If an Order Form contains the provision of “Subscriber Insights” from Zuora to Customer, then this Subscriber Insights Addendum (“Addendum”) applies to Customer’s use of Subscriber Insights. This Addendum incorporates by reference and is subject to the Master Subscription Agreement between the Parties. In the event of a material conflict between the MSA and this Addendum, the terms and conditions of this Addendum governs with the respect to the use of Subscriber Insights only. Unless otherwise defined in this Addendum, capitalized terms have the meaning indicated in the MSA. “Service” in this Addendum means Subscriber Insights.
a. Limits on Zuora. Zuora will use Customer Data only in order to provide the Service to Customer and only as permitted by Privacy Law, and this Agreement.
b. Automatically Collected and Transmitted Data. The Service collects from Customer’s environment, as a part of the server log, and automatically transmits to Zuora, Customer’s IP address (“Transmitted Information”). The Transmitted Information will be used for the purpose of providing forensic analysis in the event of a security breach.
c. Stored Data.The Service receives from Customer’s environment at Customer’s election and stores on AWS server, without limitation, Customer’s customers’ or User’s name, and email address (“Stored Information”). Zuora’s use of Stored Information is at Customer’s election to perform analysis to enable the functionalities and operations of the Service and will not be transmitted to Zuora’s server.
d. Sharing and Transfer. Zuora may also use statistics derived from the information collected through monitoring of the Services (the “Collected Information”) or submitted by Customer, to monitor the use of the Service by all of Zuora’s customers and use the data gathered in an aggregate and anonymous manner in connection with and in order to enhance the Service. Customer agrees that Zuora may use and publish such information, provided that such information does not incorporate any Customer Data and/or identify Customer, or Customer’s customers, or Users. The Collected Information may be accessible by Zuora employees or contractors on a need-to-know basis, exclusively to be used in accordance with the purposes described above. For the same purposes, the Collected Information may be shared with partners and vendors that process information on behalf of Zuora. Zuora has taken steps to ensure that the Collected Information, if transferred, receives an adequate level of protection.
e. Safeguards. We will maintain commercially appropriate administrative, physical, and technical safeguards to protect Customer Data. Customer consents to the processing of Customer Data in the United States.
f. Personal Data. EXCEPT IN THE EVENT OF STORED INFORMATION, CUSTOMER AGREES NOT TO USE THE SERVICE TO COLLECT, MANAGE OR PROCESS PERSONAL DATA. ZUORA WILL NOT HAVE ANY LIABILITY THAT MAY RESULT FROM CUSTOMER’S USE OF THE SERVICE TO COLLECT OR MANAGE PERSONAL DATA. It is Customer’s responsibility to ensure that any disclosure by the Customer to Zuora of Personal Data of Customer’s Users or third parties is in compliance with national laws governing the collection, use and protection of Personal Data applicable to Customer’s country or region of operation. In particular, it is Customer’s responsibility to inform Users and third parties that Customer is providing their information to Zuora, to inform them of how it will be used and to gather appropriate consents required for such transfer and use.