Acknowledgement

Many thanks to:

  • Amanda Pagul for her help with text editing.
  • Arash Alavi for his help with Swift
  • Angela Yu (appbrewery.co) for her iOS app development course on Udemy
  • University of Iowa professor Lawrence Fritts, and their team for creating and sharing Musical Instrument Sample
  • Marcel Gnauk for their sound library (FreeToUseSounds.Com)
  • Let’s Build That App channel, CodeWithChris channel, Jared Davidson channel, Mark Moeykens channel, Rebeloper – Rebel Developer channel, Sean Allen channel, Kilo Loco channel, David Tran channel, raywenderlich.com channel, Paul Solt channel, and freeCodeCamp.org channel for their swift/Xcode tutorials on YouTube.
  • Andrea Bizzotto (bizz84) for creating and sharing SwiftyStoreKit
  • Ashley Mills (ashleymills) for creating and sharing ReachabilitySwift
  • AlexShubin for creating and sharing MetronomeIdea
  • kavitha K (kavitha89) for creating and sharing kReviewMe.swift
  • Jason (jrendel) for creating and sharing SwiftKeychainWrapper
  • Pavel Tikhoneko (tikhop) for their help with TPInAppReceipt
  • FireBase development and support team
  • Google development and support team
  • Realm development and support team
  • Xcode development and support team
  • iOS development and support team

  

This app uses the following software under the following license agreements:

I. Realm
II. AKPickerView
III. Reachability.swift
IV. SwiftyStoreKit
V. SwiftKeychainWrapper
VI. Firebase
VII. Firebase Data Processing and Security Terms
VIII. Google Analytics for Firebase Terms of Service
IX. Google Analytics for Firebase Use Policy
X. Google Ads Data Processing Terms
XI. Google APIs
XII. AdSense Online Terms of Service
XIII. AdMob & AdSense policies

 

 

 

I. Realm

TABLE OF CONTENTS

  1. Apache License version 2.0 2. Realm Components 3. Export Compliance
  2. -------------------------------------------------------------------------------

 Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ 

 TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION

  1. Definitions.

 "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document.

 "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License.

 "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity.

 "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License.

 "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files.

 "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types.

 "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). 

 "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof.

 "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution."

  "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work.

  1. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. 
  2. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed.
  3. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions:

 (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and

 (b) You must cause any modified files to carry prominent notices stating that You changed the files; and

 (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and

 (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License.

 You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License.

  1. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions.
  2. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file.
  3. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. 
  1. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. 
  1. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. 
  2. -------------------------------------------------------------------------------

REALM COMPONENTS 

This software contains components with separate copyright and license terms. Your use of these components is subject to the terms and conditions of the following licenses.

For the Realm Platform Extensions component

 Realm Platform Extensions License

 Copyright (c) 2011-2017 Realm Inc All rights reserved

 Redistribution and use in binary form, with or without modification, is permitted provided that the following conditions are met: 

  1. You agree not to attempt to decompile, disassemble, reverse engineer or otherwise discover the source code from which the binary code was derived. You may, however, access and obtain a separate license for most of the source code from which this Software was created, at http://realm.io/pricing/.
  2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 
  1. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. 

 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

  1. -------------------------------------------------------------------------------

EXPORT COMPLIANCE

You understand that the Software may contain cryptographic functions that may be subject to export restrictions, and you represent and warrant that you are not (i) located in a jurisdiction that is subject to United States economic sanctions (“Prohibited Jurisdiction”), including Cuba, Iran, North Korea, Sudan, Syria or the Crimea region, (ii) a person listed on any U.S. government blacklist (to include the List of Specially Designated Nationals and Blocked Persons or the Consolidated Sanctions List administered by the U.S. Department of the Treasury’s Office of Foreign Assets Control, or the Denied Persons List or Entity List administered by the U.S. Department of Commerce) (“Sanctioned Person”), or (iii) controlled or 50% or more owned by a Sanctioned Person.

You agree to comply with all export, re-export and import restrictions and regulations of the U.S. Department of Commerce or other agency or authority of the United States or other applicable countries. You also agree not to transfer, or authorize the transfer of, directly or indirectly, of the Software to any Prohibited Jurisdiction, or otherwise in violation of any such restrictions or regulations.

 

 

 

II -  AKPickerView

The MIT License (MIT)

Copyright (c) 2014 Akio Yasui

akkyie/AKPickerView is licensed under the MIT License

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THEAUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

 

 

 

III. Reachability 

The MIT License (MIT)

Copyright (c) 2016 Ashley Mills

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.  IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

 

 

 

IV. SwiftyStoreKit

Copyright (c) 2015-2016 Andrea Bizzotto This email address is being protected from spambots. You need JavaScript enabled to view it.

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: 

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. 

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

 

 

 

V. SwiftKeychainWrapper

The MIT License (MIT)

Copyright (c) 2014 Jason Rendel

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

 

 

 

VI. Firebase

Firebase, Inc. (Company) licenses its cloud-based platform and provides related services pursuant to these terms of service ("Agreement"). This Agreement is a legal contract between you (if you use Company Software and Services in your capacity as an individual) or the legal entity you represent (e.g., your employer) (You) and Company. Read the terms of this Agreement carefully. By clicking "I agree" or using any of the Company Software, You agree to be bound by this Agreement. If You do not agree to the terms of this Agreement, do not click "I agree" or use any of the Company Software.

  1. DEFINITIONS
  • Application means a software application that You develop to be used with the Company Software pursuant to this Agreement. An Application consists of a client-side portion that resides on the end user's computer or mobile device and server-side portion that will reside on Company's cloud-based servers.
  • Brand Features and Marks means Your branding, trademarks and the associated logos that are used in connection with an Application.
  • Company Software means the Company's cloud-based platform (including software libraries and APIs that may be integrated into an Application), known commercially as Firebase, which provides a scalable, real-time backend for collaborative applications, allowing developers to build collaborative applications without managing servers or writing server-side code.
  • Content means Your content, images and information accessible on or from an Application.
  • Services means the services that Company provides to its customers in connection with the Company Software, which include, without limitation, the hosting of the server-side portion of an Application on Company's cloud based servers.
  1. LICENSE

Subject to Your compliance with the terms and conditions of this Agreement, Company hereby grants You, solely during the term of this Agreement, a non-exclusive, non-transferable, revocable license, without rights to sublicense, to incorporate libraries and APIs that are included in the Company Software into Your Applications, to reproduce and distribute such libraries and APIs together with Your Applications and to access, use, perform and display the Company Software via the Internet, solely for use with Your Applications.

  1. OWNERSHIP AND CONTENT

3.1 As between the parties and except for the licenses granted by this Agreement, (a) You retain all right, title and interest, including all related intellectual property rights, in and to the Applications, the Content and the Brand Features and Marks and (b) Company retains all right, title, and interest, including all related intellectual property rights, in and to the Company Software.

3.2 You hereby grant Company an irrevocable, non-exclusive, royalty-free, transferable license, with rights to sublicense, to use, reproduce, modify, display, perform and create derivative works of the Applications, the Content and the Brand Features and Marks for the sole purpose of allowing the Company to provide the Company Software and the Services to You.

3.3 Company reserves the right to monitor the Content and Applications and to remove or disable Content or Applications that Company, in its sole discretion, determines to be illegal, harmful, offensive, creating liability for Company or its service providers, or otherwise in violation of this Agreement or Company operating policies.

3.4 Company retains all rights not expressly granted to you under this Agreement. You do not have any implied rights.

  1. OTHER COVENANTS, TERMS AND RESTRICTIONS

4.1 You shall retain all copyright, trademark and other intellectual property rights notices contained on or in the Company Software.

4.2 You represent and warrant to Company that: (i) You are of an age of majority and have the power, authority or consent to enter into and perform this Agreement; (ii) all information provided by You to Company is truthful, accurate and complete; (iii) You are the authorized signatory of the credit or charge card provided to Company to pay the fees; (iv) you shall comply with all terms and conditions of this Agreement; (v) You have provided and will provide accurate and complete registration information, including, without limitation, your legal name, address and telephone number; and (vi) You own or otherwise control and have sufficient rights and consents to provide all Applications, Brand Features and Marks or Content for use by Company in the manner contemplated by this Agreement and none of the Applications, Brand Features and Marks or Content infringes, misappropriates or violates any rights of any third parties.

4.3 You agree to comply with the Company's Acceptable Use Policy, which is incorporated herein by reference.

  1. PAYMENT AND TAXES

5.1 Company charges a fee for use of the Company Software and the Services. You agree to pay all fees charged by Company. All fees are non-refundable and, unless otherwise stated, in US dollars. All fees and taxes and other charges will be billed to your credit card. You hereby authorize Company to charge your credit card. There will be no refunds or credits for partial months of service, upgrades, or unused months.

5.2 Company reserves the right to deactivate your access to Company Software and to the Services for failure to pay applicable fees. You agree to promptly pay Company in the event of any refusal of your credit card issuer to pay any amount to Company for any reason. You agree to pay all costs of collection, including attorneys' fees and costs, on any outstanding balance. In the event you fail to pay any amount when due, Company may immediately suspend or terminate Your access to the Company Software and the Services.

5.3 Your subscription will renew automatically, unless Company terminates it or you terminate your subscription pursuant to Section 7 below. You must cancel your subscription before it renews in order to avoid billing of subscription fees for the renewal term to your credit card.

5.4 You are responsible for, and will indemnify and hold Company harmless from, payment of all taxes (other than taxes based on Company' net income), fees, duties, and other governmental charges, and any related penalties and interest, arising from the payment of fees to Company under this Agreement or the delivery, license or use of the Company Software or Services. You will make all payments to Company free and clear of, and without reduction for, any withholding taxes; any such taxes imposed on payments of fees to Company will be Your sole responsibility, and You agree to provide Company with official receipts issued by the appropriate taxing authority, or such other evidence as Company may reasonably request, to establish that such taxes have been paid.

5.5 Any amounts not paid when due are subject to an interest charge at a rate of 1.5% per month or the maximum rate permitted by law, whichever is less.

  1. SERVICE RELATED TERMS

Company agrees to host the server portion of Applications on its cloud service in accordance with Company's Service Level Agreement ("SLA"), which is incorporated herein by reference. Except as set forth in the SLA, Company does not warrant or guarantee that the Applications, Company Software or the Services will be always available or available at any particular time, secure or free from errors or defects.

  1. TERM AND TERMINATION

This Agreement begins upon your registration. This Agreement will automatically terminate if you fail to comply with its term. Additionally, either party may terminate this Agreement at any time for any reason or no reason whatsoever. To terminate this Agreement, you must use the online Company Software account cancellation forms. Without limiting the foregoing, You acknowledge that Company may discontinue all or part of the Company Software or Service at any time. In the event of termination or expiration of this Agreement, all of the licenses granted to You hereunder will terminate . The definitions and rights, duties and obligations of the parties that by their nature continue and survive shall survive any termination or expiration of this Agreement.

  1. GOVERNMENT RESTRICTIONS

You may not export or re-export any of the Company Software or Application except in compliance with the United States Export Administration Act and the related rules and regulations and similar non-U.S. government restrictions, if applicable. The foregoing and all accompanying documentation are deemed to be "commercial computer software" and "commercial computer software documentation," respectively, pursuant to DFAR Section 227.7202 and FAR Section 12.212(b), as applicable. Any use, modification, reproduction, release, performing, displaying, or disclosing of the foregoing by the U.S. government is governed solely by the terms of this Agreement.

  1. NO WARRANTY

THE COMPANY SOFTWARE AND SERVICES ARE PROVIDED TO YOU AS ISAND WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE, AND COMPANY HEREBY DISCLAIMS AND EXCLUDES, TO THE MAXIMUM EXTENT PERMITTED BY LAW, ALL WARRANTIES, WHETHER STATUTORY, EXPRESS, OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF NON-INFRINGEMENT OF THIRD PARTY RIGHTS, FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABILITY AND SATISFACTORY QUALITY Company does not warrant that any of the Company Software or Services will meet your needs or requirements or be error-free or always available or available at any particular time or that any errors or defects will be corrected. Company does not warrant or guarantee any amount of money that You will receive or earn in connection with an Application.

NONE OF THE COMPANY SOFTWARE AND SERVICES IS FAULT TOLERANT. THEY ARE NOT DESIGNED, MANUFACTURED, LICENSED OR INTENDED FOR USE IN HAZARDOUS ENVIRONMENTS REQUIRING FAIL-SAFE PERFORMANCE SUCH AS IN THE OPERATION OF NUCLEAR FACILITIES, AIRCRAFT NAVIGATION OR COMMUNICATIONS SYSTEMS, AIR TRAFFIC CONTROL, LIFE SUPPORT MACHINES, WEAPONS SYSTEMS OR ANY OTHER APPLICATION IN WHICH ITS FAILURE COULD LEAD DIRECTLY TO DEATH, PERSONAL INJURY, OR PHYSICAL OR ENVIRONMENTAL DAMAGE.

  1. LIMITATION OF LIABILITY AND INDEMNITY

10.1 IN NO EVENT WILL COMPANY BE LIABLE FOR ANY LOST PROFITS OR BUSINESS OPPORTUNITIES, LOSS OF USE, BUSINESS INTERRUPTION, LOSS OF DATA, OR ANY OTHER INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES UNDER ANY THEORY OF LIABILITY, WHETHER BASED IN CONTRACT, TORT (INCLUDING NEGLIGENCE AND PRODUCT LIABILITY), OR OTHERWISE.

10.2 COMPANY'S LIABILITY UNDER THIS AGREEMENT WILL NOT, IN ANY EVENT, EXCEED THE FEES, IF ANY, PAID BY YOU TO COMPANY UNDER THIS AGREEMENT. THE FOREGOING LIMITATIONS WILL APPLY TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, REGARDLESS OF WHETHER COMPANY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES AND REGARDLESS OF WHETHER ANY REMEDY FAILS OF ITS ESSENTIAL PURPOSE.

10.3 You shall indemnify and hold harmless Company and its officers, directors, employees and agents (the "Company Indemnified Parties") from and against liabilities, costs, losses, damages, judgments, expenses (including attorneys' fees and costs of experts and costs of appeals) arising out of or in connection with any and all of the following: (a) any allegation that any of the Applications, Brand Features and Marks or Content infringe, misappropriate or violate any intellectual property right, (b) any violation of this Agreement, including, without limitation, any breach of any representations or warranties contained herein, (c) your provision or distribution of the Application or any Content, (d) your use of any of the Company Software or receipt of the Services, (e) any activity relating to your account, (f) any violation of a third party app store's contracts, policies or procedures; or (e) any failure of You to have all necessary rights and licenses.

  1. CONFIDENTIALITY AND FEEDBACK

11.1 You agree to keep confidential and not use other than in the performance of this Agreement or disclose to a third party any information of Company that You know or reasonably should know is confidential to Company.

11.2 To the extent you provide Company with any suggestions, information, ideas, or feedback concerning any of the Company Software or Services, including but not limited to, a report of any errors which you discover while using an Application or the Company Software or any related documentation ("Feedback"), such Feedback will be the property of Company. You agree to assign, and hereby assign, all right, title and interest worldwide in the Feedback, and the related intellectual property rights, to Company and agree to assist Company in perfecting and enforcing these rights.

  1. ASSIGNMENT

You may not transfer or assign Your rights under this Agreement, in whole or in part, without the prior written consent of Company. Any attempted assignment in violation of the foregoing is void. Company may freely transfer or assign its rights under this Agreement. Subject to the foregoing, this Agreement will bind and inure to the benefit of the parties and their respective successors and permitted assigns.

  1. COPYRIGHT POLICY

13.1 Company takes claims of copyright infringement seriously. Company will respond to notices of alleged copyright infringement that comply with applicable law. If You believe any materials accessible on or from Company Software or the Services infringe Your copyright, You may request removal of those materials (or access thereto) from Company Software and the Services by submitting written notification to our Copyright Agent (designated below). In accordance with the Online Copyright Infringement Liability Limitation Act of the Digital Millennium Copyright Act (17 U.S.C. § 512) (*"DMCA"*), the written notice (the *"DMCA Notice"*) must include substantially the following:

  • (a) Your physical or electronic signature.
  • (b) Identification of the copyrighted work You believe to have been infringed or, if the claim involves multiple works on Company Software or the Services, a representative list of such works.
  • (c) Identification of the material You believe to be infringing in a sufficiently precise manner to allow Company to locate that material.
  • (d) Adequate information by which Company can contact You (including Your name, postal address, telephone number and, if available, e-mail address).
  • (e) A statement that You have a good faith belief that use of the copyrighted material is not authorized by the copyright owner, its agent or the law.
  • (f) A statement that the information in the written notice is accurate.
  • (g) A statement, under penalty of perjury, that You are authorized to act on behalf of the copyright owner.

13.2 Our designated Copyright Agent to receive DMCA Notices is:

Andrew Lee

22 4th St. Suite 1000 (10th Floor)
San Francisco CA, 94103
United States

(408) 400-3656

This email address is being protected from spambots. You need JavaScript enabled to view it.

13.3 If You fail to comply with all of the requirements of Section 512(c)(3) of the DMCA, Your DMCA Notice may not be effective.

13.4 Please be aware that if You knowingly materially misrepresent that material or activity on Company Software or the Services is infringing Your copyright, You may be held liable for damages (including costs and attorneys' fees) under Section 512(f) of the DMCA.

13.5 It is Company's policy in appropriate circumstances to disable and/or terminate the accounts of users who are repeat infringers.

  1. GENERAL

The laws of the State of California govern all matters arising out of this Agreement, without regard to conflict of law principles. The United Nations Convention for the International Sale of Goods shall not apply. The federal and state courts located in San Francisco County, California USA will have non-exclusive jurisdiction in respect of disputes arising in connection with this Agreement. This Agreement is the entire agreement between us with respect to the subject matter hereof, and supersedes the terms of any purchase orders and any other communications or advertising with respect to such subject matter. If any provision of this Agreement is held invalid, that provision will be deemed amended to achieve as nearly as possible the same economic effect as the original provision and the remainder of this Agreement will continue in full force and effect. Company has no liability for any failure of performance or equipment due to causes beyond its reasonable control, including, but not limited to, the following: acts of God, fire, flood, earthquake, tsunami, storm, or other catastrophes; any law, order, regulation, direction, action, or request of any governmental entity or agency, or any civil or military authority; national emergencies, insurrections, riots, wars or acts of terrorism; unavailability of rights-of-way or materials; or strikes, lock-outs, work stoppages, or other labor difficulties; or failure of the Internet or any telecommunications, hosting or service provider. This Agreement may be modified only by a written agreement that is signed by authorized representatives of both parties and identifies itself as an amendment to this Agreement. No term or provision hereof will be considered waived by Company, and no breach excused, unless the waiver or consent is in writing signed by Company. No consent by Company to, or waiver of, a breach, whether express or implied, will constitute a consent to, waiver of, or excuse of any other, different or subsequent breach. The section headings appearing in this Agreement are inserted only as a matter of convenience and in no way define, limit, construe or describe the scope or extent of such paragraph or in any way affect such section.

  1. CONTACT INFORMATION

If you have any questions about this Agreement, or if you want to contact Company for any reason, please direct all correspondence to: Firebase, Inc., 22 4th St. Suite 1000 (10th Floor), San Francisco, CA 94103, United States of America or email This email address is being protected from spambots. You need JavaScript enabled to view it.. Firebase is a trademark and/or registered trademark of Firebase, Inc. or its affiliates in the United States and/or various jurisdictions.

 

 

 

VII.    Firebase Data Processing and Security Terms

Terms last modified: June 20, 2019 | Previous versions

The customer agreeing to these terms ("Customer"), and Google LLC (formerly known as Google Inc.), Google Ireland Limited, Google Asia Pacific Pte. Ltd., or any other entity that directly or indirectly controls, is controlled by, or is under common control with Google LLC (as applicable, "Google"), have entered into an agreement under which Google has agreed to provide Firebase Services (as described at https://firebase.google.com/terms) which specifically reference the Firebase Data Processing and Security Terms (as amended from time to time, the "Agreement").

These Firebase Data Processing and Security Terms, including their appendices, (the "Terms") will be effective and replace any previously applicable data processing and security terms as from the Terms Effective Date (as defined below). These Terms supplement the Agreement.

  1. Introduction

These Terms reflect the parties' agreement with respect to the terms governing the processing and security of Customer Data under the Agreement.

  1. Definitions

2.1 Capitalized terms used but not defined in these Terms have the meanings set out in the Agreement. In these Terms, unless stated otherwise:

  • Account has the meaning given in the Agreement or, if no such meaning is given, means Customer's account for the Services.
  • Additional Product means a product, service or application provided by Google or a third party that: (a) is not part of the Services; and (b) is accessible for use within the user interface of the Services or is otherwise integrated with the Services.
  • Additional Security Controls means security resources, features, functionality and/or controls that Customer may use at its option and/or as it determines, including the Admin Console and other features and/or functionality of the Services such as logging and monitoring and identity and access management.
  • Admin Console has the meaning given in the Agreement or, if not such meaning is given, means the online console(s) and/or tool(s) provided by Google to Customer for administering the Services.
  • Affiliate has the meaning given in the Agreement or, if not such meaning is given, means any entity that directly or indirectly controls, is controlled by, or is under common control with, a party.
  • Alternative Transfer Solution means a solution, other than Privacy Shield, that enables the lawful transfer of personal data to a third country in accordance with Article 45 or 46 of the GDPR.
  • Audited Services means the Services indicated as being in-scope for the relevant certification or report at https://firebase.google.com/support/privacy/certifications#certifications, as may be updated by Google from time to time.
  • Customer Data has the meaning given in the Agreement or, if no such meaning is given, means data provided by Customer or Customer End Users via the Services (except TSS and any other support services, if applicable) under the Account.
  • Customer End Users has the meaning given in the Agreement or, if no such meaning is given, means the users of Customer's services (for example, the users of a Customer app).
  • Customer Personal Data means the personal data contained within the Customer Data.
  • Data Incident means a breach of Google's security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Customer Data on systems managed by or otherwise controlled by Google. "Data Incidents" will not include unsuccessful attempts or activities that do not compromise the security of Customer Data, including unsuccessful log-in attempts, pings, port scans, denial of service attacks, and other network attacks on firewalls or networked systems.
  • European Data Protection Legislation means, as applicable: (a) the GDPR; and/or (b) the Federal Data Protection Act of 19 June 1992 (Switzerland).
  • EEA means the European Economic Area.
  • GDPR means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
  • Google's Third Party Auditor means a Google-appointed, qualified and independent third party auditor, whose then-current identity Google will disclose to Customer.
  • ISO 27001 Certification means an ISO/IEC 27001:2013 certification or a comparable certification for the Audited Services.
  • Non-European Data Protection Legislation means data protection or privacy legislation in force outside the European Economic Area and Switzerland.
  • Notification Email Address means the email address(es) designated by Customer in the Admin Console to receive certain notifications from Google.
  • Privacy Shield means the EU-U.S. Privacy Shield legal framework and the Swiss-U.S. Privacy Shield legal framework.
  • Security Documentation means all documents and information made available by Google under Section 7.5.1 (Reviews of Security Documentation).
  • Security Measures has the meaning given in Section 7.1.1 (Google's Security Measures).
  • Services has the meaning given to "Paid Services" or "APIs" (as applicable) in the Agreement.
  • SOC 2 Report means a confidential Service Organization Control (SOC) 2 report (or a comparable report) on Google's systems examining logical security controls, physical security controls, and system availability, as produced by Google's Third Party Auditor in relation to the Audited Services.
  • Subprocessors means third parties authorized under these Terms to have logical access to and process Customer Data in order to provide parts of the Services.
  • Term means the period from the Terms Effective Date until the end of Google's provision of the Services, including, if applicable, any period during which provision of the Services may be suspended and any post-termination period during which Google may continue providing the Services for transitional purposes.
  • Terms Effective Date means, the date on which Customer accepted, or the parties otherwise agreed to, these Terms.
  • Third Party Subprocessors has the meaning given in Section 11.1 (Consent to Subprocessor Engagement).

2.2 The terms "personal data", "data subject", "processing", "controller", "processor" and "supervisory authority" as used in these Terms have the meanings given in the GDPR.

  1. Duration of these Terms

These Terms will take effect on the Terms Effective Date and, notwithstanding expiry of the Term, will remain in effect until, and automatically expire upon, deletion of all Customer Data by Google as described in these Terms.

  1. Scope of Data Protection Legislation

4.1 Application of European Legislation. The parties acknowledge and agree that the European Data Protection Legislation will apply to the processing of Customer Personal Data, if, for example:

  1. the processing is carried out in the context of the activities of an establishment of Customer in the territory of the EEA; and/or
  2. the Customer Personal Data is personal data relating to data subjects who are in the EEA and the processing relates to the offering to them of goods or services in the EEA or the monitoring of their behaviour in the EEA.

4.2 Application of Non-European Legislation. The parties acknowledge and agree that Non-European Data Protection Legislation may also apply to the processing of Customer Personal Data.

4.3 Application of Terms. Except to the extent these Terms state otherwise, these Terms will apply irrespective of whether the European Data Protection Legislation or Non-European Data Protection Legislation applies to the processing of Customer Personal Data.

5.Processing of Data

5.1 Roles and Regulatory Compliance; Authorization.

5.1.1 Processor and Controller Responsibilities. If the European Data Protection Legislation applies to the processing of Customer Personal Data, the parties acknowledge and agree that:

  1. the subject matter and details of the processing are described in Appendix 1;
  2. Google is a processor of that Customer Personal Data under the European Data Protection Legislation;
  3. Customer is a controller or processor, as applicable, of that Customer Personal Data under European Data Protection Legislation; and
  4. each party will comply with the obligations applicable to it under the European Data Protection Legislation with respect to the processing of that Customer Personal Data.

5.1.2 Authorization by Third Party Controller. If European Data Protection Legislation applies to the processing of Customer Personal Data and Customer is a processor, Customer warrants to Google that Customer's instructions and actions with respect to that Customer Personal Data, including its appointment of Google as another processor, have been authorized by the relevant controller.

5.1.3 Responsibilities under Non-European Legislation. If Non-European Data Protection Legislation applies to either party’s processing of Customer Personal Data, the parties acknowledge and agree that the relevant party will comply with any obligations applicable to it under that legislation with respect to the processing of that Customer Personal Data.

5.2 Scope of Processing.

5.2.1 Customer's Instructions. By entering into these Terms, Customer instructs Google to process Customer Personal Data only in accordance with applicable law: (a) to provide the Services; (b) as further specified via Customer's use of the Services (including the Admin Console and other functionality of the Services); (c) as documented in the form of the Agreement, including these Terms; and (d) as further documented in any other written instructions given by Customer and acknowledged by Google as constituting instructions for purposes of these Terms.

5.2.2 Google's Compliance with Instructions. Google will comply with the instructions described in Section 5.2.1 (Customer's Instructions) (including with regard to data transfers) unless EU or EU Member State law to which Google is subject requires other processing of Customer Personal Data by Google, in which case Google will inform Customer (unless that law prohibits Google from doing so on important grounds of public interest) via the Notification Email Address.

5.3 Additional Products. If Customer uses any Additional Product, the Services may allow that Additional Product to access Customer Personal Data as required for the interoperation of the Additional Product with the Services. For clarity, these Terms do not apply to the processing of personal data in connection with the provision of any Additional Product used by Customer, including personal data transmitted to or from that Additional Product.

  1. Data Deletion

6.1 Deletion by Customer. Google will enable Customer to delete Customer Data during the Term in a manner consistent with the functionality of the Services. If Customer uses the Services to delete any Customer Data during the Term and that Customer Data cannot be recovered by Customer, this use will constitute an instruction to Google to delete the relevant Customer Data from Google's systems in accordance with applicable law. Google will comply with this instruction as soon as reasonably practicable and within a maximum period of 180 days, unless EU or EU Member State law requires storage.

6.2 Deletion on Termination. On expiry of the Term, Customer instructs Google to delete all Customer Data (including existing copies) from Google's systems in accordance with applicable law. Google will, after a recovery period of up to 30 days following such expiry, comply with this instruction as soon as reasonably practicable and within a maximum period of 180 days, unless EU or EU Member State law requires storage. Without prejudice to Section 9.1 (Access; Rectification; Restricted Processing; Portability), Customer acknowledges and agrees that Customer will be responsible for exporting, before the Term expires, any Customer Data it wishes to retain afterwards.

  1. Data Security

7.1 Google's Security Measures, Controls and Assistance.

7.1.1 Google's Security Measures. Google will implement and maintain technical and organizational measures to protect Customer Data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access as described in Appendix 2 (the "Security Measures"). As described in Appendix 2, the Security Measures include measures to encrypt personal data; to help ensure ongoing confidentiality, integrity, availability and resilience of Google's systems and services; to help restore timely access to personal data following an incident; and for regular testing of effectiveness. Google may update or modify the Security Measures from time to time provided that such updates and modifications do not result in the degradation of the overall security of the Services.

7.1.2 Security Compliance by Google Staff. Google will take appropriate steps to ensure compliance with the Security Measures by its employees, contractors and Subprocessors to the extent applicable to their scope of performance, including ensuring that all persons authorized to process Customer Personal Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.

7.1.3 Additional Security Controls. In addition to the Security Measures, Google will make the Additional Security Controls available to: (a) allow Customer to take steps to secure Customer Data; and (b) provide Customer with information about securing, accessing and using Customer Data.

7.1.4 Google's Security Assistance. Customer agrees that Google will (taking into account the nature of the processing of Customer Personal Data and the information available to Google) assist Customer in ensuring compliance with any of Customer's obligations in respect of security of personal data and personal data breaches, including if applicable Customer's obligations pursuant to Articles 32 to 34 (inclusive) of the GDPR, by:

  1. implementing and maintaining the Security Measures in accordance with Section 7.1.1 (Google's Security Measures);
  2. making the Additional Security Controls available to Customer in accordance with Section 7.1.3 (Additional Security Controls);
  3. complying with the terms of Section 7.2 (Data Incidents); and
  4. providing Customer with the Security Documentation in accordance with Section 7.5.1 (Reviews of Security Documentation) and the information contained in the Agreement including these Terms.

7.2.Data Incidents

7.2.1 Incident Notification. If Google becomes aware of a Data Incident, Google will: (a) notify Customer of the Data Incident promptly and without undue delay after becoming aware of the Data Incident; and (b) promptly take reasonable steps to minimize harm and secure Customer Data.

7.2.2 Details of Data Incident. Notifications made pursuant to this section will describe, to the extent possible, details of the Data Incident, including steps taken to mitigate the potential risks and steps Google recommends Customer take to address the Data Incident.

7.2.3 Delivery of Notification. Notification(s) of any Data Incident(s) will be delivered to the Notification Email Address or, at Google's discretion, by direct communication (for example, by phone call or an in-person meeting). Customer is solely responsible for ensuring that the Notification Email Address is current and valid.

7.2.4 No Assessment of Customer Data by Google. Google will not assess the contents of Customer Data to identify information subject to any specific legal requirements. Customer is solely responsible for complying with incident notification laws applicable to Customer and fulfilling any third party notification obligations related to any Data Incident(s).

7.2.5 No Acknowledgement of Fault by Google. Google's notification of or response to a Data Incident under this Section 7.2 (Data Incidents) will not be construed as an acknowledgement by Google of any fault or liability with respect to the Data Incident.

7.3 Customer's Security Responsibilities and Assessment.

7.3.1 Customer's Security Responsibilities. Customer agrees that, without prejudice to Google's obligations under Section 7.1 (Google's Security Measures, Controls and Assistance) and Section 7.2 (Data Incidents):

  1. Customer is solely responsible for its use of the Services, including:
    1. making appropriate use of the Services and the Additional Security Controls to ensure a level of security appropriate to the risk in respect of the Customer Data;
    2. securing the account authentication credentials, systems and devices Customer uses to access the Services;
    3. backing up its Customer Data; and
  2. Google has no obligation to protect Customer Data that Customer elects to store or transfer outside of Google's and its Subprocessors' systems (for example, offline or on-premise storage), or to protect Customer Data by implementing or maintaining Additional Security Controls except to the extent Customer has opted to use them.

7.3.2 Customer's Security Assessment.

  1. Customer is solely responsible for reviewing the Security Documentation and evaluating for itself whether the Services, the Security Measures, the Additional Security Controls and Google's commitments under this Section 7 (Data Security) will meet Customer's needs, including with respect to any security obligations of Customer under the European Data Protection Legislation and/or Non-European Data Protection Legislation, as applicable.
  2. Customer acknowledges and agrees that (taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of the processing of Customer Personal Data as well as the risks to individuals) the Security Measures implemented and maintained by Google as set out in Section 7.1.1 (Google's Security Measures) provide a level of security appropriate to the risk in respect of the Customer Data.

7.4 Security Certifications and Reports. Google will do the following to evaluate and help ensure the continued effectiveness of the Security Measures:

  1. maintain the ISO 27001 Certification; and
  2. update the SOC 2 Report at least once every 18 months.

7.5 Reviews and Audits of Compliance

7.5.1 Reviews of Security Documentation. In addition to the information contained in the Agreement (including these Terms), Google will make available for review by Customer the following documents and information to demonstrate compliance by Google with its obligations under these Terms:

  1. the certificates issued in relation to the ISO 27001 Certification; and
  2. the then-current SOC 2 Report, following a request by Customer in accordance with Section 7.5.3(a).

7.5.2 Customer's Audit Rights.

  1. If the European Data Protection Legislation applies to the processing of Customer Personal Data, Google will allow Customer or an independent auditor appointed by Customer to conduct audits (including inspections) to verify Google's compliance with its obligations under these Terms in accordance with Section 7.5.3 (Additional Business Terms for Reviews and Audits). Google will contribute to such audits as described in Section 7.4 (Security Certifications and Reports) and this Section 7.5 (Reviews and Audits of Compliance).
  2. Customer may also conduct an audit to verify Google's compliance with its obligations under these Terms by reviewing the Security Documentation (which reflects the outcome of audits conducted by Google's Third Party Auditor).

7.5.3 Additional Business Terms for Reviews and Audits.

  1. Customer must send any requests for reviews of the SOC 2 Report under Section 7.5.1(b) or audits under Section 7.5.2(a) or 7.5.2(b) via https://firebase.google.com/support/privacy/dpoas described in Section 12 (Firebase Data Protection Team; Processing Records).
  2. Following receipt by Google of a request under Section 7.5.3(a), Google and Customer will discuss and agree in advance on: (i) the reasonable date(s) of and security and confidentiality controls applicable to any review of the SOC 2 Report under Section 7.5.1(b); and (ii) the reasonable start date, scope and duration of and security and confidentiality controls applicable to any audit under Section 7.5.2(a) or 7.5.2(b).
  3. Google may charge a fee (based on Google's reasonable costs) for any review of the SOC 2 Report under Section 7.5.1(b) and/or audit under Section 7.5.2(a) or 7.5.2(b). Google will provide Customer with further details of any applicable fee, and the basis of its calculation, in advance of any such review or audit. Customer will be responsible for any fees charged by any auditor appointed by Customer to execute any such audit.
  4. Google may object in writing to an auditor appointed by Customer to conduct any audit under Section 7.5.2(a) or 7.5.2(b) if the auditor is, in Google's reasonable opinion, not suitably qualified or independent, a competitor of Google, or otherwise manifestly unsuitable. Any such objection by Google will require Customer to appoint another auditor or conduct the audit itself.
  5. Nothing in these Terms will require Google either to disclose to Customer or its third party auditor, or to allow Customer or its third party auditor to access:
    1. any data of any other customer of Google or its Affiliates;
    2. Google or its Affiliates' internal accounting or financial information;
    3. any trade secret of Google or its Affiliates;
    4. any information that, in Google's reasonable opinion, could: (A) compromise the security of any of Google or its Affiliates' systems or premises; or (B) cause Google or its Affiliates to breach obligations under the European Data Protection Legislation and/or Non-European Data Protection Legislation, as applicable, or its security and/or privacy obligations to Customer or any third party; or
    5. any information that Customer or its third party auditor seeks to access for any reason other than the good faith fulfilment of Customer's obligations under the European Data Protection Legislation and/or Non-European Data Protection Legislation, as applicable.
  1. Impact Assessments and Consultations

Customer agrees that Google will (taking into account the nature of the processing and the information available to Google) assist Customer in ensuring compliance with any obligations of Customer in respect of data protection impact assessments and prior consultation, including if applicable Customer's obligations pursuant to Articles 35 and 36 of the GDPR, by:

  1. providing the Additional Security Controls in accordance with Section 7.1.3 (Additional Security Controls) and the Security Documentation in accordance with Section 7.5.1 (Reviews of Security Documentation); and
  2. providing the information contained in the Agreement including these Terms.
  1. Data Subject Rights; Data Export

9.1 Access; Rectification; Restricted Processing; Portability. During the Term, Google will, in a manner consistent with the functionality of the Services, enable Customer to access, rectify and restrict processing of Customer Data, including via the deletion functionality provided by Google as described in Section 6.1 (Deletion by Customer), and to export Customer Data.

9.2 Data Subject Requests

9.2.1 Customer's Responsibility for Requests. During the Term, if Google receives any request from a data subject in relation to Customer Personal Data, Google will advise the data subject to submit their request to Customer and Customer will be responsible for responding to any such request including, where necessary, by using the functionality of the Services.

9.2.2 Google's Data Subject Request Assistance. Customer agrees that Google will (taking into account the nature of the processing of Customer Personal Data) assist Customer in fulfilling any obligation to respond to requests by data subjects, including if applicable Customer's obligation to respond to requests for exercising the data subject's rights laid down in Chapter III of the GDPR, by:

  1. providing the Additional Security Controls in accordance with Section 7.1.3 (Additional Security Controls); and
  2. complying with the commitments set out in Section 9.1 (Access; Rectification; Restricted Processing; Portability) and Section 9.2.1 (Customer's Responsibility for Requests).
  1. Data Transfers

10.1 Data Storage and Processing Facilities. Google may, subject to Section 10.2 (Transfers of Data Out of the EEA), store and process the relevant Customer Data anywhere Google or its Subprocessors maintains facilities.

10.2 Transfers of Data Out of the EEA.

10.2.1 Google's Transfer Obligations. If the storage and/or processing of Customer Personal Data involves transfers of Customer Personal Data out of the EEA, and the European Data Protection Legislation applies to the transfers of such data, Google will ensure that:

  1. the parent company of the Google group, Google LLC, remains self-certified under Privacy Shield on behalf of itself and its wholly-owned U.S. subsidiaries; and
  2. the scope of Google LLC's Privacy Shield certification includes Customer Personal Data.

10.2.2 Customer's Transfer Obligations. If under the European Data Protection Legislation Google reasonably requires Customer to use an Alternative Transfer Solution offered by Google, and reasonably requests that Customer take any action (which may include execution of documents) strictly required to give full effect to such solution, Customer will do so.

10.3 Data Centre Information. Information about the locations of Google data centers is available at: https://www.google.com/about/datacenters/inside/locations/index.html (as may be updated by Google from time to time).

  1. Subprocessors

11.1 Consent to Subprocessor Engagement. Customer specifically authorizes the engagement of Google's Affiliates as Subprocessors. In addition, Customer generally authorizes the engagement of any other third parties as Subprocessors ("Third Party Subprocessors").

11.2 Information about Subprocessors. Information about Subprocessors, including their functions and locations, is available at: https://firebase.google.com/terms/subprocessors(as may be updated by Google from time to time in accordance with these Terms).

11.3 Requirements for Subprocessor Engagement. When engaging any Subprocessor, Google will:

  1. ensure via a written contract that:
    1. the Subprocessor only accesses and uses Customer Data to the extent required to perform the obligations subcontracted to it, and does so in accordance with the Agreement (including these Terms) and Privacy Shield; and
    2. if the GDPR applies to the processing of Customer Personal Data, the data protection obligations set out in Article 28(3) of the GDPR, as described in these Terms, are imposed on the Subprocessor; and
  2. remain fully liable for all obligations subcontracted to, and all acts and omissions of, the Subprocessor.

11.4 Opportunity to Object to Subprocessor Changes.

  1. When any new Third Party Subprocessor is engaged during the Term, Google will, at least 30 days before the new Third Party Subprocessor processes any Customer Data, inform Customer of the engagement (including the name and location of the relevant subprocessor and the activities it will perform) either by sending an email to the Notification Email Address or via the Admin Console.
  2. Customer may object to any new Third Party Subprocessor by terminating the Agreement immediately upon written notice to Google, on condition that Customer provides such notice within 90 days of being informed of the engagement of the subprocessor as described in Section 11.4(a). This termination right is Customer's sole and exclusive remedy if Customer objects to any new Third Party Subprocessor.
  1. Firebase Data Protection Team; Processing Records

12.1 Google's Representative. Customer may contact a Google representative in relation to the exercise of its rights under these Terms via the methods described at https://firebase.google.com/support/privacy/dpo (and/or via such other means as Google may provide from time to time).

12.2 Google's Processing Records. Customer acknowledges that Google is required under the GDPR to: (a) collect and maintain records of certain information, including the name and contact details of each processor and/or controller on behalf of which Google is acting and, where applicable, of such processor's or controller's local representative and data protection officer; and (b) make such information available to the supervisory authorities. Accordingly Customer will, where requested, provide such information to Google via the Admin Console or other means provided by Google, and will use the Admin Console or such other means to ensure that all information provided is kept accurate and up-to-date.

  1. Liability

13.1 If the Agreement is governed by the laws of:

  1. a state of the United States of America, then, notwithstanding anything else in the Agreement, the total liability of either party towards the other party under or in connection with these Terms will be limited to the maximum monetary or payment-based amount at which that party's liability is capped under the Agreement (for clarity, any exclusion of indemnification claims from the Agreement's limitation of liability will not apply to indemnification claims under the Agreement relating to the European Data Protection Legislation); or
  2. a jurisdiction that is not a state of the United States of America, then the liability of the parties under or in connection with these Terms will be subject to the exclusions and limitations of liability in the Agreement.
  1. Effect of these Terms

Notwithstanding anything to the contrary in the Agreement, to the extent of any conflict or inconsistency between these Terms and the remaining terms of the Agreement, these Terms will govern.

  1. Changes to these Terms

15.1 Changes to URLs. From time to time, Google may change any URL referenced in these Terms and the content at any such URL.

15.2 Changes to these Terms. Google may change these Terms if the change:

  1. is expressly permitted by these Terms, including as described in Section 15.1 (Changes to URLs);
  2. reflects a change in the name or form of a legal entity;
  3. is required to comply with applicable law, applicable regulation, a court order or guidance issued by a governmental regulator or agency; or
  4. does not: (i) result in a degradation of the overall security of the Services; (ii) expand the scope of, or remove any restrictions on, Google's processing of Customer Personal Data, as described in Section 5.2.2 (Google's Compliance with Instructions); and (iii) otherwise have a material adverse impact on Customer's rights under these Terms, as reasonably determined by Google.

15.3 Notification of Changes. If Google intends to change these Terms under Section 15.2(c) or (d), Google will inform Customer at least 30 days (or such shorter period as may be required to comply with applicable law, applicable regulation, a court order or guidance issued by a governmental regulator or agency) before the change will take effect by either: (a) sending an email to the Notification Email Address; or (b) alerting Customer via the Admin Console. If Customer objects to any such change, Customer may terminate the Agreement by giving written notice to Google within 90 days of being informed by Google of the change.

Appendix 1: Subject Matter and Details of the Data Processing

Subject Matter

Google's provision of the Services to Customer.

Duration of the Processing

The Term plus the period from the expiry of the Term until deletion of all Customer Personal Data by Google in accordance with these Terms.

Nature and Purpose of the Processing

Google will process Customer Personal Data for the purposes of providing the Services to Customer in accordance with these Terms.

Categories of Data

Data relating to individuals provided to Google via the Services, by (or at the direction of) Customer or by Customer End Users.

Data Subjects

Data subjects include the individuals about whom data is provided to Google via the Services by (or at the direction of) Customer or by Customer End Users.

Appendix 2: Security Measures

As from the Terms Effective Date, Google will implement and maintain the Security Measures set out in this Appendix 2. Google may update or modify such Security Measures from time to time provided that such updates and modifications do not result in the degradation of the overall security of the Services.

  1. Data Center and Network Security

(a) Data Centers.

  • Infrastructure. Google maintains geographically distributed data centers. Google stores all production data in physically secure data centers.
  • Redundancy. Infrastructure systems have been designed to eliminate single points of failure and minimize the impact of anticipated environmental risks. Dual circuits, switches, networks or other necessary devices help provide this redundancy. The Services are designed to allow Google to perform certain types of preventative and corrective maintenance without interruption. All environmental equipment and facilities have documented preventative maintenance procedures that detail the process for and frequency of performance in accordance with the manufacturer's or internal specifications. Preventative and corrective maintenance of the data center equipment is scheduled through a standard change process according to documented procedures.
  • Power. The data center electrical power systems are designed to be redundant and maintainable without impact to continuous operations, 24 hours a day, 7 days a week. In most cases, a primary as well as an alternate power source, each with equal capacity, is provided for critical infrastructure components in the data center. Backup power is provided by various mechanisms such as uninterruptible power supplies (UPS) batteries, which supply consistently reliable power protection during utility brownouts, blackouts, over voltage, under voltage, and out-of-tolerance frequency conditions. If utility power is interrupted, backup power is designed to provide transitory power to the data center, at full capacity, for up to 10 minutes until the diesel generator systems take over. The diesel generators are capable of automatically starting up within seconds to provide enough emergency electrical power to run the data center at full capacity typically for a period of days.
  • Server Operating Systems. Google servers use a Linux based implementation customized for the application environment. Data is stored using proprietary algorithms to augment data security and redundancy. Google employs a code review process to increase the security of the code used to provide the Services and enhance the security products in production environments.
  • Businesses Continuity. Google replicates data over multiple systems to help to protect against accidental destruction or loss. Google has designed and regularly plans and tests its business continuity planning/disaster recovery programs.

(b) Networks and Transmission.

  • Data Transmission. Data centers are typically connected via high-speed private links to provide secure and fast data transfer between data centers. This is designed to prevent data from being read, copied, altered or removed without authorization during electronic transfer or transport or while being recorded onto data storage media. Google transfers data via Internet standard protocols.
  • External Attack Surface. Google employs multiple layers of network devices and intrusion detection to protect its external attack surface. Google considers potential attack vectors and incorporates appropriate purpose built technologies into external facing systems.
  • Intrusion Detection. Intrusion detection is intended to provide insight into ongoing attack activities and provide adequate information to respond to incidents. Google's intrusion detection involves:
    1. tightly controlling the size and make-up of Google's attack surface through preventative measures;
    2. employing intelligent detection controls at data entry points; and
    3. employing technologies that automatically remedy certain dangerous situations.
  • Incident Response. Google monitors a variety of communication channels for security incidents, and Google's security personnel will react promptly to known incidents.
  • Encryption Technologies. Google makes HTTPS encryption (also referred to as SSL or TLS connection) available. Google servers support ephemeral elliptic curve Diffie-Hellman cryptographic key exchange signed with RSA and ECDSA. These perfect forward secrecy (PFS) methods help protect traffic and minimize the impact of a compromised key, or a cryptographic breakthrough.
  1. Access and Site Controls

(a) Site Controls.

  • On-site Data Center Security Operation. Google's data centers maintain an on-site security operation responsible for all physical data center security functions 24 hours a day, 7 days a week. The on-site security operation personnel monitor closed circuit TV (CCTV) cameras and all alarm systems. On-site security operation personnel perform internal and external patrols of the data center regularly.
  • Data Center Access Procedures. Google maintains formal access procedures for allowing physical access to the data centers. The data centers are housed in facilities that require electronic card key access, with alarms that are linked to the on-site security operation. All entrants to the data center are required to identify themselves as well as show proof of identity to on-site security operations. Only authorized employees, contractors and visitors are allowed entry to the data centers. Only authorized employees and contractors are permitted to request electronic card key access to these facilities. Data center electronic card key access requests must be made through e-mail, and require the approval of the requestor's manager and the data center director. All other entrants requiring temporary data center access must: (i) obtain approval in advance from the data center managers for the specific data center and internal areas they wish to visit; (ii) sign in at on-site security operations; and (iii) reference an approved data center access record identifying the individual as approved.
  • On-site Data Center Security Devices. Google's data centers employ an electronic card key and biometric access control system that is linked to a system alarm. The access control system monitors and records each individual's electronic card key and when they access perimeter doors, shipping and receiving, and other critical areas. Unauthorized activity and failed access attempts are logged by the access control system and investigated, as appropriate. Authorized access throughout the business operations and data centers is restricted based on zones and the individual's job responsibilities. The fire doors at the data centers are alarmed. CCTV cameras are in operation both inside and outside the data centers. The positioning of the cameras has been designed to cover strategic areas including, among others, the perimeter, doors to the data center building, and shipping/receiving. On-site security operations personnel manage the CCTV monitoring, recording and control equipment. Secure cables throughout the data centers connect the CCTV equipment. Cameras record on site via digital video recorders 24 hours a day, 7 days a week. The surveillance records are retained for up to 30 days based on activity.

(b) Access Control.

  • Infrastructure Security Personnel. Google has, and maintains, a security policy for its personnel, and requires security training as part of the training package for its personnel. Google's infrastructure security personnel are responsible for the ongoing monitoring of Google's security infrastructure, the review of the Services, and responding to security incidents.
  • Access Control and Privilege Management. Customer's administrators must authenticate themselves via a central authentication system or via a single sign on system in order to administer the Services.
  • Internal Data Access Processes and Policies – Access Policy. Google's internal data access processes and policies are designed to prevent unauthorized persons and/or systems from gaining access to systems used to process personal data. Google designs its systems to (i) only allow authorized persons to access data they are authorized to access; and (ii) ensure that personal data cannot be read, copied, altered or removed without authorization during processing, use and after recording. The systems are designed to detect any inappropriate access. Google employs a centralized access management system to control personnel access to production servers, and only provides access to a limited number of authorized personnel. LDAP, Kerberos and a proprietary system utilizing SSH certificates are designed to provide Google with secure and flexible access mechanisms. These mechanisms are designed to grant only approved access rights to site hosts, logs, data and configuration information. Google requires the use of unique user IDs, strong passwords, two factor authentication and carefully monitored access lists to minimize the potential for unauthorized account use. The granting or modification of access rights is based on: the authorized personnel's job responsibilities; job duty requirements necessary to perform authorized tasks; and a need to know basis. The granting or modification of access rights must also be in accordance with Google's internal data access policies and training. Where passwords are employed for authentication (e.g., login to workstations), password policies that follow at least industry standard practices are implemented. These standards include restrictions on password reuse and sufficient password strength. For access to extremely sensitive information, Google uses hardware tokens.
  1. Data
  • (a) Data Storage, Isolation and Logging. Google stores data in a multi-tenant environment on Google-owned servers. Google also logically isolates the Customer's data. Customer will be given control over specific data sharing policies. Those policies, in accordance with the functionality of the Services, will enable Customer to determine the product sharing settings applicable to Customer End Users for specific purposes. Customer may choose to make use of certain logging capability that Google may make available via the Services.
  • (b) Decommissioned Disks and Disk Erase Policy. Disks containing data may experience performance issues, errors or hardware failure that lead them to be decommissioned ("Decommissioned Disk"). Every Decommissioned Disk is subject to a series of data destruction processes (the "Disk Erase Policy") before leaving Google's premises either for reuse or destruction. Decommissioned Disks are erased in a multi-step process and verified complete by at least two independent validators. The erase results are logged by the Decommissioned Disk's serial number for tracking. Finally, the erased Decommissioned Disk is released to inventory for reuse and redeployment. If, due to hardware failure, the Decommissioned Disk cannot be erased, it is securely stored until it can be destroyed. Each facility is audited regularly to monitor compliance with the Disk Erase Policy.
  1. Personnel Security

Google personnel are required to conduct themselves in a manner consistent with the company's guidelines regarding confidentiality, business ethics, appropriate usage, and professional standards. Google conducts reasonably appropriate backgrounds checks to the extent legally permissible and in accordance with applicable local labor law and statutory regulations.

Personnel are required to execute a confidentiality agreement and must acknowledge receipt of, and compliance with, Google's confidentiality and privacy policies. Personnel are provided with security training. Personnel handling Customer Data are required to complete additional requirements appropriate to their role (eg., certifications). Google's personnel will not process Customer Data without authorization.

  1. Subprocessor Security

Before onboarding Subprocessors, Google conducts an audit of the security and privacy practices of Subprocessors to ensure Subprocessors provide a level of security and privacy appropriate to their access to data and the scope of the services they are engaged to provide. Once Google has assessed the risks presented by the Subprocessor, then subject to the requirements set out in Section 11.3 (Requirements for Subprocessor Engagement) of these Terms, the Subprocessor is required to enter into appropriate security, confidentiality and privacy contract terms.

Previous versions

 

 

 

VIII. Google Analytics for Firebase Terms of Service

Terms last modified: April 17, 2019 | Previous versions

These Google Analytics for Firebase Terms of Service are entered into by the entity or individual using the Service ("You") and:

(A) if Your address is in any country within Europe, the Middle East, or Africa: Google Ireland Limited ("Google"), with offices at Gordon House, Barrow Street, Dublin 4, Ireland;

(B) if Your address is in a country within the Asia Pacific region: Google Asia Pacific Pte. Ltd. ("GAP"), of 70 Pasir Panjang Road, #03-71, Mapletree Business City II, Singapore 117371, unless Your address is in one of the following countries, in which case the specified entity as a reseller:

  • Australia: Google Australia Pty Ltd of Level 5, 48 Pirrama Road, Pyrmont 2009, NSW, Australia
  • New Zealand: Google New Zealand Limited of PWC Tower, Level 27, 188 Quay Street, Auckland, New Zealand 1010
  • Japan: Google Japan G.K. of Roppongi Hills Mori Tower, 6-10-1, Roppongi, Minato-ku, Tokyo, Japan

("Google Reseller") and references to "Google" mean Google LLC, GAP, Google Reseller, and/or their affiliates, depending on the context; or

(C) if Your address is anywhere else in the world: Google LLC ("Google"), with offices at 1600 Amphitheatre Parkway, Mountain View, California 94043.

This Agreement (as defined below) governs Your use of Google Analytics for Firebase (the "Service"). BY CLICKING THE "I ACCEPT" BUTTON, COMPLETING THE REGISTRATION PROCESS, OR USING THE SERVICE, YOU ACKNOWLEDGE THAT YOU HAVE REVIEWED AND ACCEPT THIS AGREEMENT AND ARE AUTHORIZED TO ACT ON BEHALF OF, AND BIND TO THIS AGREEMENT, THE OWNER OF THIS ACCOUNT. You confirm that you will comply with the Google Analytics for Firebase Policies and that you have separately entered the Google API Terms of Service with Google LLC (which, along with the Google Analytics for Firebase Terms of Service and the Google Analytics for Firebase Policies, mean the "Agreement"). The parties agree as follows:

  1. Definitions.

"Account" refers to the account for the Service.

"Affiliate(s)" means in relation to each of the parties: (a) any parent company of that party; and (b) any corporate body of which that party directly or indirectly has control or which is directly or indirectly controlled by the same person or group of persons as that party.

"Confidential Information" includes any proprietary data and any other information disclosed by one party to the other in writing and marked "confidential" or disclosed orally and, within five business days, reduced to writing and marked "confidential". However, Confidential Information will not include any information that is or becomes known to the general public, which is already in the receiving party's possession prior to disclosure by a party or which is independently developed by the receiving party without the use of Confidential Information.

"Customer Data" means the data You collect, process or store using the Service concerning the characteristics and activities of Users.

"Documentation" means any accompanying documentation made available to You by Google for use with the Processing Software, including any documentation available online.

"SDK" means the Firebase Software Development Kit, which is used or incorporated in an App for the purpose of collecting Customer Data, together with any fixes, updates and upgrades provided to You.

"Processing Software" means the Google server-side software and any upgrades, which analyzes the Customer Data and generates the Reports.

"App" means any app or other resource that sends data to the Service. Each App must be under Your control.

"Privacy Policy" means the privacy policy on an App.

"Report" means the resulting analysis made available to You.

"Servers" means the servers controlled by Google or its Affiliates on which the Processing Software and Customer Data are stored.

"Software" means the SDK and the Processing Software.

"Third Party" means any third party (i) to which You provide access to Your Account or (i) for which You use the Service to collect information on the third party's behalf.

"Users" means users of Your Apps.

The words "include" and "including" mean "including but not limited to."

  1. Fees and Service.

Google and its Affiliates may change its fees and payment policies for the Service from time to time. The changes to the fees or payment policies are effective upon Your acceptance of those changes which will be posted at firebase.google.com/terms/analytics. Unless otherwise stated, all fees are quoted in U.S. Dollars. Any outstanding balance becomes immediately due and payable upon termination of this Agreement and any collection expenses (including attorneys' fees) incurred by Google and its Affiliates will be included in the amount owed, and may be charged to the credit card or other billing mechanism associated with Your AdWords account.

  1. Member Account, Password, and Security.

To register for the Service, You must be acting in the course of business, complete the registration process by providing Google with current, complete and accurate information as prompted by the registration form, including Your e-mail address (username) and password. You will protect Your passwords and take full responsibility for Your own, and third party, use of Your accounts. You are solely responsible for any and all activities that occur under Your Account. You will notify Google immediately upon learning of any unauthorized use of Your Account or any other breach of security. Google or its Affiliates’ support staff may, from time to time, log in to the Service under Your Account in order to maintain or improve service, including to provide You assistance with technical or billing issues. By creating Your Account you agree to receive electronic statements from Google and its Affiliates.

  1. Nonexclusive License.

Subject to the terms and conditions of this Agreement, (a) Google grants You a limited, revocable, non-exclusive, non-sublicensable license to install, copy and use the SDK solely as necessary for You to use the Service on Your Apps or Third Parties Apps; and (b) You may remotely access, view and download Your Reports. You will not (and You will not allow any third party to) use data labeled as belonging to a third party in the Service for purposes other than generating, viewing, and downloading Reports. You will comply with all applicable laws and regulations and Your agreements with third parties in Your use of and access to the Documentation, Software, Service and Reports.

  1. Confidentiality.

Neither party will use or disclose the other party's Confidential Information without the other's prior written consent except for the purpose of performing its obligations under this Agreement or if required by law, regulation or court order; in which case, the party being compelled to disclose Confidential Information will give the other party as much notice as is reasonably practicable prior to disclosing the Confidential Information if permitted by law.

  1. Information Rights and Publicity.

Google and its Affiliates may retain and use, subject to the terms of its privacy policy (located at www.google.com/privacy.html), information collected in Your use of the Service. Google will not share Your Customer Data or any Third Party's Customer Data with any third parties unless Google (i) has Your consent for any Customer Data or any Third Party's consent for the Third Party's Customer Data; (ii) concludes that it is required by law or has a good faith belief that access, preservation or disclosure of Customer Data is reasonably necessary to protect the rights, property or safety of Google, its users or the public; or (iii) provides Customer Data in certain limited circumstances to third parties to carry out tasks on Google's behalf (e.g., billing or data storage) with strict restrictions that prevent the data from being used or shared except as directed by Google. When this is done, it is subject to agreements that oblige those parties to process Customer Data only on Google's instructions and in compliance with this Agreement and appropriate confidentiality and security measures.

  1. Privacy.

You will not, and will not assist or permit any third party to, pass information to Google that Google could use or recognize as personally identifiable information. You will have and abide by an appropriate Privacy Policy and will comply with all applicable laws, policies, and regulations relating to the collection, usage and sharing of information from Users. You must post a Privacy Policy and that Privacy Policy must provide notice of Your use of cookies, identifiers for mobile devices (e.g., Android Advertising Identifier or Advertising Identifier for iOS) or similar technology that are used to collect data. You must disclose the use of the Service, and how it collects and processes data. This can be done by displaying a prominent link to the site "How Google uses data when you use our partners' sites or apps", (located at www.google.com/policies/privacy/partners/, or any other URL Google may provide from time to time). You will use commercially reasonable efforts to ensure that a User is provided with clear and comprehensive information about, and consents to, the storing and accessing of cookies or other information on the User’s device where such activity occurs in connection with the Service and where providing such information and obtaining such consent is required by law.

You must not circumvent any privacy features that are part of the Service.

Your access to and use of any other DoubleClick or Google service is subject to the applicable terms between You and Google regarding that service.

  1. Indemnification.

To the maximum extent permitted by applicable law, You will indemnify, hold harmless and defend Google and its Affiliates, at Your expense, from any and all third-party claims, actions, proceedings, and suits brought against Google or any of its officers, directors, employees, agents or Affiliates, and all related liabilities, damages, settlements, penalties, fines, costs or expenses (including, reasonable attorneys' fees and other litigation expenses) incurred by Google or any of its officers, directors, employees, agents or Affiliates, arising out of or relating to (i) Your breach of any term or condition of this Agreement, (ii) Your use of the Service, (iii) Your violations of applicable laws, rules or regulations in connection with the Service, (iv) any representations and warranties made by You concerning any aspect of the Service, the Software or Reports to any Third Party; (v) any claims made by or on behalf of any Third Party pertaining directly or indirectly to Your use of the Service, the Software or Reports; (vi) violations of Your obligations of privacy to any Third Party; and (vii) any claims with respect to acts or omissions of any Third Party in connection with the Service, the Software or Reports. Google will provide You with written notice of any claim, suit or action from which You must indemnify Google and its Affiliates. You will cooperate as fully as reasonably required in the defense of any claim. Google and its Affiliates reserve the right, at their own expense, to assume the exclusive defense and control of any matter subject to indemnification by You.

  1. Third Parties.

If You use the Service on behalf of a Third Party or a Third Party otherwise uses the Service through Your Account, whether or not You are authorized by Google to do so, then You represent and warrant that (a) You are authorized to act on behalf of, and bind to this Agreement, the Third Party to all obligations that You have under this Agreement, (b) Google and its Affiliates may share with the Third Party any Customer Data that is specific to the Third Party's Apps, and (c) You will not disclose Third Party's Customer Data to any other party without the Third Party's consent.

  1. DISCLAIMER OF WARRANTIES.

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, EXCEPT AS EXPRESSLY PROVIDED FOR IN THIS AGREEMENT, GOOGLE MAKES NO OTHER WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING WITHOUT LIMITATION WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR USE AND NON-INFRINGEMENT. THE SERVICE IS PROVIDED "AS IS".

  1. LIMITATION OF LIABILITY.

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, GOOGLE WILL NOT BE LIABLE FOR YOUR LOST PROFITS (WHETHER DIRECT OR INDIRECT) OR INDIRECT, SPECIAL, INCIDENTAL, CONSEQUENTIAL, EXEMPLARY, OR PUNITIVE LOSSES OR DAMAGES (WHETHER OR NOT FORESEEABLE OR CONTEMPLATED BY THE PARTIES), EVEN IF GOOGLE OR ITS AFFILIATES HAVE BEEN ADVISED OF, KNEW OR SHOULD HAVE KNOWN THAT SUCH DAMAGES WERE POSSIBLE AND EVEN IF DIRECT DAMAGES DO NOT SATISFY A REMEDY. GOOGLE AND ITS AFFILIATES’ TOTAL CUMULATIVE LIABILITY TO YOU OR ANY OTHER PARTY FOR ANY LOSS OR DAMAGES RESULTING FROM CLAIMS, DEMANDS, OR ACTIONS ARISING OUT OF OR RELATING TO THIS AGREEMENT WILL NOT EXCEED $500 (USD).

  1. Proprietary Rights Notice.

The Service, which includes the Software and all intellectual property rights therein are, and will remain, the property of Google and its Affiliates. All rights in and to the Software not expressly granted to You in this Agreement are reserved and retained by Google, its Affiliates, and its licensors without restriction, including, Google's (and its Affiliates') right to sole ownership of the Software and Documentation. Without limiting the generality of the foregoing, You agree, to the maximum extent permitted by applicable law, not to (and not to allow any third party to): (a) sublicense, distribute, or use the Service or Software outside of the scope of the license granted in this Agreement; (b) copy, modify, adapt, translate, prepare derivative works from, reverse engineer, disassemble, or decompile the Software or Documentation or otherwise attempt to discover any source code or trade secrets related to the Service; (c) rent, lease, sell, assign or otherwise transfer rights in or to the Software, the Documentation or the Service; (d) use, post, transmit or introduce any device, software or routine which interferes or attempts to interfere with the operation of the Service or the Software; (e) use the trademarks, trade names, service marks, logos, domain names and other distinctive brand features or any copyright or other proprietary rights associated with the Service for any purpose without the express written consent of Google and its Affiliates ; (f) register, attempt to register, or assist anyone else to register any trademark, trade name, serve marks, logos, domain names and other distinctive brand features, copyright or other proprietary rights associated with Google or its Affiliates other than in the name of Google (or its Affiliates as the case may be); (g) remove, obscure, or alter any notice of copyright, trademark, or other proprietary right appearing in or on any item included with the Service or Software or (h) seek, in a proceeding filed during the term of this Agreement or for one year after such term, an injunction of any portion of the Service based on patent infringement.

  1. U.S. Government Rights.

If the use of the Service is being acquired by or on behalf of the U.S. Government or by a U.S. Government prime contractor or subcontractor (at any tier), in accordance with 48 C.F.R. 227.7202-4 (for Department of Defense (DOD) acquisitions) and 48 C.F.R. 2.101 and 12.212 (for non-DOD acquisitions), the Government's rights in the Software, including its rights to use, modify, reproduce, release, perform, display or disclose the Software or Documentation, will be subject in all respects to the commercial license rights and restrictions provided in this Agreement.

  1. Term and Termination.

Either party may terminate this Agreement at any time with notice. Upon any termination of this Agreement, Google will stop providing, and You will stop using the Service. In the event of any termination (a) You will not be entitled to any refunds of any usage fees or any other fees, and (b) any outstanding balance for Service rendered through the date of termination will be immediately due and payable in full and (c) all of Your historical Report data will no longer be available to You.

  1. Modifications to Terms of Service and Other Policies.

Google may modify these terms or any additional terms that apply to the Service to, for example, reflect changes to the law or changes to the Service. You should look at the terms regularly. Google will post notice of modifications to these terms at firebase.google.com/terms/analytics,the Google Analytics for Firebase Policies at firebase.google.com/policies/analytics, or other policies referenced in these terms at the applicable URL for such policies. Changes will not apply retroactively and will become effective no sooner than 14 days after they are posted. If You do not agree to the modified terms for the Service, You should discontinue Your use of the Service. No amendment to or modification of this Agreement will be binding unless (i) in writing and signed by a duly authorized representative of Google, (ii) You accept updated terms online, or (iii) You continue to use the Service after Google has posted updates to the Agreement or to any policy governing the Service.

  1. Applicable Law and Venue.

(a) Except as set forth in Sections 16(b) and (c) below, all claims arising out of or relating to this Agreement or the Services ("Disputes") will be governed by California law, excluding California’s conflict of laws rules, and all Disputes will be litigated exclusively in the federal or state courts of Santa Clara County, California, USA, and You and Google consent to personal jurisdiction in those courts.

(b) If Your principal place of business (for entities) or place of residence (for individuals) is in any country within APAC (other than Australia, Japan, New Zealand or Singapore) or Latin America, this Section 16(b) will apply instead of Section 16(a) above. ALL DISPUTES (AS DEFINED ABOVE) WILL BE GOVERNED BY CALIFORNIA LAW, EXCLUDING CALIFORNIA’S CONFLICT OF LAWS RULES. The parties will try in good faith to settle any Dispute within 30 days after the Dispute arises. If the Dispute is not resolved within 30 days, it must be resolved by arbitration by the American Arbitration Association’s International Centre for Dispute Resolution in accordance with its Expedited Commercial Rules in force as of the date of this Agreement ("Rules"). The parties will mutually select one arbitrator. The arbitration will be conducted in English in Santa Clara County, California, USA. Either party may apply to any competent court for injunctive relief necessary to protect its rights pending resolution of the arbitration. The arbitrator may order equitable or injunctive relief consistent with the remedies and limitations in this Agreement. Subject to the confidentiality requirements in Section 5, either party may petition any competent court to issue any order necessary to protect that party's rights or property; this petition will not be considered a violation or waiver of this governing law and arbitration section and will not affect the arbitrator’s powers, including the power to review the judicial decision. The parties stipulate that the courts of Santa Clara County, California, USA, are competent to grant any order under this subsection. The arbitral award will be final and binding on the parties and its execution may be presented in any competent court, including any court with jurisdiction over either party or any of its property. Any arbitration proceeding conducted in accordance with this section will be considered Confidential Information under this Agreement's confidentiality section, including (i) the existence of, (ii) any information disclosed during, and (iii) any oral communications or documents related to the arbitration proceedings. The parties may also disclose the information described in this section to a competent court as may be necessary to file any order under this section or execute any arbitral decision, but the parties must request that those judicial proceedings be conducted in camera (in private). The parties will pay the arbitrator’s fees, the arbitrator's appointed experts' fees and expenses, and the arbitration center's administrative expenses in accordance with the Rules. In its final decision, the arbitrator will determine the non-prevailing party's obligation to reimburse the amount paid in advance by the prevailing party for these fees. Each party will bear its own lawyers’ and experts’ fees and expenses, regardless of the arbitrator’s final decision.

(c) If Your principal place of business (for entities) or place of residence (for individuals) is in Greece, all Disputes (as defined above) will be governed by Greek law and the parties submit to the exclusive jurisdiction of the courts of Athens in relation to any Dispute.

  1. Miscellaneous

Google and its Affiliates will be excused from performance in this Agreement to the extent that performance is prevented, delayed or obstructed by causes beyond its reasonable control. This Agreement (including any amendment agreed upon by the parties in writing) represents the complete agreement between You and Google concerning its subject matter, and supersedes all prior agreements and representations between the parties. If any provision of this Agreement is held to be unenforceable for any reason, such provision will be reformed to the extent necessary to make it enforceable to the maximum extent permissible so as to effect the intent of the parties, and the remainder of this Agreement will continue in full force and effect. Certain laws of the jurisdiction in which you reside may confer rights and remedies and imply terms into this Agreement that cannot be excluded. Those rights, remedies, and implied terms are not excluded by this Agreement. To the extent that the relevant laws permit Google to limit their operation, Google’s liability under those laws will be limited at its option, to the supply of the services again, or payment of the cost of having the services supplied again. The United Nations Convention on Contracts for the International Sale of Goods and the Uniform Computer Information Transactions Act do not apply to this Agreement. The Software is controlled by U.S. Export Regulations, and it may be not be exported to or used by embargoed countries or individuals. Any notices to Google must be sent to: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, with a copy to Legal Department, via first class or air mail or overnight courier, and are deemed given upon receipt. A waiver of any default is not a waiver of any subsequent default. You may not assign or otherwise transfer any of Your rights in this Agreement without Google's prior written consent, and any such attempt is void. Google may assign or otherwise transfer this Agreement to any of its Affiliates. The relationship between Google and You is not one of a legal partnership relationship, but is one of independent contractors. This Agreement will be binding upon and inure to the benefit of the respective successors and assigns of the parties hereto. The following sections of this Agreement will survive any termination thereof: 1, 4, 5, 6 , 7, 8, 9, 10, 11, 12, 14, 16 and 17.

 

 

 

IX.       Google Analytics for Firebase Use Policy

By enabling Google Analytics for Firebase you enable the collection of data about App Users, including via identifiers for mobile devices (including Android Advertising ID and Advertising Identifier for iOS), cookies and similar technologies.

You will not facilitate the merging of personally-identifiable information with non-personally identifiable information unless you have robust notice of, and the user's prior affirmative (i.e., opt-in) consent to, that merger.

You are required to notify your App Users by disclosing the following information:

The Google Analytics for Firebase features you have implemented.

How you and third-party vendors use first-party cookies, or other first-party identifiers, and third-party cookies and similar technologies, such as identifiers for mobile devices (including Android Advertising ID and Advertising Identifier for iOS), or other third-party identifiers, together.

How App Users can opt-out of the Google Analytics for Firebase features you use, including through applicable device settings, such as the device advertising settings for mobile apps, or any other available means.

 

European Union User Consent Policy

You must comply with the European Union User Consent Policy.

 

Interest-based advertising

If you use Google Analytics for Firebase to collect sensitive information about your visitors, including information described in the Google AdWords sensitive category restrictions, you may not use Google Analytics for Firebase to collect data for the purpose of interest based advertising. 

Because laws across countries and territories vary, and because Google Analytics for Firebase can be used in many ways, Google is unable to provide the exact language you need to include in your privacy policy. Only you understand the unique aspects and special considerations of your business, and your privacy policy should account for this information that only you can provide.

 

Last Updated: 2017/05/17 (View the archived version)

 

 

 

 X. Google Ads Data Processing Terms

Google and the counterparty agreeing to these terms (“Customer”) have entered into an agreement for the provision of the Processor Services (as amended from time to time, the “Agreement”).

These Google Ads Data Processing Terms (including the appendices, “Data Processing Terms”) are entered into by Google and Customer and supplement the Agreement. These Data Processing Terms will be effective, and replace any previously applicable terms relating to their subject matter (including any data processing amendment or data processing addendum relating to the Processor Services), from the Terms Effective Date.

If you are accepting these Data Processing Terms on behalf of Customer, you warrant that: (a) you have full legal authority to bind Customer to these Data Processing Terms; (b) you have read and understand these Data Processing Terms; and (c) you agree, on behalf of Customer, to these Data Processing Terms. If you do not have the legal authority to bind Customer, please do not accept these Data Processing Terms.

  1. Introduction

These Data Processing Terms reflect the parties’ agreement on the terms governing the processing and security of Customer Personal Data in connection with the Data Protection Legislation. 

  1. Definitions and Interpretation

2.1 In these Data Processing Terms:

“Additional Product” means a product, service or application provided by Google or a third party that: (a) is not part of the Processor Services; and (b) is accessible for use within the user interface of the Processor Services or is otherwise integrated with the Processor Services.

“Affiliate” means an entity that directly or indirectly controls, is controlled by, or is under common control with, a party.

“Customer Personal Data” means personal data that is processed by Google on behalf of Customer in Google’s provision of the Processor Services.

“Data Incident” means a breach of Google’s security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Customer Personal Data on systems managed by or otherwise controlled by Google. “Data Incidents” will not include unsuccessful attempts or activities that do not compromise the security of Customer Personal Data, including unsuccessful log-in attempts, pings, port scans, denial of service attacks, and other network attacks on firewalls or networked systems.

“Data Protection Legislation” means, as applicable: (a) the GDPR; and/or (b) the Federal Data Protection Act of 19 June 1992 (Switzerland).

“Data Subject Tool” means a tool (if any) made available by a Google Entity to data subjects that enables Google to respond directly and in a standardised manner to certain requests from data subjects in relation to Customer Personal Data (for example, online advertising settings or an opt-out browser plugin).

“EEA” means the European Economic Area. 

“GDPR” means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.

“Google” means the Google Entity that is party to the Agreement.

“Google Affiliate Subprocessors” has the meaning given in Section 11.1 (Consent to Subprocessor Engagement).

“Google Entity” means Google LLC (formerly known as Google Inc.), Google Ireland Limited or any other Affiliate of Google LLC. 

“ISO 27001 Certification” means ISO/IEC 27001:2013 certification or a comparable certification for the Processor Services.

“Notification Email Address” means the email address (if any) designated by Customer, via the user interface of the Processor Services or such other means provided by Google, to receive certain notifications from Google relating to these Data Processing Terms. 

“Privacy Shield” means the EU-U.S. Privacy Shield legal framework and the Swiss-U.S. Privacy Shield legal framework.

“Processor Services” means the applicable services listed at privacy.google.com/businesses/adsservices. 

“Security Documentation” means the certificate issued for the ISO 27001 Certification and any other security certifications or documentation that Google may make available in respect of the Processor Services. 

“Security Measures” has the meaning given in Section 7.1.1 (Google’s Security Measures). 

“Subprocessors” means third parties authorised under these Data Processing Terms to have logical access to and process Customer Personal Data in order to provide parts of the Processor Services and any related technical support.

“Term” means the period from the Terms Effective Date until the end of Google’s provision of the Processor Services under the Agreement.

“Terms Effective Date” means, as applicable:

(a) 25 May 2018, if Customer clicked to accept or the parties otherwise agreed to these Data Processing Terms before or on such date; or

(b) the date on which Customer clicked to accept or the parties otherwise agreed to these Data Processing Terms, if such date is after 25 May 2018. 

“Third Party Subprocessors” has the meaning given in Section 11.1 (Consent to Subprocessor Engagement).

2.2 The terms “controller”, “data subject”, “personal data”, “processing”, “processor” and “supervisory authority” as used in these Data Processing Terms have the meanings given in the GDPR. 

2.3 Any phrase introduced by the terms “including”, “include” or any similar expression will be construed as illustrative and will not limit the sense of the words preceding those terms. Any examples in these Data Processing Terms are illustrative and not the sole examples of a particular concept.

2.4 Any reference to a legal framework, statute or other legislative enactment is a reference to it as amended or re-enacted from time to time.

  1. Duration of these Data Processing Terms

These Data Processing Terms will take effect on the Terms Effective Date and, notwithstanding expiry of the Term, remain in effect until, and automatically expire upon, deletion of all Customer Personal Data by Google as described in these Data Processing Terms.

  1. Application of these Data Processing Terms

4.1 Application of Data Protection Legislation. These Data Processing Terms will only apply to the extent that the Data Protection Legislation applies to the processing of Customer Personal Data, including if:

(a) the processing is in the context of the activities of an establishment of Customer in the EEA; and/or

(b) Customer Personal Data is personal data relating to data subjects who are in the EEA and the processing relates to the offering to them of goods or services or the monitoring of their behaviour in the EEA.

4.2 Application to Processor Services. These Data Processing Terms will only apply to the Processor Services for which the parties agreed to these Data Processing Terms (for example: (a) the Processor Services for which Customer clicked to accept these Data Processing Terms; or (b) if the Agreement incorporates these Data Processing Terms by reference, the Processor Services that are the subject of the Agreement).

  1. Processing of Data

5.1 Roles and Regulatory Compliance; Authorisation.

5.1.1 Processor and Controller Responsibilities. The parties acknowledge and agree that:

(a) Appendix 1 describes the subject matter and details of the processing of Customer Personal Data;

(b) Google is a processor of Customer Personal Data under the Data Protection Legislation;

(c) Customer is a controller or processor, as applicable, of Customer Personal Data under the Data Protection Legislation; and

(d) each party will comply with the obligations applicable to it under the Data Protection Legislation with respect to the processing of Customer Personal Data.

5.1.2 Authorisation by Third Party Controller. If Customer is a processor, Customer warrants to Google that Customer’s instructions and actions with respect to Customer Personal Data, including its appointment of Google as another processor, have been authorised by the relevant controller. 

5.2 Customer’s Instructions. By entering into these Data Processing Terms, Customer instructs Google to process Customer Personal Data only in accordance with applicable law: (a) to provide the Processor Services and any related technical support; (b) as further specified via Customer’s use of the Processor Services (including in the settings and other functionality of the Processor Services) and any related technical support; (c) as documented in the form of the Agreement, including these Data Processing Terms; and (d) as further documented in any other written instructions given by Customer and acknowledged by Google as constituting instructions for purposes of these Data Processing Terms.

5.3 Google’s Compliance with Instructions. Google will comply with the instructions described in Section 5.2 (Customer’s Instructions) (including with regard to data transfers) unless EU or EU Member State law to which Google is subject requires other processing of Customer Personal Data by Google, in which case Google will inform Customer (unless that law prohibits Google from doing so on important grounds of public interest). 

5.4 Additional Products. If Customer uses any Additional Product, the Processor Services may allow that Additional Product to access Customer Personal Data as required for the interoperation of the Additional Product with the Processor Services. For clarity, these Data Processing Terms do not apply to the processing of personal data in connection with the provision of any Additional Product used by Customer, including personal data transmitted to or from that Additional Product. 

  1. Data Deletion

6.1 Deletion During Term.

6.1.1 Processor Services With Deletion Functionality. During the Term, if:

(a) the functionality of the Processor Services includes the option for Customer to delete Customer Personal Data;

(b) Customer uses the Processor Services to delete certain Customer Personal Data; and

(c) the deleted Customer Personal Data cannot be recovered by Customer (for example, from the “trash”), 

then Google will delete such Customer Personal Data from its systems as soon as reasonably practicable and within a maximum period of 180 days, unless EU or EU Member State law requires storage. 

6.1.2 Processor Services Without Deletion Functionality. During the Term, if the functionality of the Processor Services does not include the option for Customer to delete Customer Personal Data, then Google will comply with:

(a) any reasonable request from Customer to facilitate such deletion, insofar as this is possible taking into account the nature and functionality of the Processor Services and unless EU or EU Member State law requires storage; and

(b) the data retention practices described at www.google.com/policies/technologies/ads.

Google may charge a fee (based on Google’s reasonable costs) for any data deletion under Section 6.1.2(a). Google will provide Customer with further details of any applicable fee, and the basis of its calculation, in advance of any such data deletion. 

6.2 Deletion on Term Expiry. On expiry of the Term, Customer instructs Google to delete all Customer Personal Data (including existing copies) from Google’s systems in accordance with applicable law. Google will comply with this instruction as soon as reasonably practicable and within a maximum period of 180 days, unless EU or EU Member State law requires storage.

  1. Data Security

7.1 Google’s Security Measures and Assistance.

7.1.1 Google’s Security Measures. Google will implement and maintain technical and organisational measures to protect Customer Personal Data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access as described in Appendix 2 (the “Security Measures”). As described in Appendix 2, the Security Measures include measures: (a) to encrypt personal data; (b) to help ensure the ongoing confidentiality, integrity, availability and resilience of Google’s systems and services; (c) to help restore timely access to personal data following an incident; and (d) for regular testing of effectiveness. Google may update or modify the Security Measures from time to time, provided that such updates and modifications do not result in the degradation of the overall security of the Processor Services. 

7.1.2 Security Compliance by Google Staff. Google will take appropriate steps to ensure compliance with the Security Measures by its employees, contractors and Subprocessors to the extent applicable to their scope of performance, including ensuring that all persons authorised to process Customer Personal Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality. 

7.1.3 Google’s Security Assistance. Customer agrees that Google will (taking into account the nature of the processing of Customer Personal Data and the information available to Google) assist Customer in ensuring compliance with any obligations of Customer in respect of security of personal data and personal data breaches, including (if applicable) Customer’s obligations pursuant to Articles 32 to 34 (inclusive) of the GDPR, by:

(a) implementing and maintaining the Security Measures in accordance with Section 7.1.1 (Google’s Security Measures);

(b) complying with the terms of Section 7.2 (Data Incidents); and

(c) providing Customer with the Security Documentation in accordance with Section 7.5.1 (Reviews of Security Documentation) and the information contained in these Data Processing Terms. 

7.2 Data Incidents.

7.2.1 Incident Notification. If Google becomes aware of a Data Incident, Google will: (a) notify Customer of the Data Incident promptly and without undue delay; and (b) promptly take reasonable steps to minimise harm and secure Customer Personal Data.

7.2.2 Details of Data Incident. Notifications made under Section 7.2.1 (Incident Notification) will describe, to the extent possible, details of the Data Incident, including steps taken to mitigate the potential risks and steps Google recommends Customer take to address the Data Incident.

7.2.3 Delivery of Notification. Google will deliver its notification of any Data Incident to the Notification Email Address or, at Google’s discretion (including if Customer has not provided a Notification Email Address), by other direct communication (for example, by phone call or an in-person meeting). Customer is solely responsible for providing the Notification Email Address and ensuring that the Notification Email Address is current and valid.

7.2.4 Third Party Notifications. Customer is solely responsible for complying with incident notification laws applicable to Customer and fulfilling any third party notification obligations related to any Data Incident.

7.2.5 No Acknowledgement of Fault by Google. Google’s notification of or response to a Data Incident under this Section 7.2 (Data Incidents) will not be construed as an acknowledgement by Google of any fault or liability with respect to the Data Incident.

7.3 Customer’s Security Responsibilities and Assessment.

7.3.1 Customer’s Security Responsibilities. Customer agrees that, without prejudice to Google’s obligations under Sections 7.1 (Google’s Security Measures and Assistance) and 7.2 (Data Incidents):

(a) Customer is solely responsible for its use of the Processor Services, including:

(i) making appropriate use of the Processor Services to ensure a level of security appropriate to the risk in respect of Customer Personal Data; and

(ii) securing the account authentication credentials, systems and devices Customer uses to access the Processor Services; and

(b) Google has no obligation to protect Customer Personal Data that Customer elects to store or transfer outside of Google’s and its Subprocessors’ systems.

7.3.2 Customer’s Security Assessment. Customer acknowledges and agrees that (taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of the processing of Customer Personal Data as well as the risks to individuals) the Security Measures implemented and maintained by Google as set out in Section 7.1.1 (Google’s Security Measures) provide a level of security appropriate to the risk in respect of Customer Personal Data.

7.4 Security Certification. To evaluate and help ensure the continued effectiveness of the Security Measures, Google will maintain the ISO 27001 Certification.

7.5 Reviews and Audits of Compliance.

7.5.1 Reviews of Security Documentation. To demonstrate compliance by Google with its obligations under these Data Processing Terms, Google will make the Security Documentation available for review by Customer.

7.5.2 Customer’s Audit Rights.

(a) Google will allow Customer or a third party auditor appointed by Customer to conduct audits (including inspections) to verify Google’s compliance with its obligations under these Data Processing Terms in accordance with Section 7.5.3 (Additional Business Terms for Audits). Google will contribute to such audits as described in Section 7.4 (Security Certification) and this Section 7.5 (Reviews and Audits of Compliance).

(b) Customer may also conduct an audit to verify Google’s compliance with its obligations under these Data Processing Terms by reviewing the certificate issued for the ISO 27001 Certification (which reflects the outcome of an audit conducted by a third party auditor).

7.5.3 Additional Business Terms for Audits.

(a) Customer will send any request for an audit under Section 7.5.2(a) to Google as described in Section 12.1 (Contacting Google).

(b) Following receipt by Google of a request under Section 7.5.3(a), Google and Customer will discuss and agree in advance on the reasonable start date, scope and duration of, and security and confidentiality controls applicable to, any audit under Section 7.5.2(a).

(c) Google may charge a fee (based on Google’s reasonable costs) for any audit under Section 7.5.2(a). Google will provide Customer with further details of any applicable fee, and the basis of its calculation, in advance of any such audit. Customer will be responsible for any fees charged by any third party auditor appointed by Customer to execute any such audit.

(d) Google may object to any third party auditor appointed by Customer to conduct any audit under Section 7.5.2(a) if the auditor is, in Google’s reasonable opinion, not suitably qualified or independent, a competitor of Google or otherwise manifestly unsuitable. Any such objection by Google will require Customer to appoint another auditor or conduct the audit itself. 

(e) Nothing in these Data Processing Terms will require Google either to disclose to Customer or its third party auditor, or to allow Customer or its third party auditor to access:

(i) any data of any other customer of a Google Entity;

(ii) any Google Entity’s internal accounting or financial information;

(iii) any trade secret of a Google Entity;

(iv) any information that, in Google's reasonable opinion, could: (A) compromise the security of any Google Entity’s systems or premises; or (B) cause any Google Entity to breach its obligations under the Data Protection Legislation or its security and/or privacy obligations to Customer or any third party; or

(v) any information that Customer or its third party auditor seeks to access for any reason other than the good faith fulfilment of Customer’s obligations under the Data Protection Legislation.

  1. Impact Assessments and Consultations

Customer agrees that Google will (taking into account the nature of the processing and the information available to Google) assist Customer in ensuring compliance with any obligations of Customer in respect of data protection impact assessments and prior consultation, including (if applicable) Customer’s obligations pursuant to Articles 35 and 36 of the GDPR, by: 

(a) providing the Security Documentation in accordance with Section 7.5.1 (Reviews of Security Documentation);

(b) providing the information contained in these Data Processing Terms; and

(c) providing or otherwise making available, in accordance with Google’s standard practices, other materials concerning the nature of the Processor Services and the processing of Customer Personal Data (for example, help centre materials).

  1. Data Subject Rights

9.1 Responses to Data Subject Requests. If Google receives a request from a data subject in relation to Customer Personal Data, Google will:

(a) if the request is made via a Data Subject Tool, respond directly to the data subject’s request in accordance with the standard functionality of that Data Subject Tool; or 

(b) if the request is not made via a Data Subject Tool, advise the data subject to submit his/her request to Customer, and Customer will be responsible for responding to such request.

9.2 Google’s Data Subject Request Assistance. Customer agrees that Google will (taking into account the nature of the processing of Customer Personal Data and, if applicable, Article 11 of the GDPR) assist Customer in fulfilling any obligation of Customer to respond to requests by data subjects, including (if applicable) Customer’s obligation to respond to requests for exercising the data subject’s rights laid down in Chapter III of the GDPR, by: 

(a) providing the functionality of the Processor Services;

(b) complying with the commitments set out in Section 9.1 (Responses to Data Subject Requests); and

(c) if applicable to the Processor Services, making available Data Subject Tools.

 Data Transfers

10.1 Data Storage and Processing Facilities. Customer agrees that Google may, subject to Section 10.2 (Transfers of Data Out of the EEA and Switzerland), store and process Customer Personal Data in the United States of America and any other country in which Google or any of its Subprocessors maintains facilities. 

10.2 Transfers of Data Out of the EEA and Switzerland. Google will ensure that: 

(a) the parent company of the Google group, Google LLC, remains self-certified under Privacy Shield on behalf of itself and its wholly-owned U.S. subsidiaries; and

(b) the scope of Google LLC’s Privacy Shield certification includes Customer Personal Data.

10.3 Data Centre Information. Information about the locations of Google data centres is available at www.google.com/about/datacenters/inside/locations/index.html.

  1. Subprocessors

11.1 Consent to Subprocessor Engagement. Customer specifically authorises the engagement of Google’s Affiliates as Subprocessors (“Google Affiliate Subprocessors”). In addition, Customer generally authorises the engagement of any other third parties as Subprocessors (“Third Party Subprocessors”).

11.2 Information about Subprocessors. Information about Subprocessors is available at privacy.google.com/businesses/subprocessors.

11.3 Requirements for Subprocessor Engagement. When engaging any Subprocessor, Google will:

(a) ensure via a written contract that:

(i) the Subprocessor only accesses and uses Customer Personal Data to the extent required to perform the obligations subcontracted to it, and does so in accordance with the Agreement (including these Data Processing Terms) and Privacy Shield; and

(ii) if the GDPR applies to the processing of Customer Personal Data, the data protection obligations set out in Article 28(3) of the GDPR are imposed on the Subprocessor; and 

(b) remain fully liable for all obligations subcontracted to, and all acts and omissions of, the Subprocessor.

11.4 Opportunity to Object to Subprocessor Changes.

(a) When any new Third Party Subprocessor is engaged during the Term, Google will, at least 30 days before the new Third Party Subprocessor processes any Customer Personal Data, inform Customer of the engagement (including the name and location of the relevant subprocessor and the activities it will perform) by sending an email to the Notification Email Address.

(b) Customer may object to any new Third Party Subprocessor by terminating the Agreement immediately upon written notice to Google, on condition that Customer provides such notice within 90 days of being informed of the engagement of the new Third Party Subprocessor as described in Section 11.4(a). This termination right is Customer’s sole and exclusive remedy if Customer objects to any new Third Party Subprocessor.

  1. Contacting Google; Processing Records

12.1 Contacting Google. Customer may contact Google in relation to the exercise of its rights under these Data Processing Terms via the methods described at privacy.google.com/businesses/processorsupport or via such other means as may be provided by Google from time to time. 

12.2 Google’s Processing Records. Customer acknowledges that Google is required under the GDPR to: (a) collect and maintain records of certain information, including the name and contact details of each processor and/or controller on behalf of which Google is acting and (if applicable) of such processor’s or controller's local representative and data protection officer; and (b) make such information available to the supervisory authorities. Accordingly, Customer will, where requested and as applicable to Customer, provide such information to Google via the user interface of the Processor Services or via such other means as may be provided by Google, and will use such user interface or other means to ensure that all information provided is kept accurate and up-to-date. 

  1. Liability

If the Agreement is governed by the laws of:

(a) a state of the United States of America, then, notwithstanding anything else in the Agreement, the total liability of either party towards the other party under or in connection with these Data Processing Terms will be limited to the maximum monetary or payment-based amount at which that party’s liability is capped under the Agreement (for clarity, any exclusion of indemnification claims from the Agreement’s limitation of liability will not apply to indemnification claims under the Agreement relating to the Data Protection Legislation); or 

(b) a jurisdiction that is not a state of the United States of America, then the liability of the parties under or in connection with these Data Processing Terms will be subject to the exclusions and limitations of liability in the Agreement. 

  1. Effect of these Data Processing Terms

If there is any conflict or inconsistency between the terms of these Data Processing Terms and the remainder of the Agreement, the terms of these Data Processing Terms will govern. Subject to the amendments in these Data Processing Terms, the Agreement remains in full force and effect.

  1. Changes to these Data Processing Terms

15.1 Changes to URLs. From time to time, Google may change any URL referenced in these Data Processing Terms and the content at any such URL. Google may only change the list of potential Processor Services at privacy.google.com/businesses/adsservices: 

(a) to reflect a change to the name of a service;

(b) to add a new service; or

(c) to remove a service where either: (i) all contracts for the provision of that service are terminated; or (ii) Google has Customer’s consent.

15.2 Changes to Data Processing Terms. Google may change these Data Processing Terms if the change:

(a) is expressly permitted by these Data Processing Terms, including as described in Section 15.1 (Changes to URLs);

(b) reflects a change in the name or form of a legal entity;

(c) is required to comply with applicable law, applicable regulation, a court order or guidance issued by a governmental regulator or agency; or

(d) does not: (i) result in a degradation of the overall security of the Processor Services; (ii) expand the scope of, or remove any restrictions on, Google’s processing of Customer Personal Data, as described in Section 5.3 (Google’s Compliance with Instructions); and (iii) otherwise have a material adverse impact on Customer’s rights under these Data Processing Terms, as reasonably determined by Google. 

15.3Notification of Changes. If Google intends to change these Data Processing Terms under Section 15.2(c) or (d), Google will inform Customer at least 30 days (or such shorter period as may be required to comply with applicable law, applicable regulation, a court order or guidance issued by a governmental regulator or agency) before the change will take effect by either: (a) sending an email to the Notification Email Address; or (b) alerting Customer via the user interface for the Processor Services. If Customer objects to any such change, Customer may terminate the Agreement by giving written notice to Google within 90 days of being informed by Google of the change.

Appendix 1: Subject Matter and Details of the Data Processing

Subject Matter

Google’s provision of the Processor Services and any related technical support to Customer. 

Duration of the Processing

The Term plus the period from expiry of the Term until deletion of all Customer Personal Data by Google in accordance with these Data Processing Terms.

Nature and Purpose of the Processing

Google will process (including, as applicable to the Processor Services and the instructions described in Section 5.2 (Customer’s Instructions), collecting, recording, organising, structuring, storing, altering, retrieving, using, disclosing, combining, erasing and destroying) Customer Personal Data for the purpose of providing the Processor Services and any related technical support to Customer in accordance with these Data Processing Terms. 

Types of Personal Data

Customer Personal Data may include the types of personal data described at privacy.google.com/businesses/adsservices.

Categories of Data Subjects

Customer Personal Data will concern the following categories of data subjects:

data subjects about whom Google collects personal data in its provision of the Processor Services; and/or

data subjects about whom personal data is transferred to Google in connection with the Processor Services by, at the direction of, or on behalf of Customer.

Depending on the nature of the Processor Services, these data subjects may include individuals: (a) to whom online advertising has been, or will be, directed; (b) who have visited specific websites or applications in respect of which Google provides the Processor Services; and/or (c) who are customers or users of Customer’s products or services.

 

Appendix 2: Security Measures

As from the Terms Effective Date, Google will implement and maintain the Security Measures set out in this Appendix 2. Google may update or modify such Security Measures from time to time, provided that such updates and modifications do not result in the degradation of the overall security of the Processor Services.

 

  1. Data Centre & Network Security

(a) Data Centres.

 

Infrastructure. Google maintains geographically distributed data centres. Google stores all production data in physically secure data centres.

 

Redundancy. Infrastructure systems have been designed to eliminate single points of failure and minimise the impact of anticipated environmental risks. Dual circuits, switches, networks or other necessary devices help provide this redundancy. The Processor Services are designed to allow Google to perform certain types of preventative and corrective maintenance without interruption. All environmental equipment and facilities have documented preventative maintenance procedures that detail the process for and frequency of performance in accordance with the manufacturer's or internal specifications. Preventative and corrective maintenance of the data centre equipment is scheduled through a standard process according to documented procedures.

 

Power. The data centre electrical power systems are designed to be redundant and maintainable without impact to continuous operations, 24 hours a day, and 7 days a week. In most cases, a primary as well as an alternate power source, each with equal capacity, is provided for critical infrastructure components in the data centre. Backup power is provided by various mechanisms such as uninterruptible power supply (UPS) batteries, which supply consistently reliable power protection during utility brownouts, blackouts, over voltage, under voltage, and out-of-tolerance frequency conditions. If utility power is interrupted, backup power is designed to provide transitory power to the data centre, at full capacity, for up to 10 minutes until the diesel generator systems take over. The diesel generators are capable of automatically starting up within seconds to provide enough emergency electrical power to run the data centre at full capacity typically for a period of days.

 

Server Operating Systems. Google servers use hardened operating systems which are customised for the unique server needs of the business. Data is stored using proprietary algorithms to augment data security and redundancy. Google employs a code review process to increase the security of the code used to provide the Processor Services and enhance the security products in production environments.

 

Businesses Continuity. Google replicates data over multiple systems to help to protect against accidental destruction or loss. Google has designed and regularly plans and tests its business continuity planning/disaster recovery programs.

 

(b) Networks & Transmission.

 

Data Transmission. Data centres are typically connected via high-speed private links to provide secure and fast data transfer between data centres. This is designed to prevent data from being read, copied, altered or removed without authorisation during electronic transfer or transport or while being recorded onto data storage media. Google transfers data via Internet standard protocols.

 

External Attack Surface. Google employs multiple layers of network devices and intrusion detection to protect its external attack surface. Google considers potential attack vectors and incorporates appropriate purpose built technologies into external facing systems.

 

Intrusion Detection. Intrusion detection is intended to provide insight into ongoing attack activities and provide adequate information to respond to incidents. Google’s intrusion detection involves:

 

  1. Tightly controlling the size and make-up of Google’s attack surface through preventative measures;

 

  1. Employing intelligent detection controls at data entry points; and

 

  1. Employing technologies that automatically remedy certain dangerous situations.

 

Incident Response. Google monitors a variety of communication channels for security incidents, and Google’s security personnel will react promptly to known incidents.

 

Encryption Technologies. Google makes HTTPS encryption (also referred to as SSL or TLS connection) available. Google servers support ephemeral elliptic curve Diffie Hellman cryptographic key exchange signed with RSA and ECDSA. These perfect forward secrecy (PFS) methods help protect traffic and minimise the impact of a compromised key, or a cryptographic breakthrough.

 

  1. Access and Site Controls

(a) Site Controls.

 

On-site Data Centre Security Operation. Google’s data centres maintain an on-site security operation responsible for all physical data centre security functions 24 hours a day, 7 days a week. The on-site security operation personnel monitor Closed Circuit TV (“CCTV”) cameras and all alarm systems. On-site security operation personnel perform internal and external patrols of the data centre regularly.

 

Data Centre Access Procedures. Google maintains formal access procedures for allowing physical access to the data centres. The data centres are housed in facilities that require electronic card key access, with alarms that are linked to the on-site security operation. All entrants to the data centre are required to identify themselves as well as show proof of identity to on-site security operations. Only authorised employees, contractors and visitors are allowed entry to the data centres. Only authorised employees and contractors are permitted to request electronic card key access to these facilities. Data centre electronic card key access requests must be made in advance and in writing, and require the approval of the requestor’s manager and the data centre director. All other entrants requiring temporary data centre access must: (i) obtain approval in advance from the data centre managers for the specific data centre and internal areas they wish to visit; (ii) sign in at on-site security operations; and (iii) reference an approved data centre access record identifying the individual as approved.

 

On-site Data Centre Security Devices. Google’s data centres employ an electronic card key and biometric access control system that is linked to a system alarm. The access control system monitors and records each individual’s electronic card key and when they access perimeter doors, shipping and receiving, and other critical areas. Unauthorised activity and failed access attempts are logged by the access control system and investigated, as appropriate. Authorised access throughout the business operations and data centres is restricted based on zones and the individual’s job responsibilities. The fire doors at the data centres are alarmed. CCTV cameras are in operation both inside and outside the data centres. The positioning of the cameras has been designed to cover strategic areas including, among others, the perimeter, doors to the data centre building, and shipping/receiving. On-site security operations personnel manage the CCTV monitoring, recording and control equipment. Secure cables throughout the data centres connect the CCTV equipment. Cameras record on-site via digital video recorders 24 hours a day, 7 days a week. The surveillance records are retained for at least 7 days based on activity.

 

(b) Access Control.

 

Infrastructure Security Personnel. Google has, and maintains, a security policy for its personnel, and requires security training as part of the training package for its personnel. Google’s infrastructure security personnel are responsible for the ongoing monitoring of Google’s security infrastructure, the review of the Processor Services, and responding to security incidents.

 

Access Control and Privilege Management. Customer's administrators and users must authenticate themselves via a central authentication system or via a single sign on system in order to use the Processor Services.

 

Internal Data Access Processes and Policies – Access Policy. Google’s internal data access processes and policies are designed to prevent unauthorised persons and/or systems from gaining access to systems used to process personal data. Google aims to design its systems to: (i) only allow authorised persons to access data they are authorised to access; and (ii) ensure that personal data cannot be read, copied, altered or removed without authorisation during processing, use and after recording. The systems are designed to detect any inappropriate access. Google employs a centralised access management system to control personnel access to production servers, and only provides access to a limited number of authorised personnel. LDAP, Kerberos and a proprietary system utilising SSH certificates are designed to provide Google with secure and flexible access mechanisms. These mechanisms are designed to grant only approved access rights to site hosts, logs, data and configuration information. Google requires the use of unique user IDs, strong passwords, two factor authentication and carefully monitored access lists to minimise the potential for unauthorised account use. The granting or modification of access rights is based on: the authorised personnel’s job responsibilities; job duty requirements necessary to perform authorised tasks; and a need to know basis. The granting or modification of access rights must also be in accordance with Google’s internal data access policies and training. Approvals are managed by workflow tools that maintain audit records of all changes. Access to systems is logged to create an audit trail for accountability. Where passwords are employed for authentication (e.g. login to workstations), password policies that follow at least industry standard practices are implemented. These standards include restrictions on password reuse and sufficient password strength.

 

  1. Data

(a) Data Storage, Isolation & Authentication.

 

Google stores data in a multi-tenant environment on Google-owned servers. Data, the Processor Services database and file system architecture are replicated between multiple geographically dispersed data centres. Google logically isolates each customer's data. A central authentication system is used across all Processor Services to increase uniform security of data.

 

(b) Decommissioned Disks and Disk Destruction Guidelines.

Certain disks containing data may experience performance issues, errors or hardware failure that lead them to be decommissioned (“Decommissioned Disk”). Every Decommissioned Disk is subject to a series of data destruction processes (the “Data Destruction Guidelines”) before leaving Google’s premises either for reuse or destruction. Decommissioned Disks are erased in a multi-step process and verified complete by at least two independent validators. The erase results are logged by the Decommissioned Disk’s serial number for tracking. Finally, the erased Decommissioned Disk is released to inventory for reuse and redeployment. If, due to hardware failure, the Decommissioned Disk cannot be erased, it is securely stored until it can be destroyed. Each facility is audited regularly to monitor compliance with the Data Destruction Guidelines.

 

  1. Personnel Security

Google personnel are required to conduct themselves in a manner consistent with the company’s guidelines regarding confidentiality, business ethics, appropriate usage, and professional standards. Google conducts reasonably appropriate backgrounds checks to the extent legally permissible and in accordance with applicable local labor law and statutory regulations.

 

Personnel are required to execute a confidentiality agreement and must acknowledge receipt of, and compliance with, Google’s confidentiality and privacy policies. Personnel are provided with security training. Personnel handling Customer Personal Data are required to complete additional requirements appropriate to their role. Google’s personnel will not process Customer Personal Data without authorisation.

 

  1. Subprocessor Security

Before onboarding Subprocessors, Google conducts an audit of the security and privacy practices of Subprocessors to ensure Subprocessors provide a level of security and privacy appropriate to their access to data and the scope of the services they are engaged to provide. Once Google has assessed the risks presented by the Subprocessor then, subject always to the requirements set out in Section 11.3 (Requirements for Subprocessor Engagement), the Subprocessor is required to enter into appropriate security, confidentiality and privacy contract terms.

 

Google Ads Data Processing Terms, Version 1.2

12 October 2017

 

 

 

 XI. Google APIs

Last modified: January 16, 2019 (see previous version)

 

Thank you for using Google's APIs, other developer services, and associated software (collectively, "APIs"). By accessing or using our APIs, you are agreeing to the terms below. If there is a conflict between these terms and additional terms applicable to a given API, the additional terms will control for that conflict. Collectively, we refer to the terms below, any additional terms, terms within the accompanying API documentation, and any applicable policies and guidelines as the "Terms." You agree to comply with the Terms and that the Terms control your relationship with us. So please read all the Terms carefully. If you use the APIs as an interface to, or in conjunction with other Google products or services, then the terms for those other products or services also apply.

 

Under the Terms, "Google" means Google LLC, with offices at 1600 Amphitheatre Parkway, Mountain View, California 94043, United States, unless set forth otherwise in additional terms applicable for a given API. We may refer to "Google" as "we", "our", or "us" in the Terms.

 

Section 1: Account and Registration

  1. Accepting the Terms

You may not use the APIs and may not accept the Terms if (a) you are not of legal age to form a binding contract with Google, or (b) you are a person barred from using or receiving the APIs under the applicable laws of the United States or other countries including the country in which you are resident or from which you use the APIs.

 

  1. Entity Level Acceptance

If you are using the APIs on behalf of an entity, you represent and warrant that you have authority to bind that entity to the Terms and by accepting the Terms, you are doing so on behalf of that entity (and all references to "you" in the Terms refer to that entity).

 

  1. Registration

In order to access certain APIs you may be required to provide certain information (such as identification or contact details) as part of the registration process for the APIs, or as part of your continued use of the APIs. Any registration information you give to Google will always be accurate and up to date and you'll inform us promptly of any updates.

 

  1. Subsidiaries and Affiliates

Google has subsidiaries and affiliated legal entities around the world. These companies may provide the APIs to you on behalf of Google and the Terms will also govern your relationship with these companies.

 

Section 2: Using Our APIs

  1. Your End Users

You will require your end users to comply with (and not knowingly enable them to violate) applicable law, regulation, and the Terms.

 

  1. Compliance with Law, Third Party Rights, and Other Google Terms of Service

You will comply with all applicable law, regulation, and third party rights (including without limitation laws regarding the import or export of data or software, privacy, and local laws). You will not use the APIs to encourage or promote illegal activity or violation of third party rights. You will not violate any other terms of service with Google (or its affiliates).

 

  1. Permitted Access

You will only access (or attempt to access) an API by the means described in the documentation of that API. If Google assigns you developer credentials (e.g. client IDs), you must use them with the applicable APIs. You will not misrepresent or mask either your identity or your API Client's identity when using the APIs or developer accounts.

 

  1. API Limitations

Google sets and enforces limits on your use of the APIs (e.g. limiting the number of API requests that you may make or the number of users you may serve), in our sole discretion. You agree to, and will not attempt to circumvent, such limitations documented with each API. If you would like to use any API beyond these limits, you must obtain Google's express consent (and Google may decline such request or condition acceptance on your agreement to additional terms and/or charges for that use). To seek such approval, contact the relevant Google API team for information (e.g. by using the Google developers console).

 

  1. Open Source Software

Some of the software required by or included in our APIs may be offered under an open source license. Open source software licenses constitute separate written agreements. For certain APIs, open source software is listed in the documentation. To the limited extent the open source software license expressly supersedes the Terms, the open source license instead sets forth your agreement with Google for the applicable open source software.

 

  1. Communication with Google

We may send you certain communications in connection with your use of the APIs. Please review the applicable API documentation for information about opting out of certain types of communication.

 

  1. Feedback

If you provide feedback or suggestions about our APIs, then we (and those we allow) may use such information without obligation to you.

 

  1. Non-Exclusivity

The Terms are non-exclusive. You acknowledge that Google may develop products or services that may compete with the API Clients or any other products or services.

 

Section 3: Your API Clients

  1. API Clients and Monitoring

The APIs are designed to help you enhance your websites and applications ("API Client(s)"). YOU AGREE THAT GOOGLE MAY MONITOR USE OF THE APIS TO ENSURE QUALITY, IMPROVE GOOGLE PRODUCTS AND SERVICES, AND VERIFY YOUR COMPLIANCE WITH THE TERMS. This monitoring may include Google accessing and using your API Client, for example to identify security issues that could affect Google or its users. You will not interfere with this monitoring. Google may use any technical means to overcome such interference. Google may suspend access to the APIs by you or your API Client without notice if we reasonably believe that you are in violation of the Terms.

 

  1. Security

You will use commercially reasonable efforts to protect user information collected by your API Client, including personally identifiable information ("PII"), from unauthorized access or use and will promptly report to your users any unauthorized access or use of such information to the extent required by applicable law.

 

  1. Ownership

Google does not acquire ownership in your API Clients, and by using our APIs, you do not acquire ownership of any rights in our APIs or the content that is accessed through our APIs.

 

  1. User Privacy and API Clients

You will comply with all applicable privacy laws and regulations including those applying to PII. You will provide and adhere to a privacy policy for your API Client that clearly and accurately describes to users of your API Client what user information you collect and how you use and share such information (including for advertising) with Google and third parties.

 

Section 4: Prohibitions and Confidentiality

  1. API Prohibitions

When using the APIs, you may not (or allow those acting on your behalf to):

 

Sublicense an API for use by a third party. Consequently, you will not create an API Client that functions substantially the same as the APIs and offer it for use by third parties.

Perform an action with the intent of introducing to Google products and services any viruses, worms, defects, Trojan horses, malware, or any items of a destructive nature.

Defame, abuse, harass, stalk, or threaten others.

Interfere with or disrupt the APIs or the servers or networks providing the APIs.

Promote or facilitate unlawful online gambling or disruptive commercial messages or advertisements.

Reverse engineer or attempt to extract the source code from any API or any related software, except to the extent that this restriction is expressly prohibited by applicable law.

Use the APIs for any activities where the use or failure of the APIs could lead to death, personal injury, or environmental damage (such as the operation of nuclear facilities, air traffic control, or life support systems).

Use the APIs to process or store any data that is subject to the International Traffic in Arms Regulations maintained by the U.S. Department of State.

Remove, obscure, or alter any Google terms of service or any links to or notices of those terms.

Unless otherwise specified in writing by Google, Google does not intend use of the APIs to create obligations under the Health Insurance Portability and Accountability Act, as amended ("HIPAA"), and makes no representations that the APIs satisfy HIPAA requirements. If you are (or become) a "covered entity" or "business associate" as defined in HIPAA, you will not use the APIs for any purpose or in any manner involving transmitting protected health information to Google unless you have received prior written consent to such use from Google.

 

  1. Confidential Matters

Developer credentials (such as passwords, keys, and client IDs) are intended to be used by you and identify your API Client. You will keep your credentials confidential and make reasonable efforts to prevent and discourage other API Clients from using your credentials. Developer credentials may not be embedded in open source projects.

Our communications to you and our APIs may contain Google confidential information. Google confidential information includes any materials, communications, and information that are marked confidential or that would normally be considered confidential under the circumstances. If you receive any such information, then you will not disclose it to any third party without Google's prior written consent. Google confidential information does not include information that you independently developed, that was rightfully given to you by a third party without confidentiality obligation, or that becomes public through no fault of your own. You may disclose Google confidential information when compelled to do so by law if you provide us reasonable prior notice, unless a court orders that we not receive notice.

Section 5: Content

  1. Content Accessible Through our APIs

Our APIs contain some third party content (such as text, images, videos, audio, or software). This content is the sole responsibility of the person that makes it available. We may sometimes review content to determine whether it is illegal or violates our policies or the Terms, and we may remove or refuse to display content. Finally, content accessible through our APIs may be subject to intellectual property rights, and, if so, you may not use it unless you are licensed to do so by the owner of that content or are otherwise permitted by law. Your access to the content provided by the API may be restricted, limited, or filtered in accordance with applicable law, regulation, and policy.

 

  1. Submission of Content

Some of our APIs allow the submission of content. Google does not acquire any ownership of any intellectual property rights in the content that you submit to our APIs through your API Client, except as expressly provided in the Terms. For the sole purpose of enabling Google to provide, secure, and improve the APIs (and the related service(s)) and only in accordance with the applicable Google privacy policies, you give Google a perpetual, irrevocable, worldwide, sublicensable, royalty-free, and non-exclusive license to Use content submitted, posted, or displayed to or from the APIs through your API Client. "Use" means use, host, store, modify, communicate, and publish. Before you submit content to our APIs through your API Client, you will ensure that you have the necessary rights (including the necessary rights from your end users) to grant us the license.

 

  1. Retrieval of content

When a user's non-public content is obtained through the APIs, you may not expose that content to other users or to third parties without explicit opt-in consent from that user.

 

  1. Data Portability

Google supports data portability. For as long as you use or store any user data that you obtained through the APIs, you agree to enable your users to export their equivalent data to other services or applications of their choice in a way that's substantially as fast and easy as exporting such data from Google products and services, subject to applicable laws, and you agree that you will not make that data available to third parties who do not also abide by this obligation.

 

  1. Prohibitions on Content

Unless expressly permitted by the content owner or by applicable law, you will not, and will not permit your end users or others acting on your behalf to, do the following with content returned from the APIs:

 

Scrape, build databases, or otherwise create permanent copies of such content, or keep cached copies longer than permitted by the cache header;

Copy, translate, modify, create a derivative work of, sell, lease, lend, convey, distribute, publicly display, or sublicense to any third party;

Misrepresent the source or ownership; or

Remove, obscure, or alter any copyright, trademark, or other proprietary rights notices; or falsify or delete any author attributions, legal notices, or other labels of the origin or source of material.

Section 6: Brand Features; Attribution

  1. Brand Features

"Brand Features" is defined as the trade names, trademarks, service marks, logos, domain names, and other distinctive brand features of each party. Except where expressly stated, the Terms do not grant either party any right, title, or interest in or to the other party's Brand Features. All use by you of Google's Brand Features (including any goodwill associated therewith) will inure to the benefit of Google.

 

  1. Attribution

You agree to display any attribution(s) required by Google as described in the documentation for the API. Google hereby grants to you a nontransferable, nonsublicenseable, nonexclusive license while the Terms are in effect to display Google's Brand Features for the purpose of promoting or advertising that you use the APIs. You must only use the Google Brand Features in accordance with the Terms and for the purpose of fulfilling your obligations under this Section. In using Google's Brand Features, you must follow the Google Brand Features Use Guidelines. You understand and agree that Google has the sole discretion to determine whether your attribution(s) and use of Google's Brand Features are in accordance with the above requirements and guidelines.

 

  1. Publicity

You will not make any statement regarding your use of an API which suggests partnership with, sponsorship by, or endorsement by Google without Google's prior written approval.

 

  1. Promotional and Marketing Use

In the course of promoting, marketing, or demonstrating the APIs you are using and the associated Google products, Google may produce and distribute incidental depictions, including screenshots, video, or other content from your API Client, and may use your company or product name. You grant us all necessary rights for the above purposes.

 

Section 7: Privacy and Copyright Protection

  1. Google Privacy Policies

By using our APIs, Google may use submitted information in accordance with our privacy policies.

 

  1. Google DMCA Policy

We provide information to help copyright holders manage their intellectual property online, but we can't determine whether something is being used legally or not without their input. We respond to notices of alleged copyright infringement and terminate accounts of repeat infringers according to the process set out in the U.S. Digital Millennium Copyright Act. If you think somebody is violating your copyrights and want to notify us, you can find information about submitting notices and Google's policy about responding to notices in our Help Center.

 

Section 8: Termination

  1. Termination

You may stop using our APIs at any time with or without notice. Further, if you want to terminate the Terms, you must provide Google with prior written notice and upon termination, cease your use of the applicable APIs. Google reserves the right to terminate the Terms with you or discontinue the APIs or any portion or feature or your access thereto for any reason and at any time without liability or other obligation to you.

 

  1. Your Obligations Post-Termination

Upon any termination of the Terms or discontinuation of your access to an API, you will immediately stop using the API, cease all use of the Google Brand Features, and delete any cached or stored content that was permitted by the cache header under Section 5. Google may independently communicate with any account owner whose account(s) are associated with your API Client and developer credentials to provide notice of the termination of your right to use an API.

 

  1. Surviving Provisions

When the Terms come to an end, those terms that by their nature are intended to continue indefinitely will continue to apply, including but not limited to: Sections 4b, 5, 8, 9, and 10.

 

Section 9: Liability for our APIs

  1. WARRANTIES

EXCEPT AS EXPRESSLY SET OUT IN THE TERMS, NEITHER GOOGLE NOR ITS SUPPLIERS OR DISTRIBUTORS MAKE ANY SPECIFIC PROMISES ABOUT THE APIS. FOR EXAMPLE, WE DON'T MAKE ANY COMMITMENTS ABOUT THE CONTENT ACCESSED THROUGH THE APIS, THE SPECIFIC FUNCTIONS OF THE APIS, OR THEIR RELIABILITY, AVAILABILITY, OR ABILITY TO MEET YOUR NEEDS. WE PROVIDE THE APIS "AS IS".

 

SOME JURISDICTIONS PROVIDE FOR CERTAIN WARRANTIES, LIKE THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. EXCEPT AS EXPRESSLY PROVIDED FOR IN THE TERMS, TO THE EXTENT PERMITTED BY LAW, WE EXCLUDE ALL WARRANTIES, GUARANTEES, CONDITIONS, REPRESENTATIONS, AND UNDERTAKINGS.

 

  1. LIMITATION OF LIABILITY

WHEN PERMITTED BY LAW, GOOGLE, AND GOOGLE'S SUPPLIERS AND DISTRIBUTORS, WILL NOT BE RESPONSIBLE FOR LOST PROFITS, REVENUES, OR DATA; FINANCIAL LOSSES; OR INDIRECT, SPECIAL, CONSEQUENTIAL, EXEMPLARY, OR PUNITIVE DAMAGES.

 

TO THE EXTENT PERMITTED BY LAW, THE TOTAL LIABILITY OF GOOGLE, AND ITS SUPPLIERS AND DISTRIBUTORS, FOR ANY CLAIM UNDER THE TERMS, INCLUDING FOR ANY IMPLIED WARRANTIES, IS LIMITED TO THE AMOUNT YOU PAID US TO USE THE APPLICABLE APIS (OR, IF WE CHOOSE, TO SUPPLYING YOU THE APIS AGAIN) DURING THE SIX MONTHS PRIOR TO THE EVENT GIVING RISE TO THE LIABILITY.

 

IN ALL CASES, GOOGLE, AND ITS SUPPLIERS AND DISTRIBUTORS, WILL NOT BE LIABLE FOR ANY EXPENSE, LOSS, OR DAMAGE THAT IS NOT REASONABLY FORESEEABLE.

 

  1. Indemnification

Unless prohibited by applicable law, if you are a business, you will defend and indemnify Google, and its affiliates, directors, officers, employees, and users, against all liabilities, damages, losses, costs, fees (including legal fees), and expenses relating to any allegation or third-party legal proceeding to the extent arising from:

 

your misuse or your end user's misuse of the APIs;

your violation or your end user's violation of the Terms; or

any content or data routed into or used with the APIs by you, those acting on your behalf, or your end users.

Section 10: General Provisions

  1. Modification

We may modify the Terms or any portion to, for example, reflect changes to the law or changes to our APIs. You should look at the Terms regularly. We'll post notice of modifications to the Terms within the documentation of each applicable API, to this website, and/or in the Google developers console. Changes will not apply retroactively and will become effective no sooner than 30 days after they are posted. But changes addressing new functions for an API or changes made for legal reasons will be effective immediately. If you do not agree to the modified Terms for an API, you should discontinue your use of that API. Your continued use of the API constitutes your acceptance of the modified Terms.

 

  1. U.S. Federal Agency Entities

The APIs were developed solely at private expense and are commercial computer software and related documentation within the meaning of the applicable U.S. Federal Acquisition Regulation and agency supplements thereto.

 

  1. General Legal Terms

We each agree to contract in the English language. If we provide a translation of the Terms, we do so for your convenience only and the English Terms will solely govern our relationship. The Terms do not create any third party beneficiary rights or any agency, partnership, or joint venture. Nothing in the Terms will limit either party's ability to seek injunctive relief. We are not liable for failure or delay in performance to the extent caused by circumstances beyond our reasonable control. If you do not comply with the Terms, and Google does not take action right away, this does not mean that Google is giving up any rights that it may have (such as taking action in the future). If it turns out that a particular term is not enforceable, this will not affect any other terms. The Terms are the entire agreement between you and Google relating to its subject and supersede any prior or contemporaneous agreements on that subject. For information about how to contact Google, please visit our contact page.

 

Except as set forth below: (i) the laws of California, U.S.A., excluding California's conflict of laws rules, will apply to any disputes arising out of or related to the Terms or the APIs and (ii) ALL CLAIMS ARISING OUT OF OR RELATING TO THE TERMS OR THE APIS WILL BE LITIGATED EXCLUSIVELY IN THE FEDERAL OR STATE COURTS OF SANTA CLARA COUNTY, CALIFORNIA, USA, AND YOU AND GOOGLE CONSENT TO PERSONAL JURISDICTION IN THOSE COURTS.

 

If you are accepting the Terms on behalf of a United States federal government entity, then the following applies instead of the paragraph above: the laws of the United States of America, excluding its conflict of laws rules, will apply to any disputes arising out of or related to the Terms or the APIs. Solely to the extent permitted by United States Federal law: (i) the laws of the State of California (excluding California's conflict of laws rules) will apply in the absence of applicable federal law; and (ii) FOR ALL CLAIMS ARISING OUT OF OR RELATING TO THE TERMS OR THE APIS, THE PARTIES CONSENT TO PERSONAL JURISDICTION IN, AND THE EXCLUSIVE VENUE OF, THE COURTS IN SANTA CLARA COUNTY, CALIFORNIA.

 

If you are accepting the Terms on behalf of a United States city, county, or state government entity, then the following applies instead of the paragraph above: the parties agree to remain silent regarding governing law and venue.

 

 

 

XII. AdSense Online Terms of Service

  1. Welcome to AdSense!

Thanks for your interest in our search and advertising services (the "Services")! 

By using our Services, you agree to (1) these Terms of Service, (2) the AdSense Program Policies, which include but are not limited to the Content Policies, the Webmaster Quality Guidelines, the Ad Implementation Policies, and the EU User Consent policy (collectively, the "AdSense Policies"), and (3) the Google Branding Guidelines  (collectively, the "AdSense Terms"). If ever in conflict, these Terms of Service will take precedence over any other terms in the policies and guidelines enumerated in numbers (2) and (3) above.  Please read these Terms of Service and the rest of the AdSense Terms carefully.

 

As used in these Terms of Service, "you" or "publisher" means the individual or entity using the Services (and/or any individual, agent, employee, representative, network, parent, subsidiary, affiliate, successor, related entities, assigns, or all other individuals or entities acting on your behalf, at your direction, under your control, or under the direction or control of the same individual or entity who controls you). "We," "us" or "Google" means Google LLC, and the "parties" means you and Google. 

 

  1. Access to the Services; AdSense Accounts

Your use of the Services is subject to your creation and our approval of an AdSense Account (an "Account").  We have the right to refuse or limit your access to the Services. In order to verify your Account, from time-to-time we may ask for additional information from you, including, but not limited to, verification of your name, address, and other identifying information. By submitting an application to use the Services, if you are an individual, you represent that you are at least 18 years of age.  You may only have one Account. If you (including those under your direction or control) create multiple Accounts, you will not be entitled to further payment from Google, and your Accounts will be subject to termination, pursuant to the provisions below. 

 

By enrolling in AdSense, you permit Google to serve, as applicable, (i) advertisements and other content ("Ads"), (ii) Google search boxes and search results, and (iii) related search queries and other links to your websites, mobile applications, media players, mobile content, and/or other properties approved by Google (each individually a "Property").  In addition, you grant Google the right to access, index and cache the Properties, or any portion thereof, including by automated means. Google may refuse to provide the Services to any Property.

 

Any Property that is a software application and accesses our Services (a) may require preapproval by Google in writing, and (b) must comply with Google's Software Principles.

 

  1. Using our Services

You may use our Services only as permitted by the AdSense Terms and any applicable laws.  Don't misuse our Services. For example, don't interfere with our Services or try to access them using a method other than the interface and the instructions that we provide.

 

You may discontinue your use of any Service at any time by removing the relevant code from your Properties. 

 

  1. Changes to our Services; Changes to the AdSense Terms

We are constantly changing and improving our Services. We may add or remove functionalities or features of the Services at any time, and we may suspend or stop a Service altogether.

 

We may modify the AdSense Terms at any time. We'll post any modifications to the Terms of Service on this page and any modifications to the AdSense Policies or the Google Branding Guidelines on their respective pages.  Changes will generally become effective 14 days after they are posted. However, changes addressing new functions for a Service or changes made for legal reasons will be effective immediately. If you don't agree to any modified terms in the AdSense Terms, you'll have to stop using the affected Services.

 

  1. Payment

Subject to this Section and Section 6 of these Terms of Service, you will receive a payment related to the number of valid clicks on Ads displayed on your Properties, the number of valid impressions of Ads displayed on your Properties, or other valid events performed in connection with the display of Ads on your Properties, only if and when Google determines that your Properties have remained in compliance with the AdSense Terms (including all AdSense Policies as identified in Section 1 above) for the entirety of the period for which payment is made and through to the date that the payment is issued. 

 

If your Account is in good standing through to the time when Google issues you a payment, we will pay you by the end of the calendar month following any calendar month in which the balance reflected in your Account equals or exceeds the applicable payment threshold. If Google is investigating your compliance with the AdSense Terms or you have been suspended or terminated, your payment may be delayed or withheld. To ensure proper payment, you are responsible for providing and maintaining accurate contact and payment information in your Account. 

 

If you implement search Services, our payments may be offset by any applicable fees for such Services. In addition, Google may (a) withhold and offset any payments owed to you under the AdSense Terms against any fees you owe us under the AdSense Terms or any other agreement, or (b) require you to refund us within 30 days of any invoice any amounts we may have overpaid to you in prior periods. You are responsible for any charges assessed by your bank or payment provider.

 

Unless expressly authorized in writing by Google, you may not enter into any type of arrangement with a third party where that third party receives payments made to you under the AdSense Terms or other financial benefit in relation to the Services.

 

Payments will be calculated solely based on Google's accounting. You acknowledge and agree that you are only entitled to payment for your use of the Services for which Google has been paid; if, for any reason, Google does not receive payment from an advertiser or credits such payment back to an advertiser, you are not entitled to be paid for any associated use of the Services. Additionally, if an advertiser whose Ads are displayed on any Property defaults on payment to Google, we may withhold payment or charge back your Account.

 

Google has the right to withhold or adjust payments to you to exclude any amounts Google determines arise from invalid activity.  Invalid activity includes, but is not limited to, (i) spam, invalid clicks, invalid impressions, invalid queries, invalid conversions, or other invalid events on Ads generated by any person, bot, automated program or similar device, including through any clicks, impressions, queries, conversions, or other events originating from your IP addresses or computers under your control; (ii) clicks, impressions, queries, conversions, or other events solicited or generated by payment of money, false representation, or requests for end users to click on Ads or take other actions; (iii) Ads served to end users whose browsers have JavaScript disabled or who are otherwise tampering with ad serving or measurement; (iv) any click, impression, query, conversion, or other event occurring on a Property that does not comply with the AdSense Policies; (v) any click, impression, query, conversion, or other event occurring on a Property associated with another AdSense Account you use; and (vi) all clicks, impressions, queries, conversions, or other events in any Account with significant amounts of invalid activity, as described in (i-v) above or with the types of invalid activity indicating intentional misconduct. In the event Google detects invalid activity, either before or after issuing a payment for that activity, Google reserves the right to debit your Account, and adjust future payments accordingly, for all invalid clicks, impressions, queries, conversions, or other events including for all clicks, impressions, queries, conversions, or other events on Properties that do not comply with the AdSense Policies. 

 

Additionally, Google may refund or credit advertisers for some or all of the advertiser payments associated with a publisher's Account. You acknowledge and agree that, whenever Google issues such refunds or credits, you will not be entitled to receive any payment for any associated use of the Services.

 

  1. Termination, Suspension, and Entitlement to Further Payment

 

Google may at any time, without providing a warning or prior notice, temporarily suspend further payments on your Account, suspend or terminate the participation of any Property in the Services, or suspend or terminate your Account because of, among other reasons, invalid activity or your failure to otherwise fully comply with the AdSense Policies.  Google can terminate your participation in the Services, and close your Account, if your Account remains inactive for a period of 6 or more consecutive months. If Google closes your Account due to inactivity, and the balance reflected in your Account equals or exceeds the applicable threshold, we will pay you that balance, subject to our payment provisions in Section 5. If Google closes your Account due to inactivity, you will not be prevented from submitting a new application to use the Services.

 

If Google terminates your Account due to your breach of the AdSense Terms, including, but not limited to, your causing or failing to prevent invalid activity on any Property, or your failure to otherwise fully comply with the AdSense Policies, you will not be entitled to any further payment from Google for any prior use of the Services. If you breach the AdSense Terms or Google suspends or terminates your Account, you (i) are prohibited from creating a new Account, and (ii) may not be permitted to monetize content on other Google products.

 

If you dispute any payment made or withheld relating to your use of the Services, or, if Google terminates your Account and you dispute your termination, you must notify Google within 30 days of any such payment, non-payment, or termination by submitting an appeal. If you do not, any claim related to the disputed payment or your termination is waived.

 

You may terminate your use of the Services at any time by completing the account cancellation process.  Your AdSense Account will be considered terminated within 10 business days of Google's receipt of your notice.   If you terminate your Account and the balance reflected in your Account equals or exceeds the applicable threshold, we will pay you that balance, subject to the payment provisions in Section 5, within approximately 90 days after the end of the calendar month in which you terminated your use of the Services.  Any balance reflected in your Account below the applicable threshold will remain unpaid.

 

  1. Taxes

As between you and Google, Google is responsible for all taxes (if any) associated with the transactions between Google and advertisers in connection with Ads displayed on the Properties.  You are responsible for all taxes (if any) associated with the Services, other than taxes based on Google's net income.  All payments to you from Google in relation to the Services will be treated as inclusive of tax (if applicable) and will not be adjusted. 

 

  1. Testing

You authorize Google to periodically conduct tests that may affect your use of the Services. To ensure the timeliness and validity of test results, you authorize Google to conduct such tests without notice.

 

  1. Intellectual Property; Brand Features

Other than as set out expressly in the Agreement, neither party will acquire any right, title, or interest in any intellectual property rights belonging to the other party or to the other party's licensors.

 

If Google provides you with software in connection with the Services, we grant you a non-exclusive, non-sublicensable license for use of such software.  This license is for the sole purpose of enabling you to use and enjoy the benefit of the Services as provided by Google, in the manner permitted by the Agreement.  Other than distributing content via the AdMob SDK, you may not copy, modify, distribute, sell, or lease any part of our Services or included software, or reverse engineer or attempt to extract the source code of that software, unless laws prohibit those restrictions or you have our written permission.  You will not remove, obscure, or alter Google's copyright notice, Brand Features, or other proprietary rights notices affixed to or contained within any Google services, software, or documentation.

 

We grant you a non-exclusive, non-sublicensable license to use Google's trade names, trademarks, service marks, logos, domain names, and other distinctive brand features ("Brand Features") solely in connection with your use of the Services and in accordance with the AdSense Terms.  We may revoke this license at any time.  Any goodwill arising from your use of Google's Brand Features will belong to Google.

 

We may include your name and Brand Features in our presentations, marketing materials, customer lists and financial reports.

 

  1. Privacy

Our privacy policy explains how we treat your personal data and protect your privacy when you use our Services. By using our Services, you agree that Google can use such data in accordance with our privacy policy. You and Google also agree to the Google Ads Controller-Controller Data Protection Terms.

 

You will ensure that at all times you use the Services, the Properties have a clearly labeled and easily accessible privacy policy that provides end users with clear and comprehensive information about cookies, device-specific information, location information and other information stored on, accessed on, or collected from end users' devices in connection with the Services, including, as applicable, information about end users' options for cookie management.  You will use commercially reasonable efforts to ensure that an end user gives consent to the storing and accessing of cookies, device-specific information, location information, or other information on the end user's device in connection with the Services where such consent is required by law.

 

  1. Confidentiality

You agree not to disclose Google Confidential Information without our prior written consent. "Google Confidential Information" includes: (a) all Google software, technology and documentation relating to the Services; (b) click-through rates or other statistics relating to Property performance as pertaining to the Services; (c) the existence of, information about, or the terms of, any non-public beta or experimental features in a Service; and (d) any other information made available by Google that is marked confidential or would normally be considered confidential under the circumstances in which it is presented.  Google Confidential Information does not include information that you already knew prior to your use of the Services, that becomes public through no fault of yours, that was independently developed by you, or that was lawfully given to you by a third party.  Notwithstanding this Section 11, you may accurately disclose the amount of Google's gross payments resulting from your use of the Services. 

 

  1. Indemnity

You agree to indemnify and defend Google, its affiliates, agents, and advertisers from and against any and all third-party claims and liabilities arising out of or related to the Properties, including any content served on the Properties that is not provided by Google; your use of the Services; or your breach of any term of the AdSense Terms.  Google's advertisers are third-party beneficiaries of this indemnity.

 

  1. Representations; Warranties; Disclaimers

You represent and warrant that (i) you have full power and authority to enter into the AdSense Terms; (ii) you are the owner of, or are legally authorized to act on behalf of the owner of, each Property; (iii) you are the technical and editorial decision maker in relation to each Property on which the Services are implemented and you have control over the way in which the Services are implemented on each Property; (iv) Google has never previously terminated or otherwise disabled an AdSense Account created by you due to your breach of the AdSense Terms, including due to invalid activity; (v) entering into or performing under the AdSense Terms will not violate any agreement you have with a third party or any third-party rights; and (vi) all of the information provided by you to Google is correct and current.

 

OTHER THAN AS EXPRESSLY SET OUT IN THE ADSENSE TERMS, WE DO NOT MAKE ANY PROMISES ABOUT THE SERVICES.  FOR EXAMPLE, GOOGLE MAY REFUSE TO SERVE, AS APPLICABLE, (i) ADVERTISEMENTS AND OTHER CONTENT ("ADS"), (ii) GOOGLE SEARCH BOXES AND SEARCH RESULTS, AND (iii) RELATED SEARCH QUERIES AND OTHER LINKS TO YOUR PROPERTIES. WE DO NOT GUARANTEE THAT EVERY PAGE WILL RECEIVE ADS OR THAT GOOGLE WILL SERVE A CERTAIN NUMBER OF ADS. ADDITIONALLY, WE DO NOT MAKE ANY COMMITMENTS ABOUT THE CONTENT WITHIN THE SERVICES, THE SPECIFIC FUNCTION OF THE SERVICES, OR THEIR PROFITABILITY, RELIABILITY, AVAILABILITY, OR ABILITY TO MEET YOUR NEEDS. WE PROVIDE EACH SERVICE "AS IS".

 

TO THE EXTENT PERMITTED BY LAW, WE EXCLUDE ALL WARRANTIES, EXPRESS, STATUTORY, OR IMPLIED.  WE EXPRESSLY DISCLAIM THE WARRANTIES OR CONDITIONS OF NONINFRINGEMENT, MERCHANTABILITY, AND FITNESS FOR A PARTICULAR PURPOSE.

 

  1. Limitation of Liability

TO THE EXTENT PERMITTED BY LAW, EXCEPT FOR ANY INDEMNIFICATION OBLIGATIONS HEREUNDER OR YOUR BREACH OF ANY INTELLECTUAL PROPERTY RIGHTS, CONFIDENTIALITY OBLIGATIONS, AND/OR PROPRIETARY INTERESTS RELATING TO THE ADSENSE TERMS, (i) IN NO EVENT SHALL EITHER PARTY BE LIABLE UNDER THE ADSENSE TERMS FOR ANY CONSEQUENTIAL, SPECIAL, INDIRECT, EXEMPLARY, OR PUNITIVE DAMAGES WHETHER IN CONTRACT, TORT, OR ANY OTHER THEORY, EVEN IF SUCH PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES AND NOTWITHSTANDING ANY FAILURE OF ESSENTIAL PURPOSE OF ANY LIMITED REMEDY, AND (ii) EACH PARTY'S AGGREGATE LIABILITY UNDER THE ADSENSE TERMS IS LIMITED TO THE NET AMOUNT RECEIVED AND RETAINED BY THAT PARTICULAR PARTY IN CONNECTION WITH THESE ADSENSE TERMS DURING THE THREE MONTH PERIOD IMMEDIATELY PRECEDING THE DATE OF THE CLAIM.  Each party acknowledges that the other party has entered into the AdSense Terms relying on the limitations of liability stated herein and that those limitations are an essential basis of the bargain between the parties.

 

  1. Miscellaneous

Entire Agreement; Amendments.  The AdSense Terms are our entire agreement relating to your use of the Services and supersede any prior or contemporaneous agreements on that subject.  The AdSense Terms may be amended (i) in a writing signed by both parties that expressly states that it is amending the AdSense Terms, or (ii) as set forth in Section 4, if you keep using the Services after Google modifies the AdSense Terms. 

 

Assignment.  You may not assign or transfer any of your rights under the AdSense Terms.

Independent Contractors.  The parties are independent contractors and the AdSense Terms do not create an agency, partnership, or joint venture.

No Third-Party Beneficiaries. Other than as set forth in Section 12, the AdSense Terms do not create any third-party beneficiary rights.

No Waiver. Other than as set forth in Section 6, the failure of either party to enforce any provision of the AdSense Terms will not constitute a waiver.

Severability. If it turns out that a particular term of the AdSense Terms is not enforceable, the balance of the AdSense Terms will remain in full force and effect.

Survival. Sections 5, 6, 8, 12, 14, and 15 of these Terms of Service will survive termination.

Governing Law; Venue. All claims arising out of or relating to the AdSense Terms or the Services will be governed by California law, excluding California's conflict of laws rules, and will be litigated exclusively in the federal or state courts of Santa Clara County, California, USA, and you and Google consent to personal jurisdiction in those courts.

Force Majeure. Neither party will be liable for inadequate performance to the extent caused by a condition (for example, natural disaster, act of war or terrorism, riot, labor condition, governmental action, and Internet disturbance) that was beyond the party's reasonable control.

Communications. In connection with your use of the Services, we may contact you regarding service announcements, administrative messages, and other information. You may opt out of some of those communications in your Account settings.  For information about how to contact Google, please visit our contact page.

 

  1. Service-Specific Terms

If you choose to implement any of the following Services on a Property, you also agree to the additional terms identified below:

AdMob: the AdMob Publisher Guidelines and Policies.

Custom Search Engine: the Custom Search Engine Terms of Service.

 

 

 

XIII. AdMob & AdSense policies

AdMob & AdSense policies can be found here:

https://support.google.com/admob/answer/6128543?hl=en&ref_topic=2745287

 

Related Articles