Get a demo
Login
Try it free

Extract Terms of Service

Extract, a product by Singular Labs, Inc. (“Singular”, “Extract” or “us”, “our”, “we”), provides data movement services (the “Services”) which aim to enable businesses to extract data from their data sources and load them into their data destinations.

These Terms of Service (these “Terms”) together with the executed master services agreements form (the “Service Entitlement”), govern your access and use of the Services.

You” or “Customer” means the entity that accesses and uses the Services. Please read these Terms carefully. These Terms govern your use of the Services.

BY EXECUTING OR CONFIRMING A SERVICE ENTITLEMENT TO WHICH THESE TERMS HAVE BEEN INCORPORATED, YOU EXPRESSLY ACKNOWLEDGE AND AGREE THAT YOU HAVE READ THESE TERMS AND AGREE TO BE BOUND BY THESE TERMS.

IF YOU ARE AN INDIVIDUAL ENTERING INTO THESE TERMS ON BEHALF OF A LEGAL ENTITY, YOU HEREBY REPRESENT AND WARRANT TO US THAT YOU ARE AUTHORIZED TO ENTER INTO THESE TERMS ON BEHALF OF SUCH ENTITY AND BIND SUCH ENTITY TO THESE TERMS, IN WHICH CASE, THE TERMS “YOU” AND “YOUR” AND “COMPANY” WILL REFER TO SUCH ENTITY.

IF YOU DO NOT ACCEPT ALL THE TERMS HEREIN OR ARE NOT AN AUTHORIZED AGENT FOR THE LEGAL ENTITY THAT WISHES TO ENTER INTO THESE TERMS, YOU MAY NOT ASSENT TO THESE TERMS.

ALSO, YOU MAY NOT ENTER INTO THESE TERMS OR OTHERWISE USE THE SERVICES IF YOU ARE A COMPETITOR OF EXTRACT.

1. Definitions. As used in these Terms, the following terms shall have the meanings set forth below:

Data Processing Addendum” or “Addendum” means Extract’s Data Processing Addendum appended to these Terms and forming an integral part the Terms, and any amendment or update thereof, as may be in effect from time to time.

Dashboard” means the user interface for the Services, as described in the Documentation.

Documentation” means Extract’s published documentation for the Services, located at https://docs.extract.to/.

2. Provision of the Services. Subject to the terms and conditions and license grant hereof, Extract allows you during the Term to access and use the Services, pursuant to the scheme, parameters and metrics specified in the Service Entitlement and subject to the limitations, capabilities and restrictions detailed in the help center documents posted on https://docs.extract.to/. Customer shall use the Services only for its own purposes, and shall not use the Services to provide similar or competing services to any third party. We may modify, adapt, improve, or enhance the Services, or any of its features, user interface, design or any other aspect related to it, without an obligation to provide you notice thereof. The Dashboard is reserved for the use of Customer’s employees and contractors authorized by Extract, and Customer may not provide access to the Dashboard to any third party.

3. Registration.

Provide Complete Information. In order to use the Services, Customer will be required to register with Extract. Customer must provide all information as requested by Extract in the registration process, and Customer represents and warrants that all such information shall be true, accurate and complete. Customer shall keep such information up-to-date as may be required from time to time.

User Authentication. Login to the Dashboard is authenticated with a password, which Customer should periodically change. Customer must maintain the confidentiality of its account login details for its general account and for the Dashboard.

Safeguarding Credentials. Customer is solely responsible for the security of its and its users’ login credentials, and will not provide such login credentials to any third party. Customer is responsible for any use that occurs under its or its users’ login credentials. If Customer believes an unauthorized person has gained access to its or its users’ login credentials, Customer will notify Extract as soon as possible. Customer will ensure that its users comply with all terms and conditions of these Terms and Customer remains solely responsible and liable for the acts and omissions of its users. If Customer become aware of any violation by any of its users, Customer will immediately terminate such user’s access to the Services.

4. Restrictions and Obligations.

Objectionable Conduct. Except as set forth expressly herein, Customer shall not, and shall not permit any third party, to (a) reverse engineer or attempt to find the underlying code of the Services; (b) modify the Services, or insert any code or product, or manipulate the Services or their presentation in any way; (c) use the Services in order to develop, or create, or permit others to develop or create, a product or service similar or competitive to the Services; (d) impose an excess load or burden on the Services, (e) circumvent any security or access control measures of the Services (f) offer, license or distribute the Services to any third party, or use the Services as part of a service bureau operation or to provide services on behalf of or for the benefit of any third party, or to assist in or further the provision of, any data processing, outsourcing, time-sharing or service-bureau services, or any other services for the benefit of any third party; (g) use any portion of the Services for any illegal or unlawful purpose or activity or in violation of any third-party right. To the extent any of the restrictions set forth in this Section are not enforceable under applicable law, Customer shall inform Extract in writing in each instance prior to engaging in the activities set forth above.

Security Issues. In addition, Customer may not perform or attempt to perform any of the following in connection with the Services: (a) breaching the security of the Services, or identifying, probing or scanning any security vulnerabilities in the Services; (b) accessing data not intended for you, or accessing an account you are not authorized to access; (c) interfering with, circumventing, manipulating, overloading, impairing or disrupting the operation, or the functionality of the Services; (d) working around any technical limitations in the Services; (e) using any tool to enable features or functionalities that are otherwise disabled, inaccessible or undocumented in the Services; (f) collecting or processing information or data about Extract’s customers; (g) sending any virus, worm, Trojan horse or other malicious or harmful code or attachment; or (h) using robots, crawlers and similar applications to scrape, harvest, collect or compile content from or through the Services.

Lawful Use Only. You will only use the Services in full compliance with all applicable laws, rules and regulations, and you represent and warrant that the Data (as defined below) does not and will not violate any third party rights or any applicable laws.

Your Responsibilities. You are solely and exclusively responsible: (i) for all actions you take in response to your use of the Services and (ii) to carry out such actions as you deem appropriate as a result of your usage of the Services. We are not responsible or liable for your reliance upon, or use of, the Services, your actions in connection with the Services, or any consequences resulting therefrom.

Measures Against Fraudulent or Abusive Use. WE MAY EMPLOY MEASURES TO DETECT AND PREVENT FRAUDULENT OR ABUSIVE USE OF THE SERVICES, AS WELL AS MISUSE OF THE SERVICES. WE MAY SUSPEND OR TERMINATE YOUR ACCOUNT AND ACCESS TO THE SERVICES, WITHOUT PRIOR NOTICE, IF WE, IN OUR SOLE DISCRETION, BELIEVE THAT YOU HAVE ENGAGED IN FRAUDULENT OR ABUSIVE USE OR MISUSE OF THE SERVICES.

5. Intellectual Property.

Ownership of the Services. As between the parties, Extract shall have all right, title and interest in and to the Services, and all software that provides the Services, including, without limitation, all copyrights, patents, trademarks, trade names, trade secrets and other intellectual property rights, and any goodwill associated therewith, in and to the Services, or any part thereof, including computer code, graphic design, layout and the user interfaces. Except for the limited license granted to you to use the Services pursuant to Section ‎7 of these Terms, these Terms do not grant to you or assign to you any license, right, title, or interest in or to the Services or any associated intellectual property rights.

Don’t Impair our Ownership. You will not perform, or cause to be done, any acts or things contesting or in any way impairing or tending to impair any portion of the right, title and interest of Extract in and to its intellectual property rights.

Your Feedback. Extract does not request feedback regarding the Services. Notwithstanding the foregoing, if Customer provides Extract with any feedback regarding the Services, Customer hereby fully and irrevocably assigns to Extract all right, title and interest in and to such feedback, and Extract and its affiliates shall be entitled to use all such feedback without restriction and shall not be subject to any non-disclosure or non-use obligations in respect of such feedback.

Our Trademarks. Nothing in these Terms grants any right to, and Customer shall not, make any use whatsoever of any Extract trademark, service-mark, trade dress or other designator of source or origin.

Indicating You as Customer. Unless you notify us otherwise in writing, we may identify you as a customer and user of the Services on our website, mobile application and in other online or offline marketing materials and press releases, and we may publish case studies and other marketing materials related to your use of the Services. We acknowledge that your company name and logo are protected by intellectual property rights. You hereby grant Extract a non-exclusive, royalty-free and fully paid up license, during the Term, to use your name, logo, and website URL, on our website, mobile application and in other online or offline marketing materials relating to the Services. We will use this content strictly in accordance with any usage guidelines you provide to us in advance.

Third Party Components. The Services may incorporate third party open source software (“Third Party Software”). To the extent so stipulated by the license that governs the Third Party Software (“Third Party EULA”), each such Third Party Software is licensed directly from its respective licensors and is subject to its respective Third Party EULA. If, and to the extent, a Third Party EULA requires that these Terms effectively impose, grant or incorporate by reference, certain disclaimers, permissions, provisions, prohibitions or restrictions, then such disclaimers, permissions, provisions, prohibitions or restrictions shall be deemed to be imposed, granted, or incorporated by reference into these Terms, as required, and shall supersede any conflicting provision of these Terms, solely with respect to the corresponding Third Party Software which is governed by such Third Party EULA. You acknowledge that Extract is not responsible for the availability or for the fulfillment of any Third Party Software warranty or for problems attributable to use of Third Party Software. You are responsible for reviewing, accepting, and complying with any provided Third Party EULA.

6. Fees and Payment.

General Payment Terms. The Customer shall make payment to Extract pursuant to the payment terms and conditions of the Service Entitlement. All such payable amounts are exclusive of all applicable taxes and government charges, and Customer shall make payment to Extract without deduction for and free and clear of any such amounts. Customer must add applicable taxes (including VAT) and other government charges to such amounts. Unless set forth otherwise in the Service Entitlement, amounts are due and payable within thirty (30) days of receipt of the applicable invoice.

Overdue Fees. Failure to settle any overdue fee within twenty (14) calendar days of its original due date will constitute a material breach of these Terms and, without limiting any remedies available to Extract, Extract may: (i) terminate these Terms; or (ii) suspend performance of or access to the Services, until payment is made current. Late payments shall bear interest at the rate of nine percent (9%) per annum. You will reimburse us for all legal costs and attorney fees we incur in the course of collecting your overdue fees.

Currency and Payment Methods. All fees are quoted in US Dollars and will be paid by you in US Dollars, unless expressly stated otherwise in the Service Entitlement. Fees are payable by wire transfer, check or major credit cards. We may, from time to time, and without specific notice to you, add additional payment methods to the then-current payment methods, or cease to use previously supported payment methods. You represent and warrant that you are lawfully permitted to use the selected payment method in connection with the Services. We may require additional information from you before completing payment transactions. You must keep the billing information you provide to us current, complete, and accurate, and notify us promptly in case of any change in your billing information. By providing any credit card, online account or bank information, you authorize us to automatically charge or debit the selected payment method for the full amount due on a recurring basis (if applicable) until you notify us in writing with an alternative, authorized payment method. You must ensure that you have sufficient funds or credit (as applicable) associated with the selected method of payment. You understand that the amounts charged or debited may vary and that this authorization will remain in effect until the expiration or termination of these Terms. If a payment is returned from a bank account for insufficient or uncollected funds or for erroneous information, we may reinitiate the returned debit to the applicable bank account. Any amounts owed to us that cannot be collected by debit may be charged to any backup credit card on file for you.

Payment Processing. Payment may be processed and handled through relevant third party payment processors. Any payments processed through third party payment processors are therefore subject not only to these Terms, but also the terms and conditions of the applicable third party payment processor pursuant to your agreement with them. You acknowledge that such third party payment processors may charge you commission. We are not responsible for such a commission, which is strictly between you and the relevant payment processor. Fees that we are unable to charge through the payment method you provided is deemed an overdue fee.

Payment Obligation Survive. All your payment obligations are non-cancelable and all amounts paid in connection with the Services are non-refundable. You are responsible for paying all fees applicable to your subscription to the Services, whether or not you actively used, accessed or otherwise benefited from the Services.

7. Customer Data Processing.

Nature of Data Processing. The Services entail processing certain data made available by or through the Customer (“Customer Data”). Except as may otherwise be agreed in writing between the parties, Customer represents and warrants that the Customer Data does not include categories of data subject to specific statutory obligations – such as, for example, health or financial data of individuals. Extract will collect the Customer Data from sources indicated by Customer and process such Customer Data as indicated in a Data Processing Addendum, which Customer agrees to, as well as for the purposes of improving and analyzing the Services and how the Services is used by Extract’s customers. Extract’s privacy practices for the Customer Data are described in Extract Privacy Policy available at https://www.extract.to/privacy-policy/.

Your Data Obligations. Customer represents and warrants that it has the right to provide Customer Data into the Services and use the Services to analyze such Customer Data. In addition, Customer represents and warrants that if Customer provides (or authorizes Extract to receive) Customer Data from any third party source (such as, for example, data from Google or Meta), then Customer will comply with all the terms and conditions applicable to such third party source including, without limitation, any terms and conditions applicable to the provision and receipt of data from such third party source. It is your sole responsibility to determine whether your Customer Application is subject to the United States Children’s Online Privacy Protection Act (COPPA). If so then: (a) you, the Customer, are the primary ‘operator’ under COPPA liable for compliance with the requirements of COPPA for your Customer Application; (b) you shall, at all times, comply with COPPA in respect of your Customer Application; and (c) where applicable, you must directly inform us in advance of the child-directed nature of your Customer Application, by emailing us to privacy@extract.to.

Restricted Information. Except as may otherwise be agreed in writing between the parties, Customer shall not deliver, disclose or make available to Extract, any Protected Health Information (as defined under the United States Health Insurance Portability and Accountability Act of 1996 (as amended), any information which is considered sensitive as per the enumerated categories at Cal. Civ. Code §1798.81.5(d), or any ‘Special Categories of Data’ within the meaning of the EU or UK General Data Protection Regulation (GDPR).

8. Confidentiality.

Confidential Information Defined. As used herein, “Confidential Information” means, subject to the exceptions set forth in the following sentence, any information or data, regardless of whether it is in tangible form, disclosed by either you or us (the “Disclosing Party”) that the Disclosing Party has either marked as confidential or proprietary, or has identified in writing as confidential or proprietary within thirty (30) days of disclosure to the other party (the “Receiving Party”); provided, however, that a Disclosing Party’s business plans, strategies, technology, research and development, current and prospective customers, billing records, and products or services will be deemed Confidential Information of the Disclosing Party even if not so marked or identified. Extract’s Confidential Information includes, without limitation, the Services, these Terms and any information related to any of the foregoing.

Information will not be deemed Confidential Information if such information: (a) is known to the Receiving Party prior to receipt from the Disclosing Party directly or indirectly from a source other than one having an obligation of confidentiality to the Disclosing Party; (b) becomes known (independently of disclosure by the Disclosing Party) to the Receiving Party directly or indirectly from a source other than one having an obligation of confidentiality to the Disclosing Party; (c) becomes publicly known or otherwise ceases to be secret or confidential, except through a breach of these Terms by the Receiving Party; or (d) is developed independently by the Receiving Party without use of any Confidential Information of the Disclosing Party.

Confidentiality Obligations. Neither we nor you will disclose, or permit to be disclosed, the other party’s Confidential Information directly or indirectly, to any third party without the other party’s prior written consent. Both you and we undertake to use commercially reasonable measures to protect the confidentiality and value of the other party’s Confidential Information. Notwithstanding any provision of these Terms, either party may disclose the other party’s Confidential Information, in whole or in part: (i) to its employees, officers, directors, consultants and professional advisers (e.g., attorneys, auditors, financial advisors, accountants and other professional representatives) or service providers, who have a need to know and are legally bound to keep such Confidential Information confidential by confidentiality obligations or, in the case of professional advisors, are bound by ethical duties to keep such Confidential Information confidential consistent with these Terms; and (ii) as required by applicable law or by a binding order of a court of competent jurisdiction (in which case each party, to the extent permissible, will provide the other with prior written notification thereof, will provide such party with the opportunity to contest such disclosure, and will use its reasonable efforts to minimize such disclosure to the extent permitted by applicable law).

Both you and we agree to exercise due care in protecting the Confidential Information of the other party from unauthorized use and disclosure. In the event of actual or threatened breach of the provisions of this Section, the non-breaching party will be entitled to seek immediate injunctive and other equitable relief, without waiving any other rights or remedies available to it. Both you and the Customer will promptly notify the other in writing if it becomes aware of any violations of the confidentiality obligations set forth herein.

Our Use is Restricted. Customer shall not use Extract’s Confidential Information except as expressly permitted herein. Extract shall not use the User Data for the business benefit of any third party unless required by law.

9. Representations and Warranties; Disclaimers.

Customer Representations. Customer represents and warrants that it has sufficient authority to accept these Terms and that it has not entered into any other agreement, obligation or restriction which would prohibit it from receiving the Services or the access of Customer’s data by Extract. Customer will promptly inform Extract if it has reason to believe that the former representation is, or may no longer be, true.

DISCLAIMER OF WARRANTY. CUSTOMER ACCEPTS THE SERVICES AND ANY REPORTS OR ANALYTICS “AS IS”. EXTRACT MAKES NO WARRANTIES OR REPRESENTATIONS REGARDING THE SERVICES, REPORTS OR ANALYTICS AND DISCLAIMS ALL EXPRESS OR IMPLIED AND STATUTORY WARRANTIES, INCLUDING, BUT NOT LIMITED TO, ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, QUALITY, ACCURACY, TITLE, SECURITY, COMPATIBILITY OR PERFORMANCE. NO OTHER DOCUMENT OR ORAL STATEMENTS MADE BY EXTRACT OR ITS REPRESENTATIVES SHALL BE DEEMED TO PROVIDE ANY WARRANTY OR REPRESENTATION UNLESS EXPRESSLY SET FORTH HEREIN. ANY ACTIONS TAKEN BY THE COMPANY BASED ON THE ANALYTICS ARE AT COMPANY’S SOLE RISK.

LIMITATION OF LIABILITY. IN NO EVENT OTHER THAN EXTRACT’s BREACH OF ITS CONFIDENTIALITY OBLIGATIONS ABOVE, SHALL EXTRACT OR ITS AFFILIATES OR ANY OF THEIR RESPECTIVE SHAREHOLDERS, DIRECTORS, OFFICERS, EMPLOYEES, CONSULTANTS, SUCCESSORS OR ASSIGNS, HAVE ANY LIABILITY FOR ANY CONSEQUENTIAL, INDIRECT, SPECIAL OR PUNITIVE DAMAGES, ARISING OUT OF OR RELATING TO THE SERVICES OR THE ARRANGEMENTS CONTEMPLATED HEREIN, INCLUDING IN RESPECT OF LOST PROFITS, LOST BUSINESS OPPORTUNITIES OR LOST DATA, WHETHER LIABILITY ARISES IN CONTRACT, TORT (INCLUDING NEGLIGENCE) OR ANY OTHER THEORY OF LIABILITY.

IN NO EVENT SHALL THE LIABILITY OF EXTRACT OR ITS AFFILIATES OR ANY OF THEIR RESPECTIVE SHAREHOLDERS, DIRECTORS, OFFICERS, EMPLOYEES, CONSULTANTS, SUCCESSORS OR ASSIGNS) FOR THE PROVISION OF THE SERVICES OR UNDER ANY PROVISION OF THESE TERMS EXCEED THE AMOUNT OF PAYMENT RECEIVED BY EXTRACT FROM COMPANY IN THE TWELVE (12) MONTHS PRECEDING THE APPLICABLE CLAIM, WHETHER LIABILITY ARISES IN CONTRACT, TORT (INCLUDING NEGLIGENCE) OR ANY OTHER THEORY OF LIABILITY.

THE ABOVE EXCLUSIONS AND LIMITATIONS OF LIABILITY SHALL NOT APPLY TO BODILY HARM CAUSED BY EXTRACT’S NEGLIGENCE OR TO EXTRACT’S WILLFUL OR INTENTIONAL MISCONDUCT.

Customer understands that Extract is not a data storage service. Customer must make backups of any data provided to Extract, and Extract shall have no liability for any lost or corrupted data.

10. Customer Indemnity.

Scope of Indemnity. You agree to indemnify and hold harmless Extract and its affiliates and their respective directors, shareholders, officers, employees, contractors, successors and assigns upon our request and at your own expense, from, and against, any damages, loss, costs, expenses and payments, including reasonable attorney’s fees and legal expenses, arising from any complaint, claim, plea, or demand brought by a third party in connection with, arising from or otherwise related to (a) any Customer Application, or (b) your breach of these Terms.

Indemnity Procedure. If Extract seeks indemnification from you, Extract will provide you with (i) prompt written notice of any indemnifiable claim; (ii) reasonable assistance and cooperation in the defense of such indemnifiable claim and any related settlement negotiations, at your expense; and (iii) exclusive control over the defense or settlement of such indemnifiable claim, provided, however, that we may settle or reach compromise on any such claim without your consent, if and to the extent such settlement or compromise does not impose any liability (monetary, criminal or otherwise) on you, and further provided that you do no settle the indemnifiable claim in any manner prejudicial to us. We will have the right to participate, our own expense, in the defense (and related settlement negotiations) of any indemnifiable claim with counsel of our own selection.

11. Term and Termination.

The term of these Terms shall commence as of your acceptance hereof and shall continue for the initial period set forth on the Service Entitlement (the “Initial Term”). Upon the end of that Initial Term, these Terms shall automatically renew for successive periods of equal length (collective, the “Term”), unless a party notifies the other party in writing of its desire not to renew these Terms at least 30 days prior to the end of the then-current period. If the Service Entitlement provides for an initial “opt-out period”, Customer may terminate these Terms during the opt-out period. Other than as set forth above, Customer may not terminate these Terms during the Term, except in case of Extract’s material breach of these Terms which Extract does not cure within 21 days of receiving Customer’s written notice about the breach.

Extract may terminate these Terms with written notice if it has reason to believe that Customer is or is likely to be in breach of any provision of these Terms, where Customer does not cure the breach within 21 days of receiving Extract’s written notice about the breach, except for a breach that causes imminent or irreparable harm to Extract which shall not be subject to the 21 days’ notice period.

Upon any termination or expiration of these Terms, Extract will cease providing the Services. In the event of any termination (a) Customer will not be entitled to any refunds of any fees already paid, (b) any outstanding balance for Services rendered through the date of termination will be immediately due and payable in full, and (c) your account on the Services will shut down, you will no longer have access to the Services and all Customer Data stored on the Services shall be permanently deleted by Extract. Sections ‎5, ‎6, ‎7.b, ‎8.b, ‎8.f, ‎10, ‎13, ‎14, ‎15, ‎16 and ‎18 of these Terms shall survive any termination thereof.

12. Force Majeure.

Each party shall be excused from performance hereunder, except with regard to payment obligations, to the extent that the failure to perform such obligation is due to a Force Majeure Event. A “Force Majeure Event” means any circumstance not within the reasonable control of the party affected, but only if and to the extent that (i) such circumstance, despite the exercise of reasonable diligence, cannot be prevented, avoided or removed by such party, and (ii) such circumstance materially and adversely affects the ability of the party to perform its obligations hereunder. With respect to Extract, the cessation of any third party data provider in providing data shall be deemed a Force Majeure Event. If a Force Majeure Event continues for more than thirty (30) days, either party may terminate these Terms upon written notice.

13. Miscellaneous.

Order of Precedence. In the event of any conflict between these Terms and the Service Entitlement, the Service Entitlement shall govern unless expressly stated otherwise in the Service Entitlement.

Entire Terms. These Terms, the Addendum and the Service Entitlement constitute the entire agreement between the parties regarding the subject matter hereof and supersedes any and all other agreements between the parties, whether written or oral, regarding the subject matter hereof.

Amendments. These Terms (other than Extract’s Privacy Policy available at https://www.extract.to/privacy-policy/) may not be modified or amended except in a writing executed by both parties.

Waivers. A waiver of any default hereunder or of any of the terms and conditions of these Terms shall not be deemed to be a continuing waiver or a waiver of any other default or of any other term or condition, but shall apply solely to the instance to which such waiver is directed.

Notices. Extract may provide Customer with notices required hereunder by contacting Customer at any email address Customer provided, including in its registration information.

Assignment. Extract may, upon notice to Customer, assign its rights or obligations pursuant to these Terms to a relevant third party as part of a merger or acquisition of Extract or its business activities relating to the performance of these Terms. By virtue of such assignment, the assignee assumes all Extract’s performance, obligations, rights and duties under these Terms, and Extract is irrevocably released from them. Customer agrees not to assign any rights under these Terms; any attempted assignment shall be null and void.

Unenforceable Terms. If any part of these Terms shall be invalid or unenforceable, such part shall be interpreted to give the maximum force possible to such terms as possible under applicable law, and such invalidity or unenforceability shall not affect the validity or enforceability of any other part or provision of these Terms which shall remain in full force and effect.

Governing Law and Venue. These Terms shall be governed by and construed in accordance with the internal laws of the State of California (without reference to the conflicts of law provisions thereof that would require the application of the law of any other jurisdiction). Any dispute, controversy or claim arising under, out of or relating to these Terms and any subsequent amendment or update to these Terms shall be exclusively referred to and finally determined only in a court of competent jurisdiction located in San Francisco, California (each a “Court”) and both parties agree that neither of them shall object to the jurisdiction of any such Court based upon an argument of lack of jurisdiction, improper venue, forum non conveniens or any other grounds, and hereby submit themselves to the jurisdiction of any Court. EACH PARTY HEREBY WAIVES ITS RIGHT TO A TRIAL BY JURY AND CONSENTS TO A BENCH TRIAL WITH THE APPROPRIATE JUDGE ACTING AS THE FINDER OF FACT. Notwithstanding the foregoing, Extract may: (a) assert an impleader claim in any court adjudicating a third party claim that is covered by the indemnification provisions of these Terms; and (b) assert a claim for interim injunctive relief in any other court having general or specific jurisdiction over the Customer.

Data Processing Agreement

This Data Processing Addendum (“Addendum”) is entered into between Extract and the Customer.

WHEREAS, the Services involve processing certain personal data and the parties wish to regulate Extract’s processing of such personal data, through this Data Processing Addendum.

THEREFORE, the parties have agreed to this Addendum, consisting of two parts:

Part One applies with respect to the GDPR (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and supplementary GDPR legislations in EU member states).

Part Two applies with respect to the UK Data Protection Act 2018, as well as the GDPR as it forms part of the law of England and Wales, Scotland and Northern Ireland by virtue of section 3 of the European Union (Withdrawal) Act 2018 and as amended by the Data Protection, Privacy and Electronic Communications (Amendments etc.) (EU Exit) Regulations 2019 (SI 2019/419) (“UK GDPR”).

Part Three applies with respect to the California Consumer Privacy Act of 2018 (CCPA) and Digital Personal Data Protection Act, 2023 of India.

Parts One, Two, and Three apply only to Extract’s processing personal data or personal information of the Customer’s end-users, for which Extract is a Data Processor (as defined in the GDPR), or a service provider (as defined in the CCPA) on behalf of the Customer and under the Customer’s instructions. Parts One, Two, and Three do not apply to Extract’s processing personal data or personal information on the Extract website at https://www.extract.to/ or Extract’s processing personal data or personal information of representatives of Extract’s existing and prospective businesses using our Services.

In the event of any conflicting stipulations between this Addendum and the terms or any other agreement in place between the parties, the provisions of this Addendum shall prevail, except where explicitly agreed otherwise in writing.

PART ONE

This Part One only applies within the scope identified in the preamble of this Addendum.

  1. Customer commissions, authorizes, and requests that Extract provide Customer the Services, which involves Processing Personal Data (as these capitalized terms are defined and used in the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679), and in applicable national law implementing the GDPR, or in any subsequent superseding legislation; these shall collectively be referred to as “Data Protection Law”). Customer shall: (a) establish, abide by and communicate a privacy notice to its data subjects, explaining, among others, the processing activities carried out by Extract on behalf of the customer; (b) provide data subjects the ability to opt-out of the processing activities carried out by Extract, and (c) substantiate the legal basis under Data Protection Law for obtaining and processing the Personal Data as carried out by Extract on behalf of the Customer.

Customer and Extract hereby assent to the Annex to Commission Implementing Decision (EU) 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council (“SCCs”), as follows:

  • In Section II (Obligations of the Parties), Clause 9(a) for MODULE TWO: Transfer controller to processor: The data importer shall specifically inform the data exporter in writing of any intended changes to that list through the addition or replacement of sub-processors at least 10 days in advance, thereby giving the data exporter sufficient time to be able to object to such changes prior to the engagement of the sub-processor(s).
  • In Section IV (Final Provisions), Clause 17 for MODULE TWO: Transfer controller to processor: The Parties agree that this shall be the EU member state in which the Customer is established, or, if the Customer is not established in any EU member state, then the law of the Republic of Ireland.
  • In Section IV (Final Provisions), Clause 18(b) for MODULE TWO: Transfer controller to processor: The Parties agree that those shall be the courts of the EU member state’s town in which the Customer is established, or, if the Customer is not established in any EU member state, then the courts of Dublin, Ireland.
  • In Annex I, for MODULE TWO: Transfer controller to processor:
    • Data Exporter: Customer.
      • Activities relevant to the data transferred under these Clauses: data movement into or from the Customer data warehouses.
      • Role: Controller.
    • Data Importer: Extract
      • Activities relevant to the data transferred under these Clauses: Developer, operator and provider of the data movement platform.
      • Role: Processor.
    • Description of Transfer:
      • Categories of data subjects whose personal data is transferred: Individuals whose personal data is moved into or from the Customer data warehouses as determined by the Customer.
      • Categories of personal data transferred: Personal data of individuals moved into or from the Customer data warehouses as determined by the Customer, and can include among other details their IP Address, Email, Name and Address.
    • Sensitive data transferred: As determined by the Customer. Customer shall not feed any ‘Special Categories of Data’ within the meaning of the GDPR without prior writing.
    • The frequency of the transfer: on a continuous basis
    • Nature of the processing: Data movement by the Services into and from the Customer data warehouses.
    • Purpose(s) of the data transfer and further processing: the provision of a technology platform that provides the Customer the ability to move its data into and from its data warehouses.
    • The period for which the personal data will be retained: the period set out in the Service Entitlement.
  • Transfers to (sub-) processors:
    • AWS:
      • Name: Amazon Web Services, Inc.
      • Subject matter and nature of Processing Activities: Data and Cloud solution
      • Location of processing and EU Safeguard Mechanism: United States (SCCs)
  • Competent Supervisory Authority: the data protection authority in the EU member state in which the Customer is established, or the Customer’s lead supervisory authority for GDPR purposes, but if the Customer is not established in any EU member state, then the supervisory authority of the EU member state in which the Customer’s EU representative pursuant to Article 27 of the GDPR is located.

In Annex II, for MODULE TWO (TECHNICAL AND ORGANIZATIONAL MEASURES INCLUDING TECHNICAL AND ORGANIZATIONAL MEASURES TO ENSURE THE SECURITY OF THE DATA): Transfer controller to processor – See appendix below.

The Customer will comply with its obligations under the GDPR, in particular in the processing instructions it issues to Extract as per Clause 8.1 of the SCCs.

If Extract’s assistance to Customer under Clause 10 of the SCCs entails material costs, expenses or resources to Extract, then the parties shall first discuss and agree on the fees payable to Extract for such assistance.

Audit and inspections conducted under Clause 8.9 of the SCCs shall be conducted during ordinary business hours of Extract and with minimal disruption to Extract’s ordinary course of business, shall not extend to any activities of Extract with other customers or parties, and if conducted by an independent auditor, such auditor shall be made subject to appropriate confidentiality undertakings satisfactory to Extract. If such inspections or audits entail material costs, expenses or resources to Extract, then the parties shall first discuss in good faith and agree on the fees payable to Extract for such inspections or audits.

Extract has appointed the person listed below as a contact person for data protection purposes: Mr. Eran Friedman, eran@extract.to . Any change in this contact person shall be disclosed promptly to Customer.

APPENDIX

The following is a summarized description of the key technical and organizational security measures implemented by Extract. A complete and detailed description of the technical and organizational security measures implemented by Extract is provided in Extract’s annual SOC 2 Type II annual report, which Customer can receive a copy of, in confidence, subject to appropriate confidentiality undertakings by the Customer.

  • The security policies are documented by the Extract management, reviewed, and approved on a regular basis. Security and Privacy awareness training is performed on an annual basis.
  • A comprehensive risk assessment that identifies and evaluates changes to business objectives, commitments and requirements, internal operations and external factors that threaten the achievement of business objectives is performed periodically. As part of this process, threats to system security are identified, evaluated and the risk from these threats is formally assessed. The process is maintained on an ongoing basis.
  • The production environment is monitored 24/7/365. Actions performed on the production environment, including OS, DB and application are monitored and logged. Key Extract staff members are notified of events related to security, availability, or confidentiality. Service interruptions, maintenance and updates are communicated to customers. A Disaster Recovery Plan is maintained to continue providing critical services in the event of disaster and is tested on a regular basis.
  • Access to system resources is protected through a combination of firewalls, VPNs, SSH keys, application controls and other mechanisms. Single sign-on (SSO) is used for identity and access management. Access is restricted to only authorized personnel per need.
  • Physical access to the offices is restricted to authorized personnel using a digital key. Visitors are always accompanied while on premises.
  • Permissions to the different environments (servers, database, and application) are reviewed and approved by Extract on a quarterly basis.
  • Data is encrypted in transit and at rest.
  • A password policy is implemented within the different systems and enforces strong password practices.
  • A data loss prevention (DLP) solution is implemented at Extract to identify data breaches. Automated alerts are sent to the Security team in case of suspicious activity.
  • An antivirus/malware solution is installed on employees’ laptops, and laptops’ disks are encrypted as well. The process is centrally managed using a unified management tool.
  • Vulnerability tests are performed to the production environment, infrastructure, and network on a regular basis. Third-party penetration tests are performed on an annual basis. Issues are investigated and dealt with as part of the SDLC process or by any necessary means.
  • Terminated employees go through an off-boarding process in a timely manner.
  • Relevant third-party providers sign confidentiality agreements.

PART TWO

Customer and Extract hereby assent to the Annex to the International Data Transfer Addendum to the EU Commission Standard Contractual Clauses of 21 March 2022 issued under Section 119A of the UK Data Protection Act 2018, available at https://ico.org.uk/media/for-organisations/documents/4019539/international-data-transfer-addendum.pdf (“UK SCCs”), as follows:

  • Start Date: The Effective Date of the Agreement
  • Parties’ details:
    • Exporter: As set forth in the Service Entitlement
    • Importer: Singular Labs, Inc., 1111B S Governors Ave STE 25765 Dover, DE 19904
  • Key Contact:
    • Exporter: As set forth in the Service Entitlement
    • Importer: Eran Friedman, privacy@extract.to
  • Addendum EU SCCs: The version of the Approved EU SCCs in Part One above, including the Appendix Information.
  • Appendix Information: see Part One above, including the Appendix Information.
  • Ending this Addendum when the Approved Addendum Changes: Exporter

PART THREE

1. Scope. This Part Three applies to the processing of ‘personal information’ (as defined in Cal. Civ. Code §1798.140(v)) by Extract within the scope identified in the preamble of this Addendum.

2. Definitions.

Capitalized terms used in this Part Three but not defined in this Part Three have the meaning ascribed to them in the Agreement and the Addendum.

Consumer” means a natural person, including a natural person in their professional or work capacity.

CPRA” means Cal. Civ. Code §1798.100 et seq. and the regulations at 11 C.C.R. §7000 et seq.

Personal Information” means Personal Data as defined in the preamble of this Addendum.

Collect” (and its cognate terms) means buying, renting, gathering, obtaining, receiving, or accessing any Personal Information pertaining to a Consumer by any means. This includes obtaining information from the Consumer, either actively or passively, or by observing the Consumer’s behavior or interaction.

Process” (and its cognate terms) means any operation or set of operations that are performed on Personal Information or on sets of personal information, whether or not by automated means.

Sell” (and its cognate terms) means selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a Consumer’s Personal Information for monetary or other valuable consideration.

Share” (and its cognate terms) means sharing, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a Consumer’s Personal Information  for cross-context behavioral advertising, whether or not for monetary or other valuable consideration, including transactions for cross-context behavioral advertising  in which no money is exchanged.

3. Extract’s Obligations. The Parties acknowledge and agree that Extract is a ‘service provider’ as defined in Cal. Civ. Code §1798.140(ag). To that end, and unless otherwise requires by law:

  • Extract must not Sell or Share any Personal Information it Collects.
  • The parties agree that Customer is disclosing the Personal Information to Extract only for the following limited and specified business purposes: to provide and support the operation of the Extract Services described in the Service Entitlement. Extract is prohibited from retaining, using, or disclosing the Personal Information that it Collects for any commercial purpose other than the foregoing business purposes, unless expressly permitted by the CPRA and this Part Three. Additionally, Extract is prohibited from retaining, using, or disclosing the Personal Information that it Collects pursuant to this Agreement outside the direct business relationship between Extract and Customer, unless expressly permitted by the CPRA and this Part Three.
  • Extract shall comply with all applicable sections of the CPRA and shall provide, with respect to Personal Information it Collects, the same level of privacy protection as required by the CPRA.
  • Extract grants Customer the right to take reasonable and appropriate steps to ensure that Extract uses the Personal Information it Collects in a manner consistent with the obligations under this Part Three and the CPRA.
  • Extract must promptly notify Customer when it makes a determination that it can no longer meet its obligations under this Part Three or the CPRA.
  • Extract grants Customer the right, upon notice, to take reasonable and appropriate steps to stop and remediate Extract’s unauthorized use of Personal Information.
  • If Extract received a request from a California consumer about his or her is ‘personal information’ (as defined in Cal. Civ. Code §1798.140(o)), Extract shall not comply with the request itself, inform the consumer that Extract’s basis for denying the request is that the Extract is merely a service provider that follows Customer’s instruction, and inform the consumer that they should submit the request directly to the Customer and provide the consumer with the Customer’s contact information.

4. Customer’s obligations. The Customer shall not feed into the Services any Protected Health Information (as defined under the United States Health Insurance Portability and Accountability Act of 1996 (as amended) or any information which are considered sensitive as per the enumerated categories at Cal. Civ. Code §1798.81.5(d).

5. Subcontracting to suppliers. Customer authorizes Extract to subcontract any of its Services-related activities which involve the processing of the personal information or requiring personal information to be processed by any third party supplier, provided that Extract shall ensure that the third party is bound by obligations consistent with this Part Three.

6. Return or deletion of information. Upon Customer’s written request where no subsequent further processing is required, Extract shall, at the instruction of Customer, either delete, destroy or return to Customer, some or all (however instructed) of the personal information that it and its third party suppliers process for Customer.

7. Assistance in responding to consumer requests. Extract shall assist Customer by appropriate technical and organizational measures, insofar as this is possible, for the fulfilment of Customer’s obligation to respond to requests for exercising the consumer rights under the California Consumer Privacy Act of 2018.

8. Data security. Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of Extract’s processing of personal information for Customer, as well as the nature of personal information processed for Customer, Extract shall implement and maintain reasonable security procedures and practices appropriate to the nature of the information, to protect the personal information from unauthorized access, destruction, use, modification, or disclosure (including data breaches).

Last Updated: April 6th, 2025