the meaning set out in Section 14.
“Customer Data” means all data, content, files, audio recordings, voice data, call recordings, transcripts, metadata, CRM data, prompts, instructions, text, materials and other information submitted, uploaded, transmitted, imported or otherwise made available to the Service by or on behalf of Customer or its Authorized Users.
“Data Processing Agreement” or “DPA” means the separate data processing agreement made available by Xdroid and incorporated into this Agreement, as updated from time to time in accordance with this Agreement.
“Documentation” means all user documentation, manuals, instructions, help files, technical requirements and usage guidelines made available by Xdroid in relation to the proper use of the Service.
“Effective Date” means the date on which Customer first accepts this Agreement, creates an account, orders a Subscription Plan, pays for the Service, or accesses the Service, whichever occurs first.
“Fees” means all subscription fees, usage fees, overage fees, support fees, professional services fees and other amounts payable by Customer for the Service under the applicable Subscription Plan or online order.
“Output” means transcripts, summaries, scores, labels, classifications, dashboards, reports, alerts, analytics, recommendations, exports or other results generated by or through the Service from Customer Data or Customer use of the Service.
“Personal Data” has the meaning given to it in the DPA and Applicable Law.
“Privacy Policy” means the Xdroid privacy policy made available by Xdroid, explaining how Xdroid processes personal data in connection with its website, account administration, marketing, billing and other activities for which Xdroid acts as controller.
“Service Level Agreement” or “SLA” means the separate service level agreement made available by Xdroid and incorporated into this Agreement, if and to the extent applicable to Customer Subscription Plan.
“Service” means the software-as-a-service platform, infrastructure, applications, APIs, websites, Documentation, support interfaces and related services made available by Xdroid, including any Updates and Upgrades made available by Xdroid.
“Subscription Plan” means the applicable package, plan, tier, usage entitlement, limits, features, support level, Subscription Term and Fees selected by Customer through the Xdroid website, portal, checkout flow or other Xdroid-approved ordering process. Xdroid may change available Subscription Plans in accordance with this Agreement.
“Subscription Term” means the initial subscription period selected by Customer and each renewal subscription period for the applicable Subscription Plan.
“Usage Data” means technical, operational, diagnostic, performance, security, telemetry, usage and statistical data relating to use, performance, operation, support, security and improvement of the Service, excluding Customer Data except in aggregated or de-identified form as permitted by the DPA and Applicable Law.
“Update” means a release of the Service containing improvements, patches, fixes or adjustments, excluding major structural changes or new important features unless Xdroid determines otherwise.
“Upgrade” means a release of the Service containing major changes to the structure or functionality of the Service, including important new features, as determined by Xdroid.
“Website” means the Xdroid website at www.xdroidinsights.com or such other website or portal made available by Xdroid from time to time.
2. B2B Scope, Clickwrap Acceptance and Incorporated Terms
2.1 Business use only
The Service is provided solely for internal business use by Business Customers. Customer shall not access or use the Service as a consumer or for personal, family or household purposes. To the maximum extent permitted by Applicable Law, consumer protection rules, withdrawal rights and similar mandatory consumer rights do not apply to this Agreement.
2.2 Clickwrap acceptance
Customer accepts this Agreement by creating an account, clicking “I agree”, accessing or using the Service, completing an online order, or otherwise accepting the Agreement through an Xdroid-controlled registration, login, portal or checkout process. Xdroid may rely on account registration data, acceptance logs, timestamps, IP addresses, user IDs, domain names, version numbers and related records as evidence of Customer acceptance.
2.3 Incorporated documents
The following documents are incorporated into and form part of this Agreement, as applicable: (a) the DPA; (b) the Privacy Policy; (c) the SLA; (d) the applicable Subscription Plan; (e) any AUP, support terms, security terms or service-specific terms made available by Xdroid; and (f) the Documentation. By accepting this Agreement, Customer accepts all documents incorporated by reference. Xdroid is allowed to change the aforementioned agreements from time to time and will notify Customer when doing so.
2.4 Order of precedence
In the event of any conflict or inconsistency between the documents forming this Agreement, the following order of precedence shall apply, but only for the subject matter expressly identified below: (a) the Data Processing Agreement shall prevail solely with respect to the processing of Personal Data; (b) the applicable Subscription Plan or online order shall prevail solely with respect to the selected plan, Subscription Term, usage limits, Fees, billing frequency and purchased entitlements; (c) the Service Level Agreement shall prevail solely with respect to service availability commitments, service credits and remedies for downtime; (d) these Terms of Service shall prevail with respect to all other legal, commercial and contractual matters; and (e) the Privacy Policy, Documentation, Acceptable Use Policy, support terms, security terms and other referenced policies shall apply only to the extent they do not conflict with the foregoing documents, unless expressly stated otherwise. For the avoidance of doubt, these Terms of Service are the primary agreement governing Customer’s access to and use of the Service, except where a more specific incorporated document expressly governs its designated subject matter.
2.5 No Customer terms; no redlines
No purchase order, vendor portal term, procurement term, customer policy, security questionnaire, email, acceptance form, click-through term or other Customer document shall modify, supplement or override this Agreement, even if submitted, accepted, processed or not objected to by Xdroid. Any such terms are rejected and shall be void unless expressly agreed in a written amendment signed by an authorized legal representative of Xdroid.
3. Subscription Access and Use Rights
3.1 Subscription access only
Xdroid provides the Service solely on a subscription access basis. Subject to Customer compliance with this Agreement, timely payment of all Fees and the applicable Subscription Plan, Xdroid grants Customer a limited, revocable, non-exclusive, non-transferable, non-sublicensable right during the applicable Subscription Term to access and use the Service for Customer’s internal business purposes only. No software, source code, object code, model, algorithm, documentation, technology or intellectual property is sold or transferred to Customer.
3.2 Plan limits
Customer access to the Service is limited to the features, usage limits, data volumes, user limits, storage limits, API limits, support level and Subscription Term set out in the applicable Subscription Plan.
3.3 Updates and changes
Xdroid may make Updates, Upgrades and other changes to the Service from time to time. Xdroid may modify, replace, suspend, discontinue, limit or add features, integrations, APIs, models, analytics, dashboards, support processes or other components of the Service, provided that Xdroid will not materially reduce the core functionality of a paid Subscription Plan during the then-current Subscription Term except where necessary for security, legal compliance, third-party dependency changes, misuse, product integrity or operational reasons.
3.4 Documentation
The Documentation shall be the most recent version made available by Xdroid in the English language. Customer acknowledges that the Documentation is protected by copyright and may be reproduced or translated only as permitted by this Agreement. Any translations and copies of Documentation are derivative works owned by Xdroid.
4. Restrictions and Acceptable Use
4.1 Prohibited acts
Customer shall not, and shall not permit any third party to: (a) copy, reproduce, distribute, publish, lend, rent, lease, sell, resell, sublicense, assign, transfer or otherwise make the Service available to any person other than Authorized Users; (b) use the Service to provide outsourcing, timesharing, service bureau, managed service, SaaS, cloud or similar services to third parties; (c) modify, translate, reverse engineer, decompile, disassemble or create derivative works of the Service except to the limited extent such restriction is expressly prohibited by mandatory law; (d) remove proprietary notices or labels; (e) separate, remove, replace or independently use any component software provided with the Service; or (f) access or use the Service except as expressly permitted by this Agreement.
Customer shall not use the Service or any Output to develop, train, improve, benchmark, validate or commercialize any competing product or service, or to extract, infer, reconstruct or replicate any model, algorithm, scoring logic, taxonomy, prompt, workflow, architecture, database, analytics methodology or underlying technology of Xdroid.
4.2 Acceptable use
Customer shall not use the Service to: (a) violate Applicable Law or third-party rights; (b) process unlawful, harmful, infringing, deceptive, discriminatory or abusive content; (c) interfere with the security, integrity, performance or availability of the Service; (d) conduct vulnerability testing, penetration testing, scraping, load testing or automated querying without Xdroid’s prior written approval; (e) circumvent usage limits, access controls, security controls or billing mechanisms; (f) transmit malware or malicious code; (g) create or support unlawful surveillance, unlawful recording, unlawful employment monitoring or discriminatory decision-making; or (h) use the Service in any prohibited or restricted artificial intelligence, biometric identification, emotion recognition or regulated use case unless expressly permitted by Xdroid and lawful under Applicable Law.
4.3 Third-party access
Customer is responsible for all use of the Service by its Authorized Users, Affiliates, contractors, agents and any person accessing the Service through Customer accounts, credentials, integrations or systems, whether or not such use is authorized by Customer.
5. Xdroid General Obligations
5.1 Provision of Service
During the applicable Subscription Term and subject to this Agreement, Xdroid will make the Service available to Customer in accordance with the applicable Subscription Plan.
5.2 Support
Xdroid will provide support only to the extent included in the applicable Subscription Plan or SLA. Xdroid has no obligation to provide implementation, configuration, legal, compliance, data migration, custom development, professional services or dedicated support unless separately agreed by Xdroid.
5.3 Security
Xdroid will maintain reasonable technical and organizational measures designed to protect the Service under Xdroid control, as further described in the DPA or security documentation made available by Xdroid. Customer acknowledges that no online service can be guaranteed to be completely secure, uninterrupted or error-free.
6. Customer Responsibilities
6.1 Customer systems and use cases
Customer is solely responsible for: (a) determining whether the Service is appropriate for Customer intended use cases; (b) configuring the Service; (c) all Customer systems, networks, devices, telephony systems, CRM systems, contact center systems, integrations and third-party services used with the Service; (d) the accuracy, legality, quality and integrity of Customer Data; and (e) all decisions, actions and omissions based on use of the Service or Outputs.
6.2 Legal compliance
Customer represents and warrants that it has and will maintain all rights, permissions, consents, notices, lawful bases, approvals and authorizations required to upload, connect, record, transmit, process, analyze, store and otherwise use Customer Data through the Service. Customer is solely responsible for compliance with all Applicable Law relating to Customer Data and Customer use of the Service, including data protection, privacy, telecommunications, ePrivacy, call recording, employment, works council, consumer protection, artificial intelligence, financial services, outsourcing, monitoring and sector-specific laws.
6.3 No reliance on Xdroid for compliance
Customer acknowledges that Xdroid does not determine Customer use cases, legal bases, notice requirements, consent requirements, retention periods, access rights, employment policies, call scripts, regulatory classifications or whether Customer use of the Service is lawful. Customer shall not rely on the Service, Outputs, Documentation or Xdroid support as legal, regulatory, employment, HR, financial, medical or other professional advice.
6.4 Human review
Customer shall implement appropriate human review, oversight, governance, audit and escalation processes for all Outputs and for all decisions, actions or communications based on Outputs, especially where Customer use may affect individuals, employees, customers, consumers, regulated activities, legal rights, contractual rights or employment matters.
7. Voice Analytics, Recording and AI-Specific Terms
7.1 Recording and communications compliance
Customer is solely responsible for ensuring that all audio, calls, meetings, communications and interactions processed through the Service have been lawfully recorded, captured, disclosed, transferred, transcribed, monitored and analyzed. Customer shall provide all notices and obtain all consents or approvals required from callers, employees, agents, representatives, customers, consumers and other individuals before using the Service.
7.2 AI and analytics governance
Customer is solely responsible for classifying and governing its use of the Service under Applicable Law relating to artificial intelligence, automated processing, profiling, analytics, biometric data, emotion recognition and automated decision-making. Customer shall not use the Service in any prohibited AI practice or high-risk, regulated or sensitive use case unless Customer has independently determined that such use is lawful and has implemented all legally required safeguards, notices, policies, oversight, documentation, logging and human review.
8. Accounts, Registration and Security
8.1 Registration
Customer shall register for the Service in accordance with Xdroid’s then-current registration process and shall provide accurate, complete and current account, billing and contact information.
8.2 Account administration
Customer is solely responsible for administering its account, assigning and removing Authorized Users, configuring roles and permissions, managing and safeguarding passwords, credentials, tokens and API keys, and promptly disabling access for individuals who no longer require access.
8.3 Unauthorized access
Customer shall promptly notify Xdroid of any actual or suspected unauthorized access to the Service, compromise of credentials, security incident involving Customer systems or Customer Data, or misuse of the Service. Xdroid may suspend, revoke or rotate credentials, tokens or API keys where Xdroid reasonably believes this is necessary to protect the Service, Customer, Xdroid or third parties.
9. Fees, Payment, Taxes, Renewal and Cancellation
9.1 Fees and payment
Customer shall pay all Fees in accordance with the applicable Subscription Plan. Fees are payable in advance on a recurring monthly, annual or other basis selected by Customer. Xdroid may use third-party payment processors to facilitate payments. By submitting payment information, Customer authorizes Xdroid and its payment processors to charge the applicable payment method for all Fees.
9.2 Currency and taxes
All amounts payable under this Agreement shall be in euros (EUR), unless Xdroid states otherwise. Fees are exclusive of all taxes, duties, levies, charges, withholdings and similar governmental charges, including VAT, GST, sales tax, use tax, digital services tax and withholding tax, unless Xdroid expressly states that a price is tax-inclusive. Customer is responsible for all taxes arising from Customer’s purchase, access to or use of the Service, except for taxes imposed on Xdroid’s net income, corporate profits, employment, payroll or property. Xdroid may invoice, charge and collect taxes where required or permitted by applicable law or payment-processor requirements.
Where reverse charge, self-assessment, use tax, import VAT or similar treatment applies, Customer is responsible for declaring and paying the applicable tax and shall not reduce any payment to Xdroid on that basis. If Customer is required by law to deduct or withhold tax from any payment to Xdroid, Customer shall gross up the payment so that Xdroid receives the full amount it would have received without such deduction or withholding, and Customer shall provide Xdroid with reasonable evidence of remittance.
Customer shall provide accurate billing and tax information, including VAT, GST, sales tax or other tax registration numbers, exemption certificates, withholding forms, reverse-charge information and other documentation reasonably requested by Xdroid. If Customer fails to provide valid documentation in time, Xdroid may charge applicable taxes, treat the transaction as taxable, and is not required to refund or credit taxes except where required by law. Customer remains responsible for any taxes, penalties, interest or costs arising from inaccurate information, incorrect tax status, missing documentation or Customer’s failure to comply with applicable tax obligations.
9.3 Subscription changes and overages
Customer may change its Subscription Plan only through the Xdroid portal or another Xdroid-approved process. Upgrades, overages, usage-based charges and additional features may be charged immediately or in the next billing cycle. Downgrades may cause loss of features, capacity, data access or functionality, and Xdroid is not liable for such loss.
9.4 Price changes
Xdroid may change pricing for the Service by providing at least thirty (30) days notice through the Website, portal, email, invoice, application or other reasonable method. Price changes will apply from the next renewal or billing cycle unless otherwise stated by Xdroid or required by Applicable Law.
9.5 No refunds
All Fees are non-cancellable and non-refundable except as expressly stated in this Agreement or required by Applicable Law. Cancellation takes effect at the end of the then-current paid Subscription Term unless Xdroid terminates or suspends access earlier under this Agreement. Customer remains responsible for all Fees incurred before cancellation becomes effective.
9.6 Non-payment
If Customer fails to pay Fees when due, Xdroid may suspend or terminate access to the Service, charge interest and collection costs to the maximum extent permitted by Applicable Law, require payment by alternative methods, disable features or withhold support until all outstanding amounts are paid.
10. SLA, Service Changes, Maintenance, Third-Party Services and Beta Features
10.1 SLA sole remedy
Any remedies, credits or service commitments set out in the SLA constitute Customer’s sole and exclusive remedy, and Xdroid’s sole and exclusive liability, for any unavailability, downtime, degradation, delay, interruption or failure of the Service, except to the extent such limitation is prohibited by Applicable Law.
10.2 SLA exclusions
The SLA does not apply to downtime or performance issues caused by Customer systems, Customer Data, third-party services, integrations, telecommunications providers, payment providers, force majeure events, beta features, scheduled maintenance, emergency maintenance, misuse, excessive usage, security incidents not caused by Xdroid, or suspension in accordance with this Agreement.
10.3 Maintenance
Xdroid may perform scheduled or emergency maintenance, updates, security work or operational changes. Xdroid will use commercially reasonable efforts to provide advance notice of scheduled maintenance where practicable, but may perform emergency maintenance without notice where necessary to protect the Service, Customer, Xdroid or third parties.
10.4 Third-party services
The Service may interoperate with or depend on third-party services, systems, platforms, APIs, models, cloud providers, payment providers, telephony providers, CRM systems, contact center systems or integrations. Xdroid is not responsible for third-party services, third-party terms, third-party outages, API changes, rate limits, security incidents, data loss or changes in third-party functionality. Customer use of third-party services is governed by Customer’s relationship with the relevant third party.
11. Data Protection, DPA and Privacy Policy
11.1 DPA
To the extent Xdroid processes Personal Data on behalf of Customer in connection with the Service, the DPA applies. Customer is the controller or processor, as applicable, of Customer Data, and Xdroid processes such Personal Data only as described in the DPA and this Agreement. Customer is solely responsible for determining the lawful basis for processing and for ensuring that Customer use of the Service complies with Applicable Law.
11.2 Privacy Policy
The Privacy Policy explains how Xdroid processes personal data in connection with its website, account administration, marketing, billing and other activities for which Xdroid acts as controller. The Privacy Policy does not modify the allocation of responsibility under the DPA and does not create any warranty, service commitment, indemnity or liability obligation beyond those expressly set out in this Agreement.
11.3 Customer instructions
Customer instructs Xdroid to process Customer Data and Personal Data as necessary to provide, secure, support, maintain and improve the Service, to comply with this Agreement and the DPA, and to comply with Applicable Law. Customer shall not instruct Xdroid to process Personal Data in violation of Applicable Law.
11.4 Subprocessors
Customer authorizes Xdroid to use subprocessors as described in the DPA. Xdroid may update its subprocessors in accordance with the DPA.
12. Customer Data, Outputs, Usage Data and Feedback
12.1 Customer ownership
As between the parties, Customer retains ownership of Customer Data. Customer grants Xdroid and its Affiliates, subcontractors and subprocessors a worldwide, non-exclusive, royalty-free license to host, copy, transmit, process, analyze, display, create Outputs from and otherwise use Customer Data as necessary to provide, secure, support, maintain and improve the Service, to comply with this Agreement and the DPA, and to comply with Applicable Law.
12.2 Outputs
Subject to Xdroid ownership of the Service and underlying technology, Customer may use Outputs generated from Customer Data for its internal business purposes during the Subscription Term. Xdroid does not assign or transfer any rights in models, algorithms, prompts, workflows, taxonomies, templates, scoring logic, analytics methodologies, know-how or other Xdroid technology embodied in, used to generate, or reflected by Outputs.
12.3 Usage Data and aggregated data
Xdroid may collect and use Usage Data to operate, secure, support, monitor, analyze and improve the Service, including to monitor performance, prevent abuse, troubleshoot issues, test features and develop aggregated statistics, provided that such use is carried out in accordance with the DPA and Applicable Law. To the extent Usage Data contains Personal Data, Xdroid shall process such Personal Data only as permitted under the DPA, Customer’s documented instructions, or another valid role and lawful basis identified by Xdroid under Applicable Law.
Xdroid may create and use aggregated or anonymized data derived from the Service, provided that such data does not identify Customer, any Authorized User, any Data Subject or any other individual and is not reasonably capable of being re-identified. Xdroid shall not use Customer Data or Customer Personal Data to train or improve generalized models for the benefit of other customers unless expressly permitted under the DPA, the applicable Subscription Plan, product settings, or a separate explicit agreement with Customer.
Xdroid shall not disclose Customer Confidential Information or Customer Personal Data in an identifiable form except as permitted by this Agreement, the DPA or Applicable Law.
12.4 Data export and deletion
Customer is responsible for exporting Customer Data before termination or expiry of the applicable Subscription Term. After termination or expiry, Xdroid may delete, deactivate or retain Customer Data in accordance with the DPA, Xdroid’s retention practices and Applicable Law. Xdroid has no obligation to retain Customer Data after termination except as expressly required by the DPA or Applicable Law. Backups, logs, security records, billing records and legal records may be retained for limited periods in accordance with Xdroid policies and Applicable Law.
13. Intellectual Property Rights and Title
13.1 Xdroid ownership
Title, ownership rights and all Intellectual Property Rights in and to the Service shall remain with Xdroid, its licensors, suppliers and representatives. The Service is protected by copyright laws and international copyright treaties. Except as expressly provided in this Agreement, all right, title and interest in and to the Service remains with Xdroid and its licensors, suppliers and representatives.
Xdroid owns and retains all rights in the Service, Documentation, APIs, models, algorithms, workflows, templates, taxonomies, scoring logic, analytics methodologies, prompts, software, architecture, interfaces, databases, designs, improvements, modifications, derivative works, know-how, Usage Data and all related Intellectual Property Rights.
13.2 No implied rights
No rights are granted to Customer except as expressly stated in this Agreement. Customer receives no ownership interest, license or right in any Xdroid Intellectual Property Rights by implication, exhaustion, estoppel or otherwise.
13.3 Third-party content
Title, ownership rights and Intellectual Property Rights in and to content accessed through the Service are the property of the applicable content owner and may be protected by applicable law. This Agreement gives Customer no rights to such content except as expressly provided herein.
14. Confidential Information
14.1 Definition
For the purposes of this Agreement, “Confidential Information” means any information disclosed or made available by or on behalf of a party to the other party, whether before or after the Effective Date, in any form, that is not publicly available and that relates to the disclosing party’s business, technology or operations, including pricing, commercial terms, proposals, business plans, customer and supplier information, financial, marketing and strategic information, trade secrets, proprietary know-how, technical information, software, APIs, system architecture, models, algorithms, machine learning models, training methodologies, analytics methodologies, scoring logic, Documentation, product roadmaps, designs, specifications, improvements, non-public performance information, security information and the existence and terms of this Agreement.
14.2 Exclusions
Confidential Information does not include information that the receiving party can demonstrate through contemporaneous written records: (a) was lawfully in its possession without restriction before disclosure; (b) becomes publicly available through no breach of this Agreement; (c) is lawfully received from a third party without breach of any confidentiality obligation; or (d) is expressly approved in writing by the disclosing party for release. Independent development applies only where the receiving party can demonstrate that such development occurred without access to or use of the Confidential Information.
14.3 Obligations
The receiving party shall: (a) use Confidential Information solely for the purposes of performing or receiving the Service under this Agreement; (b) not disclose Confidential Information to any third party except to employees, Affiliates, contractors and professional advisers who have a strict need to know and are bound by confidentiality obligations at least as protective as those set out herein; (c) protect Confidential Information using at least the same degree of care it uses to protect its own confidential information of a similar nature, and in no event less than reasonable care; and (d) not analyze, decompile, disassemble, reverse engineer or otherwise attempt to derive the source code, underlying structure, algorithms, models or methodologies of any Confidential Information disclosed in connection with the Service, except to the limited extent expressly prohibited by mandatory law.
15. Limited Warranty and Disclaimers
15.1 Limited warranty
Xdroid represents that it is the owner or licensee of all Intellectual Property Rights in and to the Service and that, to Xdroid’s knowledge, there is no pending litigation against Xdroid that would materially impact its ability to perform its obligations under this Agreement.
15.2 Warranty exclusions
Xdroid shall have no obligation or liability with regard to any error or noncompliance with the warranties set forth above that is caused, in whole or in part, by: (a) modifications or alterations to the Service not made by Xdroid; (b) use of the Service other than as contemplated in this Agreement or the Documentation; (c) products, services, data, integrations or systems not provided by Xdroid; (d) negligence, misconduct or breach by Customer; (e) electrical, network, telecommunication, cloud or third-party malfunction; or (f) Customer Data, content owners, end users or other third parties.
15.3 General disclaimer
EXCEPT FOR THE WARRANTIES EXPRESSLY PROVIDED IN THIS SECTION, THE SERVICE, DOCUMENTATION, OUTPUTS AND SUPPORT ARE PROVIDED “AS IS” AND “AS AVAILABLE”. TO THE FULLEST EXTENT PERMITTED BY LAW, XDROID AND ITS AFFILIATES DISCLAIM ALL WARRANTIES, WHETHER EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING ANY WARRANTY OF MERCHANTABILITY, SATISFACTORY QUALITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, COMPATIBILITY, SECURITY, TIMELINESS, COMPLETENESS OR ACCURACY. XDROID DOES NOT WARRANT THAT USE OF THE SERVICE WILL BE UNINTERRUPTED, ERROR-FREE, SECURE, AVAILABLE AT ANY PARTICULAR TIME, OR THAT ALL DEFECTS WILL BE CORRECTED. TO THE EXTENT A WARRANTY CANNOT BE DISCLAIMED AS A MATTER OF LAW, THE SCOPE AND DURATION OF SUCH WARRANTY WILL BE THE MINIMUM PERMITTED UNDER APPLICABLE LAW.
15.4 Voice analytics and AI output disclaimer
Outputs are machine-generated or analytically generated and may be inaccurate, incomplete, delayed, biased, misleading, mistranscribed, mistranslated, misclassified or unsuitable for Customer purposes. Xdroid does not warrant the complete accuracy, completeness or reliability of transcripts, speaker identification, sentiment, emotion, topic, quality, compliance, risk, intent, outcome, summary, recommendation, score, dashboard, alert or other Output. Customer is solely responsible for reviewing Outputs before relying on them and for all decisions, actions, communications, employment measures, customer interactions, compliance determinations and business processes based on Outputs.
16. Indemnification
16.1 Xdroid IP indemnity
Xdroid will defend Customer against any third-party claim alleging that the Service, as provided by Xdroid and used by Customer in accordance with this Agreement, infringes that third party’s intellectual property rights. Xdroid will indemnify Customer for damages and reasonable legal costs finally awarded by a competent court or agreed in a settlement approved by Xdroid.
Xdroid will have no obligation for any claim arising from: (a) Customer Data; (b) Customer’s instructions, configuration, use case, or business process; (c) use of the Service in breach of this Agreement, the Documentation, or applicable law; (d) modification of the Service by anyone other than Xdroid; (e) combination of the Service with third-party products, services, data, systems, or content not provided by Xdroid; (f) continued use after Xdroid provides a reasonable workaround or replacement.
If an infringement claim is made or reasonably expected, Xdroid may, at its option: (a) procure the right for Customer to continue using the Service; (b) modify or replace the Service so that it is no longer allegedly infringing; or (c) terminate the affected Service and provide a pro-rata refund of prepaid unused Fees for the affected Service. This clause states Customer’s sole and exclusive remedy, and Xdroid’s sole liability, for intellectual property infringement claims.
16.4 Customer indemnity
Customer will defend, indemnify, and hold harmless Xdroid, its Affiliates, directors, officers, employees, licensors, suppliers, and subcontractors against any third-party claim, regulatory complaint, investigation, fine, penalty, loss, damage, cost, or expense to the extent arising from:
(a) Customer Data, including call recordings, transcripts, prompts, imports, CRM data, metadata, or other content submitted to or processed through the Service;
(b) Customer’s use of the Service or Outputs in breach of this Agreement, the Documentation, the DPA, or applicable law;
(c) Customer’s failure to provide required notices, obtain required consents, establish a lawful basis, or comply with call recording, data protection, employment, telecommunications, ePrivacy, AI, consumer protection, or sector-specific laws;
(d) any claim by Customer’s employees, contractors, agents, callers, customers, end users, data subjects, works councils, regulators, or other third parties relating to Customer’s recording, transcription, monitoring, analysis, use, retention, disclosure, or transfer of communications or personal data;
(e) Customer’s products, services, scripts, disclosures, business practices, decisions, actions, or omissions based on the Service or Outputs; or
(f) Customer’s systems, credentials, integrations, security controls, or unauthorized access caused by Customer.
16.5 Procedures
A party seeking indemnification shall promptly notify the indemnifying party in writing of the claim and provide reasonable assistance at the indemnifying party expense. Failure to provide timely notice or assistance relieves the indemnifying party of its obligations only to the extent materially prejudiced. The indemnifying party has the right to control the defense and settlement of the claim, except that it may not agree to any settlement that admits fault by, imposes non-monetary obligations on, or fails to unconditionally release the indemnified party without that party’s prior written consent. The indemnified party may participate in the defense with counsel of its choice at its own expense.
17. Limitation of Liability
17.1 Exclusion of indirect damages
TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, XDROID SHALL NOT BE LIABLE FOR ANY SPECIAL, INCIDENTAL, INDIRECT, PUNITIVE, EXEMPLARY OR CONSEQUENTIAL DAMAGES, OR FOR LOSS OF PROFITS, REVENUE, BUSINESS, GOODWILL, ANTICIPATED SAVINGS, DATA, USE, PRODUCTION OR BUSINESS OPPORTUNITY, WHETHER FORESEEABLE OR UNFORESEEABLE, ARISING OUT OF OR IN CONNECTION WITH THIS AGREEMENT, EVEN IF XDROID HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES AND REGARDLESS OF WHETHER THE CLAIM IS BASED IN CONTRACT, TORT, NEGLIGENCE, STRICT LIABILITY, STATUTE, INDEMNITY OR OTHERWISE.
17.2 Liability cap
TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, XDROID TOTAL AGGREGATE LIABILITY ARISING OUT OF OR RELATING TO THIS AGREEMENT SHALL NOT EXCEED THE FEES PAID BY CUSTOMER TO XDROID FOR THE AFFECTED SERVICE DURING THE THEN-CURRENT SUBSCRIPTION TERM GIVING RISE TO THE CLAIM. IF THE APPLICABLE SUBSCRIPTION TERM IS LONGER THAN TWELVE (12) MONTHS, THE CAP SHALL NOT EXCEED THE FEES PAID FOR THE TWELVE (12) MONTHS IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO THE CLAIM.
18. Term, Renewal, Suspension and Termination
18.1 Agreement term
This Agreement begins on the Effective Date and continues until all Subscription Plans have expired or have been terminated and all accounts have been closed, unless terminated earlier in accordance with this Agreement.
18.2 Subscription term and renewal
Each Subscription begins on the date stated in the applicable Subscription Plan, online order or checkout flow and continues for the selected Subscription Term. Unless cancelled before the end of the then-current Subscription Term, each Subscription automatically renews for successive periods equal to the expiring Subscription Term or as otherwise stated in the Subscription Plan.
18.3 Cancellation
Customer is solely responsible for properly cancelling its Subscription through the Xdroid portal or other Xdroid-approved cancellation process. Email or phone requests do not constitute cancellation unless Xdroid expressly confirms cancellation in writing. Cancellation takes effect at the end of the then-current paid Subscription Term unless otherwise stated by Xdroid. Fees are non-refundable and Customer remains responsible for all accrued Fees.
18.4 Suspension
Xdroid may suspend, restrict, throttle or disable Customer access to all or part of the Service immediately if: (a) Customer has failed to pay Fees; (b) Customer has breached this Agreement, the DPA or the AUP; (c) suspension is required by a regulator, court or governmental authority; or (d) suspension is necessary to protect the Service, Xdroid, Customer or third parties. Xdroid has no liability for suspension in accordance with this Agreement.
18.5 Termination by Xdroid
Xdroid may terminate this Agreement, any Subscription Plan or Customer account immediately on notice if Customer materially breaches this Agreement or the DPA, fails to pay Fees, uses the Service unlawfully or in a way that creates risk to Xdroid or third parties, becomes insolvent, or if Xdroid is required to do so by Applicable Law, regulator, court, third-party provider or operational necessity.
18.6 Effect of termination
Upon termination or expiry: (a) Customer right to access and use the Service ends immediately; (b) Customer shall stop using the Service and Documentation; (c) all unpaid Fees become immediately due; (d) Xdroid may delete or deactivate Customer accounts and Customer Data in accordance with Section 12.5 and the DPA; and (e) provisions intended to survive shall remain in effect.
18.7 Survival
All terms of this Agreement that by their nature extend beyond termination or expiry shall survive, including provisions relating to Fees, taxes, restrictions, Customer responsibilities, data rights, Intellectual Property Rights, Confidential Information, disclaimers, indemnification, limitation of liability, termination effects, governing law, forum, notices and miscellaneous provisions.
19. Force Majeure
Except for payment obligations, neither party shall be liable for delay or non-performance to the extent caused by events beyond its reasonable control that were not reasonably foreseeable and whose effects could not reasonably be overcome without unreasonable expense or loss of time. Events of force majeure include war, acts of government, natural disasters, fire, explosions, civil unrest, strikes, labor disputes, epidemics, pandemics, supply chain disruption, internet or telecommunications failures, cloud provider failures, cyberattacks, denial-of-service attacks and failures of third-party services.
20. Notices
Except as otherwise provided herein, legal notices shall be in writing and deemed given upon receipt if delivered by hand, internationally recognized courier, certified mail return receipt requested, or other method expressly accepted by Xdroid. Xdroid may provide operational, billing, product, security, policy, renewal, price-change and other non-legal notices by email, invoice, account portal, in-product notice, Website posting or other reasonable electronic means. Notices to Xdroid shall be sent to Xdroid International N.V., Attn: Legal Department, at the address made available on the Website or in the Xdroid portal from time to time. Notices to Customer may be sent to the account, billing, legal or administrator contact details provided by Customer.
21. Assignment and Subcontracting
Customer may not assign, transfer or novate this Agreement without Xdroid prior written consent, except to a successor of Customer in connection with a merger, corporate reorganization or sale of substantially all assets, provided that the successor is not a competitor of Xdroid or its suppliers and Customer and the assignee remain jointly and severally liable for all obligations arising before the assignment. Any attempted assignment in breach of this Section is void.
Xdroid may freely assign, transfer, subcontract, delegate or otherwise dispose of all or any of its rights or obligations under this Agreement without Customer consent. Xdroid remains responsible for its obligations under this Agreement to the extent required by Applicable Law and the DPA.
22. Independent Contractors and No Third-Party Beneficiaries
Nothing in this Agreement creates, evidences or implies any agency, partnership, employment relationship, fiduciary relationship or joint venture between the parties. Neither party shall act or describe itself as agent of the other or represent that it has authority to make commitments on the other party’s behalf. Except for Xdroid Affiliates, licensors, suppliers, subcontractors and representatives entitled to protection under indemnity, disclaimer and limitation provisions, there are no third-party beneficiaries of this Agreement.
23. Updates to Terms
Xdroid may update this Agreement and incorporated documents from time to time by posting the updated version on the Website, making it available in the Service, notifying Customer electronically, or requiring renewed clickwrap acceptance. Unless otherwise stated, updates apply upon renewal of the applicable Subscription Term or, for free, trial or month-to-month subscriptions, thirty (30) days after notice. Updates may apply immediately where required for security, legal compliance, product integrity, third-party dependency changes, misuse prevention or Applicable Law. Customer continued use of the Service after the effective date of an update constitutes acceptance of the updated terms.
24. Governing Law and Forum
This Agreement, its interpretation, performance and any breach thereof shall be construed in accordance with the laws of Belgium, excluding its conflict of laws rules. The parties irrevocably submit any dispute arising out of or relating to this Agreement to the exclusive jurisdiction of the competent courts located in Antwerp, Belgium.
25. Miscellaneous
25.1 Severability
If any provision of this Agreement is declared void, voidable, illegal or unenforceable by a competent authority, the remaining provisions shall continue in full force and effect. The authority making such determination shall have the power to limit, construe or reduce the duration, scope, activity or area of such provision, or delete specific words or phrases, as necessary to render such provision enforceable.
25.2 Waiver
No failure or delay by either party in exercising any right or remedy shall constitute a waiver. Any waiver must be in writing and applies only to the specific instance for which it is given.
25.3 Entire agreement
This Agreement constitutes the entire agreement between Xdroid and Customer concerning the Service and supersedes all prior or contemporaneous agreements, proposals, representations, statements and understandings relating to the Service. Customer acknowledges that it has not relied on any statement, representation, warranty or promise not expressly set out in this Agreement.
25.4 Counterparts and electronic records
This Agreement may be accepted electronically. Electronic signatures, clickwrap acceptance, online acceptance records and electronic copies shall have the same legal effect as handwritten signatures and original documents to the maximum extent permitted by Applicable Law.
Data Processing Agreement
This Data Processing Agreement (“DPA“) forms part of the Terms of Service (“TOS“) between the entity accepting this agreement in its capacity as Data Controller (the “Customer” or “you”) and
The company Xdroid International NV in its capacity as Data Processor (the “Xdroid” or “Data Processor”) (together as the “Parties”). This DPA reflects the parties’ agreement with respect to the terms governing the processing of Personal Data under Xdroids Terms of Service.
The Data Processing Agreement forms part of the Terms of Service or other written agreement between you and Xdroid where Xdroid processes Personal Data on Customer’s behalf. By accepting the Terms of Service and/or using the Services in a manner that involves the processing of Personal Data, you accept the terms of this DPA.
For alignment with the Terms of Service, references in this DPA to “the “Services” mean the SaaS voice analytics Service made available under the TOS. This DPA is incorporated into and forms part of the TOS. If there is a conflict between this DPA and the TOS, this DPA prevails only with respect to the Processing of Personal Data. The TOS prevails for all other legal, commercial, subscription, payment, suspension, warranty, liability and service-use matters.
1. Definitions and Interpretation
1.1. Unless otherwise defined herein, capitalized terms and expressions used in this Agreement shall have the following meaning:
1.1.1. “Agreement” means this Data Processing Agreement and all Schedules;
1.1.2. “Company Personal Data” means any Personal Data Processed by a Contracted Processor on behalf of Customer pursuant to or in connection with the Services;
1.1.3. “Contracted Processor” means a Subprocessor;
1.1.4. “Customer Data” means all data, content, files, call recordings, audio, voice data, transcripts, CRM data, prompts, imports, metadata, instructions, configurations and other information submitted to, connected to, uploaded to, generated through, or otherwise processed through the Services by or on behalf of Customer;
1.1.5. “Data Protection Laws” means EU Data Protection Laws and, to the extent applicable, the data protection or privacy laws of any other country;
1.1.6. “EEA” means the European Economic Area;
1.1.7. “EU Data Protection Laws” means EU Directive 95/46/EC, as transposed into domestic legislation of each Member State and as amended, replaced or superseded from time to time, including by the GDPR and laws implementing or supplementing the GDPR;
1.1.8. “GDPR” means EU General Data Protection Regulation 2016/679;
1.1.9. “Data Transfer” means:
- a transfer of Company Personal Data from the Customer to a Contracted Processor; or
- an onward transfer of Company Personal Data from a Contracted Processor to a Subcontracted Processor, or between two establishments of a Contracted Processor, in each case, where such transfer would be prohibited by Data Protection Laws (or by the terms of data transfer agreements put in place to address the data transfer restrictions of Data Protection Laws);
1.1.10. “Services” shall have the same meaning as in the Terms of Service.
1.1.11. “Subprocessor” means any person appointed by or on behalf of the Processor to process Personal Data on behalf of the Customer in connection with the Agreement.
1.1.12. “Voice Analytics Data” means Customer Data consisting of or derived from voice communications, call recordings, audio files, speech, transcripts, speaker-related information, call metadata, tags, summaries, scores, classifications, quality metrics, sentiment indicators, compliance indicators and related analytics generated or processed through the Services.
1.1.13. “TOS” means Xdroid’s Terms of Service accepted by Customer, including the Subscription Plan, SLA, Privacy Policy and other documents incorporated into the TOS.
1.1.14. “Security Incident” means a confirmed Personal Data Breach affecting Company Personal Data. For clarity, unsuccessful security events, pings, scans, denial-of-service attempts that do not result in unauthorized access, or incidents affecting systems not controlled by Processor are not Security Incidents for purposes of this DPA.
1.2. The terms, “Commission”, “Controller”, “Data Subject”, “Member State”, “Personal Data”, “Personal Data Breach”, “Processing” and “Supervisory Authority” shall have the same meaning as in the GDPR, and their cognate terms shall be construed accordingly.
2. Application
2.1. This DPA applies only where Xdroid Processes Personal Data on behalf of Customer as Processor in connection with the Services. Customer remains responsible for determining whether it acts as Controller or Processor in relation to the relevant Personal Data and for ensuring that its instructions to Xdroid are lawful.
2.2. All Data sent from the date of this agreement by the Customer to Xdroid for Processing;
2.3. All Data accessed by the Xdroid on the authority of the Customer for Processing from the date of this agreement; and
2.4. All Data otherwise received by Xdroid for Processing on the Customer’s behalf;in relation to the Services.
2.5. This DPA does not govern Personal Data that Xdroid Processes as Controller, including account administration, billing, website analytics, security administration, marketing communications or other processing described in Xdroid’s Privacy Policy, unless expressly stated otherwise in the TOS or this DPA.
3. Categories of Personal Data and purpose of the Personal Data Processing
3.1. In order to execute the Agreement, and in particular to perform the Services on behalf of Customer, Customer authorizes and requests that Xdroid process the following Personal Data:
3.1.1. Customer Information: information that we may collect from your use of the Xdroid websites and your interactions with us offline such as:
3.1.2. Contact information: name, home address, telephone or mobile number, email address, and passwords.
3.1.3. Financial information: credit card’s number and billing information (tax id, number of the payer VAT, billing address, billing email, where invoices are sent); Credit card number are handled by our payment gateway, by Stripe, or other types of payment; Xdroid only charges your credit card for payments.
3.1.4. Employment contact details, including: employer name, job title and function, business contact details; Xdroid deals with customer information according to the terms of our general privacy policy.
3.1.5. Services Data: data that resides on Xdroid, customer or third-party systems to which Xdroid has provided access to perform services.
3.1.6. Data stored and processed by users, such as: source code for the application, databases that the applications use, files generated by applications, the history of operations performed by users.
3.1.7. For the Xdroid SaaS voice analytics Service, Services Data primarily includes Customer Data and Voice Analytics Data, including call recordings, audio files, transcripts, call metadata, speaker labels or identifiers, user account activity, CRM or telephony integration data, notes, tags, summaries, dashboards, quality and compliance indicators, and other analytics outputs generated through the Service. References above to source code, customer applications or application databases apply only where such data is actually submitted to or Processed through the Services.
3.1.8. Log File Information: Three types of logs are saved by Xdroid’s system : Connection logs which are essentially logs from each request to each application. These connection logs may include information such as the web request, Internet Protocol (“IP”) address, browser type, referring/exit pages and URLs, number of clicks, domain names, landing pages, pages viewed and other such information. The second type of logs are application logs, which are produced by each application of our customers. Xdroid does not have the control on the content of these logs. The control of application logs as Personal Data remains with the Customer. Timeline event logs which are a record of alerts and notifications that can help Xdroid to identify and diagnose the source of current system problems and help predict future problems.
3.1.9. Other contact information about the customer and employees, for example through its websites, as part of that interaction.
3.2. Categories of Data Subjects: Data subjects include Customer’s representatives and end users, such as employees, job applicants, contractors, collaborators, partners, and customers of the Customer. Data subjects also may include individuals attempting to communicate or transfer Personal Data to users of the Services.
3.3. Xdroid processes Customer information according to the terms of its Privacy policy, and treats services data as confidential in accordance with the terms of your order for services.
4. Processing of Company Personal Data
Processor shall:
4.1. comply with all applicable Data Protection Laws in the Processing of Company Personal Data; and
4.2. not Process Company Personal Data other than on the relevant Customer’s documented instructions.
4.3. The Customer instructs the Processor to process Company Personal Data.
- Customer’s documented instructions include this DPA, the TOS, the Subscription Plan, Customer’s configuration of the Services, Customer’s use of available product settings, and any written instructions agreed by Xdroid. Xdroid may refuse or suspend any instruction that, in Xdroid’s reasonable opinion, violates applicable law, the TOS, this DPA, the Documentation or third-party rights.
4.4. Customer is solely responsible for the accuracy, quality, legality and lawfulness of Customer Data and for providing all notices, obtaining all consents, establishing all lawful bases and complying with all laws applicable to Customer’s recording, monitoring, transcription, analysis, use, retention, disclosure and transfer of communications and Personal Data.
4.5. Xdroid shall not use Company Personal Data to train generalized models for the benefit of other customers unless expressly permitted in the TOS, this DPA, the Subscription Plan, applicable product settings or a separate written agreement with Customer.
5. Processor Personnel
Processor shall take reasonable steps to ensure the reliability of any employee, agent or contractor of any Contracted Processor who may have access to the Company Personal Data, ensuring in each case that access is strictly limited to those individuals who need to know/access the relevant Company Personal Data, as strictly necessary for the purposes of the Services, and to comply with Applicable Laws in the context of that individual’s duties to the Contracted Processor, ensuring that all such individuals are subject to confidentiality undertakings or professional or statutory obligations of confidentiality.
Processor shall ensure that persons authorized to Process Company Personal Data are bound by confidentiality obligations and receive access only on a need-to-know basis, taking into account their role and the nature of the Services.
6. Security
6.1. Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of Processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, Processor shall in relation to the Company Personal Data implement appropriate technical and organizational measures to ensure a level of security appropriate to that risk, including, as appropriate, the measures referred to in Article 32(1) of the GDPR.
6.2. In assessing the appropriate level of security, Processor shall take account in particular of the risks that are presented by Processing, in particular from a Personal Data Breach.
6.3. Processor’s security measures may include, as appropriate to the Services and risk, access controls, authentication controls, encryption in transit or at rest where appropriate, logging, backup and resilience measures, vulnerability management, segregation of customer environments, personnel confidentiality, incident response processes and vendor management. Customer remains responsible for its own systems, credentials, user permissions, integrations, endpoints, devices, networks and configuration choices.
6.4. Processor’s obligations under this Section are subject to the TOS, the SLA, the Documentation and any security documentation made available by Processor, provided that those documents shall not reduce Processor’s obligations under Article 32 GDPR where applicable.
7. Subprocessing
7.1. Processor appoints, and the Controller accepts, Xdroid Kft. as a Subprocessor to process Personal Data on behalf of the Controller.
7.2. Customer grants Processor a general authorization to engage Subprocessors for the provision, support, security, hosting, maintenance, analytics, communication, payment, infrastructure and operation of the Services, subject to the requirements of Article 28 GDPR. Processor shall impose data protection obligations on each Subprocessor that are no less protective in substance than those imposed on Processor under this DPA, to the extent applicable to the Subprocessor’s services.
7.3. Processor shall maintain or make available a list of Subprocessors used for the Services. Processor may update the Subprocessor list from time to time. Where required by Data Protection Laws, Processor shall provide notice of material Subprocessor changes and Customer may object on reasonable data protection grounds within the period stated in the notice or, if no period is stated, within thirty (30) days. If the Parties cannot resolve the objection, Customer may terminate the affected Services as its sole remedy for that objection.
7.4. Processor remains responsible for the performance of its Subprocessors to the extent required by Data Protection Laws and this DPA.
8. Data Subject Rights
8.1. Taking into account the nature of the Processing, Processor shall assist the Customer by implementing appropriate technical and organisational measures, insofar as this is possible, for the fulfilment of the Customer obligations, as reasonably understood by Customer, to respond to requests to exercise Data Subject rights under the Data Protection Laws.
8.2. Processor shall:
- promptly notify Customer if it receives a request from a Data Subject under any Data Protection Law in respect of Company Personal Data; and
- ensure that it does not respond to that request except on the documented instructions of Customer or as required by Applicable Laws to which the Processor is subject, in which case Processor shall to the extent permitted by Applicable Laws inform Customer of that legal requirement before the Contracted Processor responds to the request.
8.3. Customer is responsible for responding to Data Subject requests. Processor’s assistance will be limited to Company Personal Data Processed by Processor and information available to Processor. Processor may charge reasonable costs for assistance where permitted by the TOS or applicable law, except where assistance is required due to Processor’s breach of this DPA.
9. Personal Data Breach
9.1. Processor shall notify Customer without undue delay upon Processor becoming aware of a Personal Data Breach affecting Company Personal Data, providing Customer with sufficient information to allow the Customer to meet any obligations to report or inform Data Subjects of the Personal Data Breach under the Data Protection Laws.
9.2. Processor shall co-operate with the Customer and take reasonable commercial steps as directed by Customer to assist in the investigation, mitigation and remediation of each such Personal Data Breach.
9.3. Notification under this Section is not an acknowledgement of fault or liability. Processor shall not be responsible for Personal Data Breaches caused by Customer, Customer’s users, Customer’s systems, Customer-selected integrations, Customer credentials, Customer instructions or Customer’s breach of the TOS or this DPA.
10. Data Protection Impact Assessment and Prior Consultation
Processor shall provide reasonable assistance to Controller with data protection impact assessments and prior consultations with Supervisory Authorities or other competent data protection authorities, in each case to the extent required by Articles 35 or 36 of the GDPR or equivalent provisions of applicable Data Protection Law. Such assistance shall be limited to the Processing of Controller Personal Data by Processor and its Subprocessors, and shall take into account the nature of the Processing and the information available to Processor. Controller remains responsible for determining whether a data protection impact assessment or prior consultation is required. Processor may charge Controller for reasonable assistance provided under this Section, except to the extent such assistance is required due to Processor’s breach of this DPA.
Customer remains solely responsible for determining whether its use of the Services requires a data protection impact assessment, legitimate interest assessment, transfer impact assessment, works council consultation, employee notice, consent mechanism, AI governance assessment or other legal assessment. Processor’s assistance is limited to information reasonably available to Processor about its Processing of Company Personal Data.
11. Deletion or return of Company Personal Data
11.1. Subject to this section 11 Processor shall promptly and in any event within 10 business days of the date of cessation of the Processing of Company Personal Data (the “Cessation Date”), delete and procure the deletion of all copies of those Company Personal Data.
11.2. Subject to the TOS and applicable law, Customer may export available Customer Data during the Subscription Term and, where technically available, for a limited post-termination period stated in the TOS or Documentation. Processor may retain copies of Company Personal Data to the extent required by applicable law, for legitimate recordkeeping, dispute resolution, security, backup or compliance purposes, provided that such retained Personal Data remains protected under this DPA until deleted.
11.3. Deletion from backups and archival systems may occur according to Processor’s ordinary backup retention and deletion cycles, unless applicable law requires earlier deletion and earlier deletion is technically feasible.
12. Audit rights
12.1. Subject to this Section 12, Processor shall make available to Controller, upon reasonable written request, information reasonably necessary to demonstrate Processor’s compliance with this DPA and applicable Data Protection Laws in relation to the Processing of Controller Personal Data. Any audit requested by Customer beyond the information and documentation reasonably provided by Xdroid as part of its standard compliance program shall be conducted at Customer’s expense. Customer shall reimburse Xdroid for all reasonable costs and expenses incurred in connection with such audit.
12.2. To the extent Processor makes available current third-party certifications, audit reports, security documentation, written responses, or other information that reasonably demonstrates such compliance, Controller shall first rely on those materials before requesting any further audit or inspection.
12.3. If the information made available by Processor is insufficient to demonstrate compliance with applicable Data Protection Laws, Processor shall allow for and reasonably contribute to an audit, including an inspection, conducted by Controller or an independent auditor mandated by Controller, provided that such audit: (a) is limited to Processor’s Processing of Controller Personal Data; (b) is conducted no more than once in any twelve-month period, unless required by a competent supervisory authority or following a confirmed Security Incident affecting Controller Personal Data; (c) is subject to at least thirty days’ prior written notice, except where shorter notice is required by Data Protection Law or a competent supervisory authority; (d) is conducted during normal business hours and in a manner that does not unreasonably interfere with Processor’s business operations; and (e) is subject to appropriate confidentiality, security, and access restrictions.
12.4. Processor shall not be required to disclose or provide access to information relating to other customers, source code, trade secrets, privileged materials, internal security-sensitive information, or information that would compromise the security, confidentiality, or integrity of Processor’s systems or services.
12.5. Controller shall bear its own costs of any audit and shall reimburse Processor for Processor’s reasonable and documented costs incurred in supporting the audit, including reasonable personnel time, unless the audit identifies a material breach of this DPA by Processor, in which case Processor shall bear its own costs of audit support.
13. Data Transfer
13.1. The Processor may not transfer or authorize the transfer of Data to countries outside the EU and/or the European Economic Area (EEA) without the consent of the Customer. If personal data processed under this Agreement is transferred from a country within the European Economic Area to a country outside the European Economic Area, the Parties shall ensure that the personal data are adequately protected. To achieve this, the Parties shall rely on EU approved standard contractual clauses for the transfer of personal data.
13.2. Customer authorizes Processor and its Subprocessors to make international transfers of Company Personal Data where necessary to provide the Services, provided that Processor implements an appropriate transfer mechanism required by Data Protection Laws, such as an adequacy decision, the EU Standard Contractual Clauses, the UK Addendum where applicable, or another lawful transfer mechanism. Customer acknowledges that the Services may involve remote access, hosting, support, security monitoring, payment processing, communications or infrastructure services provided from or involving countries outside the EEA.
13.3. Where the EU Standard Contractual Clauses are required, the Parties agree that the applicable SCC modules and annexes are deemed incorporated by reference to the extent necessary, with Customer as data exporter and Processor or the relevant Subprocessor as data importer, unless another lawful transfer mechanism applies.
14. General Terms
14.1. Confidentiality. Each Party must keep this Agreement and information it receives about the other Party and its business in connection with this Agreement (“Confidential Information”) confidential and must not use or disclose that Confidential Information without the prior written consent of the other Party except to the extent that:
(a) disclosure is required by law;
(b) the relevant information is already in the public domain.
14.2. Notices. All notices and communications given under this Agreement must be in writing and will be delivered personally, sent by post or sent by email to the address or email address set out in the heading of this Agreement at such other address as notified from time to time by the Parties changing address.
14.3. For all matters relating to this DPA or the processing of Personal Data, Xdroid can be contacted at: DPO@xdroid.com.
15. Governing Law and Jurisdiction
15.1. This Agreement is governed by the laws of Belgium.
15.2. For any disputes arising in connection with this DPA, which the Parties will not be able to settle amicably, including with respect to the interpretation, validity, effectiveness and/or execution, the Court of Antwerp shall have exclusive and irrevocable jurisdiction.
Schedule 1 – Processing Details for Xdroid Voice Analytics Services
Subject Matter: provision of the Xdroid SaaS voice analytics Service, including hosting, processing, transcription, analysis, reporting, support, security, maintenance and related service administration.
Categories of Personal Data: business contact details; account credentials and identifiers; call recordings; audio and voice data; transcripts; call metadata; speaker labels; CRM and telephony integration data; notes, tags and classifications; quality, compliance, sentiment, topic, risk and performance indicators; support communications; usage logs; billing and subscription information; and other Customer Data submitted to or generated through the Services.
Categories of Data Subjects: Customer representatives, administrators and users; callers and call participants; Customer’s employees, agents, contractors, sales representatives, customer service representatives and supervisors; Customer’s customers, prospects, end users, business contacts and other individuals whose Personal Data is included in Customer Data.
Purpose of Processing: to provide, operate, secure, support, maintain and improve the Services in accordance with the TOS, this DPA, the Subscription Plan, the Documentation and Customer’s documented instructions.
Processing Location: All hosting, storage, and processing of Customer Data by X is performed exclusively within the European Union (EU) / European Economic Area (EEA). X shall not transfer Customer Data outside the EU/EEA unless otherwise agreed in writing with Customer and subject to applicable Data Protection Laws
Retention: Company Personal Data is retained for the Subscription Term and any additional period required or permitted by the TOS, this DPA, the Documentation, Customer’s configuration, backup cycles or applicable law.
Customer Responsibilities: Customer is responsible for the lawfulness of all Customer Data and all use cases, including call recording, transcription, monitoring, employee analytics, customer analytics, AI governance, notices, consents, lawful basis, works council consultation, data subject rights and retention decisions.
Service Level Agreement
1. Purpose and Application
This Service Level Agreement (“SLA”) defines the support scope, support response objectives, service availability remedy and related limitations applicable to Xdroid Insight software-as-a-service entry and extended solution.
This SLA forms part of the Terms of Service or other written agreement between Xdroid International N.V. (“Xdroid”, “we”, “us” or “our”) and the customer accessing or using the Service (“Customer” or “you”), governing Customer’s access to and use of the Service.
This SLA applies only to the paid production version of the Service made available by Xdroid under an active Subscription Plan. This SLA applies only to Xdroid’s Entry SaaS Service and Extended SaaS Service subscription plans and does not apply to Xdroid’s enterprise model, enterprise products, enterprise services, negotiated enterprise contracts, statements of work, implementation services, managed services, custom support arrangements, or any other non-SaaS offering unless Xdroid expressly agrees otherwise in writing.
By accepting the Terms of Service, creating an account, accessing or using the Service, Customer accepts this SLA.
In the event of a conflict between this SLA and the Terms of Service, the Terms of Service shall control, except that this SLA shall control solely with respect to service availability commitments, support response objectives and service credits for Unavailability.
2. Definitions
“Business Hours” means 08:00 to 17:00 CET, Monday through Friday, excluding Hungarian public holidays.
“Documentation” means the then-current user documentation, product documentation, FAQs, manuals, technical instructions and support materials made available by Xdroid for the Service.
“Interim Solution” means a temporary technical fix delivered as a patch, hotfix, configuration change or other temporary technical measure.
“Permanent Solution” means a software update, release, configuration change or other technical correction intended to resolve the relevant issue in accordance with the documented product behavior.
“Service” means Xdroid’s SaaS voice analytics solution made available to Customer under the Terms of Service and applicable Subscription Plan.
“Service Credit” means the credit described in Section 8 of this SLA.
“Support Request” means a support request submitted by Customer through Xdroid’s designated support channel.
“Unavailable” or “Unavailability” means that the core paid production Service is not accessible by Customer due to a failure within Xdroid’s systems. Unavailability does not include downtime, degradation, interruption, delay, failure or performance issues caused by: Customer systems, Customer Data, Customer instructions, Customer configuration, Customer credentials, Customer networks, third-party services, third-party integrations, telecommunication providers, internet service providers, payment providers, scheduled maintenance, emergency maintenance, beta features, trial features, free features, force majeure events, misuse, excessive usage, unsupported use, security incidents not caused by Xdroid, suspension or termination in accordance with the Terms of Service, or any issue outside Xdroid’s reasonable control.
“Workaround” means a temporary method that allows Customer to continue using the Service or materially reduce the impact of an issue until an Interim Solution or Permanent Solution is implemented.
3. Scope of Support
Xdroid Support will respond to Support Requests relating to technical issues where the paid production Service does not function materially in accordance with the Documentation.
Support may be provided for the following types of issues:
(a) a core functionality of the Service is not working;
(b) the Service does not return, display or process results where results are expected under the Documentation;
(c) an Xdroid-controlled system integration fails or does not operate materially in accordance with the Documentation;
(d) Customer experiences billing, subscription, payment or account administration issues related to the Service, including failed or missing payments, invoicing errors, upgrade or downgrade issues, changes to billing or payment details, or other administrative matters affecting access to or use of the Service.
Support is delivered through Xdroid’s designated email-based or online support channels.
Questions regarding ordinary usage, configuration, general guidance, product training or matters already covered by the Documentation or FAQ are outside the guaranteed support scope. Xdroid may respond to such requests at its discretion.
Maintenance and support services are included in the Subscription Fee and consist of remote support only. On-site support, consulting, implementation services, custom configuration, professional services, end-user training or customer-specific integration work are not included unless expressly agreed in writing.
4. Customer Responsibilities
Customer must provide Xdroid with reasonable information necessary to investigate and respond to a Support Request, including relevant account details, error messages, screenshots, logs, timestamps, affected users, affected features and a description of the issue.
Customer is responsible for ensuring that its users, systems, networks, credentials, integrations, configurations and Customer Data are maintained in a manner that allows the Service to function properly.
Xdroid will not be responsible for delay, failure or inability to provide support caused by Customer’s failure to provide requested information, cooperation, access or assistance.
5. Severity Levels
Severity | Description |
Critical Severity 1 | The core paid production Service is Unavailable or a core Xdroid-controlled functionality is unavailable, causing material impact to Customer’s use of the Service. |
Standard Severity 2 | A feature of the Service works incorrectly or is materially degraded, but the Service remains usable. |
Low Severity 3 | Minor issues, usability questions, cosmetic problems, documentation questions, general guidance requests, non-urgent defects, or requests that do not materially impact core functionality. |
Xdroid will determine the severity level of each Support Request in good faith based on the information available to Xdroid.
6. Response Objectives
Severity | Initial Response Objective |
Critical / Severity 1 | Within eight (8) Business Hours. |
Standard / Severity 2 | Within two (2) business days. |
Low / Severity 3 | Addressed when feasible. |
Response times are initial response objectives only. They do not guarantee resolution, restoration, workaround, patch, hotfix, permanent correction or completion within the stated period.
Issues reported outside Business Hours will be reviewed on the next business day unless Xdroid expressly states otherwise.
7. Resolution Approach
Resolution may consist of one or more of the following:
(a) a Workaround;
(b) an Interim Solution;
(c) a Permanent Solution;
(d) a configuration change;
(e) a correction in a future update or release;
(f) an explanation that the Service is functioning in accordance with the Documentation;
(g) confirmation that the issue is outside the scope of this SLA.
Low severity issues may be addressed in future product updates or when deemed feasible by Xdroid.
Xdroid does not guarantee that all issues will be corrected, that corrections will be provided within a specific timeframe, or that a particular issue will be resolved in the manner preferred by Customer.
8. Service Credit for Extended Unavailability
If the paid production Service is Unavailable for a continuous period of more than twenty-four (24) hours, Customer may request a Service Credit equal to the pro-rata portion of the Subscription Fees paid for the affected Service for the period of Unavailability exceeding twenty-four (24) hours.
The Service Credit will be calculated only on the Subscription Fees attributable to the affected Service and the actual period of qualifying Unavailability exceeding twenty-four (24) continuous hours.
Service Credits will be applied against future Subscription Fees and will not be paid in cash, except where required by Applicable Law or where the affected Subscription has expired and will not renew.
To receive a Service Credit, Customer must submit a written request to Xdroid within thirty (30) days after the end of the calendar month in which the Unavailability occurred. The request must identify the affected Service, the dates and times of the alleged Unavailability, and reasonable supporting information.
Customer is not eligible for a Service Credit if Customer is in breach of the Terms of Service, has overdue Fees, or if the Unavailability resulted from an exclusion listed in this SLA.
Service Credits are Customer’s sole and exclusive remedy, and Xdroid’s sole and exclusive liability, for Unavailability, downtime, degradation, delay, interruption, failure of the Service or failure to meet any support or service level objective, except to the extent such limitation is prohibited by Applicable Law.
9. Support Escalation
Once a Support Request is reported:
(a) Xdroid Support verifies the reported issue;
(b) if the issue is confirmed and no immediate solution exists, Xdroid may escalate the matter internally to the product or development team;
(c) Xdroid will provide updates where appropriate, taking into account the severity of the issue, available information and the nature of the resolution process.
Xdroid is not required to provide root-cause analysis, incident reports or post-incident documentation unless expressly agreed in writing.
10. Maintenance
Xdroid may perform scheduled maintenance, emergency maintenance, updates, upgrades, security work, infrastructure changes and other operational activities from time to time.
Scheduled maintenance and emergency maintenance do not constitute Unavailability for purposes of Service Credits.
Xdroid will use commercially reasonable efforts to minimize disruption caused by scheduled maintenance, but Xdroid does not guarantee that maintenance will occur outside Customer’s business hours or without impact to the Service.
11. Exclusions and Limitations
Xdroid is not responsible for support issues, downtime, Unavailability, delay, degradation, data loss, performance issues or failure of the Service resulting from:
(a) Customer infrastructure, systems, networks, devices, credentials, users, configurations, instructions, Customer Data or security controls;
(b) third-party systems, third-party services, customer-selected integrations, telecommunication providers, internet service providers, hosting providers, payment providers, CRM systems, telephony systems, APIs or other non-Xdroid services;
(c) software, hardware, data or services not provided by Xdroid;
(d) incorrect system configuration, misuse, unauthorized use, unsupported use, excessive use, abnormal use or use outside the Documentation;
(e) failure by Customer to follow Xdroid’s reasonable instructions;
(f) scheduled maintenance, emergency maintenance, updates, upgrades, patches or security work;
(g) free, trial, beta, preview, evaluation, sandbox or non-production features or services;
(h) force majeure events or circumstances outside Xdroid’s reasonable control;
(i) security incidents not caused by Xdroid;
(j) suspension, restriction or termination of the Service in accordance with the Terms of Service;
(k) requests already addressed in the Documentation, FAQ or other materials made available by Xdroid.
12. No Data Loss Remedy
This SLA does not create any separate remedy for loss of data, loss of recordings, loss of transcripts, loss of outputs, loss of analytics, business interruption, lost revenue, lost profits, lost opportunities or other indirect or consequential losses.
Any liability relating to Customer Data, Personal Data, backups, deletion, export, retention or Personal Data Breach is governed by the Terms of Service and, where applicable, the Data Processing Agreement.
13. Affiliate, Partner and Reseller Limitation
This SLA applies only to the Customer that has entered into the applicable Terms of Service or other written agreement with Xdroid for use of the Service.
No affiliate, referral partner, reseller, partner, introducer or other third party receives any support rights, Service Credits, access rights or remedies under this SLA merely because it referred, introduced, resold or supported a customer, unless Xdroid expressly agrees otherwise in writing.
A referred customer’s eligibility for this SLA is subject to that customer’s valid acceptance of Xdroid’s then-current Terms of Service, applicable SaaS-specific Service Level Agreement and other customer terms incorporated into the SaaS subscription process.
14. Changes to this SLA
Xdroid may update this SLA from time to time in accordance with the Terms of Service.
Changes that materially reduce Customer’s rights under this SLA will apply from Customer’s next renewal term, unless the change is required earlier for security, legal compliance, product integrity, third-party dependency changes, misuse prevention or Applicable Law.
Continued access to or use of the Service after an update takes effect constitutes acceptance of the updated SLA to the extent permitted by Applicable Law.
15. Governing Terms
This SLA is governed by the Terms of Service. Capitalized terms not defined in this SLA have the meaning given to them in the Terms of Service.
Nothing in this SLA expands Xdroid’s warranties, indemnities, liability, support obligations or service commitments beyond those expressly stated in this SLA, the Terms of Service, the applicable Subscription Plan or another written agreement signed by Xdroid.