Contracts
- FY2024 Product Descriptions
- Product Descriptions
- Enterprise Services Agreement
- Data Processing Addendum
- Clickwrap Order Form Rider
- Free Trial License Agreement
- Terms of Service
- Privacy Policy
- Sandbox Trial License Agreement
- API Terms of Use
- International Compliance
- Virtual Patent Marking
- AI Addendum
FY2024 Product Descriptions
Effective April 28th 2025
DownloadTable of Contents
Ironclad CLM
Ironclad CLM provides access to create, manage, and store contracts. CLM also automatically extracts important contract data for verification when a customer uploads contracts to their repository. Includes API access for Okta and SCIM integrations.
- The included Smart Import Uploads entitlement replenishes annually, and unused uploads will not roll over from the previous year.
- The included signature packet entitlement is a one-time offer and unused packets will not roll over from the previous year.
- The included Custom AI Clauses entitlement is fixed and the clauses may be used through the duration of the Agreement.
- eSignature providers: Docusign, Adobe Acrobat Sign, Dropbox Sign (formerly HelloSign)
- Cloud Storage: Google Drive, OneDrive, Box, DropBox, Egnyte
- SSO: SAML based single sign on
Ironclad CLM User Types
Requester Seats have the ability to:
- Create contract requests using workflow launch forms
- View, comment on, upload/download drafts, and search for contracts
- Approve contracts that they have launched
- Sign contracts
Standard Seats are for business users who interact with all aspects of the Ironclad platform, but do not make changes to admin settings or workflow configurations. In addition to the abilities of Requester Seats, they have the ability to:
- Edit contracts using Ironclad Editor, including the ability to redline documents or draft new clauses using AI Assist, powered by OpenAI
- Be designated as a workflow approver for any contracts in Workflow Designer
- Search, view, and upload contracts in the Repository and create custom Repository and Dashboard views
- Create and view reports in Insights
Administrator Seats have full access to Ironclad's platform, allowing them to control user permissions, workflow configurations, integrations, and other admin settings. In addition to the abilities of Standard Seats, they have the ability to:
- Create and maintain workflow configurations in Workflow Designer
- Manage Groups, API Access, User Management, and Integration settings
Note: For all user types, a user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Ironclad CLM Add-ons
Ironclad's Coupa Integration streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition request
- Automatically approve workflows in Ironclad based on Coupa approvals
- Automatically hold purchase order generation until a contract is executed in Ironclad
Ironclad's Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange, and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from within Salesforce using a custom Lightning Web Component and map Salesforce fields to Ironclad workflow attributes
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object
- Launch a workflow in Ironclad from a list of vendors pulled in from OneTrust
- Map specific metadata from OneTrust on the vendor that you want to include on specific workflows
- Launch a new engagement in OneTrust for that vendor
- Create a new vendor in OneTrust and prevent approvals of the contract prior to the vendor being approved in OneTrust
API Access: API Access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here. Purchasing API Access is required for any API use beyond the basic Okta and SCIM integrations included with Ironclad CLM. API Access does not include access to Ironclad Signature API endpoints.
Additional API calls: Additional API calls beyond the standard number that comes with API Access.
Additional Smart Import Uploads: Additional Smart Import uploads beyond the annual imports that come with an Ironclad CLM subscription.
Non-production Separate Instance: Ironclad instance for non-production uses such as training and testing.
Use of Ironclad's EU data center: Ironclad's European Union data center is based in Belgium with a backup center in Germany. This data center allows EU customers to store their data locally within the EU.
Additional 1TB of Storage: Additional storage beyond the standard 1 TB amount.
- Adapt the quality and accuracy of AI results as well as improve the ability to understand any unique data and domain knowledge and context. 10 Custom AI clauses are included.
- Train and fine-tune Ironclad AI models for improved performance on customers’ most important clauses & provisions. Available to all Ironclad customers (NA & EUDC).
Ironclad Signature
- Application: When completed via the Ironclad Application (i.e. Ironclad CLM), a contract is “completed” when all signatures (acceptances) are collected and at least 1 signature (acceptance) is captured with Ironclad Signature. Note: this is only available with Ironclad CLM.
- API: When completed via the Ironclad API (i.e. Activity API, Embedded Clickwrap), a completed contract includes up to ten (10) agreed events per session per signer. An agreed event occurs when a signer checks an embedded clickwrap checkbox or a separate template is agreed to per checkbox (eg, 2 templates are linked to 1 checkbox equals 2 agreed events). Note: this is only available with the Ironclad Signature API Access Fee.
- API (Application programming interface) access: Activity and REST APIs that facilitate document generation and acceptance functionality programmatically. API use is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here. SDKs are also available.
- Embedded Clickwrap application: A web application that supports the creation and management of documents that can be rendered natively in external systems.
- JavaScript Snippet: A code snippet that enables rendering documents natively in external systems.
- Snapshots: Configure, manage, and capture visual evidence of documents rendered in external systems.
- Legal Centers: Web pages that Ironclad generates automatically to present legal contracts. They provide the ability to manage, publish, and host legal terms online and incorporate them by reference in other documents. One (1) legal center on a standard domain is included.
Jurist
Ironclad Public Workflows
Ironclad’s Public Workflows (Standard) facilitate self-service contract generation and presentation via a publicly hosted URL. Public Workflows are triggered by a launch form and accepted using Ironclad Signature or an integrated eSignature provider.
Ironclad Legal Centers
Legal Centers provide the ability to manage, publish, and host legal terms online and incorporate them by reference in other documents. Package includes:
- 1 Legal Center link
- Branding with company logo
- Standard domain (No HTML/CSS customization)
Success Plans
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday, through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 8 hours
- P2: 24 hours
- P3: 48 hours
The Priority Success Plan helps you achieve your goals with self-guided resources and accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday, through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 6 hours
- P2: 12 hours
- P3: 24 hours
The Premier Success Plan provides you with access to success management assistance for adoption guidance during business hours as well as accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager to assist with adoption, best practices, and use-case optimization on the Ironclad platform. This includes 1:1 account and optimization reviews, in addition to an annual business review.
- Technical Support: Access to Ironclad Technical Support Experts, 24 hours a day, 7 days a week, through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 2 hours
- P1: 4 hours
- P2: 12 hours
- P3: 24 hours
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring and adoption guidance.
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager for ongoing 1:1 personalized and recurring planning sessions, business reviews, and joint success plans centered around strategic goals and performance metrics.
- Technical Support: Access to Ironclad Technical Support Experts, 24 hours a day, 7 days a week, through written cases and live chat.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 1 hour
- P1: 2 hours
- P2: 4 hours
- P3: 8 hours
For all Success Plans, the following definitions apply:
- P0 - Ironclad production issue affecting all users, including system unavailability and data integrity issues with no workaround available. Software is materially non-functional.
- P1 - Significant or ongoing interruptions of use of critical software functions with no acceptable workaround available.
- P2 - Minor or limited interruptions of use of a non-critical software function. Issue affecting some but not all users. Short-term workaround is available.
- P3 - General questions and issues pertaining to the software. Information requested about software capabilities, usability, deployment or configuration.
Effective April 28th 2025 to April 28th 2025
DownloadTable of Contents
Ironclad CLM
Ironclad CLM provides access to create, manage, and store contracts. CLM also automatically extracts important contract data for verification when a customer uploads contracts to their repository. Includes API access for Okta and SCIM integrations.
- The included Smart Import Uploads entitlement replenishes annually, and unused uploads will not roll over from the previous year.
- The included signature packet entitlement is a one-time offer and unused packets will not roll over from the previous year.
- The included Custom AI Clauses entitlement is fixed and the clauses may be used through the duration of the Agreement.
- eSignature providers: Docusign, Adobe Acrobat Sign, Dropbox Sign (formerly HelloSign)
- Cloud Storage: Google Drive, OneDrive, Box, DropBox, Egnyte
- SSO: SAML based single sign on
Ironclad CLM User Types
Requester Seats have the ability to:
- Create contract requests using workflow launch forms
- View, comment on, upload/download drafts, and search for contracts
- Approve contracts that they have launched
- Sign contracts
Standard Seats are for business users who interact with all aspects of the Ironclad platform, but do not make changes to admin settings or workflow configurations. In addition to the abilities of Requester Seats, they have the ability to:
- Edit contracts using Ironclad Editor, including the ability to redline documents or draft new clauses using AI Assist, powered by OpenAI
- Be designated as a workflow approver for any contracts in Workflow Designer
- Search, view, and upload contracts in the Repository and create custom Repository and Dashboard views
- Create and view reports in Insights
Administrator Seats have full access to Ironclad's platform, allowing them to control user permissions, workflow configurations, integrations, and other admin settings. In addition to the abilities of Standard Seats, they have the ability to:
- Create and maintain workflow configurations in Workflow Designer
- Manage Groups, API Access, User Management, and Integration settings
Note: For all user types, a user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Ironclad CLM Add-ons
Ironclad's Coupa Integration streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition request
- Automatically approve workflows in Ironclad based on Coupa approvals
- Automatically hold purchase order generation until a contract is executed in Ironclad
Ironclad's Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange, and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from within Salesforce using a custom Lightning Web Component and map Salesforce fields to Ironclad workflow attributes
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object
- Launch a workflow in Ironclad from a list of vendors pulled in from OneTrust
- Map specific metadata from OneTrust on the vendor that you want to include on specific workflows
- Launch a new engagement in OneTrust for that vendor
- Create a new vendor in OneTrust and prevent approvals of the contract prior to the vendor being approved in OneTrust
API Access: API Access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here. Purchasing API Access is required for any API use beyond the basic Okta and SCIM integrations included with Ironclad CLM. API Access does not include access to Ironclad Signature API endpoints.
Additional API calls: Additional API calls beyond the standard number that comes with API Access.
Additional Smart Import Uploads: Additional Smart Import uploads beyond the annual imports that come with an Ironclad CLM subscription.
Non-production Separate Instance: Ironclad instance for non-production uses such as training and testing.
Use of Ironclad's EU data center: Ironclad's European Union data center is based in Belgium with a backup center in Germany. This data center allows EU customers to store their data locally within the EU.
Additional 1TB of Storage: Additional storage beyond the standard 1 TB amount.
- Adapt the quality and accuracy of AI results as well as improve the ability to understand any unique data and domain knowledge and context. 10 Custom AI clauses are included.
- Train and fine-tune Ironclad AI models for improved performance on customers’ most important clauses & provisions. Available to all Ironclad customers (NA & EUDC).
Ironclad Signature
- Application: When completed via the Ironclad Application (i.e. Ironclad CLM), a contract is “completed” when all signatures (acceptances) are collected and at least 1 signature (acceptance) is captured with Ironclad Signature. Note: this is only available with Ironclad CLM.
- API: When completed via the Ironclad API (i.e. Activity API, Embedded Clickwrap), a completed contract includes up to ten (10) agreed events per session per signer. An agreed event occurs when a signer checks an embedded clickwrap checkbox or a separate template is agreed to per checkbox (eg, 2 templates are linked to 1 checkbox equals 2 agreed events). Note: this is only available with the Ironclad Signature API Access Fee.
- API (Application programming interface) access: Activity and REST APIs that facilitate document generation and acceptance functionality programmatically. API use is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here. SDKs are also available.
- Embedded Clickwrap application: A web application that supports the creation and management of documents that can be rendered natively in external systems.
- JavaScript Snippet: A code snippet that enables rendering documents natively in external systems.
- Snapshots: Configure, manage, and capture visual evidence of documents rendered in external systems.
- Legal Centers: Web pages that Ironclad generates automatically to present legal contracts. They provide the ability to manage, publish, and host legal terms online and incorporate them by reference in other documents. One (1) legal center on a standard domain is included.
Jurist
Ironclad Public Workflows
Ironclad’s Public Workflows (Standard) facilitate self-service contract generation and presentation via a publicly hosted URL. Public Workflows are triggered by a launch form and accepted using Ironclad Signature or an integrated eSignature provider.
Ironclad Legal Centers
Legal Centers provide the ability to manage, publish, and host legal terms online and incorporate them by reference in other documents. Package includes:
- 1 Legal Center link
- Branding with company logo
- Standard domain (No HTML/CSS customization)
Success Plans
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 8 hours
- P2: 24 hours
- P3: 48 hours
The Priority Success Plan helps you achieve your goals with self-guided resources and accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 6 hours
- P2: 12 hours
- P3: 24 hours
The Premier Success Plan provides you with access to success management assistance for adoption guidance during business hours as well as accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager to assist with adoption, best practices, and use-case optimization on the Ironclad platform. This includes 1:1 account and optimization reviews, in addition to an annual business review.
- Technical Support: Access to Ironclad Technical Support Experts, 24 hours a day, 7 days a week, through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 2 hours
- P1: 4 hours
- P2: 12 hours
- P3: 24 hours
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring and adoption guidance.
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager for ongoing 1:1 personalized and recurring planning sessions, business reviews, and joint success plans centered around strategic goals and performance metrics.
- Technical Support: Access to Ironclad Technical Support Experts, 24 hours a day, 7 days a week, through written cases and live chat.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 1 hour
- P1: 2 hours
- P2: 4 hours
- P3: 8 hours
For all Success Plans, the following definitions apply:
- P0 - Ironclad production issue affecting all users, including system unavailability and data integrity issues with no workaround available. Software is materially non-functional.
- P1 - Significant or ongoing interruptions of use of critical software functions with no acceptable workaround available.
- P2 - Minor or limited interruptions of use of a non-critical software function. Issue affecting some but not all users. Short-term workaround is available.
- P3 - General questions and issues pertaining to the software. Information requested about software capabilities, usability, deployment or configuration.
Effective April 16th 2025 to April 28th 2025
DownloadTable of Contents
Ironclad CLM
Ironclad CLM provides access to create, manage, and store contracts. CLM also automatically extracts important contract data for verification when a customer uploads contracts to their repository. Includes API access for Okta and SCIM integrations.
- The included Smart Import Uploads entitlement replenishes annually, and unused uploads will not roll over from the previous year.
- The included signature packet entitlement is a one-time offer and unused packets will not roll over from the previous year.
- The included Custom AI Clauses entitlement is fixed and the clauses may be used through the duration of the Agreement.
- eSignature providers: Docusign, Adobe Acrobat Sign, Dropbox Sign (formerly HelloSign)
- Cloud Storage: Google Drive, OneDrive, Box, DropBox, Egnyte
- SSO: SAML based single sign on
Ironclad CLM User Types
Requester Seats have the ability to:
- Create contract requests using workflow launch forms
- View, comment on, upload/download drafts, and search for contracts
- Approve contracts that they have launched
- Sign contracts
Standard Seats are for business users who interact with all aspects of the Ironclad platform, but do not make changes to admin settings or workflow configurations. In addition to the abilities of Requester Seats, they have the ability to:
- Edit contracts using Ironclad Editor, including the ability to redline documents or draft new clauses using AI Assist, powered by OpenAI
- Be designated as a workflow approver for any contracts in Workflow Designer
- Search, view, and upload contracts in the Repository and create custom Repository and Dashboard views
- Create and view reports in Insights
Administrator Seats have full access to Ironclad's platform, allowing them to control user permissions, workflow configurations, integrations, and other admin settings. In addition to the abilities of Standard Seats, they have the ability to:
- Create and maintain workflow configurations in Workflow Designer
- Manage Groups, API Access, User Management, and Integration settings
Note: For all user types, a user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Ironclad CLM Add-ons
Ironclad's Coupa Integration streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition request
- Automatically approve workflows in Ironclad based on Coupa approvals
- Automatically hold purchase order generation until a contract is executed in Ironclad
Ironclad's Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange, and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from within Salesforce using a custom Lightning Web Component and map Salesforce fields to Ironclad workflow attributes
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object
- Launch a workflow in Ironclad from a list of vendors pulled in from OneTrust
- Map specific metadata from OneTrust on the vendor that you want to include on specific workflows
- Launch a new engagement in OneTrust for that vendor
- Create a new vendor in OneTrust and prevent approvals of the contract prior to the vendor being approved in OneTrust
API Access: API Access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here. Purchasing API Access is required for any API use beyond the basic Okta and SCIM integrations included with Ironclad CLM. API Access does not include access to Ironclad Signature API endpoints.
Additional API calls: Additional API calls beyond the standard number that comes with API Access.
Additional Smart Import Uploads: Additional Smart Import uploads beyond the annual imports that come with an Ironclad CLM subscription.
Non-production Separate Instance: Ironclad instance for non-production uses such as training and testing.
Use of Ironclad's EU data center: Ironclad's European Union data center is based in Belgium with a backup center in Germany. This data center allows EU customers to store their data locally within the EU.
Additional 1TB of Storage: Additional storage beyond the standard 1 TB amount.
- Adapt the quality and accuracy of AI results as well as improve the ability to understand any unique data and domain knowledge and context. 10 Custom AI clauses are included.
- Train and fine-tune Ironclad AI models for improved performance on customers’ most important clauses & provisions. Available to all Ironclad customers (NA & EUDC).
Ironclad Signature
- Application: When completed via the Ironclad Application (i.e. Ironclad CLM), a contract is “completed” when all signatures (acceptances) are collected and at least 1 signature (acceptance) is captured with Ironclad Signature. Note: this is only available with Ironclad CLM.
- API: When completed via the Ironclad API (i.e. Activity API, Embedded Clickwrap), a completed contract includes up to ten (10) agreed events per session per signer. An agreed event occurs when a signer checks an embedded clickwrap checkbox or a separate template is agreed to per checkbox (eg, 2 templates are linked to 1 checkbox equals 2 agreed events). Note: this is only available with the Ironclad Signature API Access Fee.
- API (Application programming interface) access: Activity and REST APIs that facilitate document generation and acceptance functionality programmatically. API use is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here. SDKs are also available.
- Embedded Clickwrap application: A web application that supports the creation and management of documents that can be rendered natively in external systems.
- JavaScript Snippet: A code snippet that enables rendering documents natively in external systems.
- Snapshots: Configure, manage, and capture visual evidence of documents rendered in external systems.
- Legal Centers: Web pages that Ironclad generates automatically to present legal contracts. They provide the ability to manage, publish, and host legal terms online and incorporate them by reference in other documents. One (1) legal center on a standard domain is included.
Jurist
Ironclad Public Workflows
Ironclad’s Public Workflows (Standard) facilitate self-service contract generation and presentation via a publicly hosted URL. Public Workflows are triggered by a launch form and accepted using Ironclad Signature or an integrated eSignature provider.
Ironclad Legal Centers
Legal Centers provide the ability to manage, publish, and host legal terms online and incorporate them by reference in other documents. Package includes:
- 1 Legal Center link
- Branding with company logo
- Standard domain (No HTML/CSS customization)
Success Plans
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 8 hours
- P2: 24 hours
- P3: 48 hours
The Priority Success Plan helps you achieve your goals with self-guided resources and accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 6 hours
- P2: 12 hours
- P3: 24 hours
The Premier Success Plan provides you with access to success management assistance for adoption guidance during business hours as well as accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager to assist with adoption, best practices, and use-case optimization on the Ironclad platform. This includes 1:1 account and optimization reviews 2-3 times per year, in addition to an annual business review.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 2 hours
- P1: 4 hours
- P2: 12 hours
- P3: 24 hours
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring and adoption guidance.
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager for ongoing 1:1 personalized and recurring planning sessions, business reviews, and joint success plans centered around strategic goals and performance metrics.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases and live chat.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 1 hour
- P1: 2 hours
- P2: 4 hours
- P3: 8 hours
For all Success Plans, the following definitions apply:
- P0 - Ironclad production issue affecting all users, including system unavailability and data integrity issues with no workaround available. Software is materially non-functional.
- P1 - Significant or ongoing interruptions of use of critical software functions with no acceptable workaround available.
- P2 - Minor or limited interruptions of use of a non-critical software function. Issue affecting some but not all users. Short-term workaround is available.
- P3 - General questions and issues pertaining to the software. Information requested about software capabilities, usability, deployment or configuration.
Effective November 20th 2024 to April 16th 2025
DownloadTable of Contents
Ironclad CLM
Ironclad CLM provides access to create, manage, and store contracts. CLM also automatically extracts important contract data for verification when a customer uploads contracts to their repository. Includes API access for Okta and SCIM integrations.
- The included Smart Import Uploads entitlement replenishes annually, and unused uploads will not roll over from the previous year.
- The included signature packet entitlement is a one-time offer and unused packets will not roll over from the previous year.
- The included Custom AI Clauses entitlement is fixed and the clauses may be used through the duration of the Agreement.
- eSignature providers: Docusign, Adobe Acrobat Sign, Dropbox Sign (formerly HelloSign)
- Cloud Storage: Google Drive, OneDrive, Box, DropBox, Egnyte
- SSO: SAML based single sign on
Ironclad CLM User Types
Requester Seats have the ability to:
- Create contract requests using workflow launch forms
- View, comment on, upload/download drafts, and search for contracts
- Approve contracts that they have launched
- Sign contracts
Standard Seats are for business users who interact with all aspects of the Ironclad platform, but do not make changes to admin settings or workflow configurations. In addition to the abilities of Requester Seats, they have the ability to:
- Edit contracts using Ironclad Editor, including the ability to redline documents or draft new clauses using AI Assist, powered by OpenAI
- Be designated as a workflow approver for any contracts in Workflow Designer
- Search, view, and upload contracts in the Repository and create custom Repository and Dashboard views
- Create and view reports in Insights
Administrator Seats have full access to Ironclad's platform, allowing them to control user permissions, workflow configurations, integrations, and other admin settings. In addition to the abilities of Standard Seats, they have the ability to:
- Create and maintain workflow configurations in Workflow Designer
- Manage Groups, API Access, User Management, and Integration settings
Note: For all user types, a user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Ironclad CLM Add-ons
Ironclad's Coupa Integration streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition request
- Automatically approve workflows in Ironclad based on Coupa approvals
- Automatically hold purchase order generation until a contract is executed in Ironclad
Ironclad's Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange, and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from within Salesforce using a custom Lightning Web Component and map Salesforce fields to Ironclad workflow attributes
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object
- Launch a workflow in Ironclad from a list of vendors pulled in from OneTrust
- Map specific metadata from OneTrust on the vendor that you want to include on specific workflows
- Launch a new engagement in OneTrust for that vendor
- Create a new vendor in OneTrust and prevent approvals of the contract prior to the vendor being approved in OneTrust
API Access: API Access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here. Purchasing API Access is required for any API use beyond the basic Okta and SCIM integrations included with Ironclad CLM. API Access does not include access to Ironclad Signature API endpoints.
Additional API calls: Additional API calls beyond the standard number that comes with API Access.
Additional Smart Import Uploads: Additional Smart Import uploads beyond the annual imports that come with an Ironclad CLM subscription.
Non-production Separate Instance: Ironclad instance for non-production uses such as training and testing.
Use of Ironclad's EU data center: Ironclad's European Union data center is based in Belgium with a backup center in Germany. This data center allows EU customers to store their data locally within the EU.
Additional 1TB of Storage: Additional storage beyond the standard 1 TB amount.
- Adapt the quality and accuracy of AI results as well as improve the ability to understand any unique data and domain knowledge and context. 10 Custom AI clauses are included.
- Train and fine-tune Ironclad AI models for improved performance on customers’ most important clauses & provisions. Available to all Ironclad customers (NA & EUDC).
Ironclad Signature
- Application: When completed via the Ironclad Application (i.e. Ironclad CLM), a contract is “completed” when all signatures (acceptances) are collected and at least 1 signature (acceptance) is captured with Ironclad Signature. Note: this is only available with Ironclad CLM.
- API: When completed via the Ironclad API (i.e. Activity API, Embedded Clickwrap), a completed contract includes up to ten (10) agreed events per session per signer. An agreed event occurs when a signer checks an embedded clickwrap checkbox or a separate template is agreed to per checkbox (eg, 2 templates are linked to 1 checkbox equals 2 agreed events). Note: this is only available with the Ironclad Acceptance API Access Fee.
- API (Application programming interface) access: Activity and REST APIs that facilitate document generation and acceptance functionality programmatically. API use is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here. SDKs are also available.
- Embedded Clickwrap application: A web application that supports the creation and management of documents that can be rendered natively in external systems.
- JavaScript Snippet: A code snippet that enables rendering documents natively in external systems.
- Snapshots: Configure, manage, and capture visual evidence of documents rendered in external systems.
- Legal Centers: Web pages that Ironclad generates automatically to present legal contracts. They provide the ability to manage, publish, and host legal terms online and incorporate them by reference in other documents. One (1) legal center on a standard domain is included.
Jurist
Ironclad Public Workflows
Ironclad’s Public Workflows (Standard) facilitate self-service contract generation and presentation via a publicly hosted URL. Public Workflows are triggered by a launch form and accepted using Ironclad Signature or an integrated eSignature provider.
Ironclad Legal Centers
Legal Centers provide the ability to manage, publish, and host legal terms online and incorporate them by reference in other documents. Package includes:
- 1 Legal Center link
- Branding with company logo
- Standard domain (No HTML/CSS customization)
Success Plans
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 8 hours
- P2: 24 hours
- P3: 48 hours
The Priority Success Plan helps you achieve your goals with self-guided resources and accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 6 hours
- P2: 12 hours
- P3: 24 hours
The Premier Success Plan provides you with access to success management assistance for adoption guidance during business hours as well as accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager to assist with adoption, best practices, and use-case optimization on the Ironclad platform. This includes 1:1 account and optimization reviews 2-3 times per year, in addition to an annual business review.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 2 hours
- P1: 4 hours
- P2: 12 hours
- P3: 24 hours
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring and adoption guidance.
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager for ongoing 1:1 personalized and recurring planning sessions, business reviews, and joint success plans centered around strategic goals and performance metrics.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases and live chat.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 1 hour
- P1: 2 hours
- P2: 4 hours
- P3: 8 hours
For all Success Plans, the following definitions apply:
- P0 - Ironclad production issue affecting all users, including system unavailability and data integrity issues with no workaround available. Software is materially non-functional.
- P1 - Significant or ongoing interruptions of use of critical software functions with no acceptable workaround available.
- P2 - Minor or limited interruptions of use of a non-critical software function. Issue affecting some but not all users. Short-term workaround is available.
- P3 - General questions and issues pertaining to the software. Information requested about software capabilities, usability, deployment or configuration.
Effective September 12th 2024 to November 20th 2024
DownloadTable of Contents
Ironclad CLM
Ironclad CLM provides access to create, manage, and store contracts. CLM also automatically extracts important contract data for verification when a customer uploads contracts to their repository. Includes API access for Okta and SCIM integrations.
- The included Smart Import Uploads entitlement replenishes annually, and unused uploads will not roll over from the previous year.
- The included signature packet entitlement is a one-time offer and unused packets will not roll over from the previous year.
- The included Custom AI Clauses entitlement is fixed and the clauses may be used through the duration of the Agreement.
- eSignature providers: Docusign, Adobe Acrobat Sign, Dropbox Sign (formerly HelloSign)
- Cloud Storage: Google Drive, OneDrive, Box, DropBox, Egnyte
- SSO: SAML based single sign on
Ironclad CLM User Types
Requester Seats have the ability to:
- Create contract requests using workflow launch forms
- View, comment on, upload/download drafts, and search for contracts
- Approve contracts that they have launched
- Sign contracts
Standard Seats are for business users who interact with all aspects of the Ironclad platform, but do not make changes to admin settings or workflow configurations. In addition to the abilities of Requester Seats, they have the ability to:
- Edit contracts using Ironclad Editor, including the ability to redline documents or draft new clauses using AI Assist, powered by OpenAI
- Be designated as a workflow approver for any contracts in Workflow Designer
- Search, view, and upload contracts in the Repository and create custom Repository and Dashboard views
- Create and view reports in Insights
Administrator Seats have full access to Ironclad's platform, allowing them to control user permissions, workflow configurations, integrations, and other admin settings. In addition to the abilities of Standard Seats, they have the ability to:
- Create and maintain workflow configurations in Workflow Designer
- Manage Groups, API Access, User Management, and Integration settings
Note: For all user types, a user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Ironclad CLM Add-ons
Ironclad's Coupa Integration streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition request
- Automatically approve workflows in Ironclad based on Coupa approvals
- Automatically hold purchase order generation until a contract is executed in Ironclad
Ironclad's Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange, and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from within Salesforce using a custom Lightning Web Component and map Salesforce fields to Ironclad workflow attributes
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object
- Launch a workflow in Ironclad from a list of vendors pulled in from OneTrust
- Map specific metadata from OneTrust on the vendor that you want to include on specific workflows
- Launch a new engagement in OneTrust for that vendor
- Create a new vendor in OneTrust and prevent approvals of the contract prior to the vendor being approved in OneTrust
API Access: API Access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here. Purchasing API Access is required for any API use beyond the basic Okta and SCIM integrations included with Ironclad CLM. API Access does not include access to Ironclad Signature API endpoints.
Additional API calls: Additional API calls beyond the standard number that comes with API Access.
Additional Smart Import Uploads: Additional Smart Import uploads beyond the annual imports that come with an Ironclad CLM subscription.
Non-production Separate Instance: Ironclad instance for non-production uses such as training and testing.
Use of Ironclad's EU data center: Ironclad's European Union data center is based in Belgium with a backup center in Germany. This data center allows EU customers to store their data locally within the EU.
Additional 1TB of Storage: Additional storage beyond the standard 1 TB amount.
- Adapt the quality and accuracy of AI results as well as improve the ability to understand any unique data and domain knowledge and context. 10 Custom AI clauses are included.
- Train and fine-tune Ironclad AI models for improved performance on customers’ most important clauses & provisions. Available to all Ironclad customers (NA & EUDC).
Ironclad Signature
- Application: When completed via the Ironclad Application (i.e. Ironclad CLM), a contract is “completed” when all signatures (acceptances) are collected and at least 1 signature (acceptance) is captured with Ironclad Signature. Note: this is only available with Ironclad CLM.
- API: When completed via the Ironclad API (i.e. Activity API, Embedded Clickwrap), a completed contract includes up to ten (10) agreed events per session per signer. An agreed event occurs when a signer checks an embedded clickwrap checkbox or a separate template is agreed to per checkbox (eg, 2 templates are linked to 1 checkbox equals 2 agreed events). Note: this is only available with the Ironclad Acceptance API Access Fee.
- API (Application programming interface) access: Activity and REST APIs that facilitate document generation and acceptance functionality programmatically. API use is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here. SDKs are also available.
- Embedded Clickwrap application: A web application that supports the creation and management of documents that can be rendered natively in external systems.
- JavaScript Snippet: A code snippet that enables rendering documents natively in external systems.
- Snapshots: Configure, manage, and capture visual evidence of documents rendered in external systems.
- Legal Centers: Web pages that Ironclad generates automatically to present legal contracts. They provide the ability to manage, publish, and host legal terms online and incorporate them by reference in other documents. One (1) legal center on a standard domain is included.
Ironclad Public Workflows
Ironclad’s Public Workflows (Standard) facilitate self-service contract generation and presentation via a publicly hosted URL. Public Workflows are triggered by a launch form and accepted using Ironclad Signature or an integrated eSignature provider.
Ironclad Legal Centers
Legal Centers provide the ability to manage, publish, and host legal terms online and incorporate them by reference in other documents. Package includes:
- 1 Legal Center link
- Branding with company logo
- Standard domain (No HTML/CSS customization)
Success Plans
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 8 hours
- P2: 24 hours
- P3: 48 hours
The Priority Success Plan helps you achieve your goals with self-guided resources and accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 6 hours
- P2: 12 hours
- P3: 24 hours
The Premier Success Plan provides you with access to success management assistance for adoption guidance during business hours as well as accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager to assist with adoption, best practices, and use-case optimization on the Ironclad platform. This includes 1:1 account and optimization reviews 2-3 times per year, in addition to an annual business review.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 2 hours
- P1: 4 hours
- P2: 12 hours
- P3: 24 hours
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring and adoption guidance.
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager for ongoing 1:1 personalized and recurring planning sessions, business reviews, and joint success plans centered around strategic goals and performance metrics.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases and live chat.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 1 hour
- P1: 2 hours
- P2: 4 hours
- P3: 8 hours
For all Success Plans, the following definitions apply:
- P0 - Ironclad production issue affecting all users, including system unavailability and data integrity issues with no workaround available. Software is materially non-functional.
- P1 - Significant or ongoing interruptions of use of critical software functions with no acceptable workaround available.
- P2 - Minor or limited interruptions of use of a non-critical software function. Issue affecting some but not all users. Short-term workaround is available.
- P3 - General questions and issues pertaining to the software. Information requested about software capabilities, usability, deployment or configuration.
Effective July 12th 2024 to September 12th 2024
DownloadTable of Contents
Ironclad CLM
Ironclad CLM provides access to create, manage, and store contracts. CLM also automatically extracts important contract data for verification when a customer uploads contracts to their repository. Includes API access for Okta and SCIM integrations.
- The included Smart Import Uploads entitlement replenishes annually, and unused uploads will not roll over from the previous year.
- The included signature packet entitlement is a one-time offer and unused packets will not roll over from the previous year.
- The included Custom AI Clauses entitlement is fixed and the clauses may be used through the duration of the Agreement.
Ironclad CLM User Types
Requester Seats have the ability to:
- Create contract requests using workflow launch forms
- View, comment on, upload/download drafts, and search for contracts
- Approve contracts that they have launched
- Sign contracts
Standard Seats are for business users who interact with all aspects of the Ironclad platform, but do not make changes to admin settings or workflow configurations. In addition to the abilities of Requester Seats, they have the ability to:
- Edit contracts using Ironclad Editor, including the ability to redline documents or draft new clauses using AI Assist, powered by OpenAI
- Be designated as a workflow approver for any contracts in Workflow Designer
- Search, view, and upload contracts in the Repository and create custom Repository and Dashboard views
- Create and view reports in Insights
Administrator Seats have full access to Ironclad's platform, allowing them to control user permissions, workflow configurations, integrations, and other admin settings. In addition to the abilities of Standard Seats, they have the ability to:
- Create and maintain workflow configurations in Workflow Designer
- Manage Groups, API Access, User Management, and Integration settings
Note: For all user types, a user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Ironclad CLM Add-ons
Ironclad's Coupa Integration streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition request
- Automatically approve workflows in Ironclad based on Coupa approvals
- Automatically hold purchase order generation until a contract is executed in Ironclad
Ironclad's Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange, and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from within Salesforce using a custom Lightning Web Component and map Salesforce fields to Ironclad workflow attributes
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object
- Launch a workflow in Ironclad from a list of vendors pulled in from OneTrust
- Map specific metadata from OneTrust on the vendor that you want to include on specific workflows
- Launch a new engagement in OneTrust for that vendor
- Create a new vendor in OneTrust and prevent approvals of the contract prior to the vendor being approved in OneTrust
API Access: API Access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here. Purchasing API Access is required for any API use beyond the basic Okta and SCIM integrations included with Ironclad CLM. API Access does not include access to Ironclad Signature API endpoints.
Additional API calls: Additional API calls beyond the standard number that comes with API Access.
Additional Smart Import Uploads: Additional Smart Import uploads beyond the annual imports that come with an Ironclad CLM subscription.
Non-production Separate Instance: Ironclad instance for non-production uses such as training and testing.
Use of Ironclad's EU data center: Ironclad's European Union data center is based in Belgium with a backup center in Germany. This data center allows EU customers to store their data locally within the EU.
Additional 1TB of Storage: Additional storage beyond the standard 1 TB amount.
- Adapt the quality and accuracy of AI results as well as improve the ability to understand any unique data and domain knowledge and context. 10 Custom AI clauses are included.
- Train and fine-tune Ironclad AI models for improved performance on customers’ most important clauses & provisions. Available to all Ironclad customers (NA & EUDC).
Ironclad Signature
- Application: When completed via the Ironclad Application (i.e. Ironclad CLM), a contract is “completed” when all signatures (acceptances) are collected and at least 1 signature (acceptance) is captured with Ironclad Signature. Note: this is only available with Ironclad CLM.
- API: When completed via the Ironclad API (i.e. Activity API, Embedded Clickwrap), a completed contract includes up to ten (10) agreed events per session per signer. An agreed event occurs when a signer checks an embedded clickwrap checkbox or a separate template is agreed to per checkbox (eg, 2 templates are linked to 1 checkbox equals 2 agreed events). Note: this is only available with the Ironclad Acceptance API Access Fee.
- API (Application programming interface) access: Activity and REST APIs that facilitate document generation and acceptance functionality programmatically. API use is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here. SDKs are also available.
- Embedded Clickwrap application: A web application that supports the creation and management of documents that can be rendered natively in external systems.
- JavaScript Snippet: A code snippet that enables rendering documents natively in external systems.
- Snapshots: Configure, manage, and capture visual evidence of documents rendered in external systems.
- Legal Centers: Web pages that Ironclad generates automatically to present legal contracts. They provide the ability to manage, publish, and host legal terms online and incorporate them by reference in other documents. One (1) legal center on a standard domain is included.
Ironclad Public Workflows
Ironclad’s Public Workflows (Standard) facilitate self-service contract generation and presentation via a publicly hosted URL. Public Workflows are triggered by a launch form and accepted using Ironclad Signature or an integrated eSignature provider.
Ironclad Legal Centers
Legal Centers provide the ability to manage, publish, and host legal terms online and incorporate them by reference in other documents. Package includes:
- 1 Legal Center link
- Branding with company logo
- Standard domain (No HTML/CSS customization)
Success Plans
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 8 hours
- P2: 24 hours
- P3: 48 hours
The Priority Success Plan helps you achieve your goals with self-guided resources and accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 6 hours
- P2: 12 hours
- P3: 24 hours
The Premier Success Plan provides you with access to success management assistance for adoption guidance during business hours as well as accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager to assist with adoption, best practices, and use-case optimization on the Ironclad platform. This includes 1:1 account and optimization reviews 2-3 times per year, in addition to an annual business review.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 2 hours
- P1: 4 hours
- P2: 12 hours
- P3: 24 hours
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring and adoption guidance.
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager for ongoing 1:1 personalized and recurring planning sessions, business reviews, and joint success plans centered around strategic goals and performance metrics.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases and live chat.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 1 hour
- P1: 2 hours
- P2: 4 hours
- P3: 8 hours
For all Success Plans, the following definitions apply:
- P0 - Ironclad production issue affecting all users, including system unavailability and data integrity issues with no workaround available. Software is materially non-functional.
- P1 - Significant or ongoing interruptions of use of critical software functions with no acceptable workaround available.
- P2 - Minor or limited interruptions of use of a non-critical software function. Issue affecting some but not all users. Short-term workaround is available.
- P3 - General questions and issues pertaining to the software. Information requested about software capabilities, usability, deployment or configuration.
Effective July 10th 2024 to July 12th 2024
DownloadTable of Contents
Ironclad CLM
Ironclad CLM provides access to create, manage, and store contracts. CLM also automatically extracts important contract data for verification when a customer uploads contracts to their repository. Includes API access for Okta and SCIM integrations.
- The included Smart Import Uploads entitlement replenishes annually, and unused uploads will not roll over from the previous year.
- The included signature packet entitlement is a one-time offer and unused packets will not roll over from the previous year.
- The included Custom AI Clauses entitlement is fixed and the clauses may be used through the duration of the Agreement.
Ironclad CLM User Types
Requester Seats have the ability to:
- Create contract requests using workflow launch forms
- View, comment on, upload/download drafts, and search for contracts
- Approve contracts that they have launched
- Sign contracts
Standard Seats are for business users who interact with all aspects of the Ironclad platform, but do not make changes to admin settings or workflow configurations. In addition to the abilities of Requester Seats, they have the ability to:
- Edit contracts using Ironclad Editor, including the ability to redline documents or draft new clauses using AI Assist, powered by OpenAI
- Be designated as a workflow approver for any contracts in Workflow Designer
- Search, view, and upload contracts in the Repository and create custom Repository and Dashboard views
- Create and view reports in Insights
Administrator Seats have full access to Ironclad's platform, allowing them to control user permissions, workflow configurations, integrations, and other admin settings. In addition to the abilities of Standard Seats, they have the ability to:
- Create and maintain workflow configurations in Workflow Designer
- Manage Groups, API Access, User Management, and Integration settings
Note: For all user types, a user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Ironclad CLM Add-ons
Ironclad's Coupa Integration streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition request
- Automatically approve workflows in Ironclad based on Coupa approvals
- Automatically hold purchase order generation until a contract is executed in Ironclad
Ironclad's Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange, and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from within Salesforce using a custom Lightning Web Component and map Salesforce fields to Ironclad workflow attributes
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object
- Launch a workflow in Ironclad from a list of vendors pulled in from OneTrust
- Map specific metadata from OneTrust on the vendor that you want to include on specific workflows
- Launch a new engagement in OneTrust for that vendor
- Create a new vendor in OneTrust and prevent approvals of the contract prior to the vendor being approved in OneTrust
API Access: API Access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here. Purchasing API Access is required for any API use beyond the basic Okta and SCIM integrations included with Ironclad CLM. API Access does not include access to Ironclad Signature API endpoints.
Additional API calls: Additional API calls beyond the standard number that comes with API Access.
Additional Smart Import Uploads: Additional Smart Import uploads beyond the annual imports that come with an Ironclad CLM subscription.
Non-production Separate Instance: Ironclad instance for non-production uses such as training and testing.
Use of Ironclad's EU data center: Ironclad's European Union data center is based in Belgium with a backup center in Germany. This data center allows EU customers to store their data locally within the EU.
Additional 1TB of Storage: Additional storage beyond the standard 1 TB amount.
- Adapt the quality and accuracy of AI results as well as improve the ability to understand any unique data and domain knowledge and context. 10 Custom AI clauses are included.
- Train and fine-tune Ironclad AI models for improved performance on customers’ most important clauses & provisions. Available to all Ironclad customers (NA & EUDC).
Ironclad Signature
- Application: When completed via the Ironclad Application (i.e. Ironclad CLM), a contract is “completed” when all signatures (acceptances) are collected and at least 1 signature (acceptance) is captured with Ironclad Signature. Note: this is only available with Ironclad CLM.
- API: When completed via the Ironclad API (i.e. Activity API, Embedded Clickwrap), a completed contract includes up to ten (10) agreed events per session per signer. An agreed event occurs when a signer checks an embedded clickwrap checkbox or a separate template is agreed to per checkbox (eg, 2 templates are linked to 1 checkbox equals 2 agreed events). Note: this is only available with the Ironclad Acceptance API Access Fee.
- API (Application programming interface) access: Activity and REST APIs that facilitate document generation and acceptance functionality programmatically. API use is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here. SDKs are also available.
- Embedded Clickwrap application: A web application that supports the creation and management of documents that can be rendered natively in external systems.
- JavaScript Snippet: A code snippet that enables rendering documents natively in external systems.
- Snapshots: Configure, manage, and capture visual evidence of documents rendered in external systems.
- Legal Centers: Web pages that Ironclad generates automatically to present legal contracts. They provide the ability to manage, publish, and host legal terms online and incorporate them by reference in other documents. One (1) legal center on a standard domain is included.
Ironclad Public Workflows
Ironclad’s Public Workflows (Standard) facilitate self-service contract generation and presentation via a publicly hosted URL. Public Workflows are triggered by a launch form and accepted using Ironclad Signature or an integrated eSignature provider.
Ironclad Legal Centers
Legal Centers provide the ability to manage, publish, and host legal terms online and incorporate them by reference in other documents. Package includes:
- 1 Legal Center link
- Branding with company logo
- Standard domain (No HTML/CSS customization)
Success Plans
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 8 hours
- P2: 24 hours
- P3: 48 hours
The Priority Success Plan helps you achieve your goals with self-guided resources and accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 6 hours
- P2: 12 hours
- P3: 24 hours
The Premier Success Plan provides you with access to success management assistance for adoption guidance during business hours as well as accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager to assist with adoption, best practices, and use-case optimization on the Ironclad platform. This includes 1:1 account and optimization reviews 2-3 times per year, in addition to an annual business review.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 2 hours
- P1: 4 hours
- P2: 12 hours
- P3: 24 hours
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring and adoption guidance.
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager for ongoing 1:1 personalized and recurring planning sessions, business reviews, and joint success plans centered around strategic goals and performance metrics.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases and live chat.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 1 hour
- P1: 2 hours
- P2: 4 hours
- P3: 8 hours
For all Success Plans, the following definitions apply:
- P0 - Ironclad production issue affecting all users, including system unavailability and data integrity issues with no workaround available. Software is materially non-functional.
- P1 - Significant or ongoing interruptions of use of critical software functions with no acceptable workaround available.
- P2 - Minor or limited interruptions of use of a non-critical software function. Issue affecting some but not all users. Short-term workaround is available.
- P3 - General questions and issues pertaining to the software. Information requested about software capabilities, usability, deployment or configuration.
Effective May 17th 2024 to July 10th 2024
DownloadTable of Contents
Ironclad CLM
Ironclad CLM provides access to create, manage, and store contracts. CLM also automatically extracts important contract data for verification when a customer uploads contracts to their repository. Includes API access for Okta and SCIM integrations.
- The Smart Import Uploads entitlement resets each year and unused uploads do not roll over from the previous year.
- The signature packet entitlement is conferred per paid subscription.
- The Custom AI Clauses entitlement is conferred per paid subscription.
Ironclad CLM User Types
Requester Seats have the ability to:
- Create contract requests using workflow launch forms
- View, comment on, upload/download drafts, and search for contracts
- Approve contracts that they have launched
- Sign contracts
Standard Seats are for business users who interact with all aspects of the Ironclad platform, but do not make changes to admin settings or workflow configurations. In addition to the abilities of Requester Seats, they have the ability to:
- Edit contracts using Ironclad Editor, including the ability to redline documents or draft new clauses using AI Assist, powered by OpenAI
- Be designated as a workflow approver for any contracts in Workflow Designer
- Search, view, and upload contracts in the Repository and create custom Repository and Dashboard views
- Create and view reports in Insights
Administrator Seats have full access to Ironclad's platform, allowing them to control user permissions, workflow configurations, integrations, and other admin settings. In addition to the abilities of Standard Seats, they have the ability to:
- Create and maintain workflow configurations in Workflow Designer
- Manage Groups, API Access, User Management, and Integration settings
Note: For all user types, a user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Ironclad CLM Add-ons
Ironclad's Coupa Integration streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition request
- Automatically approve workflows in Ironclad based on Coupa approvals
- Automatically hold purchase order generation until a contract is executed in Ironclad
Ironclad's Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange, and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from within Salesforce using a custom Lightning Web Component and map Salesforce fields to Ironclad workflow attributes
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object
- Launch a workflow in Ironclad from a list of vendors pulled in from OneTrust
- Map specific metadata from OneTrust on the vendor that you want to include on specific workflows
- Launch a new engagement in OneTrust for that vendor
- Create a new vendor in OneTrust and prevent approvals of the contract prior to the vendor being approved in OneTrust
API Access: API Access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here. Purchasing API Access is required for any API use beyond the basic Okta and SCIM integrations included with Ironclad CLM. API Access does not include access to Ironclad Signature API endpoints.
Additional API calls: Additional API calls beyond the standard number that comes with API Access.
Additional Smart Import Uploads: Additional Smart Import uploads beyond the annual imports that come with an Ironclad CLM subscription.
Non-production Separate Instance: Ironclad instance for non-production uses such as training and testing.
Use of Ironclad's EU data center: Ironclad's European Union data center is based in Belgium with a backup center in Germany. This data center allows EU customers to store their data locally within the EU.
Additional 1TB of Storage: Additional storage beyond the standard 1 TB amount.
- Adapt the quality and accuracy of AI results as well as improve the ability to understand any unique data and domain knowledge and context. 10 Custom AI clauses are included.
- Train and fine-tune Ironclad AI models for improved performance on customers’ most important clauses & provisions. Available to all Ironclad customers (NA & EUDC).
Ironclad Signature
- Application: When completed via the Ironclad Application (i.e. Ironclad CLM), a contract is “completed” when all signatures (acceptances) are collected and at least 1 signature (acceptance) is captured with Ironclad Signature. Note: this is only available with Ironclad CLM.
- API: When completed via the Ironclad API (i.e. Activity API, Embedded Clickwrap), a completed contract includes up to ten (10) agreed events per session per signer. An agreed event occurs when a signer checks an embedded clickwrap checkbox or a separate template is agreed to per checkbox (eg, 2 templates are linked to 1 checkbox equals 2 agreed events). Note: this is only available with the Ironclad Acceptance API Access Fee.
- API (Application programming interface) access: Activity and REST APIs that facilitate document generation and acceptance functionality programmatically. API use is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here. SDKs are also available.
- Embedded Clickwrap application: A web application that supports the creation and management of documents that can be rendered natively in external systems.
- JavaScript Snippet: A code snippet that enables rendering documents natively in external systems.
- Snapshots: Configure, manage, and capture visual evidence of documents rendered in external systems.
- Legal Centers: Web pages that Ironclad generates automatically to present legal contracts. They provide the ability to manage, publish, and host legal terms online and incorporate them by reference in other documents. One (1) legal center on a standard domain is included.
Ironclad Public Workflows
Ironclad’s Public Workflows (Standard) facilitate self-service contract generation and presentation via a publicly hosted URL. Public Workflows are triggered by a launch form and accepted using Ironclad Signature or an integrated eSignature provider.
Ironclad Legal Centers
Legal Centers provide the ability to manage, publish, and host legal terms online and incorporate them by reference in other documents. Package includes:
- 1 Legal Center link
- Branding with company logo
- Standard domain (No HTML/CSS customization)
Success Plans
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 8 hours
- P2: 24 hours
- P3: 48 hours
The Priority Success Plan helps you achieve your goals with self-guided resources and accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 6 hours
- P2: 12 hours
- P3: 24 hours
The Premier Success Plan provides you with access to success management assistance for adoption guidance during business hours as well as accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager to assist with adoption, best practices, and use-case optimization on the Ironclad platform. This includes 1:1 account and optimization reviews 2-3 times per year, in addition to an annual business review.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 2 hours
- P1: 4 hours
- P2: 12 hours
- P3: 24 hours
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring and adoption guidance.
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager for ongoing 1:1 personalized and recurring planning sessions, business reviews, and joint success plans centered around strategic goals and performance metrics.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases and live chat.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 1 hour
- P1: 2 hours
- P2: 4 hours
- P3: 8 hours
For all Success Plans, the following definitions apply:
- P0 - Ironclad production issue affecting all users, including system unavailability and data integrity issues with no workaround available. Software is materially non-functional.
- P1 - Significant or ongoing interruptions of use of critical software functions with no acceptable workaround available.
- P2 - Minor or limited interruptions of use of a non-critical software function. Issue affecting some but not all users. Short-term workaround is available.
- P3 - General questions and issues pertaining to the software. Information requested about software capabilities, usability, deployment or configuration.
Effective March 12th 2024 to May 17th 2024
DownloadTable of Contents
Ironclad CLM
Ironclad CLM provides access to create, manage, and store contracts. CLM also automatically extracts important contract data for verification when a customer uploads contracts to their repository. Includes API access for Okta and SCIM integrations.
- The Smart Import Uploads entitlement resets each year and unused uploads do not roll over from the previous year.
- The signature packet entitlement is conferred per paid subscription.
- The Custom AI Clauses entitlement is conferred per paid subscription.
Ironclad CLM User Types
Requester Seats have the ability to:
- Create contract requests using workflow launch forms
- View, comment on, upload/download drafts, and search for contracts
- Approve contracts that they have launched
- Sign contracts
Standard Seats are for business users who interact with all aspects of the Ironclad platform, but do not make changes to admin settings or workflow configurations. In addition to the abilities of Requester Seats, they have the ability to:
- Edit contracts using Ironclad Editor, including the ability to redline documents or draft new clauses using AI Assist, powered by OpenAI
- Be designated as a workflow approver for any contracts in Workflow Designer
- Search, view, and upload contracts in the Repository and create custom Repository and Dashboard views
- Create and view reports in Insights
Administrator Seats have full access to Ironclad's platform, allowing them to control user permissions, workflow configurations, integrations, and other admin settings. In addition to the abilities of Standard Seats, they have the ability to:
- Create and maintain workflow configurations in Workflow Designer
- Manage Groups, API Access, User Management, and Integration settings
Note: For all user types, a user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Ironclad CLM Add-ons
Ironclad's Coupa Integration streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition request
- Automatically approve workflows in Ironclad based on Coupa approvals
- Automatically hold purchase order generation until a contract is executed in Ironclad
Ironclad's Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange, and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from within Salesforce using a custom Lightning Web Component and map Salesforce fields to Ironclad workflow attributes
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object
- Launch a workflow in Ironclad from a list of vendors pulled in from OneTrust
- Map specific metadata from OneTrust on the vendor that you want to include on specific workflows
- Launch a new engagement in OneTrust for that vendor
- Create a new vendor in OneTrust and prevent approvals of the contract prior to the vendor being approved in OneTrust
API Access: API Access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here. Purchasing API Access is required for any API use beyond the basic Okta and SCIM integrations included with Ironclad CLM. API Access does not include access to Ironclad Clickwrap API endpoints.
Additional API calls: Additional API calls beyond the standard number that comes with API Access.
Additional Smart Import Uploads: Additional Smart Import uploads beyond the annual imports that come with an Ironclad CLM subscription.
Non-production Separate Instance: Ironclad instance for non-production uses such as training and testing.
Use of Ironclad's EU data center: Ironclad's European Union data center is based in Belgium with a backup center in Germany. This data center allows EU customers to store their data locally within the EU.
Additional 1TB of Storage: Additional storage beyond the standard 1 TB amount.
- Adapt the quality and accuracy of AI results as well as improve the ability to understand any unique data and domain knowledge and context. 10 Custom AI clauses are included.
- Train and fine-tune Ironclad AI models for improved performance on customers’ most important clauses & provisions. Available to all Ironclad customers (NA & EUDC).
Ironclad Public Workflows
Ironclad’s Public Workflows (Standard) facilitate self-service contract generation and presentation via a publicly hosted URL. Public Workflows are triggered by a launch form and accepted using Ironclad Signature or an integrated eSignature provider.
Ironclad Legal Centers
Legal Centers provide the ability to manage, publish, and host legal terms online and incorporate them by reference in other documents. Package includes:
- 1 Legal Center link
- Branding with company logo
- Standard domain (No HTML/CSS customization)
Ironclad Clickwrap
Ironclad Clickwrap editions vary in features offered and may include access to some or all of the following:
- Embedded Contracts: Your license will include access to embedded contracts
- API (Application programming interface): Ironclad Clickwrap provides activity and REST APIs for customers to access clickwrap functionalities programmatically. API use is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here.
- JavaScript Snippet: The code snippet to be embedded on the customer website to display clickwrap agreements
- SDK (Software development kit): SDKs are wrapper for customers to access Ironclad Clickwrap APIs in their programming languages
- Snapshots: Snapshots allows users to configure, manage, and capture visual evidence of the clickwrap acceptance records
- Legal Centers: Web pages that Ironclad Clickwrap generates automatically to present your legal contracts
- Public Workflows: Self-service, publicly hosted contracts triggered by a launch form and accepted either using Click-to-Accept or an integration with an esignature provider
- Static Clickwrap records: Electronic records of acceptance that are created by Embedded Contracts that have no dynamic fields or conditions in the contract
- Dynamic Clickwrap records: Electronic records of acceptance that are created by Embedded Contracts that do have dynamic fields or conditions in the contract
Higher tier packages also include features like additional API access, dynamic and multi-language clickwrap agreements, custom branding and domains, Snapshot automation, developer sandboxes, and more.
Additional entitlements can be purchased, and are outlined in the section “Ironclad Clickwrap Add-Ons”.
Ironclad Clickwrap Add-ons
Additional Static Clickwrap records provide additional Static Clickwrap records that are created and stored. These additional records are bought on an annual basis and must be used within the term of the Ironclad Clickwrap subscription.
Additional Dynamic Clickwrap records provide additional Dynamic Clickwrap records that are created and stored. These additional records are bought on an annual basis and must be used within the term of the Ironclad Clickwrap subscription.
Custom Service Level Agreement provides customers on Ironclad Clickwrap Professional and Enterprise a guaranteed level of system availability.
Success Plans
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 8 hours
- P2: 24 hours
- P3: 48 hours
The Priority Success Plan helps you achieve your goals with self-guided resources and accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 6 hours
- P2: 12 hours
- P3: 24 hours
The Premier Success Plan provides you with access to success management assistance for adoption guidance during business hours as well as accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager to assist with adoption, best practices, and use-case optimization on the Ironclad platform. This includes 1:1 account and optimization reviews 2-3 times per year, in addition to an annual business review.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 2 hours
- P1: 4 hours
- P2: 12 hours
- P3: 24 hours
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring and adoption guidance.
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager for ongoing 1:1 personalized and recurring planning sessions, business reviews, and joint success plans centered around strategic goals and performance metrics.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases and live chat.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 1 hour
- P1: 2 hours
- P2: 4 hours
- P3: 8 hours
For all Success Plans, the following definitions apply:
- P0 - Ironclad production issue affecting all users, including system unavailability and data integrity issues with no workaround available. Software is materially non-functional.
- P1 - Significant or ongoing interruptions of use of critical software functions with no acceptable workaround available.
- P2 - Minor or limited interruptions of use of a non-critical software function. Issue affecting some but not all users. Short-term workaround is available.
- P3 - General questions and issues pertaining to the software. Information requested about software capabilities, usability, deployment or configuration.
Effective March 9th 2024 to March 12th 2024
DownloadTable of Contents
Ironclad CLM
Ironclad CLM provides access to create, manage, and store contracts. CLM also automatically extracts important contract data for verification when a customer uploads contracts to their repository. Includes API access for Okta and SCIM integrations.
- The Smart Import Uploads entitlement resets each year and unused uploads do not roll over from the previous year.
- The signature packet entitlement is conferred per paid subscription.
- The Custom AI Clauses entitlement is conferred per paid subscription.
Ironclad CLM User Types
Requester Seats have the ability to:
- Create contract requests using workflow launch forms
- View, comment on, upload/download drafts, and search for contracts
- Approve contracts that they have launched
- Sign contracts
Standard Seats are for business users who interact with all aspects of the Ironclad platform, but do not make changes to admin settings or workflow configurations. In addition to the abilities of Requester Seats, they have the ability to:
- Edit contracts using Ironclad Editor, including the ability to redline documents or draft new clauses using AI Assist, powered by OpenAI
- Be designated as a workflow approver for any contracts in Workflow Designer
- Search, view, and upload contracts in the Repository and create custom Repository and Dashboard views
- Create and view reports in Insights
Administrator Seats have full access to Ironclad's platform, allowing them to control user permissions, workflow configurations, integrations, and other admin settings. In addition to the abilities of Standard Seats, they have the ability to:
- Create and maintain workflow configurations in Workflow Designer
- Manage Groups, API Access, User Management, and Integration settings
Note: For all user types, a user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Ironclad CLM Add-ons
Ironclad's Coupa Integration streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition request
- Automatically approve workflows in Ironclad based on Coupa approvals
- Automatically hold purchase order generation until a contract is executed in Ironclad
Ironclad's Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange, and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from within Salesforce using a custom Lightning Web Component and map Salesforce fields to Ironclad workflow attributes
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object
- Launch a workflow in Ironclad from a list of vendors pulled in from OneTrust
- Map specific metadata from OneTrust on the vendor that you want to include on specific workflows
- Launch a new engagement in OneTrust for that vendor
- Create a new vendor in OneTrust and prevent approvals of the contract prior to the vendor being approved in OneTrust
API Access: API Access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here. Purchasing API Access is required for any API use beyond the basic Okta and SCIM integrations included with Ironclad CLM. API Access does not include access to Ironclad Clickwrap API endpoints.
Additional API calls: Additional API calls beyond the standard number that comes with API Access.
Additional Smart Import Uploads: Additional Smart Import uploads beyond the annual imports that come with an Ironclad CLM subscription.
Non-production Separate Instance: Ironclad instance for non-production uses such as training and testing.
Use of Ironclad's EU data center: Ironclad's European Union data center is based in Belgium with a backup center in Germany. This data center allows EU customers to store their data locally within the EU.
Additional 1TB of Storage: Additional storage beyond the standard 1 TB amount.
- Adapt the quality and accuracy of AI results as well as improve the ability to understand any unique data and domain knowledge and context. 10 Custom AI clauses are included.
- Train and fine-tune Ironclad AI models for improved performance on customers’ most important clauses & provisions. Available to all Ironclad customers (NA & EUDC).
Ironclad Public Workflows
Ironclad's Public Workflows subscription include self-service, publicly hosted contracts triggered by a launch form and accepted either using Click-to-Accept (CTA) or an integration with an esignature provider. Ironclad’s Public Workflows subscription includes 1,200 completed CTAs and 2 Administrator Seats, which give users full access to Ironclad's platform, allowing them to control the user permissions, workflow configurations, integrations, and other settings needed to set up and maintain public workflows.
Ironclad Public Workflow Add-ons
Additional Click-to-Accepts: Additional CTAs beyond the annual CTAs that come with your Public Workflow package.
Ironclad Legal Centers
Legal Centers provide the ability to manage, publish, and host legal terms online and incorporate them by reference in other documents. Package includes:
- 1 Legal Center link
- Branding with company logo
- Standard domain (No HTML/CSS customization)
Ironclad Clickwrap
Ironclad Clickwrap editions vary in features offered and may include access to some or all of the following:
- Embedded Contracts: Your license will include access to embedded contracts
- API (Application programming interface): Ironclad Clickwrap provides activity and REST APIs for customers to access clickwrap functionalities programmatically. API use is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here.
- JavaScript Snippet: The code snippet to be embedded on the customer website to display clickwrap agreements
- SDK (Software development kit): SDKs are wrapper for customers to access Ironclad Clickwrap APIs in their programming languages
- Snapshots: Snapshots allows users to configure, manage, and capture visual evidence of the clickwrap acceptance records
- Legal Centers: Web pages that Ironclad Clickwrap generates automatically to present your legal contracts
- Public Workflows: Self-service, publicly hosted contracts triggered by a launch form and accepted either using Click-to-Accept or an integration with an esignature provider
- Static Clickwrap records: Electronic records of acceptance that are created by Embedded Contracts that have no dynamic fields or conditions in the contract
- Dynamic Clickwrap records: Electronic records of acceptance that are created by Embedded Contracts that do have dynamic fields or conditions in the contract
Higher tier packages also include features like additional API access, dynamic and multi-language clickwrap agreements, custom branding and domains, Snapshot automation, developer sandboxes, and more.
Additional entitlements can be purchased, and are outlined in the section “Ironclad Clickwrap Add-Ons”.
Ironclad Clickwrap Add-ons
Additional Static Clickwrap records provide additional Static Clickwrap records that are created and stored. These additional records are bought on an annual basis and must be used within the term of the Ironclad Clickwrap subscription.
Additional Dynamic Clickwrap records provide additional Dynamic Clickwrap records that are created and stored. These additional records are bought on an annual basis and must be used within the term of the Ironclad Clickwrap subscription.
Custom Service Level Agreement provides customers on Ironclad Clickwrap Professional and Enterprise a guaranteed level of system availability.
Success Plans
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 8 hours
- P2: 24 hours
- P3: 48 hours
The Priority Success Plan helps you achieve your goals with self-guided resources and accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 6 hours
- P2: 12 hours
- P3: 24 hours
The Premier Success Plan provides you with access to success management assistance for adoption guidance during business hours as well as accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager to assist with adoption, best practices, and use-case optimization on the Ironclad platform. This includes 1:1 account and optimization reviews 2-3 times per year, in addition to an annual business review.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 2 hours
- P1: 4 hours
- P2: 12 hours
- P3: 24 hours
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring and adoption guidance.
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager for ongoing 1:1 personalized and recurring planning sessions, business reviews, and joint success plans centered around strategic goals and performance metrics.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases and live chat.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 1 hour
- P1: 2 hours
- P2: 4 hours
- P3: 8 hours
For all Success Plans, the following definitions apply:
- P0 - Ironclad production issue affecting all users, including system unavailability and data integrity issues with no workaround available. Software is materially non-functional.
- P1 - Significant or ongoing interruptions of use of critical software functions with no acceptable workaround available.
- P2 - Minor or limited interruptions of use of a non-critical software function. Issue affecting some but not all users. Short-term workaround is available.
- P3 - General questions and issues pertaining to the software. Information requested about software capabilities, usability, deployment or configuration.
Effective February 6th 2024 to March 9th 2024
DownloadTable of Contents
Ironclad CLM
Ironclad CLM provides access to create, manage, and store contracts. CLM also automatically extracts important contract data for verification when a customer uploads contracts to their repository. Includes API access for Okta and SCIM integrations.
Ironclad CLM User Types
Requester Seats have the ability to:
- Create contract requests using workflow launch forms
- View, comment on, upload/download drafts, and search for contracts
- Approve contracts that they have launched
- Sign contracts
Standard Seats are for business users who interact with all aspects of the Ironclad platform, but do not make changes to admin settings or workflow configurations. In addition to the abilities of Requester Seats, they have the ability to:
- Edit contracts using Ironclad Editor, including the ability to redline documents or draft new clauses using AI Assist, powered by OpenAI
- Be designated as a workflow approver for any contracts in Workflow Designer
- Search, view, and upload contracts in the Repository and create custom Repository and Dashboard views
- Create and view reports in Insights
Administrator Seats have full access to Ironclad's platform, allowing them to control user permissions, workflow configurations, integrations, and other admin settings. In addition to the abilities of Standard Seats, they have the ability to:
- Create and maintain workflow configurations in Workflow Designer
- Manage Groups, API Access, User Management, and Integration settings
Note: For all user types, a user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Ironclad CLM Add-ons
Ironclad's Coupa Integration streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition request
- Automatically approve workflows in Ironclad based on Coupa approvals
- Automatically hold purchase order generation until a contract is executed in Ironclad
Ironclad's Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange, and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from within Salesforce using a custom Lightning Web Component and map Salesforce fields to Ironclad workflow attributes
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object
- Launch a workflow in Ironclad from a list of vendors pulled in from OneTrust
- Map specific metadata from OneTrust on the vendor that you want to include on specific workflows
- Launch a new engagement in OneTrust for that vendor
- Create a new vendor in OneTrust and prevent approvals of the contract prior to the vendor being approved in OneTrust
API Access: API Access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here. Purchasing API Access is required for any API use beyond the basic Okta and SCIM integrations included with Ironclad CLM. API Access does not include access to Ironclad Clickwrap API endpoints.
Additional API calls: Additional API calls beyond the standard number that comes with API Access.
Additional Smart Import Uploads: Additional Smart Import uploads beyond the annual imports that come with an Ironclad CLM subscription.
Non-production Separate Instance: Ironclad instance for non-production uses such as training and testing.
Use of Ironclad's EU data center: Ironclad's European Union data center is based in Belgium with a backup center in Germany. This data center allows EU customers to store their data locally within the EU.
Additional 1TB of Storage: Additional storage beyond the standard 1 TB amount.
- Adapt the quality and accuracy of AI results as well as improve the ability to understand any unique data and domain knowledge and context. 10 Custom AI clauses are included.
- Train and fine-tune Ironclad AI models for improved performance on customers’ most important clauses & provisions. Available to all Ironclad customers (NA & EUDC).
Ironclad Public Workflows
Ironclad's Public Workflows subscription include self-service, publicly hosted contracts triggered by a launch form and accepted either using Click-to-Accept (CTA) or an integration with an esignature provider. Ironclad’s Public Workflows subscription includes 1,200 completed CTAs and 2 Administrator Seats, which give users full access to Ironclad's platform, allowing them to control the user permissions, workflow configurations, integrations, and other settings needed to set up and maintain public workflows.
Ironclad Public Workflow Add-ons
Additional Click-to-Accepts: Additional CTAs beyond the annual CTAs that come with your Public Workflow package.
Ironclad Legal Centers
Legal Centers provide the ability to manage, publish, and host legal terms online and incorporate them by reference in other documents. Package includes:
- 1 Legal Center link
- Branding with company logo
- Standard domain (No HTML/CSS customization)
Ironclad Clickwrap
Ironclad Clickwrap editions vary in features offered and may include access to some or all of the following:
- Embedded Contracts: Your license will include access to embedded contracts
- API (Application programming interface): Ironclad Clickwrap provides activity and REST APIs for customers to access clickwrap functionalities programmatically. API use is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here.
- JavaScript Snippet: The code snippet to be embedded on the customer website to display clickwrap agreements
- SDK (Software development kit): SDKs are wrapper for customers to access Ironclad Clickwrap APIs in their programming languages
- Snapshots: Snapshots allows users to configure, manage, and capture visual evidence of the clickwrap acceptance records
- Legal Centers: Web pages that Ironclad Clickwrap generates automatically to present your legal contracts
- Public Workflows: Self-service, publicly hosted contracts triggered by a launch form and accepted either using Click-to-Accept or an integration with an esignature provider
- Static Clickwrap records: Electronic records of acceptance that are created by Embedded Contracts that have no dynamic fields or conditions in the contract
- Dynamic Clickwrap records: Electronic records of acceptance that are created by Embedded Contracts that do have dynamic fields or conditions in the contract
Higher tier packages also include features like additional API access, dynamic and multi-language clickwrap agreements, custom branding and domains, Snapshot automation, developer sandboxes, and more.
Additional entitlements can be purchased, and are outlined in the section “Ironclad Clickwrap Add-Ons”.
Ironclad Clickwrap Add-ons
Additional Static Clickwrap records provide additional Static Clickwrap records that are created and stored. These additional records are bought on an annual basis and must be used within the term of the Ironclad Clickwrap subscription.
Additional Dynamic Clickwrap records provide additional Dynamic Clickwrap records that are created and stored. These additional records are bought on an annual basis and must be used within the term of the Ironclad Clickwrap subscription.
Custom Service Level Agreement provides customers on Ironclad Clickwrap Professional and Enterprise a guaranteed level of system availability.
Success Plans
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 8 hours
- P2: 24 hours
- P3: 48 hours
The Priority Success Plan helps you achieve your goals with self-guided resources and accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 6 hours
- P2: 12 hours
- P3: 24 hours
The Premier Success Plan provides you with access to success management assistance for adoption guidance during business hours as well as accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager to assist with adoption, best practices, and use-case optimization on the Ironclad platform. This includes 1:1 account and optimization reviews 2-3 times per year, in addition to an annual business review.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 2 hours
- P1: 4 hours
- P2: 12 hours
- P3: 24 hours
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring and adoption guidance.
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager for ongoing 1:1 personalized and recurring planning sessions, business reviews, and joint success plans centered around strategic goals and performance metrics.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases and live chat.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 1 hour
- P1: 2 hours
- P2: 4 hours
- P3: 8 hours
For all Success Plans, the following definitions apply:
- P0 - Ironclad production issue affecting all users, including system unavailability and data integrity issues with no workaround available. Software is materially non-functional.
- P1 - Significant or ongoing interruptions of use of critical software functions with no acceptable workaround available.
- P2 - Minor or limited interruptions of use of a non-critical software function. Issue affecting some but not all users. Short-term workaround is available.
- P3 - General questions and issues pertaining to the software. Information requested about software capabilities, usability, deployment or configuration.
Effective January 5th 2024 to February 6th 2024
DownloadTable of Contents
Ironclad CLM
Ironclad CLM provides access to create, manage, and store contracts. CLM also automatically extracts important contract data for verification when a customer uploads contracts to their repository. Includes API access for Okta and SCIM integrations.
Ironclad CLM User Types
Requester Seats have the ability to:
- Create contract requests using workflow launch forms
- View, comment on, upload/download drafts, and search for contracts
- Approve contracts that they have launched
- Sign contracts
Standard Seats are for business users who interact with all aspects of the Ironclad platform, but do not make changes to admin settings or workflow configurations. In addition to the abilities of Requester Seats, they have the ability to:
- Edit contracts using Ironclad Editor, including the ability to redline documents or draft new clauses using AI Assist, powered by OpenAI
- Be designated as a workflow approver for any contracts in Workflow Designer
- Search, view, and upload contracts in the Repository and create custom Repository and Dashboard views
- Create and view reports in Insights
Administrator Seats have full access to Ironclad's platform, allowing them to control user permissions, workflow configurations, integrations, and other admin settings. In addition to the abilities of Standard Seats, they have the ability to:
- Create and maintain workflow configurations in Workflow Designer
- Manage Groups, API Access, User Management, and Integration settings
Note: For all user types, a user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Ironclad CLM Add-ons
Ironclad's Coupa Integration streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition request
- Automatically approve workflows in Ironclad based on Coupa approvals
- Automatically hold purchase order generation until a contract is executed in Ironclad
Ironclad's Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange, and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from within Salesforce using a custom Lightning Web Component and map Salesforce fields to Ironclad workflow attributes
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object
- Launch a workflow in Ironclad from a list of vendors pulled in from OneTrust
- Map specific metadata from OneTrust on the vendor that you want to include on specific workflows
- Launch a new engagement in OneTrust for that vendor
- Create a new vendor in OneTrust and prevent approvals of the contract prior to the vendor being approved in OneTrust
API Access: API Access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here. Purchasing API Access is required for any API use beyond the basic Okta and SCIM integrations included with Ironclad CLM. API Access does not include access to Ironclad Clickwrap API endpoints.
Additional API calls: Additional API calls beyond the standard number that comes with API Access.
Additional Smart Import Uploads: Additional Smart Import uploads beyond the annual imports that come with an Ironclad CLM subscription.
Non-production Separate Instance: Ironclad instance for non-production uses such as training and testing.
Use of Ironclad's EU data center: Ironclad's European Union data center is based in Belgium with a backup center in Germany. This data center allows EU customers to store their data locally within the EU.
Additional 1TB of Storage: Additional storage beyond the standard 1 TB amount.
- Adapt the quality and accuracy of AI results as well as improve the ability to understand any unique data and domain knowledge and context. 10 Custom AI clauses are included.
- Train and fine-tune Ironclad AI models for improved performance on customers’ most important clauses & provisions. Available to all Ironclad customers (NA & EUDC).
Ironclad Public Workflows
Ironclad's Public Workflows include self-service, publicly hosted contracts triggered by a launch form and accepted either using Click-to-Accept or an integration with an esignature provider. Ironclad’s Public Workflows come with 2 Administrator seats, which give users full access to Ironclad's platform, allowing them to control the user permissions, workflow configurations, integrations, and other settings needed to set up and maintain public workflows.
Ironclad Public Workflow Add-ons
Additional Click-to-Accepts (CTAs): Additional CTAs beyond the annual CTAs that come with your Public Workflow package.
Ironclad Legal Centers
Legal Centers provide the ability to manage, publish, and host legal terms online and incorporate them by reference in other documents. Package includes:
- 1 Legal Center link
- Branding with company logo
- Standard domain (No HTML/CSS customization)
Ironclad Clickwrap
Ironclad Clickwrap editions vary in features offered and may include access to some or all of the following:
- Embedded Contracts: Your license will include access to embedded contracts
- API (Application programming interface): Ironclad Clickwrap provides activity and REST APIs for customers to access clickwrap functionalities programmatically. API use is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here.
- JavaScript Snippet: The code snippet to be embedded on the customer website to display clickwrap agreements
- SDK (Software development kit): SDKs are wrapper for customers to access Ironclad Clickwrap APIs in their programming languages
- Snapshots: Snapshots allows users to configure, manage, and capture visual evidence of the clickwrap acceptance records
- Legal Centers: Web pages that Ironclad Clickwrap generates automatically to present your legal contracts
- Public Workflows: Self-service, publicly hosted contracts triggered by a launch form and accepted either using Click-to-Accept or an integration with an esignature provider
- Static Clickwrap records: Electronic records of acceptance that are created by Embedded Contracts that have no dynamic fields or conditions in the contract
- Dynamic Clickwrap records: Electronic records of acceptance that are created by Embedded Contracts that do have dynamic fields or conditions in the contract
Higher tier packages also include features like additional API access, dynamic and multi-language clickwrap agreements, custom branding and domains, Snapshot automation, developer sandboxes, and more.
Additional entitlements can be purchased, and are outlined in the section “Ironclad Clickwrap Add-Ons”.
Ironclad Clickwrap Add-ons
Additional Static Clickwrap records provide additional Static Clickwrap records that are created and stored. These additional records are bought on an annual basis and must be used within the term of the Ironclad Clickwrap subscription.
Additional Dynamic Clickwrap records provide additional Dynamic Clickwrap records that are created and stored. These additional records are bought on an annual basis and must be used within the term of the Ironclad Clickwrap subscription.
Custom Service Level Agreement provides customers on Ironclad Clickwrap Professional and Enterprise a guaranteed level of system availability.
Success Plans
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 8 hours
- P2: 24 hours
- P3: 48 hours
The Priority Success Plan helps you achieve your goals with self-guided resources and accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 6 hours
- P2: 12 hours
- P3: 24 hours
The Premier Success Plan provides you with access to success management assistance for adoption guidance during business hours as well as accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager to assist with adoption, best practices, and use-case optimization on the Ironclad platform. This includes 1:1 account and optimization reviews 2-3 times per year, in addition to an annual business review.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 2 hours
- P1: 4 hours
- P2: 12 hours
- P3: 24 hours
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring and adoption guidance.
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager for ongoing 1:1 personalized and recurring planning sessions, business reviews, and joint success plans centered around strategic goals and performance metrics.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases and live chat.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 1 hour
- P1: 2 hours
- P2: 4 hours
- P3: 8 hours
For all Success Plans, the following definitions apply:
- P0 - Ironclad production issue affecting all users, including system unavailability and data integrity issues with no workaround available. Software is materially non-functional.
- P1 - Significant or ongoing interruptions of use of critical software functions with no acceptable workaround available.
- P2 - Minor or limited interruptions of use of a non-critical software function. Issue affecting some but not all users. Short-term workaround is available.
- P3 - General questions and issues pertaining to the software. Information requested about software capabilities, usability, deployment or configuration.
Effective November 8th 2023 to January 5th 2024
DownloadTable of Contents
Ironclad CLM
Ironclad CLM provides access to create, manage, and store contracts. CLM also automatically extracts important contract data for verification when a customer uploads contracts to their repository. Includes API access for Okta and SCIM integrations.
Ironclad CLM User Types
Requester Seats have the ability to:
- Create contract requests using workflow launch forms
- View, comment on, upload/download drafts, and search for contracts
- Approve contracts that they have launched
- Sign contracts
Standard Seats are for business users who interact with all aspects of the Ironclad platform, but do not make changes to admin settings or workflow configurations. In addition to the abilities of Requester Seats, they have the ability to:
- Edit contracts using Ironclad Editor, including the ability to redline documents or draft new clauses using AI Assist, powered by OpenAI
- Be designated as a workflow approver for any contracts in Workflow Designer
- Search, view, and upload contracts in the Repository and create custom Repository and Dashboard views
- Create and view reports in Insights
Administrator Seats have full access to Ironclad's platform, allowing them to control user permissions, workflow configurations, integrations, and other admin settings. In addition to the abilities of Standard Seats, they have the ability to:
- Create and maintain workflow configurations in Workflow Designer
- Manage Groups, API Access, User Management, and Integration settings
Note: For all user types, a user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Ironclad CLM Add-ons
Ironclad's Coupa Integration streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition request
- Automatically approve workflows in Ironclad based on Coupa approvals
- Automatically hold purchase order generation until a contract is executed in Ironclad
Ironclad's Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange, and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from within Salesforce using a custom Lightning Web Component and map Salesforce fields to Ironclad workflow attributes
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object
- Launch a workflow in Ironclad from a list of vendors pulled in from OneTrust
- Map specific metadata from OneTrust on the vendor that you want to include on specific workflows
- Launch a new engagement in OneTrust for that vendor
- Create a new vendor in OneTrust and prevent approvals of the contract prior to the vendor being approved in OneTrust
API Access: API Access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here. Purchasing API Access is required for any API use beyond the basic Okta and SCIM integrations included with Ironclad CLM. API Access does not include access to Ironclad Clickwrap API endpoints.
Additional API calls: Additional API calls beyond the standard number that comes with API Access.
Additional Smart Import Uploads: Additional Smart Import uploads beyond the annual imports that come with an Ironclad CLM subscription.
Non-production Separate Instance: Ironclad instance for non-production uses such as training and testing.
Use of Ironclad's EU data center: Ironclad's European Union data center is based in Belgium with a backup center in Germany. This data center allows EU customers to store their data locally within the EU.
Additional 1TB of Storage: Additional storage beyond the standard 1 TB amount.
- Adapt the quality and accuracy of AI results as well as improve the ability to understand any unique data and domain knowledge and context. 100 Custom AI clauses are included.
- Train and fine-tune Ironclad AI models for improved performance on customers’ most important clauses & provisions. Available to all Ironclad customers (NA & EUDC).
Ironclad Public Workflows
Ironclad's Public Workflows include self-service, publicly hosted contracts triggered by a launch form and accepted either using Click-to-Accept or an integration with an esignature provider. Ironclad’s Public Workflows come with 2 Administrator seats, which give users full access to Ironclad's platform, allowing them to control the user permissions, workflow configurations, integrations, and other settings needed to set up and maintain public workflows.
Ironclad Public Workflow Add-ons
Additional Click-to-Accepts (CTAs): Additional CTAs beyond the annual CTAs that come with your Public Workflow package.
Ironclad Legal Centers
Legal Centers provide the ability to manage, publish, and host legal terms online and incorporate them by reference in other documents. Package includes:
- 1 Legal Center link
- Branding with company logo
- Standard domain (No HTML/CSS customization)
Ironclad Clickwrap
Ironclad Clickwrap editions vary in features offered and may include access to some or all of the following:
- Embedded Contracts: Your license will include access to embedded contracts
- API (Application programming interface): Ironclad Clickwrap provides activity and REST APIs for customers to access clickwrap functionalities programmatically. API use is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here.
- JavaScript Snippet: The code snippet to be embedded on the customer website to display clickwrap agreements
- SDK (Software development kit): SDKs are wrapper for customers to access Ironclad Clickwrap APIs in their programming languages
- Snapshots: Snapshots allows users to configure, manage, and capture visual evidence of the clickwrap acceptance records
- Legal Centers: Web pages that Ironclad Clickwrap generates automatically to present your legal contracts
- Public Workflows: Self-service, publicly hosted contracts triggered by a launch form and accepted either using Click-to-Accept or an integration with an esignature provider
- Static Clickwrap records: Electronic records of acceptance that are created by Embedded Contracts that have no dynamic fields or conditions in the contract
- Dynamic Clickwrap records: Electronic records of acceptance that are created by Embedded Contracts that do have dynamic fields or conditions in the contract
Higher tier packages also include features like additional API access, dynamic and multi-language clickwrap agreements, custom branding and domains, Snapshot automation, developer sandboxes, and more.
Additional entitlements can be purchased, and are outlined in the section “Ironclad Clickwrap Add-Ons”.
Ironclad Clickwrap Add-ons
Additional Static Clickwrap records provide additional Static Clickwrap records that are created and stored. These additional records are bought on an annual basis and must be used within the term of the Ironclad Clickwrap subscription.
Additional Dynamic Clickwrap records provide additional Dynamic Clickwrap records that are created and stored. These additional records are bought on an annual basis and must be used within the term of the Ironclad Clickwrap subscription.
Custom Service Level Agreement provides customers on Ironclad Clickwrap Professional and Enterprise a guaranteed level of system availability.
Success Plans
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 8 hours
- P2: 24 hours
- P3: 48 hours
The Priority Success Plan helps you achieve your goals with self-guided resources and accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 6 hours
- P2: 12 hours
- P3: 24 hours
The Premier Success Plan provides you with access to success management assistance for adoption guidance during business hours as well as accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager to assist with adoption, best practices, and use-case optimization on the Ironclad platform. This includes 1:1 account and optimization reviews 2-3 times per year, in addition to an annual business review.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 2 hours
- P1: 4 hours
- P2: 12 hours
- P3: 24 hours
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring and adoption guidance.
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager for ongoing 1:1 personalized and recurring planning sessions, business reviews, and joint success plans centered around strategic goals and performance metrics.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases and live chat.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 1 hour
- P1: 2 hours
- P2: 4 hours
- P3: 8 hours
For all Success Plans, the following definitions apply:
- P0 - Ironclad production issue affecting all users, including system unavailability and data integrity issues with no workaround available. Software is materially non-functional.
- P1 - Significant or ongoing interruptions of use of critical software functions with no acceptable workaround available.
- P2 - Minor or limited interruptions of use of a non-critical software function. Issue affecting some but not all users. Short-term workaround is available.
- P3 - General questions and issues pertaining to the software. Information requested about software capabilities, usability, deployment or configuration.
Effective October 19th 2023 to November 8th 2023
DownloadTable of Contents
Ironclad CLM
Ironclad CLM provides access to create, manage, and store contracts. CLM also automatically extracts important contract data for verification when a customer uploads contracts to their repository. Includes API access for Okta and SCIM integrations.
Ironclad CLM User Types
Requester Seats have the ability to:
- Create contract requests using workflow launch forms
- View, comment on, upload/download drafts, and search for contracts
- Approve contracts that they have launched
- Sign contracts
Standard Seats are for business users who interact with all aspects of the Ironclad platform, but do not make changes to admin settings or workflow configurations. In addition to the abilities of Requester Seats, they have the ability to:
- Edit contracts using Ironclad Editor, including the ability to redline documents or draft new clauses using AI Assist, powered by OpenAI
- Be designated as a workflow approver for any contracts in Workflow Designer
- Search, view, and upload contracts in the Repository and create custom Repository and Dashboard views
- Create and view reports in Insights
Administrator Seats have full access to Ironclad's platform, allowing them to control user permissions, workflow configurations, integrations, and other admin settings. In addition to the abilities of Standard Seats, they have the ability to:
- Create and maintain workflow configurations in Workflow Designer
- Manage Groups, API Access, User Management, and Integration settings
Note: For all user types, a user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Ironclad CLM Add-ons
Ironclad's Coupa Integration streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition request
- Automatically approve workflows in Ironclad based on Coupa approvals
- Automatically hold purchase order generation until a contract is executed in Ironclad
Ironclad's Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange, and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from within Salesforce using a custom Lightning Web Component and map Salesforce fields to Ironclad workflow attributes
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object
API Access: API Access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here. Purchasing API Access is required for any API use beyond the basic Okta and SCIM integrations included with Ironclad CLM. API Access does not include access to Ironclad Clickwrap API endpoints.
Additional API calls: Additional API calls beyond the standard number that comes with API Access.
Additional Smart Import Uploads: Additional Smart Import uploads beyond the annual imports that come with an Ironclad CLM subscription.
Non-production Separate Instance: Ironclad instance for non-production uses such as training and testing.
Use of Ironclad's EU data center: Ironclad's European Union data center is based in Belgium with a backup center in Germany. This data center allows EU customers to store their data locally within the EU.
Additional 1TB of Storage: Additional storage beyond the standard 1 TB amount.
Ironclad Public Workflows
Ironclad's Public Workflows include self-service, publicly hosted contracts triggered by a launch form and accepted either using Click-to-Accept or an integration with an esignature provider. Ironclad’s Public Workflows come with 2 Administrator seats, which give users full access to Ironclad's platform, allowing them to control the user permissions, workflow configurations, integrations, and other settings needed to set up and maintain public workflows.
Ironclad Public Workflow Add-ons
Additional Click-to-Accepts (CTAs): Additional CTAs beyond the annual CTAs that come with your Public Workflow package.
Ironclad Legal Centers
Legal Centers provide the ability to manage, publish, and host legal terms online and incorporate them by reference in other documents. Package includes:
- 1 Legal Center link
- Branding with company logo
- Standard domain (No HTML/CSS customization)
Ironclad Clickwrap
Ironclad Clickwrap editions vary in features offered and may include access to some or all of the following:
- Embedded Contracts: Your license will include access to embedded contracts
- API (Application programming interface): Ironclad Clickwrap provides activity and REST APIs for customers to access clickwrap functionalities programmatically. API use is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here.
- JavaScript Snippet: The code snippet to be embedded on the customer website to display clickwrap agreements
- SDK (Software development kit): SDKs are wrapper for customers to access Ironclad Clickwrap APIs in their programming languages
- Snapshots: Snapshots allows users to configure, manage, and capture visual evidence of the clickwrap acceptance records
- Legal Centers: Web pages that Ironclad Clickwrap generates automatically to present your legal contracts
- Public Workflows: Self-service, publicly hosted contracts triggered by a launch form and accepted either using Click-to-Accept or an integration with an esignature provider
- Static Clickwrap records: Electronic records of acceptance that are created by Embedded Contracts that have no dynamic fields or conditions in the contract
- Dynamic Clickwrap records: Electronic records of acceptance that are created by Embedded Contracts that do have dynamic fields or conditions in the contract
Higher tier packages also include features like additional API access, dynamic and multi-language clickwrap agreements, custom branding and domains, Snapshot automation, developer sandboxes, and more.
Additional entitlements can be purchased, and are outlined in the section “Ironclad Clickwrap Add-Ons”.
Ironclad Clickwrap Add-ons
Additional Static Clickwrap records provide additional Static Clickwrap records that are created and stored. These additional records are bought on an annual basis and must be used within the term of the Ironclad Clickwrap subscription.
Additional Dynamic Clickwrap records provide additional Dynamic Clickwrap records that are created and stored. These additional records are bought on an annual basis and must be used within the term of the Ironclad Clickwrap subscription.
Custom Service Level Agreement provides customers on Ironclad Clickwrap Professional and Enterprise a guaranteed level of system availability.
Success Plans
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 8 hours
- P2: 24 hours
- P3: 48 hours
The Priority Success Plan helps you achieve your goals with self-guided resources and accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 6 hours
- P2: 12 hours
- P3: 24 hours
The Premier Success Plan provides you with access to success management assistance for adoption guidance during business hours as well as accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager to assist with adoption, best practices, and use-case optimization on the Ironclad platform. This includes 1:1 account and optimization reviews 2-3 times per year, in addition to an annual business review.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 2 hours
- P1: 4 hours
- P2: 12 hours
- P3: 24 hours
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring and adoption guidance.
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager for ongoing 1:1 personalized and recurring planning sessions, business reviews, and joint success plans centered around strategic goals and performance metrics.
- Technical Support: Access to Ironclad Technical Support Experts, Monday - Friday from 8AM-8PM EST through written cases and live chat.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 1 hour
- P1: 2 hours
- P2: 4 hours
- P3: 8 hours
For all Success Plans, the following definitions apply:
- P0 - Ironclad production issue affecting all users, including system unavailability and data integrity issues with no workaround available. Software is materially non-functional.
- P1 - Significant or ongoing interruptions of use of critical software functions with no acceptable workaround available.
- P2 - Minor or limited interruptions of use of a non-critical software function. Issue affecting some but not all users. Short-term workaround is available.
- P3 - General questions and issues pertaining to the software. Information requested about software capabilities, usability, deployment or configuration.
Effective October 16th 2023 to October 19th 2023
DownloadTable of Contents
Ironclad CLM
Ironclad CLM provides access to create, manage, and store contracts. CLM also automatically extracts important contract data for verification when a customer uploads contracts to their repository. Includes API access for Okta and SCIM integrations.
Ironclad CLM User Types
Requester Seats have the ability to:
- Create contract requests using workflow launch forms
- View, comment on, upload/download drafts, and search for contracts
- Approve contracts that they have launched
- Sign contracts
Standard Seats are for business users who interact with all aspects of the Ironclad platform, but do not make changes to admin settings or workflow configurations. In addition to the abilities of Requester Seats, they have the ability to:
- Edit contracts using Ironclad Editor, including the ability to redline documents or draft new clauses using AI Assist, powered by OpenAI
- Be designated as a workflow approver for any contracts in Workflow Designer
- Search, view, and upload contracts in the Repository and create custom Repository and Dashboard views
- Create and view reports in Insights
Administrator Seats have full access to Ironclad's platform, allowing them to control user permissions, workflow configurations, integrations, and other admin settings. In addition to the abilities of Standard Seats, they have the ability to:
- Create and maintain workflow configurations in Workflow Designer
- Manage Groups, API Access, User Management, and Integration settings
Note: For all user types, a user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Ironclad CLM Add-ons
Ironclad's Coupa Integration streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition request
- Automatically approve workflows in Ironclad based on Coupa approvals
- Automatically hold purchase order generation until a contract is executed in Ironclad
Ironclad's Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange, and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from within Salesforce using a custom Lightning Web Component and map Salesforce fields to Ironclad workflow attributes
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object
API Access: API Access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here. Purchasing API Access is required for any API use beyond the basic Okta and SCIM integrations included with Ironclad CLM. API Access does not include access to Ironclad Clickwrap API endpoints.
Additional API calls: Additional API calls beyond the standard number that comes with API Access.
Additional Smart Import Uploads: Additional Smart Import uploads beyond the annual imports that come with an Ironclad CLM subscription.
Non-production Separate Instance: Ironclad instance for non-production uses such as training and testing.
Use of Ironclad's EU data center: Ironclad's European Union data center is based in Belgium with a backup center in Germany. This data center allows EU customers to store their data locally within the EU.
Additional 1TB of Storage: Additional storage beyond the standard 1 TB amount.
Ironclad Public Workflows
Ironclad's Public Workflows include self-service, publicly hosted contracts triggered by a launch form and accepted either using Click-to-Accept or an integration with an esignature provider. Ironclad’s Public Workflows come with 2 Administrator seats, which give users full access to Ironclad's platform, allowing them to control the user permissions, workflow configurations, integrations, and other settings needed to set up and maintain public workflows.
Ironclad Public Workflow Add-ons
Additional Click-to-Accepts (CTAs): Additional CTAs beyond the annual CTAs that come with your Public Workflow package.
Ironclad Legal Centers
Legal Centers provide the ability to manage, publish, and host legal terms online and incorporate them by reference in other documents. Package includes:
- 1 Legal Center link
- Branding with company logo
- Standard domain (No HTML/CSS customization)
Ironclad Clickwrap
Ironclad Clickwrap editions vary in features offered and may include access to some or all of the following:
- Embedded Contracts: Your license will include access to embedded contracts
- API (Application programming interface): Ironclad Clickwrap provides activity and REST APIs for customers to access clickwrap functionalities programmatically. API use is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here.
- JavaScript Snippet: The code snippet to be embedded on the customer website to display clickwrap agreements
- SDK (Software development kit): SDKs are wrapper for customers to access Ironclad Clickwrap APIs in their programming languages
- Snapshots: Snapshots allows users to configure, manage, and capture visual evidence of the clickwrap acceptance records
- Legal Centers: Web pages that Ironclad Clickwrap generates automatically to present your legal contracts
- Public Workflows: Self-service, publicly hosted contracts triggered by a launch form and accepted either using Click-to-Accept or an integration with an esignature provider
- Static Clickwrap records: Electronic records of acceptance that are created by Embedded Contracts that have no dynamic fields or conditions in the contract
- Dynamic Clickwrap records: Electronic records of acceptance that are created by Embedded Contracts that do have dynamic fields or conditions in the contract
Higher tier packages also include features like additional API access, dynamic and multi-language clickwrap agreements, custom branding and domains, Snapshot automation, developer sandboxes, and more.
Additional entitlements can be purchased, and are outlined in the section “Ironclad Clickwrap Add-Ons”.
Ironclad Clickwrap Add-ons
Additional Static Clickwrap records provide additional Static Clickwrap records that are created and stored. These additional records are bought on an annual basis and must be used within the term of the Ironclad Clickwrap subscription.
Additional Dynamic Clickwrap records provide additional Dynamic Clickwrap records that are created and stored. These additional records are bought on an annual basis and must be used within the term of the Ironclad Clickwrap subscription.
Custom Service Level Agreement provides customers on Ironclad Clickwrap Professional and Enterprise a guaranteed level of system availability.
Success Plans
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 8 hours
- P2: 24 hours
- P3: 48 hours
The Priority Success Plan helps you achieve your goals with self-guided resources and accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 6 hours
- P2: 12 hours
- P3: 24 hours
The Premier Success Plan provides you with access to success management assistance for adoption guidance during business hours as well as accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager to assist with adoption, best practices, and use-case optimization on the Ironclad platform. This includes 1:1 account and optimization reviews 2-3 times per year, in addition to an annual business review.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 2 hours
- P1: 4 hours
- P2: 12 hours
- P3: 24 hours
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring and adoption guidance.
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager for ongoing 1:1 personalized and recurring planning sessions, business reviews, and joint success plans centered around strategic goals and performance metrics.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases and live chat.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 1 hour
- P1: 2 hours
- P2: 4 hours
- P3: 8 hours
For all Success Plans, the following definitions apply:
- P0 - Ironclad production issue affecting all users, including system unavailability and data integrity issues with no workaround available. Software is materially non-functional.
- P1 - Significant or ongoing interruptions of use of critical software functions with no acceptable workaround available.
- P2 - Minor or limited interruptions of use of a non-critical software function. Issue affecting some but not all users. Short-term workaround is available.
- P3 - General questions and issues pertaining to the software. Information requested about software capabilities, usability, deployment or configuration.
Effective October 11th 2023 to October 16th 2023
DownloadTable of Contents
Ironclad CLM
Ironclad CLM provides access to create, manage, and store contracts. CLM also automatically extracts important contract data for verification when a customer uploads contracts to their repository. Includes API access for Okta and SCIM integrations.
Ironclad CLM User Types
Requester Seats have the ability to:
- Create contract requests using workflow launch forms
- View, comment on, upload/download drafts, and search for contracts
- Approve contracts that they have launched
- Sign contracts
Standard Seats are for business users who interact with all aspects of the Ironclad platform, but do not make changes to admin settings or workflow configurations. In addition to the abilities of Requester Seats, they have the ability to:
- Edit contracts using Ironclad Editor, including the ability to redline documents or draft new clauses using AI Assist, powered by OpenAI
- Be designated as a workflow approver for any contracts in Workflow Designer
- Search, view, and upload contracts in the Repository and create custom Repository and Dashboard views
- Create and view reports in Insights
Administrator Seats have full access to Ironclad's platform, allowing them to control user permissions, workflow configurations, integrations, and other admin settings. In addition to the abilities of Standard Seats, they have the ability to:
- Create and maintain workflow configurations in Workflow Designer
- Manage Groups, API Access, User Management, and Integration settings
Note: For all user types, a user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Ironclad CLM Add-ons
Ironclad's Coupa Integration streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition request
- Automatically approve workflows in Ironclad based on Coupa approvals
- Automatically hold purchase order generation until a contract is executed in Ironclad
Ironclad's Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange, and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from within Salesforce using a custom Lightning Web Component and map Salesforce fields to Ironclad workflow attributes
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object
API Access: API Access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here. Purchasing API Access is required for any API use beyond the basic Okta and SCIM integrations included with Ironclad CLM. API Access does not include access to Ironclad Clickwrap API endpoints.
Additional API calls: Additional API calls beyond the standard number that comes with API Access.
Additional Smart Import Uploads: Additional Smart Import uploads beyond the annual imports that come with an Ironclad CLM subscription.
Non-production Separate Instance: Ironclad instance for non-production uses such as training and testing.
Use of Ironclad's EU data center: Ironclad's European Union data center is based in Belgium with a backup center in Germany. This data center allows EU customers to store their data locally within the EU.
Additional 1TB of Storage: Additional storage beyond the standard 1 TB amount.
Ironclad Public Workflows
Ironclad's Public Workflows include self-service, publicly hosted contracts triggered by a launch form and accepted either using Click-to-Accept or an integration with an esignature provider. Ironclad’s Public Workflows come with 2 Administrator seats, which give users full access to Ironclad's platform, allowing them to control the user permissions, workflow configurations, integrations, and other settings needed to set up and maintain public workflows.
Ironclad Public Workflow Add-ons
Additional Click-to-Accepts (CTAs): Additional CTAs beyond the annual CTAs that come with your Public Workflow package.
Ironclad Legal Centers
Legal Centers provide the ability to manage, publish, and host legal terms online and incorporate them by reference in other documents. Package includes:
- 1 Legal Center link
- Branding with company logo
- Standard domain (No HTML/CSS customization)
Ironclad Clickwrap
Ironclad Clickwrap editions vary in features offered and may include access to some or all of the following:
- Embedded Contracts: Your license will include access to embedded contracts
- API (Application programming interface): Ironclad Clickwrap provides activity and REST APIs for customers to access clickwrap functionalities programmatically. API use is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here.
- JavaScript Snippet: The code snippet to be embedded on the customer website to display clickwrap agreements
- SDK (Software development kit): SDKs are wrapper for customers to access Ironclad Clickwrap APIs in their programming languages
- Snapshots: Snapshots allows users to configure, manage, and capture visual evidence of the clickwrap acceptance records
- Legal Centers: Web pages that Ironclad Clickwrap generates automatically to present your legal contracts
- Public Workflows: Self-service, publicly hosted contracts triggered by a launch form and accepted either using Click-to-Accept or an integration with an esignature provider
- Static Clickwrap records: Electronic records of acceptance that are created by Embedded Contracts that have no dynamic fields or conditions in the contract
- Dynamic Clickwrap records: Electronic records of acceptance that are created by Embedded Contracts that do have dynamic fields or conditions in the contract
Higher tier packages also include features like additional API access, dynamic and multi-language clickwrap agreements, custom branding and domains, Snapshot automation, developer sandboxes, and more.
Additional entitlements can be purchased, and are outlined in the section “Ironclad Clickwrap Add-Ons”.
Ironclad Clickwrap Add-ons
Additional Static Clickwrap records provide additional Static Clickwrap records that are created and stored. These additional records are bought on an annual basis and must be used within the term of the Ironclad Clickwrap subscription.
Additional Dynamic Clickwrap records provide additional Dynamic Clickwrap records that are created and stored. These additional records are bought on an annual basis and must be used within the term of the Ironclad Clickwrap subscription.
Custom Service Level Agreement provides customers on Ironclad Clickwrap Professional and Enterprise a guaranteed level of system availability.
Success Plans
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 8 hours
- P2: 24 hours
- P3: 48 hours
The Priority Success Plan helps you achieve your goals with self-guided resources and accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 6 hours
- P2: 12 hours
- P3: 24 hours
The Premier Success Plan provides you with access to success management assistance for adoption guidance during business hours as well as accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager to assist with adoption, best practices, and use-case optimization on the Ironclad platform. This includes 1:1 account and optimization reviews 2-3 times per year, in addition to an annual business review.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 2 hours
- P1: 4 hours
- P2: 12 hours
- P3: 24 hours
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring and adoption guidance.
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager for ongoing 1:1 personalized and recurring planning sessions, business reviews, and joint success plans centered around strategic goals and performance metrics.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases and live chat.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 1 hour
- P1: 2 hours
- P2: 4 hours
- P3: 8 hours
For all Success Plans, the following definitions apply:
- P0 - Ironclad production issue affecting all users, including system unavailability and data integrity issues with no workaround available. Software is materially non-functional.
- P1 - Significant or ongoing interruptions of use of critical software functions with no acceptable workaround available.
- P2 - Minor or limited interruptions of use of a non-critical software function. Issue affecting some but not all users. Short-term workaround is available.
- P3 - General questions and issues pertaining to the software. Information requested about software capabilities, usability, deployment or configuration.
Effective July 11th 2023 to October 11th 2023
DownloadTable of Contents
Ironclad CLM
Ironclad CLM provides access to create, manage, and store contracts. CLM also automatically extracts important contract data for verification when a customer uploads contracts to their repository. Includes API access for Okta and SCIM integrations.
Ironclad CLM User Types
Requester Seats have the ability to:
- Create contract requests using workflow launch forms
- View, comment on, upload/download drafts, and search for contracts
- Approve contracts that they have launched
- Sign contracts
Standard Seats are for business users who interact with all aspects of the Ironclad platform, but do not make changes to admin settings or workflow configurations. In addition to the abilities of Requester Seats, they have the ability to:
- Edit contracts using Ironclad Editor, including the ability to redline documents or draft new clauses using AI Assist, powered by OpenAI
- Be designated as a workflow approver for any contracts in Workflow Designer
- Search, view, and upload contracts in the Repository and create custom Repository and Dashboard views
- Create and view reports in Insights
Administrator Seats have full access to Ironclad's platform, allowing them to control user permissions, workflow configurations, integrations, and other admin settings. In addition to the abilities of Standard Seats, they have the ability to:
- Create and maintain workflow configurations in Workflow Designer
- Manage Groups, API Access, User Management, and Integration settings
Note: For all user types, a user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Ironclad CLM Add-ons
Ironclad's Coupa Integration streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition request
- Automatically approve workflows in Ironclad based on Coupa approvals
- Automatically hold purchase order generation until a contract is executed in Ironclad
Ironclad's Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange, and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from within Salesforce using a custom Lightning Web Component and map Salesforce fields to Ironclad workflow attributes
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object
API Access: API Access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here. Purchasing API Access is required for any API use beyond the basic Okta and SCIM integrations included with Ironclad CLM. API Access does not include access to Ironclad Clickwrap API endpoints.
Additional API calls: Additional API calls beyond the standard number that comes with API Access.
Additional Smart Import Uploads: Additional Smart Import uploads beyond the annual imports that come with an Ironclad CLM subscription.
Non-production Separate Instance: Ironclad instance for non-production uses such as training and testing.
Use of Ironclad's EU data center: Ironclad's European Union data center is based in Belgium with a backup center in Germany. This data center allows EU customers to store their data locally within the EU.
Additional 1TB of Storage: Additional storage beyond the standard 1 TB amount.
Ironclad Public Workflows
Ironclad's Public Workflows include self-service, publicly hosted contracts triggered by a launch form and accepted either using Click-to-Accept or an integration with an esignature provider. Ironclad’s Public Workflows come with 2 Administrator seats, which give users full access to Ironclad's platform, allowing them to control the user permissions, workflow configurations, integrations, and other settings needed to set up and maintain public workflows.
Ironclad Public Workflow Add-ons
Additional Click-to-Accepts (CTAs): Additional CTAs beyond the annual CTAs that come with your Public Workflow package.
Ironclad Legal Centers
Legal Centers provide the ability to manage, publish, and host legal terms online and incorporate them by reference in other documents. Package includes:
- 1 Legal Center link
- Branding with company logo
- Standard domain (No HTML/CSS customization)
Ironclad Clickwrap
Ironclad Clickwrap editions vary in features offered and may include access to some or all of the following:
- Embedded Contracts: Your license will include access to embedded contracts
- API (Application programming interface): Ironclad Clickwrap provides activity and REST APIs for customers to access clickwrap functionalities programmatically. API use is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here.
- JavaScript Snippet: The code snippet to be embedded on the customer website to display clickwrap agreements
- SDK (Software development kit): SDKs are wrapper for customers to access Ironclad Clickwrap APIs in their programming languages
- Snapshots: Snapshots allows users to configure, manage, and capture visual evidence of the clickwrap acceptance records
- Legal Centers: Web pages that Ironclad Clickwrap generates automatically to present your legal contracts
- Public Workflows: Self-service, publicly hosted contracts triggered by a launch form and accepted either using Click-to-Accept or an integration with an esignature provider
- Static Clickwrap records: Electronic records of acceptance that are created by Embedded Contracts that have no dynamic fields or conditions in the contract
- Dynamic Clickwrap records: Electronic records of acceptance that are created by Embedded Contracts that do have dynamic fields or conditions in the contract
Higher tier packages also include features like additional API access, dynamic and multi-language clickwrap agreements, custom branding and domains, Snapshot automation, developer sandboxes, and more.
Additional entitlements can be purchased, and are outlined in the section “Ironclad Clickwrap Add-Ons”.
Ironclad Clickwrap Add-ons
Additional Static Clickwrap records provide additional Static Clickwrap records that are created and stored. These additional records are bought on an annual basis and must be used within the term of the Ironclad Clickwrap subscription.
Additional Dynamic Clickwrap records provide additional Dynamic Clickwrap records that are created and stored. These additional records are bought on an annual basis and must be used within the term of the Ironclad Clickwrap subscription.
Custom Service Level Agreement provides customers on Ironclad Clickwrap Professional and Enterprise a guaranteed level of system availability.
Success Plans
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 8 hours
- P2: 24 hours
- P3: 48 hours
The Priority Success Plan helps you achieve your goals with self-guided resources and accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 6 hours
- P2: 12 hours
- P3: 24 hours
The Premier Success Plan provides you with access to success management assistance for adoption guidance during business hours as well as accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager to assist with adoption, best practices, and use-case optimization on the Ironclad platform. This includes 1:1 account and optimization reviews 2-3 times per year, in addition to an annual business review.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 2 hours
- P1: 4 hours
- P2: 12 hours
- P3: 24 hours
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring and adoption guidance.
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager for ongoing 1:1 personalized and recurring planning sessions, business reviews, and joint success plans centered around strategic goals and performance metrics.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases and live chat.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 1 hour
- P1: 2 hours
- P2: 4 hours
- P3: 8 hours
For all Success Plans, the following definitions apply:
- P0 - Ironclad production issue affecting all users, including system unavailability and data integrity issues with no workaround available. Software is materially non-functional.
- P1 - Significant or ongoing interruptions of use of critical software functions with no acceptable workaround available.
- P2 - Minor or limited interruptions of use of a non-critical software function. Issue affecting some but not all users. Short-term workaround is available.
- P3 - General questions and issues pertaining to the software. Information requested about software capabilities, usability, deployment or configuration.
Effective July 9th 2023 to July 11th 2023
DownloadTable of Contents
Ironclad CLM
Ironclad CLM provides access to create, manage, and store contracts. CLM also automatically extracts important contract data for verification when a customer uploads contracts to their repository. Includes API access for Okta and SCIM integrations.
Ironclad CLM User Types
Requester Seats have the ability to:
- Create contract requests using workflow launch forms
- View, comment on, upload/download drafts, and search for contracts
- Approve contracts that they have launched
- Sign contracts
Standard Seats are for business users who interact with all aspects of the Ironclad platform, but do not make changes to admin settings or workflow configurations. In addition to the abilities of Requester Seats, they have the ability to:
- Edit contracts using Ironclad Editor, including the ability to redline documents or draft new clauses using AI Assist, powered by OpenAI
- Be designated as a workflow approver for any contracts in Workflow Designer
- Search, view, and upload contracts in the Repository and create custom Repository and Dashboard views
- Create and view reports in Insights
Administrator Seats have full access to Ironclad's platform, allowing them to control user permissions, workflow configurations, integrations, and other admin settings. In addition to the abilities of Standard Seats, they have the ability to:
- Create and maintain workflow configurations in Workflow Designer
- Manage Groups, API Access, User Management, and Integration settings
Note: For all user types, a user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Ironclad CLM Add-ons
Ironclad's Coupa Integration streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition request
- Automatically approve workflows in Ironclad based on Coupa approvals
- Automatically hold purchase order generation until a contract is executed in Ironclad
Ironclad's Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange, and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from within Salesforce using a custom Lightning Web Component and map Salesforce fields to Ironclad workflow attributes
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object
API Access: API Access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here. Purchasing API Access is required for any API use beyond the basic Okta and SCIM integrations included with Ironclad CLM. API Access does not include access to Ironclad Clickwrap API endpoints.
Additional API calls: Additional API calls beyond the standard number that comes with API Access.
Additional Smart Import Uploads: Additional Smart Import uploads beyond the annual imports that come with an Ironclad CLM subscription.
Non-production Separate Instance: Ironclad instance for non-production uses such as training and testing.
Use of Ironclad's EU data center: Ironclad's European Union data center is based in Belgium with a backup center in Germany. This data center allows EU customers to store their data locally within the EU.
Additional 1TB of Storage: Additional storage beyond the standard 1 TB amount.
Ironclad Public Workflows
Ironclad's Public Workflows include self-service, publicly hosted contracts triggered by a launch form and accepted either using Click-to-Accept or an integration with an esignature provider. Ironclad’s Public Workflows come with 2 Administrator seats, which give users full access to Ironclad's platform, allowing them to control the user permissions, workflow configurations, integrations, and other settings needed to set up and maintain public workflows.
Ironclad Public Workflow Add-ons
Additional Click-to-Accepts (CTAs): Additional CTAs beyond the annual CTAs that come with your Public Workflow package.
Ironclad Legal Centers
Legal Centers provide the ability to manage, publish, and host legal terms online and incorporate them by reference in other documents. Package includes:
- 1 Legal Center link
- Branding with company logo
- Standard domain (No HTML/CSS customization)
Ironclad Clickwrap
Ironclad Clickwrap editions vary in features offered and may include access to some or all of the following:
- Embedded Contracts: Your license will include access to embedded contracts
- API (Application programming interface): Ironclad Clickwrap provides activity and REST APIs for customers to access clickwrap functionalities programmatically
- JavaScript Snippet: The code snippet to be embedded on the customer website to display clickwrap agreements
- SDK (Software development kit): SDKs are wrapper for customers to access Ironclad Clickwrap APIs in their programming languages
- Snapshots: Snapshots allows users to configure, manage, and capture visual evidence of the clickwrap acceptance records
- Legal Centers: Web pages that Ironclad Clickwrap generates automatically to present your legal contracts
- Public Workflows: Self-service, publicly hosted contracts triggered by a launch form and accepted either using Click-to-Accept or an integration with an esignature provider
- Static Clickwrap records: Electronic records of acceptance that are created by Embedded Contracts that have no dynamic fields or conditions in the contract
- Dynamic Clickwrap records: Electronic records of acceptance that are created by Embedded Contracts that do have dynamic fields or conditions in the contract
Higher tier packages also include features like additional API access, dynamic and multi-language clickwrap agreements, custom branding and domains, Snapshot automation, developer sandboxes, and more.
Additional entitlements can be purchased, and are outlined in the section “Ironclad Clickwrap Add-Ons”.
Ironclad Clickwrap Add-ons
Additional Static Clickwrap records provide additional Static Clickwrap records that are created and stored. These additional records are bought on an annual basis and must be used within the term of the Ironclad Clickwrap subscription.
Additional Dynamic Clickwrap records provide additional Dynamic Clickwrap records that are created and stored. These additional records are bought on an annual basis and must be used within the term of the Ironclad Clickwrap subscription.
Custom Service Level Agreement provides customers on Ironclad Clickwrap Professional and Enterprise a guaranteed level of system availability.
Success Plans
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 8 hours
- P2: 24 hours
- P3: 48 hours
The Priority Success Plan helps you achieve your goals with self-guided resources and accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 6 hours
- P2: 12 hours
- P3: 24 hours
The Premier Success Plan provides you with access to success management assistance for adoption guidance during business hours as well as accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager to assist with adoption, best practices, and use-case optimization on the Ironclad platform. This includes 1:1 account and optimization reviews 2-3 times per year, in addition to an annual business review.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 2 hours
- P1: 4 hours
- P2: 12 hours
- P3: 24 hours
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring and adoption guidance.
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager for ongoing 1:1 personalized and recurring planning sessions, business reviews, and joint success plans centered around strategic goals and performance metrics.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases and live chat.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 1 hour
- P1: 2 hours
- P2: 4 hours
- P3: 8 hours
For all Success Plans, the following definitions apply:
- P0 - Ironclad production issue affecting all users, including system unavailability and data integrity issues with no workaround available. Software is materially non-functional.
- P1 - Significant or ongoing interruptions of use of critical software functions with no acceptable workaround available.
- P2 - Minor or limited interruptions of use of a non-critical software function. Issue affecting some but not all users. Short-term workaround is available.
- P3 - General questions and issues pertaining to the software. Information requested about software capabilities, usability, deployment or configuration.
Effective July 5th 2023 to July 9th 2023
DownloadTable of Contents
Ironclad CLM
Ironclad CLM provides access to create, manage, and store contracts. CLM also automatically extracts important contract data for verification when a customer uploads contracts to their repository. Includes API access for Okta and SCIM integrations.
Ironclad CLM User Types
Requester Seats have the ability to:
- Create contract requests using workflow launch forms
- View, comment on, upload/download drafts, and search for contracts
- Approve contracts that they have launched
- Sign contracts
Standard Seats are for business users who interact with all aspects of the Ironclad platform, but do not make changes to admin settings or workflow configurations. In addition to the abilities of Requester Seats, they have the ability to:
- Edit contracts using Ironclad Editor, including the ability to redline documents or draft new clauses using AI Assist, powered by OpenAI
- Be designated as a workflow approver for any contracts in Workflow Designer
- Search, view, and upload contracts in the Repository and create custom Repository and Dashboard views
- Create and view reports in Insights
Administrator Seats have full access to Ironclad's platform, allowing them to control user permissions, workflow configurations, integrations, and other admin settings. In addition to the abilities of Standard Seats, they have the ability to:
- Create and maintain workflow configurations in Workflow Designer
- Manage Groups, API Access, User Management, and Integration settings
Note: For all user types, a user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Ironclad CLM Add-ons
Ironclad's Coupa Integration streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition request
- Automatically approve workflows in Ironclad based on Coupa approvals
- Automatically hold purchase order generation until a contract is executed in Ironclad
Ironclad's Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange, and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from within Salesforce using a custom Lightning Web Component and map Salesforce fields to Ironclad workflow attributes
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object
API Access: API Access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here. Purchasing API Access is required for any API use beyond the basic Okta and SCIM integrations included with Ironclad CLM. API Access does not include access to Ironclad Clickwrap API endpoints.
Additional API calls: Additional API calls beyond the standard number that comes with API Access.
Additional Smart Import Uploads: Additional Smart Import uploads beyond the annual imports that come with an Ironclad CLM subscription.
Non-production Separate Instance: Ironclad instance for non-production uses such as training and testing.
Use of Ironclad's EU data center: Ironclad's European Union data center is based in Belgium with a backup center in Germany. This data center allows EU customers to store their data locally within the EU.
Additional 1TB of Storage: Additional storage beyond the standard 1 TB amount.
Ironclad Public Workflows
Ironclad's Public Workflows include self-service, publicly hosted contracts triggered by a launch form and accepted either using Click-to-Accept or an integration with an esignature provider. Ironclad’s Public Workflows come with 2 Administrator seats, which give users full access to Ironclad's platform, allowing them to control the user permissions, workflow configurations, integrations, and other settings needed to set up and maintain public workflows.
Ironclad Public Workflow Add-ons
Additional Click-to-Accepts (CTAs): Additional CTAs beyond the annual CTAs that come with your Public Workflow package.
Ironclad Legal Centers
Legal Centers provide the ability to manage, publish, and host legal terms online and incorporate them by reference in other documents. Package includes:
- 1 Legal Center link
- Branding with company logo
- Standard domain (No HTML/CSS customization)
Ironclad Clickwrap
Ironclad Clickwrap editions vary in features offered and may include access to some or all of the following:
- Embedded Contracts: Your license will include access to embedded contracts
- API (Application programming interface): Ironclad Clickwrap provides activity and REST APIs for customers to access clickwrap functionalities programmatically
- JavaScript Snippet: The code snippet to be embedded on the customer website to display clickwrap agreements
- SDK (Software development kit): SDKs are wrapper for customers to access Ironclad Clickwrap APIs in their programming languages
- Snapshots: Snapshots allows users to configure, manage, and capture visual evidence of the clickwrap acceptance records
- Legal Centers: Web pages that Ironclad Clickwrap generates automatically to present your legal contracts
- Public Workflows: Self-service, publicly hosted contracts triggered by a launch form and accepted either using Click-to-Accept or an integration with an esignature provider
- Static Clickwrap records: Electronic records of acceptance that are created by Embedded Contracts that have no dynamic fields or conditions in the contract
- Dynamic Clickwrap records: Electronic records of acceptance that are created by Embedded Contracts that do have dynamic fields or conditions in the contract
Higher tier packages also include features like additional API access, dynamic and multi-language clickwrap agreements, custom branding and domains, Snapshot automation, developer sandboxes, and more.
Additional entitlements can be purchased, and are outlined in the section “Ironclad Clickwrap Add-Ons”.
Ironclad Clickwrap Add-ons
Additional Static Clickwrap records provide additional Static Clickwrap records that are created and stored. These additional records are bought on an annual basis and must be used within the term of the Ironclad Clickwrap subscription.
Additional Dynamic Clickwrap records provide additional Dynamic Clickwrap records that are created and stored. These additional records are bought on an annual basis and must be used within the term of the Ironclad Clickwrap subscription.
Custom Service Level Agreement provides customers on Ironclad Clickwrap Professional and Enterprise a guaranteed level of system availability.
Success Plans
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 8 hours
- P2: 24 hours
- P3: 48 hours
The Priority Success Plan helps you achieve your goals with self-guided resources and accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 6 hours
- P2: 12 hours
- P3: 24 hours
The Premier Success Plan provides you with access to success management assistance for adoption guidance during business hours as well as accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager to assist with adoption, best practices, and use-case optimization on the Ironclad platform. This includes 1:1 account and optimization reviews 2-3 times per year, in addition to an annual business review.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 2 hours
- P1: 4 hours
- P2: 12 hours
- P3: 24 hours
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring and adoption guidance.
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager for ongoing 1:1 personalized and recurring planning sessions, business reviews, and joint success plans centered around strategic goals and performance metrics.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases and live chat.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 1 hour
- P1: 2 hours
- P2: 4 hours
- P3: 8 hours
For all Success Plans, the following definitions apply:
- P0 - Ironclad production issue affecting all users, including system unavailability and data integrity issues with no workaround available. Software is materially non-functional.
- P1 - Significant or ongoing interruptions of use of critical software functions with no acceptable workaround available.
- P2 - Minor or limited interruptions of use of a non-critical software function. Issue affecting some but not all users. Short-term workaround is available.
- P3 - General questions and issues pertaining to the software. Information requested about software capabilities, usability, deployment or configuration.
Effective May 5th 2023 to July 5th 2023
DownloadTable of Contents
Ironclad CLM
Ironclad CLM provides access to create, manage, and store contracts. CLM also automatically extracts important contract data for verification when a customer uploads contracts to their repository. Includes API access for Okta and SCIM integrations.
Ironclad CLM User Types
Requester Seats have the ability to:
- Create contract requests using workflow launch forms
- View, comment on, upload/download drafts, and search for contracts
- Approve contracts that they have launched
- Sign contracts
Standard Seats are for business users who interact with all aspects of the Ironclad platform, but do not make changes to admin settings or workflow configurations. In addition to the abilities of Requester Seats, they have the ability to:
- Edit contracts using Ironclad Editor, including the ability to redline documents or draft new clauses using AI Assist, powered by OpenAI
- Be designated as a workflow approver for any contracts in Workflow Designer
- Search, view, and upload contracts in the Repository and create custom Repository and Dashboard views
- Create and view reports in Insights
Administrator Seats have full access to Ironclad's platform, allowing them to control user permissions, workflow configurations, integrations, and other admin settings. In addition to the abilities of Standard Seats, they have the ability to:
- Create and maintain workflow configurations in Workflow Designer
- Manage Groups, API Access, User Management, and Integration settings
Note: For all user types, a user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Ironclad CLM Add-ons
Ironclad's Coupa Integration streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition request
- Automatically approve workflows in Ironclad based on Coupa approvals
- Automatically hold purchase order generation until a contract is executed in Ironclad
Ironclad's Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange, and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from within Salesforce using a custom Lightning Web Component and map Salesforce fields to Ironclad workflow attributes
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object
API Access: API access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. Purchasing API Access is required for any API use beyond the basic Okta and SCIM integrations included with Ironclad CLM. API Access is capped at the total of 100 API calls per user per 24-hour period * the number of seats on your Ironclad CLM platform. API Access does not include access to Ironclad Clickwrap API endpoints.
Additional API calls: Additional API calls per user per 24-hour period beyond the standard 100 API calls per user per 24-hour period * the number of seats on your Ironclad CLM platform.
Additional Smart Import Uploads: Additional Smart Import uploads beyond the annual imports that come with an Ironclad CLM subscription.
Non-production Separate Instance: Ironclad instance for non-production uses such as training and testing.
Use of Ironclad's EU data center: Ironclad's European Union data center is based in Belgium with a backup center in Germany. This data center allows EU customers to store their data locally within the EU.
Additional 1TB of Storage: Additional storage beyond the standard 1 TB amount.
Ironclad Public Workflows
Ironclad's Public Workflows include self-service, publicly hosted contracts triggered by a launch form and accepted either using Click-to-Accept or an integration with an esignature provider. Ironclad’s Public Workflows come with 2 Administrator seats, which give users full access to Ironclad's platform, allowing them to control the user permissions, workflow configurations, integrations, and other settings needed to set up and maintain public workflows.
Ironclad Public Workflow Add-ons
Additional Click-to-Accepts (CTAs): Additional CTAs beyond the annual CTAs that come with your Public Workflow package.
Ironclad Legal Centers
Legal Centers provide the ability to manage, publish, and host legal terms online and incorporate them by reference in other documents. Package includes:
- 1 Legal Center link
- Branding with company logo
- Standard domain (No HTML/CSS customization)
Ironclad Clickwrap
Ironclad Clickwrap editions vary in features offered and may include access to some or all of the following:
- Embedded Contracts: Your license will include access to embedded contracts
- API (Application programming interface): Ironclad Clickwrap provides activity and REST APIs for customers to access clickwrap functionalities programmatically
- JavaScript Snippet: The code snippet to be embedded on the customer website to display clickwrap agreements
- SDK (Software development kit): SDKs are wrapper for customers to access Ironclad Clickwrap APIs in their programming languages
- Snapshots: Snapshots allows users to configure, manage, and capture visual evidence of the clickwrap acceptance records
- Legal Centers: Web pages that Ironclad Clickwrap generates automatically to present your legal contracts
- Public Workflows: Self-service, publicly hosted contracts triggered by a launch form and accepted either using Click-to-Accept or an integration with an esignature provider
- Static Clickwrap records: Electronic records of acceptance that are created by Embedded Contracts that have no dynamic fields or conditions in the contract
- Dynamic Clickwrap records: Electronic records of acceptance that are created by Embedded Contracts that do have dynamic fields or conditions in the contract
Higher tier packages also include features like additional API access, dynamic and multi-language clickwrap agreements, custom branding and domains, Snapshot automation, developer sandboxes, and more.
Additional entitlements can be purchased, and are outlined in the section “Ironclad Clickwrap Add-Ons”.
Ironclad Clickwrap Add-ons
Additional Static Clickwrap records provide additional Static Clickwrap records that are created and stored. These additional records are bought on an annual basis and must be used within the term of the Ironclad Clickwrap subscription.
Additional Dynamic Clickwrap records provide additional Dynamic Clickwrap records that are created and stored. These additional records are bought on an annual basis and must be used within the term of the Ironclad Clickwrap subscription.
Custom Service Level Agreement provides customers on Ironclad Clickwrap Professional and Enterprise a guaranteed level of system availability.
Success Plans
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 8 hours
- P2: 24 hours
- P3: 48 hours
The Priority Success Plan helps you achieve your goals with self-guided resources and accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 6 hours
- P2: 12 hours
- P3: 24 hours
The Premier Success Plan provides you with access to success management assistance for adoption guidance during business hours as well as accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager to assist with adoption, best practices, and use-case optimization on the Ironclad platform. This includes 1:1 account and optimization reviews 2-3 times per year, in addition to an annual business review.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 2 hours
- P1: 4 hours
- P2: 12 hours
- P3: 24 hours
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring and adoption guidance.
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager for ongoing 1:1 personalized and recurring planning sessions, business reviews, and joint success plans centered around strategic goals and performance metrics.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases and live chat.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 1 hour
- P1: 2 hours
- P2: 4 hours
- P3: 8 hours
For all Success Plans, the following definitions apply:
- P0 - Ironclad production issue affecting all users, including system unavailability and data integrity issues with no workaround available. Software is materially non-functional.
- P1 - Significant or ongoing interruptions of use of critical software functions with no acceptable workaround available.
- P2 - Minor or limited interruptions of use of a non-critical software function. Issue affecting some but not all users. Short-term workaround is available.
- P3 - General questions and issues pertaining to the software. Information requested about software capabilities, usability, deployment or configuration.
Effective April 21st 2023 to May 5th 2023
DownloadTable of Contents
Ironclad CLM
Ironclad CLM provides access to create, manage, and store contracts. CLM also automatically extracts important contract data for verification when a customer uploads contracts to their repository.
Ironclad CLM User Types
Requester Seats have the ability to:
- Create contract requests using workflow launch forms
- View, comment on, upload/download drafts, and search for contracts
- Approve contracts that they have launched
- Sign contracts
Standard Seats are for business users who interact with all aspects of the Ironclad platform, but do not make changes to admin settings or workflow configurations. In addition to the abilities of Requester Seats, they have the ability to:
- Edit contracts using Ironclad Editor, including the ability to redline documents or draft new clauses using AI Assist, powered by OpenAI
- Be designated as a workflow approver for any contracts in Workflow Designer
- Search, view, and upload contracts in the Repository and create custom Repository and Dashboard views
- Create and view reports in Insights
Administrator Seats have full access to Ironclad's platform, allowing them to control user permissions, workflow configurations, integrations, and other admin settings. In addition to the abilities of Standard Seats, they have the ability to:
- Create and maintain workflow configurations in Workflow Designer
- Manage Groups, API Access, User Management, and Integration settings
Note: For all user types, a user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Ironclad CLM Add-ons
Ironclad's Coupa Integration streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition request
- Automatically approve workflows in Ironclad based on Coupa approvals
- Automatically hold purchase order generation until a contract is executed in Ironclad
Ironclad's Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange, and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from within Salesforce using a custom Lightning Web Component and map Salesforce fields to Ironclad workflow attributes
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object
API Access: API access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is capped at the total of 100 API calls per user per 24-hour period * the number of seats on your Ironclad CLM platform. API Access does not include access to Ironclad Clickwrap API endpoints.
Additional API calls: Additional API calls per user per 24-hour period beyond the standard 100 API calls per user per 24-hour period * the number of seats on your Ironclad CLM platform.
Additional Smart Import Uploads: Additional Smart Import uploads beyond the annual imports that come with an Ironclad CLM subscription.
Non-production Separate Instance: Ironclad instance for non-production uses such as training and testing.
Use of Ironclad's EU data center: Ironclad's European Union data center is based in Belgium with a backup center in Germany. This data center allows EU customers to store their data locally within the EU.
Additional 1TB of Storage: Additional storage beyond the standard 1 TB amount.
Ironclad Public Workflows
Ironclad's Public Workflows include self-service, publicly hosted contracts triggered by a launch form and accepted either using Click-to-Accept or an integration with an esignature provider. Ironclad’s Public Workflows come with 2 Administrator seats, which give users full access to Ironclad's platform, allowing them to control the user permissions, workflow configurations, integrations, and other settings needed to set up and maintain public workflows.
Ironclad Public Workflow Add-ons
Additional Click-to-Accepts (CTAs): Additional CTAs beyond the annual CTAs that come with your Public Workflow package.
Ironclad Legal Centers
Legal Centers provide the ability to manage, publish, and host legal terms online and incorporate them by reference in other documents. Package includes:
- 1 Legal Center link
- Branding with company logo
- Standard domain (No HTML/CSS customization)
Ironclad Clickwrap
Ironclad Clickwrap editions vary in features offered and may include access to some or all of the following:
- Embedded Contracts: Your license will include access to embedded contracts
- API (Application programming interface): Ironclad Clickwrap provides activity and REST APIs for customers to access clickwrap functionalities programmatically
- JavaScript Snippet: The code snippet to be embedded on the customer website to display clickwrap agreements
- SDK (Software development kit): SDKs are wrapper for customers to access Ironclad Clickwrap APIs in their programming languages
- Snapshots: Snapshots allows users to configure, manage, and capture visual evidence of the clickwrap acceptance records
- Legal Centers: Web pages that Ironclad Clickwrap generates automatically to present your legal contracts
- Public Workflows: Self-service, publicly hosted contracts triggered by a launch form and accepted either using Click-to-Accept or an integration with an esignature provider
- Static Clickwrap records: Electronic records of acceptance that are created by Embedded Contracts that have no dynamic fields or conditions in the contract
- Dynamic Clickwrap records: Electronic records of acceptance that are created by Embedded Contracts that do have dynamic fields or conditions in the contract
Higher tier packages also include features like additional API access, dynamic and multi-language clickwrap agreements, custom branding and domains, Snapshot automation, developer sandboxes, and more.
Additional entitlements can be purchased, and are outlined in the section “Ironclad Clickwrap Add-Ons”.
Ironclad Clickwrap Add-ons
Additional Static Clickwrap records provide additional Static Clickwrap records that are created and stored. These additional records are bought on an annual basis and must be used within the term of the Ironclad Clickwrap subscription.
Additional Dynamic Clickwrap records provide additional Dynamic Clickwrap records that are created and stored. These additional records are bought on an annual basis and must be used within the term of the Ironclad Clickwrap subscription.
Custom Service Level Agreement provides customers on Ironclad Clickwrap Professional and Enterprise a guaranteed level of system availability.
Success Plans
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 8 hours
- P2: 24 hours
- P3: 48 hours
The Priority Success Plan helps you achieve your goals with self-guided resources and accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 6 hours
- P2: 12 hours
- P3: 24 hours
The Premier Success Plan provides you with access to success management assistance for adoption guidance during business hours as well as accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager to assist with adoption, best practices, and use-case optimization on the Ironclad platform. This includes 1:1 account and optimization reviews 2-3 times per year, in addition to an annual business review.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 2 hours
- P1: 4 hours
- P2: 12 hours
- P3: 24 hours
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring and adoption guidance.
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager for ongoing 1:1 personalized and recurring planning sessions, business reviews, and joint success plans centered around strategic goals and performance metrics.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases and live chat.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 1 hour
- P1: 2 hours
- P2: 4 hours
- P3: 8 hours
For all Success Plans, the following definitions apply:
- P0 - Ironclad production issue affecting all users, including system unavailability and data integrity issues with no workaround available. Software is materially non-functional.
- P1 - Significant or ongoing interruptions of use of critical software functions with no acceptable workaround available.
- P2 - Minor or limited interruptions of use of a non-critical software function. Issue affecting some but not all users. Short-term workaround is available.
- P3 - General questions and issues pertaining to the software. Information requested about software capabilities, usability, deployment or configuration.
Effective April 11th 2023 to April 21st 2023
DownloadTable of Contents
Ironclad CLM
Ironclad CLM provides access to create, manage, and store contracts. CLM also automatically extracts important contract data for verification when a customer uploads contracts to their repository.
Ironclad CLM User Types
Requester Seats have the ability to:
- Create contract requests using workflow launch forms
- View, comment on, upload/download drafts, and search for contracts
- Approve contracts that they have launched
- Sign contracts
Standard Seats are for business users who interact with all aspects of the Ironclad platform, but do not make changes to admin settings or workflow configurations. In addition to the abilities of Requester Seats, they have the ability to:
- Edit contracts using Ironclad Editor, including advanced AI features like AI Assist and AI Playbooks
- Be designated as a workflow approver for any contracts in Workflow Designer
- Search, view, and upload contracts in the Repository and create custom Repository and Dashboard views
- Create and view reports in Insights
Administrator Seats have full access to Ironclad's platform, allowing them to control user permissions, workflow configurations, integrations, and other admin settings. In addition to the abilities of Standard Seats, they have the ability to:
- Create and maintain workflow configurations in Workflow Designer
- Manage Groups, API Access, User Management, and Integration settings
Note: For all user types, a user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Ironclad CLM Add-ons
Ironclad's Coupa Integration streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition request
- Automatically approve workflows in Ironclad based on Coupa approvals
- Automatically hold purchase order generation until a contract is executed in Ironclad
Ironclad's Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange, and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from within Salesforce using a custom Lightning Web Component and map Salesforce fields to Ironclad workflow attributes
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object
API Access: API access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is capped at the total of 100 API calls per user per 24-hour period * the number of seats on your Ironclad CLM platform. API Access does not include access to Ironclad Clickwrap API endpoints.
Additional API calls: Additional API calls per user per 24-hour period beyond the standard 100 API calls per user per 24-hour period * the number of seats on your Ironclad CLM platform.
Additional Smart Import Uploads: Additional Smart Import uploads beyond the annual imports that come with an Ironclad CLM subscription.
Non-production Separate Instance: Ironclad instance for non-production uses such as training and testing.
Use of Ironclad's EU data center: Ironclad's European Union data center is based in Belgium with a backup center in Germany. This data center allows EU customers to store their data locally within the EU.
Additional 1TB of Storage: Additional storage beyond the standard 1 TB amount.
Ironclad Public Workflows
Ironclad's Public Workflows include self-service, publicly hosted contracts triggered by a launch form and accepted either using Click-to-Accept or an integration with an esignature provider. Ironclad’s Public Workflows come with 2 Administrator seats, which give users full access to Ironclad's platform, allowing them to control the user permissions, workflow configurations, integrations, and other settings needed to set up and maintain public workflows.
Ironclad Public Workflow Add-ons
Additional Click-to-Accepts (CTAs): Additional CTAs beyond the annual CTAs that come with your Public Workflow package.
Ironclad Legal Centers
Legal Centers provide the ability to manage, publish, and host legal terms online and incorporate them by reference in other documents. Package includes:
- 1 Legal Center link
- Branding with company logo
- Standard domain (No HTML/CSS customization)
Ironclad Clickwrap
Ironclad Clickwrap editions vary in features offered and may include access to some or all of the following:
- Embedded Contracts: Your license will include access to embedded contracts
- API (Application programming interface): Ironclad Clickwrap provides activity and REST APIs for customers to access clickwrap functionalities programmatically
- JavaScript Snippet: The code snippet to be embedded on the customer website to display clickwrap agreements
- SDK (Software development kit): SDKs are wrapper for customers to access Ironclad Clickwrap APIs in their programming languages
- Snapshots: Snapshots allows users to configure, manage, and capture visual evidence of the clickwrap acceptance records
- Legal Centers: Web pages that Ironclad Clickwrap generates automatically to present your legal contracts
- Public Workflows: Self-service, publicly hosted contracts triggered by a launch form and accepted either using Click-to-Accept or an integration with an esignature provider
- Static Clickwrap records: Electronic records of acceptance that are created by Embedded Contracts that have no dynamic fields or conditions in the contract
- Dynamic Clickwrap records: Electronic records of acceptance that are created by Embedded Contracts that do have dynamic fields or conditions in the contract
Higher tier packages also include features like additional API access, dynamic and multi-language clickwrap agreements, custom branding and domains, Snapshot automation, developer sandboxes, and more.
Additional entitlements can be purchased, and are outlined in the section “Ironclad Clickwrap Add-Ons”.
Ironclad Clickwrap Add-ons
Additional Static Clickwrap records provide additional Static Clickwrap records that are created and stored. These additional records are bought on an annual basis and must be used within the term of the Ironclad Clickwrap subscription.
Additional Dynamic Clickwrap records provide additional Dynamic Clickwrap records that are created and stored. These additional records are bought on an annual basis and must be used within the term of the Ironclad Clickwrap subscription.
Custom Service Level Agreement provides customers on Ironclad Clickwrap Professional and Enterprise a guaranteed level of system availability.
Success Plans
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 8 hours
- P2: 24 hours
- P3: 48 hours
The Priority Success Plan helps you achieve your goals with self-guided resources and accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 6 hours
- P2: 12 hours
- P3: 24 hours
The Premier Success Plan provides you with access to success management assistance for adoption guidance during business hours as well as accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager to assist with adoption, best practices, and use-case optimization on the Ironclad platform. This includes 1:1 account and optimization reviews 2-3 times per year, in addition to an annual business review.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 2 hours
- P1: 4 hours
- P2: 12 hours
- P3: 24 hours
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring and adoption guidance.
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager for ongoing 1:1 personalized and recurring planning sessions, business reviews, and joint success plans centered around strategic goals and performance metrics.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases and live chat.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 1 hour
- P1: 2 hours
- P2: 4 hours
- P3: 8 hours
For all Success Plans, the following definitions apply:
- P0 - Ironclad production issue affecting all users, including system unavailability and data integrity issues with no workaround available. Software is materially non-functional.
- P1 - Significant or ongoing interruptions of use of critical software functions with no acceptable workaround available.
- P2 - Minor or limited interruptions of use of a non-critical software function. Issue affecting some but not all users. Short-term workaround is available.
- P3 - General questions and issues pertaining to the software. Information requested about software capabilities, usability, deployment or configuration.
Effective April 11th 2023 to April 11th 2023
DownloadTable of Contents
Ironclad CLM
Ironclad CLM provides access to create, manage, and store contracts. CLM also automatically extracts important contract data for verification when a customer uploads contracts to their repository.
Ironclad CLM User Types
Requester Seats have the ability to:
- Create contract requests using workflow launch forms
- Search, iew, comment on, upload/download drafts, and search for contracts
- Approve contracts that they have launched
- Sign contracts
Standard Seats are for business users who interact with all aspects of the Ironclad platform, but do not make changes to admin settings or workflow configurations. In addition to the abilities of Requester Seats, they have the ability to:
- Edit contracts using Ironclad Editor, including advanced AI features like AI Assist and AI Playbooks
- Be designated as a workflow approver for any contracts in Workflow Designer
- Search, view, and upload contracts in the Repository and create custom Repository and Dashboard views
- Create and view reports in Insights
Administrator Seats have full access to Ironclad's platform, allowing them to control user permissions, workflow configurations, integrations, and other admin settings. In addition to the abilities of Standard Seats, they have the ability to:
- Create and maintain workflow configurations in Workflow Designer
- Manage Groups, API Access, User Management, and Integration settings
Note: For all user types, a user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Ironclad CLM Add-ons
Ironclad's Coupa Integration streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition request
- Automatically approve workflows in Ironclad based on Coupa approvals
- Automatically hold purchase order generation until a contract is executed in Ironclad
Ironclad's Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange, and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from within Salesforce using a custom Lightning Web Component and map Salesforce fields to Ironclad workflow attributes
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object
API Access: API access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is capped at the total of 100 API calls per user per 24-hour period * the number of seats on your Ironclad CLM platform. API Access does not include access to Ironclad Clickwrap API endpoints.
Additional API calls: Additional API calls per user per 24-hour period beyond the standard 100 API calls per user per 24-hour period * the number of seats on your Ironclad CLM platform.
Additional Smart Import Uploads: Additional Smart Import uploads beyond the annual imports that come with an Ironclad CLM subscription.
Non-production Separate Instance: Ironclad instance for non-production uses such as training and testing.
Use of Ironclad's EU data center: Ironclad's European Union data center is based in Belgium with a backup center in Germany. This data center allows EU customers to store their data locally within the EU.
Additional 1TB of Storage: Additional storage beyond the standard 1 TB amount.
Ironclad Public Workflows
Ironclad's Public Workflows include self-service, publicly hosted contracts triggered by a launch form and accepted either using Click-to-Accept or an integration with an esignature provider. Ironclad’s Public Workflows come with 2 Administrator seats, which give users full access to Ironclad's platform, allowing them to control the user permissions, workflow configurations, integrations, and other settings needed to set up and maintain public workflows.
Ironclad Public Workflow Add-ons
Additional Click-to-Accepts (CTAs): Additional CTAs beyond the annual CTAs that come with your Public Workflow package.
Ironclad Legal Centers
Legal Centers provide the ability to manage, publish, and host legal terms online and incorporate them by reference in other documents. Package includes:
- 1 Legal Center link
- Branding with company logo
- Standard domain (No HTML/CSS customization)
Ironclad Clickwrap
Ironclad Clickwrap editions vary in features offered and may include access to some or all of the following:
- Embedded Contracts: Your license will include access to embedded contracts
- API (Application programming interface): Ironclad Clickwrap provides activity and REST APIs for customers to access clickwrap functionalities programmatically
- JavaScript Snippet: The code snippet to be embedded on the customer website to display clickwrap agreements
- SDK (Software development kit): SDKs are wrapper for customers to access Ironclad Clickwrap APIs in their programming languages
- Snapshots: Snapshots allows users to configure, manage, and capture visual evidence of the clickwrap acceptance records
- Legal Centers: Web pages that Ironclad Clickwrap generates automatically to present your legal contracts
- Public Workflows: Self-service, publicly hosted contracts triggered by a launch form and accepted either using Click-to-Accept or an integration with an esignature provider
- Static Clickwrap records: Electronic records of acceptance that are created by Embedded Contracts that have no dynamic fields or conditions in the contract
- Dynamic Clickwrap records: Electronic records of acceptance that are created by Embedded Contracts that do have dynamic fields or conditions in the contract
Higher tier packages also include features like additional API access, dynamic and multi-language clickwrap agreements, custom branding and domains, Snapshot automation, developer sandboxes, and more.
Additional entitlements can be purchased, and are outlined in the section “Ironclad Clickwrap Add-Ons”.
Ironclad Clickwrap Add-ons
Additional Static Clickwrap records provide additional Static Clickwrap records that are created and stored. These additional records are bought on an annual basis and must be used within the term of the Ironclad Clickwrap subscription.
Additional Dynamic Clickwrap records provide additional Dynamic Clickwrap records that are created and stored. These additional records are bought on an annual basis and must be used within the term of the Ironclad Clickwrap subscription.
Custom Service Level Agreement provides customers on Ironclad Clickwrap Professional and Enterprise a guaranteed level of system availability.
Success Plans
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 8 hours
- P2: 24 hours
- P3: 48 hours
The Priority Success Plan helps you achieve your goals with self-guided resources and accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 6 hours
- P2: 12 hours
- P3: 24 hours
The Premier Success Plan provides you with access to success management assistance for adoption guidance during business hours as well as accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager to assist with adoption, best practices, and use-case optimization on the Ironclad platform. This includes 1:1 account and optimization reviews 2-3 times per year, in addition to an annual business review.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 2 hours
- P1: 4 hours
- P2: 12 hours
- P3: 24 hours
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring and adoption guidance.
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager for ongoing 1:1 personalized and recurring planning sessions, business reviews, and joint success plans centered around strategic goals and performance metrics.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases and live chat.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 1 hour
- P1: 2 hours
- P2: 4 hours
- P3: 8 hours
For all Success Plans, the following definitions apply:
- P0 - Ironclad production issue affecting all users, including system unavailability and data integrity issues with no workaround available. Software is materially non-functional.
- P1 - Significant or ongoing interruptions of use of critical software functions with no acceptable workaround available.
- P2 - Minor or limited interruptions of use of a non-critical software function. Issue affecting some but not all users. Short-term workaround is available.
- P3 - General questions and issues pertaining to the software. Information requested about software capabilities, usability, deployment or configuration.
Effective March 6th 2023 to April 11th 2023
DownloadTable of Contents
Ironclad CLM
Ironclad CLM provides access to create, manage, and store contracts. CLM also automatically extracts important contract data for verification when a customer uploads contracts to their repository.
Ironclad CLM User Types
Requester Seats have the ability to:
- Create contract requests using workflow launch forms
- View, comment on, and search for contracts that they have launched and/or participated in
- Sign contracts
Standard Seats are for business users who interact with all aspects of the Ironclad platform, but do not make changes to admin settings or workflow configurations. In addition to the abilities of Requester Seats, they have the ability to:
- Manage and update contract versions using Ironclad Editor, Share Document, and document upload/download functionality
- Search and view contracts in the Repository and Dashboard
- Be designated as a workflow approver in Workflow Designer
- Create and view reports in Insights
Administrator Seats have full access to Ironclad's platform, allowing them to control user permissions, workflow configurations, integrations, and other admin settings. In addition to the abilities of Standard Seats, they have the ability to:
- Create and maintain workflow configurations in Workflow Designer
- Manage Groups, API Access, User Management, and Integration settings
Note: For all user types, a user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Ironclad CLM Add-ons
Ironclad's Coupa Integration streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition request
- Automatically approve workflows in Ironclad based on Coupa approvals
- Automatically hold purchase order generation until a contract is executed in Ironclad
Ironclad's Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange, and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from within Salesforce using a custom Lightning Web Component and map Salesforce fields to Ironclad workflow attributes
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object
API Access: API access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is capped at the total of 100 API calls per user per 24-hour period * the number of seats on your Ironclad CLM platform. API Access does not include access to Ironclad Clickwrap API endpoints.
Additional API calls: Additional API calls per user per 24-hour period beyond the standard 100 API calls per user per 24-hour period * the number of seats on your Ironclad CLM platform.
Additional Smart Import Uploads: Additional Smart Import uploads beyond the annual imports that come with an Ironclad CLM subscription.
Non-production Separate Instance: Ironclad instance for non-production uses such as training and testing.
Use of Ironclad's EU data center: Ironclad's European Union data center is based in Belgium with a backup center in Germany. This data center allows EU customers to store their data locally within the EU.
Additional 1TB of Storage: Additional storage beyond the standard 1 TB amount.
Ironclad Public Workflows
Ironclad's Public Workflows include self-service, publicly hosted contracts triggered by a launch form and accepted either using Click-to-Accept or an integration with an esignature provider. Ironclad’s Public Workflows come with 2 Administrator seats, which give users full access to Ironclad's platform, allowing them to control the user permissions, workflow configurations, integrations, and other settings needed to set up and maintain public workflows.
Ironclad Public Workflow Add-ons
Additional Click-to-Accepts (CTAs): Additional CTAs beyond the annual CTAs that come with your Public Workflow package.
Ironclad Legal Centers
Legal Centers provide the ability to manage, publish, and host legal terms online and incorporate them by reference in other documents. Package includes:
- 1 Legal Center link
- Branding with company logo
- Standard domain (No HTML/CSS customization)
Ironclad Clickwrap
Ironclad Clickwrap editions vary in features offered and may include access to some or all of the following:
- Embedded Contracts: Your license will include access to embedded contracts
- API (Application programming interface): Ironclad Clickwrap provides activity and REST APIs for customers to access clickwrap functionalities programmatically
- JavaScript Snippet: The code snippet to be embedded on the customer website to display clickwrap agreements
- SDK (Software development kit): SDKs are wrapper for customers to access Ironclad Clickwrap APIs in their programming languages
- Snapshots: Snapshots allows users to configure, manage, and capture visual evidence of the clickwrap acceptance records
- Legal Centers: Web pages that Ironclad Clickwrap generates automatically to present your legal contracts
- Public Workflows: Self-service, publicly hosted contracts triggered by a launch form and accepted either using Click-to-Accept or an integration with an esignature provider
- Static Clickwrap records: Electronic records of acceptance that are created by Embedded Contracts that have no dynamic fields or conditions in the contract
- Dynamic Clickwrap records: Electronic records of acceptance that are created by Embedded Contracts that do have dynamic fields or conditions in the contract
Higher tier packages also include features like additional API access, dynamic and multi-language clickwrap agreements, custom branding and domains, Snapshot automation, developer sandboxes, and more.
Additional entitlements can be purchased, and are outlined in the section “Ironclad Clickwrap Add-Ons”.
Ironclad Clickwrap Add-ons
Additional Static Clickwrap records provide additional Static Clickwrap records that are created and stored. These additional records are bought on an annual basis and must be used within the term of the Ironclad Clickwrap subscription.
Additional Dynamic Clickwrap records provide additional Dynamic Clickwrap records that are created and stored. These additional records are bought on an annual basis and must be used within the term of the Ironclad Clickwrap subscription.
Custom Service Level Agreement provides customers on Ironclad Clickwrap Professional and Enterprise a guaranteed level of system availability.
Success Plans
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 8 hours
- P2: 24 hours
- P3: 48 hours
The Priority Success Plan helps you achieve your goals with self-guided resources and accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 4 hours
- P1: 6 hours
- P2: 12 hours
- P3: 24 hours
The Premier Success Plan provides you with access to success management assistance for adoption guidance during business hours as well as accelerated response times with our Technical Support team. Included in this package are:
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager to assist with adoption, best practices, and use-case optimization on the Ironclad platform. This includes 1:1 account and optimization reviews 2-3 times per year, in addition to an annual business review.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 2 hours
- P1: 4 hours
- P2: 12 hours
- P3: 24 hours
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring and adoption guidance.
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and access to the Ironclad Community forums.
- Success Management: Aligned Success Manager for ongoing 1:1 personalized and recurring planning sessions, business reviews, and joint success plans centered around strategic goals and performance metrics.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases and live chat.
- Technical Support first response times for issues as classified by Ironclad:
- P0: 1 hour
- P1: 2 hours
- P2: 4 hours
- P3: 8 hours
For all Success Plans, the following definitions apply:
- P0 - Ironclad production issue affecting all users, including system unavailability and data integrity issues with no workaround available. Software is materially non-functional.
- P1 - Significant or ongoing interruptions of use of critical software functions with no acceptable workaround available.
- P2 - Minor or limited interruptions of use of a non-critical software function. Issue affecting some but not all users. Short-term workaround is available.
- P3 - General questions and issues pertaining to the software. Information requested about software capabilities, usability, deployment or configuration.
Product Descriptions
Effective March 7th 2025
DownloadTable of Contents
Subscription Packages
Ironclad CLM provides access to create, manage, and store contracts. Our CLM packages are designed to meet a range of needs, and vary in the number of workflows, number of users, and type of success plans they provide. While they’ve been developed based on the usage patterns of our customer base, we know that each customer is unique, and that customers may need more entitlements over time. Additional entitlements can be purchased, and are outlined in the section, “Subscription Add-Ons”.
- eSignature providers: Docusign, Adobe Acrobat Sign, Dropbox Sign (formerly HelloSign)
- Cloud Storage: Google Drive, OneDrive, Box, DropBox, Egnyte
- SSO: SAML based single sign on
Ironclad Clickwrap provides access to Ironclad Clickwrap. Our packages are designed to meet a range of needs, and vary in the features offered, as well as the number of embedded contracts and APIs/month they provide. All packages include APIs, JS Snippets, and SDKs; configurable clickwrap layouts and styles; and ability to manage online terms with Legal Centers. Higher tier packages may also include features like dynamic and multi-language support clickwrap agreements; custom branding, HTML, CSS of Legal Centers; custom domain; snapshots and more. While our packages have been developed based on the usage patterns of our customer base, we know that each customer is unique, and that customers may need more entitlements over time. Additional entitlements can be purchased, and are outlined in the section, “Subscription Add-Ons”.
Subscription Add-Ons
Workflows are processes configured in Workflow Designer to create, review, sign, and archive contracts. Workflows can accommodate multiple templates, depending on Customer’s business process and templates, but, as a best practice, Ironclad recommends limiting a single workflow to one contract type, with no more than three unique contract templates.
Standard Users have the ability to:
- View contracts in the Repository and Dashboard
- Create contract requests using workflow launch forms or via the Salesforce integration, if applicable.
- Manage and update contract versions using Ironclad Editor, Share Document, and document upload/download functionality.
- Collaborate and track workflow steps using Activity Feed, @mentions, and ad-hoc approvals.
A user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Power Users have the same permissions as Standard Users as well as the abilities to:
- Be designated as a workflow approver or signer.
- Create and maintain workflows in Workflow Designer.
- Manage Groups, API Access, User Management, and Integration settings.
Smart Import – Smart Import automatically extracts important contract data for verification when a customer uploads contracts to their Repository. Customers receive 500 trial uploads included with the Ironclad CLM platform at no additional cost and may purchase additional access after 500 uploads.
Additional 1TB of Storage – Additional storage beyond the standard 1 TB amount.
API Access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here. API Access does not include access to Ironclad Clickwrap API endpoints for interacting with Ironclad's clickwrap transaction platform.
Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from Salesforce using a custom button and map Salesforce fields to Ironclad workflow attributes.
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce.
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object.
Coupa Integration streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition request.
- Automatically approve workflows in Ironclad based on Coupa approvals.
- Automatically hold purchase order generation until a contract is executed in Ironclad.
- Launch a workflow in Ironclad from a list of vendors pulled in from OneTrust
- Map specific metadata from OneTrust on the vendor that you want to include on specific workflows
- Launch a new engagement in OneTrust for that vendor
- Create a new vendor in OneTrust and prevent approvals of the contract prior to the vendor being approved in OneTrust
Non-Production Separate Instance – Ironclad instance for non-production uses such as training and testing.
Production Separate Instance – Ironclad instance for production uses that would separate the included Ironclad accounts from Customer’s other Ironclad production instances.
Clickwrap for CLM enables:
- Click-to-Accept as a mode of acceptance within Workflow Designer
- A specified number of Click-to-Accept agreements (shown in the Order Form) per year across all workflows
- Public Workflows
Embedded Contract Locations allow users of Ironclad Clickwrap to choose online terms to be presented in a clickwrap agreement, clickwrap layout and style, and additional options for tracking acceptance of clickwrap agreements.
Additional Embedded Contract Locations provide additional configurations to track separate, distinct locations of clickwrap agreements such as clickwrap agreements for different brands, applications, websites, or mobile apps.
Snapshot Locations are defined as locations or URLs where Snapshots will be taken. Snapshot Locations can be set up with an Embedded Contract Location to capture metadata of a clickwrap agreement as well as visual evidence of what the clickwrap agreement looked like when it was presented to the counterparty. Snapshot Locations can be set up to automatically capture this visual evidence on a daily, weekly, or monthly cadence for web and mobile web URLs.
- Adapt the quality and accuracy of AI results as well as improve the ability to understand any unique data and domain knowledge and context. 100 Custom AI clauses are included.
- Train and fine-tune Ironclad AI models for improved performance on customers’ most important clauses & provisions. Available to all Ironclad customers (NA & EUDC).
Success Plans
The Standard Success Plan helps you achieve your goals with self-guided resources and access to 8AM-8PM EST Technical Support.
- Community Success: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST.
The Priority Success Plan helps you achieve your goals with self-guided resources and accelerated response times with our Technical Support team.
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in Ironclad Help Center, and access to the Ironclad Community Forums.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases.
The Premier Success Plan provides you with access to success management assistance during business hours, including proactive health monitoring; adoption guidance and 24x7 technical support for mission critical incidents.
- Community Success:Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Digital Success Management: Access to on-demand success resources to assist with providing adoption; best practices and use-case optimization on the Ironclad platform.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents.
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring, adoption guidance and 24x7 technical support for mission critical incidents.
- Community Success: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Designated Success Manager: Direct access to a designated Customer Success Manager, responsible for leading business reviews with usage metric analysis
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents.
Jurist
Effective September 12th 2024 to March 7th 2025
DownloadTable of Contents
Subscription Packages
Ironclad CLM provides access to create, manage, and store contracts. Our CLM packages are designed to meet a range of needs, and vary in the number of workflows, number of users, and type of success plans they provide. While they’ve been developed based on the usage patterns of our customer base, we know that each customer is unique, and that customers may need more entitlements over time. Additional entitlements can be purchased, and are outlined in the section, “Subscription Add-Ons”.
- eSignature providers: Docusign, Adobe Acrobat Sign, Dropbox Sign (formerly HelloSign)
- Cloud Storage: Google Drive, OneDrive, Box, DropBox, Egnyte
- SSO: SAML based single sign on
Ironclad Clickwrap provides access to Ironclad Clickwrap. Our packages are designed to meet a range of needs, and vary in the features offered, as well as the number of embedded contracts and APIs/month they provide. All packages include APIs, JS Snippets, and SDKs; configurable clickwrap layouts and styles; and ability to manage online terms with Legal Centers. Higher tier packages may also include features like dynamic and multi-language support clickwrap agreements; custom branding, HTML, CSS of Legal Centers; custom domain; snapshots and more. While our packages have been developed based on the usage patterns of our customer base, we know that each customer is unique, and that customers may need more entitlements over time. Additional entitlements can be purchased, and are outlined in the section, “Subscription Add-Ons”.
Subscription Add-Ons
Workflows are processes configured in Workflow Designer to create, review, sign, and archive contracts. Workflows can accommodate multiple templates, depending on Customer’s business process and templates, but, as a best practice, Ironclad recommends limiting a single workflow to one contract type, with no more than three unique contract templates.
Standard Users have the ability to:
- View contracts in the Repository and Dashboard
- Create contract requests using workflow launch forms or via the Salesforce integration, if applicable.
- Manage and update contract versions using Ironclad Editor, Share Document, and document upload/download functionality.
- Collaborate and track workflow steps using Activity Feed, @mentions, and ad-hoc approvals.
A user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Power Users have the same permissions as Standard Users as well as the abilities to:
- Be designated as a workflow approver or signer.
- Create and maintain workflows in Workflow Designer.
- Manage Groups, API Access, User Management, and Integration settings.
Smart Import – Smart Import automatically extracts important contract data for verification when a customer uploads contracts to their Repository. Customers receive 500 trial uploads included with the Ironclad CLM platform at no additional cost and may purchase additional access after 500 uploads.
Additional 1TB of Storage – Additional storage beyond the standard 1 TB amount.
API Access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here. API Access does not include access to Ironclad Clickwrap API endpoints for interacting with Ironclad's clickwrap transaction platform.
Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from Salesforce using a custom button and map Salesforce fields to Ironclad workflow attributes.
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce.
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object.
Coupa Integration streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition request.
- Automatically approve workflows in Ironclad based on Coupa approvals.
- Automatically hold purchase order generation until a contract is executed in Ironclad.
- Launch a workflow in Ironclad from a list of vendors pulled in from OneTrust
- Map specific metadata from OneTrust on the vendor that you want to include on specific workflows
- Launch a new engagement in OneTrust for that vendor
- Create a new vendor in OneTrust and prevent approvals of the contract prior to the vendor being approved in OneTrust
Non-Production Separate Instance – Ironclad instance for non-production uses such as training and testing.
Production Separate Instance – Ironclad instance for production uses that would separate the included Ironclad accounts from Customer’s other Ironclad production instances.
Clickwrap for CLM enables:
- Click-to-Accept as a mode of acceptance within Workflow Designer
- A specified number of Click-to-Accept agreements (shown in the Order Form) per year across all workflows
- Public Workflows
Embedded Contract Locations allow users of Ironclad Clickwrap to choose online terms to be presented in a clickwrap agreement, clickwrap layout and style, and additional options for tracking acceptance of clickwrap agreements.
Additional Embedded Contract Locations provide additional configurations to track separate, distinct locations of clickwrap agreements such as clickwrap agreements for different brands, applications, websites, or mobile apps.
Snapshot Locations are defined as locations or URLs where Snapshots will be taken. Snapshot Locations can be set up with an Embedded Contract Location to capture metadata of a clickwrap agreement as well as visual evidence of what the clickwrap agreement looked like when it was presented to the counterparty. Snapshot Locations can be set up to automatically capture this visual evidence on a daily, weekly, or monthly cadence for web and mobile web URLs.
- Adapt the quality and accuracy of AI results as well as improve the ability to understand any unique data and domain knowledge and context. 100 Custom AI clauses are included.
- Train and fine-tune Ironclad AI models for improved performance on customers’ most important clauses & provisions. Available to all Ironclad customers (NA & EUDC).
Success Plans
The Standard Success Plan helps you achieve your goals with self-guided resources and access to 8AM-8PM EST Technical Support.
- Community Success: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST.
The Priority Success Plan helps you achieve your goals with self-guided resources and accelerated response times with our Technical Support team.
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in Ironclad Help Center, and access to the Ironclad Community Forums.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases.
The Premier Success Plan provides you with access to success management assistance during business hours, including proactive health monitoring; adoption guidance and 24x7 technical support for mission critical incidents.
- Community Success:Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Digital Success Management: Access to on-demand success resources to assist with providing adoption; best practices and use-case optimization on the Ironclad platform.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents.
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring, adoption guidance and 24x7 technical support for mission critical incidents.
- Community Success: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Designated Success Manager: Direct access to a designated Customer Success Manager, responsible for leading business reviews with usage metric analysis
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents.
Effective May 23rd 2024 to September 12th 2024
DownloadTable of Contents
Subscription Packages
Ironclad CLM provides access to create, manage, and store contracts. Our CLM packages are designed to meet a range of needs, and vary in the number of workflows, number of users, and type of success plans they provide. While they’ve been developed based on the usage patterns of our customer base, we know that each customer is unique, and that customers may need more entitlements over time. Additional entitlements can be purchased, and are outlined in the section, “Subscription Add-Ons”.
Ironclad Clickwrap provides access to Ironclad Clickwrap. Our packages are designed to meet a range of needs, and vary in the features offered, as well as the number of embedded contracts and APIs/month they provide. All packages include APIs, JS Snippets, and SDKs; configurable clickwrap layouts and styles; and ability to manage online terms with Legal Centers. Higher tier packages may also include features like dynamic and multi-language support clickwrap agreements; custom branding, HTML, CSS of Legal Centers; custom domain; snapshots and more. While our packages have been developed based on the usage patterns of our customer base, we know that each customer is unique, and that customers may need more entitlements over time. Additional entitlements can be purchased, and are outlined in the section, “Subscription Add-Ons”.
Subscription Add-Ons
Workflows are processes configured in Workflow Designer to create, review, sign, and archive contracts. Workflows can accommodate multiple templates, depending on Customer’s business process and templates, but, as a best practice, Ironclad recommends limiting a single workflow to one contract type, with no more than three unique contract templates.
Standard Users have the ability to:
- View contracts in the Repository and Dashboard
- Create contract requests using workflow launch forms or via the Salesforce integration, if applicable.
- Manage and update contract versions using Ironclad Editor, Share Document, and document upload/download functionality.
- Collaborate and track workflow steps using Activity Feed, @mentions, and ad-hoc approvals.
A user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Power Users have the same permissions as Standard Users as well as the abilities to:
- Be designated as a workflow approver or signer.
- Create and maintain workflows in Workflow Designer.
- Manage Groups, API Access, User Management, and Integration settings.
Smart Import – Smart Import automatically extracts important contract data for verification when a customer uploads contracts to their Repository. Customers receive 500 trial uploads included with the Ironclad CLM platform at no additional cost and may purchase additional access after 500 uploads.
Additional 1TB of Storage – Additional storage beyond the standard 1 TB amount.
API Access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here. API Access does not include access to Ironclad Clickwrap API endpoints for interacting with Ironclad's clickwrap transaction platform.
Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from Salesforce using a custom button and map Salesforce fields to Ironclad workflow attributes.
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce.
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object.
Coupa Integration streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition request.
- Automatically approve workflows in Ironclad based on Coupa approvals.
- Automatically hold purchase order generation until a contract is executed in Ironclad.
- Launch a workflow in Ironclad from a list of vendors pulled in from OneTrust
- Map specific metadata from OneTrust on the vendor that you want to include on specific workflows
- Launch a new engagement in OneTrust for that vendor
- Create a new vendor in OneTrust and prevent approvals of the contract prior to the vendor being approved in OneTrust
Non-Production Separate Instance – Ironclad instance for non-production uses such as training and testing.
Production Separate Instance – Ironclad instance for production uses that would separate the included Ironclad accounts from Customer’s other Ironclad production instances.
Clickwrap for CLM enables:
- Click-to-Accept as a mode of acceptance within Workflow Designer
- A specified number of Click-to-Accept agreements (shown in the Order Form) per year across all workflows
- Public Workflows
Embedded Contract Locations allow users of Ironclad Clickwrap to choose online terms to be presented in a clickwrap agreement, clickwrap layout and style, and additional options for tracking acceptance of clickwrap agreements.
Additional Embedded Contract Locations provide additional configurations to track separate, distinct locations of clickwrap agreements such as clickwrap agreements for different brands, applications, websites, or mobile apps.
Snapshot Locations are defined as locations or URLs where Snapshots will be taken. Snapshot Locations can be set up with an Embedded Contract Location to capture metadata of a clickwrap agreement as well as visual evidence of what the clickwrap agreement looked like when it was presented to the counterparty. Snapshot Locations can be set up to automatically capture this visual evidence on a daily, weekly, or monthly cadence for web and mobile web URLs.
- Adapt the quality and accuracy of AI results as well as improve the ability to understand any unique data and domain knowledge and context. 100 Custom AI clauses are included.
- Train and fine-tune Ironclad AI models for improved performance on customers’ most important clauses & provisions. Available to all Ironclad customers (NA & EUDC).
Success Plans
The Standard Success Plan helps you achieve your goals with self-guided resources and access to 8AM-8PM EST Technical Support.
- Community Success: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST.
The Priority Success Plan helps you achieve your goals with self-guided resources and accelerated response times with our Technical Support team.
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in Ironclad Help Center, and access to the Ironclad Community Forums.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases.
The Premier Success Plan provides you with access to success management assistance during business hours, including proactive health monitoring; adoption guidance and 24x7 technical support for mission critical incidents.
- Community Success:Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Digital Success Management: Access to on-demand success resources to assist with providing adoption; best practices and use-case optimization on the Ironclad platform.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents.
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring, adoption guidance and 24x7 technical support for mission critical incidents.
- Community Success: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Designated Success Manager: Direct access to a designated Customer Success Manager, responsible for leading business reviews with usage metric analysis
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents.
Effective November 8th 2023 to May 23rd 2024
DownloadTable of Contents
Subscription Packages
Ironclad CLM provides access to create, manage, and store contracts. Our CLM packages are designed to meet a range of needs, and vary in the number of workflows, number of users, and type of success plans they provide. While they’ve been developed based on the usage patterns of our customer base, we know that each customer is unique, and that customers may need more entitlements over time. Additional entitlements can be purchased, and are outlined in the section, “Subscription Add-Ons”.
Ironclad Clickwrap provides access to Ironclad Clickwrap. Our packages are designed to meet a range of needs, and vary in the features offered, as well as the number of embedded contracts and APIs/month they provide. All packages include APIs, JS Snippets, and SDKs; configurable clickwrap layouts and styles; and ability to manage online terms with Legal Centers. Higher tier packages may also include features like dynamic and multi-language support clickwrap agreements; custom branding, HTML, CSS of Legal Centers; custom domain; snapshots and more. While our packages have been developed based on the usage patterns of our customer base, we know that each customer is unique, and that customers may need more entitlements over time. Additional entitlements can be purchased, and are outlined in the section, “Subscription Add-Ons”.
Subscription Add-Ons
Workflows are processes configured in Workflow Designer to create, review, sign, and archive contracts. Workflows can accommodate multiple templates, depending on Customer’s business process and templates, but, as a best practice, Ironclad recommends limiting a single workflow to one contract type, with no more than three unique contract templates.
Standard Users have the ability to:
- View contracts in the Repository and Dashboard
- Create contract requests using workflow launch forms or via the Salesforce integration, if applicable.
- Manage and update contract versions using Ironclad Editor, Share Document, and document upload/download functionality.
- Collaborate and track workflow steps using Activity Feed, @mentions, and ad-hoc approvals.
A user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Power Users have the same permissions as Standard Users as well as the abilities to:
- Be designated as a workflow approver or signer.
- Create and maintain workflows in Workflow Designer.
- Manage Groups, API Access, User Management, and Integration settings.
Smart Import – Smart Import automatically extracts important contract data for verification when a customer uploads contracts to their Repository. Customers receive 500 trial uploads included with the Ironclad CLM platform at no additional cost and may purchase additional access after 500 uploads.
Additional 1TB of Storage – Additional storage beyond the standard 1 TB amount.
API Access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here. API Access does not include access to Ironclad Clickwrap API endpoints for interacting with Ironclad's clickwrap transaction platform.
Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from Salesforce using a custom button and map Salesforce fields to Ironclad workflow attributes.
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce.
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object.
Coupa Integration streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition request.
- Automatically approve workflows in Ironclad based on Coupa approvals.
- Automatically hold purchase order generation until a contract is executed in Ironclad.
- Launch a workflow in Ironclad from a list of vendors pulled in from OneTrust
- Map specific metadata from OneTrust on the vendor that you want to include on specific workflows
- Launch a new engagement in OneTrust for that vendor
- Create a new vendor in OneTrust and prevent approvals of the contract prior to the vendor being approved in OneTrust
Non-Production Separate Instance – Ironclad instance for non-production uses such as training and testing.
Production Separate Instance – Ironclad instance for production uses that would separate the included Ironclad accounts from Customer’s other Ironclad production instances.
Clickwrap for CLM enables:
- Click-to-Accept as a mode of acceptance within Workflow Designer
- A specified number of Click-to-Accept agreements (shown in the Order Form) per year across all workflows
- Public Workflows
Embedded Contract Locations allow users of Ironclad Clickwrap to choose online terms to be presented in a clickwrap agreement, clickwrap layout and style, and additional options for tracking acceptance of clickwrap agreements.
Additional Embedded Contract Locations provide additional configurations to track separate, distinct locations of clickwrap agreements such as clickwrap agreements for different brands, applications, websites, or mobile apps.
Snapshot Locations are defined as locations or URLs where Snapshots will be taken. Snapshot Locations can be set up with an Embedded Contract Location to capture metadata of a clickwrap agreement as well as visual evidence of what the clickwrap agreement looked like when it was presented to the counterparty. Snapshot Locations can be set up to automatically capture this visual evidence on a daily, weekly, or monthly cadence for web and mobile web URLs.
- Adapt the quality and accuracy of AI results as well as improve the ability to understand any unique data and domain knowledge and context. 100 Custom AI clauses are included.
- Train and fine-tune Ironclad AI models for improved performance on customers’ most important clauses & provisions. Available to all Ironclad customers (NA & EUDC).
Success Plans
The Standard Success Plan helps you achieve your goals with self-guided resources and access to 8AM-8PM EST Technical Support.
- Community Success: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST.
The Priority Success Plan helps you achieve your goals with self-guided resources and accelerated response times with our Technical Support team.
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in Ironclad Help Center, and access to the Ironclad Community Forums.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases.
The Premier Success Plan provides you with access to success management assistance during business hours, including proactive health monitoring; adoption guidance and 24x7 technical support for mission critical incidents.
- Community Success:Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Digital Success Management: Access to on-demand success resources to assist with providing adoption; best practices and use-case optimization on the Ironclad platform.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents.
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring, adoption guidance and 24x7 technical support for mission critical incidents.
- Community Success: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Designated Success Manager: Direct access to a designated Customer Success Manager, responsible for leading business reviews with usage metric analysis
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents.
Effective November 8th 2023 to November 8th 2023
DownloadTable of Contents
Subscription Packages
Ironclad CLM provides access to create, manage, and store contracts. Our CLM packages are designed to meet a range of needs, and vary in the number of workflows, number of users, and type of success plans they provide. While they’ve been developed based on the usage patterns of our customer base, we know that each customer is unique, and that customers may need more entitlements over time. Additional entitlements can be purchased, and are outlined in the section, “Subscription Add-Ons”.
Ironclad Clickwrap provides access to Ironclad Clickwrap. Our packages are designed to meet a range of needs, and vary in the features offered, as well as the number of embedded contracts and APIs/month they provide. All packages include APIs, JS Snippets, and SDKs; configurable clickwrap layouts and styles; and ability to manage online terms with Legal Centers. Higher tier packages may also include features like dynamic and multi-language support clickwrap agreements; custom branding, HTML, CSS of Legal Centers; custom domain; snapshots and more. While our packages have been developed based on the usage patterns of our customer base, we know that each customer is unique, and that customers may need more entitlements over time. Additional entitlements can be purchased, and are outlined in the section, “Subscription Add-Ons”.
Subscription Add-Ons
Workflows are processes configured in Workflow Designer to create, review, sign, and archive contracts. Workflows can accommodate multiple templates, depending on Customer’s business process and templates, but, as a best practice, Ironclad recommends limiting a single workflow to one contract type, with no more than three unique contract templates.
Standard Users have the ability to:
- View contracts in the Repository and Dashboard
- Create contract requests using workflow launch forms or via the Salesforce integration, if applicable.
- Manage and update contract versions using Ironclad Editor, Share Document, and document upload/download functionality.
- Collaborate and track workflow steps using Activity Feed, @mentions, and ad-hoc approvals.
A user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Power Users have the same permissions as Standard Users as well as the abilities to:
- Be designated as a workflow approver or signer.
- Create and maintain workflows in Workflow Designer.
- Manage Groups, API Access, User Management, and Integration settings.
Smart Import – Smart Import automatically extracts important contract data for verification when a customer uploads contracts to their Repository. Customers receive 500 trial uploads included with the Ironclad CLM platform at no additional cost and may purchase additional access after 500 uploads.
Additional 1TB of Storage – Additional storage beyond the standard 1 TB amount.
API Access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here. API Access does not include access to Ironclad Clickwrap API endpoints for interacting with Ironclad's clickwrap transaction platform.
Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from Salesforce using a custom button and map Salesforce fields to Ironclad workflow attributes.
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce.
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object.
Coupa Integration streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition request.
- Automatically approve workflows in Ironclad based on Coupa approvals.
- Automatically hold purchase order generation until a contract is executed in Ironclad.
- Launch a workflow in Ironclad from a list of vendors pulled in from OneTrust
- Map specific metadata from OneTrust on the vendor that you want to include on specific workflows
- Launch a new engagement in OneTrust for that vendor
- Create a new vendor in OneTrust and prevent approvals of the contract prior to the vendor being approved in OneTrust
Non-Production Separate Instance – Ironclad instance for non-production uses such as training and testing.
Production Separate Instance – Ironclad instance for production uses that would separate the included Ironclad accounts from Customer’s other Ironclad production instances.
Clickwrap for CLM enables:
- Click-to-Accept as a mode of acceptance within Workflow Designer
- A specified number of Click-to-Accept agreements (shown in the Order Form) per year across all workflows
- Public Workflows
Embedded Contract Locations allow users of Ironclad Clickwrap to choose online terms to be presented in a clickwrap agreement, clickwrap layout and style, and additional options for tracking acceptance of clickwrap agreements.
Additional Embedded Contract Locations provide additional configurations to track separate, distinct locations of clickwrap agreements such as clickwrap agreements for different brands, applications, websites, or mobile apps.
Snapshot Locations are defined as locations or URLs where Snapshots will be taken. Snapshot Locations can be set up with an Embedded Contract Location to capture metadata of a clickwrap agreement as well as visual evidence of what the clickwrap agreement looked like when it was presented to the counterparty. Snapshot Locations can be set up to automatically capture this visual evidence on a daily, weekly, or monthly cadence for web and mobile web URLs.
Success Plans
The Standard Success Plan helps you achieve your goals with self-guided resources and access to 8AM-8PM EST Technical Support.
- Community Success: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST.
The Priority Success Plan helps you achieve your goals with self-guided resources and accelerated response times with our Technical Support team.
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in Ironclad Help Center, and access to the Ironclad Community Forums.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases.
The Premier Success Plan provides you with access to success management assistance during business hours, including proactive health monitoring; adoption guidance and 24x7 technical support for mission critical incidents.
- Community Success:Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Digital Success Management: Access to on-demand success resources to assist with providing adoption; best practices and use-case optimization on the Ironclad platform.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents.
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring, adoption guidance and 24x7 technical support for mission critical incidents.
- Community Success: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Designated Success Manager: Direct access to a designated Customer Success Manager, responsible for leading business reviews with usage metric analysis
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents.
Effective October 16th 2023 to November 8th 2023
DownloadTable of Contents
Subscription Packages
Ironclad CLM provides access to create, manage, and store contracts. Our CLM packages are designed to meet a range of needs, and vary in the number of workflows, number of users, and type of success plans they provide. While they’ve been developed based on the usage patterns of our customer base, we know that each customer is unique, and that customers may need more entitlements over time. Additional entitlements can be purchased, and are outlined in the section, “Subscription Add-Ons”.
Ironclad Clickwrap provides access to Ironclad Clickwrap. Our packages are designed to meet a range of needs, and vary in the features offered, as well as the number of embedded contracts and APIs/month they provide. All packages include APIs, JS Snippets, and SDKs; configurable clickwrap layouts and styles; and ability to manage online terms with Legal Centers. Higher tier packages may also include features like dynamic and multi-language support clickwrap agreements; custom branding, HTML, CSS of Legal Centers; custom domain; snapshots and more. While our packages have been developed based on the usage patterns of our customer base, we know that each customer is unique, and that customers may need more entitlements over time. Additional entitlements can be purchased, and are outlined in the section, “Subscription Add-Ons”.
Subscription Add-Ons
Workflows are processes configured in Workflow Designer to create, review, sign, and archive contracts. Workflows can accommodate multiple templates, depending on Customer’s business process and templates, but, as a best practice, Ironclad recommends limiting a single workflow to one contract type, with no more than three unique contract templates.
Standard Users have the ability to:
- View contracts in the Repository and Dashboard
- Create contract requests using workflow launch forms or via the Salesforce integration, if applicable.
- Manage and update contract versions using Ironclad Editor, Share Document, and document upload/download functionality.
- Collaborate and track workflow steps using Activity Feed, @mentions, and ad-hoc approvals.
A user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Power Users have the same permissions as Standard Users as well as the abilities to:
- Be designated as a workflow approver or signer.
- Create and maintain workflows in Workflow Designer.
- Manage Groups, API Access, User Management, and Integration settings.
Smart Import – Smart Import automatically extracts important contract data for verification when a customer uploads contracts to their Repository. Customers receive 500 trial uploads included with the Ironclad CLM platform at no additional cost and may purchase additional access after 500 uploads.
Additional 1TB of Storage – Additional storage beyond the standard 1 TB amount.
API Access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here. API Access does not include access to Ironclad Clickwrap API endpoints for interacting with Ironclad's clickwrap transaction platform.
Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from Salesforce using a custom button and map Salesforce fields to Ironclad workflow attributes.
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce.
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object.
Coupa Integration streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition request.
- Automatically approve workflows in Ironclad based on Coupa approvals.
- Automatically hold purchase order generation until a contract is executed in Ironclad.
Non-Production Separate Instance – Ironclad instance for non-production uses such as training and testing.
Production Separate Instance – Ironclad instance for production uses that would separate the included Ironclad accounts from Customer’s other Ironclad production instances.
Clickwrap for CLM enables:
- Click-to-Accept as a mode of acceptance within Workflow Designer
- A specified number of Click-to-Accept agreements (shown in the Order Form) per year across all workflows
- Public Workflows
Embedded Contract Locations allow users of Ironclad Clickwrap to choose online terms to be presented in a clickwrap agreement, clickwrap layout and style, and additional options for tracking acceptance of clickwrap agreements.
Additional Embedded Contract Locations provide additional configurations to track separate, distinct locations of clickwrap agreements such as clickwrap agreements for different brands, applications, websites, or mobile apps.
Snapshot Locations are defined as locations or URLs where Snapshots will be taken. Snapshot Locations can be set up with an Embedded Contract Location to capture metadata of a clickwrap agreement as well as visual evidence of what the clickwrap agreement looked like when it was presented to the counterparty. Snapshot Locations can be set up to automatically capture this visual evidence on a daily, weekly, or monthly cadence for web and mobile web URLs.
Success Plans
The Standard Success Plan helps you achieve your goals with self-guided resources and access to 8AM-8PM EST Technical Support.
- Community Success: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST.
The Priority Success Plan helps you achieve your goals with self-guided resources and accelerated response times with our Technical Support team.
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in Ironclad Help Center, and access to the Ironclad Community Forums.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases.
The Premier Success Plan provides you with access to success management assistance during business hours, including proactive health monitoring; adoption guidance and 24x7 technical support for mission critical incidents.
- Community Success:Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Digital Success Management: Access to on-demand success resources to assist with providing adoption; best practices and use-case optimization on the Ironclad platform.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents.
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring, adoption guidance and 24x7 technical support for mission critical incidents.
- Community Success: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Designated Success Manager: Direct access to a designated Customer Success Manager, responsible for leading business reviews with usage metric analysis
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents.
Effective October 12th 2023 to October 16th 2023
DownloadTable of Contents
Subscription Packages
Ironclad CLM provides access to create, manage, and store contracts. Our CLM packages are designed to meet a range of needs, and vary in the number of workflows, number of users, and type of success plans they provide. While they’ve been developed based on the usage patterns of our customer base, we know that each customer is unique, and that customers may need more entitlements over time. Additional entitlements can be purchased, and are outlined in the section, “Subscription Add-Ons”.
Ironclad Clickwrap provides access to Ironclad Clickwrap. Our packages are designed to meet a range of needs, and vary in the features offered, as well as the number of embedded contracts and APIs/month they provide. All packages include APIs, JS Snippets, and SDKs; configurable clickwrap layouts and styles; and ability to manage online terms with Legal Centers. Higher tier packages may also include features like dynamic and multi-language support clickwrap agreements; custom branding, HTML, CSS of Legal Centers; custom domain; snapshots and more. While our packages have been developed based on the usage patterns of our customer base, we know that each customer is unique, and that customers may need more entitlements over time. Additional entitlements can be purchased, and are outlined in the section, “Subscription Add-Ons”.
Subscription Add-Ons
Workflows are processes configured in Workflow Designer to create, review, sign, and archive contracts. Workflows can accommodate multiple templates, depending on Customer’s business process and templates, but, as a best practice, Ironclad recommends limiting a single workflow to one contract type, with no more than three unique contract templates.
Standard Users have the ability to:
- View contracts in the Repository and Dashboard
- Create contract requests using workflow launch forms or via the Salesforce integration, if applicable.
- Manage and update contract versions using Ironclad Editor, Share Document, and document upload/download functionality.
- Collaborate and track workflow steps using Activity Feed, @mentions, and ad-hoc approvals.
A user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Power Users have the same permissions as Standard Users as well as the abilities to:
- Be designated as a workflow approver or signer.
- Create and maintain workflows in Workflow Designer.
- Manage Groups, API Access, User Management, and Integration settings.
Smart Import – Smart Import automatically extracts important contract data for verification when a customer uploads contracts to their Repository. Customers receive 500 trial uploads included with the Ironclad CLM platform at no additional cost and may purchase additional access after 500 uploads.
Additional 1TB of Storage – Additional storage beyond the standard 1 TB amount.
API Access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here. API Access does not include access to Ironclad Clickwrap API endpoints for interacting with Ironclad's clickwrap transaction platform.
Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from Salesforce using a custom button and map Salesforce fields to Ironclad workflow attributes.
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce.
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object.
Coupa Integration streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition request.
- Automatically approve workflows in Ironclad based on Coupa approvals.
- Automatically hold purchase order generation until a contract is executed in Ironclad.
Non-Production Separate Instance – Ironclad instance for non-production uses such as training and testing.
Production Separate Instance – Ironclad instance for production uses that would separate the included Ironclad accounts from Customer’s other Ironclad production instances.
Clickwrap for CLM enables:
- Click-to-Accept as a mode of acceptance within Workflow Designer
- A specified number of Click-to-Accept agreements (shown in the Order Form) per year across all workflows
- Public Workflows
Embedded Contract Locations allow users of Ironclad Clickwrap to choose online terms to be presented in a clickwrap agreement, clickwrap layout and style, and additional options for tracking acceptance of clickwrap agreements.
Additional Embedded Contract Locations provide additional configurations to track separate, distinct locations of clickwrap agreements such as clickwrap agreements for different brands, applications, websites, or mobile apps.
Snapshot Locations are defined as locations or URLs where Snapshots will be taken. Snapshot Locations can be set up with an Embedded Contract Location to capture metadata of a clickwrap agreement as well as visual evidence of what the clickwrap agreement looked like when it was presented to the counterparty. Snapshot Locations can be set up to automatically capture this visual evidence on a daily, weekly, or monthly cadence for web and mobile web URLs.
Success Plans
The Standard Success Plan helps you achieve your goals with self-guided resources and access to 8AM-8PM EST Technical Support.
- Community Success: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST.
The Priority Success Plan helps you achieve your goals with self-guided resources and accelerated response times with our Technical Support team.
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in Ironclad Help Center, and access to the Ironclad Community Forums.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases.
The Premier Success Plan provides you with access to success management assistance during business hours, including proactive health monitoring; adoption guidance and 24x7 technical support for mission critical incidents.
- Community Success:Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Digital Success Management: Access to on-demand success resources to assist with providing adoption; best practices and use-case optimization on the Ironclad platform.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents.
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring, adoption guidance and 24x7 technical support for mission critical incidents.
- Community Success: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Designated Success Manager: Direct access to a designated Customer Success Manager, responsible for leading business reviews with usage metric analysis
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents.
Effective July 9th 2023 to October 12th 2023
DownloadTable of Contents
Subscription Packages
Ironclad CLM provides access to create, manage, and store contracts. Our CLM packages are designed to meet a range of needs, and vary in the number of workflows, number of users, and type of success plans they provide. While they’ve been developed based on the usage patterns of our customer base, we know that each customer is unique, and that customers may need more entitlements over time. Additional entitlements can be purchased, and are outlined in the section, “Subscription Add-Ons”.
Ironclad Clickwrap provides access to Ironclad Clickwrap. Our packages are designed to meet a range of needs, and vary in the features offered, as well as the number of embedded contracts and APIs/month they provide. All packages include APIs, JS Snippets, and SDKs; configurable clickwrap layouts and styles; and ability to manage online terms with Legal Centers. Higher tier packages may also include features like dynamic and multi-language support clickwrap agreements; custom branding, HTML, CSS of Legal Centers; custom domain; snapshots and more. While our packages have been developed based on the usage patterns of our customer base, we know that each customer is unique, and that customers may need more entitlements over time. Additional entitlements can be purchased, and are outlined in the section, “Subscription Add-Ons”.
Subscription Add-Ons
Workflows are processes configured in Workflow Designer to create, review, sign, and archive contracts. Workflows can accommodate multiple templates, depending on Customer’s business process and templates, but, as a best practice, Ironclad recommends limiting a single workflow to one contract type, with no more than three unique contract templates.
Standard Users have the ability to:
- View contracts in the Repository and Dashboard
- Create contract requests using workflow launch forms or via the Salesforce integration, if applicable.
- Manage and update contract versions using Ironclad Editor, Share Document, and document upload/download functionality.
- Collaborate and track workflow steps using Activity Feed, @mentions, and ad-hoc approvals.
A user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Power Users have the same permissions as Standard Users as well as the abilities to:
- Be designated as a workflow approver or signer.
- Create and maintain workflows in Workflow Designer.
- Manage Groups, API Access, User Management, and Integration settings.
Smart Import – Smart Import automatically extracts important contract data for verification when a customer uploads contracts to their Repository. Customers receive 500 trial uploads included with the Ironclad CLM platform at no additional cost and may purchase additional access after 500 uploads.
Additional 1TB of Storage – Additional storage beyond the standard 1 TB amount.
API Access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here. API Access does not include access to Ironclad Clickwrap API endpoints for interacting with Ironclad's clickwrap transaction platform.
Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from Salesforce using a custom button and map Salesforce fields to Ironclad workflow attributes.
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce.
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object.
Coupa Integration streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition request.
- Automatically approve workflows in Ironclad based on Coupa approvals.
- Automatically hold purchase order generation until a contract is executed in Ironclad.
Non-Production Separate Instance – Ironclad instance for non-production uses such as training and testing.
Production Separate Instance – Ironclad instance for production uses that would separate the included Ironclad accounts from Customer’s other Ironclad production instances.
Clickwrap for CLM enables:
- Click-to-Accept as a mode of acceptance within Workflow Designer
- A specified number of Click-to-Accept agreements (shown in the Order Form) per year across all workflows
- Public Workflows
Embedded Contract Locations allow users of Ironclad Clickwrap to choose online terms to be presented in a clickwrap agreement, clickwrap layout and style, and additional options for tracking acceptance of clickwrap agreements.
Additional Embedded Contract Locations provide additional configurations to track separate, distinct locations of clickwrap agreements such as clickwrap agreements for different brands, applications, websites, or mobile apps.
Snapshot Locations are defined as locations or URLs where Snapshots will be taken. Snapshot Locations can be set up with an Embedded Contract Location to capture metadata of a clickwrap agreement as well as visual evidence of what the clickwrap agreement looked like when it was presented to the counterparty. Snapshot Locations can be set up to automatically capture this visual evidence on a daily, weekly, or monthly cadence for web and mobile web URLs.
Success Plans
The Standard Success Plan helps you achieve your goals with self-guided resources and access to 8AM-8PM EST Technical Support.
- Community Success: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST.
The Priority Success Plan helps you achieve your goals with self-guided resources and accelerated response times with our Technical Support team.
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in Ironclad Help Center, and access to the Ironclad Community Forums.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases.
The Premier Success Plan provides you with access to success management assistance during business hours, including proactive health monitoring; adoption guidance and 24x7 technical support for mission critical incidents.
- Community Success:Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Digital Success Management: Access to on-demand success resources to assist with providing adoption; best practices and use-case optimization on the Ironclad platform.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents.
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring, adoption guidance and 24x7 technical support for mission critical incidents.
- Community Success: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Designated Success Manager: Direct access to a designated Customer Success Manager, responsible for leading business reviews with usage metric analysis
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents.
Effective July 5th 2023 to July 9th 2023
DownloadTable of Contents
Subscription Packages
Ironclad CLM provides access to create, manage, and store contracts. Our CLM packages are designed to meet a range of needs, and vary in the number of workflows, number of users, and type of success plans they provide. While they’ve been developed based on the usage patterns of our customer base, we know that each customer is unique, and that customers may need more entitlements over time. Additional entitlements can be purchased, and are outlined in the section, “Subscription Add-Ons”.
Ironclad Clickwrap provides access to Ironclad Clickwrap. Our packages are designed to meet a range of needs, and vary in the features offered, as well as the number of embedded contracts and APIs/month they provide. All packages include APIs, JS Snippets, and SDKs; configurable clickwrap layouts and styles; and ability to manage online terms with Legal Centers. Higher tier packages may also include features like dynamic and multi-language support clickwrap agreements; custom branding, HTML, CSS of Legal Centers; custom domain; snapshots and more. While our packages have been developed based on the usage patterns of our customer base, we know that each customer is unique, and that customers may need more entitlements over time. Additional entitlements can be purchased, and are outlined in the section, “Subscription Add-Ons”.
Subscription Add-Ons
Workflows are processes configured in Workflow Designer to create, review, sign, and archive contracts. Workflows can accommodate multiple templates, depending on Customer’s business process and templates, but, as a best practice, Ironclad recommends limiting a single workflow to one contract type, with no more than three unique contract templates.
Standard Users have the ability to:
- View contracts in the Repository and Dashboard
- Create contract requests using workflow launch forms or via the Salesforce integration, if applicable.
- Manage and update contract versions using Ironclad Editor, Share Document, and document upload/download functionality.
- Collaborate and track workflow steps using Activity Feed, @mentions, and ad-hoc approvals.
A user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Power Users have the same permissions as Standard Users as well as the abilities to:
- Be designated as a workflow approver or signer.
- Create and maintain workflows in Workflow Designer.
- Manage Groups, API Access, User Management, and Integration settings.
Smart Import – Smart Import automatically extracts important contract data for verification when a customer uploads contracts to their Repository. Customers receive 500 trial uploads included with the Ironclad CLM platform at no additional cost and may purchase additional access after 500 uploads.
Additional 1TB of Storage – Additional storage beyond the standard 1 TB amount.
API Access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here. API Access does not include access to Ironclad Clickwrap API endpoints for interacting with Ironclad's clickwrap transaction platform.
Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from Salesforce using a custom button and map Salesforce fields to Ironclad workflow attributes.
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce.
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object.
Coupa Integration streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition request.
- Automatically approve workflows in Ironclad based on Coupa approvals.
- Automatically hold purchase order generation until a contract is executed in Ironclad.
Non-Production Separate Instance – Ironclad instance for non-production uses such as training and testing.
Production Separate Instance – Ironclad instance for production uses that would separate the included Ironclad accounts from Customer’s other Ironclad production instances.
Clickwrap for CLM enables:
- Click-to-Accept as a mode of acceptance within Workflow Designer
- A specified number of Click-to-Accept agreements (shown in the Order Form) per year across all workflows
- Public Workflows
Embedded Contract Locations allow users of Ironclad Clickwrap to choose online terms to be presented in a clickwrap agreement, clickwrap layout and style, and additional options for tracking acceptance of clickwrap agreements.
Additional Embedded Contract Locations provide additional configurations to track separate, distinct locations of clickwrap agreements such as clickwrap agreements for different brands, applications, websites, or mobile apps.
Snapshot Locations are defined as locations or URLs where Snapshots will be taken. Snapshot Locations can be set up with an Embedded Contract Location to capture metadata of a clickwrap agreement as well as visual evidence of what the clickwrap agreement looked like when it was presented to the counterparty. Snapshot Locations can be set up to automatically capture this visual evidence on a daily, weekly, or monthly cadence for web and mobile web URLs.
Success Plans
The Standard Success Plan helps you achieve your goals with self-guided resources and access to 8AM-8PM EST Technical Support.
- Community Success: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST.
The Priority Success Plan helps you achieve your goals with self-guided resources and accelerated response times with our Technical Support team.
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in Ironclad Help Center, and access to the Ironclad Community Forums.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases.
The Premier Success Plan provides you with access to success management assistance during business hours, including proactive health monitoring; adoption guidance and 24x7 technical support for mission critical incidents.
- Community Success:Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Digital Success Management: Access to on-demand success resources to assist with providing adoption; best practices and use-case optimization on the Ironclad platform.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents.
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring, adoption guidance and 24x7 technical support for mission critical incidents.
- Community Success: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Designated Success Manager: Direct access to a designated Customer Success Manager, responsible for leading business reviews with usage metric analysis
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents.
Effective July 5th 2023 to July 5th 2023
DownloadTable of Contents
Subscription Packages
Ironclad CLM provides access to create, manage, and store contracts. Our CLM packages are designed to meet a range of needs, and vary in the number of workflows, number of users, and type of success plans they provide. While they’ve been developed based on the usage patterns of our customer base, we know that each customer is unique, and that customers may need more entitlements over time. Additional entitlements can be purchased, and are outlined in the section, “Subscription Add-Ons”.
Ironclad Clickwrap provides access to Ironclad Clickwrap. Our packages are designed to meet a range of needs, and vary in the features offered, as well as the number of embedded contracts and APIs/month they provide. All packages include APIs, JS Snippets, and SDKs; configurable clickwrap layouts and styles; and ability to manage online terms with Legal Centers. Higher tier packages may also include features like dynamic and multi-language support clickwrap agreements; custom branding, HTML, CSS of Legal Centers; custom domain; snapshots and more. While our packages have been developed based on the usage patterns of our customer base, we know that each customer is unique, and that customers may need more entitlements over time. Additional entitlements can be purchased, and are outlined in the section, “Subscription Add-Ons”.
Subscription Add-Ons
Workflows are processes configured in Workflow Designer to create, review, sign, and archive contracts. Workflows can accommodate multiple templates, depending on Customer’s business process and templates, but, as a best practice, Ironclad recommends limiting a single workflow to one contract type, with no more than three unique contract templates.
Standard Users have the ability to:
- View contracts in the Repository and Dashboard
- Create contract requests using workflow launch forms or via the Salesforce integration, if applicable.
- Manage and update contract versions using Ironclad Editor, Share Document, and document upload/download functionality.
- Collaborate and track workflow steps using Activity Feed, @mentions, and ad-hoc approvals.
A user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Power Users have the same permissions as Standard Users as well as the abilities to:
- Be designated as a workflow approver or signer.
- Create and maintain workflows in Workflow Designer.
- Manage Groups, API Access, User Management, and Integration settings.
Smart Import – Smart Import automatically extracts important contract data for verification when a customer uploads contracts to their Repository. Customers receive 500 trial uploads included with the Ironclad CLM platform at no additional cost and may purchase additional access after 500 uploads.
Additional 1TB of Storage – Additional storage beyond the standard 1 TB amount.
API Access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is governed by the API Terms of Use at https://legal.ironcladapp.com/api-terms-of-use, which are incorporated by reference here. API Access does not include access to Ironclad Clickwrap API endpoints for interacting with Ironclad's clickwrap transaction platform.
Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from Salesforce using a custom button and map Salesforce fields to Ironclad workflow attributes.
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce.
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object.
Coupa Integration streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition request.
- Automatically approve workflows in Ironclad based on Coupa approvals.
- Automatically hold purchase order generation until a contract is executed in Ironclad.
Non-Production Separate Instance – Ironclad instance for non-production uses such as training and testing.
Production Separate Instance – Ironclad instance for production uses that would separate the included Ironclad accounts from Customer’s other Ironclad production instances.
Clickwrap for CLM enables:
- Click-to-Accept as a mode of acceptance within Workflow Designer
- A specified number of Click-to-Accept agreements (shown in the Order Form) per year across all workflows
- Public Workflows
Embedded Contract Locations allow users of Ironclad Clickwrap to choose online terms to be presented in a clickwrap agreement, clickwrap layout and style, and additional options for tracking acceptance of clickwrap agreements.
Additional Embedded Contract Locations provide additional configurations to track separate, distinct locations of clickwrap agreements such as clickwrap agreements for different brands, applications, websites, or mobile apps.
Snapshot Locations are defined as locations or URLs where Snapshots will be taken. Snapshot Locations can be set up with an Embedded Contract Location to capture metadata of a clickwrap agreement as well as visual evidence of what the clickwrap agreement looked like when it was presented to the counterparty. Snapshot Locations can be set up to automatically capture this visual evidence on a daily, weekly, or monthly cadence for web and mobile web URLs.
Success Plans
The Standard Success Plan helps you achieve your goals with self-guided resources and access to 8AM-8PM EST Technical Support.
- Community Success: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST.
The Priority Success Plan helps you achieve your goals with self-guided resources and accelerated response times with our Technical Support team.
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in Ironclad Help Center, and access to the Ironclad Community Forums.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases.
The Premier Success Plan provides you with access to success management assistance during business hours, including proactive health monitoring; adoption guidance and 24x7 technical support for mission critical incidents.
- Community Success:Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Digital Success Management: Access to on-demand success resources to assist with providing adoption; best practices and use-case optimization on the Ironclad platform.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents.
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring, adoption guidance and 24x7 technical support for mission critical incidents.
- Community Success: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Designated Success Manager: Direct access to a designated Customer Success Manager, responsible for leading business reviews with usage metric analysis
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents.
Effective May 22nd 2023 to July 5th 2023
DownloadTable of Contents
Subscription Packages
Ironclad CLM provides access to create, manage, and store contracts. Our CLM packages are designed to meet a range of needs, and vary in the number of workflows, number of users, and type of success plans they provide. While they’ve been developed based on the usage patterns of our customer base, we know that each customer is unique, and that customers may need more entitlements over time. Additional entitlements can be purchased, and are outlined in the section, “Subscription Add-Ons”.
Ironclad Clickwrap provides access to Ironclad Clickwrap. Our packages are designed to meet a range of needs, and vary in the features offered, as well as the number of embedded contracts and APIs/month they provide. All packages include APIs, JS Snippets, and SDKs; configurable clickwrap layouts and styles; and ability to manage online terms with Legal Centers. Higher tier packages may also include features like dynamic and multi-language support clickwrap agreements; custom branding, HTML, CSS of Legal Centers; custom domain; snapshots and more. While our packages have been developed based on the usage patterns of our customer base, we know that each customer is unique, and that customers may need more entitlements over time. Additional entitlements can be purchased, and are outlined in the section, “Subscription Add-Ons”.
Subscription Add-Ons
Workflows are processes configured in Workflow Designer to create, review, sign, and archive contracts. Workflows can accommodate multiple templates, depending on Customer’s business process and templates, but, as a best practice, Ironclad recommends limiting a single workflow to one contract type, with no more than three unique contract templates.
Standard Users have the ability to:
- View contracts in the Repository and Dashboard
- Create contract requests using workflow launch forms or via the Salesforce integration, if applicable.
- Manage and update contract versions using Ironclad Editor, Share Document, and document upload/download functionality.
- Collaborate and track workflow steps using Activity Feed, @mentions, and ad-hoc approvals.
A user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Power Users have the same permissions as Standard Users as well as the abilities to:
- Be designated as a workflow approver or signer.
- Create and maintain workflows in Workflow Designer.
- Manage Groups, API Access, User Management, and Integration settings.
Smart Import – Smart Import automatically extracts important contract data for verification when a customer uploads contracts to their Repository. Customers receive 500 trial uploads included with the Ironclad CLM platform at no additional cost and may purchase additional access after 500 uploads.
Additional 1TB of Storage – Additional storage beyond the standard 1 TB amount.
API Access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is capped at 100 API calls per user per 24-hour period. API Access does not include access to Ironclad Clickwrap API endpoints for interacting with Ironclad's clickwrap transaction platform.
Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from Salesforce using a custom button and map Salesforce fields to Ironclad workflow attributes.
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce.
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object.
Coupa Integration streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition request.
- Automatically approve workflows in Ironclad based on Coupa approvals.
- Automatically hold purchase order generation until a contract is executed in Ironclad.
Non-Production Separate Instance – Ironclad instance for non-production uses such as training and testing.
Production Separate Instance – Ironclad instance for production uses that would separate the included Ironclad accounts from Customer’s other Ironclad production instances.
Clickwrap for CLM enables:
- Click-to-Accept as a mode of acceptance within Workflow Designer
- A specified number of Click-to-Accept agreements (shown in the Order Form) per year across all workflows
- Public Workflows
Embedded Contract Locations allow users of Ironclad Clickwrap to choose online terms to be presented in a clickwrap agreement, clickwrap layout and style, and additional options for tracking acceptance of clickwrap agreements.
Additional Embedded Contract Locations provide additional configurations to track separate, distinct locations of clickwrap agreements such as clickwrap agreements for different brands, applications, websites, or mobile apps.
Snapshot Locations are defined as locations or URLs where Snapshots will be taken. Snapshot Locations can be set up with an Embedded Contract Location to capture metadata of a clickwrap agreement as well as visual evidence of what the clickwrap agreement looked like when it was presented to the counterparty. Snapshot Locations can be set up to automatically capture this visual evidence on a daily, weekly, or monthly cadence for web and mobile web URLs.
Success Plans
The Standard Success Plan helps you achieve your goals with self-guided resources and access to 8AM-8PM EST Technical Support.
- Community Success: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST.
The Priority Success Plan helps you achieve your goals with self-guided resources and accelerated response times with our Technical Support team.
- 24/7 Success Resources: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in Ironclad Help Center, and access to the Ironclad Community Forums.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST through written cases.
The Premier Success Plan provides you with access to success management assistance during business hours, including proactive health monitoring; adoption guidance and 24x7 technical support for mission critical incidents.
- Community Success:Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Digital Success Management: Access to on-demand success resources to assist with providing adoption; best practices and use-case optimization on the Ironclad platform.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents.
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring, adoption guidance and 24x7 technical support for mission critical incidents.
- Community Success: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Designated Success Manager: Direct access to a designated Customer Success Manager, responsible for leading business reviews with usage metric analysis
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents.
Effective May 10th 2023 to May 22nd 2023
DownloadTable of Contents
Subscription Packages
Ironclad CLM provides access to create, manage, and store contracts. Our CLM packages are designed to meet a range of needs, and vary in the number of workflows, number of users, and type of success plans they provide. While they’ve been developed based on the usage patterns of our customer base, we know that each customer is unique, and that customers may need more entitlements over time. Additional entitlements can be purchased, and are outlined in the section, “Subscription Add-Ons”.
Ironclad Clickwrap provides access to Ironclad Clickwrap. Our packages are designed to meet a range of needs, and vary in the features offered, as well as the number of embedded contracts and APIs/month they provide. All packages include APIs, JS Snippets, and SDKs; configurable clickwrap layouts and styles; and ability to manage online terms with Legal Centers. Higher tier packages may also include features like dynamic and multi-language support clickwrap agreements; custom branding, HTML, CSS of Legal Centers; custom domain; snapshots and more. While our packages have been developed based on the usage patterns of our customer base, we know that each customer is unique, and that customers may need more entitlements over time. Additional entitlements can be purchased, and are outlined in the section, “Subscription Add-Ons”.
Subscription Add-Ons
Workflows are processes configured in Workflow Designer to create, review, sign, and archive contracts. Workflows can accommodate multiple templates, depending on Customer’s business process and templates, but, as a best practice, Ironclad recommends limiting a single workflow to one contract type, with no more than three unique contract templates.
Standard Users have the ability to:
- View contracts in the Repository and Dashboard
- Create contract requests using workflow launch forms or via the Salesforce integration, if applicable.
- Manage and update contract versions using Ironclad Editor, Share Document, and document upload/download functionality.
- Collaborate and track workflow steps using Activity Feed, @mentions, and ad-hoc approvals.
A user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Power Users have the same permissions as Standard Users as well as the abilities to:
- Be designated as a workflow approver or signer.
- Create and maintain workflows in Workflow Designer.
- Manage Groups, API Access, User Management, and Integration settings.
Smart Import – Smart Import automatically extracts important contract data for verification when a customer uploads contracts to their Repository. Customers receive 500 trial uploads included with the Ironclad CLM platform at no additional cost and may purchase additional access after 500 uploads.
Additional 1TB of Storage – Additional storage beyond the standard 1 TB amount.
API Access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is capped at 100 API calls per user per 24-hour period. API Access does not include access to Ironclad Clickwrap API endpoints for interacting with Ironclad's clickwrap transaction platform.
Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from Salesforce using a custom button and map Salesforce fields to Ironclad workflow attributes.
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce.
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object.
Coupa Integration streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition request.
- Automatically approve workflows in Ironclad based on Coupa approvals.
- Automatically hold purchase order generation until a contract is executed in Ironclad.
Non-Production Separate Instance – Ironclad instance for non-production uses such as training and testing.
Production Separate Instance – Ironclad instance for production uses that would separate the included Ironclad accounts from Customer’s other Ironclad production instances.
Clickwrap for CLM enables:
- Click-to-Accept as a mode of acceptance within Workflow Designer
- A specified number of Click-to-Accept agreements (shown in the Order Form) per year across all workflows
- Public Workflows
Embedded Contract Locations allow users of Ironclad Clickwrap to choose online terms to be presented in a clickwrap agreement, clickwrap layout and style, and additional options for tracking acceptance of clickwrap agreements.
Additional Embedded Contract Locations provide additional configurations to track separate, distinct locations of clickwrap agreements such as clickwrap agreements for different brands, applications, websites, or mobile apps.
Snapshot Locations are defined as locations or URLs where Snapshots will be taken. Snapshot Locations can be set up with an Embedded Contract Location to capture metadata of a clickwrap agreement as well as visual evidence of what the clickwrap agreement looked like when it was presented to the counterparty. Snapshot Locations can be set up to automatically capture this visual evidence on a daily, weekly, or monthly cadence for web and mobile web URLs.
Success Plans
The Standard Success Plan helps you achieve your goals with self-guided resources and access to 8AM-8PM EST Technical Support.
- Community Success: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST.
The Premier Success Plan provides you with access to success management assistance during business hours, including proactive health monitoring; adoption guidance and 24x7 technical support for mission critical incidents.
- Community Success:Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Digital Success Management: Access to on-demand success resources to assist with providing adoption; best practices and use-case optimization on the Ironclad platform.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents.
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring, adoption guidance and 24x7 technical support for mission critical incidents.
- Community Success: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Designated Success Manager: Direct access to a designated Customer Success Manager, responsible for leading business reviews with usage metric analysis
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents.
Effective April 21st 2023 to May 10th 2023
DownloadTable of Contents
Subscription Packages
Ironclad CLM provides access to create, manage, and store contracts. Our CLM packages are designed to meet a range of needs, and vary in the number of workflows, number of users, and type of success plans they provide. While they’ve been developed based on the usage patterns of our customer base, we know that each customer is unique, and that customers may need more entitlements over time. Additional entitlements can be purchased, and are outlined in the section, “Subscription Add-Ons”.
Ironclad Clickwrap provides access to Ironclad Clickwrap. Our packages are designed to meet a range of needs, and vary in the features offered, as well as the number of embedded contracts and APIs/month they provide. All packages include APIs, JS Snippets, and SDKs; configurable clickwrap layouts and styles; and ability to manage online terms with Legal Centers. Higher tier packages may also include features like dynamic and multi-language support clickwrap agreements; custom branding, HTML, CSS of Legal Centers; custom domain; snapshots and more. While our packages have been developed based on the usage patterns of our customer base, we know that each customer is unique, and that customers may need more entitlements over time. Additional entitlements can be purchased, and are outlined in the section, “Subscription Add-Ons”.
Subscription Add-Ons
Workflows are processes configured in Workflow Designer to create, review, sign, and archive contracts. Workflows can accommodate multiple templates, depending on Customer’s business process and templates, but, as a best practice, Ironclad recommends limiting a single workflow to one contract type, with no more than three unique contract templates.
Standard Users have the ability to:
- View contracts in the Repository and Dashboard
- Create contract requests using workflow launch forms or via the Salesforce integration, if applicable.
- Manage and update contract versions using Ironclad Editor, Share Document, and document upload/download functionality.
- Collaborate and track workflow steps using Activity Feed, @mentions, and ad-hoc approvals.
A user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Power Users have the same permissions as Standard Users as well as the abilities to:
- Be designated as a workflow approver or signer.
- Create and maintain workflows in Workflow Designer.
- Manage Groups, API Access, User Management, and Integration settings.
Smart Import – Smart Import automatically extracts important contract data for verification when a customer uploads contracts to their Repository. Customers receive 500 trial uploads included with the Ironclad CLM platform at no additional cost and may purchase additional access after 500 uploads.
Additional 1TB of Storage – Additional storage beyond the standard 1 TB amount.
API Access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is capped at 100 API calls per user per 24-hour period. API Access does not include access to Ironclad Clickwrap API endpoints for interacting with Ironclad's clickwrap transaction platform.
Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from Salesforce using a custom button and map Salesforce fields to Ironclad workflow attributes.
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce.
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object.
Coupa Integration streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition request.
- Automatically approve workflows in Ironclad based on Coupa approvals.
- Automatically hold purchase order generation until a contract is executed in Ironclad.
Non-Production Separate Instance – Ironclad instance for non-production uses such as training and testing.
Production Separate Instance – Ironclad instance for production uses that would separate the included Ironclad accounts from Customer’s other Ironclad production instances.
Clickwrap for CLM enables:
- Click-to-Accept as a mode of acceptance within Workflow Designer
- A specified number of Click-to-Accept agreements (shown in the Order Form) per year across all workflows
- Public Workflows
Embedded Contract Locations allow users of Ironclad Clickwrap to choose online terms to be presented in a clickwrap agreement, clickwrap layout and style, and additional options for tracking acceptance of clickwrap agreements.
Additional Embedded Contract Locations provide additional configurations to track separate, distinct locations of clickwrap agreements such as clickwrap agreements for different brands, applications, websites, or mobile apps.
Snapshot Locations are defined as locations or URLs where Snapshots will be taken. Snapshot Locations can be set up with an Embedded Contract Location to capture metadata of a clickwrap agreement as well as visual evidence of what the clickwrap agreement looked like when it was presented to the counterparty. Snapshot Locations can be set up to automatically capture this visual evidence on a daily, weekly, or monthly cadence for web and mobile web URLs.
Success Plans
The Standard Success Plan helps you achieve your goals with self-guided resources and access to 8AM-8PM EST Technical Support.
- Community Success: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST.
The Premier Success Plan provides you with access to success management assistance during business hours, including proactive health monitoring; adoption guidance and 24x7 technical support for mission critical incidents.
- Community Success:Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Digital Success Management: Access to on-demand success resources to assist with providing adoption; best practices and use-case optimization on the Ironclad platform.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents.
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring, adoption guidance and 24x7 technical support for mission critical incidents.
- Community Success: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Designated Success Manager: Direct access to a designated Customer Success Manager, responsible for leading business reviews with usage metric analysis
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents.
Effective October 11th 2022 to April 21st 2023
DownloadTable of Contents
Subscription Packages
Ironclad CLM provides access to create, manage, and store contracts. Our CLM packages are designed to meet a range of needs, and vary in the number of workflows, number of users, and type of success plans they provide. While they’ve been developed based on the usage patterns of our customer base, we know that each customer is unique, and that customers may need more entitlements over time. Additional entitlements can be purchased, and are outlined in the section, “Subscription Add-Ons”.
Ironclad Clickwrap provides access to Ironclad Clickwrap. Our packages are designed to meet a range of needs, and vary in the features offered, as well as the number of embedded contracts and APIs/month they provide. All packages include APIs, JS Snippets, and SDKs; configurable clickwrap layouts and styles; and ability to manage online terms with Legal Centers. Higher tier packages may also include features like dynamic and multi-language support clickwrap agreements; custom branding, HTML, CSS of Legal Centers; custom domain; snapshots and more. While our packages have been developed based on the usage patterns of our customer base, we know that each customer is unique, and that customers may need more entitlements over time. Additional entitlements can be purchased, and are outlined in the section, “Subscription Add-Ons”.
Subscription Add-Ons
Workflows are processes configured in Workflow Designer to create, review, sign, and archive contracts. Workflows can accommodate multiple templates, depending on Customer’s business process and templates, but, as a best practice, Ironclad recommends limiting a single workflow to one contract type, with no more than three unique contract templates.
Standard Users have the ability to:
- View contracts in the Repository and Dashboard
- Create contract requests using workflow launch forms or via the Salesforce integration, if applicable.
- Manage and update contract versions using Ironclad Editor, Share Document, and document upload/download functionality.
- Collaborate and track workflow steps using Activity Feed, @mentions, and ad-hoc approvals.
A user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Power Users have the same permissions as Standard Users as well as the abilities to:
- Be designated as a workflow approver or signer.
- Create and maintain workflows in Workflow Designer.
- Manage Groups, API Access, User Management, and Integration settings.
Smart Import – Smart Import automatically extracts important contract data for verification when a customer uploads contracts to their Repository. Customers receive 500 trial uploads included with the Ironclad CLM platform at no additional cost and may purchase additional access after 500 uploads.
Additional 1TB of Storage – Additional storage beyond the standard 1 TB amount.
API Access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is capped at 100 API calls per user per 24-hour period. API Access does not include access to Ironclad Clickwrap API endpoints for interacting with Ironclad's clickwrap transaction platform.
Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from Salesforce using a custom button and map Salesforce fields to Ironclad workflow attributes.
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce.
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object.
Coupa Integration streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition request.
- Automatically approve workflows in Ironclad based on Coupa approvals.
- Automatically hold purchase order generation until a contract is executed in Ironclad.
Non-Production Separate Instance – Ironclad instance for non-production uses such as training and testing.
Production Separate Instance – Ironclad instance for production uses that would separate the included Ironclad accounts from Customer’s other Ironclad production instances.
Clickwrap for CLM enables:
- Click-to-Accept as a mode of acceptance within Workflow Designer
- A specified number of Click-to-Accept agreements (shown in the Order Form) per year across all workflows
- Public Workflows
Embedded Contract Locations allow users of Ironclad Clickwrap to choose online terms to be presented in a clickwrap agreement, clickwrap layout and style, and additional options for tracking acceptance of clickwrap agreements.
Additional Embedded Contract Locations provide additional configurations to track separate, distinct locations of clickwrap agreements such as clickwrap agreements for different brands, applications, websites, or mobile apps.
Snapshot Locations are defined as locations or URLs where Snapshots will be taken. Snapshot Locations can be set up with an Embedded Contract Location to capture metadata of a clickwrap agreement as well as visual evidence of what the clickwrap agreement looked like when it was presented to the counterparty. Snapshot Locations can be set up to automatically capture this visual evidence on a daily, weekly, or monthly cadence for web and mobile web URLs.
Success Plans
The Standard Success Plan helps you achieve your goals with self-guided resources and access to 8AM-8PM EST Technical Support.
- Community Success: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST.
The Premier Success Plan provides you with access to success management assistance during business hours, including proactive health monitoring; adoption guidance and 24x7 technical support for mission critical incidents.
- Community Success:Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Digital Success Management: Access to on-demand success resources to assist with providing adoption; best practices and use-case optimization on the Ironclad platform.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents.
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring, adoption guidance and 24x7 technical support for mission critical incidents.
- Community Success: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Designated Success Manager: Direct access to a designated Customer Success Manager, responsible for leading business reviews with usage metric analysis
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents.
Effective February 4th 2022 to October 11th 2022
DownloadTable of Contents
Subscription Packages
Ironclad CLM provides access to create, manage, and store contracts. Our CLM packages are designed to meet a range of needs, and vary in the number of workflows, number of users, and type of success plans they provide. While they’ve been developed based on the usage patterns of our customer base, we know that each customer is unique, and that customers may need more entitlements over time. Additional entitlements can be purchased, and are outlined in the section, “Subscription Add-Ons”.
Ironclad Clickwrap provides access to Ironclad Clickwrap. Our packages are designed to meet a range of needs, and vary in the features offered, as well as the number of embedded contracts and APIs/month they provide. All packages include APIs, JS Snippets, and SDKs; configurable clickwrap layouts and styles; and ability to manage online terms with Legal Centers. Higher tier packages may also include features like dynamic and multi-language support clickwrap agreements; custom branding, HTML, CSS of Legal Centers; custom domain; snapshots and more. While our packages have been developed based on the usage patterns of our customer base, we know that each customer is unique, and that customers may need more entitlements over time. Additional entitlements can be purchased, and are outlined in the section, “Subscription Add-Ons”.
Subscription Add-Ons
Workflows are processes configured in Workflow Designer to create, review, sign, and archive contracts. Workflows can accommodate multiple templates, depending on Customer’s business process and templates, but, as a best practice, Ironclad recommends limiting a single workflow to one contract type, with no more than three unique contract templates.
Standard Users have the ability to:
- View contracts in the Repository and Dashboard
- Create contract requests using workflow launch forms or via the Salesforce integration, if applicable.
- Manage and update contract versions using Ironclad Editor, Share Document, and document upload/download functionality.
- Collaborate and track workflow steps using Activity Feed, @mentions, and ad-hoc approvals.
A user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Power Users have the same permissions as Standard Users as well as the abilities to:
- Be designated as a workflow approver or signer.
- Create and maintain workflows in Workflow Designer.
- Manage Groups, API Access, User Management, and Integration settings.
Smart Import – Smart Import automatically extracts important contract data for verification when a customer uploads contracts to their Repository. Customers receive 500 trial uploads included with the Ironclad CLM platform at no additional cost and may purchase additional access after 500 uploads.
Additional 1TB of Storage – Additional storage beyond the standard 1 TB amount.
API Access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is capped at 100 API calls per user per 24-hour period. API Access does not include access to Ironclad Clickwrap API endpoints for interacting with Ironclad's clickwrap transaction platform.
Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from Salesforce using a custom button and map Salesforce fields to Ironclad workflow attributes.
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce.
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object.
Coupa Integration (Paid Open Beta) streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition
- Automatically Approve in Ironclad based on Coupa approvals.
- Automatically hold PO generation until a contract is executed in Ironclad.
Customer acknowledges and agrees that Ironclad provides no warranty of any kind as to the beta version of the Coupa Integration or as to when a general release version of the Coupa Integration will be delivered. Customer agrees to provide Ironclad with access to its Coupa sandbox environment for support and debugging purposes.
Non-Production Separate Instance – Ironclad instance for non-production uses such as training and testing.
Production Separate Instance – Ironclad instance for production uses that would separate the included Ironclad accounts from Customer’s other Ironclad production instances.
Clickwrap for CLM enables:
- Click-to-Accept as a mode of acceptance within Workflow Designer
- A specified number of Click-to-Accept agreements (shown in the Order Form) per year across all workflows
- Public Workflows
Embedded Contract Locations allow users of Ironclad Clickwrap to choose online terms to be presented in a clickwrap agreement, clickwrap layout and style, and additional options for tracking acceptance of clickwrap agreements.
Additional Embedded Contract Locations provide additional configurations to track separate, distinct locations of clickwrap agreements such as clickwrap agreements for different brands, applications, websites, or mobile apps.
Snapshot Locations are defined as locations or URLs where Snapshots will be taken. Snapshot Locations can be set up with an Embedded Contract Location to capture metadata of a clickwrap agreement as well as visual evidence of what the clickwrap agreement looked like when it was presented to the counterparty. Snapshot Locations can be set up to automatically capture this visual evidence on a daily, weekly, or monthly cadence for web and mobile web URLs.
Success Plans
The Standard Success Plan helps you achieve your goals with self-guided resources and access to 8AM-8PM EST Technical Support.
- Community Success: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST.
The Premier Success Plan provides you with access to success management assistance during business hours, including proactive health monitoring; adoption guidance and 24x7 technical support for mission critical incidents.
- Community Success:Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Digital Success Management: Access to on-demand success resources to assist with providing adoption; best practices and use-case optimization on the Ironclad platform.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents.
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring, adoption guidance and 24x7 technical support for mission critical incidents.
- Community Success: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Designated Success Manager: Direct access to a designated Customer Success Manager, responsible for leading business reviews with usage metric analysis
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents.
Effective January 20th 2022 to February 4th 2022
DownloadTable of Contents
Subscription Packages
Ironclad CLM provides access to create, manage, and store contracts. Our CLM packages are designed to meet a range of needs, and vary in the number of workflows, number of users, and type of success plans they provide. While they’ve been developed based on the usage patterns of our customer base, we know that each customer is unique, and that customers may need more entitlements over time. Additional entitlements can be purchased, and are outlined in the section, “Subscription Add-Ons”.
Ironclad Clickwrap provides access to Ironclad Clickwrap. Our packages are designed to meet a range of needs, and vary in the features offered, as well as the number of embedded contracts and APIs/month they provide. All packages include APIs, JS Snippets, and SDKs; configurable clickwrap layouts and styles; and ability to manage online terms with Legal Centers. Higher tier packages may also include features like dynamic and multi-language support clickwrap agreements; custom branding, HTML, CSS of Legal Centers; custom domain; snapshots and more. While our packages have been developed based on the usage patterns of our customer base, we know that each customer is unique, and that customers may need more entitlements over time. Additional entitlements can be purchased, and are outlined in the section, “Subscription Add-Ons”.
Subscription Add-Ons
Workflows are processes configured in Workflow Designer to create, review, sign, and archive contracts. Workflows can accommodate multiple templates, depending on Customer’s business process and templates, but, as a best practice, Ironclad recommends limiting a single workflow to one contract type, with no more than three unique contract templates.
Standard Users have the ability to:
- View contracts in the Repository and Dashboard
- Create contract requests using workflow launch forms or via the Salesforce integration, if applicable.
- Manage and update contract versions using Ironclad Editor, Share Document, and document upload/download functionality.
- Collaborate and track workflow steps using Activity Feed, @mentions, and ad-hoc approvals.
A user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Power Users have the same permissions as Standard Users as well as the abilities to:
- Be designated as a workflow approver or signer.
- Create and maintain workflows in Workflow Designer.
- Manage Groups, API Access, User Management, and Integration settings.
Smart Import – Smart Import automatically extracts important contract data for verification when a customer uploads contracts to their Repository. Customers receive 500 trial uploads included in their Ironclad CLM base package at no additional cost and may purchase additional access after 500 uploads.
Additional 1TB of Storage – Additional storage beyond the standard 1 TB amount.
API Access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is capped at 100 API calls per user per 24-hour period. API Access does not include access to Ironclad Clickwrap API endpoints for interacting with Ironclad's clickwrap transaction platform.
Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from Salesforce using a custom button and map Salesforce fields to Ironclad workflow attributes.
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce.
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object.
Coupa Integration (Paid Open Beta) streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition
- Automatically Approve in Ironclad based on Coupa approvals.
- Automatically hold PO generation until a contract is executed in Ironclad.
Customer acknowledges and agrees that Ironclad provides no warranty of any kind as to the beta version of the Coupa Integration or as to when a general release version of the Coupa Integration will be delivered. Customer agrees to provide Ironclad with access to its Coupa sandbox environment for support and debugging purposes.
Non-Production Separate Instance – Ironclad instance for non-production uses such as training and testing.
Production Separate Instance – Ironclad instance for production uses that would separate the included Ironclad accounts from Customer’s other Ironclad production instances.
Clickwrap for CLM enables:
- Click-to-Accept as a mode of acceptance within Workflow Designer
- A specified number of Click-to-Accept agreements (shown in the Order Form) per year across all workflows
- Public Workflows
Embedded Contract Locations allow users of Ironclad Clickwrap to choose online terms to be presented in a clickwrap agreement, clickwrap layout and style, and additional options for tracking acceptance of clickwrap agreements.
Additional Embedded Contract Locations provide additional configurations to track separate, distinct locations of clickwrap agreements such as clickwrap agreements for different brands, applications, websites, or mobile apps.
Snapshot Locations are defined as locations or URLs where Snapshots will be taken. Snapshot Locations can be set up with an Embedded Contract Location to capture metadata of a clickwrap agreement as well as visual evidence of what the clickwrap agreement looked like when it was presented to the counterparty. Snapshot Locations can be set up to automatically capture this visual evidence on a daily, weekly, or monthly cadence for web and mobile web URLs.
Success Plans
The Standard Success Plan helps you achieve your goals with self-guided resources and access to 8AM-8PM EST Technical Support.
- Community Success: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST. As set forth in the Enterprise Services Agreement at Exhibit A: Ironclad Service Level Agreement & Technical Support Schedule, which is incorporated by reference.
The Premier Success Plan provides you with access to success management assistance during business hours, including proactive health monitoring; adoption guidance and 24x7 technical support for mission critical incidents.
- Community Success:Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Digital Success Management: Access to on-demand success resources to assist with providing adoption; best practices and use-case optimization on the Ironclad platform.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents. As set forth in the Enterprise Services Agreement at Exhibit A: Ironclad Service Level Agreement & Technical Support Schedule, which is incorporated by reference.
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring, adoption guidance and 24x7 technical support for mission critical incidents.
- Community Success: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Designated Success Manager: Direct access to a designated Customer Success Manager, responsible for leading business reviews with usage metric analysis
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents. As set forth in the Enterprise Services Agreement at Exhibit A: Ironclad Service Level Agreement & Technical Support Schedule, which is incorporated by reference.
Effective October 20th 2021 to January 20th 2022
DownloadTable of Contents
Subscription Packages
Ironclad CLM provides access to create, manage, and store contracts. Our CLM packages are designed to meet a range of needs, and vary in the number of workflows, number of users, and type of success plans they provide. While they’ve been developed based on the usage patterns of our customer base, we know that each customer is unique, and that customers may need more entitlements over time. Additional entitlements can be purchased, and are outlined in the section, “Subscription Add-Ons”.
Ironclad Clickwrap provides access to Ironclad Clickwrap. Our packages are designed to meet a range of needs, and vary in the features offered, as well as the number of embedded contracts and APIs/month they provide. All packages include APIs, JS Snippets, and SDKs; configurable clickwrap layouts and styles; and ability to manage online terms with Legal Centers. Higher tier packages may also include features like dynamic and multi-language support clickwrap agreements; custom branding, HTML, CSS of Legal Centers; custom domain; snapshots and more. While our packages have been developed based on the usage patterns of our customer base, we know that each customer is unique, and that customers may need more entitlements over time. Additional entitlements can be purchased, and are outlined in the section, “Subscription Add-Ons”.
Subscription Add-Ons
Workflows are processes configured in Workflow Designer to create, review, sign, and archive contracts. Workflows can accommodate multiple templates, depending on Customer’s business process and templates, but, as a best practice, Ironclad recommends limiting a single workflow to one contract type, with no more than three unique contract templates.
Standard Users have the ability to:
- View contracts in the Repository and Dashboard
- Create contract requests using workflow launch forms or via the Salesforce integration, if applicable.
- Manage and update contract versions using Ironclad Editor, Share Document, and document upload/download functionality.
- Collaborate and track workflow steps using Activity Feed, @mentions, and ad-hoc approvals.
A user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Power Users have the same permissions as Standard Users as well as the abilities to:
- Be designated as a workflow approver or signer.
- Create and maintain workflows in Workflow Designer.
- Manage Groups, API Access, User Management, and Integration settings.
Additional 1TB of Storage – Additional storage beyond the standard 1 TB amount.
API Access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is capped at 100 API calls per user per 24-hour period. API Access does not include access to Ironclad Clickwrap API endpoints for interacting with Ironclad's clickwrap transaction platform.
Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from Salesforce using a custom button and map Salesforce fields to Ironclad workflow attributes.
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce.
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object.
Coupa Integration (Paid Open Beta) streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition
- Automatically Approve in Ironclad based on Coupa approvals.
- Automatically hold PO generation until a contract is executed in Ironclad.
Customer acknowledges and agrees that Ironclad provides no warranty of any kind as to the beta version of the Coupa Integration or as to when a general release version of the Coupa Integration will be delivered. Customer agrees to provide Ironclad with access to its Coupa sandbox environment for support and debugging purposes.
Non-Production Separate Instance – Ironclad instance for non-production uses such as training and testing.
Production Separate Instance – Ironclad instance for production uses that would separate the included Ironclad accounts from Customer’s other Ironclad production instances.
Clickwrap for CLM enables:
- Click-to-Accept as a mode of acceptance within Workflow Designer
- A specified number of Click-to-Accept agreements (shown in the Order Form) per year across all workflows
- Public Workflows
Embedded Contract Locations allow users of Ironclad Clickwrap to choose online terms to be presented in a clickwrap agreement, clickwrap layout and style, and additional options for tracking acceptance of clickwrap agreements.
Additional Embedded Contract Locations provide additional configurations to track separate, distinct locations of clickwrap agreements such as clickwrap agreements for different brands, applications, websites, or mobile apps.
Snapshot Locations are defined as locations or URLs where Snapshots will be taken. Snapshot Locations can be set up with an Embedded Contract Location to capture metadata of a clickwrap agreement as well as visual evidence of what the clickwrap agreement looked like when it was presented to the counterparty. Snapshot Locations can be set up to automatically capture this visual evidence on a daily, weekly, or monthly cadence for web and mobile web URLs.
Success Plans
The Standard Success Plan helps you achieve your goals with self-guided resources and access to 8AM-8PM EST Technical Support.
- Community Success: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST. As set forth in the Enterprise Services Agreement at Exhibit A: Ironclad Service Level Agreement & Technical Support Schedule, which is incorporated by reference.
The Premier Success Plan provides you with access to success management assistance during business hours, including proactive health monitoring; adoption guidance and 24x7 technical support for mission critical incidents.
- Community Success:Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Digital Success Management: Access to on-demand success resources to assist with providing adoption; best practices and use-case optimization on the Ironclad platform.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents. As set forth in the Enterprise Services Agreement at Exhibit A: Ironclad Service Level Agreement & Technical Support Schedule, which is incorporated by reference.
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring, adoption guidance and 24x7 technical support for mission critical incidents.
- Community Success: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Designated Success Manager: Direct access to a designated Customer Success Manager, responsible for leading business reviews with usage metric analysis
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents. As set forth in the Enterprise Services Agreement at Exhibit A: Ironclad Service Level Agreement & Technical Support Schedule, which is incorporated by reference.
Effective October 12th 2021 to October 20th 2021
DownloadTable of Contents
Subscription Packages
Ironclad CLM provides access to create, manage, and store contracts. Our CLM packages are designed to meet a range of needs, and vary in the number of workflows, number of users, and type of success plans they provide. While they’ve been developed based on the usage patterns of our customer base, we know that each customer is unique, and that customers may need more entitlements over time. Additional entitlements can be purchased, and are outlined in the section, “Subscription Add-Ons”.
Ironclad Clickwrap provides access to Ironclad Clickwrap. Our packages are designed to meet a range of needs, and vary in the features offered, as well as the number of embedded contracts and APIs/month they provide. All packages include APIs, JS Snippets, and SDKs; configurable clickwrap layouts and styles; and ability to manage online terms with Legal Centers. Higher tier packages may also include features like dynamic and multi-language support clickwrap agreements; custom branding, HTML, CSS of Legal Centers; custom domain; snapshots and more. While our packages have been developed based on the usage patterns of our customer base, we know that each customer is unique, and that customers may need more entitlements over time. Additional entitlements can be purchased, and are outlined in the section, “Subscription Add-Ons”.
Subscription Add-Ons
Workflows are processes configured in Workflow Designer to create, review, sign, and archive contracts. Workflows can accommodate multiple templates, depending on Customer’s business process and templates, but, as a best practice, Ironclad recommends limiting a single workflow to one contract type, with no more than three unique contract templates.
Standard Users have the ability to:
- View contracts in the Repository and Dashboard
- Create contract requests using workflow launch forms or via the Salesforce integration, if applicable.
- Manage and update contract versions using Ironclad Editor, Share Document, and document upload/download functionality.
- Collaborate and track workflow steps using Activity Feed, @mentions, and ad-hoc approvals.
A user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Power Users have the same permissions as Standard Users as well as the abilities to:
- Be designated as a workflow approver or signer.
- Create and maintain workflows in Workflow Designer.
- Manage Groups, API Access, User Management, and Integration settings.
Additional 1TB of Storage – Additional storage beyond the standard 1 TB amount.
API Access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is capped at 100 API calls per user per 24-hour period. API Access does not include access to Ironclad Clickwrap API endpoints for interacting with Ironclad's clickwrap transaction platform.
Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from Salesforce using a custom button and map Salesforce fields to Ironclad workflow attributes.
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce.
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object.
Coupa Integration (Paid Open Beta) streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition
- Automatically Approve in Ironclad based on Coupa approvals.
- Automatically hold PO generation until a contract is executed in Ironclad.
Customer acknowledges and agrees that Ironclad provides no warranty of any kind as to the beta version of the Coupa Integration or as to when a general release version of the Coupa Integration will be delivered.
Non-Production Separate Instance – Ironclad instance for non-production uses such as training and testing.
Production Separate Instance – Ironclad instance for production uses that would separate the included Ironclad accounts from Customer’s other Ironclad production instances.
Clickwrap for CLM enables:
- Click-to-Accept as a mode of acceptance within Workflow Designer
- A specified number of Click-to-Accept agreements (shown in the Order Form) per year across all workflows
- Public Workflows
Embedded Contract Locations allow users of Ironclad Clickwrap to choose online terms to be presented in a clickwrap agreement, clickwrap layout and style, and additional options for tracking acceptance of clickwrap agreements.
Additional Embedded Contract Locations provide additional configurations to track separate, distinct locations of clickwrap agreements such as clickwrap agreements for different brands, applications, websites, or mobile apps.
Snapshot Locations are defined as locations or URLs where Snapshots will be taken. Snapshot Locations can be set up with an Embedded Contract Location to capture metadata of a clickwrap agreement as well as visual evidence of what the clickwrap agreement looked like when it was presented to the counterparty. Snapshot Locations can be set up to automatically capture this visual evidence on a daily, weekly, or monthly cadence for web and mobile web URLs.
Success Plans
The Standard Success Plan helps you achieve your goals with self-guided resources and access to 8AM-8PM EST Technical Support.
- Community Success: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST. As set forth in the Enterprise Services Agreement at Exhibit A: Ironclad Service Level Agreement & Technical Support Schedule, which is incorporated by reference.
The Premier Success Plan provides you with access to success management assistance during business hours, including proactive health monitoring; adoption guidance and 24x7 technical support for mission critical incidents.
- Community Success:Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Digital Success Management: Access to on-demand success resources to assist with providing adoption; best practices and use-case optimization on the Ironclad platform.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents. As set forth in the Enterprise Services Agreement at Exhibit A: Ironclad Service Level Agreement & Technical Support Schedule, which is incorporated by reference.
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring, adoption guidance and 24x7 technical support for mission critical incidents.
- Community Success: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Designated Success Manager: Direct access to a designated Customer Success Manager, responsible for leading business reviews with usage metric analysis
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents. As set forth in the Enterprise Services Agreement at Exhibit A: Ironclad Service Level Agreement & Technical Support Schedule, which is incorporated by reference.
Effective October 11th 2021 to October 12th 2021
DownloadTable of Contents
Subscription Packages
CLM – Starter Package provides access to Ironclad to create, manage, and store contracts. Included with this package are:
- 3 Workflows
- 2 Power Users
- 23 Standard Users
- Standard Success Plan
CLM – Standard Package provides access to Ironclad to create, manage, and store contracts. Included with this package are:
- 5 Workflows
- 5 Power Users
- 45 Standard Users
- Standard Success Plan
CLM – Growth Package provides access to Ironclad to create, manage, and store contracts. Included with this package are:
- 10 Workflows
- 10 Power Users
- 90 Standard Users
- Premier Success Plan
CLM – Pro Package provides access to Ironclad to create, manage, and store contracts. Included with this package are:
- 25 Workflows
- 15 Power Users
- 135 Standard Users
- Premier Success Plan
Ironclad Clickwrap – Starter Package provides access to Ironclad Clickwrap. Included with this package are:
- 3 embedded contract locations
- 10,000 API calls/month
- APIs, JS Snippet, and SDKs
- Configurable clickwrap layout & style
- Manage online terms with Legal Centers
Ironclad Clickwrap – Growth Package provides access to Ironclad Clickwrap. Included with this package are:
- 10 embedded contract locations
- 100,000 API calls/month
- APIs, JS Snippet, and SDKs
- Configurable clickwrap layout & style
- Dynamic with support for multiple languages in clickwrap agreements
- Manage online terms with Legal Centers
- Custom branding, HTML, & CSS of Legal Centers
- Custom domain
Ironclad Clickwrap – Pro Package provides access to Ironclad Clickwrap. Included with this package are:
- 25 embedded contract locations
- 1,000,000 API calls/month
- APIs, JS Snippet, and SDKs
- Configurable clickwrap layout & style
- Dynamic and multi-language support in clickwrap agreements
- Manage online terms with Legal Centers
- Custom branding, HTML, & CSS of Legal Centers
- Custom domain
- Snapshots
Subscription Add-Ons
Workflows are processes configured in Workflow Designer to create, review, sign, and archive contracts. Workflows can accommodate multiple templates, depending on Customer’s business process and templates, but, as a best practice, Ironclad recommends limiting a single workflow to one contract type, with no more than three unique contract templates.
Standard Users have the ability to:
- View contracts in the Repository and Dashboard
- Create contract requests using workflow launch forms or via the Salesforce integration, if applicable.
- Manage and update contract versions using Ironclad Editor, Share Document, and document upload/download functionality.
- Collaborate and track workflow steps using Activity Feed, @mentions, and ad-hoc approvals.
A user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Power Users have the same permissions as Standard Users as well as the abilities to:
- Be designated as a workflow approver or signer.
- Create and maintain workflows in Workflow Designer.
- Manage Groups, API Access, User Management, and Integration settings.
Additional 1TB of Storage – Additional storage beyond the standard 1 TB amount.
API Access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is capped at 100 API calls per user per 24-hour period. API Access does not include access to Ironclad Clickwrap API endpoints for interacting with Ironclad's clickwrap transaction platform.
Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from Salesforce using a custom button and map Salesforce fields to Ironclad workflow attributes.
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce.
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object.
Coupa Integration (Paid Open Beta) streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition
- Automatically Approve in Ironclad based on Coupa approvals.
- Automatically hold PO generation until a contract is executed in Ironclad.
Customer acknowledges and agrees that Ironclad provides no warranty of any kind as to the beta version of the Coupa Integration or as to when a general release version of the Coupa Integration will be delivered.
Non-Production Separate Instance – Ironclad instance for non-production uses such as training and testing.
Production Separate Instance – Ironclad instance for production uses that would separate the included Ironclad accounts from Customer’s other Ironclad production instances.
Clickwrap for CLM enables:
- Click-to-Accept as a mode of acceptance within Workflow Designer
- A specified number of Click-to-Accept agreements (shown in the Order Form) per year across all workflows
- Public Workflows
Embedded Contract Locations allow users of Ironclad Clickwrap to choose online terms to be presented in a clickwrap agreement, clickwrap layout and style, and additional options for tracking acceptance of clickwrap agreements.
Additional Embedded Contract Locations provide additional configurations to track separate, distinct locations of clickwrap agreements such as clickwrap agreements for different brands, applications, websites, or mobile apps.
Snapshot Locations are defined as locations or URLs where Snapshots will be taken. Snapshot Locations can be set up with an Embedded Contract Location to capture metadata of a clickwrap agreement as well as visual evidence of what the clickwrap agreement looked like when it was presented to the counterparty. Snapshot Locations can be set up to automatically capture this visual evidence on a daily, weekly, or monthly cadence for web and mobile web URLs.
Success Plans
The Standard Success Plan helps you achieve your goals with self-guided resources and access to 8AM-8PM EST Technical Support.
- Community Success: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST. As set forth in the Enterprise Services Agreement at Exhibit A: Ironclad Service Level Agreement & Technical Support Schedule, which is incorporated by reference.
The Premier Success Plan provides you with access to success management assistance during business hours, including proactive health monitoring; adoption guidance and 24x7 technical support for mission critical incidents.
- Community Success:Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Digital Success Management: Access to on-demand success resources to assist with providing adoption; best practices and use-case optimization on the Ironclad platform.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents. As set forth in the Enterprise Services Agreement at Exhibit A: Ironclad Service Level Agreement & Technical Support Schedule, which is incorporated by reference.
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring, adoption guidance and 24x7 technical support for mission critical incidents.
- Community Success: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Designated Success Manager: Direct access to a designated Customer Success Manager, responsible for leading business reviews with usage metric analysis
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents. As set forth in the Enterprise Services Agreement at Exhibit A: Ironclad Service Level Agreement & Technical Support Schedule, which is incorporated by reference.
Effective October 11th 2021 to October 11th 2021
DownloadTable of Contents
Subscription Packages
CLM – Starter Package provides access to Ironclad to create, manage, and store contracts. Included with this package are:
- 3 Workflows
- 2 Power Users
- 23 Standard Users
- Standard Success Plan
CLM – Standard Package provides access to Ironclad to create, manage, and store contracts. Included with this package are:
- 5 Workflows
- 5 Power Users
- 45 Standard Users
- Standard Success Plan
CLM – Growth Package provides access to Ironclad to create, manage, and store contracts. Included with this package are:
- 10 Workflows
- 10 Power Users
- 90 Standard Users
- Premier Success Plan
CLM – Pro Package provides access to Ironclad to create, manage, and store contracts. Included with this package are:
- 25 Workflows
- 15 Power Users
- 135 Standard Users
- Premier Success Plan
Ironclad Clickwrap – Starter Package provides access to Ironclad Clickwrap. Included with this package are:
- 3 embedded contract locations
- 10,000 API calls/month
- APIs, JS Snippet, and SDKs
- Configurable clickwrap layout & style
- Manage online terms with Legal Centers
Ironclad Clickwrap – Growth Package provides access to Ironclad Clickwrap. Included with this package are:
- 10 embedded contract locations
- 100,000 API calls/month
- APIs, JS Snippet, and SDKs
- Configurable clickwrap layout & style
- Dynamic with support for multiple languages in clickwrap agreements
- Manage online terms with Legal Centers
- Custom branding, HTML, & CSS of Legal Centers
- Custom domain
Ironclad Clickwrap – Pro Package provides access to Ironclad Clickwrap. Included with this package are:
- 25 embedded contract locations
- 1,000,000 API calls/month
- APIs, JS Snippet, and SDKs
- Configurable clickwrap layout & style
- Dynamic and multi-language support in clickwrap agreements
- Manage online terms with Legal Centers
- Custom branding, HTML, & CSS of Legal Centers
- Custom domain
- Snapshots
Subscription Add-Ons
Workflows are processes configured in Workflow Designer to create, review, sign, and archive contracts. Workflows can accommodate multiple templates, depending on Customer’s business process and templates, but, as a best practice, Ironclad recommends limiting a single workflow to one contract type, with no more than three unique contract templates.
Standard Users have the ability to:
- View contracts in the Repository and Dashboard
- Create contract requests using workflow launch forms or via the Salesforce integration, if applicable.
- Manage and update contract versions using Ironclad Editor, Share Document, and document upload/download functionality.
- Collaborate and track workflow steps using Activity Feed, @mentions, and ad-hoc approvals.
A user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Power Users have the same permissions as Standard Users as well as the abilities to:
- Be designated as a workflow approver or signer.
- Create and maintain workflows in Workflow Designer.
- Manage Groups, API Access, User Management, and Integration settings.
Additional 1TB of Storage – Additional storage beyond the standard 1 TB amount.
API Access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is capped at 100 API calls per user per 24-hour period. API Access does not include access to Ironclad Clickwrap API endpoints for interacting with Ironclad's clickwrap transaction platform.
Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from Salesforce using a custom button and map Salesforce fields to Ironclad workflow attributes.
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce.
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object.
Coupa Integration (Paid Open Beta) streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition
- Automatically Approve in Ironclad based on Coupa approvals.
- Automatically hold PO generation until a contract is executed in Ironclad.
Customer acknowledges and agrees that Ironclad provides no warranty of any kind as to the beta version of the Coupa Integration or as to when a general release version of the Coupa Integration will be delivered.
Non-Production Separate Instance – Ironclad instance for non-production uses such as training and testing.
Production Separate Instance – Ironclad instance for production uses that would separate the included Ironclad accounts from Customer’s other Ironclad production instances.
Clickwrap for CLM enables:
- Click-to-Accept as a mode of acceptance within Workflow Designer
- A specified number of Click-to-Accept agreements (shown in the Order Form) per year across all workflows
- Public Workflows
Embedded Contract Locations allow users of Ironclad Clickwrap to choose online terms to be presented in a clickwrap agreement, clickwrap layout and style, and additional options for tracking acceptance of clickwrap agreements.
Additional Embedded Contract Locations provide additional configurations to track separate, distinct locations of clickwrap agreements such as clickwrap agreements for different brands, applications, websites, or mobile apps.
Snapshot Locations are defined as locations or URLs where Snapshots will be taken. Snapshot Locations can be set up with an Embedded Contract Location to capture metadata of a clickwrap agreement as well as visual evidence of what the clickwrap agreement looked like when it was presented to the counterparty. Snapshot Locations can be set up to automatically capture this visual evidence on a daily, weekly, or monthly cadence for web and mobile web URLs.
Success Plans
The Standard Success Plan helps you achieve your goals with self-guided resources and access to 8AM-8PM EST Technical Support.
- Community Success: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST. As set forth in the Enterprise Services Agreement at Exhibit A: Ironclad Service Level Agreement & Technical Support Schedule, which is incorporated by reference.
The Premier Success Plan provides you with access to success management assistance during business hours, including proactive health monitoring; adoption guidance and 24x7 technical support for mission critical incidents.
- Community Success:Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Digital Success Management: Access to on-demand success resources to assist with providing adoption; best practices and use-case optimization on the Ironclad platform.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents. As set forth in the Enterprise Services Agreement at Exhibit A: Ironclad Service Level Agreement & Technical Support Schedule, which is incorporated by reference.
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring, adoption guidance and 24x7 technical support for mission critical incidents.
- Community Success: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Designated Success Manager: Direct access to a designated Customer Success Manager, responsible for leading business reviews with usage metric analysis
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents. As set forth in the Enterprise Services Agreement at Exhibit A: Ironclad Service Level Agreement & Technical Support Schedule, which is incorporated by reference.
Effective October 11th 2021 to October 11th 2021
DownloadTable of Contents
Subscription Packages
CLM – Starter Package provides access to Ironclad to create, manage, and store contracts. Included with this package are:
- 3 Workflows
- 2 Power Users
- 23 Standard Users
- Standard Success Plan
CLM – Standard Package provides access to Ironclad to create, manage, and store contracts. Included with this package are:
- 5 Workflows
- 5 Power Users
- 45 Standard Users
- Standard Success Plan
CLM – Growth Package provides access to Ironclad to create, manage, and store contracts. Included with this package are:
- 10 Workflows
- 10 Power Users
- 90 Standard Users
- Premier Success Plan
CLM – Pro Package provides access to Ironclad to create, manage, and store contracts. Included with this package are:
- 25 Workflows
- 15 Power Users
- 135 Standard Users
- Premier Success Plan
Ironclad Clickwrap – Starter Package provides access to Ironclad Clickwrap. Included with this package are:
- 3 embedded contract locations
- 10,000 API calls/month
- APIs, JS Snippet, and SDKs
- Configurable clickwrap layout & style
- Manage online terms with Legal Centers
Ironclad Clickwrap – Growth Package provides access to Ironclad Clickwrap. Included with this package are:
- 10 embedded contract locations
- 100,000 API calls/month
- APIs, JS Snippet, and SDKs
- Configurable clickwrap layout & style
- Dynamic with support for multiple languages in clickwrap agreements
- Manage online terms with Legal Centers
- Custom branding, HTML, & CSS of Legal Centers
- Custom domain
Ironclad Clickwrap – Pro Package provides access to Ironclad Clickwrap. Included with this package are:
- 25 embedded contract locations
- 1,000,000 API calls/month
- APIs, JS Snippet, and SDKs
- Configurable clickwrap layout & style
- Dynamic and multi-language support in clickwrap agreements
- Manage online terms with Legal Centers
- Custom branding, HTML, & CSS of Legal Centers
- Custom domain
- Snapshots
Subscription Add-Ons
Workflows are processes configured in Workflow Designer to create, review, sign, and archive contracts. Workflows can accommodate multiple templates, depending on Customer’s business process and templates, but, as a best practice, Ironclad recommends limiting a single workflow to one contract type, with no more than three unique contract templates.
Standard Users have the ability to:
- View contracts in the Repository and Dashboard
- Create contract requests using workflow launch forms or via the Salesforce integration, if applicable.
- Manage and update contract versions using Ironclad Editor, Share Document, and document upload/download functionality.
- Collaborate and track workflow steps using Activity Feed, @mentions, and ad-hoc approvals.
A user account is associated with a single email address. Multiple individuals may not share the same user account unless those individuals also have their own independent accounts.
Power Users have the same permissions as Standard Users as well as the abilities to:
- Be designated as a workflow approver or signer.
- Create and maintain workflows in Workflow Designer.
- Manage Groups, API Access, User Management, and Integration settings.
Additional 1TB of Storage – Additional storage beyond the standard 1 TB amount.
API Access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is capped at 100 API calls per user per 24-hour period. API Access does not include access to Ironclad Clickwrap API endpoints for interacting with Ironclad's clickwrap transaction platform.
Salesforce Integration includes access to Ironclad’s Salesforce Managed Package through the Salesforce AppExchange and access to Ironclad-side configuration settings to configure the following functionality:
- Workflow Launch: Launch workflows from Salesforce using a custom button and map Salesforce fields to Ironclad workflow attributes.
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce.
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object.
Coupa Integration (Paid Open Beta) streamlines the contract process for procurement with the ability to:
- Launch an Ironclad Workflow from a requisition
- Automatically Approve in Ironclad based on Coupa approvals.
- Automatically hold PO generation until a contract is executed in Ironclad.
Customer acknowledges and agrees that Ironclad provides no warranty of any kind as to the beta version of the Coupa Integration or as to when a general release version of the Coupa Integration will be delivered.
Non-Production Separate Instance – Ironclad instance for non-production uses such as training and testing.
Production Separate Instance – Ironclad instance for production uses that would separate the included Ironclad accounts from Customer’s other Ironclad production instances.
Clickwrap for CLM enables:
- Click-to-Accept as a mode of acceptance within Workflow Designer
- A specified number of Click-to-Accept agreements (shown in the Order Form) per year across all workflows
- Public Workflows
Embedded Contract Locations allow users of Ironclad Clickwrap to choose online terms to be presented in a clickwrap agreement, clickwrap layout and style, and additional options for tracking acceptance of clickwrap agreements.
Additional Embedded Contract Locations provide additional configurations to track separate, distinct locations of clickwrap agreements such as clickwrap agreements for different brands, applications, websites, or mobile apps.
Snapshot Locations are defined as locations or URLs where Snapshots will be taken. Snapshot Locations can be set up with an Embedded Contract Location to capture metadata of a clickwrap agreement as well as visual evidence of what the clickwrap agreement looked like when it was presented to the counterparty. Snapshot Locations can be set up to automatically capture this visual evidence on a daily, weekly, or monthly cadence for web and mobile web URLs.
Success Plans
The Standard Success Plan helps you achieve your goals with self-guided resources and access to 8AM-8PM EST Technical Support.
- Community Success: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST. As set forth in the Enterprise Services Agreement at Exhibit A: Ironclad Service Level Agreement & Technical Support Schedule, which is incorporated by reference.
The Premier Success Plan provides you with access to success management assistance during business hours, including proactive health monitoring; adoption guidance and 24x7 technical support for mission critical incidents.
- Community Success:Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Digital Success Management: Access to on-demand success resources to assist with providing adoption; best practices and use-case optimization on the Ironclad platform.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents. As set forth in the Enterprise Services Agreement at Exhibit A: Ironclad Service Level Agreement & Technical Support Schedule, which is incorporated by reference.
The Enterprise Success Plan provides you with our highest level of access to success management assistance during business hours, including proactive health monitoring, adoption guidance and 24x7 technical support for mission critical incidents.
- Community Success: Unlimited access to live and self-paced training available on Ironclad Academy and Knowledge Base content in the Ironclad Help Center, and exclusive access to the Ironclad Community.
- Designated Success Manager: Direct access to a designated Customer Success Manager, responsible for leading business reviews with usage metric analysis
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents. As set forth in the Enterprise Services Agreement at Exhibit A: Ironclad Service Level Agreement & Technical Support Schedule, which is incorporated by reference.
Effective June 9th 2021 to October 11th 2021
DownloadTable of Contents
- Create contract requests using workflow launch forms or via the Salesforce integration, if applicable.
- Manage and update contract versions using Ironclad Editor, Share Document, and document upload/download functionality.
- Collaborate and track workflow steps using Activity Feed, @mentions, and ad-hoc approvals.
- Be designated as a workflow approver or signer.
- Create and maintain workflows in Workflow Designer.
- Manage Groups, API Access, User Management, and Integration settings.
- Workflow Launch: Launch workflows from Salesforce using a custom button and map Salesforce fields to Ironclad workflow attributes.
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce.
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object.
- Community Success Resources: Unlimited access to our Success Community with Ironclad training videos and prescriptive how-to guides to optimize your Ironclad platform. Access to attend live and pre-recorded webinars about best practices for leveraging your Ironclad platform.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST. As set forth in the Enterprise Services Agreement at Exhibit A: Ironclad Service Level Agreement & Technical Support Schedule, which is incorporated by reference.
- Community Success Resources: Unlimited access to our Success Community with Ironclad training videos and prescriptive how-to guides to optimize your Ironclad platform. Access to attend live and pre-recorded webinars about best practices for leveraging your Ironclad platform.
- Digital Success Management: Access to on-demand success resources to assist with providing adoption; best practices and use-case optimization on the Ironclad platform.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents. As set forth in the Enterprise Services Agreement at Exhibit A: Ironclad Service Level Agreement & Technical Support Schedule, which is incorporated by reference.
- Community Success Resources: Unlimited access to our Success Community with Ironclad training videos and prescriptive how-to guides to optimize your Ironclad platform. Access to attend live and pre-recorded webinars about best practices for leveraging your Ironclad platform.
- Designated Success Manager: Direct access to a designated Customer Success Manager, responsible for leading business reviews with usage metric analysis, and providing trainer assistance with Ironclad feature releases and industry trends.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents. As set forth in the Enterprise Services Agreement at Exhibit A: Ironclad Service Level Agreement & Technical Support Schedule, which is incorporated by reference.
Effective June 9th 2021 to June 9th 2021
DownloadTable of Contents
- Create contract requests using workflow launch forms or via the Salesforce integration, if applicable.
- Manage and update contract versions using Ironclad Editor, Share Document, and document upload/download functionality.
- Collaborate and track workflow steps using Activity Feed, @mentions, and ad-hoc approvals.
- Be designated as a workflow approver or signer
- Create and maintain workflows in Workflow Designer
- Manage Groups, API Access, User Management, and Integration settings.
- Workflow Launch: Launch workflows from Salesforce using a custom button and map Salesforce fields to Ironclad workflow attributes.
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce.
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object.
- Community Success Resources: Unlimited access to our Success Community with Ironclad training videos and prescriptive how-to guides to optimize your Ironclad platform. Access to attend live and pre-recorded webinars about best practices for leveraging your Ironclad platform.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST. As set forth in the Enterprise Services Agreement at Exhibit A: Ironclad Service Level Agreement & Technical Support Schedule, which is incorporated by reference.
- Community Success Resources: Unlimited access to our Success Community with Ironclad training videos and prescriptive how-to guides to optimize your Ironclad platform. Access to attend live and pre-recorded webinars about best practices for leveraging your Ironclad platform.
- Digital Success Management: Access to on-demand success resources to assist with providing adoption; best practices and use-case optimization on the Ironclad platform.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents. As set forth in the Enterprise Services Agreement at Exhibit A: Ironclad Service Level Agreement & Technical Support Schedule, which is incorporated by reference.
- Community Success Resources: Unlimited access to our Success Community with Ironclad training videos and prescriptive how-to guides to optimize your Ironclad platform. Access to attend live and pre-recorded webinars about best practices for leveraging your Ironclad platform.
- Designated Success Manager: Direct access to a designated Customer Success Manager, responsible for leading business reviews with usage metric analysis, and providing trainer assistance with Ironclad feature releases and industry trends.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents. As set forth in the Enterprise Services Agreement at Exhibit A: Ironclad Service Level Agreement & Technical Support Schedule, which is incorporated by reference.
Effective June 9th 2021 to June 9th 2021
DownloadTable of Contents
- Create contract requests using workflow launch forms or via the Salesforce integration, if applicable.
- Manage and update contract versions using Ironclad Editor, Share Docu, and document upload/download functionality.
- Collaborate and track workflow steps using Activity Feed, @mentions, and ad-hoc approvals.
- Be designated as a workflow approver or signer
- Create and maintain workflows in Workflow Designer
- Manage Groups, API Access, User Management, and Integration settings.
- Workflow Launch: Launch workflows from Salesforce using a custom button and map Salesforce fields to Ironclad workflow attributes.
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce.
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object.
- Community Success Resources: Unlimited access to our Success Community with Ironclad training videos and prescriptive how-to guides to optimize your Ironclad platform. Access to attend live and pre-recorded webinars about best practices for leveraging your Ironclad platform.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST. As set forth in the Enterprise Services Agreement at Exhibit A: Ironclad Service Level Agreement & Technical Support Schedule, which is incorporated by reference.
- Community Success Resources: Unlimited access to our Success Community with Ironclad training videos and prescriptive how-to guides to optimize your Ironclad platform. Access to attend live and pre-recorded webinars about best practices for leveraging your Ironclad platform.
- Digital Success Management: Access to on-demand success resources to assist with providing adoption; best practices and use-case optimization on the Ironclad platform.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents. As set forth in the Enterprise Services Agreement at Exhibit A: Ironclad Service Level Agreement & Technical Support Schedule, which is incorporated by reference.
- Community Success Resources: Unlimited access to our Success Community with Ironclad training videos and prescriptive how-to guides to optimize your Ironclad platform. Access to attend live and pre-recorded webinars about best practices for leveraging your Ironclad platform.
- Designated Success Manager: Direct access to a designated Customer Success Manager, responsible for leading business reviews with usage metric analysis, and providing trainer assistance with Ironclad feature releases and industry trends.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents. As set forth in the Enterprise Services Agreement at Exhibit A: Ironclad Service Level Agreement & Technical Support Schedule, which is incorporated by reference.
Effective June 9th 2021 to June 9th 2021
DownloadTable of Contents
- Create contract requests using workflow launch forms or via the Salesforce integration, if applicable.
- Manage and update contract versions using Ironclad Editor, Share Docu, and document upload/download functionality.
- Collaborate and track workflow steps using Activity Feed, @mentions, and ad-hoc approvals.
- Be designated as a workflow approver or signer
- Create and maintain workflows in Workflow Designer
- Manage Groups, API Access, User Management, and Integration settings.
- Workflow Launch: Launch workflows from Salesforce using a custom button and map Salesforce fields to Ironclad workflow attributes.
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce.
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object.
- Community Success Resources: Unlimited access to our Success Community with Ironclad training videos and prescriptive how-to guides to optimize your Ironclad platform. Access to attend live and pre-recorded webinars about best practices for leveraging your Ironclad platform.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST. As set forth in the Enterprise Services Agreement at Exhibit A: Ironclad Service Level Agreement & Technical Support Schedule, which is incorporated by reference.
- Community Success Resources: Unlimited access to our Success Community with Ironclad training videos and prescriptive how-to guides to optimize your Ironclad platform. Access to attend live and pre-recorded webinars about best practices for leveraging your Ironclad platform.
- Digital Success Management: Access to on-demand success resources to assist with providing adoption; best practices and use-case optimization on the Ironclad platform.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents. As set forth in the Enterprise Services Agreement at Exhibit A: Ironclad Service Level Agreement & Technical Support Schedule, which is incorporated by reference.
- Community Success Resources: Unlimited access to our Success Community with Ironclad training videos and prescriptive how-to guides to optimize your Ironclad platform. Access to attend live and pre-recorded webinars about best practices for leveraging your Ironclad platform.
- Designated Success Manager: Direct access to a designated Customer Success Manager, responsible for leading business reviews with usage metric analysis, and providing trainer assistance with Ironclad feature releases and industry trends.
- Technical Support: Access to Ironclad Technical Support Experts from 8AM-8PM EST including 24x7 access for mission critical incidents. As set forth in the Enterprise Services Agreement at Exhibit A: Ironclad Service Level Agreement & Technical Support Schedule, which is incorporated by reference.
Effective June 9th 2021 to June 9th 2021
DownloadTable of Contents
- Create contract requests using workflow launch forms or via the Salesforce integration, if applicable.
- Manage and update contract versions using Ironclad Editor, Share Docu, and document upload/download functionality.
- Collaborate and track workflow steps using Activity Feed, @mentions, and ad-hoc approvals.
- Be designated as a workflow approver or signer
- Create and maintain workflows in Workflow Designer
- Manage Groups, API Access, User Management, and Integration settings.
- Workflow Launch: Launch workflows from Salesforce using a custom button and map Salesforce fields to Ironclad workflow attributes.
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce.
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object.
API Access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is capped at 100 API calls per user per 24-hour period. API Access does not include access to Digital Acceptance API endpoints for interacting with Ironclad's clickwrap transaction platform.
Effective June 9th 2021 to June 9th 2021
DownloadTable of Contents
- Create contract requests using workflow launch forms or via the Salesforce integration, if applicable.
- Manage and update contract versions using Ironclad Editor, Share Docu, and document upload/download functionality.
- Collaborate and track workflow steps using Activity Feed, @mentions, and ad-hoc approvals.
- Be designated as a workflow approver or signer
- Create and maintain workflows in Workflow Designer
- Manage Groups, API Access, User Management, and Integration settings.
- Workflow Launch: Launch workflows from Salesforce using a custom button and map Salesforce fields to Ironclad workflow attributes.
- Workflow Sync: Sync Ironclad process data to Salesforce via a custom object and provide users with the ability to refresh Ironclad workflows with updated source data from Salesforce.
- Record Sync: Sync completed contracts and properties from Ironclad’s Repository to Salesforce’s standard Contract object or a custom object.
API Access includes access to REST endpoints, webhooks, authentication tokens, and Ironclad-side configuration settings for Ironclad Workflows and Repository. API Access is capped at 100 API calls per user per 24-hour period. API Access does not include access to Digital Acceptance API endpoints for interacting with Ironclad's clickwrap transaction platform.
Enterprise Services Agreement
Effective April 17th 2025
DownloadTable of Contents
This Enterprise Services Agreement is entered into by and between Ironclad, Inc. (“Ironclad”) and the organization agreeing to the terms of this Agreement (“Customer”). This Agreement shall be effective as of the “Effective Date” of the first Order Form, or similar form referencing or otherwise incorporating this Agreement, between Customer and Ironclad.
- DEFINITIONS
- “Affiliate” means a legal entity that controls, is controlled by, or is under common control with a party, where “control” is defined as owning more than 50% of the voting shares of such entity.
- “Agreement” means this Enterprise Services Agreement, any Exhibits, and each Order Form.
- “Authorized User” means an employee or contractor of Customer or its Affiliates that Customer has registered to access and use the Enterprise Services.
- “Confidential Information” means any business or technical information disclosed by one party to the other party, including Customer Data, provided that it is identified as confidential at the time of disclosure or that under the circumstances, a person exercising reasonable business judgment would understand it to be confidential or proprietary.
- “Customer Data” means the data and information input or uploaded into the Enterprise Services by Customer or Authorized Users. All Customer Data shall be treated as Confidential Information.
- “Enterprise Services” means the cloud-based web platform delivered and accessible through https://www.ironcladapp.com that provides contract management and workflow-related services (the “CLM Services”), and/or the cloud-based web platform delivered and accessible through Ironclad’s website located at: https://app.pactsafe.com that provides contract acceptance, clickwrap, and legal term-management-related services (the “Clickwrap Services”), and the services performed by Ironclad to configure and rollout the platform(s) to Customer and Authorized Users, as described in an applicable Order Form.
- “Intellectual Property Rights” means patent rights (including, without limitation, patent applications and disclosures), copyrights, trade secrets, moral rights, know-how, and any other intellectual property rights recognized in any country or jurisdiction.
- “Order Form” means the document that Customer uses to order the Enterprise Services that is signed by both Customer and Ironclad.
- “Usage Data” means anonymized and aggregated platform-level information or data, collected and owned by Ironclad, that (i) tracks Customer’s use of the Enterprise Services, (ii) tracks the performance of the Enterprise Services and (iii) enables the functionality of certain optional features within the Enterprise Services.
- ENTERPRISE SERVICES
- Enterprise Services. Customer and its Authorized Users may access and use the Enterprise Services solely for Customer’s own business purposes in accordance with the Agreement.
- Cooperation and Assistance. Customer will cooperate with Ironclad in good faith and provide to Ironclad the information and personnel that Ironclad reasonably requests and requires to provide the Enterprise Services. Customer, at its option, may utilize certain third-party software and services with the Enterprise Services and is responsible for acquiring and maintaining all such third-party software and services required to access, use, or integrate with the Enterprise Services, including all costs related to the foregoing.
- Authorized Users. Customer will keep its user IDs and passwords for the Enterprise Services confidential and will be responsible for all actions taken under an Authorized User’s account. Customer will comply with all applicable laws, rules and regulations in connection with its use of the Enterprise Services. Customer will promptly notify Ironclad of any suspected violation of this Agreement by an Authorized User and will cooperate with Ironclad to address the suspected violation. Ironclad may suspend an Authorized User’s access to the Enterprise Services upon notice to Customer in the event that Ironclad reasonably determines that such Authorized User violated this Agreement. Ironclad agrees to work, in good faith, with Customer to resolve any such issue and restore access as soon as possible.
- Restrictions. Customer will not allow anyone other than Authorized Users to access or use the Enterprise Services from Customer’s accounts. Customer will not and will ensure that its Authorized Users do not: (i) attempt to interfere with or disrupt the Enterprise Services (or any related systems or networks) or use the Enterprise Services other than directly for Customer’s benefit; (ii) copy, modify or distribute any portion of the Enterprise Services; (iii) rent, lease, or resell the Enterprise Services; (iv) transfer any of its rights hereunder; or (v) reverse-engineer or access the Enterprise Services in order to build a competitive product or service.
- Customer Data. Customer is responsible for obtaining any necessary right and licenses for use of the Customer Data by Customer and Ironclad as contemplated in this Agreement. Customer agrees that it has the legal right and authority to access, use and disclose to Ironclad any Customer Data. Customer authorizes Ironclad to access, process, and use the Customer Data as necessary to perform and fulfill its obligations hereunder. Ironclad will process and maintain Customer Data consistent with the Data Processing Addendum located at https://legal.ironcladapp.com/#dpa ("DPA") on the Effective Date and hereby incorporated by reference.
- Information Security. Ironclad will use commercially reasonable and industry standard technical and organizational measures designed to prevent unauthorized access, use, alteration or disclosure of the Enterprise Services or Customer Data.
- Usage Data. Ironclad may collect and analyze data and information relating to Customer’s use and the performance of the Enterprise Services and related systems and technologies therefrom to improve and enhance the Enterprise Services. Nothing in the Agreement will restrict Ironclad from collecting, using and/or analyzing Usage Data from Customer in an anonymized, aggregated manner for purposes of improving and enhancing the quality and nature of the Enterprise Services, or to market or publish general information and statistics, provided that Ironclad does not specifically identify Customer (or disclose data in a manner that Customer or Customer’s Authorized Users could subsequently be identified) or disclose any personally identifiable information or Confidential Information in the course of collecting, using, analyzing, marketing or publishing that data or information. Customer acknowledges that in order for Customer to utilize certain Ironclad AI product features available in the Enterprise Services, including but not limited to AI Playbooks and AI Assist, Ironclad shall utilize Usage Data to enable the functioning of these features.
- Electronic Signatures. Customer acknowledges and agrees that: (i) as between Ironclad and Customer, Customer has exclusive control and responsibility for the content, quality, and format of any documents used with the Enterprise Services; (ii) certain types of documents, agreements, or contracts may be excluded from general electronic signature laws (such as wills, trusts, court orders, or family law matters), or may have specific regulations that are applicable to them; and, (iii) Customer is solely responsible for ensuring that the documents, agreements or contracts it uses with the Enterprise Services are appropriate for electronic signatures, and Ironclad is not responsible or liable for any such determination or use; (iv) Consumer protection laws or regulations may impose specific requirements for electronic transactions involving consumers, Customer is solely responsible for ensuring it complies with all such laws/regulations, and Ironclad has no obligations to make such determination or assist with fulfilling any requirements therein; (v) Ironclad is not responsible for determining how long any contracts, documents, or other records are required to be retained or stored under any applicable laws; and (vi) Ironclad is not responsible for or liable to produce any of Customer’s contracts or other documents to any third parties. If Customer is using an API or other service that allows Customer to perform any end user/participant/signer authentication, then Customer is solely responsible and liable for such authentication.
- Third Party Software. The Enterprise Services may contain features designed to interoperate with a web-based or offline software application that is provided by Customer or a third party and interoperates with the Enterprise Services (collectively referred to herein as the “Third Party Software”). To use such features, Customer may be required to obtain access to Third Party Software from their providers, and may be required to grant Ironclad access to its account(s) on the Third Party Software. If Customer enables any Third Party Software for use with the Enterprise Services, Customer grants Ironclad permission to allow the provider of that Third Party Software to access Customer Data as required for the interoperation of that Third Party Software with the Enterprise Services. Any acquisition by Customer of such Third Party Software, and any exchange of data between Customer and any provider of the Third Party Software, is solely between Customer and the applicable Third Party Software provider. Ironclad does not warrant or support any Third Party Software. Ironclad is not responsible for the operation of any Third Party Software nor the availability or operation of the Enterprise Services to the extent such availability and/or operation is dependent upon Third Party Software.
- FEES; EXPENSES; TAXES
- Fees. Customer will pay to Ironclad the fees in accordance with the terms set forth in the applicable Order Form(s) and this Section 3.
- Invoices; Payment. Ironclad will invoice Customer annually in advance for the Enterprise Services and each invoice will be due and payable in accordance with the Order Form. All payment obligations are non-cancellable, and other than as provided in the Agreement, all amounts paid are non-refundable. If any undisputed amounts payable by Customer are still outstanding more than fifteen (15) days after Customer receives notice of non-payment, Ironclad will be entitled, in its sole discretion, to withhold performance and discontinue Customer’s access to the Enterprise Services until all undisputed amounts past due are paid in full.
- Purchase Orders. If Customer requires the use of a purchase order, Customer is responsible for providing the applicable purchase order at the time of purchase. The parties acknowledge and agree that any terms and conditions included in any purchase order, vendor portal or any similar Customer specific invoicing process are void and will not apply between the parties or to Customer’s purchase of the Enterprise Services.
- Taxes. All Fees and other amounts stated or referred to in this Agreement are exclusive of all taxes, duties, levies, tariffs, and other governmental charges (collectively, “Taxes”). Customer will be responsible for payment of all Taxes and any related interest and/or penalties resulting from any payments made hereunder, other than any taxes based on Ironclad’s net income. If Ironclad has the legal obligation to pay or collect Taxes for which Customer is responsible, the appropriate amount shall be invoiced to and paid by Customer unless Customer provides Ironclad with a valid tax exemption certificate authorized by the appropriate taxing authority.
- PROPRIETARY RIGHTS.
- Customer owns and retains: (i) the Customer Data; (ii) Customer’s name, logo and other trademarks; and (iii) all Intellectual Property Rights in and to any of the foregoing.
- Ironclad owns and retains: (i) the Enterprise Services, and all improvements, enhancements or modifications made by any party; (ii) the Usage Data; (iii) any software, applications, inventions or other technology developed by Ironclad in connection with providing the Enterprise Services; (iv) Ironclad’s name, logo, and other trademarks; and (v) all Intellectual Property Rights in and to any of the foregoing.
- Neither party shall have the right to use the name, trademarks, logos, or any other proprietary identifiers of the other party in any advertising or promotional materials, whether printed, electronic, or otherwise, without the prior written consent of the other party.
- CONFIDENTIALITY
- Use and Nondisclosure. A receiving party will not use the disclosing party’s Confidential Information except as necessary under this Agreement and will not disclose Confidential Information to any third party except: (i) to those of its employees and contractors who have a business need to know such Confidential Information; provided that each such employee and contractor is bound to confidentiality restrictions at least as restrictive as the terms set forth in this Agreement or (ii) as further described in the Data Processing Addendum. Each receiving party will protect the disclosing party’s Confidential Information from unauthorized use and disclosure using efforts equivalent to the efforts that the receiving party uses with respect to its own confidential information and in no event less than a reasonable standard of care. The provisions of this Section 5(a) will remain in effect during the Term and for a period of five (5) years after the expiration or termination thereof, except with regard to trade secrets of the disclosing party, which will be held in confidence for as long as such information remains a trade secret.
- Exclusions. The obligations and restrictions set forth in Section 5(a) will not apply to any information that: (i) is or becomes generally known to the public through no fault of or breach of this Agreement by the receiving party; (ii) is rightfully known by the receiving party at the time of disclosure; (iii) is independently developed by the receiving party without access to the disclosing party’s Confidential Information; or (iv) the receiving party rightfully obtains from a third party who has the right to disclose such information without breach of any confidentiality obligation to the disclosing party.
- Permitted Disclosures. The provisions of this Section 5 will not restrict either party from disclosing the other party’s Confidential Information: (i) pursuant to the order or requirement of a court, administrative agency, or other governmental body; provided that to the extent legally permitted, the party required to make such a disclosure gives reasonable notice to the other party to enable it to contest such order or requirement or limit the scope of such request; (ii) on a confidential basis to its legal or professional financial advisors; (iii) as required under applicable securities regulations.
- Injunctive Relief. The receiving party acknowledges that disclosure of Confidential Information could cause substantial harm for which damages alone may not be a sufficient remedy, and therefore that upon any such disclosure by the receiving party, the disclosing party will be entitled to seek appropriate equitable relief in addition to whatever other remedies it might have at law.
- WARRANTY
- Warranty for Enterprise Services. Ironclad warrants solely to Customer that (i) the Enterprise Services will materially conform to the description set forth in this Agreement and the applicable Order Form; and (ii) the Enterprise Services will materially comply with all applicable laws, including federal, state, and local; in each case under normal use and circumstances when used consistently with the terms of this Agreement. As Ironclad’s sole and exclusive liability and Customer’s sole and exclusive remedy for any breach of the warranty set forth in this Section 6(a) Ironclad will (x) use commercially reasonable efforts to modify the Enterprise Services to correct the non-conformity, and (y) if such non-conformity is not corrected within thirty (30) days, Customer may terminate this Agreement and receive a pro rata refund of prepaid fees for the remaining portion of the Term after the termination date.
- Disclaimer. EXCEPT AS EXPRESSLY PROVIDED IN SECTION 6(a), IRONCLAD MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND WHATSOEVER, EXPRESS OR IMPLIED, IN CONNECTION WITH THIS AGREEMENT OR THE ENTERPRISE SERVICES AND IRONCLAD HEREBY DISCLAIMS ANY IMPLIED WARRANTIES OF MERCHANTABILITY, ACCURACY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT, AND ANY WARRANTIES ARISING FROM COURSE OF DEALING OR USAGE OF TRADE. IRONCLAD DISCLAIMS ANY WARRANTY THAT THE ENTERPRISE SERVICES WILL BE ERROR FREE OR UNINTERRUPTED OR THAT ALL ERRORS WILL BE CORRECTED. NO ADVICE OR INFORMATION, WHETHER ORAL OR WRITTEN, OBTAINED FROM IRONCLAD OR ELSEWHERE SHALL CREATE ANY WARRANTY NOT EXPRESSLY STATED IN THIS AGREEMENT. Customer assumes sole responsibility and liability for results obtained from the use of the Enterprise Services, including all content or output generated by Ironclad's AI products and/or features, and for conclusions drawn from such use. Ironclad will have no liability for any claims, losses, or damages caused by errors or omissions in any Customer Data or other information provided to Ironclad by Customer in connection with the Enterprise Services or any actions taken by Ironclad at Customer’s direction. Ironclad will have no liability for any claims, losses or damages arising out of or in connection with Customer’s or any Authorized User’s use of any third-party products, services, software or web sites that Customer may choose to integrate or use with the Enterprise Services.
- TERM AND TERMINATION
- Term. This Agreement will commence on the Effective Date and continue for the period specified in the Order Form (the “Term”), unless terminated earlier as provided in this Agreement.
- Termination for Cause. Either party may terminate this Agreement upon written notice if the other party breaches any material terms of this Agreement and fails to correct the breach within thirty (30) days following written notice from the non-breaching party specifying the breach.
- Rights and Obligations Upon Expiration or Termination. Upon expiration or termination of this Agreement, Customer’s and Authorized Users’ right to access and use the Enterprise Services will immediately terminate and each will immediately cease all use of the Enterprise Services.Customer and its Authorized Users have the right to export all Customer Data, at any time, prior to the effective date of expiration or termination of this Agreement. Upon expiration or termination of this Agreement, Ironclad will delete all Customer Data in accordance with the Section 8(b) of the DPA.
- Survival. The rights and obligations of Ironclad and Customer contained in Sections 2(g) (Usage Data), 3 (Fees; Expenses; Taxes), 4 (Proprietary Rights), 5 (Confidentiality), 7(c) (Rights and Obligations Upon Expiration or Termination), 7(d) (Survival), 8 (Indemnification), 9 (Limitation of Liability), and 10 (General) will survive any expiration or termination of this Agreement.
- INDEMNIFICATION
- Indemnification by Ironclad. Ironclad will defend Customer, its officers, directors and employees, from and against any suit or action brought by a third-party against Customer: (i) alleging that the Enterprise Services, as provided by Ironclad and when used by Customer pursuant to this Agreement, infringes any Intellectual Property Right of a third party (the “IP Indemnity”); or (ii) resulting from unauthorized disclosure and misuse of Customer Data directly resulting from Ironclad’s breach of its obligations under Section 2(e) (Customer Data) or Section 2(f) (Information Security) (the “Data Indemnity”). Ironclad shall indemnify and hold harmless Customer from and against any damages and costs awarded against Customer or agreed in settlement by Ironclad (including reasonable attorneys’ fees) resulting from such claim, provided that: (x) Customer provides Ironclad with prompt written notice of such claim; (y) Customer provides reasonable cooperation to Ironclad, at Ironclad’s expense, in the defense and settlement of such claim; and (z) Ironclad has sole authority to defend or settle such claim, provided that it may not settle any claim in a manner that imposes any material liability upon Customer or requires Customer to admit wrongdoing.
- Injunctions. If Customer’s use of the Enterprise Services is, or in Ironclad’s opinion is likely to be, enjoined due to the type of claim specified in Section 8(a)(i), then Ironclad may at its sole option and expense: (i) replace or modify the Enterprise Services to make them non-infringing and of equivalent functionality; (ii) procure for Customer the right to continue using the Enterprise Services under the terms of this Agreement; or (iii) if Ironclad is unable to accomplish either (i) or (ii) despite using its commercially reasonable efforts, terminate Customer’s rights and Ironclad’s obligation under this Agreement with respect to such Enterprise Services and refund to Customer a pro-rata portion of the Fees paid for the remaining portion of the Term during which Customer would have had access to the Enterprise Services.
- Exclusions. Notwithstanding the terms of Section 8(a), Ironclad will have no liability for any claim of any kind to the extent that it arises from: (i) Customer Data (as provided to Ironclad), Third-Party Products, or any other portions or components integrated with the Enterprise Services by Customer and not supplied by Ironclad; (ii) any modification, combination, or development of the Enterprise Services or portions or components thereof that is not performed by Ironclad; (iii) the combination, operation or use of the Enterprise Services with equipment, devices, or software not supplied by Ironclad, if a claim would not have occurred but for such combination, operation or use; or (iv) Customer’s or an Authorized User’s use of the Enterprise Services other than in accordance with this Agreement.
- Sole Remedy. THE FOREGOING STATES IRONCLAD’S AND ITS LICENSORS’ SOLE LIABILITY AND CUSTOMER’S SOLE AND EXCLUSIVE REMEDY WITH RESPECT TO ANY ALLEGED OR ACTUAL INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY RIGHTS BY THE ENTERPRISE SERVICES.
- Indemnification by Customer. Customer will defend Ironclad, its officers, directors and employees, from and against any action or suit brought against Ironclad by a third party or an Authorized User (i) alleging the Customer Data infringes or misappropriates any Intellectual Property Rights; (ii) related to ownership or use of Customer Data (as provided to Ironclad); or (iii) related to Customer administrator’s actions with respect to the Customer’s account. Customer will indemnify and hold harmless Ironclad from and against any damages and costs awarded against Ironclad or agreed in settlement by Customer (including reasonable attorneys’ fees) resulting from such claim, provided that (x) Ironclad provides Customer with prompt written notice of such claim; (y) Ironclad provides reasonable cooperation to Customer, at Customer’s expense, in the defense and settlement of such claim; and (z) Customer has sole authority to defend or settle such claim, provided that it may not settle any claim in a manner that imposes any material liability upon Ironclad or requires Ironclad to admit wrongdoing.
- LIMITATION OF LIABILITY.
- Exclusion of Damages. To the fullest extent permitted by law, except for Excluded Claims (as defined below in Section 9(c) and for which there will be no cap on liability), neither Customer nor Ironclad, and its Affiliates and suppliers, will be liable under this Agreement for (i) indirect, special, incidental, consequential, exemplary, or punitive damages; or (ii) loss of use, data, business, revenues, or profits (in each case whether direct or indirect), even if the party knew or should have known that such damages were possible, even if a remedy fails of its essential purpose, and regardless of the type of action or theory of liability.
- Total Liability. To the fullest extent permitted by law, except for Excluded Claims (for which there shall be no cap on liability) or Special Claims (which are subject to the Enhanced Liability Cap set forth in Section 9(d)), neither party’s aggregate liability under this Agreement will exceed the amount paid by Customer to Ironclad during the twelve months prior to the event giving rise to liability.
- Excluded Claims. “Excluded Claims” means: (i) any intentional misconduct or gross negligence by either party; (ii) any amounts payable to third parties pursuant to Ironclad’s IP Indemnity obligations under Section 8(a)(i); or (iii) any amounts payable to third parties pursuant to Customer’s indemnification obligations under Section 8(e) (Indemnification by Customer).
- Special Claims. “Special Claims” means (i) any breach by Ironclad of Section 2(e) (Customer Data), Section 2(f) (Information Security), or Section 5 (Confidentiality) resulting in unauthorized disclosure and misuse of Customer Data; or (ii) any amounts payable to third parties pursuant to Ironclad’s Data Indemnity obligations under Section 8(a)(ii). For any and all Special Claims, Ironclad’s aggregate liability shall be subject to an enhanced liability cap not to exceed three times (3x) the amount paid by Customer to Ironclad during the twelve months prior to the event giving rise to liability (the “Enhanced Liability Cap”).
- GENERAL
- Governing Law. This Agreement will be governed by the laws of the State of California, without regard to its conflict of law provisions. Any legal action or proceeding relating to this Agreement will be brought exclusively in the state or federal courts located in San Francisco, CA. Ironclad and Customer hereby agree to submit to the jurisdiction of, and agree that venue is proper in those courts in any such legal action or proceeding.
- Order of Preference. In the event of a conflict between the Enterprise Services Agreement and Order Form, the order of preference will be the Enterprise Services Agreement, then the Order Form, unless the Order Form contains a Special Terms section, which is intended to modify the standard terms of this Enterprise Services Agreement.
- Waiver. The waiver by either party of any default or breach of this Agreement will not constitute a waiver of any other or subsequent default or breach. No waiver of any provision of this Agreement will be effective unless it is in writing and signed by the party granting the waiver.
- Notices. Notices will be sent to the addresses set forth in the Order Form.The notices will be deemed to have been given upon: (i) the date actually delivered in person; (ii) the day after the date sent by overnight courier; (iii) three (3) days following the date such notice was mailed by first class mail; or (iv) the date sent by email to Ironclad at legal@ironcladhq.com or Customer at the Customer’s notice email address specified in the Order Form.
- Severability. In the event any provision of this Agreement is held to be invalid or unenforceable, the remaining provisions of this Agreement will remain in full force and effect.
- Force Majeure. Neither party will be liable hereunder by reason of any failure or delay in the performance of its obligations hereunder (except for the payment of money owed) on account of events beyond the reasonable control of such party, which may include without limitation denial-of-service attacks, strikes, shortages, riots, insurrection, fires, flood, storm, explosions, pandemics, acts of God, war, terrorism, governmental action, labor conditions, earthquakes, rolling blackouts, and internet connectivity disruptions.
- Relationship Between the Parties. Nothing in this Agreement will be construed to create a partnership, joint venture or agency relationship between the parties.
- Assignment. Neither party may assign its rights or obligations under this Agreement without the other party’s prior written consent. Notwithstanding the foregoing, either party may assign its rights and obligations under this Agreement to an Affiliate as part of a reorganization, or to a purchaser of its business entity or substantially all of its assets or business to which rights and obligations pertain without the other party’s consent, provided that: (a) the purchaser is not insolvent or otherwise unable to pay its debts as they become due; (b) the purchaser is not a competitor of the other party; and (c) any assignee is bound hereby. Other than the foregoing, any attempt by either party to transfer its rights or obligations under this Agreement will be void.
- Entire Agreement. This Agreement (including any Exhibits hereto) constitutes the complete and exclusive agreement between the parties concerning its subject matter and supersedes all prior or contemporaneous agreements or understandings, written or oral, concerning the subject matter of this Agreement.
- Amendment. This Agreement may not be modified or amended except in a writing signed by a duly authorized representative of each party.
- No Third-Party Beneficiaries. This Agreement is intended for the sole and exclusive benefit of the signatories and is not intended to benefit any third party. Only the parties to this Agreement may enforce it.
Exhibit A
IRONCLAD SERVICE LEVEL AGREEMENT & TECHNICAL SUPPORT SCHEDULE
This Ironclad Service Level Agreement (“SLA”) & Technical Support Schedule (“TSS”) shall be governed by and incorporated by reference into the Enterprise Services Agreement and the applicable Order Form entered into between the parties. All capitalized terms contained but not defined herein shall have the meaning ascribed to them in the Agreement.
A. Service Level Agreement. The SLA shall apply solely to Customer’s use of the CLM Services and Clickwrap Services.
- Defined Terms.
- “Activity API” means the portions of the Clickwrap Services that programmatically display contracts inside of a web page or mobile app, retrieve acceptance data for individual users, and send acceptance of contracts.
- “Application User Interface” means the dashboard portion of the Clickwrap Services accessed via the Internet through a web browser to create and publish contracts, download electronic records of acceptance, and send contracts.
- “Emergency Maintenance” means maintenance performed to fix critical functionality, vulnerabilities, or material defects that may substantially impair the usability or performance of the CLM Services or Clickwrap Services.
- “Excused Maintenance” means Emergency Maintenance and Scheduled Maintenance.
- “Downtime” means at least one of the following: a) the inability to log in to our web applications or APIs or b) the major degradation of a functional feature.
- "REST API” means the portions of the Clickwrap Services that are accessed programmatically for integrations into third party applications.
- “Scheduled Availability Time” means twenty-four (24) hours a day, seven (7) days a week, excluding: (i) Excused Maintenance, (ii) any Downtime due to defects caused by Customer, one of its vendors, third party connections, utilities, or equipment, or caused by other forces beyond the reasonable control of Ironclad (such as denial of service attacks, internet or third-party service outages or outages with respect to Customer’s network or internet access).
- “Scheduled Maintenance” is any system maintenance performed during a maintenance window. The maintenance window, if one is scheduled, will be available at least two weeks prior to the maintenance window at either: a) https://status.ironcladapp.com/ for CLM Services or b) https://status.pactsafe.com/ for Clickwrap Services.
- “Service Credits” are credits for which Customer may be eligible if Ironclad fails to meet the Target Uptime. The availability of Customer’s instance per calendar month and corresponding Service Credits are set forth in the table below.Availability Per Calendar MonthService Credit
<99.7% ->= 99.0% 1% of the Annual Subscription Fee<99.0% ->= 95.0% 2% of the Annual Subscription FeeBelow 95% 3% of the Annual Subscription Fee - “Service Credit Request” means a request to Ironclad at support@ironcladhq.com stating that Customer believes that Ironclad has failed to meet the Target Uptime.
- “Target Uptime” means CLM Target Uptime and Clickwrap Target Uptime.
2. CLM Target Uptime. During the Term of the Agreement, Ironclad will use all commercially reasonable efforts to make the CLM Services available and operational to Customer for 99.7% of the Scheduled Availability Time (the “CLM Target Uptime”) as shown on https://status.ironcladapp.com/. If Ironclad does not meet the CLM Target Uptime and Customer is affected by Downtime, Customer will be eligible to receive the applicable Service Credits.
3. CW Target Uptime. During the Term of the Agreement, Ironclad will use all commercially reasonable efforts to make the Application User Interface, REST API, and Activity API available and operational to the Customer for 99.7% of the Scheduled Availability Time (the “CW Target Uptime”), as tracked by each such measure on https://status.pactsafe.com/. If Ironclad does not meet the CW Target Uptime as to any of the three measures and Customer is affected by Downtime, Customer will be eligible to receive the applicable Service Credits.
4. Service Credits. To receive a Service Credit, Customer must issue a Service Credit Request within 7 days of the last day of the month in which Customer believes Ironclad’s failure to meet the Target Uptime occurred. Promptly after receipt of a Service Credit Request, Ironclad will investigate the request and notify Customer that either: (i) a Service Credit is due; or (ii) no Service Credit is due and state the basis of this determination. If Ironclad determines a Service Credit is due, then Ironclad will apply the applicable Service Credits to Customer’s account for future fees due. Service Credits have no cash value and are Customer's sole and exclusive remedy for any failure by Ironclad to meet the Target Uptime.
B. Ironclad Technical Support Schedule.
1. Maintenance. Ironclad will make available to Customer all generally available updates and bug fixes to the Enterprise Services. Ironclad will take commercially reasonable efforts to perform Scheduled Maintenance during off-peak hours.
2. Support. Ironclad is available to receive Enterprise Services support inquiries via email (support@ironcladhq.com). Ironclad’s support hours are determined by your Success Plan as described in an applicable Order Form, and can provide technical information, technical advice, or technical consultation regarding Customer’s use of the Enterprise Services.
3. Help Center Access. Customer shall have 24x7 access to our online Help Center (https://support.ironcladapp.com) for any best practices, integration instructions, or product questions.
4. Email & Web Form Cases. Customer shall have the ability to submit support requests 24x7 through email (support@ironcladhq.com) or the web form accessible via the Ironclad website or Help Center (https://support.ironcladapp.com).
Effective September 19th 2024 to April 17th 2025
DownloadTable of Contents
This Enterprise Services Agreement is entered into by and between Ironclad, Inc. (“Ironclad”) and the organization agreeing to the terms of this Agreement (“Customer”). This Agreement shall be effective as of the “Effective Date” of the first Order Form, or similar form referencing or otherwise incorporating this Agreement, between Customer and Ironclad.
- DEFINITIONS
- “Affiliate” means a legal entity that controls, is controlled by, or is under common control with a party, where “control” is defined as owning more than 50% of the voting shares of such entity.
- “Agreement” means this Enterprise Services Agreement, any Exhibits, and each Order Form.
- “Authorized User” means an employee or contractor of Customer or its Affiliates that Customer has registered to access and use the Enterprise Services.
- “Confidential Information” means any business or technical information disclosed by one party to the other party, including Customer Data, provided that it is identified as confidential at the time of disclosure or that under the circumstances, a person exercising reasonable business judgment would understand it to be confidential or proprietary.
- “Customer Data” means the data and information input or uploaded into the Enterprise Services by Customer or Authorized Users. All Customer Data shall be treated as Confidential Information.
- “Enterprise Services” means the cloud-based web platform delivered and accessible through https://www.ironcladapp.com that provides contract management and workflow-related services (the “CLM Services”), and/or the cloud-based web platform delivered and accessible through Ironclad’s website located at: https://app.pactsafe.com that provides contract acceptance, clickwrap, and legal term-management-related services (the “Clickwrap Services”), and the services performed by Ironclad to configure and rollout the platform(s) to Customer and Authorized Users, as described in an applicable Order Form.
- “Intellectual Property Rights” means patent rights (including, without limitation, patent applications and disclosures), copyrights, trade secrets, moral rights, know-how, and any other intellectual property rights recognized in any country or jurisdiction.
- “Order Form” means the document that Customer uses to order the Enterprise Services that is signed by both Customer and Ironclad.
- “Usage Data” means anonymized and aggregated platform-level information or data, collected and owned by Ironclad, that (i) tracks Customer’s use of the Enterprise Services, (ii) tracks the performance of the Enterprise Services and (iii) enables the functionality of certain optional features within the Enterprise Services.
- ENTERPRISE SERVICES
- Enterprise Services. Customer and its Authorized Users may access and use the Enterprise Services solely for Customer’s own business purposes in accordance with the Agreement.
- Cooperation and Assistance. Customer will cooperate with Ironclad in good faith and provide to Ironclad the information and personnel that Ironclad reasonably requests and requires to provide the Enterprise Services. Customer, at its option, may utilize certain third-party software and services with the Enterprise Services and is responsible for acquiring and maintaining all such third-party software and services required to access, use, or integrate with the Enterprise Services, including all costs related to the foregoing.
- Authorized Users. Customer will keep its user IDs and passwords for the Enterprise Services confidential and will be responsible for all actions taken under an Authorized User’s account. Customer will comply with all applicable laws, rules and regulations in connection with its use of the Enterprise Services. Customer will promptly notify Ironclad of any suspected violation of this Agreement by an Authorized User and will cooperate with Ironclad to address the suspected violation. Ironclad may suspend an Authorized User’s access to the Enterprise Services upon notice to Customer in the event that Ironclad reasonably determines that such Authorized User violated this Agreement. Ironclad agrees to work, in good faith, with Customer to resolve any such issue and restore access as soon as possible.
- Restrictions. Customer will not allow anyone other than Authorized Users to access or use the Enterprise Services from Customer’s accounts. Customer will not and will ensure that its Authorized Users do not: (i) attempt to interfere with or disrupt the Enterprise Services (or any related systems or networks) or use the Enterprise Services other than directly for Customer’s benefit; (ii) copy, modify or distribute any portion of the Enterprise Services; (iii) rent, lease, or resell the Enterprise Services; (iv) transfer any of its rights hereunder; or (v) reverse-engineer or access the Enterprise Services in order to build a competitive product or service.
- Customer Data. Customer is responsible for obtaining any necessary right and licenses for use of the Customer Data by Customer and Ironclad as contemplated in this Agreement. Customer agrees that it has the legal right and authority to access, use and disclose to Ironclad any Customer Data. Customer authorizes Ironclad to access, process, and use the Customer Data as necessary to perform and fulfill its obligations hereunder. Ironclad will process and maintain Customer Data consistent with the Data Processing Addendum located at https://legal.ironcladapp.com/#dpa ("DPA") on the Effective Date and hereby incorporated by reference.
- Information Security. Ironclad will use commercially reasonable and industry standard technical and organizational measures designed to prevent unauthorized access, use, alteration or disclosure of the Enterprise Services or Customer Data.
- Usage Data. Ironclad may collect and analyze data and information relating to Customer’s use and the performance of the Enterprise Services and related systems and technologies therefrom to improve and enhance the Enterprise Services. Nothing in the Agreement will restrict Ironclad from collecting, using and/or analyzing Usage Data from Customer in an anonymized, aggregated manner for purposes of improving and enhancing the quality and nature of the Enterprise Services, or to market or publish general information and statistics, provided that Ironclad does not specifically identify Customer (or disclose data in a manner that Customer or Customer’s Authorized Users could subsequently be identified) or disclose any personally identifiable information or Confidential Information in the course of collecting, using, analyzing, marketing or publishing that data or information. Customer acknowledges that in order for Customer to utilize certain Ironclad AI product features available in the Enterprise Services, including but not limited to AI Playbooks and AI Assist, Ironclad shall utilize Usage Data to enable the functioning of these features.
- Electronic Signatures. Customer acknowledges and agrees that: (i) as between Ironclad and Customer, Customer has exclusive control and responsibility for the content, quality, and format of any documents used with the Enterprise Services; (ii) certain types of documents, agreements, or contracts may be excluded from general electronic signature laws (such as wills, trusts, court orders, or family law matters), or may have specific regulations that are applicable to them; and, (iii) Customer is solely responsible for ensuring that the documents, agreements or contracts it uses with the Enterprise Services are appropriate for electronic signatures, and Ironclad is not responsible or liable for any such determination or use; (iv) Consumer protection laws or regulations may impose specific requirements for electronic transactions involving consumers, Customer is solely responsible for ensuring it complies with all such laws/regulations, and Ironclad has no obligations to make such determination or assist with fulfilling any requirements therein; (v) Ironclad is not responsible for determining how long any contracts, documents, or other records are required to be retained or stored under any applicable laws; and (vi) Ironclad is not responsible for or liable to produce any of Customer’s contracts or other documents to any third parties. If Customer is using an API or other service that allows Customer to perform any end user/participant/signer authentication, then Customer is solely responsible and liable for such authentication.
- Third Party Software. The Enterprise Services may contain features designed to interoperate with a web-based or offline software application that is provided by Customer or a third party and interoperates with the Enterprise Services (collectively referred to herein as the “Third Party Software”). To use such features, Customer may be required to obtain access to Third Party Software from their providers, and may be required to grant Ironclad access to its account(s) on the Third Party Software. If Customer enables any Third Party Software for use with the Enterprise Services, Customer grants Ironclad permission to allow the provider of that Third Party Software to access Customer Data as required for the interoperation of that Third Party Software with the Enterprise Services. Any acquisition by Customer of such Third Party Software, and any exchange of data between Customer and any provider of the Third Party Software, is solely between Customer and the applicable Third Party Software provider. Ironclad does not warrant or support any Third Party Software. Ironclad is not responsible for the operation of any Third Party Software nor the availability or operation of the Enterprise Services to the extent such availability and/or operation is dependent upon Third Party Software.
- FEES; EXPENSES; TAXES
- Fees. Customer will pay to Ironclad the fees in accordance with the terms set forth in the applicable Order Form(s) and this Section 3.
- Invoices; Payment. Ironclad will invoice Customer annually in advance for the Enterprise Services and each invoice will be due and payable in accordance with the Order Form. All payment obligations are non-cancellable, and other than as provided in the Agreement, all amounts paid are non-refundable. If any undisputed amounts payable by Customer are still outstanding more than fifteen (15) days after Customer receives notice of non-payment, Ironclad will be entitled, in its sole discretion, to withhold performance and discontinue Customer’s access to the Enterprise Services until all undisputed amounts past due are paid in full.
- Purchase Orders. If Customer requires the use of a purchase order, Customer is responsible for providing the applicable purchase order at the time of purchase. The parties acknowledge and agree that any terms and conditions included in any purchase order, vendor portal or any similar Customer specific invoicing process are void and will not apply between the parties or to Customer’s purchase of the Enterprise Services.
- Taxes. All Fees and other amounts stated or referred to in this Agreement are exclusive of all taxes, duties, levies, tariffs, and other governmental charges (collectively, “Taxes”). Customer will be responsible for payment of all Taxes and any related interest and/or penalties resulting from any payments made hereunder, other than any taxes based on Ironclad’s net income. If Ironclad has the legal obligation to pay or collect Taxes for which Customer is responsible, the appropriate amount shall be invoiced to and paid by Customer unless Customer provides Ironclad with a valid tax exemption certificate authorized by the appropriate taxing authority.
- PROPRIETARY RIGHTS.
- Customer owns and retains: (i) the Customer Data; (ii) Customer’s name, logo and other trademarks; and (iii) all Intellectual Property Rights in and to any of the foregoing.
- Ironclad owns and retains: (i) the Enterprise Services, and all improvements, enhancements or modifications made by any party; (ii) the Usage Data; (iii) any software, applications, inventions or other technology developed by Ironclad in connection with providing the Enterprise Services; (iv) Ironclad’s name, logo, and other trademarks; and (v) all Intellectual Property Rights in and to any of the foregoing.
- Neither party shall have the right to use the name, trademarks, logos, or any other proprietary identifiers of the other party in any advertising or promotional materials, whether printed, electronic, or otherwise, without the prior written consent of the other party.
- CONFIDENTIALITY
- Use and Nondisclosure. A receiving party will not use the disclosing party’s Confidential Information except as necessary under this Agreement and will not disclose Confidential Information to any third party except: (i) to those of its employees and contractors who have a business need to know such Confidential Information; provided that each such employee and contractor is bound to confidentiality restrictions at least as restrictive as the terms set forth in this Agreement or (ii) as further described in the Data Processing Addendum. Each receiving party will protect the disclosing party’s Confidential Information from unauthorized use and disclosure using efforts equivalent to the efforts that the receiving party uses with respect to its own confidential information and in no event less than a reasonable standard of care. The provisions of this Section 5(a) will remain in effect during the Term and for a period of five (5) years after the expiration or termination thereof, except with regard to trade secrets of the disclosing party, which will be held in confidence for as long as such information remains a trade secret.
- Exclusions. The obligations and restrictions set forth in Section 5(a) will not apply to any information that: (i) is or becomes generally known to the public through no fault of or breach of this Agreement by the receiving party; (ii) is rightfully known by the receiving party at the time of disclosure; (iii) is independently developed by the receiving party without access to the disclosing party’s Confidential Information; or (iv) the receiving party rightfully obtains from a third party who has the right to disclose such information without breach of any confidentiality obligation to the disclosing party.
- Permitted Disclosures. The provisions of this Section 5 will not restrict either party from disclosing the other party’s Confidential Information: (i) pursuant to the order or requirement of a court, administrative agency, or other governmental body; provided that to the extent legally permitted, the party required to make such a disclosure gives reasonable notice to the other party to enable it to contest such order or requirement or limit the scope of such request; (ii) on a confidential basis to its legal or professional financial advisors; (iii) as required under applicable securities regulations.
- Injunctive Relief. The receiving party acknowledges that disclosure of Confidential Information could cause substantial harm for which damages alone may not be a sufficient remedy, and therefore that upon any such disclosure by the receiving party, the disclosing party will be entitled to seek appropriate equitable relief in addition to whatever other remedies it might have at law.
- WARRANTY
- Warranty for Enterprise Services. Ironclad warrants solely to Customer that (i) the Enterprise Services will materially conform to the description set forth in this Agreement and the applicable Order Form; and (ii) the Enterprise Services will materially comply with all applicable laws, including federal, state, and local; in each case under normal use and circumstances when used consistently with the terms of this Agreement. As Ironclad’s sole and exclusive liability and Customer’s sole and exclusive remedy for any breach of the warranty set forth in this Section 6(a) Ironclad will (x) use commercially reasonable efforts to modify the Enterprise Services to correct the non-conformity, and (y) if such non-conformity is not corrected within thirty (30) days, Customer may terminate this Agreement and receive a pro rata refund of prepaid fees for the remaining portion of the Term after the termination date.
- Disclaimer. EXCEPT AS EXPRESSLY PROVIDED IN SECTION 6(a), IRONCLAD MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND WHATSOEVER, EXPRESS OR IMPLIED, IN CONNECTION WITH THIS AGREEMENT OR THE ENTERPRISE SERVICES AND IRONCLAD HEREBY DISCLAIMS ANY IMPLIED WARRANTIES OF MERCHANTABILITY, ACCURACY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT, AND ANY WARRANTIES ARISING FROM COURSE OF DEALING OR USAGE OF TRADE. IRONCLAD DISCLAIMS ANY WARRANTY THAT THE ENTERPRISE SERVICES WILL BE ERROR FREE OR UNINTERRUPTED OR THAT ALL ERRORS WILL BE CORRECTED. NO ADVICE OR INFORMATION, WHETHER ORAL OR WRITTEN, OBTAINED FROM IRONCLAD OR ELSEWHERE SHALL CREATE ANY WARRANTY NOT EXPRESSLY STATED IN THIS AGREEMENT. Customer assumes sole responsibility and liability for results obtained from the use of the Enterprise Services, including all content or output generated by Ironclad's AI products and/or features, and for conclusions drawn from such use. Ironclad will have no liability for any claims, losses, or damages caused by errors or omissions in any Customer Data or other information provided to Ironclad by Customer in connection with the Enterprise Services or any actions taken by Ironclad at Customer’s direction. Ironclad will have no liability for any claims, losses or damages arising out of or in connection with Customer’s or any Authorized User’s use of any third-party products, services, software or web sites that Customer may choose to integrate or use with the Enterprise Services.
- TERM AND TERMINATION
- Term. This Agreement will commence on the Effective Date and continue for the period specified in the Order Form (the “Term”), unless terminated earlier as provided in this Agreement.
- Termination for Cause. Either party may terminate this Agreement upon written notice if the other party breaches any material terms of this Agreement and fails to correct the breach within thirty (30) days following written notice from the non-breaching party specifying the breach.
- Rights and Obligations Upon Expiration or Termination. Upon expiration or termination of this Agreement, Customer’s and Authorized Users’ right to access and use the Enterprise Services will immediately terminate and each will immediately cease all use of the Enterprise Services.Customer and its Authorized Users have the right to export all Customer Data, at any time, prior to the effective date of expiration or termination of this Agreement. Upon expiration or termination of this Agreement, Ironclad will delete all Customer Data in accordance with the Section 8(b) of the DPA.
- Survival. The rights and obligations of Ironclad and Customer contained in Sections 2(g) (Usage Data), 3 (Fees; Expenses; Taxes), 4 (Proprietary Rights), 5 (Confidentiality), 7(c) (Rights and Obligations Upon Expiration or Termination), 7(d) (Survival), 8 (Indemnification), 9 (Limitation of Liability), and 10 (General) will survive any expiration or termination of this Agreement.
- INDEMNIFICATION
- Indemnification by Ironclad. Ironclad will defend Customer, its officers, directors and employees, from and against any suit or action brought by a third-party against Customer: (i) alleging that the Enterprise Services, as provided by Ironclad and when used by Customer pursuant to this Agreement, infringes any Intellectual Property Right of a third party (the “IP Indemnity”); or (ii) resulting from unauthorized disclosure and misuse of Customer Data directly resulting from Ironclad’s breach of its obligations under Section 2(e) (Customer Data) or Section 2(f) (Information Security) (the “Data Indemnity”). Ironclad shall indemnify and hold harmless Customer from and against any damages and costs awarded against Customer or agreed in settlement by Ironclad (including reasonable attorneys’ fees) resulting from such claim, provided that: (x) Customer provides Ironclad with prompt written notice of such claim; (y) Customer provides reasonable cooperation to Ironclad, at Ironclad’s expense, in the defense and settlement of such claim; and (z) Ironclad has sole authority to defend or settle such claim, provided that it may not settle any claim in a manner that imposes any material liability upon Customer or requires Customer to admit wrongdoing.
- Injunctions. If Customer’s use of the Enterprise Services is, or in Ironclad’s opinion is likely to be, enjoined due to the type of claim specified in Section 8(a)(i), then Ironclad may at its sole option and expense: (i) replace or modify the Enterprise Services to make them non-infringing and of equivalent functionality; (ii) procure for Customer the right to continue using the Enterprise Services under the terms of this Agreement; or (iii) if Ironclad is unable to accomplish either (i) or (ii) despite using its commercially reasonable efforts, terminate Customer’s rights and Ironclad’s obligation under this Agreement with respect to such Enterprise Services and refund to Customer a pro-rata portion of the Fees paid for the remaining portion of the Term during which Customer would have had access to the Enterprise Services.
- Exclusions. Notwithstanding the terms of Section 8(a), Ironclad will have no liability for any claim of any kind to the extent that it arises from: (i) Customer Data (as provided to Ironclad), Third-Party Products, or any other portions or components integrated with the Enterprise Services by Customer and not supplied by Ironclad; (ii) any modification, combination, or development of the Enterprise Services or portions or components thereof that is not performed by Ironclad; (iii) the combination, operation or use of the Enterprise Services with equipment, devices, or software not supplied by Ironclad, if a claim would not have occurred but for such combination, operation or use; or (iv) Customer’s or an Authorized User’s use of the Enterprise Services other than in accordance with this Agreement.
- Sole Remedy. THE FOREGOING STATES IRONCLAD’S AND ITS LICENSORS’ SOLE LIABILITY AND CUSTOMER’S SOLE AND EXCLUSIVE REMEDY WITH RESPECT TO ANY ALLEGED OR ACTUAL INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY RIGHTS BY THE ENTERPRISE SERVICES.
- Indemnification by Customer. Customer will defend Ironclad, its officers, directors and employees, from and against any action or suit brought against Ironclad by a third party or an Authorized User (i) alleging the Customer Data infringes or misappropriates any Intellectual Property Rights; (ii) related to ownership or use of Customer Data (as provided to Ironclad); or (iii) related to Customer administrator’s actions with respect to the Customer’s account. Customer will indemnify and hold harmless Ironclad from and against any damages and costs awarded against Ironclad or agreed in settlement by Customer (including reasonable attorneys’ fees) resulting from such claim, provided that (x) Ironclad provides Customer with prompt written notice of such claim; (y) Ironclad provides reasonable cooperation to Customer, at Customer’s expense, in the defense and settlement of such claim; and (z) Customer has sole authority to defend or settle such claim, provided that it may not settle any claim in a manner that imposes any material liability upon Ironclad or requires Ironclad to admit wrongdoing.
- LIMITATION OF LIABILITY.
- Exclusion of Damages. To the fullest extent permitted by law, except for Excluded Claims (as defined below in Section 9(c) and for which there will be no cap on liability), neither Customer nor Ironclad, and its Affiliates and suppliers, will be liable under this Agreement for (i) indirect, special, incidental, consequential, exemplary, or punitive damages; or (ii) loss of use, data, business, revenues, or profits (in each case whether direct or indirect), even if the party knew or should have known that such damages were possible, even if a remedy fails of its essential purpose, and regardless of the type of action or theory of liability.
- Total Liability. To the fullest extent permitted by law, except for Excluded Claims (for which there shall be no cap on liability) or Special Claims (which are subject to the Enhanced Liability Cap set forth in Section 9(d)), neither party’s aggregate liability under this Agreement will exceed the amount paid by Customer to Ironclad during the twelve months prior to the event giving rise to liability.
- Excluded Claims. “Excluded Claims” means: (i) any intentional misconduct or gross negligence by either party; (ii) any amounts payable to third parties pursuant to Ironclad’s IP Indemnity obligations under Section 8(a)(i); or (iii) any amounts payable to third parties pursuant to Customer’s indemnification obligations under Section 8(e) (Indemnification by Customer).
- Special Claims. “Special Claims” means (i) any breach by Ironclad of Section 2(e) (Customer Data), Section 2(f) (Information Security), or Section 5 (Confidentiality) resulting in unauthorized disclosure and misuse of Customer Data; or (ii) any amounts payable to third parties pursuant to Ironclad’s Data Indemnity obligations under Section 8(a)(ii). For any and all Special Claims, Ironclad’s aggregate liability shall be subject to an enhanced liability cap not to exceed three times (3x) the amount paid by Customer to Ironclad during the twelve months prior to the event giving rise to liability (the “Enhanced Liability Cap”).
- GENERAL
- Governing Law. This Agreement will be governed by the laws of the State of California, without regard to its conflict of law provisions. Any legal action or proceeding relating to this Agreement will be brought exclusively in the state or federal courts located in San Francisco, CA. Ironclad and Customer hereby agree to submit to the jurisdiction of, and agree that venue is proper in those courts in any such legal action or proceeding.
- Order of Preference. In the event of a conflict between the Enterprise Services Agreement and Order Form, the order of preference will be the Enterprise Services Agreement, then the Order Form, unless the Order Form contains a Special Terms section, which is intended to modify the standard terms of this Enterprise Services Agreement.
- Waiver. The waiver by either party of any default or breach of this Agreement will not constitute a waiver of any other or subsequent default or breach. No waiver of any provision of this Agreement will be effective unless it is in writing and signed by the party granting the waiver.
- Notices. Notices will be sent to the addresses set forth in the Order Form.The notices will be deemed to have been given upon: (i) the date actually delivered in person; (ii) the day after the date sent by overnight courier; (iii) three (3) days following the date such notice was mailed by first class mail; or (iv) the date sent by email to Ironclad at legal@ironcladhq.com or Customer at the Customer’s notice email address specified in the Order Form.
- Severability. In the event any provision of this Agreement is held to be invalid or unenforceable, the remaining provisions of this Agreement will remain in full force and effect.
- Force Majeure. Neither party will be liable hereunder by reason of any failure or delay in the performance of its obligations hereunder (except for the payment of money owed) on account of events beyond the reasonable control of such party, which may include without limitation denial-of-service attacks, strikes, shortages, riots, insurrection, fires, flood, storm, explosions, pandemics, acts of God, war, terrorism, governmental action, labor conditions, earthquakes, rolling blackouts, and internet connectivity disruptions.
- Relationship Between the Parties. Nothing in this Agreement will be construed to create a partnership, joint venture or agency relationship between the parties.
- Assignment. Neither party may assign its rights or obligations under this Agreement without the other party’s prior written consent. Notwithstanding the foregoing, either party may assign its rights and obligations under this Agreement to an Affiliate as part of a reorganization, or to a purchaser of its business entity or substantially all of its assets or business to which rights and obligations pertain without the other party’s consent, provided that: (a) the purchaser is not insolvent or otherwise unable to pay its debts as they become due; (b) the purchaser is not a competitor of the other party; and (c) any assignee is bound hereby. Other than the foregoing, any attempt by either party to transfer its rights or obligations under this Agreement will be void.
- Entire Agreement. This Agreement (including any Exhibits hereto) constitutes the complete and exclusive agreement between the parties concerning its subject matter and supersedes all prior or contemporaneous agreements or understandings, written or oral, concerning the subject matter of this Agreement.
- Amendment. This Agreement may not be modified or amended except in a writing signed by a duly authorized representative of each party.
- No Third-Party Beneficiaries. This Agreement is intended for the sole and exclusive benefit of the signatories and is not intended to benefit any third party. Only the parties to this Agreement may enforce it.
Exhibit A
IRONCLAD SERVICE LEVEL AGREEMENT & TECHNICAL SUPPORT SCHEDULE
This Ironclad Service Level Agreement (“SLA”) & Technical Support Schedule (“TSS”) shall be governed by and incorporated by reference into the Enterprise Services Agreement and the applicable Order Form entered into between the parties. All capitalized terms contained but not defined herein shall have the meaning ascribed to them in the Agreement.
A. Service Level Agreement. The SLA shall apply solely to Customer’s use of the CLM Services and Clickwrap Services.
- Defined Terms.
- “Activity API” means the portions of the Clickwrap Services that programmatically display contracts inside of a web page or mobile app, retrieve acceptance data for individual users, and send acceptance of contracts.
- “Application User Interface” means the dashboard portion of the Clickwrap Services accessed via the Internet through a web browser to create and publish contracts, download electronic records of acceptance, and send contracts.
- “Emergency Maintenance” means maintenance performed to fix critical functionality, vulnerabilities, or material defects that may substantially impair the usability or performance of the CLM Services or Clickwrap Services.
- “Excused Maintenance” means Emergency Maintenance and Scheduled Maintenance.
- “Downtime” means at least one of the following: a) the inability to log in to our web applications or APIs or b) the major degradation of a functional feature.
- "REST API” means the portions of the Clickwrap Services that are accessed programmatically for integrations into third party applications.
- “Scheduled Availability Time” means twenty-four (24) hours a day, seven (7) days a week, excluding: (i) Excused Maintenance, (ii) any Downtime due to defects caused by Customer, one of its vendors, third party connections, utilities, or equipment, or caused by other forces beyond the reasonable control of Ironclad (such as denial of service attacks, internet or third-party service outages or outages with respect to Customer’s network or internet access).
- “Scheduled Maintenance” is any system maintenance performed during a maintenance window. The maintenance window, if one is scheduled, will be available at least two weeks prior to the maintenance window at either: a) https://status.ironcladapp.com/ for CLM Services or b) https://status.pactsafe.com/ for Clickwrap Services.
- “Service Credits” are credits for which Customer may be eligible if Ironclad fails to meet the Target Uptime. The availability of Customer’s instance per calendar month and corresponding Service Credits are set forth in the table below.Availability Per Calendar MonthService Credit
<99.7% ->= 99.0% 1% of the Annual Subscription Fee<99.0% ->= 95.0% 2% of the Annual Subscription FeeBelow 95% 3% of the Annual Subscription Fee - “Service Credit Request” means a request to Ironclad at support@ironcladhq.com stating that Customer believes that Ironclad has failed to meet the Target Uptime.
- “Target Uptime” means CLM Target Uptime and Clickwrap Target Uptime.
2. CLM Target Uptime. During the Term of the Agreement, Ironclad will use all commercially reasonable efforts to make the CLM Services available and operational to Customer for 99.7% of the Scheduled Availability Time (the “CLM Target Uptime”) as shown on https://status.ironcladapp.com/. If Ironclad does not meet the CLM Target Uptime and Customer is affected by Downtime, Customer will be eligible to receive the applicable Service Credits.
3. CW Target Uptime. During the Term of the Agreement, Ironclad will use all commercially reasonable efforts to make the Application User Interface, REST API, and Activity API available and operational to the Customer for 99.7% of the Scheduled Availability Time (the “CW Target Uptime”), as tracked by each such measure on https://status.pactsafe.com/. If Ironclad does not meet the CW Target Uptime as to any of the three measures and Customer is affected by Downtime, Customer will be eligible to receive the applicable Service Credits.
4. Service Credits. To receive a Service Credit, Customer must issue a Service Credit Request within 7 days of the last day of the month in which Customer believes Ironclad’s failure to meet the Target Uptime occurred. Promptly after receipt of a Service Credit Request, Ironclad will investigate the request and notify Customer that either: (i) a Service Credit is due; or (ii) no Service Credit is due and state the basis of this determination. If Ironclad determines a Service Credit is due, then Ironclad will apply the applicable Service Credits to Customer’s account for future fees due. Service Credits have no cash value and are Customer's sole and exclusive remedy for any failure by Ironclad to meet the Target Uptime.
B. Ironclad Technical Support Schedule.
1. Maintenance. Ironclad will make available to Customer all generally available updates and bug fixes to the Enterprise Services. Ironclad will take commercially reasonable efforts to perform Scheduled Maintenance during off-peak hours.
2. Support. Ironclad is available to receive Enterprise Services support inquiries via email (support@ironcladhq.com). Ironclad’s support hours are 08:00 AM to 8:00 PM Eastern Standard Time Monday through Friday (excluding standard U.S. holidays) for technical information, technical advice, and technical consultation regarding Customer’s use of the Enterprise Services.
3. Help Center Access.Customer shall have 24x7 access to our online Help Center (https://support.ironcladapp.com) for any best practices, integration instructions, or product questions.
4. Email & Web Form Cases. Customer shall have the ability to submit support requests 24x7 through email (support@ironcladhq.com) or the web form accessible via the Ironclad website or Help Center (https://support.ironcladapp.com).
Effective July 12th 2024 to September 19th 2024
DownloadTable of Contents
This Enterprise Services Agreement is entered into by and between Ironclad, Inc. (“Ironclad”) and the organization agreeing to the terms of this Agreement (“Customer”). This Agreement shall be effective as of the “Effective Date” of the first Order Form, or similar form referencing or otherwise incorporating this Agreement, between Customer and Ironclad.
- DEFINITIONS
- “Affiliate” means a legal entity that controls, is controlled by, or is under common control with a party, where “control” is defined as owning more than 50% of the voting shares of such entity.
- “Agreement” means this Enterprise Services Agreement, any Exhibits, and each Order Form.
- “Authorized User” means an employee or contractor of Customer or its Affiliates that Customer has registered to access and use the Enterprise Services.
- “Confidential Information” means any business or technical information disclosed by one party to the other party, including Customer Data, provided that it is identified as confidential at the time of disclosure or that under the circumstances, a person exercising reasonable business judgment would understand it to be confidential or proprietary.
- “Customer Data” means the data and information input or uploaded into the Enterprise Services by Customer or Authorized Users. All Customer Data shall be treated as Confidential Information.
- “Enterprise Services” means the cloud-based web platform delivered and accessible through https://www.ironcladapp.com that provides contract management and workflow-related services (the “CLM Services”), and/or the cloud-based web platform delivered and accessible through Ironclad’s website located at: https://app.pactsafe.com that provides contract acceptance, clickwrap, and legal term-management-related services (the “Clickwrap Services”), and the services performed by Ironclad to configure and rollout the platform(s) to Customer and Authorized Users, as described in an applicable Order Form.
- “Intellectual Property Rights” means patent rights (including, without limitation, patent applications and disclosures), copyrights, trade secrets, moral rights, know-how, and any other intellectual property rights recognized in any country or jurisdiction.
- “Order Form” means the document that Customer uses to order the Enterprise Services that is signed by both Customer and Ironclad.
- “Usage Data” means anonymized and aggregated platform-level information or data, collected and owned by Ironclad, that (i) tracks Customer’s use of the Enterprise Services, (ii) tracks the performance of the Enterprise Services and (iii) enables the functionality of certain optional features within the Enterprise Services.
- ENTERPRISE SERVICES
- Enterprise Services. Customer and its Authorized Users may access and use the Enterprise Services solely for Customer’s own business purposes in accordance with the Agreement.
- Cooperation and Assistance. Customer will cooperate with Ironclad in good faith and provide to Ironclad the information and personnel that Ironclad reasonably requests and requires to provide the Enterprise Services. Customer, at its option, may utilize certain third-party software and services with the Enterprise Services and is responsible for acquiring and maintaining all such third-party software and services required to access, use, or integrate with the Enterprise Services, including all costs related to the foregoing.
- Authorized Users. Customer will keep its user IDs and passwords for the Enterprise Services confidential and will be responsible for all actions taken under an Authorized User’s account. Customer will comply with all applicable laws, rules and regulations in connection with its use of the Enterprise Services. Customer will promptly notify Ironclad of any suspected violation of this Agreement by an Authorized User and will cooperate with Ironclad to address the suspected violation. Ironclad may suspend an Authorized User’s access to the Enterprise Services upon notice to Customer in the event that Ironclad reasonably determines that such Authorized User violated this Agreement. Ironclad agrees to work, in good faith, with Customer to resolve any such issue and restore access as soon as possible.
- Restrictions. Customer will not allow anyone other than Authorized Users to access or use the Enterprise Services from Customer’s accounts. Customer will not and will ensure that its Authorized Users do not: (i) attempt to interfere with or disrupt the Enterprise Services (or any related systems or networks) or use the Enterprise Services other than directly for Customer’s benefit; (ii) copy, modify or distribute any portion of the Enterprise Services; (iii) rent, lease, or resell the Enterprise Services; (iv) transfer any of its rights hereunder; or (v) reverse-engineer or access the Enterprise Services in order to build a competitive product or service.
- Customer Data. Customer is responsible for obtaining any necessary right and licenses for use of the Customer Data by Customer and Ironclad as contemplated in this Agreement. Customer agrees that it has the legal right and authority to access, use and disclose to Ironclad any Customer Data. Customer authorizes Ironclad to access, process, and use the Customer Data as necessary to perform and fulfill its obligations hereunder. Ironclad will process and maintain Customer Data consistent with the Data Processing Addendum located at https://legal.ironcladapp.com/#dpa ("DPA") on the Effective Date and hereby incorporated by reference.
- Information Security. Ironclad will use commercially reasonable and industry standard technical and organizational measures designed to prevent unauthorized access, use, alteration or disclosure of the Enterprise Services or Customer Data.
- Usage Data. Ironclad may collect and analyze data and information relating to Customer’s use and the performance of the Enterprise Services and related systems and technologies therefrom to improve and enhance the Enterprise Services. Nothing in the Agreement will restrict Ironclad from collecting, using and/or analyzing Usage Data from Customer in an anonymized, aggregated manner for purposes of improving and enhancing the quality and nature of the Enterprise Services, or to market or publish general information and statistics, provided that Ironclad does not specifically identify Customer (or disclose data in a manner that Customer or Customer’s Authorized Users could subsequently be identified) or disclose any personally identifiable information or Confidential Information in the course of collecting, using, analyzing, marketing or publishing that data or information. Customer acknowledges that in order for Customer to utilize certain Ironclad AI product features available in the Enterprise Services, including but not limited to AI Playbooks and AI Assist, Ironclad shall utilize Usage Data to enable the functioning of these features.
- Electronic Signatures. Customer acknowledges and agrees that: (i) as between Ironclad and Customer, Customer has exclusive control and responsibility for the content, quality, and format of any documents used with the Enterprise Services; (ii) certain types of documents, agreements, or contracts may be excluded from general electronic signature laws (such as wills, trusts, court orders, or family law matters), or may have specific regulations that are applicable to them; and, (iii) Customer is solely responsible for ensuring that the documents, agreements or contracts it uses with the Enterprise Services are appropriate for electronic signatures, and Ironclad is not responsible or liable for any such determination or use; (iv) Consumer protection laws or regulations may impose specific requirements for electronic transactions involving consumers, Customer is solely responsible for ensuring it complies with all such laws/regulations, and Ironclad has no obligations to make such determination or assist with fulfilling any requirements therein; (v) Ironclad is not responsible for determining how long any contracts, documents, or other records are required to be retained or stored under any applicable laws; and (vi) Ironclad is not responsible for or liable to produce any of Customer’s contracts or other documents to any third parties. If Customer is using an API or other service that allows Customer to perform any end user/participant/signer authentication, then Customer is solely responsible and liable for such authentication.
- Third Party Software. The Enterprise Services may contain features designed to interoperate with a web-based or offline software application that is provided by Customer or a third party and interoperates with the Enterprise Services (collectively referred to herein as the “Third Party Software”). To use such features, Customer may be required to obtain access to Third Party Software from their providers, and may be required to grant Ironclad access to its account(s) on the Third Party Software. If Customer enables any Third Party Software for use with the Enterprise Services, Customer grants Ironclad permission to allow the provider of that Third Party Software to access Customer Data as required for the interoperation of that Third Party Software with the Enterprise Services. Any acquisition by Customer of such Third Party Software, and any exchange of data between Customer and any provider of the Third Party Software, is solely between Customer and the applicable Third Party Software provider. Ironclad does not warrant or support any Third Party Software. Ironclad is not responsible for the operation of any Third Party Software nor the availability or operation of the Enterprise Services to the extent such availability and/or operation is dependent upon Third Party Software.
- FEES; EXPENSES; TAXES
- Fees. Customer will pay to Ironclad the fees in accordance with the terms set forth in the applicable Order Form(s) and this Section 3.
- Invoices; Payment. Ironclad will invoice Customer annually in advance for the Enterprise Services and each invoice will be due and payable in accordance with the Order Form. All payment obligations are non-cancellable, and other than as provided in the Agreement, all amounts paid are non-refundable. If any undisputed amounts payable by Customer are still outstanding more than fifteen (15) days after Customer receives notice of non-payment, Ironclad will be entitled, in its sole discretion, to withhold performance and discontinue Customer’s access to the Enterprise Services until all undisputed amounts past due are paid in full.
- Purchase Orders. If Customer requires the use of a purchase order, Customer is responsible for providing the applicable purchase order at the time of purchase. The parties acknowledge and agree that any terms and conditions included in any purchase order, vendor portal or any similar Customer specific invoicing process are void and will not apply between the parties or to Customer’s purchase of the Enterprise Services.
- Taxes. All Fees and other amounts stated or referred to in this Agreement are exclusive of all taxes, duties, levies, tariffs, and other governmental charges (collectively, “Taxes”). Customer will be responsible for payment of all Taxes and any related interest and/or penalties resulting from any payments made hereunder, other than any taxes based on Ironclad’s net income. If Ironclad has the legal obligation to pay or collect Taxes for which Customer is responsible, the appropriate amount shall be invoiced to and paid by Customer unless Customer provides Ironclad with a valid tax exemption certificate authorized by the appropriate taxing authority.
- PROPRIETARY RIGHTS.
- Customer owns and retains: (i) the Customer Data; (ii) Customer’s name, logo and other trademarks; and (iii) all Intellectual Property Rights in and to any of the foregoing.
- Ironclad owns and retains: (i) the Enterprise Services, and all improvements, enhancements or modifications made by any party; (ii) the Usage Data; (iii) any software, applications, inventions or other technology developed by Ironclad in connection with providing the Enterprise Services; (iv) Ironclad’s name, logo, and other trademarks; and (v) all Intellectual Property Rights in and to any of the foregoing.
- Neither party shall have the right to use the name, trademarks, logos, or any other proprietary identifiers of the other party in any advertising or promotional materials, whether printed, electronic, or otherwise, without the prior written consent of the other party.
- CONFIDENTIALITY
- Use and Nondisclosure. A receiving party will not use the disclosing party’s Confidential Information except as necessary under this Agreement and will not disclose Confidential Information to any third party except: (i) to those of its employees and contractors who have a business need to know such Confidential Information; provided that each such employee and contractor is bound to confidentiality restrictions at least as restrictive as the terms set forth in this Agreement or (ii) as further described in the Data Processing Addendum. Each receiving party will protect the disclosing party’s Confidential Information from unauthorized use and disclosure using efforts equivalent to the efforts that the receiving party uses with respect to its own confidential information and in no event less than a reasonable standard of care. The provisions of this Section 5(a) will remain in effect during the Term and for a period of five (5) years after the expiration or termination thereof, except with regard to trade secrets of the disclosing party, which will be held in confidence for as long as such information remains a trade secret.
- Exclusions. The obligations and restrictions set forth in Section 5(a) will not apply to any information that: (i) is or becomes generally known to the public through no fault of or breach of this Agreement by the receiving party; (ii) is rightfully known by the receiving party at the time of disclosure; (iii) is independently developed by the receiving party without access to the disclosing party’s Confidential Information; or (iv) the receiving party rightfully obtains from a third party who has the right to disclose such information without breach of any confidentiality obligation to the disclosing party.
- Permitted Disclosures. The provisions of this Section 5 will not restrict either party from disclosing the other party’s Confidential Information: (i) pursuant to the order or requirement of a court, administrative agency, or other governmental body; provided that to the extent legally permitted, the party required to make such a disclosure gives reasonable notice to the other party to enable it to contest such order or requirement or limit the scope of such request; (ii) on a confidential basis to its legal or professional financial advisors; (iii) as required under applicable securities regulations.
- Injunctive Relief. The receiving party acknowledges that disclosure of Confidential Information could cause substantial harm for which damages alone may not be a sufficient remedy, and therefore that upon any such disclosure by the receiving party, the disclosing party will be entitled to seek appropriate equitable relief in addition to whatever other remedies it might have at law.
- WARRANTY
- Warranty for Enterprise Services. Ironclad warrants solely to Customer that (i) the Enterprise Services will materially conform to the description set forth in this Agreement and the applicable Order Form; and (ii) the Enterprise Services will materially comply with all applicable laws, including federal, state, and local; in each case under normal use and circumstances when used consistently with the terms of this Agreement. As Ironclad’s sole and exclusive liability and Customer’s sole and exclusive remedy for any breach of the warranty set forth in this Section 6(a) Ironclad will (x) use commercially reasonable efforts to modify the Enterprise Services to correct the non-conformity, and (y) if such non-conformity is not corrected within thirty (30) days, Customer may terminate this Agreement and receive a pro rata refund of prepaid fees for the remaining portion of the Term after the termination date.
- Disclaimer. EXCEPT AS EXPRESSLY PROVIDED IN SECTION 6(a), IRONCLAD MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND WHATSOEVER, EXPRESS OR IMPLIED, IN CONNECTION WITH THIS AGREEMENT OR THE ENTERPRISE SERVICES AND IRONCLAD HEREBY DISCLAIMS ANY IMPLIED WARRANTIES OF MERCHANTABILITY, ACCURACY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT, AND ANY WARRANTIES ARISING FROM COURSE OF DEALING OR USAGE OF TRADE. IRONCLAD DISCLAIMS ANY WARRANTY THAT THE ENTERPRISE SERVICES WILL BE ERROR FREE OR UNINTERRUPTED OR THAT ALL ERRORS WILL BE CORRECTED. NO ADVICE OR INFORMATION, WHETHER ORAL OR WRITTEN, OBTAINED FROM IRONCLAD OR ELSEWHERE SHALL CREATE ANY WARRANTY NOT EXPRESSLY STATED IN THIS AGREEMENT. Customer assumes sole responsibility and liability for results obtained from the use of the Enterprise Services and for conclusions drawn from such use. Ironclad will have no liability for any claims, losses, or damages caused by errors or omissions in any Customer Data or other information provided to Ironclad by Customer in connection with the Enterprise Services or any actions taken by Ironclad at Customer’s direction. Ironclad will have no liability for any claims, losses or damages arising out of or in connection with Customer’s or any Authorized User’s use of any third-party products, services, software or web sites that Customer may choose to integrate or use with the Enterprise Services.
- TERM AND TERMINATION
- Term. This Agreement will commence on the Effective Date and continue for the period specified in the Order Form (the “Term”), unless terminated earlier as provided in this Agreement.
- Termination for Cause. Either party may terminate this Agreement upon written notice if the other party breaches any material terms of this Agreement and fails to correct the breach within thirty (30) days following written notice from the non-breaching party specifying the breach.
- Rights and Obligations Upon Expiration or Termination. Upon expiration or termination of this Agreement, Customer’s and Authorized Users’ right to access and use the Enterprise Services will immediately terminate and each will immediately cease all use of the Enterprise Services.Customer and its Authorized Users have the right to export all Customer Data, at any time, prior to the effective date of expiration or termination of this Agreement. Upon expiration or termination of this Agreement, Ironclad will delete all Customer Data in accordance with the Section 8(b) of the DPA.
- Survival. The rights and obligations of Ironclad and Customer contained in Sections 2(g) (Usage Data), 3 (Fees; Expenses; Taxes), 4 (Proprietary Rights), 5 (Confidentiality), 7(c) (Rights and Obligations Upon Expiration or Termination), 7(d) (Survival), 8 (Indemnification), 9 (Limitation of Liability), and 10 (General) will survive any expiration or termination of this Agreement.
- INDEMNIFICATION
- Indemnification by Ironclad. Ironclad will defend Customer, its officers, directors and employees, from and against any suit or action brought by a third-party against Customer: (i) alleging that the Enterprise Services, as provided by Ironclad and when used by Customer pursuant to this Agreement, infringes any Intellectual Property Right of a third party (the “IP Indemnity”); or (ii) resulting from unauthorized disclosure and misuse of Customer Data directly resulting from Ironclad’s breach of its obligations under Section 2(e) (Customer Data) or Section 2(f) (Information Security) (the “Data Indemnity”). Ironclad shall indemnify and hold harmless Customer from and against any damages and costs awarded against Customer or agreed in settlement by Ironclad (including reasonable attorneys’ fees) resulting from such claim, provided that: (x) Customer provides Ironclad with prompt written notice of such claim; (y) Customer provides reasonable cooperation to Ironclad, at Ironclad’s expense, in the defense and settlement of such claim; and (z) Ironclad has sole authority to defend or settle such claim, provided that it may not settle any claim in a manner that imposes any material liability upon Customer or requires Customer to admit wrongdoing.
- Injunctions. If Customer’s use of the Enterprise Services is, or in Ironclad’s opinion is likely to be, enjoined due to the type of claim specified in Section 8(a)(i), then Ironclad may at its sole option and expense: (i) replace or modify the Enterprise Services to make them non-infringing and of equivalent functionality; (ii) procure for Customer the right to continue using the Enterprise Services under the terms of this Agreement; or (iii) if Ironclad is unable to accomplish either (i) or (ii) despite using its commercially reasonable efforts, terminate Customer’s rights and Ironclad’s obligation under this Agreement with respect to such Enterprise Services and refund to Customer a pro-rata portion of the Fees paid for the remaining portion of the Term during which Customer would have had access to the Enterprise Services.
- Exclusions. Notwithstanding the terms of Section 8(a), Ironclad will have no liability for any claim of any kind to the extent that it arises from: (i) Customer Data (as provided to Ironclad), Third-Party Products, or any other portions or components integrated with the Enterprise Services by Customer and not supplied by Ironclad; (ii) any modification, combination, or development of the Enterprise Services or portions or components thereof that is not performed by Ironclad; (iii) the combination, operation or use of the Enterprise Services with equipment, devices, or software not supplied by Ironclad, if a claim would not have occurred but for such combination, operation or use; or (iv) Customer’s or an Authorized User’s use of the Enterprise Services other than in accordance with this Agreement.
- Sole Remedy. THE FOREGOING STATES IRONCLAD’S AND ITS LICENSORS’ SOLE LIABILITY AND CUSTOMER’S SOLE AND EXCLUSIVE REMEDY WITH RESPECT TO ANY ALLEGED OR ACTUAL INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY RIGHTS BY THE ENTERPRISE SERVICES.
- Indemnification by Customer. Customer will defend Ironclad, its officers, directors and employees, from and against any action or suit brought against Ironclad by a third party or an Authorized User (i) alleging the Customer Data infringes or misappropriates any Intellectual Property Rights; (ii) related to ownership or use of Customer Data (as provided to Ironclad); or (iii) related to Customer administrator’s actions with respect to the Customer’s account. Customer will indemnify and hold harmless Ironclad from and against any damages and costs awarded against Ironclad or agreed in settlement by Customer (including reasonable attorneys’ fees) resulting from such claim, provided that (x) Ironclad provides Customer with prompt written notice of such claim; (y) Ironclad provides reasonable cooperation to Customer, at Customer’s expense, in the defense and settlement of such claim; and (z) Customer has sole authority to defend or settle such claim, provided that it may not settle any claim in a manner that imposes any material liability upon Ironclad or requires Ironclad to admit wrongdoing.
- LIMITATION OF LIABILITY.
- Exclusion of Damages. To the fullest extent permitted by law, except for Excluded Claims (as defined below in Section 9(c) and for which there will be no cap on liability), neither Customer nor Ironclad, and its Affiliates and suppliers, will be liable under this Agreement for (i) indirect, special, incidental, consequential, exemplary, or punitive damages; or (ii) loss of use, data, business, revenues, or profits (in each case whether direct or indirect), even if the party knew or should have known that such damages were possible, even if a remedy fails of its essential purpose, and regardless of the type of action or theory of liability.
- Total Liability. To the fullest extent permitted by law, except for Excluded Claims (for which there shall be no cap on liability) or Special Claims (which are subject to the Enhanced Liability Cap set forth in Section 9(d)), neither party’s aggregate liability under this Agreement will exceed the amount paid by Customer to Ironclad during the twelve months prior to the event giving rise to liability.
- Excluded Claims. “Excluded Claims” means: (i) any intentional misconduct or gross negligence by either party; (ii) any amounts payable to third parties pursuant to Ironclad’s IP Indemnity obligations under Section 8(a)(i); or (iii) any amounts payable to third parties pursuant to Customer’s indemnification obligations under Section 8(e) (Indemnification by Customer).
- Special Claims. “Special Claims” means (i) any breach by Ironclad of Section 2(e) (Customer Data), Section 2(f) (Information Security), or Section 5 (Confidentiality) resulting in unauthorized disclosure and misuse of Customer Data; or (ii) any amounts payable to third parties pursuant to Ironclad’s Data Indemnity obligations under Section 8(a)(ii). For any and all Special Claims, Ironclad’s aggregate liability shall be subject to an enhanced liability cap not to exceed three times (3x) the amount paid by Customer to Ironclad during the twelve months prior to the event giving rise to liability (the “Enhanced Liability Cap”).
- GENERAL
- Governing Law. This Agreement will be governed by the laws of the State of California, without regard to its conflict of law provisions. Any legal action or proceeding relating to this Agreement will be brought exclusively in the state or federal courts located in San Francisco, CA. Ironclad and Customer hereby agree to submit to the jurisdiction of, and agree that venue is proper in those courts in any such legal action or proceeding.
- Order of Preference. In the event of a conflict between the Enterprise Services Agreement and Order Form, the order of preference will be the Enterprise Services Agreement, then the Order Form, unless the Order Form contains a Special Terms section, which is intended to modify the standard terms of this Enterprise Services Agreement.
- Waiver. The waiver by either party of any default or breach of this Agreement will not constitute a waiver of any other or subsequent default or breach. No waiver of any provision of this Agreement will be effective unless it is in writing and signed by the party granting the waiver.
- Notices. Notices will be sent to the addresses set forth in the Order Form.The notices will be deemed to have been given upon: (i) the date actually delivered in person; (ii) the day after the date sent by overnight courier; (iii) three (3) days following the date such notice was mailed by first class mail; or (iv) the date sent by email to Ironclad at legal@ironcladhq.com or Customer at the Customer’s notice email address specified in the Order Form.
- Severability. In the event any provision of this Agreement is held to be invalid or unenforceable, the remaining provisions of this Agreement will remain in full force and effect.
- Force Majeure. Neither party will be liable hereunder by reason of any failure or delay in the performance of its obligations hereunder (except for the payment of money owed) on account of events beyond the reasonable control of such party, which may include without limitation denial-of-service attacks, strikes, shortages, riots, insurrection, fires, flood, storm, explosions, pandemics, acts of God, war, terrorism, governmental action, labor conditions, earthquakes, rolling blackouts, and internet connectivity disruptions.
- Relationship Between the Parties. Nothing in this Agreement will be construed to create a partnership, joint venture or agency relationship between the parties.
- Assignment. Neither party may assign its rights or obligations under this Agreement without the other party’s prior written consent. Notwithstanding the foregoing, either party may assign its rights and obligations under this Agreement to an Affiliate as part of a reorganization, or to a purchaser of its business entity or substantially all of its assets or business to which rights and obligations pertain without the other party’s consent, provided that: (a) the purchaser is not insolvent or otherwise unable to pay its debts as they become due; (b) the purchaser is not a competitor of the other party; and (c) any assignee is bound hereby. Other than the foregoing, any attempt by either party to transfer its rights or obligations under this Agreement will be void.
- Entire Agreement. This Agreement (including any Exhibits hereto) constitutes the complete and exclusive agreement between the parties concerning its subject matter and supersedes all prior or contemporaneous agreements or understandings, written or oral, concerning the subject matter of this Agreement.
- Amendment. This Agreement may not be modified or amended except in a writing signed by a duly authorized representative of each party.
- No Third-Party Beneficiaries. This Agreement is intended for the sole and exclusive benefit of the signatories and is not intended to benefit any third party. Only the parties to this Agreement may enforce it.
Exhibit A
IRONCLAD SERVICE LEVEL AGREEMENT & TECHNICAL SUPPORT SCHEDULE
This Ironclad Service Level Agreement (“SLA”) & Technical Support Schedule (“TSS”) shall be governed by and incorporated by reference into the Enterprise Services Agreement and the applicable Order Form entered into between the parties. All capitalized terms contained but not defined herein shall have the meaning ascribed to them in the Agreement.
A. Service Level Agreement. The SLA shall apply solely to Customer’s use of the CLM Services and Clickwrap Services.
- Defined Terms.
- “Activity API” means the portions of the Clickwrap Services that programmatically display contracts inside of a web page or mobile app, retrieve acceptance data for individual users, and send acceptance of contracts.
- “Application User Interface” means the dashboard portion of the Clickwrap Services accessed via the Internet through a web browser to create and publish contracts, download electronic records of acceptance, and send contracts.
- “Emergency Maintenance” means maintenance performed to fix critical functionality, vulnerabilities, or material defects that may substantially impair the usability or performance of the CLM Services or Clickwrap Services.
- “Excused Maintenance” means Emergency Maintenance and Scheduled Maintenance.
- “Downtime” means at least one of the following: a) the inability to log in to our web applications or APIs or b) the major degradation of a functional feature.
- "REST API” means the portions of the Clickwrap Services that are accessed programmatically for integrations into third party applications.
- “Scheduled Availability Time” means twenty-four (24) hours a day, seven (7) days a week, excluding: (i) Excused Maintenance, (ii) any Downtime due to defects caused by Customer, one of its vendors, third party connections, utilities, or equipment, or caused by other forces beyond the reasonable control of Ironclad (such as denial of service attacks, internet or third-party service outages or outages with respect to Customer’s network or internet access).
- “Scheduled Maintenance” is any system maintenance performed during a maintenance window. The maintenance window, if one is scheduled, will be available at least two weeks prior to the maintenance window at either: a) https://status.ironcladapp.com/ for CLM Services or b) https://status.pactsafe.com/ for Clickwrap Services.
- “Service Credits” are credits for which Customer may be eligible if Ironclad fails to meet the Target Uptime. The availability of Customer’s instance per calendar month and corresponding Service Credits are set forth in the table below.Availability Per Calendar MonthService Credit
<99.7% ->= 99.0% 1% of the Annual Subscription Fee<99.0% ->= 95.0% 2% of the Annual Subscription FeeBelow 95% 3% of the Annual Subscription Fee - “Service Credit Request” means a request to Ironclad at support@ironcladhq.com stating that Customer believes that Ironclad has failed to meet the Target Uptime.
- “Target Uptime” means CLM Target Uptime and Clickwrap Target Uptime.
2. CLM Target Uptime. During the Term of the Agreement, Ironclad will use all commercially reasonable efforts to make the CLM Services available and operational to Customer for 99.7% of the Scheduled Availability Time (the “CLM Target Uptime”) as shown on https://status.ironcladapp.com/. If Ironclad does not meet the CLM Target Uptime and Customer is affected by Downtime, Customer will be eligible to receive the applicable Service Credits.
3. CW Target Uptime. During the Term of the Agreement, Ironclad will use all commercially reasonable efforts to make the Application User Interface, REST API, and Activity API available and operational to the Customer for 99.7% of the Scheduled Availability Time (the “CW Target Uptime”), as tracked by each such measure on https://status.pactsafe.com/. If Ironclad does not meet the CW Target Uptime as to any of the three measures and Customer is affected by Downtime, Customer will be eligible to receive the applicable Service Credits.
4. Service Credits. To receive a Service Credit, Customer must issue a Service Credit Request within 7 days of the last day of the month in which Customer believes Ironclad’s failure to meet the Target Uptime occurred. Promptly after receipt of a Service Credit Request, Ironclad will investigate the request and notify Customer that either: (i) a Service Credit is due; or (ii) no Service Credit is due and state the basis of this determination. If Ironclad determines a Service Credit is due, then Ironclad will apply the applicable Service Credits to Customer’s account for future fees due. Service Credits have no cash value and are Customer's sole and exclusive remedy for any failure by Ironclad to meet the Target Uptime.
B. Ironclad Technical Support Schedule.
1. Maintenance. Ironclad will make available to Customer all generally available updates and bug fixes to the Enterprise Services. Ironclad will take commercially reasonable efforts to perform Scheduled Maintenance during off-peak hours.
2. Support. Ironclad is available to receive Enterprise Services support inquiries via email (support@ironcladhq.com). Ironclad’s support hours are 08:00 AM to 8:00 PM Eastern Standard Time Monday through Friday (excluding standard U.S. holidays) for technical information, technical advice, and technical consultation regarding Customer’s use of the Enterprise Services.
3. Help Center Access.Customer shall have 24x7 access to our online Help Center (https://support.ironcladapp.com) for any best practices, integration instructions, or product questions.
4. Email & Web Form Cases. Customer shall have the ability to submit support requests 24x7 through email (support@ironcladhq.com) or the web form accessible via the Ironclad website or Help Center (https://support.ironcladapp.com).
Effective July 5th 2024 to July 12th 2024
DownloadTable of Contents
This Enterprise Services Agreement is entered into by and between Ironclad, Inc. (“Ironclad”) and the organization agreeing to the terms of this Agreement (“Customer”). This Agreement shall be effective as of the “Effective Date” of the first Order Form, or similar form referencing or otherwise incorporating this Agreement, between Customer and Ironclad.
- DEFINITIONS
- “Affiliate” means a legal entity that controls, is controlled by, or is under common control with a party, where “control” is defined as owning more than 50% of the voting shares of such entity.
- “Agreement” means this Enterprise Services Agreement, any Exhibits, and each Order Form.
- “Authorized User” means an employee or contractor of Customer or its Affiliates that Customer has registered to access and use the Enterprise Services.
- “Confidential Information” means any business or technical information disclosed by one party to the other party, including Customer Data, provided that it is identified as confidential at the time of disclosure or that under the circumstances, a person exercising reasonable business judgment would understand it to be confidential or proprietary.
- “Customer Data” means the data and information input or uploaded into the Enterprise Services by Customer or Authorized Users. All Customer Data shall be treated as Confidential Information.
- “Enterprise Services” means the cloud-based web platform delivered and accessible through https://www.ironcladapp.com that provides contract management and workflow-related services (the “CLM Services”), and/or the cloud-based web platform delivered and accessible through Ironclad’s website located at: https://app.pactsafe.com that provides contract acceptance, clickwrap, and legal term-management-related services (the “Clickwrap Services”), and the services performed by Ironclad to configure and rollout the platform(s) to Customer and Authorized Users, as described in an applicable Order Form.
- “Intellectual Property Rights” means patent rights (including, without limitation, patent applications and disclosures), copyrights, trade secrets, moral rights, know-how, and any other intellectual property rights recognized in any country or jurisdiction.
- “Order Form” means the document that Customer uses to order the Enterprise Services that is signed by both Customer and Ironclad.
- “Usage Data” means anonymized and aggregated platform-level information or data, collected and owned by Ironclad, that (i) tracks Customer’s use of the Enterprise Services, (ii) tracks the performance of the Enterprise Services and (iii) enables the functionality of certain optional features within the Enterprise Services.
- ENTERPRISE SERVICES
- Enterprise Services. Customer and its Authorized Users may access and use the Enterprise Services solely for Customer’s own business purposes in accordance with the Agreement.
- Cooperation and Assistance. Customer will cooperate with Ironclad in good faith and provide to Ironclad the information and personnel that Ironclad reasonably requests and requires to provide the Enterprise Services. Customer, at its option, may utilize certain third-party software and services with the Enterprise Services and is responsible for acquiring and maintaining all such third-party software and services required to access, use, or integrate with the Enterprise Services, including all costs related to the foregoing.
- Authorized Users. Customer will keep its user IDs and passwords for the Enterprise Services confidential and will be responsible for all actions taken under an Authorized User’s account. Customer will comply with all applicable laws, rules and regulations in connection with its use of the Enterprise Services. Customer will promptly notify Ironclad of any suspected violation of this Agreement by an Authorized User and will cooperate with Ironclad to address the suspected violation. Ironclad may suspend an Authorized User’s access to the Enterprise Services upon notice to Customer in the event that Ironclad reasonably determines that such Authorized User violated this Agreement. Ironclad agrees to work, in good faith, with Customer to resolve any such issue and restore access as soon as possible.
- Restrictions. Customer will not allow anyone other than Authorized Users to access or use the Enterprise Services from Customer’s accounts. Customer will not and will ensure that its Authorized Users do not: (i) attempt to interfere with or disrupt the Enterprise Services (or any related systems or networks) or use the Enterprise Services other than directly for Customer’s benefit; (ii) copy, modify or distribute any portion of the Enterprise Services; (iii) rent, lease, or resell the Enterprise Services; (iv) transfer any of its rights hereunder; or (v) reverse-engineer or access the Enterprise Services in order to build a competitive product or service.
- Customer Data. Customer is responsible for obtaining any necessary right and licenses for use of the Customer Data by Customer and Ironclad as contemplated in this Agreement. Customer agrees that it has the legal right and authority to access, use and disclose to Ironclad any Customer Data. Customer authorizes Ironclad to access, process, and use the Customer Data as necessary to perform and fulfill its obligations hereunder. Ironclad will process and maintain Customer Data consistent with the Data Processing Addendum located at https://legal.ironcladapp.com/#dpa ("DPA") on the Effective Date and hereby incorporated by reference.
- Information Security. Ironclad will use commercially reasonable and industry standard technical and organizational measures designed to prevent unauthorized access, use, alteration or disclosure of the Enterprise Services or Customer Data.
- Usage Data. Ironclad may collect and analyze data and information relating to Customer’s use and the performance of the Enterprise Services and related systems and technologies therefrom to improve and enhance the Enterprise Services. Nothing in the Agreement will restrict Ironclad from collecting, using and/or analyzing Usage Data from Customer in an anonymized, aggregated manner for purposes of improving and enhancing the quality and nature of the Enterprise Services, or to market or publish general information and statistics, provided that Ironclad does not specifically identify Customer (or disclose data in a manner that Customer or Customer’s Authorized Users could subsequently be identified) or disclose any personally identifiable information or Confidential Information in the course of collecting, using, analyzing, marketing or publishing that data or information. Customer acknowledges that in order for Customer to utilize all Ironclad AI product features available in the Enterprise Services, including but not limited to Smart Import, AI Playbooks, AI Assist, Ironclad shall utilize Usage Data to enable the functioning of these features.
- Electronic Signatures. Customer acknowledges and agrees that: (i) as between Ironclad and Customer, Customer has exclusive control and responsibility for the content, quality, and format of any documents used with the Enterprise Services; (ii) certain types of documents, agreements, or contracts may be excluded from general electronic signature laws (such as wills, trusts, court orders, or family law matters), or may have specific regulations that are applicable to them; and, (iii) Customer is solely responsible for ensuring that the documents, agreements or contracts it uses with the Enterprise Services are appropriate for electronic signatures, and Ironclad is not responsible or liable for any such determination or use; (iv) Consumer protection laws or regulations may impose specific requirements for electronic transactions involving consumers, Customer is solely responsible for ensuring it complies with all such laws/regulations, and Ironclad has no obligations to make such determination or assist with fulfilling any requirements therein; (v) Ironclad is not responsible for determining how long any contracts, documents, or other records are required to be retained or stored under any applicable laws; and (vi) Ironclad is not responsible for or liable to produce any of Customer’s contracts or other documents to any third parties. If Customer is using an API or other service that allows Customer to perform any end user/participant/signer authentication, then Customer is solely responsible and liable for such authentication.
- Third Party Software. The Enterprise Services may contain features designed to interoperate with a web-based or offline software application that is provided by Customer or a third party and interoperates with the Enterprise Services (collectively referred to herein as the “Third Party Software”). To use such features, Customer may be required to obtain access to Third Party Software from their providers, and may be required to grant Ironclad access to its account(s) on the Third Party Software. If Customer enables any Third Party Software for use with the Enterprise Services, Customer grants Ironclad permission to allow the provider of that Third Party Software to access Customer Data as required for the interoperation of that Third Party Software with the Enterprise Services. Any acquisition by Customer of such Third Party Software, and any exchange of data between Customer and any provider of the Third Party Software, is solely between Customer and the applicable Third Party Software provider. Ironclad does not warrant or support any Third Party Software. Ironclad is not responsible for the operation of any Third Party Software nor the availability or operation of the Enterprise Services to the extent such availability and/or operation is dependent upon Third Party Software.
- FEES; EXPENSES; TAXES
- Fees. Customer will pay to Ironclad the fees in accordance with the terms set forth in the applicable Order Form(s) and this Section 3.
- Invoices; Payment. Ironclad will invoice Customer annually in advance for the Enterprise Services and each invoice will be due and payable in accordance with the Order Form. All payment obligations are non-cancellable, and other than as provided in the Agreement, all amounts paid are non-refundable. If any undisputed amounts payable by Customer are still outstanding more than fifteen (15) days after Customer receives notice of non-payment, Ironclad will be entitled, in its sole discretion, to withhold performance and discontinue Customer’s access to the Enterprise Services until all undisputed amounts past due are paid in full.
- Purchase Orders. If Customer requires the use of a purchase order, Customer is responsible for providing the applicable purchase order at the time of purchase. The parties acknowledge and agree that any terms and conditions included in any purchase order, vendor portal or any similar Customer specific invoicing process are void and will not apply between the parties or to Customer’s purchase of the Enterprise Services.
- Taxes. All Fees and other amounts stated or referred to in this Agreement are exclusive of all taxes, duties, levies, tariffs, and other governmental charges (collectively, “Taxes”). Customer will be responsible for payment of all Taxes and any related interest and/or penalties resulting from any payments made hereunder, other than any taxes based on Ironclad’s net income. If Ironclad has the legal obligation to pay or collect Taxes for which Customer is responsible, the appropriate amount shall be invoiced to and paid by Customer unless Customer provides Ironclad with a valid tax exemption certificate authorized by the appropriate taxing authority.
- PROPRIETARY RIGHTS.
- Customer owns and retains: (i) the Customer Data; (ii) Customer’s name, logo and other trademarks; and (iii) all Intellectual Property Rights in and to any of the foregoing.
- Ironclad owns and retains: (i) the Enterprise Services, and all improvements, enhancements or modifications made by any party; (ii) the Usage Data; (iii) any software, applications, inventions or other technology developed by Ironclad in connection with providing the Enterprise Services; (iv) Ironclad’s name, logo, and other trademarks; and (v) all Intellectual Property Rights in and to any of the foregoing.
- Neither party shall have the right to use the name, trademarks, logos, or any other proprietary identifiers of the other party in any advertising or promotional materials, whether printed, electronic, or otherwise, without the prior written consent of the other party.
- CONFIDENTIALITY
- Use and Nondisclosure. A receiving party will not use the disclosing party’s Confidential Information except as necessary under this Agreement and will not disclose Confidential Information to any third party except: (i) to those of its employees and contractors who have a business need to know such Confidential Information; provided that each such employee and contractor is bound to confidentiality restrictions at least as restrictive as the terms set forth in this Agreement or (ii) as further described in the Data Processing Addendum. Each receiving party will protect the disclosing party’s Confidential Information from unauthorized use and disclosure using efforts equivalent to the efforts that the receiving party uses with respect to its own confidential information and in no event less than a reasonable standard of care. The provisions of this Section 5(a) will remain in effect during the Term and for a period of five (5) years after the expiration or termination thereof, except with regard to trade secrets of the disclosing party, which will be held in confidence for as long as such information remains a trade secret.
- Exclusions. The obligations and restrictions set forth in Section 5(a) will not apply to any information that: (i) is or becomes generally known to the public through no fault of or breach of this Agreement by the receiving party; (ii) is rightfully known by the receiving party at the time of disclosure; (iii) is independently developed by the receiving party without access to the disclosing party’s Confidential Information; or (iv) the receiving party rightfully obtains from a third party who has the right to disclose such information without breach of any confidentiality obligation to the disclosing party.
- Permitted Disclosures. The provisions of this Section 5 will not restrict either party from disclosing the other party’s Confidential Information: (i) pursuant to the order or requirement of a court, administrative agency, or other governmental body; provided that to the extent legally permitted, the party required to make such a disclosure gives reasonable notice to the other party to enable it to contest such order or requirement or limit the scope of such request; (ii) on a confidential basis to its legal or professional financial advisors; (iii) as required under applicable securities regulations.
- Injunctive Relief. The receiving party acknowledges that disclosure of Confidential Information could cause substantial harm for which damages alone may not be a sufficient remedy, and therefore that upon any such disclosure by the receiving party, the disclosing party will be entitled to seek appropriate equitable relief in addition to whatever other remedies it might have at law.
- WARRANTY
- Warranty for Enterprise Services. Ironclad warrants solely to Customer that (i) the Enterprise Services will materially conform to the description set forth in this Agreement and the applicable Order Form; and (ii) the Enterprise Services will materially comply with all applicable laws, including federal, state, and local; in each case under normal use and circumstances when used consistently with the terms of this Agreement. As Ironclad’s sole and exclusive liability and Customer’s sole and exclusive remedy for any breach of the warranty set forth in this Section 6(a) Ironclad will (x) use commercially reasonable efforts to modify the Enterprise Services to correct the non-conformity, and (y) if such non-conformity is not corrected within thirty (30) days, Customer may terminate this Agreement and receive a pro rata refund of prepaid fees for the remaining portion of the Term after the termination date.
- Disclaimer. EXCEPT AS EXPRESSLY PROVIDED IN SECTION 6(a), IRONCLAD MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND WHATSOEVER, EXPRESS OR IMPLIED, IN CONNECTION WITH THIS AGREEMENT OR THE ENTERPRISE SERVICES AND IRONCLAD HEREBY DISCLAIMS ANY IMPLIED WARRANTIES OF MERCHANTABILITY, ACCURACY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT, AND ANY WARRANTIES ARISING FROM COURSE OF DEALING OR USAGE OF TRADE. IRONCLAD DISCLAIMS ANY WARRANTY THAT THE ENTERPRISE SERVICES WILL BE ERROR FREE OR UNINTERRUPTED OR THAT ALL ERRORS WILL BE CORRECTED. NO ADVICE OR INFORMATION, WHETHER ORAL OR WRITTEN, OBTAINED FROM IRONCLAD OR ELSEWHERE SHALL CREATE ANY WARRANTY NOT EXPRESSLY STATED IN THIS AGREEMENT. Customer assumes sole responsibility and liability for results obtained from the use of the Enterprise Services and for conclusions drawn from such use. Ironclad will have no liability for any claims, losses, or damages caused by errors or omissions in any Customer Data or other information provided to Ironclad by Customer in connection with the Enterprise Services or any actions taken by Ironclad at Customer’s direction. Ironclad will have no liability for any claims, losses or damages arising out of or in connection with Customer’s or any Authorized User’s use of any third-party products, services, software or web sites that Customer may choose to integrate or use with the Enterprise Services.
- TERM AND TERMINATION
- Term. This Agreement will commence on the Effective Date and continue for the period specified in the Order Form (the “Term”), unless terminated earlier as provided in this Agreement.
- Termination for Cause. Either party may terminate this Agreement upon written notice if the other party breaches any material terms of this Agreement and fails to correct the breach within thirty (30) days following written notice from the non-breaching party specifying the breach.
- Rights and Obligations Upon Expiration or Termination. Upon expiration or termination of this Agreement, Customer’s and Authorized Users’ right to access and use the Enterprise Services will immediately terminate and each will immediately cease all use of the Enterprise Services.Customer and its Authorized Users have the right to export all Customer Data, at any time, prior to the effective date of expiration or termination of this Agreement. Upon expiration or termination of this Agreement, Ironclad will delete all Customer Data in accordance with the Section 8(b) of the DPA.
- Survival. The rights and obligations of Ironclad and Customer contained in Sections 2(g) (Usage Data), 3 (Fees; Expenses; Taxes), 4 (Proprietary Rights), 5 (Confidentiality), 7(c) (Rights and Obligations Upon Expiration or Termination), 7(d) (Survival), 8 (Indemnification), 9 (Limitation of Liability), and 10 (General) will survive any expiration or termination of this Agreement.
- INDEMNIFICATION
- Indemnification by Ironclad. Ironclad will defend Customer, its officers, directors and employees, from and against any suit or action brought by a third-party against Customer: (i) alleging that the Enterprise Services, as provided by Ironclad and when used by Customer pursuant to this Agreement, infringes any Intellectual Property Right of a third party (the “IP Indemnity”); or (ii) resulting from unauthorized disclosure and misuse of Customer Data directly resulting from Ironclad’s breach of its obligations under Section 2(e) (Customer Data) or Section 2(f) (Information Security) (the “Data Indemnity”). Ironclad shall indemnify and hold harmless Customer from and against any damages and costs awarded against Customer or agreed in settlement by Ironclad (including reasonable attorneys’ fees) resulting from such claim, provided that: (x) Customer provides Ironclad with prompt written notice of such claim; (y) Customer provides reasonable cooperation to Ironclad, at Ironclad’s expense, in the defense and settlement of such claim; and (z) Ironclad has sole authority to defend or settle such claim, provided that it may not settle any claim in a manner that imposes any material liability upon Customer or requires Customer to admit wrongdoing.
- Injunctions. If Customer’s use of the Enterprise Services is, or in Ironclad’s opinion is likely to be, enjoined due to the type of claim specified in Section 8(a)(i), then Ironclad may at its sole option and expense: (i) replace or modify the Enterprise Services to make them non-infringing and of equivalent functionality; (ii) procure for Customer the right to continue using the Enterprise Services under the terms of this Agreement; or (iii) if Ironclad is unable to accomplish either (i) or (ii) despite using its commercially reasonable efforts, terminate Customer’s rights and Ironclad’s obligation under this Agreement with respect to such Enterprise Services and refund to Customer a pro-rata portion of the Fees paid for the remaining portion of the Term during which Customer would have had access to the Enterprise Services.
- Exclusions. Notwithstanding the terms of Section 8(a), Ironclad will have no liability for any claim of any kind to the extent that it arises from: (i) Customer Data (as provided to Ironclad), Third-Party Products, or any other portions or components integrated with the Enterprise Services by Customer and not supplied by Ironclad; (ii) any modification, combination, or development of the Enterprise Services or portions or components thereof that is not performed by Ironclad; (iii) the combination, operation or use of the Enterprise Services with equipment, devices, or software not supplied by Ironclad, if a claim would not have occurred but for such combination, operation or use; or (iv) Customer’s or an Authorized User’s use of the Enterprise Services other than in accordance with this Agreement.
- Sole Remedy. THE FOREGOING STATES IRONCLAD’S AND ITS LICENSORS’ SOLE LIABILITY AND CUSTOMER’S SOLE AND EXCLUSIVE REMEDY WITH RESPECT TO ANY ALLEGED OR ACTUAL INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY RIGHTS BY THE ENTERPRISE SERVICES.
- Indemnification by Customer. Customer will defend Ironclad, its officers, directors and employees, from and against any action or suit brought against Ironclad by a third party or an Authorized User (i) alleging the Customer Data infringes or misappropriates any Intellectual Property Rights; (ii) related to ownership or use of Customer Data (as provided to Ironclad); or (iii) related to Customer administrator’s actions with respect to the Customer’s account. Customer will indemnify and hold harmless Ironclad from and against any damages and costs awarded against Ironclad or agreed in settlement by Customer (including reasonable attorneys’ fees) resulting from such claim, provided that (x) Ironclad provides Customer with prompt written notice of such claim; (y) Ironclad provides reasonable cooperation to Customer, at Customer’s expense, in the defense and settlement of such claim; and (z) Customer has sole authority to defend or settle such claim, provided that it may not settle any claim in a manner that imposes any material liability upon Ironclad or requires Ironclad to admit wrongdoing.
- LIMITATION OF LIABILITY.
- Exclusion of Damages. To the fullest extent permitted by law, except for Excluded Claims (as defined below in Section 9(c) and for which there will be no cap on liability), neither Customer nor Ironclad, and its Affiliates and suppliers, will be liable under this Agreement for (i) indirect, special, incidental, consequential, exemplary, or punitive damages; or (ii) loss of use, data, business, revenues, or profits (in each case whether direct or indirect), even if the party knew or should have known that such damages were possible, even if a remedy fails of its essential purpose, and regardless of the type of action or theory of liability.
- Total Liability. To the fullest extent permitted by law, except for Excluded Claims (for which there shall be no cap on liability) or Special Claims (which are subject to the Enhanced Liability Cap set forth in Section 9(d)), neither party’s aggregate liability under this Agreement will exceed the amount paid by Customer to Ironclad during the twelve months prior to the event giving rise to liability.
- Excluded Claims. “Excluded Claims” means: (i) any intentional misconduct or gross negligence by either party; (ii) any amounts payable to third parties pursuant to Ironclad’s IP Indemnity obligations under Section 8(a)(i); or (iii) any amounts payable to third parties pursuant to Customer’s indemnification obligations under Section 8(e) (Indemnification by Customer).
- Special Claims. “Special Claims” means (i) any breach by Ironclad of Section 2(e) (Customer Data), Section 2(f) (Information Security), or Section 5 (Confidentiality) resulting in unauthorized disclosure and misuse of Customer Data; or (ii) any amounts payable to third parties pursuant to Ironclad’s Data Indemnity obligations under Section 8(a)(ii). For any and all Special Claims, Ironclad’s aggregate liability shall be subject to an enhanced liability cap not to exceed three times (3x) the amount paid by Customer to Ironclad during the twelve months prior to the event giving rise to liability (the “Enhanced Liability Cap”).
- GENERAL
- Governing Law. This Agreement will be governed by the laws of the State of California, without regard to its conflict of law provisions. Any legal action or proceeding relating to this Agreement will be brought exclusively in the state or federal courts located in San Francisco, CA. Ironclad and Customer hereby agree to submit to the jurisdiction of, and agree that venue is proper in those courts in any such legal action or proceeding.
- Order of Preference. In the event of a conflict between the Enterprise Services Agreement and Order Form, the order of preference will be the Enterprise Services Agreement, then the Order Form, unless the Order Form contains a Special Terms section, which is intended to modify the standard terms of this Enterprise Services Agreement.
- Waiver. The waiver by either party of any default or breach of this Agreement will not constitute a waiver of any other or subsequent default or breach. No waiver of any provision of this Agreement will be effective unless it is in writing and signed by the party granting the waiver.
- Notices. Notices will be sent to the addresses set forth in the Order Form.The notices will be deemed to have been given upon: (i) the date actually delivered in person; (ii) the day after the date sent by overnight courier; (iii) three (3) days following the date such notice was mailed by first class mail; or (iv) the date sent by email to Ironclad at legal@ironcladhq.com or Customer at the Customer’s notice email address specified in the Order Form.
- Severability. In the event any provision of this Agreement is held to be invalid or unenforceable, the remaining provisions of this Agreement will remain in full force and effect.
- Force Majeure. Neither party will be liable hereunder by reason of any failure or delay in the performance of its obligations hereunder (except for the payment of money owed) on account of events beyond the reasonable control of such party, which may include without limitation denial-of-service attacks, strikes, shortages, riots, insurrection, fires, flood, storm, explosions, pandemics, acts of God, war, terrorism, governmental action, labor conditions, earthquakes, rolling blackouts, and internet connectivity disruptions.
- Relationship Between the Parties. Nothing in this Agreement will be construed to create a partnership, joint venture or agency relationship between the parties.
- Assignment. Neither party may assign its rights or obligations under this Agreement without the other party’s prior written consent. Notwithstanding the foregoing, either party may assign its rights and obligations under this Agreement to an Affiliate as part of a reorganization, or to a purchaser of its business entity or substantially all of its assets or business to which rights and obligations pertain without the other party’s consent, provided that: (a) the purchaser is not insolvent or otherwise unable to pay its debts as they become due; (b) the purchaser is not a competitor of the other party; and (c) any assignee is bound hereby. Other than the foregoing, any attempt by either party to transfer its rights or obligations under this Agreement will be void.
- Entire Agreement. This Agreement (including any Exhibits hereto) constitutes the complete and exclusive agreement between the parties concerning its subject matter and supersedes all prior or contemporaneous agreements or understandings, written or oral, concerning the subject matter of this Agreement.
- Amendment. This Agreement may not be modified or amended except in a writing signed by a duly authorized representative of each party.
- No Third-Party Beneficiaries. This Agreement is intended for the sole and exclusive benefit of the signatories and is not intended to benefit any third party. Only the parties to this Agreement may enforce it.
Exhibit A
IRONCLAD SERVICE LEVEL AGREEMENT & TECHNICAL SUPPORT SCHEDULE
This Ironclad Service Level Agreement (“SLA”) & Technical Support Schedule (“TSS”) shall be governed by and incorporated by reference into the Enterprise Services Agreement and the applicable Order Form entered into between the parties. All capitalized terms contained but not defined herein shall have the meaning ascribed to them in the Agreement.
A. Service Level Agreement. The SLA shall apply solely to Customer’s use of the CLM Services and Clickwrap Services.
- Defined Terms.
- “Activity API” means the portions of the Clickwrap Services that programmatically display contracts inside of a web page or mobile app, retrieve acceptance data for individual users, and send acceptance of contracts.
- “Application User Interface” means the dashboard portion of the Clickwrap Services accessed via the Internet through a web browser to create and publish contracts, download electronic records of acceptance, and send contracts.
- “Emergency Maintenance” means maintenance performed to fix critical functionality, vulnerabilities, or material defects that may substantially impair the usability or performance of the CLM Services or Clickwrap Services.
- “Excused Maintenance” means Emergency Maintenance and Scheduled Maintenance.
- “Downtime” means at least one of the following: a) the inability to log in to our web applications or APIs or b) the major degradation of a functional feature.
- "REST API” means the portions of the Clickwrap Services that are accessed programmatically for integrations into third party applications.
- “Scheduled Availability Time” means twenty-four (24) hours a day, seven (7) days a week, excluding: (i) Excused Maintenance, (ii) any Downtime due to defects caused by Customer, one of its vendors, third party connections, utilities, or equipment, or caused by other forces beyond the reasonable control of Ironclad (such as denial of service attacks, internet or third-party service outages or outages with respect to Customer’s network or internet access).
- “Scheduled Maintenance” is any system maintenance performed during a maintenance window. The maintenance window, if one is scheduled, will be available at least two weeks prior to the maintenance window at either: a) https://status.ironcladapp.com/ for CLM Services or b) https://status.pactsafe.com/ for Clickwrap Services.
- “Service Credits” are credits for which Customer may be eligible if Ironclad fails to meet the Target Uptime. The availability of Customer’s instance per calendar month and corresponding Service Credits are set forth in the table below.Availability Per Calendar MonthService Credit
<99.7% ->= 99.0% 1% of the Annual Subscription Fee<99.0% ->= 95.0% 2% of the Annual Subscription FeeBelow 95% 3% of the Annual Subscription Fee - “Service Credit Request” means a request to Ironclad at support@ironcladhq.com stating that Customer believes that Ironclad has failed to meet the Target Uptime.
- “Target Uptime” means CLM Target Uptime and Clickwrap Target Uptime.
2. CLM Target Uptime. During the Term of the Agreement, Ironclad will use all commercially reasonable efforts to make the CLM Services available and operational to Customer for 99.7% of the Scheduled Availability Time (the “CLM Target Uptime”) as shown on https://status.ironcladapp.com/. If Ironclad does not meet the CLM Target Uptime and Customer is affected by Downtime, Customer will be eligible to receive the applicable Service Credits.
3. CW Target Uptime. During the Term of the Agreement, Ironclad will use all commercially reasonable efforts to make the Application User Interface, REST API, and Activity API available and operational to the Customer for 99.7% of the Scheduled Availability Time (the “CW Target Uptime”), as tracked by each such measure on https://status.pactsafe.com/. If Ironclad does not meet the CW Target Uptime as to any of the three measures and Customer is affected by Downtime, Customer will be eligible to receive the applicable Service Credits.
4. Service Credits. To receive a Service Credit, Customer must issue a Service Credit Request within 7 days of the last day of the month in which Customer believes Ironclad’s failure to meet the Target Uptime occurred. Promptly after receipt of a Service Credit Request, Ironclad will investigate the request and notify Customer that either: (i) a Service Credit is due; or (ii) no Service Credit is due and state the basis of this determination. If Ironclad determines a Service Credit is due, then Ironclad will apply the applicable Service Credits to Customer’s account for future fees due. Service Credits have no cash value and are Customer's sole and exclusive remedy for any failure by Ironclad to meet the Target Uptime.
B. Ironclad Technical Support Schedule.
1. Maintenance. Ironclad will make available to Customer all generally available updates and bug fixes to the Enterprise Services. Ironclad will take commercially reasonable efforts to perform Scheduled Maintenance during off-peak hours.
2. Support. Ironclad is available to receive Enterprise Services support inquiries via email (support@ironcladhq.com). Ironclad’s support hours are 08:00 AM to 8:00 PM Eastern Standard Time Monday through Friday (excluding standard U.S. holidays) for technical information, technical advice, and technical consultation regarding Customer’s use of the Enterprise Services.
3. Help Center Access.Customer shall have 24x7 access to our online Help Center (https://support.ironcladapp.com) for any best practices, integration instructions, or product questions.
4. Email & Web Form Cases. Customer shall have the ability to submit support requests 24x7 through email (support@ironcladhq.com) or the web form accessible via the Ironclad website or Help Center (https://support.ironcladapp.com).
Effective May 28th 2024 to July 5th 2024
DownloadTable of Contents
This Enterprise Services Agreement is entered into by and between Ironclad, Inc. (“Ironclad”) and the organization agreeing to the terms of this Agreement (“Customer”). This Agreement shall be effective as of the “Effective Date” of the first Order Form, or similar form referencing or otherwise incorporating this Agreement, between Customer and Ironclad.
- DEFINITIONS
- “Affiliate” means a legal entity that controls, is controlled by, or is under common control with a party, where “control” is defined as owning more than 50% of the voting shares of such entity.
- “Agreement” means this Enterprise Services Agreement, any Exhibits, and each Order Form.
- “Authorized User” means an employee or contractor of Customer or its Affiliates that Customer has registered to access and use the Enterprise Services.
- “Confidential Information” means any business or technical information disclosed by one party to the other party, including Customer Data, provided that it is identified as confidential at the time of disclosure or that under the circumstances, a person exercising reasonable business judgment would understand it to be confidential or proprietary.
- “Customer Data” means the data and information input or uploaded into the Enterprise Services by Customer or Authorized Users. All Customer Data shall be treated as Confidential Information.
- “Enterprise Services” means the cloud-based web platform delivered and accessible through https://www.ironcladapp.com that provides contract management and workflow-related services (the “CLM Services”), and/or the cloud-based web platform delivered and accessible through Ironclad’s website located at: https://app.pactsafe.com that provides contract acceptance, clickwrap, and legal term-management-related services (the “Clickwrap Services”), and the services performed by Ironclad to configure and rollout the platform(s) to Customer and Authorized Users, as described in an applicable Order Form.
- “Intellectual Property Rights” means patent rights (including, without limitation, patent applications and disclosures), copyrights, trade secrets, moral rights, know-how, and any other intellectual property rights recognized in any country or jurisdiction.
- “Order Form” means the document that Customer uses to order the Enterprise Services that is signed by both Customer and Ironclad.
- “Usage Data” means anonymized and aggregated platform-level information or data, collected and owned by Ironclad, that (i) tracks Customer’s use of the Enterprise Services, (ii) tracks the performance of the Enterprise Services and (iii) enables the functionality of certain optional features within the Enterprise Services.
- ENTERPRISE SERVICES
- Enterprise Services. Customer and its Authorized Users may access and use the Enterprise Services solely for Customer’s own business purposes in accordance with the Agreement.
- Cooperation and Assistance. Customer will cooperate with Ironclad in good faith and provide to Ironclad the information and personnel that Ironclad reasonably requests and requires to provide the Enterprise Services. Customer, at its option, may utilize certain third-party software and services with the Enterprise Services and is responsible for acquiring and maintaining all such third-party software and services required to access, use, or integrate with the Enterprise Services, including all costs related to the foregoing.
- Authorized Users. Customer will keep its user IDs and passwords for the Enterprise Services confidential and will be responsible for all actions taken under an Authorized User’s account. Customer will comply with all applicable laws, rules and regulations in connection with its use of the Enterprise Services. Customer will promptly notify Ironclad of any suspected violation of this Agreement by an Authorized User and will cooperate with Ironclad to address the suspected violation. Ironclad may suspend an Authorized User’s access to the Enterprise Services upon notice to Customer in the event that Ironclad reasonably determines that such Authorized User violated this Agreement. Ironclad agrees to work, in good faith, with Customer to resolve any such issue and restore access as soon as possible.
- Restrictions. Customer will not allow anyone other than Authorized Users to access or use the Enterprise Services from Customer’s accounts. Customer will not and will ensure that its Authorized Users do not: (i) attempt to interfere with or disrupt the Enterprise Services (or any related systems or networks) or use the Enterprise Services other than directly for Customer’s benefit; (ii) copy, modify or distribute any portion of the Enterprise Services; (iii) rent, lease, or resell the Enterprise Services; (iv) transfer any of its rights hereunder; or (v) reverse-engineer or access the Enterprise Services in order to build a competitive product or service.
- Customer Data. Customer is responsible for obtaining any necessary right and licenses for use of the Customer Data by Customer and Ironclad as contemplated in this Agreement. Customer agrees that it has the legal right and authority to access, use and disclose to Ironclad any Customer Data. Customer authorizes Ironclad to access, process, and use the Customer Data as necessary to perform and fulfill its obligations hereunder. Ironclad will process and maintain Customer Data consistent with the Data Processing Addendum located at https://legal.ironcladapp.com/#dpa ("DPA") on the Effective Date and hereby incorporated by reference.
- Information Security. Ironclad will use commercially reasonable and industry standard technical and organizational measures designed to prevent unauthorized access, use, alteration or disclosure of the Enterprise Services or Customer Data.
- Usage Data. Ironclad may collect and analyze data and information relating to Customer’s use and the performance of the Enterprise Services and related systems and technologies therefrom to improve and enhance the Enterprise Services. Nothing in the Agreement will restrict Ironclad from collecting, using and/or analyzing Usage Data from Customer in an anonymized, aggregated manner for purposes of improving and enhancing the quality and nature of the Enterprise Services, or to market or publish general information and statistics, provided that Ironclad does not specifically identify Customer (or disclose data in a manner that Customer or Customer’s Authorized Users could subsequently be identified) or disclose any personally identifiable information or Confidential Information in the course of collecting, using, analyzing, marketing or publishing that data or information. Customer acknowledges that in order for Customer to utilize all Ironclad AI product features available in the Enterprise Services, including but not limited to Smart Import, AI Playbooks, AI Assist, Ironclad shall utilize Usage Data to enable the functioning of these features.
- Electronic Signatures. Customer acknowledges and agrees that: (i) as between Ironclad and Customer, Customer has exclusive control and responsibility for the content, quality, and format of any documents used with the Enterprise Services; (ii) certain types of documents, agreements, or contracts may be excluded from general electronic signature laws (such as wills, trusts, court orders, or family law matters), or may have specific regulations that are applicable to them; and, (iii) Customer is solely responsible for ensuring that the documents, agreements or contracts it uses with the Enterprise Services are appropriate for electronic signatures, and Ironclad is not responsible or liable for any such determination or use; (iv) Consumer protection laws or regulations may impose specific requirements for electronic transactions involving consumers, Customer is solely responsible for ensuring it complies with all such laws/regulations, and Ironclad has no obligations to make such determination or assist with fulfilling any requirements therein; (v) Ironclad is not responsible for determining how long any contracts, documents, or other records are required to be retained or stored under any applicable laws; and (vi) Ironclad is not responsible for or liable to produce any of Customer’s contracts or other documents to any third parties. If Customer is using an API or other service that allows Customer to perform any end user/participant/signer authentication, then Customer is solely responsible and liable for such authentication.
- Third Party Software. The Enterprise Services may contain features designed to interoperate with a web-based or offline software application that is provided by Customer or a third party and interoperates with the Enterprise Services (collectively referred to herein as the “Third Party Software”). To use such features, Customer may be required to obtain access to Third Party Software from their providers, and may be required to grant Ironclad access to its account(s) on the Third Party Software. If Customer enables any Third Party Software for use with the Enterprise Services, Customer grants Ironclad permission to allow the provider of that Third Party Software to access Customer Data as required for the interoperation of that Third Party Software with the Enterprise Services. Any acquisition by Customer of such Third Party Software, and any exchange of data between Customer and any provider of the Third Party Software, is solely between Customer and the applicable Third Party Software provider. Ironclad does not warrant or support any Third Party Software. Ironclad is not responsible for the operation of any Third Party Software nor the availability or operation of the Enterprise Services to the extent such availability and/or operation is dependent upon Third Party Software.
- FEES; EXPENSES; TAXES
- Fees. Customer will pay to Ironclad the fees in accordance with the terms set forth in the applicable Order Form(s) and this Section 3.
- Invoices; Payment. Ironclad will invoice Customer annually in advance for the Enterprise Services and each invoice will be due and payable in accordance with the Order Form. All payment obligations are non-cancellable, and other than as provided in the Agreement, all amounts paid are non-refundable. If any undisputed amounts payable by Customer are still outstanding more than fifteen (15) days after Customer receives notice of non-payment, Ironclad will be entitled, in its sole discretion, to withhold performance and discontinue Customer’s access to the Enterprise Services until all undisputed amounts past due are paid in full.
- Purchase Orders. If Customer requires the use of a purchase order, Customer is responsible for providing the applicable purchase order at the time of purchase. The parties acknowledge and agree that any terms and conditions included in any purchase order, vendor portal or any similar Customer specific invoicing process are void and will not apply between the parties or to Customer’s purchase of the Enterprise Services.
- Taxes. All Fees and other amounts stated or referred to in this Agreement are exclusive of all taxes, duties, levies, tariffs, and other governmental charges (collectively, “Taxes”). Customer will be responsible for payment of all Taxes and any related interest and/or penalties resulting from any payments made hereunder, other than any taxes based on Ironclad’s net income. If Ironclad has the legal obligation to pay or collect Taxes for which Customer is responsible, the appropriate amount shall be invoiced to and paid by Customer unless Customer provides Ironclad with a valid tax exemption certificate authorized by the appropriate taxing authority.
- PROPRIETARY RIGHTS.
- Customer owns and retains: (i) the Customer Data; (ii) Customer’s name, logo and other trademarks; and (iii) all Intellectual Property Rights in and to any of the foregoing.
- Ironclad owns and retains: (i) the Enterprise Services, and all improvements, enhancements or modifications made by any party; (ii) the Usage Data; (iii) any software, applications, inventions or other technology developed by Ironclad in connection with providing the Enterprise Services; (iv) Ironclad’s name, logo, and other trademarks; and (v) all Intellectual Property Rights in and to any of the foregoing.
- Neither party shall have the right to use the name, trademarks, logos, or any other proprietary identifiers of the other party in any advertising or promotional materials, whether printed, electronic, or otherwise, without the prior written consent of the other party.
- CONFIDENTIALITY
- Use and Nondisclosure. A receiving party will not use the disclosing party’s Confidential Information except as necessary under this Agreement and will not disclose Confidential Information to any third party except: (i) to those of its employees and contractors who have a business need to know such Confidential Information; provided that each such employee and contractor is bound to confidentiality restrictions at least as restrictive as the terms set forth in this Agreement or (ii) as further described in the Data Processing Addendum. Each receiving party will protect the disclosing party’s Confidential Information from unauthorized use and disclosure using efforts equivalent to the efforts that the receiving party uses with respect to its own confidential information and in no event less than a reasonable standard of care. The provisions of this Section 5(a) will remain in effect during the Term and for a period of five (5) years after the expiration or termination thereof, except with regard to trade secrets of the disclosing party, which will be held in confidence for as long as such information remains a trade secret.
- Exclusions. The obligations and restrictions set forth in Section 5(a) will not apply to any information that: (i) is or becomes generally known to the public through no fault of or breach of this Agreement by the receiving party; (ii) is rightfully known by the receiving party at the time of disclosure; (iii) is independently developed by the receiving party without access to the disclosing party’s Confidential Information; or (iv) the receiving party rightfully obtains from a third party who has the right to disclose such information without breach of any confidentiality obligation to the disclosing party.
- Permitted Disclosures. The provisions of this Section 5 will not restrict either party from disclosing the other party’s Confidential Information: (i) pursuant to the order or requirement of a court, administrative agency, or other governmental body; provided that to the extent legally permitted, the party required to make such a disclosure gives reasonable notice to the other party to enable it to contest such order or requirement or limit the scope of such request; (ii) on a confidential basis to its legal or professional financial advisors; (iii) as required under applicable securities regulations.
- Injunctive Relief. The receiving party acknowledges that disclosure of Confidential Information could cause substantial harm for which damages alone may not be a sufficient remedy, and therefore that upon any such disclosure by the receiving party, the disclosing party will be entitled to seek appropriate equitable relief in addition to whatever other remedies it might have at law.
- WARRANTY
- Warranty for Enterprise Services. Ironclad warrants solely to Customer that (i) the Enterprise Services will materially conform to the description set forth in this Agreement and the applicable Order Form; and (ii) the Enterprise Services will materially comply with all applicable laws, including federal, state, and local; in each case under normal use and circumstances when used consistently with the terms of this Agreement. As Ironclad’s sole and exclusive liability and Customer’s sole and exclusive remedy for any breach of the warranty set forth in this Section 6(a) Ironclad will (x) use commercially reasonable efforts to modify the Enterprise Services to correct the non-conformity, and (y) if such non-conformity is not corrected within thirty (30) days, Customer may terminate this Agreement and receive a pro rata refund of prepaid fees for the remaining portion of the Term after the termination date.
- Disclaimer. EXCEPT AS EXPRESSLY PROVIDED IN SECTION 6(a), IRONCLAD MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND WHATSOEVER, EXPRESS OR IMPLIED, IN CONNECTION WITH THIS AGREEMENT OR THE ENTERPRISE SERVICES AND IRONCLAD HEREBY DISCLAIMS ANY IMPLIED WARRANTIES OF MERCHANTABILITY, ACCURACY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT, AND ANY WARRANTIES ARISING FROM COURSE OF DEALING OR USAGE OF TRADE. IRONCLAD DISCLAIMS ANY WARRANTY THAT THE ENTERPRISE SERVICES WILL BE ERROR FREE OR UNINTERRUPTED OR THAT ALL ERRORS WILL BE CORRECTED. NO ADVICE OR INFORMATION, WHETHER ORAL OR WRITTEN, OBTAINED FROM IRONCLAD OR ELSEWHERE SHALL CREATE ANY WARRANTY NOT EXPRESSLY STATED IN THIS AGREEMENT. Customer assumes sole responsibility and liability for results obtained from the use of the Enterprise Services and for conclusions drawn from such use. Ironclad will have no liability for any claims, losses, or damages caused by errors or omissions in any Customer Data or other information provided to Ironclad by Customer in connection with the Enterprise Services or any actions taken by Ironclad at Customer’s direction. Ironclad will have no liability for any claims, losses or damages arising out of or in connection with Customer’s or any Authorized User’s use of any third-party products, services, software or web sites that Customer may choose to integrate or use with the Enterprise Services.
- TERM AND TERMINATION
- Term. This Agreement will commence on the Effective Date and continue for the period specified in the Order Form (the “Term”), unless terminated earlier as provided in this Agreement.
- Termination for Cause. Either party may terminate this Agreement upon written notice if the other party breaches any material terms of this Agreement and fails to correct the breach within thirty (30) days following written notice from the non-breaching party specifying the breach.
- Rights and Obligations Upon Expiration or Termination. Upon expiration or termination of this Agreement, Customer’s and Authorized Users’ right to access and use the Enterprise Services will immediately terminate and each will immediately cease all use of the Enterprise Services.Customer and its Authorized Users have the right to export all Customer Data, at any time, prior to the effective date of expiration or termination of this Agreement. Upon expiration or termination of this Agreement, Ironclad will delete all Customer Data in accordance with the Section 8(b) of the DPA.
- Survival. The rights and obligations of Ironclad and Customer contained in Sections 2(g) (Usage Data), 3 (Fees; Expenses; Taxes), 4 (Proprietary Rights), 5 (Confidentiality), 7(c) (Rights and Obligations Upon Expiration or Termination), 7(d) (Survival), 8 (Indemnification), 9 (Limitation of Liability), and 10 (General) will survive any expiration or termination of this Agreement.
- INDEMNIFICATION
- Indemnification by Ironclad. Ironclad will defend Customer, its officers, directors and employees, from and against any suit or action brought by a third-party against Customer: (i) alleging that the Enterprise Services, as provided by Ironclad and when used by Customer pursuant to this Agreement, infringes any Intellectual Property Right of a third party (the “IP Indemnity”); or (ii) resulting from unauthorized disclosure and misuse of Customer Data directly resulting from Ironclad’s breach of its obligations under Section 2(e) (Customer Data) or Section 2(f) (Information Security) (the “Data Indemnity”). Ironclad shall indemnify and hold harmless Customer from and against any damages and costs awarded against Customer or agreed in settlement by Ironclad (including reasonable attorneys’ fees) resulting from such claim, provided that: (x) Customer provides Ironclad with prompt written notice of such claim; (y) Customer provides reasonable cooperation to Ironclad, at Ironclad’s expense, in the defense and settlement of such claim; and (z) Ironclad has sole authority to defend or settle such claim, provided that it may not settle any claim in a manner that imposes any material liability upon Customer or requires Customer to admit wrongdoing.
- Injunctions. If Customer’s use of the Enterprise Services is, or in Ironclad’s opinion is likely to be, enjoined due to the type of claim specified in Section 8(a)(i), then Ironclad may at its sole option and expense: (i) replace or modify the Enterprise Services to make them non-infringing and of equivalent functionality; (ii) procure for Customer the right to continue using the Enterprise Services under the terms of this Agreement; or (iii) if Ironclad is unable to accomplish either (i) or (ii) despite using its commercially reasonable efforts, terminate Customer’s rights and Ironclad’s obligation under this Agreement with respect to such Enterprise Services and refund to Customer a pro-rata portion of the Fees paid for the remaining portion of the Term during which Customer would have had access to the Enterprise Services.
- Exclusions. Notwithstanding the terms of Section 8(a), Ironclad will have no liability for any claim of any kind to the extent that it arises from: (i) Customer Data, Third-Party Products, or any other portions or components of the Enterprise Services not supplied by Ironclad; (ii) any modification, combination, or development of the Enterprise Services or portions or components thereof that is not performed by Ironclad; (iii) the combination, operation or use of the Enterprise Services with equipment, devices, or software not supplied by Ironclad, if a claim would not have occurred but for such combination, operation or use; or (iv) Customer’s or an Authorized User’s use of the Enterprise Services other than in accordance with this Agreement.
- Sole Remedy. THE FOREGOING STATES IRONCLAD’S AND ITS LICENSORS’ SOLE LIABILITY AND CUSTOMER’S SOLE AND EXCLUSIVE REMEDY WITH RESPECT TO ANY ALLEGED OR ACTUAL INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY RIGHTS BY THE ENTERPRISE SERVICES.
- Indemnification by Customer. Customer will defend Ironclad, its officers, directors and employees, from and against any action or suit brought against Ironclad by a third party or an Authorized User (i) alleging the Customer Data infringes or misappropriates any Intellectual Property Rights; (ii) related to ownership or use of Customer Data; or (iii) related to the Customer administrator’s actions with respect to the Customer’s account. Customer will indemnify and hold harmless Ironclad from and against any damages and costs awarded against Ironclad or agreed in settlement by Customer (including reasonable attorneys’ fees) resulting from such claim, provided that (x) Ironclad provides Customer with prompt written notice of such claim; (y) Ironclad provides reasonable cooperation to Customer, at Customer’s expense, in the defense and settlement of such claim; and (z) Customer has sole authority to defend or settle such claim, provided that it may not settle any claim in a manner that imposes any material liability upon Ironclad or requires Ironclad to admit wrongdoing.
- LIMITATION OF LIABILITY.
- Exclusion of Damages. To the fullest extent permitted by law, except for Excluded Claims (as defined below in Section 9(c) and for which there will be no cap on liability), neither Customer nor Ironclad, and its Affiliates and suppliers, will be liable under this Agreement for (i) indirect, special, incidental, consequential, exemplary, or punitive damages; or (ii) loss of use, data, business, revenues, or profits (in each case whether direct or indirect), even if the party knew or should have known that such damages were possible, even if a remedy fails of its essential purpose, and regardless of the type of action or theory of liability.
- Total Liability. To the fullest extent permitted by law, except for Excluded Claims (for which there shall be no cap on liability) or Special Claims (which are subject to the Enhanced Liability Cap set forth in Section 9(d)), neither party’s aggregate liability under this Agreement will exceed the amount paid by Customer to Ironclad during the twelve months prior to the event giving rise to liability.
- Excluded Claims. “Excluded Claims” means: (i) any intentional misconduct or gross negligence by either party; (ii) any amounts payable to third parties pursuant to Ironclad’s IP Indemnity obligations under Section 8(a)(i); or (iii) any amounts payable to third parties pursuant to Customer’s indemnification obligations under Section 8(e) (Indemnification by Customer).
- Special Claims. “Special Claims” means (i) any breach by Ironclad of Section 2(e) (Customer Data), Section 2(f) (Information Security), or Section 5 (Confidentiality) resulting in unauthorized disclosure and misuse of Customer Data; or (ii) any amounts payable to third parties pursuant to Ironclad’s Data Indemnity obligations under Section 8(a)(ii). For any and all Special Claims, Ironclad’s aggregate liability shall be subject to an enhanced liability cap not to exceed three times (3x) the amount paid by Customer to Ironclad during the twelve months prior to the event giving rise to liability (the “Enhanced Liability Cap”).
- GENERAL
- Governing Law. This Agreement will be governed by the laws of the State of California, without regard to its conflict of law provisions. Any legal action or proceeding relating to this Agreement will be brought exclusively in the state or federal courts located in San Francisco, CA. Ironclad and Customer hereby agree to submit to the jurisdiction of, and agree that venue is proper in those courts in any such legal action or proceeding.
- Order of Preference. In the event of a conflict between the Enterprise Services Agreement and Order Form, the order of preference will be the Enterprise Services Agreement, then the Order Form, unless the Order Form contains a Special Terms section, which is intended to modify the standard terms of this Enterprise Services Agreement.
- Waiver. The waiver by either party of any default or breach of this Agreement will not constitute a waiver of any other or subsequent default or breach. No waiver of any provision of this Agreement will be effective unless it is in writing and signed by the party granting the waiver.
- Notices. Notices will be sent to the addresses set forth in the Order Form.The notices will be deemed to have been given upon: (i) the date actually delivered in person; (ii) the day after the date sent by overnight courier; (iii) three (3) days following the date such notice was mailed by first class mail; or (iv) the date sent by email to Ironclad at legal@ironcladhq.com or Customer at the Customer’s notice email address specified in the Order Form.
- Severability. In the event any provision of this Agreement is held to be invalid or unenforceable, the remaining provisions of this Agreement will remain in full force and effect.
- Force Majeure. Neither party will be liable hereunder by reason of any failure or delay in the performance of its obligations hereunder (except for the payment of money owed) on account of events beyond the reasonable control of such party, which may include without limitation denial-of-service attacks, strikes, shortages, riots, insurrection, fires, flood, storm, explosions, pandemics, acts of God, war, terrorism, governmental action, labor conditions, earthquakes, rolling blackouts, and internet connectivity disruptions.
- Relationship Between the Parties. Nothing in this Agreement will be construed to create a partnership, joint venture or agency relationship between the parties.
- Assignment. Neither party may assign its rights or obligations under this Agreement without the other party’s prior written consent. Notwithstanding the foregoing, either party may assign its rights and obligations under this Agreement to an Affiliate as part of a reorganization, or to a purchaser of its business entity or substantially all of its assets or business to which rights and obligations pertain without the other party’s consent, provided that: (a) the purchaser is not insolvent or otherwise unable to pay its debts as they become due; (b) the purchaser is not a competitor of the other party; and (c) any assignee is bound hereby. Other than the foregoing, any attempt by either party to transfer its rights or obligations under this Agreement will be void.
- Entire Agreement. This Agreement (including any Exhibits hereto) constitutes the complete and exclusive agreement between the parties concerning its subject matter and supersedes all prior or contemporaneous agreements or understandings, written or oral, concerning the subject matter of this Agreement.
- Amendment. This Agreement may not be modified or amended except in a writing signed by a duly authorized representative of each party.
- No Third-Party Beneficiaries. This Agreement is intended for the sole and exclusive benefit of the signatories and is not intended to benefit any third party. Only the parties to this Agreement may enforce it.
Exhibit A
IRONCLAD SERVICE LEVEL AGREEMENT & TECHNICAL SUPPORT SCHEDULE
This Ironclad Service Level Agreement (“SLA”) & Technical Support Schedule (“TSS”) shall be governed by and incorporated by reference into the Enterprise Services Agreement and the applicable Order Form entered into between the parties. All capitalized terms contained but not defined herein shall have the meaning ascribed to them in the Agreement.
A. Service Level Agreement. The SLA shall apply solely to Customer’s use of the CLM Services and Clickwrap Services.
- Defined Terms.
- “Activity API” means the portions of the Clickwrap Services that programmatically display contracts inside of a web page or mobile app, retrieve acceptance data for individual users, and send acceptance of contracts.
- “Application User Interface” means the dashboard portion of the Clickwrap Services accessed via the Internet through a web browser to create and publish contracts, download electronic records of acceptance, and send contracts.
- “Emergency Maintenance” means maintenance performed to fix critical functionality, vulnerabilities, or material defects that may substantially impair the usability or performance of the CLM Services or Clickwrap Services.
- “Excused Maintenance” means Emergency Maintenance and Scheduled Maintenance.
- “Downtime” means at least one of the following: a) the inability to log in to our web applications or APIs or b) the major degradation of a functional feature.
- "REST API” means the portions of the Clickwrap Services that are accessed programmatically for integrations into third party applications.
- “Scheduled Availability Time” means twenty-four (24) hours a day, seven (7) days a week, excluding: (i) Excused Maintenance, (ii) any Downtime due to defects caused by Customer, one of its vendors, third party connections, utilities, or equipment, or caused by other forces beyond the reasonable control of Ironclad (such as denial of service attacks, internet or third-party service outages or outages with respect to Customer’s network or internet access).
- “Scheduled Maintenance” is any system maintenance performed during a maintenance window. The maintenance window, if one is scheduled, will be available at least two weeks prior to the maintenance window at either: a) https://status.ironcladapp.com/ for CLM Services or b) https://status.pactsafe.com/ for Clickwrap Services.
- “Service Credits” are credits for which Customer may be eligible if Ironclad fails to meet the Target Uptime. The availability of Customer’s instance per calendar month and corresponding Service Credits are set forth in the table below.Availability Per Calendar MonthService Credit
<99.7% ->= 99.0% 1% of the Annual Subscription Fee<99.0% ->= 95.0% 2% of the Annual Subscription FeeBelow 95% 3% of the Annual Subscription Fee - “Service Credit Request” means a request to Ironclad at support@ironcladhq.com stating that Customer believes that Ironclad has failed to meet the Target Uptime.
- “Target Uptime” means CLM Target Uptime and Clickwrap Target Uptime.
2. CLM Target Uptime. During the Term of the Agreement, Ironclad will use all commercially reasonable efforts to make the CLM Services available and operational to Customer for 99.7% of the Scheduled Availability Time (the “CLM Target Uptime”) as shown on https://status.ironcladapp.com/. If Ironclad does not meet the CLM Target Uptime and Customer is affected by Downtime, Customer will be eligible to receive the applicable Service Credits.
3. CW Target Uptime. During the Term of the Agreement, Ironclad will use all commercially reasonable efforts to make the Application User Interface, REST API, and Activity API available and operational to the Customer for 99.7% of the Scheduled Availability Time (the “CW Target Uptime”), as tracked by each such measure on https://status.pactsafe.com/. If Ironclad does not meet the CW Target Uptime as to any of the three measures and Customer is affected by Downtime, Customer will be eligible to receive the applicable Service Credits.
4. Service Credits. To receive a Service Credit, Customer must issue a Service Credit Request within 7 days of the last day of the month in which Customer believes Ironclad’s failure to meet the Target Uptime occurred. Promptly after receipt of a Service Credit Request, Ironclad will investigate the request and notify Customer that either: (i) a Service Credit is due; or (ii) no Service Credit is due and state the basis of this determination. If Ironclad determines a Service Credit is due, then Ironclad will apply the applicable Service Credits to Customer’s account for future fees due. Service Credits have no cash value and are Customer's sole and exclusive remedy for any failure by Ironclad to meet the Target Uptime.
B. Ironclad Technical Support Schedule.
1. Maintenance. Ironclad will make available to Customer all generally available updates and bug fixes to the Enterprise Services. Ironclad will take commercially reasonable efforts to perform Scheduled Maintenance during off-peak hours.
2. Support. Ironclad is available to receive Enterprise Services support inquiries via email (support@ironcladhq.com). Ironclad’s support hours are 08:00 AM to 8:00 PM Eastern Standard Time Monday through Friday (excluding standard U.S. holidays) for technical information, technical advice, and technical consultation regarding Customer’s use of the Enterprise Services.
3. Help Center Access.Customer shall have 24x7 access to our online Help Center (https://support.ironcladapp.com) for any best practices, integration instructions, or product questions.
4. Email & Web Form Cases. Customer shall have the ability to submit support requests 24x7 through email (support@ironcladhq.com) or the web form accessible via the Ironclad website or Help Center (https://support.ironcladapp.com).
Effective May 9th 2024 to May 28th 2024
DownloadTable of Contents
This Enterprise Services Agreement is entered into by and between Ironclad, Inc. (“Ironclad”) and the organization agreeing to the terms of this Agreement (“Customer”). This Agreement shall be effective as of the “Effective Date” of the first Order Form, or similar form referencing or otherwise incorporating this Agreement, between Customer and Ironclad.
- DEFINITIONS
- “Affiliate” means a legal entity that controls, is controlled by, or is under common control with a party, where “control” is defined as owning more than 50% of the voting shares of such entity.
- “Agreement” means this Enterprise Services Agreement, any Exhibits, and each Order Form.
- “Authorized User” means an employee or contractor of Customer or its Affiliates that Customer has registered to access and use the Enterprise Services.
- “Confidential Information” means any business or technical information disclosed by one party to the other party, including Customer Data, provided that it is identified as confidential at the time of disclosure or that under the circumstances, a person exercising reasonable business judgment would understand it to be confidential or proprietary.
- “Customer Data” means the data and information input or uploaded into the Enterprise Services by Customer or Authorized Users. All Customer Data shall be treated as Confidential Information.
- “Enterprise Services” means the cloud-based web platform delivered and accessible through https://www.ironcladapp.com that provides contract management and workflow-related services (the “CLM Services”), and/or the cloud-based web platform delivered and accessible through Ironclad’s website located at: https://app.pactsafe.com that provides contract acceptance, clickwrap, and legal term-management-related services (the “Clickwrap Services”), and the services performed by Ironclad to configure and rollout the platform(s) to Customer and Authorized Users, as described in an applicable Order Form.
- “Intellectual Property Rights” means patent rights (including, without limitation, patent applications and disclosures), copyrights, trade secrets, moral rights, know-how, and any other intellectual property rights recognized in any country or jurisdiction.
- “Order Form” means the document that Customer uses to order the Enterprise Services that is signed by both Customer and Ironclad.
- “Usage Data” means anonymized and aggregated platform-level information or data, collected and owned by Ironclad, that (i) tracks Customer’s use of the Enterprise Services, (ii) tracks the performance of the Enterprise Services and (iii) enables the functionality of certain optional features within the Enterprise Services.
- ENTERPRISE SERVICES
- Enterprise Services. Customer and its Authorized Users may access and use the Enterprise Services solely for Customer’s own business purposes in accordance with the Agreement.
- Cooperation and Assistance. Customer will cooperate with Ironclad in good faith and provide to Ironclad the information and personnel that Ironclad reasonably requests and requires to provide the Enterprise Services. Customer, at its option, may utilize certain third-party software and services with the Enterprise Services and is responsible for acquiring and maintaining all such third-party software and services required to access, use, or integrate with the Enterprise Services, including all costs related to the foregoing.
- Authorized Users. Customer will keep its user IDs and passwords for the Enterprise Services confidential and will be responsible for all actions taken under an Authorized User’s account. Customer will comply with all applicable laws, rules and regulations in connection with its use of the Enterprise Services. Customer will promptly notify Ironclad of any suspected violation of this Agreement by an Authorized User and will cooperate with Ironclad to address the suspected violation. Ironclad may suspend an Authorized User’s access to the Enterprise Services upon notice to Customer in the event that Ironclad reasonably determines that such Authorized User violated this Agreement. Ironclad agrees to work, in good faith, with Customer to resolve any such issue and restore access as soon as possible.
- Restrictions. Customer will not allow anyone other than Authorized Users to access or use the Enterprise Services from Customer’s accounts. Customer will not and will ensure that its Authorized Users do not: (i) attempt to interfere with or disrupt the Enterprise Services (or any related systems or networks) or use the Enterprise Services other than directly for Customer’s benefit; (ii) copy, modify or distribute any portion of the Enterprise Services; (iii) rent, lease, or resell the Enterprise Services; (iv) transfer any of its rights hereunder; or (v) reverse-engineer or access the Enterprise Services in order to build a competitive product or service.
- Customer Data. Customer is responsible for obtaining any necessary right and licenses for use of the Customer Data by Customer and Ironclad as contemplated in this Agreement. Customer agrees that it has the legal right and authority to access, use and disclose to Ironclad any Customer Data. Customer authorizes Ironclad to access, process, and use the Customer Data as necessary to perform and fulfill its obligations hereunder. Ironclad will process and maintain Customer Data consistent with the Data Processing Addendum located at https://legal.ironcladapp.com/#dpa ("DPA") on the Effective Date and hereby incorporated by reference.
- Information Security. Ironclad will use commercially reasonable and industry standard technical and organizational measures designed to prevent unauthorized access, use, alteration or disclosure of the Enterprise Services or Customer Data.
- Usage Data. Ironclad may collect and analyze data and information relating to Customer’s use and the performance of the Enterprise Services and related systems and technologies therefrom to improve and enhance the Enterprise Services. Nothing in the Agreement will restrict Ironclad from collecting, using and/or analyzing Usage Data from Customer in an anonymized, aggregated manner for purposes of improving and enhancing the quality and nature of the Enterprise Services, or to market or publish general information and statistics, provided that Ironclad does not specifically identify Customer (or disclose data in a manner that Customer or Customer’s Authorized Users could subsequently be identified) or disclose any personally identifiable information or Confidential Information in the course of collecting, using, analyzing, marketing or publishing that data or information. Customer acknowledges that in order for Customer to utilize all Ironclad AI product features available in the Enterprise Services, including but not limited to Smart Import, AI Playbooks, AI Assist, Ironclad shall utilize Usage Data to enable the functioning of these features.
- Electronic Signatures. Customer acknowledges and agrees that: (i) as between Ironclad and Customer, Customer has exclusive control and responsibility for the content, quality, and format of any documents used with the Enterprise Services; (ii) certain types of documents, agreements, or contracts may be excluded from general electronic signature laws (such as wills, trusts, court orders, or family law matters), or may have specific regulations that are applicable to them; and, (iii) Customer is solely responsible for ensuring that the documents, agreements or contracts it uses with the Enterprise Services are appropriate for electronic signatures, and Ironclad is not responsible or liable for any such determination or use; (iv) Consumer protection laws or regulations may impose specific requirements for electronic transactions involving consumers, Customer is solely responsible for ensuring it complies with all such laws/regulations, and Ironclad has no obligations to make such determination or assist with fulfilling any requirements therein; (v) Ironclad is not responsible for determining how long any contracts, documents, or other records are required to be retained or stored under any applicable laws; and (vi) Ironclad is not responsible for or liable to produce any of Customer’s contracts or other documents to any third parties. If Customer is using an API or other service that allows Customer to perform any end user/participant/signer authentication, then Customer is solely responsible and liable for such authentication.
- Third Party Software. The Enterprise Services may contain features designed to interoperate with a web-based or offline software application that is provided by Customer or a third party and interoperates with the Enterprise Services (collectively referred to herein as the “Third Party Software”). To use such features, Customer may be required to obtain access to Third Party Software from their providers, and may be required to grant Ironclad access to its account(s) on the Third Party Software. If Customer enables any Third Party Software for use with the Enterprise Services, Customer grants Ironclad permission to allow the provider of that Third Party Software to access Customer Data as required for the interoperation of that Third Party Software with the Enterprise Services. Any acquisition by Customer of such Third Party Software, and any exchange of data between Customer and any provider of the Third Party Software, is solely between Customer and the applicable Third Party Software provider. Ironclad does not warrant or support any Third Party Software. Ironclad is not responsible for the operation of any Third Party Software nor the availability or operation of the Enterprise Services to the extent such availability and/or operation is dependent upon Third Party Software.
- FEES; EXPENSES; TAXES
- Fees. Customer will pay to Ironclad the fees in accordance with the terms set forth in the applicable Order Form(s) and this Section 3.
- Invoices; Payment. Ironclad will invoice Customer annually in advance for the Enterprise Services and each invoice will be due and payable in accordance with the Order Form. All payment obligations are non-cancellable, and other than as provided in the Agreement, all amounts paid are non-refundable. If any undisputed amounts payable by Customer are still outstanding more than fifteen (15) days after Customer receives notice of non-payment, Ironclad will be entitled, in its sole discretion, to withhold performance and discontinue Customer’s access to the Enterprise Services until all undisputed amounts past due are paid in full.
- Purchase Orders. If Customer requires the use of a purchase order, Customer is responsible for providing the applicable purchase order at the time of purchase. The parties acknowledge and agree that any terms and conditions included in any purchase order, vendor portal or any similar Customer specific invoicing process are void and will not apply between the parties or to Customer’s purchase of the Enterprise Services.
- Taxes. All Fees and other amounts stated or referred to in this Agreement are exclusive of all taxes, duties, levies, tariffs, and other governmental charges (collectively, “Taxes”). Customer will be responsible for payment of all Taxes and any related interest and/or penalties resulting from any payments made hereunder, other than any taxes based on Ironclad’s net income. If Ironclad has the legal obligation to pay or collect Taxes for which Customer is responsible, the appropriate amount shall be invoiced to and paid by Customer unless Customer provides Ironclad with a valid tax exemption certificate authorized by the appropriate taxing authority.
- PROPRIETARY RIGHTS.
- Customer owns and retains: (i) the Customer Data; (ii) Customer’s name, logo and other trademarks; and (iii) all Intellectual Property Rights in and to any of the foregoing.
- Ironclad owns and retains: (i) the Enterprise Services, and all improvements, enhancements or modifications made by any party; (ii) the Usage Data; (iii) any software, applications, inventions or other technology developed by Ironclad in connection with providing the Enterprise Services; (iv) Ironclad’s name, logo, and other trademarks; and (v) all Intellectual Property Rights in and to any of the foregoing.
- Neither party shall have the right to use the name, trademarks, logos, or any other proprietary identifiers of the other party in any advertising or promotional materials, whether printed, electronic, or otherwise, without the prior written consent of the other party.
- CONFIDENTIALITY
- Use and Nondisclosure. A receiving party will not use the disclosing party’s Confidential Information except as necessary under this Agreement and will not disclose Confidential Information to any third party except: (i) to those of its employees and contractors who have a business need to know such Confidential Information; provided that each such employee and contractor is bound to confidentiality restrictions at least as restrictive as the terms set forth in this Agreement or (ii) as further described in the Data Processing Addendum. Each receiving party will protect the disclosing party’s Confidential Information from unauthorized use and disclosure using efforts equivalent to the efforts that the receiving party uses with respect to its own confidential information and in no event less than a reasonable standard of care. The provisions of this Section 5(a) will remain in effect during the Term and for a period of five (5) years after the expiration or termination thereof, except with regard to trade secrets of the disclosing party, which will be held in confidence for as long as such information remains a trade secret.
- Exclusions. The obligations and restrictions set forth in Section 5(a) will not apply to any information that: (i) is or becomes generally known to the public through no fault of or breach of this Agreement by the receiving party; (ii) is rightfully known by the receiving party at the time of disclosure; (iii) is independently developed by the receiving party without access to the disclosing party’s Confidential Information; or (iv) the receiving party rightfully obtains from a third party who has the right to disclose such information without breach of any confidentiality obligation to the disclosing party.
- Permitted Disclosures. The provisions of this Section 5 will not restrict either party from disclosing the other party’s Confidential Information: (i) pursuant to the order or requirement of a court, administrative agency, or other governmental body; provided that to the extent legally permitted, the party required to make such a disclosure gives reasonable notice to the other party to enable it to contest such order or requirement or limit the scope of such request; (ii) on a confidential basis to its legal or professional financial advisors; (iii) as required under applicable securities regulations.
- Injunctive Relief. The receiving party acknowledges that disclosure of Confidential Information could cause substantial harm for which damages alone may not be a sufficient remedy, and therefore that upon any such disclosure by the receiving party, the disclosing party will be entitled to seek appropriate equitable relief in addition to whatever other remedies it might have at law.
- WARRANTY
- Warranty for Enterprise Services. Ironclad warrants solely to Customer that (i) the Enterprise Services will materially conform to the description set forth in this Agreement and the applicable Order Form; and (ii) the Enterprise Services will materially comply with all applicable laws, including federal, state, and local; in each case under normal use and circumstances when used consistently with the terms of this Agreement. As Ironclad’s sole and exclusive liability and Customer’s sole and exclusive remedy for any breach of the warranty set forth in this Section 6(a) Ironclad will (x) use commercially reasonable efforts to modify the Enterprise Services to correct the non-conformity, and (y) if such non-conformity is not corrected within thirty (30) days, Customer may terminate this Agreement and receive a pro rata refund of prepaid fees for the remaining portion of the Term after the termination date.
- Disclaimer. EXCEPT AS EXPRESSLY PROVIDED IN SECTION 6(a), IRONCLAD MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND WHATSOEVER, EXPRESS OR IMPLIED, IN CONNECTION WITH THIS AGREEMENT OR THE ENTERPRISE SERVICES AND IRONCLAD HEREBY DISCLAIMS ANY IMPLIED WARRANTIES OF MERCHANTABILITY, ACCURACY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT, AND ANY WARRANTIES ARISING FROM COURSE OF DEALING OR USAGE OF TRADE. IRONCLAD DISCLAIMS ANY WARRANTY THAT THE ENTERPRISE SERVICES WILL BE ERROR FREE OR UNINTERRUPTED OR THAT ALL ERRORS WILL BE CORRECTED. NO ADVICE OR INFORMATION, WHETHER ORAL OR WRITTEN, OBTAINED FROM IRONCLAD OR ELSEWHERE SHALL CREATE ANY WARRANTY NOT EXPRESSLY STATED IN THIS AGREEMENT. Customer assumes sole responsibility and liability for results obtained from the use of the Enterprise Services and for conclusions drawn from such use. Ironclad will have no liability for any claims, losses, or damages caused by errors or omissions in any Customer Data or other information provided to Ironclad by Customer in connection with the Enterprise Services or any actions taken by Ironclad at Customer’s direction. Ironclad will have no liability for any claims, losses or damages arising out of or in connection with Customer’s or any Authorized User’s use of any third-party products, services, software or web sites that Customer may choose to integrate or use with the Enterprise Services.
- TERM AND TERMINATION
- Term. This Agreement will commence on the Effective Date and continue for the period specified in the Order Form (the “Term”), unless terminated earlier as provided in this Agreement.
- Termination for Cause. Either party may terminate this Agreement upon written notice if the other party breaches any material terms of this Agreement and fails to correct the breach within thirty (30) days following written notice from the non-breaching party specifying the breach.
- Rights and Obligations Upon Expiration or Termination. Upon expiration or termination of this Agreement, Customer’s and Authorized Users’ right to access and use the Enterprise Services will immediately terminate and each will immediately cease all use of the Enterprise Services.Customer and its Authorized Users have the right to export all Customer Data, at any time, prior to the effective date of expiration or termination of this Agreement. Upon expiration or termination of this Agreement, Ironclad will delete all Customer Data in accordance with the Section 8(b) of the DPA.
- Survival. The rights and obligations of Ironclad and Customer contained in Sections 2(g) (Usage Data), 3 (Fees; Expenses; Taxes), 4 (Proprietary Rights), 5 (Confidentiality), 7(c) (Rights and Obligations Upon Expiration or Termination), 7(d) (Survival), 8 (Indemnification), 9 (Limitation of Liability), and 10 (General) will survive any expiration or termination of this Agreement.
- INDEMNIFICATION
- Indemnification by Ironclad. Ironclad will defend Customer, its officers, directors and employees, from and against any suit or action brought by a third-party against Customer: (i) alleging that the Enterprise Services, as provided by Ironclad and when used by Customer pursuant to this Agreement, infringes any Intellectual Property Right of a third party (the “IP Indemnity”); or (ii) resulting from unauthorized disclosure and misuse of Customer Data directly resulting from Ironclad’s breach of its obligations under Section 2(e) (Customer Data) or Section 2(f) (Information Security) (the “Data Indemnity”). Ironclad shall indemnify and hold harmless Customer from and against any damages and costs awarded against Customer or agreed in settlement by Ironclad (including reasonable attorneys’ fees) resulting from such claim, provided that: (x) Customer provides Ironclad with prompt written notice of such claim; (y) Customer provides reasonable cooperation to Ironclad, at Ironclad’s expense, in the defense and settlement of such claim; and (z) Ironclad has sole authority to defend or settle such claim, provided that it may not settle any claim in a manner that imposes any material liability upon Customer or requires Customer to admit wrongdoing.
- Injunctions. If Customer’s use of the Enterprise Services is, or in Ironclad’s opinion is likely to be, enjoined due to the type of claim specified in Section 8(a)(i), then Ironclad may at its sole option and expense: (i) replace or modify the Enterprise Services to make them non-infringing and of equivalent functionality; (ii) procure for Customer the right to continue using the Enterprise Services under the terms of this Agreement; or (iii) if Ironclad is unable to accomplish either (i) or (ii) despite using its commercially reasonable efforts, terminate Customer’s rights and Ironclad’s obligation under this Agreement with respect to such Enterprise Services and refund to Customer a pro-rata portion of the Fees paid for the remaining portion of the Term during which Customer would have had access to the Enterprise Services.
- Exclusions. Notwithstanding the terms of Section 8(a), Ironclad will have no liability for any claim of any kind to the extent that it arises from: (i) Customer Data, Third-Party Products, or any other portions or components of the Enterprise Services not supplied by Ironclad; (ii) any modification, combination, or development of the Enterprise Services or portions or components thereof that is not performed by Ironclad; (iii) the combination, operation or use of the Enterprise Services with equipment, devices, or software not supplied by Ironclad, if a claim would not have occurred but for such combination, operation or use; or (iv) Customer’s or an Authorized User’s use of the Enterprise Services other than in accordance with this Agreement.
- Sole Remedy. THE FOREGOING STATES IRONCLAD’S AND ITS LICENSORS’ SOLE LIABILITY AND CUSTOMER’S SOLE AND EXCLUSIVE REMEDY WITH RESPECT TO ANY ALLEGED OR ACTUAL INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY RIGHTS BY THE ENTERPRISE SERVICES.
- Indemnification by Customer. Customer will defend Ironclad, its officers, directors and employees, from and against any action or suit brought against Ironclad by a third party based or an Authorized User (i) alleging the Customer Data infringes or misappropriates any Intellectual Property Rights; (ii) related to ownership or use of Customer Data; or (iii) related to the Customer administrator’s actions with respect to the Customer’s account. Customer will indemnify and hold harmless Ironclad from and against any damages and costs awarded against Ironclad or agreed in settlement by Customer (including reasonable attorneys’ fees) resulting from such claim, provided that (x) Ironclad provides Customer with prompt written notice of such claim; (y) Ironclad provides reasonable cooperation to Customer, at Customer’s expense, in the defense and settlement of such claim; and (z) Customer has sole authority to defend or settle such claim, provided that it may not settle any claim in a manner that imposes any material liability upon Ironclad or requires Ironclad to admit wrongdoing.
- LIMITATION OF LIABILITY.
- Exclusion of Damages. To the fullest extent permitted by law, except for Excluded Claims (as defined below in Section 9(c) and for which there will be no cap on liability), neither Customer nor Ironclad, and its Affiliates and suppliers, will be liable under this Agreement for (i) indirect, special, incidental, consequential, exemplary, or punitive damages; or (ii) loss of use, data, business, revenues, or profits (in each case whether direct or indirect), even if the party knew or should have known that such damages were possible, even if a remedy fails of its essential purpose, and regardless of the type of action or theory of liability.
- Total Liability. To the fullest extent permitted by law, except for Excluded Claims (for which there shall be no cap on liability) or Special Claims (which are subject to the Enhanced Liability Cap set forth in Section 9(d)), neither party’s aggregate liability under this Agreement will exceed the amount paid by Customer to Ironclad during the twelve months prior to the event giving rise to liability.
- Excluded Claims. “Excluded Claims” means: (i) any intentional misconduct or gross negligence by either party; (ii) any amounts payable to third parties pursuant to Ironclad’s IP Indemnity obligations under Section 8(a)(i); or (iii) any amounts payable to third parties pursuant to Customer’s indemnification obligations under Section 8(e) (Indemnification by Customer).
- Special Claims. “Special Claims” means (i) any breach by Ironclad of Section 2(e) (Customer Data), Section 2(f) (Information Security), or Section 5 (Confidentiality) resulting in unauthorized disclosure and misuse of Customer Data; or (ii) any amounts payable to third parties pursuant to Ironclad’s Data Indemnity obligations under Section 8(a)(ii). For any and all Special Claims, Ironclad’s aggregate liability shall be subject to an enhanced liability cap not to exceed three times (3x) the amount paid by Customer to Ironclad during the twelve months prior to the event giving rise to liability (the “Enhanced Liability Cap”).
- GENERAL
- Governing Law. This Agreement will be governed by the laws of the State of California, without regard to its conflict of law provisions. Any legal action or proceeding relating to this Agreement will be brought exclusively in the state or federal courts located in San Francisco, CA. Ironclad and Customer hereby agree to submit to the jurisdiction of, and agree that venue is proper in those courts in any such legal action or proceeding.
- Order of Preference. In the event of a conflict between the Enterprise Services Agreement and Order Form, the order of preference will be the Enterprise Services Agreement, then the Order Form, unless the Order Form contains a Special Terms section, which is intended to modify the standard terms of this Enterprise Services Agreement.
- Waiver. The waiver by either party of any default or breach of this Agreement will not constitute a waiver of any other or subsequent default or breach. No waiver of any provision of this Agreement will be effective unless it is in writing and signed by the party granting the waiver.
- Notices. Notices will be sent to the addresses set forth in the Order Form.The notices will be deemed to have been given upon: (i) the date actually delivered in person; (ii) the day after the date sent by overnight courier; (iii) three (3) days following the date such notice was mailed by first class mail; or (iv) the date sent by email to Ironclad at legal@ironcladhq.com or Customer at the Customer’s notice email address specified in the Order Form.
- Severability. In the event any provision of this Agreement is held to be invalid or unenforceable, the remaining provisions of this Agreement will remain in full force and effect.
- Force Majeure. Neither party will be liable hereunder by reason of any failure or delay in the performance of its obligations hereunder (except for the payment of money owed) on account of events beyond the reasonable control of such party, which may include without limitation denial-of-service attacks, strikes, shortages, riots, insurrection, fires, flood, storm, explosions, pandemics, acts of God, war, terrorism, governmental action, labor conditions, earthquakes, rolling blackouts, and internet connectivity disruptions.
- Relationship Between the Parties. Nothing in this Agreement will be construed to create a partnership, joint venture or agency relationship between the parties.
- Assignment. Neither party may assign its rights or obligations under this Agreement without the other party’s prior written consent. Notwithstanding the foregoing, either party may assign its rights and obligations under this Agreement to an Affiliate as part of a reorganization, or to a purchaser of its business entity or substantially all of its assets or business to which rights and obligations pertain without the other party’s consent, provided that: (a) the purchaser is not insolvent or otherwise unable to pay its debts as they become due; (b) the purchaser is not a competitor of the other party; and (c) any assignee is bound hereby. Other than the foregoing, any attempt by either party to transfer its rights or obligations under this Agreement will be void.
- Entire Agreement. This Agreement (including any Exhibits hereto) constitutes the complete and exclusive agreement between the parties concerning its subject matter and supersedes all prior or contemporaneous agreements or understandings, written or oral, concerning the subject matter of this Agreement.
- Amendment. This Agreement may not be modified or amended except in a writing signed by a duly authorized representative of each party.
- No Third-Party Beneficiaries. This Agreement is intended for the sole and exclusive benefit of the signatories and is not intended to benefit any third party. Only the parties to this Agreement may enforce it.
Exhibit A
IRONCLAD SERVICE LEVEL AGREEMENT & TECHNICAL SUPPORT SCHEDULE
This Ironclad Service Level Agreement (“SLA”) & Technical Support Schedule (“TSS”) shall be governed by and incorporated by reference into the Enterprise Services Agreement and the applicable Order Form entered into between the parties. All capitalized terms contained but not defined herein shall have the meaning ascribed to them in the Agreement.
A. Service Level Agreement. The SLA shall apply solely to Customer’s use of the CLM Services and Clickwrap Services.
- Defined Terms.
- “Activity API” means the portions of the Clickwrap Services that programmatically display contracts inside of a web page or mobile app, retrieve acceptance data for individual users, and send acceptance of contracts.
- “Application User Interface” means the dashboard portion of the Clickwrap Services accessed via the Internet through a web browser to create and publish contracts, download electronic records of acceptance, and send contracts.
- “Emergency Maintenance” means maintenance performed to fix critical functionality, vulnerabilities, or material defects that may substantially impair the usability or performance of the CLM Services or Clickwrap Services.
- “Excused Maintenance” means Emergency Maintenance and Scheduled Maintenance.
- “Downtime” means at least one of the following: a) the inability to log in to our web applications or APIs or b) the major degradation of a functional feature.
- "REST API” means the portions of the Clickwrap Services that are accessed programmatically for integrations into third party applications.
- “Scheduled Availability Time” means twenty-four (24) hours a day, seven (7) days a week, excluding: (i) Excused Maintenance, (ii) any Downtime due to defects caused by Customer, one of its vendors, third party connections, utilities, or equipment, or caused by other forces beyond the reasonable control of Ironclad (such as denial of service attacks, internet or third-party service outages or outages with respect to Customer’s network or internet access).
- “Scheduled Maintenance” is any system maintenance performed during a maintenance window. The maintenance window, if one is scheduled, will be available at least two weeks prior to the maintenance window at either: a) https://status.ironcladapp.com/ for CLM Services or b) https://status.pactsafe.com/ for Clickwrap Services.
- “Service Credits” are credits for which Customer may be eligible if Ironclad fails to meet the Target Uptime. The availability of Customer’s instance per calendar month and corresponding Service Credits are set forth in the table below.Availability Per Calendar MonthService Credit
<99.7% ->= 99.0% 1% of the Annual Subscription Fee<99.0% ->= 95.0% 2% of the Annual Subscription FeeBelow 95% 3% of the Annual Subscription Fee - “Service Credit Request” means a request to Ironclad at support@ironcladhq.com stating that Customer believes that Ironclad has failed to meet the Target Uptime.
- “Target Uptime” means CLM Target Uptime and Clickwrap Target Uptime.
2. CLM Target Uptime. During the Term of the Agreement, Ironclad will use all commercially reasonable efforts to make the CLM Services available and operational to Customer for 99.7% of the Scheduled Availability Time (the “CLM Target Uptime”) as shown on https://status.ironcladapp.com/. If Ironclad does not meet the CLM Target Uptime and Customer is affected by Downtime, Customer will be eligible to receive the applicable Service Credits.
3. CW Target Uptime. During the Term of the Agreement, Ironclad will use all commercially reasonable efforts to make the Application User Interface, REST API, and Activity API available and operational to the Customer for 99.7% of the Scheduled Availability Time (the “CW Target Uptime”), as tracked by each such measure on https://status.pactsafe.com/. If Ironclad does not meet the CW Target Uptime as to any of the three measures and Customer is affected by Downtime, Customer will be eligible to receive the applicable Service Credits.
4. Service Credits. To receive a Service Credit, Customer must issue a Service Credit Request within 7 days of the last day of the month in which Customer believes Ironclad’s failure to meet the Target Uptime occurred. Promptly after receipt of a Service Credit Request, Ironclad will investigate the request and notify Customer that either: (i) a Service Credit is due; or (ii) no Service Credit is due and state the basis of this determination. If Ironclad determines a Service Credit is due, then Ironclad will apply the applicable Service Credits to Customer’s account for future fees due. Service Credits have no cash value and are Customer's sole and exclusive remedy for any failure by Ironclad to meet the Target Uptime.
B. Ironclad Technical Support Schedule.
1. Maintenance. Ironclad will make available to Customer all generally available updates and bug fixes to the Enterprise Services. Ironclad will take commercially reasonable efforts to perform Scheduled Maintenance during off-peak hours.
2. Support. Ironclad is available to receive Enterprise Services support inquiries via email (support@ironcladhq.com). Ironclad’s support hours are 08:00 AM to 8:00 PM Eastern Standard Time Monday through Friday (excluding standard U.S. holidays) for technical information, technical advice, and technical consultation regarding Customer’s use of the Enterprise Services.
3. Help Center Access.Customer shall have 24x7 access to our online Help Center (https://support.ironcladapp.com) for any best practices, integration instructions, or product questions.
4. Email & Web Form Cases. Customer shall have the ability to submit support requests 24x7 through email (support@ironcladhq.com) or the web form accessible via the Ironclad website or Help Center (https://support.ironcladapp.com).
Effective April 8th 2024 to May 9th 2024
DownloadTable of Contents
This Enterprise Services Agreement is entered into by and between Ironclad, Inc. (“Ironclad”) and the organization agreeing to the terms of this Agreement (“Customer”). This Agreement shall be effective as of the “Effective Date” of the first Order Form, or similar form referencing or otherwise incorporating this Agreement, between Customer and Ironclad.
- DEFINITIONS
- “Affiliate” means a legal entity that controls, is controlled by, or is under common control with a party, where “control” is defined as owning more than 50% of the voting shares of such entity.
- “Agreement” means this Enterprise Services Agreement, any Exhibits, and each Order Form.
- “Authorized User” means an employee or contractor of Customer or its Affiliates that Customer has registered to access and use the Enterprise Services.
- “Confidential Information” means any business or technical information disclosed by one party to the other party, including Customer Data, provided that it is identified as confidential at the time of disclosure or that under the circumstances, a person exercising reasonable business judgment would understand it to be confidential or proprietary.
- “Customer Data” means the data and information input or uploaded into the Enterprise Services by Customer or Authorized Users. All Customer Data shall be treated as Confidential Information.
- “Enterprise Services” means the cloud-based web platform delivered and accessible through https://www.ironcladapp.com that provides contract management and workflow-related services (the “CLM Services”), and/or the cloud-based web platform delivered and accessible through Ironclad’s website located at: https://app.pactsafe.com that provides contract acceptance, clickwrap, and legal term-management-related services (the “Clickwrap Services”), and the services performed by Ironclad to configure and rollout the platform(s) to Customer and Authorized Users, as described in an applicable Order Form.
- “Intellectual Property Rights” means patent rights (including, without limitation, patent applications and disclosures), copyrights, trade secrets, moral rights, know-how, and any other intellectual property rights recognized in any country or jurisdiction.
- “Order Form” means the document that Customer uses to order the Enterprise Services that is signed by both Customer and Ironclad.
- “Usage Data” means anonymized and aggregated platform-level information or data, collected and owned by Ironclad, that (i) tracks Customer’s use of the Enterprise Services, (ii) tracks the performance of the Enterprise Services and (iii) enables the functionality of certain optional features within the Enterprise Services.
- ENTERPRISE SERVICES
- Enterprise Services. Customer and its Authorized Users may access and use the Enterprise Services solely for Customer’s own business purposes in accordance with the Agreement.
- Cooperation and Assistance. Customer will cooperate with Ironclad in good faith and provide to Ironclad the information and personnel that Ironclad reasonably requests and requires to provide the Enterprise Services. Customer, at its option, may utilize certain third-party software and services with the Enterprise Services and is responsible for acquiring and maintaining all such third-party software and services required to access, use, or integrate with the Enterprise Services, including all costs related to the foregoing.
- Authorized Users. Customer will keep its user IDs and passwords for the Enterprise Services confidential and will be responsible for all actions taken under an Authorized User’s account. Customer will comply with all applicable laws, rules and regulations in connection with its use of the Enterprise Services. Customer will promptly notify Ironclad of any suspected violation of this Agreement by an Authorized User and will cooperate with Ironclad to address the suspected violation. Ironclad may suspend an Authorized User’s access to the Enterprise Services upon notice to Customer in the event that Ironclad reasonably determines that such Authorized User violated this Agreement. Ironclad agrees to work, in good faith, with Customer to resolve any such issue and restore access as soon as possible.
- Restrictions. Customer will not allow anyone other than Authorized Users to access or use the Enterprise Services from Customer’s accounts. Customer will not and will ensure that its Authorized Users do not: (i) attempt to interfere with or disrupt the Enterprise Services (or any related systems or networks) or use the Enterprise Services other than directly for Customer’s benefit; (ii) copy, modify or distribute any portion of the Enterprise Services; (iii) rent, lease, or resell the Enterprise Services; (iv) transfer any of its rights hereunder; or (v) reverse-engineer or access the Enterprise Services in order to build a competitive product or service.
- Customer Data. Customer is responsible for obtaining any necessary right and licenses for use of the Customer Data by Customer and Ironclad as contemplated in this Agreement. Customer agrees that it has the legal right and authority to access, use and disclose to Ironclad any Customer Data. Customer authorizes Ironclad to access, process, and use the Customer Data as necessary to perform and fulfill its obligations hereunder. Ironclad will process and maintain Customer Data consistent with the Data Processing Addendum located at https://legal.ironcladapp.com/#dpa ("DPA") on the Effective Date and hereby incorporated by reference.
- Information Security. Ironclad will use commercially reasonable and industry standard technical and organizational measures designed to prevent unauthorized access, use, alteration or disclosure of the Enterprise Services or Customer Data.
- Usage Data. Ironclad may collect and analyze data and information relating to Customer’s use and the performance of the Enterprise Services and related systems and technologies therefrom to improve and enhance the Enterprise Services. Nothing in the Agreement will restrict Ironclad from collecting, using and/or analyzing Usage Data from Customer in an anonymized, aggregated manner for purposes of improving and enhancing the quality and nature of the Enterprise Services, or to market or publish general information and statistics, provided that Ironclad does not specifically identify Customer (or disclose data in a manner that Customer or Customer’s Authorized Users could subsequently be identified) or disclose any personally identifiable information or Confidential Information in the course of collecting, using, analyzing, marketing or publishing that data or information. Customer acknowledges that in order for Customer to utilize all Ironclad AI product features available in the Enterprise Services, including but not limited to Smart Import, AI Playbooks, AI Assist, Ironclad shall utilize Usage Data to enable the functioning of these features.
- Electronic Signatures. Customer acknowledges and agrees that: (i) as between Ironclad and Customer, Customer has exclusive control and responsibility for the content, quality, and format of any documents used with the Enterprise Services; (ii) certain types of documents, agreements, or contracts may be excluded from general electronic signature laws (such as wills, trusts, court orders, or family law matters), or may have specific regulations that are applicable to them; and, (iii) Customer is solely responsible for ensuring that the documents, agreements or contracts it uses with the Enterprise Services are appropriate for electronic signatures, and Ironclad is not responsible or liable for any such determination or use; (iv) Consumer protection laws or regulations may impose specific requirements for electronic transactions involving consumers, Customer is solely responsible for ensuring it complies with all such laws/regulations, and Ironclad has no obligations to make such determination or assist with fulfilling any requirements therein; (v) Ironclad is not responsible for determining how long any contracts, documents, or other records are required to be retained or stored under any applicable laws; and (vi) Ironclad is not responsible for or liable to produce any of Customer’s contracts or other documents to any third parties. If Customer is using an API or other service that allows Customer to perform any end user/participant/signer authentication, then Customer is solely responsible and liable for such authentication.
- Third Party Software. The Enterprise Services may contain features designed to interoperate with a web-based or offline software application that is provided by Customer or a third party and interoperates with the Enterprise Services (collectively referred to herein as the “Third Party Software”). To use such features, Customer may be required to obtain access to Third Party Software from their providers, and may be required to grant Ironclad access to its account(s) on the Third Party Software. If Customer enables any Third Party Software for use with the Enterprise Services, Customer grants Ironclad permission to allow the provider of that Third Party Software to access Customer Data as required for the interoperation of that Third Party Software with the Enterprise Services. Any acquisition by Customer of such Third Party Software, and any exchange of data between Customer and any provider of the Third Party Software, is solely between Customer and the applicable Third Party Software provider. Ironclad does not warrant or support any Third Party Software. Ironclad is not responsible for the operation of any Third Party Software nor the availability or operation of the Enterprise Services to the extent such availability and/or operation is dependent upon Third Party Software.
- FEES; EXPENSES; TAXES
- Fees. Customer will pay to Ironclad the fees in accordance with the terms set forth in the applicable Order Form(s) and this Section 3.
- Invoices; Payment. Ironclad will invoice Customer annually in advance for the Enterprise Services and each invoice will be due and payable in accordance with the Order Form. All payment obligations are non-cancellable, and other than as provided in the Agreement, all amounts paid are non-refundable. If any undisputed amounts payable by Customer are still outstanding more than fifteen (15) days after Customer receives notice of non-payment, Ironclad will be entitled, in its sole discretion, to withhold performance and discontinue Customer’s access to the Enterprise Services until all undisputed amounts past due are paid in full.
- Purchase Orders. If Customer requires the use of a purchase order, Customer is responsible for providing the applicable purchase order at the time of purchase. The parties acknowledge and agree that any terms and conditions included in any purchase order, vendor portal or any similar Customer specific invoicing process are void and will not apply between the parties or to Customer’s purchase of the Enterprise Services.
- Taxes. All Fees and other amounts stated or referred to in this Agreement are exclusive of all taxes, duties, levies, tariffs, and other governmental charges (collectively, “Taxes”). Customer will be responsible for payment of all Taxes and any related interest and/or penalties resulting from any payments made hereunder, other than any taxes based on Ironclad’s net income. If Ironclad has the legal obligation to pay or collect Taxes for which Customer is responsible, the appropriate amount shall be invoiced to and paid by Customer unless Customer provides Ironclad with a valid tax exemption certificate authorized by the appropriate taxing authority.
- PROPRIETARY RIGHTS.
- Customer owns and retains: (i) the Customer Data; (ii) Customer’s name, logo and other trademarks; and (iii) all Intellectual Property Rights in and to any of the foregoing.
- Ironclad owns and retains: (i) the Enterprise Services, and all improvements, enhancements or modifications made by any party; (ii) the Usage Data; (iii) any software, applications, inventions or other technology developed by Ironclad in connection with providing the Enterprise Services; (iv) Ironclad’s name, logo, and other trademarks; and (v) all Intellectual Property Rights in and to any of the foregoing.
- Neither party shall have the right to use the name, trademarks, logos, or any other proprietary identifiers of the other party in any advertising or promotional materials, whether printed, electronic, or otherwise, without the prior written consent of the other party.
- CONFIDENTIALITY
- Use and Nondisclosure. A receiving party will not use the disclosing party’s Confidential Information except as necessary under this Agreement and will not disclose Confidential Information to any third party except: (i) to those of its employees and contractors who have a business need to know such Confidential Information; provided that each such employee and contractor is bound to confidentiality restrictions at least as restrictive as the terms set forth in this Agreement or (ii) as further described in the Data Processing Addendum. Each receiving party will protect the disclosing party’s Confidential Information from unauthorized use and disclosure using efforts equivalent to the efforts that the receiving party uses with respect to its own confidential information and in no event less than a reasonable standard of care. The provisions of this Section 5(a) will remain in effect during the Term and for a period of five (5) years after the expiration or termination thereof, except with regard to trade secrets of the disclosing party, which will be held in confidence for as long as such information remains a trade secret.
- Exclusions. The obligations and restrictions set forth in Section 5(a) will not apply to any information that: (i) is or becomes generally known to the public through no fault of or breach of this Agreement by the receiving party; (ii) is rightfully known by the receiving party at the time of disclosure; (iii) is independently developed by the receiving party without access to the disclosing party’s Confidential Information; or (iv) the receiving party rightfully obtains from a third party who has the right to disclose such information without breach of any confidentiality obligation to the disclosing party.
- Permitted Disclosures. The provisions of this Section 5 will not restrict either party from disclosing the other party’s Confidential Information: (i) pursuant to the order or requirement of a court, administrative agency, or other governmental body; provided that to the extent legally permitted, the party required to make such a disclosure gives reasonable notice to the other party to enable it to contest such order or requirement or limit the scope of such request; (ii) on a confidential basis to its legal or professional financial advisors; (iii) as required under applicable securities regulations.
- Injunctive Relief. The receiving party acknowledges that disclosure of Confidential Information could cause substantial harm for which damages alone may not be a sufficient remedy, and therefore that upon any such disclosure by the receiving party, the disclosing party will be entitled to seek appropriate equitable relief in addition to whatever other remedies it might have at law.
- WARRANTY
- Warranty for Enterprise Services. Ironclad warrants solely to Customer that (i) the Enterprise Services will materially conform to the description set forth in this Agreement and the applicable Order Form; and (ii) the Enterprise Services will materially comply with all applicable laws, including federal, state, and local; in each case under normal use and circumstances when used consistently with the terms of this Agreement. As Ironclad’s sole and exclusive liability and Customer’s sole and exclusive remedy for any breach of the warranty set forth in this Section 6(a) Ironclad will (x) use commercially reasonable efforts to modify the Enterprise Services to correct the non-conformity, and (y) if such non-conformity is not corrected within thirty (30) days, Customer may terminate this Agreement and receive a pro rata refund of prepaid fees for the remaining Term after the termination date.
- Disclaimer. EXCEPT AS EXPRESSLY PROVIDED IN SECTION 6(a), IRONCLAD MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND WHATSOEVER, EXPRESS OR IMPLIED, IN CONNECTION WITH THIS AGREEMENT OR THE ENTERPRISE SERVICES AND IRONCLAD HEREBY DISCLAIMS ANY IMPLIED WARRANTIES OF MERCHANTABILITY, ACCURACY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT, AND ANY WARRANTIES ARISING FROM COURSE OF DEALING OR USAGE OF TRADE. IRONCLAD DISCLAIMS ANY WARRANTY THAT THE ENTERPRISE SERVICES WILL BE ERROR FREE OR UNINTERRUPTED OR THAT ALL ERRORS WILL BE CORRECTED. NO ADVICE OR INFORMATION, WHETHER ORAL OR WRITTEN, OBTAINED FROM IRONCLAD OR ELSEWHERE SHALL CREATE ANY WARRANTY NOT EXPRESSLY STATED IN THIS AGREEMENT. Customer assumes sole responsibility and liability for results obtained from the use of the Enterprise Services and for conclusions drawn from such use. Ironclad will have no liability for any claims, losses, or damages caused by errors or omissions in any Customer Data or other information provided to Ironclad by Customer in connection with the Enterprise Services or any actions taken by Ironclad at Customer’s direction. Ironclad will have no liability for any claims, losses or damages arising out of or in connection with Customer’s or any Authorized User’s use of any third-party products, services, software or web sites that Customer may choose to integrate or use with the Enterprise Services.
- TERM AND TERMINATION
- Term. This Agreement will commence on the Effective Date and continue for the period specified in the Order Form (the “Term”), unless terminated earlier as provided in this Agreement.
- Termination for Cause. Either party may terminate this Agreement upon written notice if the other party breaches any material terms of this Agreement and fails to correct the breach within thirty (30) days following written notice from the non-breaching party specifying the breach.
- Rights and Obligations Upon Expiration or Termination. Upon expiration or termination of this Agreement, Customer’s and Authorized Users’ right to access and use the Enterprise Services will immediately terminate and each will immediately cease all use of the Enterprise Services.Customer and its Authorized Users have the right to export all Customer Data, at any time, prior to the effective date of expiration or termination of this Agreement. Upon expiration or termination of this Agreement, Ironclad will delete all Customer Data in accordance with the Section 8(b) of the DPA.
- Survival. The rights and obligations of Ironclad and Customer contained in Sections 2(g) (Usage Data), 3 (Fees; Expenses; Taxes), 4 (Proprietary Rights), 5 (Confidentiality), 7(c) (Rights and Obligations Upon Expiration or Termination), 7(d) (Survival), 8 (Indemnification), 9 (Limitation of Liability), and 10 (General) will survive any expiration or termination of this Agreement.
- INDEMNIFICATION
- Indemnification by Ironclad. Ironclad will defend Customer, its officers, directors and employees, from and against any suit or action brought by a third-party against Customer: (i) alleging that the Enterprise Services, as provided by Ironclad and when used by Customer pursuant to this Agreement, infringes any Intellectual Property Right of a third party (the “IP Indemnity”); or (ii) resulting from unauthorized disclosure and misuse of Customer Data directly resulting from Ironclad’s breach of its obligations under Section 2.5 (Customer Data) or Section 2.6 (Information Security) (the “Data Indemnity”). Ironclad shall indemnify and hold harmless Customer from and against any damages and costs awarded against Customer or agreed in settlement by Ironclad (including reasonable attorneys’ fees) resulting from such claim, provided that: (x) Customer provides Ironclad with prompt written notice of such claim; (y) Customer provides reasonable cooperation to Ironclad, at Ironclad’s expense, in the defense and settlement of such claim; and (z) Ironclad has sole authority to defend or settle such claim, provided that it may not settle any claim in a manner that imposes any material liability upon Customer or requires Customer to admit wrongdoing.
- Injunctions. If Customer’s use of the Enterprise Services is, or in Ironclad’s opinion is likely to be, enjoined due to the type of claim specified in Section 8(a)(i), then Ironclad may at its sole option and expense: (i) replace or modify the Enterprise Services to make them non-infringing and of equivalent functionality; (ii) procure for Customer the right to continue using the Enterprise Services under the terms of this Agreement; or (iii) if Ironclad is unable to accomplish either (i) or (ii) despite using its commercially reasonable efforts, terminate Customer’s rights and Ironclad’s obligation under this Agreement with respect to such Enterprise Services and refund to Customer a pro-rata portion of the Fees paid for the remaining portion of the Term during which Customer would have had access to the Enterprise Services.
- Exclusions. Notwithstanding the terms of Section 8(a), Ironclad will have no liability for any claim of any kind to the extent that it arises from: (i) Customer Data, Third-Party Products, or any other portions or components of the Enterprise Services not supplied by Ironclad; (ii) any modification, combination, or development of the Enterprise Services or portions or components thereof that is not performed by Ironclad; (iii) the combination, operation or use of the Enterprise Services with equipment, devices, or software not supplied by Ironclad, if a claim would not have occurred but for such combination, operation or use; or (iv) Customer’s or an Authorized User’s use of the Enterprise Services other than in accordance with this Agreement.
- Sole Remedy. THE FOREGOING STATES IRONCLAD’S AND ITS LICENSORS’ SOLE LIABILITY AND CUSTOMER’S SOLE AND EXCLUSIVE REMEDY WITH RESPECT TO ANY ALLEGED OR ACTUAL INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY RIGHTS BY THE ENTERPRISE SERVICES.
- Indemnification by Customer. Customer will defend Ironclad, its officers, directors and employees, from and against any action or suit brought against Ironclad by a third party based or an Authorized User (i) alleging the Customer Data infringes or misappropriates any Intellectual Property Rights; (ii) related to ownership or use of Customer Data; or (iii) related to the Customer administrator’s actions with respect to the Customer’s account. Customer will indemnify and hold harmless Ironclad from and against any damages and costs awarded against Ironclad or agreed in settlement by Customer (including reasonable attorneys’ fees) resulting from such claim, provided that (x) Ironclad provides Customer with prompt written notice of such claim; (y) Ironclad provides reasonable cooperation to Customer, at Customer’s expense, in the defense and settlement of such claim; and (z) Customer has sole authority to defend or settle such claim, provided that it may not settle any claim in a manner that imposes any material liability upon Ironclad or requires Ironclad to admit wrongdoing.
- LIMITATION OF LIABILITY.
- Exclusion of Damages. To the fullest extent permitted by law, except for Excluded Claims (as defined below in Section 9(c) and for which there will be no cap on liability), neither Customer nor Ironclad, and its Affiliates and suppliers, will be liable under this Agreement for (i) indirect, special, incidental, consequential, exemplary, or punitive damages; or (ii) loss of use, data, business, revenues, or profits (in each case whether direct or indirect), even if the party knew or should have known that such damages were possible, even if a remedy fails of its essential purpose, and regardless of the type of action or theory of liability.
- Total Liability. To the fullest extent permitted by law, except for Excluded Claims (for which there shall be no cap on liability) or Special Claims (which are subject to the Enhanced Liability Cap set forth in Section 9(d)), neither party’s aggregate liability under this Agreement will exceed the amount paid by Customer to Ironclad during the twelve months prior to the event giving rise to liability.
- Excluded Claims. “Excluded Claims” means: (i) any intentional misconduct or gross negligence by either party; (ii) any amounts payable to third parties pursuant to Ironclad’s IP Indemnity obligations under Section 8(a)(i); or (iii) any amounts payable to third parties pursuant to Customer’s indemnification obligations under Section 8(e) (Indemnification by Customer).
- Special Claims. “Special Claims” means (i) any breach by Ironclad of Section 2(e) (Customer Data), Section 2(f) (Information Security), or Section 5 (Confidentiality) resulting in unauthorized disclosure and misuse of Customer Data; or (ii) any amounts payable to third parties pursuant to Ironclad’s Data Indemnity obligations under Section 8(a)(ii). For any and all Special Claims, Ironclad’s aggregate liability shall be subject to an enhanced liability cap not to exceed three times (3x) the amount paid by Customer to Ironclad during the twelve months prior to the event giving rise to liability (the “Enhanced Liability Cap”).
- GENERAL
- Governing Law. This Agreement will be governed by the laws of the State of California, without regard to its conflict of law provisions. Any legal action or proceeding relating to this Agreement will be brought exclusively in the state or federal courts located in San Francisco, CA. Ironclad and Customer hereby agree to submit to the jurisdiction of, and agree that venue is proper in those courts in any such legal action or proceeding.
- Order of Preference. In the event of a conflict between the Enterprise Services Agreement and Order Form, the order of preference will be the Enterprise Services Agreement, then the Order Form, unless the Order Form contains a Special Terms section, which is intended to modify the standard terms of this Enterprise Services Agreement.
- Waiver. The waiver by either party of any default or breach of this Agreement will not constitute a waiver of any other or subsequent default or breach. No waiver of any provision of this Agreement will be effective unless it is in writing and signed by the party granting the waiver.
- Notices. Notices will be sent to the addresses set forth in the Order Form.The notices will be deemed to have been given upon: (i) the date actually delivered in person; (ii) the day after the date sent by overnight courier; (iii) three (3) days following the date such notice was mailed by first class mail; or (iv) the date sent by email to Ironclad at legal@ironcladhq.com or Customer at the Customer’s notice email address specified in the Order Form.
- Severability. In the event any provision of this Agreement is held to be invalid or unenforceable, the remaining provisions of this Agreement will remain in full force and effect.
- Force Majeure. Neither party will be liable hereunder by reason of any failure or delay in the performance of its obligations hereunder (except for the payment of money owed) on account of events beyond the reasonable control of such party, which may include without limitation denial-of-service attacks, strikes, shortages, riots, insurrection, fires, flood, storm, explosions, pandemics, acts of God, war, terrorism, governmental action, labor conditions, earthquakes, rolling blackouts, and internet connectivity disruptions.
- Relationship Between the Parties. Nothing in this Agreement will be construed to create a partnership, joint venture or agency relationship between the parties.
- Assignment. Neither party may assign its rights or obligations under this Agreement without the other party’s prior written consent. Notwithstanding the foregoing, either party may assign its rights and obligations under this Agreement to an Affiliate as part of a reorganization, or to a purchaser of its business entity or substantially all of its assets or business to which rights and obligations pertain without the other party’s consent, provided that: (a) the purchaser is not insolvent or otherwise unable to pay its debts as they become due; (b) the purchaser is not a competitor of the other party; and (c) any assignee is bound hereby. Other than the foregoing, any attempt by either party to transfer its rights or obligations under this Agreement will be void.
- Entire Agreement. This Agreement (including any Exhibits hereto) constitutes the complete and exclusive agreement between the parties concerning its subject matter and supersedes all prior or contemporaneous agreements or understandings, written or oral, concerning the subject matter of this Agreement.
- Amendment. This Agreement may not be modified or amended except in a writing signed by a duly authorized representative of each party.
- No Third-Party Beneficiaries. This Agreement is intended for the sole and exclusive benefit of the signatories and is not intended to benefit any third party. Only the parties to this Agreement may enforce it.
Exhibit A
IRONCLAD SERVICE LEVEL AGREEMENT & TECHNICAL SUPPORT SCHEDULE
This Ironclad Service Level Agreement (“SLA”) & Technical Support Schedule (“TSS”) shall be governed by and incorporated by reference into the Enterprise Services Agreement and the applicable Order Form entered into between the parties. All capitalized terms contained but not defined herein shall have the meaning ascribed to them in the Agreement.
A. Service Level Agreement. The SLA shall apply solely to Customer’s use of the CLM Services and Clickwrap Services.
- Defined Terms.
- “Activity API” means the portions of the Clickwrap Services that programmatically display contracts inside of a web page or mobile app, retrieve acceptance data for individual users, and send acceptance of contracts.
- “Application User Interface” means the dashboard portion of the Clickwrap Services accessed via the Internet through a web browser to create and publish contracts, download electronic records of acceptance, and send contracts.
- “Emergency Maintenance” means maintenance performed to fix critical functionality, vulnerabilities, or material defects that may substantially impair the usability or performance of the CLM Services or Clickwrap Services.
- “Excused Maintenance” means Emergency Maintenance and Scheduled Maintenance.
- “Downtime” means at least one of the following: a) the inability to log in to our web applications or APIs or b) the major degradation of a functional feature.
- "REST API” means the portions of the Clickwrap Services that are accessed programmatically for integrations into third party applications.
- “Scheduled Availability Time” means twenty-four (24) hours a day, seven (7) days a week, excluding: (i) Excused Maintenance, (ii) any Downtime due to defects caused by Customer, one of its vendors, third party connections, utilities, or equipment, or caused by other forces beyond the reasonable control of Ironclad (such as denial of service attacks, internet or third-party service outages or outages with respect to Customer’s network or internet access).
- “Scheduled Maintenance” is any system maintenance performed during a maintenance window. The maintenance window, if one is scheduled, will be available at least two weeks prior to the maintenance window at either: a) https://status.ironcladapp.com/ for CLM Services or b) https://status.pactsafe.com/ for Clickwrap Services.
- “Service Credits” are credits for which Customer may be eligible if Ironclad fails to meet the Target Uptime. The availability of Customer’s instance per calendar month and corresponding Service Credits are set forth in the table below.Availability Per Calendar MonthService Credit
<99.7% ->= 99.0% 1% of the Annual Subscription Fee<99.0% ->= 95.0% 2% of the Annual Subscription FeeBelow 95% 3% of the Annual Subscription Fee - “Service Credit Request” means a request to Ironclad at support@ironcladhq.com stating that Customer believes that Ironclad has failed to meet the Target Uptime.
- “Target Uptime” means CLM Target Uptime and Clickwrap Target Uptime.
2. CLM Target Uptime. During the Term of the Agreement, Ironclad will use all commercially reasonable efforts to make the CLM Services available and operational to Customer for 99.7% of the Scheduled Availability Time (the “CLM Target Uptime”) as shown on https://status.ironcladapp.com/. If Ironclad does not meet the CLM Target Uptime and Customer is affected by Downtime, Customer will be eligible to receive the applicable Service Credits.
3. CW Target Uptime. During the Term of the Agreement, Ironclad will use all commercially reasonable efforts to make the Application User Interface, REST API, and Activity API available and operational to the Customer for 99.7% of the Scheduled Availability Time (the “CW Target Uptime”), as tracked by each such measure on https://status.pactsafe.com/. If Ironclad does not meet the CW Target Uptime as to any of the three measures and Customer is affected by Downtime, Customer will be eligible to receive the applicable Service Credits.
4. Service Credits. To receive a Service Credit, Customer must issue a Service Credit Request within 7 days of the last day of the month in which Customer believes Ironclad’s failure to meet the Target Uptime occurred. Promptly after receipt of a Service Credit Request, Ironclad will investigate the request and notify Customer that either: (i) a Service Credit is due; or (ii) no Service Credit is due and state the basis of this determination. If Ironclad determines a Service Credit is due, then Ironclad will apply the applicable Service Credits to Customer’s account for future fees due. Service Credits have no cash value and are Customer's sole and exclusive remedy for any failure by Ironclad to meet the Target Uptime.
B. Ironclad Technical Support Schedule.
1. Maintenance. Ironclad will make available to Customer all generally available updates and bug fixes to the Enterprise Services. Ironclad will take commercially reasonable efforts to perform Scheduled Maintenance during off-peak hours.
2. Support. Ironclad is available to receive Enterprise Services support inquiries via email (support@ironcladhq.com). Ironclad’s support hours are 08:00 AM to 8:00 PM Eastern Standard Time Monday through Friday (excluding standard U.S. holidays) for technical information, technical advice, and technical consultation regarding Customer’s use of the Enterprise Services.
3. Help Center Access.Customer shall have 24x7 access to our online Help Center (https://support.ironcladapp.com) for any best practices, integration instructions, or product questions.
4. Email & Web Form Cases. Customer shall have the ability to submit support requests 24x7 through email (support@ironcladhq.com) or the web form accessible via the Ironclad website or Help Center (https://support.ironcladapp.com).
Effective April 4th 2024 to April 8th 2024
DownloadTable of Contents
This Enterprise Services Agreement is entered into by and between Ironclad, Inc. (“Ironclad”) and the organization agreeing to the terms of this Agreement (“Customer”). This Agreement shall be effective as of the “Effective Date” of the first Order Form, or similar form referencing or otherwise incorporating this Agreement, between Customer and Ironclad.
- DEFINITIONS
- “Affiliate” means a legal entity that controls, is controlled by, or is under common control with a party, where “control” is defined as owning more than 50% of the voting shares of such entity.
- “Agreement” means this Enterprise Services Agreement, any Exhibits, and each Order Form.
- “Authorized User” means an employee or contractor of Customer or its Affiliates that Customer has registered to access and use the Enterprise Services.
- “Confidential Information” means any business or technical information disclosed by one party to the other party, including Customer Data, provided that it is identified as confidential at the time of disclosure or that under the circumstances, a person exercising reasonable business judgment would understand it to be confidential or proprietary.
- “Customer Data” means the data and information input or uploaded into the Enterprise Services by Customer or Authorized Users. All Customer Data shall be treated as Confidential Information.
- “Enterprise Services” means the cloud-based web platform delivered and accessible through https://www.ironcladapp.com that provides contract management and workflow-related services (the “CLM Services”), and/or the cloud-based web platform delivered and accessible through Ironclad’s website located at: https://app.pactsafe.com that provides contract acceptance, clickwrap, and legal term-management-related services (the “Clickwrap Services”), and the services performed by Ironclad to configure and rollout the platform(s) to Customer and Authorized Users, as described in an applicable Order Form.
- “Intellectual Property Rights” means patent rights (including, without limitation, patent applications and disclosures), copyrights, trade secrets, moral rights, know-how, and any other intellectual property rights recognized in any country or jurisdiction.
- “Order Form” means the document that Customer uses to order the Enterprise Services that is signed by both Customer and Ironclad.
- “Usage Data” means anonymized and aggregated platform-level information or data, collected and owned by Ironclad, that (i) tracks Customer’s use of the Enterprise Services, (ii) tracks the performance of the Enterprise Services and (iii) enables the functionality of certain optional features within the Enterprise Services.
- ENTERPRISE SERVICES
- Enterprise Services. Customer and its Authorized Users may access and use the Enterprise Services solely for Customer’s own business purposes in accordance with the Agreement.
- Cooperation and Assistance. Customer will cooperate with Ironclad in good faith and provide to Ironclad the information and personnel that Ironclad reasonably requests and requires to provide the Enterprise Services. Customer, at its option, may utilize certain third-party software and services with the Enterprise Services and is responsible for acquiring and maintaining all such third-party software and services required to access, use, or integrate with the Enterprise Services, including all costs related to the foregoing.
- Authorized Users. Customer will keep its user IDs and passwords for the Enterprise Services confidential and will be responsible for all actions taken under an Authorized User’s account. Customer will comply with all applicable laws, rules and regulations in connection with its use of the Enterprise Services. Customer will promptly notify Ironclad of any suspected violation of this Agreement by an Authorized User and will cooperate with Ironclad to address the suspected violation. Ironclad may suspend an Authorized User’s access to the Enterprise Services upon notice to Customer in the event that Ironclad reasonably determines that such Authorized User violated this Agreement. Ironclad agrees to work, in good faith, with Customer to resolve any such issue and restore access as soon as possible.
- Restrictions. Customer will not allow anyone other than Authorized Users to access or use the Enterprise Services from Customer’s accounts. Customer will not and will ensure that its Authorized Users do not: (i) attempt to interfere with or disrupt the Enterprise Services (or any related systems or networks) or use the Enterprise Services other than directly for Customer’s benefit; (ii) copy, modify or distribute any portion of the Enterprise Services; (iii) rent, lease, or resell the Enterprise Services; (iv) transfer any of its rights hereunder; or (v) reverse-engineer or access the Enterprise Services in order to build a competitive product or service.
- Customer Data. Customer is responsible for obtaining any necessary right and licenses for use of the Customer Data by Customer and Ironclad as contemplated in this Agreement. Customer agrees that it has the legal right and authority to access, use and disclose to Ironclad any Customer Data. Customer authorizes Ironclad to access, process, and use the Customer Data as necessary to perform and fulfill its obligations hereunder. Ironclad will process and maintain Customer Data consistent with the Data Processing Addendum located at https://legal.ironcladapp.com/#dpa ("DPA") on the Effective Date and hereby incorporated by reference.
- Information Security. Ironclad will use commercially reasonable and industry standard technical and organizational measures designed to prevent unauthorized access, use, alteration or disclosure of the Enterprise Services or Customer Data.
- Usage Data. Ironclad may collect and analyze data and information relating to Customer’s use and the performance of the Enterprise Services and related systems and technologies therefrom to improve and enhance the Enterprise Services. Nothing in the Agreement will restrict Ironclad from collecting, using and/or analyzing Usage Data from Customer in an anonymized, aggregated manner for purposes of improving and enhancing the quality and nature of the Enterprise Services, or to market or publish general information and statistics, provided that Ironclad does not specifically identify Customer (or disclose data in a manner that Customer or Customer’s Authorized Users could subsequently be identified) or disclose any personally identifiable information or Confidential Information in the course of collecting, using, analyzing, marketing or publishing that data or information. Customer acknowledges that in order for Customer to utilize all Ironclad AI product features available in the Enterprise Services, including but not limited to Smart Import, AI Playbooks, AI Assist, Ironclad shall utilize Usage Data to enable the functioning of these features.
- Electronic Signatures. Customer acknowledges and agrees that: (i) as between Ironclad and Customer, Customer has exclusive control and responsibility for the content, quality, and format of any documents used with the Enterprise Services; (ii) certain types of documents, agreements, or contracts may be excluded from general electronic signature laws (such as wills, trusts, court orders, or family law matters), or may have specific regulations that are applicable to them; and, (iii) Customer is solely responsible for ensuring that the documents, agreements or contracts it uses with the Enterprise Services are appropriate for electronic signatures, and Ironclad is not responsible or liable for any such determination or use; (iv) Consumer protection laws or regulations may impose specific requirements for electronic transactions involving consumers, Customer is solely responsible for ensuring it complies with all such laws/regulations, and Ironclad has no obligations to make such determination or assist with fulfilling any requirements therein; (v) Ironclad is not responsible for determining how long any contracts, documents, or other records are required to be retained or stored under any applicable laws; and (vi) Ironclad is not responsible for or liable to produce any of Customer’s contracts or other documents to any third parties. If Customer is using an API or other service that allows Customer to perform any end user/participant/signer authentication, then Customer is solely responsible and liable for such authentication.
- Third Party Software. The Enterprise Services may contain features designed to interoperate with a web-based or offline software application that is provided by Customer or a third party and interoperates with the Enterprise Services (collectively referred to herein as the “Third Party Software”). To use such features, Customer may be required to obtain access to Third Party Software from their providers, and may be required to grant Ironclad access to its account(s) on the Third Party Software. If Customer enables any Third Party Software for use with the Enterprise Services, Customer grants Ironclad permission to allow the provider of that Third Party Software to access Customer Data as required for the interoperation of that Third Party Software with the Enterprise Services. Any acquisition by Customer of such Third Party Software, and any exchange of data between Customer and any provider of the Third Party Software, is solely between Customer and the applicable Third Party Software provider. Ironclad does not warrant or support any Third Party Software. Ironclad is not responsible for the operation of any Third Party Software nor the availability or operation of the Enterprise Services to the extent such availability and/or operation is dependent upon Third Party Software.
- FEES; EXPENSES; TAXES
- Fees. Customer will pay to Ironclad the fees in accordance with the terms set forth in the applicable Order Form(s) and this Section 3.
- Invoices; Payment. Ironclad will invoice Customer annually in advance for the Enterprise Services and each invoice will be due and payable in accordance with the Order Form. All payment obligations are non-cancellable, and other than as provided in the Agreement, all amounts paid are non-refundable. If any undisputed amounts payable by Customer are still outstanding more than fifteen (15) days after Customer receives notice of non-payment, Ironclad will be entitled, in its sole discretion, to withhold performance and discontinue Customer’s access to the Enterprise Services until all undisputed amounts past due are paid in full.
- Purchase Orders. If Customer requires the use of a purchase order, Customer is responsible for providing the applicable purchase order at the time of purchase. The parties acknowledge and agree that any terms and conditions included in any purchase order, vendor portal or any similar Customer specific invoicing process are void and will not apply between the parties or to Customer’s purchase of the Enterprise Services.
- Taxes. All Fees and other amounts stated or referred to in this Agreement are exclusive of all taxes, duties, levies, tariffs, and other governmental charges (collectively, “Taxes”). Customer will be responsible for payment of all Taxes and any related interest and/or penalties resulting from any payments made hereunder, other than any taxes based on Ironclad’s net income. If Ironclad has the legal obligation to pay or collect Taxes for which Customer is responsible, the appropriate amount shall be invoiced to and paid by Customer unless Customer provides Ironclad with a valid tax exemption certificate authorized by the appropriate taxing authority.
- PROPRIETARY RIGHTS.
- Customer owns and retains: (i) the Customer Data; (ii) Customer’s name, logo and other trademarks; and (iii) all Intellectual Property Rights in and to any of the foregoing.
- Ironclad owns and retains: (i) the Enterprise Services, and all improvements, enhancements or modifications made by any party; (ii) the Usage Data; (iii) any software, applications, inventions or other technology developed by Ironclad in connection with providing the Enterprise Services; (iv) Ironclad’s name, logo, and other trademarks; and (v) all Intellectual Property Rights in and to any of the foregoing.
- Neither party shall have the right to use the name, trademarks, logos, or any other proprietary identifiers of the other party in any advertising or promotional materials, whether printed, electronic, or otherwise, without the prior written consent of the other party.
- CONFIDENTIALITY
- Use and Nondisclosure. A receiving party will not use the disclosing party’s Confidential Information except as necessary under this Agreement and will not disclose Confidential Information to any third party except: (i) to those of its employees and contractors who have a business need to know such Confidential Information; provided that each such employee and contractor is bound to confidentiality restrictions at least as restrictive as the terms set forth in this Agreement or (ii) as further described in the Data Processing Addendum. Each receiving party will protect the disclosing party’s Confidential Information from unauthorized use and disclosure using efforts equivalent to the efforts that the receiving party uses with respect to its own confidential information and in no event less than a reasonable standard of care. The provisions of this Section 5(a) will remain in effect during the Term and for a period of five (5) years after the expiration or termination thereof, except with regard to trade secrets of the disclosing party, which will be held in confidence for as long as such information remains a trade secret.
- Exclusions. The obligations and restrictions set forth in Section 5(a) will not apply to any information that: (i) is or becomes generally known to the public through no fault of or breach of this Agreement by the receiving party; (ii) is rightfully known by the receiving party at the time of disclosure; (iii) is independently developed by the receiving party without access to the disclosing party’s Confidential Information; or (iv) the receiving party rightfully obtains from a third party who has the right to disclose such information without breach of any confidentiality obligation to the disclosing party.
- Permitted Disclosures. The provisions of this Section 5 will not restrict either party from disclosing the other party’s Confidential Information: (i) pursuant to the order or requirement of a court, administrative agency, or other governmental body; provided that to the extent legally permitted, the party required to make such a disclosure gives reasonable notice to the other party to enable it to contest such order or requirement or limit the scope of such request; (ii) on a confidential basis to its legal or professional financial advisors; (iii) as required under applicable securities regulations.
- Injunctive Relief. The receiving party acknowledges that disclosure of Confidential Information could cause substantial harm for which damages alone may not be a sufficient remedy, and therefore that upon any such disclosure by the receiving party, the disclosing party will be entitled to seek appropriate equitable relief in addition to whatever other remedies it might have at law.
- WARRANTY
- Warranty for Enterprise Services. Ironclad warrants solely to Customer that (i) the Enterprise Services will materially conform to the description set forth in this Agreement and the applicable Order Form; and (ii) the Enterprise Services will materially comply with all applicable laws, including federal, state, and local; in each case under normal use and circumstances when used consistently with the terms of this Agreement. As Ironclad’s sole and exclusive liability and Customer’s sole and exclusive remedy for any breach of the warranty set forth in this Section 6(a) Ironclad will (x) use commercially reasonable efforts to modify the Enterprise Services to correct the non-conformity, and (y) if such non-conformity is not corrected within thirty (30) days, Customer may terminate this Agreement and receive a pro rata refund of prepaid fees for the remaining Term after the termination date.
- Disclaimer. EXCEPT AS EXPRESSLY PROVIDED IN SECTION 6(a), IRONCLAD MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND WHATSOEVER, EXPRESS OR IMPLIED, IN CONNECTION WITH THIS AGREEMENT OR THE ENTERPRISE SERVICES AND IRONCLAD HEREBY DISCLAIMS ANY IMPLIED WARRANTIES OF MERCHANTABILITY, ACCURACY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT, AND ANY WARRANTIES ARISING FROM COURSE OF DEALING OR USAGE OF TRADE. IRONCLAD DISCLAIMS ANY WARRANTY THAT THE ENTERPRISE SERVICES WILL BE ERROR FREE OR UNINTERRUPTED OR THAT ALL ERRORS WILL BE CORRECTED. NO ADVICE OR INFORMATION, WHETHER ORAL OR WRITTEN, OBTAINED FROM IRONCLAD OR ELSEWHERE SHALL CREATE ANY WARRANTY NOT EXPRESSLY STATED IN THIS AGREEMENT. Customer assumes sole responsibility and liability for results obtained from the use of the Enterprise Services and for conclusions drawn from such use. Ironclad will have no liability for any claims, losses, or damages caused by errors or omissions in any Customer Data or other information provided to Ironclad by Customer in connection with the Enterprise Services or any actions taken by Ironclad at Customer’s direction. Ironclad will have no liability for any claims, losses or damages arising out of or in connection with Customer’s or any Authorized User’s use of any third-party products, services, software or web sites that Customer may choose to integrate or use with the Enterprise Services.
- TERM AND TERMINATION
- Term. This Agreement will commence on the Effective Date and continue for the period specified in the Order Form (the “Term”), unless terminated earlier as provided in this Agreement.
- Termination for Cause. Either party may terminate this Agreement upon written notice if the other party breaches any material terms of this Agreement and fails to correct the breach within thirty (30) days following written notice from the non-breaching party specifying the breach.
- Rights and Obligations Upon Expiration or Termination. Upon expiration or termination of this Agreement, Customer’s and Authorized Users’ right to access and use the Enterprise Services will immediately terminate and each will immediately cease all use of the Enterprise Services.Customer and its Authorized Users have the right to export all Customer Data, at any time, prior to the effective date of expiration or termination of this Agreement. Upon expiration or termination of this Agreement, Ironclad will delete all Customer Data in accordance with the Section 8(b) of the DPA.
- Survival. The rights and obligations of Ironclad and Customer contained in Sections 2(g) (Usage Data), 3 (Fees; Expenses; Taxes), 4 (Proprietary Rights), 5 (Confidentiality), 7(c) (Rights and Obligations Upon Expiration or Termination), 7(d) (Survival), 8 (Indemnification), 9 (Limitation of Liability), and 10 (General) will survive any expiration or termination of this Agreement.
- INDEMNIFICATION
- Indemnification by Ironclad. Ironclad will defend Customer, its officers, directors and employees, from and against any suit or action brought by a third-party against Customer: (i) alleging that the Enterprise Services, as provided by Ironclad and when used by Customer pursuant to this Agreement, infringes any Intellectual Property Right of a third party (the “IP Indemnity”); or (ii) resulting from unauthorized disclosure and misuse of Customer Data directly resulting from Ironclad’s breach of its obligations under Section 2.5 (Customer Data) or Section 2.6 (Information Security) (the “Data Indemnity”). Ironclad shall indemnify and hold harmless Customer from and against any damages and costs awarded against Customer or agreed in settlement by Ironclad (including reasonable attorneys’ fees) resulting from such claim, provided that: (x) Customer provides Ironclad with prompt written notice of such claim; (y) Customer provides reasonable cooperation to Ironclad, at Ironclad’s expense, in the defense and settlement of such claim; and (z) Ironclad has sole authority to defend or settle such claim, provided that it may not settle any claim in a manner that imposes any material liability upon Customer or requires Customer to admit wrongdoing.
- Injunctions. If Customer’s use of the Enterprise Services is, or in Ironclad’s opinion is likely to be, enjoined due to the type of claim specified in Section 8(a)(i), then Ironclad may at its sole option and expense: (i) replace or modify the Enterprise Services to make them non-infringing and of equivalent functionality; (ii) procure for Customer the right to continue using the Enterprise Services under the terms of this Agreement; or (iii) if Ironclad is unable to accomplish either (i) or (ii) despite using its commercially reasonable efforts, terminate Customer’s rights and Ironclad’s obligation under this Agreement with respect to such Enterprise Services and refund to Customer a pro-rata portion of the Fees paid for the remaining portion of the Term during which Customer would have had access to the Enterprise Services.
- Exclusions. Notwithstanding the terms of Section 8(a), Ironclad will have no liability for any claim of any kind to the extent that it arises from: (i) Customer Data, Third-Party Products, or any other portions or components of the Enterprise Services not supplied by Ironclad; (ii) any modification, combination, or development of the Enterprise Services or portions or components thereof that is not performed by Ironclad; (iii) the combination, operation or use of the Enterprise Services with equipment, devices, or software not supplied by Ironclad, if a claim would not have occurred but for such combination, operation or use; or (iv) Customer’s or an Authorized User’s use of the Enterprise Services other than in accordance with this Agreement.
- Sole Remedy. THE FOREGOING STATES IRONCLAD’S AND ITS LICENSORS’ SOLE LIABILITY AND CUSTOMER’S SOLE AND EXCLUSIVE REMEDY WITH RESPECT TO ANY ALLEGED OR ACTUAL INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY RIGHTS BY THE ENTERPRISE SERVICES.
- Indemnification by Customer. Customer will defend Ironclad, its officers, directors and employees, from and against any action or suit brought against Ironclad by a third party based or an Authorized User (i) alleging the Customer Data infringes or misappropriates any Intellectual Property Rights; (ii) related to ownership or use of Customer Data; or (iii) related to the Customer administrator’s actions with respect to the Customer’s account. Customer will indemnify and hold harmless Ironclad from and against any damages and costs awarded against Ironclad or agreed in settlement by Customer (including reasonable attorneys’ fees) resulting from such claim, provided that (x) Ironclad provides Customer with prompt written notice of such claim; (y) Ironclad provides reasonable cooperation to Customer, at Customer’s expense, in the defense and settlement of such claim; and (z) Customer has sole authority to defend or settle such claim, provided that it may not settle any claim in a manner that imposes any material liability upon Ironclad or requires Ironclad to admit wrongdoing.
- LIMITATION OF LIABILITY.
- Exclusion of Damages. To the fullest extent permitted by law, except for Excluded Claims (as defined below in Section 9(c) and for which there will be no cap on liability), neither Customer nor Ironclad, and its Affiliates and suppliers, will be liable under this Agreement for (i) indirect, special, incidental, consequential, exemplary, or punitive damages; or (ii) loss of use, data, business, revenues, or profits (in each case whether direct or indirect), even if the party knew or should have known that such damages were possible, even if a remedy fails of its essential purpose, and regardless of the type of action or theory of liability.
- Total Liability. To the fullest extent permitted by law, except for Excluded Claims (for which there shall be no cap on liability) or Special Claims (which are subject to the Enhanced Liability Cap set forth in Section 9(d)), neither party’s aggregate liability under this Agreement will exceed the amount paid by Customer to Ironclad during the twelve months prior to the event giving rise to liability.
- Excluded Claims. “Excluded Claims” means: (i) any intentional misconduct or gross negligence by either party; (ii) any amounts payable to third parties pursuant to Ironclad’s IP Indemnity obligations under Section 8(a)(i); or (iii) any amounts payable to third parties pursuant to Customer’s indemnification obligations under Section 8(e) (Indemnification by Customer).
- Special Claims. “Special Claims” means (i) any breach by Ironclad of Section 2(e) (Customer Data), Section 2(f) (Information Security), or Section 5 (Confidentiality) resulting in unauthorized disclosure and misuse of Customer Data; or (ii) any amounts payable to third parties pursuant to Ironclad’s Data Indemnity obligations under Section 8(a)(ii). For any and all Special Claims, Ironclad’s aggregate liability shall be subject to an enhanced liability cap not to exceed three times (3x) the amount paid by Customer to Ironclad during the twelve months prior to the event giving rise to liability (the “Enhanced Liability Cap”).
- GENERAL
- Governing Law. This Agreement will be governed by the laws of the State of California, without regard to its conflict of law provisions. Any legal action or proceeding relating to this Agreement will be brought exclusively in the state or federal courts located in San Francisco, CA. Ironclad and Customer hereby agree to submit to the jurisdiction of, and agree that venue is proper in those courts in any such legal action or proceeding.
- Order of Preference. In the event of a conflict between the Enterprise Services Agreement and Order Form, the order of preference will be the Enterprise Services Agreement, then the Order Form, unless the Order Form contains a Special Terms section, which is intended to modify the standard terms of this Enterprise Services Agreement.
- Waiver. The waiver by either party of any default or breach of this Agreement will not constitute a waiver of any other or subsequent default or breach. No waiver of any provision of this Agreement will be effective unless it is in writing and signed by the party granting the waiver.
- Notices. Notices will be sent to the addresses set forth in the Order Form.The notices will be deemed to have been given upon: (i) the date actually delivered in person; (ii) the day after the date sent by overnight courier; (iii) three (3) days following the date such notice was mailed by first class mail; or (iv) the date sent by email to Ironclad at legal@ironcladhq.com or Customer at the Customer’s notice email address specified in the Order Form.
- Severability. In the event any provision of this Agreement is held to be invalid or unenforceable, the remaining provisions of this Agreement will remain in full force and effect.
- Force Majeure. Neither party will be liable hereunder by reason of any failure or delay in the performance of its obligations hereunder (except for the payment of money owed) on account of events beyond the reasonable control of such party, which may include without limitation denial-of-service attacks, strikes, shortages, riots, insurrection, fires, flood, storm, explosions, pandemics, acts of God, war, terrorism, governmental action, labor conditions, earthquakes, rolling blackouts, and internet connectivity disruptions.
- Relationship Between the Parties. Nothing in this Agreement will be construed to create a partnership, joint venture or agency relationship between the parties.
- Assignment. Neither party may assign its rights or obligations under this Agreement without the other party’s prior written consent. Notwithstanding the foregoing, either party may assign its rights and obligations under this Agreement to an Affiliate as part of a reorganization, or to a purchaser of its business entity or substantially all of its assets or business to which rights and obligations pertain without the other party’s consent, provided that: (a) the purchaser is not insolvent or otherwise unable to pay its debts as they become due; (b) the purchaser is not a competitor of the other party; and (c) any assignee is bound hereby. Other than the foregoing, any attempt by either party to transfer its rights or obligations under this Agreement will be void.
- Entire Agreement. This Agreement (including any Exhibits hereto) constitutes the complete and exclusive agreement between the parties concerning its subject matter and supersedes all prior or contemporaneous agreements or understandings, written or oral, concerning the subject matter of this Agreement.
- Amendment. This Agreement may not be modified or amended except in a writing signed by a duly authorized representative of each party.
- No Third-Party Beneficiaries. This Agreement is intended for the sole and exclusive benefit of the signatories and is not intended to benefit any third party. Only the parties to this Agreement may enforce it.
Exhibit A
IRONCLAD SERVICE LEVEL AGREEMENT & TECHNICAL SUPPORT SCHEDULE
This Ironclad Service Level Agreement (“SLA”) & Technical Support Schedule (“TSS”) shall be governed by and incorporated by reference into the Enterprise Services Agreement and the applicable Order Form entered into between the parties. All capitalized terms contained but not defined herein shall have the meaning ascribed to them in the Agreement.
A. Service Level Agreement. The SLA shall apply solely to Customer’s use of the CLM Services and Clickwrap Services.
- Defined Terms.
- “Activity API” means the portions of the Clickwrap Services that programmatically display contracts inside of a web page or mobile app, retrieve acceptance data for individual users, and send acceptance of contracts.
- “Application User Interface” means the dashboard portion of the Clickwrap Services accessed via the Internet through a web browser to create and publish contracts, download electronic records of acceptance, and send contracts.
- “Emergency Maintenance” means maintenance performed to fix critical functionality, vulnerabilities, or material defects that may substantially impair the usability or performance of the CLM Services or Clickwrap Services.
- “Excused Maintenance” means Emergency Maintenance and Scheduled Maintenance.
- “Downtime” means at least one of the following: a) the inability to log in to our web applications or APIs or b) the major degradation of a functional feature.
- "REST API” means the portions of the Clickwrap Services that are accessed programmatically for integrations into third party applications.
- “Scheduled Availability Time” means twenty-four (24) hours a day, seven (7) days a week, excluding: (i) Excused Maintenance, (ii) any Downtime due to defects caused by Customer, one of its vendors, third party connections, utilities, or equipment, or caused by other forces beyond the reasonable control of Ironclad (such as denial of service attacks, internet or third-party service outages or outages with respect to Customer’s network or internet access).
- “Scheduled Maintenance” is any system maintenance performed during a maintenance window. The maintenance window, if one is scheduled, will be available at least two weeks prior to the maintenance window at either: a) https://status.ironcladapp.com/ for CLM Services or b) https://status.pactsafe.com/ for Clickwrap Services.
- “Service Credits” are credits for which Customer may be eligible if Ironclad fails to meet the Target Uptime. The availability of Customer’s instance per calendar month and corresponding Service Credits are set forth in the table below.Availability Per Calendar MonthService Credit
<99.7% ->= 99.0% 1% of the Annual Subscription Fee<99.0 ->= 95.0% 2% of the Annual Subscription Fee<95.0%< td> 3% of the Annual Subscription Fee - “Service Credit Request” means a request to Ironclad at support@ironcladhq.com stating that Customer believes that Ironclad has failed to meet the Target Uptime.
- “Target Uptime” means CLM Target Uptime and Clickwrap Target Uptime.
2. CLM Target Uptime. During the Term of the Agreement, Ironclad will use all commercially reasonable efforts to make the CLM Services available and operational to Customer for 99.7% of the Scheduled Availability Time (the “CLM Target Uptime”) as shown on https://status.ironcladapp.com/. If Ironclad does not meet the CLM Target Uptime and Customer is affected by Downtime, Customer will be eligible to receive the applicable Service Credits.
3. CW Target Uptime. During the Term of the Agreement, Ironclad will use all commercially reasonable efforts to make the Application User Interface, REST API, and Activity API available and operational to the Customer for 99.7% of the Scheduled Availability Time (the “CW Target Uptime”), as tracked by each such measure on https://status.pactsafe.com/. If Ironclad does not meet the CW Target Uptime as to any of the three measures and Customer is affected by Downtime, Customer will be eligible to receive the applicable Service Credits.
4. Service Credits. To receive a Service Credit, Customer must issue a Service Credit Request within 7 days of the last day of the month in which Customer believes Ironclad’s failure to meet the Target Uptime occurred. Promptly after receipt of a Service Credit Request, Ironclad will investigate the request and notify Customer that either: (i) a Service Credit is due; or (ii) no Service Credit is due and state the basis of this determination. If Ironclad determines a Service Credit is due, then Ironclad will apply the applicable Service Credits to Customer’s account for future fees due. Service Credits have no cash value and are Customer's sole and exclusive remedy for any failure by Ironclad to meet the Target Uptime.
B. Ironclad Technical Support Schedule.
1. Maintenance. Ironclad will make available to Customer all generally available updates and bug fixes to the Enterprise Services. Ironclad will take commercially reasonable efforts to perform Scheduled Maintenance during off-peak hours.
2. Support. Ironclad is available to receive Enterprise Services support inquiries via email (support@ironcladhq.com). Ironclad’s support hours are 08:00 AM to 8:00 PM Eastern Standard Time Monday through Friday (excluding standard U.S. holidays) for technical information, technical advice, and technical consultation regarding Customer’s use of the Enterprise Services.
3. Help Center Access.Customer shall have 24x7 access to our online Help Center (https://support.ironcladapp.com) for any best practices, integration instructions, or product questions.
4. Email & Web Form Cases. Customer shall have the ability to submit support requests 24x7 through email (support@ironcladhq.com) or the web form accessible via the Ironclad website or Help Center (https://support.ironcladapp.com).
Effective November 3rd 2023 to April 4th 2024
DownloadTable of Contents
- DEFINITIONS
- “Affiliate” means a legal entity that controls, is controlled by, or is under common control with a party, where “control” is defined as owning more than 50% of the voting shares of such entity.
- “Agreement” means this Enterprise Services Agreement, any Exhibits, and each Order Form(s).
- “Authorized User” means an employee or contractor of Customer or its Affiliates that Customer has registered to access and use the Enterprise Services.
- “Confidential Information” means any business or technical information disclosed by one party to the other party, including Customer Data, provided that it is identified as confidential at the time of disclosure or that under the circumstances, a person exercising reasonable business judgment would understand it to be confidential or proprietary.
- “Customer Data” means the data and information input or uploaded into the Enterprise Services by Customer or Authorized Users. All Customer Data shall be treated as Confidential Information.
- “Enterprise Services” means the cloud-based web platform delivered and accessible through https://www.ironcladapp.com that provides contract management and workflow-related services (the “CLM Services”), and/or the cloud-based web platform delivered and accessible through Ironclad’s website located at: https://app.pactsafe.com that provides contract acceptance, clickwrap, and legal term-management-related services (the “Clickwrap Services”), and the services performed by Ironclad to configure and rollout the platform(s) to Customer and Authorized Users, as described in an applicable Order Form.
- “Fees” means the fee Ironclad charges to Customer for the Enterprise Services as detailed in each Order Form.
- “Order Form” means the document that Customer uses to order the Enterprise Services that is signed by both Customer and Ironclad.
- “Intellectual Property Rights” means patent rights (including, without limitation, patent applications and disclosures), copyrights, trade secrets, moral rights, know-how, and any other intellectual property rights recognized in any country or jurisdiction.
- ENTERPRISE SERVICES
- Enterprise Services. Customer and its Authorized Users may access and use the Enterprise Services solely for Customer’s own business purposes in accordance with the Agreement.
- Cooperation and Assistance. Customer will cooperate with Ironclad in good faith and provide to Ironclad the information and personnel that Ironclad reasonably requests and requires to provide the Enterprise Services. Customer, at its option, may utilize certain third-party software and services with the Enterprise Services and is responsible for acquiring and maintaining all such third-party software and services required to access, use, or integrate with the Enterprise Services, including all costs related to the foregoing.
- Authorized Users. Customer will keep its user IDs and passwords for the Enterprise Services confidential and will be responsible for all actions taken under an Authorized User’s account. Customer will comply with all applicable laws, rules and regulations in connection with its use of the Enterprise Services. Customer will promptly notify Ironclad of any suspected violation of this Agreement by an Authorized User and will cooperate with Ironclad to address the suspected violation. Ironclad may suspend an Authorized User’s access to the Enterprise Services upon notice to Customer in the event that Ironclad reasonably determines that such Authorized User violated this Agreement. Ironclad agrees to work, in good faith, with Customer to resolve any such issue and restore access as soon as possible.
- Restrictions. Customer will not allow anyone other than Authorized Users to access or use the Enterprise Services from Customer’s accounts. Customer will not and will ensure that its Authorized Users do not: (i) attempt to interfere with or disrupt the Enterprise Services (or any related systems or networks) or use the Enterprise Services other than directly for Customer’s benefit; (ii) copy, modify or distribute any portion of the Enterprise Services; (iii) rent, lease, or resell the Enterprise Services; (iv) transfer any of its rights hereunder; or (v) reverse-engineer or access the Enterprise Services in order to build a competitive product or service.
- Customer Data. Customer is responsible for obtaining any necessary right and licenses for use of the Customer Data by Customer and Ironclad as contemplated in this Agreement. Customer agrees that it has the legal right and authority to access, use and disclose to Ironclad any Customer Data. Customer authorizes Ironclad to access, process, and use the Customer Data as necessary to perform and fulfill its obligations hereunder. Ironclad will process and maintain Customer Data consistent with the Data Processing Addendum located at https://legal.ironcladapp.com/#dpa ("DPA") on the Effective Date and hereby incorporated by reference.
- Information Security. Ironclad will use commercially reasonable and industry standard technical and organizational measures designed to prevent unauthorized access, use, alteration or disclosure of the Enterprise Services or Customer Data.
- Usage Data. Ironclad may collect and analyze data and information relating to Customer’s use and the performance of the Enterprise Services and related systems and technologies therefrom (“Usage Data”) in order to improve and enhance the Enterprise Services. To enhance the Enterprise Services for the Customer’s benefit, Ironclad may use Usage Data for various purposes including to draw insights. Insights drawn from Usage Data may be disclosed to Customer and other users of the Enterprise Services in connection with their respective use of the Enterprise Services; provided that, if Ironclad discloses insights drawn from Usage Data, then all Usage Data in such disclosures will be anonymized and aggregated, will not identify Customer or Customer’s users, and will not be disclosed in a manner that would permit a third party to determine Customer’s or Customer’s users’ identity. In order for Customer to utilize all Ironclad AI product features available in the Enterprise Services for Customer’s benefit, including but not limited to Smart Import, AI Playbooks, AI Assist, Ironclad shall utilize Usage Data to enable the functioning of these features and improve the features over time.
- Electronic Signatures. Customer acknowledges and agrees that: (i) as between Ironclad and Customer, Customer has exclusive control and responsibility for the content, quality, and format of any documents used with the Enterprise Services; (ii) certain types of documents, agreements, or contracts may be excluded from general electronic signature laws (such as wills, trusts, court orders, or family law matters), or may have specific regulations that are applicable to them; and, (iii) Customer is solely responsible for ensuring that the documents, agreements or contracts it uses with the Enterprise Services are appropriate for electronic signatures, and Ironclad is not responsible or liable for any such determination or use; (iv) Consumer protection laws or regulations may impose specific requirements for electronic transactions involving consumers, Customer is solely responsible for ensuring it complies with all such laws/regulations, and Ironclad has no obligations to make such determination or assist with fulfilling any requirements therein; (v) Ironclad is not responsible for determining how long any contracts, documents, or other records are required to be retained or stored under any applicable laws; and (vi) Ironclad is not responsible for or liable to produce any of Customer’s contracts or other documents to any third parties. If Customer is using an API or other service that allows Customer to perform any end user/participant/signer authentication, then Customer is solely responsible and liable for such authentication.
- Fees. Customer will pay to Ironclad the Fees in accordance with the terms set forth in the applicable Order Form(s) and this Section 3.
- Invoices; Payment. Ironclad will invoice Customer annually in advance for the Enterprise Services and each invoice will be due and payable in accordance with the Order Form. All payment obligations are non-cancellable, and other than as provided in the Agreement, all amounts paid are non-refundable. If any undisputed amounts payable by Customer are still outstanding more than fifteen (15) days after Customer receives notice of non-payment, Ironclad will be entitled, in its sole discretion, to withhold performance and discontinue Customer’s access to the Enterprise Services until all undisputed amounts past due are paid in full.
- Taxes. All Fees and other amounts stated or referred to in this Agreement are exclusive of all taxes, duties, levies, tariffs, and other governmental charges (collectively, “Taxes”). Customer will be responsible for payment of all Taxes and any related interest and/or penalties resulting from any payments made hereunder, other than any taxes based on Ironclad’s net income. If Ironclad has the legal obligation to pay or collect Taxes for which Customer is responsible, the appropriate amount shall be invoiced to and paid by Customer unless Customer provides Ironclad with a valid tax exemption certificate authorized by the appropriate taxing authority.
- Customer owns and retains: (i) the Customer Data; (ii) Customer’s name, logo and other trademarks; and (iii) all Intellectual Property Rights in and to any of the foregoing.
- Ironclad owns and retains: (i) the Enterprise Services, and all improvements, enhancements or modifications made by any party; (ii) the Usage Data; (iii) any software, applications, inventions or other technology developed by Ironclad in connection with providing the Enterprise Services; (iv) Ironclad’s name, logo, and other trademarks; and (v) all Intellectual Property Rights in and to any of the foregoing.
- Use and Nondisclosure. A receiving party will not use the disclosing party’s Confidential Information except as necessary under this Agreement and will not disclose Confidential Information to any third party except: (a) to those of its employees and contractors who have a business need to know such Confidential Information; provided that each such employee and contractor is bound to confidentiality restrictions at least as restrictive as the terms set forth in this Agreement or (b) as further described in the Data Processing Addendum. Each receiving party will protect the disclosing party’s Confidential Information from unauthorized use and disclosure using efforts equivalent to the efforts that the receiving party uses with respect to its own confidential information and in no event less than a reasonable standard of care. The provisions of this Section 5(a) will remain in effect during the Term and for a period of five (5) years after the expiration or termination thereof, except with regard to trade secrets of the disclosing party, which will be held in confidence for as long as such information remains a trade secret.
- Exclusions. The obligations and restrictions set forth in Section 5(a) will not apply to any information that: (i) is or becomes generally known to the public through no fault of or breach of this Agreement by the receiving party; (ii) is rightfully known by the receiving party at the time of disclosure; (iii) is independently developed by the receiving party without access to the disclosing party’s Confidential Information; or (iv) the receiving party rightfully obtains from a third party who has the right to disclose such information without breach of any confidentiality obligation to the disclosing party.
- Permitted Disclosures. The provisions of this Section 5 will not restrict either party from disclosing the other party’s Confidential Information: (i) pursuant to the order or requirement of a court, administrative agency, or other governmental body; provided that to the extent legally permitted, the party required to make such a disclosure gives reasonable notice to the other party to enable it to contest such order or requirement or limit the scope of such request; (ii) on a confidential basis to its legal or professional financial advisors; (iii) as required under applicable securities regulations.
- Injunctive Relief. The receiving party acknowledges that disclosure of Confidential Information could cause substantial harm for which damages alone may not be a sufficient remedy, and therefore that upon any such disclosure by the receiving party, the disclosing party will be entitled to seek appropriate equitable relief in addition to whatever other remedies it might have at law.
- WARRANTY
- Warranty for Enterprise Services. Ironclad warrants solely to Customer that (i) the Enterprise Services will materially conform to the description set forth in this Agreement and the applicable Order Form; and (ii) the Enterprise Services will materially comply with all applicable laws, including federal, state, and local; in each case under normal use and circumstances when used consistently with the terms of this Agreement. As Ironclad’s sole and exclusive liability and Customer’s sole and exclusive remedy for any breach of the warranty set forth in this Section 6(a) Ironclad will (a) use commercially reasonable efforts to modify the Enterprise Services to correct the non-conformity, and (b) if such non-conformity is not corrected within thirty (30) days, Customer may terminate this Agreement and receive a pro rata refund of prepaid fees for the remaining Term after the termination date.
- Disclaimer. EXCEPT AS EXPRESSLY PROVIDED IN SECTION 6(a), IRONCLAD MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND WHATSOEVER, EXPRESS OR IMPLIED, IN CONNECTION WITH THIS AGREEMENT OR THE ENTERPRISE SERVICES AND IRONCLAD HEREBY DISCLAIMS ANY IMPLIED WARRANTIES OF MERCHANTABILITY, ACCURACY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT, AND ANY WARRANTIES ARISING FROM COURSE OF DEALING OR USAGE OF TRADE. IRONCLAD DISCLAIMS ANY WARRANTY THAT THE ENTERPRISE SERVICES WILL BE ERROR FREE OR UNINTERRUPTED OR THAT ALL ERRORS WILL BE CORRECTED. NO ADVICE OR INFORMATION, WHETHER ORAL OR WRITTEN, OBTAINED FROM IRONCLAD OR ELSEWHERE SHALL CREATE ANY WARRANTY NOT EXPRESSLY STATED IN THIS AGREEMENT. Customer assumes sole responsibility and liability for results obtained from the use of the Enterprise Services and for conclusions drawn from such use. Ironclad will have no liability for any claims, losses, or damages caused by errors or omissions in any Customer Data or other information provided to Ironclad by Customer in connection with the Enterprise Services or any actions taken by Ironclad at Customer’s direction. Ironclad will have no liability for any claims, losses or damages arising out of or in connection with Customer’s or any Authorized User’s use of any third-party products, services, software or web sites that Customer may choose to integrate or use with the Enterprise Services.
- TERM AND TERMINATION
- Term. This Agreement will commence on the Effective Date and continue for the period specified in the Order Form (the “Term”), unless terminated earlier as provided in this Agreement.
- Termination for Cause. Either party may terminate this Agreement upon written notice if the other party breaches any material terms of this Agreement and fails to correct the breach within thirty (30) days following written notice from the non-breaching party specifying the breach.
- Rights and Obligations Upon Expiration or Termination. Upon expiration or termination of this Agreement, Customer’s and Authorized Users’ right to access and use the Enterprise Services will immediately terminate and each will immediately cease all use of the Enterprise Services. Customer and its Authorized Users have the right to export all Customer Data, at any time, prior to the effective date of expiration or termination of this Agreement. Upon expiration or termination of this Agreement, Ironclad will delete all Customer Data in accordance with the Section 8(b) of the DPA.
- Survival. The rights and obligations of Ironclad and Customer contained in Sections 2(g) (Usage Data), 3 (Fees; Expenses; Taxes), 4 (Proprietary Rights), 5 (Confidentiality), 7(c) (Rights and Obligations Upon Expiration or Termination), 7(d) (Survival), 8 (Indemnification), 9 (Limitation of Liability), and 10 (General) will survive any expiration or termination of this Agreement.
- Indemnification by Ironclad. Ironclad will defend Customer, its officers, directors and employees, from and against any suit or action brought by a third-party against Customer: (i) alleging that the Enterprise Services, as provided by Ironclad and when used by Customer pursuant to this Agreement, infringes any Intellectual Property Right of a third party (the “IP Indemnity”); or (ii) resulting from unauthorized disclosure and misuse of Customer Data directly resulting from Ironclad’s breach of its obligations under Section 2(e) (Customer Data) or Section 2(f) (Information Security) (the “Data Indemnity”). Ironclad shall indemnify and hold harmless Customer from and against any damages and costs awarded against Customer or agreed in settlement by Ironclad (including reasonable attorneys’ fees) resulting from such claim, provided that: (x) Customer provides Ironclad with prompt written notice of such claim; (y) Customer provides reasonable cooperation to Ironclad, at Ironclad’s expense, in the defense and settlement of such claim; and (z) Ironclad has sole authority to defend or settle such claim, provided that it may not settle any claim in a manner that imposes any material liability upon Customer or requires Customer to admit wrongdoing.
- Injunctions. If Customer’s use of the Enterprise Services is, or in Ironclad’s opinion is likely to be, enjoined due to the type of claim specified in Section 8(a)(i), then Ironclad may at its sole option and expense: (i) replace or modify the Enterprise Services to make them non-infringing and of equivalent functionality; (ii) procure for Customer the right to continue using the Enterprise Services under the terms of this Agreement; or (iii) if Ironclad is unable to accomplish either (i) or (ii) despite using its commercially reasonable efforts, terminate Customer’s rights and Ironclad’s obligation under this Agreement with respect to such Enterprise Services and refund to Customer a pro-rata portion of the Fees paid for the remaining portion of the Term during which Customer would have had access to the Enterprise Services.
- Exclusions. Notwithstanding the terms of Section 8(a), Ironclad will have no liability for any claim of any kind to the extent that it results from: (i) the combination, operation or use of the Enterprise Services with equipment, devices, or software not supplied by Ironclad, if a claim would not have occurred but for such combination, operation or use; or (ii) Customer’s or an Authorized User’s use of the Enterprise Services other than in accordance with this Agreement.
- Sole Remedy. THE FOREGOING STATES IRONCLAD’S AND ITS LICENSORS’ SOLE LIABILITY AND CUSTOMER’S SOLE AND EXCLUSIVE REMEDY WITH RESPECT TO ANY ALLEGED OR ACTUAL INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY RIGHTS BY THE ENTERPRISE SERVICES.
- Indemnification by Customer. Customer will defend Ironclad, its officers, directors and employees, from and against any action or suit brought against Ironclad by a third party based on a claim that the Customer Data infringes or violates the rights of a third party. Customer will indemnify and hold harmless Ironclad from and against any damages and costs awarded against Ironclad or agreed in settlement by Customer (including reasonable attorneys’ fees) resulting from such claim, provided that (i) Ironclad provides Customer with prompt written notice of such claim; (ii) Ironclad provides reasonable cooperation to Customer, at Customer’s expense, in the defense and settlement of such claim; and (iii) Customer has sole authority to defend or settle such claim, provided that it may not settle any claim in a manner that imposes any material liability upon Ironclad or requires Ironclad to admit wrongdoing.
- Exclusion of Damages. To the fullest extent permitted by law, except for Excluded Claims (as defined below in Section 9(c) and for which there will be no cap on liability), neither Customer nor Ironclad, and its Affiliates and suppliers, will be liable under this Agreement for (i) indirect, special, incidental, consequential, exemplary, or punitive damages; or (ii) loss of use, data, business, revenues, or profits (in each case whether direct or indirect), even if the party knew or should have known that such damages were possible, even if a remedy fails of its essential purpose, and regardless of the type of action or theory of liability.
- Total Liability. To the fullest extent permitted by law, except for Excluded Claims (for which there shall be no cap on liability) or Special Claims (which are subject to the Enhanced Liability Cap set forth in Section 9(d)), neither party’s aggregate liability under this Agreement will exceed the greater of $100,000 or the amount paid by Customer to Ironclad during the twelve months prior to the event giving rise to liability.
- Excluded Claims. “Excluded Claims” means: (i) any intentional misconduct or gross negligence by either party; (ii) any amounts payable to third parties pursuant to Ironclad’s IP Indemnity obligations under Section 8(a)(i); or (iii) any amounts payable to third parties pursuant to Customer’s indemnification obligations under Section 8(e) (Indemnification by Customer).
- Special Claims. “Special Claims” means (i) any breach by Ironclad of Section 2(e) (Customer Data), Section 2(f) (Information Security), or Section 5 (Confidentiality) resulting in unauthorized disclosure and misuse of Customer Data; or (ii) any amounts payable to third parties pursuant to Ironclad’s Data Indemnity obligations under Section 8(a)(ii). For any and all Special Claims, Ironclad’s aggregate liability shall be subject to an enhanced liability cap not to exceed ten times (10x) the amount paid by Customer to Ironclad during the twelve months prior to the event giving rise to liability (the “Enhanced Liability Cap”).
- Governing Law. This Agreement will be governed by the laws of the State of California, without regard to its conflict of law provisions. Any legal action or proceeding relating to this Agreement will be brought exclusively in the state or federal courts located in San Francisco, CA. Ironclad and Customer hereby agree to submit to the jurisdiction of, and agree that venue is proper in, those courts in any such legal action or proceeding.
- Order of Preference. In the event of a conflict between the Enterprise Services Agreement and Order Form, the order of preference will be the Enterprise Services Agreement, then the Order Form, unless the Order Form contains a Special Terms section, which is intended to modify the standard terms of this Enterprise Services Agreement.
- Waiver. The waiver by either party of any default or breach of this Agreement will not constitute a waiver of any other or subsequent default or breach. No waiver of any provision of this Agreement will be effective unless it is in writing and signed by the party granting the waiver.
- Notices. Notices will be sent to the addresses set forth in the Order Form. The notices will be deemed to have been given upon: (i) the date actually delivered in person; (ii) the day after the date sent by overnight courier; (iii) three (3) days following the date such notice was mailed by first class mail; or (iv) the date sent by email to Ironclad at legal@ironcladhq.com or Customer at the Customer’s email address specified in the Order Form.
- Severability. In the event any provision of this Agreement is held to be invalid or unenforceable, the remaining provisions of this Agreement will remain in full force and effect.
- Force Majeure. Neither party will be liable hereunder by reason of any failure or delay in the performance of its obligations hereunder (except for the payment of money owed) on account of events beyond the reasonable control of such party, which may include without limitation denial-of-service attacks, strikes, shortages, riots, insurrection, fires, flood, storm, explosions, pandemics, acts of God, war, terrorism, governmental action, labor conditions, earthquakes, rolling blackouts, and internet connectivity disruptions.
- Relationship Between the Parties. Nothing in this Agreement will be construed to create a partnership, joint venture or agency relationship between the parties.
- Assignment. Neither party may assign its rights or obligations under this Agreement without the other party’s prior written consent. Notwithstanding the foregoing, either party may assign its rights and obligations under this Agreement to an Affiliate as part of a reorganization, or to a purchaser of its business entity or substantially all of its assets or business to which rights and obligations pertain without the other party’s consent, provided that: (a) the purchaser is not insolvent or otherwise unable to pay its debts as they become due; (b) the purchaser is not a competitor of the other party; and (c) any assignee is bound hereby. Other than the foregoing, any attempt by either party to transfer its rights or obligations under this Agreement will be void.
- Entire Agreement. This Agreement (including any Exhibits hereto) constitutes the complete and exclusive agreement between the parties concerning its subject matter and supersedes all prior or contemporaneous agreements or understandings, written or oral, concerning the subject matter of this Agreement.
- Amendment. This Agreement may not be modified or amended except in a writing signed by a duly authorized representative of each party.
- No Third-Party Beneficiaries. This Agreement is intended for the sole and exclusive benefit of the signatories and is not intended to benefit any third party. Only the parties to this Agreement may enforce it.
- Defined Terms.
- “Emergency Maintenance” means maintenance performed to fix critical functionality, vulnerabilities, or material defects that may substantially impair the usability or performance of the CLM Services.
- “Excused Maintenance” means Emergency Maintenance and Scheduled Maintenance.
- “Scheduled Availability Time” means twenty-four (24) hours a day, seven (7) days a week, excluding: (i) Excused Maintenance, (ii) any downtime due to defects caused by Customer, one of its vendors, third party connections, utilities, or equipment, or caused by other forces beyond the reasonable control of Ironclad (such as denial of service attacks, internet or third-party service outages or outages with respect to Customer’s network or internet access).
- “Scheduled Maintenance” is any system maintenance performed during a Maintenance Window. The Maintenance Window, if one is scheduled, will be available at https://status.ironcladapp.com/ at least two weeks prior to the Maintenance Window.
- “Service Credits” are credits for which Customer may be eligible if Ironclad fails to meet the Target Uptime. The availability of the CLM Services per calendar month and corresponding Service Credits are set forth in the table below.
Availability Per Calendar Month | Service Credit |
< 99.7% - >= 99.0% | 1% of the Annual Subscription Fee |
< 99.0% - >= 95.0% | 2% of the Annual Subscription Fee |
< 95.0% | 3% of the Annual Subscription Fee |
- “Service Credit Request” means a request to Ironclad at support@ironcladhq.com stating that Customer believes that Ironclad has failed to meet the Target Uptime.
- Target Uptime. During the Term of the Agreement, Ironclad will use all commercially reasonable efforts to make the CLM Services available and operational to the Customer for 99.7% of the Scheduled Availability Time (the “Target Uptime”). If Ironclad does not meet the Target Uptime, and if Customer meets its obligations below, Customer will be eligible to receive the applicable Service Credits.
- Service Credits. To receive a Service Credit, Customer must issue a Service Credit Request within 7 days of the last day of the month in which Customer believes Ironclad’s failure to meet the Target Uptime occurred. Promptly after receipt of a Service Credit Request, Ironclad will investigate the request and notify Customer that either: (i) a Service Credit is due; or (ii) no Service Credit is due and state the basis of this determination. If Ironclad determines a Service Credit is due, then Ironclad will apply the applicable Service Credits to Customer’s account for future Fees due. Service Credits have no cash value and are Customer's sole and exclusive remedy for any failure by Ironclad to meet the Target Uptime.
- Defined Terms.
- “Activity API” means the portions of the Clickwrap Services that programmatically display contracts inside of a web page or mobile app, retrieve acceptance data for individual users, and send acceptance of contracts.
- “Emergency Maintenance” means maintenance performed to fix critical functionality, vulnerabilities, or material defects that may substantially impair the usability or performance of the Clickwrap Services.
- “Excused Maintenance” means Emergency Maintenance and Scheduled Maintenance.
- “REST API” means the portions of the Clickwrap Services that are accessed programmatically for integrations into third party applications.
- “Scheduled Availability Time” means twenty-four (24) hours a day, seven (7) days a week, excluding: (i) Excused Maintenance, (ii) any downtime due to defects caused by Customer, one of its vendors, third party connections, utilities, or equipment, or caused by other forces beyond the reasonable control of Ironclad (such as denial of service attacks, internet or third-party service outages or outages with respect to Customer’s network or internet access).
- “Scheduled Maintenance” is any system maintenance performed during a Maintenance Window. The Maintenance Window, if one is scheduled, will be available at https://status.pactsafe.com/ at least two weeks prior to the Maintenance Window.
- “Service Credits” are credits for which Customer may be eligible if Ironclad fails to meet the Target Uptime. The availability of the Clickwrap Services per calendar month and corresponding Service Credits are set forth in the table below.
Availability Per Calendar Month | Service Credit |
< 99.5% - >= 99.0% | 1% of the Annual Subscription Fee |
< 99.0% - >= 95.0% | 2% of the Annual Subscription Fee |
< 95.0% | 3% of the Annual Subscription Fee |
- “Service Credit Request” means a request to Ironclad at support@ironcladhq.com stating that Customer believes that Ironclad has failed to meet the Target Uptime.
- “Application User Interface” means the dashboard portion of the Clickwrap Services accessed via the Internet through a web browser to create and publish contracts, download electronic records of acceptance, and send contracts.
- Target Uptime. During the Term of the Agreement, Ironclad will use all commercially reasonable efforts to make the Application User Interface, REST API, and Activity API available and operational to the Customer for 99.5% of the Scheduled Availability Time (the “Target Uptime”), as tracked by each such measure on https://status.pactsafe.com/. If Ironclad does not meet the Target Uptime as to any of the three measures, and if Customer meets its obligations below, Customer will be eligible to receive the applicable Service Credits.
- Service Credits. To receive a Service Credit, Customer must issue a Service Credit Request within 7 days of the last day of the month in which Customer believes Ironclad’s failure to meet the Target Uptime occurred. Promptly after receipt of a Service Credit Request, Ironclad will investigate the request and notify Customer that either: (i) a Service Credit is due; or (ii) no Service Credit is due and state the basis of this determination. If Ironclad determines a Service Credit is due, then Ironclad will apply the applicable Service Credits to Customer’s account for future Fees due. Service Credits have no cash value and are Customer's sole and exclusive remedy for any failure by Ironclad to meet the Target Uptime.
- Maintenance. Ironclad will make available to Customer all generally available updates and bug fixes to the Enterprise Services. Ironclad will take commercially reasonable efforts to perform Scheduled Maintenance during off-peak hours.
- Support. Ironclad is available to receive Enterprise Services support inquiries via email (support@ironcladhq.com). Ironclad’s support hours are 08:00 AM to 8:00 PM Eastern Standard Time Monday through Friday (excluding standard U.S. holidays) for technical information, technical advice, and technical consultation regarding Customer’s use of the Enterprise Services.
- Help Center Access. Customer shall have 24x7 access to our online Help Center (https://support.ironcladapp.com) for any best practices, integration instructions, or product questions.
- Email & Web Form Cases. Customer shall have the ability to submit support requests 24x7 through email (support@ironcladhq.com) or the web form accessible via the Ironclad website or Help Center (https://support.ironcladapp.com).
Effective May 23rd 2023 to November 3rd 2023
DownloadTable of Contents
- DEFINITIONS
- “Affiliate” means a legal entity that controls, is controlled by, or is under common control with a party, where “control” is defined as owning more than 50% of the voting shares of such entity.
- “Agreement” means this Enterprise Services Agreement, any Exhibits, and each Order Form(s).
- “Authorized User” means an employee or contractor of Customer or its Affiliates that Customer has registered to access and use the Enterprise Services.
- “Confidential Information” means any business or technical information disclosed by one party to the other party, including Customer Data, provided that it is identified as confidential at the time of disclosure or that under the circumstances, a person exercising reasonable business judgment would understand it to be confidential or proprietary.
- “Customer Data” means the data and information input or uploaded into the Enterprise Services by Customer or Authorized Users.
- “Enterprise Services” means the cloud-based web platform delivered and accessible through https://www.ironcladapp.com that provides contract management and workflow-related services (the “CLM Services”), and/or the cloud-based web platform delivered and accessible through Ironclad’s website located at: https://app.pactsafe.com that provides contract acceptance, clickwrap, and legal term-management-related services (the “Clickwrap Services”), and the services performed by Ironclad to configure and rollout the platform(s) to Customer and Authorized Users, as described in an applicable Order Form.
- “Fees” means the fee Ironclad charges to Customer for the Enterprise Services as detailed in each Order Form.
- “Order Form” means the document that Customer uses to order the Enterprise Services that is signed by both Customer and Ironclad.
- “Intellectual Property Rights” means patent rights (including, without limitation, patent applications and disclosures), copyrights, trade secrets, moral rights, know-how, and any other intellectual property rights recognized in any country or jurisdiction.
- ENTERPRISE SERVICES
- Enterprise Services. Customer and its Authorized Users may access and use the Enterprise Services solely for Customer’s own business purposes in accordance with the Agreement.
- Cooperation and Assistance. Customer will cooperate with Ironclad in good faith and provide to Ironclad the information and personnel that Ironclad reasonably requests and requires to provide the Enterprise Services. Customer, at its option, may utilize certain third-party software and services with the Enterprise Services and is responsible for acquiring and maintaining all such third-party software and services required to access, use, or integrate with the Enterprise Services, including all costs related to the foregoing.
- Authorized Users. Customer will keep its user IDs and passwords for the Enterprise Services confidential and will be responsible for all actions taken under an Authorized User’s account. Customer will comply with all applicable laws, rules and regulations in connection with its use of the Enterprise Services. Customer will promptly notify Ironclad of any suspected violation of this Agreement by an Authorized User and will cooperate with Ironclad to address the suspected violation. Ironclad may suspend an Authorized User’s access to the Enterprise Services upon notice to Customer in the event that Ironclad reasonably determines that such Authorized User violated this Agreement.
- Restrictions. Customer will not allow anyone other than Authorized Users to access or use the Enterprise Services from Customer’s accounts. Customer will not and will ensure that its Authorized Users do not: (i) attempt to interfere with or disrupt the Enterprise Services (or any related systems or networks) or use the Enterprise Services other than directly for Customer’s benefit; (ii) copy, modify or distribute any portion of the Enterprise Services; (iii) rent, lease, or resell the Enterprise Services; (iv) transfer any of its rights hereunder; or (v) reverse-engineer or access the Enterprise Services in order to build a competitive product or service.
- Customer Data. Customer is responsible for obtaining any necessary right and licenses for use of the Customer Data by Customer and Ironclad as contemplated in this Agreement. Customer agrees that it has the legal right and authority to access, use and disclose to Ironclad any Customer Data. Customer authorizes Ironclad to access, process, and use the Customer Data as necessary to perform and fulfill its obligations hereunder. Ironclad will process and maintain Customer Data consistent with the Data Processing Addendum located at https://legal.ironcladapp.com/#dpa on the Effective Date and hereby incorporated by reference.
- Information Security. Ironclad will use commercially reasonable and industry standard technical and organizational measures designed to prevent unauthorized access, use, alteration or disclosure of the Enterprise Services or Customer Data.
- Usage Data. Ironclad may collect and analyze data and information relating to Customer’s use and the performance of the Enterprise Services and related systems and technologies therefrom (“Usage Data”) in order to improve and enhance the Enterprise Services. To enhance the Enterprise Services for the Customer’s benefit, Ironclad may use Usage Data for various purposes including to draw insights. Insights drawn from Usage Data may be disclosed to Customer and other users of the Enterprise Services in connection with their respective use of the Enterprise Services; provided that, if Ironclad discloses insights drawn from Usage Data, then all Usage Data in such disclosures will be anonymized and aggregated, will not identify Customer or Customer’s users, and will not be disclosed in a manner that would permit a third party to determine Customer’s or Customer’s users’ identity. In order for Customer to utilize all Ironclad AI product features available in the Enterprise Services for Customer’s benefit, including but not limited to Smart Import, AI Playbooks, AI Assist, Ironclad shall utilize Usage Data to enable the functioning of these features and improve the features over time.
- Electronic Signatures. Customer acknowledges and agrees that: (i) as between Ironclad and Customer, Customer has exclusive control and responsibility for the content, quality, and format of any documents used with the Enterprise Services; (ii) certain types of documents, agreements, or contracts may be excluded from general electronic signature laws (such as wills, trusts, court orders, or family law matters), or may have specific regulations that are applicable to them; and, (iii) Customer is solely responsible for ensuring that the documents, agreements or contracts it uses with the Enterprise Services are appropriate for electronic signatures, and Ironclad is not responsible or liable for any such determination or use; (iv) Consumer protection laws or regulations may impose specific requirements for electronic transactions involving consumers, Customer is solely responsible for ensuring it complies with all such laws/regulations, and Ironclad has no obligations to make such determination or assist with fulfilling any requirements therein; (v) Ironclad is not responsible for determining how long any contracts, documents, or other records are required to be retained or stored under any applicable laws; and (vi) Ironclad is not responsible for or liable to produce any of Customer’s contracts or other documents to any third parties. If Customer is using an API or other service that allows Customer to perform any end user/participant/signer authentication, then Customer is solely responsible and liable for such authentication.
- Fees. Customer will pay to Ironclad the Fees in accordance with the terms set forth in the applicable Order Form(s) and this Section 3.
- Invoices; Payment. Ironclad will invoice Customer annually in advance for the Enterprise Services and each invoice will be due and payable in accordance with the Order Form. All payment obligations are non-cancellable, and other than as provided in the Agreement, all amounts paid are non-refundable. If any undisputed amounts payable by Customer are still outstanding more than fifteen (15) days after Customer receives notice of non-payment, Ironclad will be entitled, in its sole discretion, to withhold performance and discontinue Customer’s access to the Enterprise Services until all undisputed amounts past due are paid in full.
- Taxes. All Fees and other amounts stated or referred to in this Agreement are exclusive of all taxes, duties, levies, tariffs, and other governmental charges (collectively, “Taxes”). Customer will be responsible for payment of all Taxes and any related interest and/or penalties resulting from any payments made hereunder, other than any taxes based on Ironclad’s net income. If Ironclad has the legal obligation to pay or collect Taxes for which Customer is responsible, the appropriate amount shall be invoiced to and paid by Customer unless Customer provides Ironclad with a valid tax exemption certificate authorized by the appropriate taxing authority.
- Customer owns and retains: (i) the Customer Data; (ii) Customer’s name, logo and other trademarks; and (iii) all Intellectual Property Rights in and to any of the foregoing.
- Ironclad owns and retains: (i) the Enterprise Services, and all improvements, enhancements or modifications made by any party; (ii) the Usage Data; (iii) any software, applications, inventions or other technology developed by Ironclad in connection with providing the Enterprise Services; (iv) Ironclad’s name, logo, and other trademarks; and (v) all Intellectual Property Rights in and to any of the foregoing.
- Use and Nondisclosure. A receiving party will not use the disclosing party’s Confidential Information except as necessary under this Agreement and will not disclose Confidential Information to any third party except: (a) to those of its employees and contractors who have a business need to know such Confidential Information; provided that each such employee and contractor is bound to confidentiality restrictions at least as restrictive as the terms set forth in this Agreement or (b) as further described in the Data Processing Addendum. Each receiving party will protect the disclosing party’s Confidential Information from unauthorized use and disclosure using efforts equivalent to the efforts that the receiving party uses with respect to its own confidential information and in no event less than a reasonable standard of care. The provisions of this Section 5(a) will remain in effect during the Term and for a period of five (5) years after the expiration or termination thereof, except with regard to trade secrets of the disclosing party, which will be held in confidence for as long as such information remains a trade secret.
- Exclusions. The obligations and restrictions set forth in Section 5(a) will not apply to any information that: (i) is or becomes generally known to the public through no fault of or breach of this Agreement by the receiving party; (ii) is rightfully known by the receiving party at the time of disclosure; (iii) is independently developed by the receiving party without access to the disclosing party’s Confidential Information; or (iv) the receiving party rightfully obtains from a third party who has the right to disclose such information without breach of any confidentiality obligation to the disclosing party.
- Permitted Disclosures. The provisions of this Section 5 will not restrict either party from disclosing the other party’s Confidential Information: (i) pursuant to the order or requirement of a court, administrative agency, or other governmental body; provided that to the extent legally permitted, the party required to make such a disclosure gives reasonable notice to the other party to enable it to contest such order or requirement or limit the scope of such request; (ii) on a confidential basis to its legal or professional financial advisors; (iii) as required under applicable securities regulations.
- Injunctive Relief. The receiving party acknowledges that disclosure of Confidential Information could cause substantial harm for which damages alone may not be a sufficient remedy, and therefore that upon any such disclosure by the receiving party, the disclosing party will be entitled to seek appropriate equitable relief in addition to whatever other remedies it might have at law.
- WARRANTY
- Warranty for Enterprise Services. Ironclad warrants solely to Customer that (i) the Enterprise Services will materially conform to the description set forth in this Agreement and the applicable Order Form; and (ii) the Enterprise Services will materially comply with all applicable laws, including federal, state, and local; in each case under normal use and circumstances when used consistently with the terms of this Agreement. As Ironclad’s sole and exclusive liability and Customer’s sole and exclusive remedy for any breach of the warranties set forth in this Section 6(a) Ironclad will use commercially reasonable efforts to modify the Enterprise Services to correct the non-conformity.
- Disclaimer. EXCEPT AS EXPRESSLY PROVIDED IN SECTION 6(a), IRONCLAD MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND WHATSOEVER, EXPRESS OR IMPLIED, IN CONNECTION WITH THIS AGREEMENT OR THE ENTERPRISE SERVICES AND IRONCLAD HEREBY DISCLAIMS ANY IMPLIED WARRANTIES OF MERCHANTABILITY, ACCURACY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT, AND ANY WARRANTIES ARISING FROM COURSE OF DEALING OR USAGE OF TRADE. IRONCLAD DISCLAIMS ANY WARRANTY THAT THE ENTERPRISE SERVICES WILL BE ERROR FREE OR UNINTERRUPTED OR THAT ALL ERRORS WILL BE CORRECTED. NO ADVICE OR INFORMATION, WHETHER ORAL OR WRITTEN, OBTAINED FROM IRONCLAD OR ELSEWHERE SHALL CREATE ANY WARRANTY NOT EXPRESSLY STATED IN THIS AGREEMENT. Customer assumes sole responsibility and liability for results obtained from the use of the Enterprise Services and for conclusions drawn from such use. Ironclad will have no liability for any claims, losses, or damages caused by errors or omissions in any Customer Data or other information provided to Ironclad by Customer in connection with the Enterprise Services or any actions taken by Ironclad at Customer’s direction. Ironclad will have no liability for any claims, losses or damages arising out of or in connection with Customer’s or any Authorized User’s use of any third-party products, services, software or web sites that Customer may choose to integrate or use with the Enterprise Services.
- TERM AND TERMINATION
- Term. This Agreement will commence on the Effective Date and continue for the period specified in the Order Form (the “Term”), unless terminated earlier as provided in this Agreement.
- Termination for Cause. Either party may terminate this Agreement upon written notice if the other party breaches any material terms of this Agreement and fails to correct the breach within thirty (30) days following written notice from the non-breaching party specifying the breach.
- Rights and Obligations Upon Expiration or Termination. Upon expiration or termination of this Agreement, Customer’s and Authorized Users’ right to access and use the Enterprise Services will immediately terminate and each will immediately cease all use of the Enterprise Services. Upon expiration or termination of this Agreement, Ironclad will deliver a then-current export of the Customer Data to Customer.
- Survival. The rights and obligations of Ironclad and Customer contained in Sections 2(g) (Usage Data), 3 (Fees; Expenses; Taxes), 4 (Proprietary Rights), 5 (Confidentiality), 7(c) (Rights and Obligations Upon Expiration or Termination), 7(d) (Survival), 8 (Indemnification), 9 (Limitation of Liability), and 10 (General) will survive any expiration or termination of this Agreement.
- Indemnification by Ironclad. Ironclad will defend Customer, its officers, directors and employees, from and against any suit or action brought by a third-party against Customer: (i) alleging that the Enterprise Services, as provided by Ironclad and when used by Customer pursuant to this Agreement, infringes any Intellectual Property Right of a third party (the “IP Indemnity”); or (ii) resulting from unauthorized disclosure and misuse of Customer Data directly resulting from Ironclad’s breach of its obligations under Section 2(e) (Customer Data) or Section 2(f) (Information Security) (the “Data Indemnity”). Ironclad shall indemnify and hold harmless Customer from and against any damages and costs awarded against Customer or agreed in settlement by Ironclad (including reasonable attorneys’ fees) resulting from such claim, provided that: (x) Customer provides Ironclad with prompt written notice of such claim; (y) Customer provides reasonable cooperation to Ironclad, at Ironclad’s expense, in the defense and settlement of such claim; and (z) Ironclad has sole authority to defend or settle such claim, provided that it may not settle any claim in a manner that imposes any material liability upon Customer or requires Customer to admit wrongdoing.
- Injunctions. If Customer’s use of the Enterprise Services is, or in Ironclad’s opinion is likely to be, enjoined due to the type of claim specified in Section 8(a)(i), then Ironclad may at its sole option and expense: (i) replace or modify the Enterprise Services to make them non-infringing and of equivalent functionality; (ii) procure for Customer the right to continue using the Enterprise Services under the terms of this Agreement; or (iii) if Ironclad is unable to accomplish either (i) or (ii) despite using its commercially reasonable efforts, terminate Customer’s rights and Ironclad’s obligation under this Agreement with respect to such Enterprise Services and refund to Customer a pro-rata portion of the Fees paid for the remaining portion of the Term during which Customer would have had access to the Enterprise Services.
- Exclusions. Notwithstanding the terms of Section 8(a), Ironclad will have no liability for any claim of any kind to the extent that it results from: (i) the combination, operation or use of the Enterprise Services with equipment, devices, or software not supplied by Ironclad, if a claim would not have occurred but for such combination, operation or use; or (ii) Customer’s or an Authorized User’s use of the Enterprise Services other than in accordance with this Agreement.
- Sole Remedy. THE FOREGOING STATES IRONCLAD’S AND ITS LICENSORS’ SOLE LIABILITY AND CUSTOMER’S SOLE AND EXCLUSIVE REMEDY WITH RESPECT TO ANY ALLEGED OR ACTUAL INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY RIGHTS BY THE ENTERPRISE SERVICES.
- Indemnification by Customer. Customer will defend Ironclad, its officers, directors and employees, from and against any action or suit brought against Ironclad by a third party based on a claim that the Customer Data infringes or violates the rights of a third party. Customer will indemnify and hold harmless Ironclad from and against any damages and costs awarded against Ironclad or agreed in settlement by Customer (including reasonable attorneys’ fees) resulting from such claim, provided that (i) Ironclad provides Customer with prompt written notice of such claim; (ii) Ironclad provides reasonable cooperation to Customer, at Customer’s expense, in the defense and settlement of such claim; and (iii) Customer has sole authority to defend or settle such claim, provided that it may not settle any claim in a manner that imposes any material liability upon Ironclad or requires Ironclad to admit wrongdoing.
- Exclusion of Damages. To the fullest extent permitted by law, except for Excluded Claims (as defined below in Section 9(c) and for which there will be no cap on liability), neither Customer nor Ironclad, and its Affiliates and suppliers, will be liable under this Agreement for (i) indirect, special, incidental, consequential, exemplary, or punitive damages; or (ii) loss of use, data, business, revenues, or profits (in each case whether direct or indirect), even if the party knew or should have known that such damages were possible, even if a remedy fails of its essential purpose, and regardless of the type of action or theory of liability.
- Total Liability. To the fullest extent permitted by law, except for Excluded Claims (for which there shall be no cap on liability) or Special Claims (which are subject to the Enhanced Liability Cap set forth in Section 9(d)), neither party’s aggregate liability under this Agreement will exceed the greater of $100,000 or the amount paid by Customer to Ironclad during the twelve months prior to the event giving rise to liability.
- Excluded Claims. “Excluded Claims” means: (i) any intentional misconduct or gross negligence by either party; (ii) any amounts payable to third parties pursuant to Ironclad’s IP Indemnity obligations under Section 8(a)(i); or (iii) any amounts payable to third parties pursuant to Customer’s indemnification obligations under Section 8(e) (Indemnification by Customer).
- Special Claims. “Special Claims” means (i) any breach by Ironclad of Section 2(e) (Customer Data), Section 2(f) (Information Security), or Section 5 (Confidentiality) resulting in unauthorized disclosure and misuse of Customer Data; or (ii) any amounts payable to third parties pursuant to Ironclad’s Data Indemnity obligations under Section 8(a)(ii). For any and all Special Claims, Ironclad’s aggregate liability shall be subject to an enhanced liability cap not to exceed ten times (10x) the amount paid by Customer to Ironclad during the twelve months prior to the event giving rise to liability (the “Enhanced Liability Cap”).
- Governing Law. This Agreement will be governed by the laws of the State of California, without regard to its conflict of law provisions. Any legal action or proceeding relating to this Agreement will be brought exclusively in the state or federal courts located in San Francisco, CA. Ironclad and Customer hereby agree to submit to the jurisdiction of, and agree that venue is proper in, those courts in any such legal action or proceeding.
- Order of Preference. In the event of a conflict between the Enterprise Services Agreement and Order Form, the order of preference will be the Enterprise Services Agreement, then the Order Form, unless the Order Form contains a Special Terms section, which is intended to modify the standard terms of this Enterprise Services Agreement.
- Waiver. The waiver by either party of any default or breach of this Agreement will not constitute a waiver of any other or subsequent default or breach. No waiver of any provision of this Agreement will be effective unless it is in writing and signed by the party granting the waiver.
- Notices. Notices will be sent to the addresses set forth in the Order Form. The notices will be deemed to have been given upon: (i) the date actually delivered in person; (ii) the day after the date sent by overnight courier; (iii) three (3) days following the date such notice was mailed by first class mail; or (iv) the date sent by email to Ironclad at legal@ironcladhq.com or Customer at the Customer’s email address specified in the Order Form.
- Severability. In the event any provision of this Agreement is held to be invalid or unenforceable, the remaining provisions of this Agreement will remain in full force and effect.
- Force Majeure. Neither party will be liable hereunder by reason of any failure or delay in the performance of its obligations hereunder (except for the payment of money owed) on account of events beyond the reasonable control of such party, which may include without limitation denial-of-service attacks, strikes, shortages, riots, insurrection, fires, flood, storm, explosions, pandemics, acts of God, war, terrorism, governmental action, labor conditions, earthquakes, rolling blackouts, and internet connectivity disruptions.
- Relationship Between the Parties. Nothing in this Agreement will be construed to create a partnership, joint venture or agency relationship between the parties.
- Assignment. Neither party may assign its rights or obligations under this Agreement without the other party’s prior written consent. Notwithstanding the foregoing, either party may assign its rights and obligations under this Agreement to an Affiliate as part of a reorganization, or to a purchaser of its business entity or substantially all of its assets or business to which rights and obligations pertain without the other party’s consent, provided that: (a) the purchaser is not insolvent or otherwise unable to pay its debts as they become due; (b) the purchaser is not a competitor of the other party; and (c) any assignee is bound hereby. Other than the foregoing, any attempt by either party to transfer its rights or obligations under this Agreement will be void.
- Entire Agreement. This Agreement (including any Exhibits hereto) constitutes the complete and exclusive agreement between the parties concerning its subject matter and supersedes all prior or contemporaneous agreements or understandings, written or oral, concerning the subject matter of this Agreement.
- Amendment. This Agreement may not be modified or amended except in a writing signed by a duly authorized representative of each party.
- No Third-Party Beneficiaries. This Agreement is intended for the sole and exclusive benefit of the signatories and is not intended to benefit any third party. Only the parties to this Agreement may enforce it.
- Defined Terms.
- “Emergency Maintenance” means maintenance performed to fix critical functionality, vulnerabilities, or material defects that may substantially impair the usability or performance of the CLM Services.
- “Excused Maintenance” means Emergency Maintenance and Scheduled Maintenance.
- “Scheduled Availability Time” means twenty-four (24) hours a day, seven (7) days a week, excluding: (i) Excused Maintenance, (ii) any downtime due to defects caused by Customer, one of its vendors, third party connections, utilities, or equipment, or caused by other forces beyond the reasonable control of Ironclad (such as denial of service attacks, internet or third-party service outages or outages with respect to Customer’s network or internet access).
- “Scheduled Maintenance” is any system maintenance performed during a Maintenance Window. The Maintenance Window, if one is scheduled, will be available at https://status.ironcladapp.com/ at least two weeks prior to the Maintenance Window.
- “Service Credits” are credits for which Customer may be eligible if Ironclad fails to meet the Target Uptime. The availability of the CLM Services per calendar month and corresponding Service Credits are set forth in the table below.
Availability Per Calendar Month | Service Credit |
< 99.7% - >= 99.0% | 1% of the Annual Subscription Fee |
< 99.0% - >= 95.0% | 2% of the Annual Subscription Fee |
< 95.0% | 3% of the Annual Subscription Fee |
- “Service Credit Request” means a request to Ironclad at support@ironcladhq.com stating that Customer believes that Ironclad has failed to meet the Target Uptime.
- Target Uptime. During the Term of the Agreement, Ironclad will use all commercially reasonable efforts to make the CLM Services available and operational to the Customer for 99.7% of the Scheduled Availability Time (the “Target Uptime”). If Ironclad does not meet the Target Uptime, and if Customer meets its obligations below, Customer will be eligible to receive the applicable Service Credits.
- Service Credits. To receive a Service Credit, Customer must issue a Service Credit Request within 7 days of the last day of the month in which Customer believes Ironclad’s failure to meet the Target Uptime occurred. Promptly after receipt of a Service Credit Request, Ironclad will investigate the request and notify Customer that either: (i) a Service Credit is due; or (ii) no Service Credit is due and state the basis of this determination. If Ironclad determines a Service Credit is due, then Ironclad will apply the applicable Service Credits to Customer’s account for future Fees due. Service Credits have no cash value and are Customer's sole and exclusive remedy for any failure by Ironclad to meet the Target Uptime.
- Defined Terms.
- “Activity API” means the portions of the Clickwrap Services that programmatically display contracts inside of a web page or mobile app, retrieve acceptance data for individual users, and send acceptance of contracts.
- “Emergency Maintenance” means maintenance performed to fix critical functionality, vulnerabilities, or material defects that may substantially impair the usability or performance of the Clickwrap Services.
- “Excused Maintenance” means Emergency Maintenance and Scheduled Maintenance.
- “REST API” means the portions of the Clickwrap Services that are accessed programmatically for integrations into third party applications.
- “Scheduled Availability Time” means twenty-four (24) hours a day, seven (7) days a week, excluding: (i) Excused Maintenance, (ii) any downtime due to defects caused by Customer, one of its vendors, third party connections, utilities, or equipment, or caused by other forces beyond the reasonable control of Ironclad (such as denial of service attacks, internet or third-party service outages or outages with respect to Customer’s network or internet access).
- “Scheduled Maintenance” is any system maintenance performed during a Maintenance Window. The Maintenance Window, if one is scheduled, will be available at https://status.pactsafe.com/ at least two weeks prior to the Maintenance Window.
- “Service Credits” are credits for which Customer may be eligible if Ironclad fails to meet the Target Uptime. The availability of the Clickwrap Services per calendar month and corresponding Service Credits are set forth in the table below.
Availability Per Calendar Month | Service Credit |
< 99.5% - >= 99.0% | 1% of the Annual Subscription Fee |
< 99.0% - >= 95.0% | 2% of the Annual Subscription Fee |
< 95.0% | 3% of the Annual Subscription Fee |
- “Service Credit Request” means a request to Ironclad at support@ironcladhq.com stating that Customer believes that Ironclad has failed to meet the Target Uptime.
- “Application User Interface” means the dashboard portion of the Clickwrap Services accessed via the Internet through a web browser to create and publish contracts, download electronic records of acceptance, and send contracts.
- Target Uptime. During the Term of the Agreement, Ironclad will use all commercially reasonable efforts to make the Application User Interface, REST API, and Activity API available and operational to the Customer for 99.5% of the Scheduled Availability Time (the “Target Uptime”), as tracked by each such measure on https://status.pactsafe.com/. If Ironclad does not meet the Target Uptime as to any of the three measures, and if Customer meets its obligations below, Customer will be eligible to receive the applicable Service Credits.
- Service Credits. To receive a Service Credit, Customer must issue a Service Credit Request within 7 days of the last day of the month in which Customer believes Ironclad’s failure to meet the Target Uptime occurred. Promptly after receipt of a Service Credit Request, Ironclad will investigate the request and notify Customer that either: (i) a Service Credit is due; or (ii) no Service Credit is due and state the basis of this determination. If Ironclad determines a Service Credit is due, then Ironclad will apply the applicable Service Credits to Customer’s account for future Fees due. Service Credits have no cash value and are Customer's sole and exclusive remedy for any failure by Ironclad to meet the Target Uptime.
- Maintenance. Ironclad will make available to Customer all generally available updates and bug fixes to the Enterprise Services. Ironclad will take commercially reasonable efforts to perform Scheduled Maintenance during off-peak hours.
- Support. Ironclad is available to receive Enterprise Services support inquiries via email (support@ironcladhq.com). Ironclad’s support hours are 08:00 AM to 8:00 PM Eastern Standard Time Monday through Friday (excluding standard U.S. holidays) for technical information, technical advice, and technical consultation regarding Customer’s use of the Enterprise Services.
- Help Center Access. Customer shall have 24x7 access to our online Help Center (https://support.ironcladapp.com) for any best practices, integration instructions, or product questions.
- Email & Web Form Cases. Customer shall have the ability to submit support requests 24x7 through email (support@ironcladhq.com) or the web form accessible via the Ironclad website or Help Center (https://support.ironcladapp.com).
Effective April 11th 2023 to May 23rd 2023
DownloadTable of Contents
- DEFINITIONS
- “Affiliate” means a legal entity that controls, is controlled by, or is under common control with a party, where “control” is defined as owning more than 50% of the voting shares of such entity.
- “Agreement” means this Enterprise Services Agreement, any Exhibits, and each Order Form(s).
- “Authorized User” means an employee or contractor of Customer or its Affiliates that Customer has registered to access and use the Enterprise Services.
- “Confidential Information” means any business or technical information disclosed by one party to the other party, including Customer Data, provided that it is identified as confidential at the time of disclosure or that under the circumstances, a person exercising reasonable business judgment would understand it to be confidential or proprietary.
- “Customer Data” means the data and information input or uploaded into the Enterprise Services by Customer or Authorized Users.
- “Enterprise Services” means the cloud-based web platform delivered and accessible through https://www.ironcladapp.com that provides contract management and workflow-related services (the “CLM Services”), and/or the cloud-based web platform delivered and accessible through Ironclad’s website located at: https://app.pactsafe.com that provides contract acceptance, clickwrap, and legal term-management-related services (the “Clickwrap Services”), and the services performed by Ironclad to configure and rollout the platform(s) to Customer and Authorized Users, as described in an applicable Order Form.
- “Fees” means the fee Ironclad charges to Customer for the Enterprise Services as detailed in each Order Form.
- “Order Form” means the document that Customer uses to order the Enterprise Services that is signed by both Customer and Ironclad.
- “Intellectual Property Rights” means patent rights (including, without limitation, patent applications and disclosures), copyrights, trade secrets, moral rights, know-how, and any other intellectual property rights recognized in any country or jurisdiction.
- ENTERPRISE SERVICES
- Enterprise Services. Customer and its Authorized Users may access and use the Enterprise Services solely for Customer’s own business purposes in accordance with the Agreement.
- Cooperation and Assistance. Customer will cooperate with Ironclad in good faith and provide to Ironclad the information and personnel that Ironclad reasonably requests and requires to provide the Enterprise Services. Customer, at its option, may utilize certain third-party software and services with the Enterprise Services and is responsible for acquiring and maintaining all such third-party software and services required to access, use, or integrate with the Enterprise Services, including all costs related to the foregoing.
- Authorized Users. Customer will keep its user IDs and passwords for the Enterprise Services confidential and will be responsible for all actions taken under an Authorized User’s account. Customer will comply with all applicable laws, rules and regulations in connection with its use of the Enterprise Services. Customer will promptly notify Ironclad of any suspected violation of this Agreement by an Authorized User and will cooperate with Ironclad to address the suspected violation. Ironclad may suspend an Authorized User’s access to the Enterprise Services upon notice to Customer in the event that Ironclad reasonably determines that such Authorized User violated this Agreement.
- Restrictions. Customer will not allow anyone other than Authorized Users to access or use the Enterprise Services from Customer’s accounts. Customer will not and will ensure that its Authorized Users do not: (i) attempt to interfere with or disrupt the Enterprise Services (or any related systems or networks) or use the Enterprise Services other than directly for Customer’s benefit; (ii) copy, modify or distribute any portion of the Enterprise Services; (iii) rent, lease, or resell the Enterprise Services; (iv) transfer any of its rights hereunder; or (v) reverse-engineer or access the Enterprise Services in order to build a competitive product or service.
- Customer Data. Customer is responsible for obtaining any necessary right and licenses for use of the Customer Data by Customer and Ironclad as contemplated in this Agreement. Customer agrees that it has the legal right and authority to access, use and disclose to Ironclad any Customer Data. Customer authorizes Ironclad to access, process, and use the Customer Data as necessary to perform and fulfill its obligations hereunder. Ironclad will process and maintain Customer Data consistent with the Data Processing Addendum located at https://legal.ironcladapp.com/#dpa on the Effective Date and hereby incorporated by reference.
- Information Security. Ironclad will use commercially reasonable and industry standard technical and organizational measures designed to prevent unauthorized access, use, alteration or disclosure of the Enterprise Services or Customer Data.
- Usage Data. Ironclad may collect and analyze data and information relating to Customer’s use and the performance of the Enterprise Services and related systems and technologies therefrom (“Usage Data”) in order to improve and enhance the Enterprise Services. To enhance the Enterprise Services for the Customer’s benefit, Ironclad may use Usage Data for various purposes including to draw insights. Insights drawn from Usage Data may be disclosed to Customer and other users of the Enterprise Services in connection with their respective use of the Enterprise Services; provided that, if Ironclad discloses insights drawn from Usage Data, then all Usage Data in such disclosures will be anonymized and aggregated, will not identify Customer or Customer’s users, and will not be disclosed in a manner that would permit a third party to determine Customer’s or Customer’s users’ identity. In order for Customer to utilize all Ironclad AI product features available in the Enterprise Services for Customer’s benefit, including but not limited to Smart Import, AI Playbooks, AI Assist, Ironclad shall utilize Usage Data to enable the functioning of these features and improve the features over time.
- Electronic Signatures. Customer acknowledges and agrees that: (i) as between Ironclad and Customer, Customer has exclusive control and responsibility for the content, quality, and format of any documents used with the Enterprise Services; (ii) certain types of documents, agreements, or contracts may be excluded from general electronic signature laws (such as wills, trusts, court orders, or family law matters), or may have specific regulations that are applicable to them; and, (iii) Customer is solely responsible for ensuring that the documents, agreements or contracts it uses with the Enterprise Services are appropriate for electronic signatures, and Ironclad is not responsible or liable for any such determination or use; (iv) Consumer protection laws or regulations may impose specific requirements for electronic transactions involving consumers, Customer is solely responsible for ensuring it complies with all such laws/regulations, and Ironclad has no obligations to make such determination or assist with fulfilling any requirements therein; (v) Ironclad is not responsible for determining how long any contracts, documents, or other records are required to be retained or stored under any applicable laws; and (vi) Ironclad is not responsible for or liable to produce any of Customer’s contracts or other documents to any third parties. If Customer is using an API or other service that allows Customer to perform any end user/participant/signer authentication, then Customer is solely responsible and liable for such authentication.
- Fees. Customer will pay to Ironclad the Fees in accordance with the terms set forth in the applicable Order Form(s) and this Section 3.
- Invoices; Payment. Ironclad will invoice Customer annually in advance for the Enterprise Services and each invoice will be due and payable in accordance with the Order Form. All payment obligations are non-cancellable, and other than as provided in the Agreement, all amounts paid are non-refundable. If any undisputed amounts payable by Customer are still outstanding more than fifteen (15) days after Customer receives notice of non-payment, Ironclad will be entitled, in its sole discretion, to withhold performance and discontinue Customer’s access to the Enterprise Services until all undisputed amounts past due are paid in full.
- Taxes. All Fees and other amounts stated or referred to in this Agreement are exclusive of all taxes, duties, levies, tariffs, and other governmental charges (collectively, “Taxes”). Customer will be responsible for payment of all Taxes and any related interest and/or penalties resulting from any payments made hereunder, other than any taxes based on Ironclad’s net income. If Ironclad has the legal obligation to pay or collect Taxes for which Customer is responsible, the appropriate amount shall be invoiced to and paid by Customer unless Customer provides Ironclad with a valid tax exemption certificate authorized by the appropriate taxing authority.
- Customer owns and retains: (i) the Customer Data; (ii) Customer’s name, logo and other trademarks; and (iii) all Intellectual Property Rights in and to any of the foregoing.
- Ironclad owns and retains: (i) the Enterprise Services, and all improvements, enhancements or modifications made by any party; (ii) the Usage Data; (iii) any software, applications, inventions or other technology developed by Ironclad in connection with providing the Enterprise Services; (iv) Ironclad’s name, logo, and other trademarks; and (v) all Intellectual Property Rights in and to any of the foregoing.
- Use and Nondisclosure. A receiving party will not use the disclosing party’s Confidential Information except as necessary under this Agreement and will not disclose Confidential Information to any third party except: (a) to those of its employees and contractors who have a business need to know such Confidential Information; provided that each such employee and contractor is bound to confidentiality restrictions at least as restrictive as the terms set forth in this Agreement or (b) as further described in the Data Processing Addendum. Each receiving party will protect the disclosing party’s Confidential Information from unauthorized use and disclosure using efforts equivalent to the efforts that the receiving party uses with respect to its own confidential information and in no event less than a reasonable standard of care. The provisions of this Section 5(a) will remain in effect during the Term and for a period of five (5) years after the expiration or termination thereof, except with regard to trade secrets of the disclosing party, which will be held in confidence for as long as such information remains a trade secret.
- Exclusions. The obligations and restrictions set forth in Section 5(a) will not apply to any information that: (i) is or becomes generally known to the public through no fault of or breach of this Agreement by the receiving party; (ii) is rightfully known by the receiving party at the time of disclosure; (iii) is independently developed by the receiving party without access to the disclosing party’s Confidential Information; or (iv) the receiving party rightfully obtains from a third party who has the right to disclose such information without breach of any confidentiality obligation to the disclosing party.
- Permitted Disclosures. The provisions of this Section 5 will not restrict either party from disclosing the other party’s Confidential Information: (i) pursuant to the order or requirement of a court, administrative agency, or other governmental body; provided that to the extent legally permitted, the party required to make such a disclosure gives reasonable notice to the other party to enable it to contest such order or requirement or limit the scope of such request; (ii) on a confidential basis to its legal or professional financial advisors; (iii) as required under applicable securities regulations.
- Injunctive Relief. The receiving party acknowledges that disclosure of Confidential Information could cause substantial harm for which damages alone may not be a sufficient remedy, and therefore that upon any such disclosure by the receiving party, the disclosing party will be entitled to seek appropriate equitable relief in addition to whatever other remedies it might have at law.
- WARRANTY
- Warranty for Enterprise Services. Ironclad warrants solely to Customer that (i) the Enterprise Services will materially conform to the description set forth in this Agreement and the applicable Order Form; and (ii) the Enterprise Services will materially comply with all applicable laws, including federal, state, and local; in each case under normal use and circumstances when used consistently with the terms of this Agreement. As Ironclad’s sole and exclusive liability and Customer’s sole and exclusive remedy for any breach of the warranties set forth in this Section 6(a) Ironclad will use commercially reasonable efforts to modify the Enterprise Services to correct the non-conformity.
- Disclaimer. EXCEPT AS EXPRESSLY PROVIDED IN SECTION 6(a), IRONCLAD MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND WHATSOEVER, EXPRESS OR IMPLIED, IN CONNECTION WITH THIS AGREEMENT OR THE ENTERPRISE SERVICES AND IRONCLAD HEREBY DISCLAIMS ANY IMPLIED WARRANTIES OF MERCHANTABILITY, ACCURACY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT, AND ANY WARRANTIES ARISING FROM COURSE OF DEALING OR USAGE OF TRADE. IRONCLAD DISCLAIMS ANY WARRANTY THAT THE ENTERPRISE SERVICES WILL BE ERROR FREE OR UNINTERRUPTED OR THAT ALL ERRORS WILL BE CORRECTED. NO ADVICE OR INFORMATION, WHETHER ORAL OR WRITTEN, OBTAINED FROM IRONCLAD OR ELSEWHERE SHALL CREATE ANY WARRANTY NOT EXPRESSLY STATED IN THIS AGREEMENT. Customer assumes sole responsibility and liability for results obtained from the use of the Enterprise Services and for conclusions drawn from such use. Ironclad will have no liability for any claims, losses, or damages caused by errors or omissions in any Customer Data or other information provided to Ironclad by Customer in connection with the Enterprise Services or any actions taken by Ironclad at Customer’s direction. Ironclad will have no liability for any claims, losses or damages arising out of or in connection with Customer’s or any Authorized User’s use of any third-party products, services, software or web sites that Customer may choose to integrate or use with the Enterprise Services.
- TERM AND TERMINATION
- Term. This Agreement will commence on the Effective Date and continue for the period specified in the Order Form (the “Term”), unless terminated earlier as provided in this Agreement.
- Termination for Cause. Either party may terminate this Agreement upon written notice if the other party breaches any material terms of this Agreement and fails to correct the breach within thirty (30) days following written notice from the non-breaching party specifying the breach.
- Rights and Obligations Upon Expiration or Termination. Upon expiration or termination of this Agreement, Customer’s and Authorized Users’ right to access and use the Enterprise Services will immediately terminate and each will immediately cease all use of the Enterprise Services. Upon expiration or termination of this Agreement, Ironclad will deliver a then-current export of the Customer Data to Customer.
- Survival. The rights and obligations of Ironclad and Customer contained in Sections 2(g) (Usage Data), 3 (Fees; Expenses; Taxes), 4 (Proprietary Rights), 5 (Confidentiality), 7(c) (Rights and Obligations Upon Expiration or Termination), 7(d) (Survival), 8 (Indemnification), 9 (Limitation of Liability), and 10 (General) will survive any expiration or termination of this Agreement.
- Indemnification by Ironclad. Ironclad will defend Customer, its officers, directors and employees, from and against any suit or action brought by a third-party against Customer: (i) alleging that the Enterprise Services, as provided by Ironclad and when used by Customer pursuant to this Agreement, infringes any Intellectual Property Right of a third party (the “IP Indemnity”); or (ii) resulting from unauthorized disclosure and misuse of Customer Data directly resulting from Ironclad’s breach of its obligations under Section 2(e) (Customer Data) or Section 2(f) (Information Security) (the “Data Indemnity”). Ironclad shall indemnify and hold harmless Customer from and against any damages and costs awarded against Customer or agreed in settlement by Ironclad (including reasonable attorneys’ fees) resulting from such claim, provided that: (x) Customer provides Ironclad with prompt written notice of such claim; (y) Customer provides reasonable cooperation to Ironclad, at Ironclad’s expense, in the defense and settlement of such claim; and (z) Ironclad has sole authority to defend or settle such claim, provided that it may not settle any claim in a manner that imposes any material liability upon Customer or requires Customer to admit wrongdoing.
- Injunctions. If Customer’s use of the Enterprise Services is, or in Ironclad’s opinion is likely to be, enjoined due to the type of claim specified in Section 8(a)(i), then Ironclad may at its sole option and expense: (i) replace or modify the Enterprise Services to make them non-infringing and of equivalent functionality; (ii) procure for Customer the right to continue using the Enterprise Services under the terms of this Agreement; or (iii) if Ironclad is unable to accomplish either (i) or (ii) despite using its commercially reasonable efforts, terminate Customer’s rights and Ironclad’s obligation under this Agreement with respect to such Enterprise Services and refund to Customer a pro-rata portion of the Fees paid for the remaining portion of the Term during which Customer would have had access to the Enterprise Services.
- Exclusions. Notwithstanding the terms of Section 8(a), Ironclad will have no liability for any claim of any kind to the extent that it results from: (i) the combination, operation or use of the Enterprise Services with equipment, devices, or software not supplied by Ironclad, if a claim would not have occurred but for such combination, operation or use; or (ii) Customer’s or an Authorized User’s use of the Enterprise Services other than in accordance with this Agreement.
- Sole Remedy. THE FOREGOING STATES IRONCLAD’S AND ITS LICENSORS’ SOLE LIABILITY AND CUSTOMER’S SOLE AND EXCLUSIVE REMEDY WITH RESPECT TO ANY ALLEGED OR ACTUAL INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY RIGHTS BY THE ENTERPRISE SERVICES.
- Indemnification by Customer. Customer will defend Ironclad, its officers, directors and employees, from and against any action or suit brought against Ironclad by a third party based on a claim that the Customer Data infringes or violates the rights of a third party. Customer will indemnify and hold harmless Ironclad from and against any damages and costs awarded against Ironclad or agreed in settlement by Customer (including reasonable attorneys’ fees) resulting from such claim, provided that (i) Ironclad provides Customer with prompt written notice of such claim; (ii) Ironclad provides reasonable cooperation to Customer, at Customer’s expense, in the defense and settlement of such claim; and (iii) Customer has sole authority to defend or settle such claim, provided that it may not settle any claim in a manner that imposes any material liability upon Ironclad or requires Ironclad to admit wrongdoing.
- Exclusion of Damages. To the fullest extent permitted by law, except for Excluded Claims (as defined below in Section 9(c) and for which there will be no cap on liability), neither Customer nor Ironclad, and its Affiliates and suppliers, will be liable under this Agreement for (i) indirect, special, incidental, consequential, exemplary, or punitive damages; or (ii) loss of use, data, business, revenues, or profits (in each case whether direct or indirect), even if the party knew or should have known that such damages were possible, even if a remedy fails of its essential purpose, and regardless of the type of action or theory of liability.
- Total Liability. To the fullest extent permitted by law, except for Excluded Claims (for which there shall be no cap on liability) or Special Claims (which are subject to the Enhanced Liability Cap set forth in Section 9(d)), neither party’s aggregate liability under this Agreement will exceed the greater of $100,000 or the amount paid by Customer to Ironclad during the twelve months prior to the event giving rise to liability.
- Excluded Claims. “Excluded Claims” means: (i) any intentional misconduct or gross negligence by either party; (ii) any amounts payable to third parties pursuant to Ironclad’s IP Indemnity obligations under Section 8(a)(i); or (iii) any amounts payable to third parties pursuant to Customer’s indemnification obligations under Section 8(e) (Indemnification by Customer).
- Special Claims. “Special Claims” means (i) any breach by Ironclad of Section 2(e) (Customer Data), Section 2(f) (Information Security), or Section 5 (Confidentiality) resulting in unauthorized disclosure and misuse of Customer Data; or (ii) any amounts payable to third parties pursuant to Ironclad’s Data Indemnity obligations under Section 8(a)(ii). For any and all Special Claims, Ironclad’s aggregate liability shall be subject to an enhanced liability cap not to exceed ten times (10x) the amount paid by Customer to Ironclad during the twelve months prior to the event giving rise to liability (the “Enhanced Liability Cap”).
- Governing Law. This Agreement will be governed by the laws of the State of California, without regard to its conflict of law provisions. Any legal action or proceeding relating to this Agreement will be brought exclusively in the state or federal courts located in San Francisco, CA. Ironclad and Customer hereby agree to submit to the jurisdiction of, and agree that venue is proper in, those courts in any such legal action or proceeding.
- Order of Preference. In the event of a conflict between the Enterprise Services Agreement and Order Form, the order of preference will be the Enterprise Services Agreement, then the Order Form, unless the Special Contractual Terms section of the Order Form clearly specifies that it modifies the Enterprise Services Agreement.
- Waiver. The waiver by either party of any default or breach of this Agreement will not constitute a waiver of any other or subsequent default or breach. No waiver of any provision of this Agreement will be effective unless it is in writing and signed by the party granting the waiver.
- Notices. Notices will be sent to the addresses set forth in the Order Form. The notices will be deemed to have been given upon: (i) the date actually delivered in person; (ii) the day after the date sent by overnight courier; (iii) three (3) days following the date such notice was mailed by first class mail; or (iv) the date sent by email to Ironclad at legal@ironcladhq.com or Customer at the Customer’s email address specified in the Order Form.
- Severability. In the event any provision of this Agreement is held to be invalid or unenforceable, the remaining provisions of this Agreement will remain in full force and effect.
- Force Majeure. Neither party will be liable hereunder by reason of any failure or delay in the performance of its obligations hereunder (except for the payment of money owed) on account of events beyond the reasonable control of such party, which may include without limitation denial-of-service attacks, strikes, shortages, riots, insurrection, fires, flood, storm, explosions, pandemics, acts of God, war, terrorism, governmental action, labor conditions, earthquakes, rolling blackouts, and internet connectivity disruptions.
- Relationship Between the Parties. Nothing in this Agreement will be construed to create a partnership, joint venture or agency relationship between the parties.
- Assignment. Neither party may assign its rights or obligations under this Agreement without the other party’s prior written consent. Notwithstanding the foregoing, either party may assign its rights and obligations under this Agreement to an Affiliate as part of a reorganization, or to a purchaser of its business entity or substantially all of its assets or business to which rights and obligations pertain without the other party’s consent, provided that: (a) the purchaser is not insolvent or otherwise unable to pay its debts as they become due; (b) the purchaser is not a competitor of the other party; and (c) any assignee is bound hereby. Other than the foregoing, any attempt by either party to transfer its rights or obligations under this Agreement will be void.
- Entire Agreement. This Agreement (including any Exhibits hereto) constitutes the complete and exclusive agreement between the parties concerning its subject matter and supersedes all prior or contemporaneous agreements or understandings, written or oral, concerning the subject matter of this Agreement.
- Amendment. This Agreement may not be modified or amended except in a writing signed by a duly authorized representative of each party.
- No Third-Party Beneficiaries. This Agreement is intended for the sole and exclusive benefit of the signatories and is not intended to benefit any third party. Only the parties to this Agreement may enforce it.
- Defined Terms.
- “Emergency Maintenance” means maintenance performed to fix critical functionality, vulnerabilities, or material defects that may substantially impair the usability or performance of the CLM Services.
- “Excused Maintenance” means Emergency Maintenance and Scheduled Maintenance.
- “Scheduled Availability Time” means twenty-four (24) hours a day, seven (7) days a week, excluding: (i) Excused Maintenance, (ii) any downtime due to defects caused by Customer, one of its vendors, third party connections, utilities, or equipment, or caused by other forces beyond the reasonable control of Ironclad (such as denial of service attacks, internet or third-party service outages or outages with respect to Customer’s network or internet access).
- “Scheduled Maintenance” is any system maintenance performed during a Maintenance Window. The Maintenance Window, if one is scheduled, will be available at https://status.ironcladapp.com/ at least two weeks prior to the Maintenance Window.
- “Service Credits” are credits for which Customer may be eligible if Ironclad fails to meet the Target Uptime. The availability of the CLM Services per calendar month and corresponding Service Credits are set forth in the table below.
Availability Per Calendar Month | Service Credit |
< 99.7% - >= 99.0% | 1% of the Annual Subscription Fee |
< 99.0% - >= 95.0% | 2% of the Annual Subscription Fee |
< 95.0% | 3% of the Annual Subscription Fee |
- “Service Credit Request” means a request to Ironclad at support@ironcladhq.com stating that Customer believes that Ironclad has failed to meet the Target Uptime.
- Target Uptime. During the Term of the Agreement, Ironclad will use all commercially reasonable efforts to make the CLM Services available and operational to the Customer for 99.7% of the Scheduled Availability Time (the “Target Uptime”). If Ironclad does not meet the Target Uptime, and if Customer meets its obligations below, Customer will be eligible to receive the applicable Service Credits.
- Service Credits. To receive a Service Credit, Customer must issue a Service Credit Request within 7 days of the last day of the month in which Customer believes Ironclad’s failure to meet the Target Uptime occurred. Promptly after receipt of a Service Credit Request, Ironclad will investigate the request and notify Customer that either: (i) a Service Credit is due; or (ii) no Service Credit is due and state the basis of this determination. If Ironclad determines a Service Credit is due, then Ironclad will apply the applicable Service Credits to Customer’s account for future Fees due. Service Credits have no cash value and are Customer's sole and exclusive remedy for any failure by Ironclad to meet the Target Uptime.
- Defined Terms.
- “Activity API” means the portions of the Clickwrap Services that programmatically display contracts inside of a web page or mobile app, retrieve acceptance data for individual users, and send acceptance of contracts.
- “Emergency Maintenance” means maintenance performed to fix critical functionality, vulnerabilities, or material defects that may substantially impair the usability or performance of the Clickwrap Services.
- “Excused Maintenance” means Emergency Maintenance and Scheduled Maintenance.
- “REST API” means the portions of the Clickwrap Services that are accessed programmatically for integrations into third party applications.
- “Scheduled Availability Time” means twenty-four (24) hours a day, seven (7) days a week, excluding: (i) Excused Maintenance, (ii) any downtime due to defects caused by Customer, one of its vendors, third party connections, utilities, or equipment, or caused by other forces beyond the reasonable control of Ironclad (such as denial of service attacks, internet or third-party service outages or outages with respect to Customer’s network or internet access).
- “Scheduled Maintenance” is any system maintenance performed during a Maintenance Window. The Maintenance Window, if one is scheduled, will be available at https://status.pactsafe.com/ at least two weeks prior to the Maintenance Window.
- “Service Credits” are credits for which Customer may be eligible if Ironclad fails to meet the Target Uptime. The availability of the Clickwrap Services per calendar month and corresponding Service Credits are set forth in the table below.
Availability Per Calendar Month | Service Credit |
< 99.5% - >= 99.0% | 1% of the Annual Subscription Fee |
< 99.0% - >= 95.0% | 2% of the Annual Subscription Fee |
< 95.0% | 3% of the Annual Subscription Fee |
- “Service Credit Request” means a request to Ironclad at support@ironcladhq.com stating that Customer believes that Ironclad has failed to meet the Target Uptime.
- “Application User Interface” means the dashboard portion of the Clickwrap Services accessed via the Internet through a web browser to create and publish contracts, download electronic records of acceptance, and send contracts.
- Target Uptime. During the Term of the Agreement, Ironclad will use all commercially reasonable efforts to make the Application User Interface, REST API, and Activity API available and operational to the Customer for 99.5% of the Scheduled Availability Time (the “Target Uptime”), as tracked by each such measure on https://status.pactsafe.com/. If Ironclad does not meet the Target Uptime as to any of the three measures, and if Customer meets its obligations below, Customer will be eligible to receive the applicable Service Credits.
- Service Credits. To receive a Service Credit, Customer must issue a Service Credit Request within 7 days of the last day of the month in which Customer believes Ironclad’s failure to meet the Target Uptime occurred. Promptly after receipt of a Service Credit Request, Ironclad will investigate the request and notify Customer that either: (i) a Service Credit is due; or (ii) no Service Credit is due and state the basis of this determination. If Ironclad determines a Service Credit is due, then Ironclad will apply the applicable Service Credits to Customer’s account for future Fees due. Service Credits have no cash value and are Customer's sole and exclusive remedy for any failure by Ironclad to meet the Target Uptime.
- Maintenance. Ironclad will make available to Customer all generally available updates and bug fixes to the Enterprise Services. Ironclad will take commercially reasonable efforts to perform Scheduled Maintenance during off-peak hours.
- Support. Ironclad is available to receive Enterprise Services support inquiries via email (support@ironcladhq.com). Ironclad’s support hours are 08:00 AM to 8:00 PM Eastern Standard Time Monday through Friday (excluding standard U.S. holidays) for technical information, technical advice, and technical consultation regarding Customer’s use of the Enterprise Services.
- Help Center Access. Customer shall have 24x7 access to our online Help Center (https://support.ironcladapp.com) for any best practices, integration instructions, or product questions.
- Email & Web Form Cases. Customer shall have the ability to submit support requests 24x7 through email (support@ironcladhq.com) or the web form accessible via the Ironclad website or Help Center (https://support.ironcladapp.com).
Effective December 19th 2022 to April 11th 2023
DownloadTable of Contents
- DEFINITIONS
- “Affiliate” means a legal entity that controls, is controlled by, or is under common control with a party, where “control” is defined as owning more than 50% of the voting shares of such entity.
- “Agreement” means this Enterprise Services Agreement, any Exhibits, and each Order Form(s).
- “Authorized User” means an employee or contractor of Customer or its Affiliates that Customer has registered to access and use the Enterprise Services.
- “Confidential Information” means any business or technical information disclosed by one party to the other party, including Customer Data, provided that it is identified as confidential at the time of disclosure or that under the circumstances, a person exercising reasonable business judgment would understand it to be confidential or proprietary.
- “Customer Data” means the data and information input or uploaded into the Enterprise Services by Customer or Authorized Users.
- “Enterprise Services” means the cloud-based web platform delivered and accessible through https://www.ironcladapp.com that provides contract management and workflow-related services (the “CLM Services”), and/or the cloud-based web platform delivered and accessible through Ironclad’s website located at: https://app.pactsafe.com that provides contract acceptance, clickwrap, and legal term-management-related services (the “Clickwrap Services”), and the services performed by Ironclad to configure and rollout the platform(s) to Customer and Authorized Users, as described in an applicable Order Form.
- “Order Form” means the document that Customer uses to order the Enterprise Services that is signed by both Customer and Ironclad.
- “Intellectual Property Rights” means patent rights (including, without limitation, patent applications and disclosures), copyrights, trade secrets, moral rights, know-how, and any other intellectual property rights recognized in any country or jurisdiction.
- ENTERPRISE SERVICES
- Enterprise Services. Customer and its Authorized Users may access and use the Enterprise Services solely for Customer’s own business purposes in accordance with the Agreement.
- Cooperation and Assistance. Customer will cooperate with Ironclad in good faith and provide to Ironclad the information and personnel that Ironclad reasonably requests and requires to provide the Enterprise Services. Customer, at its option, may utilize certain third-party software and services with the Enterprise Services and is responsible for acquiring and maintaining all such third-party software and services required to access, use, or integrate with the Enterprise Services, including all costs related to the foregoing.
- Authorized Users. Customer will keep its user IDs and passwords for the Enterprise Services confidential and will be responsible for all actions taken under an Authorized User’s account. Customer will comply with all applicable laws, rules and regulations in connection with its use of the Enterprise Services. Customer will promptly notify Ironclad of any suspected violation of this Agreement by an Authorized User and will cooperate with Ironclad to address the suspected violation. Ironclad may suspend an Authorized User’s access to the Enterprise Services upon notice to Customer in the event that Ironclad reasonably determines that such Authorized User violated this Agreement.
- Restrictions. Customer will not allow anyone other than Authorized Users to access or use the Enterprise Services from Customer’s accounts. Customer will not and will ensure that its Authorized Users do not: (i) attempt to interfere with or disrupt the Enterprise Services (or any related systems or networks) or use the Enterprise Services other than directly for Customer’s benefit; (ii) copy, modify or distribute any portion of the Enterprise Services; (iii) rent, lease, or resell the Enterprise Services; (iv) transfer any of its rights hereunder; or (v) reverse-engineer or access the Enterprise Services in order to build a competitive product or service.
- Customer Data. Customer is responsible for obtaining any necessary right and licenses for use of the Customer Data by Customer and Ironclad as contemplated in this Agreement. Customer agrees that it has the legal right and authority to access, use and disclose to Ironclad any Customer Data. Customer authorizes Ironclad to access, process, and use the Customer Data as necessary to perform and fulfill its obligations hereunder. Ironclad will process and maintain Customer Data consistent with the Data Processing Addendum located at https://legal.ironcladapp.com/#dpa on the Effective Date and hereby incorporated by reference.
- Information Security. Ironclad will use commercially reasonable and industry standard technical and organizational measures designed to prevent unauthorized access, use, alteration or disclosure of the Enterprise Services or Customer Data.
- Usage Data. Ironclad may collect and analyze data and other information relating to the provision, use and performance of the Enterprise Services and related systems and technologies therefrom (“Usage Data”) in order to improve and enhance the Enterprise Services. Insights drawn from Usage Data may be disclosed to Customer and other users of the Enterprise Services in connection with their respective use of the Enterprise Services; provided that, if Ironclad discloses insights drawn from Usage Data, then all Usage Data in such disclosures will be anonymized and aggregated, will not identify Customer or Customer’s users, and will not be disclosed in a manner that would permit a third party to determine Customer’s or Customer’s users’ identity.
- Electronic Signatures. Customer acknowledges and agrees that: (i) as between Ironclad and Customer, Customer has exclusive control and responsibility for the content, quality, and format of any documents used with the Enterprise Services; (ii) certain types of documents, agreements, or contracts may be excluded from general electronic signature laws (such as wills, trusts, court orders, or family law matters), or may have specific regulations that are applicable to them; and, (iii) Customer is solely responsible for ensuring that the documents, agreements or contracts it uses with the Enterprise Services are appropriate for electronic signatures, and Ironclad is not responsible or liable for any such determination or use; (iv) Consumer protection laws or regulations may impose specific requirements for electronic transactions involving consumers, Customer is solely responsible for ensuring it complies with all such laws/regulations, and Ironclad has no obligations to make such determination or assist with fulfilling any requirements therein; (v) Ironclad is not responsible for determining how long any contracts, documents, or other records are required to be retained or stored under any applicable laws; and (vi) Ironclad is not responsible for or liable to produce any of Customer’s contracts or other documents to any third parties. If Customer is using an API or other service that allows Customer to perform any end user/participant/signer authentication, then Customer is solely responsible and liable for such authentication.
- Fees. Customer will pay to Ironclad the fees in accordance with the terms set forth in the applicable Order Form(s) and this Section 3.
- Invoices; Payment. Ironclad will invoice Customer annually in advance for the Enterprise Services and each invoice will be due and payable in accordance with the Order Form. All payment obligations are non-cancellable, and other than as provided in the Agreement, all amounts paid are non-refundable. If any undisputed amounts payable by Customer are still outstanding more than fifteen (15) days after Customer receives notice of non-payment, Ironclad will be entitled, in its sole discretion, to withhold performance and discontinue Customer’s access to the Enterprise Services until all undisputed amounts past due are paid in full.
- Taxes. All Fees and other amounts stated or referred to in this Agreement are exclusive of all taxes, duties, levies, tariffs, and other governmental charges (collectively, “Taxes”). Customer will be responsible for payment of all Taxes and any related interest and/or penalties resulting from any payments made hereunder, other than any taxes based on Ironclad’s net income. If Ironclad has the legal obligation to pay or collect Taxes for which Customer is responsible, the appropriate amount shall be invoiced to and paid by Customer unless Customer provides Ironclad with a valid tax exemption certificate authorized by the appropriate taxing authority.
- Customer owns and retains: (i) the Customer Data; (ii) Customer’s name, logo and other trademarks; and (iii) all Intellectual Property Rights in and to any of the foregoing.
- Ironclad owns and retains: (i) the Enterprise Services, and all improvements, enhancements or modifications made by any party; (ii) the Usage Data; (iii) any software, applications, inventions or other technology developed by Ironclad in connection with providing the Enterprise Services; (iv) Ironclad’s name, logo, and other trademarks; and (v) all Intellectual Property Rights in and to any of the foregoing.
- Use and Nondisclosure. A receiving party will not use the disclosing party’s Confidential Information except as necessary under this Agreement and will not disclose Confidential Information to any third party except: (a) to those of its employees and contractors who have a business need to know such Confidential Information; provided that each such employee and contractor is bound to confidentiality restrictions at least as restrictive as the terms set forth in this Agreement or (b) as further described in the Data Processing Addendum. Each receiving party will protect the disclosing party’s Confidential Information from unauthorized use and disclosure using efforts equivalent to the efforts that the receiving party uses with respect to its own confidential information and in no event less than a reasonable standard of care. The provisions of this Section 5(a) will remain in effect during the Term and for a period of five (5) years after the expiration or termination thereof, except with regard to trade secrets of the disclosing party, which will be held in confidence for as long as such information remains a trade secret.
- Exclusions. The obligations and restrictions set forth in Section 5(a) will not apply to any information that: (i) is or becomes generally known to the public through no fault of or breach of this Agreement by the receiving party; (ii) is rightfully known by the receiving party at the time of disclosure; (iii) is independently developed by the receiving party without access to the disclosing party’s Confidential Information; or (iv) the receiving party rightfully obtains from a third party who has the right to disclose such information without breach of any confidentiality obligation to the disclosing party.
- Permitted Disclosures. The provisions of this Section 5 will not restrict either party from disclosing the other party’s Confidential Information: (i) pursuant to the order or requirement of a court, administrative agency, or other governmental body; provided that to the extent legally permitted, the party required to make such a disclosure gives reasonable notice to the other party to enable it to contest such order or requirement or limit the scope of such request; (ii) on a confidential basis to its legal or professional financial advisors; (iii) as required under applicable securities regulations.
- Injunctive Relief. The receiving party acknowledges that disclosure of Confidential Information could cause substantial harm for which damages alone may not be a sufficient remedy, and therefore that upon any such disclosure by the receiving party, the disclosing party will be entitled to seek appropriate equitable relief in addition to whatever other remedies it might have at law.
- WARRANTY
- Warranty for Enterprise Services. Ironclad warrants solely to Customer that (i) the Enterprise Services will materially conform to the description set forth in this Agreement and the applicable Order Form; and (ii) the Enterprise Services will materially comply with all applicable laws, including federal, state, and local; in each case under normal use and circumstances when used consistently with the terms of this Agreement. As Ironclad’s sole and exclusive liability and Customer’s sole and exclusive remedy for any breach of the warranties set forth in this Section 6(a) Ironclad will use commercially reasonable efforts to modify the Enterprise Services to correct the non-conformity.
- Disclaimer. EXCEPT AS EXPRESSLY PROVIDED IN SECTION 6(a), IRONCLAD MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND WHATSOEVER, EXPRESS OR IMPLIED, IN CONNECTION WITH THIS AGREEMENT OR THE ENTERPRISE SERVICES AND IRONCLAD HEREBY DISCLAIMS ANY IMPLIED WARRANTIES OF MERCHANTABILITY, ACCURACY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT, AND ANY WARRANTIES ARISING FROM COURSE OF DEALING OR USAGE OF TRADE. IRONCLAD DISCLAIMS ANY WARRANTY THAT THE ENTERPRISE SERVICES WILL BE ERROR FREE OR UNINTERRUPTED OR THAT ALL ERRORS WILL BE CORRECTED. NO ADVICE OR INFORMATION, WHETHER ORAL OR WRITTEN, OBTAINED FROM IRONCLAD OR ELSEWHERE SHALL CREATE ANY WARRANTY NOT EXPRESSLY STATED IN THIS AGREEMENT. Customer assumes sole responsibility and liability for results obtained from the use of the Enterprise Services and for conclusions drawn from such use. Ironclad will have no liability for any claims, losses, or damages caused by errors or omissions in any Customer Data or other information provided to Ironclad by Customer in connection with the Enterprise Services or any actions taken by Ironclad at Customer’s direction. Ironclad will have no liability for any claims, losses or damages arising out of or in connection with Customer’s or any Authorized User’s use of any third-party products, services, software or web sites that Customer may choose to integrate or use with the Enterprise Services.
- TERM AND TERMINATION
- Term. This Agreement will commence on the Effective Date and continue for the period specified in the Order Form (the “Term”), unless terminated earlier as provided in this Agreement.
- Termination for Cause. Either party may terminate this Agreement upon written notice if the other party breaches any material terms of this Agreement and fails to correct the breach within thirty (30) days following written notice from the non-breaching party specifying the breach.
- Rights and Obligations Upon Expiration or Termination. Upon expiration or termination of this Agreement, Customer’s and Authorized Users’ right to access and use the Enterprise Services will immediately terminate and each will immediately cease all use of the Enterprise Services. Upon expiration or termination of this Agreement, Ironclad will deliver a then-current export of the Customer Data to Customer.
- Survival. The rights and obligations of Ironclad and Customer contained in Sections 2(g) (Usage Data), 3 (Fees; Expenses; Taxes), 4 (Proprietary Rights), 5 (Confidentiality), 7(c) (Rights and Obligations Upon Expiration or Termination), 7(d) (Survival), 8 (Indemnification), 9 (Limitation of Liability), and 10 (General) will survive any expiration or termination of this Agreement.
- Indemnification by Ironclad. Ironclad will defend Customer, its officers, directors and employees, from and against any suit or action brought by a third-party against Customer: (i) alleging that the Enterprise Services, as provided by Ironclad and when used by Customer pursuant to this Agreement, infringes any Intellectual Property Right of a third party (the “IP Indemnity”); or (ii) resulting from unauthorized disclosure and misuse of Customer Data directly resulting from Ironclad’s breach of its obligations under Section 2(e) (Customer Data) or Section 2(f) (Information Security) (the “Data Indemnity”). Ironclad shall indemnify and hold harmless Customer from and against any damages and costs awarded against Customer or agreed in settlement by Ironclad (including reasonable attorneys’ fees) resulting from such claim, provided that: (x) Customer provides Ironclad with prompt written notice of such claim; (y) Customer provides reasonable cooperation to Ironclad, at Ironclad’s expense, in the defense and settlement of such claim; and (z) Ironclad has sole authority to defend or settle such claim, provided that it may not settle any claim in a manner that imposes any material liability upon Customer or requires Customer to admit wrongdoing.
- Injunctions. If Customer’s use of the Enterprise Services is, or in Ironclad’s opinion is likely to be, enjoined due to the type of claim specified in Section 8(a)(i), then Ironclad may at its sole option and expense: (i) replace or modify the Enterprise Services to make them non-infringing and of equivalent functionality; (ii) procure for Customer the right to continue using the Enterprise Services under the terms of this Agreement; or (iii) if Ironclad is unable to accomplish either (i) or (ii) despite using its commercially reasonable efforts, terminate Customer’s rights and Ironclad’s obligation under this Agreement with respect to such Enterprise Services and refund to Customer a pro-rata portion of the Fees paid for the remaining portion of the Term during which Customer would have had access to the Enterprise Services.
- Exclusions. Notwithstanding the terms of Section 8(a), Ironclad will have no liability for any claim of any kind to the extent that it results from: (i) the combination, operation or use of the Enterprise Services with equipment, devices, or software not supplied by Ironclad, if a claim would not have occurred but for such combination, operation or use; or (ii) Customer’s or an Authorized User’s use of the Enterprise Services other than in accordance with this Agreement.
- Sole Remedy. THE FOREGOING STATES IRONCLAD’S AND ITS LICENSORS’ SOLE LIABILITY AND CUSTOMER’S SOLE AND EXCLUSIVE REMEDY WITH RESPECT TO ANY ALLEGED OR ACTUAL INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY RIGHTS BY THE ENTERPRISE SERVICES.
- Indemnification by Customer. Customer will defend Ironclad, its officers, directors and employees, from and against any action or suit brought against Ironclad by a third party based on a claim that the Customer Data infringes or violates the rights of a third party. Customer will indemnify and hold harmless Ironclad from and against any damages and costs awarded against Ironclad or agreed in settlement by Customer (including reasonable attorneys’ fees) resulting from such claim, provided that (i) Ironclad provides Customer with prompt written notice of such claim; (ii) Ironclad provides reasonable cooperation to Customer, at Customer’s expense, in the defense and settlement of such claim; and (iii) Customer has sole authority to defend or settle such claim, provided that it may not settle any claim in a manner that imposes any material liability upon Ironclad or requires Ironclad to admit wrongdoing.
- Exclusion of Damages. To the fullest extent permitted by law, except for Excluded Claims (as defined below in Section 9(c) and for which there will be no cap on liability), neither Customer nor Ironclad, and its Affiliates and suppliers, will be liable under this Agreement for (i) indirect, special, incidental, consequential, exemplary, or punitive damages; or (ii) loss of use, data, business, revenues, or profits (in each case whether direct or indirect), even if the party knew or should have known that such damages were possible, even if a remedy fails of its essential purpose, and regardless of the type of action or theory of liability.
- Total Liability. To the fullest extent permitted by law, except for Excluded Claims (for which there shall be no cap on liability) or Special Claims (which are subject to the Enhanced Liability Cap set forth in Section 9(d)), neither party’s aggregate liability under this Agreement will exceed the greater of $100,000 or the amount paid by Customer to Ironclad during the twelve months prior to the event giving rise to liability.
- Excluded Claims. “Excluded Claims” means: (i) any intentional misconduct or gross negligence by either party; (ii) any amounts payable to third parties pursuant to Ironclad’s IP Indemnity obligations under Section 8(a)(i); or (iii) any amounts payable to third parties pursuant to Customer’s indemnification obligations under Section 8(e) (Indemnification by Customer).
- Special Claims. “Special Claims” means (i) any breach by Ironclad of Section 2(e) (Customer Data), Section 2(f) (Information Security), or Section 5 (Confidentiality) resulting in unauthorized disclosure and misuse of Customer Data; or (ii) any amounts payable to third parties pursuant to Ironclad’s Data Indemnity obligations under Section 8(a)(ii). For any and all Special Claims, Ironclad’s aggregate liability shall be subject to an enhanced liability cap not to exceed ten times (10x) the amount paid by Customer to Ironclad during the twelve months prior to the event giving rise to liability (the “Enhanced Liability Cap”).
- Governing Law. This Agreement will be governed by the laws of the State of California, without regard to its conflict of law provisions. Any legal action or proceeding relating to this Agreement will be brought exclusively in the state or federal courts located in San Francisco, CA. Ironclad and Customer hereby agree to submit to the jurisdiction of, and agree that venue is proper in, those courts in any such legal action or proceeding.
- Order of Preference. In the event of a conflict between the Enterprise Services Agreement and Order Form, the order of preference will be the Enterprise Services Agreement, then the Order Form, unless the Special Contractual Terms section of the Order Form clearly specifies that it modifies the Enterprise Services Agreement.
- Waiver. The waiver by either party of any default or breach of this Agreement will not constitute a waiver of any other or subsequent default or breach. No waiver of any provision of this Agreement will be effective unless it is in writing and signed by the party granting the waiver.
- Notices. Notices will be sent to the addresses set forth in the Order Form. The notices will be deemed to have been given upon: (i) the date actually delivered in person; (ii) the day after the date sent by overnight courier; (iii) three (3) days following the date such notice was mailed by first class mail; or (iv) the date sent by email to Ironclad at legal@ironcladhq.com or Customer at the Customer’s email address specified in the Order Form.
- Severability. In the event any provision of this Agreement is held to be invalid or unenforceable, the remaining provisions of this Agreement will remain in full force and effect.
- Force Majeure. Neither party will be liable hereunder by reason of any failure or delay in the performance of its obligations hereunder (except for the payment of money owed) on account of events beyond the reasonable control of such party, which may include without limitation denial-of-service attacks, strikes, shortages, riots, insurrection, fires, flood, storm, explosions, pandemics, acts of God, war, terrorism, governmental action, labor conditions, earthquakes, rolling blackouts, and internet connectivity disruptions.
- Relationship Between the Parties. Nothing in this Agreement will be construed to create a partnership, joint venture or agency relationship between the parties.
- Assignment. Neither party may assign its rights or obligations under this Agreement without the other party’s prior written consent. Notwithstanding the foregoing, either party may assign its rights and obligations under this Agreement to an Affiliate as part of a reorganization, or to a purchaser of its business entity or substantially all of its assets or business to which rights and obligations pertain without the other party’s consent, provided that: (a) the purchaser is not insolvent or otherwise unable to pay its debts as they become due; (b) the purchaser is not a competitor of the other party; and (c) any assignee is bound hereby. Other than the foregoing, any attempt by either party to transfer its rights or obligations under this Agreement will be void.
- Entire Agreement. This Agreement (including any Exhibits hereto) constitutes the complete and exclusive agreement between the parties concerning its subject matter and supersedes all prior or contemporaneous agreements or understandings, written or oral, concerning the subject matter of this Agreement.
- Amendment. This Agreement may not be modified or amended except in a writing signed by a duly authorized representative of each party.
- No Third-Party Beneficiaries. This Agreement is intended for the sole and exclusive benefit of the signatories and is not intended to benefit any third party. Only the parties to this Agreement may enforce it.
- Defined Terms.
- “Emergency Maintenance” means maintenance performed to fix critical functionality, vulnerabilities, or material defects that may substantially impair the usability or performance of the CLM Services.
- “Excused Maintenance” means Emergency Maintenance and Scheduled Maintenance.
- “Scheduled Availability Time” means twenty-four (24) hours a day, seven (7) days a week, excluding: (i) Excused Maintenance, (ii) any downtime due to defects caused by Customer, one of its vendors, third party connections, utilities, or equipment, or caused by other forces beyond the reasonable control of Ironclad (such as denial of service attacks, internet or third-party service outages or outages with respect to Customer’s network or internet access).
- “Scheduled Maintenance” is any system maintenance performed during a Maintenance Window. The Maintenance Window, if one is scheduled, will be available at https://status.ironcladapp.com/ at least two weeks prior to the Maintenance Window.
- “Service Credits” are credits for which Customer may be eligible if Ironclad fails to meet the Target Uptime. The availability of the CLM Services per calendar month and corresponding Service Credits are set forth in the table below.
Availability Per Calendar Month | Service Credit |
< 99.7% - >= 99.0% | 1% of the Annual Subscription Fee |
< 99.0% - >= 95.0% | 2% of the Annual Subscription Fee |
< 95.0% | 3% of the Annual Subscription Fee |
- “Service Credit Request” means a request to Ironclad at support@ironcladhq.com stating that Customer believes that Ironclad has failed to meet the Target Uptime.
- Target Uptime. During the Term of the Agreement, Ironclad will use all commercially reasonable efforts to make the CLM Services available and operational to the Customer for 99.7% of the Scheduled Availability Time (the “Target Uptime”). If Ironclad does not meet the Target Uptime, and if Customer meets its obligations below, Customer will be eligible to receive the applicable Service Credits.
- Service Credits. To receive a Service Credit, Customer must issue a Service Credit Request within 7 days of the last day of the month in which Customer believes Ironclad’s failure to meet the Target Uptime occurred. Promptly after receipt of a Service Credit Request, Ironclad will investigate the request and notify Customer that either: (i) a Service Credit is due; or (ii) no Service Credit is due and state the basis of this determination. If Ironclad determines a Service Credit is due, then Ironclad will apply the applicable Service Credits to Customer’s account for future fees due. Service Credits have no cash value and are Customer's sole and exclusive remedy for any failure by Ironclad to meet the Target Uptime.
- Defined Terms.
- “Activity API” means the portions of the Clickwrap Services that programmatically display contracts inside of a web page or mobile app, retrieve acceptance data for individual users, and send acceptance of contracts.
- “Emergency Maintenance” means maintenance performed to fix critical functionality, vulnerabilities, or material defects that may substantially impair the usability or performance of the Clickwrap Services.
- “Excused Maintenance” means Emergency Maintenance and Scheduled Maintenance.
- “REST API” means the portions of the Clickwrap Services that are accessed programmatically for integrations into third party applications.
- “Scheduled Availability Time” means twenty-four (24) hours a day, seven (7) days a week, excluding: (i) Excused Maintenance, (ii) any downtime due to defects caused by Customer, one of its vendors, third party connections, utilities, or equipment, or caused by other forces beyond the reasonable control of Ironclad (such as denial of service attacks, internet or third-party service outages or outages with respect to Customer’s network or internet access).
- “Scheduled Maintenance” is any system maintenance performed during a Maintenance Window. The Maintenance Window, if one is scheduled, will be available at https://status.pactsafe.com/ at least two weeks prior to the Maintenance Window.
- “Service Credits” are credits for which Customer may be eligible if Ironclad fails to meet the Target Uptime. The availability of the Clickwrap Services per calendar month and corresponding Service Credits are set forth in the table below.
Availability Per Calendar Month | Service Credit |
< 99.5% - >= 99.0% | 1% of the Annual Subscription Fee |
< 99.0% - >= 95.0% | 2% of the Annual Subscription Fee |
< 95.0% | 3% of the Annual Subscription Fee |
- “Service Credit Request” means a request to Ironclad at support@ironcladhq.com stating that Customer believes that Ironclad has failed to meet the Target Uptime.
- “Application User Interface” means the dashboard portion of the Clickwrap Services accessed via the Internet through a web browser to create and publish contracts, download electronic records of acceptance, and send contracts.
- Target Uptime. During the Term of the Agreement, Ironclad will use all commercially reasonable efforts to make the Application User Interface, REST API, and Activity API available and operational to the Customer for 99.5% of the Scheduled Availability Time (the “Target Uptime”), as tracked by each such measure on https://status.pactsafe.com/. If Ironclad does not meet the Target Uptime as to any of the three measures, and if Customer meets its obligations below, Customer will be eligible to receive the applicable Service Credits.
- Service Credits. To receive a Service Credit, Customer must issue a Service Credit Request within 7 days of the last day of the month in which Customer believes Ironclad’s failure to meet the Target Uptime occurred. Promptly after receipt of a Service Credit Request, Ironclad will investigate the request and notify Customer that either: (i) a Service Credit is due; or (ii) no Service Credit is due and state the basis of this determination. If Ironclad determines a Service Credit is due, then Ironclad will apply the applicable Service Credits to Customer’s account for future fees due. Service Credits have no cash value and are Customer's sole and exclusive remedy for any failure by Ironclad to meet the Target Uptime.
- Maintenance. Ironclad will make available to Customer all generally available updates and bug fixes to the Enterprise Services. Ironclad will take commercially reasonable efforts to perform Scheduled Maintenance during off-peak hours.
- Support. Ironclad is available to receive Enterprise Services support inquiries via email (support@ironcladhq.com). Ironclad’s support hours are 08:00 AM to 8:00 PM Eastern Standard Time Monday through Friday (excluding standard U.S. holidays) for technical information, technical advice, and technical consultation regarding Customer’s use of the Enterprise Services.
- Help Center Access. Customer shall have 24x7 access to our online Help Center (https://support.ironcladapp.com) for any best practices, integration instructions, or product questions.
- Email & Web Form Cases. Customer shall have the ability to submit support requests 24x7 through email (support@ironcladhq.com) or the web form accessible via the Ironclad website or Help Center (https://support.ironcladapp.com).
Effective November 18th 2022 to December 19th 2022
DownloadTable of Contents
- DEFINITIONS
- “Affiliate” means a legal entity that controls, is controlled by, or is under common control with a party, where “control” is defined as owning more than 50% of the voting shares of such entity.
- “Agreement” means this Enterprise Services Agreement, any Exhibits, and each Order Form(s).
- “Authorized User” means an employee or contractor of Customer or its Affiliates that Customer has registered to access and use the Enterprise Services.
- “Confidential Information” means any business or technical information disclosed by one party to the other party, including Customer Data, provided that it is identified as confidential at the time of disclosure or that under the circumstances, a person exercising reasonable business judgment would understand it to be confidential or proprietary.
- “Customer Data” means the data and information input or uploaded into the Enterprise Services by Customer or Authorized Users.
- “Enterprise Services” means the cloud-based web platform delivered and accessible through https://www.ironcladapp.com that provides contract management and workflow-related services (the “CLM Services”), and/or the cloud-based web platform delivered and accessible through Ironclad’s website located at: https://app.pactsafe.com that provides contract acceptance, clickwrap, and legal term-management-related services (the “Clickwrap Services”), and the services performed by Ironclad to configure and rollout the platform(s) to Customer and Authorized Users, as described in an applicable Order Form.
- “Order Form” means the document that Customer uses to order the Enterprise Services that is signed by both Customer and Ironclad.
- “Intellectual Property Rights” means patent rights (including, without limitation, patent applications and disclosures), copyrights, trade secrets, moral rights, know-how, and any other intellectual property rights recognized in any country or jurisdiction.
- ENTERPRISE SERVICES
- Enterprise Services. Customer and its Authorized Users may access and use the Enterprise Services solely for Customer’s own business purposes in accordance with the Agreement.
- Cooperation and Assistance. Customer will cooperate with Ironclad in good faith and provide to Ironclad the information and personnel that Ironclad reasonably requests and requires to provide the Enterprise Services. Customer, at its option, may utilize certain third-party software and services with the Enterprise Services and is responsible for acquiring and maintaining all such third-party software and services required to access, use, or integrate with the Enterprise Services, including all costs related to the foregoing.
- Authorized Users. Customer will keep its user IDs and passwords for the Enterprise Services confidential and will be responsible for all actions taken under an Authorized User’s account. Customer will comply with all applicable laws, rules and regulations in connection with its use of the Enterprise Services. Customer will promptly notify Ironclad of any suspected violation of this Agreement by an Authorized User and will cooperate with Ironclad to address the suspected violation. Ironclad may suspend an Authorized User’s access to the Enterprise Services upon notice to Customer in the event that Ironclad reasonably determines that such Authorized User violated this Agreement.
- Restrictions. Customer will not allow anyone other than Authorized Users to access or use the Enterprise Services from Customer’s accounts. Customer will not and will ensure that its Authorized Users do not: (i) attempt to interfere with or disrupt the Enterprise Services (or any related systems or networks) or use the Enterprise Services other than directly for Customer’s benefit; (ii) copy, modify or distribute any portion of the Enterprise Services; (iii) rent, lease, or resell the Enterprise Services; (iv) transfer any of its rights hereunder; or (v) reverse-engineer or access the Enterprise Services in order to build a competitive product or service.
- Customer Data. Customer is responsible for obtaining any necessary right and licenses for use of the Customer Data by Customer and Ironclad as contemplated in this Agreement. Customer agrees that it has the legal right and authority to access, use and disclose to Ironclad any Customer Data. Customer authorizes Ironclad to access, process, and use the Customer Data as necessary to perform and fulfill its obligations hereunder. Ironclad will process and maintain Customer Data consistent with the Data Processing Addendum located at https://legal.ironcladapp.com/#dpa on the Effective Date and hereby incorporated by reference.
- Information Security. Ironclad will use commercially reasonable and industry standard technical and organizational measures designed to prevent unauthorized access, use, alteration or disclosure of the Enterprise Services or Customer Data.
- Usage Data. Ironclad may collect and analyze data and other information relating to the provision, use and performance of the Enterprise Services and related systems and technologies therefrom (“Usage Data”) in order to improve and enhance the Enterprise Services. Insights drawn from Usage Data may be disclosed to Customer and other users of the Enterprise Services in connection with their respective use of the Enterprise Services; provided that, if Ironclad discloses insights drawn from Usage Data, then all Usage Data in such disclosures will be anonymized and aggregated, will not identify Customer or Customer’s users, and will not be disclosed in a manner that would permit a third party to determine Customer’s or Customer’s users’ identity.
- Electronic Signatures. Customer acknowledges and agrees that: (i) as between Ironclad and Customer, Customer has exclusive control and responsibility for the content, quality, and format of any documents used with the Enterprise Services; (ii) certain types of documents, agreements, or contracts may be excluded from general electronic signature laws (such as wills, trusts, court orders, or family law matters), or may have specific regulations that are applicable to them; and, (iii) Customer is solely responsible for ensuring that the documents, agreements or contracts it uses with the Enterprise Services are appropriate for electronic signatures, and Ironclad is not responsible or liable for any such determination or use; (iv) Consumer protection laws or regulations may impose specific requirements for electronic transactions involving consumers, Customer is solely responsible for ensuring it complies with all such laws/regulations, and Ironclad has no obligations to make such determination or assist with fulfilling any requirements therein; (v) Ironclad is not responsible for determining how long any contracts, documents, or other records are required to be retained or stored under any applicable laws; and (vi) Ironclad is not responsible for or liable to produce any of Customer’s contracts or other documents to any third parties. If Customer is using an API or other service that allows Customer to perform any end user/participant/signer authentication, then Customer is solely responsible and liable for such authentication.
- Fees. Customer will pay to Ironclad the fees in accordance with the terms set forth in the applicable Order Form(s) and this Section 3.
- Invoices; Payment. Ironclad will invoice Customer annually in advance for the Enterprise Services and each invoice will be due and payable in accordance with the Order Form. All payment obligations are non-cancellable, and other than as provided in the Agreement, all amounts paid are non-refundable. If any undisputed amounts payable by Customer are still outstanding more than fifteen (15) days after Customer receives notice of non-payment, Ironclad will be entitled, in its sole discretion, to withhold performance and discontinue Customer’s access to the Enterprise Services until all undisputed amounts past due are paid in full.
- Taxes. All Fees and other amounts stated or referred to in this Agreement are exclusive of all taxes, duties, levies, tariffs, and other governmental charges (collectively, “Taxes”). Customer will be responsible for payment of all Taxes and any related interest and/or penalties resulting from any payments made hereunder, other than any taxes based on Ironclad’s net income. If Ironclad has the legal obligation to pay or collect Taxes for which Customer is responsible, the appropriate amount shall be invoiced to and paid by Customer unless Customer provides Ironclad with a valid tax exemption certificate authorized by the appropriate taxing authority.
- Customer owns and retains: (i) the Customer Data; (ii) Customer’s name, logo and other trademarks; and (iii) all Intellectual Property Rights in and to any of the foregoing.
- Ironclad owns and retains: (i) the Enterprise Services, and all improvements, enhancements or modifications made by any party; (ii) the Usage Data; (iii) any software, applications, inventions or other technology developed by Ironclad in connection with providing the Enterprise Services; (iv) Ironclad’s name, logo, and other trademarks; and (v) all Intellectual Property Rights in and to any of the foregoing.
- Use and Nondisclosure. A receiving party will not use the disclosing party’s Confidential Information except as necessary under this Agreement and will not disclose Confidential Information to any third party except: (a) to those of its employees and contractors who have a business need to know such Confidential Information; provided that each such employee and contractor is bound to confidentiality restrictions at least as restrictive as the terms set forth in this Agreement or (b) as further described in the Data Processing Addendum. Each receiving party will protect the disclosing party’s Confidential Information from unauthorized use and disclosure using efforts equivalent to the efforts that the receiving party uses with respect to its own confidential information and in no event less than a reasonable standard of care. The provisions of this Section 5(a) will remain in effect during the Term and for a period of five (5) years after the expiration or termination thereof, except with regard to trade secrets of the disclosing party, which will be held in confidence for as long as such information remains a trade secret.
- Exclusions. The obligations and restrictions set forth in Section 5(a) will not apply to any information that: (i) is or becomes generally known to the public through no fault of or breach of this Agreement by the receiving party; (ii) is rightfully known by the receiving party at the time of disclosure; (iii) is independently developed by the receiving party without access to the disclosing party’s Confidential Information; or (iv) the receiving party rightfully obtains from a third party who has the right to disclose such information without breach of any confidentiality obligation to the disclosing party.
- Permitted Disclosures. The provisions of this Section 5 will not restrict either party from disclosing the other party’s Confidential Information: (i) pursuant to the order or requirement of a court, administrative agency, or other governmental body; provided that to the extent legally permitted, the party required to make such a disclosure gives reasonable notice to the other party to enable it to contest such order or requirement or limit the scope of such request; (ii) on a confidential basis to its legal or professional financial advisors; (iii) as required under applicable securities regulations.
- Injunctive Relief. The receiving party acknowledges that disclosure of Confidential Information could cause substantial harm for which damages alone may not be a sufficient remedy, and therefore that upon any such disclosure by the receiving party, the disclosing party will be entitled to seek appropriate equitable relief in addition to whatever other remedies it might have at law.
- WARRANTY
- Warranty for Enterprise Services. Ironclad warrants solely to Customer that (i) the Enterprise Services will materially conform to the description set forth in this Agreement and the applicable Order Form; and (ii) the Enterprise Services will materially comply with all applicable laws, including federal, state, and local; in each case under normal use and circumstances when used consistently with the terms of this Agreement. As Ironclad’s sole and exclusive liability and Customer’s sole and exclusive remedy for any breach of the warranties set forth in this Section 6(a) Ironclad will use commercially reasonable efforts to modify the Enterprise Services to correct the non-conformity.
- Disclaimer. EXCEPT AS EXPRESSLY PROVIDED IN SECTION 6(a), IRONCLAD MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND WHATSOEVER, EXPRESS OR IMPLIED, IN CONNECTION WITH THIS AGREEMENT OR THE ENTERPRISE SERVICES AND IRONCLAD HEREBY DISCLAIMS ANY IMPLIED WARRANTIES OF MERCHANTABILITY, ACCURACY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT, AND ANY WARRANTIES ARISING FROM COURSE OF DEALING OR USAGE OF TRADE. IRONCLAD DISCLAIMS ANY WARRANTY THAT THE ENTERPRISE SERVICES WILL BE ERROR FREE OR UNINTERRUPTED OR THAT ALL ERRORS WILL BE CORRECTED. NO ADVICE OR INFORMATION, WHETHER ORAL OR WRITTEN, OBTAINED FROM IRONCLAD OR ELSEWHERE SHALL CREATE ANY WARRANTY NOT EXPRESSLY STATED IN THIS AGREEMENT. Customer assumes sole responsibility and liability for results obtained from the use of the Enterprise Services and for conclusions drawn from such use. Ironclad will have no liability for any claims, losses, or damages caused by errors or omissions in any Customer Data or other information provided to Ironclad by Customer in connection with the Enterprise Services or any actions taken by Ironclad at Customer’s direction. Ironclad will have no liability for any claims, losses or damages arising out of or in connection with Customer’s or any Authorized User’s use of any third-party products, services, software or web sites that Customer may choose to integrate or use with the Enterprise Services.
- TERM AND TERMINATION
- Term. This Agreement will commence on the Effective Date and continue for the period specified in the Order Form (the “Term”), unless terminated earlier as provided in this Agreement.
- Termination for Cause. Either party may terminate this Agreement upon written notice if the other party breaches any material terms of this Agreement and fails to correct the breach within thirty (30) days following written notice from the non-breaching party specifying the breach.
- Rights and Obligations Upon Expiration or Termination. Upon expiration or termination of this Agreement, Customer’s and Authorized Users’ right to access and use the Enterprise Services will immediately terminate and each will immediately cease all use of the Enterprise Services. Upon expiration or termination of this Agreement, Ironclad will deliver a then-current export of the Customer Data to Customer.
- Survival. The rights and obligations of Ironclad and Customer contained in Sections 2(g) (Usage Data), 3 (Fees; Expenses; Taxes), 4 (Proprietary Rights), 5 (Confidentiality), 7(c) (Rights and Obligations Upon Expiration or Termination), 7(d) (Survival), 8 (Indemnification), 9 (Limitation of Liability), and 10 (General) will survive any expiration or termination of this Agreement.
- Indemnification by Ironclad. Ironclad will defend Customer, its officers, directors and employees, from and against any suit or action brought by a third-party against Customer: (i) alleging that the Enterprise Services, as provided by Ironclad and when used by Customer pursuant to this Agreement, infringes any Intellectual Property Right of a third party (the “IP Indemnity”); or (ii) resulting from unauthorized disclosure and misuse of Customer Data directly resulting from Ironclad’s breach of its obligations under Section 2(e) (Customer Data) or Section 2(f) (Information Security) (the “Data Indemnity”). Ironclad shall indemnify and hold harmless Customer from and against any damages and costs awarded against Customer or agreed in settlement by Ironclad (including reasonable attorneys’ fees) resulting from such claim, provided that: (x) Customer provides Ironclad with prompt written notice of such claim; (ii) Customer provides reasonable cooperation to Ironclad, at Ironclad’s expense, in the defense and settlement of such claim; and (y) Ironclad has sole authority to defend or settle such claim, provided that it may not settle any claim in a manner that imposes any material liability upon Customer or requires Customer to admit wrongdoing.
- Injunctions. If Customer’s use of the Enterprise Services is, or in Ironclad’s opinion is likely to be, enjoined due to the type of claim specified in Section 8(a)(i), then Ironclad may at its sole option and expense: (i) replace or modify the Enterprise Services to make them non-infringing and of equivalent functionality; (ii) procure for Customer the right to continue using the Enterprise Services under the terms of this Agreement; or (iii) if Ironclad is unable to accomplish either (i) or (ii) despite using its commercially reasonable efforts, terminate Customer’s rights and Ironclad’s obligation under this Agreement with respect to such Enterprise Services and refund to Customer a pro-rata portion of the Fees paid for the remaining portion of the Term during which Customer would have had access to the Enterprise Services.
- Exclusions. Notwithstanding the terms of Section 8(a), Ironclad will have no liability for any claim of any kind to the extent that it results from: (i) the combination, operation or use of the Enterprise Services with equipment, devices, or software not supplied by Ironclad, if a claim would not have occurred but for such combination, operation or use; or (ii) Customer’s or an Authorized User’s use of the Enterprise Services other than in accordance with this Agreement.
- Sole Remedy. THE FOREGOING STATES IRONCLAD’S AND ITS LICENSORS’ SOLE LIABILITY AND CUSTOMER’S SOLE AND EXCLUSIVE REMEDY WITH RESPECT TO ANY ALLEGED OR ACTUAL INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY RIGHTS BY THE ENTERPRISE SERVICES.
- Indemnification by Customer. Customer will defend Ironclad, its officers, directors and employees, from and against any action or suit brought against Ironclad by a third party based on a claim that the Customer Data infringes or violates the rights of a third party. Customer will indemnify and hold harmless Ironclad from and against any damages and costs awarded against Ironclad or agreed in settlement by Customer (including reasonable attorneys’ fees) resulting from such claim, provided that (i) Ironclad provides Customer with prompt written notice of such claim; (ii) Ironclad provides reasonable cooperation to Customer, at Customer’s expense, in the defense and settlement of such claim; and (iii) Customer has sole authority to defend or settle such claim, provided that it may not settle any claim in a manner that imposes any material liability upon Ironclad or requires Ironclad to admit wrongdoing.
- Exclusion of Damages. To the fullest extent permitted by law, except for Excluded Claims (as defined below in Section 9(c) and for which there will be no cap on liability), neither Customer nor Ironclad, and its Affiliates and suppliers, will be liable under this Agreement for (i) indirect, special, incidental, consequential, exemplary, or punitive damages; or (ii) loss of use, data, business, revenues, or profits (in each case whether direct or indirect), even if the party knew or should have known that such damages were possible, even if a remedy fails of its essential purpose, and regardless of the type of action or theory of liability.
- Total Liability. To the fullest extent permitted by law, except for Excluded Claims (for which there shall be no cap on liability) or Special Claims (which are subject to the Enhanced Liability Cap set forth in Section 9(d)), neither party’s aggregate liability under this Agreement will exceed the greater of $100,000 or the amount paid by Customer to Ironclad during the twelve months prior to the event giving rise to liability.
- Excluded Claims. “Excluded Claims” means: (i) any intentional misconduct or gross negligence by either party; (ii) any amounts payable to third parties pursuant to Ironclad’s IP Indemnity obligations under Section 8(a)(i); or (iii) any amounts payable to third parties pursuant to Customer’s indemnification obligations under Section 8(e) (Indemnification by Customer).
- Special Claims. “Special Claims” means (i) any breach by Ironclad of Section 2(e) (Customer Data), Section 2(f) (Information Security), or Section 5 (Confidentiality) resulting in unauthorized disclosure and misuse of Customer Data; or (ii) any amounts payable to third parties pursuant to Ironclad’s Data Indemnity obligations under Section 8(a)(ii). For any and all Special Claims, Ironclad’s aggregate liability shall be subject to an enhanced liability cap not to exceed ten times (10x) the amount paid by Customer to Ironclad during the twelve months prior to the event giving rise to liability (the “Enhanced Liability Cap”).
- Governing Law. This Agreement will be governed by the laws of the State of California, without regard to its conflict of law provisions. Any legal action or proceeding relating to this Agreement will be brought exclusively in the state or federal courts located in San Francisco, CA. Ironclad and Customer hereby agree to submit to the jurisdiction of, and agree that venue is proper in, those courts in any such legal action or proceeding.
- Order of Preference. In the event of a conflict between the Enterprise Services Agreement and Order Form, the order of preference will be the Enterprise Services Agreement, then the Order Form, unless the Special Contractual Terms section of the Order Form clearly specifies that it modifies the Enterprise Services Agreement.
- Waiver. The waiver by either party of any default or breach of this Agreement will not constitute a waiver of any other or subsequent default or breach. No waiver of any provision of this Agreement will be effective unless it is in writing and signed by the party granting the waiver.
- Notices. Notices will be sent to the addresses set forth in the Order Form. The notices will be deemed to have been given upon: (i) the date actually delivered in person; (ii) the day after the date sent by overnight courier; (iii) three (3) days following the date such notice was mailed by first class mail; or (iv) the date sent by email to Ironclad at legal@ironcladhq.com or Customer at the Customer’s email address specified in the Order Form.
- Severability. In the event any provision of this Agreement is held to be invalid or unenforceable, the remaining provisions of this Agreement will remain in full force and effect.
- Force Majeure. Neither party will be liable hereunder by reason of any failure or delay in the performance of its obligations hereunder (except for the payment of money owed) on account of events beyond the reasonable control of such party, which may include without limitation denial-of-service attacks, strikes, shortages, riots, insurrection, fires, flood, storm, explosions, pandemics, acts of God, war, terrorism, governmental action, labor conditions, earthquakes, rolling blackouts, and internet connectivity disruptions.
- Relationship Between the Parties. Nothing in this Agreement will be construed to create a partnership, joint venture or agency relationship between the parties.
- Assignment. Neither party may assign its rights or obligations under this Agreement without the other party’s prior written consent. Notwithstanding the foregoing, either party may assign its rights and obligations under this Agreement to an Affiliate as part of a reorganization, or to a purchaser of its business entity or substantially all of its assets or business to which rights and obligations pertain without the other party’s consent, provided that: (a) the purchaser is not insolvent or otherwise unable to pay its debts as they become due; (b) the purchaser is not a competitor of the other party; and (c) any assignee is bound hereby. Other than the foregoing, any attempt by either party to transfer its rights or obligations under this Agreement will be void.
- Entire Agreement. This Agreement (including any Exhibits hereto) constitutes the complete and exclusive agreement between the parties concerning its subject matter and supersedes all prior or contemporaneous agreements or understandings, written or oral, concerning the subject matter of this Agreement.
- Amendment. This Agreement may not be modified or amended except in a writing signed by a duly authorized representative of each party.
- No Third-Party Beneficiaries. This Agreement is intended for the sole and exclusive benefit of the signatories and is not intended to benefit any third party. Only the parties to this Agreement may enforce it.
- Defined Terms.
- “Emergency Maintenance” means maintenance performed to fix critical functionality, vulnerabilities, or material defects that may substantially impair the usability or performance of the CLM Services.
- “Excused Maintenance” means Emergency Maintenance and Scheduled Maintenance.
- “Scheduled Availability Time” means twenty-four (24) hours a day, seven (7) days a week, excluding: (i) Excused Maintenance, (ii) any downtime due to defects caused by Customer, one of its vendors, third party connections, utilities, or equipment, or caused by other forces beyond the reasonable control of Ironclad (such as denial of service attacks, internet or third-party service outages or outages with respect to Customer’s network or internet access).
- “Scheduled Maintenance” is any system maintenance performed during a Maintenance Window. The Maintenance Window, if one is scheduled, will be available at https://status.ironcladapp.com/ at least two weeks prior to the Maintenance Window.
- “Service Credits” are credits for which Customer may be eligible if Ironclad fails to meet the Target Uptime. The availability of the CLM Services per calendar month and corresponding Service Credits are set forth in the table below.
Availability Per Calendar Month | Service Credit |
< 99.7% - >= 99.0% | 1% of the Annual Subscription Fee |
< 99.0% - >= 95.0% | 2% of the Annual Subscription Fee |
< 95.0% | 3% of the Annual Subscription Fee |
- “Service Credit Request” means a request to Ironclad at support@ironcladhq.com stating that Customer believes that Ironclad has failed to meet the Target Uptime.
- Target Uptime. During the Term of the Agreement, Ironclad will use all commercially reasonable efforts to make the CLM Services available and operational to the Customer for 99.7% of the Scheduled Availability Time (the “Target Uptime”). If Ironclad does not meet the Target Uptime, and if Customer meets its obligations below, Customer will be eligible to receive the applicable Service Credits.
- Service Credits. To receive a Service Credit, Customer must issue a Service Credit Request within 7 days of the last day of the month in which Customer believes Ironclad’s failure to meet the Target Uptime occurred. Promptly after receipt of a Service Credit Request, Ironclad will investigate the request and notify Customer that either: (i) a Service Credit is due; or (ii) no Service Credit is due and state the basis of this determination. If Ironclad determines a Service Credit is due, then Ironclad will apply the applicable Service Credits to Customer’s account for future fees due. Service Credits have no cash value and are Customer's sole and exclusive remedy for any failure by Ironclad to meet the Target Uptime.
- Defined Terms.
- “Activity API” means the portions of the Clickwrap Services that programmatically display contracts inside of a web page or mobile app, retrieve acceptance data for individual users, and send acceptance of contracts.
- “Emergency Maintenance” means maintenance performed to fix critical functionality, vulnerabilities, or material defects that may substantially impair the usability or performance of the Clickwrap Services.
- “Excused Maintenance” means Emergency Maintenance and Scheduled Maintenance.
- “REST API” means the portions of the Clickwrap Services that are accessed programmatically for integrations into third party applications.
- “Scheduled Availability Time” means twenty-four (24) hours a day, seven (7) days a week, excluding: (i) Excused Maintenance, (ii) any downtime due to defects caused by Customer, one of its vendors, third party connections, utilities, or equipment, or caused by other forces beyond the reasonable control of Ironclad (such as denial of service attacks, internet or third-party service outages or outages with respect to Customer’s network or internet access).
- “Scheduled Maintenance” is any system maintenance performed during a Maintenance Window. The Maintenance Window, if one is scheduled, will be available at https://status.pactsafe.com/ at least two weeks prior to the Maintenance Window.
- “Service Credits” are credits for which Customer may be eligible if Ironclad fails to meet the Target Uptime. The availability of the Clickwrap Services per calendar month and corresponding Service Credits are set forth in the table below.
Availability Per Calendar Month | Service Credit |
< 99.5% - >= 99.0% | 1% of the Annual Subscription Fee |
< 99.0% - >= 95.0% | 2% of the Annual Subscription Fee |
< 95.0% | 3% of the Annual Subscription Fee |
- “Service Credit Request” means a request to Ironclad at support@ironcladhq.com stating that Customer believes that Ironclad has failed to meet the Target Uptime.
- “Application User Interface” means the dashboard portion of the Clickwrap Services accessed via the Internet through a web browser to create and publish contracts, download electronic records of acceptance, and send contracts.
- Target Uptime. During the Term of the Agreement, Ironclad will use all commercially reasonable efforts to make the Application User Interface, REST API, and Activity API available and operational to the Customer for 99.5% of the Scheduled Availability Time (the “Target Uptime”), as tracked by each such measure on https://status.pactsafe.com/. If Ironclad does not meet the Target Uptime as to any of the three measures, and if Customer meets its obligations below, Customer will be eligible to receive the applicable Service Credits.
- Service Credits. To receive a Service Credit, Customer must issue a Service Credit Request within 7 days of the last day of the month in which Customer believes Ironclad’s failure to meet the Target Uptime occurred. Promptly after receipt of a Service Credit Request, Ironclad will investigate the request and notify Customer that either: (i) a Service Credit is due; or (ii) no Service Credit is due and state the basis of this determination. If Ironclad determines a Service Credit is due, then Ironclad will apply the applicable Service Credits to Customer’s account for future fees due. Service Credits have no cash value and are Customer's sole and exclusive remedy for any failure by Ironclad to meet the Target Uptime.
- Maintenance. Ironclad will make available to Customer all generally available updates and bug fixes to the Enterprise Services. Ironclad will take commercially reasonable efforts to perform Scheduled Maintenance during off-peak hours.
- Support. Ironclad is available to receive Enterprise Services support inquiries via email (support@ironcladhq.com). Ironclad’s support hours are 08:00 AM to 8:00 PM Eastern Standard Time Monday through Friday (excluding standard U.S. holidays) for technical information, technical advice, and technical consultation regarding Customer’s use of the Enterprise Services.
- Help Center Access. Customer shall have 24x7 access to our online Help Center (https://support.ironcladapp.com) for any best practices, integration instructions, or product questions.
- Email & Web Form Cases. Customer shall have the ability to submit support requests 24x7 through email (support@ironcladhq.com) or the web form accessible via the Ironclad website or Help Center (https://support.ironcladapp.com).
Effective November 18th 2022 to November 18th 2022
DownloadTable of Contents
- DEFINITIONS
- “Affiliate” means a legal entity that controls, is controlled by, or is under common control with a party, where “control” is defined as owning more than 50% of the voting shares of such entity.
- “Agreement” means this Enterprise Services Agreement, any Exhibits, and each Order Form(s).
- “Authorized User” means an employee or contractor of Customer or its Affiliates that Customer has registered to access and use the Enterprise Services.
- “Confidential Information” means any business or technical information disclosed by one party to the other party, including Customer Data, provided that it is identified as confidential at the time of disclosure or that under the circumstances, a person exercising reasonable business judgment would understand it to be confidential or proprietary.
- “Customer Data” means the data and information input or uploaded into the Enterprise Services by Customer or Authorized Users.
- “Enterprise Services” means the cloud-based web platform delivered and accessible through https://www.ironcladapp.com that provides contract management and workflow-related services (the “CLM Services”), and/or the cloud-based web platform delivered and accessible through Ironclad’s website located at: https://app.pactsafe.com that provides contract acceptance, clickwrap, and legal term-management-related services (the “Clickwrap Services”), and the services performed by Ironclad to configure and rollout the platform(s) to Customer and Authorized Users, as described in an applicable Order Form.
- “Order Form” means the document that Customer uses to order the Enterprise Services that is signed by both Customer and Ironclad.
- “Intellectual Property Rights” means patent rights (including, without limitation, patent applications and disclosures), copyrights, trade secrets, moral rights, know-how, and any other intellectual property rights recognized in any country or jurisdiction.
- ENTERPRISE SERVICES
- Enterprise Services. Customer and its Authorized Users may access and use the Enterprise Services solely for Customer’s own business purposes in accordance with the Agreement.
- Cooperation and Assistance. Customer will cooperate with Ironclad in good faith and provide to Ironclad the information and personnel that Ironclad reasonably requests and requires to provide the Enterprise Services. Customer, at its option, may utilize certain third-party software and services with the Enterprise Services and is responsible for acquiring and maintaining all such third-party software and services required to access, use, or integrate with the Enterprise Services, including all costs related to the foregoing.
- Authorized Users. Customer will keep its user IDs and passwords for the Enterprise Services confidential and will be responsible for all actions taken under an Authorized User’s account. Customer will comply with all applicable laws, rules and regulations in connection with its use of the Enterprise Services. Customer will promptly notify Ironclad of any suspected violation of this Agreement by an Authorized User and will cooperate with Ironclad to address the suspected violation. Ironclad may suspend an Authorized User’s access to the Enterprise Services upon notice to Customer in the event that Ironclad reasonably determines that such Authorized User violated this Agreement.
- Restrictions. Customer will not allow anyone other than Authorized Users to access or use the Enterprise Services from Customer’s accounts. Customer will not and will ensure that its Authorized Users do not: (i) attempt to interfere with or disrupt the Enterprise Services (or any related systems or networks) or use the Enterprise Services other than directly for Customer’s benefit; (ii) copy, modify or distribute any portion of the Enterprise Services; (iii) rent, lease, or resell the Enterprise Services; (iv) transfer any of its rights hereunder; or (v) reverse-engineer or access the Enterprise Services in order to build a competitive product or service.
- Customer Data. Customer is responsible for obtaining any necessary right and licenses for use of the Customer Data by Customer and Ironclad as contemplated in this Agreement. Customer agrees that it has the legal right and authority to access, use and disclose to Ironclad any Customer Data. Customer authorizes Ironclad to access, process, and use the Customer Data as necessary to perform and fulfill its obligations hereunder. Ironclad will process and maintain Customer Data consistent with the Data Processing Addendum located at https://legal.ironcladapp.com/#dpa on the Effective Date and hereby incorporated by reference.
- Information Security. Ironclad will use commercially reasonable and industry standard technical and organizational measures designed to prevent unauthorized access, use, alteration or disclosure of the Enterprise Services or Customer Data.
- Usage Data. Ironclad may collect and analyze data and other information relating to the provision, use and performance of the Enterprise Services and related systems and technologies therefrom (“Usage Data”) in order to improve and enhance the Enterprise Services. Insights drawn from Usage Data may be disclosed to Customer and other users of the Enterprise Services in connection with their respective use of the Enterprise Services; provided that, if Ironclad discloses insights drawn from Usage Data, then all Usage Data in such disclosures will be anonymized and aggregated, will not identify Customer or Customer’s users, and will not be disclosed in a manner that would permit a third party to determine Customer’s or Customer’s users’ identity.
- Electronic Signatures. Customer acknowledges and agrees that: (i) as between Ironclad and Customer, Customer has exclusive control and responsibility for the content, quality, and format of any documents used with the Enterprise Services; (ii) certain types of documents, agreements, or contracts may be excluded from general electronic signature laws (such as wills, trusts, court orders, or family law matters), or may have specific regulations that are applicable to them; and, (iii) Customer is solely responsible for ensuring that the documents, agreements or contracts it uses with the Enterprise Services are appropriate for electronic signatures, and Ironclad is not responsible or liable for any such determination or use; (iv) Consumer protection laws or regulations may impose specific requirements for electronic transactions involving consumers, Customer is solely responsible for ensuring it complies with all such laws/regulations, and Ironclad has no obligations to make such determination or assist with fulfilling any requirements therein; (v) Ironclad is not responsible for determining how long any contracts, documents, or other records are required to be retained or stored under any applicable laws; and (vi) Ironclad is not responsible for or liable to produce any of Customer’s contracts or other documents to any third parties. If Customer is using an API or other service that allows Customer to perform any end user/participant/signer authentication, then Customer is solely responsible and liable for such authentication.
- Fees. Customer will pay to Ironclad the fees in accordance with the terms set forth in the applicable Order Form(s) and this Section 3.
- Invoices; Payment. Ironclad will invoice Customer annually in advance for the Enterprise Services and each invoice will be due and payable in accordance with the Order Form. All payment obligations are non-cancellable, and other than as provided in the Agreement, all amounts paid are non-refundable. If any undisputed amounts payable by Customer are still outstanding more than fifteen (15) days after Customer receives notice of non-payment, Ironclad will be entitled, in its sole discretion, to withhold performance and discontinue Customer’s access to the Enterprise Services until all undisputed amounts past due are paid in full.
- Taxes. All Fees and other amounts stated or referred to in this Agreement are exclusive of all taxes, duties, levies, tariffs, and other governmental charges (collectively, “Taxes”). Customer will be responsible for payment of all Taxes and any related interest and/or penalties resulting from any payments made hereunder, other than any taxes based on Ironclad’s net income. If Ironclad has the legal obligation to pay or collect Taxes for which Customer is responsible, the appropriate amount shall be invoiced to and paid by Customer unless Customer provides Ironclad with a valid tax exemption certificate authorized by the appropriate taxing authority.
- Customer owns and retains: (i) the Customer Data; (ii) Customer’s name, logo and other trademarks; and (iii) all Intellectual Property Rights in and to any of the foregoing.
- Ironclad owns and retains: (i) the Enterprise Services, and all improvements, enhancements or modifications made by any party; (ii) the Usage Data; (iii) any software, applications, inventions or other technology developed by Ironclad in connection with providing the Enterprise Services; (iv) Ironclad’s name, logo, and other trademarks; and (v) all Intellectual Property Rights in and to any of the foregoing.
- Use and Nondisclosure. A receiving party will not use the disclosing party’s Confidential Information except as necessary under this Agreement and will not disclose Confidential Information to any third party except: (a) to those of its employees and contractors who have a business need to know such Confidential Information; provided that each such employee and contractor is bound to confidentiality restrictions at least as restrictive as the terms set forth in this Agreement or (b) as further described in the Data Processing Addendum. Each receiving party will protect the disclosing party’s Confidential Information from unauthorized use and disclosure using efforts equivalent to the efforts that the receiving party uses with respect to its own confidential information and in no event less than a reasonable standard of care. The provisions of this Section 5(a) will remain in effect during the Term and for a period of five (5) years after the expiration or termination thereof, except with regard to trade secrets of the disclosing party, which will be held in confidence for as long as such information remains a trade secret.
- Exclusions. The obligations and restrictions set forth in Section 5(a) will not apply to any information that: (i) is or becomes generally known to the public through no fault of or breach of this Agreement by the receiving party; (ii) is rightfully known by the receiving party at the time of disclosure; (iii) is independently developed by the receiving party without access to the disclosing party’s Confidential Information; or (iv) the receiving party rightfully obtains from a third party who has the right to disclose such information without breach of any confidentiality obligation to the disclosing party.
- Permitted Disclosures. The provisions of this Section 5 will not restrict either party from disclosing the other party’s Confidential Information: (i) pursuant to the order or requirement of a court, administrative agency, or other governmental body; provided that to the extent legally permitted, the party required to make such a disclosure gives reasonable notice to the other party to enable it to contest such order or requirement or limit the scope of such request; (ii) on a confidential basis to its legal or professional financial advisors; (iii) as required under applicable securities regulations.
- Injunctive Relief. The receiving party acknowledges that disclosure of Confidential Information could cause substantial harm for which damages alone may not be a sufficient remedy, and therefore that upon any such disclosure by the receiving party, the disclosing party will be entitled to seek appropriate equitable relief in addition to whatever other remedies it might have at law.
- WARRANTY
- Warranty for Enterprise Services. Ironclad warrants solely to Customer that (i) the Enterprise Services will materially conform to the description set forth in this Agreement and the applicable Order Form; and (ii) the Enterprise Services will materially comply with all applicable laws, including federal, state, and local; in each case under normal use and circumstances when used consistently with the terms of this Agreement. As Ironclad’s sole and exclusive liability and Customer’s sole and exclusive remedy for any breach of the warranties set forth in this Section 6(a) Ironclad will use commercially reasonable efforts to modify the Enterprise Services to correct the non-conformity.
- Disclaimer. EXCEPT AS EXPRESSLY PROVIDED IN SECTION 6(a), IRONCLAD MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND WHATSOEVER, EXPRESS OR IMPLIED, IN CONNECTION WITH THIS AGREEMENT OR THE ENTERPRISE SERVICES AND IRONCLAD HEREBY DISCLAIMS ANY IMPLIED WARRANTIES OF MERCHANTABILITY, ACCURACY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT, AND ANY WARRANTIES ARISING FROM COURSE OF DEALING OR USAGE OF TRADE. IRONCLAD DISCLAIMS ANY WARRANTY THAT THE ENTERPRISE SERVICES WILL BE ERROR FREE OR UNINTERRUPTED OR THAT ALL ERRORS WILL BE CORRECTED. NO ADVICE OR INFORMATION, WHETHER ORAL OR WRITTEN, OBTAINED FROM IRONCLAD OR ELSEWHERE SHALL CREATE ANY WARRANTY NOT EXPRESSLY STATED IN THIS AGREEMENT. Customer assumes sole responsibility and liability for results obtained from the use of the Enterprise Services and for conclusions drawn from such use. Ironclad will have no liability for any claims, losses, or damages caused by errors or omissions in any Customer Data or other information provided to Ironclad by Customer in connection with the Enterprise Services or any actions taken by Ironclad at Customer’s direction. Ironclad will have no liability for any claims, losses or damages arising out of or in connection with Customer’s or any Authorized User’s use of any third-party products, services, software or web sites that Customer may choose to integrate or use with the Enterprise Services.
- TERM AND TERMINATION
- Term. This Agreement will commence on the Effective Date and continue for the period specified in the Order Form (the “Term”), unless terminated earlier as provided in this Agreement.
- Termination for Cause. Either party may terminate this Agreement upon written notice if the other party breaches any material terms of this Agreement and fails to correct the breach within thirty (30) days following written notice from the non-breaching party specifying the breach.
- Rights and Obligations Upon Expiration or Termination. Upon expiration or termination of this Agreement, Customer’s and Authorized Users’ right to access and use the Enterprise Services will immediately terminate and each will immediately cease all use of the Enterprise Services. Upon expiration or termination of this Agreement, Ironclad will deliver a then-current export of the Customer Data to Customer.
- Survival. The rights and obligations of Ironclad and Customer contained in Sections 2(g) (Usage Data), 3 (Fees; Expenses; Taxes), 4 (Proprietary Rights), 5 (Confidentiality), 7(c) (Rights and Obligations Upon Expiration or Termination), 7(d) (Survival), 8 (Indemnification), 9 (Limitation of Liability), and 10 (General) will survive any expiration or termination of this Agreement.
- Indemnification by Ironclad. Ironclad will defend Customer, its officers, directors and employees, from and against any suit or action brought by a third-party against Customer: (i) alleging that the Enterprise Services, as provided by Ironclad and when used by Customer pursuant to this Agreement, infringes any Intellectual Property Right of a third party (the “IP Indemnity”); or (ii) resulting from unauthorized disclosure and misuse of Customer Data directly resulting from Ironclad’s breach of its obligations under Section 2(e) (Customer Data) or Section 2(f) (Information Security) (the “Data Indemnity”). Ironclad shall indemnify and hold harmless Customer from and against any damages and costs awarded against Customer or agreed in settlement by Ironclad (including reasonable attorneys’ fees) resulting from such claim, provided that: (x) Customer provides Ironclad with prompt written notice of such claim; (ii) Customer provides reasonable cooperation to Ironclad, at Ironclad’s expense, in the defense and settlement of such claim; and (y) Ironclad has sole authority to defend or settle such claim, provided that it may not settle any claim in a manner that imposes any material liability upon Customer or requires Customer to admit wrongdoing.
- Injunctions. If Customer’s use of the Enterprise Services is, or in Ironclad’s opinion is likely to be, enjoined due to the type of claim specified in Section 8(a)(i), then Ironclad may at its sole option and expense: (i) replace or modify the Enterprise Services to make them non-infringing and of equivalent functionality; (ii) procure for Customer the right to continue using the Enterprise Services under the terms of this Agreement; or (iii) if Ironclad is unable to accomplish either (i) or (ii) despite using its commercially reasonable efforts, terminate Customer’s rights and Ironclad’s obligation under this Agreement with respect to such Enterprise Services and refund to Customer a pro-rata portion of the Fees paid for the remaining portion of the Term during which Customer would have had access to the Enterprise Services.
- Exclusions. Notwithstanding the terms of Section 8(a), Ironclad will have no liability for any claim of any kind to the extent that it results from: (i) the combination, operation or use of the Enterprise Services with equipment, devices, or software not supplied by Ironclad, if a claim would not have occurred but for such combination, operation or use; or (ii) Customer’s or an Authorized User’s use of the Enterprise Services other than in accordance with this Agreement.
- Sole Remedy. THE FOREGOING STATES IRONCLAD’S AND ITS LICENSORS’ SOLE LIABILITY AND CUSTOMER’S SOLE AND EXCLUSIVE REMEDY WITH RESPECT TO ANY ALLEGED OR ACTUAL INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY RIGHTS BY THE ENTERPRISE SERVICES.
- Indemnification by Customer. Customer will defend Ironclad, its officers, directors and employees, from and against any action or suit brought against Ironclad by a third party based on a claim that the Customer Data infringes or violates the rights of a third party. Customer will indemnify and hold harmless Ironclad from and against any damages and costs awarded against Ironclad or agreed in settlement by Customer (including reasonable attorneys’ fees) resulting from such claim, provided that (i) Ironclad provides Customer with prompt written notice of such claim; (ii) Ironclad provides reasonable cooperation to Customer, at Customer’s expense, in the defense and settlement of such claim; and (iii) Customer has sole authority to defend or settle such claim, provided that it may not settle any claim in a manner that imposes any material liability upon Ironclad or requires Ironclad to admit wrongdoing.
- Exclusion of Damages. To the fullest extent permitted by law, except for Excluded Claims (as defined below in Section 9(c) and for which there will be no cap on liability), neither Customer nor Ironclad, and its Affiliates and suppliers, will be liable under this Agreement for (i) indirect, special, incidental, consequential, exemplary, or punitive damages; or (ii) loss of use, data, business, revenues, or profits (in each case whether direct or indirect), even if the party knew or should have known that such damages were possible, even if a remedy fails of its essential purpose, and regardless of the type of action or theory of liability.
- Total Liability. To the fullest extent permitted by law, except for Excluded Claims (for which there shall be no cap on liability) or Special Claims (which are subject to the Enhanced Liability Cap set forth in Section 9(d)), neither party’s aggregate liability under this Agreement will exceed the greater of $100,000 or the amount paid by Customer to Ironclad during the twelve months prior to the event giving rise to liability.
- Excluded Claims. “Excluded Claims” means: (i) any intentional misconduct or gross negligence by either party; (ii) any amounts payable to third parties pursuant to Ironclad’s IP Indemnity obligations under Section 8(a)(i); or (iii) any amounts payable to third parties pursuant to Customer’s indemnification obligations under Section 8(e) (Indemnification by Customer).
- Special Claims. “Special Claims” means (i) any breach by Ironclad of Section 2(e) (Customer Data), Section 2(f) (Information Security), or Section 5 (Confidentiality) resulting in unauthorized disclosure and misuse of Customer Data; or (ii) any amounts payable to third parties pursuant to Ironclad’s Data Indemnity obligations under Section 8(a)(ii). For any and all Special Claims, Ironclad’s aggregate liability shall be subject to an enhanced liability cap not to exceed ten times (10x) the amount paid by Customer to Ironclad during the twelve months prior to the event giving rise to liability (the “Enhanced Liability Cap”).
- Governing Law. This Agreement will be governed by the laws of the State of California, without regard to its conflict of law provisions. Any legal action or proceeding relating to this Agreement will be brought exclusively in the state or federal courts located in San Francisco, CA. Ironclad and Customer hereby agree to submit to the jurisdiction of, and agree that venue is proper in, those courts in any such legal action or proceeding.
- Order of Preference. In the event of a conflict between the Enterprise Services Agreement and Order Form, the order of preference will be the Enterprise Services Agreement, then the Order Form, unless the Special Contractual Terms section of the Order Form clearly specifies that it modifies the Enterprise Services Agreement.
- Waiver. The waiver by either party of any default or breach of this Agreement will not constitute a waiver of any other or subsequent default or breach. No waiver of any provision of this Agreement will be effective unless it is in writing and signed by the party granting the waiver.
- Notices. Notices will be sent to the addresses set forth in the Order Form. The notices will be deemed to have been given upon: (i) the date actually delivered in person; (ii) the day after the date sent by overnight courier; (iii) three (3) days following the date such notice was mailed by first class mail; or (iv) the date sent by email to Ironclad at legal@ironcladhq.com or Customer at the Customer’s email address specified in the Order Form.
- Severability. In the event any provision of this Agreement is held to be invalid or unenforceable, the remaining provisions of this Agreement will remain in full force and effect.
- Force Majeure. Neither party will be liable hereunder by reason of any failure or delay in the performance of its obligations hereunder (except for the payment of money owed) on account of events beyond the reasonable control of such party, which may include without limitation denial-of-service attacks, strikes, shortages, riots, insurrection, fires, flood, storm, explosions, pandemics, acts of God, war, terrorism, governmental action, labor conditions, earthquakes, rolling blackouts, and internet connectivity disruptions.
- Relationship Between the Parties. Nothing in this Agreement will be construed to create a partnership, joint venture or agency relationship between the parties.
- Assignment. Neither party may assign its rights or obligations under this Agreement without the other party’s prior written consent. Notwithstanding the foregoing, either party may assign its rights and obligations under this Agreement to an Affiliate as part of a reorganization, or to a purchaser of its business entity or substantially all of its assets or business to which rights and obligations pertain without the other party’s consent, provided that: (a) the purchaser is not insolvent or otherwise unable to pay its debts as they become due; (b) the purchaser is not a competitor of the other party; and (c) any assignee is bound hereby. Other than the foregoing, any attempt by either party to transfer its rights or obligations under this Agreement will be void.
- Entire Agreement. This Agreement (including any Exhibits hereto) constitutes the complete and exclusive agreement between the parties concerning its subject matter and supersedes all prior or contemporaneous agreements or understandings, written or oral, concerning the subject matter of this Agreement.
- Amendment. This Agreement may not be modified or amended except in a writing signed by a duly authorized representative of each party.
- No Third-Party Beneficiaries. This Agreement is intended for the sole and exclusive benefit of the signatories and is not intended to benefit any third party. Only the parties to this Agreement may enforce it.
- Defined Terms.
- “Emergency Maintenance” means maintenance performed to fix critical functionality, vulnerabilities, or material defects that may substantially impair the usability or performance of the CLM Services.
- “Excused Maintenance” means Emergency Maintenance and Scheduled Maintenance.
- “Scheduled Availability Time” means twenty-four (24) hours a day, seven (7) days a week, excluding: (i) Excused Maintenance, (ii) any downtime due to defects caused by Customer, one of its vendors, third party connections, utilities, or equipment, or caused by other forces beyond the reasonable control of Ironclad (such as denial of service attacks, internet or third-party service outages or outages with respect to Customer’s network or internet access).
- “Scheduled Maintenance” is any system maintenance performed during a Maintenance Window. The Maintenance Window, if one is scheduled, will be available at https://status.ironcladapp.com/ at least two weeks prior to the Maintenance Window.
- “Service Credits” are credits for which Customer may be eligible if Ironclad fails to meet the Target Uptime. The availability of the CLM Services per calendar month and corresponding Service Credits are set forth in the table below.
Availability Per Calendar Month | Service Credit |
< 99.7% - >= 99.0% | 1% of the Annual Subscription Fee |
< 99.0% - >= 95.0% | 2% of the Annual Subscription Fee |
< 95.0% | 3% of the Annual Subscription Fee |
- “Service Credit Request” means a request to Ironclad at support@ironcladhq.com stating that Customer believes that Ironclad has failed to meet the Target Uptime.
- Target Uptime. During the Term of the Agreement, Ironclad will use all commercially reasonable efforts to make the CLM Services available and operational to the Customer for 99.7% of the Scheduled Availability Time (the “Target Uptime”). If Ironclad does not meet the Target Uptime, and if Customer meets its obligations below, Customer will be eligible to receive the applicable Service Credits.
- Service Credits. To receive a Service Credit, Customer must issue a Service Credit Request within 7 days of the last day of the month in which Customer believes Ironclad’s failure to meet the Target Uptime occurred. Promptly after receipt of a Service Credit Request, Ironclad will investigate the request and notify Customer that either: (i) a Service Credit is due; or (ii) no Service Credit is due and state the basis of this determination. If Ironclad determines a Service Credit is due, then Ironclad will apply the applicable Service Credits to Customer’s account for future fees due. Service Credits have no cash value and are Customer's sole and exclusive remedy for any failure by Ironclad to meet the Target Uptime.
- Defined Terms.
- “Activity API” means the portions of the Clickwrap Services that programmatically display contracts inside of a web page or mobile app, retrieve acceptance data for individual users, and send acceptance of contracts.
- “Emergency Maintenance” means maintenance performed to fix critical functionality, vulnerabilities, or material defects that may substantially impair the usability or performance of the Clickwrap Services.
- “Excused Maintenance” means Emergency Maintenance and Scheduled Maintenance.
- “REST API” means the portions of the Clickwrap Services that are accessed programmatically for integrations into third party applications.
- “Scheduled Availability Time” means twenty-four (24) hours a day, seven (7) days a week, excluding: (i) Excused Maintenance, (ii) any downtime due to defects caused by Customer, one of its vendors, third party connections, utilities, or equipment, or caused by other forces beyond the reasonable control of Ironclad (such as denial of service attacks, internet or third-party service outages or outages with respect to Customer’s network or internet access).
- “Scheduled Maintenance” is any system maintenance performed during a Maintenance Window. The Maintenance Window, if one is scheduled, will be available at https://status.pactsafe.com/ at least two weeks prior to the Maintenance Window.
- “Service Credits” are credits for which Customer may be eligible if Ironclad fails to meet the Target Uptime. The availability of the Clickwrap Services per calendar month and corresponding Service Credits are set forth in the table below.
Availability Per Calendar Month | Service Credit |
< 99.5% - >= 99.0% | 1% of the Annual Subscription Fee |
< 99.0% - >= 95.0% | 2% of the Annual Subscription Fee |
< 95.0% | 3% of the Annual Subscription Fee |
- “Service Credit Request” means a request to Ironclad at support@ironcladhq.com stating that Customer believes that Ironclad has failed to meet the Target Uptime.
- “Application User Interface” means the dashboard portion of the Clickwrap Services accessed via the Internet through a web browser to create and publish contracts, download electronic records of acceptance, and send contracts.
- Target Uptime. During the Term of the Agreement, Ironclad will use all commercially reasonable efforts to make the Application User Interface, REST API, and Activity API available and operational to the Customer for 99.5% of the Scheduled Availability Time (the “Target Uptime”), as tracked by each such measure on https://status.pactsafe.com/. If Ironclad does not meet the Target Uptime as to any of the three measures, and if Customer meets its obligations below, Customer will be eligible to receive the applicable Service Credits.
- Service Credits. To receive a Service Credit, Customer must issue a Service Credit Request within 7 days of the last day of the month in which Customer believes Ironclad’s failure to meet the Target Uptime occurred. Promptly after receipt of a Service Credit Request, Ironclad will investigate the request and notify Customer that either: (i) a Service Credit is due; or (ii) no Service Credit is due and state the basis of this determination. If Ironclad determines a Service Credit is due, then Ironclad will apply the applicable Service Credits to Customer’s account for future fees due. Service Credits have no cash value and are Customer's sole and exclusive remedy for any failure by Ironclad to meet the Target Uptime.
- Maintenance. Ironclad will make available to Customer all generally available updates and bug fixes to the Enterprise Services. Ironclad will take commercially reasonable efforts to perform Scheduled Maintenance during off-peak hours.
- Support. Ironclad is available to receive Enterprise Services support inquiries via email (support@ironcladhq.com). Ironclad’s support hours are 08:00 AM to 8:00 PM Eastern Standard Time Monday through Friday (excluding standard U.S. holidays) for technical information, technical advice, and technical consultation regarding Customer’s use of the Enterprise Services.
- Help Center Access. Customer shall have 24x7 access to our online Help Center (https://support.ironcladapp.com) for any best practices, integration instructions, or product questions.
- Email & Web Form Cases. Customer shall have the ability to submit support requests 24x7 through email (support@ironcladhq.com) or the web form accessible via the Ironclad website or Help Center (https://support.ironcladapp.com).
Effective October 25th 2022 to November 18th 2022
DownloadTable of Contents
- DEFINITIONS
- “Affiliate” means a legal entity that controls, is controlled by, or is under common control with a party, where “control” is defined as owning more than 50% of the voting shares of such entity.
- “Agreement” means this Enterprise Services Agreement, any Exhibits, and each Order Form(s).
- “Authorized User” means an employee or contractor of Customer or its Affiliates that Customer has registered to access and use the Enterprise Services.
- “Confidential Information” means any business or technical information disclosed by one party to the other party, including Customer Data, provided that it is identified as confidential at the time of disclosure or that under the circumstances, a person exercising reasonable business judgment would understand it to be confidential or proprietary.
- “Customer Data” means the data and information input or uploaded into the Enterprise Services by Customer or Authorized Users.
- “Enterprise Services” means the cloud-based web platform delivered and accessible through https://www.ironcladapp.com that provides contract management and workflow-related services (the “CLM Services”), and/or the cloud-based web platform delivered and accessible through Ironclad’s website located at: https://app.pactsafe.com that provides contract acceptance, clickwrap, and legal term-management-related services (the “Clickwrap Services”), and the services performed by Ironclad to configure and rollout the platform(s) to Customer and Authorized Users, as described in an applicable Order Form.
- “Order Form” means the document that Customer uses to order the Enterprise Services that is signed by both Customer and Ironclad.
- “Intellectual Property Rights” means patent rights (including, without limitation, patent applications and disclosures), copyrights, trade secrets, moral rights, know-how, and any other intellectual property rights recognized in any country or jurisdiction.
- ENTERPRISE SERVICES
- Enterprise Services. Customer and its Authorized Users may access and use the Enterprise Services solely for Customer’s own business purposes in accordance with the Agreement.
- Cooperation and Assistance. Customer will cooperate with Ironclad in good faith and provide to Ironclad the information and personnel that Ironclad reasonably requests and requires to provide the Enterprise Services. Customer, at its option, may utilize certain third-party software and services with the Enterprise Services and is responsible for acquiring and maintaining all such third-party software and services required to access, use, or integrate with the Enterprise Services, including all costs related to the foregoing.
- Authorized Users. Customer will keep its user IDs and passwords for the Enterprise Services confidential and will be responsible for all actions taken under an Authorized User’s account. Customer will comply with all applicable laws, rules and regulations in connection with its use of the Enterprise Services. Customer will promptly notify Ironclad of any suspected violation of this Agreement by an Authorized User and will cooperate with Ironclad to address the suspected violation. Ironclad may suspend an Authorized User’s access to the Enterprise Services upon notice to Customer in the event that Ironclad reasonably determines that such Authorized User violated this Agreement.
- Restrictions. Customer will not allow anyone other than Authorized Users to access or use the Enterprise Services from Customer’s accounts. Customer will not and will ensure that its Authorized Users do not: (i) attempt to interfere with or disrupt the Enterprise Services (or any related systems or networks) or use the Enterprise Services other than directly for Customer’s benefit; (ii) copy, modify or distribute any portion of the Enterprise Services; (iii) rent, lease, or resell the Enterprise Services; (iv) transfer any of its rights hereunder; or (v) reverse-engineer or access the Enterprise Services in order to build a competitive product or service.
- Customer Data. Customer is responsible for obtaining any necessary right and licenses for use of the Customer Data by Customer and Ironclad as contemplated in this Agreement. Customer agrees that it has the legal right and authority to access, use and disclose to Ironclad any Customer Data. Customer authorizes Ironclad to access, process, and use the Customer Data as necessary to perform and fulfill its obligations hereunder. Ironclad will process and maintain Customer Data consistent with the Data Processing Addendum located at https://legal.ironcladapp.com/#dpa on the Effective Date and hereby incorporated by reference.
- Information Security. Ironclad will use commercially reasonable and industry standard technical and organizational measures designed to prevent unauthorized access, use, alteration or disclosure of the Enterprise Services or Customer Data.
- Usage Data. Ironclad may collect and analyze data and other information relating to the provision, use and performance of the Enterprise Services and related systems and technologies therefrom (“Usage Data”) in order to improve and enhance the Enterprise Services. Insights drawn from Usage Data may be disclosed to Customer and other users of the Enterprise Services in connection with their respective use of the Enterprise Services; provided that, if Ironclad discloses insights drawn from Usage Data, then all Usage Data in such disclosures will be anonymized and aggregated, will not identify Customer or Customer’s users, and will not be disclosed in a manner that would permit a third party to determine Customer’s or Customer’s users’ identity.
- Electronic Signatures. Customer acknowledges and agrees that: (i) as between Ironclad and Customer, Customer has exclusive control and responsibility for the content, quality, and format of any documents used with the Enterprise Services; (ii) certain types of documents, agreements, or contracts may be excluded from general electronic signature laws (such as wills, trusts, court orders, or family law matters), or may have specific regulations that are applicable to them; and, (iii) Customer is solely responsible for ensuring that the documents, agreements or contracts it uses with the Enterprise Services are appropriate for electronic signatures, and Ironclad is not responsible or liable for any such determination or use; (iv) Consumer protection laws or regulations may impose specific requirements for electronic transactions involving consumers, Customer is solely responsible for ensuring it complies with all such laws/regulations, and Ironclad has no obligations to make such determination or assist with fulfilling any requirements therein; (v) Ironclad is not responsible for determining how long any contracts, documents, or other records are required to be retained or stored under any applicable laws; and (vi) Ironclad is not responsible for or liable to produce any of Customer’s contracts or other documents to any third parties. If Customer is using an API or other service that allows Customer to perform any end user/participant/signer authentication, then Customer is solely responsible and liable for such authentication.
- Fees. Customer will pay to Ironclad the Fees in accordance with the terms set forth in the applicable Order Form(s) and this Section 3.
- Invoices; Payment. Unless otherwise set forth in an Order Form, Ironclad will invoice Customer annually in advance for the Enterprise Services and each invoice will be due and payable within thirty (30) days of receipt by Customer. All payment obligations are non-cancellable, and other than as provided in the Agreement, all amounts paid are non-refundable. If any undisputed amounts payable by Customer are still outstanding more than fifteen (15) days after Customer receives notice of non-payment, Ironclad will be entitled, in its sole discretion, to withhold performance and discontinue Customer’s access to the Enterprise Services until all undisputed amounts past due are paid in full.
- Taxes. All Fees and other amounts stated or referred to in this Agreement are exclusive of all taxes, duties, levies, tariffs, and other governmental charges (collectively, “Taxes”). Customer will be responsible for payment of all Taxes and any related interest and/or penalties resulting from any payments made hereunder, other than any taxes based on Ironclad’s net income. If Ironclad has the legal obligation to pay or collect Taxes for which Customer is responsible, the appropriate amount shall be invoiced to and paid by Customer unless Customer provides Ironclad with a valid tax exemption certificate authorized by the appropriate taxing authority.
- Customer owns and retains: (i) the Customer Data; (ii) Customer’s name, logo and other trademarks; and (iii) all Intellectual Property Rights in and to any of the foregoing.
- Ironclad owns and retains: (i) the Enterprise Services, and all improvements, enhancements or modifications made by any party; (ii) the Usage Data; (iii) any software, applications, inventions or other technology developed by Ironclad in connection with providing the Enterprise Services; (iv) Ironclad’s name, logo, and other trademarks; and (v) all Intellectual Property Rights in and to any of the foregoing.
- Use and Nondisclosure. A receiving party will not use the disclosing party’s Confidential Information except as necessary under this Agreement and will not disclose Confidential Information to any third party except: (a) to those of its employees and contractors who have a business need to know such Confidential Information; provided that each such employee and contractor is bound to confidentiality restrictions at least as restrictive as the terms set forth in this Agreement or (b) as further described in the Data Processing Addendum. Each receiving party will protect the disclosing party’s Confidential Information from unauthorized use and disclosure using efforts equivalent to the efforts that the receiving party uses with respect to its own confidential information and in no event less than a reasonable standard of care. The provisions of this Section 5(a) will remain in effect during the Term and for a period of five (5) years after the expiration or termination thereof, except with regard to trade secrets of the disclosing party, which will be held in confidence for as long as such information remains a trade secret.
- Exclusions. The obligations and restrictions set forth in Section 5(a) will not apply to any information that: (i) is or becomes generally known to the public through no fault of or breach of this Agreement by the receiving party; (ii) is rightfully known by the receiving party at the time of disclosure; (iii) is independently developed by the receiving party without access to the disclosing party’s Confidential Information; or (iv) the receiving party rightfully obtains from a third party who has the right to disclose such information without breach of any confidentiality obligation to the disclosing party.
- Permitted Disclosures. The provisions of this Section 5 will not restrict either party from disclosing the other party’s Confidential Information: (i) pursuant to the order or requirement of a court, administrative agency, or other governmental body; provided that to the extent legally permitted, the party required to make such a disclosure gives reasonable notice to the other party to enable it to contest such order or requirement or limit the scope of such request; (ii) on a confidential basis to its legal or professional financial advisors; (iii) as required under applicable securities regulations.
- Injunctive Relief. The receiving party acknowledges that disclosure of Confidential Information could cause substantial harm for which damages alone may not be a sufficient remedy, and therefore that upon any such disclosure by the receiving party, the disclosing party will be entitled to seek appropriate equitable relief in addition to whatever other remedies it might have at law.
- WARRANTY
- Warranty for Enterprise Services. Ironclad warrants solely to Customer that (i) the Enterprise Services will materially conform to the description set forth in this Agreement and the Applicable Order Form; and (ii) the Enterprise Services will materially comply with all applicable laws, including federal, state, and local; in each case under normal use and circumstances when used consistently with the terms of this Agreement. As Ironclad’s sole and exclusive liability and Customer’s sole and exclusive remedy for any breach of the warranties set forth in this Section 6(a) Ironclad will use commercially reasonable efforts to modify the Enterprise Services to correct the non-conformity.
- Disclaimer. EXCEPT AS EXPRESSLY PROVIDED IN SECTION 6(a), IRONCLAD MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND WHATSOEVER, EXPRESS OR IMPLIED, IN CONNECTION WITH THIS AGREEMENT OR THE ENTERPRISE SERVICES AND IRONCLAD HEREBY DISCLAIMS ANY IMPLIED WARRANTIES OF MERCHANTABILITY, ACCURACY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT, AND ANY WARRANTIES ARISING FROM COURSE OF DEALING OR USAGE OF TRADE. IRONCLAD DISCLAIMS ANY WARRANTY THAT THE ENTERPRISE SERVICES WILL BE ERROR FREE OR UNINTERRUPTED OR THAT ALL ERRORS WILL BE CORRECTED. NO ADVICE OR INFORMATION, WHETHER ORAL OR WRITTEN, OBTAINED FROM IRONCLAD OR ELSEWHERE SHALL CREATE ANY WARRANTY NOT EXPRESSLY STATED IN THIS AGREEMENT. Customer assumes sole responsibility and liability for results obtained from the use of the Enterprise Services and for conclusions drawn from such use. Ironclad will have no liability for any claims, losses, or damages caused by errors or omissions in any Customer Data or other information provided to Ironclad by Customer in connection with the Enterprise Services or any actions taken by Ironclad at Customer’s direction. Ironclad will have no liability for any claims, losses or damages arising out of or in connection with Customer’s or any Authorized User’s use of any third-party products, services, software or web sites that Customer may choose to integrate or use with the Enterprise Services.
- TERM AND TERMINATION
- Term. This Agreement will commence on the Effective Date and continue for the period specified in the Order Form (the “Term”), unless terminated earlier as provided in this Agreement. Unless otherwise set forth in an Order Form, Ironclad may modify the applicable fees upon prior written notice to Customer at least sixty (60) days prior to the end of the then-current term, provided that the modified fees will not apply until the next renewal term.
- Termination for Cause. Either party may terminate this Agreement upon written notice if the other party breaches any material terms of this Agreement and fails to correct the breach within thirty (30) days following written notice from the non-breaching party specifying the breach.
- Rights and Obligations Upon Expiration or Termination. Upon expiration or termination of this Agreement, Customer’s and Authorized Users’ right to access and use the Enterprise Services will immediately terminate and each will immediately cease all use of the Enterprise Services. Upon expiration or termination of this Agreement, Ironclad will deliver a then-current export of the Customer Data to Customer.
- Survival. The rights and obligations of Ironclad and Customer contained in Sections 2(g) (Usage Data), 3 (Fees; Expenses; Taxes), 4 (Proprietary Rights), 5 (Confidentiality), 7(c) (Rights and Obligations Upon Expiration or Termination), 7(d) (Survival), 8 (Indemnification), 9 (Limitation of Liability), and 10 (General) will survive any expiration or termination of this Agreement.
- Indemnification by Ironclad. Ironclad will defend Customer, its officers, directors and employees, from and against any suit or action brought by a third-party against Customer: (i) alleging that the Enterprise Services, as provided by Ironclad and when used by Customer pursuant to this Agreement, infringes any Intellectual Property Right of a third party (the “IP Indemnity”); or (ii) resulting from unauthorized disclosure and misuse of Customer Data directly resulting from Ironclad’s breach of its obligations under Section 2(e) (Customer Data) or Section 2(f) (Information Security) (the “Data Indemnity”). Ironclad shall indemnify and hold harmless Customer from and against any damages and costs awarded against Customer or agreed in settlement by Ironclad (including reasonable attorneys’ fees) resulting from such claim, provided that: (x) Customer provides Ironclad with prompt written notice of such claim; (ii) Customer provides reasonable cooperation to Ironclad, at Ironclad’s expense, in the defense and settlement of such claim; and (y) Ironclad has sole authority to defend or settle such claim, provided that it may not settle any claim in a manner that imposes any material liability upon Customer or requires Customer to admit wrongdoing.
- Injunctions. If Customer’s use of the Enterprise Services is, or in Ironclad’s opinion is likely to be, enjoined due to the type of claim specified in Section 8(a)(i), then Ironclad may at its sole option and expense: (i) replace or modify the Enterprise Services to make them non-infringing and of equivalent functionality; (ii) procure for Customer the right to continue using the Enterprise Services under the terms of this Agreement; or (iii) if Ironclad is unable to accomplish either (i) or (ii) despite using its commercially reasonable efforts, terminate Customer’s rights and Ironclad’s obligation under this Agreement with respect to such Enterprise Services and refund to Customer a pro-rata portion of the Fees paid for the remaining portion of the Term during which Customer would have had access to the Enterprise Services.
- Exclusions. Notwithstanding the terms of Section 8(a), Ironclad will have no liability for any claim of any kind to the extent that it results from: (i) the combination, operation or use of the Enterprise Services with equipment, devices, or software not supplied by Ironclad, if a claim would not have occurred but for such combination, operation or use; or (ii) Customer’s or an Authorized User’s use of the Enterprise Services other than in accordance with this Agreement.
- Sole Remedy. THE FOREGOING STATES IRONCLAD’S AND ITS LICENSORS’ SOLE LIABILITY AND CUSTOMER’S SOLE AND EXCLUSIVE REMEDY WITH RESPECT TO ANY ALLEGED OR ACTUAL INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY RIGHTS BY THE ENTERPRISE SERVICES.
- Indemnification by Customer. Customer will defend Ironclad, its officers, directors and employees, from and against any action or suit brought against Ironclad by a third party based on a claim that the Customer Data infringes or violates the rights of a third party. Customer will indemnify and hold harmless Ironclad from and against any damages and costs awarded against Ironclad or agreed in settlement by Customer (including reasonable attorneys’ fees) resulting from such claim, provided that (i) Ironclad provides Customer with prompt written notice of such claim; (ii) Ironclad provides reasonable cooperation to Customer, at Customer’s expense, in the defense and settlement of such claim; and (iii) Customer has sole authority to defend or settle such claim, provided that it may not settle any claim in a manner that imposes any material liability upon Ironclad or requires Ironclad to admit wrongdoing.
- Exclusion of Damages. To the fullest extent permitted by law, except for Excluded Claims (as defined below in Section 9(c) and for which there will be no cap on liability), neither Customer nor Ironclad, and its Affiliates and suppliers, will be liable under this Agreement for (i) indirect, special, incidental, consequential, exemplary, or punitive damages; or (ii) loss of use, data, business, revenues, or profits (in each case whether direct or indirect), even if the party knew or should have known that such damages were possible, even if a remedy fails of its essential purpose, and regardless of the type of action or theory of liability.
- Total Liability. To the fullest extent permitted by law, except for Excluded Claims (for which there shall be no cap on liability) or Special Claims (which are subject to the Enhanced Liability Cap set forth in Section 9(d)), neither party’s aggregate liability under this Agreement will exceed the greater of $100,000 or the amount paid by Customer to Ironclad during the twelve months prior to the event giving rise to liability.
- Excluded Claims. “Excluded Claims” means: (i) any intentional misconduct or gross negligence by either party; (ii) any amounts payable to third parties pursuant to Ironclad’s IP Indemnity obligations under Section 8(a)(i); or (iii) any amounts payable to third parties pursuant to Customer’s indemnification obligations under Section 8(e) (Indemnification by Customer).
- Special Claims. “Special Claims” means (i) any breach by Ironclad of Section 2(e) (Customer Data), Section 2(f) (Information Security), or Section 5 (Confidentiality) resulting in unauthorized disclosure and misuse of Customer Data; or (ii) any amounts payable to third parties pursuant to Ironclad’s Data Indemnity obligations under Section 8(a)(ii). For any and all Special Claims, Ironclad’s aggregate liability shall be subject to an enhanced liability cap not to exceed ten times (10x) the amount paid by Customer to Ironclad during the twelve months prior to the event giving rise to liability (the “Enhanced Liability Cap”).
- Governing Law. This Agreement will be governed by the laws of the State of California, without regard to its conflict of law provisions. Any legal action or proceeding relating to this Agreement will be brought exclusively in the state or federal courts located in San Francisco, CA. Ironclad and Customer hereby agree to submit to the jurisdiction of, and agree that venue is proper in, those courts in any such legal action or proceeding.
- Order of Preference. In the event of a conflict between the Enterprise Services Agreement and Order Form, the order of preference will be the Enterprise Services Agreement, then the Order Form, unless the Special Contractual Terms section of the Order Form clearly specifies that it modifies the Enterprise Services Agreement.
- Waiver. The waiver by either party of any default or breach of this Agreement will not constitute a waiver of any other or subsequent default or breach. No waiver of any provision of this Agreement will be effective unless it is in writing and signed by the party granting the waiver.
- Notices. Notices will be sent to the addresses set forth in the Order Form. The notices will be deemed to have been given upon: (i) the date actually delivered in person; (ii) the day after the date sent by overnight courier; (iii) three (3) days following the date such notice was mailed by first class mail; or (iv) the date sent by email to Ironclad at legal@ironcladhq.com or Customer at the Customer’s email address specified in the Order Form.
- Severability. In the event any provision of this Agreement is held to be invalid or unenforceable, the remaining provisions of this Agreement will remain in full force and effect.
- Force Majeure. Neither party will be liable hereunder by reason of any failure or delay in the performance of its obligations hereunder (except for the payment of money owed) on account of events beyond the reasonable control of such party, which may include without limitation denial-of-service attacks, strikes, shortages, riots, insurrection, fires, flood, storm, explosions, pandemics, acts of God, war, terrorism, governmental action, labor conditions, earthquakes, rolling blackouts, and internet connectivity disruptions.
- Relationship Between the Parties. Nothing in this Agreement will be construed to create a partnership, joint venture or agency relationship between the parties.
- Assignment. Neither party may assign its rights or obligations under this Agreement without the other party’s prior written consent. Notwithstanding the foregoing, either party may assign its rights and obligations under this Agreement to an Affiliate as part of a reorganization, or to a purchaser of its business entity or substantially all of its assets or business to which rights and obligations pertain without the other party’s consent, provided that: (a) the purchaser is not insolvent or otherwise unable to pay its debts as they become due; (b) the purchaser is not a competitor of the other party; and (c) any assignee is bound hereby. Other than the foregoing, any attempt by either party to transfer its rights or obligations under this Agreement will be void.
- Entire Agreement. This Agreement (including any Exhibits hereto) constitutes the complete and exclusive agreement between the parties concerning its subject matter and supersedes all prior or contemporaneous agreements or understandings, written or oral, concerning the subject matter of this Agreement.
- Amendment. This Agreement may not be modified or amended except in a writing signed by a duly authorized representative of each party.
- No Third-Party Beneficiaries. This Agreement is intended for the sole and exclusive benefit of the signatories and is not intended to benefit any third party. Only the parties to this Agreement may enforce it.
- Defined Terms.
- “Emergency Maintenance” means maintenance performed to fix critical functionality, vulnerabilities, or material defects that may substantially impair the usability or performance of the CLM Services.
- “Excused Maintenance” means Emergency Maintenance and Scheduled Maintenance.
- “Scheduled Availability Time” means twenty-four (24) hours a day, seven (7) days a week, excluding: (i) Excused Maintenance, (ii) any downtime due to defects caused by Customer, one of its vendors, third party connections, utilities, or equipment, or caused by other forces beyond the reasonable control of Ironclad (such as denial of service attacks, internet or third-party service outages or outages with respect to Customer’s network or internet access).
- “Scheduled Maintenance” is any system maintenance performed during a Maintenance Window. The Maintenance Window, if one is scheduled, will be available at https://status.ironcladapp.com/ at least two weeks prior to the Maintenance Window.
- “Service Credits” are credits for which Customer may be eligible if Ironclad fails to meet the Target Uptime. The availability of the CLM Services per calendar month and corresponding Service Credits are set forth in the table below.
Availability Per Calendar Month | Service Credit |
< 99.7% - >= 99.0% | 1% of the Annual Subscription Fee |
< 99.0% - >= 95.0% | 2% of the Annual Subscription Fee |
< 95.0% | 3% of the Annual Subscription Fee |
- “Service Credit Request” means a request to Ironclad at support@ironcladhq.com stating that Customer believes that Ironclad has failed to meet the Target Uptime.
- Target Uptime. During the Term of the Agreement, Ironclad will use all commercially reasonable efforts to make the CLM Services available and operational to the Customer for 99.7% of the Scheduled Availability Time (the “Target Uptime”). If Ironclad does not meet the Target Uptime, and if Customer meets its obligations below, Customer will be eligible to receive the applicable Service Credits.
- Service Credits. To receive a Service Credit, Customer must issue a Service Credit Request within 7 days of the last day of the month in which Customer believes Ironclad’s failure to meet the Target Uptime occurred. Promptly after receipt of a Service Credit Request, Ironclad will investigate the request and notify Customer that either: (i) a Service Credit is due; or (ii) no Service Credit is due and state the basis of this determination. If Ironclad determines a Service Credit is due, then Ironclad will apply the applicable Service Credits to Customer’s account for future fees due. Service Credits have no cash value and are Customer's sole and exclusive remedy for any failure by Ironclad to meet the Target Uptime.
- Defined Terms.
- “Activity API” means the portions of the Clickwrap Services that programmatically display contracts inside of a web page or mobile app, retrieve acceptance data for individual users, and send acceptance of contracts.
- “Emergency Maintenance” means maintenance performed to fix critical functionality, vulnerabilities, or material defects that may substantially impair the usability or performance of the Clickwrap Services.
- “Excused Maintenance” means Emergency Maintenance and Scheduled Maintenance.
- “REST API” means the portions of the Clickwrap Services that are accessed programmatically for integrations into third party applications.
- “Scheduled Availability Time” means twenty-four (24) hours a day, seven (7) days a week, excluding: (i) Excused Maintenance, (ii) any downtime due to defects caused by Customer, one of its vendors, third party connections, utilities, or equipment, or caused by other forces beyond the reasonable control of Ironclad (such as denial of service attacks, internet or third-party service outages or outages with respect to Customer’s network or internet access).
- “Scheduled Maintenance” is any system maintenance performed during a Maintenance Window. The Maintenance Window, if one is scheduled, will be available at https://status.pactsafe.com/ at least two weeks prior to the Maintenance Window.
- “Service Credits” are credits for which Customer may be eligible if Ironclad fails to meet the Target Uptime. The availability of the Clickwrap Services per calendar month and corresponding Service Credits are set forth in the table below.
Availability Per Calendar Month | Service Credit |
< 99.5% - >= 99.0% | 1% of the Annual Subscription Fee |
< 99.0% - >= 95.0% | 2% of the Annual Subscription Fee |
< 95.0% | 3% of the Annual Subscription Fee |
- “Service Credit Request” means a request to Ironclad at support@ironcladhq.com stating that Customer believes that Ironclad has failed to meet the Target Uptime.
- “Application User Interface” means the dashboard portion of the Clickwrap Services accessed via the Internet through a web browser to create and publish contracts, download electronic records of acceptance, and send contracts.
- Target Uptime. During the Term of the Agreement, Ironclad will use all commercially reasonable efforts to make the Application User Interface, REST API, and Activity API available and operational to the Customer for 99.5% of the Scheduled Availability Time (the “Target Uptime”), as tracked by each such measure on https://status.pactsafe.com/. If Ironclad does not meet the Target Uptime as to any of the three measures, and if Customer meets its obligations below, Customer will be eligible to receive the applicable Service Credits.
- Service Credits. To receive a Service Credit, Customer must issue a Service Credit Request within 7 days of the last day of the month in which Customer believes Ironclad’s failure to meet the Target Uptime occurred. Promptly after receipt of a Service Credit Request, Ironclad will investigate the request and notify Customer that either: (i) a Service Credit is due; or (ii) no Service Credit is due and state the basis of this determination. If Ironclad determines a Service Credit is due, then Ironclad will apply the applicable Service Credits to Customer’s account for future fees due. Service Credits have no cash value and are Customer's sole and exclusive remedy for any failure by Ironclad to meet the Target Uptime.
- Maintenance. Ironclad will make available to Customer all generally available updates and bug fixes to the Enterprise Services. Ironclad will take commercially reasonable efforts to perform Scheduled Maintenance during off-peak hours.
- Support. Ironclad is available to receive Enterprise Services support inquiries via email (support@ironcladhq.com). Live Chat support on Clickwrap Services is available through https://app.pactsafe.com during support hours. Ironclad’s support hours are 08:00 AM to 8:00 PM Eastern Standard Time Monday through Friday (excluding standard U.S. holidays) for technical information, technical advice, and technical consultation regarding Customer’s use of the Enterprise Services.
- Help Center Access. Customer shall have 24x7 access to our online Help Center (https://support.ironcladapp.com) for any best practices, integration instructions, or product questions.
- Email & Web Form Cases. Customer shall have the ability to submit support requests 24x7 through email (support@ironcladhq.com) or the web form accessible via the Ironclad website or Help Center (https://support.ironcladapp.com).
Effective February 4th 2022 to October 25th 2022
DownloadTable of Contents
- DEFINITIONS
- “Affiliate” means a legal entity that controls, is controlled by, or is under common control with a party, where “control” is defined as owning more than 50% of the voting shares of such entity.
- “Agreement” means this Enterprise Services Agreement, any Exhibits, and each Order Form(s).
- “Authorized User” means an employee or contractor of Customer or its Affiliates that Customer has registered to access and use the Enterprise Services.
- “Confidential Information” means any business or technical information disclosed by one party to the other party, including Customer Data, provided that it is identified as confidential at the time of disclosure or that under the circumstances, a person exercising reasonable business judgment would understand it to be confidential or proprietary.
- “Customer Data” means the data and information input or uploaded into the Enterprise Services by Customer or Authorized Users.
- “Enterprise Services” means the cloud-based web platform delivered and accessible through https://www.ironcladapp.com that provides contract management and workflow-related services (the “CLM Services”), and/or the cloud-based web platform delivered and accessible through Ironclad’s website located at: https://app.pactsafe.com that provides contract acceptance, clickwrap, and legal term-management-related services (the “Clickwrap Services”), and the services performed by Ironclad to configure and rollout the platform(s) to Customer and Authorized Users, as described in an applicable Order Form.
- “Order Form” means the document that Customer uses to order the Enterprise Services that is signed by both Customer and Ironclad.
- “Intellectual Property Rights” means patent rights (including, without limitation, patent applications and disclosures), copyrights, trade secrets, moral rights, know-how, and any other intellectual property rights recognized in any country or jurisdiction.
- ENTERPRISE SERVICES
- Enterprise Services. Customer and its Authorized Users may access and use the Enterprise Services solely for Customer’s own business purposes in accordance with the Agreement.
- Cooperation and Assistance. Customer will cooperate with Ironclad in good faith and provide to Ironclad the information and personnel that Ironclad reasonably requests and requires to provide the Enterprise Services. Customer, at its option, may utilize certain third-party software and services with the Enterprise Services and is responsible for acquiring and maintaining all such third-party software and services required to access, use, or integrate with the Enterprise Services, including all costs related to the foregoing.
- Authorized Users. Customer will keep its user IDs and passwords for the Enterprise Services confidential and will be responsible for all actions taken under an Authorized User’s account. Customer will comply with all applicable laws, rules and regulations in connection with its use of the Enterprise Services. Customer will promptly notify Ironclad of any suspected violation of this Agreement by an Authorized User and will cooperate with Ironclad to address the suspected violation. Ironclad may suspend an Authorized User’s access to the Enterprise Services upon notice to Customer in the event that Ironclad reasonably determines that such Authorized User violated this Agreement.
- Restrictions. Customer will not allow anyone other than Authorized Users to access or use the Enterprise Services from Customer’s accounts. Customer will not and will ensure that its Authorized Users do not: (i) attempt to interfere with or disrupt the Enterprise Services (or any related systems or networks) or use the Enterprise Services other than directly for Customer’s benefit; (ii) copy, modify or distribute any portion of the Enterprise Services; (iii) rent, lease, or resell the Enterprise Services; (iv) transfer any of its rights hereunder; or (v) reverse-engineer or access the Enterprise Services in order to build a competitive product or service.
- Customer Data. Customer is responsible for obtaining any necessary right and licenses for use of the Customer Data by Customer and Ironclad as contemplated in this Agreement. Customer agrees that it has the legal right and authority to access, use and disclose to Ironclad any Customer Data. Customer authorizes Ironclad to access, process, and use the Customer Data as necessary to perform and fulfill its obligations hereunder. Ironclad will process and maintain Customer Data consistent with the Data Processing Addendum located at https://legal.ironcladapp.com/#dpa on the Effective Date and hereby incorporated by reference.
- Information Security. Ironclad will use commercially reasonable and industry standard technical and organizational measures designed to prevent unauthorized access, use, alteration or disclosure of the Enterprise Services or Customer Data.
- Usage Data. Ironclad may collect and analyze data and other information relating to the provision, use and performance of the Enterprise Services and related systems and technologies therefrom (“Usage Data”) in order to improve and enhance the Enterprise Services. Insights drawn from Usage Data may be disclosed to Customer and other users of the Enterprise Services in connection with their respective use of the Enterprise Services; provided that, if Ironclad discloses insights drawn from Usage Data, then all Usage Data in such disclosures will be anonymized and aggregated, will not identify Customer or Customer’s users, and will not be disclosed in a manner that would permit a third party to determine Customer’s or Customer’s users’ identity.
- Electronic Signatures. Customer acknowledges and agrees that: (i) as between Ironclad and Customer, Customer has exclusive control and responsibility for the content, quality, and format of any documents used with the Enterprise Services; (ii) certain types of documents, agreements, or contracts may be excluded from general electronic signature laws (such as wills, trusts, court orders, or family law matters), or may have specific regulations that are applicable to them; and, (iii) Customer is solely responsible for ensuring that the documents, agreements or contracts it uses with the Enterprise Services are appropriate for electronic signatures, and Ironclad is not responsible or liable for any such determination or use; (iv) Consumer protection laws or regulations may impose specific requirements for electronic transactions involving consumers, Customer is solely responsible for ensuring it complies with all such laws/regulations, and Ironclad has no obligations to make such determination or assist with fulfilling any requirements therein; (v) Ironclad is not responsible for determining how long any contracts, documents, or other records are required to be retained or stored under any applicable laws; and (vi) Ironclad is not responsible for or liable to produce any of Customer’s contracts or other documents to any third parties. If Customer is using an API or other service that allows Customer to perform any end user/participant/signer authentication, then Customer is solely responsible and liable for such authentication.
- Fees. Customer will pay to Ironclad the Fees in accordance with the terms set forth in the applicable Order Form(s) and this Section 3.
- Invoices; Payment. Unless otherwise set forth in an Order Form, Ironclad will invoice Customer annually in advance for the Enterprise Services and each invoice will be due and payable within thirty (30) days of receipt by Customer. All payment obligations are non-cancellable, and other than as provided in the Agreement, all amounts paid are non-refundable. If any undisputed amounts payable by Customer are still outstanding more than fifteen (15) days after Customer receives notice of non-payment, Ironclad will be entitled, in its sole discretion, to withhold performance and discontinue Customer’s access to the Enterprise Services until all undisputed amounts past due are paid in full.
- Taxes. All Fees and other amounts stated or referred to in this Agreement are exclusive of all taxes, duties, levies, tariffs, and other governmental charges (collectively, “Taxes”). Customer will be responsible for payment of all Taxes and any related interest and/or penalties resulting from any payments made hereunder, other than any taxes based on Ironclad’s net income. If Ironclad has the legal obligation to pay or collect Taxes for which Customer is responsible, the appropriate amount shall be invoiced to and paid by Customer unless Customer provides Ironclad with a valid tax exemption certificate authorized by the appropriate taxing authority.
- Customer owns and retains: (i) the Customer Data; (ii) Customer’s name, logo and other trademarks; and (iii) all Intellectual Property Rights in and to any of the foregoing.
- Ironclad owns and retains: (i) the Enterprise Services, and all improvements, enhancements or modifications made by any party; (ii) the Usage Data; (iii) any software, applications, inventions or other technology developed by Ironclad in connection with providing the Enterprise Services; (iv) Ironclad’s name, logo, and other trademarks; and (v) all Intellectual Property Rights in and to any of the foregoing.
- Use and Nondisclosure. A receiving party will not use the disclosing party’s Confidential Information except as necessary under this Agreement and will not disclose Confidential Information to any third party except: (a) to those of its employees and contractors who have a business need to know such Confidential Information; provided that each such employee and contractor is bound to confidentiality restrictions at least as restrictive as the terms set forth in this Agreement or (b) as further described in the Data Processing Addendum. Each receiving party will protect the disclosing party’s Confidential Information from unauthorized use and disclosure using efforts equivalent to the efforts that the receiving party uses with respect to its own confidential information and in no event less than a reasonable standard of care. The provisions of this Section 5(a) will remain in effect during the Term and for a period of five (5) years after the expiration or termination thereof, except with regard to trade secrets of the disclosing party, which will be held in confidence for as long as such information remains a trade secret.
- Exclusions. The obligations and restrictions set forth in Section 5(a) will not apply to any information that: (i) is or becomes generally known to the public through no fault of or breach of this Agreement by the receiving party; (ii) is rightfully known by the receiving party at the time of disclosure; (iii) is independently developed by the receiving party without access to the disclosing party’s Confidential Information; or (iv) the receiving party rightfully obtains from a third party who has the right to disclose such information without breach of any confidentiality obligation to the disclosing party.
- Permitted Disclosures. The provisions of this Section 5 will not restrict either party from disclosing the other party’s Confidential Information: (i) pursuant to the order or requirement of a court, administrative agency, or other governmental body; provided that to the extent legally permitted, the party required to make such a disclosure gives reasonable notice to the other party to enable it to contest such order or requirement or limit the scope of such request; (ii) on a confidential basis to its legal or professional financial advisors; (iii) as required under applicable securities regulations.
- Injunctive Relief. The receiving party acknowledges that disclosure of Confidential Information could cause substantial harm for which damages alone may not be a sufficient remedy, and therefore that upon any such disclosure by the receiving party, the disclosing party will be entitled to seek appropriate equitable relief in addition to whatever other remedies it might have at law.
- WARRANTY
- Warranty for Enterprise Services. Ironclad warrants solely to Customer that (i) the Enterprise Services will materially conform to the description set forth in this Agreement and the Applicable Order Form; and (ii) the Enterprise Services will materially comply with all applicable laws, including federal, state, and local; in each case under normal use and circumstances when used consistently with the terms of this Agreement. As Ironclad’s sole and exclusive liability and Customer’s sole and exclusive remedy for any breach of the warranties set forth in this Section 6(a) Ironclad will use commercially reasonable efforts to modify the Enterprise Services to correct the non-conformity.
- Disclaimer. EXCEPT AS EXPRESSLY PROVIDED IN SECTION 6(a), IRONCLAD MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND WHATSOEVER, EXPRESS OR IMPLIED, IN CONNECTION WITH THIS AGREEMENT OR THE ENTERPRISE SERVICES AND IRONCLAD HEREBY DISCLAIMS ANY IMPLIED WARRANTIES OF MERCHANTABILITY, ACCURACY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT, AND ANY WARRANTIES ARISING FROM COURSE OF DEALING OR USAGE OF TRADE. IRONCLAD DISCLAIMS ANY WARRANTY THAT THE ENTERPRISE SERVICES WILL BE ERROR FREE OR UNINTERRUPTED OR THAT ALL ERRORS WILL BE CORRECTED. NO ADVICE OR INFORMATION, WHETHER ORAL OR WRITTEN, OBTAINED FROM IRONCLAD OR ELSEWHERE SHALL CREATE ANY WARRANTY NOT EXPRESSLY STATED IN THIS AGREEMENT. Customer assumes sole responsibility and liability for results obtained from the use of the Enterprise Services and for conclusions drawn from such use. Ironclad will have no liability for any claims, losses, or damages caused by errors or omissions in any Customer Data or other information provided to Ironclad by Customer in connection with the Enterprise Services or any actions taken by Ironclad at Customer’s direction. Ironclad will have no liability for any claims, losses or damages arising out of or in connection with Customer’s or any Authorized User’s use of any third-party products, services, software or web sites that Customer may choose to integrate or use with the Enterprise Services.
- TERM AND TERMINATION
- Term. This Agreement will commence on the Effective Date and continue for the period specified in the Order Form (the “Term”), unless terminated earlier as provided in this Agreement. Unless otherwise set forth in an Order Form, Ironclad may modify the applicable fees upon prior written notice to Customer at least sixty (60) days prior to the end of the then-current term, provided that the modified fees will not apply until the next renewal term.
- Termination for Cause. Either party may terminate this Agreement upon written notice if the other party breaches any material terms of this Agreement and fails to correct the breach within thirty (30) days following written notice from the non-breaching party specifying the breach.
- Rights and Obligations Upon Expiration or Termination. Upon expiration or termination of this Agreement, Customer’s and Authorized Users’ right to access and use the Enterprise Services will immediately terminate and each will immediately cease all use of the Enterprise Services. Upon expiration or termination of this Agreement, Ironclad will deliver a then-current export of the Customer Data to Customer.
- Survival. The rights and obligations of Ironclad and Customer contained in Sections 2(g) (Usage Data), 3 (Fees; Expenses; Taxes), 4 (Proprietary Rights), 5 (Confidentiality), 7(c) (Rights and Obligations Upon Expiration or Termination), 7(d) (Survival), 8 (Indemnification), 9 (Limitation of Liability), and 10 (General) will survive any expiration or termination of this Agreement.
- Indemnification by Ironclad. Ironclad will defend Customer, its officers, directors and employees, from and against any suit or action brought by a third-party against Customer: (i) alleging that the Enterprise Services, as provided by Ironclad and when used by Customer pursuant to this Agreement, infringes any Intellectual Property Right of a third party (the “IP Indemnity”); or (ii) resulting from unauthorized disclosure and misuse of Customer Data directly resulting from Ironclad’s breach of its obligations under Section 2(e) (Customer Data) or Section 2(f) (Information Security) (the “Data Indemnity”). Ironclad shall indemnify and hold harmless Customer from and against any damages and costs awarded against Customer or agreed in settlement by Ironclad (including reasonable attorneys’ fees) resulting from such claim, provided that: (x) Customer provides Ironclad with prompt written notice of such claim; (ii) Customer provides reasonable cooperation to Ironclad, at Ironclad’s expense, in the defense and settlement of such claim; and (y) Ironclad has sole authority to defend or settle such claim, provided that it may not settle any claim in a manner that imposes any material liability upon Customer or requires Customer to admit wrongdoing.
- Injunctions. If Customer’s use of the Enterprise Services is, or in Ironclad’s opinion is likely to be, enjoined due to the type of claim specified in Section 8(a)(i), then Ironclad may at its sole option and expense: (i) replace or modify the Enterprise Services to make them non-infringing and of equivalent functionality; (ii) procure for Customer the right to continue using the Enterprise Services under the terms of this Agreement; or (iii) if Ironclad is unable to accomplish either (i) or (ii) despite using its commercially reasonable efforts, terminate Customer’s rights and Ironclad’s obligation under this Agreement with respect to such Enterprise Services and refund to Customer a pro-rata portion of the Fees paid for the remaining portion of the Term during which Customer would have had access to the Enterprise Services.
- Exclusions. Notwithstanding the terms of Section 8(a), Ironclad will have no liability for any claim of any kind to the extent that it results from: (i) the combination, operation or use of the Enterprise Services with equipment, devices, or software not supplied by Ironclad, if a claim would not have occurred but for such combination, operation or use; or (ii) Customer’s or an Authorized User’s use of the Enterprise Services other than in accordance with this Agreement.
- Sole Remedy. THE FOREGOING STATES IRONCLAD’S AND ITS LICENSORS’ SOLE LIABILITY AND CUSTOMER’S SOLE AND EXCLUSIVE REMEDY WITH RESPECT TO ANY ALLEGED OR ACTUAL INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY RIGHTS BY THE ENTERPRISE SERVICES.
- Indemnification by Customer. Customer will defend Ironclad, its officers, directors and employees, from and against any action or suit brought against Ironclad by a third party based on a claim that the Customer Data infringes or violates the rights of a third party. Customer will indemnify and hold harmless Ironclad from and against any damages and costs awarded against Ironclad or agreed in settlement by Customer (including reasonable attorneys’ fees) resulting from such claim, provided that (i) Ironclad provides Customer with prompt written notice of such claim; (ii) Ironclad provides reasonable cooperation to Customer, at Customer’s expense, in the defense and settlement of such claim; and (iii) Customer has sole authority to defend or settle such claim, provided that it may not settle any claim in a manner that imposes any material liability upon Ironclad or requires Ironclad to admit wrongdoing.
- Exclusion of Damages. To the fullest extent permitted by law, except for Excluded Claims (as defined below in Section 9(c) and for which there will be no cap on liability), neither Customer nor Ironclad, and its Affiliates and suppliers, will be liable under this Agreement for (i) indirect, special, incidental, consequential, exemplary, or punitive damages; or (ii) loss of use, data, business, revenues, or profits (in each case whether direct or indirect), even if the party knew or should have known that such damages were possible, even if a remedy fails of its essential purpose, and regardless of the type of action or theory of liability.
- Total Liability. To the fullest extent permitted by law, except for Excluded Claims (for which there shall be no cap on liability) or Special Claims (which are subject to the Enhanced Liability Cap set forth in Section 9(d)), neither party’s aggregate liability under this Agreement will exceed the greater of $100,000 or the amount paid by Customer to Ironclad during the twelve months prior to the event giving rise to liability.
- Excluded Claims. “Excluded Claims” means: (i) any intentional misconduct or gross negligence by either party; (ii) any amounts payable to third parties pursuant to Ironclad’s IP Indemnity obligations under Section 8(a)(i); or (iii) any amounts payable to third parties pursuant to Customer’s indemnification obligations under Section 8(e) (Indemnification by Customer).
- Special Claims. “Special Claims” means (i) any breach by Ironclad of Section 2(e) (Customer Data), Section 2(f) (Information Security), or Section 5 (Confidentiality) resulting in unauthorized disclosure and misuse of Customer Data; or (ii) any amounts payable to third parties pursuant to Ironclad’s Data Indemnity obligations under Section 8(a)(ii). For any and all Special Claims, Ironclad’s aggregate liability shall be subject to an enhanced liability cap not to exceed ten times (10x) the amount paid by Customer to Ironclad during the twelve months prior to the event giving rise to liability (the “Enhanced Liability Cap”).
- Governing Law. This Agreement will be governed by the laws of the State of California, without regard to its conflict of law provisions. Any legal action or proceeding relating to this Agreement will be brought exclusively in the state or federal courts located in San Francisco, CA. Ironclad and Customer hereby agree to submit to the jurisdiction of, and agree that venue is proper in, those courts in any such legal action or proceeding.
- Order of Preference. In the event of a conflict between the Enterprise Services Agreement and Order Form, the order of preference will be the Enterprise Services Agreement, then the Order Form, unless the Special Contractual Terms section of the Order Form clearly specifies that it modifies the Enterprise Services Agreement.
- Waiver. The waiver by either party of any default or breach of this Agreement will not constitute a waiver of any other or subsequent default or breach. No waiver of any provision of this Agreement will be effective unless it is in writing and signed by the party granting the waiver.
- Notices. Notices will be sent to the addresses set forth in the Order Form. The notices will be deemed to have been given upon: (i) the date actually delivered in person; (ii) the day after the date sent by overnight courier; (iii) three (3) days following the date such notice was mailed by first class mail; or (iv) the date sent by email to Ironclad at legal@ironcladhq.com or Customer at the Customer’s email address specified in the Order Form.
- Severability. In the event any provision of this Agreement is held to be invalid or unenforceable, the remaining provisions of this Agreement will remain in full force and effect.
- Force Majeure. Neither party will be liable hereunder by reason of any failure or delay in the performance of its obligations hereunder (except for the payment of money owed) on account of events beyond the reasonable control of such party, which may include without limitation denial-of-service attacks, strikes, shortages, riots, insurrection, fires, flood, storm, explosions, pandemics, acts of God, war, terrorism, governmental action, labor conditions, earthquakes, rolling blackouts, and internet connectivity disruptions.
- Relationship Between the Parties. Nothing in this Agreement will be construed to create a partnership, joint venture or agency relationship between the parties.
- Assignment. Neither party may assign its rights or obligations under this Agreement without the other party’s prior written consent. Notwithstanding the foregoing, either party may assign its rights and obligations under this Agreement to an Affiliate as part of a reorganization, or to a purchaser of its business entity or substantially all of its assets or business to which rights and obligations pertain without the other party’s consent, provided that: (a) the purchaser is not insolvent or otherwise unable to pay its debts as they become due; (b) the purchaser is not a competitor of the other party; and (c) any assignee is bound hereby. Other than the foregoing, any attempt by either party to transfer its rights or obligations under this Agreement will be void.
- Entire Agreement. This Agreement (including any Exhibits hereto) constitutes the complete and exclusive agreement between the parties concerning its subject matter and supersedes all prior or contemporaneous agreements or understandings, written or oral, concerning the subject matter of this Agreement.
- Amendment. This Agreement may not be modified or amended except in a writing signed by a duly authorized representative of each party.
- No Third-Party Beneficiaries. This Agreement is intended for the sole and exclusive benefit of the signatories and is not intended to benefit any third party. Only the parties to this Agreement may enforce it.
- Defined Terms.
- “Emergency Maintenance” means maintenance performed to fix critical functionality, vulnerabilities, or material defects that may substantially impair the usability or performance of the CLM Services.
- “Excused Maintenance” means Emergency Maintenance and Scheduled Maintenance.
- “Scheduled Availability Time” means twenty-four (24) hours a day, seven (7) days a week, excluding: (i) Excused Maintenance, (ii) any downtime due to defects caused by Customer, one of its vendors, third party connections, utilities, or equipment, or caused by other forces beyond the reasonable control of Ironclad (such as denial of service attacks, internet or third-party service outages or outages with respect to Customer’s network or internet access).
- “Scheduled Maintenance” is any system maintenance performed during a Maintenance Window. The Maintenance Window, if one is scheduled, will be available at https://status.ironcladapp.com/ at least two weeks prior to the Maintenance Window.
- “Service Credits” are credits for which Customer may be eligible if Ironclad fails to meet the Target Uptime. The availability of the CLM Services per calendar month and corresponding Service Credits are set forth in the table below.
Availability Per Calendar Month | Service Credit |
< 99.7% - >= 99.0% | 1% of the Annual Subscription Fee |
< 99.0% - >= 95.0% | 2% of the Annual Subscription Fee |
< 95.0% | 3% of the Annual Subscription Fee |
- “Service Credit Request” means a request to Ironclad at support@ironcladhq.com stating that Customer believes that Ironclad has failed to meet the Target Uptime.
- Target Uptime. During the Term of the Agreement, Ironclad will use all commercially reasonable efforts to make the CLM Services available and operational to the Customer for 99.7% of the Scheduled Availability Time (the “Target Uptime”). If Ironclad does not meet the Target Uptime, and if Customer meets its obligations below, Customer will be eligible to receive the applicable Service Credits.
- Service Credits. To receive a Service Credit, Customer must issue a Service Credit Request within 7 days of the last day of the month in which Customer believes Ironclad’s failure to meet the Target Uptime occurred. Promptly after receipt of a Service Credit Request, Ironclad will investigate the request and notify Customer that either: (i) a Service Credit is due; or (ii) no Service Credit is due and state the basis of this determination. If Ironclad determines a Service Credit is due, then Ironclad will apply the applicable Service Credits to Customer’s account for future fees due. Service Credits have no cash value and are Customer's sole and exclusive remedy for any failure by Ironclad to meet the Target Uptime.
- Defined Terms.
- “Activity API” means the portions of the Clickwrap Services that programmatically display contracts inside of a web page or mobile app, retrieve acceptance data for individual users, and send acceptance of contracts.
- “Emergency Maintenance” means maintenance performed to fix critical functionality, vulnerabilities, or material defects that may substantially impair the usability or performance of the Clickwrap Services.
- “Excused Maintenance” means Emergency Maintenance and Scheduled Maintenance.
- “REST API” means the portions of the Clickwrap Services that are accessed programmatically for integrations into third party applications.
- “Scheduled Availability Time” means twenty-four (24) hours a day, seven (7) days a week, excluding: (i) Excused Maintenance, (ii) any downtime due to defects caused by Customer, one of its vendors, third party connections, utilities, or equipment, or caused by other forces beyond the reasonable control of Ironclad (such as denial of service attacks, internet or third-party service outages or outages with respect to Customer’s network or internet access).
- “Scheduled Maintenance” is any system maintenance performed during a Maintenance Window. The Maintenance Window, if one is scheduled, will be available at https://status.pactsafe.com/ at least two weeks prior to the Maintenance Window.
- “Service Credits” are credits for which Customer may be eligible if Ironclad fails to meet the Target Uptime. The availability of the Clickwrap Services per calendar month and corresponding Service Credits are set forth in the table below.
Availability Per Calendar Month | Service Credit |
< 99.5% - >= 99.0% | 1% of the Annual Subscription Fee |
< 99.0% - >= 95.0% | 2% of the Annual Subscription Fee |
< 95.0% | 3% of the Annual Subscription Fee |
- “Service Credit Request” means a request to Ironclad at support@ironcladhq.com stating that Customer believes that Ironclad has failed to meet the Target Uptime.
- “Application User Interface” means the dashboard portion of the Clickwrap Services accessed via the Internet through a web browser to create and publish contracts, download electronic records of acceptance, and send contracts.
- Target Uptime. During the Term of the Agreement, Ironclad will use all commercially reasonable efforts to make the Application User Interface, REST API, and Activity API available and operational to the Customer for 99.5% of the Scheduled Availability Time (the “Target Uptime”), as tracked by each such measure on https://status.pactsafe.com/. If Ironclad does not meet the Target Uptime as to any of the three measures, and if Customer meets its obligations below, Customer will be eligible to receive the applicable Service Credits.
- Service Credits. To receive a Service Credit, Customer must issue a Service Credit Request within 7 days of the last day of the month in which Customer believes Ironclad’s failure to meet the Target Uptime occurred. Promptly after receipt of a Service Credit Request, Ironclad will investigate the request and notify Customer that either: (i) a Service Credit is due; or (ii) no Service Credit is due and state the basis of this determination. If Ironclad determines a Service Credit is due, then Ironclad will apply the applicable Service Credits to Customer’s account for future fees due. Service Credits have no cash value and are Customer's sole and exclusive remedy for any failure by Ironclad to meet the Target Uptime.
- Maintenance. Ironclad will make available to Customer all generally available updates and bug fixes to the Enterprise Services. Ironclad will take commercially reasonable efforts to perform Scheduled Maintenance during off-peak hours.
- Support. Ironclad is available to receive Enterprise Services support inquiries via email (support@ironcladhq.com). Live Chat support on Clickwrap Services is available through https://app.pactsafe.com during support hours. Ironclad’s support hours are 08:00 AM to 8:00 PM Eastern Standard Time Monday through Friday (excluding standard U.S. holidays) for technical information, technical advice, and technical consultation regarding Customer’s use of the Enterprise Services.
- Help Center Access. Customer shall have 24x7 access to our online Help Center (https://support.ironcladapp.com) for any best practices, integration instructions, or product questions.
- Email & Web Form Cases. Customer shall have the ability to submit support requests 24x7 through email (support@ironcladhq.com) or the web form accessible via the Ironclad website or Help Center (https://support.ironcladapp.com).
Effective January 14th 2022 to February 4th 2022
DownloadTable of Contents
- DEFINITIONS
- “Affiliate” means a legal entity that controls, is controlled by, or is under common control with a party, where “control” is defined as owning more than 50% of the voting shares of such entity.
- “Agreement” means this Enterprise Services Agreement, any Exhibits, and each Order Form(s).
- “Authorized User” means an employee or contractor of Customer or its Affiliates that Customer has registered to access and use the Enterprise Services.
- “Confidential Information” means any business or technical information disclosed by one party to the other party, including Customer Data, provided that it is identified as confidential at the time of disclosure or that under the circumstances, a person exercising reasonable business judgment would understand it to be confidential or proprietary.
- “Customer Data” means the data and information input or uploaded into the Enterprise Services by Customer or Authorized Users.
- “Enterprise Services” means the cloud-based web platform delivered and accessible through https://www.ironcladapp.com that provides contract management and workflow-related services (the “CLM Services”), and/or the cloud-based web platform delivered and accessible through Ironclad’s website located at: https://app.pactsafe.com that provides contract acceptance, clickwrap, and legal term-management-related services (the “Clickwrap Services”), and the services performed by Ironclad to configure and rollout the platform(s) to Customer and Authorized Users, as described in an applicable Order Form.
- “Order Form” means the document that Customer uses to order the Enterprise Services that is signed by both Customer and Ironclad.
- “Intellectual Property Rights” means patent rights (including, without limitation, patent applications and disclosures), copyrights, trade secrets, moral rights, know-how, and any other intellectual property rights recognized in any country or jurisdiction.
- ENTERPRISE SERVICES
- Enterprise Services. Customer and its Authorized Users may access and use the Enterprise Services solely for Customer’s internal business purposes in accordance with the Agreement.
- Cooperation and Assistance. Customer will cooperate with Ironclad in good faith and provide to Ironclad the information and personnel that Ironclad reasonably requests and requires to provide the Enterprise Services. Customer, at its option, may utilize certain third-party software and services with the Enterprise Services and is responsible for acquiring and maintaining all such third-party software and services required to access, use, or integrate with the Enterprise Services, including all costs related to the foregoing.
- Authorized Users. Customer will keep its user IDs and passwords for the Enterprise Services confidential and will be responsible for all actions taken under an Authorized User’s account. Customer will comply with all applicable laws, rules and regulations in connection with its use of the Enterprise Services. Customer will promptly notify Ironclad of any suspected violation of this Agreement by an Authorized User and will cooperate with Ironclad to address the suspected violation. Ironclad may suspend any Authorized User’s access to the Enterprise Services upon notice to Customer in the event that Ironclad reasonably determines that such Authorized User violated this Agreement.
- Restrictions. Customer will not allow anyone other than Authorized Users to access or use the Enterprise Services from Customer’s accounts. Customer will not and will ensure that its Authorized Users do not: (i) attempt to interfere with or disrupt the Enterprise Services (or any related systems or networks) or use the Enterprise Services other than directly for Customer’s benefit; (ii) copy, modify or distribute any portion of the Enterprise Services; (iii) rent, lease, or resell the Enterprise Services; (iv) transfer any of its rights hereunder; or (v) reverse-engineer or access the Enterprise Services in order to build a competitive product or service.
- Customer Data. Customer is responsible for obtaining any necessary right and licenses for use of the Customer Data by Customer and Ironclad as contemplated in this Agreement. Customer agrees that it has the legal right and authority to access, use and disclose to Ironclad any Customer Data. Customer authorizes Ironclad to access, process, and use the Customer Data as necessary to perform and fulfill its obligations hereunder. Ironclad will process and maintain Customer Data consistent with the Data Processing Addendum located at https://legal.ironcladapp.com/#dpa on the Effective Date and hereby incorporated by reference.
- Information Security. Ironclad will use commercially reasonable and industry standard technical and organizational measures designed to prevent unauthorized access, use, alteration or disclosure of the Enterprise Services or Customer Data.
- Usage Data. Ironclad may collect and analyze data and other information relating to the provision, use and performance of the Enterprise Services and related systems and technologies therefrom (“Usage Data”) in order to improve and enhance the Enterprise Services. Insights drawn from Usage Data may be disclosed to Customer and other users of the Enterprise Services in connection with their respective use of the Enterprise Services; provided that, if Ironclad discloses insights drawn from Usage Data, then all Usage Data in such disclosures will be anonymized and aggregated, will not identify Customer or Customer’s users, and will not be disclosed in a manner that would permit a third party to determine Customer’s or Customer’s users’ identity.
- Electronic Signatures. Customer acknowledges and agrees that: (i) as between Ironclad and Customer, Customer has exclusive control and responsibility for the content, quality, and format of any documents used with the Enterprise Services; (ii) certain types of documents, agreements, or contracts may be excluded from general electronic signature laws (such as wills, trusts, court orders, or family law matters), or may have specific regulations that are applicable to them; and, (iii) Customer is solely responsible for ensuring that the documents, agreements or contracts it uses with the Enterprise Services are appropriate for electronic signatures, and Ironclad is not responsible or liable for any such determination or use; (iv) Consumer protection laws or regulations may impose specific requirements for electronic transactions involving consumers, Customer is solely responsible for ensuring it complies with all such laws/regulations, and Ironclad has no obligations to make such determination or assist with fulfilling any requirements therein; (v) Ironclad is not responsible for determining how long any contracts, documents, or other records are required to be retained or stored under any applicable laws; and (vi) Ironclad is not responsible for or liable to produce any of Customer’s contracts or other documents to any third parties. If Customer is using an API or other service that allows Customer to perform any end user/participant/signer authentication, then Customer is solely responsible and liable for such authentication.
- Fees. Customer will pay to Ironclad the Fees in accordance with the terms set forth in the applicable Order Form(s) and this Section 3.
- Invoices; Payment. Unless otherwise set forth in an Order Form, Ironclad will invoice Customer annually in advance for the Enterprise Services and each invoice will be due and payable within thirty (30) days of receipt by Customer. All payment obligations are non-cancellable, and other than as provided in the Agreement, all amounts paid are non-refundable. Ironclad will be entitled, in its sole discretion, to withhold performance and discontinue Customer’s access to the Enterprise Services until all undisputed amounts past due are paid in full.
- Taxes. All Fees and other amounts stated or referred to in this Agreement are exclusive of all taxes, duties, levies, tariffs, and other governmental charges (collectively, “Taxes”). Customer will be responsible for payment of all Taxes and any related interest and/or penalties resulting from any payments made hereunder, other than any taxes based on Ironclad’s net income. If Ironclad has the legal obligation to pay or collect Taxes for which Customer is responsible, the appropriate amount shall be invoiced to and paid by Customer unless Customer provides Ironclad with a valid tax exemption certificate authorized by the appropriate taxing authority.
- Customer owns and retains: (i) the Customer Data; (ii) Customer’s name, logo and other trademarks; and (iii) all Intellectual Property Rights in and to any of the foregoing.
- Ironclad owns and retains: (i) the Enterprise Services, and all improvements, enhancements or modifications made by any party; (ii) the Usage Data; (iii) any software, applications, inventions or other technology developed by Ironclad in connection with providing the Enterprise Services; (iv) Ironclad’s name, logo, and other trademarks; and (v) all Intellectual Property Rights in and to any of the foregoing.
- Use and Nondisclosure. A receiving party will not use the disclosing party’s Confidential Information except as necessary under this Agreement and will not disclose Confidential Information to any third party except: (a) to those of its employees and contractors who have a business need to know such Confidential Information; provided that each such employee and contractor is bound to confidentiality restrictions at least as restrictive as the terms set forth in this Agreement or (b) as further described in the Data Processing Addendum. Each receiving party will protect the disclosing party’s Confidential Information from unauthorized use and disclosure using efforts equivalent to the efforts that the receiving party uses with respect to its own confidential information and in no event less than a reasonable standard of care. The provisions of this Section 5(a) will remain in effect during the Term and for a period of five (5) years after the expiration or termination thereof, except with regard to trade secrets of the disclosing party, which will be held in confidence for as long as such information remains a trade secret.
- Exclusions. The obligations and restrictions set forth in Section 5(a) will not apply to any information that: (i) is or becomes generally known to the public through no fault of or breach of this Agreement by the receiving party; (ii) is rightfully known by the receiving party at the time of disclosure; (iii) is independently developed by the receiving party without access to the disclosing party’s Confidential Information; or (iv) the receiving party rightfully obtains from a third party who has the right to disclose such information without breach of any confidentiality obligation to the disclosing party.
- Permitted Disclosures. The provisions of this Section 5 will not restrict either party from disclosing the other party’s Confidential Information: (i) pursuant to the order or requirement of a court, administrative agency, or other governmental body; provided that to the extent legally permitted, the party required to make such a disclosure gives reasonable notice to the other party to enable it to contest such order or requirement or limit the scope of such request; (ii) on a confidential basis to its legal or professional financial advisors; (iii) as required under applicable securities regulations.
- Injunctive Relief. The receiving party acknowledges that disclosure of Confidential Information could cause substantial harm for which damages alone may not be a sufficient remedy, and therefore that upon any such disclosure by the receiving party, the disclosing party will be entitled to seek appropriate equitable relief in addition to whatever other remedies it might have at law.
- WARRANTY
- Warranty for Enterprise Services. Ironclad warrants solely to Customer that (i) the Enterprise Services will materially conform to the description set forth in this Agreement and the Applicable Order Form; and (ii) the Enterprise Services will materially comply with all applicable laws, including federal, state, and local; in each case under normal use and circumstances when used consistently with the terms of this Agreement. As Ironclad’s sole and exclusive liability and Customer’s sole and exclusive remedy for any breach of the warranties set forth in this Section 6(a) Ironclad will use commercially reasonable efforts to modify the Enterprise Services to correct the non-conformity.
- Disclaimer. EXCEPT AS EXPRESSLY PROVIDED IN SECTION 6(a), IRONCLAD MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND WHATSOEVER, EXPRESS OR IMPLIED, IN CONNECTION WITH THIS AGREEMENT OR THE ENTERPRISE SERVICES AND IRONCLAD HEREBY DISCLAIMS ANY IMPLIED WARRANTIES OF MERCHANTABILITY, ACCURACY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT, AND ANY WARRANTIES ARISING FROM COURSE OF DEALING OR USAGE OF TRADE. IRONCLAD DISCLAIMS ANY WARRANTY THAT THE ENTERPRISE SERVICES WILL BE ERROR FREE OR UNINTERRUPTED OR THAT ALL ERRORS WILL BE CORRECTED. NO ADVICE OR INFORMATION, WHETHER ORAL OR WRITTEN, OBTAINED FROM IRONCLAD OR ELSEWHERE SHALL CREATE ANY WARRANTY NOT EXPRESSLY STATED IN THIS AGREEMENT. Customer assumes sole responsibility and liability for results obtained from the use of the Enterprise Services and for conclusions drawn from such use. Ironclad will have no liability for any claims, losses, or damages caused by errors or omissions in any Customer Data or other information provided to Ironclad by Customer in connection with the Enterprise Services or any actions taken by Ironclad at Customer’s direction. Ironclad will have no liability for any claims, losses or damages arising out of or in connection with Customer’s or any Authorized User’s use of any third-party products, services, software or web sites that are accessed via links from within the Enterprise Services.
- TERM AND TERMINATION
- Term. This Agreement will commence on the Effective Date and continue for the period specified in the Order Form (the “Term”), unless terminated earlier as provided in this Agreement. Unless otherwise set forth in an Order Form, Ironclad may modify the applicable fees upon prior written notice to Customer at least sixty (60) days prior to the end of the then-current term, provided that the modified fees will not apply until the next renewal term.
- Termination for Cause. Either party may terminate this Agreement upon written notice if the other party breaches any material terms of this Agreement and fails to correct the breach within thirty (30) days following written notice from the non-breaching party specifying the breach.
- Rights and Obligations Upon Expiration or Termination. Upon expiration or termination of this Agreement, Customer’s and Authorized Users’ right to access and use the Enterprise Services will immediately terminate and each will immediately cease all use of the Enterprise Services. Upon expiration or termination of this Agreement, Ironclad will deliver a then-current export of the Customer Data to Customer.
- Survival. The rights and obligations of Ironclad and Customer contained in Sections 2(g) (Usage Data), 3 (Fees; Expenses; Taxes), 4 (Proprietary Rights), 5 (Confidentiality), 7(c) (Rights and Obligations Upon Expiration or Termination), 7(d) (Survival), 8 (Indemnification), 9 (Limitation of Liability), and 10 (General) will survive any expiration or termination of this Agreement.
- Indemnification by Ironclad. Ironclad will defend Customer, its officers, directors and employees, from and against any suit or action brought by a third-party against Customer: (i) alleging that the Enterprise Services, as provided by Ironclad and when used by Customer pursuant to this Agreement, infringes any Intellectual Property Right of a third party (the “IP Indemnity”); or (ii) resulting from unauthorized disclosure and misuse of Customer Data directly resulting from Ironclad’s breach of its obligations under Section 2(e) (Customer Data) or Section 2(f) (Information Security) (the “Data Indemnity”). Ironclad shall indemnify and hold harmless Customer from and against any damages and costs awarded against Customer or agreed in settlement by Ironclad (including reasonable attorneys’ fees) resulting from such claim, provided that: (x) Customer provides Ironclad with prompt written notice of such claim; (ii) Customer provides reasonable cooperation to Ironclad, at Ironclad’s expense, in the defense and settlement of such claim; and (y) Ironclad has sole authority to defend or settle such claim, provided that it may not settle any claim in a manner that imposes any material liability upon Customer or requires Customer to admit wrongdoing.
- Injunctions. If Customer’s use of the Enterprise Services is, or in Ironclad’s opinion is likely to be, enjoined due to the type of claim specified in Section 8(a)(i), then Ironclad may at its sole option and expense: (i) replace or modify the Enterprise Services to make them non-infringing and of equivalent functionality; (ii) procure for Customer the right to continue using the Enterprise Services under the terms of this Agreement; or (iii) if Ironclad is unable to accomplish either (i) or (ii) despite using its commercially reasonable efforts, terminate Customer’s rights and Ironclad’s obligation under this Agreement with respect to such Enterprise Services and refund to Customer a pro-rata portion of the Fees paid for the remaining portion of the Term during which Customer would have had access to the Enterprise Services.
- Exclusions. Notwithstanding the terms of Section 8(a), Ironclad will have no liability for any claim of any kind to the extent that it results from: (i) the combination, operation or use of the Enterprise Services with equipment, devices, or software not supplied by Ironclad, if a claim would not have occurred but for such combination, operation or use; or (ii) Customer’s or an Authorized User’s use of the Enterprise Services other than in accordance with this Agreement.
- Sole Remedy. THE FOREGOING STATES IRONCLAD’S AND ITS LICENSORS’ SOLE LIABILITY AND CUSTOMER’S SOLE AND EXCLUSIVE REMEDY WITH RESPECT TO ANY ALLEGED OR ACTUAL INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY RIGHTS BY THE ENTERPRISE SERVICES.
- Indemnification by Customer. Customer will defend Ironclad, its officers, directors and employees, from and against any action or suit brought against Ironclad by a third party based on a claim that the Customer Data infringes or violates the rights of a third party. Customer will indemnify and hold harmless Ironclad from and against any damages and costs awarded against Ironclad or agreed in settlement by Customer (including reasonable attorneys’ fees) resulting from such claim, provided that (i) Ironclad provides Customer with prompt written notice of such claim; (ii) Ironclad provides reasonable cooperation to Customer, at Customer’s expense, in the defense and settlement of such claim; and (iii) Customer has sole authority to defend or settle such claim, provided that it may not settle any claim in a manner that imposes any material liability upon Ironclad or requires Ironclad to admit wrongdoing.
- Exclusion of Damages. To the fullest extent permitted by law, except for Excluded Claims (as defined below in Section 9(c) and for which there will be no cap on liability), neither Customer nor Ironclad, and its Affiliates and suppliers, will be liable under this Agreement for (i) indirect, special, incidental, consequential, exemplary, or punitive damages; or (ii) loss of use, data, business, revenues, or profits (in each case whether direct or indirect), even if the party knew or should have known that such damages were possible, even if a remedy fails of its essential purpose, and regardless of the type of action or theory of liability.
- Total Liability. To the fullest extent permitted by law, except for Excluded Claims (for which there shall be no cap on liability) or Special Claims (which are subject to the Enhanced Liability Cap set forth in Section 9(d)), neither party’s aggregate liability under this Agreement will exceed the greater of $100,000 or the amount paid by Customer to Ironclad during the twelve months prior to the event giving rise to liability.
- Excluded Claims. “Excluded Claims” means: (i) any intentional misconduct or gross negligence by either party; (ii) any amounts payable to third parties pursuant to Ironclad’s IP Indemnity obligations under Section 8(a)(i); or (iii) any amounts payable to third parties pursuant to Customer’s indemnification obligations under Section 8(e) (Indemnification by Customer).
- Special Claims. “Special Claims” means (i) any breach by Ironclad of Section 2(e) (Customer Data), Section 2(f) (Information Security), or Section 5 (Confidentiality) resulting in unauthorized disclosure and misuse of Customer Data; or (ii) any amounts payable to third parties pursuant to Ironclad’s Data Indemnity obligations under Section 8(a)(ii). For any and all Special Claims, Ironclad’s aggregate liability shall be subject to an enhanced liability cap not to exceed ten times (10x) the amount paid by Customer to Ironclad during the twelve months prior to the event giving rise to liability (the “Enhanced Liability Cap”).
- Governing Law. This Agreement will be governed by the laws of the State of California, without regard to its conflict of law provisions. Any legal action or proceeding relating to this Agreement will be brought exclusively in the state or federal courts located in San Francisco, CA. Ironclad and Customer hereby agree to submit to the jurisdiction of, and agree that venue is proper in, those courts in any such legal action or proceeding.
- Order of Preference. In the event of a conflict between the Enterprise Services Agreement and Order Form, the order of preference will be the Enterprise Services Agreement, then the Order Form, unless the Special Contractual Terms section of the Order Form clearly specifies that it modifies the Enterprise Services Agreement.
- Waiver. The waiver by either party of any default or breach of this Agreement will not constitute a waiver of any other or subsequent default or breach. No waiver of any provision of this Agreement will be effective unless it is in writing and signed by the party granting the waiver.
- Notices. Notices will be sent to the addresses set forth in the Order Form. The notices will be deemed to have been given upon: (i) the date actually delivered in person; (ii) the day after the date sent by overnight courier; (iii) three (3) days following the date such notice was mailed by first class mail; or (iv) the date sent by email to Ironclad at legal@ironcladhq.com or Customer at the Customer’s email address specified in the Order Form.
- Severability. In the event any provision of this Agreement is held to be invalid or unenforceable, the remaining provisions of this Agreement will remain in full force and effect.
- Force Majeure. Neither party will be liable hereunder by reason of any failure or delay in the performance of its obligations hereunder (except for the payment of money owed) on account of events beyond the reasonable control of such party, which may include without limitation denial-of-service attacks, strikes, shortages, riots, insurrection, fires, flood, storm, explosions, pandemics, acts of God, war, terrorism, governmental action, labor conditions, earthquakes, rolling blackouts, and internet connectivity disruptions.
- Relationship Between the Parties. Nothing in this Agreement will be construed to create a partnership, joint venture or agency relationship between the parties.
- Assignment. Neither party may assign its rights or obligations under this Agreement without the other party’s prior written consent. Notwithstanding the foregoing, either party may assign its rights and obligations under this Agreement to an Affiliate as part of a reorganization, or to a purchaser of its business entity or substantially all of its assets or business to which rights and obligations pertain without the other party’s consent, provided that: (a) the purchaser is not insolvent or otherwise unable to pay its debts as they become due; (b) the purchaser is not a competitor of the other party; and (c) any assignee is bound hereby. Other than the foregoing, any attempt by either party to transfer its rights or obligations under this Agreement will be void.
- Entire Agreement. This Agreement (including any Exhibits hereto) constitutes the complete and exclusive agreement between the parties concerning its subject matter and supersedes all prior or contemporaneous agreements or understandings, written or oral, concerning the subject matter of this Agreement.
- Amendment. This Agreement may not be modified or amended except in a writing signed by a duly authorized representative of each party.
- No Third-Party Beneficiaries. This Agreement is intended for the sole and exclusive benefit of the signatories and is not intended to benefit any third party. Only the parties to this Agreement may enforce it.
- Defined Terms.
- “Emergency Maintenance” means maintenance performed to fix critical functionality, vulnerabilities, or material defects that may substantially impair the usability or performance of the CLM Services.
- “Excused Maintenance” means Emergency Maintenance and Scheduled Maintenance.
- “Scheduled Availability Time” means twenty-four (24) hours a day, seven (7) days a week, excluding: (i) Excused Maintenance, (ii) any downtime due to defects caused by Customer, one of its vendors, third party connections, utilities, or equipment, or caused by other forces beyond the reasonable control of Ironclad (such as denial of service attacks, internet or third-party service outages or outages with respect to Customer’s network or internet access).
- “Scheduled Maintenance” is any system maintenance performed during a Maintenance Window. The Maintenance Window, if one is scheduled, will be available at https://status.ironcladapp.com/ at least two weeks prior to the Maintenance Window.
- “Service Credits” are credits for which Customer may be eligible if Ironclad fails to meet the Target Uptime. The availability of the CLM Services per calendar month and corresponding Service Credits are set forth in the table below.
Availability Per Calendar Month | Service Credit |
< 99.7% - >= 99.0% | 1% of the Annual Subscription Fee |
< 99.0% - >= 95.0% | 2% of the Annual Subscription Fee |
< 95.0% | 3% of the Annual Subscription Fee |
- “Service Credit Request” means a request to Ironclad at support@ironcladhq.com stating that Customer believes that Ironclad has failed to meet the Target Uptime.
- Target Uptime. During the Term of the Agreement, Ironclad will use all commercially reasonable efforts to make the CLM Services available and operational to the Customer for 99.7% of the Scheduled Availability Time (the “Target Uptime”). If Ironclad does not meet the Target Uptime, and if Customer meets its obligations below, Customer will be eligible to receive the applicable Service Credits.
- Service Credits. To receive a Service Credit, Customer must: (i) issue a Service Credit Request within 7 days of the last day of the month in which Customer believes Ironclad’s failure to meet the Target Uptime occurred; and (ii) not be past due on any payments owed to Ironclad when Customer issues a Service Credit Request. Promptly after receipt of a Service Credit Request, Ironclad will investigate the request and notify Customer that either: (i) a Service Credit is due; or (ii) no Service Credit is due and state the basis of this determination. If Ironclad determines a Service Credit is due, then Ironclad will apply the applicable Service Credits to Customer’s account for future fees due. Service Credits have no cash value and are Customer's sole and exclusive remedy for any failure by Ironclad to meet the Target Uptime.
- Defined Terms.
- “Activity API” means the portions of the Clickwrap Services that programmatically display contracts inside of a web page or mobile app, retrieve acceptance data for individual users, and send acceptance of contracts.
- “Emergency Maintenance” means maintenance performed to fix critical functionality, vulnerabilities, or material defects that may substantially impair the usability or performance of the Clickwrap Services.
- “Excused Maintenance” means Emergency Maintenance and Scheduled Maintenance.
- “REST API” means the portions of the Clickwrap Services that are accessed programmatically for integrations into third party applications.
- “Scheduled Availability Time” means twenty-four (24) hours a day, seven (7) days a week, excluding: (i) Excused Maintenance, (ii) any downtime due to defects caused by Customer, one of its vendors, third party connections, utilities, or equipment, or caused by other forces beyond the reasonable control of Ironclad (such as denial of service attacks, internet or third-party service outages or outages with respect to Customer’s network or internet access).
- “Scheduled Maintenance” is any system maintenance performed during a Maintenance Window. The Maintenance Window, if one is scheduled, will be available at https://status.pactsafe.com/ at least two weeks prior to the Maintenance Window.
- “Service Credits” are credits for which Customer may be eligible if Ironclad fails to meet the Target Uptime. The availability of the Clickwrap Services per calendar month and corresponding Service Credits are set forth in the table below.
Availability Per Calendar Month | Service Credit |
< 99.5% - >= 99.0% | 1% of the Annual Subscription Fee |
< 99.0% - >= 95.0% | 2% of the Annual Subscription Fee |
< 95.0% | 3% of the Annual Subscription Fee |
- “Service Credit Request” means a request to Ironclad at support@ironcladhq.com stating that Customer believes that Ironclad has failed to meet the Target Uptime.
- “Application User Interface” means the dashboard portion of the Clickwrap Services accessed via the Internet through a web browser to create and publish contracts, download electronic records of acceptance, and send contracts.
- Target Uptime. During the Term of the Agreement, Ironclad will use all commercially reasonable efforts to make the Application User Interface, REST API, and Activity API available and operational to the Customer for 99.5% of the Scheduled Availability Time (the “Target Uptime”), as tracked by each such measure on https://status.pactsafe.com/. If Ironclad does not meet the Target Uptime as to any of the three measures, and if Customer meets its obligations below, Customer will be eligible to receive the applicable Service Credits.
- Service Credits. To receive a Service Credit, Customer must: (i) issue a Service Credit Request within 7 days of the last day of the month in which Customer believes Ironclad’s failure to meet the Target Uptime occurred; and (ii) not be past due on any payments owed to Ironclad when Customer issues a Service Credit Request. Promptly after receipt of a Service Credit Request, Ironclad will investigate the request and notify Customer that either: (i) a Service Credit is due; or (ii) no Service Credit is due and state the basis of this determination. If Ironclad determines a Service Credit is due, then Ironclad will apply the applicable Service Credits to Customer’s account for future fees due. Service Credits have no cash value and are Customer's sole and exclusive remedy for any failure by Ironclad to meet the Target Uptime.
- Maintenance. Ironclad will make available to Customer all generally available updates and bug fixes to the Enterprise Services. Ironclad will take commercially reasonable efforts to perform Scheduled Maintenance during off-peak hours.
- Support. Ironclad is available to receive Enterprise Services support inquiries via email (support@ironcladhq.com). Live Chat support on Clickwrap Services is available through https://app.pactsafe.com during support hours. Ironclad’s support hours are 08:00 AM to 8:00 PM Eastern Standard Time Monday through Friday (excluding standard U.S. holidays) for technical information, technical advice, and technical consultation regarding Customer’s use of the Enterprise Services.
- Help Center Access. Customer shall have 24x7 access to our online Help Center (https://support.ironcladapp.com) for any best practices, integration instructions, or product questions.
- Email & Web Form Cases. Customer shall have the ability to submit support requests 24x7 through email (support@ironcladhq.com) or the web form accessible via the Ironclad website or Help Center (https://support.ironcladapp.com).
Effective January 4th 2022 to January 14th 2022
DownloadTable of Contents
- DEFINITIONS
- “Affiliate” means a legal entity that controls, is controlled by, or is under common control with a party, where “control” is defined as owning more than 50% of the voting shares of such entity.
- “Agreement” means this Enterprise Services Agreement, any Exhibits, and each Order Form(s).
- “Authorized User” means an employee or contractor of Customer or its Affiliates that Customer has registered to access and use the Enterprise Services.
- “Confidential Information” means any business or technical information disclosed by one party to the other party, including Customer Data, provided that it is identified as confidential at the time of disclosure or that under the circumstances, a person exercising reasonable business judgment would understand it to be confidential or proprietary.
- “Customer Data” means the data and information input or uploaded into the Enterprise Services by Customer or Authorized Users.
- “Enterprise Services” means the cloud-based web platform delivered and accessible through https://www.ironcladapp.com that provides contract management and workflow-related services (the “CLM Services”), and/or the cloud-based web platform delivered and accessible through Ironclad’s website located at: https://app.pactsafe.com that provides contract acceptance, clickwrap, and legal term-management-related services (the “Clickwrap Services”), and the services performed by Ironclad to configure and rollout the platform(s) to Customer and Authorized Users, as described in an applicable Order Form.
- “Order Form” means the document that Customer uses to order the Enterprise Services that is signed by both Customer and Ironclad.
- “Intellectual Property Rights” means patent rights (including, without limitation, patent applications and disclosures), copyrights, trade secrets, moral rights, know-how, and any other intellectual property rights recognized in any country or jurisdiction.
- ENTERPRISE SERVICES
- Enterprise Services. Customer and its Authorized Users may access and use the Enterprise Services solely for Customer’s internal business purposes in accordance with the Agreement.
- Cooperation and Assistance. Customer will cooperate with Ironclad in good faith and provide to Ironclad the information and personnel that Ironclad reasonably requests and requires to provide the Enterprise Services. Customer, at its option, may utilize certain third-party software and services with the Enterprise Services and is responsible for acquiring and maintaining all such third-party software and services required to access, use, or integrate with the Enterprise Services, including all costs related to the foregoing.
- Authorized Users. Customer will keep its user IDs and passwords for the Enterprise Services confidential and will be responsible for all actions taken under an Authorized User’s account. Customer will comply with all applicable laws, rules and regulations in connection with its use of the Enterprise Services. Customer will promptly notify Ironclad of any suspected violation of this Agreement by an Authorized User and will cooperate with Ironclad to address the suspected violation. Ironclad may suspend any Authorized User’s access to the Enterprise Services upon notice to Customer in the event that Ironclad reasonably determines that such Authorized User violated this Agreement.
- Restrictions. Customer will not allow anyone other than Authorized Users to access or use the Enterprise Services from Customer’s accounts. Customer will not and will ensure that its Authorized Users do not: (i) attempt to interfere with or disrupt the Enterprise Services (or any related systems or networks) or use the Enterprise Services other than directly for Customer’s benefit; (ii) copy, modify or distribute any portion of the Enterprise Services; (iii) rent, lease, or resell the Enterprise Services; (iv) transfer any of its rights hereunder; or (v) reverse-engineer or access the Enterprise Services in order to build a competitive product or service.
- Customer Data. Customer is responsible for obtaining any necessary right and licenses for use of the Customer Data by Customer and Ironclad as contemplated in this Agreement. Customer agrees that it has the legal right and authority to access, use and disclose to Ironclad any Customer Data. Customer authorizes Ironclad to access, process, and use the Customer Data as necessary to perform and fulfill its obligations hereunder. Ironclad will process and maintain Customer Data consistent with the Data Processing Addendum located at https://legal.ironcladapp.com/#dpa on the Effective Date and hereby incorporated by reference.
- Information Security. Ironclad will use commercially reasonable and industry standard technical and organizational measures designed to prevent unauthorized access, use, alteration or disclosure of the Enterprise Services or Customer Data.
- Usage Data. Ironclad may collect and analyze data and other information relating to the provision, use and performance of the Enterprise Services and related systems and technologies therefrom, but not including the contents of documents and communications (“Usage Data”) in order to improve and enhance the Enterprise Services. Insights drawn from Usage Data may be disclosed to Customer and other users of the Enterprise Services in connection with their respective use of the Enterprise Services; provided that, if Ironclad discloses insights drawn from Usage Data, then all Usage Data in such disclosures will be anonymized and aggregated, will not identify Customer or Customer’s users, and will not be disclosed in a manner that would permit a third party to determine Customer’s or Customer’s users’ identity.
- Electronic Signatures. Customer acknowledges and agrees that: (i) as between Ironclad and Customer, Customer has exclusive control and responsibility for the content, quality, and format of any documents used with the Enterprise Services; (ii) certain types of documents, agreements, or contracts may be excluded from general electronic signature laws (such as wills, trusts, court orders, or family law matters), or may have specific regulations that are applicable to them; and, (iii) Customer is solely responsible for ensuring that the documents, agreements or contracts it uses with the Enterprise Services are appropriate for electronic signatures, and Ironclad is not responsible or liable for any such determination or use; (iv) Consumer protection laws or regulations may impose specific requirements for electronic transactions involving consumers, Customer is solely responsible for ensuring it complies with all such laws/regulations, and Ironclad has no obligations to make such determination or assist with fulfilling any requirements therein; (v) Ironclad is not responsible for determining how long any contracts, documents, or other records are required to be retained or stored under any applicable laws; and (vi) Ironclad is not responsible for or liable to produce any of Customer’s contracts or other documents to any third parties. If Customer is using an API or other service that allows Customer to perform any end user/participant/signer authentication, then Customer is solely responsible and liable for such authentication.
- Fees. Customer will pay to Ironclad the Fees in accordance with the terms set forth in the applicable Order Form(s) and this Section 3.
- Invoices; Payment. Unless otherwise set forth in an Order Form, Ironclad will invoice Customer annually in advance for the Enterprise Services and each invoice will be due and payable within thirty (30) days of receipt by Customer. All payment obligations are non-cancellable, and other than as provided in the Agreement, all amounts paid are non-refundable. Ironclad will be entitled, in its sole discretion, to withhold performance and discontinue Customer’s access to the Enterprise Services until all undisputed amounts past due are paid in full.
- Taxes. All Fees and other amounts stated or referred to in this Agreement are exclusive of all taxes, duties, levies, tariffs, and other governmental charges (collectively, “Taxes”). Customer will be responsible for payment of all Taxes and any related interest and/or penalties resulting from any payments made hereunder, other than any taxes based on Ironclad’s net income. If Ironclad has the legal obligation to pay or collect Taxes for which Customer is responsible, the appropriate amount shall be invoiced to and paid by Customer unless Customer provides Ironclad with a valid tax exemption certificate authorized by the appropriate taxing authority.
- Customer owns and retains: (i) the Customer Data; (ii) Customer’s name, logo and other trademarks; and (iii) all Intellectual Property Rights in and to any of the foregoing.
- Ironclad owns and retains: (i) the Enterprise Services, and all improvements, enhancements or modifications made by any party; (ii) the Usage Data; (iii) any software, applications, inventions or other technology developed by Ironclad in connection with providing the Enterprise Services; (iv) Ironclad’s name, logo, and other trademarks; and (v) all Intellectual Property Rights in and to any of the foregoing.
- Use and Nondisclosure. A receiving party will not use the disclosing party’s Confidential Information except as necessary under this Agreement and will not disclose Confidential Information to any third party except: (a) to those of its employees and contractors who have a business need to know such Confidential Information; provided that each such employee and contractor is bound to confidentiality restrictions at least as restrictive as the terms set forth in this Agreement or (b) as further described in the Data Processing Addendum. Each receiving party will protect the disclosing party’s Confidential Information from unauthorized use and disclosure using efforts equivalent to the efforts that the receiving party uses with respect to its own confidential information and in no event less than a reasonable standard of care. The provisions of this Section 5(a) will remain in effect during the Term and for a period of five (5) years after the expiration or termination thereof, except with regard to trade secrets of the disclosing party, which will be held in confidence for as long as such information remains a trade secret.
- Exclusions. The obligations and restrictions set forth in Section 5(a) will not apply to any information that: (i) is or becomes generally known to the public through no fault of or breach of this Agreement by the receiving party; (ii) is rightfully known by the receiving party at the time of disclosure; (iii) is independently developed by the receiving party without access to the disclosing party’s Confidential Information; or (iv) the receiving party rightfully obtains from a third party who has the right to disclose such information without breach of any confidentiality obligation to the disclosing party.
- Permitted Disclosures. The provisions of this Section 5 will not restrict either party from disclosing the other party’s Confidential Information: (i) pursuant to the order or requirement of a court, administrative agency, or other governmental body; provided that to the extent legally permitted, the party required to make such a disclosure gives reasonable notice to the other party to enable it to contest such order or requirement or limit the scope of such request; (ii) on a confidential basis to its legal or professional financial advisors; (iii) as required under applicable securities regulations.
- Injunctive Relief. The receiving party acknowledges that disclosure of Confidential Information could cause substantial harm for which damages alone may not be a sufficient remedy, and therefore that upon any such disclosure by the receiving party, the disclosing party will be entitled to seek appropriate equitable relief in addition to whatever other remedies it might have at law.
- WARRANTY
- Warranty for Enterprise Services. Ironclad warrants solely to Customer that (i) the Enterprise Services will materially conform to the description set forth in this Agreement and the Applicable Order Form; and (ii) the Enterprise Services will materially comply with all applicable laws, including federal, state, and local; in each case under normal use and circumstances when used consistently with the terms of this Agreement. As Ironclad’s sole and exclusive liability and Customer’s sole and exclusive remedy for any breach of the warranties set forth in this Section 6(a) Ironclad will use commercially reasonable efforts to modify the Enterprise Services to correct the non-conformity.
- Disclaimer. EXCEPT AS EXPRESSLY PROVIDED IN SECTION 6(a), IRONCLAD MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND WHATSOEVER, EXPRESS OR IMPLIED, IN CONNECTION WITH THIS AGREEMENT OR THE ENTERPRISE SERVICES AND IRONCLAD HEREBY DISCLAIMS ANY IMPLIED WARRANTIES OF MERCHANTABILITY, ACCURACY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT, AND ANY WARRANTIES ARISING FROM COURSE OF DEALING OR USAGE OF TRADE. IRONCLAD DISCLAIMS ANY WARRANTY THAT THE ENTERPRISE SERVICES WILL BE ERROR FREE OR UNINTERRUPTED OR THAT ALL ERRORS WILL BE CORRECTED. NO ADVICE OR INFORMATION, WHETHER ORAL OR WRITTEN, OBTAINED FROM IRONCLAD OR ELSEWHERE SHALL CREATE ANY WARRANTY NOT EXPRESSLY STATED IN THIS AGREEMENT. Customer assumes sole responsibility and liability for results obtained from the use of the Enterprise Services and for conclusions drawn from such use. Ironclad will have no liability for any claims, losses, or damages caused by errors or omissions in any Customer Data or other information provided to Ironclad by Customer in connection with the Enterprise Services or any actions taken by Ironclad at Customer’s direction. Ironclad will have no liability for any claims, losses or damages arising out of or in connection with Customer’s or any Authorized User’s use of any third-party products, services, software or web sites that are accessed via links from within the Enterprise Services.
- TERM AND TERMINATION
- Term. This Agreement will commence on the Effective Date and continue for the period specified in the Order Form (the “Term”), unless terminated earlier as provided in this Agreement. Unless otherwise set forth in an Order Form, Ironclad may modify the applicable fees upon prior written notice to Customer at least sixty (60) days prior to the end of the then-current term, provided that the modified fees will not apply until the next renewal term.
- Termination for Cause. Either party may terminate this Agreement upon written notice if the other party breaches any material terms of this Agreement and fails to correct the breach within thirty (30) days following written notice from the non-breaching party specifying the breach.
- Rights and Obligations Upon Expiration or Termination. Upon expiration or termination of this Agreement, Customer’s and Authorized Users’ right to access and use the Enterprise Services will immediately terminate and each will immediately cease all use of the Enterprise Services. Upon expiration or termination of this Agreement, Ironclad will deliver a then-current export of the Customer Data to Customer.
- Survival. The rights and obligations of Ironclad and Customer contained in Sections 2(g) (Usage Data), 3 (Fees; Expenses; Taxes), 4 (Proprietary Rights), 5 (Confidentiality), 7(c) (Rights and Obligations Upon Expiration or Termination), 7(d) (Survival), 8 (Indemnification), 9 (Limitation of Liability), and 10 (General) will survive any expiration or termination of this Agreement.
- Indemnification by Ironclad. Ironclad will defend Customer, its officers, directors and employees, from and against any suit or action brought by a third-party against Customer: (i) alleging that the Enterprise Services, as provided by Ironclad and when used by Customer pursuant to this Agreement, infringes any Intellectual Property Right of a third party (the “IP Indemnity”); or (ii) resulting from unauthorized disclosure and misuse of Customer Data directly resulting from Ironclad’s breach of its obligations under Section 2(e) (Customer Data) or Section 2(f) (Information Security) (the “Data Indemnity”). Ironclad shall indemnify and hold harmless Customer from and against any damages and costs awarded against Customer or agreed in settlement by Ironclad (including reasonable attorneys’ fees) resulting from such claim, provided that: (x) Customer provides Ironclad with prompt written notice of such claim; (ii) Customer provides reasonable cooperation to Ironclad, at Ironclad’s expense, in the defense and settlement of such claim; and (y) Ironclad has sole authority to defend or settle such claim, provided that it may not settle any claim in a manner that imposes any material liability upon Customer or requires Customer to admit wrongdoing.
- Injunctions. If Customer’s use of the Enterprise Services is, or in Ironclad’s opinion is likely to be, enjoined due to the type of claim specified in Section 8(a)(i), then Ironclad may at its sole option and expense: (i) replace or modify the Enterprise Services to make them non-infringing and of equivalent functionality; (ii) procure for Customer the right to continue using the Enterprise Services under the terms of this Agreement; or (iii) if Ironclad is unable to accomplish either (i) or (ii) despite using its commercially reasonable efforts, terminate Customer’s rights and Ironclad’s obligation under this Agreement with respect to such Enterprise Services and refund to Customer a pro-rata portion of the Fees paid for the remaining portion of the Term during which Customer would have had access to the Enterprise Services.
- Exclusions. Notwithstanding the terms of Section 8(a), Ironclad will have no liability for any claim of any kind to the extent that it results from: (i) the combination, operation or use of the Enterprise Services with equipment, devices, or software not supplied by Ironclad, if a claim would not have occurred but for such combination, operation or use; or (ii) Customer’s or an Authorized User’s use of the Enterprise Services other than in accordance with this Agreement.
- Sole Remedy. THE FOREGOING STATES IRONCLAD’S AND ITS LICENSORS’ SOLE LIABILITY AND CUSTOMER’S SOLE AND EXCLUSIVE REMEDY WITH RESPECT TO ANY ALLEGED OR ACTUAL INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY RIGHTS BY THE ENTERPRISE SERVICES.
- Indemnification by Customer. Customer will defend Ironclad, its officers, directors and employees, from and against any action or suit brought against Ironclad by a third party based on a claim that the Customer Data infringes or violates the rights of a third party. Customer will indemnify and hold harmless Ironclad from and against any damages and costs awarded against Ironclad or agreed in settlement by Customer (including reasonable attorneys’ fees) resulting from such claim, provided that (i) Ironclad provides Customer with prompt written notice of such claim; (ii) Ironclad provides reasonable cooperation to Customer, at Customer’s expense, in the defense and settlement of such claim; and (iii) Customer has sole authority to defend or settle such claim, provided that it may not settle any claim in a manner that imposes any material liability upon Ironclad or requires Ironclad to admit wrongdoing.
- Exclusion of Damages. To the fullest extent permitted by law, except for Excluded Claims (as defined below in Section 9(c) and for which there will be no cap on liability), neither Customer nor Ironclad, and its Affiliates and suppliers, will be liable under this Agreement for (i) indirect, special, incidental, consequential, exemplary, or punitive damages; or (ii) loss of use, data, business, revenues, or profits (in each case whether direct or indirect), even if the party knew or should have known that such damages were possible, even if a remedy fails of its essential purpose, and regardless of the type of action or theory of liability.
- Total Liability. To the fullest extent permitted by law, except for Excluded Claims (for which there shall be no cap on liability) or Special Claims (which are subject to the Enhanced Liability Cap set forth in Section 9(d)), neither party’s aggregate liability under this Agreement will exceed the greater of $100,000 or the amount paid by Customer to Ironclad during the twelve months prior to the event giving rise to liability.
- Excluded Claims. “Excluded Claims” means: (i) any intentional misconduct or gross negligence by either party; (ii) any amounts payable to third parties pursuant to Ironclad’s IP Indemnity obligations under Section 8(a)(i); or (iii) any amounts payable to third parties pursuant to Customer’s indemnification obligations under Section 8(e) (Indemnification by Customer).
- Special Claims. “Special Claims” means (i) any breach by Ironclad of Section 2(e) (Customer Data), Section 2(f) (Information Security), or Section 5 (Confidentiality) resulting in unauthorized disclosure and misuse of Customer Data; or (ii) any amounts payable to third parties pursuant to Ironclad’s Data Indemnity obligations under Section 8(a)(ii). For any and all Special Claims, Ironclad’s aggregate liability shall be subject to an enhanced liability cap not to exceed ten times (10x) the amount paid by Customer to Ironclad during the twelve months prior to the event giving rise to liability (the “Enhanced Liability Cap”).
- Governing Law. This Agreement will be governed by the laws of the State of California, without regard to its conflict of law provisions. Any legal action or proceeding relating to this Agreement will be brought exclusively in the state or federal courts located in San Francisco, CA. Ironclad and Customer hereby agree to submit to the jurisdiction of, and agree that venue is proper in, those courts in any such legal action or proceeding.
- Order of Preference. In the event of a conflict between the Enterprise Services Agreement and Order Form, the order of preference will be the Enterprise Services Agreement, then the Order Form, unless the Special Contractual Terms section of the Order Form clearly specifies that it modifies the Enterprise Services Agreement.
- Waiver. The waiver by either party of any default or breach of this Agreement will not constitute a waiver of any other or subsequent default or breach. No waiver of any provision of this Agreement will be effective unless it is in writing and signed by the party granting the waiver.
- Notices. Notices will be sent to the addresses set forth in the Order Form. The notices will be deemed to have been given upon: (i) the date actually delivered in person; (ii) the day after the date sent by overnight courier; (iii) three (3) days following the date such notice was mailed by first class mail; or (iv) the date sent by email to Ironclad at legal@ironcladhq.com or Customer at the Customer’s email address specified in the Order Form.
- Severability. In the event any provision of this Agreement is held to be invalid or unenforceable, the remaining provisions of this Agreement will remain in full force and effect.
- Force Majeure. Neither party will be liable hereunder by reason of any failure or delay in the performance of its obligations hereunder (except for the payment of money owed) on account of events beyond the reasonable control of such party, which may include without limitation denial-of-service attacks, strikes, shortages, riots, insurrection, fires, flood, storm, explosions, pandemics, acts of God, war, terrorism, governmental action, labor conditions, earthquakes, rolling blackouts, and internet connectivity disruptions.
- Relationship Between the Parties. Nothing in this Agreement will be construed to create a partnership, joint venture or agency relationship between the parties.
- Assignment. Neither party may assign its rights or obligations under this Agreement without the other party’s prior written consent. Notwithstanding the foregoing, either party may assign its rights and obligations under this Agreement to an Affiliate as part of a reorganization, or to a purchaser of its business entity or substantially all of its assets or business to which rights and obligations pertain without the other party’s consent, provided that: (a) the purchaser is not insolvent or otherwise unable to pay its debts as they become due; (b) the purchaser is not a competitor of the other party; and (c) any assignee is bound hereby. Other than the foregoing, any attempt by either party to transfer its rights or obligations under this Agreement will be void.
- Entire Agreement. This Agreement (including any Exhibits hereto) constitutes the complete and exclusive agreement between the parties concerning its subject matter and supersedes all prior or contemporaneous agreements or understandings, written or oral, concerning the subject matter of this Agreement.
- Amendment. This Agreement may not be modified or amended except in a writing signed by a duly authorized representative of each party.
- No Third-Party Beneficiaries. This Agreement is intended for the sole and exclusive benefit of the signatories and is not intended to benefit any third party. Only the parties to this Agreement may enforce it.
- Defined Terms.
- “Emergency Maintenance” means maintenance performed to fix critical functionality, vulnerabilities, or material defects that may substantially impair the usability or performance of the CLM Services.
- “Excused Maintenance” means Emergency Maintenance and Scheduled Maintenance.
- “Scheduled Availability Time” means twenty-four (24) hours a day, seven (7) days a week, excluding: (i) Excused Maintenance, (ii) any downtime due to defects caused by Customer, one of its vendors, third party connections, utilities, or equipment, or caused by other forces beyond the reasonable control of Ironclad (such as denial of service attacks, internet or third-party service outages or outages with respect to Customer’s network or internet access).
- “Scheduled Maintenance” is any system maintenance performed during a Maintenance Window. The Maintenance Window, if one is scheduled, will be available at https://status.ironcladapp.com/ at least two weeks prior to the Maintenance Window.
- “Service Credits” are credits for which Customer may be eligible if Ironclad fails to meet the Target Uptime. The availability of the CLM Services per calendar month and corresponding Service Credits are set forth in the table below.
Availability Per Calendar Month | Service Credit |
< 99.7% - >= 99.0% | 1% of the Annual Subscription Fee |
< 99.0% - >= 95.0% | 2% of the Annual Subscription Fee |
< 95.0% | 3% of the Annual Subscription Fee |
- “Service Credit Request” means a request to Ironclad at support@ironcladhq.com stating that Customer believes that Ironclad has failed to meet the Target Uptime.
- Target Uptime. During the Term of the Agreement, Ironclad will use all commercially reasonable efforts to make the CLM Services available and operational to the Customer for 99.7% of the Scheduled Availability Time (the “Target Uptime”). If Ironclad does not meet the Target Uptime, and if Customer meets its obligations below, Customer will be eligible to receive the applicable Service Credits.
- Service Credits. To receive a Service Credit, Customer must: (i) issue a Service Credit Request within 7 days of the last day of the month in which Customer believes Ironclad’s failure to meet the Target Uptime occurred; and (ii) not be past due on any payments owed to Ironclad when Customer issues a Service Credit Request. Promptly after receipt of a Service Credit Request, Ironclad will investigate the request and notify Customer that either: (i) a Service Credit is due; or (ii) no Service Credit is due and state the basis of this determination. If Ironclad determines a Service Credit is due, then Ironclad will apply the applicable Service Credits to Customer’s account for future fees due. Service Credits have no cash value and are Customer's sole and exclusive remedy for any failure by Ironclad to meet the Target Uptime.
- Defined Terms.
- “Activity API” means the portions of the Clickwrap Services that programmatically display contracts inside of a web page or mobile app, retrieve acceptance data for individual users, and send acceptance of contracts.
- “Emergency Maintenance” means maintenance performed to fix critical functionality, vulnerabilities, or material defects that may substantially impair the usability or performance of the Clickwrap Services.
- “Excused Maintenance” means Emergency Maintenance and Scheduled Maintenance.
- “REST API” means the portions of the Clickwrap Services that are accessed programmatically for integrations into third party applications.
- “Scheduled Availability Time” means twenty-four (24) hours a day, seven (7) days a week, excluding: (i) Excused Maintenance, (ii) any downtime due to defects caused by Customer, one of its vendors, third party connections, utilities, or equipment, or caused by other forces beyond the reasonable control of Ironclad (such as denial of service attacks, internet or third-party service outages or outages with respect to Customer’s network or internet access).
- “Scheduled Maintenance” is any system maintenance performed during a Maintenance Window. The Maintenance Window, if one is scheduled, will be available at https://status.pactsafe.com/ at least two weeks prior to the Maintenance Window.
- “Service Credits” are credits for which Customer may be eligible if Ironclad fails to meet the Target Uptime. The availability of the Clickwrap Services per calendar month and corresponding Service Credits are set forth in the table below.
Availability Per Calendar Month | Service Credit |
< 99.5% - >= 99.0% | 1% of the Annual Subscription Fee |
< 99.0% - >= 95.0% | 2% of the Annual Subscription Fee |
< 95.0% | 3% of the Annual Subscription Fee |
- “Service Credit Request” means a request to Ironclad at support@ironcladhq.com stating that Customer believes that Ironclad has failed to meet the Target Uptime.
- “Application User Interface” means the dashboard portion of the Clickwrap Services accessed via the Internet through a web browser to create and publish contracts, download electronic records of acceptance, and send contracts.
- Target Uptime. During the Term of the Agreement, Ironclad will use all commercially reasonable efforts to make the Application User Interface, REST API, and Activity API available and operational to the Customer for 99.5% of the Scheduled Availability Time (the “Target Uptime”), as tracked by each such measure on https://status.pactsafe.com/. If Ironclad does not meet the Target Uptime as to any of the three measures, and if Customer meets its obligations below, Customer will be eligible to receive the applicable Service Credits.
- Service Credits. To receive a Service Credit, Customer must: (i) issue a Service Credit Request within 7 days of the last day of the month in which Customer believes Ironclad’s failure to meet the Target Uptime occurred; and (ii) not be past due on any payments owed to Ironclad when Customer issues a Service Credit Request. Promptly after receipt of a Service Credit Request, Ironclad will investigate the request and notify Customer that either: (i) a Service Credit is due; or (ii) no Service Credit is due and state the basis of this determination. If Ironclad determines a Service Credit is due, then Ironclad will apply the applicable Service Credits to Customer’s account for future fees due. Service Credits have no cash value and are Customer's sole and exclusive remedy for any failure by Ironclad to meet the Target Uptime.
- Maintenance. Ironclad will make available to Customer all generally available updates and bug fixes to the Enterprise Services. Ironclad will take commercially reasonable efforts to perform Scheduled Maintenance during off-peak hours.
- Support. Ironclad is available to receive Enterprise Services support inquiries via email (support@ironcladhq.com). Live Chat support on Clickwrap Services is available through https://app.pactsafe.com during support hours. Ironclad’s support hours are 08:00 AM to 8:00 PM Eastern Standard Time Monday through Friday (excluding standard U.S. holidays) for technical information, technical advice, and technical consultation regarding Customer’s use of the Enterprise Services.
- Help Center Access. Customer shall have 24x7 access to our online Help Center (https://support.ironcladapp.com) for any best practices, integration instructions, or product questions.
- Email & Web Form Cases. Customer shall have the ability to submit support requests 24x7 through email (support@ironcladhq.com) or the web form accessible via the Ironclad website or Help Center (https://support.ironcladapp.com).
Effective October 28th 2021 to January 4th 2022
DownloadTable of Contents
- DEFINITIONS
- “Affiliate” means a legal entity that controls, is controlled by, or is under common control with a party, where “control” is defined as owning more than 50% of the voting shares of such entity.
- “Agreement” means this Enterprise Services Agreement, any Exhibits, and each Order Form(s).
- “Authorized User” means an employee or contractor of Customer or its Affiliates that Customer has registered to access and use the Enterprise Services.
- “Confidential Information” means any business or technical information disclosed by one party to the other party, including Customer Data, provided that it is identified as confidential at the time of disclosure or that under the circumstances, a person exercising reasonable business judgment would understand it to be confidential or proprietary.
- “Customer Data” means the data and information input or uploaded into the Enterprise Services by Customer or Authorized Users.
- “Enterprise Services” means the cloud-based web platform delivered and accessible through https://www.ironcladapp.com that provides contract management and workflow-related services (the “CLM Services”), and/or the cloud-based web platform delivered and accessible through Ironclad’s website located at: https://app.pactsafe.com that provides contract acceptance, clickwrap, and legal term-management-related services (the “Clickwrap Services”), and the services performed by Ironclad to configure and rollout the platform(s) to Customer and Authorized Users, as described in an applicable Order Form.
- “Order Form” means the document that Customer uses to order the Enterprise Services that is signed by both Customer and Ironclad.
- “Intellectual Property Rights” means patent rights (including, without limitation, patent applications and disclosures), copyrights, trade secrets, moral rights, know-how, and any other intellectual property rights recognized in any country or jurisdiction.
- ENTERPRISE SERVICES
- Enterprise Services. Customer and its Authorized Users may access and use the Enterprise Services solely for Customer’s internal business purposes in accordance with the Agreement.
- Cooperation and Assistance. Customer will cooperate with Ironclad in good faith and provide to Ironclad the information and personnel that Ironclad reasonably requests and requires to provide the Enterprise Services. Customer, at its option, may utilize certain third-party software and services with the Enterprise Services and is responsible for acquiring and maintaining all such third-party software and services required to access, use, or integrate with the Enterprise Services, including all costs related to the foregoing.
- Authorized Users. Customer will keep its user IDs and passwords for the Enterprise Services confidential and will be responsible for all actions taken under an Authorized User’s account. Customer will comply with all applicable laws, rules and regulations in connection with its use of the Enterprise Services. Customer will promptly notify Ironclad of any suspected violation of this Agreement by an Authorized User and will cooperate with Ironclad to address the suspected violation. Ironclad may suspend any Authorized User’s access to the Enterprise Services upon notice to Customer in the event that Ironclad reasonably determines that such Authorized User violated this Agreement.
- Restrictions. Customer will not allow anyone other than Authorized Users to access or use the Enterprise Services from Customer’s accounts. Customer will not and will ensure that its Authorized Users do not: (i) attempt to interfere with or disrupt the Enterprise Services (or any related systems or networks) or use the Enterprise Services other than directly for Customer’s benefit; (ii) copy, modify or distribute any portion of the Enterprise Services; (iii) rent, lease, or resell the Enterprise Services; (iv) transfer any of its rights hereunder; or (v) reverse-engineer or access the Enterprise Services in order to build a competitive product or service.
- Customer Data. Customer is responsible for obtaining any necessary right and licenses for use of the Customer Data by Customer and Ironclad as contemplated in this Agreement. Customer agrees that it has the legal right and authority to access, use and disclose to Ironclad any Customer Data. Customer authorizes Ironclad to access, process, and use the Customer Data as necessary to perform and fulfill its obligations hereunder. Ironclad will process and maintain Customer Data consistent with the Data Processing Addendum located at https://legal.ironcladapp.com/#dpa on the Effective Date and hereby incorporated by reference.
- Information Security. Ironclad will use commercially reasonable and industry standard technical and organizational measures designed to prevent unauthorized access, use, alteration or disclosure of the Enterprise Services or Customer Data.
- Usage Data. Ironclad may collect and analyze data and other information relating to the provision, use and performance of the Enterprise Services and related systems and technologies therefrom, but not including the contents of documents and communications (“Usage Data”) in order to improve and enhance the Enterprise Services. Insights drawn from Usage Data may be disclosed to Customer and other users of the Enterprise Services in connection with their respective use of the Enterprise Services; provided that, if Ironclad discloses insights drawn from Usage Data, then all Usage Data in such disclosures will be anonymized and aggregated, will not identify Customer or Customer’s users, and will not be disclosed in a manner that would permit a third party to determine Customer’s or Customer’s users’ identity.
- Electronic Signatures. Customer acknowledges and agrees that: (i) as between Ironclad and Customer, Customer has exclusive control and responsibility for the content, quality, and format of any documents used with the Enterprise Services; (ii) certain types of documents, agreements, or contracts may be excluded from general electronic signature laws (such as wills, trusts, court orders, or family law matters), or may have specific regulations that are applicable to them; and, (iii) Customer is solely responsible for ensuring that the documents, agreements or contracts it uses with the Enterprise Services are appropriate for electronic signatures, and Ironclad is not responsible or liable for any such determination or use; (iv) Consumer protection laws or regulations may impose specific requirements for electronic transactions involving consumers, Customer is solely responsible for ensuring it complies with all such laws/regulations, and Ironclad has no obligations to make such determination or assist with fulfilling any requirements therein; (v) Ironclad is not responsible for determining how long any contracts, documents, or other records are required to be retained or stored under any applicable laws; and (vi) Ironclad is not responsible for or liable to produce any of Customer’s contracts or other documents to any third parties. If Customer is using an API or other service that allows Customer to perform any end user/participant/signer authentication, then Customer is solely responsible and liable for such authentication.
- Fees. Customer will pay to Ironclad the Fees in accordance with the terms set forth in the applicable Order Form(s) and this Section 3.
- Invoices; Payment. Unless otherwise set forth in an Order Form, Ironclad will invoice Customer annually in advance for the Enterprise Services and each invoice will be due and payable within thirty (30) days of receipt by Customer. All payment obligations are non-cancellable, and other than as provided in the Agreement, all amounts paid are non-refundable. Ironclad will be entitled, in its sole discretion, to withhold performance and discontinue Customer’s access to the Enterprise Services until all undisputed amounts past due are paid in full.
- Taxes. All Fees and other amounts stated or referred to in this Agreement are exclusive of all taxes, duties, levies, tariffs, and other governmental charges (collectively, “Taxes”). Customer will be responsible for payment of all Taxes and any related interest and/or penalties resulting from any payments made hereunder, other than any taxes based on Ironclad’s net income. If Ironclad has the legal obligation to pay or collect Taxes for which Customer is responsible, the appropriate amount shall be invoiced to and paid by Customer unless Customer provides Ironclad with a valid tax exemption certificate authorized by the appropriate taxing authority.
- Customer owns and retains: (i) the Customer Data; (ii) Customer’s name, logo and other trademarks; and (iii) all Intellectual Property Rights in and to any of the foregoing.
- Ironclad owns and retains: (i) the Enterprise Services, and all improvements, enhancements or modifications made by any party; (ii) the Usage Data; (iii) any software, applications, inventions or other technology developed by Ironclad in connection with providing the Enterprise Services; (iv) Ironclad’s name, logo, and other trademarks; and (v) all Intellectual Property Rights in and to any of the foregoing.
- Use and Nondisclosure. A receiving party will not use the disclosing party’s Confidential Information except as necessary under this Agreement and will not disclose Confidential Information to any third party except: (a) to those of its employees and contractors who have a business need to know such Confidential Information; provided that each such employee and contractor is bound to confidentiality restrictions at least as restrictive as the terms set forth in this Agreement or (b) as further described in the Data Processing Addendum. Each receiving party will protect the disclosing party’s Confidential Information from unauthorized use and disclosure using efforts equivalent to the efforts that the receiving party uses with respect to its own confidential information and in no event less than a reasonable standard of care. The provisions of this Section 5(a) will remain in effect during the Term and for a period of five (5) years after the expiration or termination thereof, except with regard to trade secrets of the disclosing party, which will be held in confidence for as long as such information remains a trade secret.
- Exclusions. The obligations and restrictions set forth in Section 5(a) will not apply to any information that: (i) is or becomes generally known to the public through no fault of or breach of this Agreement by the receiving party; (ii) is rightfully known by the receiving party at the time of disclosure; (iii) is independently developed by the receiving party without access to the disclosing party’s Confidential Information; or (iv) the receiving party rightfully obtains from a third party who has the right to disclose such information without breach of any confidentiality obligation to the disclosing party.
- Permitted Disclosures. The provisions of this Section 5 will not restrict either party from disclosing the other party’s Confidential Information: (i) pursuant to the order or requirement of a court, administrative agency, or other governmental body; provided that to the extent legally permitted, the party required to make such a disclosure gives reasonable notice to the other party to enable it to contest such order or requirement or limit the scope of such request; (ii) on a confidential basis to its legal or professional financial advisors; (iii) as required under applicable securities regulations.
- Injunctive Relief. The receiving party acknowledges that disclosure of Confidential Information could cause substantial harm for which damages alone may not be a sufficient remedy, and therefore that upon any such disclosure by the receiving party, the disclosing party will be entitled to seek appropriate equitable relief in addition to whatever other remedies it might have at law.
- WARRANTY
- Warranty for Enterprise Services. Ironclad warrants solely to Customer that (i) the Enterprise Services will materially conform to the description set forth in this Agreement and the Applicable Order Form; and (ii) the Enterprise Services will materially comply with all applicable laws, including federal, state, and local; in each case under normal use and circumstances when used consistently with the terms of this Agreement. As Ironclad’s sole and exclusive liability and Customer’s sole and exclusive remedy for any breach of the warranties set forth in this Section 6(a) Ironclad will use commercially reasonable efforts to modify the Enterprise Services to correct the non-conformity.
- Disclaimer. EXCEPT AS EXPRESSLY PROVIDED IN SECTION 6(a), IRONCLAD MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND WHATSOEVER, EXPRESS OR IMPLIED, IN CONNECTION WITH THIS AGREEMENT OR THE ENTERPRISE SERVICES AND IRONCLAD HEREBY DISCLAIMS ANY IMPLIED WARRANTIES OF MERCHANTABILITY, ACCURACY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT, AND ANY WARRANTIES ARISING FROM COURSE OF DEALING OR USAGE OF TRADE. IRONCLAD DISCLAIMS ANY WARRANTY THAT THE ENTERPRISE SERVICES WILL BE ERROR FREE OR UNINTERRUPTED OR THAT ALL ERRORS WILL BE CORRECTED. NO ADVICE OR INFORMATION, WHETHER ORAL OR WRITTEN, OBTAINED FROM IRONCLAD OR ELSEWHERE SHALL CREATE ANY WARRANTY NOT EXPRESSLY STATED IN THIS AGREEMENT. Customer assumes sole responsibility and liability for results obtained from the use of the Enterprise Services and for conclusions drawn from such use. Ironclad will have no liability for any claims, losses, or damages caused by errors or omissions in any Customer Data or other information provided to Ironclad by Customer in connection with the Enterprise Services or any actions taken by Ironclad at Customer’s direction. Ironclad will have no liability for any claims, losses or damages arising out of or in connection with Customer’s or any Authorized User’s use of any third-party products, services, software or web sites that are accessed via links from within the Enterprise Services.
- TERM AND TERMINATION
- Term. This Agreement will commence on the Effective Date and continue for the period specified in the Order Form (the “Term”), unless terminated earlier as provided in this Agreement. Thereafter, the Agreement shall automatically renew for subsequent one-year periods (the “Renewal Term”), unless either party notifies the other in writing of its intent not to renew at least thirty (30) days prior to the end of the then-current term. If a party provides timely notice of its intent not to renew the Agreement, the Agreement shall expire at the end of the then-current Term. Unless otherwise set forth in an Order Form, Ironclad may modify the applicable fees upon prior written notice to Customer at least sixty (60) days prior to the end of the then-current term, provided that the modified fees will not apply until the next Renewal Term.
- Termination for Cause. Either party may terminate this Agreement upon written notice if the other party breaches any material terms of this Agreement and fails to correct the breach within thirty (30) days following written notice from the non-breaching party specifying the breach.
- Rights and Obligations Upon Expiration or Termination. Upon expiration or termination of this Agreement, Customer’s and Authorized Users’ right to access and use the Enterprise Services will immediately terminate and each will immediately cease all use of the Enterprise Services. Upon expiration or termination of this Agreement, Ironclad will deliver a then-current export of the Customer Data to Customer.
- Survival. The rights and obligations of Ironclad and Customer contained in Sections 2(g) (Usage Data), 3 (Fees; Expenses; Taxes), 4 (Proprietary Rights), 5 (Confidentiality), 7(c) (Rights and Obligations Upon Expiration or Termination), 7(d) (Survival), 8 (Indemnification), 9 (Limitation of Liability), and 10 (General) will survive any expiration or termination of this Agreement.
- Indemnification by Ironclad. Ironclad will defend Customer, its officers, directors and employees, from and against any suit or action brought by a third-party against Customer: (i) alleging that the Enterprise Services, as provided by Ironclad and when used by Customer pursuant to this Agreement, infringes any Intellectual Property Right of a third party (the “IP Indemnity”); or (ii) resulting from unauthorized disclosure and misuse of Customer Data directly resulting from Ironclad’s breach of its obligations under Section 2(e) (Customer Data) or Section 2(f) (Information Security) (the “Data Indemnity”). Ironclad shall indemnify and hold harmless Customer from and against any damages and costs awarded against Customer or agreed in settlement by Ironclad (including reasonable attorneys’ fees) resulting from such claim, provided that: (x) Customer provides Ironclad with prompt written notice of such claim; (ii) Customer provides reasonable cooperation to Ironclad, at Ironclad’s expense, in the defense and settlement of such claim; and (y) Ironclad has sole authority to defend or settle such claim, provided that it may not settle any claim in a manner that imposes any material liability upon Customer or requires Customer to admit wrongdoing.
- Injunctions. If Customer’s use of the Enterprise Services is, or in Ironclad’s opinion is likely to be, enjoined due to the type of claim specified in Section 8(a)(i), then Ironclad may at its sole option and expense: (i) replace or modify the Enterprise Services to make them non-infringing and of equivalent functionality; (ii) procure for Customer the right to continue using the Enterprise Services under the terms of this Agreement; or (iii) if Ironclad is unable to accomplish either (i) or (ii) despite using its commercially reasonable efforts, terminate Customer’s rights and Ironclad’s obligation under this Agreement with respect to such Enterprise Services and refund to Customer a pro-rata portion of the Fees paid for the remaining portion of the Term during which Customer would have had access to the Enterprise Services.
- Exclusions. Notwithstanding the terms of Section 8(a), Ironclad will have no liability for any claim of any kind to the extent that it results from: (i) the combination, operation or use of the Enterprise Services with equipment, devices, or software not supplied by Ironclad, if a claim would not have occurred but for such combination, operation or use; or (ii) Customer’s or an Authorized User’s use of the Enterprise Services other than in accordance with this Agreement.
- Sole Remedy. THE FOREGOING STATES IRONCLAD’S AND ITS LICENSORS’ SOLE LIABILITY AND CUSTOMER’S SOLE AND EXCLUSIVE REMEDY WITH RESPECT TO ANY ALLEGED OR ACTUAL INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY RIGHTS BY THE ENTERPRISE SERVICES.
- Indemnification by Customer. Customer will defend Ironclad, its officers, directors and employees, from and against any action or suit brought against Ironclad by a third party based on a claim that the Customer Data infringes or violates the rights of a third party. Customer will indemnify and hold harmless Ironclad from and against any damages and costs awarded against Ironclad or agreed in settlement by Customer (including reasonable attorneys’ fees) resulting from such claim, provided that (i) Ironclad provides Customer with prompt written notice of such claim; (ii) Ironclad provides reasonable cooperation to Customer, at Customer’s expense, in the defense and settlement of such claim; and (iii) Customer has sole authority to defend or settle such claim, provided that it may not settle any claim in a manner that imposes any material liability upon Ironclad or requires Ironclad to admit wrongdoing.
- Exclusion of Damages. To the fullest extent permitted by law, except for Excluded Claims (as defined below in Section 9(c) and for which there will be no cap on liability), neither Customer nor Ironclad, and its Affiliates and suppliers, will be liable under this Agreement for (i) indirect, special, incidental, consequential, exemplary, or punitive damages; or (ii) loss of use, data, business, revenues, or profits (in each case whether direct or indirect), even if the party knew or should have known that such damages were possible, even if a remedy fails of its essential purpose, and regardless of the type of action or theory of liability.
- Total Liability. To the fullest extent permitted by law, except for Excluded Claims (for which there shall be no cap on liability) or Special Claims (which are subject to the Enhanced Liability Cap set forth in Section 9(d)), neither party’s aggregate liability under this Agreement will exceed the greater of $100,000 or the amount paid by Customer to Ironclad during the twelve months prior to the event giving rise to liability.
- Excluded Claims. “Excluded Claims” means: (i) any intentional misconduct or gross negligence by either party; (ii) any amounts payable to third parties pursuant to Ironclad’s IP Indemnity obligations under Section 8(a)(i); or (iii) any amounts payable to third parties pursuant to Customer’s indemnification obligations under Section 8(e) (Indemnification by Customer).
- Special Claims. “Special Claims” means (i) any breach by Ironclad of Section 2(e) (Customer Data), Section 2(f) (Information Security), or Section 5 (Confidentiality) resulting in unauthorized disclosure and misuse of Customer Data; or (ii) any amounts payable to third parties pursuant to Ironclad’s Data Indemnity obligations under Section 8(a)(ii). For any and all Special Claims, Ironclad’s aggregate liability shall be subject to an enhanced liability cap not to exceed ten times (10x) the amount paid by Customer to Ironclad during the twelve months prior to the event giving rise to liability (the “Enhanced Liability Cap”).
- Governing Law. This Agreement will be governed by the laws of the State of California, without regard to its conflict of law provisions. Any legal action or proceeding relating to this Agreement will be brought exclusively in the state or federal courts located in San Francisco, CA. Ironclad and Customer hereby agree to submit to the jurisdiction of, and agree that venue is proper in, those courts in any such legal action or proceeding.
- Order of Preference. In the event of a conflict between the Enterprise Services Agreement and Order Form, the order of preference will be the Enterprise Services Agreement, then the Order Form, unless the Special Contractual Terms section of the Order Form clearly specifies that it modifies the Enterprise Services Agreement.
- Waiver. The waiver by either party of any default or breach of this Agreement will not constitute a waiver of any other or subsequent default or breach. No waiver of any provision of this Agreement will be effective unless it is in writing and signed by the party granting the waiver.
- Notices. Notices will be sent to the addresses set forth in the Order Form. The notices will be deemed to have been given upon: (i) the date actually delivered in person; (ii) the day after the date sent by overnight courier; (iii) three (3) days following the date such notice was mailed by first class mail; or (iv) the date sent by email to Ironclad at legal@ironcladhq.com or Customer at the Customer’s email address specified in the Order Form.
- Severability. In the event any provision of this Agreement is held to be invalid or unenforceable, the remaining provisions of this Agreement will remain in full force and effect.
- Force Majeure. Neither party will be liable hereunder by reason of any failure or delay in the performance of its obligations hereunder (except for the payment of money owed) on account of events beyond the reasonable control of such party, which may include without limitation denial-of-service attacks, strikes, shortages, riots, insurrection, fires, flood, storm, explosions, pandemics, acts of God, war, terrorism, governmental action, labor conditions, earthquakes, rolling blackouts, and internet connectivity disruptions.
- Relationship Between the Parties. Nothing in this Agreement will be construed to create a partnership, joint venture or agency relationship between the parties.
- Assignment. Neither party may assign its rights or obligations under this Agreement without the other party’s prior written consent. Notwithstanding the foregoing, either party may assign its rights and obligations under this Agreement to an Affiliate as part of a reorganization, or to a purchaser of its business entity or substantially all of its assets or business to which rights and obligations pertain without the other party’s consent, provided that: (a) the purchaser is not insolvent or otherwise unable to pay its debts as they become due; (b) the purchaser is not a competitor of the other party; and (c) any assignee is bound hereby. Other than the foregoing, any attempt by either party to transfer its rights or obligations under this Agreement will be void.
- Entire Agreement. This Agreement (including any Exhibits hereto) constitutes the complete and exclusive agreement between the parties concerning its subject matter and supersedes all prior or contemporaneous agreements or understandings, written or oral, concerning the subject matter of this Agreement.
- Amendment. This Agreement may not be modified or amended except in a writing signed by a duly authorized representative of each party.
- No Third-Party Beneficiaries. This Agreement is intended for the sole and exclusive benefit of the signatories and is not intended to benefit any third party. Only the parties to this Agreement may enforce it.
- Defined Terms.
- “Emergency Maintenance” means maintenance performed to fix critical functionality, vulnerabilities, or material defects that may substantially impair the usability or performance of the CLM Services.
- “Excused Maintenance” means Emergency Maintenance and Scheduled Maintenance.
- “Scheduled Availability Time” means twenty-four (24) hours a day, seven (7) days a week, excluding: (i) Excused Maintenance, (ii) any downtime due to defects caused by Customer, one of its vendors, third party connections, utilities, or equipment, or caused by other forces beyond the reasonable control of Ironclad (such as denial of service attacks, internet or third-party service outages or outages with respect to Customer’s network or internet access).
- “Scheduled Maintenance” is any system maintenance performed during a Maintenance Window. The Maintenance Window, if one is scheduled, will be available at https://status.ironcladapp.com/ at least two weeks prior to the Maintenance Window.
- “Service Credits” are credits for which Customer may be eligible if Ironclad fails to meet the Target Uptime. The availability of the CLM Services per calendar month and corresponding Service Credits are set forth in the table below.
Availability Per Calendar Month | Service Credit |
< 99.7% - >= 99.0% | 1% of the Annual Subscription Fee |
< 99.0% - >= 95.0% | 2% of the Annual Subscription Fee |
< 95.0% | 3% of the Annual Subscription Fee |
- “Service Credit Request” means a request to Ironclad at support@ironcladhq.com stating that Customer believes that Ironclad has failed to meet the Target Uptime.
- Target Uptime. During the Term of the Agreement, Ironclad will use all commercially reasonable efforts to make the CLM Services available and operational to the Customer for 99.7% of the Scheduled Availability Time (the “Target Uptime”). If Ironclad does not meet the Target Uptime, and if Customer meets its obligations below, Customer will be eligible to receive the applicable Service Credits.
- Service Credits. To receive a Service Credit, Customer must: (i) issue a Service Credit Request within 7 days of the last day of the month in which Customer believes Ironclad’s failure to meet the Target Uptime occurred; and (ii) not be past due on any payments owed to Ironclad when Customer issues a Service Credit Request. Promptly after receipt of a Service Credit Request, Ironclad will investigate the request and notify Customer that either: (i) a Service Credit is due; or (ii) no Service Credit is due and state the basis of this determination. If Ironclad determines a Service Credit is due, then Ironclad will apply the applicable Service Credits to Customer’s account for future fees due. Service Credits have no cash value and are Customer's sole and exclusive remedy for any failure by Ironclad to meet the Target Uptime.
- Defined Terms.
- “Activity API” means the portions of the Clickwrap Services that programmatically display contracts inside of a web page or mobile app, retrieve acceptance data for individual users, and send acceptance of contracts.
- “Emergency Maintenance” means maintenance performed to fix critical functionality, vulnerabilities, or material defects that may substantially impair the usability or performance of the Clickwrap Services.
- “Excused Maintenance” means Emergency Maintenance and Scheduled Maintenance.
- “REST API” means the portions of the Clickwrap Services that are accessed programmatically for integrations into third party applications.
- “Scheduled Availability Time” means twenty-four (24) hours a day, seven (7) days a week, excluding: (i) Excused Maintenance, (ii) any downtime due to defects caused by Customer, one of its vendors, third party connections, utilities, or equipment, or caused by other forces beyond the reasonable control of Ironclad (such as denial of service attacks, internet or third-party service outages or outages with respect to Customer’s network or internet access).
- “Scheduled Maintenance” is any system maintenance performed during a Maintenance Window. The Maintenance Window, if one is scheduled, will be available at https://status.pactsafe.com/ at least two weeks prior to the Maintenance Window.
- “Service Credits” are credits for which Customer may be eligible if Ironclad fails to meet the Target Uptime. The availability of the Clickwrap Services per calendar month and corresponding Service Credits are set forth in the table below.
Availability Per Calendar Month | Service Credit |
< 99.5% - >= 99.0% | 1% of the Annual Subscription Fee |
< 99.0% - >= 95.0% | 2% of the Annual Subscription Fee |
< 95.0% | 3% of the Annual Subscription Fee |
- “Service Credit Request” means a request to Ironclad at support@ironcladhq.com stating that Customer believes that Ironclad has failed to meet the Target Uptime.
- “Application User Interface” means the dashboard portion of the Clickwrap Services accessed via the Internet through a web browser to create and publish contracts, download electronic records of acceptance, and send contracts.
- Target Uptime. During the Term of the Agreement, Ironclad will use all commercially reasonable efforts to make the Application User Interface, REST API, and Activity API available and operational to the Customer for 99.5% of the Scheduled Availability Time (the “Target Uptime”), as tracked by each such measure on https://status.pactsafe.com/. If Ironclad does not meet the Target Uptime as to any of the three measures, and if Customer meets its obligations below, Customer will be eligible to receive the applicable Service Credits.
- Service Credits. To receive a Service Credit, Customer must: (i) issue a Service Credit Request within 7 days of the last day of the month in which Customer believes Ironclad’s failure to meet the Target Uptime occurred; and (ii) not be past due on any payments owed to Ironclad when Customer issues a Service Credit Request. Promptly after receipt of a Service Credit Request, Ironclad will investigate the request and notify Customer that either: (i) a Service Credit is due; or (ii) no Service Credit is due and state the basis of this determination. If Ironclad determines a Service Credit is due, then Ironclad will apply the applicable Service Credits to Customer’s account for future fees due. Service Credits have no cash value and are Customer's sole and exclusive remedy for any failure by Ironclad to meet the Target Uptime.
- Maintenance. Ironclad will make available to Customer all generally available updates and bug fixes to the Enterprise Services. Ironclad will take commercially reasonable efforts to perform Scheduled Maintenance during off-peak hours.
- Support. Ironclad is available to receive Enterprise Services support inquiries via email (support@ironcladhq.com). Live Chat support on Clickwrap Services is available through https://app.pactsafe.com during support hours. Ironclad’s support hours are 08:00 AM to 8:00 PM Eastern Standard Time Monday through Friday (excluding standard U.S. holidays) for technical information, technical advice, and technical consultation regarding Customer’s use of the Enterprise Services.
- Help Center Access. Customer shall have 24x7 access to our online Help Center (https://support.ironcladapp.com) for any best practices, integration instructions, or product questions.
- Email & Web Form Cases. Customer shall have the ability to submit support requests 24x7 through email (support@ironcladhq.com) or the web form accessible via the Ironclad website or Help Center (https://support.ironcladapp.com).
Effective October 8th 2021 to October 28th 2021
DownloadTable of Contents
- DEFINITIONS
- “Affiliate” means a legal entity that controls, is controlled by, or is under common control with a party, where “control” is defined as owning more than 50% of the voting shares of such entity.
- “Agreement” means this Enterprise Services Agreement, any Exhibits, and each Order Form(s).
- “Authorized User” means an employee or contractor of Customer or its Affiliates that Customer has registered to access and use the Enterprise Services.
- “Confidential Information” means any business or technical information disclosed by one party to the other party, including Customer Data, provided that it is identified as confidential at the time of disclosure or that under the circumstances, a person exercising reasonable business judgment would understand it to be confidential or proprietary.
- “Customer Data” means the data and information input or uploaded into the Enterprise Services by Customer or Authorized Users.
- “Enterprise Services” means the cloud-based web platform delivered and accessible through https://www.ironcladapp.com that provides contract management and workflow-related services (the “CLM Services”), and/or the cloud-based web platform delivered and accessible through Ironclad’s website located at: https://app.pactsafe.com that provides contract acceptance, clickwrap, and legal term-management-related services (the “Clickwrap Services”), and the services performed by Ironclad to configure and rollout the platform(s) to Customer and Authorized Users, as described in an applicable Order Form.
- “Order Form” means the document that Customer uses to order the Enterprise Services that is signed by both Customer and Ironclad.
- “Intellectual Property Rights” means patent rights (including, without limitation, patent applications and disclosures), copyrights, trade secrets, moral rights, know-how, and any other intellectual property rights recognized in any country or jurisdiction.
- ENTERPRISE SERVICES
- Enterprise Services. Customer and its Authorized Users may access and use the Enterprise Services solely for Customer’s internal business purposes in accordance with the Agreement.
- Cooperation and Assistance. Customer will cooperate with Ironclad in good faith and provide to Ironclad the information and personnel that Ironclad reasonably requests and requires to provide the Enterprise Services. Customer, at its option, may utilize certain third-party software and services with the Enterprise Services and is responsible for acquiring and maintaining all such third-party software and services required to access, use, or integrate with the Enterprise Services, including all costs related to the foregoing.
- Authorized Users. Customer will keep its user IDs and passwords for the Enterprise Services confidential and will be responsible for all actions taken under an Authorized User’s account. Customer will comply with all applicable laws, rules and regulations in connection with its use of the Enterprise Services. Customer will promptly notify Ironclad of any suspected violation of this Agreement by an Authorized User and will cooperate with Ironclad to address the suspected violation. Ironclad may suspend any Authorized User’s access to the Enterprise Services upon notice to Customer in the event that Ironclad reasonably determines that such Authorized User violated this Agreement.
- Restrictions. Customer will not allow anyone other than Authorized Users to access or use the Enterprise Services from Customer’s accounts. Customer will not and will ensure that its Authorized Users do not: (i) attempt to interfere with or disrupt the Enterprise Services (or any related systems or networks) or use the Enterprise Services other than directly for Customer’s benefit; (ii) copy, modify or distribute any portion of the Enterprise Services; (iii) rent, lease, or resell the Enterprise Services; (iv) transfer any of its rights hereunder; or (v) reverse-engineer or access the Enterprise Services in order to build a competitive product or service.
- Customer Data. Customer is responsible for obtaining any necessary right and licenses for use of the Customer Data by Customer and Ironclad as contemplated in this Agreement. Customer agrees that it has the legal right and authority to access, use and disclose to Ironclad any Customer Data. Customer authorizes Ironclad to access, process, and use the Customer Data as necessary to perform and fulfill its obligations hereunder. Ironclad will process and maintain Customer Data consistent with the Data Processing Addendum located at https://legal.ironcladapp.com/#dpa on the Effective Date and hereby incorporated by reference.
- Information Security. Ironclad will use commercially reasonable and industry standard technical and organizational measures designed to prevent unauthorized access, use, alteration or disclosure of the Enterprise Services or Customer Data.
- Usage Data. Ironclad may collect and analyze data and other information relating to the provision, use and performance of the Enterprise Services and related systems and technologies therefrom, but not including the contents of documents and communications (“Usage Data”) in order to improve and enhance the Enterprise Services. Insights drawn from Usage Data may be disclosed to Customer and other users of the Enterprise Services in connection with their respective use of the Enterprise Services; provided that, if Ironclad discloses insights drawn from Usage Data, then all Usage Data in such disclosures will be anonymized and aggregated, will not identify Customer or Customer’s users, and will not be disclosed in a manner that would permit a third party to determine Customer’s or Customer’s users’ identity.
- Electronic Signatures. Customer acknowledges and agrees that: (i) as between Ironclad and Customer, Customer has exclusive control and responsibility for the content, quality, and format of any documents used with the Enterprise Services; (ii) certain types of documents, agreements, or contracts may be excluded from general electronic signature laws (such as wills, trusts, court orders, or family law matters), or may have specific regulations that are applicable to them; and, (iii) Customer is solely responsible for ensuring that the documents, agreements or contracts it uses with the Enterprise Services are appropriate for electronic signatures, and Ironclad is not responsible or liable for any such determination or use; (iv) Consumer protection laws or regulations may impose specific requirements for electronic transactions involving consumers, Customer is solely responsible for ensuring it complies with all such laws/regulations, and Ironclad has no obligations to make such determination or assist with fulfilling any requirements therein; (v) Ironclad is not responsible for determining how long any contracts, documents, or other records are required to be retained or stored under any applicable laws; and (vi) Ironclad is not responsible for or liable to produce any of Customer’s contracts or other documents to any third parties. If Customer is using an API or other service that allows Customer to perform any end user/participant/signer authentication, then Customer is solely responsible and liable for such authentication.
- Fees. Customer will pay to Ironclad the Fees in accordance with the terms set forth in the applicable Order Form(s) and this Section 3.
- Invoices; Payment. Unless otherwise set forth in an Order Form, Ironclad will invoice Customer annually in advance for the Enterprise Services and each invoice will be due and payable within thirty (30) days of receipt by Customer. All payment obligations are non-cancellable, and other than as provided in the Agreement, all amounts paid are non-refundable. Ironclad will be entitled, in its sole discretion, to withhold performance and discontinue Customer’s access to the Enterprise Services until all undisputed amounts past due are paid in full.
- Taxes. All Fees and other amounts stated or referred to in this Agreement are exclusive of all taxes, duties, levies, tariffs, and other governmental charges (collectively, “Taxes”). Customer will be responsible for payment of all Taxes and any related interest and/or penalties resulting from any payments made hereunder, other than any taxes based on Ironclad’s net income. If Ironclad has the legal obligation to pay or collect Taxes for which Customer is responsible, the appropriate amount shall be invoiced to and paid by Customer unless Customer provides Ironclad with a valid tax exemption certificate authorized by the appropriate taxing authority.
- Customer owns and retains: (i) the Customer Data; (ii) Customer’s name, logo and other trademarks; and (iii) all Intellectual Property Rights in and to any of the foregoing.
- Ironclad owns and retains: (i) the Enterprise Services, and all improvements, enhancements or modifications made by any party; (ii) the Usage Data; (iii) any software, applications, inventions or other technology developed by Ironclad in connection with providing the Enterprise Services; (iv) Ironclad’s name, logo, and other trademarks; and (v) all Intellectual Property Rights in and to any of the foregoing.
- Use and Nondisclosure. A receiving party will not use the disclosing party’s Confidential Information except as necessary under this Agreement and will not disclose Confidential Information to any third party except: (a) to those of its employees and contractors who have a business need to know such Confidential Information; provided that each such employee and contractor is bound to confidentiality restrictions at least as restrictive as the terms set forth in this Agreement or (b) as further described in the Data Processing Addendum. Each receiving party will protect the disclosing party’s Confidential Information from unauthorized use and disclosure using efforts equivalent to the efforts that the receiving party uses with respect to its own confidential information and in no event less than a reasonable standard of care. The provisions of this Section 5.1 will remain in effect during the Term and for a period of five (5) years after the expiration or termination thereof, except with regard to trade secrets of the disclosing party, which will be held in confidence for as long as such information remains a trade secret.
- Exclusions. The obligations and restrictions set forth in Section 5.1 will not apply to any information that: (i) is or becomes generally known to the public through no fault of or breach of this Agreement by the receiving party; (ii) is rightfully known by the receiving party at the time of disclosure; (iii) is independently developed by the receiving party without access to the disclosing party’s Confidential Information; or (iv) the receiving party rightfully obtains from a third party who has the right to disclose such information without breach of any confidentiality obligation to the disclosing party.
- Permitted Disclosures. The provisions of this Section 5 will not restrict either party from disclosing the other party’s Confidential Information: (i) pursuant to the order or requirement of a court, administrative agency, or other governmental body; provided that to the extent legally permitted, the party required to make such a disclosure gives reasonable notice to the other party to enable it to contest such order or requirement or limit the scope of such request; (ii) on a confidential basis to its legal or professional financial advisors; (iii) as required under applicable securities regulations.
- Injunctive Relief. The receiving party acknowledges that disclosure of Confidential Information could cause substantial harm for which damages alone may not be a sufficient remedy, and therefore that upon any such disclosure by the receiving party, the disclosing party will be entitled to seek appropriate equitable relief in addition to whatever other remedies it might have at law.
- WARRANTY
- Warranty for Enterprise Services. Ironclad warrants solely to Customer that (i) the Enterprise Services will materially conform to the description set forth in this Agreement and the Applicable Order Form; and (ii) the Enterprise Services will materially comply with all applicable laws, including federal, state, and local; in each case under normal use and circumstances when used consistently with the terms of this Agreement. As Ironclad’s sole and exclusive liability and Customer’s sole and exclusive remedy for any breach of the warranties set forth in this Section 6.1 Ironclad will use commercially reasonable efforts to modify the Enterprise Services to correct the non-conformity.
- Disclaimer. EXCEPT AS EXPRESSLY PROVIDED IN SECTION 6.1, IRONCLAD MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND WHATSOEVER, EXPRESS OR IMPLIED, IN CONNECTION WITH THIS AGREEMENT OR THE ENTERPRISE SERVICES AND IRONCLAD HEREBY DISCLAIMS ANY IMPLIED WARRANTIES OF MERCHANTABILITY, ACCURACY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT, AND ANY WARRANTIES ARISING FROM COURSE OF DEALING OR USAGE OF TRADE. IRONCLAD DISCLAIMS ANY WARRANTY THAT THE ENTERPRISE SERVICES WILL BE ERROR FREE OR UNINTERRUPTED OR THAT ALL ERRORS WILL BE CORRECTED. NO ADVICE OR INFORMATION, WHETHER ORAL OR WRITTEN, OBTAINED FROM IRONCLAD OR ELSEWHERE SHALL CREATE ANY WARRANTY NOT EXPRESSLY STATED IN THIS AGREEMENT. Customer assumes sole responsibility and liability for results obtained from the use of the Enterprise Services and for conclusions drawn from such use. Ironclad will have no liability for any claims, losses, or damages caused by errors or omissions in any Customer Data or other information provided to Ironclad by Customer in connection with the Enterprise Services or any actions taken by Ironclad at Customer’s direction. Ironclad will have no liability for any claims, losses or damages arising out of or in connection with Customer’s or any Authorized User’s use of any third-party products, services, software or web sites that are accessed via links from within the Enterprise Services.
- TERM AND TERMINATION
- Term. This Agreement will commence on the Effective Date and continue for the period specified in the Order Form (the “Term”), unless terminated earlier as provided in this Agreement. Thereafter, the Agreement shall automatically renew for subsequent one-year periods (the “Renewal Term”), unless either party notifies the other in writing of its intent not to renew at least thirty (30) days prior to the end of the then-current term. If a party provides timely notice of its intent not to renew the Agreement, the Agreement shall expire at the end of the then-current Term. Unless otherwise set forth in an Order Form, Ironclad may modify the applicable fees upon prior written notice to Customer at least sixty (60) days prior to the end of the then-current term, provided that the modified fees will not apply until the next Renewal Term.
- Termination for Cause. Either party may terminate this Agreement upon written notice if the other party breaches any material terms of this Agreement and fails to correct the breach within thirty (30) days following written notice from the non-breaching party specifying the breach.
- Rights and Obligations Upon Expiration or Termination. Upon expiration or termination of this Agreement, Customer’s and Authorized Users’ right to access and use the Enterprise Services will immediately terminate and each will immediately cease all use of the Enterprise Services. Upon expiration or termination of this Agreement, Ironclad will deliver a then-current export of the Customer Data to Customer.
- Survival. The rights and obligations of Ironclad and Customer contained in Sections 2.7 (Usage Data), 3 (Fees; Expenses; Taxes), 4 (Proprietary Rights), 5 (Confidentiality), 7.3 (Rights and Obligations Upon Expiration or Termination), 7.4 (Survival), 8 (Indemnification), 9 (Limitation of Liability), and 10 (General) will survive any expiration or termination of this Agreement.
- Indemnification by Ironclad. Ironclad will defend Customer, its officers, directors and employees, from and against any suit or action brought by a third-party against Customer: (a) alleging that the Enterprise Services, as provided by Ironclad and when used by Customer pursuant to this Agreement, infringes any Intellectual Property Right of a third party (the “IP Indemnity”); or (b) resulting from unauthorized disclosure and misuse of Customer Data directly resulting from Ironclad’s breach of its obligations under Section 2.5 (Customer Data) or Section 2.6 (Information Security) (the “Data Indemnity”). Ironclad shall indemnify and hold harmless Customer from and against any damages and costs awarded against Customer or agreed in settlement by Ironclad (including reasonable attorneys’ fees) resulting from such claim, provided that: (i) Customer provides Ironclad with prompt written notice of such claim; (ii) Customer provides reasonable cooperation to Ironclad, at Ironclad’s expense, in the defense and settlement of such claim; and (iii) Ironclad has sole authority to defend or settle such claim, provided that it may not settle any claim in a manner that imposes any material liability upon Customer or requires Customer to admit wrongdoing.
- Injunctions. If Customer’s use of the Enterprise Services is, or in Ironclad’s opinion is likely to be, enjoined due to the type of claim specified in Section 8.1(a), then Ironclad may at its sole option and expense: (i) replace or modify the Enterprise Services to make them non-infringing and of equivalent functionality; (ii) procure for Customer the right to continue using the Enterprise Services under the terms of this Agreement; or (iii) if Ironclad is unable to accomplish either (i) or (ii) despite using its commercially reasonable efforts, terminate Customer’s rights and Ironclad’s obligation under this Agreement with respect to such Enterprise Services and refund to Customer a pro-rata portion of the Fees paid for the remaining portion of the Term during which Customer would have had access to the Enterprise Services.
- Exclusions. Notwithstanding the terms of Section 8.1, Ironclad will have no liability for any claim of any kind to the extent that it results from: (i) the combination, operation or use of the Enterprise Services with equipment, devices, or software not supplied by Ironclad, if a claim would not have occurred but for such combination, operation or use; or (ii) Customer’s or an Authorized User’s use of the Enterprise Services other than in accordance with this Agreement.
- Sole Remedy. THE FOREGOING STATES IRONCLAD’S AND ITS LICENSORS’ SOLE LIABILITY AND CUSTOMER’S SOLE AND EXCLUSIVE REMEDY WITH RESPECT TO ANY ALLEGED OR ACTUAL INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY RIGHTS BY THE ENTERPRISE SERVICES.
- Indemnification by Customer. Customer will defend Ironclad, its officers, directors and employees, from and against any action or suit brought against Ironclad by a third party based on a claim that the Customer Data infringes or violates the rights of a third party. Customer will indemnify and hold harmless Ironclad from and against any damages and costs awarded against Ironclad or agreed in settlement by Customer (including reasonable attorneys’ fees) resulting from such claim, provided that (i) Ironclad provides Customer with prompt written notice of such claim; (ii) Ironclad provides reasonable cooperation to Customer, at Customer’s expense, in the defense and settlement of such claim; and (iii) Customer has sole authority to defend or settle such claim, provided that it may not settle any claim in a manner that imposes any material liability upon Ironclad or requires Ironclad to admit wrongdoing.
- Exclusion of Damages. To the fullest extent permitted by law, except for Excluded Claims (as defined below in Section 9.3 and for which there will be no cap on liability), neither Customer nor Ironclad, and its Affiliates and suppliers, will be liable under this Agreement for (i) indirect, special, incidental, consequential, exemplary, or punitive damages; or (ii) loss of use, data, business, revenues, or profits (in each case whether direct or indirect), even if the party knew or should have known that such damages were possible, even if a remedy fails of its essential purpose, and regardless of the type of action or theory of liability.
- Total Liability. To the fullest extent permitted by law, except for Excluded Claims (for which there shall be no cap on liability) or Special Claims (which are subject to the Enhanced Liability Cap set forth in Section 9.4), neither party’s aggregate liability under this Agreement will exceed the greater of $100,000 or the amount paid by Customer to Ironclad during the twelve months prior to the event giving rise to liability.
- Excluded Claims. “Excluded Claims” means: (i) any intentional misconduct or gross negligence by either party; (ii) any amounts payable to third parties pursuant to Ironclad’s IP Indemnity obligations under Section 8.1(a); or (iii) any amounts payable to third parties pursuant to Customer’s indemnification obligations under Section 8.5 (Indemnification by Customer).
- Special Claims. “Special Claims” means (i) any breach by Ironclad of Section 2.5 (Customer Data), Section 2.6 (Information Security), or Section 5 (Confidentiality) resulting in unauthorized disclosure and misuse of Customer Data; or (ii) any amounts payable to third parties pursuant to Ironclad’s Data Indemnity obligations under Section 8.1(b). For any and all Special Claims, Ironclad’s aggregate liability shall be subject to an enhanced liability cap not to exceed ten times (10x) the amount paid by Customer to Ironclad during the twelve months prior to the event giving rise to liability (the “Enhanced Liability Cap”).
- Governing Law. This Agreement will be governed by the laws of the State of California, without regard to its conflict of law provisions. Any legal action or proceeding relating to this Agreement will be brought exclusively in the state or federal courts located in San Francisco, CA. Ironclad and Customer hereby agree to submit to the jurisdiction of, and agree that venue is proper in, those courts in any such legal action or proceeding.
- Order of Preference. In the event of a conflict between the Enterprise Services Agreement and Order Form, the order of preference will be the Enterprise Services Agreement, then the Order Form, unless the Special Contractual Terms section of the Order Form clearly specifies that it modifies the Enterprise Services Agreement.
- Waiver. The waiver by either party of any default or breach of this Agreement will not constitute a waiver of any other or subsequent default or breach. No waiver of any provision of this Agreement will be effective unless it is in writing and signed by the party granting the waiver.
- Notices. Notices will be sent to the addresses set forth in the Order Form. The notices will be deemed to have been given upon: (i) the date actually delivered in person; (ii) the day after the date sent by overnight courier; (iii) three (3) days following the date such notice was mailed by first class mail; or (iv) the date sent by email to Ironclad at legal@ironcladhq.com or Customer at the Customer’s email address specified in the Order Form.
- Severability. In the event any provision of this Agreement is held to be invalid or unenforceable, the remaining provisions of this Agreement will remain in full force and effect.
- Force Majeure. Neither party will be liable hereunder by reason of any failure or delay in the performance of its obligations hereunder (except for the payment of money owed) on account of events beyond the reasonable control of such party, which may include without limitation denial-of-service attacks, strikes, shortages, riots, insurrection, fires, flood, storm, explosions, pandemics, acts of God, war, terrorism, governmental action, labor conditions, earthquakes, rolling blackouts, and internet connectivity disruptions.
- Relationship Between the Parties. Nothing in this Agreement will be construed to create a partnership, joint venture or agency relationship between the parties.
- Assignment. Neither party may assign its rights or obligations under this Agreement without the other party’s prior written consent. Notwithstanding the foregoing, either party may assign its rights and obligations under this Agreement to an Affiliate as part of a reorganization, or to a purchaser of its business entity or substantially all of its assets or business to which rights and obligations pertain without the other party’s consent, provided that: (a) the purchaser is not insolvent or otherwise unable to pay its debts as they become due; (b) the purchaser is not a competitor of the other party; and (c) any assignee is bound hereby. Other than the foregoing, any attempt by either party to transfer its rights or obligations under this Agreement will be void.
- Entire Agreement. This Agreement (including any Exhibits hereto) constitutes the complete and exclusive agreement between the parties concerning its subject matter and supersedes all prior or contemporaneous agreements or understandings, written or oral, concerning the subject matter of this Agreement.
- Amendment. This Agreement may not be modified or amended except in a writing signed by a duly authorized representative of each party.
- No Third-Party Beneficiaries. This Agreement is intended for the sole and exclusive benefit of the signatories and is not intended to benefit any third party. Only the parties to this Agreement may enforce it.
- Defined Terms.
- “Emergency Maintenance” means maintenance performed to fix critical functionality, vulnerabilities, or material defects that may substantially impair the usability or performance of the CLM Services.
- “Excused Maintenance” means Emergency Maintenance and Scheduled Maintenance.
- “Scheduled Availability Time” means twenty-four (24) hours a day, seven (7) days a week, excluding: (i) Excused Maintenance, (ii) any downtime due to defects caused by Customer, one of its vendors, third party connections, utilities, or equipment, or caused by other forces beyond the reasonable control of Ironclad (such as denial of service attacks, internet or third-party service outages or outages with respect to Customer’s network or internet access).
- “Scheduled Maintenance” is any system maintenance performed during a Maintenance Window. The Maintenance Window, if one is scheduled, will be available at https://status.ironcladapp.com/ at least two weeks prior to the Maintenance Window.
- “Service Credits” are credits for which Customer may be eligible if Ironclad fails to meet the Target Uptime. The availability of the CLM Services per calendar month and corresponding Service Credits are set forth in the table below.
Availability Per Calendar Month | Service Credit |
< 99.7% - >= 99.0% | 1% of the Annual Subscription Fee |
< 99.0% - >= 95.0% | 2% of the Annual Subscription Fee |
< 95.0% | 3% of the Annual Subscription Fee |
- “Service Credit Request” means a request to Ironclad at support@ironcladhq.com stating that Customer believes that Ironclad has failed to meet the Target Uptime.
- Target Uptime. During the Term of the Agreement, Ironclad will use all commercially reasonable efforts to make the CLM Services available and operational to the Customer for 99.7% of the Scheduled Availability Time (the “Target Uptime”). If Ironclad does not meet the Target Uptime, and if Customer meets its obligations below, Customer will be eligible to receive the applicable Service Credits.
- Service Credits. To receive a Service Credit, Customer must: (i) issue a Service Credit Request within 7 days of the last day of the month in which Customer believes Ironclad’s failure to meet the Target Uptime occurred; and (ii) not be past due on any payments owed to Ironclad when Customer issues a Service Credit Request. Promptly after receipt of a Service Credit Request, Ironclad will investigate the request and notify Customer that either: (i) a Service Credit is due; or (ii) no Service Credit is due and state the basis of this determination. If Ironclad determines a Service Credit is due, then Ironclad will apply the applicable Service Credits to Customer’s account for future fees due. Service Credits have no cash value and are Customer's sole and exclusive remedy for any failure by Ironclad to meet the Target Uptime.
- Defined Terms.
- “Activity API” means the portions of the Clickwrap Services that programmatically display contracts inside of a web page or mobile app, retrieve acceptance data for individual users, and send acceptance of contracts.
- “Emergency Maintenance” means maintenance performed to fix critical functionality, vulnerabilities, or material defects that may substantially impair the usability or performance of the Clickwrap Services.
- “Excused Maintenance” means Emergency Maintenance and Scheduled Maintenance.
- “REST API” means the portions of the Clickwrap Services that are accessed programmatically for integrations into third party applications.
- “Scheduled Availability Time” means twenty-four (24) hours a day, seven (7) days a week, excluding: (i) Excused Maintenance, (ii) any downtime due to defects caused by Customer, one of its vendors, third party connections, utilities, or equipment, or caused by other forces beyond the reasonable control of Ironclad (such as denial of service attacks, internet or third-party service outages or outages with respect to Customer’s network or internet access).
- “Scheduled Maintenance” is any system maintenance performed during a Maintenance Window. The Maintenance Window, if one is scheduled, will be available at https://status.pactsafe.com/ at least two weeks prior to the Maintenance Window.
- “Service Credits” are credits for which Customer may be eligible if Ironclad fails to meet the Target Uptime. The availability of the Clickwrap Services per calendar month and corresponding Service Credits are set forth in the table below.
Availability Per Calendar Month | Service Credit |
< 99.5% - >= 99.0% | 1% of the Annual Subscription Fee |
< 99.0% - >= 95.0% | 2% of the Annual Subscription Fee |
< 95.0% | 3% of the Annual Subscription Fee |
- “Service Credit Request” means a request to Ironclad at support@ironcladhq.com stating that Customer believes that Ironclad has failed to meet the Target Uptime.
- “Application User Interface” means the dashboard portion of the Clickwrap Services accessed via the Internet through a web browser to create and publish contracts, download electronic records of acceptance, and send contracts.
- Target Uptime. During the Term of the Agreement, Ironclad will use all commercially reasonable efforts to make the Application User Interface, REST API, and Activity API available and operational to the Customer for 99.5% of the Scheduled Availability Time (the “Target Uptime”), as tracked by each such measure on https://status.pactsafe.com/. If Ironclad does not meet the Target Uptime as to any of the three measures, and if Customer meets its obligations below, Customer will be eligible to receive the applicable Service Credits.
- Service Credits. To receive a Service Credit, Customer must: (i) issue a Service Credit Request within 7 days of the last day of the month in which Customer believes Ironclad’s failure to meet the Target Uptime occurred; and (ii) not be past due on any payments owed to Ironclad when Customer issues a Service Credit Request. Promptly after receipt of a Service Credit Request, Ironclad will investigate the request and notify Customer that either: (i) a Service Credit is due; or (ii) no Service Credit is due and state the basis of this determination. If Ironclad determines a Service Credit is due, then Ironclad will apply the applicable Service Credits to Customer’s account for future fees due. Service Credits have no cash value and are Customer's sole and exclusive remedy for any failure by Ironclad to meet the Target Uptime.
- Maintenance. Ironclad will make available to Customer all generally available updates and bug fixes to the Enterprise Services. Ironclad will take commercially reasonable efforts to perform Scheduled Maintenance during off-peak hours.
- Support. Ironclad is available to receive Enterprise Services support inquiries via email (support@ironcladhq.com). Live Chat support on Clickwrap Services is available through https://app.pactsafe.com during support hours. Ironclad’s support hours are 08:00 AM to 8:00 PM Eastern Standard Time Monday through Friday (excluding standard U.S. holidays) for technical information, technical advice, and technical consultation regarding Customer’s use of the Enterprise Services.
- Help Center Access. Customer shall have 24x7 access to our online Help Center (https://support.ironcladapp.com) for any best practices, integration instructions, or product questions.
- Email & Web Form Cases. Customer shall have the ability to submit support requests 24x7 through email (support@ironcladhq.com) or the web form accessible via the Ironclad website or Help Center (https://support.ironcladapp.com).
Data Processing Addendum
Effective December 13th 2024
DownloadTable of Contents
This Data Processing Addendum (“Addendum”) may be referenced and incorporated by reference into an Enterprise Services Agreement (the “Agreement”) between Ironclad, Inc. (“Ironclad”) and a customer (“Customer” (collectively the “Parties”)).
- Subject Matter and Duration.
- Subject Matter. This Addendum reflects the Parties’ commitment to abide by Applicable Data Protection Laws concerning the Processing of Customer Personal Data in connection with Ironclad’s execution of the Agreement. All capitalized terms that are not expressly defined in this Data Processing Addendum will have the meanings given to them in the Agreement. If and to the extent language in this Addendum or any of its Exhibits conflicts with the Agreement, this Addendum shall control.
- Duration and Survival. This Addendum will become legally binding upon the Effective Date of the Agreement or upon the date upon which both Parties have signed this Addendum, if it is completed after the Effective Date of the Agreement. Ironclad will Process Customer Personal Data until the relationship terminates as specified in the Agreement. Ironclad’s obligations and Customer’s rights under this Addendum will continue in effect so long as Ironclad Processes Customer Personal Data.
- Definitions. For the purposes of this Addendum, the following terms and those defined within the body of this Addendum apply.
- “Applicable Data Protection Law(s)” means the relevant data protection and data privacy laws, rules and regulations to which the Customer Personal Data are subject. “Applicable Data Protection Law(s)” shall include, but not be limited to, EU General Data Protection Regulation 2016/679 (“GDPR”) principles and requirements, the United Kingdom Data Protection Act 2018, the California Consumer Privacy Act of 2018 (as amended by the California Privacy Rights Act) (“CCPA”), and its implementing regulations, and other United States state data protection and privacy laws and regulations similar to or modeled on the California Privacy Law, including the Virginia Consumer Data Protection Act, the Colorado Privacy Act and related regulations, the Utah Consumer Privacy Act, and the Connecticut Act Concerning Personal Data Privacy and Online Monitoring. For the avoidance of doubt, if Ironclad’s processing activities involving Customer Personal Data are not within the scope of an Applicable Data Protection Law, such law is not applicable for purposes of this Addendum.
- “Customer Personal Data” means Personal Data pertaining to Customer’s users or employees Processed by Ironclad to provide the Services. The Customer Personal Data and the specific uses of the Customer Personal Data are detailed in Exhibit 1 attached hereto, as required by the GDPR.
- “Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data.
- "Data Privacy Framework" means the EU-US Data Privacy Framework, the Swiss-US Data Privacy Framework, and the UK Extension to the EU-US Data Privacy Framework self-certification programs (as applicable) operated by the U.S. Department of Commerce, as may be amended, superseded, or replaced from time to time.
- “Personal Data” shall have the meaning assigned to the terms “personal data” or “personal information” under Applicable Data Protection Law(s).
- “Process,” “Processes,” “Processing,” “Processed” means any operation or set of operations which is performed on data or sets of data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction.
- “Processor” means a natural or legal person, public authority, agency or other body which Processes Customer Personal Data on behalf of Customer subject to this Addendum.
- “Security Incident(s)” means the breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Customer Personal Data Processed by Ironclad.
- “Services” means any and all services that Ironclad performs under the Agreement.
- “Standard Contractual Clauses” means the UK Standard Contractual Clauses, and/or the 2021 Standard Contractual Clauses.
- “Third Party(ies)” means Ironclad’s authorized contractors, agents, vendors and third party service providers that Process Customer Personal Data.
- “UK Standard Contractual Clauses” means the International Data Transfer Addendum to the EU Commission Standard Contractual Clauses, available at https://ico.org.uk/media/for-organisations/documents/4019538/international-data-transfer-agreement.pdf and completed as described below.
- “2021 Standard Contractual Clauses" means the Standard Contractual Clauses issued pursuant to the EU Commission Implementing Decision (EU) 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council, available at http://data.europa.eu/eli/dec_impl/2021/914/oj and completed as described below.
- Data Use and Processing.
- Compliance with Laws. Customer Personal Data shall be Processed in compliance with the terms of this Addendum and all Applicable Data Protection Law(s). Ironclad will provide the same level of protection for Customer Personal Data subject to the CCPA as is required of Customer under the CCPA.
- Purpose Limitation. Ironclad will not Process Customer Personal Data for any purpose other than for the specific purposes set forth in the Agreement or outside the direct business relationship between Customer and Ironclad, unless obligated to do otherwise by applicable law. In such case, Ironclad will inform Customer of that legal requirement before the Processing unless legally prohibited from doing so. Ironclad shall comply with any applicable restrictions under Applicable Data Protection Law(s) on combining Customer Personal Data with personal data that Ironclad receives from, or on behalf of, another person or persons, or that Ironclad collects from any interaction between it and any individual. Notwithstanding the foregoing, Ironclad may Process Customer Personal Data for any purposes permitted by Applicable Data Protection Law(s) for “service providers” (as defined in the CCPA) or Processors to undertake. Further details regarding Ironclad’s processing operations, including the purposes for processing Customer Personal Data, are set forth in Exhibit 1.
- Documented Instructions. Ironclad and its Third Parties shall Process Customer Personal Data only in accordance with the documented instructions of Customer. The Agreement, including this Addendum, along with any applicable statement of work, constitute Customer’s complete and final instructions to Ironclad regarding the Processing of Customer Personal Data, including for purposes of the Standard Contractual Clauses. Ironclad will, unless legally prohibited from doing so, inform Customer in writing if it reasonably believes that there is a conflict between Customer’s instructions and applicable law or otherwise seeks to Process Customer Personal Data in a manner that is inconsistent with Customer’s instructions.
- Authorization to Use Third Parties. To the extent necessary to fulfill Ironclad’s contractual obligations under the Agreement or any statement of work, Customer hereby authorizes (i) Ironclad to engage Third Parties and (ii) Third Parties to engage subprocessors.
- Ironclad and Third Party Compliance. Ironclad agrees to (i) enter into a written agreement with Third Parties regarding such Third Parties’ Processing of Customer Personal Data that imposes on such Third Parties (and their subprocessors) data protection and security requirements for Customer Personal Data that are at least as restrictive as the obligations in this Addendum; and (ii) remain responsible to Customer for Ironclad’s Third Parties’ (and their subprocessors if applicable) failure to perform their obligations with respect to the Processing of Customer Personal Data.
- Right to Object to Third Parties. Ironclad’s list of Third Parties that Process Customer Personal Data is available at https://ironcladapp.com/subprocessors/. Prior to engaging any new Third Parties that Process Customer Personal Data, Ironclad will notify Customer via email and allow Customer thirty (30) days to object. If Customer has legitimate objections to the appointment of any new Third Party, the parties will work together in good faith to resolve the grounds for the objection for no less than thirty (30) days, and failing any such resolution, Customer may terminate the part of the service performed under the Agreement that cannot be performed by Ironclad without use of the objectionable Third Party.
- Confidentiality. Any person or Third Party authorized to Process Customer Personal Data must agree to maintain the confidentiality of such information or be under an appropriate statutory or contractual obligation of confidentiality.
- Personal Data Inquiries and Requests. Upon written request from Customer, Ironclad agrees to provide reasonable assistance and comply with all reasonable instructions from Customer related to any requests from individuals exercising their rights in Customer Personal Data granted to them under Applicable Data Protection Laws (e.g., access, rectification, erasure, data portability, etc.). If a request is sent directly to Ironclad, Ironclad shall promptly notify Customer and shall not respond to the request unless Customer has authorized Ironclad to do so. Where necessary, Customer shall inform Ironclad of any other individual rights requests that Ironclad must comply with, and provide the information necessary for Ironclad to comply with the request.
- Government Access Requests. Unless prohibited by applicable law or a legally-binding request of law enforcement, Ironclad shall promptly notify Customer of any request by government agency or law enforcement authority for access to or seizure of Customer Personal Data, and shall render reasonable assistance to Customer, if Customer wishes to contest the access or seizure.
- Data Protection Impact Assessment and Prior Consultation. Upon written request from Customer, Ironclad agrees to provide reasonable assistance at Customer’s expense to Customer where, in Customer’s judgment, the type of Processing performed by Ironclad is likely to result in a high risk to the rights and freedoms of natural persons (e.g., systematic and extensive profiling, Processing sensitive Personal Data on a large scale and systematic monitoring on a large scale, or where the Processing uses new technologies) and thus requires a data protection impact assessment and/or prior consultation with the relevant data protection authorities.
- Sale or “Sharing” of Customer Personal Data Prohibited. Ironclad shall not sell or share Customer Personal Data as the terms "sell" and “share” are defined by the CCPA.
- CCPA Certification. Ironclad hereby certifies that it understands its restrictions and obligations set forth in this Addendum and will comply with them. Ironclad will notify Customer if Ironclad makes a determination that it can no longer meet its obligations under Applicable Data Protection Laws. Customer shall have the right, upon seven (7) business days’ notice, to take reasonable and appropriate steps to stop and remediate any unauthorized use of Customer Personal Data by Ironclad.
- Cross-Border Transfers of Personal Data.
- Cross-Border Transfers of Personal Data. Customer authorizes Ironclad and its Third Parties to transfer Customer Personal Data across international borders, including from the European Economic Area (the “EEA”), the United Kingdom, and Switzerland to the United States. Ironclad and Customer agree to use the Standard Contractual Clauses as the adequacy mechanism supporting the transfer and Processing of Customer Personal Data, as further detailed below.
- 2021 Standard Contractual Clauses. For transfers of Customer Personal Data out of the EEA that are subject to Section 4(a) of this DPA, the 2021 Standard Contractual Clauses will apply and are incorporated into this Addendum. For purposes of this Addendum, the 2021 Standard Contractual Clauses will apply as set forth in this Section 4(b). “Module Two: Transfer controller to processor” will apply and all other module options will not apply. Under Annex 1 of the 2021 Standard Contractual Clauses, the “data exporter” is Customer and the “data importer” is Ironclad and the information required by Annex 1 can be found in Exhibit 1. For the purposes of Annex 2 of the Standard Contractual Clauses, the technical and organizational measures implemented by the data importer are those listed in Section 5 of this Addendum. Clause 7 will not apply. For clause 9, the Parties choose Option 2 and the Parties agree that the time period for prior notice of Third Party changes will be as set forth in 3(f) of this Addendum. For clause 11, the optional language will not apply. For clause 17, the Parties choose Option 1 and the Parties agree that the governing law will be the Republic of Ireland. For clause 18, the Parties agree that the courts of the Republic of Ireland will apply for subsection (b).
- UK Standard Contractual Clauses. For transfers of Customer Personal Data out of the United Kingdom that are subject to Section 4(a) of this Addendum, the UK Standard Contractual Clauses will apply and are incorporated into this Addendum. For purposes of this Addendum, the UK Standard Contractual Clauses will apply as set forth in this Section 4(c). For Table 1 of the UK Standard Contractual Clauses, (i) the Parties’ details shall be the Parties and their affiliates to the extent any of them is involved in such transfer, including those set forth in Annex 1 of the 2021 Standard Contractual Clauses and (ii) the Key Contacts shall be the contacts set forth in Annex 1 of the 2021 Standard Contractual Clauses. The Approved EU SCCs referenced in Table 2 shall be the 2021 Standard Contractual Clauses as executed by the Parties pursuant to this Addendum. For Table 3, Annex 1A, 1B, and II shall be set forth in Annex 1 of the 2021 Standard Contractual Clauses. For Table 4, either party may end the UK Standard Contractual Clauses as set out in Section 19 of the UK Standard Contractual Clauses.
- Switzerland Transfers. For transfers of Customer Personal Data out of Switzerland that are subject to Section 4(a) of this DPA, the 2021 Standard Contractual Clauses will apply and will be deemed to have the differences set forth in this Section 4(d), to the extent required by the Swiss Federal Act on Data Protection (“FADP”). References to the GDPR in the 2021 Standard Contractual Clauses are to be understood as references to the FADP insofar as the data transfers are subject exclusively to the FADP and not to the GDPR. The term “member state” in the 2021 Standard Contractual Clauses shall not be interpreted in such a way as to exclude data subjects in Switzerland from the possibility of suing for their rights in their place of habitual residence (Switzerland) in accordance with Clause 18(c) of the 2021 Standard Contractual Clauses. References to personal data in the 2021 Standard Contractual Clauses also refer to data about identifiable legal entities until the entry into force of revisions to the FADP that eliminate this broader scope.Under Annex I(C) of the 2021 Standard Contractual Clauses (Competent supervisory authority): where the transfer is subject exclusively to the FADP and not the GDPR, the supervisory authority is the Swiss Federal Data Protection and Information Commissioner, and where the transfer is subject to both the FADP and the GDPR, the supervisory authority is the Swiss Federal Data Protection and Information Commissioner insofar as the transfer is governed by the FADP, and the supervisory authority is as set forth in the 2021 Standard Contractual Clauses insofar as the transfer is governed by the GDPR.
- Each party’s signature to this Addendum shall be considered a signature to the Standard Contractual Clauses. If required by the laws or regulatory procedures of any jurisdiction, the Parties shall execute or re-execute the Standard Contractual Clauses as separate documents. In case of conflict between the Standard Contractual Clauses and this Addendum, the Standard Contractual Clauses will prevail.
- Data Privacy Framework. Ironclad participates in and certifies compliance with the Data Privacy Framework. As required by the Data Privacy Framework, Ironclad (i) provides at least the same level of privacy protection as is required by the Data Privacy Framework Principles; (ii) will notify Customer if Ironclad makes a determination it can no longer meet its obligation to provide the same level of protection as is required by the Data Privacy Framework Principles; and (iii) will, upon written notice, take reasonable and appropriate steps to remediate any unauthorized processing of Customer Personal Data.
- Information Security Program.
- Ironclad agrees to implement appropriate technical and organizational measures designed to protect Customer Personal Data as required by Applicable Data Protection Law(s) (the “Information Security Program”). Such measures shall be designed to include:
- Pseudonymisation of Customer Personal Data where appropriate, and encryption of Customer Personal Data in transit and at rest;
- The ability to ensure the ongoing confidentiality, integrity, availability of Ironclad’s Processing and Customer Personal Data;
- The ability to restore the availability and access to Customer Personal Data in the event of a physical or technical incident;
- A process for regularly testing, assessing and evaluating the effectiveness of Ironclad’s Information Security Program to ensure the security of Customer Personal Data from reasonably suspected or actual accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access.
- Ironclad agrees to implement appropriate technical and organizational measures designed to protect Customer Personal Data as required by Applicable Data Protection Law(s) (the “Information Security Program”). Such measures shall be designed to include:
- Security Incidents.
- Security Incident Procedure. Ironclad will deploy and follow policies and procedures to detect, respond to, and otherwise address Security Incidents including procedures to (i) identify and respond to reasonably suspected or known Security Incidents, mitigate harmful effects of Security Incidents, document Security Incidents and their outcomes, and (ii) restore the availability or access to Customer Personal Data in a timely manner.
- Notice. Ironclad agrees to provide prompt written notice without undue delay and within the time frame required under Applicable Data Protection Law(s) (but in no event longer than forty-eight (48) hours) to Customer’s Designated POC upon becoming aware that a Security Incident has taken place. Such notice will include all available details required under Applicable Data Protection Law(s) for Customer to comply with its own notification obligations to regulatory authorities or individuals affected by the Security Incident.
- Audits.
- Right to Audit; Permitted Audits. Ironclad shall make available to Customer and its regulators all information necessary to demonstrate compliance with Applicable Data Protection Laws and this Addendum. Customer and its regulators shall have the right to inspect Ironclad’s architecture, systems, and documentation which are relevant to the security and integrity of Customer Personal Data, or as otherwise required by a governmental regulator:
- Following any notice from Ironclad to Customer of an actual or reasonably suspected Security Incident involving Customer Personal Data;
- Upon Customer’s reasonable belief that Ironclad is not in compliance with Applicable Data Protection Laws, this Addendum or its security policies and procedures under the Agreement;
- As required by governmental regulators;
- For any reason, or no reason at all, once annually.
- Audit Terms. Any audits described in this Section shall be:
- Conducted by Customer or its regulator, or through a third party independent contractor selected by one of these parties, and to whom Ironclad does not reasonably object.
- Conducted during reasonable times.
- Conducted upon reasonable advance notice to Ironclad.
- Of reasonable duration and scope and shall not unreasonably interfere with Ironclad’s day-to-day operations.
- Conducted in such a manner that does not violate any agreement between Ironclad and its service providers, including cloud providers, or violate or cause Ironclad to violate its reasonable policies related to security and confidentiality.
- Third Parties. In the event that Customer conducts an audit through a third party independent auditor or a third party accompanies Customer or participates in such audit, such third party shall be required to enter into a non-disclosure agreement containing confidentiality provisions substantially similar to those set forth in the Agreement to protect Ironclad’s and Ironclad’s customers’ confidential and proprietary information. For the avoidance of doubt, regulators shall not be required to enter into a non-disclosure agreement.
- Audit Results. Upon Ironclad’s request, after conducting an audit, Customer shall notify Ironclad of the manner in which Ironclad does not comply with any of the applicable security, confidentiality or privacy obligations or Applicable Data Protection Laws herein. Upon such notice, Ironclad shall make any necessary changes to ensure compliance with such obligations at its own expense and without unreasonable delay and shall notify Customer when such changes are complete. Notwithstanding anything to the contrary in the Agreement, Customer may conduct a follow-up audit within six (6) months of Ironclad’s notice of completion of any necessary changes. To the extent that a Customer audit identifies any material security vulnerabilities, Ironclad shall promptly remediate those vulnerabilities.
- Right to Audit; Permitted Audits. Ironclad shall make available to Customer and its regulators all information necessary to demonstrate compliance with Applicable Data Protection Laws and this Addendum. Customer and its regulators shall have the right to inspect Ironclad’s architecture, systems, and documentation which are relevant to the security and integrity of Customer Personal Data, or as otherwise required by a governmental regulator:
- Data Storage and Deletion.
- Data Storage. Ironclad will not store or retain any Customer Personal Data except as necessary to perform the Services under the Agreement.
- Data Deletion. Ironclad will abide by the following with respect to deletion of Customer Personal Data:
- Within ninety (90) calendar days of the Agreement’s expiration or termination, Ironclad will securely destroy (per subsection (iii) below) all copies of Customer Personal Data (including automatically created archival copies).
- Upon Customer’s request, Ironclad will promptly return to Customer a copy of all Customer Personal Data within thirty (30) calendar days and, if Customer also requests deletion of the Customer Personal Data, will carry that out as set forth above.
- All deletion of Customer Personal Data will be conducted in accordance with standard industry practices for deletion of sensitive data.
- Tapes, printed output, optical disks, and other physical media will be physically destroyed by a secure method, such as shredding performed by a bonded provider.
- Upon Customer’s request, Ironclad will provide evidence that Ironclad has deleted all Customer Personal Data. Ironclad will provide the “Certificate of Deletion” within thirty (30) calendar days of Customer’s request.
- Contact Information.
- Ironclad and the Customer agree to designate a point of contact for urgent privacy and security issues (a “Designated POC”). The Designated POC for both parties are:
- Ironclad Designated POC: John Fiedler, support@ironcladhq.com
- Customer Designated POC: The individual and/or email specified in the Notices section of the Agreement.
- Ironclad and the Customer agree to designate a point of contact for urgent privacy and security issues (a “Designated POC”). The Designated POC for both parties are:
Exhibit 1
| Category | Description |
|---|---|
1.1 Subject Matter of Processing | The subject matter of Processing is the Services pursuant to the Agreement, specifically the provision and use of Ironclad’s contract management SaaS application. |
1.2 Duration of Processing | The Processing will continue until the expiration or termination of the Agreement. |
1.3 Categories of Data Subjects | Includes the following:
|
1.4 Nature and Purpose of Processing | Includes the following: Nature: Processing of the data uploaded by Customer to Ironclad's contract management SaaS application. The purpose of Processing of Customer Personal Data by Ironclad is the performance of the Services pursuant to the Agreement. |
1.5 Types of Personal Information | Includes the following:
|
Effective November 19th 2024 to December 13th 2024
DownloadTable of Contents
This Data Processing Addendum (“Addendum”) may be referenced and incorporated by reference into an Enterprise Services Agreement (the “Agreement”) between Ironclad, Inc. (“Ironclad”) and a customer (“Customer” (collectively the “Parties”)).
- Subject Matter and Duration.
- Subject Matter. This Addendum reflects the Parties’ commitment to abide by Applicable Data Protection Laws concerning the Processing of Customer Personal Data in connection with Ironclad’s execution of the Agreement. All capitalized terms that are not expressly defined in this Data Processing Addendum will have the meanings given to them in the Agreement. If and to the extent language in this Addendum or any of its Exhibits conflicts with the Agreement, this Addendum shall control.
- Duration and Survival. This Addendum will become legally binding upon the Effective Date of the Agreement or upon the date upon which both Parties have signed this Addendum, if it is completed after the Effective Date of the Agreement. Ironclad will Process Customer Personal Data until the relationship terminates as specified in the Agreement. Ironclad’s obligations and Customer’s rights under this Addendum will continue in effect so long as Ironclad Processes Customer Personal Data.
- Definitions. For the purposes of this Addendum, the following terms and those defined within the body of this Addendum apply.
- “Applicable Data Protection Law(s)” means the relevant data protection and data privacy laws, rules and regulations to which the Customer Personal Data are subject. “Applicable Data Protection Law(s)” shall include, but not be limited to, EU General Data Protection Regulation 2016/679 (“GDPR”) principles and requirements, the United Kingdom Data Protection Act 2018, the California Consumer Privacy Act of 2018 (as amended by the California Privacy Rights Act) (“CCPA”), and its implementing regulations, and other United States state data protection and privacy laws and regulations similar to or modeled on the California Privacy Law, including, when effective, the Virginia Consumer Data Protection Act, the Colorado Privacy Act and related regulations, the Utah Consumer Privacy Act, and the Connecticut Act Concerning Personal Data Privacy and Online Monitoring. For the avoidance of doubt, if Ironclad’s processing activities involving Customer Personal Data are not within the scope of an Applicable Data Protection Law, such law is not applicable for purposes of this Addendum.
- “Customer Personal Data” means Personal Data pertaining to Customer’s users or employees Processed by Ironclad to provide the Services. The Customer Personal Data and the specific uses of the Customer Personal Data are detailed in Exhibit 1 attached hereto, as required by the GDPR.
- “Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data.
- "Data Privacy Framework" means the EU-US Data Privacy Framework, the Swiss-US Data Privacy Framework, and the UK Extension to the EU-US Data Privacy Framework self-certification programs (as applicable) operated by the U.S. Department of Commerce, as may be amended, superseded, or replaced from time to time.
- “Personal Data” shall have the meaning assigned to the terms “personal data” or “personal information” under Applicable Data Protection Law(s).
- “Process,” “Processes,” “Processing,” “Processed” means any operation or set of operations which is performed on data or sets of data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction.
- “Processor” means a natural or legal person, public authority, agency or other body which Processes Customer Personal Data on behalf of Customer subject to this Addendum.
- “Security Incident(s)” means the breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Customer Personal Data Processed by Ironclad.
- “Services” means any and all services that Ironclad performs under the Agreement.
- “Standard Contractual Clauses” means the UK Standard Contractual Clauses, and/or the 2021 Standard Contractual Clauses.
- “Third Party(ies)” means Ironclad’s authorized contractors, agents, vendors and third party service providers that Process Customer Personal Data.
- “UK Standard Contractual Clauses” means the International Data Transfer Addendum to the EU Commission Standard Contractual Clauses, available at https://ico.org.uk/media/for-organisations/documents/4019538/international-data-transfer-agreement.pdf and completed as described below.
- “2021 Standard Contractual Clauses" means the Standard Contractual Clauses issued pursuant to the EU Commission Implementing Decision (EU) 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council, available at http://data.europa.eu/eli/dec_impl/2021/914/oj and completed as described below.
- Data Use and Processing.
- Compliance with Laws. Customer Personal Data shall be Processed in compliance with the terms of this Addendum and all Applicable Data Protection Law(s). Ironclad will provide the same level of protection for Customer Personal Data subject to the CCPA as is required of Customer under the CCPA.
- Purpose Limitation. Ironclad will not Process Customer Personal Data for any purpose other than for the specific purposes set forth in the Agreement or outside the direct business relationship between Customer and Ironclad, unless obligated to do otherwise by applicable law. In such case, Ironclad will inform Customer of that legal requirement before the Processing unless legally prohibited from doing so. Ironclad shall comply with any applicable restrictions under Applicable Data Protection Law(s) on combining Customer Personal Data with personal data that Ironclad receives from, or on behalf of, another person or persons, or that Ironclad collects from any interaction between it and any individual. Notwithstanding the foregoing, Ironclad may Process Customer Personal Data for any purposes permitted by Applicable Data Protection Law(s) for “service providers” (as defined in the CCPA) or Processors to undertake. Further details regarding Ironclad’s processing operations, including the purposes for processing Customer Personal Data, are set forth in Exhibit 1.
- Documented Instructions. Ironclad and its Third Parties shall Process Customer Personal Data only in accordance with the documented instructions of Customer. The Agreement, including this Addendum, along with any applicable statement of work, constitute Customer’s complete and final instructions to Ironclad regarding the Processing of Customer Personal Data, including for purposes of the Standard Contractual Clauses. Ironclad will, unless legally prohibited from doing so, inform Customer in writing if it reasonably believes that there is a conflict between Customer’s instructions and applicable law or otherwise seeks to Process Customer Personal Data in a manner that is inconsistent with Customer’s instructions.
- Authorization to Use Third Parties. To the extent necessary to fulfill Ironclad’s contractual obligations under the Agreement or any statement of work, Customer hereby authorizes (i) Ironclad to engage Third Parties and (ii) Third Parties to engage subprocessors.
- Ironclad and Third Party Compliance. Ironclad agrees to (i) enter into a written agreement with Third Parties regarding such Third Parties’ Processing of Customer Personal Data that imposes on such Third Parties (and their subprocessors) data protection and security requirements for Customer Personal Data that are at least as restrictive as the obligations in this Addendum; and (ii) remain responsible to Customer for Ironclad’s Third Parties’ (and their subprocessors if applicable) failure to perform their obligations with respect to the Processing of Customer Personal Data.
- Right to Object to Third Parties. Ironclad’s list of Third Parties that Process Customer Personal Data is available at https://ironcladapp.com/subprocessors/. Prior to engaging any new Third Parties that Process Customer Personal Data, Ironclad will notify Customer via email and allow Customer thirty (30) days to object. If Customer has legitimate objections to the appointment of any new Third Party, the parties will work together in good faith to resolve the grounds for the objection for no less than thirty (30) days, and failing any such resolution, Customer may terminate the part of the service performed under the Agreement that cannot be performed by Ironclad without use of the objectionable Third Party.
- Confidentiality. Any person or Third Party authorized to Process Customer Personal Data must agree to maintain the confidentiality of such information or be under an appropriate statutory or contractual obligation of confidentiality.
- Personal Data Inquiries and Requests. Upon written request from Customer, Ironclad agrees to provide reasonable assistance and comply with all reasonable instructions from Customer related to any requests from individuals exercising their rights in Customer Personal Data granted to them under Applicable Data Protection Laws (e.g., access, rectification, erasure, data portability, etc.). If a request is sent directly to Ironclad, Ironclad shall promptly notify Customer and shall not respond to the request unless Customer has authorized Ironclad to do so. Where necessary, Customer shall inform Ironclad of any other individual rights requests that Ironclad must comply with, and provide the information necessary for Ironclad to comply with the request.
- Government Access Requests. Unless prohibited by applicable law or a legally-binding request of law enforcement, Ironclad shall promptly notify Customer of any request by government agency or law enforcement authority for access to or seizure of Customer Personal Data, and shall render reasonable assistance to Customer, if Customer wishes to contest the access or seizure.
- Data Protection Impact Assessment and Prior Consultation. Upon written request from Customer, Ironclad agrees to provide reasonable assistance at Customer’s expense to Customer where, in Customer’s judgment, the type of Processing performed by Ironclad is likely to result in a high risk to the rights and freedoms of natural persons (e.g., systematic and extensive profiling, Processing sensitive Personal Data on a large scale and systematic monitoring on a large scale, or where the Processing uses new technologies) and thus requires a data protection impact assessment and/or prior consultation with the relevant data protection authorities.
- Sale or “Sharing” of Customer Personal Data Prohibited. Ironclad shall not sell or share Customer Personal Data as the terms "sell" and “share” are defined by the CCPA.
- CCPA Certification. Ironclad hereby certifies that it understands its restrictions and obligations set forth in this Addendum and will comply with them. Ironclad will notify Customer if Ironclad makes a determination that it can no longer meet its obligations under Applicable Data Protection Laws. Customer shall have the right, upon seven (7) business days’ notice, to take reasonable and appropriate steps to stop and remediate any unauthorized use of Customer Personal Data by Ironclad.
- Cross-Border Transfers of Personal Data.
- Cross-Border Transfers of Personal Data. Customer authorizes Ironclad and its Third Parties to transfer Customer Personal Data across international borders, including from the European Economic Area (the “EEA”), the United Kingdom, and Switzerland to the United States. Ironclad and Customer agree to use the Standard Contractual Clauses as the adequacy mechanism supporting the transfer and Processing of Customer Personal Data, as further detailed below.
- 2021 Standard Contractual Clauses. For transfers of Customer Personal Data out of the EEA that are subject to Section 4(a) of this DPA, the 2021 Standard Contractual Clauses will apply and are incorporated into this Addendum. For purposes of this Addendum, the 2021 Standard Contractual Clauses will apply as set forth in this Section 4(b). “Module Two: Transfer controller to processor” will apply and all other module options will not apply. Under Annex 1 of the 2021 Standard Contractual Clauses, the “data exporter” is Customer and the “data importer” is Ironclad and the information required by Annex 1 can be found in Exhibit 1. For the purposes of Annex 2 of the Standard Contractual Clauses, the technical and organizational measures implemented by the data importer are those listed in Section 5 of this Addendum. Clause 7 will not apply. For clause 9, the Parties choose Option 2 and the Parties agree that the time period for prior notice of Third Party changes will be as set forth in 3(f) of this Addendum. For clause 11, the optional language will not apply. For clause 17, the Parties choose Option 1 and the Parties agree that the governing law will be the Republic of Ireland. For clause 18, the Parties agree that the courts of the Republic of Ireland will apply for subsection (b).
- UK Standard Contractual Clauses. For transfers of Customer Personal Data out of the United Kingdom that are subject to Section 4(a) of this Addendum, the UK Standard Contractual Clauses will apply and are incorporated into this Addendum. For purposes of this Addendum, the UK Standard Contractual Clauses will apply as set forth in this Section 4(c). For Table 1 of the UK Standard Contractual Clauses, (i) the Parties’ details shall be the Parties and their affiliates to the extent any of them is involved in such transfer, including those set forth in Annex 1 of the 2021 Standard Contractual Clauses and (ii) the Key Contacts shall be the contacts set forth in Annex 1 of the 2021 Standard Contractual Clauses. The Approved EU SCCs referenced in Table 2 shall be the 2021 Standard Contractual Clauses as executed by the Parties pursuant to this Addendum. For Table 3, Annex 1A, 1B, and II shall be set forth in Annex 1 of the 2021 Standard Contractual Clauses. For Table 4, either party may end the UK Standard Contractual Clauses as set out in Section 19 of the UK Standard Contractual Clauses.
- Switzerland Transfers. For transfers of Customer Personal Data out of Switzerland that are subject to Section 4(a) of this DPA, the 2021 Standard Contractual Clauses will apply and will be deemed to have the differences set forth in this Section 4(d), to the extent required by the Swiss Federal Act on Data Protection (“FADP”). References to the GDPR in the 2021 Standard Contractual Clauses are to be understood as references to the FADP insofar as the data transfers are subject exclusively to the FADP and not to the GDPR. The term “member state” in the 2021 Standard Contractual Clauses shall not be interpreted in such a way as to exclude data subjects in Switzerland from the possibility of suing for their rights in their place of habitual residence (Switzerland) in accordance with Clause 18(c) of the 2021 Standard Contractual Clauses. References to personal data in the 2021 Standard Contractual Clauses also refer to data about identifiable legal entities until the entry into force of revisions to the FADP that eliminate this broader scope.Under Annex I(C) of the 2021 Standard Contractual Clauses (Competent supervisory authority): where the transfer is subject exclusively to the FADP and not the GDPR, the supervisory authority is the Swiss Federal Data Protection and Information Commissioner, and where the transfer is subject to both the FADP and the GDPR, the supervisory authority is the Swiss Federal Data Protection and Information Commissioner insofar as the transfer is governed by the FADP, and the supervisory authority is as set forth in the 2021 Standard Contractual Clauses insofar as the transfer is governed by the GDPR.
- Each party’s signature to this Addendum shall be considered a signature to the Standard Contractual Clauses. If required by the laws or regulatory procedures of any jurisdiction, the Parties shall execute or re-execute the Standard Contractual Clauses as separate documents. In case of conflict between the Standard Contractual Clauses and this Addendum, the Standard Contractual Clauses will prevail.
- Data Privacy Framework. Ironclad participates in and certifies compliance with the Data Privacy Framework. As required by the Data Privacy Framework, Ironclad (i) provides at least the same level of privacy protection as is required by the Data Privacy Framework Principles; (ii) will notify Customer if Ironclad makes a determination it can no longer meet its obligation to provide the same level of protection as is required by the Data Privacy Framework Principles; and (iii) will, upon written notice, take reasonable and appropriate steps to remediate any unauthorized processing of Customer Personal Data.
- Information Security Program.
- Ironclad agrees to implement appropriate technical and organizational measures designed to protect Customer Personal Data as required by Applicable Data Protection Law(s) (the “Information Security Program”). Such measures shall be designed to include:
- Pseudonymisation of Customer Personal Data where appropriate, and encryption of Customer Personal Data in transit and at rest;
- The ability to ensure the ongoing confidentiality, integrity, availability of Ironclad’s Processing and Customer Personal Data;
- The ability to restore the availability and access to Customer Personal Data in the event of a physical or technical incident;
- A process for regularly testing, assessing and evaluating the effectiveness of Ironclad’s Information Security Program to ensure the security of Customer Personal Data from reasonably suspected or actual accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access.
- Ironclad agrees to implement appropriate technical and organizational measures designed to protect Customer Personal Data as required by Applicable Data Protection Law(s) (the “Information Security Program”). Such measures shall be designed to include:
- Security Incidents.
- Security Incident Procedure. Ironclad will deploy and follow policies and procedures to detect, respond to, and otherwise address Security Incidents including procedures to (i) identify and respond to reasonably suspected or known Security Incidents, mitigate harmful effects of Security Incidents, document Security Incidents and their outcomes, and (ii) restore the availability or access to Customer Personal Data in a timely manner.
- Notice. Ironclad agrees to provide prompt written notice without undue delay and within the time frame required under Applicable Data Protection Law(s) (but in no event longer than forty-eight (48) hours) to Customer’s Designated POC upon becoming aware that a Security Incident has taken place. Such notice will include all available details required under Applicable Data Protection Law(s) for Customer to comply with its own notification obligations to regulatory authorities or individuals affected by the Security Incident.
- Audits.
- Right to Audit; Permitted Audits. Ironclad shall make available to Customer and its regulators all information necessary to demonstrate compliance with Applicable Data Protection Laws and this Addendum. Customer and its regulators shall have the right to inspect Ironclad’s architecture, systems, and documentation which are relevant to the security and integrity of Customer Personal Data, or as otherwise required by a governmental regulator:
- Following any notice from Ironclad to Customer of an actual or reasonably suspected Security Incident involving Customer Personal Data;
- Upon Customer’s reasonable belief that Ironclad is not in compliance with Applicable Data Protection Laws, this Addendum or its security policies and procedures under the Agreement;
- As required by governmental regulators;
- For any reason, or no reason at all, once annually.
- Audit Terms. Any audits described in this Section shall be:
- Conducted by Customer or its regulator, or through a third party independent contractor selected by one of these parties, and to whom Ironclad does not reasonably object.
- Conducted during reasonable times.
- Conducted upon reasonable advance notice to Ironclad.
- Of reasonable duration and scope and shall not unreasonably interfere with Ironclad’s day-to-day operations.
- Conducted in such a manner that does not violate any agreement between Ironclad and its service providers, including cloud providers, or violate or cause Ironclad to violate its reasonable policies related to security and confidentiality.
- Third Parties. In the event that Customer conducts an audit through a third party independent auditor or a third party accompanies Customer or participates in such audit, such third party shall be required to enter into a non-disclosure agreement containing confidentiality provisions substantially similar to those set forth in the Agreement to protect Ironclad’s and Ironclad’s customers’ confidential and proprietary information. For the avoidance of doubt, regulators shall not be required to enter into a non-disclosure agreement.
- Audit Results. Upon Ironclad’s request, after conducting an audit, Customer shall notify Ironclad of the manner in which Ironclad does not comply with any of the applicable security, confidentiality or privacy obligations or Applicable Data Protection Laws herein. Upon such notice, Ironclad shall make any necessary changes to ensure compliance with such obligations at its own expense and without unreasonable delay and shall notify Customer when such changes are complete. Notwithstanding anything to the contrary in the Agreement, Customer may conduct a follow-up audit within six (6) months of Ironclad’s notice of completion of any necessary changes. To the extent that a Customer audit identifies any material security vulnerabilities, Ironclad shall promptly remediate those vulnerabilities.
- Right to Audit; Permitted Audits. Ironclad shall make available to Customer and its regulators all information necessary to demonstrate compliance with Applicable Data Protection Laws and this Addendum. Customer and its regulators shall have the right to inspect Ironclad’s architecture, systems, and documentation which are relevant to the security and integrity of Customer Personal Data, or as otherwise required by a governmental regulator:
- Data Storage and Deletion.
- Data Storage. Ironclad will not store or retain any Customer Personal Data except as necessary to perform the Services under the Agreement.
- Data Deletion. Ironclad will abide by the following with respect to deletion of Customer Personal Data:
- Within ninety (90) calendar days of the Agreement’s expiration or termination, Ironclad will securely destroy (per subsection (iii) below) all copies of Customer Personal Data (including automatically created archival copies).
- Upon Customer’s request, Ironclad will promptly return to Customer a copy of all Customer Personal Data within thirty (30) calendar days and, if Customer also requests deletion of the Customer Personal Data, will carry that out as set forth above.
- All deletion of Customer Personal Data will be conducted in accordance with standard industry practices for deletion of sensitive data.
- Tapes, printed output, optical disks, and other physical media will be physically destroyed by a secure method, such as shredding performed by a bonded provider.
- Upon Customer’s request, Ironclad will provide evidence that Ironclad has deleted all Customer Personal Data. Ironclad will provide the “Certificate of Deletion” within thirty (30) calendar days of Customer’s request.
- Contact Information.
- Ironclad and the Customer agree to designate a point of contact for urgent privacy and security issues (a “Designated POC”). The Designated POC for both parties are:
- Ironclad Designated POC: John Fiedler, support@ironcladhq.com
- Customer Designated POC: The individual and/or email specified in the Notices section of the Agreement.
- Ironclad and the Customer agree to designate a point of contact for urgent privacy and security issues (a “Designated POC”). The Designated POC for both parties are:
Exhibit 1
| Category | Description |
|---|---|
1.1 Subject Matter of Processing | The subject matter of Processing is the Services pursuant to the Agreement, specifically the provision and use of Ironclad’s contract management SaaS application. |
1.2 Duration of Processing | The Processing will continue until the expiration or termination of the Agreement. |
1.3 Categories of Data Subjects | Includes the following:
|
1.4 Nature and Purpose of Processing | Includes the following: Nature: Processing of the data uploaded by Customer to Ironclad's contract management SaaS application. The purpose of Processing of Customer Personal Data by Ironclad is the performance of the Services pursuant to the Agreement. |
1.5 Types of Personal Information | Includes the following:
|
Effective November 19th 2024 to November 19th 2024
DownloadTable of Contents
This Data Processing Addendum (“Addendum”) may be referenced and incorporated by reference into an Enterprise Services Agreement (the “Agreement”) between Ironclad, Inc. (“Ironclad”) and a customer (“Customer” (collectively the “Parties”)).
- Subject Matter and Duration.
- Subject Matter. This Addendum reflects the Parties’ commitment to abide by Applicable Data Protection Laws concerning the Processing of Customer Personal Data in connection with Ironclad’s execution of the Agreement. All capitalized terms that are not expressly defined in this Data Processing Addendum will have the meanings given to them in the Agreement. If and to the extent language in this Addendum or any of its Exhibits conflicts with the Agreement, this Addendum shall control.
- Duration and Survival. This Addendum will become legally binding upon the Effective Date of the Agreement or upon the date upon which both Parties have signed this Addendum, if it is completed after the Effective Date of the Agreement. Ironclad will Process Customer Personal Data until the relationship terminates as specified in the Agreement. Ironclad’s obligations and Customer’s rights under this Addendum will continue in effect so long as Ironclad Processes Customer Personal Data.
- Definitions. For the purposes of this Addendum, the following terms and those defined within the body of this Addendum apply.
- “Applicable Data Protection Law(s)” means the relevant data protection and data privacy laws, rules and regulations to which the Customer Personal Data are subject. “Applicable Data Protection Law(s)” shall include, but not be limited to, EU General Data Protection Regulation 2016/679 (“GDPR”) principles and requirements, the United Kingdom Data Protection Act 2018, the California Consumer Privacy Act of 2018 (as amended by the California Privacy Rights Act) (“CCPA”), and its implementing regulations, and other United States state data protection and privacy laws and regulations similar to or modeled on the California Privacy Law, including, when effective, the Virginia Consumer Data Protection Act, the Colorado Privacy Act and related regulations, the Utah Consumer Privacy Act, and the Connecticut Act Concerning Personal Data Privacy and Online Monitoring. For the avoidance of doubt, if Ironclad’s processing activities involving Customer Personal Data are not within the scope of an Applicable Data Protection Law, such law is not applicable for purposes of this Addendum.
- “Customer Personal Data” means Personal Data pertaining to Customer’s users or employees Processed by Ironclad to provide the Services. The Customer Personal Data and the specific uses of the Customer Personal Data are detailed in Exhibit 1 attached hereto, as required by the GDPR.
- “Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data.
- "Data Privacy Framework" means the EU-US Data Privacy Framework, the Swiss-US Data Privacy Framework, and the UK Extension to the EU-US Data Privacy Framework self-certification programs (as applicable) operated by the U.S. Department of Commerce, as may be amended, superseded, or replaced from time to time.
- “Personal Data” shall have the meaning assigned to the terms “personal data” or “personal information” under Applicable Data Protection Law(s).
- “Process,” “Processes,” “Processing,” “Processed” means any operation or set of operations which is performed on data or sets of data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction.
- “Processor” means a natural or legal person, public authority, agency or other body which Processes Customer Personal Data on behalf of Customer subject to this Addendum.
- “Security Incident(s)” means the breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Customer Personal Data Processed by Ironclad.
- “Services” means any and all services that Ironclad performs under the Agreement.
- “Standard Contractual Clauses” means the UK Standard Contractual Clauses, and/or the 2021 Standard Contractual Clauses.
- “Third Party(ies)” means Ironclad’s authorized contractors, agents, vendors and third party service providers that Process Customer Personal Data.
- “UK Standard Contractual Clauses” means the International Data Transfer Addendum to the EU Commission Standard Contractual Clauses, available at https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/international-data-transfer-agreement-and-guidance/ and completed as described below.
- “2021 Standard Contractual Clauses" means the Standard Contractual Clauses issued pursuant to the EU Commission Implementing Decision (EU) 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council, available at http://data.europa.eu/eli/dec_impl/2021/914/oj and completed as described below.
- Data Use and Processing.
- Compliance with Laws. Customer Personal Data shall be Processed in compliance with the terms of this Addendum and all Applicable Data Protection Law(s). Ironclad will provide the same level of protection for Customer Personal Data subject to the CCPA as is required of Customer under the CCPA.
- Purpose Limitation. Ironclad will not Process Customer Personal Data for any purpose other than for the specific purposes set forth in the Agreement or outside the direct business relationship between Customer and Ironclad, unless obligated to do otherwise by applicable law. In such case, Ironclad will inform Customer of that legal requirement before the Processing unless legally prohibited from doing so. Ironclad shall comply with any applicable restrictions under Applicable Data Protection Law(s) on combining Customer Personal Data with personal data that Ironclad receives from, or on behalf of, another person or persons, or that Ironclad collects from any interaction between it and any individual. Notwithstanding the foregoing, Ironclad may Process Customer Personal Data for any purposes permitted by Applicable Data Protection Law(s) for “service providers” (as defined in the CCPA) or Processors to undertake. Further details regarding Ironclad’s processing operations, including the purposes for processing Customer Personal Data, are set forth in Exhibit 1.
- Documented Instructions. Ironclad and its Third Parties shall Process Customer Personal Data only in accordance with the documented instructions of Customer. The Agreement, including this Addendum, along with any applicable statement of work, constitute Customer’s complete and final instructions to Ironclad regarding the Processing of Customer Personal Data, including for purposes of the Standard Contractual Clauses. Ironclad will, unless legally prohibited from doing so, inform Customer in writing if it reasonably believes that there is a conflict between Customer’s instructions and applicable law or otherwise seeks to Process Customer Personal Data in a manner that is inconsistent with Customer’s instructions.
- Authorization to Use Third Parties. To the extent necessary to fulfill Ironclad’s contractual obligations under the Agreement or any statement of work, Customer hereby authorizes (i) Ironclad to engage Third Parties and (ii) Third Parties to engage subprocessors.
- Ironclad and Third Party Compliance. Ironclad agrees to (i) enter into a written agreement with Third Parties regarding such Third Parties’ Processing of Customer Personal Data that imposes on such Third Parties (and their subprocessors) data protection and security requirements for Customer Personal Data that are at least as restrictive as the obligations in this Addendum; and (ii) remain responsible to Customer for Ironclad’s Third Parties’ (and their subprocessors if applicable) failure to perform their obligations with respect to the Processing of Customer Personal Data.
- Right to Object to Third Parties. Ironclad’s list of Third Parties that Process Customer Personal Data is available at https://ironcladapp.com/subprocessors/. Prior to engaging any new Third Parties that Process Customer Personal Data, Ironclad will notify Customer via email and allow Customer thirty (30) days to object. If Customer has legitimate objections to the appointment of any new Third Party, the parties will work together in good faith to resolve the grounds for the objection for no less than thirty (30) days, and failing any such resolution, Customer may terminate the part of the service performed under the Agreement that cannot be performed by Ironclad without use of the objectionable Third Party.
- Confidentiality. Any person or Third Party authorized to Process Customer Personal Data must agree to maintain the confidentiality of such information or be under an appropriate statutory or contractual obligation of confidentiality.
- Personal Data Inquiries and Requests. Upon written request from Customer, Ironclad agrees to provide reasonable assistance and comply with all reasonable instructions from Customer related to any requests from individuals exercising their rights in Customer Personal Data granted to them under Applicable Data Protection Laws (e.g., access, rectification, erasure, data portability, etc.). If a request is sent directly to Ironclad, Ironclad shall promptly notify Customer and shall not respond to the request unless Customer has authorized Ironclad to do so. Where necessary, Customer shall inform Ironclad of any other individual rights requests that Ironclad must comply with, and provide the information necessary for Ironclad to comply with the request.
- Government Access Requests. Unless prohibited by applicable law or a legally-binding request of law enforcement, Ironclad shall promptly notify Customer of any request by government agency or law enforcement authority for access to or seizure of Customer Personal Data, and shall render reasonable assistance to Customer, if Customer wishes to contest the access or seizure.
- Data Protection Impact Assessment and Prior Consultation. Upon written request from Customer, Ironclad agrees to provide reasonable assistance at Customer’s expense to Customer where, in Customer’s judgment, the type of Processing performed by Ironclad is likely to result in a high risk to the rights and freedoms of natural persons (e.g., systematic and extensive profiling, Processing sensitive Personal Data on a large scale and systematic monitoring on a large scale, or where the Processing uses new technologies) and thus requires a data protection impact assessment and/or prior consultation with the relevant data protection authorities.
- Sale or “Sharing” of Customer Personal Data Prohibited. Ironclad shall not sell or share Customer Personal Data as the terms "sell" and “share” are defined by the CCPA.
- CCPA Certification. Ironclad hereby certifies that it understands its restrictions and obligations set forth in this Addendum and will comply with them. Ironclad will notify Customer if Ironclad makes a determination that it can no longer meet its obligations under Applicable Data Protection Laws. Customer shall have the right, upon seven (7) business days’ notice, to take reasonable and appropriate steps to stop and remediate any unauthorized use of Customer Personal Data by Ironclad.
- Cross-Border Transfers of Personal Data.
- Cross-Border Transfers of Personal Data. Customer authorizes Ironclad and its Third Parties to transfer Customer Personal Data across international borders, including from the European Economic Area (the “EEA”), the United Kingdom, and Switzerland to the United States. Ironclad and Customer agree to use the Standard Contractual Clauses as the adequacy mechanism supporting the transfer and Processing of Customer Personal Data, as further detailed below.
- 2021 Standard Contractual Clauses. For transfers of Customer Personal Data out of the EEA that are subject to Section 4(a) of this DPA, the 2021 Standard Contractual Clauses will apply and are incorporated into this Addendum. For purposes of this Addendum, the 2021 Standard Contractual Clauses will apply as set forth in this Section 4(b). “Module Two: Transfer controller to processor” will apply and all other module options will not apply. Under Annex 1 of the 2021 Standard Contractual Clauses, the “data exporter” is Customer and the “data importer” is Ironclad and the information required by Annex 1 can be found in Exhibit 1. For the purposes of Annex 2 of the Standard Contractual Clauses, the technical and organizational measures implemented by the data importer are those listed in Section 5 of this Addendum. Clause 7 will not apply. For clause 9, the Parties choose Option 2 and the Parties agree that the time period for prior notice of Third Party changes will be as set forth in 3(f) of this Addendum. For clause 11, the optional language will not apply. For clause 17, the Parties choose Option 1 and the Parties agree that the governing law will be the Republic of Ireland. For clause 18, the Parties agree that the courts of the Republic of Ireland will apply for subsection (b).
- UK Standard Contractual Clauses. For transfers of Customer Personal Data out of the United Kingdom that are subject to Section 4(a) of this Addendum, the UK Standard Contractual Clauses will apply and are incorporated into this Addendum. For purposes of this Addendum, the UK Standard Contractual Clauses will apply as set forth in this Section 4(c). For Table 1 of the UK Standard Contractual Clauses, (i) the Parties’ details shall be the Parties and their affiliates to the extent any of them is involved in such transfer, including those set forth in Annex 1 of the 2021 Standard Contractual Clauses and (ii) the Key Contacts shall be the contacts set forth in Annex 1 of the 2021 Standard Contractual Clauses. The Approved EU SCCs referenced in Table 2 shall be the 2021 Standard Contractual Clauses as executed by the Parties pursuant to this Addendum. For Table 3, Annex 1A, 1B, and II shall be set forth in Annex 1 of the 2021 Standard Contractual Clauses. For Table 4, either party may end the UK Standard Contractual Clauses as set out in Section 19 of the UK Standard Contractual Clauses.
- Switzerland Transfers. For transfers of Customer Personal Data out of Switzerland that are subject to Section 4(a) of this DPA, the 2021 Standard Contractual Clauses will apply and will be deemed to have the differences set forth in this Section 4(d), to the extent required by the Swiss Federal Act on Data Protection (“FADP”). References to the GDPR in the 2021 Standard Contractual Clauses are to be understood as references to the FADP insofar as the data transfers are subject exclusively to the FADP and not to the GDPR. The term “member state” in the 2021 Standard Contractual Clauses shall not be interpreted in such a way as to exclude data subjects in Switzerland from the possibility of suing for their rights in their place of habitual residence (Switzerland) in accordance with Clause 18(c) of the 2021 Standard Contractual Clauses. References to personal data in the 2021 Standard Contractual Clauses also refer to data about identifiable legal entities until the entry into force of revisions to the FADP that eliminate this broader scope.Under Annex I(C) of the 2021 Standard Contractual Clauses (Competent supervisory authority): where the transfer is subject exclusively to the FADP and not the GDPR, the supervisory authority is the Swiss Federal Data Protection and Information Commissioner, and where the transfer is subject to both the FADP and the GDPR, the supervisory authority is the Swiss Federal Data Protection and Information Commissioner insofar as the transfer is governed by the FADP, and the supervisory authority is as set forth in the 2021 Standard Contractual Clauses insofar as the transfer is governed by the GDPR.
- Each party’s signature to this Addendum shall be considered a signature to the Standard Contractual Clauses. If required by the laws or regulatory procedures of any jurisdiction, the Parties shall execute or re-execute the Standard Contractual Clauses as separate documents. In case of conflict between the Standard Contractual Clauses and this Addendum, the Standard Contractual Clauses will prevail.
- Data Privacy Framework. Ironclad participates in and certifies compliance with the Data Privacy Framework. As required by the Data Privacy Framework, Ironclad (i) provides at least the same level of privacy protection as is required by the Data Privacy Framework Principles; (ii) will notify Customer if Ironclad makes a determination it can no longer meet its obligation to provide the same level of protection as is required by the Data Privacy Framework Principles; and (iii) will, upon written notice, take reasonable and appropriate steps to remediate any unauthorized processing of Customer Personal Data.
- Information Security Program.
- Ironclad agrees to implement appropriate technical and organizational measures designed to protect Customer Personal Data as required by Applicable Data Protection Law(s) (the “Information Security Program”). Such measures shall be designed to include:
- Pseudonymisation of Customer Personal Data where appropriate, and encryption of Customer Personal Data in transit and at rest;
- The ability to ensure the ongoing confidentiality, integrity, availability of Ironclad’s Processing and Customer Personal Data;
- The ability to restore the availability and access to Customer Personal Data in the event of a physical or technical incident;
- A process for regularly testing, assessing and evaluating the effectiveness of Ironclad’s Information Security Program to ensure the security of Customer Personal Data from reasonably suspected or actual accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access.
- Ironclad agrees to implement appropriate technical and organizational measures designed to protect Customer Personal Data as required by Applicable Data Protection Law(s) (the “Information Security Program”). Such measures shall be designed to include:
- Security Incidents.
- Security Incident Procedure. Ironclad will deploy and follow policies and procedures to detect, respond to, and otherwise address Security Incidents including procedures to (i) identify and respond to reasonably suspected or known Security Incidents, mitigate harmful effects of Security Incidents, document Security Incidents and their outcomes, and (ii) restore the availability or access to Customer Personal Data in a timely manner.
- Notice. Ironclad agrees to provide prompt written notice without undue delay and within the time frame required under Applicable Data Protection Law(s) (but in no event longer than forty-eight (48) hours) to Customer’s Designated POC upon becoming aware that a Security Incident has taken place. Such notice will include all available details required under Applicable Data Protection Law(s) for Customer to comply with its own notification obligations to regulatory authorities or individuals affected by the Security Incident.
- Audits.
- Right to Audit; Permitted Audits. Ironclad shall make available to Customer and its regulators all information necessary to demonstrate compliance with Applicable Data Protection Laws and this Addendum. Customer and its regulators shall have the right to inspect Ironclad’s architecture, systems, and documentation which are relevant to the security and integrity of Customer Personal Data, or as otherwise required by a governmental regulator:
- Following any notice from Ironclad to Customer of an actual or reasonably suspected Security Incident involving Customer Personal Data;
- Upon Customer’s reasonable belief that Ironclad is not in compliance with Applicable Data Protection Laws, this Addendum or its security policies and procedures under the Agreement;
- As required by governmental regulators;
- For any reason, or no reason at all, once annually.
- Audit Terms. Any audits described in this Section shall be:
- Conducted by Customer or its regulator, or through a third party independent contractor selected by one of these parties, and to whom Ironclad does not reasonably object.
- Conducted during reasonable times.
- Conducted upon reasonable advance notice to Ironclad.
- Of reasonable duration and scope and shall not unreasonably interfere with Ironclad’s day-to-day operations.
- Conducted in such a manner that does not violate any agreement between Ironclad and its service providers, including cloud providers, or violate or cause Ironclad to violate its reasonable policies related to security and confidentiality.
- Third Parties. In the event that Customer conducts an audit through a third party independent auditor or a third party accompanies Customer or participates in such audit, such third party shall be required to enter into a non-disclosure agreement containing confidentiality provisions substantially similar to those set forth in the Agreement to protect Ironclad’s and Ironclad’s customers’ confidential and proprietary information. For the avoidance of doubt, regulators shall not be required to enter into a non-disclosure agreement.
- Audit Results. Upon Ironclad’s request, after conducting an audit, Customer shall notify Ironclad of the manner in which Ironclad does not comply with any of the applicable security, confidentiality or privacy obligations or Applicable Data Protection Laws herein. Upon such notice, Ironclad shall make any necessary changes to ensure compliance with such obligations at its own expense and without unreasonable delay and shall notify Customer when such changes are complete. Notwithstanding anything to the contrary in the Agreement, Customer may conduct a follow-up audit within six (6) months of Ironclad’s notice of completion of any necessary changes. To the extent that a Customer audit identifies any material security vulnerabilities, Ironclad shall promptly remediate those vulnerabilities.
- Right to Audit; Permitted Audits. Ironclad shall make available to Customer and its regulators all information necessary to demonstrate compliance with Applicable Data Protection Laws and this Addendum. Customer and its regulators shall have the right to inspect Ironclad’s architecture, systems, and documentation which are relevant to the security and integrity of Customer Personal Data, or as otherwise required by a governmental regulator:
- Data Storage and Deletion.
- Data Storage. Ironclad will not store or retain any Customer Personal Data except as necessary to perform the Services under the Agreement.
- Data Deletion. Ironclad will abide by the following with respect to deletion of Customer Personal Data:
- Within ninety (90) calendar days of the Agreement’s expiration or termination, Ironclad will securely destroy (per subsection (iii) below) all copies of Customer Personal Data (including automatically created archival copies).
- Upon Customer’s request, Ironclad will promptly return to Customer a copy of all Customer Personal Data within thirty (30) calendar days and, if Customer also requests deletion of the Customer Personal Data, will carry that out as set forth above.
- All deletion of Customer Personal Data will be conducted in accordance with standard industry practices for deletion of sensitive data.
- Tapes, printed output, optical disks, and other physical media will be physically destroyed by a secure method, such as shredding performed by a bonded provider.
- Upon Customer’s request, Ironclad will provide evidence that Ironclad has deleted all Customer Personal Data. Ironclad will provide the “Certificate of Deletion” within thirty (30) calendar days of Customer’s request.
- Contact Information.
- Ironclad and the Customer agree to designate a point of contact for urgent privacy and security issues (a “Designated POC”). The Designated POC for both parties are:
- Ironclad Designated POC: John Fiedler, support@ironcladhq.com
- Customer Designated POC: The individual and/or email specified in the Notices section of the Agreement.
- Ironclad and the Customer agree to designate a point of contact for urgent privacy and security issues (a “Designated POC”). The Designated POC for both parties are:
Exhibit 1
| Category | Description |
|---|---|
1.1 Subject Matter of Processing | The subject matter of Processing is the Services pursuant to the Agreement, specifically the provision and use of Ironclad’s contract management SaaS application. |
1.2 Duration of Processing | The Processing will continue until the expiration or termination of the Agreement. |
1.3 Categories of Data Subjects | Includes the following:
|
1.4 Nature and Purpose of Processing | Includes the following: Nature: Processing of the data uploaded by Customer to Ironclad's contract management SaaS application. The purpose of Processing of Customer Personal Data by Ironclad is the performance of the Services pursuant to the Agreement. |
1.5 Types of Personal Information | Includes the following:
|
Effective November 19th 2024 to November 19th 2024
DownloadTable of Contents
This Data Processing Addendum (“Addendum”) may be referenced and incorporated by reference into an Enterprise Services Agreement (the “Agreement”) between Ironclad, Inc. (“Ironclad”) and a customer (“Customer” (collectively the “Parties”)).
- Subject Matter and Duration.
- Subject Matter. This Addendum reflects the Parties’ commitment to abide by Applicable Data Protection Laws concerning the Processing of Customer Personal Data in connection with Ironclad’s execution of the Agreement. All capitalized terms that are not expressly defined in this Data Processing Addendum will have the meanings given to them in the Agreement. If and to the extent language in this Addendum or any of its Exhibits conflicts with the Agreement, this Addendum shall control.
- Duration and Survival. This Addendum will become legally binding upon the Effective Date of the Agreement or upon the date upon which both Parties have signed this Addendum, if it is completed after the Effective Date of the Agreement. Ironclad will Process Customer Personal Data until the relationship terminates as specified in the Agreement. Ironclad’s obligations and Customer’s rights under this Addendum will continue in effect so long as Ironclad Processes Customer Personal Data.
- Definitions. For the purposes of this Addendum, the following terms and those defined within the body of this Addendum apply.
- “Applicable Data Protection Law(s)” means the relevant data protection and data privacy laws, rules and regulations to which the Customer Personal Data are subject. “Applicable Data Protection Law(s)” shall include, but not be limited to, EU General Data Protection Regulation 2016/679 (“GDPR”) principles and requirements, the United Kingdom Data Protection Act 2018, the California Consumer Privacy Act of 2018 (as amended by the California Privacy Rights Act) (“CCPA”), and its implementing regulations, and other United States state data protection and privacy laws and regulations similar to or modeled on the California Privacy Law, including, when effective, the Virginia Consumer Data Protection Act, the Colorado Privacy Act and related regulations, the Utah Consumer Privacy Act, and the Connecticut Act Concerning Personal Data Privacy and Online Monitoring. For the avoidance of doubt, if Ironclad’s processing activities involving Customer Personal Data are not within the scope of an Applicable Data Protection Law, such law is not applicable for purposes of this Addendum.
- “Customer Personal Data” means Personal Data pertaining to Customer’s users or employees Processed by Ironclad to provide the Services. The Customer Personal Data and the specific uses of the Customer Personal Data are detailed in Exhibit 1 attached hereto, as required by the GDPR.
- “Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data.
- "Data Privacy Framework" means the EU-US Data Privacy Framework, the Swiss-US Data Privacy Framework, and the UK Extension to the EU-US Data Privacy Framework self-certification programs (as applicable) operated by the U.S. Department of Commerce, as may be amended, superseded, or replaced from time to time.
- “Personal Data” shall have the meaning assigned to the terms “personal data” or “personal information” under Applicable Data Protection Law(s).
- “Process,” “Processes,” “Processing,” “Processed” means any operation or set of operations which is performed on data or sets of data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction.
- “Processor” means a natural or legal person, public authority, agency or other body which Processes Customer Personal Data on behalf of Customer subject to this Addendum.
- “Security Incident(s)” means the breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Customer Personal Data Processed by Ironclad.
- “Services” means any and all services that Ironclad performs under the Agreement.
- “Standard Contractual Clauses” means the UK Standard Contractual Clauses, and/or the 2021 Standard Contractual Clauses.
- “Third Party(ies)” means Ironclad’s authorized contractors, agents, vendors and third party service providers that Process Customer Personal Data.
- “UK Standard Contractual Clauses” means the International Data Transfer Addendum to the EU Commission Standard Contractual Clauses, available at https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/international-data-transfer-agreement-and-guidance/ and completed as described below.
- “2021 Standard Contractual Clauses" means the Standard Contractual Clauses issued pursuant to the EU Commission Implementing Decision (EU) 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council, available at http://data.europa.eu/eli/dec_impl/2021/914/oj and completed as described below.
- Data Use and Processing.
- Compliance with Laws. Customer Personal Data shall be Processed in compliance with the terms of this Addendum and all Applicable Data Protection Law(s). Ironclad will provide the same level of protection for Customer Personal Data subject to the CCPA as is required of Customer under the CCPA.
- Purpose Limitation. Ironclad will not Process Customer Personal Data for any purpose other than for the specific purposes set forth in the Agreement or outside the direct business relationship between Customer and Ironclad, unless obligated to do otherwise by applicable law. In such case, Ironclad will inform Customer of that legal requirement before the Processing unless legally prohibited from doing so. Ironclad shall comply with any applicable restrictions under Applicable Data Protection Law(s) on combining Customer Personal Data with personal data that Ironclad receives from, or on behalf of, another person or persons, or that Ironclad collects from any interaction between it and any individual. Notwithstanding the foregoing, Ironclad may Process Customer Personal Data for any purposes permitted by Applicable Data Protection Law(s) for “service providers” (as defined in the CCPA) or Processors to undertake. Further details regarding Ironclad’s processing operations, including the purposes for processing Customer Personal Data, are set forth in Exhibit 1.
- Documented Instructions. Ironclad and its Third Parties shall Process Customer Personal Data only in accordance with the documented instructions of Customer. The Agreement, including this Addendum, along with any applicable statement of work, constitute Customer’s complete and final instructions to Ironclad regarding the Processing of Customer Personal Data, including for purposes of the Standard Contractual Clauses. Ironclad will, unless legally prohibited from doing so, inform Customer in writing if it reasonably believes that there is a conflict between Customer’s instructions and applicable law or otherwise seeks to Process Customer Personal Data in a manner that is inconsistent with Customer’s instructions.
- Authorization to Use Third Parties. To the extent necessary to fulfill Ironclad’s contractual obligations under the Agreement or any statement of work, Customer hereby authorizes (i) Ironclad to engage Third Parties and (ii) Third Parties to engage subprocessors.
- Ironclad and Third Party Compliance. Ironclad agrees to (i) enter into a written agreement with Third Parties regarding such Third Parties’ Processing of Customer Personal Data that imposes on such Third Parties (and their subprocessors) data protection and security requirements for Customer Personal Data that are at least as restrictive as the obligations in this Addendum; and (ii) remain responsible to Customer for Ironclad’s Third Parties’ (and their subprocessors if applicable) failure to perform their obligations with respect to the Processing of Customer Personal Data.
- Right to Object to Third Parties. Ironclad’s list of Third Parties that Process Customer Personal Data is available at https://ironcladapp.com/subprocessors/. Prior to engaging any new Third Parties that Process Customer Personal Data, Ironclad will notify Customer via email and allow Customer thirty (30) days to object. If Customer has legitimate objections to the appointment of any new Third Party, the parties will work together in good faith to resolve the grounds for the objection for no less than thirty (30) days, and failing any such resolution, Customer may terminate the part of the service performed under the Agreement that cannot be performed by Ironclad without use of the objectionable Third Party.
- Confidentiality. Any person or Third Party authorized to Process Customer Personal Data must agree to maintain the confidentiality of such information or be under an appropriate statutory or contractual obligation of confidentiality.
- Personal Data Inquiries and Requests. Upon written request from Customer, Ironclad agrees to provide reasonable assistance and comply with all reasonable instructions from Customer related to any requests from individuals exercising their rights in Customer Personal Data granted to them under Applicable Data Protection Laws (e.g., access, rectification, erasure, data portability, etc.). If a request is sent directly to Ironclad, Ironclad shall promptly notify Customer and shall not respond to the request unless Customer has authorized Ironclad to do so. Where necessary, Customer shall inform Ironclad of any other individual rights requests that Ironclad must comply with, and provide the information necessary for Ironclad to comply with the request.
- Government Access Requests. Unless prohibited by applicable law or a legally-binding request of law enforcement, Ironclad shall promptly notify Customer of any request by government agency or law enforcement authority for access to or seizure of Customer Personal Data, and shall render reasonable assistance to Customer, if Customer wishes to contest the access or seizure.
- Data Protection Impact Assessment and Prior Consultation. Upon written request from Customer, Ironclad agrees to provide reasonable assistance at Customer’s expense to Customer where, in Customer’s judgment, the type of Processing performed by Ironclad is likely to result in a high risk to the rights and freedoms of natural persons (e.g., systematic and extensive profiling, Processing sensitive Personal Data on a large scale and systematic monitoring on a large scale, or where the Processing uses new technologies) and thus requires a data protection impact assessment and/or prior consultation with the relevant data protection authorities.
- Sale or “Sharing” of Customer Personal Data Prohibited. Ironclad shall not sell or share Customer Personal Data as the terms "sell" and “share” are defined by the CCPA.
- CCPA Certification. Ironclad hereby certifies that it understands its restrictions and obligations set forth in this Addendum and will comply with them. Ironclad will notify Customer if Ironclad makes a determination that it can no longer meet its obligations under Applicable Data Protection Laws. Customer shall have the right, upon seven (7) business days’ notice, to take reasonable and appropriate steps to stop and remediate any unauthorized use of Customer Personal Data by Ironclad.
- Cross-Border Transfers of Personal Data.
- Cross-Border Transfers of Personal Data. Customer authorizes Ironclad and its Third Parties to transfer Customer Personal Data across international borders, including from the European Economic Area (the “EEA”), the United Kingdom, and Switzerland to the United States. Ironclad and Customer agree to use the Standard Contractual Clauses as the adequacy mechanism supporting the transfer and Processing of Customer Personal Data, as further detailed below.
- 2021 Standard Contractual Clauses. For transfers of Customer Personal Data out of the EEA that are subject to Section 4(a) of this DPA, the 2021 Standard Contractual Clauses will apply and are incorporated into this Addendum. For purposes of this Addendum, the 2021 Standard Contractual Clauses will apply as set forth in this Section 4(b). “Module Two: Transfer controller to processor” will apply and all other module options will not apply. Under Annex 1 of the 2021 Standard Contractual Clauses, the “data exporter” is Customer and the “data importer” is Ironclad and the information required by Annex 1 can be found in Exhibit 1. For the purposes of Annex 2 of the Standard Contractual Clauses, the technical and organizational measures implemented by the data importer are those listed in Section 5 of this Addendum. Clause 7 will not apply. For clause 9, the Parties choose Option 2 and the Parties agree that the time period for prior notice of Third Party changes will be as set forth in 3(f) of this Addendum. For clause 11, the optional language will not apply. For clause 17, the Parties choose Option 1 and the Parties agree that the governing law will be the Republic of Ireland. For clause 18, the Parties agree that the courts of the Republic of Ireland will apply for subsection (b).
- UK Standard Contractual Clauses. For transfers of Customer Personal Data out of the United Kingdom that are subject to Section 4(a) of this Addendum, the UK Standard Contractual Clauses will apply and are incorporated into this Addendum. For purposes of this Addendum, the UK Standard Contractual Clauses will apply as set forth in this Section 4(c). For Table 1 of the UK Standard Contractual Clauses, (i) the Parties’ details shall be the Parties and their affiliates to the extent any of them is involved in such transfer, including those set forth in Annex 1 of the 2021 Standard Contractual Clauses and (ii) the Key Contacts shall be the contacts set forth in Annex 1 of the 2021 Standard Contractual Clauses. The Approved EU SCCs referenced in Table 2 shall be the 2021 Standard Contractual Clauses as executed by the Parties pursuant to this Addendum. For Table 3, Annex 1A, 1B, and II shall be set forth in Annex 1 of the 2021 Standard Contractual Clauses. For Table 4, either party may end the UK Standard Contractual Clauses as set out in Section 19 of the UK Standard Contractual Clauses.
- Switzerland Transfers. For transfers of Customer Personal Data out of Switzerland that are subject to Section 4(a) of this DPA, the 2021 Standard Contractual Clauses will apply and will be deemed to have the differences set forth in this Section 4(d), to the extent required by the Swiss Federal Act on Data Protection (“FADP”). References to the GDPR in the 2021 Standard Contractual Clauses are to be understood as references to the FADP insofar as the data transfers are subject exclusively to the FADP and not to the GDPR. The term “member state” in the 2021 Standard Contractual Clauses shall not be interpreted in such a way as to exclude data subjects in Switzerland from the possibility of suing for their rights in their place of habitual residence (Switzerland) in accordance with Clause 18(c) of the 2021 Standard Contractual Clauses. References to personal data in the 2021 Standard Contractual Clauses also refer to data about identifiable legal entities until the entry into force of revisions to the FADP that eliminate this broader scope.Under Annex I(C) of the 2021 Standard Contractual Clauses (Competent supervisory authority): where the transfer is subject exclusively to the FADP and not the GDPR, the supervisory authority is the Swiss Federal Data Protection and Information Commissioner, and where the transfer is subject to both the FADP and the GDPR, the supervisory authority is the Swiss Federal Data Protection and Information Commissioner insofar as the transfer is governed by the FADP, and the supervisory authority is as set forth in the 2021 Standard Contractual Clauses insofar as the transfer is governed by the GDPR.
- Each party’s signature to this Addendum shall be considered a signature to the Standard Contractual Clauses. If required by the laws or regulatory procedures of any jurisdiction, the Parties shall execute or re-execute the Standard Contractual Clauses as separate documents. In case of conflict between the Standard Contractual Clauses and this Addendum, the Standard Contractual Clauses will prevail.
- Data Privacy Framework. Ironclad participates in and certifies compliance with the Data Privacy Framework. As required by the Data Privacy Framework, Ironclad (i) provides at least the same level of privacy protection as is required by the Data Privacy Framework Principles; (ii) will notify Customer if Ironclad makes a determination it can no longer meet its obligation to provide the same level of protection as is required by the Data Privacy Framework Principles; and (iii) will, upon written notice, take reasonable and appropriate steps to remediate any unauthorized processing of Customer Personal Data.
- Information Security Program.
- Ironclad agrees to implement appropriate technical and organizational measures designed to protect Customer Personal Data as required by Applicable Data Protection Law(s) (the “Information Security Program”). Such measures shall be designed to include:
- Pseudonymisation of Customer Personal Data where appropriate, and encryption of Customer Personal Data in transit and at rest;
- The ability to ensure the ongoing confidentiality, integrity, availability of Ironclad’s Processing and Customer Personal Data;
- The ability to restore the availability and access to Customer Personal Data in the event of a physical or technical incident;
- A process for regularly testing, assessing and evaluating the effectiveness of Ironclad’s Information Security Program to ensure the security of Customer Personal Data from reasonably suspected or actual accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access.
- Ironclad agrees to implement appropriate technical and organizational measures designed to protect Customer Personal Data as required by Applicable Data Protection Law(s) (the “Information Security Program”). Such measures shall be designed to include:
- Security Incidents.
- Security Incident Procedure. Ironclad will deploy and follow policies and procedures to detect, respond to, and otherwise address Security Incidents including procedures to (i) identify and respond to reasonably suspected or known Security Incidents, mitigate harmful effects of Security Incidents, document Security Incidents and their outcomes, and (ii) restore the availability or access to Customer Personal Data in a timely manner.
- Notice. Ironclad agrees to provide prompt written notice without undue delay and within the time frame required under Applicable Data Protection Law(s) (but in no event longer than forty-eight (48) hours) to Customer’s Designated POC upon becoming aware that a Security Incident has taken place. Such notice will include all available details required under Applicable Data Protection Law(s) for Customer to comply with its own notification obligations to regulatory authorities or individuals affected by the Security Incident.
- Audits.
- Right to Audit; Permitted Audits. Ironclad shall make available to Customer and its regulators all information necessary to demonstrate compliance with Applicable Data Protection Laws and this Addendum. Customer and its regulators shall have the right to inspect Ironclad’s architecture, systems, and documentation which are relevant to the security and integrity of Customer Personal Data, or as otherwise required by a governmental regulator:
- Following any notice from Ironclad to Customer of an actual or reasonably suspected Security Incident involving Customer Personal Data;
- Upon Customer’s reasonable belief that Ironclad is not in compliance with Applicable Data Protection Laws, this Addendum or its security policies and procedures under the Agreement;
- As required by governmental regulators;
- For any reason, or no reason at all, once annually.
- Audit Terms. Any audits described in this Section shall be:
- Conducted by Customer or its regulator, or through a third party independent contractor selected by one of these parties, and to whom Ironclad does not reasonably object.
- Conducted during reasonable times.
- Conducted upon reasonable advance notice to Ironclad.
- Of reasonable duration and scope and shall not unreasonably interfere with Ironclad’s day-to-day operations.
- Conducted in such a manner that does not violate any agreement between Ironclad and its service providers, including cloud providers, or violate or cause Ironclad to violate its reasonable policies related to security and confidentiality.
- Third Parties. In the event that Customer conducts an audit through a third party independent auditor or a third party accompanies Customer or participates in such audit, such third party shall be required to enter into a non-disclosure agreement containing confidentiality provisions substantially similar to those set forth in the Agreement to protect Ironclad’s and Ironclad’s customers’ confidential and proprietary information. For the avoidance of doubt, regulators shall not be required to enter into a non-disclosure agreement.
- Audit Results. Upon Ironclad’s request, after conducting an audit, Customer shall notify Ironclad of the manner in which Ironclad does not comply with any of the applicable security, confidentiality or privacy obligations or Applicable Data Protection Laws herein. Upon such notice, Ironclad shall make any necessary changes to ensure compliance with such obligations at its own expense and without unreasonable delay and shall notify Customer when such changes are complete. Notwithstanding anything to the contrary in the Agreement, Customer may conduct a follow-up audit within six (6) months of Ironclad’s notice of completion of any necessary changes. To the extent that a Customer audit identifies any material security vulnerabilities, Ironclad shall promptly remediate those vulnerabilities.
- Right to Audit; Permitted Audits. Ironclad shall make available to Customer and its regulators all information necessary to demonstrate compliance with Applicable Data Protection Laws and this Addendum. Customer and its regulators shall have the right to inspect Ironclad’s architecture, systems, and documentation which are relevant to the security and integrity of Customer Personal Data, or as otherwise required by a governmental regulator:
- Data Storage and Deletion.
- Data Storage. Ironclad will not store or retain any Customer Personal Data except as necessary to perform the Services under the Agreement.
- Data Deletion. Ironclad will abide by the following with respect to deletion of Customer Personal Data:
- Within ninety (90) calendar days of the Agreement’s expiration or termination, Ironclad will securely destroy (per subsection (iii) below) all copies of Customer Personal Data (including automatically created archival copies).
- Upon Customer’s request, Ironclad will promptly return to Customer a copy of all Customer Personal Data within thirty (30) calendar days and, if Customer also requests deletion of the Customer Personal Data, will carry that out as set forth above.
- All deletion of Customer Personal Data will be conducted in accordance with standard industry practices for deletion of sensitive data.
- Tapes, printed output, optical disks, and other physical media will be physically destroyed by a secure method, such as shredding performed by a bonded provider.
- Upon Customer’s request, Ironclad will provide evidence that Ironclad has deleted all Customer Personal Data. Ironclad will provide the “Certificate of Deletion” within thirty (30) calendar days of Customer’s request.
- Contact Information.
- Ironclad and the Customer agree to designate a point of contact for urgent privacy and security issues (a “Designated POC”). The Designated POC for both parties are:
- Ironclad Designated POC: John Fiedler, support@ironcladhq.com
- Customer Designated POC: The individual and/or email specified in the Notices section of the Agreement.
- Ironclad and the Customer agree to designate a point of contact for urgent privacy and security issues (a “Designated POC”). The Designated POC for both parties are:
Exhibit 1
| Category | Description |
|---|---|
1.1 Subject Matter of Processing | The subject matter of Processing is the Services pursuant to the Agreement, specifically the provision and use of Ironclad’s contract management SaaS application. |
1.2 Duration of Processing | The Processing will continue until the expiration or termination of the Agreement. |
1.3 Categories of Data Subjects | Includes the following:
|
1.4 Nature and Purpose of Processing | Includes the following: Nature: Processing of the data uploaded by Customer to Ironclad's contract management SaaS application. The purpose of Processing of Customer Personal Data by Ironclad is the performance of the Services pursuant to the Agreement. |
1.5 Types of Personal Information | Includes the following:
|
Effective March 20th 2023 to November 19th 2024
DownloadTable of Contents
This Data Processing Addendum (“Addendum”) may be referenced and incorporated by reference into an Enterprise Services Agreement (the “Agreement”) between Ironclad, Inc. (“Ironclad”) and a customer (“Customer” (collectively the “Parties”)).
- Subject Matter and Duration.
- Subject Matter. This Addendum reflects the Parties’ commitment to abide by Applicable Data Protection Laws concerning the Processing of Customer Personal Data in connection with Ironclad’s execution of the Agreement. All capitalized terms that are not expressly defined in this Data Processing Addendum will have the meanings given to them in the Agreement. If and to the extent language in this Addendum or any of its Exhibits conflicts with the Agreement, this Addendum shall control.
- Duration and Survival. This Addendum will become legally binding upon the Effective Date of the Agreement or upon the date upon which both Parties have signed this Addendum, if it is completed after the Effective Date of the Agreement. Ironclad will Process Customer Personal Data until the relationship terminates as specified in the Agreement. Ironclad’s obligations and Customer’s rights under this Addendum will continue in effect so long as Ironclad Processes Customer Personal Data.
- Definitions. For the purposes of this Addendum, the following terms and those defined within the body of this Addendum apply.
- “Applicable Data Protection Law(s)” means the relevant data protection and data privacy laws, rules and regulations to which the Customer Personal Data are subject. “Applicable Data Protection Law(s)” shall include, but not be limited to, EU General Data Protection Regulation 2016/679 (“GDPR”) principles and requirements, the United Kingdom Data Protection Act 2018, the California Consumer Privacy Act of 2018 (as amended by the California Privacy Rights Act) (“CCPA”), and its implementing regulations, and other United States state data protection and privacy laws and regulations similar to or modeled on the California Privacy Law, including, when effective, the Virginia Consumer Data Protection Act, the Colorado Privacy Act and related regulations, the Utah Consumer Privacy Act, and the Connecticut Act Concerning Personal Data Privacy and Online Monitoring. For the avoidance of doubt, if Ironclad’s processing activities involving Customer Personal Data are not within the scope of an Applicable Data Protection Law, such law is not applicable for purposes of this Addendum.
- “Customer Personal Data” means Personal Data pertaining to Customer’s users or employees Processed by Ironclad to provide the Services. The Customer Personal Data and the specific uses of the Customer Personal Data are detailed in Exhibit 1 attached hereto, as required by the GDPR.
- “Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data.
- “Personal Data” shall have the meaning assigned to the terms “personal data” or “personal information” under Applicable Data Protection Law(s).
- “Process,” “Processes,” “Processing,” “Processed” means any operation or set of operations which is performed on data or sets of data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction.
- “Processor” means a natural or legal person, public authority, agency or other body which Processes Customer Personal Data on behalf of Customer subject to this Addendum.
- “Security Incident(s)” means the breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Customer Personal Data Processed by Ironclad.
- “Services” means any and all services that Ironclad performs under the Agreement.
- “Standard Contractual Clauses” means the UK Standard Contractual Clauses, and/or the 2021 Standard Contractual Clauses.
- “Third Party(ies)” means Ironclad’s authorized contractors, agents, vendors and third party service providers that Process Customer Personal Data.
- “UK Standard Contractual Clauses” means the International Data Transfer Addendum to the EU Commission Standard Contractual Clauses, available at https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/international-data-transfer-agreement-and-guidance/ and completed as described below.
- “2021 Standard Contractual Clauses" means the Standard Contractual Clauses issued pursuant to the EU Commission Implementing Decision (EU) 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council, available at http://data.europa.eu/eli/dec_impl/2021/914/oj and completed as described below.
- Data Use and Processing.
- Compliance with Laws. Customer Personal Data shall be Processed in compliance with the terms of this Addendum and all Applicable Data Protection Law(s). Ironclad will provide the same level of protection for Customer Personal Data subject to the CCPA as is required of Customer under the CCPA.
- Purpose Limitation. Ironclad will not Process Customer Personal Data for any purpose other than for the specific purposes set forth in the Agreement or outside the direct business relationship between Customer and Ironclad, unless obligated to do otherwise by applicable law. In such case, Ironclad will inform Customer of that legal requirement before the Processing unless legally prohibited from doing so. Ironclad shall comply with any applicable restrictions under Applicable Data Protection Law(s) on combining Customer Personal Data with personal data that Ironclad receives from, or on behalf of, another person or persons, or that Ironclad collects from any interaction between it and any individual. Notwithstanding the foregoing, Ironclad may Process Customer Personal Data for any purposes permitted by Applicable Data Protection Law(s) for “service providers” (as defined in the CCPA) or Processors to undertake. Further details regarding Ironclad’s processing operations, including the purposes for processing Customer Personal Data, are set forth in Exhibit 1.
- Documented Instructions. Ironclad and its Third Parties shall Process Customer Personal Data only in accordance with the documented instructions of Customer. The Agreement, including this Addendum, along with any applicable statement of work, constitute Customer’s complete and final instructions to Ironclad regarding the Processing of Customer Personal Data, including for purposes of the Standard Contractual Clauses. Ironclad will, unless legally prohibited from doing so, inform Customer in writing if it reasonably believes that there is a conflict between Customer’s instructions and applicable law or otherwise seeks to Process Customer Personal Data in a manner that is inconsistent with Customer’s instructions.
- Authorization to Use Third Parties. To the extent necessary to fulfill Ironclad’s contractual obligations under the Agreement or any statement of work, Customer hereby authorizes (i) Ironclad to engage Third Parties and (ii) Third Parties to engage subprocessors.
- Ironclad and Third Party Compliance. Ironclad agrees to (i) enter into a written agreement with Third Parties regarding such Third Parties’ Processing of Customer Personal Data that imposes on such Third Parties (and their subprocessors) data protection and security requirements for Customer Personal Data that are at least as restrictive as the obligations in this Addendum; and (ii) remain responsible to Customer for Ironclad’s Third Parties’ (and their subprocessors if applicable) failure to perform their obligations with respect to the Processing of Customer Personal Data.
- Right to Object to Third Parties. Ironclad’s list of Third Parties that Process Customer Personal Data is available at https://ironcladapp.com/subprocessors/. Prior to engaging any new Third Parties that Process Customer Personal Data, Ironclad will notify Customer via email and allow Customer thirty (30) days to object. If Customer has legitimate objections to the appointment of any new Third Party, the parties will work together in good faith to resolve the grounds for the objection for no less than thirty (30) days, and failing any such resolution, Customer may terminate the part of the service performed under the Agreement that cannot be performed by Ironclad without use of the objectionable Third Party.
- Confidentiality. Any person or Third Party authorized to Process Customer Personal Data must agree to maintain the confidentiality of such information or be under an appropriate statutory or contractual obligation of confidentiality.
- Personal Data Inquiries and Requests. Upon written request from Customer, Ironclad agrees to provide reasonable assistance and comply with all reasonable instructions from Customer related to any requests from individuals exercising their rights in Customer Personal Data granted to them under Applicable Data Protection Laws (e.g., access, rectification, erasure, data portability, etc.). If a request is sent directly to Ironclad, Ironclad shall promptly notify Customer and shall not respond to the request unless Customer has authorized Ironclad to do so. Where necessary, Customer shall inform Ironclad of any other individual rights requests that Ironclad must comply with, and provide the information necessary for Ironclad to comply with the request.
- Government Access Requests. Unless prohibited by applicable law or a legally-binding request of law enforcement, Ironclad shall promptly notify Customer of any request by government agency or law enforcement authority for access to or seizure of Customer Personal Data, and shall render reasonable assistance to Customer, if Customer wishes to contest the access or seizure.
- Data Protection Impact Assessment and Prior Consultation. Upon written request from Customer, Ironclad agrees to provide reasonable assistance at Customer’s expense to Customer where, in Customer’s judgment, the type of Processing performed by Ironclad is likely to result in a high risk to the rights and freedoms of natural persons (e.g., systematic and extensive profiling, Processing sensitive Personal Data on a large scale and systematic monitoring on a large scale, or where the Processing uses new technologies) and thus requires a data protection impact assessment and/or prior consultation with the relevant data protection authorities.
- Sale or “Sharing” of Customer Personal Data Prohibited. Ironclad shall not sell or share Customer Personal Data as the terms "sell" and “share” are defined by the CCPA.
- CCPA Certification. Ironclad hereby certifies that it understands its restrictions and obligations set forth in this Addendum and will comply with them. Ironclad will notify Customer if Ironclad makes a determination that it can no longer meet its obligations under Applicable Data Protection Laws. Customer shall have the right, upon seven (7) business days’ notice, to take reasonable and appropriate steps to stop and remediate any unauthorized use of Customer Personal Data by Ironclad.
- Cross-Border Transfers of Personal Data.
- Cross-Border Transfers of Personal Data. Customer authorizes Ironclad and its Third Parties to transfer Customer Personal Data across international borders, including from the European Economic Area (the “EEA”), the United Kingdom, and Switzerland to the United States. Ironclad and Customer agree to use the Standard Contractual Clauses as the adequacy mechanism supporting the transfer and Processing of Customer Personal Data, as further detailed below.
- 2021 Standard Contractual Clauses. For transfers of Customer Personal Data out of the EEA that are subject to Section 4(a) of this DPA, the 2021 Standard Contractual Clauses will apply and are incorporated into this Addendum. For purposes of this Addendum, the 2021 Standard Contractual Clauses will apply as set forth in this Section 4(b). “Module Two: Transfer controller to processor” will apply and all other module options will not apply. Under Annex 1 of the 2021 Standard Contractual Clauses, the “data exporter” is Customer and the “data importer” is Ironclad and the information required by Annex 1 can be found in Exhibit 1. For the purposes of Annex 2 of the Standard Contractual Clauses, the technical and organizational measures implemented by the data importer are those listed in Section 5 of this Addendum. Clause 7 will not apply. For clause 9, the Parties choose Option 2 and the Parties agree that the time period for prior notice of Third Party changes will be as set forth in 3(f) of this Addendum. For clause 11, the optional language will not apply. For clause 17, the Parties choose Option 1 and the Parties agree that the governing law will be the Republic of Ireland. For clause 18, the Parties agree that the courts of the Republic of Ireland will apply for subsection (b).
- UK Standard Contractual Clauses. For transfers of Customer Personal Data out of the United Kingdom that are subject to Section 4(a) of this Addendum, the UK Standard Contractual Clauses will apply and are incorporated into this Addendum. For purposes of this Addendum, the UK Standard Contractual Clauses will apply as set forth in this Section 4(c). For Table 1 of the UK Standard Contractual Clauses, (i) the Parties’ details shall be the Parties and their affiliates to the extent any of them is involved in such transfer, including those set forth in Annex 1 of the 2021 Standard Contractual Clauses and (ii) the Key Contacts shall be the contacts set forth in Annex 1 of the 2021 Standard Contractual Clauses. The Approved EU SCCs referenced in Table 2 shall be the 2021 Standard Contractual Clauses as executed by the Parties pursuant to this Addendum. For Table 3, Annex 1A, 1B, and II shall be set forth in Annex 1 of the 2021 Standard Contractual Clauses. For Table 4, either party may end the UK Standard Contractual Clauses as set out in Section 19 of the UK Standard Contractual Clauses.
- Switzerland Transfers. For transfers of Customer Personal Data out of Switzerland that are subject to Section 4(a) of this DPA, the 2021 Standard Contractual Clauses will apply and will be deemed to have the differences set forth in this Section 4(d), to the extent required by the Swiss Federal Act on Data Protection (“FADP”). References to the GDPR in the 2021 Standard Contractual Clauses are to be understood as references to the FADP insofar as the data transfers are subject exclusively to the FADP and not to the GDPR. The term “member state” in the 2021 Standard Contractual Clauses shall not be interpreted in such a way as to exclude data subjects in Switzerland from the possibility of suing for their rights in their place of habitual residence (Switzerland) in accordance with Clause 18(c) of the 2021 Standard Contractual Clauses. References to personal data in the 2021 Standard Contractual Clauses also refer to data about identifiable legal entities until the entry into force of revisions to the FADP that eliminate this broader scope.Under Annex I(C) of the 2021 Standard Contractual Clauses (Competent supervisory authority): where the transfer is subject exclusively to the FADP and not the GDPR, the supervisory authority is the Swiss Federal Data Protection and Information Commissioner, and where the transfer is subject to both the FADP and the GDPR, the supervisory authority is the Swiss Federal Data Protection and Information Commissioner insofar as the transfer is governed by the FADP, and the supervisory authority is as set forth in the 2021 Standard Contractual Clauses insofar as the transfer is governed by the GDPR.
- Each party’s signature to this Addendum shall be considered a signature to the Standard Contractual Clauses. If required by the laws or regulatory procedures of any jurisdiction, the Parties shall execute or re-execute the Standard Contractual Clauses as separate documents. In case of conflict between the Standard Contractual Clauses and this Addendum, the Standard Contractual Clauses will prevail.
- Information Security Program.
- Ironclad agrees to implement appropriate technical and organizational measures designed to protect Customer Personal Data as required by Applicable Data Protection Law(s) (the “Information Security Program”). Such measures shall be designed to include:
- Pseudonymisation of Customer Personal Data where appropriate, and encryption of Customer Personal Data in transit and at rest;
- The ability to ensure the ongoing confidentiality, integrity, availability of Ironclad’s Processing and Customer Personal Data;
- The ability to restore the availability and access to Customer Personal Data in the event of a physical or technical incident;
- A process for regularly testing, assessing and evaluating the effectiveness of Ironclad’s Information Security Program to ensure the security of Customer Personal Data from reasonably suspected or actual accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access.
- Ironclad agrees to implement appropriate technical and organizational measures designed to protect Customer Personal Data as required by Applicable Data Protection Law(s) (the “Information Security Program”). Such measures shall be designed to include:
- Security Incidents.
- Security Incident Procedure. Ironclad will deploy and follow policies and procedures to detect, respond to, and otherwise address Security Incidents including procedures to (i) identify and respond to reasonably suspected or known Security Incidents, mitigate harmful effects of Security Incidents, document Security Incidents and their outcomes, and (ii) restore the availability or access to Customer Personal Data in a timely manner.
- Notice. Ironclad agrees to provide prompt written notice without undue delay and within the time frame required under Applicable Data Protection Law(s) (but in no event longer than forty-eight (48) hours) to Customer’s Designated POC upon becoming aware that a Security Incident has taken place. Such notice will include all available details required under Applicable Data Protection Law(s) for Customer to comply with its own notification obligations to regulatory authorities or individuals affected by the Security Incident.
- Audits.
- Right to Audit; Permitted Audits. Ironclad shall make available to Customer and its regulators all information necessary to demonstrate compliance with Applicable Data Protection Laws and this Addendum. Customer and its regulators shall have the right to inspect Ironclad’s architecture, systems, and documentation which are relevant to the security and integrity of Customer Personal Data, or as otherwise required by a governmental regulator:
- Following any notice from Ironclad to Customer of an actual or reasonably suspected Security Incident involving Customer Personal Data;
- Upon Customer’s reasonable belief that Ironclad is not in compliance with Applicable Data Protection Laws, this Addendum or its security policies and procedures under the Agreement;
- As required by governmental regulators;
- For any reason, or no reason at all, once annually.
- Audit Terms. Any audits described in this Section shall be:
- Conducted by Customer or its regulator, or through a third party independent contractor selected by one of these parties, and to whom Ironclad does not reasonably object.
- Conducted during reasonable times.
- Conducted upon reasonable advance notice to Ironclad.
- Of reasonable duration and scope and shall not unreasonably interfere with Ironclad’s day-to-day operations.
- Conducted in such a manner that does not violate any agreement between Ironclad and its service providers, including cloud providers, or violate or cause Ironclad to violate its reasonable policies related to security and confidentiality.
- Third Parties. In the event that Customer conducts an audit through a third party independent auditor or a third party accompanies Customer or participates in such audit, such third party shall be required to enter into a non-disclosure agreement containing confidentiality provisions substantially similar to those set forth in the Agreement to protect Ironclad’s and Ironclad’s customers’ confidential and proprietary information. For the avoidance of doubt, regulators shall not be required to enter into a non-disclosure agreement.
- Audit Results. Upon Ironclad’s request, after conducting an audit, Customer shall notify Ironclad of the manner in which Ironclad does not comply with any of the applicable security, confidentiality or privacy obligations or Applicable Data Protection Laws herein. Upon such notice, Ironclad shall make any necessary changes to ensure compliance with such obligations at its own expense and without unreasonable delay and shall notify Customer when such changes are complete. Notwithstanding anything to the contrary in the Agreement, Customer may conduct a follow-up audit within six (6) months of Ironclad’s notice of completion of any necessary changes. To the extent that a Customer audit identifies any material security vulnerabilities, Ironclad shall promptly remediate those vulnerabilities.
- Right to Audit; Permitted Audits. Ironclad shall make available to Customer and its regulators all information necessary to demonstrate compliance with Applicable Data Protection Laws and this Addendum. Customer and its regulators shall have the right to inspect Ironclad’s architecture, systems, and documentation which are relevant to the security and integrity of Customer Personal Data, or as otherwise required by a governmental regulator:
- Data Storage and Deletion.
- Data Storage. Ironclad will not store or retain any Customer Personal Data except as necessary to perform the Services under the Agreement.
- Data Deletion. Ironclad will abide by the following with respect to deletion of Customer Personal Data:
- Within ninety (90) calendar days of the Agreement’s expiration or termination, Ironclad will securely destroy (per subsection (iii) below) all copies of Customer Personal Data (including automatically created archival copies).
- Upon Customer’s request, Ironclad will promptly return to Customer a copy of all Customer Personal Data within thirty (30) calendar days and, if Customer also requests deletion of the Customer Personal Data, will carry that out as set forth above.
- All deletion of Customer Personal Data will be conducted in accordance with standard industry practices for deletion of sensitive data.
- Tapes, printed output, optical disks, and other physical media will be physically destroyed by a secure method, such as shredding performed by a bonded provider.
- Upon Customer’s request, Ironclad will provide evidence that Ironclad has deleted all Customer Personal Data. Ironclad will provide the “Certificate of Deletion” within thirty (30) calendar days of Customer’s request.
- Contact Information.
- Ironclad and the Customer agree to designate a point of contact for urgent privacy and security issues (a “Designated POC”). The Designated POC for both parties are:
- Ironclad Designated POC: John Fiedler, support@ironcladhq.com
- Customer Designated POC: The individual and/or email specified in the Notices section of the Agreement.
- Ironclad and the Customer agree to designate a point of contact for urgent privacy and security issues (a “Designated POC”). The Designated POC for both parties are:
Exhibit 1
| Category | Description |
|---|---|
1.1 Subject Matter of Processing | The subject matter of Processing is the Services pursuant to the Agreement, specifically the provision and use of Ironclad’s contract management SaaS application. |
1.2 Duration of Processing | The Processing will continue until the expiration or termination of the Agreement. |
1.3 Categories of Data Subjects | Includes the following:
|
1.4 Nature and Purpose of Processing | Includes the following: Nature: Processing of the data uploaded by Customer to Ironclad's contract management SaaS application. The purpose of Processing of Customer Personal Data by Ironclad is the performance of the Services pursuant to the Agreement. |
1.5 Types of Personal Information | Includes the following:
|
Effective January 19th 2023 to March 20th 2023
DownloadTable of Contents
This Data Processing Addendum (“Addendum”) may be referenced and incorporated by reference into an Enterprise Services Agreement (the “Agreement”) between Ironclad, Inc. (“Ironclad”) and a customer (“Customer” (collectively the “Parties”)).
- Subject Matter and Duration.
- Subject Matter. This Addendum reflects the Parties’ commitment to abide by Applicable Data Protection Laws concerning the Processing of Customer Personal Data in connection with Ironclad’s execution of the Agreement. All capitalized terms that are not expressly defined in this Data Processing Addendum will have the meanings given to them in the Agreement. If and to the extent language in this Addendum or any of its Exhibits conflicts with the Agreement, this Addendum shall control.
- Duration and Survival. This Addendum will become legally binding upon the Effective Date of the Agreement or upon the date upon which both Parties have signed this Addendum, if it is completed after the Effective Date of the Agreement. Ironclad will Process Customer Personal Data until the relationship terminates as specified in the Agreement. Ironclad’s obligations and Customer’s rights under this Addendum will continue in effect so long as Ironclad Processes Customer Personal Data.
- Definitions. For the purposes of this Addendum, the following terms and those defined within the body of this Addendum apply.
- “Applicable Data Protection Law(s)” means the relevant data protection and data privacy laws, rules and regulations to which the Customer Personal Data are subject. “Applicable Data Protection Law(s)” shall include, but not be limited to, EU General Data Protection Regulation 2016/679 (“GDPR”) principles and requirements, the United Kingdom Data Protection Act 2018, the California Consumer Privacy Act of 2018 (as amended by the California Privacy Rights Act) (“CCPA”), and its implementing regulations, and other United States state data protection and privacy laws and regulations similar to or modeled on the California Privacy Law, including, when effective, the Virginia Consumer Data Protection Act, the Colorado Privacy Act and related regulations, the Utah Consumer Privacy Act, and the Connecticut Act Concerning Personal Data Privacy and Online Monitoring. For the avoidance of doubt, if Ironclad’s processing activities involving Customer Personal Data are not within the scope of an Applicable Data Protection Law, such law is not applicable for purposes of this Addendum.
- “Customer Personal Data” means Personal Data pertaining to Customer’s users or employees Processed by Ironclad to provide the Services. The Customer Personal Data and the specific uses of the Customer Personal Data are detailed in Exhibit 1 attached hereto, as required by the GDPR.
- “Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data.
- “Personal Data” shall have the meaning assigned to the terms “personal data” or “personal information” under Applicable Data Protection Law(s).
- “Process,” “Processes,” “Processing,” “Processed” means any operation or set of operations which is performed on data or sets of data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction.
- “Processor” means a natural or legal person, public authority, agency or other body which Processes Customer Personal Data on behalf of Customer subject to this Addendum.
- “Security Incident(s)” means the breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Customer Personal Data Processed by Ironclad.
- “Services” means any and all services that Ironclad performs under the Agreement.
- “Standard Contractual Clauses” means the UK Standard Contractual Clauses, and/or the 2021 Standard Contractual Clauses.
- “Third Party(ies)” means Ironclad’s authorized contractors, agents, vendors and third party service providers that Process Customer Personal Data.
- “UK Standard Contractual Clauses” means the International Data Transfer Addendum to the EU Commission Standard Contractual Clauses, available at https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/international-data-transfer-agreement-and-guidance/ and completed as described below.
- “2021 Standard Contractual Clauses" means the Standard Contractual Clauses issued pursuant to the EU Commission Implementing Decision (EU) 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council, available at http://data.europa.eu/eli/dec_impl/2021/914/oj and completed as described below.
- Data Use and Processing.
- Compliance with Laws. Customer Personal Data shall be Processed in compliance with the terms of this Addendum and all Applicable Data Protection Law(s). Ironclad will provide the same level of protection for Customer Personal Data subject to the CCPA as is required of Customer under the CCPA.
- Purpose Limitation. Ironclad will not Process Customer Personal Data for any purpose other than for the specific purposes set forth in the Agreement or outside the direct business relationship between Customer and Ironclad, unless obligated to do otherwise by applicable law. In such case, Ironclad will inform Customer of that legal requirement before the Processing unless legally prohibited from doing so. Ironclad shall comply with any applicable restrictions under Applicable Data Protection Law(s) on combining Customer Personal Data with personal data that Ironclad receives from, or on behalf of, another person or persons, or that Ironclad collects from any interaction between it and any individual. Notwithstanding the foregoing, Ironclad may Process Customer Personal Data for any purposes permitted by Applicable Data Protection Law(s) for “service providers” (as defined in the CCPA) or Processors to undertake. Further details regarding Ironclad’s processing operations, including the purposes for processing Customer Personal Data, are set forth in Exhibit 1.
- Documented Instructions. Ironclad and its Third Parties shall Process Customer Personal Data only in accordance with the documented instructions of Customer. The Agreement, including this Addendum, along with any applicable statement of work, constitute Customer’s complete and final instructions to Ironclad regarding the Processing of Customer Personal Data, including for purposes of the Standard Contractual Clauses. Ironclad will, unless legally prohibited from doing so, inform Customer in writing if it reasonably believes that there is a conflict between Customer’s instructions and applicable law or otherwise seeks to Process Customer Personal Data in a manner that is inconsistent with Customer’s instructions.
- Authorization to Use Third Parties. To the extent necessary to fulfill Ironclad’s contractual obligations under the Agreement or any statement of work, Customer hereby authorizes (i) Ironclad to engage Third Parties and (ii) Third Parties to engage subprocessors.
- Ironclad and Third Party Compliance. Ironclad agrees to (i) enter into a written agreement with Third Parties regarding such Third Parties’ Processing of Customer Personal Data that imposes on such Third Parties (and their subprocessors) data protection and security requirements for Customer Personal Data that are at least as restrictive as the obligations in this Addendum; and (ii) remain responsible to Customer for Ironclad’s Third Parties’ (and their subprocessors if applicable) failure to perform their obligations with respect to the Processing of Customer Personal Data.
- Right to Object to Third Parties. Ironclad’s list of Third Parties that Process Customer Personal Data is available at https://ironcladapp.com/subprocessors/. Prior to engaging any new Third Parties that Process Customer Personal Data, Ironclad will notify Customer via email and allow Customer thirty (30) days to object. If Customer has legitimate objections to the appointment of any new Third Party, the parties will work together in good faith to resolve the grounds for the objection for no less than thirty (30) days, and failing any such resolution, Customer may terminate the part of the service performed under the Agreement that cannot be performed by Ironclad without use of the objectionable Third Party.
- Confidentiality. Any person or Third Party authorized to Process Customer Personal Data must agree to maintain the confidentiality of such information or be under an appropriate statutory or contractual obligation of confidentiality.
- Personal Data Inquiries and Requests. Upon written request from Customer, Ironclad agrees to provide reasonable assistance and comply with all reasonable instructions from Customer related to any requests from individuals exercising their rights in Customer Personal Data granted to them under Applicable Data Protection Laws (e.g., access, rectification, erasure, data portability, etc.). If a request is sent directly to Ironclad, Ironclad shall promptly notify Customer and shall not respond to the request unless Customer has authorized Ironclad to do so. Where necessary, Customer shall inform Ironclad of any other individual rights requests that Ironclad must comply with, and provide the information necessary for Ironclad to comply with the request.
- Government Access Requests. Unless prohibited by applicable law or a legally-binding request of law enforcement, Ironclad shall promptly notify Customer of any request by government agency or law enforcement authority for access to or seizure of Customer Personal Data, and shall render reasonable assistance to Customer, if Customer wishes to contest the access or seizure.
- Data Protection Impact Assessment and Prior Consultation. Upon written request from Customer, Ironclad agrees to provide reasonable assistance at Customer’s expense to Customer where, in Customer’s judgment, the type of Processing performed by Ironclad is likely to result in a high risk to the rights and freedoms of natural persons (e.g., systematic and extensive profiling, Processing sensitive Personal Data on a large scale and systematic monitoring on a large scale, or where the Processing uses new technologies) and thus requires a data protection impact assessment and/or prior consultation with the relevant data protection authorities.
- Sale or “Sharing” of Customer Personal Data Prohibited. Ironclad shall not sell or share Customer Personal Data as the terms "sell" and “share” are defined by the CCPA.
- CCPA Certification. Ironclad hereby certifies that it understands its restrictions and obligations set forth in this Addendum and will comply with them. Ironclad will notify Customer if Ironclad makes a determination that it can no longer meet its obligations under Applicable Data Protection Laws. Customer shall have the right, upon seven (7) business days’ notice, to take reasonable and appropriate steps to stop and remediate any unauthorized use of Customer Personal Data by Ironclad.
- Cross-Border Transfers of Personal Data.
- Cross-Border Transfers of Personal Data. Customer authorizes Ironclad and its Third Parties to transfer Customer Personal Data across international borders, including from the European Economic Area (the “EEA”), the United Kingdom, and Switzerland to the United States. Ironclad and Customer agree to use the Standard Contractual Clauses as the adequacy mechanism supporting the transfer and Processing of Customer Personal Data, as further detailed below.
- 2021 Standard Contractual Clauses. For transfers of Customer Personal Data out of the EEA that are subject to Section 4(a) of this DPA, the 2021 Standard Contractual Clauses will apply and are incorporated into this Addendum. For purposes of this Addendum, the 2021 Standard Contractual Clauses will apply as set forth in this Section 4(b). “Module Two: Transfer controller to processor” will apply and all other module options will not apply. Under Annex 1 of the 2021 Standard Contractual Clauses, the “data exporter” is Customer and the “data importer” is Ironclad and the information required by Annex 1 can be found in Exhibit 1. For the purposes of Annex 2 of the Standard Contractual Clauses, the technical and organizational measures implemented by the data importer are those listed in Section 5 of this Addendum. Clause 7 will not apply. For clause 9, the Parties choose Option 2 and the Parties agree that the time period for prior notice of Third Party changes will be as set forth in 3(f) of this Addendum. For clause 11, the optional language will not apply. For clause 17, the Parties choose Option 1 and the Parties agree that the governing law will be the Republic of Ireland. For clause 18, the Parties agree that the courts of the Republic of Ireland will apply for subsection (b).
- UK Standard Contractual Clauses. For transfers of Customer Personal Data out of the United Kingdom that are subject to Section 4(a) of this Addendum, the UK Standard Contractual Clauses will apply and are incorporated into this Addendum. For purposes of this Addendum, the UK Standard Contractual Clauses will apply as set forth in this Section 4(c). For Table 1 of the UK Standard Contractual Clauses, (i) the Parties’ details shall be the Parties and their affiliates to the extent any of them is involved in such transfer, including those set forth in Annex 1 of the 2021 Standard Contractual Clauses and (ii) the Key Contacts shall be the contacts set forth in Annex 1 of the 2021 Standard Contractual Clauses. The Approved EU SCCs referenced in Table 2 shall be the 2021 Standard Contractual Clauses as executed by the Parties pursuant to this Addendum. For Table 3, Annex 1A, 1B, and II shall be set forth in Annex 1 of the 2021 Standard Contractual Clauses. For Table 4, either party may end the UK Standard Contractual Clauses as set out in Section 19 of the UK Standard Contractual Clauses.
- Switzerland Transfers. For transfers of Customer Personal Data out of Switzerland that are subject to Section 4(a) of this DPA, the 2021 Standard Contractual Clauses will apply and will be deemed to have the differences set forth in this Section 4(d), to the extent required by the Swiss Federal Act on Data Protection (“FADP”). References to the GDPR in the 2021 Standard Contractual Clauses are to be understood as references to the FADP insofar as the data transfers are subject exclusively to the FADP and not to the GDPR. The term “member state” in the 2021 Standard Contractual Clauses shall not be interpreted in such a way as to exclude data subjects in Switzerland from the possibility of suing for their rights in their place of habitual residence (Switzerland) in accordance with Clause 18(c) of the 2021 Standard Contractual Clauses. References to personal data in the 2021 Standard Contractual Clauses also refer to data about identifiable legal entities until the entry into force of revisions to the FADP that eliminate this broader scope.Under Annex I(C) of the 2021 Standard Contractual Clauses (Competent supervisory authority): where the transfer is subject exclusively to the FADP and not the GDPR, the supervisory authority is the Swiss Federal Data Protection and Information Commissioner, and where the transfer is subject to both the FADP and the GDPR, the supervisory authority is the Swiss Federal Data Protection and Information Commissioner insofar as the transfer is governed by the FADP, and the supervisory authority is as set forth in the 2021 Standard Contractual Clauses insofar as the transfer is governed by the GDPR.
- Each party’s signature to this Addendum shall be considered a signature to the Standard Contractual Clauses. If required by the laws or regulatory procedures of any jurisdiction, the Parties shall execute or re-execute the Standard Contractual Clauses as separate documents. In case of conflict between the Standard Contractual Clauses and this Addendum, the Standard Contractual Clauses will prevail.
- Information Security Program.
- Ironclad agrees to implement appropriate technical and organizational measures designed to protect Customer Personal Data as required by Applicable Data Protection Law(s) (the “Information Security Program”). Such measures shall be designed to include:
- Pseudonymisation of Customer Personal Data where appropriate, and encryption of Customer Personal Data in transit and at rest;
- The ability to ensure the ongoing confidentiality, integrity, availability of Ironclad’s Processing and Customer Personal Data;
- The ability to restore the availability and access to Customer Personal Data in the event of a physical or technical incident;
- A process for regularly testing, assessing and evaluating the effectiveness of Ironclad’s Information Security Program to ensure the security of Customer Personal Data from reasonably suspected or actual accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access.
- Ironclad agrees to implement appropriate technical and organizational measures designed to protect Customer Personal Data as required by Applicable Data Protection Law(s) (the “Information Security Program”). Such measures shall be designed to include:
- Security Incidents.
- Security Incident Procedure. Ironclad will deploy and follow policies and procedures to detect, respond to, and otherwise address Security Incidents including procedures to (i) identify and respond to reasonably suspected or known Security Incidents, mitigate harmful effects of Security Incidents, document Security Incidents and their outcomes, and (ii) restore the availability or access to Customer Personal Data in a timely manner.
- Notice. Ironclad agrees to provide prompt written notice without undue delay and within the time frame required under Applicable Data Protection Law(s) (but in no event longer than forty-eight (48) hours) to Customer’s Designated POC upon becoming aware that a Security Incident has taken place. Such notice will include all available details required under Applicable Data Protection Law(s) for Customer to comply with its own notification obligations to regulatory authorities or individuals affected by the Security Incident.
- Audits.
- Right to Audit; Permitted Audits. Ironclad shall make available to Customer and its regulators all information necessary to demonstrate compliance with Applicable Data Protection Laws and this Addendum. Customer and its regulators shall have the right to inspect Ironclad’s architecture, systems, and documentation which are relevant to the security and integrity of Customer Personal Data, or as otherwise required by a governmental regulator:
- Following any notice from Ironclad to Customer of an actual or reasonably suspected Security Incident involving Customer Personal Data;
- Upon Customer’s reasonable belief that Ironclad is not in compliance with Applicable Data Protection Laws, this Addendum or its security policies and procedures under the Agreement;
- As required by governmental regulators;
- For any reason, or no reason at all, once annually.
- Audit Terms. Any audits described in this Section shall be:
- Conducted by Customer or its regulator, or through a third party independent contractor selected by one of these parties, and to whom Ironclad does not reasonably object.
- Conducted during reasonable times.
- Conducted upon reasonable advance notice to Ironclad.
- Of reasonable duration and scope and shall not unreasonably interfere with Ironclad’s day-to-day operations.
- Conducted in such a manner that does not violate any agreement between Ironclad and its service providers, including cloud providers, or violate or cause Ironclad to violate its reasonable policies related to security and confidentiality.
- Third Parties. In the event that Customer conducts an audit through a third party independent auditor or a third party accompanies Customer or participates in such audit, such third party shall be required to enter into a non-disclosure agreement containing confidentiality provisions substantially similar to those set forth in the Agreement to protect Ironclad’s and Ironclad’s customers’ confidential and proprietary information. For the avoidance of doubt, regulators shall not be required to enter into a non-disclosure agreement.
- Audit Results. Upon Ironclad’s request, after conducting an audit, Customer shall notify Ironclad of the manner in which Ironclad does not comply with any of the applicable security, confidentiality or privacy obligations or Applicable Data Protection Laws herein. Upon such notice, Ironclad shall make any necessary changes to ensure compliance with such obligations at its own expense and without unreasonable delay and shall notify Customer when such changes are complete. Notwithstanding anything to the contrary in the Agreement, Customer may conduct a follow-up audit within six (6) months of Ironclad’s notice of completion of any necessary changes. To the extent that a Customer audit identifies any material security vulnerabilities, Ironclad shall promptly remediate those vulnerabilities.
- Right to Audit; Permitted Audits. Ironclad shall make available to Customer and its regulators all information necessary to demonstrate compliance with Applicable Data Protection Laws and this Addendum. Customer and its regulators shall have the right to inspect Ironclad’s architecture, systems, and documentation which are relevant to the security and integrity of Customer Personal Data, or as otherwise required by a governmental regulator:
- Data Storage and Deletion.
- Data Storage. Ironclad will not store or retain any Customer Personal Data except as necessary to perform the Services under the Agreement.
- Data Deletion. Ironclad will abide by the following with respect to deletion of Customer Personal Data:
- Within ninety (90) calendar days of the Agreement’s expiration or termination, Ironclad will securely destroy (per subsection (iii) below) all copies of Customer Personal Data (including automatically created archival copies).
- Upon Customer’s request, Ironclad will promptly return to Customer a copy of all Customer Personal Data within thirty (30) calendar days and, if Customer also requests deletion of the Customer Personal Data, will carry that out as set forth above.
- All deletion of Customer Personal Data will be conducted in accordance with standard industry practices for deletion of sensitive data.
- Tapes, printed output, optical disks, and other physical media will be physically destroyed by a secure method, such as shredding performed by a bonded provider.
- Upon Customer’s request, Ironclad will provide evidence that Ironclad has deleted all Customer Personal Data. Ironclad will provide the “Certificate of Deletion” within thirty (30) calendar days of Customer’s request.
- Contact Information.
- Ironclad and the Customer agree to designate a point of contact for urgent privacy and security issues (a “Designated POC”). The Designated POC for both parties are:
- Ironclad Designated POC: John Fiedler, support@ironcladhq.com
- Customer Designated POC: The individual and/or email specified in the Notices section of the Agreement.
- Ironclad and the Customer agree to designate a point of contact for urgent privacy and security issues (a “Designated POC”). The Designated POC for both parties are:
Exhibit 1
1.1 Subject Matter of Processing | The subject matter of Processing is the Services pursuant to the Agreement, specifically the provision and use of Ironclad’s contract management SaaS application. |
1.2 Duration of Processing | The Processing will continue until the expiration or termination of the Agreement. |
1.3 Categories of Data Subjects | Includes the following:
|
1.4 Nature and Purpose of Processing | Includes the following: Nature: Processing of the data uploaded by Customer to Ironclad's contract management SaaS application. The purpose of Processing of Customer Personal Data by Ironclad is the performance of the Services pursuant to the Agreement. |
1.5 Types of Personal Information | Includes the following:
|
Effective December 29th 2022 to January 19th 2023
DownloadTable of Contents
This Data Processing Addendum (“Addendum”) may be referenced and incorporated by reference into an Enterprise Services Agreement (the “Agreement”) between Ironclad, Inc. (“Ironclad”) and a customer (“Customer” (collectively the “Parties”)).
- Subject Matter and Duration.
- Subject Matter. This Addendum reflects the Parties’ commitment to abide by Applicable Data Protection Laws concerning the Processing of Customer Personal Data in connection with Ironclad’s execution of the Agreement. All capitalized terms that are not expressly defined in this Data Processing Addendum will have the meanings given to them in the Agreement. If and to the extent language in this Addendum or any of its Exhibits conflicts with the Agreement, this Addendum shall control.
- Duration and Survival. This Addendum will become legally binding upon the Effective Date of the Agreement or upon the date upon which both Parties have signed this Addendum, if it is completed after the Effective Date of the Agreement. Ironclad will Process Customer Personal Data until the relationship terminates as specified in the Agreement. Ironclad’s obligations and Customer’s rights under this Addendum will continue in effect so long as Ironclad Processes Customer Personal Data.
- Definitions. For the purposes of this Addendum, the following terms and those defined within the body of this Addendum apply.
- “Applicable Data Protection Law(s)” means the relevant data protection and data privacy laws, rules and regulations to which the Customer Personal Data are subject. “Applicable Data Protection Law(s)” shall include, but not be limited to, EU General Data Protection Regulation 2016/679 (“GDPR”) principles and requirements, the United Kingdom Data Protection Act 2018, and the California Consumer Privacy Act of 2018 (“CCPA”), and its implementing regulations. For the avoidance of doubt, if Ironclad’s processing activities involving Customer Personal Data are not within the scope of an Applicable Data Protection Law, such law is not applicable for purposes of this Addendum.
- “Customer Personal Data” means Personal Data pertaining to Customer’s users or employees Processed by Ironclad to provide the Services. The Customer Personal Data and the specific uses of the Customer Personal Data are detailed in Exhibit 1 attached hereto, as required by the GDPR.
- “Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data.
- “Personal Data” shall have the meaning assigned to the terms “personal data” or “personal information” under Applicable Data Protection Law(s).
- “Process,” “Processes,” “Processing,” “Processed” means any operation or set of operations which is performed on data or sets of data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction.
- “Processor” means a natural or legal person, public authority, agency or other body which Processes Customer Personal Data on behalf of Customer subject to this Addendum.
- “Security Incident(s)” means the breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Customer Personal Data Processed by Ironclad.
- “Services” means any and all services that Ironclad performs under the Agreement.
- “Standard Contractual Clauses” means the UK Standard Contractual Clauses, and/or the 2021 Standard Contractual Clauses.
- “Third Party(ies)” means Ironclad’s authorized contractors, agents, vendors and third party service providers that Process Customer Personal Data.
- “UK Standard Contractual Clauses” means the International Data Transfer Addendum to the EU Commission Standard Contractual Clauses, available at https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/international-data-transfer-agreement-and-guidance/ and completed as described below.
- “2021 Standard Contractual Clauses" means the Standard Contractual Clauses issued pursuant to the EU Commission Implementing Decision (EU) 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council, available at http://data.europa.eu/eli/dec_impl/2021/914/oj and completed as described below.
- Data Use and Processing.
- Compliance with Laws. Customer Personal Data shall be Processed in compliance with the terms of this Addendum and all Applicable Data Protection Law(s).
- Purpose Limitation. Ironclad will not Process Customer Personal Data for any purpose other than for the specific purposes set forth in the Agreement, unless obligated to do otherwise by applicable law. In such case, Ironclad will inform Customer of that legal requirement before the Processing unless legally prohibited from doing so.
- Documented Instructions. Ironclad and its Third Parties shall Process Customer Personal Data only in accordance with the documented instructions of Customer. The Agreement, including this Addendum, along with any applicable statement of work, constitute Customer’s complete and final instructions to Ironclad regarding the Processing of Customer Personal Data, including for purposes of the Standard Contractual Clauses. Ironclad will, unless legally prohibited from doing so, inform Customer in writing if it reasonably believes that there is a conflict between Customer’s instructions and applicable law or otherwise seeks to Process Customer Personal Data in a manner that is inconsistent with Customer’s instructions.
- Authorization to Use Third Parties. To the extent necessary to fulfill Ironclad’s contractual obligations under the Agreement or any statement of work, Customer hereby authorizes (i) Ironclad to engage Third Parties and (ii) Third Parties to engage subprocessors.
- Ironclad and Third Party Compliance. Ironclad agrees to (i) enter into a written agreement with Third Parties regarding such Third Parties’ Processing of Customer Personal Data that imposes on such Third Parties (and their subprocessors) data protection and security requirements for Customer Personal Data that are at least as restrictive as the obligations in this Addendum; and (ii) remain responsible to Customer for Ironclad’s Third Parties’ (and their subprocessors if applicable) failure to perform their obligations with respect to the Processing of Customer Personal Data.
- Right to Object to Third Parties. Ironclad’s list of Third Parties that Process Customer Personal Data is available at https://ironcladapp.com/subprocessors/. Prior to engaging any new Third Parties that Process Customer Personal Data, Ironclad will notify Customer via email and allow Customer thirty (30) days to object. If Customer has legitimate objections to the appointment of any new Third Party, the parties will work together in good faith to resolve the grounds for the objection for no less than thirty (30) days, and failing any such resolution, Customer may terminate the part of the service performed under the Agreement that cannot be performed by Ironclad without use of the objectionable Third Party.
- Confidentiality. Any person or Third Party authorized to Process Customer Personal Data must agree to maintain the confidentiality of such information or be under an appropriate statutory or contractual obligation of confidentiality.
- Personal Data Inquiries and Requests. Upon written request from Customer, Ironclad agrees to provide reasonable assistance and comply with all reasonable instructions from Customer related to any requests from individuals exercising their rights in Customer Personal Data granted to them under Applicable Data Protection Laws (e.g., access, rectification, erasure, data portability, etc.). If a request is sent directly to Ironclad, Ironclad shall promptly notify Customer and shall not respond to the request unless Customer has authorized Ironclad to do so.
- Government Access Requests. Unless prohibited by applicable law or a legally-binding request of law enforcement, Ironclad shall promptly notify Customer of any request by government agency or law enforcement authority for access to or seizure of Customer Personal Data, and shall render reasonable assistance to Customer, if Customer wishes to contest the access or seizure.
- Data Protection Impact Assessment and Prior Consultation. Upon written request from Customer, Ironclad agrees to provide reasonable assistance at Customer’s expense to Customer where, in Customer’s judgment, the type of Processing performed by Ironclad is likely to result in a high risk to the rights and freedoms of natural persons (e.g., systematic and extensive profiling, Processing sensitive Personal Data on a large scale and systematic monitoring on a large scale, or where the Processing uses new technologies) and thus requires a data protection impact assessment and/or prior consultation with the relevant data protection authorities.
- Sale of Customer Personal Data Prohibited. Ironclad shall not sell Customer Personal Data as the term "sell" is defined by the CCPA.
- CCPA Certification. Ironclad hereby certifies that it understands its restrictions and obligations set forth in this Addendum and will comply with them.
- Cross-Border Transfers of Personal Data.
- Cross-Border Transfers of Personal Data. Customer authorizes Ironclad and its Third Parties to transfer Customer Personal Data across international borders, including from the European Economic Area (the “EEA”), the United Kingdom, and Switzerland to the United States. Ironclad and Customer agree to use the Standard Contractual Clauses as the adequacy mechanism supporting the transfer and Processing of Customer Personal Data, as further detailed below.
- 2021 Standard Contractual Clauses. For transfers of Customer Personal Data out of the EEA that are subject to Section 4(a) of this DPA, the 2021 Standard Contractual Clauses will apply and are incorporated into this Addendum. For purposes of this Addendum, the 2021 Standard Contractual Clauses will apply as set forth in this Section 4(b). “Module Two: Transfer controller to processor” will apply and all other module options will not apply. Under Annex 1 of the 2021 Standard Contractual Clauses, the “data exporter” is Customer and the “data importer” is Ironclad and the information required by Annex 1 can be found in Exhibit 1. For the purposes of Annex 2 of the Standard Contractual Clauses, the technical and organizational measures implemented by the data importer are those listed in Section 5 of this Addendum. Clause 7 will not apply. For clause 9, the Parties choose Option 2 and the Parties agree that the time period for prior notice of Third Party changes will be as set forth in 3(f) of this Addendum. For clause 11, the optional language will not apply. For clause 17, the Parties choose Option 1 and the Parties agree that the governing law will be the Republic of Ireland. For clause 18, the Parties agree that the courts of the Republic of Ireland will apply for subsection (b).
- UK Standard Contractual Clauses. For transfers of Customer Personal Data out of the United Kingdom that are subject to Section 4(a) of this Addendum, the UK Standard Contractual Clauses will apply and are incorporated into this Addendum. For purposes of this Addendum, the UK Standard Contractual Clauses will apply as set forth in this Section 4(c). For Table 1 of the UK Standard Contractual Clauses, (i) the Parties’ details shall be the Parties and their affiliates to the extent any of them is involved in such transfer, including those set forth in Annex 1 of the 2021 Standard Contractual Clauses and (ii) the Key Contacts shall be the contacts set forth in Annex 1 of the 2021 Standard Contractual Clauses. The Approved EU SCCs referenced in Table 2 shall be the 2021 Standard Contractual Clauses as executed by the Parties pursuant to this Addendum. For Table 3, Annex 1A, 1B, and II shall be set forth in Annex 1 of the 2021 Standard Contractual Clauses. For Table 4, either party may end the UK Standard Contractual Clauses as set out in Section 19 of the UK Standard Contractual Clauses.
- Switzerland Transfers. For transfers of Customer Personal Data out of Switzerland that are subject to Section 4(a) of this DPA, the 2021 Standard Contractual Clauses will apply and will be deemed to have the differences set forth in this Section 4(d), to the extent required by the Swiss Federal Act on Data Protection (“FADP”). References to the GDPR in the 2021 Standard Contractual Clauses are to be understood as references to the FADP insofar as the data transfers are subject exclusively to the FADP and not to the GDPR. The term “member state” in the 2021 Standard Contractual Clauses shall not be interpreted in such a way as to exclude data subjects in Switzerland from the possibility of suing for their rights in their place of habitual residence (Switzerland) in accordance with Clause 18(c) of the 2021 Standard Contractual Clauses. References to personal data in the 2021 Standard Contractual Clauses also refer to data about identifiable legal entities until the entry into force of revisions to the FADP that eliminate this broader scope.Under Annex I(C) of the 2021 Standard Contractual Clauses (Competent supervisory authority): where the transfer is subject exclusively to the FADP and not the GDPR, the supervisory authority is the Swiss Federal Data Protection and Information Commissioner, and where the transfer is subject to both the FADP and the GDPR, the supervisory authority is the Swiss Federal Data Protection and Information Commissioner insofar as the transfer is governed by the FADP, and the supervisory authority is as set forth in the 2021 Standard Contractual Clauses insofar as the transfer is governed by the GDPR.
- Each party’s signature to this Addendum shall be considered a signature to the Standard Contractual Clauses. If required by the laws or regulatory procedures of any jurisdiction, the Parties shall execute or re-execute the Standard Contractual Clauses as separate documents. In case of conflict between the Standard Contractual Clauses and this Addendum, the Standard Contractual Clauses will prevail.
- Information Security Program.
- Ironclad agrees to implement appropriate technical and organizational measures designed to protect Customer Personal Data as required by Applicable Data Protection Law(s) (the “Information Security Program”). Such measures shall be designed to include:
- Pseudonymisation of Customer Personal Data where appropriate, and encryption of Customer Personal Data in transit and at rest;
- The ability to ensure the ongoing confidentiality, integrity, availability of Ironclad’s Processing and Customer Personal Data;
- The ability to restore the availability and access to Customer Personal Data in the event of a physical or technical incident;
- A process for regularly testing, assessing and evaluating the effectiveness of Ironclad’s Information Security Program to ensure the security of Customer Personal Data from reasonably suspected or actual accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access.
- Ironclad agrees to implement appropriate technical and organizational measures designed to protect Customer Personal Data as required by Applicable Data Protection Law(s) (the “Information Security Program”). Such measures shall be designed to include:
- Security Incidents.
- Security Incident Procedure. Ironclad will deploy and follow policies and procedures to detect, respond to, and otherwise address Security Incidents including procedures to (i) identify and respond to reasonably suspected or known Security Incidents, mitigate harmful effects of Security Incidents, document Security Incidents and their outcomes, and (ii) restore the availability or access to Customer Personal Data in a timely manner.
- Notice. Ironclad agrees to provide prompt written notice without undue delay and within the time frame required under Applicable Data Protection Law(s) (but in no event longer than forty-eight (48) hours) to Customer’s Designated POC upon becoming aware that a Security Incident has taken place. Such notice will include all available details required under Applicable Data Protection Law(s) for Customer to comply with its own notification obligations to regulatory authorities or individuals affected by the Security Incident.
- Audits.
- Right to Audit; Permitted Audits. Ironclad shall make available to Customer and its regulators all information necessary to demonstrate compliance with Applicable Data Protection Laws and this Addendum. Customer and its regulators shall have the right to inspect Ironclad’s architecture, systems, and documentation which are relevant to the security and integrity of Customer Personal Data, or as otherwise required by a governmental regulator:
- Following any notice from Ironclad to Customer of an actual or reasonably suspected Security Incident involving Customer Personal Data;
- Upon Customer’s reasonable belief that Ironclad is not in compliance with Applicable Data Protection Laws, this Addendum or its security policies and procedures under the Agreement;
- As required by governmental regulators;
- For any reason, or no reason at all, once annually.
- Audit Terms. Any audits described in this Section shall be:
- Conducted by Customer or its regulator, or through a third party independent contractor selected by one of these parties, and to whom Ironclad does not reasonably object.
- Conducted during reasonable times.
- Conducted upon reasonable advance notice to Ironclad.
- Of reasonable duration and scope and shall not unreasonably interfere with Ironclad’s day-to-day operations.
- Conducted in such a manner that does not violate any agreement between Ironclad and its service providers, including cloud providers, or violate or cause Ironclad to violate its reasonable policies related to security and confidentiality.
- Third Parties. In the event that Customer conducts an audit through a third party independent auditor or a third party accompanies Customer or participates in such audit, such third party shall be required to enter into a non-disclosure agreement containing confidentiality provisions substantially similar to those set forth in the Agreement to protect Ironclad’s and Ironclad’s customers’ confidential and proprietary information. For the avoidance of doubt, regulators shall not be required to enter into a non-disclosure agreement.
- Audit Results. Upon Ironclad’s request, after conducting an audit, Customer shall notify Ironclad of the manner in which Ironclad does not comply with any of the applicable security, confidentiality or privacy obligations or Applicable Data Protection Laws herein. Upon such notice, Ironclad shall make any necessary changes to ensure compliance with such obligations at its own expense and without unreasonable delay and shall notify Customer when such changes are complete. Notwithstanding anything to the contrary in the Agreement, Customer may conduct a follow-up audit within six (6) months of Ironclad’s notice of completion of any necessary changes. To the extent that a Customer audit identifies any material security vulnerabilities, Ironclad shall promptly remediate those vulnerabilities.
- Right to Audit; Permitted Audits. Ironclad shall make available to Customer and its regulators all information necessary to demonstrate compliance with Applicable Data Protection Laws and this Addendum. Customer and its regulators shall have the right to inspect Ironclad’s architecture, systems, and documentation which are relevant to the security and integrity of Customer Personal Data, or as otherwise required by a governmental regulator:
- Data Storage and Deletion.
- Data Storage. Ironclad will not store or retain any Customer Personal Data except as necessary to perform the Services under the Agreement.
- Data Deletion. Ironclad will abide by the following with respect to deletion of Customer Personal Data:
- Within ninety (90) calendar days of the Agreement’s expiration or termination, Ironclad will securely destroy (per subsection (iii) below) all copies of Customer Personal Data (including automatically created archival copies).
- Upon Customer’s request, Ironclad will promptly return to Customer a copy of all Customer Personal Data within thirty (30) calendar days and, if Customer also requests deletion of the Customer Personal Data, will carry that out as set forth above.
- All deletion of Customer Personal Data will be conducted in accordance with standard industry practices for deletion of sensitive data.
- Tapes, printed output, optical disks, and other physical media will be physically destroyed by a secure method, such as shredding performed by a bonded provider.
- Upon Customer’s request, Ironclad will provide evidence that Ironclad has deleted all Customer Personal Data. Ironclad will provide the “Certificate of Deletion” within thirty (30) calendar days of Customer’s request.
- Contact Information.
- Ironclad and the Customer agree to designate a point of contact for urgent privacy and security issues (a “Designated POC”). The Designated POC for both parties are:
- Ironclad Designated POC: John Fiedler, support@ironcladhq.com
- Customer Designated POC: The individual and/or email specified in the Notices section of the Agreement.
- Ironclad and the Customer agree to designate a point of contact for urgent privacy and security issues (a “Designated POC”). The Designated POC for both parties are:
Exhibit 1
1.1 Subject Matter of Processing | The subject matter of Processing is the Services pursuant to the Agreement. |
1.2 Duration of Processing | The Processing will continue until the expiration or termination of the Agreement. |
1.3 Categories of Data Subjects | Includes the following:
|
1.4 Nature and Purpose of Processing | Includes the following: Nature: Processing of the data uploaded by Customer to Ironclad's contract management SaaS application. The purpose of Processing of Customer Personal Data by Ironclad is the performance of the Services pursuant to the Agreement. |
1.5 Types of Personal Information | Includes the following:
|
Effective August 30th 2022 to December 29th 2022
DownloadTable of Contents
This Data Processing Addendum (“Addendum”) may be referenced and incorporated by reference into an Enterprise Services Agreement (the “Agreement”) between Ironclad, Inc. (“Ironclad”) and a customer (“Customer” (collectively the “Parties”)).
- Subject Matter and Duration.
- Subject Matter. This Addendum reflects the Parties’ commitment to abide by Applicable Data Protection Laws concerning the Processing of Customer Personal Data in connection with Ironclad’s execution of the Agreement. All capitalized terms that are not expressly defined in this Data Processing Addendum will have the meanings given to them in the Agreement. If and to the extent language in this Addendum or any of its Exhibits conflicts with the Agreement, this Addendum shall control.
- Duration and Survival. This Addendum will become legally binding upon the Effective Date of the Agreement or upon the date upon which both Parties have signed this Addendum, if it is completed after the Effective Date of the Agreement. Ironclad will Process Customer Personal Data until the relationship terminates as specified in the Agreement. Ironclad’s obligations and Customer’s rights under this Addendum will continue in effect so long as Ironclad Processes Customer Personal Data.
- Definitions. For the purposes of this Addendum, the following terms and those defined within the body of this Addendum apply.
- “Applicable Data Protection Law(s)” means the relevant data protection and data privacy laws, rules and regulations to which the Customer Personal Data are subject. “Applicable Data Protection Law(s)” shall include, but not be limited to, EU General Data Protection Regulation 2016/679 (“GDPR”) principles and requirements, the United Kingdom Data Protection Act 2018, and the California Consumer Privacy Act of 2018 (“CCPA”), and its implementing regulations. For the avoidance of doubt, if Ironclad’s processing activities involving Customer Personal Data are not within the scope of an Applicable Data Protection Law, such law is not applicable for purposes of this Addendum.
- “Customer Personal Data” means Personal Data pertaining to Customer’s users or employees Processed by Ironclad to provide the Services. The Customer Personal Data and the specific uses of the Customer Personal Data are detailed in Exhibit 1 attached hereto, as required by the GDPR.
- “Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data.
- “Personal Data” shall have the meaning assigned to the terms “personal data” or “personal information” under Applicable Data Protection Law(s).
- “Process,” “Processes,” “Processing,” “Processed” means any operation or set of operations which is performed on data or sets of data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction.
- “Processor” means a natural or legal person, public authority, agency or other body which Processes Customer Personal Data on behalf of Customer subject to this Addendum.
- “Security Incident(s)” means the breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Customer Personal Data Processed by Ironclad.
- “Services” means any and all services that Ironclad performs under the Agreement.
- “Standard Contractual Clauses” means the UK Standard Contractual Clauses, and/or the 2021 Standard Contractual Clauses.
- “Third Party(ies)” means Ironclad’s authorized contractors, agents, vendors and third party service providers that Process Customer Personal Data.
- “UK Standard Contractual Clauses” means the International Data Transfer Addendum to the EU Commission Standard Contractual Clauses, available at https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/international-data-transfer-agreement-and-guidance/ and completed as described below.
- “2021 Standard Contractual Clauses" means the Standard Contractual Clauses issued pursuant to the EU Commission Implementing Decision (EU) 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council, available at http://data.europa.eu/eli/dec_impl/2021/914/oj and completed as described below.
- Data Use and Processing.
- Compliance with Laws. Customer Personal Data shall be Processed in compliance with the terms of this Addendum and all Applicable Data Protection Law(s).
- Purpose Limitation. Ironclad will not Process Customer Personal Data for any purpose other than for the specific purposes set forth in the Agreement, unless obligated to do otherwise by applicable law. In such case, Ironclad will inform Customer of that legal requirement before the Processing unless legally prohibited from doing so.
- Documented Instructions. Ironclad and its Third Parties shall Process Customer Personal Data only in accordance with the documented instructions of Customer. The Agreement, including this Addendum, along with any applicable statement of work, constitute Customer’s complete and final instructions to Ironclad regarding the Processing of Customer Personal Data, including for purposes of the Standard Contractual Clauses. Ironclad will, unless legally prohibited from doing so, inform Customer in writing if it reasonably believes that there is a conflict between Customer’s instructions and applicable law or otherwise seeks to Process Customer Personal Data in a manner that is inconsistent with Customer’s instructions.
- Authorization to Use Third Parties. To the extent necessary to fulfill Ironclad’s contractual obligations under the Agreement or any statement of work, Customer hereby authorizes (i) Ironclad to engage Third Parties and (ii) Third Parties to engage subprocessors.
- Ironclad and Third Party Compliance. Ironclad agrees to (i) enter into a written agreement with Third Parties regarding such Third Parties’ Processing of Customer Personal Data that imposes on such Third Parties (and their subprocessors) data protection and security requirements for Customer Personal Data that are at least as restrictive as the obligations in this Addendum; and (ii) remain responsible to Customer for Ironclad’s Third Parties’ (and their subprocessors if applicable) failure to perform their obligations with respect to the Processing of Customer Personal Data.
- Right to Object to Third Parties. Ironclad’s list of Third Parties that Process Customer Personal Data is available at https://ironcladapp.com/subprocessors/. Prior to engaging any new Third Parties that Process Customer Personal Data, Ironclad will notify Customer via email and allow Customer thirty (30) days to object. If Customer has legitimate objections to the appointment of any new Third Party, the parties will work together in good faith to resolve the grounds for the objection for no less than thirty (30) days, and failing any such resolution, Customer may terminate the part of the service performed under the Agreement that cannot be performed by Ironclad without use of the objectionable Third Party.
- Confidentiality. Any person or Third Party authorized to Process Customer Personal Data must agree to maintain the confidentiality of such information or be under an appropriate statutory or contractual obligation of confidentiality.
- Personal Data Inquiries and Requests. Upon written request from Customer, Ironclad agrees to provide reasonable assistance and comply with all reasonable instructions from Customer related to any requests from individuals exercising their rights in Customer Personal Data granted to them under Applicable Data Protection Laws (e.g., access, rectification, erasure, data portability, etc.). If a request is sent directly to Ironclad, Ironclad shall promptly notify Customer and shall not respond to the request unless Customer has authorized Ironclad to do so.
- Government Access Requests. Unless prohibited by applicable law or a legally-binding request of law enforcement, Ironclad shall promptly notify Customer of any request by government agency or law enforcement authority for access to or seizure of Customer Personal Data, and shall render reasonable assistance to Customer, if Customer wishes to contest the access or seizure.
- Data Protection Impact Assessment and Prior Consultation. Upon written request from Customer, Ironclad agrees to provide reasonable assistance at Customer’s expense to Customer where, in Customer’s judgment, the type of Processing performed by Ironclad is likely to result in a high risk to the rights and freedoms of natural persons (e.g., systematic and extensive profiling, Processing sensitive Personal Data on a large scale and systematic monitoring on a large scale, or where the Processing uses new technologies) and thus requires a data protection impact assessment and/or prior consultation with the relevant data protection authorities.
- Sale of Customer Personal Data Prohibited. Ironclad shall not sell Customer Personal Data as the term "sell" is defined by the CCPA.
- CCPA Certification. Ironclad hereby certifies that it understands its restrictions and obligations set forth in this Addendum and will comply with them.
- Cross-Border Transfers of Personal Data.
- Cross-Border Transfers of Personal Data. Customer authorizes Ironclad and its Third Parties to transfer Customer Personal Data across international borders, including from the European Economic Area (the “EEA”), the United Kingdom, and Switzerland to the United States, and if Customer’s Order Form includes Clickwrap Services, from the United States to Japan. Ironclad and Customer agree to use the Standard Contractual Clauses as the adequacy mechanism supporting the transfer and Processing of Customer Personal Data, as further detailed below.
- 2021 Standard Contractual Clauses. For transfers of Customer Personal Data out of the EEA that are subject to Section 4(a) of this DPA, the 2021 Standard Contractual Clauses will apply and are incorporated into this Addendum. For purposes of this Addendum, the 2021 Standard Contractual Clauses will apply as set forth in this Section 4(b). “Module Two: Transfer controller to processor” will apply and all other module options will not apply. Under Annex 1 of the 2021 Standard Contractual Clauses, the “data exporter” is Customer and the “data importer” is Ironclad and the information required by Annex 1 can be found in Exhibit 1. For the purposes of Annex 2 of the Standard Contractual Clauses, the technical and organizational measures implemented by the data importer are those listed in Section 5 of this Addendum. Clause 7 will not apply. For clause 9, the Parties choose Option 2 and the Parties agree that the time period for prior notice of Third Party changes will be as set forth in 3(f) of this Addendum. For clause 11, the optional language will not apply. For clause 17, the Parties choose Option 1 and the Parties agree that the governing law will be the Republic of Ireland. For clause 18, the Parties agree that the courts of the Republic of Ireland will apply for subsection (b).
- UK Standard Contractual Clauses. For transfers of Customer Personal Data out of the United Kingdom that are subject to Section 4(a) of this Addendum, the UK Standard Contractual Clauses will apply and are incorporated into this Addendum. For purposes of this Addendum, the UK Standard Contractual Clauses will apply as set forth in this Section 4(c). For Table 1 of the UK Standard Contractual Clauses, (i) the Parties’ details shall be the Parties and their affiliates to the extent any of them is involved in such transfer, including those set forth in Annex 1 of the 2021 Standard Contractual Clauses and (ii) the Key Contacts shall be the contacts set forth in Annex 1 of the 2021 Standard Contractual Clauses. The Approved EU SCCs referenced in Table 2 shall be the 2021 Standard Contractual Clauses as executed by the Parties pursuant to this Addendum. For Table 3, Annex 1A, 1B, and II shall be set forth in Annex 1 of the 2021 Standard Contractual Clauses. For Table 4, either party may end the UK Standard Contractual Clauses as set out in Section 19 of the UK Standard Contractual Clauses.
- Switzerland Transfers. For transfers of Customer Personal Data out of Switzerland that are subject to Section 4(a) of this DPA, the 2021 Standard Contractual Clauses will apply and will be deemed to have the differences set forth in this Section 4(d), to the extent required by the Swiss Federal Act on Data Protection (“FADP”). References to the GDPR in the 2021 Standard Contractual Clauses are to be understood as references to the FADP insofar as the data transfers are subject exclusively to the FADP and not to the GDPR. The term “member state” in the 2021 Standard Contractual Clauses shall not be interpreted in such a way as to exclude data subjects in Switzerland from the possibility of suing for their rights in their place of habitual residence (Switzerland) in accordance with Clause 18(c) of the 2021 Standard Contractual Clauses. References to personal data in the 2021 Standard Contractual Clauses also refer to data about identifiable legal entities until the entry into force of revisions to the FADP that eliminate this broader scope.Under Annex I(C) of the 2021 Standard Contractual Clauses (Competent supervisory authority): where the transfer is subject exclusively to the FADP and not the GDPR, the supervisory authority is the Swiss Federal Data Protection and Information Commissioner, and where the transfer is subject to both the FADP and the GDPR, the supervisory authority is the Swiss Federal Data Protection and Information Commissioner insofar as the transfer is governed by the FADP, and the supervisory authority is as set forth in the 2021 Standard Contractual Clauses insofar as the transfer is governed by the GDPR.
- Each party’s signature to this Addendum shall be considered a signature to the Standard Contractual Clauses. If required by the laws or regulatory procedures of any jurisdiction, the Parties shall execute or re-execute the Standard Contractual Clauses as separate documents. In case of conflict between the Standard Contractual Clauses and this Addendum, the Standard Contractual Clauses will prevail.
- Information Security Program.
- Ironclad agrees to implement appropriate technical and organizational measures designed to protect Customer Personal Data as required by Applicable Data Protection Law(s) (the “Information Security Program”). Such measures shall be designed to include:
- Pseudonymisation of Customer Personal Data where appropriate, and encryption of Customer Personal Data in transit and at rest;
- The ability to ensure the ongoing confidentiality, integrity, availability of Ironclad’s Processing and Customer Personal Data;
- The ability to restore the availability and access to Customer Personal Data in the event of a physical or technical incident;
- A process for regularly testing, assessing and evaluating the effectiveness of Ironclad’s Information Security Program to ensure the security of Customer Personal Data from reasonably suspected or actual accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access.
- Ironclad agrees to implement appropriate technical and organizational measures designed to protect Customer Personal Data as required by Applicable Data Protection Law(s) (the “Information Security Program”). Such measures shall be designed to include:
- Security Incidents.
- Security Incident Procedure. Ironclad will deploy and follow policies and procedures to detect, respond to, and otherwise address Security Incidents including procedures to (i) identify and respond to reasonably suspected or known Security Incidents, mitigate harmful effects of Security Incidents, document Security Incidents and their outcomes, and (ii) restore the availability or access to Customer Personal Data in a timely manner.
- Notice. Ironclad agrees to provide prompt written notice without undue delay and within the time frame required under Applicable Data Protection Law(s) (but in no event longer than forty-eight (48) hours) to Customer’s Designated POC upon becoming aware that a Security Incident has taken place. Such notice will include all available details required under Applicable Data Protection Law(s) for Customer to comply with its own notification obligations to regulatory authorities or individuals affected by the Security Incident.
- Audits.
- Right to Audit; Permitted Audits. Ironclad shall make available to Customer and its regulators all information necessary to demonstrate compliance with Applicable Data Protection Laws and this Addendum. Customer and its regulators shall have the right to inspect Ironclad’s architecture, systems, and documentation which are relevant to the security and integrity of Customer Personal Data, or as otherwise required by a governmental regulator:
- Following any notice from Ironclad to Customer of an actual or reasonably suspected Security Incident involving Customer Personal Data;
- Upon Customer’s reasonable belief that Ironclad is not in compliance with Applicable Data Protection Laws, this Addendum or its security policies and procedures under the Agreement;
- As required by governmental regulators;
- For any reason, or no reason at all, once annually.
- Audit Terms. Any audits described in this Section shall be:
- Conducted by Customer or its regulator, or through a third party independent contractor selected by one of these parties, and to whom Ironclad does not reasonably object.
- Conducted during reasonable times.
- Conducted upon reasonable advance notice to Ironclad.
- Of reasonable duration and scope and shall not unreasonably interfere with Ironclad’s day-to-day operations.
- Conducted in such a manner that does not violate any agreement between Ironclad and its service providers, including cloud providers, or violate or cause Ironclad to violate its reasonable policies related to security and confidentiality.
- Third Parties. In the event that Customer conducts an audit through a third party independent auditor or a third party accompanies Customer or participates in such audit, such third party shall be required to enter into a non-disclosure agreement containing confidentiality provisions substantially similar to those set forth in the Agreement to protect Ironclad’s and Ironclad’s customers’ confidential and proprietary information. For the avoidance of doubt, regulators shall not be required to enter into a non-disclosure agreement.
- Audit Results. Upon Ironclad’s request, after conducting an audit, Customer shall notify Ironclad of the manner in which Ironclad does not comply with any of the applicable security, confidentiality or privacy obligations or Applicable Data Protection Laws herein. Upon such notice, Ironclad shall make any necessary changes to ensure compliance with such obligations at its own expense and without unreasonable delay and shall notify Customer when such changes are complete. Notwithstanding anything to the contrary in the Agreement, Customer may conduct a follow-up audit within six (6) months of Ironclad’s notice of completion of any necessary changes. To the extent that a Customer audit identifies any material security vulnerabilities, Ironclad shall promptly remediate those vulnerabilities.
- Right to Audit; Permitted Audits. Ironclad shall make available to Customer and its regulators all information necessary to demonstrate compliance with Applicable Data Protection Laws and this Addendum. Customer and its regulators shall have the right to inspect Ironclad’s architecture, systems, and documentation which are relevant to the security and integrity of Customer Personal Data, or as otherwise required by a governmental regulator:
- Data Storage and Deletion.
- Data Storage. Ironclad will not store or retain any Customer Personal Data except as necessary to perform the Services under the Agreement.
- Data Deletion. Ironclad will abide by the following with respect to deletion of Customer Personal Data:
- Within ninety (90) calendar days of the Agreement’s expiration or termination, Ironclad will securely destroy (per subsection (iii) below) all copies of Customer Personal Data (including automatically created archival copies).
- Upon Customer’s request, Ironclad will promptly return to Customer a copy of all Customer Personal Data within thirty (30) calendar days and, if Customer also requests deletion of the Customer Personal Data, will carry that out as set forth above.
- All deletion of Customer Personal Data will be conducted in accordance with standard industry practices for deletion of sensitive data.
- Tapes, printed output, optical disks, and other physical media will be physically destroyed by a secure method, such as shredding performed by a bonded provider.
- Upon Customer’s request, Ironclad will provide evidence that Ironclad has deleted all Customer Personal Data. Ironclad will provide the “Certificate of Deletion” within thirty (30) calendar days of Customer’s request.
- Contact Information.
- Ironclad and the Customer agree to designate a point of contact for urgent privacy and security issues (a “Designated POC”). The Designated POC for both parties are:
- Ironclad Designated POC: John Fiedler, support@ironcladhq.com
- Customer Designated POC: The individual and/or email specified in the Notices section of the Agreement.
- Ironclad and the Customer agree to designate a point of contact for urgent privacy and security issues (a “Designated POC”). The Designated POC for both parties are:
Exhibit 1
1.1 Subject Matter of Processing | The subject matter of Processing is the Services pursuant to the Agreement. |
1.2 Duration of Processing | The Processing will continue until the expiration or termination of the Agreement. |
1.3 Categories of Data Subjects | Includes the following:
|
1.4 Nature and Purpose of Processing | Includes the following: Nature: Processing of the data uploaded by Customer to Ironclad's contract management SaaS application. The purpose of Processing of Customer Personal Data by Ironclad is the performance of the Services pursuant to the Agreement. |
1.5 Types of Personal Information | Includes the following:
|
Effective August 30th 2022 to August 30th 2022
DownloadTable of Contents
This Data Processing Addendum (“Addendum”) may be referenced and incorporated by reference into an Enterprise Services Agreement (the “Agreement”) between Ironclad, Inc. (“Ironclad”) and a customer (“Customer” (collectively the “Parties”)).
- Subject Matter and Duration.
- Subject Matter. This Addendum reflects the Parties’ commitment to abide by Applicable Data Protection Laws concerning the Processing of Customer Personal Data in connection with Ironclad’s execution of the Agreement. All capitalized terms that are not expressly defined in this Data Processing Addendum will have the meanings given to them in the Agreement. If and to the extent language in this Addendum or any of its Exhibits conflicts with the Agreement, this Addendum shall control.
- Duration and Survival. This Addendum will become legally binding upon the Effective Date of the Agreement or upon the date upon which both Parties have signed this Addendum, if it is completed after the Effective Date of the Agreement. Ironclad will Process Customer Personal Data until the relationship terminates as specified in the Agreement. Ironclad’s obligations and Customer’s rights under this Addendum will continue in effect so long as Ironclad Processes Customer Personal Data.
- Definitions. For the purposes of this Addendum, the following terms and those defined within the body of this Addendum apply.
- “Applicable Data Protection Law(s)” means the relevant data protection and data privacy laws, rules and regulations to which the Customer Personal Data are subject. “Applicable Data Protection Law(s)” shall include, but not be limited to, EU General Data Protection Regulation 2016/679 (“GDPR”) principles and requirements, the United Kingdom Data Protection Act 2018, and the California Consumer Privacy Act of 2018 (“CCPA”), and its implementing regulations. For the avoidance of doubt, if Ironclad’s processing activities involving Customer Personal Data are not within the scope of an Applicable Data Protection Law, such law is not applicable for purposes of this Addendum.
- “Customer Personal Data” means Personal Data pertaining to Customer’s users or employees Processed by Ironclad to provide the Services. The Customer Personal Data and the specific uses of the Customer Personal Data are detailed in Exhibit 1 attached hereto, as required by the GDPR.
- “Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data.
- “Personal Data” shall have the meaning assigned to the terms “personal data” or “personal information” under Applicable Data Protection Law(s).
- “Process,” “Processes,” “Processing,” “Processed” means any operation or set of operations which is performed on data or sets of data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction.
- “Processor” means a natural or legal person, public authority, agency or other body which Processes Customer Personal Data on behalf of Customer subject to this Addendum.
- “Security Incident(s)” means the breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Customer Personal Data Processed by Ironclad.
- “Services” means any and all services that Ironclad performs under the Agreement.
- “Standard Contractual Clauses” means the UK Standard Contractual Clauses, and/or the 2021 Standard Contractual Clauses.
- “Third Party(ies)” means Ironclad’s authorized contractors, agents, vendors and third party service providers that Process Customer Personal Data.
- “UK Standard Contractual Clauses” means the International Data Transfer Addendum to the EU Commission Standard Contractual Clauses, available at https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/international-data-transfer-agreement-and-guidance/ and completed as described below.
- “2021 Standard Contractual Clauses" means the Standard Contractual Clauses issued pursuant to the EU Commission Implementing Decision (EU) 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council, available at http://data.europa.eu/eli/dec_impl/2021/914/oj and completed as described below.
- Data Use and Processing.
- Compliance with Laws. Customer Personal Data shall be Processed in compliance with the terms of this Addendum and all Applicable Data Protection Law(s).
- Purpose Limitation. Ironclad will not Process Customer Personal Data for any purpose other than for the specific purposes set forth in the Agreement, unless obligated to do otherwise by applicable law. In such case, Ironclad will inform Customer of that legal requirement before the Processing unless legally prohibited from doing so.
- Documented Instructions. Ironclad and its Third Parties shall Process Customer Personal Data only in accordance with the documented instructions of Customer. The Agreement, including this Addendum, along with any applicable statement of work, constitute Customer’s complete and final instructions to Ironclad regarding the Processing of Customer Personal Data, including for purposes of the Standard Contractual Clauses. Ironclad will, unless legally prohibited from doing so, inform Customer in writing if it reasonably believes that there is a conflict between Customer’s instructions and applicable law or otherwise seeks to Process Customer Personal Data in a manner that is inconsistent with Customer’s instructions.
- Authorization to Use Third Parties. To the extent necessary to fulfill Ironclad’s contractual obligations under the Agreement or any statement of work, Customer hereby authorizes (i) Ironclad to engage Third Parties and (ii) Third Parties to engage subprocessors.
- Ironclad and Third Party Compliance. Ironclad agrees to (i) enter into a written agreement with Third Parties regarding such Third Parties’ Processing of Customer Personal Data that imposes on such Third Parties (and their subprocessors) data protection and security requirements for Customer Personal Data that are at least as restrictive as the obligations in this Addendum; and (ii) remain responsible to Customer for Ironclad’s Third Parties’ (and their subprocessors if applicable) failure to perform their obligations with respect to the Processing of Customer Personal Data.
- Right to Object to Third Parties. Ironclad’s list of Third Parties that Process Customer Personal Data is available at https://ironcladapp.com/subprocessors/. Prior to engaging any new Third Parties that Process Customer Personal Data, Ironclad will notify Customer via email and allow Customer thirty (30) days to object. If Customer has legitimate objections to the appointment of any new Third Party, the parties will work together in good faith to resolve the grounds for the objection for no less than thirty (30) days, and failing any such resolution, Customer may terminate the part of the service performed under the Agreement that cannot be performed by Ironclad without use of the objectionable Third Party.
- Confidentiality. Any person or Third Party authorized to Process Customer Personal Data must agree to maintain the confidentiality of such information or be under an appropriate statutory or contractual obligation of confidentiality.
- Personal Data Inquiries and Requests. Upon written request from Customer, Ironclad agrees to provide reasonable assistance and comply with all reasonable instructions from Customer related to any requests from individuals exercising their rights in Customer Personal Data granted to them under Applicable Data Protection Laws (e.g., access, rectification, erasure, data portability, etc.). If a request is sent directly to Ironclad, Ironclad shall promptly notify Customer and shall not respond to the request unless Customer has authorized Ironclad to do so.
- Government Access Requests. Unless prohibited by applicable law or a legally-binding request of law enforcement, Ironclad shall promptly notify Customer of any request by government agency or law enforcement authority for access to or seizure of Customer Personal Data, and shall render reasonable assistance to Customer, if Customer wishes to contest the access or seizure.
- Data Protection Impact Assessment and Prior Consultation. Upon written request from Customer, Ironclad agrees to provide reasonable assistance at Customer’s expense to Customer where, in Customer’s judgment, the type of Processing performed by Ironclad is likely to result in a high risk to the rights and freedoms of natural persons (e.g., systematic and extensive profiling, Processing sensitive Personal Data on a large scale and systematic monitoring on a large scale, or where the Processing uses new technologies) and thus requires a data protection impact assessment and/or prior consultation with the relevant data protection authorities.
- Sale of Customer Personal Data Prohibited. Ironclad shall not sell Customer Personal Data as the term "sell" is defined by the CCPA.
- CCPA Certification. Ironclad hereby certifies that it understands its restrictions and obligations set forth in this Addendum and will comply with them.
- Cross-Border Transfers of Personal Data.
- Cross-Border Transfers of Personal Data. Customer authorizes Ironclad and its Third Parties to transfer Customer Personal Data across international borders, including from the European Economic Area (the “EEA”), the United Kingdom, and Switzerland to the United States, and if Customer’s Order Form includes Clickwrap Services, from the United States to Japan. Ironclad and Customer agree to use the Standard Contractual Clauses as the adequacy mechanism supporting the transfer and Processing of Customer Personal Data, as further detailed below.
- 2021 Standard Contractual Clauses. For transfers of Customer Personal Data out of the EEA that are subject to Section 4(a) of this DPA, the 2021 Standard Contractual Clauses will apply and are incorporated into this Addendum. For purposes of this Addendum, the 2021 Standard Contractual Clauses will apply as set forth in this Section 4(b). “Module Two: Transfer controller to processor” will apply and all other module options will not apply. Under Annex 1 of the 2021 Standard Contractual Clauses, the “data exporter” is Customer and the “data importer” is Ironclad and the information required by Annex 1 can be found in Exhibit 1. For the purposes of Annex 2 of the Standard Contractual Clauses, the technical and organizational measures implemented by the data importer are those listed in Section 5 of this Addendum. Clause 7 will not apply. For clause 9, the Parties choose Option 2 and the Parties agree that the time period for prior notice of Third Party changes will be as set forth in 3(f) of this Addendum. For clause 11, the optional language will not apply. For clause 17, the Parties choose Option 1 and the Parties agree that the governing law will be the Republic of Ireland. For clause 18, the Parties agree that the courts of the Republic of Ireland will apply for subsection (b).
- UK Standard Contractual Clauses. For transfers of Customer Personal Data out of the United Kingdom that are subject to Section 4(a) of this Addendum, the UK Standard Contractual Clauses will apply and are incorporated into this Addendum. For purposes of this Addendum, the UK Standard Contractual Clauses will apply as set forth in this Section 4(c). For Table 1 of the UK Standard Contractual Clauses, (i) the Parties’ details shall be the Parties and their affiliates to the extent any of them is involved in such transfer, including those set forth in Annex 1 of the 2021 Standard Contractual Clauses and (ii) the Key Contacts shall be the contacts set forth in Annex 1 of the 2021 Standard Contractual Clauses. The Approved EU SCCs referenced in Table 2 shall be the 2021 Standard Contractual Clauses as executed by the Parties pursuant to this Addendum. For Table 3, Annex 1A, 1B, and II shall be set forth in Annex 1 of the 2021 Standard Contractual Clauses. For Table 4, either party may end the UK Standard Contractual Clauses as set out in Section 19 of the UK Standard Contractual Clauses.
- Switzerland Transfers. For transfers of Customer Personal Data out of Switzerland that are subject to Section 4(a) of this DPA, the 2021 Standard Contractual Clauses will apply and will be deemed to have the differences set forth in this Section 4(d), to the extent required by the Swiss Federal Act on Data Protection (“FADP”). References to the GDPR in the 2021 Standard Contractual Clauses are to be understood as references to the FADP insofar as the data transfers are subject exclusively to the FADP and not to the GDPR. The term “member state” in the 2021 Standard Contractual Clauses shall not be interpreted in such a way as to exclude data subjects in Switzerland from the possibility of suing for their rights in their place of habitual residence (Switzerland) in accordance with Clause 18(c) of the 2021 Standard Contractual Clauses. References to personal data in the 2021 Standard Contractual Clauses also refer to data about identifiable legal entities until the entry into force of revisions to the FADP that eliminate this broader scope.Under Annex I(C) of the 2021 Standard Contractual Clauses (Competent supervisory authority): where the transfer is subject exclusively to the FADP and not the GDPR, the supervisory authority is the Swiss Federal Data Protection and Information Commissioner, and where the transfer is subject to both the FADP and the GDPR, the supervisory authority is the Swiss Federal Data Protection and Information Commissioner insofar as the transfer is governed by the FADP, and the supervisory authority is as set forth in the 2021 Standard Contractual Clauses insofar as the transfer is governed by the GDPR.
- Each party’s signature to this Addendum shall be considered a signature to the Standard Contractual Clauses. If required by the laws or regulatory procedures of any jurisdiction, the Parties shall execute or re-execute the Standard Contractual Clauses as separate documents. In case of conflict between the Standard Contractual Clauses and this Addendum, the Standard Contractual Clauses will prevail.
- Information Security Program.
- Ironclad agrees to implement appropriate technical and organizational measures designed to protect Customer Personal Data as required by Applicable Data Protection Law(s) (the “Information Security Program”). Such measures shall be designed to include:
- Pseudonymisation of Customer Personal Data where appropriate, and encryption of Customer Personal Data in transit and at rest;
- The ability to ensure the ongoing confidentiality, integrity, availability of Ironclad’s Processing and Customer Personal Data;
- The ability to restore the availability and access to Customer Personal Data in the event of a physical or technical incident;
- A process for regularly testing, assessing and evaluating the effectiveness of Ironclad’s Information Security Program to ensure the security of Customer Personal Data from reasonably suspected or actual accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access.
- Ironclad agrees to implement appropriate technical and organizational measures designed to protect Customer Personal Data as required by Applicable Data Protection Law(s) (the “Information Security Program”). Such measures shall be designed to include:
- Security Incidents.
- Security Incident Procedure. Ironclad will deploy and follow policies and procedures to detect, respond to, and otherwise address Security Incidents including procedures to (i) identify and respond to reasonably suspected or known Security Incidents, mitigate harmful effects of Security Incidents, document Security Incidents and their outcomes, and (ii) restore the availability or access to Customer Personal Data in a timely manner.
- Notice. Ironclad agrees to provide prompt written notice without undue delay and within the time frame required under Applicable Data Protection Law(s) (but in no event longer than forty-eight (48) hours) to Customer’s Designated POC upon becoming aware that a Security Incident has taken place. Such notice will include all available details required under Applicable Data Protection Law(s) for Customer to comply with its own notification obligations to regulatory authorities or individuals affected by the Security Incident.
- Audits.
- Right to Audit; Permitted Audits. Ironclad shall make available to Customer and its regulators all information necessary to demonstrate compliance with Applicable Data Protection Laws and this Addendum. Customer and its regulators shall have the right to inspect Ironclad’s architecture, systems, and documentation which are relevant to the security and integrity of Customer Personal Data, or as otherwise required by a governmental regulator:
- Following any notice from Ironclad to Customer of an actual or reasonably suspected Security Incident involving Customer Personal Data;
- Upon Customer’s reasonable belief that Ironclad is not in compliance with Applicable Data Protection Laws, this Addendum or its security policies and procedures under the Agreement;
- As required by governmental regulators;
- For any reason, or no reason at all, once annually.
- Audit Terms. Any audits described in this Section shall be:
- Conducted by Customer or its regulator, or through a third party independent contractor selected by one of these parties, and to whom Ironclad does not reasonably object.
- Conducted during reasonable times.
- Conducted upon reasonable advance notice to Ironclad.
- Of reasonable duration and scope and shall not unreasonably interfere with Ironclad’s day-to-day operations.
- Conducted in such a manner that does not violate any agreement between Ironclad and its service providers, including cloud providers, or violate or cause Ironclad to violate its reasonable policies related to security and confidentiality.
- Third Parties. In the event that Customer conducts an audit through a third party independent auditor or a third party accompanies Customer or participates in such audit, such third party shall be required to enter into a non-disclosure agreement containing confidentiality provisions substantially similar to those set forth in the Agreement to protect Ironclad’s and Ironclad’s customers’ confidential and proprietary information. For the avoidance of doubt, regulators shall not be required to enter into a non-disclosure agreement.
- Audit Results. Upon Ironclad’s request, after conducting an audit, Customer shall notify Ironclad of the manner in which Ironclad does not comply with any of the applicable security, confidentiality or privacy obligations or Applicable Data Protection Laws herein. Upon such notice, Ironclad shall make any necessary changes to ensure compliance with such obligations at its own expense and without unreasonable delay and shall notify Customer when such changes are complete. Notwithstanding anything to the contrary in the Agreement, Customer may conduct a follow-up audit within six (6) months of Ironclad’s notice of completion of any necessary changes. To the extent that a Customer audit identifies any material security vulnerabilities, Ironclad shall promptly remediate those vulnerabilities.
- Right to Audit; Permitted Audits. Ironclad shall make available to Customer and its regulators all information necessary to demonstrate compliance with Applicable Data Protection Laws and this Addendum. Customer and its regulators shall have the right to inspect Ironclad’s architecture, systems, and documentation which are relevant to the security and integrity of Customer Personal Data, or as otherwise required by a governmental regulator:
- Data Storage and Deletion.
- Data Storage. Ironclad will not store or retain any Customer Personal Data except as necessary to perform the Services under the Agreement.
- Data Deletion. Ironclad will abide by the following with respect to deletion of Customer Personal Data:
- Within ninety (90) calendar days of the Agreement’s expiration or termination, Ironclad will securely destroy (per subsection (iii) below) all copies of Customer Personal Data (including automatically created archival copies).
- Upon Customer’s request, Ironclad will promptly return to Customer a copy of all Customer Personal Data within thirty (30) calendar days and, if Customer also requests deletion of the Customer Personal Data, will carry that out as set forth above.
- All deletion of Customer Personal Data will be conducted in accordance with standard industry practices for deletion of sensitive data.
- Tapes, printed output, optical disks, and other physical media will be physically destroyed by a secure method, such as shredding performed by a bonded provider.
- Upon Customer’s request, Ironclad will provide evidence that Ironclad has deleted all Customer Personal Data. Ironclad will provide the “Certificate of Deletion” within thirty (30) calendar days of Customer’s request.
- Contact Information.
- Ironclad and the Customer agree to designate a point of contact for urgent privacy and security issues (a “Designated POC”). The Designated POC for both parties are:
- Ironclad Designated POC: John Fiedler, support@ironcladhq.com
- Customer Designated POC: The individual and/or email specified in the Notices section of the Agreement.
- Ironclad and the Customer agree to designate a point of contact for urgent privacy and security issues (a “Designated POC”). The Designated POC for both parties are:
Exhibit 1
1.1 Subject Matter of Processing | The subject matter of Processing is the Services pursuant to the Agreement. |
1.2 Duration of Processing | The Processing will continue until the expiration or termination of the Agreement. |
1.3 Categories of Data Subjects | Includes the following:
|
1.4 Nature and Purpose of Processing | Includes the following: Nature: Processing of the data uploaded by Customer to Ironclad's contract management SaaS application. The purpose of Processing of Customer Personal Data by Ironclad is the performance of the Services pursuant to the Agreement. |
1.5 Types of Personal Information | Includes the following:
|
Effective August 17th 2022 to August 30th 2022
DownloadTable of Contents
This Data Processing Addendum (“Addendum”) may be referenced and incorporated by reference into an Enterprise Services Agreement (the “Agreement”) between Ironclad, Inc. (“Ironclad”) and a customer (“Customer” (collectively the “Parties”)).
- Subject Matter and Duration.
- Subject Matter. This Addendum reflects the Parties’ commitment to abide by Applicable Data Protection Laws concerning the Processing of Customer Personal Data in connection with Ironclad’s execution of the Agreement. All capitalized terms that are not expressly defined in this Data Processing Addendum will have the meanings given to them in the Agreement. If and to the extent language in this Addendum or any of its Exhibits conflicts with the Agreement, this Addendum shall control.
- Duration and Survival. This Addendum will become legally binding upon the Effective Date of the Agreement or upon the date upon which both Parties have signed this Addendum, if it is completed after the Effective Date of the Agreement. Ironclad will Process Customer Personal Data until the relationship terminates as specified in the Agreement. Ironclad’s obligations and Customer’s rights under this Addendum will continue in effect so long as Ironclad Processes Customer Personal Data.
- Definitions. For the purposes of this Addendum, the following terms and those defined within the body of this Addendum apply.
- “Applicable Data Protection Law(s)” means the relevant data protection and data privacy laws, rules and regulations to which the Customer Personal Data are subject. “Applicable Data Protection Law(s)” shall include, but not be limited to, EU General Data Protection Regulation 2016/679 (“GDPR”) principles and requirements, the United Kingdom Data Protection Act 2018, and the California Consumer Privacy Act of 2018 (“CCPA”), and its implementing regulations. For the avoidance of doubt, if Ironclad’s processing activities involving Customer Personal Data are not within the scope of an Applicable Data Protection Law, such law is not applicable for purposes of this Addendum.
- “Customer Personal Data” means Personal Data pertaining to Customer’s users or employees Processed by Ironclad to provide the Services. The Customer Personal Data and the specific uses of the Customer Personal Data are detailed in Exhibit 1 attached hereto, as required by the GDPR.
- “Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data.
- “Personal Data” shall have the meaning assigned to the terms “personal data” or “personal information” under Applicable Data Protection Law(s).
- “Process,” “Processes,” “Processing,” “Processed” means any operation or set of operations which is performed on data or sets of data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction.
- “Processor” means a natural or legal person, public authority, agency or other body which Processes Customer Personal Data on behalf of Customer subject to this Addendum.
- “Security Incident(s)” means the breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Customer Personal Data Processed by Ironclad.
- “Services” means any and all services that Ironclad performs under the Agreement.
- “Standard Contractual Clauses” means the UK Standard Contractual Clauses, and/or the 2021 Standard Contractual Clauses.
- “Third Party(ies)” means Ironclad’s authorized contractors, agents, vendors and third party service providers that Process Customer Personal Data.
- “UK Standard Contractual Clauses” means the International Data Transfer Addendum to the EU Commission Standard Contractual Clauses, available at https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/international-data-transfer-agreement-and-guidance/ and completed as described below.
- “2021 Standard Contractual Clauses" means the Standard Contractual Clauses issued pursuant to the EU Commission Implementing Decision (EU) 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council, available at http://data.europa.eu/eli/dec_impl/2021/914/oj and completed as described below.
- Data Use and Processing.
- Compliance with Laws. Customer Personal Data shall be Processed in compliance with the terms of this Addendum and all Applicable Data Protection Law(s).
- Purpose Limitation. Ironclad will not Process Customer Personal Data for any purpose other than for the specific purposes set forth in the Agreement, unless obligated to do otherwise by applicable law. In such case, Ironclad will inform Customer of that legal requirement before the Processing unless legally prohibited from doing so.
- Documented Instructions. Ironclad and its Third Parties shall Process Customer Personal Data only in accordance with the documented instructions of Customer. The Agreement, including this Addendum, along with any applicable statement of work, constitute Customer’s complete and final instructions to Ironclad regarding the Processing of Customer Personal Data, including for purposes of the Standard Contractual Clauses. Ironclad will, unless legally prohibited from doing so, inform Customer in writing if it reasonably believes that there is a conflict between Customer’s instructions and applicable law or otherwise seeks to Process Customer Personal Data in a manner that is inconsistent with Customer’s instructions.
- Authorization to Use Third Parties. To the extent necessary to fulfill Ironclad’s contractual obligations under the Agreement or any statement of work, Customer hereby authorizes (i) Ironclad to engage Third Parties and (ii) Third Parties to engage subprocessors.
- Ironclad and Third Party Compliance. Ironclad agrees to (i) enter into a written agreement with Third Parties regarding such Third Parties’ Processing of Customer Personal Data that imposes on such Third Parties (and their subprocessors) data protection and security requirements for Customer Personal Data that are at least as restrictive as the obligations in this Addendum; and (ii) remain responsible to Customer for Ironclad’s Third Parties’ (and their subprocessors if applicable) failure to perform their obligations with respect to the Processing of Customer Personal Data.
- Right to Object to Third Parties. Ironclad’s list of Third Parties that Process Customer Personal Data is available at https://ironcladapp.com/subprocessors/. Prior to engaging any new Third Parties that Process Customer Personal Data, Ironclad will notify Customer via email and allow Customer thirty (30) days to object. If Customer has legitimate objections to the appointment of any new Third Party, the parties will work together in good faith to resolve the grounds for the objection for no less than thirty (30) days, and failing any such resolution, Customer may terminate the part of the service performed under the Agreement that cannot be performed by Ironclad without use of the objectionable Third Party.
- Confidentiality. Any person or Third Party authorized to Process Customer Personal Data must agree to maintain the confidentiality of such information or be under an appropriate statutory or contractual obligation of confidentiality.
- Personal Data Inquiries and Requests. Upon written request from Customer, Ironclad agrees to provide reasonable assistance and comply with all reasonable instructions from Customer related to any requests from individuals exercising their rights in Customer Personal Data granted to them under Applicable Data Protection Laws (e.g., access, rectification, erasure, data portability, etc.). If a request is sent directly to Ironclad, Ironclad shall promptly notify Customer and shall not respond to the request unless Customer has authorized Ironclad to do so.
- Data Protection Impact Assessment and Prior Consultation. Upon written request from Customer, Ironclad agrees to provide reasonable assistance at Customer’s expense to Customer where, in Customer’s judgment, the type of Processing performed by Ironclad is likely to result in a high risk to the rights and freedoms of natural persons (e.g., systematic and extensive profiling, Processing sensitive Personal Data on a large scale and systematic monitoring on a large scale, or where the Processing uses new technologies) and thus requires a data protection impact assessment and/or prior consultation with the relevant data protection authorities.
- Sale of Customer Personal Data Prohibited. Ironclad shall not sell Customer Personal Data as the term "sell" is defined by the CCPA.
- CCPA Certification. Ironclad hereby certifies that it understands its restrictions and obligations set forth in this Addendum and will comply with them.
- Cross-Border Transfers of Personal Data.
- Cross-Border Transfers of Personal Data. Customer authorizes Ironclad and its Third Parties to transfer Customer Personal Data across international borders, including from the European Economic Area (the “EEA”), the United Kingdom, and Switzerland to the United States, and if Customer’s Order Form includes Clickwrap Services, from the United States to Japan. Ironclad and Customer agree to use the Standard Contractual Clauses as the adequacy mechanism supporting the transfer and Processing of Customer Personal Data, as further detailed below.
- 2021 Standard Contractual Clauses. For transfers of Customer Personal Data out of the EEA that are subject to Section 4(a) of this DPA, the 2021 Standard Contractual Clauses will apply and are incorporated into this Addendum. For purposes of this Addendum, the 2021 Standard Contractual Clauses will apply as set forth in this Section 4(b). “Module Two: Transfer controller to processor” will apply and all other module options will not apply. Under Annex 1 of the 2021 Standard Contractual Clauses, the “data exporter” is Customer and the “data importer” is Ironclad and the information required by Annex 1 can be found in Exhibit 1. For the purposes of Annex 2 of the Standard Contractual Clauses, the technical and organizational measures implemented by the data importer are those listed in Section 5 of this Addendum. Clause 7 will not apply. For clause 9, the Parties choose Option 2 and the Parties agree that the time period for prior notice of Third Party changes will be as set forth in 3(f) of this Addendum. For clause 11, the optional language will not apply. For clause 17, the Parties choose Option 1 and the Parties agree that the governing law will be the Republic of Ireland. For clause 18, the Parties agree that the courts of the Republic of Ireland will apply for subsection (b).
- UK Standard Contractual Clauses. For transfers of Customer Personal Data out of the United Kingdom that are subject to Section 4(a) of this Addendum, the UK Standard Contractual Clauses will apply and are incorporated into this Addendum. For purposes of this Addendum, the UK Standard Contractual Clauses will apply as set forth in this Section 4(c). For Table 1 of the UK Standard Contractual Clauses, (i) the Parties’ details shall be the Parties and their affiliates to the extent any of them is involved in such transfer, including those set forth in Annex 1 of the 2021 Standard Contractual Clauses and (ii) the Key Contacts shall be the contacts set forth in Annex 1 of the 2021 Standard Contractual Clauses. The Approved EU SCCs referenced in Table 2 shall be the 2021 Standard Contractual Clauses as executed by the Parties pursuant to this Addendum. For Table 3, Annex 1A, 1B, and II shall be set forth in Annex 1 of the 2021 Standard Contractual Clauses. For Table 4, either party may end the UK Standard Contractual Clauses as set out in Section 19 of the UK Standard Contractual Clauses.
- Switzerland Transfers. For transfers of Customer Personal Data out of Switzerland that are subject to Section 4(a) of this DPA, the 2021 Standard Contractual Clauses will apply and will be deemed to have the differences set forth in this Section 4(d), to the extent required by the Swiss Federal Act on Data Protection (“FADP”). References to the GDPR in the 2021 Standard Contractual Clauses are to be understood as references to the FADP insofar as the data transfers are subject exclusively to the FADP and not to the GDPR. The term “member state” in the 2021 Standard Contractual Clauses shall not be interpreted in such a way as to exclude data subjects in Switzerland from the possibility of suing for their rights in their place of habitual residence (Switzerland) in accordance with Clause 18(c) of the 2021 Standard Contractual Clauses. References to personal data in the 2021 Standard Contractual Clauses also refer to data about identifiable legal entities until the entry into force of revisions to the FADP that eliminate this broader scope.Under Annex I(C) of the 2021 Standard Contractual Clauses (Competent supervisory authority): where the transfer is subject exclusively to the FADP and not the GDPR, the supervisory authority is the Swiss Federal Data Protection and Information Commissioner, and where the transfer is subject to both the FADP and the GDPR, the supervisory authority is the Swiss Federal Data Protection and Information Commissioner insofar as the transfer is governed by the FADP, and the supervisory authority is as set forth in the 2021 Standard Contractual Clauses insofar as the transfer is governed by the GDPR.
- Each party’s signature to this Addendum shall be considered a signature to the Standard Contractual Clauses. If required by the laws or regulatory procedures of any jurisdiction, the Parties shall execute or re-execute the Standard Contractual Clauses as separate documents. In case of conflict between the Standard Contractual Clauses and this Addendum, the Standard Contractual Clauses will prevail.
- Information Security Program.
- Ironclad agrees to implement appropriate technical and organizational measures designed to protect Customer Personal Data as required by Applicable Data Protection Law(s) (the “Information Security Program”). Such measures shall be designed to include:
- Pseudonymisation of Customer Personal Data where appropriate, and encryption of Customer Personal Data in transit and at rest;
- The ability to ensure the ongoing confidentiality, integrity, availability of Ironclad’s Processing and Customer Personal Data;
- The ability to restore the availability and access to Customer Personal Data in the event of a physical or technical incident;
- A process for regularly testing, assessing and evaluating the effectiveness of Ironclad’s Information Security Program to ensure the security of Customer Personal Data from reasonably suspected or actual accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access.
- Ironclad agrees to implement appropriate technical and organizational measures designed to protect Customer Personal Data as required by Applicable Data Protection Law(s) (the “Information Security Program”). Such measures shall be designed to include:
- Security Incidents.
- Security Incident Procedure. Ironclad will deploy and follow policies and procedures to detect, respond to, and otherwise address Security Incidents including procedures to (i) identify and respond to reasonably suspected or known Security Incidents, mitigate harmful effects of Security Incidents, document Security Incidents and their outcomes, and (ii) restore the availability or access to Customer Personal Data in a timely manner.
- Notice. Ironclad agrees to provide prompt written notice without undue delay and within the time frame required under Applicable Data Protection Law(s) (but in no event longer than forty-eight (48) hours) to Customer’s Designated POC upon becoming aware that a Security Incident has taken place. Such notice will include all available details required under Applicable Data Protection Law(s) for Customer to comply with its own notification obligations to regulatory authorities or individuals affected by the Security Incident.
- Audits.
- Right to Audit; Permitted Audits. Ironclad shall make available to Customer and its regulators all information necessary to demonstrate compliance with Applicable Data Protection Laws and this Addendum. Customer and its regulators shall have the right to inspect Ironclad’s architecture, systems, and documentation which are relevant to the security and integrity of Customer Personal Data, or as otherwise required by a governmental regulator:
- Following any notice from Ironclad to Customer of an actual or reasonably suspected Security Incident involving Customer Personal Data;
- Upon Customer’s reasonable belief that Ironclad is not in compliance with Applicable Data Protection Laws, this Addendum or its security policies and procedures under the Agreement;
- As required by governmental regulators;
- For any reason, or no reason at all, once annually.
- Audit Terms. Any audits described in this Section shall be:
- Conducted by Customer or its regulator, or through a third party independent contractor selected by one of these parties, and to whom Ironclad does not reasonably object.
- Conducted during reasonable times.
- Conducted upon reasonable advance notice to Ironclad.
- Of reasonable duration and scope and shall not unreasonably interfere with Ironclad’s day-to-day operations.
- Conducted in such a manner that does not violate any agreement between Ironclad and its service providers, including cloud providers, or violate or cause Ironclad to violate its reasonable policies related to security and confidentiality.
- Third Parties. In the event that Customer conducts an audit through a third party independent auditor or a third party accompanies Customer or participates in such audit, such third party shall be required to enter into a non-disclosure agreement containing confidentiality provisions substantially similar to those set forth in the Agreement to protect Ironclad’s and Ironclad’s customers’ confidential and proprietary information. For the avoidance of doubt, regulators shall not be required to enter into a non-disclosure agreement.
- Audit Results. Upon Ironclad’s request, after conducting an audit, Customer shall notify Ironclad of the manner in which Ironclad does not comply with any of the applicable security, confidentiality or privacy obligations or Applicable Data Protection Laws herein. Upon such notice, Ironclad shall make any necessary changes to ensure compliance with such obligations at its own expense and without unreasonable delay and shall notify Customer when such changes are complete. Notwithstanding anything to the contrary in the Agreement, Customer may conduct a follow-up audit within six (6) months of Ironclad’s notice of completion of any necessary changes. To the extent that a Customer audit identifies any material security vulnerabilities, Ironclad shall promptly remediate those vulnerabilities.
- Right to Audit; Permitted Audits. Ironclad shall make available to Customer and its regulators all information necessary to demonstrate compliance with Applicable Data Protection Laws and this Addendum. Customer and its regulators shall have the right to inspect Ironclad’s architecture, systems, and documentation which are relevant to the security and integrity of Customer Personal Data, or as otherwise required by a governmental regulator:
- Data Storage and Deletion.
- Data Storage. Ironclad will not store or retain any Customer Personal Data except as necessary to perform the Services under the Agreement.
- Data Deletion. Ironclad will abide by the following with respect to deletion of Customer Personal Data:
- Within ninety (90) calendar days of the Agreement’s expiration or termination, Ironclad will securely destroy (per subsection (iii) below) all copies of Customer Personal Data (including automatically created archival copies).
- Upon Customer’s request, Ironclad will promptly return to Customer a copy of all Customer Personal Data within thirty (30) calendar days and, if Customer also requests deletion of the Customer Personal Data, will carry that out as set forth above.
- All deletion of Customer Personal Data will be conducted in accordance with standard industry practices for deletion of sensitive data.
- Tapes, printed output, optical disks, and other physical media will be physically destroyed by a secure method, such as shredding performed by a bonded provider.
- Upon Customer’s request, Ironclad will provide evidence that Ironclad has deleted all Customer Personal Data. Ironclad will provide the “Certificate of Deletion” within thirty (30) calendar days of Customer’s request.
- Contact Information.
- Ironclad and the Customer agree to designate a point of contact for urgent privacy and security issues (a “Designated POC”). The Designated POC for both parties are:
- Ironclad Designated POC: John Fiedler, support@ironcladhq.com
- Customer Designated POC: The individual and/or email specified in the Notices section of the Agreement.
- Ironclad and the Customer agree to designate a point of contact for urgent privacy and security issues (a “Designated POC”). The Designated POC for both parties are:
Exhibit 1
1.1 Subject Matter of Processing | The subject matter of Processing is the Services pursuant to the Agreement. |
1.2 Duration of Processing | The Processing will continue until the expiration or termination of the Agreement. |
1.3 Categories of Data Subjects | Includes the following:
|
1.4 Nature and Purpose of Processing | Includes the following: Nature: Processing of the data uploaded by Customer to Ironclad's contract management SaaS application. The purpose of Processing of Customer Personal Data by Ironclad is the performance of the Services pursuant to the Agreement. |
1.5 Types of Personal Information | Includes the following:
|
Effective April 7th 2022 to August 17th 2022
DownloadTable of Contents
This Data Processing Addendum (“Addendum”) may be referenced and incorporated by reference into an Enterprise Services Agreement (the “Agreement”) between Ironclad, Inc. (“Ironclad”) and a customer (“Customer” (collectively the “Parties”)).
- Subject Matter and Duration.
- Subject Matter. This Addendum reflects the Parties’ commitment to abide by Applicable Data Protection Laws concerning the Processing of Customer Personal Data in connection with Ironclad’s execution of the Agreement. All capitalized terms that are not expressly defined in this Data Processing Addendum will have the meanings given to them in the Agreement. If and to the extent language in this Addendum or any of its Exhibits conflicts with the Agreement, this Addendum shall control.
- Duration and Survival. This Addendum will become legally binding upon the Effective Date of the Agreement or upon the date upon which both Parties have signed this Addendum, if it is completed after the Effective Date of the Agreement. Ironclad will Process Customer Personal Data until the relationship terminates as specified in the Agreement. Ironclad’s obligations and Customer’s rights under this Addendum will continue in effect so long as Ironclad Processes Customer Personal Data.
- Definitions. For the purposes of this Addendum, the following terms and those defined within the body of this Addendum apply.
- “Applicable Data Protection Law(s)” means the relevant data protection and data privacy laws, rules and regulations to which the Customer Personal Data are subject. “Applicable Data Protection Law(s)” shall include, but not be limited to, EU General Data Protection Regulation 2016/679 (“GDPR”) principles and requirements, the United Kingdom Data Protection Act 2018, and the California Consumer Privacy Act of 2018 (“CCPA”), and its implementing regulations. For the avoidance of doubt, if Ironclad’s processing activities involving Customer Personal Data are not within the scope of an Applicable Data Protection Law, such law is not applicable for purposes of this Addendum.
- “Customer Personal Data” means Personal Data pertaining to Customer’s users or employees Processed by Ironclad to provide the Services. The Customer Personal Data and the specific uses of the Customer Personal Data are detailed in Exhibit 1 attached hereto, as required by the GDPR.
- “Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data.
- “Personal Data” shall have the meaning assigned to the terms “personal data” or “personal information” under Applicable Data Protection Law(s).
- “Process,” “Processes,” “Processing,” “Processed” means any operation or set of operations which is performed on data or sets of data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction.
- “Processor” means a natural or legal person, public authority, agency or other body which Processes Customer Personal Data on behalf of Customer subject to this Addendum.
- “Security Incident(s)” means the breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Customer Personal Data Processed by Ironclad.
- “Services” means any and all services that Ironclad performs under the Agreement.
- “Standard Contractual Clauses” means the UK Standard Contractual Clauses, and/or the 2021 Standard Contractual Clauses.
- “Third Party(ies)” means Ironclad’s authorized contractors, agents, vendors and third party service providers that Process Customer Personal Data.
- “UK Standard Contractual Clauses” means the Standard Contractual Clauses for data controller to data processor transfers approved by the European Commission in decision 2010/87/EU.
- “2021 Standard Contractual Clauses" means the Standard Contractual Clauses approved by the European Commission in decision 2021/914.
- Data Use and Processing.
- Compliance with Laws. Customer Personal Data shall be Processed in compliance with the terms of this Addendum and all Applicable Data Protection Law(s).
- Purpose Limitation. Ironclad will not Process Customer Personal Data for any purpose other than for the specific purposes set forth in the Agreement, unless obligated to do otherwise by applicable law. In such case, Ironclad will inform Customer of that legal requirement before the Processing unless legally prohibited from doing so.
- Documented Instructions. Ironclad and its Third Parties shall Process Customer Personal Data only in accordance with the documented instructions of Customer. The Agreement, including this Addendum, along with any applicable statement of work, constitute Customer’s complete and final instructions to Ironclad regarding the Processing of Customer Personal Data, including for purposes of the Standard Contractual Clauses. Ironclad will, unless legally prohibited from doing so, inform Customer in writing if it reasonably believes that there is a conflict between Customer’s instructions and applicable law or otherwise seeks to Process Customer Personal Data in a manner that is inconsistent with Customer’s instructions.
- Authorization to Use Third Parties. To the extent necessary to fulfill Ironclad’s contractual obligations under the Agreement or any statement of work, Customer hereby authorizes (i) Ironclad to engage Third Parties and (ii) Third Parties to engage subprocessors.
- Ironclad and Third Party Compliance. Ironclad agrees to (i) enter into a written agreement with Third Parties regarding such Third Parties’ Processing of Customer Personal Data that imposes on such Third Parties (and their subprocessors) data protection and security requirements for Customer Personal Data that are at least as restrictive as the obligations in this Addendum; and (ii) remain responsible to Customer for Ironclad’s Third Parties’ (and their subprocessors if applicable) failure to perform their obligations with respect to the Processing of Customer Personal Data.
- Right to Object to Third Parties. Ironclad’s list of Third Parties that Process Customer Personal Data is available at https://ironcladapp.com/subprocessors/. Prior to engaging any new Third Parties that Process Customer Personal Data, Ironclad will notify Customer via email and allow Customer thirty (30) days to object. If Customer has legitimate objections to the appointment of any new Third Party, the parties will work together in good faith to resolve the grounds for the objection for no less than thirty (30) days, and failing any such resolution, Customer may terminate the part of the service performed under the Agreement that cannot be performed by Ironclad without use of the objectionable Third Party.
- Confidentiality. Any person or Third Party authorized to Process Customer Personal Data must agree to maintain the confidentiality of such information or be under an appropriate statutory or contractual obligation of confidentiality.
- Personal Data Inquiries and Requests. Upon written request from Customer, Ironclad agrees to provide reasonable assistance and comply with all reasonable instructions from Customer related to any requests from individuals exercising their rights in Customer Personal Data granted to them under Applicable Data Protection Laws (e.g., access, rectification, erasure, data portability, etc.). If a request is sent directly to Ironclad, Ironclad shall promptly notify Customer and shall not respond to the request unless Customer has authorized Ironclad to do so.
- Data Protection Impact Assessment and Prior Consultation. Upon written request from Customer, Ironclad agrees to provide reasonable assistance at Customer’s expense to Customer where, in Customer’s judgment, the type of Processing performed by Ironclad is likely to result in a high risk to the rights and freedoms of natural persons (e.g., systematic and extensive profiling, Processing sensitive Personal Data on a large scale and systematic monitoring on a large scale, or where the Processing uses new technologies) and thus requires a data protection impact assessment and/or prior consultation with the relevant data protection authorities.
- Sale of Customer Personal Data Prohibited. Ironclad shall not sell Customer Personal Data as the term "sell" is defined by the CCPA.
- CCPA Certification. Ironclad hereby certifies that it understands its restrictions and obligations set forth in this Addendum and will comply with them.
- Cross-Border Transfers of Personal Data.
- Cross-Border Transfers of Personal Data. Customer authorizes Ironclad and its Third Parties to transfer Customer Personal Data across international borders, including from the European Economic Area (the “EEA”), the United Kingdom, and Switzerland to the United States, and if Customer’s Order Form includes Clickwrap Services, from the United States to Japan. Ironclad and Customer agree to use the Standard Contractual Clauses as the adequacy mechanism supporting the transfer and Processing of Customer Personal Data, as further detailed below.
- UK Standard Contractual Clauses. For transfers of Customer Personal Data out of the United Kingdom that are subject to Section 4(a) of this Addendum, the UK Standard Contractual Clauses will apply and are incorporated into this Addendum by reference, provided that the illustrative indemnification clause within Appendix 2 of the UK Standard Contractual Clauses will not apply. Exhibit 1 of this Addendum will serve as Appendix 1 of the UK Standard Contractual Clauses.
- 2021 Standard Contractual Clauses. For transfers of Customer Personal Data out of the EEA or Switzerland that are subject to Section 4(a) of this DPA, the 2021 Standard Contractual Clauses will apply and are incorporated into this Addendum. For purposes of this Addendum, the 2021 Standard Contractual Clauses will apply as set forth in this Section 4(c). “Module Two: Transfer controller to processor” will apply and all other module options will not apply. Under Annex 1 of the 2021 Standard Contractual Clauses, the “data exporter” is Customer and the “data importer” is Ironclad and the information required by Annex 1 can be found in Exhibit 1. For the purposes of Annex 2 of the Standard Contractual Clauses, the technical and organizational measures implemented by the data importer are those listed in Section 5 of this Addendum. Clause 7 will not apply. For clause 9, the Parties choose Option 2 and the Parties agree that the time period for prior notice of Third Party changes will be as set forth in 3(f) of this Addendum. For clause 11, the optional language will not apply. For clause 17, the Parties choose Option 1 and the Parties agree that the governing law will be the Republic of Ireland. For clause 18, the Parties agree that the courts of the Republic of Ireland will apply for subsection (b).
- Each party’s signature to this Addendum shall be considered a signature to the Standard Contractual Clauses. If required by the laws or regulatory procedures of any jurisdiction, the Parties shall execute or re-execute the Standard Contractual Clauses as separate documents. In case of conflict between the Standard Contractual Clauses and this Addendum, the Standard Contractual Clauses will prevail.
- Information Security Program.
- Ironclad agrees to implement appropriate technical and organizational measures designed to protect Customer Personal Data as required by Applicable Data Protection Law(s) (the “Information Security Program”). Such measures shall be designed to include:
- Pseudonymisation of Customer Personal Data where appropriate, and encryption of Customer Personal Data in transit and at rest;
- The ability to ensure the ongoing confidentiality, integrity, availability of Ironclad’s Processing and Customer Personal Data;
- The ability to restore the availability and access to Customer Personal Data in the event of a physical or technical incident;
- A process for regularly testing, assessing and evaluating the effectiveness of Ironclad’s Information Security Program to ensure the security of Customer Personal Data from reasonably suspected or actual accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access.
- Ironclad agrees to implement appropriate technical and organizational measures designed to protect Customer Personal Data as required by Applicable Data Protection Law(s) (the “Information Security Program”). Such measures shall be designed to include:
- Security Incidents.
- Security Incident Procedure. Ironclad will deploy and follow policies and procedures to detect, respond to, and otherwise address Security Incidents including procedures to (i) identify and respond to reasonably suspected or known Security Incidents, mitigate harmful effects of Security Incidents, document Security Incidents and their outcomes, and (ii) restore the availability or access to Customer Personal Data in a timely manner.
- Notice. Ironclad agrees to provide prompt written notice without undue delay and within the time frame required under Applicable Data Protection Law(s) (but in no event longer than forty-eight (48) hours) to Customer’s Designated POC upon becoming aware that a Security Incident has taken place. Such notice will include all available details required under Applicable Data Protection Law(s) for Customer to comply with its own notification obligations to regulatory authorities or individuals affected by the Security Incident.
- Audits.
- Right to Audit; Permitted Audits. Ironclad shall make available to Customer and its regulators all information necessary to demonstrate compliance with Applicable Data Protection Laws and this Addendum. Customer and its regulators shall have the right to inspect Ironclad’s architecture, systems, and documentation which are relevant to the security and integrity of Customer Personal Data, or as otherwise required by a governmental regulator:
- Following any notice from Ironclad to Customer of an actual or reasonably suspected Security Incident involving Customer Personal Data;
- Upon Customer’s reasonable belief that Ironclad is not in compliance with Applicable Data Protection Laws, this Addendum or its security policies and procedures under the Agreement;
- As required by governmental regulators;
- For any reason, or no reason at all, once annually.
- Audit Terms. Any audits described in this Section shall be:
- Conducted by Customer or its regulator, or through a third party independent contractor selected by one of these parties, and to whom Ironclad does not reasonably object.
- Conducted during reasonable times.
- Conducted upon reasonable advance notice to Ironclad.
- Of reasonable duration and scope and shall not unreasonably interfere with Ironclad’s day-to-day operations.
- Conducted in such a manner that does not violate any agreement between Ironclad and its service providers, including cloud providers, or violate or cause Ironclad to violate its reasonable policies related to security and confidentiality.
- Third Parties. In the event that Customer conducts an audit through a third party independent auditor or a third party accompanies Customer or participates in such audit, such third party shall be required to enter into a non-disclosure agreement containing confidentiality provisions substantially similar to those set forth in the Agreement to protect Ironclad’s and Ironclad’s customers’ confidential and proprietary information. For the avoidance of doubt, regulators shall not be required to enter into a non-disclosure agreement.
- Audit Results. Upon Ironclad’s request, after conducting an audit, Customer shall notify Ironclad of the manner in which Ironclad does not comply with any of the applicable security, confidentiality or privacy obligations or Applicable Data Protection Laws herein. Upon such notice, Ironclad shall make any necessary changes to ensure compliance with such obligations at its own expense and without unreasonable delay and shall notify Customer when such changes are complete. Notwithstanding anything to the contrary in the Agreement, Customer may conduct a follow-up audit within six (6) months of Ironclad’s notice of completion of any necessary changes. To the extent that a Customer audit identifies any material security vulnerabilities, Ironclad shall promptly remediate those vulnerabilities.
- Right to Audit; Permitted Audits. Ironclad shall make available to Customer and its regulators all information necessary to demonstrate compliance with Applicable Data Protection Laws and this Addendum. Customer and its regulators shall have the right to inspect Ironclad’s architecture, systems, and documentation which are relevant to the security and integrity of Customer Personal Data, or as otherwise required by a governmental regulator:
- Data Storage and Deletion.
- Data Storage. Ironclad will not store or retain any Customer Personal Data except as necessary to perform the Services under the Agreement.
- Data Deletion. Ironclad will abide by the following with respect to deletion of Customer Personal Data:
- Within ninety (90) calendar days of the Agreement’s expiration or termination, Ironclad will securely destroy (per subsection (iii) below) all copies of Customer Personal Data (including automatically created archival copies).
- Upon Customer’s request, Ironclad will promptly return to Customer a copy of all Customer Personal Data within thirty (30) calendar days and, if Customer also requests deletion of the Customer Personal Data, will carry that out as set forth above.
- All deletion of Customer Personal Data will be conducted in accordance with standard industry practices for deletion of sensitive data.
- Tapes, printed output, optical disks, and other physical media will be physically destroyed by a secure method, such as shredding performed by a bonded provider.
- Upon Customer’s request, Ironclad will provide evidence that Ironclad has deleted all Customer Personal Data. Ironclad will provide the “Certificate of Deletion” within thirty (30) calendar days of Customer’s request.
- Contact Information.
- Ironclad and the Customer agree to designate a point of contact for urgent privacy and security issues (a “Designated POC”). The Designated POC for both parties are:
- Ironclad Designated POC: John Fiedler, support@ironcladhq.com
- Customer Designated POC: The individual and/or email specified in the Notices section of the Agreement.
- Ironclad and the Customer agree to designate a point of contact for urgent privacy and security issues (a “Designated POC”). The Designated POC for both parties are:
Exhibit 1
1.1 Subject Matter of Processing | The subject matter of Processing is the Services pursuant to the Agreement. |
1.2 Duration of Processing | The Processing will continue until the expiration or termination of the Agreement. |
1.3 Categories of Data Subjects | Includes the following:
|
1.4 Nature and Purpose of Processing | Includes the following: Nature: Processing of the data uploaded by Customer to Ironclad's contract management SaaS application. The purpose of Processing of Customer Personal Data by Ironclad is the performance of the Services pursuant to the Agreement. |
1.5 Types of Personal Information | Includes the following:
|
Effective December 6th 2021 to April 7th 2022
DownloadTable of Contents
This Data Processing Addendum (“Addendum”) may be referenced and incorporated by reference into an Enterprise Services Agreement (the “Agreement”) between Ironclad, Inc. (“Ironclad”) and a customer (“Customer” (collectively the “Parties”)).
- Subject Matter and Duration.
- Subject Matter. This Addendum reflects the Parties’ commitment to abide by Applicable Data Protection Laws concerning the Processing of Customer Personal Data in connection with Ironclad’s execution of the Agreement. All capitalized terms that are not expressly defined in this Data Processing Addendum will have the meanings given to them in the Agreement. If and to the extent language in this Addendum or any of its Exhibits conflicts with the Agreement, this Addendum shall control.
- Duration and Survival. This Addendum will become legally binding upon the Effective Date of the Agreement or upon the date upon which both Parties have signed this Addendum, if it is completed after the Effective Date of the Agreement. Ironclad will Process Customer Personal Data until the relationship terminates as specified in the Agreement. Ironclad’s obligations and Customer’s rights under this Addendum will continue in effect so long as Ironclad Processes Customer Personal Data.
- Definitions. For the purposes of this Addendum, the following terms and those defined within the body of this Addendum apply.
- “Applicable Data Protection Law(s)” means the relevant data protection and data privacy laws, rules and regulations to which the Customer Personal Data are subject. “Applicable Data Protection Law(s)” shall include, but not be limited to, EU General Data Protection Regulation 2016/679 (“GDPR”) principles and requirements, the United Kingdom Data Protection Act 2018, and the California Consumer Privacy Act of 2018 (“CCPA”), and its implementing regulations. For the avoidance of doubt, if Ironclad’s processing activities involving Customer Personal Data are not within the scope of an Applicable Data Protection Law, such law is not applicable for purposes of this Addendum.
- “Customer Personal Data” means Personal Data pertaining to Customer’s users or employees Processed by Ironclad to provide the Services. The Customer Personal Data and the specific uses of the Customer Personal Data are detailed in Exhibit 1 attached hereto, as required by the GDPR.
- “Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data.
- “Personal Data” shall have the meaning assigned to the terms “personal data” or “personal information” under Applicable Data Protection Law(s).
- “Process,” “Processes,” “Processing,” “Processed” means any operation or set of operations which is performed on data or sets of data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction.
- “Processor” means a natural or legal person, public authority, agency or other body which Processes Customer Personal Data on behalf of Customer subject to this Addendum.
- “Security Incident(s)” means the breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Customer Personal Data Processed by Ironclad.
- “Services” means any and all services that Ironclad performs under the Agreement.
- “Standard Contractual Clauses” means the UK Standard Contractual Clauses, and/or the 2021 Standard Contractual Clauses.
- “Third Party(ies)” means Ironclad’s authorized contractors, agents, vendors and third party service providers that Process Customer Personal Data.
- “UK Standard Contractual Clauses” means the Standard Contractual Clauses for data controller to data processor transfers approved by the European Commission in decision 2010/87/EU.
- “2021 Standard Contractual Clauses" means the Standard Contractual Clauses approved by the European Commission in decision 2021/914.
- Data Use and Processing.
- Compliance with Laws. Customer Personal Data shall be Processed in compliance with the terms of this Addendum and all Applicable Data Protection Law(s).
- Purpose Limitation. Ironclad will not Process Customer Personal Data for any purpose other than for the specific purposes set forth in the Agreement, unless obligated to do otherwise by applicable law. In such case, Ironclad will inform Customer of that legal requirement before the Processing unless legally prohibited from doing so.
- Documented Instructions. Ironclad and its Third Parties shall Process Customer Personal Data only in accordance with the documented instructions of Customer. The Agreement, including this Addendum, along with any applicable statement of work, constitute Customer’s complete and final instructions to Ironclad regarding the Processing of Customer Personal Data, including for purposes of the Standard Contractual Clauses. Ironclad will, unless legally prohibited from doing so, inform Customer in writing if it reasonably believes that there is a conflict between Customer’s instructions and applicable law or otherwise seeks to Process Customer Personal Data in a manner that is inconsistent with Customer’s instructions.
- Authorization to Use Third Parties. To the extent necessary to fulfill Ironclad’s contractual obligations under the Agreement or any statement of work, Customer hereby authorizes (i) Ironclad to engage Third Parties and (ii) Third Parties to engage subprocessors.
- Ironclad and Third Party Compliance. Ironclad agrees to (i) enter into a written agreement with Third Parties regarding such Third Parties’ Processing of Customer Personal Data that imposes on such Third Parties (and their subprocessors) data protection and security requirements for Customer Personal Data that are at least as restrictive as the obligations in this Addendum; and (ii) remain responsible to Customer for Ironclad’s Third Parties’ (and their subprocessors if applicable) failure to perform their obligations with respect to the Processing of Customer Personal Data.
- Right to Object to Third Parties. Ironclad’s list of Third Parties that Process Customer Personal Data is available at https://ironcladapp.com/subprocessors/. Prior to engaging any new Third Parties that Process Customer Personal Data, Ironclad will notify Customer via email and allow Customer thirty (30) days to object. If Customer has legitimate objections to the appointment of any new Third Party, the parties will work together in good faith to resolve the grounds for the objection for no less than thirty (30) days, and failing any such resolution, Customer may terminate the part of the service performed under the Agreement that cannot be performed by Ironclad without use of the objectionable Third Party.
- Confidentiality. Any person or Third Party authorized to Process Customer Personal Data must agree to maintain the confidentiality of such information or be under an appropriate statutory or contractual obligation of confidentiality.
- Personal Data Inquiries and Requests. Upon written request from Customer, Ironclad agrees to provide reasonable assistance and comply with all reasonable instructions from Customer related to any requests from individuals exercising their rights in Customer Personal Data granted to them under Applicable Data Protection Laws (e.g., access, rectification, erasure, data portability, etc.). If a request is sent directly to Ironclad, Ironclad shall promptly notify Customer and shall not respond to the request unless Customer has authorized Ironclad to do so.
- Data Protection Impact Assessment and Prior Consultation. Upon written request from Customer, Ironclad agrees to provide reasonable assistance at Customer’s expense to Customer where, in Customer’s judgment, the type of Processing performed by Ironclad is likely to result in a high risk to the rights and freedoms of natural persons (e.g., systematic and extensive profiling, Processing sensitive Personal Data on a large scale and systematic monitoring on a large scale, or where the Processing uses new technologies) and thus requires a data protection impact assessment and/or prior consultation with the relevant data protection authorities.
- Sale of Customer Personal Data Prohibited. Ironclad shall not sell Customer Personal Data as the term "sell" is defined by the CCPA.
- CCPA Certification. Ironclad hereby certifies that it understands its restrictions and obligations set forth in this Addendum and will comply with them.
- Cross-Border Transfers of Personal Data.
- Cross-Border Transfers of Personal Data. Customer authorizes Ironclad and its Third Parties to transfer Customer Personal Data across international borders, including from the European Economic Area (the “EEA”), the United Kingdom, and Switzerland to the United States, and if Customer’s Order Form includes Clickwrap Services, from the United States to Japan. Ironclad and Customer agree to use the Standard Contractual Clauses as the adequacy mechanism supporting the transfer and Processing of Customer Personal Data, as further detailed below.
- UK Standard Contractual Clauses. For transfers of Customer Personal Data out of the United Kingdom that are subject to Section 4(a) of this Addendum, the UK Standard Contractual Clauses will apply and are incorporated into this Addendum by reference, provided that the illustrative indemnification clause within Appendix 2 of the UK Standard Contractual Clauses will not apply. Exhibit 1 of this Addendum will serve as Appendix 1 of the UK Standard Contractual Clauses.
- 2021 Standard Contractual Clauses. For transfers of Customer Personal Data out of the EEA or Switzerland that are subject to Section 4(a) of this DPA, the 2021 Standard Contractual Clauses will apply and are incorporated into this Addendum. For purposes of this Addendum, the 2021 Standard Contractual Clauses will apply as set forth in this Section 4(c). “Module Two: Transfer controller to processor” will apply and all other module options will not apply. Under Annex 1 of the 2021 Standard Contractual Clauses, the “data exporter” is Customer and the “data importer” is Ironclad and the information required by Annex 1 can be found in Exhibit 1. For the purposes of Annex 2 of the Standard Contractual Clauses, the technical and organizational measures implemented by the data importer are those listed in Section 5 of this Addendum. Clause 7 will not apply. For clause 9, the Parties choose Option 2 and the Parties agree that the time period for prior notice of Third Party changes will be as set forth in 3(f) of this Addendum. For clause 11, the optional language will not apply. For clause 17, the Parties choose Option 1 and the Parties agree that the governing law will be the Republic of Ireland. For clause 18, the Parties agree that the courts of the Republic of Ireland will apply for subsection (b).
- Each party’s signature to this Addendum shall be considered a signature to the Standard Contractual Clauses. If required by the laws or regulatory procedures of any jurisdiction, the Parties shall execute or re-execute the Standard Contractual Clauses as separate documents. In case of conflict between the Standard Contractual Clauses and this Addendum, the Standard Contractual Clauses will prevail.
- Information Security Program.
- Ironclad agrees to implement appropriate technical and organizational measures designed to protect Customer Personal Data as required by Applicable Data Protection Law(s) (the “Information Security Program”). Such measures shall be designed to include:
- Pseudonymisation of Customer Personal Data where appropriate, and encryption of Customer Personal Data in transit and at rest;
- The ability to ensure the ongoing confidentiality, integrity, availability of Ironclad’s Processing and Customer Personal Data;
- The ability to restore the availability and access to Customer Personal Data in the event of a physical or technical incident;
- A process for regularly testing, assessing and evaluating the effectiveness of Ironclad’s Information Security Program to ensure the security of Customer Personal Data from reasonably suspected or actual accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access.
- Ironclad agrees to implement appropriate technical and organizational measures designed to protect Customer Personal Data as required by Applicable Data Protection Law(s) (the “Information Security Program”). Such measures shall be designed to include:
- Security Incidents.
- Security Incident Procedure. Ironclad will deploy and follow policies and procedures to detect, respond to, and otherwise address Security Incidents including procedures to (i) identify and respond to reasonably suspected or known Security Incidents, mitigate harmful effects of Security Incidents, document Security Incidents and their outcomes, and (ii) restore the availability or access to Customer Personal Data in a timely manner.
- Notice. Ironclad agrees to provide prompt written notice without undue delay and within the time frame required under Applicable Data Protection Law(s) (but in no event longer than forty-eight (48) hours) to Customer’s Designated POC upon becoming aware that a Security Incident has taken place. Such notice will include all available details required under Applicable Data Protection Law(s) for Customer to comply with its own notification obligations to regulatory authorities or individuals affected by the Security Incident.
- Audits.
- Right to Audit; Permitted Audits. Ironclad shall make available to Customer and its regulators all information necessary to demonstrate compliance with Applicable Data Protection Laws and this Addendum. Customer and its regulators shall have the right to inspect Ironclad’s architecture, systems, and documentation which are relevant to the security and integrity of Customer Personal Data, or as otherwise required by a governmental regulator:
- Following any notice from Ironclad to Customer of an actual or reasonably suspected Security Incident involving Customer Personal Data;
- Upon Customer’s reasonable belief that Ironclad is not in compliance with Applicable Data Protection Laws, this Addendum or its security policies and procedures under the Agreement;
- As required by governmental regulators;
- For any reason, or no reason at all, once annually.
- Audit Terms. Any audits described in this Section shall be:
- Conducted by Customer or its regulator, or through a third party independent contractor selected by one of these parties, and to whom Ironclad does not reasonably object.
- Conducted during reasonable times.
- Conducted upon reasonable advance notice to Ironclad.
- Of reasonable duration and scope and shall not unreasonably interfere with Ironclad’s day-to-day operations.
- Conducted in such a manner that does not violate any agreement between Ironclad and its service providers, including cloud providers, or violate or cause Ironclad to violate its reasonable policies related to security and confidentiality.
- Third Parties. In the event that Customer conducts an audit through a third party independent auditor or a third party accompanies Customer or participates in such audit, such third party shall be required to enter into a non-disclosure agreement containing confidentiality provisions substantially similar to those set forth in the Agreement to protect Ironclad’s and Ironclad’s customers’ confidential and proprietary information. For the avoidance of doubt, regulators shall not be required to enter into a non-disclosure agreement.
- Audit Results. Upon Ironclad’s request, after conducting an audit, Customer shall notify Ironclad of the manner in which Ironclad does not comply with any of the applicable security, confidentiality or privacy obligations or Applicable Data Protection Laws herein. Upon such notice, Ironclad shall make any necessary changes to ensure compliance with such obligations at its own expense and without unreasonable delay and shall notify Customer when such changes are complete. Notwithstanding anything to the contrary in the Agreement, Customer may conduct a follow-up audit within six (6) months of Ironclad’s notice of completion of any necessary changes. To the extent that a Customer audit identifies any material security vulnerabilities, Ironclad shall promptly remediate those vulnerabilities.
- Right to Audit; Permitted Audits. Ironclad shall make available to Customer and its regulators all information necessary to demonstrate compliance with Applicable Data Protection Laws and this Addendum. Customer and its regulators shall have the right to inspect Ironclad’s architecture, systems, and documentation which are relevant to the security and integrity of Customer Personal Data, or as otherwise required by a governmental regulator:
- Data Storage and Deletion.
- Data Storage. Ironclad will not store or retain any Customer Personal Data except as necessary to perform the Services under the Agreement.
- Data Deletion. Ironclad will abide by the following with respect to deletion of Customer Personal Data:
- Within ninety (90) calendar days of the Agreement’s expiration or termination, Ironclad will securely destroy (per subsection (iii) below) all copies of Customer Personal Data (including automatically created archival copies).
- Upon Customer’s request, Ironclad will promptly return to Customer a copy of all Customer Personal Data within thirty (30) calendar days and, if Customer also requests deletion of the Customer Personal Data, will carry that out as set forth above.
- All deletion of Customer Personal Data will be conducted in accordance with standard industry practices for deletion of sensitive data.
- Tapes, printed output, optical disks, and other physical media will be physically destroyed by a secure method, such as shredding performed by a bonded provider.
- Upon Customer’s request, Ironclad will provide evidence that Ironclad has deleted all Customer Personal Data. Ironclad will provide the “Certificate of Deletion” within thirty (30) calendar days of Customer’s request.
- Contact Information.
- Ironclad and the Customer agree to designate a point of contact for urgent privacy and security issues (a “Designated POC”). The Designated POC for both parties are:
- Ironclad Designated POC: John Fiedler, support@ironcladhq.com
- Customer Designated POC: The individual and/or email specified in the Notices section of the Agreement.
- Ironclad and the Customer agree to designate a point of contact for urgent privacy and security issues (a “Designated POC”). The Designated POC for both parties are:
Exhibit 1
1.1 Subject Matter of Processing | The subject matter of Processing is the Services pursuant to the Agreement. |
1.2 Duration of Processing | The Processing will continue until the expiration or termination of the Agreement. |
1.3 Categories of Data Subjects | Includes the following:
|
1.4 Nature and Purpose of Processing | Includes the following: Nature: Processing of the data uploaded by Customer to Ironclad's contract management SaaS application. The purpose of Processing of Customer Personal Data by Ironclad is the performance of the Services pursuant to the Agreement. |
1.5 Types of Personal Information | Includes the following:
|
Effective November 8th 2021 to December 6th 2021
DownloadTable of Contents
This Data Processing Addendum (“Addendum”) may be referenced and incorporated by reference into an Enterprise Services Agreement (the “Agreement”) between Ironclad, Inc. (“Ironclad”) and a customer (“Customer” (collectively the “Parties”)).
- Subject Matter and Duration.
- Subject Matter. This Addendum reflects the Parties’ commitment to abide by Applicable Data Protection Laws concerning the Processing of Customer Personal Data in connection with Ironclad’s execution of the Agreement. All capitalized terms that are not expressly defined in this Data Processing Addendum will have the meanings given to them in the Agreement. If and to the extent language in this Addendum or any of its Exhibits conflicts with the Agreement, this Addendum shall control.
- Duration and Survival. This Addendum will become legally binding upon the Effective Date of the Agreement or upon the date upon which both Parties have signed this Addendum, if it is completed after the Effective Date of the Agreement. Ironclad will Process Customer Personal Data until the relationship terminates as specified in the Agreement. Ironclad’s obligations and Customer’s rights under this Addendum will continue in effect so long as Ironclad Processes Customer Personal Data.
- Definitions. For the purposes of this Addendum, the following terms and those defined within the body of this Addendum apply.
- “Applicable Data Protection Law(s)” means the relevant data protection and data privacy laws, rules and regulations to which the Customer Personal Data are subject. “Applicable Data Protection Law(s)” shall include, but not be limited to, EU General Data Protection Regulation 2016/679 (“GDPR”) principles and requirements, the United Kingdom Data Protection Act 2018, and the California Consumer Privacy Act of 2018 (“CCPA”), and its implementing regulations. For the avoidance of doubt, if Ironclad’s processing activities involving Customer Personal Data are not within the scope of an Applicable Data Protection Law, such law is not applicable for purposes of this Addendum.
- “Customer Personal Data” means Personal Data pertaining to Customer’s users or employees Processed by Ironclad to provide the Services. The Customer Personal Data and the specific uses of the Customer Personal Data are detailed in Exhibit 1 attached hereto, as required by the GDPR.
- “Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data.
- “Personal Data” shall have the meaning assigned to the terms “personal data” or “personal information” under Applicable Data Protection Law(s).
- “Process,” “Processes,” “Processing,” “Processed” means any operation or set of operations which is performed on data or sets of data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction.
- “Processor” means a natural or legal person, public authority, agency or other body which Processes Customer Personal Data on behalf of Customer subject to this Addendum.
- “Security Incident(s)” means the breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Customer Personal Data Processed by Ironclad.
- “Services” means any and all services that Ironclad performs under the Agreement.
- “Standard Contractual Clauses” means the UK Standard Contractual Clauses, and/or the 2021 Standard Contractual Clauses.
- “Third Party(ies)” means Ironclad’s authorized contractors, agents, vendors and third party service providers that Process Customer Personal Data.
- “UK Standard Contractual Clauses” means the Standard Contractual Clauses for data controller to data processor transfers approved by the European Commission in decision 2010/87/EU.
- “2021 Standard Contractual Clauses" means the Standard Contractual Clauses approved by the European Commission in decision 2021/914.
- Data Use and Processing.
- Compliance with Laws. Customer Personal Data shall be Processed in compliance with the terms of this Addendum and all Applicable Data Protection Law(s).
- Purpose Limitation. Ironclad will not Process Customer Personal Data for any purpose other than for the specific purposes set forth in the Agreement, unless obligated to do otherwise by applicable law. In such case, Ironclad will inform Customer of that legal requirement before the Processing unless legally prohibited from doing so.
- Documented Instructions. Ironclad and its Third Parties shall Process Customer Personal Data only in accordance with the documented instructions of Customer. The Agreement, including this Addendum, along with any applicable statement of work, constitute Customer’s complete and final instructions to Ironclad regarding the Processing of Customer Personal Data, including for purposes of the Standard Contractual Clauses. Ironclad will, unless legally prohibited from doing so, inform Customer in writing if it reasonably believes that there is a conflict between Customer’s instructions and applicable law or otherwise seeks to Process Customer Personal Data in a manner that is inconsistent with Customer’s instructions.
- Authorization to Use Third Parties. To the extent necessary to fulfill Ironclad’s contractual obligations under the Agreement or any statement of work, Customer hereby authorizes (i) Ironclad to engage Third Parties and (ii) Third Parties to engage subprocessors.
- Ironclad and Third Party Compliance. Ironclad agrees to (i) enter into a written agreement with Third Parties regarding such Third Parties’ Processing of Customer Personal Data that imposes on such Third Parties (and their subprocessors) data protection and security requirements for Customer Personal Data that are at least as restrictive as the obligations in this Addendum; and (ii) remain responsible to Customer for Ironclad’s Third Parties’ (and their subprocessors if applicable) failure to perform their obligations with respect to the Processing of Customer Personal Data.
- Right to Object to Third Parties. Ironclad’s list of Third Parties that Process Customer Personal Data is available at https://ironcladapp.com/subprocessors/. Solely for Acceptance Services, Ironclad will also use the following additional Third Parties that Process Customer Personal Data.
Third Party | Processing Activity |
Amazon Web Services | Cloud service provider for hosting |
MongoDB Atlas | Cloud service provider for database hosting and management |
Twilio | Inbound/outbound SMS and mobile messaging provider |
Twilio SendGrid | Outbound email service provider |
MailChimp | Outbound email service provider |
FullStory | Cloud-based customer experience and insight service provider |
Intercom | Cloud-based customer support and live chat service provider |
Planhat | Cloud-based customer success service provider |
Zapier | Cloud-based workflow automation service provider |
| Fivetran | Cloud-based ELT (extract, load, transform) service provider |
Prior to engaging any new Third Parties that Process Customer Personal Data, Ironclad will notify Customer via email and allow Customer thirty (30) days to object. If Customer has legitimate objections to the appointment of any new Third Party, the parties will work together in good faith to resolve the grounds for the objection for no less than thirty (30) days, and failing any such resolution, Customer may terminate the part of the service performed under the Agreement that cannot be performed by Ironclad without use of the objectionable Third Party.
- Confidentiality. Any person or Third Party authorized to Process Customer Personal Data must agree to maintain the confidentiality of such information or be under an appropriate statutory or contractual obligation of confidentiality.
- Personal Data Inquiries and Requests. Upon written request from Customer, Ironclad agrees to provide reasonable assistance and comply with all reasonable instructions from Customer related to any requests from individuals exercising their rights in Customer Personal Data granted to them under Applicable Data Protection Laws (e.g., access, rectification, erasure, data portability, etc.). If a request is sent directly to Ironclad, Ironclad shall promptly notify Customer and shall not respond to the request unless Customer has authorized Ironclad to do so.
- Data Protection Impact Assessment and Prior Consultation. Upon written request from Customer, Ironclad agrees to provide reasonable assistance at Customer’s expense to Customer where, in Customer’s judgment, the type of Processing performed by Ironclad is likely to result in a high risk to the rights and freedoms of natural persons (e.g., systematic and extensive profiling, Processing sensitive Personal Data on a large scale and systematic monitoring on a large scale, or where the Processing uses new technologies) and thus requires a data protection impact assessment and/or prior consultation with the relevant data protection authorities.
- Sale of Customer Personal Data Prohibited. Ironclad shall not sell Customer Personal Data as the term "sell" is defined by the CCPA.
- CCPA Certification. Ironclad hereby certifies that it understands its restrictions and obligations set forth in this Addendum and will comply with them.
- Cross-Border Transfers of Personal Data.
- Cross-Border Transfers of Personal Data. Customer authorizes Ironclad and its Third Parties to transfer Customer Personal Data across international borders, including from the European Economic Area (the “EEA”), the United Kingdom, and Switzerland to the United States, and if Customer’s Order Form includes Acceptance Services, from the United States to Japan. Ironclad and Customer agree to use the Standard Contractual Clauses as the adequacy mechanism supporting the transfer and Processing of Customer Personal Data, as further detailed below.
- UK Standard Contractual Clauses. For transfers of Customer Personal Data out of the United Kingdom that are subject to Section 4(a) of this Addendum, the UK Standard Contractual Clauses will apply and are incorporated into this Addendum by reference, provided that the illustrative indemnification clause within Appendix 2 of the UK Standard Contractual Clauses will not apply. Exhibit 1 of this Addendum will serve as Appendix 1 of the UK Standard Contractual Clauses.
- 2021 Standard Contractual Clauses. For transfers of Customer Personal Data out of the EEA or Switzerland that are subject to Section 4(a) of this DPA, the 2021 Standard Contractual Clauses will apply and are incorporated into this Addendum. For purposes of this Addendum, the 2021 Standard Contractual Clauses will apply as set forth in this Section 4(c). “Module Two: Transfer controller to processor” will apply and all other module options will not apply. Under Annex 1 of the 2021 Standard Contractual Clauses, the “data exporter” is Customer and the “data importer” is Ironclad and the information required by Annex 1 can be found in Exhibit 1. For the purposes of Annex 2 of the Standard Contractual Clauses, the technical and organizational measures implemented by the data importer are those listed in Section 5 of this Addendum. Clause 7 will not apply. For clause 9, the Parties choose Option 2 and the Parties agree that the time period for prior notice of Third Party changes will be as set forth in 3(f) of this Addendum. For clause 11, the optional language will not apply. For clause 17, the Parties choose Option 1 and the Parties agree that the governing law will be the Republic of Ireland. For clause 18, the Parties agree that the courts of the Republic of Ireland will apply for subsection (b).
- Each party’s signature to this Addendum shall be considered a signature to the Standard Contractual Clauses. If required by the laws or regulatory procedures of any jurisdiction, the Parties shall execute or re-execute the Standard Contractual Clauses as separate documents. In case of conflict between the Standard Contractual Clauses and this Addendum, the Standard Contractual Clauses will prevail.
- Information Security Program.
- Ironclad agrees to implement appropriate technical and organizational measures designed to protect Customer Personal Data as required by Applicable Data Protection Law(s) (the “Information Security Program”). Such measures shall be designed to include:
- Pseudonymisation of Customer Personal Data where appropriate, and encryption of Customer Personal Data in transit and at rest;
- The ability to ensure the ongoing confidentiality, integrity, availability of Ironclad’s Processing and Customer Personal Data;
- The ability to restore the availability and access to Customer Personal Data in the event of a physical or technical incident;
- A process for regularly testing, assessing and evaluating the effectiveness of Ironclad’s Information Security Program to ensure the security of Customer Personal Data from reasonably suspected or actual accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access.
- Ironclad agrees to implement appropriate technical and organizational measures designed to protect Customer Personal Data as required by Applicable Data Protection Law(s) (the “Information Security Program”). Such measures shall be designed to include:
- Security Incidents.
- Security Incident Procedure. Ironclad will deploy and follow policies and procedures to detect, respond to, and otherwise address Security Incidents including procedures to (i) identify and respond to reasonably suspected or known Security Incidents, mitigate harmful effects of Security Incidents, document Security Incidents and their outcomes, and (ii) restore the availability or access to Customer Personal Data in a timely manner.
- Notice. Ironclad agrees to provide prompt written notice without undue delay and within the time frame required under Applicable Data Protection Law(s) (but in no event longer than forty-eight (48) hours) to Customer’s Designated POC upon becoming aware that a Security Incident has taken place. Such notice will include all available details required under Applicable Data Protection Law(s) for Customer to comply with its own notification obligations to regulatory authorities or individuals affected by the Security Incident.
- Audits.
- Right to Audit; Permitted Audits. Ironclad shall make available to Customer and its regulators all information necessary to demonstrate compliance with Applicable Data Protection Laws and this Addendum. Customer and its regulators shall have the right to inspect Ironclad’s architecture, systems, and documentation which are relevant to the security and integrity of Customer Personal Data, or as otherwise required by a governmental regulator:
- Following any notice from Ironclad to Customer of an actual or reasonably suspected Security Incident involving Customer Personal Data;
- Upon Customer’s reasonable belief that Ironclad is not in compliance with Applicable Data Protection Laws, this Addendum or its security policies and procedures under the Agreement;
- As required by governmental regulators;
- For any reason, or no reason at all, once annually.
- Audit Terms. Any audits described in this Section shall be:
- Conducted by Customer or its regulator, or through a third party independent contractor selected by one of these parties, and to whom Ironclad does not reasonably object.
- Conducted during reasonable times.
- Conducted upon reasonable advance notice to Ironclad.
- Of reasonable duration and scope and shall not unreasonably interfere with Ironclad’s day-to-day operations.
- Conducted in such a manner that does not violate any agreement between Ironclad and its service providers, including cloud providers, or violate or cause Ironclad to violate its reasonable policies related to security and confidentiality.
- Third Parties. In the event that Customer conducts an audit through a third party independent auditor or a third party accompanies Customer or participates in such audit, such third party shall be required to enter into a non-disclosure agreement containing confidentiality provisions substantially similar to those set forth in the Agreement to protect Ironclad’s and Ironclad’s customers’ confidential and proprietary information. For the avoidance of doubt, regulators shall not be required to enter into a non-disclosure agreement.
- Audit Results. Upon Ironclad’s request, after conducting an audit, Customer shall notify Ironclad of the manner in which Ironclad does not comply with any of the applicable security, confidentiality or privacy obligations or Applicable Data Protection Laws herein. Upon such notice, Ironclad shall make any necessary changes to ensure compliance with such obligations at its own expense and without unreasonable delay and shall notify Customer when such changes are complete. Notwithstanding anything to the contrary in the Agreement, Customer may conduct a follow-up audit within six (6) months of Ironclad’s notice of completion of any necessary changes. To the extent that a Customer audit identifies any material security vulnerabilities, Ironclad shall promptly remediate those vulnerabilities.
- Right to Audit; Permitted Audits. Ironclad shall make available to Customer and its regulators all information necessary to demonstrate compliance with Applicable Data Protection Laws and this Addendum. Customer and its regulators shall have the right to inspect Ironclad’s architecture, systems, and documentation which are relevant to the security and integrity of Customer Personal Data, or as otherwise required by a governmental regulator:
- Data Storage and Deletion.
- Data Storage. Ironclad will not store or retain any Customer Personal Data except as necessary to perform the Services under the Agreement.
- Data Deletion. Ironclad will abide by the following with respect to deletion of Customer Personal Data:
- Within ninety (90) calendar days of the Agreement’s expiration or termination, Ironclad will securely destroy (per subsection (iii) below) all copies of Customer Personal Data (including automatically created archival copies).
- Upon Customer’s request, Ironclad will promptly return to Customer a copy of all Customer Personal Data within thirty (30) calendar days and, if Customer also requests deletion of the Customer Personal Data, will carry that out as set forth above.
- All deletion of Customer Personal Data will be conducted in accordance with standard industry practices for deletion of sensitive data.
- Tapes, printed output, optical disks, and other physical media will be physically destroyed by a secure method, such as shredding performed by a bonded provider.
- Upon Customer’s request, Ironclad will provide evidence that Ironclad has deleted all Customer Personal Data. Ironclad will provide the “Certificate of Deletion” within thirty (30) calendar days of Customer’s request.
- Contact Information.
- Ironclad and the Customer agree to designate a point of contact for urgent privacy and security issues (a “Designated POC”). The Designated POC for both parties are:
- Ironclad Designated POC: John Fiedler, support@ironcladhq.com
- Customer Designated POC: The individual and/or email specified in the Notices section of the Agreement.
- Ironclad and the Customer agree to designate a point of contact for urgent privacy and security issues (a “Designated POC”). The Designated POC for both parties are:
Exhibit 1
1.1 Subject Matter of Processing | The subject matter of Processing is the Services pursuant to the Agreement. |
1.2 Duration of Processing | The Processing will continue until the expiration or termination of the Agreement. |
1.3 Categories of Data Subjects | Includes the following:
|
1.4 Nature and Purpose of Processing | Includes the following: Nature: Processing of the data uploaded by Customer to Ironclad's contract management SaaS application. The purpose of Processing of Customer Personal Data by Ironclad is the performance of the Services pursuant to the Agreement. |
1.5 Types of Personal Information | Includes the following:
|
Effective November 3rd 2021 to November 8th 2021
DownloadTable of Contents
This Data Processing Addendum (“Addendum”) may be referenced and incorporated by reference into an Enterprise Services Agreement (the “Agreement”) between Ironclad, Inc. (“Ironclad”) and a customer (“Customer” (collectively the “Parties”)).
- Subject Matter and Duration.
- Subject Matter. This Addendum reflects the Parties’ commitment to abide by Applicable Data Protection Laws concerning the Processing of Customer Personal Data in connection with Ironclad’s execution of the Agreement. All capitalized terms that are not expressly defined in this Data Processing Addendum will have the meanings given to them in the Agreement. If and to the extent language in this Addendum or any of its Exhibits conflicts with the Agreement, this Addendum shall control.
- Duration and Survival. This Addendum will become legally binding upon the Effective Date of the Agreement or upon the date upon which both Parties have signed this Addendum, if it is completed after the Effective Date of the Agreement. Ironclad will Process Customer Personal Data until the relationship terminates as specified in the Agreement. Ironclad’s obligations and Customer’s rights under this Addendum will continue in effect so long as Ironclad Processes Customer Personal Data.
- Definitions. For the purposes of this Addendum, the following terms and those defined within the body of this Addendum apply.
- “Applicable Data Protection Law(s)” means the relevant data protection and data privacy laws, rules and regulations to which the Customer Personal Data are subject. “Applicable Data Protection Law(s)” shall include, but not be limited to, EU General Data Protection Regulation 2016/679 (“GDPR”) principles and requirements, the United Kingdom Data Protection Act 2018, and the California Consumer Privacy Act of 2018 (“CCPA”), and its implementing regulations. For the avoidance of doubt, if Ironclad’s processing activities involving Customer Personal Data are not within the scope of an Applicable Data Protection Law, such law is not applicable for purposes of this Addendum.
- “Customer Personal Data” means Personal Data pertaining to Customer’s users or employees Processed by Ironclad to provide the Services. The Customer Personal Data and the specific uses of the Customer Personal Data are detailed in Exhibit 1 attached hereto, as required by the GDPR.
- “Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data.
- “Personal Data” shall have the meaning assigned to the terms “personal data” or “personal information” under Applicable Data Protection Law(s).
- “Process,” “Processes,” “Processing,” “Processed” means any operation or set of operations which is performed on data or sets of data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction.
- “Processor” means a natural or legal person, public authority, agency or other body which Processes Customer Personal Data on behalf of Customer subject to this Addendum.
- “Security Incident(s)” means the breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Customer Personal Data Processed by Ironclad.
- “Services” means any and all services that Ironclad performs under the Agreement.
- “Standard Contractual Clauses” means the UK Standard Contractual Clauses, and/or the 2021 Standard Contractual Clauses.
- “Third Party(ies)” means Ironclad’s authorized contractors, agents, vendors and third party service providers that Process Customer Personal Data.
- “UK Standard Contractual Clauses” means the Standard Contractual Clauses for data controller to data processor transfers approved by the European Commission in decision 2010/87/EU.
- “2021 Standard Contractual Clauses" means the Standard Contractual Clauses approved by the European Commission in decision 2021/914.
- Data Use and Processing.
- Compliance with Laws. Customer Personal Data shall be Processed in compliance with the terms of this Addendum and all Applicable Data Protection Law(s).
- Purpose Limitation. Ironclad will not Process Customer Personal Data for any purpose other than for the specific purposes set forth in the Agreement, unless obligated to do otherwise by applicable law. In such case, Ironclad will inform Customer of that legal requirement before the Processing unless legally prohibited from doing so.
- Documented Instructions. Ironclad and its Third Parties shall Process Customer Personal Data only in accordance with the documented instructions of Customer. The Agreement, including this Addendum, along with any applicable statement of work, constitute Customer’s complete and final instructions to Ironclad regarding the Processing of Customer Personal Data, including for purposes of the Standard Contractual Clauses. Ironclad will, unless legally prohibited from doing so, inform Customer in writing if it reasonably believes that there is a conflict between Customer’s instructions and applicable law or otherwise seeks to Process Customer Personal Data in a manner that is inconsistent with Customer’s instructions.
- Authorization to Use Third Parties. To the extent necessary to fulfill Ironclad’s contractual obligations under the Agreement or any statement of work, Customer hereby authorizes (i) Ironclad to engage Third Parties and (ii) Third Parties to engage subprocessors.
- Ironclad and Third Party Compliance. Ironclad agrees to (i) enter into a written agreement with Third Parties regarding such Third Parties’ Processing of Customer Personal Data that imposes on such Third Parties (and their subprocessors) data protection and security requirements for Customer Personal Data that are at least as restrictive as the obligations in this Addendum; and (ii) remain responsible to Customer for Ironclad’s Third Parties’ (and their subprocessors if applicable) failure to perform their obligations with respect to the Processing of Customer Personal Data.
- Right to Object to Third Parties. Ironclad’s list of Third Parties that Process Customer Personal Data is available at https://ironcladapp.com/subprocessors/. Solely for Acceptance Services, Ironclad will also use the following additional Third Parties that Process Customer Personal Data.
Third Party | Processing Activity |
Amazon Web Services | Cloud service provider for hosting |
MongoDB Atlas | Cloud service provider for database hosting and management |
Twilio | Inbound/outbound SMS and mobile messaging provider |
Twilio SendGrid | Outbound email service provider |
MailChimp | Outbound email service provider |
FullStory | Cloud-based customer experience and insight service provider |
Intercom | Cloud-based customer support and live chat service provider |
Planhat | Cloud-based customer success service provider |
Zapier | Cloud-based workflow automation service provider |
| Fivetran | Cloud-based ELT (extract, load, transform) service provider |
Prior to engaging any new Third Parties that Process Customer Personal Data, Ironclad will notify Customer via email and allow Customer thirty (30) days to object. If Customer has legitimate objections to the appointment of any new Third Party, the parties will work together in good faith to resolve the grounds for the objection for no less than thirty (30) days, and failing any such resolution, Customer may terminate the part of the service performed under the Agreement that cannot be performed by Ironclad without use of the objectionable Third Party.
- Confidentiality. Any person or Third Party authorized to Process Customer Personal Data must agree to maintain the confidentiality of such information or be under an appropriate statutory or contractual obligation of confidentiality.
- Personal Data Inquiries and Requests. Upon written request from Customer, Ironclad agrees to provide reasonable assistance and comply with all reasonable instructions from Customer related to any requests from individuals exercising their rights in Customer Personal Data granted to them under Applicable Data Protection Laws (e.g., access, rectification, erasure, data portability, etc.). If a request is sent directly to Ironclad, Ironclad shall promptly notify Customer and shall not respond to the request unless Customer has authorized Ironclad to do so.
- Data Protection Impact Assessment and Prior Consultation. Upon written request from Customer, Ironclad agrees to provide reasonable assistance at Customer’s expense to Customer where, in Customer’s judgment, the type of Processing performed by Ironclad is likely to result in a high risk to the rights and freedoms of natural persons (e.g., systematic and extensive profiling, Processing sensitive Personal Data on a large scale and systematic monitoring on a large scale, or where the Processing uses new technologies) and thus requires a data protection impact assessment and/or prior consultation with the relevant data protection authorities.
- Sale of Customer Personal Data Prohibited. Ironclad shall not sell Customer Personal Data as the term "sell" is defined by the CCPA.
- CCPA Certification. Ironclad hereby certifies that it understands its restrictions and obligations set forth in this Addendum and will comply with them.
- Cross-Border Transfers of Personal Data.
- Cross-Border Transfers of Personal Data. Customer authorizes Ironclad and its Third Parties to transfer Customer Personal Data across international borders, including from the European Economic Area (the “EEA”), the United Kingdom, and Switzerland to the United States, and if Customer’s Order Form includes Acceptance Services, from the United States to Japan. Ironclad and Customer agree to use the Standard Contractual Clauses as the adequacy mechanism supporting the transfer and Processing of Customer Personal Data, as further detailed below.
- UK Standard Contractual Clauses. For transfers of Customer Personal Data out of the United Kingdom that are subject to Section 4(a) of this Addendum, the UK Standard Contractual Clauses will apply and are incorporated into this Addendum by reference, provided that the illustrative indemnification clause within Appendix 2 of the UK Standard Contractual Clauses will not apply. Exhibit 1 of this Addendum will serve as Appendix 1 of the UK Standard Contractual Clauses.
- 2021 Standard Contractual Clauses. For transfers of Customer Personal Data out of the EEA or Switzerland that are subject to Section 4(a) of this DPA, the 2021 Standard Contractual Clauses will apply and are incorporated into this Addendum. For purposes of this Addendum, the 2021 Standard Contractual Clauses will apply as set forth in this Section 4(c). “Module Two: Transfer controller to processor” will apply and all other module options will not apply. Under Annex 1 of the 2021 Standard Contractual Clauses, the “data exporter” is Customer and the “data importer” is Ironclad and the information required by Annex 1 can be found in Exhibit 1. For the purposes of Annex 2 of the Standard Contractual Clauses, the technical and organizational measures implemented by the data importer are those listed in Section 5 of this Addendum. Clause 7 will not apply. For clause 9, the Parties choose Option 2 and the Parties agree that the time period for prior notice of Third Party changes will be as set forth in 3(f) of this Addendum. For clause 11, the optional language will not apply. For clause 17, the Parties choose Option 1 and the Parties agree that the governing law will be the Republic of Ireland. For clause 18, the Parties agree that the courts of the Republic of Ireland will apply for subsection (b).
- Each party’s signature to this Addendum shall be considered a signature to the Standard Contractual Clauses. If required by the laws or regulatory procedures of any jurisdiction, the Parties shall execute or re-execute the Standard Contractual Clauses as separate documents. In case of conflict between the Standard Contractual Clauses and this Addendum, the Standard Contractual Clauses will prevail.
- Information Security Program.
- Ironclad agrees to implement appropriate technical and organizational measures designed to protect Customer Personal Data as required by Applicable Data Protection Law(s) (the “Information Security Program”). Such measures shall be designed to include:
- Pseudonymisation of Customer Personal Data where appropriate, and encryption of Customer Personal Data in transit and at rest;
- The ability to ensure the ongoing confidentiality, integrity, availability of Ironclad’s Processing and Customer Personal Data;
- The ability to restore the availability and access to Customer Personal Data in the event of a physical or technical incident;
- A process for regularly testing, assessing and evaluating the effectiveness of Ironclad’s Information Security Program to ensure the security of Customer Personal Data from reasonably suspected or actual accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access.
- Ironclad agrees to implement appropriate technical and organizational measures designed to protect Customer Personal Data as required by Applicable Data Protection Law(s) (the “Information Security Program”). Such measures shall be designed to include:
- Security Incidents.
- Security Incident Procedure. Ironclad will deploy and follow policies and procedures to detect, respond to, and otherwise address Security Incidents including procedures to (i) identify and respond to reasonably suspected or known Security Incidents, mitigate harmful effects of Security Incidents, document Security Incidents and their outcomes, and (ii) restore the availability or access to Customer Personal Data in a timely manner.
- Notice. Ironclad agrees to provide prompt written notice without undue delay and within the time frame required under Applicable Data Protection Law(s) (but in no event longer than forty-eight (48) hours) to Customer’s Designated POC upon becoming aware that a Security Incident has taken place. Such notice will include all available details required under Applicable Data Protection Law(s) for Customer to comply with its own notification obligations to regulatory authorities or individuals affected by the Security Incident.
- Audits.
- Right to Audit; Permitted Audits. Ironclad shall make available to Customer and its regulators all information necessary to demonstrate compliance with Applicable Data Protection Laws and this Addendum. Customer and its regulators shall have the right to inspect Ironclad’s architecture, systems, and documentation which are relevant to the security and integrity of Customer Personal Data, or as otherwise required by a governmental regulator:
- Following any notice from Ironclad to Customer of an actual or reasonably suspected Security Incident involving Customer Personal Data;
- Upon Customer’s reasonable belief that Ironclad is not in compliance with Applicable Data Protection Laws, this Addendum or its security policies and procedures under the Agreement;
- As required by governmental regulators;
- For any reason, or no reason at all, once annually.
- Audit Terms. Any audits described in this Section shall be:
- Conducted by Customer or its regulator, or through a third party independent contractor selected by one of these parties, and to whom Ironclad does not reasonably object.
- Conducted during reasonable times.
- Conducted upon reasonable advance notice to Ironclad.
- Of reasonable duration and scope and shall not unreasonably interfere with Ironclad’s day-to-day operations.
- Conducted in such a manner that does not violate any agreement between Ironclad and its service providers, including cloud providers, or violate or cause Ironclad to violate its reasonable policies related to security and confidentiality.
- Third Parties. In the event that Customer conducts an audit through a third party independent auditor or a third party accompanies Customer or participates in such audit, such third party shall be required to enter into a non-disclosure agreement containing confidentiality provisions substantially similar to those set forth in the Agreement to protect Ironclad’s and Ironclad’s customers’ confidential and proprietary information. For the avoidance of doubt, regulators shall not be required to enter into a non-disclosure agreement.
- Audit Results. Upon Ironclad’s request, after conducting an audit, Customer shall notify Ironclad of the manner in which Ironclad does not comply with any of the applicable security, confidentiality or privacy obligations or Applicable Data Protection Laws herein. Upon such notice, Ironclad shall make any necessary changes to ensure compliance with such obligations at its own expense and without unreasonable delay and shall notify Customer when such changes are complete. Notwithstanding anything to the contrary in the Agreement, Customer may conduct a follow-up audit within six (6) months of Ironclad’s notice of completion of any necessary changes. To the extent that a Customer audit identifies any material security vulnerabilities, Ironclad shall promptly remediate those vulnerabilities.
- Right to Audit; Permitted Audits. Ironclad shall make available to Customer and its regulators all information necessary to demonstrate compliance with Applicable Data Protection Laws and this Addendum. Customer and its regulators shall have the right to inspect Ironclad’s architecture, systems, and documentation which are relevant to the security and integrity of Customer Personal Data, or as otherwise required by a governmental regulator:
- Data Storage and Deletion.
- Data Storage. Ironclad will not store or retain any Customer Personal Data except as necessary to perform the Services under the Agreement.
- Data Deletion. Ironclad will abide by the following with respect to deletion of Customer Personal Data:
- Within ninety (90) calendar days of the Agreement’s expiration or termination, Ironclad will securely destroy (per subsection (iii) below) all copies of Customer Personal Data (including automatically created archival copies).
- Upon Customer’s request, Ironclad will promptly return to Customer a copy of all Customer Personal Data within thirty (30) calendar days and, if Customer also requests deletion of the Customer Personal Data, will carry that out as set forth above.
- All deletion of Customer Personal Data will be conducted in accordance with standard industry practices for deletion of sensitive data.
- Tapes, printed output, optical disks, and other physical media will be physically destroyed by a secure method, such as shredding performed by a bonded provider.
- Upon Customer’s request, Ironclad will provide evidence that Ironclad has deleted all Customer Personal Data. Ironclad will provide the “Certificate of Deletion” within thirty (30) calendar days of Customer’s request.
- Contact Information.
- Ironclad and the Customer agree to designate a point of contact for urgent privacy and security issues (a “Designated POC”). The Designated POC for both parties are:
- Ironclad Designated POC: John Fiedler, support@ironcladhq.com
- Customer Designated POC: The individual and email specified in Section 2.5 of the Agreement. If no individual and email is specified in Section 2.5 of the Agreement, then the Customer notice email specified in the Notices section of the Agreement.
- Ironclad and the Customer agree to designate a point of contact for urgent privacy and security issues (a “Designated POC”). The Designated POC for both parties are:
Exhibit 1
1.1 Subject Matter of Processing | The subject matter of Processing is the Services pursuant to the Agreement. |
1.2 Duration of Processing | The Processing will continue until the expiration or termination of the Agreement. |
1.3 Categories of Data Subjects | Includes the following:
|
1.4 Nature and Purpose of Processing | Includes the following: Nature: Processing of the data uploaded by Customer to Ironclad's contract management SaaS application. The purpose of Processing of Customer Personal Data by Ironclad is the performance of the Services pursuant to the Agreement. |
1.5 Types of Personal Information | Includes the following:
|
Effective October 1st 2021 to November 3rd 2021
DownloadTable of Contents
This Data Processing Addendum (“Addendum”) may be referenced and incorporated by reference into an Enterprise Services Agreement (the “Agreement”) between Ironclad, Inc. (“Ironclad”) and a customer (“Customer” (collectively the “Parties”)).
- Subject Matter and Duration.
- Subject Matter. This Addendum reflects the Parties’ commitment to abide by Applicable Data Protection Laws concerning the Processing of Customer Personal Data in connection with Ironclad’s execution of the Agreement. All capitalized terms that are not expressly defined in this Data Processing Addendum will have the meanings given to them in the Agreement. If and to the extent language in this Addendum or any of its Exhibits conflicts with the Agreement, this Addendum shall control.
- Duration and Survival. This Addendum will become legally binding upon the Effective Date of the Agreement or upon the date upon which both Parties have signed this Addendum, if it is completed after the Effective Date of the Agreement. Ironclad will Process Customer Personal Data until the relationship terminates as specified in the Agreement. Ironclad’s obligations and Customer’s rights under this Addendum will continue in effect so long as Ironclad Processes Customer Personal Data.
- Definitions. For the purposes of this Addendum, the following terms and those defined within the body of this Addendum apply.
- “Applicable Data Protection Law(s)” means the relevant data protection and data privacy laws, rules and regulations to which the Customer Personal Data are subject. “Applicable Data Protection Law(s)” shall include, but not be limited to, EU General Data Protection Regulation 2016/679 (“GDPR”) principles and requirements, the United Kingdom Data Protection Act 2018, and the California Consumer Privacy Act of 2018 (“CCPA”), and its implementing regulations. For the avoidance of doubt, if Ironclad’s processing activities involving Customer Personal Data are not within the scope of an Applicable Data Protection Law, such law is not applicable for purposes of this Addendum.
- “Customer Personal Data” means Personal Data pertaining to Customer’s users or employees Processed by Ironclad to provide the Services. The Customer Personal Data and the specific uses of the Customer Personal Data are detailed in Exhibit 1 attached hereto, as required by the GDPR.
- “Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data.
- “Personal Data” shall have the meaning assigned to the terms “personal data” or “personal information” under Applicable Data Protection Law(s).
- “Process,” “Processes,” “Processing,” “Processed” means any operation or set of operations which is performed on data or sets of data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction.
- “Processor” means a natural or legal person, public authority, agency or other body which Processes Customer Personal Data on behalf of Customer subject to this Addendum.
- “Security Incident(s)” means the breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Customer Personal Data Processed by Ironclad.
- “Services” means any and all services that Ironclad performs under the Agreement.
- “Standard Contractual Clauses” means the UK Standard Contractual Clauses, and/or the 2021 Standard Contractual Clauses.
- “Third Party(ies)” means Ironclad’s authorized contractors, agents, vendors and third party service providers that Process Customer Personal Data.
- “UK Standard Contractual Clauses” means the Standard Contractual Clauses for data controller to data processor transfers approved by the European Commission in decision 2010/87/EU.
- “2021 Standard Contractual Clauses" means the Standard Contractual Clauses approved by the European Commission in decision 2021/914.
- Data Use and Processing.
- Compliance with Laws. Customer Personal Data shall be Processed in compliance with the terms of this Addendum and all Applicable Data Protection Law(s).
- Purpose Limitation. Ironclad will not Process Customer Personal Data for any purpose other than for the specific purposes set forth in the Agreement, unless obligated to do otherwise by applicable law. In such case, Ironclad will inform Customer of that legal requirement before the Processing unless legally prohibited from doing so.
- Documented Instructions. Ironclad and its Third Parties shall Process Customer Personal Data only in accordance with the documented instructions of Customer. The Agreement, including this Addendum, along with any applicable statement of work, constitute Customer’s complete and final instructions to Ironclad regarding the Processing of Customer Personal Data, including for purposes of the Standard Contractual Clauses. Ironclad will, unless legally prohibited from doing so, inform Customer in writing if it reasonably believes that there is a conflict between Customer’s instructions and applicable law or otherwise seeks to Process Customer Personal Data in a manner that is inconsistent with Customer’s instructions.
- Authorization to Use Third Parties. To the extent necessary to fulfill Ironclad’s contractual obligations under the Agreement or any statement of work, Customer hereby authorizes (i) Ironclad to engage Third Parties and (ii) Third Parties to engage subprocessors.
- Ironclad and Third Party Compliance. Ironclad agrees to (i) enter into a written agreement with Third Parties regarding such Third Parties’ Processing of Customer Personal Data that imposes on such Third Parties (and their subprocessors) data protection and security requirements for Customer Personal Data that are at least as restrictive as the obligations in this Addendum; and (ii) remain responsible to Customer for Ironclad’s Third Parties’ (and their subprocessors if applicable) failure to perform their obligations with respect to the Processing of Customer Personal Data.
- Right to Object to Third Parties. Ironclad’s list of Third Parties that Process Customer Personal Data is available at https://ironcladapp.com/subprocessors/. Solely for Acceptance Services, Ironclad will also use the following additional Third Parties that Process Customer Personal Data.
Third Party | Processing Activity |
Amazon Web Services | Cloud service provider for hosting |
MongoDB Atlas | Cloud service provider for database hosting and management |
Twilio | Inbound/outbound SMS and mobile messaging provider |
Twilio SendGrid | Outbound email service provider |
MailChimp | Outbound email service provider |
FullStory | Cloud-based customer experience and insight service provider |
Intercom | Cloud-based customer support and live chat service provider |
Planhat | Cloud-based customer success service provider |
Zapier | Cloud-based workflow automation service provider |
Prior to engaging any new Third Parties that Process Customer Personal Data, Ironclad will notify Customer via email and allow Customer thirty (30) days to object. If Customer has legitimate objections to the appointment of any new Third Party, the parties will work together in good faith to resolve the grounds for the objection for no less than thirty (30) days, and failing any such resolution, Customer may terminate the part of the service performed under the Agreement that cannot be performed by Ironclad without use of the objectionable Third Party.
- Confidentiality. Any person or Third Party authorized to Process Customer Personal Data must agree to maintain the confidentiality of such information or be under an appropriate statutory or contractual obligation of confidentiality.
- Personal Data Inquiries and Requests. Upon written request from Customer, Ironclad agrees to provide reasonable assistance and comply with all reasonable instructions from Customer related to any requests from individuals exercising their rights in Customer Personal Data granted to them under Applicable Data Protection Laws (e.g., access, rectification, erasure, data portability, etc.). If a request is sent directly to Ironclad, Ironclad shall promptly notify Customer and shall not respond to the request unless Customer has authorized Ironclad to do so.
- Data Protection Impact Assessment and Prior Consultation. Upon written request from Customer, Ironclad agrees to provide reasonable assistance at Customer’s expense to Customer where, in Customer’s judgment, the type of Processing performed by Ironclad is likely to result in a high risk to the rights and freedoms of natural persons (e.g., systematic and extensive profiling, Processing sensitive Personal Data on a large scale and systematic monitoring on a large scale, or where the Processing uses new technologies) and thus requires a data protection impact assessment and/or prior consultation with the relevant data protection authorities.
- Sale of Customer Personal Data Prohibited. Ironclad shall not sell Customer Personal Data as the term "sell" is defined by the CCPA.
- CCPA Certification. Ironclad hereby certifies that it understands its restrictions and obligations set forth in this Addendum and will comply with them.
- Cross-Border Transfers of Personal Data.
- Cross-Border Transfers of Personal Data. Customer authorizes Ironclad and its Third Parties to transfer Customer Personal Data across international borders, including from the European Economic Area (the “EEA”), the United Kingdom, and Switzerland to the United States, and if Customer’s Order Form includes Acceptance Services, from the United States to Japan. Ironclad and Customer agree to use the Standard Contractual Clauses as the adequacy mechanism supporting the transfer and Processing of Customer Personal Data, as further detailed below.
- UK Standard Contractual Clauses. For transfers of Customer Personal Data out of the United Kingdom that are subject to Section 4(a) of this Addendum, the UK Standard Contractual Clauses will apply and are incorporated into this Addendum by reference, provided that the illustrative indemnification clause within Appendix 2 of the UK Standard Contractual Clauses will not apply. Exhibit 1 of this Addendum will serve as Appendix 1 of the UK Standard Contractual Clauses.
- 2021 Standard Contractual Clauses. For transfers of Customer Personal Data out of the EEA or Switzerland that are subject to Section 4(a) of this DPA, the 2021 Standard Contractual Clauses will apply and are incorporated into this Addendum. For purposes of this Addendum, the 2021 Standard Contractual Clauses will apply as set forth in this Section 4(c). “Module Two: Transfer controller to processor” will apply and all other module options will not apply. Under Annex 1 of the 2021 Standard Contractual Clauses, the “data exporter” is Customer and the “data importer” is Ironclad and the information required by Annex 1 can be found in Exhibit 1. For the purposes of Annex 2 of the Standard Contractual Clauses, the technical and organizational measures implemented by the data importer are those listed in Section 5 of this Addendum. Clause 7 will not apply. For clause 9, the Parties choose Option 2 and the Parties agree that the time period for prior notice of Third Party changes will be as set forth in 3(f) of this Addendum. For clause 11, the optional language will not apply. For clause 17, the Parties choose Option 1 and the Parties agree that the governing law will be the Republic of Ireland. For clause 18, the Parties agree that the courts of the Republic of Ireland will apply for subsection (b).
- Each party’s signature to this Addendum shall be considered a signature to the Standard Contractual Clauses. If required by the laws or regulatory procedures of any jurisdiction, the Parties shall execute or re-execute the Standard Contractual Clauses as separate documents. In case of conflict between the Standard Contractual Clauses and this Addendum, the Standard Contractual Clauses will prevail.
- Information Security Program.
- Ironclad agrees to implement appropriate technical and organizational measures designed to protect Customer Personal Data as required by Applicable Data Protection Law(s) (the “Information Security Program”). Such measures shall be designed to include:
- Pseudonymisation of Customer Personal Data where appropriate, and encryption of Customer Personal Data in transit and at rest;
- The ability to ensure the ongoing confidentiality, integrity, availability of Ironclad’s Processing and Customer Personal Data;
- The ability to restore the availability and access to Customer Personal Data in the event of a physical or technical incident;
- A process for regularly testing, assessing and evaluating the effectiveness of Ironclad’s Information Security Program to ensure the security of Customer Personal Data from reasonably suspected or actual accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access.
- Ironclad agrees to implement appropriate technical and organizational measures designed to protect Customer Personal Data as required by Applicable Data Protection Law(s) (the “Information Security Program”). Such measures shall be designed to include:
- Security Incidents.
- Security Incident Procedure. Ironclad will deploy and follow policies and procedures to detect, respond to, and otherwise address Security Incidents including procedures to (i) identify and respond to reasonably suspected or known Security Incidents, mitigate harmful effects of Security Incidents, document Security Incidents and their outcomes, and (ii) restore the availability or access to Customer Personal Data in a timely manner.
- Notice. Ironclad agrees to provide prompt written notice without undue delay and within the time frame required under Applicable Data Protection Law(s) (but in no event longer than forty-eight (48) hours) to Customer’s Designated POC upon becoming aware that a Security Incident has taken place. Such notice will include all available details required under Applicable Data Protection Law(s) for Customer to comply with its own notification obligations to regulatory authorities or individuals affected by the Security Incident.
- Audits.
- Right to Audit; Permitted Audits. Ironclad shall make available to Customer and its regulators all information necessary to demonstrate compliance with Applicable Data Protection Laws and this Addendum. Customer and its regulators shall have the right to inspect Ironclad’s architecture, systems, and documentation which are relevant to the security and integrity of Customer Personal Data, or as otherwise required by a governmental regulator:
- Following any notice from Ironclad to Customer of an actual or reasonably suspected Security Incident involving Customer Personal Data;
- Upon Customer’s reasonable belief that Ironclad is not in compliance with Applicable Data Protection Laws, this Addendum or its security policies and procedures under the Agreement;
- As required by governmental regulators;
- For any reason, or no reason at all, once annually.
- Audit Terms. Any audits described in this Section shall be:
- Conducted by Customer or its regulator, or through a third party independent contractor selected by one of these parties, and to whom Ironclad does not reasonably object.
- Conducted during reasonable times.
- Conducted upon reasonable advance notice to Ironclad.
- Of reasonable duration and scope and shall not unreasonably interfere with Ironclad’s day-to-day operations.
- Conducted in such a manner that does not violate any agreement between Ironclad and its service providers, including cloud providers, or violate or cause Ironclad to violate its reasonable policies related to security and confidentiality.
- Third Parties. In the event that Customer conducts an audit through a third party independent auditor or a third party accompanies Customer or participates in such audit, such third party shall be required to enter into a non-disclosure agreement containing confidentiality provisions substantially similar to those set forth in the Agreement to protect Ironclad’s and Ironclad’s customers’ confidential and proprietary information. For the avoidance of doubt, regulators shall not be required to enter into a non-disclosure agreement.
- Audit Results. Upon Ironclad’s request, after conducting an audit, Customer shall notify Ironclad of the manner in which Ironclad does not comply with any of the applicable security, confidentiality or privacy obligations or Applicable Data Protection Laws herein. Upon such notice, Ironclad shall make any necessary changes to ensure compliance with such obligations at its own expense and without unreasonable delay and shall notify Customer when such changes are complete. Notwithstanding anything to the contrary in the Agreement, Customer may conduct a follow-up audit within six (6) months of Ironclad’s notice of completion of any necessary changes. To the extent that a Customer audit identifies any material security vulnerabilities, Ironclad shall promptly remediate those vulnerabilities.
- Right to Audit; Permitted Audits. Ironclad shall make available to Customer and its regulators all information necessary to demonstrate compliance with Applicable Data Protection Laws and this Addendum. Customer and its regulators shall have the right to inspect Ironclad’s architecture, systems, and documentation which are relevant to the security and integrity of Customer Personal Data, or as otherwise required by a governmental regulator:
- Data Storage and Deletion.
- Data Storage. Ironclad will not store or retain any Customer Personal Data except as necessary to perform the Services under the Agreement.
- Data Deletion. Ironclad will abide by the following with respect to deletion of Customer Personal Data:
- Within ninety (90) calendar days of the Agreement’s expiration or termination, Ironclad will securely destroy (per subsection (iii) below) all copies of Customer Personal Data (including automatically created archival copies).
- Upon Customer’s request, Ironclad will promptly return to Customer a copy of all Customer Personal Data within thirty (30) calendar days and, if Customer also requests deletion of the Customer Personal Data, will carry that out as set forth above.
- All deletion of Customer Personal Data will be conducted in accordance with standard industry practices for deletion of sensitive data.
- Tapes, printed output, optical disks, and other physical media will be physically destroyed by a secure method, such as shredding performed by a bonded provider.
- Upon Customer’s request, Ironclad will provide evidence that Ironclad has deleted all Customer Personal Data. Ironclad will provide the “Certificate of Deletion” within thirty (30) calendar days of Customer’s request.
- Contact Information.
- Ironclad and the Customer agree to designate a point of contact for urgent privacy and security issues (a “Designated POC”). The Designated POC for both parties are:
- Ironclad Designated POC: John Fiedler, support@ironcladhq.com
- Customer Designated POC: The individual and email specified in Section 2.5 of the Agreement. If no individual and email is specified in Section 2.5 of the Agreement, then the Customer notice email specified in the Notices section of the Agreement.
- Ironclad and the Customer agree to designate a point of contact for urgent privacy and security issues (a “Designated POC”). The Designated POC for both parties are:
Exhibit 1
1.1 Subject Matter of Processing | The subject matter of Processing is the Services pursuant to the Agreement. |
1.2 Duration of Processing | The Processing will continue until the expiration or termination of the Agreement. |
1.3 Categories of Data Subjects | Includes the following:
|
1.4 Nature and Purpose of Processing | Includes the following: Nature: Processing of the data uploaded by Customer to Ironclad's contract management SaaS application. The purpose of Processing of Customer Personal Data by Ironclad is the performance of the Services pursuant to the Agreement. |
1.5 Types of Personal Information | Includes the following:
|
Effective June 17th 2021 to October 1st 2021
DownloadTable of Contents
This Data Processing Addendum (“Addendum”) may be referenced and incorporated by reference into an Enterprise Services Agreement (the “Agreement”) between Ironclad, Inc. (“Ironclad”) and a customer (“Customer” (collectively the “Parties”)).
- Subject Matter and Duration.
- Subject Matter. This Addendum reflects the Parties’ commitment to abide by Applicable Data Protection Laws concerning the Processing of Customer Personal Data in connection with Ironclad’s execution of the Agreement. All capitalized terms that are not expressly defined in this Data Processing Addendum will have the meanings given to them in the Agreement. If and to the extent language in this Addendum or any of its Exhibits conflicts with the Agreement, this Addendum shall control.
- Duration and Survival. This Addendum will become legally binding upon the Effective Date of the Agreement or upon the date upon which both Parties have signed this Addendum, if it is completed after the Effective Date of the Agreement. Ironclad will Process Customer Personal Data until the relationship terminates as specified in the Agreement. Ironclad’s obligations and Customer’s rights under this Addendum will continue in effect so long as Ironclad Processes Customer Personal Data.
- Definitions. For the purposes of this Addendum, the following terms and those defined within the body of this Addendum apply.
- “Applicable Data Protection Law(s)” means the relevant data protection and data privacy laws, rules and regulations to which the Customer Personal Data are subject. “Applicable Data Protection Law(s)” shall include, but not be limited to, EU General Data Protection Regulation 2016/679 (“GDPR”) principles and requirements, the United Kingdom Data Protection Act 2018, and the California Consumer Privacy Act of 2018 (“CCPA”), and its implementing regulations. For the avoidance of doubt, if Ironclad’s processing activities involving Customer Personal Data are not within the scope of an Applicable Data Protection Law, such law is not applicable for purposes of this Addendum.
- “Customer Personal Data” means Personal Data pertaining to Customer’s users or employees Processed by Ironclad to provide the Services. The Customer Personal Data and the specific uses of the Customer Personal Data are detailed in Exhibit 1 attached hereto, as required by the GDPR.
- “Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data.
- “Personal Data” shall have the meaning assigned to the terms “personal data” or “personal information” under Applicable Data Protection Law(s).
- “Process,” “Processes,” “Processing,” “Processed” means any operation or set of operations which is performed on data or sets of data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction.
- “Processor” means a natural or legal person, public authority, agency or other body which Processes Customer Personal Data on behalf of Customer subject to this Addendum.
- “Security Incident(s)” means the breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Customer Personal Data Processed by Ironclad.
- “Services” means any and all services that Ironclad performs under the Agreement.
- “Third Party(ies)” means Ironclad’s authorized contractors, agents, vendors and third party service providers that Process Customer Personal Data.
- Data Use and Processing.
- Compliance with Laws. Customer Personal Data shall be Processed in compliance with the terms of this Addendum and all Applicable Data Protection Law(s).
- Purpose Limitation. Ironclad will not Process Customer Personal Data for any purpose other than for the specific purposes set forth in the Agreement, unless obligated to do otherwise by applicable law. In such case, Ironclad will inform Customer of that legal requirement before the Processing unless legally prohibited from doing so.
- Documented Instructions. Ironclad and its Third Parties shall Process Customer Personal Data only in accordance with the documented instructions of Customer. The Agreement, including this Addendum, along with any applicable statement of work, constitute Customer’s complete and final instructions to Ironclad regarding the Processing of Customer Personal Data, including for purposes of the Standard Contractual Clauses. Ironclad will, unless legally prohibited from doing so, inform Customer in writing if it reasonably believes that there is a conflict between Customer’s instructions and applicable law or otherwise seeks to Process Customer Personal Data in a manner that is inconsistent with Customer’s instructions.
- Authorization to Use Third Parties. To the extent necessary to fulfill Ironclad’s contractual obligations under the Agreement or any statement of work, Customer hereby authorizes (i) Ironclad to engage Third Parties and (ii) Third Parties to engage subprocessors.
- Ironclad and Third Party Compliance. Ironclad agrees to (i) enter into a written agreement with Third Parties regarding such Third Parties’ Processing of Customer Personal Data that imposes on such Third Parties (and their subprocessors) data protection and security requirements for Customer Personal Data that are at least as restrictive as the obligations in this Addendum; and (ii) remain responsible to Customer for Ironclad’s Third Parties’ (and their subprocessors if applicable) failure to perform their obligations with respect to the Processing of Customer Personal Data.
- Right to Object to Third Parties. Ironclad’s list of Third Parties that Process Customer Personal Data is available at https://ironcladapp.com/subprocessors/. Solely for Acceptance Services, Ironclad will also use the following additional Third Parties that Process Customer Personal Data.
Third Party | Processing Activity |
Amazon Web Services | Cloud service provider for hosting |
MongoDB Atlas | Cloud service provider for database hosting and management |
Twilio | Inbound/outbound SMS and mobile messaging provider |
Twilio SendGrid | Outbound email service provider |
MailChimp | Outbound email service provider |
FullStory | Cloud-based customer experience and insight service provider |
Intercom | Cloud-based customer support and live chat service provider |
Planhat | Cloud-based customer success service provider |
Zapier | Cloud-based workflow automation service provider |
Prior to engaging any new Third Parties that Process Customer Personal Data, Ironclad will notify Customer via email and allow Customer thirty (30) days to object. If Customer has legitimate objections to the appointment of any new Third Party, the parties will work together in good faith to resolve the grounds for the objection for no less than thirty (30) days, and failing any such resolution, Customer may terminate the part of the service performed under the Agreement that cannot be performed by Ironclad without use of the objectionable Third Party.
- Confidentiality. Any person or Third Party authorized to Process Customer Personal Data must agree to maintain the confidentiality of such information or be under an appropriate statutory or contractual obligation of confidentiality.
- Personal Data Inquiries and Requests. Upon written request from Customer, Ironclad agrees to provide reasonable assistance and comply with all reasonable instructions from Customer related to any requests from individuals exercising their rights in Customer Personal Data granted to them under Applicable Data Protection Laws (e.g., access, rectification, erasure, data portability, etc.). If a request is sent directly to Ironclad, Ironclad shall promptly notify Customer and shall not respond to the request unless Customer has authorized Ironclad to do so.
- Data Protection Impact Assessment and Prior Consultation. Upon written request from Customer, Ironclad agrees to provide reasonable assistance at Customer’s expense to Customer where, in Customer’s judgment, the type of Processing performed by Ironclad is likely to result in a high risk to the rights and freedoms of natural persons (e.g., systematic and extensive profiling, Processing sensitive Personal Data on a large scale and systematic monitoring on a large scale, or where the Processing uses new technologies) and thus requires a data protection impact assessment and/or prior consultation with the relevant data protection authorities.
- Sale of Customer Personal Data Prohibited. Ironclad shall not sell Customer Personal Data as the term "sell" is defined by the CCPA.
- CCPA Certification. Ironclad hereby certifies that it understands its restrictions and obligations set forth in this Addendum and will comply with them.
- Cross-Border Transfers of Personal Data.
- Cross-Border Transfers of Personal Data. Customer authorizes Ironclad and its Third Parties to transfer Customer Personal Data across international borders, including from the European Economic Area to the United States, and if Customer’s Order Form includes Acceptance Services, from the United States to Japan. Any cross-border transfer of Customer Personal Data must be supported by an approved adequacy mechanism.
- Standard Contractual Clauses. Ironclad and Customer will use the European Commission Decision C(2010)593 Standard Contractual Clauses for Controllers to Processors (“Model Clauses”) (available at https://eur-lex.europa.eu/legal-content/en/TXT/?uri=CELEX:32010D0087) as the adequacy mechanism supporting the transfer and Processing of Customer Personal Data, the terms of which are herein incorporated by reference and made part hereto. Under Appendix 1 of the Model Clauses, the “data exporter” is Customer and the “data importer” is Ironclad and the information required by Appendix 1 can be found in Exhibit 1. For the purposes of Appendix 2 of the Model Clauses, the technical and organizational measures implemented by the data importer are those listed in Section 5 of this Addendum. Pursuant to clause 5(h) of the Model Clauses, Customer agrees that Ironclad may engage new Third Parties in accordance with Section(s) 3(c) – 3(e) of this Addendum. The Parties agree that the Illustrative Clause (Optional) is expressly not included in the Model Clauses. Each party’s signature to this Addendum shall be considered a signature to the Model Clauses. If required by the laws or regulatory procedures of any jurisdiction, the Parties shall execute or re-execute the Model Clauses as separate documents. In case of conflict between the Model Clauses and this Addendum, the Model Clauses will prevail. If necessary, the relevant terms shall be deemed amended as necessary to legitimize transfers of Ironclad Personal Data of Data Subjects located in the United Kingdom to and from the United Kingdom and subsequent onward transfers.
- Information Security Program.
- Ironclad agrees to implement appropriate technical and organizational measures designed to protect Customer Personal Data as required by Applicable Data Protection Law(s) (the “Information Security Program”). Such measures shall be designed to include:
- Pseudonymisation of Customer Personal Data where appropriate, and encryption of Customer Personal Data in transit and at rest;
- The ability to ensure the ongoing confidentiality, integrity, availability of Ironclad’s Processing and Customer Personal Data;
- The ability to restore the availability and access to Customer Personal Data in the event of a physical or technical incident;
- A process for regularly testing, assessing and evaluating the effectiveness of Ironclad’s Information Security Program to ensure the security of Customer Personal Data from reasonably suspected or actual accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access.
- Ironclad agrees to implement appropriate technical and organizational measures designed to protect Customer Personal Data as required by Applicable Data Protection Law(s) (the “Information Security Program”). Such measures shall be designed to include:
- Security Incidents.
- Security Incident Procedure. Ironclad will deploy and follow policies and procedures to detect, respond to, and otherwise address Security Incidents including procedures to (i) identify and respond to reasonably suspected or known Security Incidents, mitigate harmful effects of Security Incidents, document Security Incidents and their outcomes, and (ii) restore the availability or access to Customer Personal Data in a timely manner.
- Notice. Ironclad agrees to provide prompt written notice without undue delay and within the time frame required under Applicable Data Protection Law(s) (but in no event longer than forty-eight (48) hours) to Customer’s Designated POC upon becoming aware that a Security Incident has taken place. Such notice will include all available details required under Applicable Data Protection Law(s) for Customer to comply with its own notification obligations to regulatory authorities or individuals affected by the Security Incident.
- Audits.
- Right to Audit; Permitted Audits. Ironclad shall make available to Customer and its regulators all information necessary to demonstrate compliance with Applicable Data Protection Laws and this Addendum. Customer and its regulators shall have the right to inspect Ironclad’s architecture, systems, and documentation which are relevant to the security and integrity of Customer Personal Data, or as otherwise required by a governmental regulator:
- Following any notice from Ironclad to Customer of an actual or reasonably suspected Security Incident involving Customer Personal Data;
- Upon Customer’s reasonable belief that Ironclad is not in compliance with Applicable Data Protection Laws, this Addendum or its security policies and procedures under the Agreement;
- As required by governmental regulators;
- For any reason, or no reason at all, once annually.
- Audit Terms. Any audits described in this Section shall be:
- Conducted by Customer or its regulator, or through a third party independent contractor selected by one of these parties, and to whom Ironclad does not reasonably object.
- Conducted during reasonable times.
- Conducted upon reasonable advance notice to Ironclad.
- Of reasonable duration and scope and shall not unreasonably interfere with Ironclad’s day-to-day operations.
- Conducted in such a manner that does not violate any agreement between Ironclad and its service providers, including cloud providers, or violate or cause Ironclad to violate its reasonable policies related to security and confidentiality.
- Third Parties. In the event that Customer conducts an audit through a third party independent auditor or a third party accompanies Customer or participates in such audit, such third party shall be required to enter into a non-disclosure agreement containing confidentiality provisions substantially similar to those set forth in the Agreement to protect Ironclad’s and Ironclad’s customers’ confidential and proprietary information. For the avoidance of doubt, regulators shall not be required to enter into a non-disclosure agreement.
- Audit Results. Upon Ironclad’s request, after conducting an audit, Customer shall notify Ironclad of the manner in which Ironclad does not comply with any of the applicable security, confidentiality or privacy obligations or Applicable Data Protection Laws herein. Upon such notice, Ironclad shall make any necessary changes to ensure compliance with such obligations at its own expense and without unreasonable delay and shall notify Customer when such changes are complete. Notwithstanding anything to the contrary in the Agreement, Customer may conduct a follow-up audit within six (6) months of Ironclad’s notice of completion of any necessary changes. To the extent that a Customer audit identifies any material security vulnerabilities, Ironclad shall promptly remediate those vulnerabilities.
- Right to Audit; Permitted Audits. Ironclad shall make available to Customer and its regulators all information necessary to demonstrate compliance with Applicable Data Protection Laws and this Addendum. Customer and its regulators shall have the right to inspect Ironclad’s architecture, systems, and documentation which are relevant to the security and integrity of Customer Personal Data, or as otherwise required by a governmental regulator:
- Data Storage and Deletion.
- Data Storage. Ironclad will not store or retain any Customer Personal Data except as necessary to perform the Services under the Agreement.
- Data Deletion. Ironclad will abide by the following with respect to deletion of Customer Personal Data:
- Within ninety (90) calendar days of the Agreement’s expiration or termination, Ironclad will securely destroy (per subsection (iii) below) all copies of Customer Personal Data (including automatically created archival copies).
- Upon Customer’s request, Ironclad will promptly return to Customer a copy of all Customer Personal Data within thirty (30) calendar days and, if Customer also requests deletion of the Customer Personal Data, will carry that out as set forth above.
- All deletion of Customer Personal Data will be conducted in accordance with standard industry practices for deletion of sensitive data.
- Tapes, printed output, optical disks, and other physical media will be physically destroyed by a secure method, such as shredding performed by a bonded provider.
- Upon Customer’s request, Ironclad will provide evidence that Ironclad has deleted all Customer Personal Data. Ironclad will provide the “Certificate of Deletion” within thirty (30) calendar days of Customer’s request.
- Contact Information.
- Ironclad and the Customer agree to designate a point of contact for urgent privacy and security issues (a “Designated POC”). The Designated POC for both parties are:
- Ironclad Designated POC: John Fiedler, support@ironcladhq.com
- Customer Designated POC: The individual and email specified in Section 2.5 of the Agreement. If no individual and email is specified in Section 2.5 of the Agreement, then the Customer notice email specified in the Notices section of the Agreement.
- Ironclad and the Customer agree to designate a point of contact for urgent privacy and security issues (a “Designated POC”). The Designated POC for both parties are:
Exhibit 1
1.1 Subject Matter of Processing | The subject matter of Processing is the Services pursuant to the Agreement. |
1.2 Duration of Processing | The Processing will continue until the expiration or termination of the Agreement. |
1.3 Categories of Data Subjects | Includes the following:
|
1.4 Nature and Purpose of Processing | Includes the following: Nature: Processing of the data uploaded by Customer to Ironclad's contract management SaaS application. The purpose of Processing of Customer Personal Data by Ironclad is the performance of the Services pursuant to the Agreement. |
1.5 Types of Personal Information | Includes the following:
|
Clickwrap Order Form Rider
Effective March 20th 2023
DownloadTable of Contents
Clickwrap Order Form Rider
This Clickwrap Order Form Rider (“Rider”) governs your (“Customer”) use of and access to Ironclad Clickwrap products and services referenced in the attached Order Form (“Clickwrap Services”). This Rider and the attached Order Form are part of and incorporate by reference the Enterprise Services Agreement, or similar primary agreement, signed between you and Ironclad (“Agreement”). For the avoidance of doubt, this Rider supplements the Agreement and the Clickwrap Services are included in the definition of “Enterprise Services”, or similar term describing the Ironclad digital contracting platform, in the Agreement. In the event of any conflict or inconsistency between the Agreement and this Rider solely with respect to the Clickwrap Services, the terms and conditions in the Rider will prevail and be controlling.
| Third Party | Processing Activity |
|---|---|
Amazon Web Services | Cloud service provider for hosting |
MongoDB Atlas | Cloud service provider for database hosting and management |
Twilio | Inbound/outbound SMS and mobile messaging provider |
Twilio SendGrid | Outbound email service provider |
MailChimp | Outbound email service provider |
FullStory | Cloud-based customer experience and insight service provider |
Intercom | Cloud-based customer support and live chat service provider |
Planhat | Cloud-based customer success service provider |
Zapier | Cloud-based workflow automation service provider |
| Fivetran | Cloud-based ELT (extract, load, transform) service provider |
To the extent necessary to fulfill Ironclad’s contractual obligations under the Order Form and this Rider, Customer hereby authorizes Ironclad to engage these subprocessors. Any third-party processing of Customer personal data shall be consistent with Customer’s reasonable documented instructions and comply with all applicable data protection law(s).
SERVICE LEVEL AGREEMENT
Availability Per Calendar Month | Service Credit |
< 99.5% - >= 99.0% | 1% of the Annual Subscription Fee |
< 99.0% - >= 95.0% | 2% of the Annual Subscription Fee |
< 95.0% | 3% of the Annual Subscription Fee |
Effective December 29th 2022 to March 20th 2023
DownloadTable of Contents
Clickwrap Order Form Rider
This Clickwrap Order Form Rider (“Rider”) governs your (“Customer”) use of and access to Ironclad Clickwrap products and services referenced in the attached Order Form (“Clickwrap Services”). This Rider and the attached Order Form are part of and incorporate by reference the Enterprise Services Agreement, or similar primary agreement, signed between you and Ironclad (“Agreement”). For the avoidance of doubt, this Rider supplements the Agreement and the Clickwrap Services are included in the definition of “Enterprise Services”, or similar term describing the Ironclad digital contracting platform, in the Agreement. In the event of any conflict or inconsistency between the Agreement and this Rider solely with respect to the Clickwrap Services, the terms and conditions in the Rider will prevail and be controlling.
1.SERVICES
2.DATA USE AND PROCESSING
2.1 Third Parties. To the extent you have a Data Processing Addendum or similar agreement with Ironclad, you authorize Ironclad to use the following additional subprocessors to process Customer personal data through the Clickwrap Services.
Third Party | Processing Activity |
Amazon Web Services | Cloud service provider for hosting |
MongoDB Atlas | Cloud service provider for database hosting and management |
Twilio | Inbound/outbound SMS and mobile messaging provider |
Twilio SendGrid | Outbound email service provider |
MailChimp | Outbound email service provider |
FullStory | Cloud-based customer experience and insight service provider |
Intercom | Cloud-based customer support and live chat service provider |
Planhat | Cloud-based customer success service provider |
Zapier | Cloud-based workflow automation service provider |
| Fivetran | Cloud-based ELT (extract, load, transform) service provider |
To the extent necessary to fulfill Ironclad’s contractual obligations under the Order Form and this Rider, Customer hereby authorizes Ironclad to engage these subprocessors. Any third-party processing of Customer personal data shall be consistent with Customer’s reasonable documented instructions and comply with all applicable data protection law(s).
3.SERVICE LEVEL AGREEMENT
Availability Per Calendar Month | Service Credit |
< 99.5% - >= 99.0% | 1% of the Annual Subscription Fee |
< 99.0% - >= 95.0% | 2% of the Annual Subscription Fee |
< 95.0% | 3% of the Annual Subscription Fee |
Effective November 3rd 2021 to December 29th 2022
DownloadTable of Contents
Clickwrap Order Form Rider
This Clickwrap Order Form Rider (“Rider”) governs your (“Customer”) use of and access to Ironclad Clickwrap products and services referenced in the attached Order Form (“Clickwrap Services”). This Rider and the attached Order Form are part of and incorporate by reference the Enterprise Services Agreement, or similar primary agreement, signed between you and Ironclad (“Agreement”). For the avoidance of doubt, this Rider supplements the Agreement and the Clickwrap Services are included in the definition of “Enterprise Services”, or similar term describing the Ironclad digital contracting platform, in the Agreement. In the event of any conflict or inconsistency between the Agreement and this Rider solely with respect to the Clickwrap Services, the terms and conditions in the Rider will prevail and be controlling.
1.SERVICES
2.DATA USE AND PROCESSING
2.1 Third Parties. To the extent you have a Data Processing Addendum or similar agreement with Ironclad, you authorize Ironclad to use the following additional subprocessors to process Customer personal data through the Clickwrap Services.
Third Party | Processing Activity |
Amazon Web Services | Cloud service provider for hosting |
MongoDB Atlas | Cloud service provider for database hosting and management |
Twilio | Inbound/outbound SMS and mobile messaging provider |
Twilio SendGrid | Outbound email service provider |
MailChimp | Outbound email service provider |
FullStory | Cloud-based customer experience and insight service provider |
Intercom | Cloud-based customer support and live chat service provider |
Planhat | Cloud-based customer success service provider |
Zapier | Cloud-based workflow automation service provider |
| Fivetran | Cloud-based ELT (extract, load, transform) service provider |
To the extent necessary to fulfill Ironclad’s contractual obligations under the Order Form and this Rider, Customer hereby authorizes Ironclad to engage these subprocessors. Any third-party processing of Customer personal data shall be consistent with Customer’s reasonable documented instructions and comply with all applicable data protection law(s).
3.SERVICE LEVEL AGREEMENT
Availability Per Calendar Month | Service Credit |
< 99.5% - >= 99.0% | 1% of the Annual Subscription Fee |
< 99.0% - >= 95.0% | 2% of the Annual Subscription Fee |
< 95.0% | 3% of the Annual Subscription Fee |
Effective November 3rd 2021 to November 3rd 2021
DownloadTable of Contents
Clickwrap Order Form Rider
This Clickwrap Order Form Rider (“Rider”) governs your (“Customer”) use of and access to Ironclad Clickwrap products and services referenced in the attached Order Form (“Clickwrap Services”). This Rider and the attached Order Form are part of and incorporate by reference the Enterprise Services Agreement, or similar primary agreement, signed between you and Ironclad (“Agreement”). For the avoidance of doubt, this Rider supplements the Agreement and the Clickwrap Services are included in the definition of “Enterprise Services”, or similar term describing the Ironclad digital contracting platform, in the Agreement. In the event of any conflict or inconsistency between the Agreement and this Rider solely with respect to the Clickwrap Services, the terms and conditions in the Rider will prevail and be controlling.
1.SERVICES
2.DATA USE AND PROCESSING
2.1 Third Parties. To the extent you have a Data Processing Addendum or similar agreement with Ironclad, you authorize Ironclad to use the following additional subprocessors to process Customer personal data through the Clickwrap Services.
Third Party | Processing Activity |
Amazon Web Services | Cloud service provider for hosting |
MongoDB Atlas | Cloud service provider for database hosting and management |
Twilio | Inbound/outbound SMS and mobile messaging provider |
Twilio SendGrid | Outbound email service provider |
MailChimp | Outbound email service provider |
FullStory | Cloud-based customer experience and insight service provider |
Intercom | Cloud-based customer support and live chat service provider |
Planhat | Cloud-based customer success service provider |
Zapier | Cloud-based workflow automation service provider |
| Fivetran | Cloud-based ELT (extract, load transform) service provider |
To the extent necessary to fulfill Ironclad’s contractual obligations under the Order Form and this Rider, Customer hereby authorizes Ironclad to engage these subprocessors. Any third-party processing of Customer personal data shall be consistent with Customer’s reasonable documented instructions and comply with all applicable data protection law(s).
3.SERVICE LEVEL AGREEMENT
Availability Per Calendar Month | Service Credit |
< 99.5% - >= 99.0% | 1% of the Annual Subscription Fee |
< 99.0% - >= 95.0% | 2% of the Annual Subscription Fee |
< 95.0% | 3% of the Annual Subscription Fee |
Effective September 13th 2021 to November 3rd 2021
DownloadTable of Contents
Clickwrap Order Form Rider
This Clickwrap Order Form Rider (“Rider”) governs your (“Customer”) use of and access to Ironclad Clickwrap products and services referenced in the attached Order Form (“Clickwrap Services”). This Rider and the attached Order Form are part of and incorporate by reference the Enterprise Services Agreement, or similar primary agreement, signed between you and Ironclad (“Agreement”). For the avoidance of doubt, this Rider supplements the Agreement and the Clickwrap Services are included in the definition of “Enterprise Services”, or similar term describing the Ironclad digital contracting platform, in the Agreement. In the event of any conflict or inconsistency between the Agreement and this Rider solely with respect to the Clickwrap Services, the terms and conditions in the Rider will prevail and be controlling.
1.SERVICES
2.DATA USE AND PROCESSING
2.1 Third Parties. To the extent you have a Data Processing Addendum or similar agreement with Ironclad, you authorize Ironclad to use the following additional subprocessors to process Customer personal data through the Clickwrap Services.
Third Party | Processing Activity |
Amazon Web Services | Cloud service provider for hosting |
MongoDB Atlas | Cloud service provider for database hosting and management |
Twilio | Inbound/outbound SMS and mobile messaging provider |
Twilio SendGrid | Outbound email service provider |
MailChimp | Outbound email service provider |
FullStory | Cloud-based customer experience and insight service provider |
Intercom | Cloud-based customer support and live chat service provider |
Planhat | Cloud-based customer success service provider |
Zapier | Cloud-based workflow automation service provider |
To the extent necessary to fulfill Ironclad’s contractual obligations under the Order Form and this Rider, Customer hereby authorizes Ironclad to engage these subprocessors. Any third-party processing of Customer personal data shall be consistent with Customer’s reasonable documented instructions and comply with all applicable data protection law(s).
3.SERVICE LEVEL AGREEMENT
Availability Per Calendar Month | Service Credit |
< 99.5% - >= 99.0% | 1% of the Annual Subscription Fee |
< 99.0% - >= 95.0% | 2% of the Annual Subscription Fee |
< 95.0% | 3% of the Annual Subscription Fee |
Effective April 20th 2021 to September 13th 2021
DownloadTable of Contents
Clickwrap Order Form Rider
This Clickwrap Order Form Rider (“Rider”) governs your use of and access to the Services and API (as defined herein) provided by Ironclad, Inc. (“Ironclad”) in connection with the attached Order Form. The Order Form and this Rider are a part of and incorporate by reference the Agreement (as defined in the Order Form). For the avoidance of doubt, the Services are included in the definition of “Enterprise Services” in the Agreement. In the event of any conflict or inconsistency between the Agreement and this Rider solely with respect to the Services, the terms and conditions in the Rider will prevail and be controlling. This Rider is effective as of the Effective Date of the Order Form.
Ironclad may modify the terms of this Rider at any time, provided that such modification shall only be effective as of the beginning of your next renewal term unless otherwise mutually agreed upon by the parties in writing. You will have an opportunity to review and accept the modified Rider. If you fail to accept such modified Rider, Ironclad reserves the right to terminate your access and use of the Services and API upon the termination of your Subscription Term, or next renewal term, as applicable.
1.SERVICES
Your use of the Services under an Order Form may be measured based on the number of Seats described in the Order Form. Once a per-Seat service plan is established, the right of the named Authorized User to access and use the Services is not transferable; any additional or differently named Authorized Users must purchase per-Seat service plans to use the Services. If you add more Authorized Users than the number of Seats you purchased, we will add those Authorized Users to your account and impose additional charges for such additional Seats on an ongoing basis. Your use of the Services and/or API shall include only those features (and including only those Signing Methods) expressly set forth in your Order Form.
Ironclad may modify, amend, change, or deprecate all or part of the API in its sole discretion at any time (an “API Modification”). Ironclad shall use commercially reasonable efforts to provide prior notice to you of any such actions as soon as reasonably practical. You shall, within thirty (30) days from the date of first notice of any API Modification(s) (or such shorter period of time specified in the notice of the API Modification(s)) (the “Conformance Period”) comply with such modification(s) by (i) implementing and using the most current version of the API; provided that such current version is provided to you at no additional Subscription Charge (fee), (ii) making any changes to your application using the API that may be required as a result of such API Modification, (iii) using commercially reasonable efforts to stop distribution of all prior versions of your applications using the API, and (iv) using commercially reasonable efforts to upgrade all prior versions of your applications using the API then in use to the most recent version. You acknowledge that an API Modification may have a material adverse effect on your applications using the API, including but not limited to causing such applications to not to operate as designed. Ironclad shall have no liability of any kind to you or any End User with respect to such API Modifications or any adverse effects resulting from such API Modifications. Your continued access to or use of the API following the Conformance Period shall constitute binding acceptance of the API Modifications at issue.
- The Services / API facilitate the execution of contracts between multiple parties. Nothing in this Rider may be construed to make Ironclad a party to any of your Contracts processed through the Services or API, and Ironclad makes no representation or warranty regarding the transactions sought to be effected by any Contract.
- You have exclusive control over and responsibility for the content, quality, and format of any of your Contracts.
- Ironclad assumes no liability or responsibility for a party's failure or inability to electronically sign any of your Contracts within a period of time or at all.
- You are solely responsible for ensuring that your use of the Services and/or API for any transaction complies with all laws applicable to you in your use of the Services, including applicable electronic signature law and any special legal requirements relating to consumers engaging in electronic transactions.
- Ironclad is not responsible or liable to determine whether any particular Contract is subject to an exception to applicable electronic signature laws, rules or regulations, or whether it can be legally formed by electronic signatures.
- Ironclad is not responsible for determining how long any Contracts, documents, and other records are required to be retained or stored under any applicable laws, rules of regulations.
- Ironclad is not responsible for or liable to provide your Contracts to any third parties.
2.DATA USE AND PROCESSING
- Third Parties. Capitalized terms in this Section 2 not otherwise defined in this Rider are as defined in Exhibit B: Data Processing Addendum to the Agreement. In addition to the list of Third Parties that Process Customer Personal Data available at https://ironcladapp.com/subprocessors/, Ironclad may use the following Third Parties to Process Customer Personal Data through the Services.
Third Party | Processing Activity |
Amazon Web Services | Cloud service provider for hosting |
MongoDB Atlas | Cloud service provider for database hosting and management |
Twilio | Inbound/outbound SMS and mobile messaging provider |
Twilio SendGrid | Outbound email service provider |
MailChimp | Outbound email service provider |
FullStory | Cloud-based customer experience and insight service provider |
Intercom | Cloud-based customer support and live chat service provider |
Planhat | Cloud-based customer success service provider |
Zapier | Cloud-based workflow automation service provider |
To the extent necessary to fulfill Ironclad’s contractual obligations under the Order Form and this Rider, Customer hereby authorizes (i) Ironclad to engage these Third Parties and (ii) these Third Parties to engage subprocessors. Any Third Party Processing of Customer Personal Data shall be consistent with Customer’s reasonable documented instructions and comply with all Applicable Data Protection Law(s).
3.SERVICE LEVEL AGREEMENT EXCLUSION
- Service Level Agreement Exclusion. The Services (as defined in this Rider) shall not count as Enterprise Services solely for the purpose of Section A (Ironclad Service Level Agreement) of Exhibit A (Ironclad Service Level Agreement & Technical Support Schedule) to the Agreement.
4.DEFINITIONS
- “Admin Seat” means a Seat that only has “Create”, “Edit”, and “Publish” permissions within the Services.
- "Affiliate" means any entity that directly or indirectly controls, is controlled by, or is under common control with a party.
- "API" means the application programming interfaces developed and enabled by Ironclad that permits you to access certain functionality provided by the Service, and any accompanying or related documentation, source code, executable applications, and other materials made available by Ironclad.
- “Authorized User” means any of your employees or agents, identified by a unique email address and user name, who is registered under your account, provided that no two persons may register, access or use the Service as the same Authorized User.
- "Contract" means a Document that has been reviewed, accepted or otherwise interacted with by a Signer.
- "Customer Data" means all of your registration information and other information collected and stored by Ironclad in connection with providing the Services and API to you, including without limitation information, content, legal agreements, and End User data.
- "Delivery Channel" means any Signing Method, or a single Embedded Contract.
- "Document" means an agreement, contract, notice, disclosure or other document deposited into, or generated by you via, the Services.
- "Embedded Contract" means any method, other than a Signing Method, for electronically embedding a Document or Documents for review, acceptance, or other interaction via the Services.
- "End-User" means any person or entity other than you with whom you or your Affiliates interact using the Services or API, including a Signer.
- “Force Majeure Event” shall mean the occurrence of an event or circumstance beyond the reasonable control of a party, provided that the non-performing party is without fault in causing of failing to prevent such occurrence.
- "Personalized Contract" means a) a Contract formed via a Request, and/or b) a Contract formed from one or more Documents, with any such Document including fields, terms or information specific to a Signer.
- "Request" means a request delivered electronically to a Signer or Signers, requesting that such Signer or Signers review, accept or otherwise interact with one or more Documents. You may initiate the delivery of a Request or via the API only as expressly set forth in your Order Form.
- “Seat” means an active Authorized User listed in the membership of your account at any one time. No two individuals may log onto or use the Service as the same Authorized User, but you may unregister or deactivate Authorized Users and replace them with other Authorized Users without penalty, so long as the number of active Authorized Users registered at any one time is equal to or less than the number of Seats purchased.
- "Order Form" means your Order Form, including the service plan chosen by you during, or subsequent to, the registration process.
- "Services" means the electronic clickwrap contracting application provided by Ironclad and further described in your Order Form, and any accompanying or related documentation, source code, executable applications, and other materials made available by Ironclad. Any new or modified features added to the Services are also subject to this Rider (although you shall only have access to any such new or modified features if expressly set forth in your Order Form).
- "Signer" is an individual or entity tracked via the Service or API as reviewing, accepting or otherwise interacting with any Document
- "Signing Method" means the specific method (other than an Embedded Contract) via which a Signer may manifest acceptance, non-acceptance or otherwise agree, disagree or interact with a Request or Personalized Contract.
- "Standardized Contract" means a) any Contract formed via an Embedded Contract, and/or b) a Contract formed from one or more Documents, with any such Document including no fields, terms or information specific to a Signer.
- "Standardized Document" means a Document, that includes no unique fields, unique terms or unique information specific to a Signer.
- "Subscription Charges" means fees payable by you for your use of (a) the Services, as specifically set forth in your Order Form, (b) the API, or (c) any add-on features or Services requested by you from time to time.
- “Subscription Term” means the term specified in the Order Form, as terminated or renewed in accordance with the Agreement and this Rider.
- "Systems" means modems, servers, software, network and communications equipment and ancillary services and hardware that are owned, controlled or procured by you.
Effective April 12th 2021 to April 20th 2021
DownloadTable of Contents
Clickwrap Order Form Rider
This Clickwrap Order Form Rider (“Rider”) governs your use of and access to the Services and API (as defined herein) provided by Ironclad, Inc. (“Ironclad”) in connection with the attached Order Form. The Order Form and this Rider are a part of and incorporate by reference the Agreement (as defined in the Order Form). For the avoidance of doubt, the Services are included in the definition of “Enterprise Services” in the Agreement. In the event of any conflict or inconsistency between the Agreement and this Rider solely with respect to the Services, the terms and conditions in the Rider will prevail and be controlling. This Rider is effective as of the Effective Date of the Order Form.
Ironclad may modify the terms of this Rider at any time, provided that such modification shall only be effective as of the beginning of your next renewal term unless otherwise mutually agreed upon by the parties in writing. You will have an opportunity to review and accept the modified Rider. If you fail to accept such modified Rider, Ironclad reserves the right to terminate your access and use of the Services and API upon the termination of your Subscription Term, or next renewal term, as applicable.
1.SERVICES
Your use of the Services under an Order Form may be measured based on the number of Seats described in the Order Form. Once a per-Seat service plan is established, the right of the named Authorized User to access and use the Services is not transferable; any additional or differently named Authorized Users must purchase per-Seat service plans to use the Services. If you add more Authorized Users than the number of Seats you purchased, we will add those Authorized Users to your account and impose additional charges for such additional Seats on an ongoing basis. Your use of the Services and/or API shall include only those features (and including only those Signing Methods) expressly set forth in your Order Form.
Ironclad may modify, amend, change, or deprecate all or part of the API in its sole discretion at any time (an “API Modification”). Ironclad shall use commercially reasonable efforts to provide prior notice to you of any such actions as soon as reasonably practical. You shall, within thirty (30) days from the date of first notice of any API Modification(s) (or such shorter period of time specified in the notice of the API Modification(s)) (the “Conformance Period”) comply with such modification(s) by (i) implementing and using the most current version of the API; provided that such current version is provided to you at no additional Subscription Charge (fee), (ii) making any changes to your application using the API that may be required as a result of such API Modification, (iii) using commercially reasonable efforts to stop distribution of all prior versions of your applications using the API, and (iv) using commercially reasonable efforts to upgrade all prior versions of your applications using the API then in use to the most recent version. You acknowledge that an API Modification may have a material adverse effect on your applications using the API, including but not limited to causing such applications to not to operate as designed. Ironclad shall have no liability of any kind to you or any End User with respect to such API Modifications or any adverse effects resulting from such API Modifications. Your continued access to or use of the API following the Conformance Period shall constitute binding acceptance of the API Modifications at issue.
- The Services / API facilitate the execution of contracts between multiple parties. Nothing in this Rider may be construed to make Ironclad a party to any of your Contracts processed through the Services or API, and Ironclad makes no representation or warranty regarding the transactions sought to be effected by any Contract.
- You have exclusive control over and responsibility for the content, quality, and format of any of your Contracts.
- Ironclad assumes no liability or responsibility for a party's failure or inability to electronically sign any of your Contracts within a period of time or at all.
- You are solely responsible for ensuring that your use of the Services and/or API for any transaction complies with all laws applicable to you in your use of the Services, including applicable electronic signature law and any special legal requirements relating to consumers engaging in electronic transactions.
- Ironclad is not responsible or liable to determine whether any particular Contract is subject to an exception to applicable electronic signature laws, rules or regulations, or whether it can be legally formed by electronic signatures.
- Ironclad is not responsible for determining how long any Contracts, documents, and other records are required to be retained or stored under any applicable laws, rules of regulations.
- Ironclad is not responsible for or liable to provide your Contracts to any third parties.
2.DATA USE AND PROCESSING
- Third Parties. Capitalized terms in this Section 2 not otherwise defined in this Rider are as defined in Exhibit B: Data Processing Addendum to the Agreement. In addition to the list of Third Parties that Process Customer Personal Data available at https://ironcladapp.com/subprocessors/, Ironclad may use the following Third Parties to Process Customer Personal Data through the Services.
Third Party | Processing Activity |
Amazon Web Services | Cloud service provider for hosting |
MongoDB Atlas | Cloud service provider for database hosting and management |
Twilio | Inbound/outbound SMS and mobile messaging provider |
Twilio SendGrid | Outbound email service provider |
MailChimp | Outbound email service provider |
FullStory | Cloud-based customer experience and insight service provider |
Intercom | Cloud-based customer support and live chat service provider |
Planhat | Cloud-based customer success service provider |
Zapier | Cloud-based workflow automation service provider |
To the extent necessary to fulfill Ironclad’s contractual obligations under the Order Form and this Rider, Customer hereby authorizes (i) Ironclad to engage these Third Parties and (ii) these Third Parties to engage subprocessors. Any Third Party Processing of Customer Personal Data shall be consistent with Customer’s reasonable documented instructions and comply with all Applicable Data Protection Law(s).
3.SERVICE LEVEL AGREEMENT EXCLUSION
- Service Level Agreement Exclusion. The Services (as defined in this Rider) shall not count as Enterprise Services solely for the purpose of Section A (Ironclad Service Level Agreement) of Exhibit A (Ironclad Service Level Agreement & Technical Support Schedule) to the Agreement.
4.DEFINITIONS
- “Admin Seat” means a Seat that only has “Create”, “Edit”, and “Publish” permissions within the Services.
- "Affiliate" means any entity that directly or indirectly controls, is controlled by, or is under common control with a party.
- "API" means the application programming interfaces developed and enabled by Ironclad that permits you to access certain functionality provided by the Service, and any accompanying or related documentation, source code, executable applications, and other materials made available by Ironclad.
- “Authorized User” means any of your employees or agents, identified by a unique email address and user name, who is registered under your account, provided that no two persons may register, access or use the Service as the same Authorized User.
- "Contract" means a Document that has been reviewed, accepted or otherwise interacted with by a Signer.
- "Customer Data" means all of your registration information and other information collected and stored by Ironclad in connection with providing the Services and API to you, including without limitation information, content, legal agreements, and End User data.
- "Delivery Channel" means any Signing Method, or a single Embedded Contract.
- "Document" means an agreement, contract, notice, disclosure or other document deposited into, or generated by you via, the Services.
- "Embedded Contract" means any method, other than a Signing Method, for electronically embedding a Document or Documents for review, acceptance, or other interaction via the Services.
- "End-User" means any person or entity other than you with whom you or your Affiliates interact using the Services or API, including a Signer.
- “Force Majeure Event” shall mean the occurrence of an event or circumstance beyond the reasonable control of a party, provided that the non-performing party is without fault in causing of failing to prevent such occurrence.
- "Personalized Contract" means a) a Contract formed via a Request, and/or b) a Contract formed from one or more Documents, with any such Document including fields, terms or information specific to a Signer.
- "Request" means a request delivered electronically to a Signer or Signers, requesting that such Signer or Signers review, accept or otherwise interact with one or more Documents. You may initiate the delivery of a Request or via the API only as expressly set forth in your Order Form.
- “Seat” means an active Authorized User listed in the membership of your account at any one time. No two individuals may log onto or use the Service as the same Authorized User, but you may unregister or deactivate Authorized Users and replace them with other Authorized Users without penalty, so long as the number of active Authorized Users registered at any one time is equal to or less than the number of Seats purchased.
- "Order Form" means your Order Form, including the service plan chosen by you during, or subsequent to, the registration process.
- "Services" means the electronic clickwrap contracting application provided by Ironclad and further described in your Order Form, and any accompanying or related documentation, source code, executable applications, and other materials made available by Ironclad. Any new or modified features added to the Services are also subject to this Rider (although you shall only have access to any such new or modified features if expressly set forth in your Order Form).
- "Signer" is an individual or entity tracked via the Service or API as reviewing, accepting or otherwise interacting with any Document
- "Signing Method" means the specific method (other than an Embedded Contract) via which a Signer may manifest acceptance, non-acceptance or otherwise agree, disagree or interact with a Request or Personalized Contract.
- "Standardized Contract" means a) any Contract formed via an Embedded Contract, and/or b) a Contract formed from one or more Documents, with any such Document including no fields, terms or information specific to a Signer.
- "Standardized Document" means a Document, that includes no unique fields, unique terms or unique information specific to a Signer.
- "Subscription Charges" means fees payable by you for your use of (a) the Services, as specifically set forth in your Order Form, (b) the API, or (c) any add-on features or Services requested by you from time to time.
- “Subscription Term” means the term specified in the Order Form, as terminated or renewed in accordance with the Agreement and this Rider.
- "Systems" means modems, servers, software, network and communications equipment and ancillary services and hardware that are owned, controlled or procured by you.
Free Trial License Agreement
Effective March 20th 2023
DownloadTable of Contents
- Affiliate means a legal entity that controls, is controlled by, or is under common control with a party, where “control” is defined as owning more than 50% of the voting shares of such entity.
- Authorized User means an employee or contractor of User or its Affiliates that User has registered to access and use the Free Trial.
- Confidential Information means any business or technical information disclosed by one party to the other party, including User Data, provided that it is identified as confidential at the time of disclosure or that under the circumstances, a person exercising reasonable business judgment would understand it to be confidential or proprietary.
- User Data means the data and information input or uploaded into the Free Trial by User or Authorized Users.
- Access to the Free Trial. Subject to the terms of this Agreement, Ironclad grants to User a non-exclusive, non-sublicensable, non-transferable license to access and use Ironclad’s digital contracting platform (the ”Free Trial”) while this Agreement is in effect, solely for User’s evaluation and testing for the purpose of purchasing Ironclad products and services (“Evaluation Period”). Ironclad may provide assistance, support, maintenance, or other services relating to the Free Trial during the Evaluation Period in its sole discretion. Ironclad may not backup User data or other information entered into the Free Trial, and such User data or information may not be available for retrieval or otherwise compatible or usable with the Ironclad services. Ironclad may modify or discontinue the Free Trial at any time. Use of the Ironclad platform after the Evaluation Period is subject to the parties entering into Ironclad’s Enterprise Services Agreement or similar definitive agreement. Direct competitors of Ironclad may not access or use the Free Trial.
- Fees. There will be no fee for use of the Free Trial.
- Use of the Free Trial. User may access and use the Free Trial only pursuant to any instructions provided by Ironclad to User. User will not, and will not encourage any third party to: (a) reverse-engineer, decompile, disassemble, or attempt to derive the source code for the Free Trial, in whole or in part, except to the extent that such activities are permitted under applicable law; (b) copy, frame, mimic, replicate, or mirror any part of Ironclad or the Free Trial, or distribute, license, sublicense, lease, rent, loan, or otherwise transfer access rights to the FreeFree Trial to any third party; (c) use the Free Trial for the purpose of creating a product or service competitive with Ironclad, the Free Trial, or a derivative work of the Free Trial; (d) disclose the results of any benchmark tests on the Free Trial without Ironclad’s prior written consent; (e) remove, delete, alter, or obscure any trademarks, specifications, documentation, end user license agreement, Privacy Policy, warranties or disclaimers, or any intellectual property or proprietary rights notices regarding the Free Trial; (f) remove, circumvent, disable, damage, or otherwise interfere with security-related features of the Free Trial or features that enforce limitations on use of the Free Trial; (g) upload any sensitive, personal, or other information to the Free Trial that would subject Ironclad to any data privacy or data protection laws; or (h) use the Free Trial other than as described in the documentation provided or in violation of applicable law or any party’s rights.
- Restrictions. User will not allow anyone other than their own Authorized Users to access or use the Free Trial from User’s accounts. User will not and will ensure that its Authorized Users do not: (i) attempt to interfere with or disrupt the Free Trial (or any related systems or networks) or use the Free Trial other than directly for User’s benefit; (ii) copy, modify or distribute any portion of the Free Trial; (iii) rent, lease, or resell the Free Trial; (iv) transfer any of its rights hereunder; or (v) reverse-engineer or access the Free Trial in order to build a competitive product or service.
- Term. This Agreement shall commence on the Effective Date and shall continue until thirty (30) days after the Effective Date, unless otherwise agreed by both parties in writing, or upon either party’s written notice to the other of termination of this Agreement.
- Termination. Either party may terminate this Agreement upon written notice at any time and for any reason.
- Rights and Obligations Upon Expiration or Termination. Upon expiration or termination of this Agreement, User’s right to access and use the Free Trial shall immediately terminate, and User shall immediately cease all use of the Free Trial.
- Data Deletion. Within ninety (90) calendar days of the Agreement’s expiration or termination, Ironclad will securely destroy all copies of User Data (including automatically created archival copies).
- User owns and retains: (i) the User Data; (ii) User’s name, logo and other trademarks; and (iii) all Intellectual Property Rights in and to any of the foregoing.
- Ironclad owns and retains: (i) the Ironclad platform, and all improvements, enhancements or modifications made by any party; (ii) any software, applications, inventions or other technology developed by Ironclad in connection with providing the Free Trial; (iii) Ironclad’s name, logo, and other trademarks; and (iv) all Intellectual Property Rights in and to any of the foregoing.
- Use and Nondisclosure. A receiving party will not use the disclosing party’s Confidential Information except as necessary under this Agreement and will not disclose Confidential Information to any third party except: (a) to those of its employees and contractors who have a business need to know such Confidential Information; provided that each such employee and contractor is bound to confidentiality restrictions at least as restrictive as the terms set forth in this Agreement. Each receiving party will protect the disclosing party’s Confidential Information from unauthorized use and disclosure using efforts equivalent to the efforts that the receiving party uses with respect to its own Confidential Information and in no event less than a reasonable standard of care. The provisions of this Section will remain in effect during the Term and for a period of five (5) years after the expiration or termination thereof, except with regard to trade secrets of the disclosing party, which will be held in confidence for as long as such information remains a trade secret.
- Exclusions. The obligations and restrictions set forth in this Section will not apply to any information that: (i) is or becomes generally known to the public through no fault of or breach of this Agreement by the receiving party; (ii) is rightfully known by the receiving party at the time of disclosure; (iii) is independently developed by the receiving party without access to the disclosing party’s Confidential Information; or (iv) the receiving party rightfully obtains from a third party who has the right to disclose such information without breach of any confidentiality obligation to the disclosing party.
- Permitted Disclosures. The provisions of this Section will not restrict either party from disclosing the other party’s Confidential Information: (i) pursuant to the order or requirement of a court, administrative agency, or other governmental body; provided that to the extent legally permitted, the party required to make such a disclosure gives reasonable notice to the other party to enable it to contest such order or requirement or limit the scope of such request; (ii) on a confidential basis to its legal or professional financial advisors; or (iii) as required under applicable securities regulations.
- Injunctive Relief. The receiving party acknowledges that disclosure of Confidential Information could cause substantial harm for which damages alone may not be a sufficient remedy, and therefore that upon any such disclosure by the receiving party, the disclosing party will be entitled to seek appropriate equitable relief in addition to whatever other remedies it might have at law.
- Amendment. Ironclad may modify the terms of this Agreement from time to time in its sole discretion by posting a revised version at https://legal.ironcladapp.com/#trial-license-agreement. Ironclad will provide you with notice of any major changes by requiring you to accept the updated Agreement before accessing the Free Trial. Continued use of the Free Trial after changes have been posted constitutes acceptance of the revised Agreement.
- Relationship Between the Parties. Nothing in this Agreement shall be construed as to create a partnership, joint venture, or agency relationship between the parties. Any such relationship can only be formed through separate agreement.
- Entire Agreement. This Agreement constitutes the complete and exclusive agreement between the parties concerning its subject matter and supersedes all prior or contemporaneous agreements or understandings, written or oral, concerning the subject matter of this Agreement.
- Governing Law. This Agreement will be governed by the laws of the State of California without reference to conflict of law principles. Each party agrees to submit to the exclusive jurisdiction of the courts located within the county of San Francisco, California to resolve any legal matter arising from this Agreement.
- Assignment. Neither party may assign any of its rights or obligations under this Agreement, whether by operation of law or otherwise, without the prior written consent of the other party (not to be unreasonably withheld).
Effective January 27th 2023 to March 20th 2023
DownloadTable of Contents
- Access to the Trial. Subject to the terms of this Agreement, Ironclad grants to Customer a non-exclusive, non-sublicensable, non-transferable license to access and use a sandbox, test version of Ironclad’s digital contracting platform (the ”Trial”) while this Agreement is in effect, solely for Customer’s evaluation and testing for the purpose of purchasing Ironclad products and services (“Evaluation Period”). Ironclad may provide assistance, support, maintenance, or other services relating to the Trial during the Evaluation Period in its sole discretion. Ironclad may not backup Customer data or other information entered into the Trial, and such Customer data or information may not be available for retrieval or otherwise compatible or usable with the Ironclad services. Ironclad may modify or discontinue the Trial at any time. Use of the Ironclad platform after the Evaluation Period is subject to the parties entering into Ironclad’s Enterprise Services Agreement or similar definitive agreement. Direct competitors of Ironclad may not access or use the Trial.
- Fees. There will be no fee for use of the Trial.
- Use of the Trial. Customer may access and use the Trial only pursuant to any instructions provided by Ironclad to Customer. Customer will not, and will not encourage any third party to: (a) reverse-engineer, decompile, disassemble, or attempt to derive the source code for the Trial, in whole or in part, except to the extent that such activities are permitted under applicable law; (b) copy, frame or mirror any part of the Trial, or distribute, license, sublicense, lease, rent, loan, or otherwise transfer access rights to the Trial to any third party; (c) use the Trial for the purpose of creating a product or service competitive with the Trial or a derivative work of the Trial; (d) disclose the results of any benchmark tests on the Trial without Ironclad’s prior written consent; (e) remove, delete, alter or obscure any trademarks, specifications, Documentation, end user license agreement, Privacy Policy, warranties or disclaimers, or any intellectual property or proprietary rights notices regarding the Trial; (f) remove, circumvent, disable, damage or otherwise interfere with security-related features of the Trial or features that enforce limitations on use of the Trial; (g) upload any sensitive, personal, or other information to the Trial that would subject Ironclad to any data privacy or data protection laws, or (h) use the Trial other than as described in the documentation provided or in violation of applicable law or any party’s rights.
- Term. This Agreement shall commence on the Effective Date and shall continue until the earliest to occur of (1) 14 days after the Effective Date or (2) either party’s notice to the other of termination of this Agreement.
- Termination. Either party may terminate this Agreement upon written notice at any time and for any reason.
- Rights and Obligations Upon Expiration or Termination. Upon expiration or termination of this Agreement, Customer’s right to access and use the Trial shall immediately terminate, Customer shall immediately cease all use of the Trial. By continuing to use the Trial after termination, Customer agrees to the terms of this Agreement.
- Amendment. Ironclad may modify the terms of this Agreement from time to time in its sole discretion by posting a revised version at https://legal.ironcladapp.com/#trial-license-agreement. Ironclad will provide you with notice of any major changes by requiring you to accept the updated Agreement before accessing the Trial. Continued use of the Trial after changes have been posted constitutes acceptance of the revised Agreement.
- Relationship Between the Parties. Nothing in this Agreement shall be construed as to create a partnership, joint venture or agency relationship between the parties.
- Entire Agreement. This Agreement constitutes the complete and exclusive agreement between the parties concerning its subject matter and supersedes all prior or contemporaneous agreements or understandings, written or oral, concerning the subject matter of this Agreement.
- Governing Law. This Agreement will be governed by the laws of the State of California without reference to conflict of law principles. Each party agrees to submit to the exclusive jurisdiction of the courts located within the county of San Francisco, California to resolve any legal matter arising from this Agreement.
- Assignment. Neither party may assign any of its rights or obligations under this Agreement, whether by operation of law or otherwise, without the prior written consent of the other party (not to be unreasonably withheld).
Effective February 23rd 2022 to January 27th 2023
DownloadTable of Contents
- IRONCLAD TRIAL
- Access to the Trial. Subject to the terms of this Agreement, Ironclad grants to Customer a non-exclusive, non-sublicensable, non-transferable license to access and use a sandbox, test version of Ironclad’s digital contracting platform (the ”Trial”) while this Agreement is in effect, solely for Customer’s evaluation and testing for the purpose of purchasing Ironclad products and services (“Evaluation Period”). Ironclad may provide assistance, support, maintenance, or other services relating to the Trial during the Evaluation Period in its sole discretion. Ironclad may not backup Customer data or other information entered into the Trial, and such Customer data or information may not be available for retrieval or otherwise compatible or usable with the Ironclad services. Ironclad may modify or discontinue the Trial at any time. Use of the Ironclad platform after the Evaluation Period is subject to the parties entering into Ironclad’s Enterprise Services Agreement or similar definitive agreement. Direct competitors of Ironclad may not access or use the Trial.
- Fees. There will be no fee for use of the Trial.
- Use of the Trial. Customer may access and use the Trial only pursuant to any instructions provided by Ironclad to Customer. Customer will not, and will not encourage any third party to: (a) reverse-engineer, decompile, disassemble, or attempt to derive the source code for the Trial, in whole or in part, except to the extent that such activities are permitted under applicable law; (b) copy, frame or mirror any part of the Trial, or distribute, license, sublicense, lease, rent, loan, or otherwise transfer access rights to the Trial to any third party; (c) use the Trial for the purpose of creating a product or service competitive with the Trial or a derivative work of the Trial; (d) disclose the results of any benchmark tests on the Trial without Ironclad’s prior written consent; (e) remove, delete, alter or obscure any trademarks, specifications, Documentation, end user license agreement, Privacy Policy, warranties or disclaimers, or any intellectual property or proprietary rights notices regarding the Trial; (f) remove, circumvent, disable, damage or otherwise interfere with security-related features of the Trial or features that enforce limitations on use of the Trial; (g) upload any sensitive, personal, or other information to the Trial that would subject Ironclad to any data privacy or data protection laws, or (h) use the Trial other than as described in the documentation provided or in violation of applicable law or any party’s rights.
- TERM AND TERMINATION
- Term. This Agreement shall commence on the Effective Date and shall continue until the earliest to occur of (1) 14 days after the Effective Date or (2) either party’s notice to the other of termination of this Agreement.
- Termination. Either party may terminate this Agreement upon written notice at any time and for any reason.
- Rights and Obligations Upon Expiration or Termination. Upon expiration or termination of this Agreement, Customer’s right to access and use the Trial shall immediately terminate, Customer shall immediately cease all use of the Trial. By continuing to use the Trial after termination, Customer agrees to the terms of this Agreement.
- NO WARRANTIES
- LIMITATION OF LIABILITY
- GENERAL
- Amendment. Ironclad may modify the terms of this Agreement from time to time in its sole discretion by posting a revised version at https://legal.ironcladapp.com/#trial-license-agreement. Ironclad will provide you with notice of any major changes by requiring you to accept the updated Agreement before accessing the Trial. Continued use of the Trial after changes have been posted constitutes acceptance of the revised Agreement.
- Relationship Between the Parties. Nothing in this Agreement shall be construed as to create a partnership, joint venture or agency relationship between the parties.
- Entire Agreement. This Agreement constitutes the complete and exclusive agreement between the parties concerning its subject matter and supersedes all prior or contemporaneous agreements or understandings, written or oral, concerning the subject matter of this Agreement.
- Governing Law. This Agreement will be governed by the laws of the State of California without reference to conflict of law principles. Each party agrees to submit to the exclusive jurisdiction of the courts located within the county of San Francisco, California to resolve any legal matter arising from this Agreement.
- Assignment. Neither party may assign any of its rights or obligations under this Agreement, whether by operation of law or otherwise, without the prior written consent of the other party (not to be unreasonably withheld).
Effective February 23rd 2022 to February 23rd 2022
DownloadTable of Contents
- IRONCLAD TRIAL
- Access to the Trial. Subject to the terms of this Agreement, Ironclad grants to Customer a non-exclusive, non-sublicensable, non-transferable license to access and use a sandbox, test version of Ironclad’s digital contracting platform (the ”Trial”) while this Agreement is in effect, solely for Customer’s evaluation and testing for the purpose of purchasing Ironclad products and services (“Evaluation Period”). Ironclad may provide assistance, support, maintenance, or other services relating to the Trial during the Evaluation Period in its sole discretion. Ironclad may not backup Customer data or other information entered into the Trial, and such Customer data or information may not be available for retrieval or otherwise compatible or usable with the Ironclad services. Ironclad may modify or discontinue the Trial at any time. Use of the Ironclad platform after the Evaluation Period is subject to the parties entering into Ironclad’s Enterprise Services Agreement or similar definitive agreement. Direct competitors of Ironclad may not access or use the Trial.
- Fees. There will be no fee for use of the Trial.
- Use of the Trial. Customer may access and use the Trial only pursuant to any instructions provided by Ironclad to Customer. Customer will not, and will not encourage any third party to: (a) reverse-engineer, decompile, disassemble, or attempt to derive the source code for the Trial, in whole or in part, except to the extent that such activities are permitted under applicable law; (b) copy, frame or mirror any part of the Trial, or distribute, license, sublicense, lease, rent, loan, or otherwise transfer access rights to the Trial to any third party; (c) use the Trial for the purpose of creating a product or service competitive with the Trial or a derivative work of the Trial; (d) disclose the results of any benchmark tests on the Trial without Ironclad’s prior written consent; (e) remove, delete, alter or obscure any trademarks, specifications, Documentation, end user license agreement, Privacy Policy, warranties or disclaimers, or any intellectual property or proprietary rights notices regarding the Trial; (f) remove, circumvent, disable, damage or otherwise interfere with security-related features of the Trial or features that enforce limitations on use of the Trial; (g) upload any sensitive, personal, or other information to the Trial that would subject Ironclad to any data privacy or data protection laws, or (h) use the Trial other than as described in the documentation provided or in violation of applicable law or any party’s rights.
- TERM AND TERMINATION
- Term. This Agreement shall commence on the Effective Date and shall continue until the earliest to occur of (1) 14 days after the Effective Date or (2) either party’s notice to the other of termination of this Agreement.
- Termination. Either party may terminate this Agreement upon written notice at any time and for any reason.
- Rights and Obligations Upon Expiration or Termination. Upon expiration or termination of this Agreement, Customer’s right to access and use the Trial shall immediately terminate, Customer shall immediately cease all use of the Trial. By continuing to use the Trial after termination, Customer agrees to the terms of this Agreement.
- NO WARRANTIES
- LIMITATION OF LIABILITY
- GENERAL
- Amendment. Ironclad may modify the terms of this Agreement from time to time in its sole discretion by posting a revised version at [URL]. Ironclad will provide you with notice of any major changes by requiring you to accept the updated Agreement before accessing the Trial. Continued use of the Trial after changes have been posted constitutes acceptance of the revised Agreement.
- Relationship Between the Parties. Nothing in this Agreement shall be construed as to create a partnership, joint venture or agency relationship between the parties.
- Entire Agreement. This Agreement constitutes the complete and exclusive agreement between the parties concerning its subject matter and supersedes all prior or contemporaneous agreements or understandings, written or oral, concerning the subject matter of this Agreement.
- Governing Law. This Agreement will be governed by the laws of the State of California without reference to conflict of law principles. Each party agrees to submit to the exclusive jurisdiction of the courts located within the county of San Francisco, California to resolve any legal matter arising from this Agreement.
- Assignment. Neither party may assign any of its rights or obligations under this Agreement, whether by operation of law or otherwise, without the prior written consent of the other party (not to be unreasonably withheld).
Terms of Service
Effective March 20th 2023
DownloadTable of Contents
These Ironclad Terms of Service (the “Terms of Service” or “Terms”) govern access to and use of the Ironclad, Inc. (“Ironclad,” “we,” or “us”) website, applications, application plug-ins, and other services provided by us (collectively, the “Service”). Website visitors are referred to in these terms as “Site Visitors” and individuals or entities who use the Service or create an account (“Account”) and their Authorized Users are collectively referred to as “Customers”. Customers and Site Visitors may be referred to in these Terms as “you” and “your” as applicable.
These Terms are in addition to, and do not nullify, any other agreement between you and us or any other applicable terms and conditions found on the Service. If you are a paid Customer (“Paid Customer”) and you or your organization are bound by an Enterprise Services Agreement with Ironclad (“Enterprise Terms”), then these Terms will apply, if at all, only to use of the Service to the extent such use is not already governed by those Enterprise Terms.
- Acceptance of Terms
By using the Service, you as a Site Visitor or Customer accept and agree to follow and be bound by these Terms (whether on behalf of yourself or a legal entity you represent). You also agree to comply with all applicable laws and regulations, as well as all rules or restrictions that are posted on the Service. If you do not agree to these Terms, you are not authorized and must cease using the service immediately.
- About Ironclad
Ironclad provides a digital contracting platform that allow its customers to create, collaborate on, negotiate, and execute contracts, and turn agreements into operational business intelligence.
You understand and agree that Ironclad is not a law firm or an attorney, may not perform services performed by an attorney, and is not the substitute for the advice or services of an attorney. Any information contained on the Service is not legal advice and is not guaranteed to be correct, complete or up-to-date. No attorney-client relationship or privilege is created with Ironclad. If, prior to using the Service, you believe that Ironclad gave you any legal advice, opinion or recommendation about your legal rights, remedies, defenses, options, selection of forms or strategies, you will not proceed with the use of the Service. If you need legal advice for your specific problem, you should consult a licensed attorney in your area.
- Eligibility
You agree that by using the Service you are at least 18 years of age and you are legally able to enter into a contract.
If you are agreeing to these Terms on behalf of an organization or entity, you represent and warrant that you are authorized to agree to these Terms on that organization or entity’s behalf and bind them to these Terms (in which case, the references to "you" and "your" in these Terms, except for in this sentence, refer to that organization or entity).
If Ironclad has previously prohibited you from accessing the Service, you are not permitted to access or use the Service.
- Ironclad Account
When you create an Account to use or access certain portions of the Service, you must provide complete and accurate information as requested on the registration form, and you must maintain and update such information to keep it complete and accurate. You will also be asked to provide a user name and password. You are entirely responsible for maintaining the confidentiality of your password, and are responsible for all activities (whether by you or by others) that occur under your password or Account. You may not use a third party’s Account, user name or password at any time, and you will not allow anyone other than Authorized Users to access or use the Service from your Account. You agree to notify Ironclad immediately of any unauthorized use of your account, user name or password. Ironclad shall not be liable for any losses you incur as a result of someone else’s use of your account or password, either with or without your knowledge. You may be held liable for any losses incurred by Ironclad, our affiliates, officers, directors, employees, consultants, agents and representatives due to someone else’s use of your account or password.
You will promptly notify Ironclad of any suspected violation of these Terms by an Authorized User and will cooperate with Ironclad to address the suspected violation. Ironclad may suspend or terminate any Authorized User’s access to the Service upon notice to you in the event that Ironclad reasonably determines that such Authorized User violated these Terms.
- Intellectual Property Rights
The Service is owned and operated by Ironclad, Inc., and contains materials that are proprietary and are protected by copyright laws, international treaty provisions, trademarks, service marks, and other intellectual property laws and treaties. Except as otherwise expressly provided by Ironclad, none of the Service may be copied, reproduced, republished, downloaded, uploaded, posted, displayed, transmitted or distributed in any way and nothing on the Service shall be construed to confer any license under any of Ironclad’s intellectual property rights, whether by estoppel, implication or otherwise. Any rights not expressly granted in these Terms are reserved by Ironclad.
The Service is also protected as a collective work or compilation under copyright and other laws and treaties. You agree to abide by all applicable copyright and other laws, as well as any additional copyright notices or restrictions contained on the Service. You acknowledge that the Service contains original works that have been developed, compiled, prepared, revised, selected, and arranged by Ironclad and others through the application of methods and standards of judgment developed and applied through the expenditure of substantial time, effort, and money and which constitute valuable intellectual property of Ironclad and such others. All present and future rights in and to trade secrets, patents, designs, copyrights, trademarks, database rights, service marks, know-how, and other intellectual property or other proprietary rights of any type, documentation, any improvements, design contributions, or derivative works thereto, and any knowledge or process related thereto, including rights in and to all applications and registrations relating to the Service, shall, as between you and Ironclad, at all times be and remain the sole and exclusive property of Ironclad.
The trademarks, logos, taglines, and service marks displayed on the Service (collectively, the “Trademarks”) are registered and unregistered Trademarks of Ironclad and others. The Trademarks may not be used without Ironclad’s prior express written permission. Ironclad acknowledges the Trademarks of other organizations for their respective products or services mentioned on the Service. Other than as provided in these Terms, your use of the Trademarks, or any other Ironclad content, is strictly prohibited.
Any software available for downloading through the Service or third-party websites or applications (the “Software”) is the copyrighted work of Ironclad and third-party providers. Use of the Software is governed by these Terms. Unauthorized reproduction or distribution of the Software is expressly prohibited by law, and may result in civil and criminal penalties. Violators may be prosecuted.
Upon your acceptance of these Terms, we grant you a limited, non-exclusive non-sublicensable, and non-assignable license to access and use the Service for your internal purposes and only as expressly permitted in these Terms. You shall not use or permit use of the Service for any illegal purpose or in any manner inconsistent with the provisions of these Terms. If you are or become a direct competitor of Ironclad, you may not access or use the Service without Ironclad’s explicit, advance, written consent, and then only for the purposes authorized in writing. Except as otherwise restricted by these Terms, Ironclad grants you permission on a non-exclusive, non-transferable, limited basis to display, copy, and download content and materials on the Service provided that you: (a) retain all copyright and other proprietary notices on the content and materials; (b) use them solely for internal use or in accordance with any applicable Ironclad Terms; and (c) do not modify them in any way. Any violation by you of the license provisions contained in this Section 7 may result in the immediate termination of your right to use the Service, as well as potential liability for copyright infringement or other claims depending on the circumstances.
- Copyright
Ironclad respects copyright law and expects its Site Visitors and Customers to do the same. If you believe that any content or material on the Service infringes copyrights you own, please notify us by contacting legal@ironcladhq.com.
- User Comments, Feedback and Other Submissions
If, at our request, you send certain specific submissions or without a request from us you send creative ideas, suggestions, proposals, plans, or other materials, whether online, by email, by postal mail, or otherwise (collectively, “Comments”), you agree that we may, at any time, without restriction, edit, copy, publish, distribute, translate, and otherwise use in any medium any Comments that you forward to us. We are and shall be under no obligation (1) to maintain any Comments in confidence; (2) to pay compensation for any Comments; or (3) to respond to any Comments.
We may, but have no obligation to, monitor, edit or remove content that we determine in our sole discretion are unlawful, offensive, threatening, libelous, defamatory, pornographic, obscene or otherwise objectionable or violates any party’s intellectual property or these Terms.
You agree that your Comments will not violate any right of any third party, including copyright, trademark, privacy, personality or other personal or proprietary right. You further agree that your Comments will not contain libelous or otherwise unlawful, abusive or obscene material, or contain any computer virus or other malware that could in any way affect the operation of the Service or any related website. You may not use a false e-mail address, pretend to be someone other than yourself, or otherwise mislead us or third parties as to the origin of any Comments. You are solely responsible for any Comments you make and their accuracy. We take no responsibility and assume no liability for any Comments posted by you or any third party.
- Use Restrictions
By using the Service, you specifically agree not to engage in any activity or transmit any information that, in our sole discretion:- Is illegal, or violates any federal, state, or local law or regulation;
- Advocates illegal activity or discusses illegal activities with the intent to commit them;
- Violates any third-party right, including, but not limited to, right of privacy, right of publicity, copyright, trademark, patent, trade secret, or any other intellectual property or proprietary rights;
- Is harmful, threatening, abusive, harassing, tortious, indecent, defamatory, sexually explicit or pornographic, discriminatory, vulgar, profane, obscene, libelous, hate speech, violent or inciting violence, inflammatory, or otherwise objectionable;
- Interferes with any other party’s use and enjoyment of the Service;
- Attempts to impersonate another person or entity;
- Is commercial in a way that violates these Terms, including but not limited to, using the Service for spam, surveys, contests, pyramid schemes, or other advertising materials;
- Falsely states, misrepresents, or conceals your affiliation with another person or entity;
- Accesses or uses the Account of another Customer or Paid Customer without permission;
- Distributes computer viruses or other code, files, or programs that interrupt, destroy, or limit the functionality of any computer software or hardware or electronic communications equipment;
- Interferes with, disrupts, disables, overburdens, or destroys the functionality or use of any features of the Service, or the servers or networks connected to the Service, or any of the Service;
- “Hacks” or accesses without permission our proprietary or confidential records, those of another Customer, Paid Customer, or Site Visitor, or those of anyone else;
- Improperly solicits personal or sensitive information from other Customers, Paid Customers or Site Visitors including without limitation address, credit card or financial account information, or passwords;
- Decompiles, reverse engineers, disassembles, or otherwise attempts to derive source code from the Service, except as expressly permitted in these Terms or by law, unless and then only to the extent permitted by applicable law without consent;
- Removes, circumvents, disables, damages, or otherwise interferes with security-related features, or features that enforce limitations on use of the Service;
- Uses automated or manual means to violate the restrictions in any robot exclusion headers on the Service, if any, or bypasses or circumvents other measures employed to prevent or limit access, for example by engaging in practices such as “screen scraping,” “database scraping,” or any other activity with the purpose of obtaining lists of users or other information;
- Modifies, copies, scrapes or crawls, displays, distributes, publishes, licenses, sells, rents, leases, lends, transfers, or otherwise commercializes any materials or content on the Service;
- Uses the Service for benchmarking, or to compile information for a product or service;
- Downloads (other than through page caching necessary for personal use, or as otherwise expressly permitted by these Terms), distributes, posts, transmits, performs, reproduces, broadcasts, duplicates, uploads, licenses, creates derivative works from, or offers for sale any content or other information contained on or obtained from or through the Service, by any means except as provided for in these Terms or with the prior written consent of Ironclad; or
- Attempts to do any of the foregoing.
In addition, you shall not, and shall not permit others to, do the following with respect to the Service: - Use the Service or allow access to it in a manner that circumvents contractual usage restrictions or that exceeds authorized use or usage metrics set forth in these Terms or any applicable Enterprise Terms;
- License, sub-license, sell, re-sell, rent, lease, transfer, distribute or time share or otherwise make any portion of the Service available for access by third parties except as otherwise expressly provided in these Terms;
- Access or use the Service for the purpose of: (i) developing or operating products or services intended to be offered to third parties in competition with the Ironclad or (ii) allowing access to your Account by a direct competitor of Ironclad; or
- Frame the Service, place pop-up windows over its pages, or otherwise affect the display of its pages.
You acknowledge that we have no obligation to monitor your – or anyone else’s – access to or use of the Service for violations of these Terms, or to review or edit any content. However, we have the right to do so for the purpose of operating and improving the Service (including without limitation for fraud prevention, risk assessment, investigation and customer support purposes, analytics, and advertising), to ensure your compliance with these Terms and to comply with applicable law or the order or requirement of a court, consent decree, administrative agency or other governmental body.
- Privacy
You acknowledge that, except as described in these Terms or applicable Enterprise Terms, the information you provide to us or that we collect will be used and protected as described in the Ironclad Privacy Policy.
You acknowledge and agree that we may access, preserve, or share any of your information when we believe in good faith that such sharing is reasonably necessary to investigate, prevent, or take action regarding possible illegal activities or to comply with legal process (e.g. a subpoena or other legal process). We may also share your information in situations involving potential threats to the physical safety of any person, violations of the Ironclad Privacy Policy or our user agreements or terms; or to respond to the claims of violation of the rights of third parties and/or to protect the rights, property and safety of Ironclad, our employees, users, or the public. This may involve the sharing of your information with law enforcement, government agencies, courts, and/or other organizations.
- Customer Data
You are responsible for the data and information that you or your Authorized Users input or upload into the Service (“Customer Data”). You are further responsible for obtaining any necessary right and licenses for use of the Customer Data by your and Ironclad as contemplated in these Terms. You agree that you have the legal right and authority to access, use and disclose to Ironclad any Customer Data. You authorize Ironclad to access, process, and use the Customer Data as necessary to perform and fulfill its obligations hereunder, including to provide the Service to you. You and your Authorized Users acknowledge that Ironclad may process Customer Data in accordance with the Ironclad Privacy Policy.
- Customer Warranties
You hereby represent and warrant to Ironclad that: (a) you have all requisite rights and authority to use the Service under these Terms and to grant all applicable rights herein; (b) you are responsible for all use of the Service associated with its Account; (c) you are solely responsible for maintaining the confidentiality of its Account names and password(s); (d) you agree to immediately notify Ironclad of any unauthorized use of your Account of which you becomes aware; (e) you agree that Ironclad will not be liable for any losses incurred as a result of a third party's use of your Account, regardless of whether such use is with or without your knowledge and consent; (f) you will use the Service for lawful purposes only and subject to these Terms; (g) any information you submit to Ironclad is true, accurate, and correct; and (h) you will not attempt to gain unauthorized access to the System or the Service, other Accounts, computer systems, or networks under the control or responsibility of Ironclad through hacking, cracking, password mining, or any other unauthorized means.
- Fees
Ironclad reserves the right in the future to require payment of fees for certain or all aspects of the Service, change prices, or institute new charges, upon notice to you, which may be sent by email or posted on the Service. Your use of the Service following such notification constitutes your acceptance of any new or increased charges.
- Modification of the Service
We reserve the right at any time to modify or discontinue the Service (or any part or content thereof) without notice. We shall not be liable to you or to any third party for any modification, suspension or discontinuance of the Service.
- Term and Termination
These Terms are effective unless and until terminated by either you or us. You may terminate your use of the Service at any time by ceasing further use of the Service. Ironclad is also free to terminate (or suspend access to) your use of the Service or your account, for any reason in our discretion, including your breach of these Terms. We have the sole right to decide whether you are in violation of any of the restrictions set forth in these Terms.
If these Terms expire or are terminated for any reason: (a) any and all of your liabilities to Ironclad that have accrued before the effective date of the expiration or termination will survive; (b) licenses and use rights granted to you with respect to the Service and intellectual property will immediately terminate; (c) Ironclad’s obligation to provide any further services to you under these Terms will immediately terminate, except any such services that are expressly to be provided following expiration or termination of these Terms. Any other provisions that, by their nature, should survive termination of these Terms shall survive termination. By way of example, all of the following will survive termination: any obligation you have to pay us or indemnify us, any limitations on our liability, and any terms regarding ownership or intellectual property rights.
- Third Party Content
We may provide, or third parties may provide, links to other third-party websites, services, or resources that are beyond our control. We make no representations or endorsements as to the quality, suitability, functionality, or legality of any third-party content to which links may be provided, and you hereby waive any claim you might have against us with respect to such services. IRONCLAD IS NOT RESPONSIBLE FOR THE CONTENT ON THE INTERNET OR WEB PAGES THAT ARE LOCATED OUTSIDE THE SERVICE OR POSTS OF USER CONTENT. Your correspondence or business dealings with, or participation in promotions of third parties found on or through the Service, including payment and delivery of related goods or services, and any other terms, conditions, warranties, or representations associated with such dealings, are solely between you and such third party or partner. You agree that we are not responsible or liable for any loss or damage of any sort incurred as the result of any such dealings or as the result of the presence of such partners or links to third-party websites or resources on the Service.
- Warranties and Disclaimers
THIS DISCLAIMER SECTION IS AN ESSENTIAL PART OF THESE TERMS.
YOU ACKNOWLEDGE THAT YOU ARE USING THE SERVICE AT YOUR SOLE RISK. TO THE FULLEST EXTENT ALLOWED BY APPLICABLE LAW, THE SERVICE ARE PROVIDED ON AN “AS IS,” “WITH ALL FAULTS,” AND “AS AVAILABLE” BASIS WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE INCLUDING BUT NOT LIMITED TO THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, ACCURACY, COMPLETENESS, RELIABILITY, NON-INFRINGEMENT, OR ANY OTHER WARRANTY, CONDITION, GUARANTEE OR REPRESENTATION, WHETHER ORAL, IN WRITING OR IN ELECTRONIC FORM.
IRONCLAD DOES NOT WARRANT THAT ACCESS TO OR USE OF THE SERVICE WILL FUNCTION WITHOUT INTERRUPTION, WILL MEET YOUR REQUIREMENTS, IS FREE OF MALICIOUS CODE OR THAT IT IS FREE OF ERRORS OR OMISSIONS, OR LOSS OR SECURITY BREACH OF TRANSMITTED INFORMATION, OR THAT NO VIRUSES WILL BE TRANSMITTED THROUGH ACCESS TO OR USE OF THE SERVICE.
YOU ARE ADVISED TO SAFEGUARD YOUR DATA, TO USE CAUTION AND NOT TO RELY IN ANY WAY ON THE CORRECT FUNCTIONING OR PERFORMANCE OF THE SERVICE AND/OR ACCOMPANYING MATERIALS.
CERTAIN STATE LAWS DO NOT ALLOW LIMITATIONS ON IMPLIED WARRANTIES. IF THESE LAWS APPLY TO YOU, SOME OR ALL OF THE FOREGOING DISCLAIMERS, EXCLUSIONS AND LIMITATIONS MAY NOT APPLY TO YOU, AND YOU MIGHT HAVE ADDITIONAL RIGHTS.
- Indemnification
You will defend, indemnify, and hold us, our affiliates, officers, directors, employees, suppliers, consultants, and agents harmless from any and all third-party claims, liability, damages, and costs (including, but not limited to, attorneys' fees) arising from or related to, as applicable: (a) your access to and use of the Service; (b) violation of these Terms by you or your authorized Account user(s), as applicable; (c) infringement of any intellectual property or other right of any person or entity by you; (d) the nature and content of all Customer or Paid Customer data processed by the Service; or (e) any products or services purchased or obtained by you in connection with the Service.
Ironclad retains the exclusive right to settle, compromise, and pay, without your prior consent, any and all claims or causes of action that are brought against us. We reserve the right, at your expense, to assume the exclusive defense and control of any matter for which you are required to indemnify us and you agree to cooperate with our defense of these claims. You agree not to settle any matter in which we are named as a defendant and/or for which you have indemnity obligations without our prior written consent. We will use reasonable efforts to notify you of any such claim, action, or proceeding upon becoming aware of it.
If you are a California resident, you waive California Civil Code Section 1542, which provides: A general release does not extend to claims that the creditor or releasing party does not know or suspect to exist in his or her favor at the time of executing the release, and that if known by him or her would have materially affected his or her settlement with the debtor or released party.
If you are not a California resident, you waive your rights under any statute or common law principle similar to Section 1542 that governs your rights in the jurisdiction of your residence.
- Limitations of Liability
TO THE FULLEST EXTENT ALLOWED BY APPLICABLE LAW, IRONCLAD, ITS AFFILIATES, ITS SUBSIDIARIES, AND ITS THIRD-PARTY SERVICE PROVIDERS SHALL NOT BE LIABLE TO YOU OR ANY THIRD PARTIES FOR ANY DIRECT, INDIRECT, PUNITIVE, SPECIAL, INCIDENTAL, CONSEQUENTIAL, OR EXEMPLARY DAMAGES (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF BUSINESS PROFITS, BUSINESS INTERRUPTION, OR LOSS OF DATA OR INFORMATION), HOWEVER IT ARISES (INCLUDING ATTORNEYS’ FEES AND ALL RELATED COSTS AND EXPENSES OF LITIGATION AND ARBITRATION, OR AT TRIAL OR ON APPEAL, IF ANY, WHETHER OR NOT LITIGATION OR ARBITRATION IS INSTITUTED), REGARDLESS OF THE TYPE OF CLAIM OR THE NATURE OF THE CAUSE OF ACTION, INCLUDING WITHOUT LIMITATION ANY CLAIM FOR BREACH OF CONTRACT, NEGLIGENCE, PERSONAL INJURY OR PROPERTY DAMAGE, ARISING FROM YOUR USE OF THE SERVICE, THIS AGREEMENT, OR ANY VIOLATION BY YOU OF ANY FEDERAL, STATE, OR LOCAL LAWS, STATUTES, RULES, OR REGULATIONS, EVEN IF IRONCLAD HAS BEEN PREVIOUSLY ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
UNDER NO CIRCUMSTANCES WILL THE TOTAL AGGREGATE AMOUNT THAT IRONCLAD IS LIABLE TO YOU EXCEED THE GREATER OF (I) $100.00 OR (II) THE AMOUNTS PAID BY YOU TO IRONCLAD IN CONNECTION WITH THE SERVICE IN THE TWELVE (12) MONTH PERIOD PRECEDING THE EVENT ON WHICH YOUR CLAIM IS BASED. THE FOREGOING CAP ON LIABILITY SHALL NOT APPLY TO LIABILITY OF IRONCLAD FOR (1) DEATH, TANGIBLE PROPERTY DAMAGE, OR PERSONAL INJURY CAUSED BY IRONCLAD’S GROSS NEGLIGENCE OR FOR (2) ANY INJURY CAUSED BY IRONCLAD’S FRAUD OR FRAUDULENT MISREPRESENTATION.
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF PUNITIVE, INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THE PRIOR LIMITATION OR EXCLUSION MAY NOT APPLY TO YOU. THE FOREGOING LIMITATIONS AND EXCLUSIONS OF LIABILITY AND DISCLAIMERS FORM AN ESSENTIAL BASIS OF THE BARGAIN BETWEEN THE PARTIES, AND IRONCLAD WOULD NOT ENTER INTO THIS AGREEMENT WITHOUT SUCH LIMITATIONS, EXCLUSIONS, AND DISCLAIMERS.
- Relationship of the Parties
At all times, you and Ironclad are independent contractors, and are not the agents or representatives of the other. These Terms are not intended to create a joint venture, partnership, or franchise relationship between the parties. Non-parties do not benefit from and cannot enforce these Terms. There are no third-party beneficiaries to these Terms. You must not represent to anyone that you are an agent of Ironclad or are otherwise authorized to bind or commit Ironclad in any way without Ironclad’s prior written authorization.
- General
Electronic Communications.You agree to receive all communications, agreements, and notices that we provide in connection with the Service (“Communications”), including, but not limited to, Communications related to our delivery of the Service via electronic means, including by e-mail, text, in-product notifications, or by posting them on the Service. You agree that all Communications we provide to you electronically satisfy any legal requirement that such Communications be in writing or be delivered in a particular manner and you agree to keep your Account contact information current.
Assignability. You may not assign your rights or obligations, or delegate your responsibilities hereunder without Ironclad’s prior written consent. If consent is given, these Terms will bind your successors and assigns. Any attempt by you to transfer your rights, duties, or obligations under these Terms except as expressly provided in these Terms is void. Ironclad may, at any time, freely assign its rights, duties, and obligations hereunder without notice to you.
Force Majeure. Neither party will be liable hereunder by reason of any failure or delay in the performance of its obligations hereunder (except for the payment of money owed) on account of events beyond the reasonable control of such party, which may include without limitation denial-of-service attacks, strikes, shortages, riots, insurrection, fires, flood, storm, explosions, acts of God, war, terrorism, governmental action, labor conditions, earthquakes and material shortages, internet connectivity. The party affected by the force majeure event will provide notice to the other party within a commercially reasonable time and will use commercially reasonable efforts to resume performance as soon as practicable. Obligations not performed due to a force majeure event will be performed as soon as reasonably possible when the force majeure event concludes.
Governing Law. These Terms and any dispute of any sort that might arise between you and Ironclad will be interpreted in accordance with the law of the State of California and the United States of America without regard to any conflict-of-law or other principles that provide for the application of the law of another jurisdiction. These Terms expressly exclude and disclaim the terms of the U.N. Convention on Contracts for the International Sale of Goods, which shall not apply to any transaction conducted through or otherwise involving the Service.
Venue. Any claim or dispute that between you and Ironclad that arises out of or is related to the Service and is not subject to arbitration or eligible for small claims action, shall be decided exclusively by a court of competent jurisdiction located in San Francisco, California, and you hereby consent to, and waive all defense of lack of personal jurisdiction and forum non conveniens with respect to venue and jurisdiction in the state and federal courts of San Francisco, California.
Entire Agreement. These Terms and any documents expressly incorporated by reference constitute the the final, complete, and exclusive expression of the agreement between you and Ironclad regarding the Service provided under these Terms. These Terms supersede and the parties disclaim any reliance on previous oral and written communications with respect to the subject matter hereof and apply to the exclusion of any other terms that you seek to impose or incorporate, or which are implied by trade, custom, practice or course of dealing. Ironclad hereby rejects any additional or conflicting terms appearing in a purchase order or any other ordering materials submitted by you and conditions assent solely based on these Terms and conditions of these Terms as offered by Ironclad. Except as explicitly permitted in these Terms, no modification or amendment of these Terms shall be effective unless it is in writing and signed by an authorized agent of the party against whom the modification or amendment is being asserted.
Trade Restrictions. You acknowledge that the Service and any related products, information, documentation, software, technology, technical data, and any derivatives thereof, that Ironclad makes available (collectively “Excluded Data”) are subject to the export control and sanctions laws and regulations of the United States and other countries that may prohibit or restrict access by certain persons or from certain countries or territories currently including, but not limited to, Cuba, the Crimea region of the Ukraine, Sudan, Iran, North Korea and Syria ("Trade Restrictions”). You represent and warrant that you are not: (i) located in an embargoed country or territory, (ii) under the control of an entity organized in or a resident of an embargoed country or territory, (iii) listed on any U.S. government list of persons or entities with which U.S. persons are prohibited from transacting, including, but not limited to, OFAC’s List of Specially Designated Nationals and Other Blocked Persons, the U.S. State Department's Nonproliferation Sanctions lists, the U.S. Commerce Department’s Entity List or Denied Persons List located at https://www.export.gov/article?id=Consolidated-Screening-List; or (iv) subject to end destination export control regulations, such as, but not limited to, the U.S. Export Administration Regulations and U.S. Government EU Dual-Use Regulation EC 428/2009. You are solely responsible for complying with Trade Restrictions for all Excluded Data and any of its content transmitted through the Service.
Language and Translations. Ironclad may provide translations of these Terms or other terms or policies. Translations are provided for informational purposes and if there is an inconsistency or conflict between a translation and the English version, the English version will control.
Waiver. The waiver by either you or Ironclad of any breach of any provision of these Terms does not waive any other breach. The failure of any party to these Terms to insist on strict performance of any covenant or obligation in accordance with these Terms will not be a waiver of such party’s right to demand strict compliance in the future, nor will the same be construed as a novation of these Terms.
Severability. If any part of these Terms is found to be illegal, unenforceable, or invalid in any respect, the remaining portions of these Terms will remain in full force and effect. If any material limitation or restriction on the grant of any license to you under these Terms is found to be illegal, unenforceable, or invalid, the license will immediately terminate.
Interpretation.Any ambiguities in the interpretation of these Terms shall not be construed against the drafting party.
Headings. The headings used throughout these Terms are solely for the convenience of reference and are not to be used as an aid in the interpretation of these Terms.
Consumer Complaints.California users are entitled to the following specific consumer rights notice: The Complaint Assistance Unit of the Division of Consumer Services of the California Department of Consumer Affairs may be contacted in writing at 1625 North Market Blvd., Sacramento, CA 95834, or by telephone at (916) 445-1254 or (800) 952-5210.
- Changes to Terms of Service
We reserve the right, at our sole discretion, to update, change or replace any part of these Terms. The most current version of the Terms will be posted on the Service and it is your responsibility to check our website periodically for changes. If the changes include material changes that affect your rights or obligations, we will notify you of the changes by reasonable means, which could include notification through the Service or via email.Your continued use of the Service following the effective date of any changes to these Terms constitutes acceptance of those changes. If you do not agree to the new Terms, you may not use the Service.
- How to Contact Us
If you have any questions or concerns about the Service or these Terms, please contact us at support@ironcladhq.com.
Effective February 16th 2023 to March 20th 2023
DownloadTable of Contents
These Ironclad Terms of Service (the “Terms of Service” or “Terms”) govern access to and use of the Ironclad, Inc. (“Ironclad,” “we,” or “us”) website, applications, application plug-ins, and other services provided by us (collectively, the “Service”). Website visitors are referred to in these terms as “Site Visitors” and individuals or entities who use the Service or create an account (“Account”) and their Authorized Users are collectively referred to as “Customers”. Customers and Site Visitors may be referred to in these Terms as “you” and “your” as applicable.
These Terms are in addition to, and do not nullify, any other agreement between you and us or any other applicable terms and conditions found on the Service. If you are a paid Customer (“Paid Customer”) and you or your organization are bound by an Enterprise Services Agreement with Ironclad (“Enterprise Terms”), then these Terms will apply, if at all, only to use of the Service to the extent such use is not already governed by those Enterprise Terms.
- Acceptance of Terms
By using the Service, you as a Site Visitor or Customer accept and agree to follow and be bound by these Terms (whether on behalf of yourself or a legal entity you represent). You also agree to comply with all applicable laws and regulations, as well as all rules or restrictions that are posted on the Service. If you do not agree to these Terms, you are not authorized and must cease using the service immediately.
- About Ironclad
Ironclad provides a digital contracting platform that allow its customers to create, collaborate on, negotiate, and execute contracts, and turn agreements into operational business intelligence.
You understand and agree that Ironclad is not a law firm or an attorney, may not perform services performed by an attorney, and is not the substitute for the advice or services of an attorney. Any information contained on the Service is not legal advice and is not guaranteed to be correct, complete or up-to-date. No attorney-client relationship or privilege is created with Ironclad. If, prior to using the Service, you believe that Ironclad gave you any legal advice, opinion or recommendation about your legal rights, remedies, defenses, options, selection of forms or strategies, you will not proceed with the use of the Service. If you need legal advice for your specific problem, you should consult a licensed attorney in your area.
- Eligibility
You agree that by using the Service you are at least 18 years of age and you are legally able to enter into a contract.
If you are agreeing to these Terms on behalf of an organization or entity, you represent and warrant that you are authorized to agree to these Terms on that organization or entity’s behalf and bind them to these Terms (in which case, the references to "you" and "your" in these Terms, except for in this sentence, refer to that organization or entity).
If Ironclad has previously prohibited you from accessing the Service, you are not permitted to access or use the Service.
- Ironclad Account
When you create an Account to use or access certain portions of the Service, you must provide complete and accurate information as requested on the registration form, and you must maintain and update such information to keep it complete and accurate. You will also be asked to provide a user name and password. You are entirely responsible for maintaining the confidentiality of your password, and are responsible for all activities (whether by you or by others) that occur under your password or Account. You may not use a third party’s Account, user name or password at any time, and you will not allow anyone other than Authorized Users to access or use the Service from your Account. You agree to notify Ironclad immediately of any unauthorized use of your account, user name or password. Ironclad shall not be liable for any losses you incur as a result of someone else’s use of your account or password, either with or without your knowledge. You may be held liable for any losses incurred by Ironclad, our affiliates, officers, directors, employees, consultants, agents and representatives due to someone else’s use of your account or password.
You will promptly notify Ironclad of any suspected violation of these Terms by an Authorized User and will cooperate with Ironclad to address the suspected violation. Ironclad may suspend or terminate any Authorized User’s access to the Service upon notice to you in the event that Ironclad reasonably determines that such Authorized User violated these Terms.
- Intellectual Property Rights
The Service is owned and operated by Ironclad, Inc., and contains materials that are proprietary and are protected by copyright laws, international treaty provisions, trademarks, service marks, and other intellectual property laws and treaties. Except as otherwise expressly provided by Ironclad, none of the Service may be copied, reproduced, republished, downloaded, uploaded, posted, displayed, transmitted or distributed in any way and nothing on the Service shall be construed to confer any license under any of Ironclad’s intellectual property rights, whether by estoppel, implication or otherwise. Any rights not expressly granted in these Terms are reserved by Ironclad.
The Service is also protected as a collective work or compilation under copyright and other laws and treaties. You agree to abide by all applicable copyright and other laws, as well as any additional copyright notices or restrictions contained on the Service. You acknowledge that the Service contains original works that have been developed, compiled, prepared, revised, selected, and arranged by Ironclad and others through the application of methods and standards of judgment developed and applied through the expenditure of substantial time, effort, and money and which constitute valuable intellectual property of Ironclad and such others. All present and future rights in and to trade secrets, patents, designs, copyrights, trademarks, database rights, service marks, know-how, and other intellectual property or other proprietary rights of any type, documentation, any improvements, design contributions, or derivative works thereto, and any knowledge or process related thereto, including rights in and to all applications and registrations relating to the Service, shall, as between you and Ironclad, at all times be and remain the sole and exclusive property of Ironclad.
The trademarks, logos, taglines, and service marks displayed on the Service (collectively, the “Trademarks”) are registered and unregistered Trademarks of Ironclad and others. The Trademarks may not be used without Ironclad’s prior express written permission. Ironclad acknowledges the Trademarks of other organizations for their respective products or services mentioned on the Service. Other than as provided in these Terms, your use of the Trademarks, or any other Ironclad content, is strictly prohibited.
Any software available for downloading through the Service or third-party websites or applications (the “Software”) is the copyrighted work of Ironclad and third-party providers. Use of the Software is governed by these Terms. Unauthorized reproduction or distribution of the Software is expressly prohibited by law, and may result in civil and criminal penalties. Violators may be prosecuted.
Upon your acceptance of these Terms, we grant you a limited, non-exclusive non-sublicensable, and non-assignable license to access and use the Service for your internal purposes and only as expressly permitted in these Terms. You shall not use or permit use of the Service for any illegal purpose or in any manner inconsistent with the provisions of these Terms. If you are or become a direct competitor of Ironclad, you may not access or use the Service without Ironclad’s explicit, advance, written consent, and then only for the purposes authorized in writing. Except as otherwise restricted by these Terms, Ironclad grants you permission on a non-exclusive, non-transferable, limited basis to display, copy, and download content and materials on the Service provided that you: (a) retain all copyright and other proprietary notices on the content and materials; (b) use them solely for internal use or in accordance with any applicable Ironclad Terms; and (c) do not modify them in any way. Any violation by you of the license provisions contained in this Section 7 may result in the immediate termination of your right to use the Service, as well as potential liability for copyright infringement or other claims depending on the circumstances.
- Copyright
Ironclad respects copyright law and expects its Site Visitors and Customers to do the same. If you believe that any content or material on the Service infringes copyrights you own, please notify us by contacting legal@ironcladhq.com.
- User Comments, Feedback and Other Submissions
If, at our request, you send certain specific submissions or without a request from us you send creative ideas, suggestions, proposals, plans, or other materials, whether online, by email, by postal mail, or otherwise (collectively, “Comments”), you agree that we may, at any time, without restriction, edit, copy, publish, distribute, translate, and otherwise use in any medium any Comments that you forward to us. We are and shall be under no obligation (1) to maintain any Comments in confidence; (2) to pay compensation for any Comments; or (3) to respond to any Comments.
We may, but have no obligation to, monitor, edit or remove content that we determine in our sole discretion are unlawful, offensive, threatening, libelous, defamatory, pornographic, obscene or otherwise objectionable or violates any party’s intellectual property or these Terms.
You agree that your Comments will not violate any right of any third party, including copyright, trademark, privacy, personality or other personal or proprietary right. You further agree that your Comments will not contain libelous or otherwise unlawful, abusive or obscene material, or contain any computer virus or other malware that could in any way affect the operation of the Service or any related website. You may not use a false e-mail address, pretend to be someone other than yourself, or otherwise mislead us or third parties as to the origin of any Comments. You are solely responsible for any Comments you make and their accuracy. We take no responsibility and assume no liability for any Comments posted by you or any third party.
- Use Restrictions
By using the Service, you specifically agree not to engage in any activity or transmit any information that, in our sole discretion:
- Is illegal, or violates any federal, state, or local law or regulation;
- Advocates illegal activity or discusses illegal activities with the intent to commit them;
- Violates any third-party right, including, but not limited to, right of privacy, right of publicity, copyright, trademark, patent, trade secret, or any other intellectual property or proprietary rights;
- Is harmful, threatening, abusive, harassing, tortious, indecent, defamatory, sexually explicit or pornographic, discriminatory, vulgar, profane, obscene, libelous, hate speech, violent or inciting violence, inflammatory, or otherwise objectionable;
- Interferes with any other party’s use and enjoyment of the Service;
- Attempts to impersonate another person or entity;
- Is commercial in a way that violates these Terms, including but not limited to, using the Service for spam, surveys, contests, pyramid schemes, or other advertising materials;
- Falsely states, misrepresents, or conceals your affiliation with another person or entity;
- Accesses or uses the Account of another Customer or Paid Customer without permission;
- Distributes computer viruses or other code, files, or programs that interrupt, destroy, or limit the functionality of any computer software or hardware or electronic communications equipment;
- Interferes with, disrupts, disables, overburdens, or destroys the functionality or use of any features of the Service, or the servers or networks connected to the Service, or any of the Service;
- “Hacks” or accesses without permission our proprietary or confidential records, those of another Customer, Paid Customer, or Site Visitor, or those of anyone else;
- Improperly solicits personal or sensitive information from other Customers, Paid Customers or Site Visitors including without limitation address, credit card or financial account information, or passwords;
- Decompiles, reverse engineers, disassembles, or otherwise attempts to derive source code from the Service, except as expressly permitted in these Terms or by law, unless and then only to the extent permitted by applicable law without consent;
- Removes, circumvents, disables, damages, or otherwise interferes with security-related features, or features that enforce limitations on use of the Service;
- Uses automated or manual means to violate the restrictions in any robot exclusion headers on the Service, if any, or bypasses or circumvents other measures employed to prevent or limit access, for example by engaging in practices such as “screen scraping,” “database scraping,” or any other activity with the purpose of obtaining lists of users or other information;
- Modifies, copies, scrapes or crawls, displays, distributes, publishes, licenses, sells, rents, leases, lends, transfers, or otherwise commercializes any materials or content on the Service;
- Uses the Service for benchmarking, or to compile information for a product or service;
- Downloads (other than through page caching necessary for personal use, or as otherwise expressly permitted by these Terms), distributes, posts, transmits, performs, reproduces, broadcasts, duplicates, uploads, licenses, creates derivative works from, or offers for sale any content or other information contained on or obtained from or through the Service, by any means except as provided for in these Terms or with the prior written consent of Ironclad; or
- Attempts to do any of the foregoing.
In addition, you shall not, and shall not permit others to, do the following with respect to the Service:
- Use the Service or allow access to it in a manner that circumvents contractual usage restrictions or that exceeds authorized use or usage metrics set forth in these Terms or any applicable Enterprise Terms;
- License, sub-license, sell, re-sell, rent, lease, transfer, distribute or time share or otherwise make any portion of the Service available for access by third parties except as otherwise expressly provided in these Terms;
- Access or use the Service for the purpose of: (i) developing or operating products or services intended to be offered to third parties in competition with the Ironclad or (ii) allowing access to your Account by a direct competitor of Ironclad; or
- Frame the Service, place pop-up windows over its pages, or otherwise affect the display of its pages.
You acknowledge that we have no obligation to monitor your – or anyone else’s – access to or use of the Service for violations of these Terms, or to review or edit any content. However, we have the right to do so for the purpose of operating and improving the Service (including without limitation for fraud prevention, risk assessment, investigation and customer support purposes, analytics, and advertising), to ensure your compliance with these Terms and to comply with applicable law or the order or requirement of a court, consent decree, administrative agency or other governmental body.
- Privacy
You acknowledge that, except as described in these Terms or applicable Enterprise Terms, the information you provide to us or that we collect will be used and protected as described in the Ironclad Privacy Policy.
You acknowledge and agree that we may access, preserve, or share any of your information when we believe in good faith that such sharing is reasonably necessary to investigate, prevent, or take action regarding possible illegal activities or to comply with legal process (e.g. a subpoena or other legal process). We may also share your information in situations involving potential threats to the physical safety of any person, violations of the Ironclad Privacy Policy or our user agreements or terms; or to respond to the claims of violation of the rights of third parties and/or to protect the rights, property and safety of Ironclad, our employees, users, or the public. This may involve the sharing of your information with law enforcement, government agencies, courts, and/or other organizations.
- Customer Data
You are responsible for the data and information that you or your Authorized Users input or upload into the Service (“Customer Data”). You are further responsible for obtaining any necessary right and licenses for use of the Customer Data by your and Ironclad as contemplated in these Terms. You agree that you have the legal right and authority to access, use and disclose to Ironclad any Customer Data. You authorize Ironclad to access, process, and use the Customer Data as necessary to perform and fulfill its obligations hereunder, including to provide the Service to you. You and your Authorized Users acknowledge that Ironclad may process Customer Data in accordance with the Ironclad Privacy Policy.
- Customer Warranties
You hereby represent and warrant to Ironclad that: (a) you have all requisite rights and authority to use the Service under these Terms and to grant all applicable rights herein; (b) you are responsible for all use of the Service associated with its Account; (c) you are solely responsible for maintaining the confidentiality of its Account names and password(s); (d) you agree to immediately notify Ironclad of any unauthorized use of your Account of which you becomes aware; (e) you agree that Ironclad will not be liable for any losses incurred as a result of a third party's use of your Account, regardless of whether such use is with or without your knowledge and consent; (f) you will use the Service for lawful purposes only and subject to these Terms; (g) any information you submit to Ironclad is true, accurate, and correct; and (h) you will not attempt to gain unauthorized access to the System or the Service, other Accounts, computer systems, or networks under the control or responsibility of Ironclad through hacking, cracking, password mining, or any other unauthorized means.
- Fees
Ironclad reserves the right in the future to require payment of fees for certain or all aspects of the Service, change prices, or institute new charges, upon notice to you, which may be sent by email or posted on the Service. Your use of the Service following such notification constitutes your acceptance of any new or increased charges.
- Modification of the Service
We reserve the right at any time to modify or discontinue the Service (or any part or content thereof) without notice. We shall not be liable to you or to any third party for any modification, suspension or discontinuance of the Service.
- Term and Termination
These Terms are effective unless and until terminated by either you or us. You may terminate your use of the Service at any time by ceasing further use of the Service. Ironclad is also free to terminate (or suspend access to) your use of the Service or your account, for any reason in our discretion, including your breach of these Terms. We have the sole right to decide whether you are in violation of any of the restrictions set forth in these Terms.
If these Terms expire or are terminated for any reason: (a) any and all of your liabilities to Ironclad that have accrued before the effective date of the expiration or termination will survive; (b) licenses and use rights granted to you with respect to the Service and intellectual property will immediately terminate; (c) Ironclad’s obligation to provide any further services to you under these Terms will immediately terminate, except any such services that are expressly to be provided following expiration or termination of these Terms. Any other provisions that, by their nature, should survive termination of these Terms shall survive termination. By way of example, all of the following will survive termination: any obligation you have to pay us or indemnify us, any limitations on our liability, and any terms regarding ownership or intellectual property rights.
- Third Party Content
We may provide, or third parties may provide, links to other third-party websites, services, or resources that are beyond our control. We make no representations or endorsements as to the quality, suitability, functionality, or legality of any third-party content to which links may be provided, and you hereby waive any claim you might have against us with respect to such services. IRONCLAD IS NOT RESPONSIBLE FOR THE CONTENT ON THE INTERNET OR WEB PAGES THAT ARE LOCATED OUTSIDE THE SERVICE OR POSTS OF USER CONTENT. Your correspondence or business dealings with, or participation in promotions of third parties found on or through the Service, including payment and delivery of related goods or services, and any other terms, conditions, warranties, or representations associated with such dealings, are solely between you and such third party or partner. You agree that we are not responsible or liable for any loss or damage of any sort incurred as the result of any such dealings or as the result of the presence of such partners or links to third-party websites or resources on the Service.
- Warranties and Disclaimers
THIS DISCLAIMER SECTION IS AN ESSENTIAL PART OF THESE TERMS.
YOU ACKNOWLEDGE THAT YOU ARE USING THE SERVICE AT YOUR SOLE RISK. TO THE FULLEST EXTENT ALLOWED BY APPLICABLE LAW, THE SERVICE ARE PROVIDED ON AN “AS IS,” “WITH ALL FAULTS,” AND “AS AVAILABLE” BASIS WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE INCLUDING BUT NOT LIMITED TO THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, ACCURACY, COMPLETENESS, RELIABILITY, NON-INFRINGEMENT, OR ANY OTHER WARRANTY, CONDITION, GUARANTEE OR REPRESENTATION, WHETHER ORAL, IN WRITING OR IN ELECTRONIC FORM.
IRONCLAD DOES NOT WARRANT THAT ACCESS TO OR USE OF THE SERVICE WILL FUNCTION WITHOUT INTERRUPTION, WILL MEET YOUR REQUIREMENTS, IS FREE OF MALICIOUS CODE OR THAT IT IS FREE OF ERRORS OR OMISSIONS, OR LOSS OR SECURITY BREACH OF TRANSMITTED INFORMATION, OR THAT NO VIRUSES WILL BE TRANSMITTED THROUGH ACCESS TO OR USE OF THE SERVICE.
YOU ARE ADVISED TO SAFEGUARD YOUR DATA, TO USE CAUTION AND NOT TO RELY IN ANY WAY ON THE CORRECT FUNCTIONING OR PERFORMANCE OF THE SERVICE AND/OR ACCOMPANYING MATERIALS.
CERTAIN STATE LAWS DO NOT ALLOW LIMITATIONS ON IMPLIED WARRANTIES. IF THESE LAWS APPLY TO YOU, SOME OR ALL OF THE FOREGOING DISCLAIMERS, EXCLUSIONS AND LIMITATIONS MAY NOT APPLY TO YOU, AND YOU MIGHT HAVE ADDITIONAL RIGHTS.
- Indemnification
You will defend, indemnify, and hold us, our affiliates, officers, directors, employees, suppliers, consultants, and agents harmless from any and all third-party claims, liability, damages, and costs (including, but not limited to, attorneys' fees) arising from or related to, as applicable: (a) your access to and use of the Service; (b) violation of these Terms by you or your authorized Account user(s), as applicable; (c) infringement of any intellectual property or other right of any person or entity by you; (d) the nature and content of all Customer or Paid Customer data processed by the Service; or (e) any products or services purchased or obtained by you in connection with the Service.
Ironclad retains the exclusive right to settle, compromise, and pay, without your prior consent, any and all claims or causes of action that are brought against us. We reserve the right, at your expense, to assume the exclusive defense and control of any matter for which you are required to indemnify us and you agree to cooperate with our defense of these claims. You agree not to settle any matter in which we are named as a defendant and/or for which you have indemnity obligations without our prior written consent. We will use reasonable efforts to notify you of any such claim, action, or proceeding upon becoming aware of it.
If you are a California resident, you waive California Civil Code Section 1542, which provides: A general release does not extend to claims that the creditor or releasing party does not know or suspect to exist in his or her favor at the time of executing the release, and that if known by him or her would have materially affected his or her settlement with the debtor or released party.
If you are not a California resident, you waive your rights under any statute or common law principle similar to Section 1542 that governs your rights in the jurisdiction of your residence.
- Limitations of Liability
TO THE FULLEST EXTENT ALLOWED BY APPLICABLE LAW, IRONCLAD, ITS AFFILIATES, ITS SUBSIDIARIES, AND ITS THIRD-PARTY SERVICE PROVIDERS SHALL NOT BE LIABLE TO YOU OR ANY THIRD PARTIES FOR ANY DIRECT, INDIRECT, PUNITIVE, SPECIAL, INCIDENTAL, CONSEQUENTIAL, OR EXEMPLARY DAMAGES (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF BUSINESS PROFITS, BUSINESS INTERRUPTION, OR LOSS OF DATA OR INFORMATION), HOWEVER IT ARISES (INCLUDING ATTORNEYS’ FEES AND ALL RELATED COSTS AND EXPENSES OF LITIGATION AND ARBITRATION, OR AT TRIAL OR ON APPEAL, IF ANY, WHETHER OR NOT LITIGATION OR ARBITRATION IS INSTITUTED), REGARDLESS OF THE TYPE OF CLAIM OR THE NATURE OF THE CAUSE OF ACTION, INCLUDING WITHOUT LIMITATION ANY CLAIM FOR BREACH OF CONTRACT, NEGLIGENCE, PERSONAL INJURY OR PROPERTY DAMAGE, ARISING FROM YOUR USE OF THE SERVICE, THIS AGREEMENT, OR ANY VIOLATION BY YOU OF ANY FEDERAL, STATE, OR LOCAL LAWS, STATUTES, RULES, OR REGULATIONS, EVEN IF IRONCLAD HAS BEEN PREVIOUSLY ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
UNDER NO CIRCUMSTANCES WILL THE TOTAL AGGREGATE AMOUNT THAT IRONCLAD IS LIABLE TO YOU EXCEED THE GREATER OF (I) $100.00 OR (II) THE AMOUNTS PAID BY YOU TO IRONCLAD IN CONNECTION WITH THE SERVICE IN THE TWELVE (12) MONTH PERIOD PRECEDING THE EVENT ON WHICH YOUR CLAIM IS BASED. THE FOREGOING CAP ON LIABILITY SHALL NOT APPLY TO LIABILITY OF IRONCLAD FOR (1) DEATH, TANGIBLE PROPERTY DAMAGE, OR PERSONAL INJURY CAUSED BY IRONCLAD’S GROSS NEGLIGENCE OR FOR (2) ANY INJURY CAUSED BY IRONCLAD’S FRAUD OR FRAUDULENT MISREPRESENTATION.
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF PUNITIVE, INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THE PRIOR LIMITATION OR EXCLUSION MAY NOT APPLY TO YOU. THE FOREGOING LIMITATIONS AND EXCLUSIONS OF LIABILITY AND DISCLAIMERS FORM AN ESSENTIAL BASIS OF THE BARGAIN BETWEEN THE PARTIES, AND IRONCLAD WOULD NOT ENTER INTO THIS AGREEMENT WITHOUT SUCH LIMITATIONS, EXCLUSIONS, AND DISCLAIMERS.
- Relationship of the Parties
At all times, you and Ironclad are independent contractors, and are not the agents or representatives of the other. These Terms are not intended to create a joint venture, partnership, or franchise relationship between the parties. Non-parties do not benefit from and cannot enforce these Terms. There are no third-party beneficiaries to these Terms. You must not represent to anyone that you are an agent of Ironclad or are otherwise authorized to bind or commit Ironclad in any way without Ironclad’s prior written authorization.
- General
Electronic Communications.You agree to receive all communications, agreements, and notices that we provide in connection with the Service (“Communications”), including, but not limited to, Communications related to our delivery of the Service via electronic means, including by e-mail, text, in-product notifications, or by posting them on the Service. You agree that all Communications we provide to you electronically satisfy any legal requirement that such Communications be in writing or be delivered in a particular manner and you agree to keep your Account contact information current.
Assignability. You may not assign your rights or obligations, or delegate your responsibilities hereunder without Ironclad’s prior written consent. If consent is given, these Terms will bind your successors and assigns. Any attempt by you to transfer your rights, duties, or obligations under these Terms except as expressly provided in these Terms is void. Ironclad may, at any time, freely assign its rights, duties, and obligations hereunder without notice to you.
Force Majeure. Neither party will be liable hereunder by reason of any failure or delay in the performance of its obligations hereunder (except for the payment of money owed) on account of events beyond the reasonable control of such party, which may include without limitation denial-of-service attacks, strikes, shortages, riots, insurrection, fires, flood, storm, explosions, acts of God, war, terrorism, governmental action, labor conditions, earthquakes and material shortages, internet connectivity. The party affected by the force majeure event will provide notice to the other party within a commercially reasonable time and will use commercially reasonable efforts to resume performance as soon as practicable. Obligations not performed due to a force majeure event will be performed as soon as reasonably possible when the force majeure event concludes.
Governing Law. These Terms and any dispute of any sort that might arise between you and Ironclad will be interpreted in accordance with the law of the State of California and the United States of America without regard to any conflict-of-law or other principles that provide for the application of the law of another jurisdiction. These Terms expressly exclude and disclaim the terms of the U.N. Convention on Contracts for the International Sale of Goods, which shall not apply to any transaction conducted through or otherwise involving the Service.
Venue.Any claim or dispute that between you and Ironclad that arises out of or is related to the Service and is not subject to arbitration or eligible for small claims action, shall be decided exclusively by a court of competent jurisdiction located in San Francisco, California, and you hereby consent to, and waive all defense of lack of personal jurisdiction and forum non conveniens with respect to venue and jurisdiction in the state and federal courts of San Francisco, California.
Entire Agreement. These Terms and any documents expressly incorporated by reference constitute the the final, complete, and exclusive expression of the agreement between you and Ironclad regarding the Service provided under these Terms. These Terms supersede and the parties disclaim any reliance on previous oral and written communications with respect to the subject matter hereof and apply to the exclusion of any other terms that you seek to impose or incorporate, or which are implied by trade, custom, practice or course of dealing. Ironclad hereby rejects any additional or conflicting terms appearing in a purchase order or any other ordering materials submitted by you and conditions assent solely based on these Terms and conditions of these Terms as offered by Ironclad. Except as explicitly permitted in these Terms, no modification or amendment of these Terms shall be effective unless it is in writing and signed by an authorized agent of the party against whom the modification or amendment is being asserted.
Trade Restrictions. You acknowledge that the Service and any related products, information, documentation, software, technology, technical data, and any derivatives thereof, that Ironclad makes available (collectively “Excluded Data”) are subject to the export control and sanctions laws and regulations of the United States and other countries that may prohibit or restrict access by certain persons or from certain countries or territories currently including, but not limited to, Cuba, the Crimea region of the Ukraine, Sudan, Iran, North Korea and Syria ("Trade Restrictions”). You represent and warrant that you are not: (i) located in an embargoed country or territory, (ii) under the control of an entity organized in or a resident of an embargoed country or territory, (iii) listed on any U.S. government list of persons or entities with which U.S. persons are prohibited from transacting, including, but not limited to, OFAC’s List of Specially Designated Nationals and Other Blocked Persons, the U.S. State Department's Nonproliferation Sanctions lists, the U.S. Commerce Department’s Entity List or Denied Persons List located at https://www.export.gov/article?id=Consolidated-Screening-List; or (iv) subject to end destination export control regulations, such as, but not limited to, the U.S. Export Administration Regulations and U.S. Government EU Dual-Use Regulation EC 428/2009. You are solely responsible for complying with Trade Restrictions for all Excluded Data and any of its content transmitted through the Service.
Language and Translations. Ironclad may provide translations of these Terms or other terms or policies. Translations are provided for informational purposes and if there is an inconsistency or conflict between a translation and the English version, the English version will control.
Waiver. The waiver by either you or Ironclad of any breach of any provision of these Terms does not waive any other breach. The failure of any party to these Terms to insist on strict performance of any covenant or obligation in accordance with these Terms will not be a waiver of such party’s right to demand strict compliance in the future, nor will the same be construed as a novation of these Terms.
Severability. If any part of these Terms is found to be illegal, unenforceable, or invalid in any respect, the remaining portions of these Terms will remain in full force and effect. If any material limitation or restriction on the grant of any license to you under these Terms is found to be illegal, unenforceable, or invalid, the license will immediately terminate.
Interpretation.Any ambiguities in the interpretation of these Terms shall not be construed against the drafting party.
Headings. The headings used throughout these Terms are solely for the convenience of reference and are not to be used as an aid in the interpretation of these Terms.
Consumer Complaints.California users are entitled to the following specific consumer rights notice: The Complaint Assistance Unit of the Division of Consumer Services of the California Department of Consumer Affairs may be contacted in writing at 1625 North Market Blvd., Sacramento, CA 95834, or by telephone at (916) 445-1254 or (800) 952-5210.
- Changes to Terms of Service
We reserve the right, at our sole discretion, to update, change or replace any part of these Terms. The most current version of the Terms will be posted on the Service and it is your responsibility to check our website periodically for changes. If the changes include material changes that affect your rights or obligations, we will notify you of the changes by reasonable means, which could include notification through the Service or via email.Your continued use of the Service following the effective date of any changes to these Terms constitutes acceptance of those changes. If you do not agree to the new Terms, you may not use the Service.
- How to Contact Us
If you have any questions or concerns about the Service or these Terms, please contact us at support@ironcladhq.com.
Effective April 23rd 2021 to February 16th 2023
DownloadTable of Contents
These Ironclad Terms of Service (the “Terms of Service” or “Terms”) govern access to and use of the Ironclad, Inc. (“Ironclad,” “we,” or “us”) website, applications, application plug-ins, and other services provided by us (collectively, the “Service”). Website visitors are referred to in these terms as “Site Visitors” and individuals or entities who use the Service or create an account (“Account”) and their Authorized Users are collectively referred to as “Customers”. Customers and Site Visitors may be referred to in these Terms as “you” and “your” as applicable.
These Terms are in addition to, and do not nullify, any other agreement between you and us or any other applicable terms and conditions found on the Service. If you are a paid Customer (“Paid Customer”) and you or your organization are bound by an Enterprise Services Agreement with Ironclad (“Enterprise Terms”), then these Terms will apply, if at all, only to use of the Service to the extent such use is not already governed by those Enterprise Terms.
- Acceptance of Terms
By using the Service, you as a Site Visitor or Customer accept and agree to follow and be bound by these Terms (whether on behalf of yourself or a legal entity you represent). You also agree to comply with all applicable laws and regulations, as well as all rules or restrictions that are posted on the Service. If you do not agree to these Terms, you are not authorized and must cease using the service immediately.
- About Ironclad
Ironclad provides a digital contracting platform that allow its customers to create, collaborate on, negotiate, and execute contracts, and turn agreements into operational business intelligence.
You understand and agree that Ironclad is not a law firm or an attorney, may not perform services performed by an attorney, and is not the substitute for the advice or services of an attorney. Any information contained on the Service is not legal advice and is not guaranteed to be correct, complete or up-to-date. No attorney-client relationship or privilege is created with Ironclad. If, prior to using the Service, you believe that Ironclad gave you any legal advice, opinion or recommendation about your legal rights, remedies, defenses, options, selection of forms or strategies, you will not proceed with the use of the Service. If you need legal advice for your specific problem, you should consult a licensed attorney in your area.
- Eligibility
You agree that by using the Service you are at least 18 years of age and you are legally able to enter into a contract.
If you are agreeing to these Terms on behalf of an organization or entity, you represent and warrant that you are authorized to agree to these Terms on that organization or entity’s behalf and bind them to these Terms (in which case, the references to "you" and "your" in these Terms, except for in this sentence, refer to that organization or entity).
If Ironclad has previously prohibited you from accessing the Service, you are not permitted to access or use the Service.
- Ironclad Account
When you create an Account to use or access certain portions of the Service, you must provide complete and accurate information as requested on the registration form, and you must maintain and update such information to keep it complete and accurate. You will also be asked to provide a user name and password. You are entirely responsible for maintaining the confidentiality of your password, and are responsible for all activities (whether by you or by others) that occur under your password or Account. You may not use a third party’s Account, user name or password at any time, and you will not allow anyone other than Authorized Users to access or use the Service from your Account. You agree to notify Ironclad immediately of any unauthorized use of your account, user name or password. Ironclad shall not be liable for any losses you incur as a result of someone else’s use of your account or password, either with or without your knowledge. You may be held liable for any losses incurred by Ironclad, our affiliates, officers, directors, employees, consultants, agents and representatives due to someone else’s use of your account or password.
You will promptly notify Ironclad of any suspected violation of these Terms by an Authorized User and will cooperate with Ironclad to address the suspected violation. Ironclad may suspend or terminate any Authorized User’s access to the Service upon notice to you in the event that Ironclad reasonably determines that such Authorized User violated these Terms.
- Intellectual Property Rights
The Service is owned and operated by Ironclad, Inc., and contains materials that are proprietary and are protected by copyright laws, international treaty provisions, trademarks, service marks, and other intellectual property laws and treaties. Except as otherwise expressly provided by Ironclad, none of the Service may be copied, reproduced, republished, downloaded, uploaded, posted, displayed, transmitted or distributed in any way and nothing on the Service shall be construed to confer any license under any of Ironclad’s intellectual property rights, whether by estoppel, implication or otherwise. Any rights not expressly granted in these Terms are reserved by Ironclad.
The Service is also protected as a collective work or compilation under copyright and other laws and treaties. You agree to abide by all applicable copyright and other laws, as well as any additional copyright notices or restrictions contained on the Service. You acknowledge that the Service contains original works that have been developed, compiled, prepared, revised, selected, and arranged by Ironclad and others through the application of methods and standards of judgment developed and applied through the expenditure of substantial time, effort, and money and which constitute valuable intellectual property of Ironclad and such others. All present and future rights in and to trade secrets, patents, designs, copyrights, trademarks, database rights, service marks, know-how, and other intellectual property or other proprietary rights of any type, documentation, any improvements, design contributions, or derivative works thereto, and any knowledge or process related thereto, including rights in and to all applications and registrations relating to the Service, shall, as between you and Ironclad, at all times be and remain the sole and exclusive property of Ironclad.
The trademarks, logos, taglines, and service marks displayed on the Service (collectively, the “Trademarks”) are registered and unregistered Trademarks of Ironclad and others. The Trademarks may not be used without Ironclad’s prior express written permission. Ironclad acknowledges the Trademarks of other organizations for their respective products or services mentioned on the Service. Other than as provided in these Terms, your use of the Trademarks, or any other Ironclad content, is strictly prohibited.
Any software available for downloading through the Service or third-party websites or applications (the “Software”) is the copyrighted work of Ironclad and third-party providers. Use of the Software is governed by these Terms. Unauthorized reproduction or distribution of the Software is expressly prohibited by law, and may result in civil and criminal penalties. Violators may be prosecuted.
Upon your acceptance of these Terms, we grant you a limited, non-exclusive non-sublicensable, and non-assignable license to access and use the Service for your internal purposes and only as expressly permitted in these Terms. You shall not use or permit use of the Service for any illegal purpose or in any manner inconsistent with the provisions of these Terms. If you are or become a direct competitor of Ironclad, you may not access or use the Service without Ironclad’s explicit, advance, written consent, and then only for the purposes authorized in writing. Except as otherwise restricted by these Terms, Ironclad grants you permission on a non-exclusive, non-transferable, limited basis to display, copy, and download content and materials on the Service provided that you: (a) retain all copyright and other proprietary notices on the content and materials; (b) use them solely for internal use or in accordance with any applicable Ironclad Terms; and (c) do not modify them in any way. Any violation by you of the license provisions contained in this Section 7 may result in the immediate termination of your right to use the Service, as well as potential liability for copyright infringement or other claims depending on the circumstances.
- Copyright
Ironclad respects copyright law and expects its Site Visitors and Customers to do the same. If you believe that any content or material on the Service infringes copyrights you own, please notify us by contacting legal@ironcladhq.com.
- User Comments, Feedback and Other Submissions
If, at our request, you send certain specific submissions or without a request from us you send creative ideas, suggestions, proposals, plans, or other materials, whether online, by email, by postal mail, or otherwise (collectively, “Comments”), you agree that we may, at any time, without restriction, edit, copy, publish, distribute, translate, and otherwise use in any medium any Comments that you forward to us. We are and shall be under no obligation (1) to maintain any Comments in confidence; (2) to pay compensation for any Comments; or (3) to respond to any Comments.
We may, but have no obligation to, monitor, edit or remove content that we determine in our sole discretion are unlawful, offensive, threatening, libelous, defamatory, pornographic, obscene or otherwise objectionable or violates any party’s intellectual property or these Terms.
You agree that your Comments will not violate any right of any third party, including copyright, trademark, privacy, personality or other personal or proprietary right. You further agree that your Comments will not contain libelous or otherwise unlawful, abusive or obscene material, or contain any computer virus or other malware that could in any way affect the operation of the Service or any related website. You may not use a false e-mail address, pretend to be someone other than yourself, or otherwise mislead us or third parties as to the origin of any Comments. You are solely responsible for any Comments you make and their accuracy. We take no responsibility and assume no liability for any Comments posted by you or any third party.
- Use Restrictions
By using the Service, you specifically agree not to engage in any activity or transmit any information that, in our sole discretion:
- Is illegal, or violates any federal, state, or local law or regulation;
- Advocates illegal activity or discusses illegal activities with the intent to commit them;
- Violates any third-party right, including, but not limited to, right of privacy, right of publicity, copyright, trademark, patent, trade secret, or any other intellectual property or proprietary rights;
- Is harmful, threatening, abusive, harassing, tortious, indecent, defamatory, sexually explicit or pornographic, discriminatory, vulgar, profane, obscene, libelous, hate speech, violent or inciting violence, inflammatory, or otherwise objectionable;
- Interferes with any other party’s use and enjoyment of the Service;
- Attempts to impersonate another person or entity;
- Is commercial in a way that violates these Terms, including but not limited to, using the Service for spam, surveys, contests, pyramid schemes, or other advertising materials;
- Falsely states, misrepresents, or conceals your affiliation with another person or entity;
- Accesses or uses the Account of another Customer or Paid Customer without permission;
- Distributes computer viruses or other code, files, or programs that interrupt, destroy, or limit the functionality of any computer software or hardware or electronic communications equipment;
- Interferes with, disrupts, disables, overburdens, or destroys the functionality or use of any features of the Service, or the servers or networks connected to the Service, or any of the Service;
- “Hacks” or accesses without permission our proprietary or confidential records, those of another Customer, Paid Customer, or Site Visitor, or those of anyone else;
- Improperly solicits personal or sensitive information from other Customers, Paid Customers or Site Visitors including without limitation address, credit card or financial account information, or passwords;
- Decompiles, reverse engineers, disassembles, or otherwise attempts to derive source code from the Service, except as expressly permitted in these Terms or by law, unless and then only to the extent permitted by applicable law without consent;
- Removes, circumvents, disables, damages, or otherwise interferes with security-related features, or features that enforce limitations on use of the Service;
- Uses automated or manual means to violate the restrictions in any robot exclusion headers on the Service, if any, or bypasses or circumvents other measures employed to prevent or limit access, for example by engaging in practices such as “screen scraping,” “database scraping,” or any other activity with the purpose of obtaining lists of users or other information;
- Modifies, copies, scrapes or crawls, displays, distributes, publishes, licenses, sells, rents, leases, lends, transfers, or otherwise commercializes any materials or content on the Service;
- Uses the Service for benchmarking, or to compile information for a product or service;
- Downloads (other than through page caching necessary for personal use, or as otherwise expressly permitted by these Terms), distributes, posts, transmits, performs, reproduces, broadcasts, duplicates, uploads, licenses, creates derivative works from, or offers for sale any content or other information contained on or obtained from or through the Service, by any means except as provided for in these Terms or with the prior written consent of Ironclad; or
- Attempts to do any of the foregoing.
In addition, you shall not, and shall not permit others to, do the following with respect to the Service:
- Use the Service or allow access to it in a manner that circumvents contractual usage restrictions or that exceeds authorized use or usage metrics set forth in these Terms or any applicable Enterprise Terms;
- License, sub-license, sell, re-sell, rent, lease, transfer, distribute or time share or otherwise make any portion of the Service available for access by third parties except as otherwise expressly provided in these Terms;
- Access or use the Service for the purpose of: (i) developing or operating products or services intended to be offered to third parties in competition with the Ironclad or (ii) allowing access to your Account by a direct competitor of Ironclad; or
- Frame the Service, place pop-up windows over its pages, or otherwise affect the display of its pages.
You acknowledge that we have no obligation to monitor your – or anyone else’s – access to or use of the Service for violations of these Terms, or to review or edit any content. However, we have the right to do so for the purpose of operating and improving the Service (including without limitation for fraud prevention, risk assessment, investigation and customer support purposes, analytics, and advertising), to ensure your compliance with these Terms and to comply with applicable law or the order or requirement of a court, consent decree, administrative agency or other governmental body.
- Privacy
You acknowledge that, except as described in these Terms or applicable Enterprise Terms, the information you provide to us or that we collect will be used and protected as described in the Ironclad Privacy Policy.
You acknowledge and agree that we may access, preserve, or share any of your information when we believe in good faith that such sharing is reasonably necessary to investigate, prevent, or take action regarding possible illegal activities or to comply with legal process (e.g. a subpoena or other legal process). We may also share your information in situations involving potential threats to the physical safety of any person, violations of the Ironclad Privacy Policy or our user agreements or terms; or to respond to the claims of violation of the rights of third parties and/or to protect the rights, property and safety of Ironclad, our employees, users, or the public. This may involve the sharing of your information with law enforcement, government agencies, courts, and/or other organizations.
- Customer Data
You are responsible for the data and information that you or your Authorized Users input or upload into the Service (“Customer Data”). You are further responsible for obtaining any necessary right and licenses for use of the Customer Data by your and Ironclad as contemplated in these Terms. You agree that you have the legal right and authority to access, use and disclose to Ironclad any Customer Data. You authorize Ironclad to access, process, and use the Customer Data as necessary to perform and fulfill its obligations hereunder, including to provide the Service. You and your Authorized Users acknowledge that Ironclad may process Customer Data in accordance with the Ironclad Privacy Policy.
- Customer Warranties
You hereby represent and warrant to Ironclad that: (a) you have all requisite rights and authority to use the Service under these Terms and to grant all applicable rights herein; (b) you are responsible for all use of the Service associated with its Account; (c) you are solely responsible for maintaining the confidentiality of its Account names and password(s); (d) you agree to immediately notify Ironclad of any unauthorized use of your Account of which you becomes aware; (e) you agree that Ironclad will not be liable for any losses incurred as a result of a third party's use of your Account, regardless of whether such use is with or without your knowledge and consent; (f) you will use the Service for lawful purposes only and subject to these Terms; (g) any information you submit to Ironclad is true, accurate, and correct; and (h) you will not attempt to gain unauthorized access to the System or the Service, other Accounts, computer systems, or networks under the control or responsibility of Ironclad through hacking, cracking, password mining, or any other unauthorized means.
- Fees
Ironclad reserves the right in the future to require payment of fees for certain or all aspects of the Service, change prices, or institute new charges, upon notice to you, which may be sent by email or posted on the Service. Your use of the Service following such notification constitutes your acceptance of any new or increased charges.
- Modification of the Service
We reserve the right at any time to modify or discontinue the Service (or any part or content thereof) without notice. We shall not be liable to you or to any third party for any modification, suspension or discontinuance of the Service.
- Term and Termination
These Terms are effective unless and until terminated by either you or us. You may terminate your use of the Service at any time by ceasing further use of the Service. Ironclad is also free to terminate (or suspend access to) your use of the Service or your account, for any reason in our discretion, including your breach of these Terms. We have the sole right to decide whether you are in violation of any of the restrictions set forth in these Terms.
If these Terms expire or are terminated for any reason: (a) any and all of your liabilities to Ironclad that have accrued before the effective date of the expiration or termination will survive; (b) licenses and use rights granted to you with respect to the Service and intellectual property will immediately terminate; (c) Ironclad’s obligation to provide any further services to you under these Terms will immediately terminate, except any such services that are expressly to be provided following expiration or termination of these Terms. Any other provisions that, by their nature, should survive termination of these Terms shall survive termination. By way of example, all of the following will survive termination: any obligation you have to pay us or indemnify us, any limitations on our liability, and any terms regarding ownership or intellectual property rights.
- Third Party Content
We may provide, or third parties may provide, links to other third-party websites, services, or resources that are beyond our control. We make no representations or endorsements as to the quality, suitability, functionality, or legality of any third-party content to which links may be provided, and you hereby waive any claim you might have against us with respect to such services. IRONCLAD IS NOT RESPONSIBLE FOR THE CONTENT ON THE INTERNET OR WEB PAGES THAT ARE LOCATED OUTSIDE THE SERVICE OR POSTS OF USER CONTENT. Your correspondence or business dealings with, or participation in promotions of third parties found on or through the Service, including payment and delivery of related goods or services, and any other terms, conditions, warranties, or representations associated with such dealings, are solely between you and such third party or partner. You agree that we are not responsible or liable for any loss or damage of any sort incurred as the result of any such dealings or as the result of the presence of such partners or links to third-party websites or resources on the Service.
- Warranties and Disclaimers
THIS DISCLAIMER SECTION IS AN ESSENTIAL PART OF THESE TERMS.
YOU ACKNOWLEDGE THAT YOU ARE USING THE SERVICE AT YOUR SOLE RISK. TO THE FULLEST EXTENT ALLOWED BY APPLICABLE LAW, THE SERVICE ARE PROVIDED ON AN “AS IS,” “WITH ALL FAULTS,” AND “AS AVAILABLE” BASIS WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE INCLUDING BUT NOT LIMITED TO THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, ACCURACY, COMPLETENESS, RELIABILITY, NON-INFRINGEMENT, OR ANY OTHER WARRANTY, CONDITION, GUARANTEE OR REPRESENTATION, WHETHER ORAL, IN WRITING OR IN ELECTRONIC FORM.
IRONCLAD DOES NOT WARRANT THAT ACCESS TO OR USE OF THE SERVICE WILL FUNCTION WITHOUT INTERRUPTION, WILL MEET YOUR REQUIREMENTS, IS FREE OF MALICIOUS CODE OR THAT IT IS FREE OF ERRORS OR OMISSIONS, OR LOSS OR SECURITY BREACH OF TRANSMITTED INFORMATION, OR THAT NO VIRUSES WILL BE TRANSMITTED THROUGH ACCESS TO OR USE OF THE SERVICE.
YOU ARE ADVISED TO SAFEGUARD YOUR DATA, TO USE CAUTION AND NOT TO RELY IN ANY WAY ON THE CORRECT FUNCTIONING OR PERFORMANCE OF THE SERVICE AND/OR ACCOMPANYING MATERIALS.
CERTAIN STATE LAWS DO NOT ALLOW LIMITATIONS ON IMPLIED WARRANTIES. IF THESE LAWS APPLY TO YOU, SOME OR ALL OF THE FOREGOING DISCLAIMERS, EXCLUSIONS AND LIMITATIONS MAY NOT APPLY TO YOU, AND YOU MIGHT HAVE ADDITIONAL RIGHTS.
- Indemnification
You will defend, indemnify, and hold us, our affiliates, officers, directors, employees, suppliers, consultants, and agents harmless from any and all third-party claims, liability, damages, and costs (including, but not limited to, attorneys' fees) arising from or related to, as applicable: (a) your access to and use of the Service; (b) violation of these Terms by you or your authorized Account user(s), as applicable; (c) infringement of any intellectual property or other right of any person or entity by you; (d) the nature and content of all Customer or Paid Customer data processed by the Service; or (e) any products or services purchased or obtained by you in connection with the Service.
Ironclad retains the exclusive right to settle, compromise, and pay, without your prior consent, any and all claims or causes of action that are brought against us. We reserve the right, at your expense, to assume the exclusive defense and control of any matter for which you are required to indemnify us and you agree to cooperate with our defense of these claims. You agree not to settle any matter in which we are named as a defendant and/or for which you have indemnity obligations without our prior written consent. We will use reasonable efforts to notify you of any such claim, action, or proceeding upon becoming aware of it.
If you are a California resident, you waive California Civil Code Section 1542, which provides: A general release does not extend to claims that the creditor or releasing party does not know or suspect to exist in his or her favor at the time of executing the release, and that if known by him or her would have materially affected his or her settlement with the debtor or released party.
If you are not a California resident, you waive your rights under any statute or common law principle similar to Section 1542 that governs your rights in the jurisdiction of your residence.
- Limitations of Liability
TO THE FULLEST EXTENT ALLOWED BY APPLICABLE LAW, IRONCLAD, ITS AFFILIATES, ITS SUBSIDIARIES, AND ITS THIRD-PARTY SERVICE PROVIDERS SHALL NOT BE LIABLE TO YOU OR ANY THIRD PARTIES FOR ANY DIRECT, INDIRECT, PUNITIVE, SPECIAL, INCIDENTAL, CONSEQUENTIAL, OR EXEMPLARY DAMAGES (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF BUSINESS PROFITS, BUSINESS INTERRUPTION, OR LOSS OF DATA OR INFORMATION), HOWEVER IT ARISES (INCLUDING ATTORNEYS’ FEES AND ALL RELATED COSTS AND EXPENSES OF LITIGATION AND ARBITRATION, OR AT TRIAL OR ON APPEAL, IF ANY, WHETHER OR NOT LITIGATION OR ARBITRATION IS INSTITUTED), REGARDLESS OF THE TYPE OF CLAIM OR THE NATURE OF THE CAUSE OF ACTION, INCLUDING WITHOUT LIMITATION ANY CLAIM FOR BREACH OF CONTRACT, NEGLIGENCE, PERSONAL INJURY OR PROPERTY DAMAGE, ARISING FROM YOUR USE OF THE SERVICE, THIS AGREEMENT, OR ANY VIOLATION BY YOU OF ANY FEDERAL, STATE, OR LOCAL LAWS, STATUTES, RULES, OR REGULATIONS, EVEN IF IRONCLAD HAS BEEN PREVIOUSLY ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
UNDER NO CIRCUMSTANCES WILL THE TOTAL AGGREGATE AMOUNT THAT IRONCLAD IS LIABLE TO YOU EXCEED THE GREATER OF (I) $100.00 OR (II) THE AMOUNTS PAID BY YOU TO IRONCLAD IN CONNECTION WITH THE SERVICE IN THE TWELVE (12) MONTH PERIOD PRECEDING THE EVENT ON WHICH YOUR CLAIM IS BASED. THE FOREGOING CAP ON LIABILITY SHALL NOT APPLY TO LIABILITY OF IRONCLAD FOR (1) DEATH, TANGIBLE PROPERTY DAMAGE, OR PERSONAL INJURY CAUSED BY IRONCLAD’S GROSS NEGLIGENCE OR FOR (2) ANY INJURY CAUSED BY IRONCLAD’S FRAUD OR FRAUDULENT MISREPRESENTATION.
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF PUNITIVE, INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THE PRIOR LIMITATION OR EXCLUSION MAY NOT APPLY TO YOU. THE FOREGOING LIMITATIONS AND EXCLUSIONS OF LIABILITY AND DISCLAIMERS FORM AN ESSENTIAL BASIS OF THE BARGAIN BETWEEN THE PARTIES, AND IRONCLAD WOULD NOT ENTER INTO THIS AGREEMENT WITHOUT SUCH LIMITATIONS, EXCLUSIONS, AND DISCLAIMERS.
- Relationship of the Parties
At all times, you and Ironclad are independent contractors, and are not the agents or representatives of the other. These Terms are not intended to create a joint venture, partnership, or franchise relationship between the parties. Non-parties do not benefit from and cannot enforce these Terms. There are no third-party beneficiaries to these Terms. You must not represent to anyone that you are an agent of Ironclad or are otherwise authorized to bind or commit Ironclad in any way without Ironclad’s prior written authorization.
- General
Electronic Communications.You agree to receive all communications, agreements, and notices that we provide in connection with the Service (“Communications”), including, but not limited to, Communications related to our delivery of the Service via electronic means, including by e-mail, text, in-product notifications, or by posting them on the Service. You agree that all Communications we provide to you electronically satisfy any legal requirement that such Communications be in writing or be delivered in a particular manner and you agree to keep your Account contact information current.
Assignability. You may not assign your rights or obligations, or delegate your responsibilities hereunder without Ironclad’s prior written consent. If consent is given, these Terms will bind your successors and assigns. Any attempt by you to transfer your rights, duties, or obligations under these Terms except as expressly provided in these Terms is void. Ironclad may, at any time, freely assign its rights, duties, and obligations hereunder without notice to you.
Force Majeure. Neither party will be liable hereunder by reason of any failure or delay in the performance of its obligations hereunder (except for the payment of money owed) on account of events beyond the reasonable control of such party, which may include without limitation denial-of-service attacks, strikes, shortages, riots, insurrection, fires, flood, storm, explosions, acts of God, war, terrorism, governmental action, labor conditions, earthquakes and material shortages, internet connectivity. The party affected by the force majeure event will provide notice to the other party within a commercially reasonable time and will use commercially reasonable efforts to resume performance as soon as practicable. Obligations not performed due to a force majeure event will be performed as soon as reasonably possible when the force majeure event concludes.
Governing Law. These Terms and any dispute of any sort that might arise between you and Ironclad will be interpreted in accordance with the law of the State of California and the United States of America without regard to any conflict-of-law or other principles that provide for the application of the law of another jurisdiction. These Terms expressly exclude and disclaim the terms of the U.N. Convention on Contracts for the International Sale of Goods, which shall not apply to any transaction conducted through or otherwise involving the Service.
Venue.Any claim or dispute that between you and Ironclad that arises out of or is related to the Service and is not subject to arbitration or eligible for small claims action, shall be decided exclusively by a court of competent jurisdiction located in San Francisco, California, and you hereby consent to, and waive all defense of lack of personal jurisdiction and forum non conveniens with respect to venue and jurisdiction in the state and federal courts of San Francisco, California.
Entire Agreement. These Terms and any documents expressly incorporated by reference constitute the the final, complete, and exclusive expression of the agreement between you and Ironclad regarding the Service provided under these Terms. These Terms supersede and the parties disclaim any reliance on previous oral and written communications (including any confidentiality agreements pertaining to the Service under these Terms) with respect to the subject matter hereof and apply to the exclusion of any other terms that you seek to impose or incorporate, or which are implied by trade, custom, practice or course of dealing. Ironclad hereby rejects any additional or conflicting terms appearing in a purchase order or any other ordering materials submitted by you and conditions assent solely based on these Terms and conditions of these Terms as offered by Ironclad. Except as explicitly permitted in these Terms, no modification or amendment of these Terms shall be effective unless it is in writing and signed by an authorized agent of the party against whom the modification or amendment is being asserted.
Trade Restrictions. You acknowledge that the Service and any related products, information, documentation, software, technology, technical data, and any derivatives thereof, that Ironclad makes available (collectively “Excluded Data”) are subject to the export control and sanctions laws and regulations of the United States and other countries that may prohibit or restrict access by certain persons or from certain countries or territories currently including, but not limited to, Cuba, the Crimea region of the Ukraine, Sudan, Iran, North Korea and Syria ("Trade Restrictions”). You represent and warrant that you are not: (i) located in an embargoed country or territory, (ii) under the control of an entity organized in or a resident of an embargoed country or territory, (iii) listed on any U.S. government list of persons or entities with which U.S. persons are prohibited from transacting, including, but not limited to, OFAC’s List of Specially Designated Nationals and Other Blocked Persons, the U.S. State Department's Nonproliferation Sanctions lists, the U.S. Commerce Department’s Entity List or Denied Persons List located at https://www.export.gov/article?id=Consolidated-Screening-List; or (iv) subject to end destination export control regulations, such as, but not limited to, the U.S. Export Administration Regulations and U.S. Government EU Dual-Use Regulation EC 428/2009. You are solely responsible for complying with Trade Restrictions for all Excluded Data and any of its content transmitted through the Service.
Language and Translations. Ironclad may provide translations of these Terms or other terms or policies. Translations are provided for informational purposes and if there is an inconsistency or conflict between a translation and the English version, the English version will control.
Waiver. The waiver by either you or Ironclad of any breach of any provision of these Terms does not waive any other breach. The failure of any party to these Terms to insist on strict performance of any covenant or obligation in accordance with these Terms will not be a waiver of such party’s right to demand strict compliance in the future, nor will the same be construed as a novation of these Terms.
Severability. If any part of these Terms is found to be illegal, unenforceable, or invalid in any respect, the remaining portions of these Terms will remain in full force and effect. If any material limitation or restriction on the grant of any license to you under these Terms is found to be illegal, unenforceable, or invalid, the license will immediately terminate.
Interpretation.Any ambiguities in the interpretation of these Terms shall not be construed against the drafting party.
Headings. The headings used throughout these Terms are solely for the convenience of reference and are not to be used as an aid in the interpretation of these Terms.
Consumer Complaints.California users are entitled to the following specific consumer rights notice: The Complaint Assistance Unit of the Division of Consumer Services of the California Department of Consumer Affairs may be contacted in writing at 1625 North Market Blvd., Sacramento, CA 95834, or by telephone at (916) 445-1254 or (800) 952-5210.
- Changes to Terms of Service
We reserve the right, at our sole discretion, to update, change or replace any part of these Terms. The most current version of the Terms will be posted on the Service and it is your responsibility to check our website periodically for changes. If the changes include material changes that affect your rights or obligations, we will notify you of the changes by reasonable means, which could include notification through the Service or via email.Your continued use of the Service following the effective date of any changes to these Terms constitutes acceptance of those changes. If you do not agree to the new Terms, you may not use the Service.
- How to Contact Us
If you have any questions or concerns about the Service or these Terms, please contact us at support@ironcladhq.com.
Effective July 29th 2015 to April 23rd 2021
DownloadTable of Contents
By using this website (the “Site”) or any applications or application plug-ins that are the property of Ironclad, Inc. (“Applications”), you agree to follow and be bound by these terms of service (the “Terms of Service”) and agree to comply with all applicable laws and regulations. In these Terms of Service, the words “you” and “your” refer to each customer, Site visitor, or Application user, “we”, “us” and “our” refer to Ironclad, Inc. and “Services” refers to all services provided by us.
It is your responsibility to review these Terms of Service periodically. If at any time you find these Terms of Service unacceptable or if you do not agree to these Terms of Service, please do not use this Site or any Applications. We may revise these Terms of Use at any time without notice to you. If you have any questions about these Terms of Use, please contact us at support@ironcladapp.com.
Please also review our Privacy Policy, which is incorporated herein by reference.
1. Description of Ironclad.
Ironclad, Inc. (“Ironclad”) provides an online legal portal to provide companies an automated software solution to those who choose to prepare their own legal documents. Customer need not download or even license Ironclad software. The Site includes general information on commonly encountered legal issues. At no time do we review your answers for legal sufficiency, draw legal conclusions, provide legal advice, opinions or recommendations about your legal rights, remedies, defenses, options, selection of forms, or strategies, or apply the law to the facts of your particular situation. Ironclad is not a law firm and may not perform services performed by an attorney. Ironclad and its Services are not substitutes for the advice or services of an attorney.
2. Ironclad is not a law firm.
You understand and agree that Ironclad is not a law firm or an attorney, may not perform services performed by an attorney, and is not the substitute for the advice or services of an attorney. No attorney-client relationship or privilege is created with Ironclad.
If, prior to purchasing a subscription to Ironclad, you believe that Ironclad gave you any legal advice, opinion or recommendation about your legal rights, remedies, defenses, options, selection of forms or strategies, you will not proceed with this purchase, and any purchase that you do make will be null and void.
Ironclad strives to keep its legal documents accurate, current and up-to-date. However, because the law changes rapidly, Ironclad cannot guarantee that all of the information on the Site or Applications is completely current. The law is different from jurisdiction to jurisdiction, and may be subject to interpretation by different courts. The law is a personal matter, and no general information or legal tool like the kind Ironclad provides can fit every circumstance. Furthermore, the legal information contained on the Site and Applications is not legal advice and is not guaranteed to be correct, complete or up-to-date. Therefore, if you need legal advice for your specific problem, or if your specific problem is too complex to be addressed by our tools, you should consult a licensed attorney in your area.
3. Account Information.
When you open an account to use or access certain portions of the Site, Applications, or the Services, you must provide complete and accurate information as requested on the registration form. You will also be asked to provide a user name and password. You are entirely responsible for maintaining the confidentiality of your password. You may not use a third party’s account, user name or password at any time. You agree to notify Ironclad immediately of any unauthorized use of your account, user name or password. Ironclad shall not be liable for any losses you incur as a result of someone else’s use of your account or password, either with or without your knowledge. You may be held liable for any losses incurred by Ironclad, our affiliates, officers, directors, employees, consultants, agents and representatives due to someone else’s use of your account or password.
In connection with the use of certain Ironclad products or services, you may be asked to provide personal information in a questionnaire, application, form or similar document or service. This information will be protected pursuant to our Privacy Policy. In addition, you grant Ironclad a worldwide, royalty-free, nonexclusive, and fully sublicensable license to use, distribute, reproduce, modify, publish and translate this personal information solely for the purpose of enabling your use of the applicable service. You may revoke this license and terminate rights held by Ironclad at any time by removing your personal information from the applicable service.
4. Ownership.
This Site and Applications are owned and operated by Ironclad, Inc. All right, title and interest in and to the materials provided on this Site and Applications, including but not limited to information, documents, logos, graphics, sounds and images (the “Materials”) are owned either by Ironclad or by our respective third party authors, developers or vendors (“Third Party Providers”). Except as otherwise expressly provided by Ironclad, none of the Materials may be copied, reproduced, republished, downloaded, uploaded, posted, displayed, transmitted or distributed in any way and nothing on this Site or on any Applications shall be construed to confer any license under any of Ironclad’s intellectual property rights, whether by estoppel, implication or otherwise. See the “Legal Contact Information” below if you have any questions about obtaining such licenses. Ironclad does not sell, license, lease or otherwise provide any of the Materials other than those specifically identified as being provided by Ironclad. Any rights not expressly granted herein are reserved by Ironclad.
5. Links and Integrations.
This Site and Applications may contain links to websites controlled by parties other than Ironclad (each a “Third Party Site”). Ironclad works with a number of partners and affiliates whose sites are linked with Ironclad. Ironclad may also provide links to other citations or resources with whom it is not affiliated. Ironclad is not responsible for and does not endorse or accept any responsibility for the availability, contents, products, services or use of any Third Party Site, any website accessed from a Third Party Site or any changes or updates to such sites. Ironclad makes no guarantees about the content or quality of the products or services provided by such sites. Ironclad is not responsible for webcasting or any other form of transmission received from any Third Party Site. Ironclad is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement by Ironclad of the Third Party Site, nor does it imply that Ironclad sponsors, is affiliated or associated with, guarantees, or is legally authorized to use any trade name, registered trademark, logo, legal or official seal, or copyrighted symbol that may be reflected in the links. You acknowledge that you bear all risks associated with access to and use of content provided on a Third Party Site and agree that Ironclad is not responsible for any loss or damage of any sort you may incur from dealing with a third party. You should contact the site administrator for the applicable Third Party Site if you have any concerns regarding such links or the content located on any such Third Party Site.
6. Form Documents.
On our Site, through our Applications, and through certain partners, we offer self-help “fill in the blank” forms. You understand that your purchase, download, and/or- use of a form document is neither legal advice nor the practice of law, and that each form and any applicable instructions or guidance is not customized to your particular needs.
Ironclad grants you a limited, personal, non-exclusive, non-transferable license to use our forms (the “Forms”) for your own personal, internal business use, or if you are an attorney or professional, for your client. Except as otherwise provided, you acknowledge and agree that you have no right to modify, edit, copy, reproduce, create derivative works of, reverse engineer, alter, enhance or in any way exploit any of the Forms in any manner, except for modifications in filling out the Forms for your authorized use. You shall not remove any copyright notice from any Form.
By ordering or downloading Forms, you agree that the Forms you purchase or download may only be used by you for your personal or business use or used by you in connection with your client and may not be sold or redistributed without the express written consent of Ironclad.
7. Disclaimer of Warranty.
THE SITE, APPLICATIONS, AND ALL MATERIALS, DOCUMENTS OR FORMS PROVIDED ON OR THROUGH YOUR USE OF THE SITE OR APPLICATIONS ARE PROVIDED ON AN “AS IS” AND “AS AVAILABLE” BASIS. TO THE FULLEST EXTENT PERMITTED BY LAW, IRONCLAD EXPRESSLY DISCLAIMS ALL WARRANTIES OF ANY KIND, WHETHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT.
IRONCLAD MAKES NO WARRANTY THAT: (A) THE SITE, APPLICATIONS, OR THE MATERIALS WILL MEET YOUR REQUIREMENTS; (B) THE SITE, APPLICATIONS, OR THE MATERIALS WILL BE AVAILABLE ON AN UNINTERRUPTED, TIMELY, SECURE OR ERROR-FREE BASIS; (C) THE RESULTS THAT MAY BE OBTAINED FROM THE USE OF THE SITE, APPLICATIONS, OR ANY MATERIALS OFFERED THROUGH THE SITE OR APPLICATIONS, WILL BE ACCURATE OR RELIABLE; OR (D) THE QUALITY OF ANY PRODUCTS, SERVICES, INFORMATION OR OTHER MATERIAL PURCHASED OR OBTAINED BY YOU THROUGH THE SITE, APPLICATIONS, OR IN RELIANCE ON THE MATERIALS WILL MEET YOUR EXPECTATIONS.
OBTAINING ANY MATERIALS THROUGH THE USE OF THE SITE OR APPLICATIONS IS DONE AT YOUR OWN DISCRETION AND AT YOUR OWN RISK. IRONCLAD SHALL HAVE NO RESPONSIBILITY FOR ANY DAMAGE TO YOUR COMPUTER SYSTEM OR LOSS OF DATA THAT RESULTS FROM THE DOWNLOAD OF ANY CONTENT, MATERIALS, INFORMATION OR SOFTWARE.
NOTWITHSTANDING THE ABOVE, IRONCLAD OFFERS A 60 DAY SATISFACTION GUARANTEE, WHICH CAN BE INITIATED BY EMAILING US AT SUPPORT@IRONCLADAPP.COM.
8. Limitation of Liability.
EXCEPT AS PROHIBITED BY LAW, YOU WILL HOLD IRONCLAD AND ITS OFFICERS, DIRECTORS, EMPLOYEES, AND AGENTS HARMLESS FOR ANY INDIRECT, PUNITIVE, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGE, HOWEVER IT ARISES (INCLUDING ATTORNEYS’ FEES AND ALL RELATED COSTS AND EXPENSES OF LITIGATION AND ARBITRATION, OR AT TRIAL OR ON APPEAL, IF ANY, WHETHER OR NOT LITIGATION OR ARBITRATION IS INSTITUTED), WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE, OR OTHER TORTIOUS ACTION, OR ARISING OUT OF OR IN CONNECTION WITH THIS AGREEMENT, INCLUDING WITHOUT LIMITATION ANY CLAIM FOR PERSONAL INJURY OR PROPERTY DAMAGE, ARISING FROM THIS AGREEMENT AND ANY VIOLATION BY YOU OF ANY FEDERAL, STATE, OR LOCAL LAWS, STATUTES, RULES, OR REGULATIONS, EVEN IF IRONCLAD HAS BEEN PREVIOUSLY ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. EXCEPT AS PROHIBITED BY LAW, IF THERE IS LIABILITY FOUND ON THE PART OF IRONCLAD, IT WILL BE LIMITED TO THE AMOUNT PAID FOR THE PRODUCTS AND/OR SERVICES, AND UNDER NO CIRCUMSTANCES WILL THERE BE CONSEQUENTIAL OR PUNITIVE DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF PUNITIVE, INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THE PRIOR LIMITATION OR EXCLUSION MAY NOT APPLY TO YOU.
9. Compliance with Intellectual Property Laws.
When accessing Ironclad or using the Ironclad legal document preparation Service, you agree to obey the law and you agree to respect the intellectual property rights of others. Your use of the Service and the Site is at all times governed by and subject to laws regarding copyright, trademark and other intellectual property ownership. You agree not to upload, download, display, perform, transmit or otherwise distribute any information or content in violation of any third party’s copyrights, trademarks or other intellectual property or proprietary rights. You agree to abide by laws regarding copyright ownership and use of intellectual property, and you shall be solely responsible for any violations of any relevant laws and for any infringements of third party rights caused by any content you provide or transmit or that is provided or transmitted using your Ironclad user account.
Ironclad has adopted a policy that provides for the immediate removal of any content, article or materials that have infringed on the rights of Ironclad or of a third party or that violate intellectual property rights generally. Ironclad’s policy is to remove such infringing content or materials and investigate such allegations immediately.
10. Inappropriate Content.
When accessing the Site, any Applications, or using Ironclad’s Services, you agree not to upload, download, display, perform, transmit or otherwise distribute any content that: (i) is libelous, defamatory, obscene, pornographic, abusive or threatening; (b) advocates or encourages conduct that could constitute a criminal offense, give rise to civil liability or otherwise violate any applicable local, state, national or foreign law or regulation; or (c) advertises or otherwise solicits funds or is a solicitation for goods or services. Ironclad reserves the right to terminate or delete such material from its servers. Ironclad will cooperate fully with any law enforcement officials or agencies in the investigation of any violation of these Terms of Service or of any applicable laws.
11. Governing Law; Venue.
Any legal action or proceeding relating to your access to or use of the Site, an Application, or Materials is governed by Federal Court in in San Francisco, California. These Terms of Use expressly exclude and disclaim the terms of the U.N. Convention on Contracts for the International Sale of Goods, which shall not apply to any transaction conducted through or otherwise involving this Site or an Application.
12. Copyrights.
All Site design, text, graphics, the selection and arrangement thereof, Copyright ©, Ironclad, Inc. ALL RIGHTS RESERVED.
13. Trademarks.
Ironclad, Ironclad, Inc., the Ironclad Logo, all images and text, and all page headers, custom graphics and button icons are service marks, trademarks and/or trade dress of Ironclad. All other trademarks, product names and company names or logos cited herein are the property of their respective owners.
14. No Use by Minors.
You agree that by using the Site, any Applications, and the Services you are at least 18 years of age and you are legally able to enter into a contract.
15. Right to Refuse.
You acknowledge that Ironclad reserves the right to refuse service to anyone and to cancel user access at any time.
16. Acknowledgement.
BY USING IRONCLAD’S SERVICES OR ACCESSING THE IRONCLAD SITE OR APPLICATIONS, YOU ACKNOWLEDGE THAT YOU HAVE READ THESE TERMS OF USE AND AGREE TO BE BOUND BY THEM.
17. Limits on customized templates.
Some of our plans allow you to submit your own custom template documents that you or your attorney have created. We may be unable to process some of these documents due to technological limitations on our part, particularly if they contain complex internal logic. If we are unable to process your document, we will notify you and offer you the choice of an additional piece rate charge to process your template or the option to downgrade your plan.
Privacy Policy
Effective March 11th 2025
DownloadTable of Contents
Ironclad, Inc. (“Ironclad” “We”, “Us”) is sensitive to your concerns about how we use the personal information we collect from you through Ironclad’s website (the “Site”) and other plug-ins exchanging information with Ironclad (“Applications”). (The Site and Applications are sometimes collectively referred to as “Online Services” for simplicity.) This Privacy Policy covers Ironclad’s treatment of the Personally Identifiable Information we collect when you use the Online Services. It also describes the choices available to you regarding our use of your personal information and how you can access and update this information. By using Ironclad Online Services, you accept the terms of this Privacy Policy. If you have questions or concerns about the Privacy Policy, please contact Customer Care at privacy@ironcladhq.com.
For purposes of data protection laws, Ironclad Inc., 650 California Street, Suite 1100, San Francisco, CA 94108, is the entity responsible for your information.
What information do we collect?
Information You Provide to Us
Ironclad requires each customer to provide us with personal information (collectively “Personally Identifiable Information”) to access and use Ironclad products and services. Personally Identifiable Information is captured when a visitor accesses Online Services, or speaks on the phone with or emails an Ironclad employee, and willingly discloses that information. This disclosure may occur when a visitor registers with an Online Service, engages in transactions, contacts customer service, or participates in contests, promotions, surveys, forums, content submissions, requests for suggestions, or other aspects of services offered by Ironclad.
Personally Identifiable Information includes: (i) “Contact Data” (such as your name, address, city, state, zip code, phone number, and email address); (ii) “Financial Data” (such as your credit card number, expiration date, and verification code or bank account information); (iii) “Demographic Data” (such as your zip code and sex).
Calls/Electronic Communications. In the regular course of our business, Ironclad may monitor and record phone conversations or email communications between you and Ironclad employees for training and quality assurance purposes. We may receive a confirmation when you open or click on content in an email from us, which helps us make our communications to you more useful and interesting.
Surveys, Sweepstakes, and Contests. We may provide you the opportunity to participate in surveys on our site, to measure customer satisfaction. If you participate, we may request certain personally identifiable information from you. Participation in these surveys, sweepstakes, or contests is completely voluntary and you therefore have a choice whether or not to disclose this information. The requested information typically includes name, email address, and mailing address.
Testimonials and Reviews. We may display personal testimonials of satisfied customers. We will ask for your specific consent as part of the survey. If you wish to update or delete your testimonial, you can contact us at support@ironcladhq.com. We may also display customer reviews. If you provide a review that we display and wish to update or delete it, you can also contact us at support@ironcladhq.com.
Information We Collect Automatically.
Traffic Data. Ironclad or its third-party service providers may collect a variety of visitor data such as IP addresses, browser settings, internet service provider (ISP) information, referring/exit pages, operating systems, date/time stamps, and clickstream data (collectively “Visitor Data”). The Ironclad internal servers and software automatically recognize Visitor Data. The Site may use Visitor Data to compile traffic data about the types of visitors who use the Site at specific intervals (collectively “Traffic Data”).
We may use Traffic Data to analyze Site traffic. We may also use Traffic Data to diagnose problems with our server, administer our Site, or display content according to your preferences. Visitor Data and Traffic Data may also be disclosed to business partners, affiliates, or advertisers on an aggregated and anonymous basis.
Cookies. Ironclad may use the standard cookie feature of major browser applications and third-party providers, including Google Analytics features (Remarketing, Google Display Network Impression Reporting, the DoubleClick Campaign Manager Integration and Google Analytics Demographics and Interest Reporting), or employ internally developed cookies, clear GIFs, pixel tags, tracking codes, and other technologies that allow Ironclad to store a small piece of data on a visitor’s computer, or any other device a visitor uses to access Online Services, about his or her visit to the Site or use of Applications. You can remove persistent cookies by following directions provided in your Internet browser’s “help” directory. If you reject cookies, you may still use our site, but your ability to use some areas of our site will be limited.
Location Information. When you use the Online Services, we may collect general location information (such as general location inferred from an IP address).
Information from Other Sources. We may collect information about you from third parties, such as marketing partners and researchers. Our customers may give us information about you, such as your Contact Data, in order to facilitate contracting through our Online Services. We may combine this information with information we collect from you and use it as described in this Privacy Policy.
How do we use the information we collect?
We use information we collect from the Online Services to: provide you with the Online Services; communicate with you; process your orders; manage and remember your preferences and customize the Online Services; analyze and improve the Online Services or any other products and Online Services we provide; improve our advertising and marketing; verify your identity; facilitate your transactions with our third-party marketing partners; inform you of offers and discounts; comply with our legal obligations or as permitted by law; protect the safety and/or integrity of our users, employees, third parties, members of the public, and/or the Online Services; and prevent fraud and enforce our legal terms.
We may combine information that we collect from you through the Online Service with information that we obtain from other sources. We may also aggregate and/or de-identify information collected through the Online Services. We may use de-identified or aggregated data for any purpose, including without limitation for research and marketing purposes.
How do we disclose the information we receive?
Except as disclosed here, we do not rent, sell, or disclose your personal information to third parties. We disclose customer information as follows:
- Order Processing. Ironclad, sometimes with the assistance of a third party or Ironclad subsidiary, may use your Personally Identifiable Information to process your payment through merchant account services, and to generate the products and services you order. Your Contact Data may be used to follow up with you on transactions you initiate through Online Services, respond to inquiries made through Online Services, inform you of changes to Online Services, and send you additional information about Ironclad and its products and services.
- Third Party Marketing. Unless specifically authorized by you, we do not provide Personally Identifiable Information to third parties for marketing purposes. If you express interest in a third party offer or purchase a package that includes a third party offer, we may provide your Personally Identifiable Information to that third party solely in connection with the offer you have selected.
- Required by Law. We may also disclose your personal information: as required by law, such as in response to a subpoena or similar legal process, in response to a lawful request by public authorities to meet national security requirements, and when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a legal request.
- Visitor Demographics. Contact Data and Traffic Data are used to gather general statistics about our customers and visitors. We may use Demographic Data to generate collective information about our users, but not in a way that identifies any user specifically. For example, we may inform third parties about the number of registered users and unique visitors, and the pages most frequently browsed.
- Service Providers. We may disclose your Personally Identifiable Information to companies that provide support services to us (such as a printer or email service provider), or help us market our products and services. These companies may need information about you in order to perform their functions.
- Blogs and Forums. The Site may include a publicly accessible blog and interactive forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. You should use caution when deciding whether to disclose your personal information in these areas of the site. To request removal of your personal information from our community forums, contact us at support@ironcladhq.com. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.
- Other Transfers. We may disclose Personally Identifiable Information and other data to businesses controlling, controlled by, or under common control with Ironclad. If Ironclad is merged, acquired, or sold, or if some or all of our assets or equity are transferred, we may disclose or transfer Personally Identifiable Information and other data in connection with the associated transactions.
- Bankruptcy. In the event of an Ironclad bankruptcy, insolvency, reorganization, receivership, or assignment for the benefit of creditors, or the application of laws or equitable principles affecting creditors’ rights generally, we may not be able to control how your personal information is treated, transferred, or used. If such an event occurs, your Personally Identifiable Information may be treated like any other Ironclad asset and sold, transferred, or disclosed to third parties, or used in ways not contemplated or permitted under this Privacy Policy. In this case, you will be notified via email and/or a prominent notice on our site of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
- Consent. In addition to the disclosures described in this Policy, we may disclose information about you whenever you consent to or direct such disclosure.
Analytics & Advertising
Analytics. We may use third-party web analytics services on the Online Services, such as those of Google Analytics. These service providers use the sort of technology described in the “Information We Collect Automatically” section above to help us analyze how users use the Online Services, including by noting the third-party website from which you arrive. The information collected by the technology will be disclosed to or collected directly by these service providers, who use the information to evaluate your use of the Service. We also use Google Analytics for certain purposes related to advertising, as described in the following section. To prevent Google Analytics from using your information for analytics, you may install the Google Analytics Opt-Out Browser Add-on.
Advertising. Our partners and affiliates, including Google Analytics (Remarketing, Google Display Network Impression Reporting, the DoubleClick Campaign Manager Integration, and Google Analytics and Interest Reporting), may use cookies and web beacons to collect information about your activities on this and other websites to provide you targeted advertising based upon your interests. This means that these partners and affiliates may show our ads on sites across the Internet based upon your previous visits to our site. Together with our partners and affiliates, we may use these cookies and web beacons to report how your ad impressions, other uses of ad services, and interactions with these ad impressions and ad services are related to your visits to our site.
The use of tracking technologies by our service providers, technology partners or other third party assets (such as social media links) on the site is not covered by our Privacy Policy. We do not have access or control over these technologies.
If you would like to learn more or opt out of receiving online display advertising tailored to your interests, please visit the Networking Advertising Initiative at www.networkadvertising.org/managing/opt_out.asp or the Digital Advertising Alliance at http://aboutads.info/choices. Please note this does not opt you out of being served advertising. You will continue to receive generic ads. If you delete your cookies, use a different browser, or buy a new computer, you will need to renew your online display advertising opt-out choice. To opt out of Google Analytics for Display Advertising or customize Google Display Network ads, you can visit the Google Ads Settings page.
Do Not Track. We do not recognize or respond to browser-initiated Do Not Track signals, as the Internet industry is currently still working on Do Not Track standards, implementations, and solutions.
Data we process on behalf of our customers
We receive information from and on behalf of our customers when they use our Online Services. Because of the nature of the services, this information may contain any type of personal identifiable information, including Contact Data, Financial Data, Demographic Data, and Legal Data (such as social security numbers, company information, trade secrets, inventions, and idea submissions and other sensitive information necessary to generate legal documents). We process such data only in accordance with our customers’ instructions. For such data, the customer is the "data controller" (for purposes of GDPR) or the “business” (for purposes of the CCPA) and is responsible for most aspects of the processing of the personal information. If you have any questions or concerns about how your personal information is processed in these cases, including how to exercise your rights as a data subject, please contact the customer. If we receive any rights requests concerning instances where we act as data processor, we will forward your query on to the relevant customer.
We may also collect the information of third party individuals on behalf of our customers. For example, our customers may use our service to collect counterparty information to populate a contract. Ironclad primarily uses this information for the purpose of administering and improving its services for our customers. Where the third party individual chooses to create an Ironclad account with us, however, we will process their information in accordance with this Privacy Policy.
Third-Party Websites
Ironclad may maintain links to other websites and other websites may maintain links to the Online Services. This Privacy Policy applies only to ironcladapp.com and not to other websites accessible from Ironclad or that you use to access Ironclad, each of which may have privacy policies materially different from this Privacy Policy. If you visit other websites, Ironclad is not responsible for the privacy practices or content of those sites. It is your responsibility to review the privacy policies of non-Ironclad websites to confirm that you understand and agree with them.
Your Options
You may choose not to provide Ironclad with Personally Identifiable Information or you may turn off cookies in your browser by changing its settings. If you make these decisions, you may continue to use the Online Services and browse its pages. However, Ironclad cannot process orders without Personally Identifiable Information.
User and Authorized Contact Access to Order Information. Ironclad will give you, or anyone listed as an authorized contact for your account, information about your order. This may include information about the nature and status of your order, information you provided to process your order, payment information, and contact information. If you want someone to have access to your order, you must list them as an authorized contact or they may not obtain information.
Deleting Your Information. If you no longer desire our services, or if you want to remove your Personally Identifiable Information from our Site, you may terminate your account by contacting support@ironcladhq.com.
Opting Out of Marketing. We send promotional emails and newsletters from time to time to users who have registered on the site and to those who have opted in to receive such emails. You can opt-out of promotional communications by following the unsubscribe instructions in any communication or by emailing us at support@ironcladhq.com. Generally, you may not opt-out of service-related or transactional communications, which are not promotional. If you do not wish to receive service-related communications, however, you may terminate your account by contacting support@ironcladhq.com.
Data Retention
At minimum, we will retain your information for as long as needed to provide you services, and as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Ironclad may maintain some or all of this data in its archives even after it has been removed from the Site.
Data Security
We strive to make certain that our servers and connections incorporate the latest encryption and security devices. We have implemented physical, electronic, and managerial procedures to safeguard and secure the information we collect. Credit card and personal information are transmitted by secure servers (SSL). In the event that we mail you documents, documents are delivered to you via UPS or similar overnight delivery services, the United States Postal Service, or email. Unfortunately, no data transmission is guaranteed to be 100% secure and we therefore cannot guarantee the security of information you transmit to or from the Site, Applications, or through the use of our services, and you provide this information at your own risk. ACCORDINGLY, WE DISCLAIM LIABILITY FOR THE THEFT, LOSS, OR INTERCEPTION OF, OR UNAUTHORIZED ACCESS OR DAMAGE TO, YOUR DATA OR COMMUNICATIONS BY USING THE SITE, APPLICATIONS, AND OUR SERVICES. YOU ACKNOWLEDGE THAT YOU UNDERSTAND AND ASSUME THESE RISKS.
IF YOU BELIEVE YOUR PRIVACY HAS BEEN BREACHED THROUGH USE OF OUR WEBSITE, APPLICATIONS, OR OTHER SERVICES PLEASE CONTACT US IMMEDIATELY AT privacy@ironcladhq.com.
EEA, Switzerland, and UK Individuals
Legal Bases for Use of Your Information. Our legal grounds for processing your information are as follows:
- To honor our contractual commitments to you: Much of our processing of personal data is to meet our contractual obligations to our users, or to take steps at users’ requests in anticipation of entering into a contract with them. For example, we handle personal data on this basis to allow you to sign up for our Online Services.
- Consent: Where required by law, and in some other cases, we handle personal data on the basis of your implied or express consent.
- Legitimate interests: In many cases, we handle personal data on the ground that it furthers our legitimate interests in commercial activities in ways that are not overridden by the interests or fundamental rights and freedoms of the affected individuals. This includes: operating our business and the Online Services; providing security for our websites, products, software, or applications; marketing; receiving payments; preventing fraud; and knowing the customer to whom we are providing the Online Services.
- Legal compliance: We need to use and disclose personal data in certain ways to comply with our legal obligations (such as our obligation to disclose data to tax authorities).
Data Subject Rights. Residents of the European Economic Area (“EEA”), Switzerland, and the UK can exercise certain data subject rights available to them under applicable data protection laws. Where such rights apply, we will comply with requests to exercise these rights in accordance with applicable law. Please note, however, that certain information may be exempt from such requests in some circumstances, which may include if we need to keep processing your information for our legitimate interests or to comply with a legal obligation. If these rights apply to you, they may permit you to request that we:
- provide access to and/or a copy of certain information we hold about you
- prevent the processing of your information for direct-marketing purposes (including any direct marketing processing based on profiling)
- update information which is out of date or incorrect
- delete certain information which we are holding about you
- restrict the way that we process and disclose certain of your information
- transfer your information to a third party provider of services
- revoke your consent for the processing of your information
For more information on how to exercise these rights, please contact us using the information in the “Contact Us” section below. If applicable, you may make a complaint to the data protection supervisory authority in the country where you are based. Alternatively, you may seek a remedy through local courts if you believe your rights have been breached.
In instances where we process personal information on behalf of our customer, rights requests should be directed to the relevant customer. Any request sent directly to us that pertains to information collected on behalf of a customer will be forwarded on to that customer.
International Data Transfers. Information submitted to Ironclad will be transferred to, processed, and stored in the United States, or for certain customers, the European Union. If you post or transfer any information to or through the Online Services, you are agreeing to such information, including Personally Identifiable Information, being hosted and accessed in the United States or the European Union. Please note that the privacy laws of the United States and the European Union may be different from those in the place where you are a resident.
Where required, we will use appropriate safeguards for transferring data outside of the EEA, Switzerland, and the UK. This includes signing Standard Contractual Clauses that govern the transfers of such data, which may be used in conjunction with additional safeguards. Ironclad is also certified under the Data Privacy Framework, see Ironclad's Data Privacy Framework notice here. For more information about these transfer mechanisms, please contact us as detailed in the “Contact us” section below.
Supplemental Privacy Notice for California Residents
This Supplemental Privacy Notice supplements the information in our Privacy Policy above, and except as provided herein, applies solely to California residents. It applies to personal information we collect on or through the Online Services and through other means (such as information collected offline, in person, and over the telephone). It does not apply to personal information we collect from our employees and job applicants in their capacity as employees and job applicants. It also does not apply to personal information we process as a service provider.
Summary of Information We Collect
If you are a California resident, California law requires us to provide you with some additional information regarding how we collect, use, and disclose your “personal information” and "sensitive personal information" (as defined in the California Consumer Privacy Act (“CCPA”)).
Throughout our Privacy Policy, we describe the specific pieces of personal information and sensitive personal information we collect, the sources of that information, and how we disclose it. Under the CCPA, we also have to provide you with the "categories" of personal information we collect and disclose for “business purposes” (as those terms are defined by applicable law). Those categories are identifiers (such as name, address, email address, phone number, other account information, and cookies); commercial information (such as transaction data); financial data (such as credit card and other financial account information); internet or other network or device activity (such as IP address or service usage); geolocation information (general location); inference data about you; sensory information (such as audio recordings if you call customer service); professional or employment related data; education data; insurance (including health insurance) information; medical information; physical characteristics or description; legally protected classifications (such as gender); other information that identifies or can be reasonably associated with you.The categories of sensitive personal information are account log-in, financial account information, and password or other credentials allowing access to your account.
We collect the categories of personal information identified above from the following sources: (1) directly from you; (2) through your use of the Online Services; (3) affiliates; and (4) third parties such as social networks and other Ironclad users.
We or our service providers may collect and disclose the above categories of information for the purposes described in our Privacy Policy. This includes the following business or commercial purposes (as those terms are defined in applicable law):
- Our or our service provider’s operational purposes;
- Auditing consumer interactions on our site;
- Detecting, protecting against, and prosecuting security incidents and fraudulent or illegal activity;
- Bug detection and error reporting;
- Customizing content that we or our service providers display on the Online Services;
- Providing the Online Services (e.g., account servicing and maintenance, order processing and fulfillment, customer service, advertising and marketing, analytics, and communication about the Online Services);
- Improving the Online Services and developing new services (e.g., by conducting research to develop new products or features);
- Other uses that advance our commercial or economic interests, such as third party advertising and communicating with you about relevant offers from third party partners;
- Other uses about which we notify you.
We may also use the above categories of personal information for compliance with applicable laws and regulations, and we may combine the information we collect (“aggregate”) or remove pieces of information (“de-identify”) to limit or prevent identification of any particular user or device.
We describe our information disclosure practices in our Privacy Policy. We may disclose certain categories of personal information with third parties (as defined by the CCPA) for the business purposes described above. For example, we may disclose identifiers and other information that identifies or can reasonably be associated with you with counterparties to your agreements. We may disclose identifiers with our marketing partners, and we may also disclose any of the categories described above with our subsidiaries and affiliates. If you connect your account with social media services or interact with social media plugins or links on the Online Service, we may disclose identifiers, commercial information, internet or other network or device activity, or general location with those social media services.
Consumer Rights
If you are a California resident, you may have certain rights. California law may permit you to request that we:
- Provide you the categories of personal information we have collected or disclosed about you; the categories of sources of such information; the business or commercial purpose for "collecting," "selling," or "sharing" your personal information; the categories of third parties to whom we disclose or "sell," or with whom we "share," personal information; and the categories of personal information we "sell."
- Provide access to and/or a copy of certain information we hold about you.
- Delete certain information we have about you.
- Correct inaccurate personal information that we maintain about you.
You may have the right to receive information about the financial incentives that we offer to you (if any). You also have the right to not be discriminated against (as provided for in applicable law) for exercising certain of your rights. Certain information may be exempt from such requests under applicable law. We need certain types of information so that we can provide the Online Services to you. If you ask us to delete it, you may no longer be able to access or use the Online Services.
In instances where we process personal information on behalf of our customer, rights requests should be directed to the relevant customer. Any request sent directly to us that pertains to information collected on behalf of a customer will be forwarded on to that customer.
If you would like to exercise any of these rights, you can submit a request at privacy@ironcladhq.com, call (855) 999-4766, or submit the Consumer Rights Request Form. You will be required to verify your identity before we fulfill your request. To do so, you will need to provide information to match with our existing records to verify your identity, depending on the nature of the request and the sensitivity of the information sought. You can also designate an authorized agent to make a request on your behalf. To do so, you must provide us with written authorization or a power of attorney, signed by you, for the agent to act on your behalf. You will still need to verify your identity directly with us.
“Sale” of Personal Information
California residents may opt out of the "sale" of their personal information. The CCPA broadly defines "sale" in a way that may include allowing third parties to receive certain information such as cookie identifiers, IP addresses and/or browsing behavior to add to a profile about your device, browser or you. Such profiles may enable delivery of interest-based advertising by such third parties within their platform or on other sites.
Depending on how you use the Service, we may disclose the following categories of information for such interest-based advertising, which may be considered a “sale” as defined by the CCPA: identifiers (such as IP address, device identifiers, and cookies) and internet and device activity. To opt out of such "sales," please submit a request to privacy@ironcladhq.com or submit the Consumer Rights Request Form.
"Sharing" of Personal Information
California residents may opt out of the "sharing" of their personal information. The CCPA defines "sharing" as the targeting of advertising to a consumer based on that consumer's personal information obtained from the consumer's activity across websites. We "share" information fo these purposes to provide more relevant and tailored advertising to you regarding our Services. As part of this advertising, we may "share" identifiers (such as IP address, device identifiers, and cookies) and internet and device activity with advertising platforms and advertising networks. To opt out of such "sharing," please submit a request to privacy@ironcladhq.com or submit the Consumer Rights Request Form.
Children Under 16
We do not knowingly "sell" or "share" the personal information of children under 16.
Sensitive Personal Information
The CCPA also allows you to limit the use or disclosure of your "sensitive personal information" (as defined in the CCPA) if your sensitive personal information is used for certain purposes. Please note that we do not use or disclose sensitive personal information other than for purposes for which you cannot opt out under the CCPA.
Retention of Your Personal Information
Please see the "Data Retention" section above.
California Shine the Light
We do not disclose personal information to third parties for their direct marketing purposes.
Children’s Privacy
The Online Services are not directed to children under the age of 13. We do not knowingly collect personal information (as that term is defined in the Children’s Online Privacy Protection Act (COPPA)) from children under 13. If we discover that an individual under 13 has provided us with personal information, we will delete the personal information to the extent required by COPPA.
We do not knowingly process data of EU residents under the age of 16 without parental consent. If we become aware that we have collected data from an EU resident under the age of 16 without parental consent, we will take reasonable steps to delete it as soon as possible.
Changes to this Policy
We may update this privacy policy to reflect changes to our information practices. If we make any material changes a notice may be posted on this page along with the updated Privacy Policy prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.
Contact Us
If you have any questions or concerns regarding our Privacy Policy, please contact us at privacy@ironcladhq.com.
Effective October 16th 2024 to March 11th 2025
DownloadTable of Contents
Ironclad, Inc. (“Ironclad” “We”, “Us”) is sensitive to your concerns about how we use the personal information we collect from you through Ironclad’s website (the “Site”) and other plug-ins exchanging information with Ironclad (“Applications”). (The Site and Applications are sometimes collectively referred to as “Online Services” for simplicity.) This Privacy Policy covers Ironclad’s treatment of the Personally Identifiable Information we collect when you use the Online Services. It also describes the choices available to you regarding our use of your personal information and how you can access and update this information. By using Ironclad Online Services, you accept the terms of this Privacy Policy. If you have questions or concerns about the Privacy Policy, please contact Customer Care at privacy@ironcladhq.com.
For purposes of data protection laws, Ironclad Inc., 650 California Street, Suite 1100, San Francisco, CA 94108, is the entity responsible for your information.
What information do we collect?
Information You Provide to Us
Ironclad requires each customer to provide us with personal information (collectively “Personally Identifiable Information”) to access and use Ironclad products and services. Personally Identifiable Information is captured when a visitor accesses Online Services, or speaks on the phone with or emails an Ironclad employee, and willingly discloses that information. This disclosure may occur when a visitor registers with an Online Service, engages in transactions, contacts customer service, or participates in contests, promotions, surveys, forums, content submissions, requests for suggestions, or other aspects of services offered by Ironclad.
Personally Identifiable Information includes: (i) “Contact Data” (such as your name, address, city, state, zip code, phone number, and email address); (ii) “Financial Data” (such as your credit card number, expiration date, and verification code or bank account information); (iii) “Demographic Data” (such as your zip code and sex).
Calls/Electronic Communications. In the regular course of our business, Ironclad may monitor and record phone conversations or email communications between you and Ironclad employees for training and quality assurance purposes. We may receive a confirmation when you open or click on content in an email from us, which helps us make our communications to you more useful and interesting.
Surveys, Sweepstakes, and Contests. We may provide you the opportunity to participate in surveys on our site, to measure customer satisfaction. If you participate, we may request certain personally identifiable information from you. Participation in these surveys, sweepstakes, or contests is completely voluntary and you therefore have a choice whether or not to disclose this information. The requested information typically includes name, email address, and mailing address.
Testimonials and Reviews. We may display personal testimonials of satisfied customers. We will ask for your specific consent as part of the survey. If you wish to update or delete your testimonial, you can contact us at support@ironcladhq.com. We may also display customer reviews. If you provide a review that we display and wish to update or delete it, you can also contact us at support@ironcladhq.com.
Information We Collect Automatically.
Traffic Data. Ironclad or its third-party service providers may collect a variety of visitor data such as IP addresses, browser settings, internet service provider (ISP) information, referring/exit pages, operating systems, date/time stamps, and clickstream data (collectively “Visitor Data”). The Ironclad internal servers and software automatically recognize Visitor Data. The Site may use Visitor Data to compile traffic data about the types of visitors who use the Site at specific intervals (collectively “Traffic Data”).
We may use Traffic Data to analyze Site traffic. We may also use Traffic Data to diagnose problems with our server, administer our Site, or display content according to your preferences. Visitor Data and Traffic Data may also be disclosed to business partners, affiliates, or advertisers on an aggregated and anonymous basis.
Cookies. Ironclad may use the standard cookie feature of major browser applications and third-party providers, including Google Analytics features (Remarketing, Google Display Network Impression Reporting, the DoubleClick Campaign Manager Integration and Google Analytics Demographics and Interest Reporting), or employ internally developed cookies, clear GIFs, pixel tags, tracking codes, and other technologies that allow Ironclad to store a small piece of data on a visitor’s computer, or any other device a visitor uses to access Online Services, about his or her visit to the Site or use of Applications. You can remove persistent cookies by following directions provided in your Internet browser’s “help” directory. If you reject cookies, you may still use our site, but your ability to use some areas of our site will be limited.
Location Information. When you use the Online Services, we may collect general location information (such as general location inferred from an IP address).
Information from Other Sources. We may collect information about you from third parties, such as marketing partners and researchers. Our customers may give us information about you, such as your Contact Data, in order to facilitate contracting through our Online Services. We may combine this information with information we collect from you and use it as described in this Privacy Policy.
How do we use the information we collect?
We use information we collect from the Online Services to: provide you with the Online Services; communicate with you; process your orders; manage and remember your preferences and customize the Online Services; analyze and improve the Online Services or any other products and Online Services we provide; improve our advertising and marketing; verify your identity; facilitate your transactions with our third-party marketing partners; inform you of offers and discounts; comply with our legal obligations or as permitted by law; protect the safety and/or integrity of our users, employees, third parties, members of the public, and/or the Online Services; and prevent fraud and enforce our legal terms.
We may combine information that we collect from you through the Online Service with information that we obtain from other sources. We may also aggregate and/or de-identify information collected through the Online Services. We may use de-identified or aggregated data for any purpose, including without limitation for research and marketing purposes.
How do we disclose the information we receive?
Except as disclosed here, we do not rent, sell, or disclose your personal information to third parties. We disclose customer information as follows:
- Order Processing. Ironclad, sometimes with the assistance of a third party or Ironclad subsidiary, may use your Personally Identifiable Information to process your payment through merchant account services, and to generate the products and services you order. Your Contact Data may be used to follow up with you on transactions you initiate through Online Services, respond to inquiries made through Online Services, inform you of changes to Online Services, and send you additional information about Ironclad and its products and services.
- Third Party Marketing. Unless specifically authorized by you, we do not provide Personally Identifiable Information to third parties for marketing purposes. If you express interest in a third party offer or purchase a package that includes a third party offer, we may provide your Personally Identifiable Information to that third party solely in connection with the offer you have selected.
- Required by Law. We may also disclose your personal information: as required by law, such as in response to a subpoena or similar legal process, in response to a lawful request by public authorities to meet national security requirements, and when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a legal request.
- Visitor Demographics. Contact Data and Traffic Data are used to gather general statistics about our customers and visitors. We may use Demographic Data to generate collective information about our users, but not in a way that identifies any user specifically. For example, we may inform third parties about the number of registered users and unique visitors, and the pages most frequently browsed.
- Service Providers. We may disclose your Personally Identifiable Information to companies that provide support services to us (such as a printer or email service provider), or help us market our products and services. These companies may need information about you in order to perform their functions.
- Blogs and Forums. The Site may include a publicly accessible blog and interactive forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. You should use caution when deciding whether to disclose your personal information in these areas of the site. To request removal of your personal information from our community forums, contact us at support@ironcladhq.com. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.
- Other Transfers. We may disclose Personally Identifiable Information and other data to businesses controlling, controlled by, or under common control with Ironclad. If Ironclad is merged, acquired, or sold, or if some or all of our assets or equity are transferred, we may disclose or transfer Personally Identifiable Information and other data in connection with the associated transactions.
- Bankruptcy. In the event of an Ironclad bankruptcy, insolvency, reorganization, receivership, or assignment for the benefit of creditors, or the application of laws or equitable principles affecting creditors’ rights generally, we may not be able to control how your personal information is treated, transferred, or used. If such an event occurs, your Personally Identifiable Information may be treated like any other Ironclad asset and sold, transferred, or disclosed to third parties, or used in ways not contemplated or permitted under this Privacy Policy. In this case, you will be notified via email and/or a prominent notice on our site of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
- Consent. In addition to the disclosures described in this Policy, we may disclose information about you whenever you consent to or direct such disclosure.
Analytics & Advertising
Analytics. We may use third-party web analytics services on the Online Services, such as those of Google Analytics. These service providers use the sort of technology described in the “Information We Collect Automatically” section above to help us analyze how users use the Online Services, including by noting the third-party website from which you arrive. The information collected by the technology will be disclosed to or collected directly by these service providers, who use the information to evaluate your use of the Service. We also use Google Analytics for certain purposes related to advertising, as described in the following section. To prevent Google Analytics from using your information for analytics, you may install the Google Analytics Opt-Out Browser Add-on.
Advertising. Our partners and affiliates, including Google Analytics (Remarketing, Google Display Network Impression Reporting, the DoubleClick Campaign Manager Integration, and Google Analytics and Interest Reporting), may use cookies and web beacons to collect information about your activities on this and other websites to provide you targeted advertising based upon your interests. This means that these partners and affiliates may show our ads on sites across the Internet based upon your previous visits to our site. Together with our partners and affiliates, we may use these cookies and web beacons to report how your ad impressions, other uses of ad services, and interactions with these ad impressions and ad services are related to your visits to our site.
The use of tracking technologies by our service providers, technology partners or other third party assets (such as social media links) on the site is not covered by our Privacy Policy. We do not have access or control over these technologies.
If you would like to learn more or opt out of receiving online display advertising tailored to your interests, please visit the Networking Advertising Initiative at www.networkadvertising.org/managing/opt_out.asp or the Digital Advertising Alliance at http://aboutads.info/choices. Please note this does not opt you out of being served advertising. You will continue to receive generic ads. If you delete your cookies, use a different browser, or buy a new computer, you will need to renew your online display advertising opt-out choice. To opt out of Google Analytics for Display Advertising or customize Google Display Network ads, you can visit the Google Ads Settings page.
Do Not Track. We do not recognize or respond to browser-initiated Do Not Track signals, as the Internet industry is currently still working on Do Not Track standards, implementations, and solutions.
Data we process on behalf of our customers
We receive information from and on behalf of our customers when they use our Online Services. Because of the nature of the services, this information may contain any type of personal identifiable information, including Contact Data, Financial Data, Demographic Data, and Legal Data (such as social security numbers, company information, trade secrets, inventions, and idea submissions and other sensitive information necessary to generate legal documents). We process such data only in accordance with our customers’ instructions. For such data, the customer is the "data controller" (for purposes of GDPR) or the “business” (for purposes of the CCPA) and is responsible for most aspects of the processing of the personal information. If you have any questions or concerns about how your personal information is processed in these cases, including how to exercise your rights as a data subject, please contact the customer. If we receive any rights requests concerning instances where we act as data processor, we will forward your query on to the relevant customer.
We may also collect the information of third party individuals on behalf of our customers. For example, our customers may use our service to collect counterparty information to populate a contract. Ironclad primarily uses this information for the purpose of administering and improving its services for our customers. Where the third party individual chooses to create an Ironclad account with us, however, we will process their information in accordance with this Privacy Policy.
Third-Party Websites
Ironclad may maintain links to other websites and other websites may maintain links to the Online Services. This Privacy Policy applies only to ironcladapp.com and not to other websites accessible from Ironclad or that you use to access Ironclad, each of which may have privacy policies materially different from this Privacy Policy. If you visit other websites, Ironclad is not responsible for the privacy practices or content of those sites. It is your responsibility to review the privacy policies of non-Ironclad websites to confirm that you understand and agree with them.
Your Options
You may choose not to provide Ironclad with Personally Identifiable Information or you may turn off cookies in your browser by changing its settings. If you make these decisions, you may continue to use the Online Services and browse its pages. However, Ironclad cannot process orders without Personally Identifiable Information.
User and Authorized Contact Access to Order Information. Ironclad will give you, or anyone listed as an authorized contact for your account, information about your order. This may include information about the nature and status of your order, information you provided to process your order, payment information, and contact information. If you want someone to have access to your order, you must list them as an authorized contact or they may not obtain information.
Deleting Your Information. If you no longer desire our services, or if you want to remove your Personally Identifiable Information from our Site, you may terminate your account by contacting support@ironcladhq.com.
Opting Out of Marketing. We send promotional emails and newsletters from time to time to users who have registered on the site and to those who have opted in to receive such emails. You can opt-out of promotional communications by following the unsubscribe instructions in any communication or by emailing us at support@ironcladhq.com. Generally, you may not opt-out of service-related or transactional communications, which are not promotional. If you do not wish to receive service-related communications, however, you may terminate your account by contacting support@ironcladhq.com.
Data Retention
At minimum, we will retain your information for as long as needed to provide you services, and as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Ironclad may maintain some or all of this data in its archives even after it has been removed from the Site.
Data Security
We strive to make certain that our servers and connections incorporate the latest encryption and security devices. We have implemented physical, electronic, and managerial procedures to safeguard and secure the information we collect. Credit card and personal information are transmitted by secure servers (SSL). In the event that we mail you documents, documents are delivered to you via UPS or similar overnight delivery services, the United States Postal Service, or email. Unfortunately, no data transmission is guaranteed to be 100% secure and we therefore cannot guarantee the security of information you transmit to or from the Site, Applications, or through the use of our services, and you provide this information at your own risk. ACCORDINGLY, WE DISCLAIM LIABILITY FOR THE THEFT, LOSS, OR INTERCEPTION OF, OR UNAUTHORIZED ACCESS OR DAMAGE TO, YOUR DATA OR COMMUNICATIONS BY USING THE SITE, APPLICATIONS, AND OUR SERVICES. YOU ACKNOWLEDGE THAT YOU UNDERSTAND AND ASSUME THESE RISKS.
IF YOU BELIEVE YOUR PRIVACY HAS BEEN BREACHED THROUGH USE OF OUR WEBSITE, APPLICATIONS, OR OTHER SERVICES PLEASE CONTACT US IMMEDIATELY AT privacy@ironcladhq.com.
EEA, Switzerland, and UK Individuals
Legal Bases for Use of Your Information. Our legal grounds for processing your information are as follows:
- To honor our contractual commitments to you: Much of our processing of personal data is to meet our contractual obligations to our users, or to take steps at users’ requests in anticipation of entering into a contract with them. For example, we handle personal data on this basis to allow you to sign up for our Online Services.
- Consent: Where required by law, and in some other cases, we handle personal data on the basis of your implied or express consent.
- Legitimate interests: In many cases, we handle personal data on the ground that it furthers our legitimate interests in commercial activities in ways that are not overridden by the interests or fundamental rights and freedoms of the affected individuals. This includes: operating our business and the Online Services; providing security for our websites, products, software, or applications; marketing; receiving payments; preventing fraud; and knowing the customer to whom we are providing the Online Services.
- Legal compliance: We need to use and disclose personal data in certain ways to comply with our legal obligations (such as our obligation to disclose data to tax authorities).
Data Subject Rights. Residents of the European Economic Area (“EEA”), Switzerland, and the UK can exercise certain data subject rights available to them under applicable data protection laws. Where such rights apply, we will comply with requests to exercise these rights in accordance with applicable law. Please note, however, that certain information may be exempt from such requests in some circumstances, which may include if we need to keep processing your information for our legitimate interests or to comply with a legal obligation. If these rights apply to you, they may permit you to request that we:
- provide access to and/or a copy of certain information we hold about you
- prevent the processing of your information for direct-marketing purposes (including any direct marketing processing based on profiling)
- update information which is out of date or incorrect
- delete certain information which we are holding about you
- restrict the way that we process and disclose certain of your information
- transfer your information to a third party provider of services
- revoke your consent for the processing of your information
For more information on how to exercise these rights, please contact us using the information in the “Contact Us” section below. If applicable, you may make a complaint to the data protection supervisory authority in the country where you are based. Alternatively, you may seek a remedy through local courts if you believe your rights have been breached.
In instances where we process personal information on behalf of our customer, rights requests should be directed to the relevant customer. Any request sent directly to us that pertains to information collected on behalf of a customer will be forwarded on to that customer.
International Data Transfers. Information submitted to Ironclad will be transferred to, processed, and stored in the United States, or for certain customers, the European Union. If you post or transfer any information to or through the Online Services, you are agreeing to such information, including Personally Identifiable Information, being hosted and accessed in the United States or the European Union. Please note that the privacy laws of the United States and the European Union may be different from those in the place where you are a resident.
Where required, we will use appropriate safeguards for transferring data outside of the EEA, Switzerland, and the UK. This includes signing Standard Contractual Clauses that govern the transfers of such data, which may be used in conjunction with additional safeguards. Ironclad is also certified under the Data Privacy Framework, see Ironclad's Data Privacy Framework notice here. For more information about these transfer mechanisms, please contact us as detailed in the “Contact us” section below.
Supplemental Privacy Notice for California Residents
This Supplemental Privacy Notice supplements the information in our Privacy Policy above, and except as provided herein, applies solely to California residents. It applies to personal information we collect on or through the Online Services and through other means (such as information collected offline, in person, and over the telephone). It does not apply to personal information we collect from our employees and job applicants in their capacity as employees and job applicants. It also does not apply to personal information we process as a service provider.
Summary of Information We Collect
If you are a California resident, California law requires us to provide you with some additional information regarding how we collect, use, and disclose your “personal information” and "sensitive personal information" (as defined in the California Consumer Privacy Act (“CCPA”)).
Throughout our Privacy Policy, we describe the specific pieces of personal information and sensitive personal information we collect, the sources of that information, and how we disclose it. Under the CCPA, we also have to provide you with the "categories" of personal information we collect and disclose for “business purposes” (as those terms are defined by applicable law). Those categories are identifiers (such as name, address, email address, phone number, other account information, and cookies); commercial information (such as transaction data); financial data (such as credit card and other financial account information); internet or other network or device activity (such as IP address or service usage); geolocation information (general location); inference data about you; sensory information (such as audio recordings if you call customer service); professional or employment related data; education data; insurance (including health insurance) information; medical information; physical characteristics or description; legally protected classifications (such as gender); other information that identifies or can be reasonably associated with you.The categories of sensitive personal information are account log-in, financial account information, and password or other credentials allowing access to your account.
We collect the categories of personal information identified above from the following sources: (1) directly from you; (2) through your use of the Online Services; (3) affiliates; and (4) third parties such as social networks and other Ironclad users.
We or our service providers may collect and disclose the above categories of information for the purposes described in our Privacy Policy. This includes the following business or commercial purposes (as those terms are defined in applicable law):
- Our or our service provider’s operational purposes;
- Auditing consumer interactions on our site;
- Detecting, protecting against, and prosecuting security incidents and fraudulent or illegal activity;
- Bug detection and error reporting;
- Customizing content that we or our service providers display on the Online Services;
- Providing the Online Services (e.g., account servicing and maintenance, order processing and fulfillment, customer service, advertising and marketing, analytics, and communication about the Online Services);
- Improving the Online Services and developing new services (e.g., by conducting research to develop new products or features);
- Other uses that advance our commercial or economic interests, such as third party advertising and communicating with you about relevant offers from third party partners;
- Other uses about which we notify you.
We may also use the above categories of personal information for compliance with applicable laws and regulations, and we may combine the information we collect (“aggregate”) or remove pieces of information (“de-identify”) to limit or prevent identification of any particular user or device.
We describe our information disclosure practices in our Privacy Policy. We may disclose certain categories of personal information with third parties (as defined by the CCPA) for the business purposes described above. For example, we may disclose identifiers and other information that identifies or can reasonably be associated with you with counterparties to your agreements. We may disclose identifiers with our marketing partners, and we may also disclose any of the categories described above with our subsidiaries and affiliates. If you connect your account with social media services or interact with social media plugins or links on the Online Service, we may disclose identifiers, commercial information, internet or other network or device activity, or general location with those social media services.
Consumer Rights
If you are a California resident, you may have certain rights. California law may permit you to request that we:
- Provide you the categories of personal information we have collected or disclosed about you; the categories of sources of such information; the business or commercial purpose for "collecting," "selling," or "sharing" your personal information; the categories of third parties to whom we disclose or "sell," or with whom we "share," personal information; and the categories of personal information we "sell."
- Provide access to and/or a copy of certain information we hold about you.
- Delete certain information we have about you.
- Correct inaccurate personal information that we maintain about you.
You may have the right to receive information about the financial incentives that we offer to you (if any). You also have the right to not be discriminated against (as provided for in applicable law) for exercising certain of your rights. Certain information may be exempt from such requests under applicable law. We need certain types of information so that we can provide the Online Services to you. If you ask us to delete it, you may no longer be able to access or use the Online Services.
In instances where we process personal information on behalf of our customer, rights requests should be directed to the relevant customer. Any request sent directly to us that pertains to information collected on behalf of a customer will be forwarded on to that customer.
If you would like to exercise any of these rights, you can submit a request at privacy@ironcladhq.com, call (855) 999-4766, or submit the Consumer Rights Request Form. You will be required to verify your identity before we fulfill your request. To do so, you will need to provide information to match with our existing records to verify your identity, depending on the nature of the request and the sensitivity of the information sought. You can also designate an authorized agent to make a request on your behalf. To do so, you must provide us with written authorization or a power of attorney, signed by you, for the agent to act on your behalf. You will still need to verify your identity directly with us.
“Sale” of Personal Information
California residents may opt out of the "sale" of their personal information. The CCPA broadly defines "sale" in a way that may include allowing third parties to receive certain information such as cookie identifiers, IP addresses and/or browsing behavior to add to a profile about your device, browser or you. Such profiles may enable delivery of interest-based advertising by such third parties within their platform or on other sites.
Depending on how you use the Service, we may disclose the following categories of information for such interest-based advertising, which may be considered a “sale” as defined by the CCPA: identifiers (such as IP address, device identifiers, and cookies) and internet and device activity. To opt out of such "sales," please submit a request to privacy@ironcladhq.com or submit the Consumer Rights Request Form.
"Sharing" of Personal Information
California residents may opt out of the "sharing" of their personal information. The CCPA defines "sharing" as the targeting of advertising to a consumer based on that consumer's personal information obtained from the consumer's activity across websites. We "share" information fo these purposes to provide more relevant and tailored advertising to you regarding our Services. As part of this advertising, we may "share" identifiers (such as IP address, device identifiers, and cookies) and internet and device activity with advertising platforms and advertising networks. To opt out of such "sharing," please submit a request to privacy@ironcladhq.com or submit the Consumer Rights Request Form.
Children Under 16
We do not knowingly "sell" or "share" the personal information of children under 16.
Sensitive Personal Information
The CCPA also allows you to limit the use or disclosure of your "sensitive personal information" (as defined in the CCPA) if your sensitive personal information is used for certain purposes. Please note that we do not use or disclose sensitive personal information other than for purposes for which you cannot opt out under the CCPA.
Retention of Your Personal Information
Please see the "Data Retention" section above.
California Shine the Light
We do not disclose personal information to third parties for their direct marketing purposes.
Children’s Privacy
The Online Services are not directed to children under the age of 13. We do not knowingly collect personal information (as that term is defined in the Children’s Online Privacy Protection Act (COPPA)) from children under 13. If we discover that an individual under 13 has provided us with personal information, we will delete the personal information to the extent required by COPPA.
We do not knowingly process data of EU residents under the age of 16 without parental consent. If we become aware that we have collected data from an EU resident under the age of 16 without parental consent, we will take reasonable steps to delete it as soon as possible.
Changes to this Policy
We may update this privacy policy to reflect changes to our information practices. If we make any material changes a notice may be posted on this page along with the updated Privacy Policy prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.
Contact Us
If you have any questions or concerns regarding our Privacy Policy, please contact us at privacy@ironcladhq.com.
Effective September 5th 2024 to October 16th 2024
DownloadTable of Contents
Ironclad, Inc. (“Ironclad” “We”, “Us”) is sensitive to your concerns about how we use the personal information we collect from you through Ironclad’s website (the “Site”) and other plug-ins exchanging information with Ironclad (“Applications”). (The Site and Applications are sometimes collectively referred to as “Online Services” for simplicity.) This Privacy Policy covers Ironclad’s treatment of the Personally Identifiable Information we collect when you use the Online Services. It also describes the choices available to you regarding our use of your personal information and how you can access and update this information. By using Ironclad Online Services, you accept the terms of this Privacy Policy. If you have questions or concerns about the Privacy Policy, please contact Customer Care at privacy@ironcladhq.com.
For purposes of data protection laws, Ironclad Inc., 650 California Street, Suite 1100, San Francisco, CA 94108, is the entity responsible for your information.
What information do we collect?
Information You Provide to Us
Ironclad requires each customer to provide us with personal information (collectively “Personally Identifiable Information”) to access and use Ironclad products and services. Personally Identifiable Information is captured when a visitor accesses Online Services, or speaks on the phone with or emails an Ironclad employee, and willingly discloses that information. This disclosure may occur when a visitor registers with an Online Service, engages in transactions, contacts customer service, or participates in contests, promotions, surveys, forums, content submissions, requests for suggestions, or other aspects of services offered by Ironclad.
Personally Identifiable Information includes: (i) “Contact Data” (such as your name, address, city, state, zip code, phone number, and email address); (ii) “Financial Data” (such as your credit card number, expiration date, and verification code or bank account information); (iii) “Demographic Data” (such as your zip code and sex).
Calls/Electronic Communications. In the regular course of our business, Ironclad may monitor and record phone conversations or email communications between you and Ironclad employees for training and quality assurance purposes. We may receive a confirmation when you open or click on content in an email from us, which helps us make our communications to you more useful and interesting.
Surveys, Sweepstakes, and Contests. We may provide you the opportunity to participate in surveys on our site, to measure customer satisfaction. If you participate, we may request certain personally identifiable information from you. Participation in these surveys, sweepstakes, or contests is completely voluntary and you therefore have a choice whether or not to disclose this information. The requested information typically includes name, email address, and mailing address.
Testimonials and Reviews. We may display personal testimonials of satisfied customers. We will ask for your specific consent as part of the survey. If you wish to update or delete your testimonial, you can contact us at support@ironcladhq.com. We may also display customer reviews. If you provide a review that we display and wish to update or delete it, you can also contact us at support@ironcladhq.com.
Information We Collect Automatically.
Traffic Data. Ironclad or its third-party service providers may collect a variety of visitor data such as IP addresses, browser settings, internet service provider (ISP) information, referring/exit pages, operating systems, date/time stamps, and clickstream data (collectively “Visitor Data”). The Ironclad internal servers and software automatically recognize Visitor Data. The Site may use Visitor Data to compile traffic data about the types of visitors who use the Site at specific intervals (collectively “Traffic Data”).
We may use Traffic Data to analyze Site traffic. We may also use Traffic Data to diagnose problems with our server, administer our Site, or display content according to your preferences. Visitor Data and Traffic Data may also be disclosed to business partners, affiliates, or advertisers on an aggregated and anonymous basis.
Cookies. Ironclad may use the standard cookie feature of major browser applications and third-party providers, including Google Analytics features (Remarketing, Google Display Network Impression Reporting, the DoubleClick Campaign Manager Integration and Google Analytics Demographics and Interest Reporting), or employ internally developed cookies, clear GIFs, pixel tags, tracking codes, and other technologies that allow Ironclad to store a small piece of data on a visitor’s computer, or any other device a visitor uses to access Online Services, about his or her visit to the Site or use of Applications. You can remove persistent cookies by following directions provided in your Internet browser’s “help” directory. If you reject cookies, you may still use our site, but your ability to use some areas of our site will be limited.
Location Information. When you use the Online Services, we may collect general location information (such as general location inferred from an IP address).
Information from Other Sources. We may collect information about you from third parties, such as marketing partners and researchers. Our customers may give us information about you, such as your Contact Data, in order to facilitate contracting through our Online Services. We may combine this information with information we collect from you and use it as described in this Privacy Policy.
How do we use the information we collect?
We use information we collect from the Online Services to: provide you with the Online Services; communicate with you; process your orders; manage and remember your preferences and customize the Online Services; analyze and improve the Online Services or any other products and Online Services we provide; improve our advertising and marketing; verify your identity; facilitate your transactions with our third-party marketing partners; inform you of offers and discounts; comply with our legal obligations or as permitted by law; protect the safety and/or integrity of our users, employees, third parties, members of the public, and/or the Online Services; and prevent fraud and enforce our legal terms.
We may combine information that we collect from you through the Online Service with information that we obtain from other sources. We may also aggregate and/or de-identify information collected through the Online Services. We may use de-identified or aggregated data for any purpose, including without limitation for research and marketing purposes.
How do we disclose the information we receive?
Except as disclosed here, we do not rent, sell, or disclose your personal information to third parties. We disclose customer information as follows:
- Order Processing. Ironclad, sometimes with the assistance of a third party or Ironclad subsidiary, may use your Personally Identifiable Information to process your payment through merchant account services, and to generate the products and services you order. Your Contact Data may be used to follow up with you on transactions you initiate through Online Services, respond to inquiries made through Online Services, inform you of changes to Online Services, and send you additional information about Ironclad and its products and services.
- Third Party Marketing. Unless specifically authorized by you, we do not provide Personally Identifiable Information to third parties for marketing purposes. If you express interest in a third party offer or purchase a package that includes a third party offer, we may provide your Personally Identifiable Information to that third party solely in connection with the offer you have selected.
- Required by Law. We may also disclose your personal information: as required by law, such as in response to a subpoena or similar legal process, and when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a legal request.
- Visitor Demographics. Contact Data and Traffic Data are used to gather general statistics about our customers and visitors. We may use Demographic Data to generate collective information about our users, but not in a way that identifies any user specifically. For example, we may inform third parties about the number of registered users and unique visitors, and the pages most frequently browsed.
- Service Providers. We may disclose your Personally Identifiable Information to companies that provide support services to us (such as a printer or email service provider), or help us market our products and services. These companies may need information about you in order to perform their functions.
- Blogs and Forums. The Site may include a publicly accessible blog and interactive forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. You should use caution when deciding whether to disclose your personal information in these areas of the site. To request removal of your personal information from our community forums, contact us at support@ironcladhq.com. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.
- Other Transfers. We may disclose Personally Identifiable Information and other data to businesses controlling, controlled by, or under common control with Ironclad. If Ironclad is merged, acquired, or sold, or if some or all of our assets or equity are transferred, we may disclose or transfer Personally Identifiable Information and other data in connection with the associated transactions.
- Bankruptcy. In the event of an Ironclad bankruptcy, insolvency, reorganization, receivership, or assignment for the benefit of creditors, or the application of laws or equitable principles affecting creditors’ rights generally, we may not be able to control how your personal information is treated, transferred, or used. If such an event occurs, your Personally Identifiable Information may be treated like any other Ironclad asset and sold, transferred, or disclosed to third parties, or used in ways not contemplated or permitted under this Privacy Policy. In this case, you will be notified via email and/or a prominent notice on our site of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
- Consent. In addition to the disclosures described in this Policy, we may disclose information about you whenever you consent to or direct such disclosure.
Analytics & Advertising
Analytics. We may use third-party web analytics services on the Online Services, such as those of Google Analytics. These service providers use the sort of technology described in the “Information We Collect Automatically” section above to help us analyze how users use the Online Services, including by noting the third-party website from which you arrive. The information collected by the technology will be disclosed to or collected directly by these service providers, who use the information to evaluate your use of the Service. We also use Google Analytics for certain purposes related to advertising, as described in the following section. To prevent Google Analytics from using your information for analytics, you may install the Google Analytics Opt-Out Browser Add-on.
Advertising. Our partners and affiliates, including Google Analytics (Remarketing, Google Display Network Impression Reporting, the DoubleClick Campaign Manager Integration, and Google Analytics and Interest Reporting), may use cookies and web beacons to collect information about your activities on this and other websites to provide you targeted advertising based upon your interests. This means that these partners and affiliates may show our ads on sites across the Internet based upon your previous visits to our site. Together with our partners and affiliates, we may use these cookies and web beacons to report how your ad impressions, other uses of ad services, and interactions with these ad impressions and ad services are related to your visits to our site.
The use of tracking technologies by our service providers, technology partners or other third party assets (such as social media links) on the site is not covered by our Privacy Policy. We do not have access or control over these technologies.
If you would like to learn more or opt out of receiving online display advertising tailored to your interests, please visit the Networking Advertising Initiative at www.networkadvertising.org/managing/opt_out.asp or the Digital Advertising Alliance at http://aboutads.info/choices. Please note this does not opt you out of being served advertising. You will continue to receive generic ads. If you delete your cookies, use a different browser, or buy a new computer, you will need to renew your online display advertising opt-out choice. To opt out of Google Analytics for Display Advertising or customize Google Display Network ads, you can visit the Google Ads Settings page.
Do Not Track. We do not recognize or respond to browser-initiated Do Not Track signals, as the Internet industry is currently still working on Do Not Track standards, implementations, and solutions.
Data we process on behalf of our customers
We receive information from and on behalf of our customers when they use our Online Services. Because of the nature of the services, this information may contain any type of personal identifiable information, including Contact Data, Financial Data, Demographic Data, and Legal Data (such as social security numbers, company information, trade secrets, inventions, and idea submissions and other sensitive information necessary to generate legal documents). We process such data only in accordance with our customers’ instructions. For such data, the customer is the "data controller" (for purposes of GDPR) or the “business” (for purposes of the CCPA) and is responsible for most aspects of the processing of the personal information. If you have any questions or concerns about how your personal information is processed in these cases, including how to exercise your rights as a data subject, please contact the customer. If we receive any rights requests concerning instances where we act as data processor, we will forward your query on to the relevant customer.
We may also collect the information of third party individuals on behalf of our customers. For example, our customers may use our service to collect counterparty information to populate a contract. Ironclad primarily uses this information for the purpose of administering and improving its services for our customers. Where the third party individual chooses to create an Ironclad account with us, however, we will process their information in accordance with this Privacy Policy.
Third-Party Websites
Ironclad may maintain links to other websites and other websites may maintain links to the Online Services. This Privacy Policy applies only to ironcladapp.com and not to other websites accessible from Ironclad or that you use to access Ironclad, each of which may have privacy policies materially different from this Privacy Policy. If you visit other websites, Ironclad is not responsible for the privacy practices or content of those sites. It is your responsibility to review the privacy policies of non-Ironclad websites to confirm that you understand and agree with them.
Your Options
You may choose not to provide Ironclad with Personally Identifiable Information or you may turn off cookies in your browser by changing its settings. If you make these decisions, you may continue to use the Online Services and browse its pages. However, Ironclad cannot process orders without Personally Identifiable Information.
User and Authorized Contact Access to Order Information. Ironclad will give you, or anyone listed as an authorized contact for your account, information about your order. This may include information about the nature and status of your order, information you provided to process your order, payment information, and contact information. If you want someone to have access to your order, you must list them as an authorized contact or they may not obtain information.
Deleting Your Information. If you no longer desire our services, or if you want to remove your Personally Identifiable Information from our Site, you may terminate your account by contacting support@ironcladhq.com.
Opting Out of Marketing. We send promotional emails and newsletters from time to time to users who have registered on the site and to those who have opted in to receive such emails. You can opt-out of promotional communications by following the unsubscribe instructions in any communication or by emailing us at support@ironcladhq.com. Generally, you may not opt-out of service-related or transactional communications, which are not promotional. If you do not wish to receive service-related communications, however, you may terminate your account by contacting support@ironcladhq.com.
Data Retention
At minimum, we will retain your information for as long as needed to provide you services, and as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Ironclad may maintain some or all of this data in its archives even after it has been removed from the Site.
Data Security
We strive to make certain that our servers and connections incorporate the latest encryption and security devices. We have implemented physical, electronic, and managerial procedures to safeguard and secure the information we collect. Credit card and personal information are transmitted by secure servers (SSL). In the event that we mail you documents, documents are delivered to you via UPS or similar overnight delivery services, the United States Postal Service, or email. Unfortunately, no data transmission is guaranteed to be 100% secure and we therefore cannot guarantee the security of information you transmit to or from the Site, Applications, or through the use of our services, and you provide this information at your own risk. ACCORDINGLY, WE DISCLAIM LIABILITY FOR THE THEFT, LOSS, OR INTERCEPTION OF, OR UNAUTHORIZED ACCESS OR DAMAGE TO, YOUR DATA OR COMMUNICATIONS BY USING THE SITE, APPLICATIONS, AND OUR SERVICES. YOU ACKNOWLEDGE THAT YOU UNDERSTAND AND ASSUME THESE RISKS.
IF YOU BELIEVE YOUR PRIVACY HAS BEEN BREACHED THROUGH USE OF OUR WEBSITE, APPLICATIONS, OR OTHER SERVICES PLEASE CONTACT US IMMEDIATELY AT privacy@ironcladhq.com.
EEA, Switzerland, and UK Individuals
Legal Bases for Use of Your Information. Our legal grounds for processing your information are as follows:
- To honor our contractual commitments to you: Much of our processing of personal data is to meet our contractual obligations to our users, or to take steps at users’ requests in anticipation of entering into a contract with them. For example, we handle personal data on this basis to allow you to sign up for our Online Services.
- Consent: Where required by law, and in some other cases, we handle personal data on the basis of your implied or express consent.
- Legitimate interests: In many cases, we handle personal data on the ground that it furthers our legitimate interests in commercial activities in ways that are not overridden by the interests or fundamental rights and freedoms of the affected individuals. This includes: operating our business and the Online Services; providing security for our websites, products, software, or applications; marketing; receiving payments; preventing fraud; and knowing the customer to whom we are providing the Online Services.
- Legal compliance: We need to use and disclose personal data in certain ways to comply with our legal obligations (such as our obligation to disclose data to tax authorities).
Data Subject Rights. Residents of the European Economic Area (“EEA”), Switzerland, and the UK can exercise certain data subject rights available to them under applicable data protection laws. Where such rights apply, we will comply with requests to exercise these rights in accordance with applicable law. Please note, however, that certain information may be exempt from such requests in some circumstances, which may include if we need to keep processing your information for our legitimate interests or to comply with a legal obligation. If these rights apply to you, they may permit you to request that we:
- provide access to and/or a copy of certain information we hold about you
- prevent the processing of your information for direct-marketing purposes (including any direct marketing processing based on profiling)
- update information which is out of date or incorrect
- delete certain information which we are holding about you
- restrict the way that we process and disclose certain of your information
- transfer your information to a third party provider of services
- revoke your consent for the processing of your information
For more information on how to exercise these rights, please contact us using the information in the “Contact Us” section below. If applicable, you may make a complaint to the data protection supervisory authority in the country where you are based. Alternatively, you may seek a remedy through local courts if you believe your rights have been breached.
In instances where we process personal information on behalf of our customer, rights requests should be directed to the relevant customer. Any request sent directly to us that pertains to information collected on behalf of a customer will be forwarded on to that customer.
International Data Transfers. Information submitted to Ironclad will be transferred to, processed, and stored in the United States, or for certain customers, the European Union or Japan. If you post or transfer any information to or through the Online Services, you are agreeing to such information, including Personally Identifiable Information, being hosted and accessed in the United States, the European Union, and Japan. Please note that the privacy laws of the United States, the European Union, and Japan may be different from those in the place where you are a resident.
Where required, we will use appropriate safeguards for transferring data outside of the EEA, Switzerland, and the UK. This includes signing Standard Contractual Clauses that govern the transfers of such data, which may be used in conjunction with additional safeguards. For more information about these transfer mechanisms, please contact us as detailed in the “Contact us” section below.
Supplemental Privacy Notice for California Residents
This Supplemental Privacy Notice supplements the information in our Privacy Policy above, and except as provided herein, applies solely to California residents. It applies to personal information we collect on or through the Online Services and through other means (such as information collected offline, in person, and over the telephone). It does not apply to personal information we collect from our employees and job applicants in their capacity as employees and job applicants. It also does not apply to personal information we process as a service provider.
Summary of Information We Collect
If you are a California resident, California law requires us to provide you with some additional information regarding how we collect, use, and disclose your “personal information” and "sensitive personal information" (as defined in the California Consumer Privacy Act (“CCPA”)).
Throughout our Privacy Policy, we describe the specific pieces of personal information and sensitive personal information we collect, the sources of that information, and how we disclose it. Under the CCPA, we also have to provide you with the "categories" of personal information we collect and disclose for “business purposes” (as those terms are defined by applicable law). Those categories are identifiers (such as name, address, email address, phone number, other account information, and cookies); commercial information (such as transaction data); financial data (such as credit card and other financial account information); internet or other network or device activity (such as IP address or service usage); geolocation information (general location); inference data about you; sensory information (such as audio recordings if you call customer service); professional or employment related data; education data; insurance (including health insurance) information; medical information; physical characteristics or description; legally protected classifications (such as gender); other information that identifies or can be reasonably associated with you.The categories of sensitive personal information are account log-in, financial account information, and password or other credentials allowing access to your account.
We collect the categories of personal information identified above from the following sources: (1) directly from you; (2) through your use of the Online Services; (3) affiliates; and (4) third parties such as social networks and other Ironclad users.
We or our service providers may collect and disclose the above categories of information for the purposes described in our Privacy Policy. This includes the following business or commercial purposes (as those terms are defined in applicable law):
- Our or our service provider’s operational purposes;
- Auditing consumer interactions on our site;
- Detecting, protecting against, and prosecuting security incidents and fraudulent or illegal activity;
- Bug detection and error reporting;
- Customizing content that we or our service providers display on the Online Services;
- Providing the Online Services (e.g., account servicing and maintenance, order processing and fulfillment, customer service, advertising and marketing, analytics, and communication about the Online Services);
- Improving the Online Services and developing new services (e.g., by conducting research to develop new products or features);
- Other uses that advance our commercial or economic interests, such as third party advertising and communicating with you about relevant offers from third party partners;
- Other uses about which we notify you.
We may also use the above categories of personal information for compliance with applicable laws and regulations, and we may combine the information we collect (“aggregate”) or remove pieces of information (“de-identify”) to limit or prevent identification of any particular user or device.
We describe our information disclosure practices in our Privacy Policy. We may disclose certain categories of personal information with third parties (as defined by the CCPA) for the business purposes described above. For example, we may disclose identifiers and other information that identifies or can reasonably be associated with you with counterparties to your agreements. We may disclose identifiers with our marketing partners, and we may also disclose any of the categories described above with our subsidiaries and affiliates. If you connect your account with social media services or interact with social media plugins or links on the Online Service, we may disclose identifiers, commercial information, internet or other network or device activity, or general location with those social media services.
Consumer Rights
If you are a California resident, you may have certain rights. California law may permit you to request that we:
- Provide you the categories of personal information we have collected or disclosed about you; the categories of sources of such information; the business or commercial purpose for "collecting," "selling," or "sharing" your personal information; the categories of third parties to whom we disclose or "sell," or with whom we "share," personal information; and the categories of personal information we "sell."
- Provide access to and/or a copy of certain information we hold about you.
- Delete certain information we have about you.
- Correct inaccurate personal information that we maintain about you.
You may have the right to receive information about the financial incentives that we offer to you (if any). You also have the right to not be discriminated against (as provided for in applicable law) for exercising certain of your rights. Certain information may be exempt from such requests under applicable law. We need certain types of information so that we can provide the Online Services to you. If you ask us to delete it, you may no longer be able to access or use the Online Services.
In instances where we process personal information on behalf of our customer, rights requests should be directed to the relevant customer. Any request sent directly to us that pertains to information collected on behalf of a customer will be forwarded on to that customer.
If you would like to exercise any of these rights, you can submit a request at privacy@ironcladhq.com, call (855) 999-4766, or submit the Consumer Rights Request Form. You will be required to verify your identity before we fulfill your request. To do so, you will need to provide information to match with our existing records to verify your identity, depending on the nature of the request and the sensitivity of the information sought. You can also designate an authorized agent to make a request on your behalf. To do so, you must provide us with written authorization or a power of attorney, signed by you, for the agent to act on your behalf. You will still need to verify your identity directly with us.
“Sale” of Personal Information
California residents may opt out of the "sale" of their personal information. The CCPA broadly defines "sale" in a way that may include allowing third parties to receive certain information such as cookie identifiers, IP addresses and/or browsing behavior to add to a profile about your device, browser or you. Such profiles may enable delivery of interest-based advertising by such third parties within their platform or on other sites.
Depending on how you use the Service, we may disclose the following categories of information for such interest-based advertising, which may be considered a “sale” as defined by the CCPA: identifiers (such as IP address, device identifiers, and cookies) and internet and device activity. To opt out of such "sales," please submit a request to privacy@ironcladhq.com or submit the Consumer Rights Request Form.
"Sharing" of Personal Information
California residents may opt out of the "sharing" of their personal information. The CCPA defines "sharing" as the targeting of advertising to a consumer based on that consumer's personal information obtained from the consumer's activity across websites. We "share" information fo these purposes to provide more relevant and tailored advertising to you regarding our Services. As part of this advertising, we may "share" identifiers (such as IP address, device identifiers, and cookies) and internet and device activity with advertising platforms and advertising networks. To opt out of such "sharing," please submit a request to privacy@ironcladhq.com or submit the Consumer Rights Request Form.
Children Under 16
We do not knowingly "sell" or "share" the personal information of children under 16.
Sensitive Personal Information
The CCPA also allows you to limit the use or disclosure of your "sensitive personal information" (as defined in the CCPA) if your sensitive personal information is used for certain purposes. Please note that we do not use or disclose sensitive personal information other than for purposes for which you cannot opt out under the CCPA.
Retention of Your Personal Information
Please see the "Data Retention" section above.
California Shine the Light
We do not disclose personal information to third parties for their direct marketing purposes.
Children’s Privacy
The Online Services are not directed to children under the age of 13. We do not knowingly collect personal information (as that term is defined in the Children’s Online Privacy Protection Act (COPPA)) from children under 13. If we discover that an individual under 13 has provided us with personal information, we will delete the personal information to the extent required by COPPA.
We do not knowingly process data of EU residents under the age of 16 without parental consent. If we become aware that we have collected data from an EU resident under the age of 16 without parental consent, we will take reasonable steps to delete it as soon as possible.
Changes to this Policy
We may update this privacy policy to reflect changes to our information practices. If we make any material changes a notice may be posted on this page along with the updated Privacy Policy prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.
Contact Us
If you have any questions or concerns regarding our Privacy Policy, please contact us at privacy@ironcladhq.com.
Effective September 5th 2024 to September 5th 2024
DownloadTable of Contents
Ironclad, Inc. (“Ironclad” “We”, “Us”) is sensitive to your concerns about how we use the personal information we collect from you through Ironclad’s website (the “Site”) and other plug-ins exchanging information with Ironclad (“Applications”). (The Site and Applications are sometimes collectively referred to as “Online Services” for simplicity.) This Privacy Policy covers Ironclad’s treatment of the Personally Identifiable Information we collect when you use the Online Services. It also describes the choices available to you regarding our use of your personal information and how you can access and update this information. By using Ironclad Online Services, you accept the terms of this Privacy Policy. If you have questions or concerns about the Privacy Policy, please contact Customer Care at privacy@ironcladhq.com.
For purposes of data protection laws, Ironclad Inc., 650 California Street, Suite 1100, San Francisco, CA 94108, is the entity responsible for your information.
What information do we collect?
Information You Provide to Us
Ironclad requires each customer to provide us with personal information (collectively “Personally Identifiable Information”) to access and use Ironclad products and services. Personally Identifiable Information is captured when a visitor accesses Online Services, or speaks on the phone with or emails an Ironclad employee, and willingly discloses that information. This disclosure may occur when a visitor registers with an Online Service, engages in transactions, contacts customer service, or participates in contests, promotions, surveys, forums, content submissions, requests for suggestions, or other aspects of services offered by Ironclad.
Personally Identifiable Information includes: (i) “Contact Data” (such as your name, address, city, state, zip code, phone number, and email address); (ii) “Financial Data” (such as your credit card number, expiration date, and verification code or bank account information); (iii) “Demographic Data” (such as your zip code and sex).
Calls/Electronic Communications. In the regular course of our business, Ironclad may monitor and record phone conversations or email communications between you and Ironclad employees for training and quality assurance purposes. We may receive a confirmation when you open or click on content in an email from us, which helps us make our communications to you more useful and interesting.
Surveys, Sweepstakes, and Contests. We may provide you the opportunity to participate in surveys on our site, to measure customer satisfaction. If you participate, we may request certain personally identifiable information from you. Participation in these surveys, sweepstakes, or contests is completely voluntary and you therefore have a choice whether or not to disclose this information. The requested information typically includes name, email address, and mailing address.
Testimonials and Reviews. We may display personal testimonials of satisfied customers. We will ask for your specific consent as part of the survey. If you wish to update or delete your testimonial, you can contact us at support@ironcladhq.com. We may also display customer reviews. If you provide a review that we display and wish to update or delete it, you can also contact us at support@ironcladhq.com.
Information We Collect Automatically.
Traffic Data. Ironclad or its third-party service providers may collect a variety of visitor data such as IP addresses, browser settings, internet service provider (ISP) information, referring/exit pages, operating systems, date/time stamps, and clickstream data (collectively “Visitor Data”). The Ironclad internal servers and software automatically recognize Visitor Data. The Site may use Visitor Data to compile traffic data about the types of visitors who use the Site at specific intervals (collectively “Traffic Data”).
We may use Traffic Data to analyze Site traffic. We may also use Traffic Data to diagnose problems with our server, administer our Site, or display content according to your preferences. Visitor Data and Traffic Data may also be disclosed to business partners, affiliates, or advertisers on an aggregated and anonymous basis.
Cookies. Ironclad may use the standard cookie feature of major browser applications and third-party providers, including Google Analytics features (Remarketing, Google Display Network Impression Reporting, the DoubleClick Campaign Manager Integration and Google Analytics Demographics and Interest Reporting), or employ internally developed cookies, clear GIFs, pixel tags, tracking codes, and other technologies that allow Ironclad to store a small piece of data on a visitor’s computer, or any other device a visitor uses to access Online Services, about his or her visit to the Site or use of Applications. You can remove persistent cookies by following directions provided in your Internet browser’s “help” directory. If you reject cookies, you may still use our site, but your ability to use some areas of our site will be limited.
Location Information. When you use the Online Services, we may collect general location information (such as general location inferred from an IP address).
Information from Other Sources. We may collect information about you from third parties, such as marketing partners and researchers. Our customers may give us information about you, such as your Contact Data, in order to facilitate contracting through our Online Services. We may combine this information with information we collect from you and use it as described in this Privacy Policy.
How do we use the information we collect?
We use information we collect from the Online Services to: provide you with the Online Services; communicate with you; process your orders; manage and remember your preferences and customize the Online Services; analyze and improve the Online Services or any other products and Online Services we provide; improve our advertising and marketing; verify your identity; facilitate your transactions with our third-party marketing partners; inform you of offers and discounts; comply with our legal obligations or as permitted by law; protect the safety and/or integrity of our users, employees, third parties, members of the public, and/or the Online Services; and prevent fraud and enforce our legal terms.
We may combine information that we collect from you through the Online Service with information that we obtain from other sources. We may also aggregate and/or de-identify information collected through the Online Services. We may use de-identified or aggregated data for any purpose, including without limitation for research and marketing purposes.
How do we disclose the information we receive?
Except as disclosed here, we do not rent, sell, or disclose your personal information to third parties. We disclose customer information as follows:
- Order Processing. Ironclad, sometimes with the assistance of a third party or Ironclad subsidiary, may use your Personally Identifiable Information to process your payment through merchant account services, and to generate the products and services you order. Your Contact Data may be used to follow up with you on transactions you initiate through Online Services, respond to inquiries made through Online Services, inform you of changes to Online Services, and send you additional information about Ironclad and its products and services.
- Third Party Marketing. Unless specifically authorized by you, we do not provide Personally Identifiable Information to third parties for marketing purposes. If you express interest in a third party offer or purchase a package that includes a third party offer, we may provide your Personally Identifiable Information to that third party solely in connection with the offer you have selected.
- Required by Law. We may also disclose your personal information: as required by law, such as in response to a subpoena or similar legal process, and when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a legal request.
- Visitor Demographics. Contact Data and Traffic Data are used to gather general statistics about our customers and visitors. We may use Demographic Data to generate collective information about our users, but not in a way that identifies any user specifically. For example, we may inform third parties about the number of registered users and unique visitors, and the pages most frequently browsed.
- Service Providers. We may disclose your Personally Identifiable Information to companies that provide support services to us (such as a printer or email service provider), or help us market our products and services. These companies may need information about you in order to perform their functions.
- Blogs and Forums. The Site may include a publicly accessible blog and interactive forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. You should use caution when deciding whether to disclose your personal information in these areas of the site. To request removal of your personal information from our community forums, contact us at support@ironcladhq.com. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.
- Other Transfers. We may disclose Personally Identifiable Information and other data to businesses controlling, controlled by, or under common control with Ironclad. If Ironclad is merged, acquired, or sold, or if some or all of our assets or equity are transferred, we may disclose or transfer Personally Identifiable Information and other data in connection with the associated transactions.
- Bankruptcy. In the event of an Ironclad bankruptcy, insolvency, reorganization, receivership, or assignment for the benefit of creditors, or the application of laws or equitable principles affecting creditors’ rights generally, we may not be able to control how your personal information is treated, transferred, or used. If such an event occurs, your Personally Identifiable Information may be treated like any other Ironclad asset and sold, transferred, or disclosed to third parties, or used in ways not contemplated or permitted under this Privacy Policy. In this case, you will be notified via email and/or a prominent notice on our site of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
- Consent. In addition to the disclosures described in this Policy, we may disclose information about you whenever you consent to or direct such disclosure.
Analytics & Advertising
Analytics. We may use third-party web analytics services on the Online Services, such as those of Google Analytics. These service providers use the sort of technology described in the “Information We Collect Automatically” section above to help us analyze how users use the Online Services, including by noting the third-party website from which you arrive. The information collected by the technology will be disclosed to or collected directly by these service providers, who use the information to evaluate your use of the Service. We also use Google Analytics for certain purposes related to advertising, as described in the following section. To prevent Google Analytics from using your information for analytics, you may install the Google Analytics Opt-Out Browser Add-on.
Advertising. Our partners and affiliates, including Google Analytics (Remarketing, Google Display Network Impression Reporting, the DoubleClick Campaign Manager Integration, and Google Analytics and Interest Reporting), may use cookies and web beacons to collect information about your activities on this and other websites to provide you targeted advertising based upon your interests. This means that these partners and affiliates may show our ads on sites across the Internet based upon your previous visits to our site. Together with our partners and affiliates, we may use these cookies and web beacons to report how your ad impressions, other uses of ad services, and interactions with these ad impressions and ad services are related to your visits to our site.
The use of tracking technologies by our service providers, technology partners or other third party assets (such as social media links) on the site is not covered by our Privacy Policy. We do not have access or control over these technologies.
If you would like to learn more or opt out of receiving online display advertising tailored to your interests, please visit the Networking Advertising Initiative at www.networkadvertising.org/managing/opt_out.asp or the Digital Advertising Alliance at http://aboutads.info/choices. Please note this does not opt you out of being served advertising. You will continue to receive generic ads. If you delete your cookies, use a different browser, or buy a new computer, you will need to renew your online display advertising opt-out choice. To opt out of Google Analytics for Display Advertising or customize Google Display Network ads, you can visit the Google Ads Settings page.
Do Not Track. We do not recognize or respond to browser-initiated Do Not Track signals, as the Internet industry is currently still working on Do Not Track standards, implementations, and solutions.
Data we process on behalf of our customers
We receive information from and on behalf of our customers when they use our Online Services. Because of the nature of the services, this information may contain any type of personal identifiable information, including Contact Data, Financial Data, Demographic Data, and Legal Data (such as social security numbers, company information, trade secrets, inventions, and idea submissions and other sensitive information necessary to generate legal documents). We process such data only in accordance with our customers’ instructions. For such data, the customer is the "data controller" (for purposes of GDPR) or the “business” (for purposes of the CCPA) and is responsible for most aspects of the processing of the personal information. If you have any questions or concerns about how your personal information is processed in these cases, including how to exercise your rights as a data subject, please contact the customer. If we receive any rights requests concerning instances where we act as data processor, we will forward your query on to the relevant customer.
We may also collect the information of third party individuals on behalf of our customers. For example, our customers may use our service to collect counterparty information to populate a contract. Ironclad primarily uses this information for the purpose of administering and improving its services for our customers. Where the third party individual chooses to create an Ironclad account with us, however, we will process their information in accordance with this Privacy Policy.
Third-Party Websites
Ironclad may maintain links to other websites and other websites may maintain links to the Online Services. This Privacy Policy applies only to ironcladapp.com and not to other websites accessible from Ironclad or that you use to access Ironclad, each of which may have privacy policies materially different from this Privacy Policy. If you visit other websites, Ironclad is not responsible for the privacy practices or content of those sites. It is your responsibility to review the privacy policies of non-Ironclad websites to confirm that you understand and agree with them.
Your Options
You may choose not to provide Ironclad with Personally Identifiable Information or you may turn off cookies in your browser by changing its settings. If you make these decisions, you may continue to use the Online Services and browse its pages. However, Ironclad cannot process orders without Personally Identifiable Information.
User and Authorized Contact Access to Order Information. Ironclad will give you, or anyone listed as an authorized contact for your account, information about your order. This may include information about the nature and status of your order, information you provided to process your order, payment information, and contact information. If you want someone to have access to your order, you must list them as an authorized contact or they may not obtain information.
Deleting Your Information. If you no longer desire our services, or if you want to remove your Personally Identifiable Information from our Site, you may terminate your account by contacting support@ironcladhq.com.
Opting Out of Marketing. We send promotional emails and newsletters from time to time to users who have registered on the site and to those who have opted in to receive such emails. You can opt-out of promotional communications by following the unsubscribe instructions in any communication or by emailing us at support@ironcladhq.com. Generally, you may not opt-out of service-related or transactional communications, which are not promotional. If you do not wish to receive service-related communications, however, you may terminate your account by contacting support@ironcladhq.com.
Data Retention
At minimum, we will retain your information for as long as needed to provide you services, and as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Ironclad may maintain some or all of this data in its archives even after it has been removed from the Site.
Data Security
We strive to make certain that our servers and connections incorporate the latest encryption and security devices. We have implemented physical, electronic, and managerial procedures to safeguard and secure the information we collect. Credit card and personal information are transmitted by secure servers (SSL). In the event that we mail you documents, documents are delivered to you via UPS or similar overnight delivery services, the United States Postal Service, or email. Unfortunately, no data transmission is guaranteed to be 100% secure and we therefore cannot guarantee the security of information you transmit to or from the Site, Applications, or through the use of our services, and you provide this information at your own risk. ACCORDINGLY, WE DISCLAIM LIABILITY FOR THE THEFT, LOSS, OR INTERCEPTION OF, OR UNAUTHORIZED ACCESS OR DAMAGE TO, YOUR DATA OR COMMUNICATIONS BY USING THE SITE, APPLICATIONS, AND OUR SERVICES. YOU ACKNOWLEDGE THAT YOU UNDERSTAND AND ASSUME THESE RISKS.
IF YOU BELIEVE YOUR PRIVACY HAS BEEN BREACHED THROUGH USE OF OUR WEBSITE, APPLICATIONS, OR OTHER SERVICES PLEASE CONTACT US IMMEDIATELY AT privacy@ironcladhq.com.
EEA, Switzerland, and UK Individuals
Legal Bases for Use of Your Information. Our legal grounds for processing your information are as follows:
- To honor our contractual commitments to you: Much of our processing of personal data is to meet our contractual obligations to our users, or to take steps at users’ requests in anticipation of entering into a contract with them. For example, we handle personal data on this basis to allow you to sign up for our Online Services.
- Consent: Where required by law, and in some other cases, we handle personal data on the basis of your implied or express consent.
- Legitimate interests: In many cases, we handle personal data on the ground that it furthers our legitimate interests in commercial activities in ways that are not overridden by the interests or fundamental rights and freedoms of the affected individuals. This includes: operating our business and the Online Services; providing security for our websites, products, software, or applications; marketing; receiving payments; preventing fraud; and knowing the customer to whom we are providing the Online Services.
- Legal compliance: We need to use and disclose personal data in certain ways to comply with our legal obligations (such as our obligation to disclose data to tax authorities).
Data Subject Rights. Residents of the European Economic Area (“EEA”), Switzerland, and the UK can exercise certain data subject rights available to them under applicable data protection laws. Where such rights apply, we will comply with requests to exercise these rights in accordance with applicable law. Please note, however, that certain information may be exempt from such requests in some circumstances, which may include if we need to keep processing your information for our legitimate interests or to comply with a legal obligation. If these rights apply to you, they may permit you to request that we:
- provide access to and/or a copy of certain information we hold about you
- prevent the processing of your information for direct-marketing purposes (including any direct marketing processing based on profiling)
- update information which is out of date or incorrect
- delete certain information which we are holding about you
- restrict the way that we process and disclose certain of your information
- transfer your information to a third party provider of services
- revoke your consent for the processing of your information
For more information on how to exercise these rights, please contact us using the information in the “Contact Us” section below. If applicable, you may make a complaint to the data protection supervisory authority in the country where you are based. Alternatively, you may seek a remedy through local courts if you believe your rights have been breached.
In instances where we process personal information on behalf of our customer, rights requests should be directed to the relevant customer. Any request sent directly to us that pertains to information collected on behalf of a customer will be forwarded on to that customer.
International Data Transfers. Information submitted to Ironclad will be transferred to, processed, and stored in the United States, or for certain customers, the European Union or Japan. If you post or transfer any information to or through the Online Services, you are agreeing to such information, including Personally Identifiable Information, being hosted and accessed in the United States, the European Union, and Japan. Please note that the privacy laws of the United States, the European Union, and Japan may be different from those in the place where you are a resident.
Where required, we will use appropriate safeguards for transferring data outside of the EEA, Switzerland, and the UK. This includes signing Standard Contractual Clauses that govern the transfers of such data, which may be used in conjunction with additional safeguards. For more information about these transfer mechanisms, please contact us as detailed in the “Contact us” section below.
Supplemental Privacy Notice for California Residents
This Supplemental Privacy Notice supplements the information in our Privacy Policy above, and except as provided herein, applies solely to California residents. It applies to personal information we collect on or through the Online Services and through other means (such as information collected offline, in person, and over the telephone). It does not apply to personal information we collect from our employees and job applicants in their capacity as employees and job applicants. It also does not apply to personal information we process as a service provider.
Summary of Information We Collect
If you are a California resident, California law requires us to provide you with some additional information regarding how we collect, use, and disclose your “personal information” and "sensitive personal information" (as defined in the California Consumer Privacy Act (“CCPA”)).
Throughout our Privacy Policy, we describe the specific pieces of personal information and sensitive personal information we collect, the sources of that information, and how we disclose it. Under the CCPA, we also have to provide you with the "categories" of personal information we collect and disclose for “business purposes” (as those terms are defined by applicable law). Those categories are identifiers (such as name, address, email address, phone number, other account information, and cookies); commercial information (such as transaction data); financial data (such as credit card and other financial account information); internet or other network or device activity (such as IP address or service usage); geolocation information (general location); inference data about you; sensory information (such as audio recordings if you call customer service); professional or employment related data; education data; insurance (including health insurance) information; medical information; physical characteristics or description; legally protected classifications (such as gender); other information that identifies or can be reasonably associated with you.The categories of sensitive personal information are account log-in, financial account information, and password or other credentials allowing access to your account.
We collect the categories of personal information identified above from the following sources: (1) directly from you; (2) through your use of the Online Services; (3) affiliates; and (4) third parties such as social networks and other Ironclad users.
We or our service providers may collect and disclose the above categories of information for the purposes described in our Privacy Policy. This includes the following business or commercial purposes (as those terms are defined in applicable law):
- Our or our service provider’s operational purposes;
- Auditing consumer interactions on our site;
- Detecting, protecting against, and prosecuting security incidents and fraudulent or illegal activity;
- Bug detection and error reporting;
- Customizing content that we or our service providers display on the Online Services;
- Providing the Online Services (e.g., account servicing and maintenance, order processing and fulfillment, customer service, advertising and marketing, analytics, and communication about the Online Services);
- Improving the Online Services and developing new services (e.g., by conducting research to develop new products or features);
- Other uses that advance our commercial or economic interests, such as third party advertising and communicating with you about relevant offers from third party partners;
- Other uses about which we notify you.
We may also use the above categories of personal information for compliance with applicable laws and regulations, and we may combine the information we collect (“aggregate”) or remove pieces of information (“de-identify”) to limit or prevent identification of any particular user or device.
We describe our information disclosure practices in our Privacy Policy. We may disclose certain categories of personal information with third parties (as defined by the CCPA) for the business purposes described above. For example, we may disclose identifiers and other information that identifies or can reasonably be associated with you with counterparties to your agreements. We may disclose identifiers with our marketing partners, and we may also disclose any of the categories described above with our subsidiaries and affiliates. If you connect your account with social media services or interact with social media plugins or links on the Online Service, we may disclose identifiers, commercial information, internet or other network or device activity, or general location with those social media services.
Consumer Rights
If you are a California resident, you may have certain rights. California law may permit you to request that we:
- Provide you the categories of personal information we have collected or disclosed about you; the categories of sources of such information; the business or commercial purpose for "collecting," "selling," or "sharing" your personal information; the categories of third parties to whom we disclose or "sell," or with whom we "share," personal information; and the categories of personal information we "sell."
- Provide access to and/or a copy of certain information we hold about you.
- Delete certain information we have about you.
- Correct inaccurate personal information that we maintain about you.
You may have the right to receive information about the financial incentives that we offer to you (if any). You also have the right to not be discriminated against (as provided for in applicable law) for exercising certain of your rights. Certain information may be exempt from such requests under applicable law. We need certain types of information so that we can provide the Online Services to you. If you ask us to delete it, you may no longer be able to access or use the Online Services.
In instances where we process personal information on behalf of our customer, rights requests should be directed to the relevant customer. Any request sent directly to us that pertains to information collected on behalf of a customer will be forwarded on to that customer.
If you would like to exercise any of these rights, you can submit a request at privacy@ironcladhq.com, call (855) 999-4766, or submit the Consumer Rights Request Form. You will be required to verify your identity before we fulfill your request. To do so, you will need to provide information to match with our existing records to verify your identity, depending on the nature of the request and the sensitivity of the information sought. You can also designate an authorized agent to make a request on your behalf. To do so, you must provide us with written authorization or a power of attorney, signed by you, for the agent to act on your behalf. You will still need to verify your identity directly with us.
“Sale” of Personal Information
California residents may opt out of the "sale" of their personal information. The CCPA broadly defines "sale" in a way that may include allowing third parties to receive certain information such as cookie identifiers, IP addresses and/or browsing behavior to add to a profile about your device, browser or you. Such profiles may enable delivery of interest-based advertising by such third parties within their platform or on other sites.
Depending on how you use the Service, we may disclose the following categories of information for such interest-based advertising, which may be considered a “sale” as defined by the CCPA: identifiers (such as IP address, device identifiers, and cookies) and internet and device activity. To opt out of such "sales," please submit a request to privacy@ironcladhq.com or submit the Consumer Rights Request Form.
"Sharing" of Personal Information
California residents may opt out of the "sharing" of their personal information. The CCPA defines "sharing" as the targeting of advertising to a consumer based on that consumer's personal information obtained from the consumer's activity across websites. We "share" information fo these purposes to provide more relevant and tailored advertising to you regarding our Services. As part of this advertising, we may "share" identifiers (such as IP address, device identifiers, and cookies) and internet and device activity with advertising platforms and advertising networks. To opt out of such "sharing," please submit a request to privacy@ironcladhq.com or submit the Consumer Rights Request Form.
Children Under 16
We do not knowingly "sell" or "share" the personal information of children under 16.
Sensitive Personal Information
The CCPA also allows you to limit the use or disclosure of your "sensitive personal information" (as defined in the CCPA) if your sensitive personal information is used for certain purposes. Please note that we do not use or disclose sensitive personal information other than for purposes for which you cannot opt out under the CCPA.
Retention of Your Personal Information
Please see the "Data Retention" section above.
California Shine the Light
We do not disclose personal information to third parties for their direct marketing purposes.
Children’s Privacy
The Online Services are not directed to children under the age of 13. We do not knowingly collect personal information (as that term is defined in the Children’s Online Privacy Protection Act (COPPA)) from children under 13. If we discover that an individual under 13 has provided us with personal information, we will delete the personal information to the extent required by COPPA.
We do not knowingly process data of EU residents under the age of 16 without parental consent. If we become aware that we have collected data from an EU resident under the age of 16 without parental consent, we will take reasonable steps to delete it as soon as possible.
Changes to this Policy
We may update this privacy policy to reflect changes to our information practices. If we make any material changes a notice may be posted on this page along with the updated Privacy Policy prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.
Contact Us
If you have any questions or concerns regarding our Privacy Policy, please contact us at privacy@ironcladhq.com.
Effective June 26th 2024 to September 5th 2024
DownloadTable of Contents
Ironclad, Inc. (“Ironclad” “We”, “Us”) is sensitive to your concerns about how we use the personal information we collect from you through Ironclad’s website (the “Site”) and other plug-ins exchanging information with Ironclad (“Applications”). (The Site and Applications are sometimes collectively referred to as “Online Services” for simplicity.) This Privacy Policy covers Ironclad’s treatment of the Personally Identifiable Information we collect when you use the Online Services. It also describes the choices available to you regarding our use of your personal information and how you can access and update this information. By using Ironclad Online Services, you accept the terms of this Privacy Policy. If you have questions or concerns about the Privacy Policy, please contact Customer Care at privacy@ironcladhq.com.
For purposes of data protection laws, Ironclad Inc., 650 California Street, Suite 1100, San Francisco, CA 94108, is the entity responsible for your information.
What information do we collect?
Information You Provide to Us
Ironclad requires each customer to provide us with personal information (collectively “Personally Identifiable Information”) to access and use Ironclad products and services. Personally Identifiable Information is captured when a visitor accesses Online Services, or speaks on the phone with or emails an Ironclad employee, and willingly discloses that information. This disclosure may occur when a visitor registers with an Online Service, engages in transactions, contacts customer service, or participates in contests, promotions, surveys, forums, content submissions, requests for suggestions, or other aspects of services offered by Ironclad.
Personally Identifiable Information includes: (i) “Contact Data” (such as your name, address, city, state, zip code, phone number, and email address); (ii) “Financial Data” (such as your credit card number, expiration date, and verification code or bank account information); (iii) “Demographic Data” (such as your zip code and sex).
Calls/Electronic Communications. In the regular course of our business, Ironclad may monitor and record phone conversations or email communications between you and Ironclad employees for training and quality assurance purposes. We may receive a confirmation when you open or click on content in an email from us, which helps us make our communications to you more useful and interesting.
Surveys, Sweepstakes, and Contests. We may provide you the opportunity to participate in surveys on our site, to measure customer satisfaction. If you participate, we may request certain personally identifiable information from you. Participation in these surveys, sweepstakes, or contests is completely voluntary and you therefore have a choice whether or not to disclose this information. The requested information typically includes name, email address, and mailing address.
Testimonials and Reviews. We may display personal testimonials of satisfied customers. We will ask for your specific consent as part of the survey. If you wish to update or delete your testimonial, you can contact us at support@ironcladhq.com. We may also display customer reviews. If you provide a review that we display and wish to update or delete it, you can also contact us at support@ironcladhq.com.
Information We Collect Automatically.
Traffic Data. Ironclad or its third-party service providers may collect a variety of visitor data such as IP addresses, browser settings, internet service provider (ISP) information, referring/exit pages, operating systems, date/time stamps, and clickstream data (collectively “Visitor Data”). The Ironclad internal servers and software automatically recognize Visitor Data. The Site may use Visitor Data to compile traffic data about the types of visitors who use the Site at specific intervals (collectively “Traffic Data”).
We may use Traffic Data to analyze Site traffic. We may also use Traffic Data to diagnose problems with our server, administer our Site, or display content according to your preferences. Visitor Data and Traffic Data may also be disclosed to business partners, affiliates, or advertisers on an aggregated and anonymous basis.
Cookies. Ironclad may use the standard cookie feature of major browser applications and third-party providers, including Google Analytics features (Remarketing, Google Display Network Impression Reporting, the DoubleClick Campaign Manager Integration and Google Analytics Demographics and Interest Reporting), or employ internally developed cookies, clear GIFs, pixel tags, tracking codes, and other technologies that allow Ironclad to store a small piece of data on a visitor’s computer, or any other device a visitor uses to access Online Services, about his or her visit to the Site or use of Applications. You can remove persistent cookies by following directions provided in your Internet browser’s “help” directory. If you reject cookies, you may still use our site, but your ability to use some areas of our site will be limited.
Location Information. When you use the Online Services, we may collect general location information (such as general location inferred from an IP address).
Information from Other Sources. We may collect information about you from third parties, such as marketing partners and researchers. Our customers may give us information about you, such as your Contact Data, in order to facilitate contracting through our Online Services. We may combine this information with information we collect from you and use it as described in this Privacy Policy.
How do we use the information we collect?
We use information we collect from the Online Services to: provide you with the Online Services; communicate with you; process your orders; manage and remember your preferences and customize the Online Services; analyze and improve the Online Services or any other products and Online Services we provide; improve our advertising and marketing; verify your identity; facilitate your transactions with our third-party marketing partners; inform you of offers and discounts; comply with our legal obligations or as permitted by law; protect the safety and/or integrity of our users, employees, third parties, members of the public, and/or the Online Services; and prevent fraud and enforce our legal terms.
We may combine information that we collect from you through the Online Service with information that we obtain from other sources. We may also aggregate and/or de-identify information collected through the Online Services. We may use de-identified or aggregated data for any purpose, including without limitation for research and marketing purposes.
How do we disclose the information we receive?
Except as disclosed here, we do not rent, sell, or disclose your personal information to third parties. We disclose customer information as follows:
- Order Processing. Ironclad, sometimes with the assistance of a third party or Ironclad subsidiary, may use your Personally Identifiable Information to process your payment through merchant account services, and to generate the products and services you order. Your Contact Data may be used to follow up with you on transactions you initiate through Online Services, respond to inquiries made through Online Services, inform you of changes to Online Services, and send you additional information about Ironclad and its products and services.
- Third Party Marketing. Unless specifically authorized by you, we do not provide Personally Identifiable Information to third parties for marketing purposes. If you express interest in a third party offer or purchase a package that includes a third party offer, we may provide your Personally Identifiable Information to that third party solely in connection with the offer you have selected.
- Required by Law. We may also disclose your personal information: as required by law, such as in response to a subpoena or similar legal process, and when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a legal request.
- Visitor Demographics. Contact Data and Traffic Data are used to gather general statistics about our customers and visitors. We may use Demographic Data to generate collective information about our users, but not in a way that identifies any user specifically. For example, we may inform third parties about the number of registered users and unique visitors, and the pages most frequently browsed.
- Service Providers. We may disclose your Personally Identifiable Information to companies that provide support services to us (such as a printer or email service provider), or help us market our products and services. These companies may need information about you in order to perform their functions.
- Blogs and Forums. The Site may include a publicly accessible blog and interactive forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. You should use caution when deciding whether to disclose your personal information in these areas of the site. To request removal of your personal information from our community forums, contact us at support@ironcladhq.com. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.
- Other Transfers. We may disclose Personally Identifiable Information and other data to businesses controlling, controlled by, or under common control with Ironclad. If Ironclad is merged, acquired, or sold, or if some or all of our assets or equity are transferred, we may disclose or transfer Personally Identifiable Information and other data in connection with the associated transactions.
- Bankruptcy. In the event of an Ironclad bankruptcy, insolvency, reorganization, receivership, or assignment for the benefit of creditors, or the application of laws or equitable principles affecting creditors’ rights generally, we may not be able to control how your personal information is treated, transferred, or used. If such an event occurs, your Personally Identifiable Information may be treated like any other Ironclad asset and sold, transferred, or disclosed to third parties, or used in ways not contemplated or permitted under this Privacy Policy. In this case, you will be notified via email and/or a prominent notice on our site of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
- Consent. In addition to the disclosures described in this Policy, we may disclose information about you whenever you consent to or direct such disclosure.
Analytics & Advertising
Analytics. We may use third-party web analytics services on the Online Services, such as those of Google Analytics. These service providers use the sort of technology described in the “Information We Collect Automatically” section above to help us analyze how users use the Online Services, including by noting the third-party website from which you arrive. The information collected by the technology will be disclosed to or collected directly by these service providers, who use the information to evaluate your use of the Service. We also use Google Analytics for certain purposes related to advertising, as described in the following section. To prevent Google Analytics from using your information for analytics, you may install the Google Analytics Opt-Out Browser Add-on.
Advertising. Our partners and affiliates, including Google Analytics (Remarketing, Google Display Network Impression Reporting, the DoubleClick Campaign Manager Integration, and Google Analytics and Interest Reporting), may use cookies and web beacons to collect information about your activities on this and other websites to provide you targeted advertising based upon your interests. This means that these partners and affiliates may show our ads on sites across the Internet based upon your previous visits to our site. Together with our partners and affiliates, we may use these cookies and web beacons to report how your ad impressions, other uses of ad services, and interactions with these ad impressions and ad services are related to your visits to our site.
The use of tracking technologies by our service providers, technology partners or other third party assets (such as social media links) on the site is not covered by our Privacy Policy. We do not have access or control over these technologies.
If you would like to learn more or opt out of receiving online display advertising tailored to your interests, please visit the Networking Advertising Initiative at www.networkadvertising.org/managing/opt_out.asp or the Digital Advertising Alliance at http://aboutads.info/choices. Please note this does not opt you out of being served advertising. You will continue to receive generic ads. If you delete your cookies, use a different browser, or buy a new computer, you will need to renew your online display advertising opt-out choice. To opt out of Google Analytics for Display Advertising or customize Google Display Network ads, you can visit the Google Ads Settings page.
Do Not Track. We do not recognize or respond to browser-initiated Do Not Track signals, as the Internet industry is currently still working on Do Not Track standards, implementations, and solutions.
Data we process on behalf of our customers
We receive information from and on behalf of our customers when they use our Online Services. Because of the nature of the services, this information may contain any type of personal identifiable information, including Contact Data, Financial Data, Demographic Data, and Legal Data (such as social security numbers, company information, trade secrets, inventions, and idea submissions and other sensitive information necessary to generate legal documents). We process such data only in accordance with our customers’ instructions. For such data, the customer is the "data controller" (for purposes of GDPR) or the “business” (for purposes of the CCPA) and is responsible for most aspects of the processing of the personal information. If you have any questions or concerns about how your personal information is processed in these cases, including how to exercise your rights as a data subject, please contact the customer. If we receive any rights requests concerning instances where we act as data processor, we will forward your query on to the relevant customer.
We may also collect the information of third party individuals on behalf of our customers. For example, our customers may use our service to collect counterparty information to populate a contract. Ironclad primarily uses this information for the purpose of administering and improving its services for our customers. Where the third party individual chooses to create an Ironclad account with us, however, we will process their information in accordance with this Privacy Policy.
Third-Party Websites
Ironclad may maintain links to other websites and other websites may maintain links to the Online Services. This Privacy Policy applies only to ironcladapp.com and not to other websites accessible from Ironclad or that you use to access Ironclad, each of which may have privacy policies materially different from this Privacy Policy. If you visit other websites, Ironclad is not responsible for the privacy practices or content of those sites. It is your responsibility to review the privacy policies of non-Ironclad websites to confirm that you understand and agree with them.
Your Options
You may choose not to provide Ironclad with Personally Identifiable Information or you may turn off cookies in your browser by changing its settings. If you make these decisions, you may continue to use the Online Services and browse its pages. However, Ironclad cannot process orders without Personally Identifiable Information.
User and Authorized Contact Access to Order Information. Ironclad will give you, or anyone listed as an authorized contact for your account, information about your order. This may include information about the nature and status of your order, information you provided to process your order, payment information, and contact information. If you want someone to have access to your order, you must list them as an authorized contact or they may not obtain information.
Deleting Your Information. If you no longer desire our services, or if you want to remove your Personally Identifiable Information from our Site, you may terminate your account by contacting support@ironcladhq.com.
Opting Out of Marketing. We send promotional emails and newsletters from time to time to users who have registered on the site and to those who have opted in to receive such emails. You can opt-out of promotional communications by following the unsubscribe instructions in any communication or by emailing us at support@ironcladhq.com. Generally, you may not opt-out of service-related or transactional communications, which are not promotional. If you do not wish to receive service-related communications, however, you may terminate your account by contacting support@ironcladhq.com.
Data Retention
At minimum, we will retain your information for as long as needed to provide you services, and as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Ironclad may maintain some or all of this data in its archives even after it has been removed from the Site.
Data Security
We strive to make certain that our servers and connections incorporate the latest encryption and security devices. We have implemented physical, electronic, and managerial procedures to safeguard and secure the information we collect. Credit card and personal information are transmitted by secure servers (SSL). In the event that we mail you documents, documents are delivered to you via UPS or similar overnight delivery services, the United States Postal Service, or email. Unfortunately, no data transmission is guaranteed to be 100% secure and we therefore cannot guarantee the security of information you transmit to or from the Site, Applications, or through the use of our services, and you provide this information at your own risk. ACCORDINGLY, WE DISCLAIM LIABILITY FOR THE THEFT, LOSS, OR INTERCEPTION OF, OR UNAUTHORIZED ACCESS OR DAMAGE TO, YOUR DATA OR COMMUNICATIONS BY USING THE SITE, APPLICATIONS, AND OUR SERVICES. YOU ACKNOWLEDGE THAT YOU UNDERSTAND AND ASSUME THESE RISKS.
IF YOU BELIEVE YOUR PRIVACY HAS BEEN BREACHED THROUGH USE OF OUR WEBSITE, APPLICATIONS, OR OTHER SERVICES PLEASE CONTACT US IMMEDIATELY AT privacy@ironcladhq.com.
EEA, Switzerland, and UK Individuals
Legal Bases for Use of Your Information. Our legal grounds for processing your information are as follows:
- To honor our contractual commitments to you: Much of our processing of personal data is to meet our contractual obligations to our users, or to take steps at users’ requests in anticipation of entering into a contract with them. For example, we handle personal data on this basis to allow you to sign up for our Online Services.
- Consent: Where required by law, and in some other cases, we handle personal data on the basis of your implied or express consent.
- Legitimate interests: In many cases, we handle personal data on the ground that it furthers our legitimate interests in commercial activities in ways that are not overridden by the interests or fundamental rights and freedoms of the affected individuals. This includes: operating our business and the Online Services; providing security for our websites, products, software, or applications; marketing; receiving payments; preventing fraud; and knowing the customer to whom we are providing the Online Services.
- Legal compliance: We need to use and disclose personal data in certain ways to comply with our legal obligations (such as our obligation to disclose data to tax authorities).
Data Subject Rights. Residents of the European Economic Area (“EEA”), Switzerland, and the UK can exercise certain data subject rights available to them under applicable data protection laws. Where such rights apply, we will comply with requests to exercise these rights in accordance with applicable law. Please note, however, that certain information may be exempt from such requests in some circumstances, which may include if we need to keep processing your information for our legitimate interests or to comply with a legal obligation. If these rights apply to you, they may permit you to request that we:
- provide access to and/or a copy of certain information we hold about you
- prevent the processing of your information for direct-marketing purposes (including any direct marketing processing based on profiling)
- update information which is out of date or incorrect
- delete certain information which we are holding about you
- restrict the way that we process and disclose certain of your information
- transfer your information to a third party provider of services
- revoke your consent for the processing of your information
For more information on how to exercise these rights, please contact us using the information in the “Contact Us” section below. If applicable, you may make a complaint to the data protection supervisory authority in the country where you are based. Alternatively, you may seek a remedy through local courts if you believe your rights have been breached.
In instances where we process personal information on behalf of our customer, rights requests should be directed to the relevant customer. Any request sent directly to us that pertains to information collected on behalf of a customer will be forwarded on to that customer.
International Data Transfers. Information submitted to Ironclad will be transferred to, processed, and stored in the United States, or for certain customers, the European Union or Japan. If you post or transfer any information to or through the Online Services, you are agreeing to such information, including Personally Identifiable Information, being hosted and accessed in the United States, the European Union, and Japan. Please note that the privacy laws of the United States, the European Union, and Japan may be different from those in the place where you are a resident.
Where required, we will use appropriate safeguards for transferring data outside of the EEA, Switzerland, and the UK. This includes signing Standard Contractual Clauses that govern the transfers of such data, which may be used in conjunction with additional safeguards. For more information about these transfer mechanisms, please contact us as detailed in the “Contact us” section below.
Supplemental Privacy Notice for California Residents
This Supplemental Privacy Notice supplements the information in our Privacy Policy above, and except as provided herein, applies solely to California residents. It applies to personal information we collect on or through the Online Services and through other means (such as information collected offline, in person, and over the telephone). It does not apply to personal information we collect from our employees and job applicants in their capacity as employees and job applicants. It also does not apply to personal information we process as a service provider.
Summary of Information We Collect
If you are a California resident, California law requires us to provide you with some additional information regarding how we collect, use, and disclose your “personal information” and "sensitive personal information" (as defined in the California Consumer Privacy Act (“CCPA”)).
Throughout our Privacy Policy, we describe the specific pieces of personal information and sensitive personal information we collect, the sources of that information, and how we disclose it. Under the CCPA, we also have to provide you with the "categories" of personal information we collect and disclose for “business purposes” (as those terms are defined by applicable law). Those categories are identifiers (such as name, address, email address, phone number, other account information, and cookies); commercial information (such as transaction data); financial data (such as credit card and other financial account information); internet or other network or device activity (such as IP address or service usage); geolocation information (general location); inference data about you; sensory information (such as audio recordings if you call customer service); professional or employment related data; education data; insurance (including health insurance) information; medical information; physical characteristics or description; legally protected classifications (such as gender); other information that identifies or can be reasonably associated with you.The categories of sensitive personal information are account log-in, financial account information, and password or other credentials allowing access to your account.
We collect the categories of personal information identified above from the following sources: (1) directly from you; (2) through your use of the Online Services; (3) affiliates; and (4) third parties such as social networks and other Ironclad users.
We or our service providers may collect and disclose the above categories of information for the purposes described in our Privacy Policy. This includes the following business or commercial purposes (as those terms are defined in applicable law):
- Our or our service provider’s operational purposes;
- Auditing consumer interactions on our site;
- Detecting, protecting against, and prosecuting security incidents and fraudulent or illegal activity;
- Bug detection and error reporting;
- Customizing content that we or our service providers display on the Online Services;
- Providing the Online Services (e.g., account servicing and maintenance, order processing and fulfillment, customer service, advertising and marketing, analytics, and communication about the Online Services);
- Improving the Online Services and developing new services (e.g., by conducting research to develop new products or features);
- Other uses that advance our commercial or economic interests, such as third party advertising and communicating with you about relevant offers from third party partners;
- Other uses about which we notify you.
We may also use the above categories of personal information for compliance with applicable laws and regulations, and we may combine the information we collect (“aggregate”) or remove pieces of information (“de-identify”) to limit or prevent identification of any particular user or device.
We describe our information disclosure practices in our Privacy Policy. We may disclose certain categories of personal information with third parties (as defined by the CCPA) for the business purposes described above. For example, we may disclose identifiers and other information that identifies or can reasonably be associated with you with counterparties to your agreements. We may disclose identifiers with our marketing partners, and we may also disclose any of the categories described above with our subsidiaries and affiliates. If you connect your account with social media services or interact with social media plugins or links on the Online Service, we may disclose identifiers, commercial information, internet or other network or device activity, or general location with those social media services.
Consumer Rights
If you are a California resident, you may have certain rights. California law may permit you to request that we:
- Provide you the categories of personal information we have collected or disclosed about you; the categories of sources of such information; the business or commercial purpose for "collecting," "selling," or "sharing" your personal information; the categories of third parties to whom we disclose or "sell," or with whom we "share," personal information; and the categories of personal information we "sell."
- Provide access to and/or a copy of certain information we hold about you.
- Delete certain information we have about you.
- Correct inaccurate personal information that we maintain about you.
You may have the right to receive information about the financial incentives that we offer to you (if any). You also have the right to not be discriminated against (as provided for in applicable law) for exercising certain of your rights. Certain information may be exempt from such requests under applicable law. We need certain types of information so that we can provide the Online Services to you. If you ask us to delete it, you may no longer be able to access or use the Online Services.
In instances where we process personal information on behalf of our customer, rights requests should be directed to the relevant customer. Any request sent directly to us that pertains to information collected on behalf of a customer will be forwarded on to that customer.
If you would like to exercise any of these rights, you can submit a request at privacy@ironcladhq.com, call (855) 999-4766, or submit the Consumer Rights Request Form. You will be required to verify your identity before we fulfill your request. To do so, you will need to provide information to match with our existing records to verify your identity, depending on the nature of the request and the sensitivity of the information sought. You can also designate an authorized agent to make a request on your behalf. To do so, you must provide us with written authorization or a power of attorney, signed by you, for the agent to act on your behalf. You will still need to verify your identity directly with us.
“Sale” of Personal Information
California residents may opt out of the "sale" of their personal information. The CCPA broadly defines "sale" in a way that may include allowing third parties to receive certain information such as cookie identifiers, IP addresses and/or browsing behavior to add to a profile about your device, browser or you. Such profiles may enable delivery of interest-based advertising by such third parties within their platform or on other sites.
Depending on how you use the Service, we may disclose the following categories of information for such interest-based advertising, which may be considered a “sale” as defined by the CCPA: identifiers (such as IP address, device identifiers, and cookies) and internet and device activity. To opt out of such "sales," please submit a request to privacy@ironcladhq.com or submit the Consumer Rights Request Form.
"Sharing" of Personal Information
California residents may opt out of the "sharing" of their personal information. The CCPA defines "sharing" as the targeting of advertising to a consumer based on that consumer's personal information obtained from the consumer's activity across websites. We "share" information fo these purposes to provide more relevant and tailored advertising to you regarding our Services. As part of this advertising, we may "share" identifiers (such as IP address, device identifiers, and cookies) and internet and device activity with advertising platforms and advertising networks. To opt out of such "sharing," please submit a request to privacy@ironcladhq.com or submit the Consumer Rights Request Form.
Children Under 16
We do not knowingly "sell" or "share" the personal information of children under 16.
Sensitive Personal Information
The CCPA also allows you to limit the use or disclosure of your "sensitive personal information" (as defined in the CCPA) if your sensitive personal information is used for certain purposes. Please note that we do not use or disclose sensitive personal information other than for purposes for which you cannot opt out under the CCPA.
Retention of Your Personal Information
Please see the "Data Retention" section above.
California Shine the Light
We do not disclose personal information to third parties for their direct marketing purposes.
Children’s Privacy
The Online Services are not directed to children under the age of 13. We do not knowingly collect personal information (as that term is defined in the Children’s Online Privacy Protection Act (COPPA)) from children under 13. If we discover that an individual under 13 has provided us with personal information, we will delete the personal information to the extent required by COPPA.
We do not knowingly process data of EU residents under the age of 16 without parental consent. If we become aware that we have collected data from an EU resident under the age of 16 without parental consent, we will take reasonable steps to delete it as soon as possible.
Changes to this Policy
We may update this privacy policy to reflect changes to our information practices. If we make any material changes a notice may be posted on this page along with the updated Privacy Policy prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.
Contact Us
If you have any questions or concerns regarding our Privacy Policy, please contact us at privacy@ironcladhq.com.
Effective January 2nd 2024 to June 26th 2024
DownloadTable of Contents
Ironclad, Inc. (“Ironclad” “We”, “Us”) is sensitive to your concerns about how we use the personal information we collect from you through Ironclad’s website (the “Site”) and other plug-ins exchanging information with Ironclad (“Applications”). (The Site and Applications are sometimes collectively referred to as “Online Services” for simplicity.) This Privacy Policy covers Ironclad’s treatment of the Personally Identifiable Information we collect when you use the Online Services. It also describes the choices available to you regarding our use of your personal information and how you can access and update this information. By using Ironclad Online Services, you accept the terms of this Privacy Policy. If you have questions or concerns about the Privacy Policy, please contact Customer Care at privacy@ironcladhq.com.
For purposes of data protection laws, Ironclad Inc., 71 Stevenson St #600, San Francisco, CA 94105, is the entity responsible for your information.
What information do we collect?
Information You Provide to Us
Ironclad requires each customer to provide us with personal information (collectively “Personally Identifiable Information”) to access and use Ironclad products and services. Personally Identifiable Information is captured when a visitor accesses Online Services, or speaks on the phone with or emails an Ironclad employee, and willingly discloses that information. This disclosure may occur when a visitor registers with an Online Service, engages in transactions, contacts customer service, or participates in contests, promotions, surveys, forums, content submissions, requests for suggestions, or other aspects of services offered by Ironclad.
Personally Identifiable Information includes: (i) “Contact Data” (such as your name, address, city, state, zip code, phone number, and email address); (ii) “Financial Data” (such as your credit card number, expiration date, and verification code or bank account information); (iii) “Demographic Data” (such as your zip code and sex).
Calls/Electronic Communications. In the regular course of our business, Ironclad may monitor and record phone conversations or email communications between you and Ironclad employees for training and quality assurance purposes. We may receive a confirmation when you open or click on content in an email from us, which helps us make our communications to you more useful and interesting.
Surveys, Sweepstakes, and Contests. We may provide you the opportunity to participate in surveys on our site, to measure customer satisfaction. If you participate, we may request certain personally identifiable information from you. Participation in these surveys, sweepstakes, or contests is completely voluntary and you therefore have a choice whether or not to disclose this information. The requested information typically includes name, email address, and mailing address.
Testimonials and Reviews. We may display personal testimonials of satisfied customers. We will ask for your specific consent as part of the survey. If you wish to update or delete your testimonial, you can contact us at support@ironcladhq.com. We may also display customer reviews. If you provide a review that we display and wish to update or delete it, you can also contact us at support@ironcladhq.com.
Information We Collect Automatically.
Traffic Data. Ironclad or its third-party service providers may collect a variety of visitor data such as IP addresses, browser settings, internet service provider (ISP) information, referring/exit pages, operating systems, date/time stamps, and clickstream data (collectively “Visitor Data”). The Ironclad internal servers and software automatically recognize Visitor Data. The Site may use Visitor Data to compile traffic data about the types of visitors who use the Site at specific intervals (collectively “Traffic Data”).
We may use Traffic Data to analyze Site traffic. We may also use Traffic Data to diagnose problems with our server, administer our Site, or display content according to your preferences. Visitor Data and Traffic Data may also be disclosed to business partners, affiliates, or advertisers on an aggregated and anonymous basis.
Cookies. Ironclad may use the standard cookie feature of major browser applications and third-party providers, including Google Analytics features (Remarketing, Google Display Network Impression Reporting, the DoubleClick Campaign Manager Integration and Google Analytics Demographics and Interest Reporting), or employ internally developed cookies, clear GIFs, pixel tags, tracking codes, and other technologies that allow Ironclad to store a small piece of data on a visitor’s computer, or any other device a visitor uses to access Online Services, about his or her visit to the Site or use of Applications. You can remove persistent cookies by following directions provided in your Internet browser’s “help” directory. If you reject cookies, you may still use our site, but your ability to use some areas of our site will be limited.
Location Information. When you use the Online Services, we may collect general location information (such as general location inferred from an IP address).
Information from Other Sources. We may collect information about you from third parties, such as marketing partners and researchers. Our customers may give us information about you, such as your Contact Data, in order to facilitate contracting through our Online Services. We may combine this information with information we collect from you and use it as described in this Privacy Policy.
How do we use the information we collect?
We use information we collect from the Online Services to: provide you with the Online Services; communicate with you; process your orders; manage and remember your preferences and customize the Online Services; analyze and improve the Online Services or any other products and Online Services we provide; improve our advertising and marketing; verify your identity; facilitate your transactions with our third-party marketing partners; inform you of offers and discounts; comply with our legal obligations or as permitted by law; protect the safety and/or integrity of our users, employees, third parties, members of the public, and/or the Online Services; and prevent fraud and enforce our legal terms.
We may combine information that we collect from you through the Online Service with information that we obtain from other sources. We may also aggregate and/or de-identify information collected through the Online Services. We may use de-identified or aggregated data for any purpose, including without limitation for research and marketing purposes.
How do we disclose the information we receive?
Except as disclosed here, we do not rent, sell, or disclose your personal information to third parties. We disclose customer information as follows:
- Order Processing. Ironclad, sometimes with the assistance of a third party or Ironclad subsidiary, may use your Personally Identifiable Information to process your payment through merchant account services, and to generate the products and services you order. Your Contact Data may be used to follow up with you on transactions you initiate through Online Services, respond to inquiries made through Online Services, inform you of changes to Online Services, and send you additional information about Ironclad and its products and services.
- Third Party Marketing. Unless specifically authorized by you, we do not provide Personally Identifiable Information to third parties for marketing purposes. If you express interest in a third party offer or purchase a package that includes a third party offer, we may provide your Personally Identifiable Information to that third party solely in connection with the offer you have selected.
- Required by Law. We may also disclose your personal information: as required by law, such as in response to a subpoena or similar legal process, and when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a legal request.
- Visitor Demographics. Contact Data and Traffic Data are used to gather general statistics about our customers and visitors. We may use Demographic Data to generate collective information about our users, but not in a way that identifies any user specifically. For example, we may inform third parties about the number of registered users and unique visitors, and the pages most frequently browsed.
- Service Providers. We may disclose your Personally Identifiable Information to companies that provide support services to us (such as a printer or email service provider), or help us market our products and services. These companies may need information about you in order to perform their functions.
- Blogs and Forums. The Site may include a publicly accessible blog and interactive forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. You should use caution when deciding whether to disclose your personal information in these areas of the site. To request removal of your personal information from our community forums, contact us at support@ironcladhq.com. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.
- Other Transfers. We may disclose Personally Identifiable Information and other data to businesses controlling, controlled by, or under common control with Ironclad. If Ironclad is merged, acquired, or sold, or if some or all of our assets or equity are transferred, we may disclose or transfer Personally Identifiable Information and other data in connection with the associated transactions.
- Bankruptcy. In the event of an Ironclad bankruptcy, insolvency, reorganization, receivership, or assignment for the benefit of creditors, or the application of laws or equitable principles affecting creditors’ rights generally, we may not be able to control how your personal information is treated, transferred, or used. If such an event occurs, your Personally Identifiable Information may be treated like any other Ironclad asset and sold, transferred, or disclosed to third parties, or used in ways not contemplated or permitted under this Privacy Policy. In this case, you will be notified via email and/or a prominent notice on our site of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
- Consent. In addition to the disclosures described in this Policy, we may disclose information about you whenever you consent to or direct such disclosure.
Analytics & Advertising
Analytics. We may use third-party web analytics services on the Online Services, such as those of Google Analytics. These service providers use the sort of technology described in the “Information We Collect Automatically” section above to help us analyze how users use the Online Services, including by noting the third-party website from which you arrive. The information collected by the technology will be disclosed to or collected directly by these service providers, who use the information to evaluate your use of the Service. We also use Google Analytics for certain purposes related to advertising, as described in the following section. To prevent Google Analytics from using your information for analytics, you may install the Google Analytics Opt-Out Browser Add-on.
Advertising. Our partners and affiliates, including Google Analytics (Remarketing, Google Display Network Impression Reporting, the DoubleClick Campaign Manager Integration, and Google Analytics and Interest Reporting), may use cookies and web beacons to collect information about your activities on this and other websites to provide you targeted advertising based upon your interests. This means that these partners and affiliates may show our ads on sites across the Internet based upon your previous visits to our site. Together with our partners and affiliates, we may use these cookies and web beacons to report how your ad impressions, other uses of ad services, and interactions with these ad impressions and ad services are related to your visits to our site.
The use of tracking technologies by our service providers, technology partners or other third party assets (such as social media links) on the site is not covered by our Privacy Policy. We do not have access or control over these technologies.
If you would like to learn more or opt out of receiving online display advertising tailored to your interests, please visit the Networking Advertising Initiative at www.networkadvertising.org/managing/opt_out.asp or the Digital Advertising Alliance at http://aboutads.info/choices. Please note this does not opt you out of being served advertising. You will continue to receive generic ads. If you delete your cookies, use a different browser, or buy a new computer, you will need to renew your online display advertising opt-out choice. To opt out of Google Analytics for Display Advertising or customize Google Display Network ads, you can visit the Google Ads Settings page.
Do Not Track. We do not recognize or respond to browser-initiated Do Not Track signals, as the Internet industry is currently still working on Do Not Track standards, implementations, and solutions.
Data we process on behalf of our customers
We receive information from and on behalf of our customers when they use our Online Services. Because of the nature of the services, this information may contain any type of personal identifiable information, including Contact Data, Financial Data, Demographic Data, and Legal Data (such as social security numbers, company information, trade secrets, inventions, and idea submissions and other sensitive information necessary to generate legal documents). We process such data only in accordance with our customers’ instructions. For such data, the customer is the "data controller" (for purposes of GDPR) or the “business” (for purposes of the CCPA) and is responsible for most aspects of the processing of the personal information. If you have any questions or concerns about how your personal information is processed in these cases, including how to exercise your rights as a data subject, please contact the customer. If we receive any rights requests concerning instances where we act as data processor, we will forward your query on to the relevant customer.
We may also collect the information of third party individuals on behalf of our customers. For example, our customers may use our service to collect counterparty information to populate a contract. Ironclad primarily uses this information for the purpose of administering and improving its services for our customers. Where the third party individual chooses to create an Ironclad account with us, however, we will process their information in accordance with this Privacy Policy.
Third-Party Websites
Ironclad may maintain links to other websites and other websites may maintain links to the Online Services. This Privacy Policy applies only to ironcladapp.com and not to other websites accessible from Ironclad or that you use to access Ironclad, each of which may have privacy policies materially different from this Privacy Policy. If you visit other websites, Ironclad is not responsible for the privacy practices or content of those sites. It is your responsibility to review the privacy policies of non-Ironclad websites to confirm that you understand and agree with them.
Your Options
You may choose not to provide Ironclad with Personally Identifiable Information or you may turn off cookies in your browser by changing its settings. If you make these decisions, you may continue to use the Online Services and browse its pages. However, Ironclad cannot process orders without Personally Identifiable Information.
User and Authorized Contact Access to Order Information. Ironclad will give you, or anyone listed as an authorized contact for your account, information about your order. This may include information about the nature and status of your order, information you provided to process your order, payment information, and contact information. If you want someone to have access to your order, you must list them as an authorized contact or they may not obtain information.
Deleting Your Information. If you no longer desire our services, or if you want to remove your Personally Identifiable Information from our Site, you may terminate your account by contacting support@ironcladhq.com.
Opting Out of Marketing. We send promotional emails and newsletters from time to time to users who have registered on the site and to those who have opted in to receive such emails. You can opt-out of promotional communications by following the unsubscribe instructions in any communication or by emailing us at support@ironcladhq.com. Generally, you may not opt-out of service-related or transactional communications, which are not promotional. If you do not wish to receive service-related communications, however, you may terminate your account by contacting support@ironcladhq.com.
Data Retention
At minimum, we will retain your information for as long as needed to provide you services, and as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Ironclad may maintain some or all of this data in its archives even after it has been removed from the Site.
Data Security
We strive to make certain that our servers and connections incorporate the latest encryption and security devices. We have implemented physical, electronic, and managerial procedures to safeguard and secure the information we collect. Credit card and personal information are transmitted by secure servers (SSL). In the event that we mail you documents, documents are delivered to you via UPS or similar overnight delivery services, the United States Postal Service, or email. Unfortunately, no data transmission is guaranteed to be 100% secure and we therefore cannot guarantee the security of information you transmit to or from the Site, Applications, or through the use of our services, and you provide this information at your own risk. ACCORDINGLY, WE DISCLAIM LIABILITY FOR THE THEFT, LOSS, OR INTERCEPTION OF, OR UNAUTHORIZED ACCESS OR DAMAGE TO, YOUR DATA OR COMMUNICATIONS BY USING THE SITE, APPLICATIONS, AND OUR SERVICES. YOU ACKNOWLEDGE THAT YOU UNDERSTAND AND ASSUME THESE RISKS.
IF YOU BELIEVE YOUR PRIVACY HAS BEEN BREACHED THROUGH USE OF OUR WEBSITE, APPLICATIONS, OR OTHER SERVICES PLEASE CONTACT US IMMEDIATELY AT privacy@ironcladhq.com.
EEA, Switzerland, and UK Individuals
Legal Bases for Use of Your Information. Our legal grounds for processing your information are as follows:
- To honor our contractual commitments to you: Much of our processing of personal data is to meet our contractual obligations to our users, or to take steps at users’ requests in anticipation of entering into a contract with them. For example, we handle personal data on this basis to allow you to sign up for our Online Services.
- Consent: Where required by law, and in some other cases, we handle personal data on the basis of your implied or express consent.
- Legitimate interests: In many cases, we handle personal data on the ground that it furthers our legitimate interests in commercial activities in ways that are not overridden by the interests or fundamental rights and freedoms of the affected individuals. This includes: operating our business and the Online Services; providing security for our websites, products, software, or applications; marketing; receiving payments; preventing fraud; and knowing the customer to whom we are providing the Online Services.
- Legal compliance: We need to use and disclose personal data in certain ways to comply with our legal obligations (such as our obligation to disclose data to tax authorities).
Data Subject Rights. Residents of the European Economic Area (“EEA”), Switzerland, and the UK can exercise certain data subject rights available to them under applicable data protection laws. Where such rights apply, we will comply with requests to exercise these rights in accordance with applicable law. Please note, however, that certain information may be exempt from such requests in some circumstances, which may include if we need to keep processing your information for our legitimate interests or to comply with a legal obligation. If these rights apply to you, they may permit you to request that we:
- provide access to and/or a copy of certain information we hold about you
- prevent the processing of your information for direct-marketing purposes (including any direct marketing processing based on profiling)
- update information which is out of date or incorrect
- delete certain information which we are holding about you
- restrict the way that we process and disclose certain of your information
- transfer your information to a third party provider of services
- revoke your consent for the processing of your information
For more information on how to exercise these rights, please contact us using the information in the “Contact Us” section below. If applicable, you may make a complaint to the data protection supervisory authority in the country where you are based. Alternatively, you may seek a remedy through local courts if you believe your rights have been breached.
In instances where we process personal information on behalf of our customer, rights requests should be directed to the relevant customer. Any request sent directly to us that pertains to information collected on behalf of a customer will be forwarded on to that customer.
International Data Transfers. Information submitted to Ironclad will be transferred to, processed, and stored in the United States, or for certain customers, the European Union or Japan. If you post or transfer any information to or through the Online Services, you are agreeing to such information, including Personally Identifiable Information, being hosted and accessed in the United States, the European Union, and Japan. Please note that the privacy laws of the United States, the European Union, and Japan may be different from those in the place where you are a resident.
Where required, we will use appropriate safeguards for transferring data outside of the EEA, Switzerland, and the UK. This includes signing Standard Contractual Clauses that govern the transfers of such data, which may be used in conjunction with additional safeguards. For more information about these transfer mechanisms, please contact us as detailed in the “Contact us” section below.
Supplemental Privacy Notice for California Residents
This Supplemental Privacy Notice supplements the information in our Privacy Policy above, and except as provided herein, applies solely to California residents. It applies to personal information we collect on or through the Online Services and through other means (such as information collected offline, in person, and over the telephone). It does not apply to personal information we collect from our employees and job applicants in their capacity as employees and job applicants. It also does not apply to personal information we process as a service provider.
Summary of Information We Collect
If you are a California resident, California law requires us to provide you with some additional information regarding how we collect, use, and disclose your “personal information” and "sensitive personal information" (as defined in the California Consumer Privacy Act (“CCPA”)).
Throughout our Privacy Policy, we describe the specific pieces of personal information and sensitive personal information we collect, the sources of that information, and how we disclose it. Under the CCPA, we also have to provide you with the "categories" of personal information we collect and disclose for “business purposes” (as those terms are defined by applicable law). Those categories are identifiers (such as name, address, email address, phone number, other account information, and cookies); commercial information (such as transaction data); financial data (such as credit card and other financial account information); internet or other network or device activity (such as IP address or service usage); geolocation information (general location); inference data about you; sensory information (such as audio recordings if you call customer service); professional or employment related data; education data; insurance (including health insurance) information; medical information; physical characteristics or description; legally protected classifications (such as gender); other information that identifies or can be reasonably associated with you.The categories of sensitive personal information are account log-in, financial account information, and password or other credentials allowing access to your account.
We collect the categories of personal information identified above from the following sources: (1) directly from you; (2) through your use of the Online Services; (3) affiliates; and (4) third parties such as social networks and other Ironclad users.
We or our service providers may collect and disclose the above categories of information for the purposes described in our Privacy Policy. This includes the following business or commercial purposes (as those terms are defined in applicable law):
- Our or our service provider’s operational purposes;
- Auditing consumer interactions on our site;
- Detecting, protecting against, and prosecuting security incidents and fraudulent or illegal activity;
- Bug detection and error reporting;
- Customizing content that we or our service providers display on the Online Services;
- Providing the Online Services (e.g., account servicing and maintenance, order processing and fulfillment, customer service, advertising and marketing, analytics, and communication about the Online Services);
- Improving the Online Services and developing new services (e.g., by conducting research to develop new products or features);
- Other uses that advance our commercial or economic interests, such as third party advertising and communicating with you about relevant offers from third party partners;
- Other uses about which we notify you.
We may also use the above categories of personal information for compliance with applicable laws and regulations, and we may combine the information we collect (“aggregate”) or remove pieces of information (“de-identify”) to limit or prevent identification of any particular user or device.
We describe our information disclosure practices in our Privacy Policy. We may disclose certain categories of personal information with third parties (as defined by the CCPA) for the business purposes described above. For example, we may disclose identifiers and other information that identifies or can reasonably be associated with you with counterparties to your agreements. We may disclose identifiers with our marketing partners, and we may also disclose any of the categories described above with our subsidiaries and affiliates. If you connect your account with social media services or interact with social media plugins or links on the Online Service, we may disclose identifiers, commercial information, internet or other network or device activity, or general location with those social media services.
Consumer Rights
If you are a California resident, you may have certain rights. California law may permit you to request that we:
- Provide you the categories of personal information we have collected or disclosed about you; the categories of sources of such information; the business or commercial purpose for "collecting," "selling," or "sharing" your personal information; the categories of third parties to whom we disclose or "sell," or with whom we "share," personal information; and the categories of personal information we "sell."
- Provide access to and/or a copy of certain information we hold about you.
- Delete certain information we have about you.
- Correct inaccurate personal information that we maintain about you.
You may have the right to receive information about the financial incentives that we offer to you (if any). You also have the right to not be discriminated against (as provided for in applicable law) for exercising certain of your rights. Certain information may be exempt from such requests under applicable law. We need certain types of information so that we can provide the Online Services to you. If you ask us to delete it, you may no longer be able to access or use the Online Services.
In instances where we process personal information on behalf of our customer, rights requests should be directed to the relevant customer. Any request sent directly to us that pertains to information collected on behalf of a customer will be forwarded on to that customer.
If you would like to exercise any of these rights, you can submit a request at privacy@ironcladhq.com, call (855) 999-4766, or submit the Consumer Rights Request Form. You will be required to verify your identity before we fulfill your request. To do so, you will need to provide information to match with our existing records to verify your identity, depending on the nature of the request and the sensitivity of the information sought. You can also designate an authorized agent to make a request on your behalf. To do so, you must provide us with written authorization or a power of attorney, signed by you, for the agent to act on your behalf. You will still need to verify your identity directly with us.
“Sale” of Personal Information
California residents may opt out of the "sale" of their personal information. The CCPA broadly defines "sale" in a way that may include allowing third parties to receive certain information such as cookie identifiers, IP addresses and/or browsing behavior to add to a profile about your device, browser or you. Such profiles may enable delivery of interest-based advertising by such third parties within their platform or on other sites.
Depending on how you use the Service, we may disclose the following categories of information for such interest-based advertising, which may be considered a “sale” as defined by the CCPA: identifiers (such as IP address, device identifiers, and cookies) and internet and device activity. To opt out of such "sales," please submit a request to privacy@ironcladhq.com or submit the Consumer Rights Request Form.
"Sharing" of Personal Information
California residents may opt out of the "sharing" of their personal information. The CCPA defines "sharing" as the targeting of advertising to a consumer based on that consumer's personal information obtained from the consumer's activity across websites. We "share" information fo these purposes to provide more relevant and tailored advertising to you regarding our Services. As part of this advertising, we may "share" identifiers (such as IP address, device identifiers, and cookies) and internet and device activity with advertising platforms and advertising networks. To opt out of such "sharing," please submit a request to privacy@ironcladhq.com or submit the Consumer Rights Request Form.
Children Under 16
We do not knowingly "sell" or "share" the personal information of children under 16.
Sensitive Personal Information
The CCPA also allows you to limit the use or disclosure of your "sensitive personal information" (as defined in the CCPA) if your sensitive personal information is used for certain purposes. Please note that we do not use or disclose sensitive personal information other than for purposes for which you cannot opt out under the CCPA.
Retention of Your Personal Information
Please see the "Data Retention" section above.
California Shine the Light
We do not disclose personal information to third parties for their direct marketing purposes.
Children’s Privacy
The Online Services are not directed to children under the age of 13. We do not knowingly collect personal information (as that term is defined in the Children’s Online Privacy Protection Act (COPPA)) from children under 13. If we discover that an individual under 13 has provided us with personal information, we will delete the personal information to the extent required by COPPA.
We do not knowingly process data of EU residents under the age of 16 without parental consent. If we become aware that we have collected data from an EU resident under the age of 16 without parental consent, we will take reasonable steps to delete it as soon as possible.
Changes to this Policy
We may update this privacy policy to reflect changes to our information practices. If we make any material changes a notice may be posted on this page along with the updated Privacy Policy prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.
Contact Us
If you have any questions or concerns regarding our Privacy Policy, please contact us at privacy@ironcladhq.com.
Effective March 20th 2023 to January 2nd 2024
DownloadTable of Contents
Ironclad, Inc. (“Ironclad” “We”, “Us”) is sensitive to your concerns about how we use the personal information we collect from you through Ironclad’s website (the “Site”) and other plug-ins exchanging information with Ironclad (“Applications”). (The Site and Applications are sometimes collectively referred to as “Online Services” for simplicity.) This Privacy Policy covers Ironclad’s treatment of the Personally Identifiable Information we collect when you use the Online Services. It also describes the choices available to you regarding our use of your personal information and how you can access and update this information. By using Ironclad Online Services, you accept the terms of this Privacy Policy. If you have questions or concerns about the Privacy Policy, please contact Customer Care at support@ironcladhq.com.
For purposes of data protection laws, Ironclad Inc., 71 Stevenson St #600, San Francisco, CA 94105, is the entity responsible for your information.
What information do we collect?
Information You Provide to Us
Ironclad requires each customer to provide us with personal information (collectively “Personally Identifiable Information”) to access and use Ironclad products and services. Personally Identifiable Information is captured when a visitor accesses Online Services, or speaks on the phone with or emails an Ironclad employee, and willingly discloses that information. This disclosure may occur when a visitor registers with an Online Service, engages in transactions, contacts customer service, or participates in contests, promotions, surveys, forums, content submissions, requests for suggestions, or other aspects of services offered by Ironclad.
Personally Identifiable Information includes: (i) “Contact Data” (such as your name, address, city, state, zip code, phone number, and email address); (ii) “Financial Data” (such as your credit card number, expiration date, and verification code or bank account information); (iii) “Demographic Data” (such as your zip code and sex).
Calls/Electronic Communications. In the regular course of our business, Ironclad may monitor and record phone conversations or email communications between you and Ironclad employees for training and quality assurance purposes. We may receive a confirmation when you open or click on content in an email from us, which helps us make our communications to you more useful and interesting.
Surveys, Sweepstakes, and Contests. We may provide you the opportunity to participate in surveys on our site, to measure customer satisfaction. If you participate, we may request certain personally identifiable information from you. Participation in these surveys, sweepstakes, or contests is completely voluntary and you therefore have a choice whether or not to disclose this information. The requested information typically includes name, email address, and mailing address.
Testimonials and Reviews. We may display personal testimonials of satisfied customers. We will ask for your specific consent as part of the survey. If you wish to update or delete your testimonial, you can contact us at support@ironcladhq.com. We may also display customer reviews. If you provide a review that we display and wish to update or delete it, you can also contact us at support@ironcladhq.com.
Information We Collect Automatically.
Traffic Data. Ironclad or its third-party service providers may collect a variety of visitor data such as IP addresses, browser settings, internet service provider (ISP) information, referring/exit pages, operating systems, date/time stamps, and clickstream data (collectively “Visitor Data”). The Ironclad internal servers and software automatically recognize Visitor Data. The Site may use Visitor Data to compile traffic data about the types of visitors who use the Site at specific intervals (collectively “Traffic Data”).
We may use Traffic Data to analyze Site traffic. We may also use Traffic Data to diagnose problems with our server, administer our Site, or display content according to your preferences. Visitor Data and Traffic Data may also be disclosed to business partners, affiliates, or advertisers on an aggregated and anonymous basis.
Cookies. Ironclad may use the standard cookie feature of major browser applications and third-party providers, including Google Analytics features (Remarketing, Google Display Network Impression Reporting, the DoubleClick Campaign Manager Integration and Google Analytics Demographics and Interest Reporting), or employ internally developed cookies, clear GIFs, pixel tags, tracking codes, and other technologies that allow Ironclad to store a small piece of data on a visitor’s computer, or any other device a visitor uses to access Online Services, about his or her visit to the Site or use of Applications. You can remove persistent cookies by following directions provided in your Internet browser’s “help” directory. If you reject cookies, you may still use our site, but your ability to use some areas of our site will be limited.
Location Information. When you use the Online Services, we may collect general location information (such as general location inferred from an IP address).
Information from Other Sources. We may collect information about you from third parties, such as marketing partners and researchers. Our customers may give us information about you, such as your Contact Data, in order to facilitate contracting through our Online Services. We may combine this information with information we collect from you and use it as described in this Privacy Policy.
How do we use the information we collect?
We use information we collect from the Online Services to: provide you with the Online Services; communicate with you; process your orders; manage and remember your preferences and customize the Online Services; analyze and improve the Online Services or any other products and Online Services we provide; improve our advertising and marketing; verify your identity; facilitate your transactions with our third-party marketing partners; inform you of offers and discounts; comply with our legal obligations or as permitted by law; protect the safety and/or integrity of our users, employees, third parties, members of the public, and/or the Online Services; and prevent fraud and enforce our legal terms.
We may combine information that we collect from you through the Online Service with information that we obtain from other sources. We may also aggregate and/or de-identify information collected through the Online Services. We may use de-identified or aggregated data for any purpose, including without limitation for research and marketing purposes.
How do we disclose the information we receive?
Except as disclosed here, we do not rent, sell, or disclose your personal information to third parties. We disclose customer information as follows:
- Order Processing. Ironclad, sometimes with the assistance of a third party or Ironclad subsidiary, may use your Personally Identifiable Information to process your payment through merchant account services, and to generate the products and services you order. Your Contact Data may be used to follow up with you on transactions you initiate through Online Services, respond to inquiries made through Online Services, inform you of changes to Online Services, and send you additional information about Ironclad and its products and services.
- Third Party Marketing. Unless specifically authorized by you, we do not provide Personally Identifiable Information to third parties for marketing purposes. If you express interest in a third party offer or purchase a package that includes a third party offer, we may provide your Personally Identifiable Information to that third party solely in connection with the offer you have selected.
- Required by Law. We may also disclose your personal information: as required by law, such as in response to a subpoena or similar legal process, and when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a legal request.
- Visitor Demographics. Contact Data and Traffic Data are used to gather general statistics about our customers and visitors. We may use Demographic Data to generate collective information about our users, but not in a way that identifies any user specifically. For example, we may inform third parties about the number of registered users and unique visitors, and the pages most frequently browsed.
- Service Providers. We may disclose your Personally Identifiable Information to companies that provide support services to us (such as a printer or email service provider), or help us market our products and services. These companies may need information about you in order to perform their functions.
- Blogs and Forums. The Site may include a publicly accessible blog and interactive forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. You should use caution when deciding whether to disclose your personal information in these areas of the site. To request removal of your personal information from our community forums, contact us at support@ironcladhq.com. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.
- Other Transfers. We may disclose Personally Identifiable Information and other data to businesses controlling, controlled by, or under common control with Ironclad. If Ironclad is merged, acquired, or sold, or if some or all of our assets or equity are transferred, we may disclose or transfer Personally Identifiable Information and other data in connection with the associated transactions.
- Bankruptcy. In the event of an Ironclad bankruptcy, insolvency, reorganization, receivership, or assignment for the benefit of creditors, or the application of laws or equitable principles affecting creditors’ rights generally, we may not be able to control how your personal information is treated, transferred, or used. If such an event occurs, your Personally Identifiable Information may be treated like any other Ironclad asset and sold, transferred, or disclosed to third parties, or used in ways not contemplated or permitted under this Privacy Policy. In this case, you will be notified via email and/or a prominent notice on our site of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
- Consent. In addition to the disclosures described in this Policy, we may disclose information about you whenever you consent to or direct such disclosure.
Analytics & Advertising
Analytics. We may use third-party web analytics services on the Online Services, such as those of Google Analytics. These service providers use the sort of technology described in the “Information We Collect Automatically” section above to help us analyze how users use the Online Services, including by noting the third-party website from which you arrive. The information collected by the technology will be disclosed to or collected directly by these service providers, who use the information to evaluate your use of the Service. We also use Google Analytics for certain purposes related to advertising, as described in the following section. To prevent Google Analytics from using your information for analytics, you may install the Google Analytics Opt-Out Browser Add-on.
Advertising. Our partners and affiliates, including Google Analytics (Remarketing, Google Display Network Impression Reporting, the DoubleClick Campaign Manager Integration, and Google Analytics and Interest Reporting), may use cookies and web beacons to collect information about your activities on this and other websites to provide you targeted advertising based upon your interests. This means that these partners and affiliates may show our ads on sites across the Internet based upon your previous visits to our site. Together with our partners and affiliates, we may use these cookies and web beacons to report how your ad impressions, other uses of ad services, and interactions with these ad impressions and ad services are related to your visits to our site.
The use of tracking technologies by our service providers, technology partners or other third party assets (such as social media links) on the site is not covered by our Privacy Policy. We do not have access or control over these technologies.
If you would like to learn more or opt out of receiving online display advertising tailored to your interests, please visit the Networking Advertising Initiative at www.networkadvertising.org/managing/opt_out.asp or the Digital Advertising Alliance at http://aboutads.info/choices. Please note this does not opt you out of being served advertising. You will continue to receive generic ads. If you delete your cookies, use a different browser, or buy a new computer, you will need to renew your online display advertising opt-out choice. To opt out of Google Analytics for Display Advertising or customize Google Display Network ads, you can visit the Google Ads Settings page.
Do Not Track. We do not recognize or respond to browser-initiated Do Not Track signals, as the Internet industry is currently still working on Do Not Track standards, implementations, and solutions.
Data we process on behalf of our customers
We receive information from and on behalf of our customers when they use our Online Services. Because of the nature of the services, this information may contain any type of personal identifiable information, including Contact Data, Financial Data, Demographic Data, and Legal Data (such as social security numbers, company information, trade secrets, inventions, and idea submissions and other sensitive information necessary to generate legal documents). We process such data only in accordance with our customers’ instructions. For such data, the customer is the "data controller" (for purposes of GDPR) or the “business” (for purposes of the CCPA) and is responsible for most aspects of the processing of the personal information. If you have any questions or concerns about how your personal information is processed in these cases, including how to exercise your rights as a data subject, please contact the customer. If we receive any rights requests concerning instances where we act as data processor, we will forward your query on to the relevant customer.
We may also collect the information of third party individuals on behalf of our customers. For example, our customers may use our service to collect counterparty information to populate a contract. Ironclad primarily uses this information for the purpose of administering and improving its services for our customers. Where the third party individual chooses to create an Ironclad account with us, however, we will process their information in accordance with this Privacy Policy.
Third-Party Websites
Ironclad may maintain links to other websites and other websites may maintain links to the Online Services. This Privacy Policy applies only to ironcladapp.com and not to other websites accessible from Ironclad or that you use to access Ironclad, each of which may have privacy policies materially different from this Privacy Policy. If you visit other websites, Ironclad is not responsible for the privacy practices or content of those sites. It is your responsibility to review the privacy policies of non-Ironclad websites to confirm that you understand and agree with them.
Your Options
You may choose not to provide Ironclad with Personally Identifiable Information or you may turn off cookies in your browser by changing its settings. If you make these decisions, you may continue to use the Online Services and browse its pages. However, Ironclad cannot process orders without Personally Identifiable Information.
User and Authorized Contact Access to Order Information. Ironclad will give you, or anyone listed as an authorized contact for your account, information about your order. This may include information about the nature and status of your order, information you provided to process your order, payment information, and contact information. If you want someone to have access to your order, you must list them as an authorized contact or they may not obtain information.
Deleting Your Information. If you no longer desire our services, or if you want to remove your Personally Identifiable Information from our Site, you may terminate your account by contacting support@ironcladhq.com.
Opting Out of Marketing. We send promotional emails and newsletters from time to time to users who have registered on the site and to those who have opted in to receive such emails. You can opt-out of promotional communications by following the unsubscribe instructions in any communication or by emailing us at support@ironcladhq.com. Generally, you may not opt-out of service-related or transactional communications, which are not promotional. If you do not wish to receive service-related communications, however, you may terminate your account by contacting support@ironcladhq.com.
Data Retention
At minimum, we will retain your information for as long as needed to provide you services, and as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Ironclad may maintain some or all of this data in its archives even after it has been removed from the Site.
Data Security
We strive to make certain that our servers and connections incorporate the latest encryption and security devices. We have implemented physical, electronic, and managerial procedures to safeguard and secure the information we collect. Credit card and personal information are transmitted by secure servers (SSL). In the event that we mail you documents, documents are delivered to you via UPS or similar overnight delivery services, the United States Postal Service, or email. Unfortunately, no data transmission is guaranteed to be 100% secure and we therefore cannot guarantee the security of information you transmit to or from the Site, Applications, or through the use of our services, and you provide this information at your own risk. ACCORDINGLY, WE DISCLAIM LIABILITY FOR THE THEFT, LOSS, OR INTERCEPTION OF, OR UNAUTHORIZED ACCESS OR DAMAGE TO, YOUR DATA OR COMMUNICATIONS BY USING THE SITE, APPLICATIONS, AND OUR SERVICES. YOU ACKNOWLEDGE THAT YOU UNDERSTAND AND ASSUME THESE RISKS.
IF YOU BELIEVE YOUR PRIVACY HAS BEEN BREACHED THROUGH USE OF OUR WEBSITE, APPLICATIONS, OR OTHER SERVICES PLEASE CONTACT US IMMEDIATELY AT support@ironcladhq.com.
EEA, Switzerland, and UK Individuals
Legal Bases for Use of Your Information. Our legal grounds for processing your information are as follows:
- To honor our contractual commitments to you: Much of our processing of personal data is to meet our contractual obligations to our users, or to take steps at users’ requests in anticipation of entering into a contract with them. For example, we handle personal data on this basis to allow you to sign up for our Online Services.
- Consent: Where required by law, and in some other cases, we handle personal data on the basis of your implied or express consent.
- Legitimate interests: In many cases, we handle personal data on the ground that it furthers our legitimate interests in commercial activities in ways that are not overridden by the interests or fundamental rights and freedoms of the affected individuals. This includes: operating our business and the Online Services; providing security for our websites, products, software, or applications; marketing; receiving payments; preventing fraud; and knowing the customer to whom we are providing the Online Services.
- Legal compliance: We need to use and disclose personal data in certain ways to comply with our legal obligations (such as our obligation to disclose data to tax authorities).
Data Subject Rights. Residents of the European Economic Area (“EEA”), Switzerland, and the UK can exercise certain data subject rights available to them under applicable data protection laws. Where such rights apply, we will comply with requests to exercise these rights in accordance with applicable law. Please note, however, that certain information may be exempt from such requests in some circumstances, which may include if we need to keep processing your information for our legitimate interests or to comply with a legal obligation. If these rights apply to you, they may permit you to request that we:
- provide access to and/or a copy of certain information we hold about you
- prevent the processing of your information for direct-marketing purposes (including any direct marketing processing based on profiling)
- update information which is out of date or incorrect
- delete certain information which we are holding about you
- restrict the way that we process and disclose certain of your information
- transfer your information to a third party provider of services
- revoke your consent for the processing of your information
For more information on how to exercise these rights, please contact us using the information in the “Contact Us” section below. If applicable, you may make a complaint to the data protection supervisory authority in the country where you are based. Alternatively, you may seek a remedy through local courts if you believe your rights have been breached.
In instances where we process personal information on behalf of our customer, rights requests should be directed to the relevant customer. Any request sent directly to us that pertains to information collected on behalf of a customer will be forwarded on to that customer.
International Data Transfers. Information submitted to Ironclad will be transferred to, processed, and stored in the United States, or for certain customers, the European Union or Japan. If you post or transfer any information to or through the Online Services, you are agreeing to such information, including Personally Identifiable Information, being hosted and accessed in the United States, the European Union, and Japan. Please note that the privacy laws of the United States, the European Union, and Japan may be different from those in the place where you are a resident.
Where required, we will use appropriate safeguards for transferring data outside of the EEA, Switzerland, and the UK. This includes signing Standard Contractual Clauses that govern the transfers of such data, which may be used in conjunction with additional safeguards. For more information about these transfer mechanisms, please contact us as detailed in the “Contact us” section below.
Supplemental Privacy Notice for California Residents
This Supplemental Privacy Notice supplements the information in our Privacy Policy above, and except as provided herein, applies solely to California residents. It applies to personal information we collect on or through the Online Services and through other means (such as information collected offline, in person, and over the telephone). It does not apply to personal information we collect from our employees and job applicants in their capacity as employees and job applicants. It also does not apply to personal information we process as a service provider.
Summary of Information We Collect
If you are a California resident, California law requires us to provide you with some additional information regarding how we collect, use, and disclose your “personal information” and "sensitive personal information" (as defined in the California Consumer Privacy Act (“CCPA”)).
Throughout our Privacy Policy, we describe the specific pieces of personal information and sensitive personal information we collect, the sources of that information, and how we disclose it. Under the CCPA, we also have to provide you with the "categories" of personal information we collect and disclose for “business purposes” (as those terms are defined by applicable law). Those categories are identifiers (such as name, address, email address, phone number, other account information, and cookies); commercial information (such as transaction data); financial data (such as credit card and other financial account information); internet or other network or device activity (such as IP address or service usage); geolocation information (general location); inference data about you; sensory information (such as audio recordings if you call customer service); professional or employment related data; education data; insurance (including health insurance) information; medical information; physical characteristics or description; legally protected classifications (such as gender); other information that identifies or can be reasonably associated with you.The categories of sensitive personal information are account log-in, financial account information, and password or other credentials allowing access to your account.
We collect the categories of personal information identified above from the following sources: (1) directly from you; (2) through your use of the Online Services; (3) affiliates; and (4) third parties such as social networks and other Ironclad users.
We or our service providers may collect and disclose the above categories of information for the purposes described in our Privacy Policy. This includes the following business or commercial purposes (as those terms are defined in applicable law):
- Our or our service provider’s operational purposes;
- Auditing consumer interactions on our site;
- Detecting, protecting against, and prosecuting security incidents and fraudulent or illegal activity;
- Bug detection and error reporting;
- Customizing content that we or our service providers display on the Online Services;
- Providing the Online Services (e.g., account servicing and maintenance, order processing and fulfillment, customer service, advertising and marketing, analytics, and communication about the Online Services);
- Improving the Online Services and developing new services (e.g., by conducting research to develop new products or features);
- Other uses that advance our commercial or economic interests, such as third party advertising and communicating with you about relevant offers from third party partners;
- Other uses about which we notify you.
We may also use the above categories of personal information for compliance with applicable laws and regulations, and we may combine the information we collect (“aggregate”) or remove pieces of information (“de-identify”) to limit or prevent identification of any particular user or device.
We describe our information disclosure practices in our Privacy Policy. We may disclose certain categories of personal information with third parties (as defined by the CCPA) for the business purposes described above. For example, we may disclose identifiers and other information that identifies or can reasonably be associated with you with counterparties to your agreements. We may disclose identifiers with our marketing partners, and we may also disclose any of the categories described above with our subsidiaries and affiliates. If you connect your account with social media services or interact with social media plugins or links on the Online Service, we may disclose identifiers, commercial information, internet or other network or device activity, or general location with those social media services.
Consumer Rights
If you are a California resident, you may have certain rights. California law may permit you to request that we:
- Provide you the categories of personal information we have collected or disclosed about you; the categories of sources of such information; the business or commercial purpose for "collecting," "selling," or "sharing" your personal information; the categories of third parties to whom we disclose or "sell," or with whom we "share," personal information; and the categories of personal information we "sell."
- Provide access to and/or a copy of certain information we hold about you.
- Delete certain information we have about you.
- Correct inaccurate personal information that we maintain about you.
You may have the right to receive information about the financial incentives that we offer to you (if any). You also have the right to not be discriminated against (as provided for in applicable law) for exercising certain of your rights. Certain information may be exempt from such requests under applicable law. We need certain types of information so that we can provide the Online Services to you. If you ask us to delete it, you may no longer be able to access or use the Online Services.
In instances where we process personal information on behalf of our customer, rights requests should be directed to the relevant customer. Any request sent directly to us that pertains to information collected on behalf of a customer will be forwarded on to that customer.
If you would like to exercise any of these rights, you can submit a request at legal@ironcladhq.com, call (855) 999-4766, or submit the Consumer Rights Request Form. You will be required to verify your identity before we fulfill your request. To do so, you will need to provide information to match with our existing records to verify your identity, depending on the nature of the request and the sensitivity of the information sought. You can also designate an authorized agent to make a request on your behalf. To do so, you must provide us with written authorization or a power of attorney, signed by you, for the agent to act on your behalf. You will still need to verify your identity directly with us.
“Sale” of Personal Information
California residents may opt out of the "sale" of their personal information. The CCPA broadly defines "sale" in a way that may include allowing third parties to receive certain information such as cookie identifiers, IP addresses and/or browsing behavior to add to a profile about your device, browser or you. Such profiles may enable delivery of interest-based advertising by such third parties within their platform or on other sites.
Depending on how you use the Service, we may disclose the following categories of information for such interest-based advertising, which may be considered a “sale” as defined by the CCPA: identifiers (such as IP address, device identifiers, and cookies) and internet and device activity. To opt out of such "sales," please submit a request to legal@ironcladhq.com or submit the Consumer Rights Request Form.
"Sharing" of Personal Information
California residents may opt out of the "sharing" of their personal information. The CCPA defines "sharing" as the targeting of advertising to a consumer based on that consumer's personal information obtained from the consumer's activity across websites. We "share" information fo these purposes to provide more relevant and tailored advertising to you regarding our Services. As part of this advertising, we may "share" identifiers (such as IP address, device identifiers, and cookies) and internet and device activity with advertising platforms and advertising networks. To opt out of such "sharing," please submit a request to legal@ironcladhq.com or submit the Consumer Rights Request Form.
Children Under 16
We do not knowingly "sell" or "share" the personal information of children under 16.
Sensitive Personal Information
The CCPA also allows you to limit the use or disclosure of your "sensitive personal information" (as defined in the CCPA) if your sensitive personal information is used for certain purposes. Please note that we do not use or disclose sensitive personal information other than for purposes for which you cannot opt out under the CCPA.
Retention of Your Personal Information
Please see the "Data Retention" section above.
California Shine the Light
We do not disclose personal information to third parties for their direct marketing purposes.
Children’s Privacy
The Online Services are not directed to children under the age of 13. We do not knowingly collect personal information (as that term is defined in the Children’s Online Privacy Protection Act (COPPA)) from children under 13. If we discover that an individual under 13 has provided us with personal information, we will delete the personal information to the extent required by COPPA.
We do not knowingly process data of EU residents under the age of 16 without parental consent. If we become aware that we have collected data from an EU resident under the age of 16 without parental consent, we will take reasonable steps to delete it as soon as possible.
Changes to this Policy
We may update this privacy policy to reflect changes to our information practices. If we make any material changes a notice may be posted on this page along with the updated Privacy Policy prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.
Contact Us
If you have any questions or concerns regarding our Privacy Policy, please contact us at legal@ironcladhq.com.
Effective March 15th 2023 to March 20th 2023
DownloadTable of Contents
Ironclad, Inc. (“Ironclad” “We”, “Us”) is sensitive to your concerns about how we use the personal information we collect from you through Ironclad’s website (the “Site”) and other plug-ins exchanging information with Ironclad (“Applications”). (The Site and Applications are sometimes collectively referred to as “Online Services” for simplicity.) This Privacy Policy covers Ironclad’s treatment of the Personally Identifiable Information we collect when you use the Online Services. It also describes the choices available to you regarding our use of your personal information and how you can access and update this information. By using Ironclad Online Services, you accept the terms of this Privacy Policy. If you have questions or concerns about the Privacy Policy, please contact Customer Care at support@ironcladhq.com.
For purposes of data protection laws, Ironclad Inc., 71 Stevenson St #600, San Francisco, CA 94105, is the entity responsible for your information.
What information do we collect?
Information You Provide to Us
Ironclad requires each customer to provide us with personal information (collectively “Personally Identifiable Information”) to access and use Ironclad products and services. Personally Identifiable Information is captured when a visitor accesses Online Services, or speaks on the phone with or emails an Ironclad employee, and willingly discloses that information. This disclosure may occur when a visitor registers with an Online Service, engages in transactions, contacts customer service, or participates in contests, promotions, surveys, forums, content submissions, requests for suggestions, or other aspects of services offered by Ironclad.
Personally Identifiable Information includes: (i) “Contact Data” (such as your name, address, city, state, zip code, phone number, and email address); (ii) “Financial Data” (such as your credit card number, expiration date, and verification code or bank account information); (iii) “Demographic Data” (such as your zip code and sex).
Calls/Electronic Communications. In the regular course of our business, Ironclad may monitor and record phone conversations or email communications between you and Ironclad employees for training and quality assurance purposes. We may receive a confirmation when you open or click on content in an email from us, which helps us make our communications to you more useful and interesting.
Surveys, Sweepstakes, and Contests. We may provide you the opportunity to participate in surveys on our site, to measure customer satisfaction. If you participate, we may request certain personally identifiable information from you. Participation in these surveys, sweepstakes, or contests is completely voluntary and you therefore have a choice whether or not to disclose this information. The requested information typically includes name, email address, and mailing address.
Testimonials and Reviews. We may display personal testimonials of satisfied customers. We will ask for your specific consent as part of the survey. If you wish to update or delete your testimonial, you can contact us at support@ironcladhq.com. We may also display customer reviews. If you provide a review that we display and wish to update or delete it, you can also contact us at support@ironcladhq.com.
Information We Collect Automatically.
Traffic Data. Ironclad or its third-party service providers may collect a variety of visitor data such as IP addresses, browser settings, internet service provider (ISP) information, referring/exit pages, operating systems, date/time stamps, and clickstream data (collectively “Visitor Data”). The Ironclad internal servers and software automatically recognize Visitor Data. The Site may use Visitor Data to compile traffic data about the types of visitors who use the Site at specific intervals (collectively “Traffic Data”).
We may use Traffic Data to analyze Site traffic. We may also use Traffic Data to diagnose problems with our server, administer our Site, or display content according to your preferences. Visitor Data and Traffic Data may also be disclosed to business partners, affiliates, or advertisers on an aggregated and anonymous basis.
Cookies. Ironclad may use the standard cookie feature of major browser applications and third-party providers, including Google Analytics features (Remarketing, Google Display Network Impression Reporting, the DoubleClick Campaign Manager Integration and Google Analytics Demographics and Interest Reporting), or employ internally developed cookies, clear GIFs, pixel tags, tracking codes, and other technologies that allow Ironclad to store a small piece of data on a visitor’s computer, or any other device a visitor uses to access Online Services, about his or her visit to the Site or use of Applications. You can remove persistent cookies by following directions provided in your Internet browser’s “help” directory. If you reject cookies, you may still use our site, but your ability to use some areas of our site will be limited.
Location Information. When you use the Online Services, we may collect general location information (such as general location inferred from an IP address).
Information from Other Sources. We may collect information about you from third parties, such as marketing partners and researchers. Our customers may give us information about you, such as your Contact Data, in order to facilitate contracting through our Online Services. We may combine this information with information we collect from you and use it as described in this Privacy Policy.
How do we use the information we collect?
We use information we collect from the Online Services to: provide you with the Online Services; communicate with you; process your orders; manage and remember your preferences and customize the Online Services; analyze and improve the Online Services or any other products and Online Services we provide; improve our advertising and marketing; verify your identity; facilitate your transactions with our third-party marketing partners; inform you of offers and discounts; comply with our legal obligations or as permitted by law; protect the safety and/or integrity of our users, employees, third parties, members of the public, and/or the Online Services; and prevent fraud and enforce our legal terms.
We may combine information that we collect from you through the Online Service with information that we obtain from other sources. We may also aggregate and/or de-identify information collected through the Online Services. We may use de-identified or aggregated data for any purpose, including without limitation for research and marketing purposes.
How do we disclose the information we receive?
Except as disclosed here, we do not rent, sell, or disclose your personal information to third parties. We disclose customer information as follows:
- Order Processing. Ironclad, sometimes with the assistance of a third party or Ironclad subsidiary, may use your Personally Identifiable Information to process your payment through merchant account services, and to generate the products and services you order. Your Contact Data may be used to follow up with you on transactions you initiate through Online Services, respond to inquiries made through Online Services, inform you of changes to Online Services, and send you additional information about Ironclad and its products and services.
- Third Party Marketing. Unless specifically authorized by you, we do not provide Personally Identifiable Information to third parties for marketing purposes. If you express interest in a third party offer or purchase a package that includes a third party offer, we may provide your Personally Identifiable Information to that third party solely in connection with the offer you have selected.
- Required by Law. We may also disclose your personal information: as required by law, such as in response to a subpoena or similar legal process, and when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a legal request.
- Visitor Demographics. Contact Data and Traffic Data are used to gather general statistics about our customers and visitors. We may use Demographic Data to generate collective information about our users, but not in a way that identifies any user specifically. For example, we may inform third parties about the number of registered users and unique visitors, and the pages most frequently browsed.
- Service Providers. We may disclose your Personally Identifiable Information to companies that provide support services to us (such as a printer or email service provider), or help us market our products and services. These companies may need information about you in order to perform their functions.
- Blogs and Forums. The Site may include a publicly accessible blog and interactive forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. You should use caution when deciding whether to disclose your personal information in these areas of the site. To request removal of your personal information from our community forums, contact us at support@ironcladhq.com. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.
- Other Transfers. We may disclose Personally Identifiable Information and other data to businesses controlling, controlled by, or under common control with Ironclad. If Ironclad is merged, acquired, or sold, or if some or all of our assets or equity are transferred, we may disclose or transfer Personally Identifiable Information and other data in connection with the associated transactions.
- Bankruptcy. In the event of an Ironclad bankruptcy, insolvency, reorganization, receivership, or assignment for the benefit of creditors, or the application of laws or equitable principles affecting creditors’ rights generally, we may not be able to control how your personal information is treated, transferred, or used. If such an event occurs, your Personally Identifiable Information may be treated like any other Ironclad asset and sold, transferred, or disclosed to third parties, or used in ways not contemplated or permitted under this Privacy Policy. In this case, you will be notified via email and/or a prominent notice on our site of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
- Consent. In addition to the disclosures described in this Policy, we may disclose information about you whenever you consent to or direct such disclosure.
Analytics & Advertising
Analytics. We may use third-party web analytics services on the Online Services, such as those of Google Analytics. These service providers use the sort of technology described in the “Information We Collect Automatically” section above to help us analyze how users use the Online Services, including by noting the third-party website from which you arrive. The information collected by the technology will be disclosed to or collected directly by these service providers, who use the information to evaluate your use of the Service. We also use Google Analytics for certain purposes related to advertising, as described in the following section. To prevent Google Analytics from using your information for analytics, you may install the Google Analytics Opt-Out Browser Add-on.
Advertising. Our partners and affiliates, including Google Analytics (Remarketing, Google Display Network Impression Reporting, the DoubleClick Campaign Manager Integration, and Google Analytics and Interest Reporting), may use cookies and web beacons to collect information about your activities on this and other websites to provide you targeted advertising based upon your interests. This means that these partners and affiliates may show our ads on sites across the Internet based upon your previous visits to our site. Together with our partners and affiliates, we may use these cookies and web beacons to report how your ad impressions, other uses of ad services, and interactions with these ad impressions and ad services are related to your visits to our site.
The use of tracking technologies by our service providers, technology partners or other third party assets (such as social media links) on the site is not covered by our Privacy Policy. We do not have access or control over these technologies.
If you would like to learn more or opt out of receiving online display advertising tailored to your interests, please visit the Networking Advertising Initiative at www.networkadvertising.org/managing/opt_out.asp or the Digital Advertising Alliance at http://aboutads.info/choices. Please note this does not opt you out of being served advertising. You will continue to receive generic ads. If you delete your cookies, use a different browser, or buy a new computer, you will need to renew your online display advertising opt-out choice. To opt out of Google Analytics for Display Advertising or customize Google Display Network ads, you can visit the Google Ads Settings page.
Do Not Track. We do not recognize or respond to browser-initiated Do Not Track signals, as the Internet industry is currently still working on Do Not Track standards, implementations, and solutions.
Data we process on behalf of our customers
We receive information from and on behalf of our customers when they use our Online Services. Because of the nature of the services, this information may contain any type of personal identifiable information, including Contact Data, Financial Data, Demographic Data, and Legal Data (such as social security numbers, company information, trade secrets, inventions, and idea submissions and other sensitive information necessary to generate legal documents). We process such data only in accordance with our customers’ instructions. For such data, the customer is the "data controller" (for purposes of GDPR) or the “business” (for purposes of the CCPA) and is responsible for most aspects of the processing of the personal information. If you have any questions or concerns about how your personal information is processed in these cases, including how to exercise your rights as a data subject, please contact the customer. If we receive any rights requests concerning instances where we act as data processor, we will forward your query on to the relevant customer.
We may also collect the information of third party individuals on behalf of our customers. For example, our customers may use our service to collect counterparty information to populate a contract. Ironclad primarily uses this information for the purpose of administering and improving its services for our customers. Where the third party individual chooses to create an Ironclad account with us, however, we will process their information in accordance with this Privacy Policy.
Third-Party Websites
Ironclad may maintain links to other websites and other websites may maintain links to the Online Services. This Privacy Policy applies only to ironcladapp.com and not to other websites accessible from Ironclad or that you use to access Ironclad, each of which may have privacy policies materially different from this Privacy Policy. If you visit other websites, Ironclad is not responsible for the privacy practices or content of those sites. It is your responsibility to review the privacy policies of non-Ironclad websites to confirm that you understand and agree with them.
Your Options
You may choose not to provide Ironclad with Personally Identifiable Information or you may turn off cookies in your browser by changing its settings. If you make these decisions, you may continue to use the Online Services and browse its pages. However, Ironclad cannot process orders without Personally Identifiable Information.
User and Authorized Contact Access to Order Information. Ironclad will give you, or anyone listed as an authorized contact for your account, information about your order. This may include information about the nature and status of your order, information you provided to process your order, payment information, and contact information. If you want someone to have access to your order, you must list them as an authorized contact or they may not obtain information.
Deleting Your Information. If you no longer desire our services, or if you want to remove your Personally Identifiable Information from our Site, you may terminate your account by contacting support@ironcladhq.com.
Opting Out of Marketing. We send promotional emails and newsletters from time to time to users who have registered on the site and to those who have opted in to receive such emails. You can opt-out of promotional communications by following the unsubscribe instructions in any communication or by emailing us at support@ironcladhq.com. Generally, you may not opt-out of service-related or transactional communications, which are not promotional. If you do not wish to receive service-related communications, however, you may terminate your account by contacting support@ironcladhq.com.
Data Retention
At minimum, we will retain your information for as long as needed to provide you services, and as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Ironclad may maintain some or all of this data in its archives even after it has been removed from the Site.
Data Security
We strive to make certain that our servers and connections incorporate the latest encryption and security devices. We have implemented physical, electronic, and managerial procedures to safeguard and secure the information we collect. Credit card and personal information are transmitted by secure servers (SSL). In the event that we mail you documents, documents are delivered to you via UPS or similar overnight delivery services, the United States Postal Service, or email. Unfortunately, no data transmission is guaranteed to be 100% secure and we therefore cannot guarantee the security of information you transmit to or from the Site, Applications, or through the use of our services, and you provide this information at your own risk. ACCORDINGLY, WE DISCLAIM LIABILITY FOR THE THEFT, LOSS, OR INTERCEPTION OF, OR UNAUTHORIZED ACCESS OR DAMAGE TO, YOUR DATA OR COMMUNICATIONS BY USING THE SITE, APPLICATIONS, AND OUR SERVICES. YOU ACKNOWLEDGE THAT YOU UNDERSTAND AND ASSUME THESE RISKS.
IF YOU BELIEVE YOUR PRIVACY HAS BEEN BREACHED THROUGH USE OF OUR WEBSITE, APPLICATIONS, OR OTHER SERVICES PLEASE CONTACT US IMMEDIATELY AT support@ironcladhq.com.
EEA, Switzerland, and UK Individuals
Legal Bases for Use of Your Information. Our legal grounds for processing your information are as follows:
- To honor our contractual commitments to you: Much of our processing of personal data is to meet our contractual obligations to our users, or to take steps at users’ requests in anticipation of entering into a contract with them. For example, we handle personal data on this basis to allow you to sign up for our Online Services.
- Consent: Where required by law, and in some other cases, we handle personal data on the basis of your implied or express consent.
- Legitimate interests: In many cases, we handle personal data on the ground that it furthers our legitimate interests in commercial activities in ways that are not overridden by the interests or fundamental rights and freedoms of the affected individuals. This includes: operating our business and the Online Services; providing security for our websites, products, software, or applications; marketing; receiving payments; preventing fraud; and knowing the customer to whom we are providing the Online Services.
- Legal compliance: We need to use and disclose personal data in certain ways to comply with our legal obligations (such as our obligation to disclose data to tax authorities).
Data Subject Rights. Residents of the European Economic Area (“EEA”), Switzerland, and the UK can exercise certain data subject rights available to them under applicable data protection laws. Where such rights apply, we will comply with requests to exercise these rights in accordance with applicable law. Please note, however, that certain information may be exempt from such requests in some circumstances, which may include if we need to keep processing your information for our legitimate interests or to comply with a legal obligation. If these rights apply to you, they may permit you to request that we:
- provide access to and/or a copy of certain information we hold about you
- prevent the processing of your information for direct-marketing purposes (including any direct marketing processing based on profiling)
- update information which is out of date or incorrect
- delete certain information which we are holding about you
- restrict the way that we process and disclose certain of your information
- transfer your information to a third party provider of services
- revoke your consent for the processing of your information
For more information on how to exercise these rights, please contact us using the information in the “Contact Us” section below. If applicable, you may make a complaint to the data protection supervisory authority in the country where you are based. Alternatively, you may seek a remedy through local courts if you believe your rights have been breached.
In instances where we process personal information on behalf of our customer, rights requests should be directed to the relevant customer. Any request sent directly to us that pertains to information collected on behalf of a customer will be forwarded on to that customer.
International Data Transfers. Information submitted to Ironclad will be transferred to, processed, and stored in the United States, or for certain customers, the European Union or Japan. If you post or transfer any information to or through the Online Services, you are agreeing to such information, including Personally Identifiable Information, being hosted and accessed in the United States, the European Union, and Japan. Please note that the privacy laws of the United States, the European Union, and Japan may be different from those in the place where you are a resident.
Where required, we will use appropriate safeguards for transferring data outside of the EEA, Switzerland, and the UK. This includes signing Standard Contractual Clauses that govern the transfers of such data, which may be used in conjunction with additional safeguards. For more information about these transfer mechanisms, please contact us as detailed in the “Contact us” section below.
Supplemental Privacy Notice for California Residents
This Supplemental Privacy Notice supplements the information in our Privacy Policy above, and except as provided herein, applies solely to California residents. It applies to personal information we collect on or through the Online Services and through other means (such as information collected offline, in person, and over the telephone). It does not apply to personal information we collect from our employees and job applicants in their capacity as employees and job applicants. It also does not apply to personal information we process as a service provider.
Summary of Information We Collect
If you are a California resident, California law requires us to provide you with some additional information regarding how we collect, use, and disclose your “personal information” and "sensitive personal information" (as defined in the California Consumer Privacy Act (“CCPA”)).
Throughout our Privacy Policy, we describe the specific pieces of personal information and sensitive personal information we collect, the sources of that information, and how we disclose it. Under the CCPA, we also have to provide you with the "categories" of personal information we collect and disclose for “business purposes” (as those terms are defined by applicable law). Those categories are identifiers (such as name, address, email address, phone number, other account information, and cookies); commercial information (such as transaction data); financial data (such as credit card and other financial account information); internet or other network or device activity (such as IP address or service usage); geolocation information (general location); inference data about you; sensory information (such as audio recordings if you call customer service); professional or employment related data; education data; insurance (including health insurance) information; medical information; physical characteristics or description; legally protected classifications (such as gender); other information that identifies or can be reasonably associated with you.The categories of sensitive personal information are account log-in, financial account information, and password or other credentials allowing access to your account.
We collect the categories of personal information identified above from the following sources: (1) directly from you; (2) through your use of the Online Services; (3) affiliates; and (4) third parties such as social networks and other Ironclad users.
We or our service providers may collect and disclose the above categories of information for the purposes described in our Privacy Policy. This includes the following business or commercial purposes (as those terms are defined in applicable law):
- Our or our service provider’s operational purposes;
- Auditing consumer interactions on our site;
- Detecting, protecting against, and prosecuting security incidents and fraudulent or illegal activity;
- Bug detection and error reporting;
- Customizing content that we or our service providers display on the Online Services;
- Providing the Online Services (e.g., account servicing and maintenance, order processing and fulfillment, customer service, advertising and marketing, analytics, and communication about the Online Services);
- Improving the Online Services and developing new services (e.g., by conducting research to develop new products or features);
- Other uses that advance our commercial or economic interests, such as third party advertising and communicating with you about relevant offers from third party partners;
- Other uses about which we notify you.
We may also use the above categories of personal information for compliance with applicable laws and regulations, and we may combine the information we collect (“aggregate”) or remove pieces of information (“de-identify”) to limit or prevent identification of any particular user or device.
We describe our information disclosure practices in our Privacy Policy. We may disclose certain categories of personal information with third parties (as defined by the CCPA) for the business purposes described above. For example, we may disclose identifiers and other information that identifies or can reasonably be associated with you with counterparties to your agreements. We may disclose identifiers with our marketing partners, and we may also disclose any of the categories described above with our subsidiaries and affiliates. If you connect your account with social media services or interact with social media plugins or links on the Online Service, we may disclose identifiers, commercial information, internet or other network or device activity, or general location with those social media services.
Consumer Rights
If you are a California resident, you may have certain rights. California law may permit you to request that we:
- Provide you the categories of personal information we have collected or disclosed about you; the categories of sources of such information; the business or commercial purpose for "collecting," "selling," or "sharing" your personal information; the categories of third parties to whom we disclose or "sell," or with whom we "share," personal information; and the categories of personal information we "sell."
- Provide access to and/or a copy of certain information we hold about you.
- Delete certain information we have about you.
- Correct inaccurate personal information that we maintain about you.
You may have the right to receive information about the financial incentives that we offer to you (if any). You also have the right to not be discriminated against (as provided for in applicable law) for exercising certain of your rights. Certain information may be exempt from such requests under applicable law. We need certain types of information so that we can provide the Online Services to you. If you ask us to delete it, you may no longer be able to access or use the Online Services.
In instances where we process personal information on behalf of our customer, rights requests should be directed to the relevant customer. Any request sent directly to us that pertains to information collected on behalf of a customer will be forwarded on to that customer.
If you would like to exercise any of these rights, you can submit a request at legal@ironcladhq.com, call (855) 999-4766, or submit this form. You will be required to verify your identity before we fulfill your request. To do so, you will need to provide information to match with our existing records to verify your identity, depending on the nature of the request and the sensitivity of the information sought. You can also designate an authorized agent to make a request on your behalf. To do so, you must provide us with written authorization or a power of attorney, signed by you, for the agent to act on your behalf. You will still need to verify your identity directly with us.
“Sale” of Personal Information
California residents may opt out of the "sale" of their personal information. The CCPA broadly defines "sale" in a way that may include allowing third parties to receive certain information such as cookie identifiers, IP addresses and/or browsing behavior to add to a profile about your device, browser or you. Such profiles may enable delivery of interest-based advertising by such third parties within their platform or on other sites.
Depending on how you use the Service, we may disclose the following categories of information for such interest-based advertising, which may be considered a “sale” as defined by the CCPA: identifiers (such as IP address, device identifiers, and cookies) and internet and device activity. To opt out of such "sales," please submit a request to legal@ironcladhq.com or submit this form.
"Sharing" of Personal Information
California residents may opt out of the "sharing" of their personal information. The CCPA defines "sharing" as the targeting of advertising to a consumer based on that consumer's personal information obtained from the consumer's activity across websites. We "share" information fo these purposes to provide more relevant and tailored advertising to you regarding our Services. As part of this advertising, we may "share" identifiers (such as IP address, device identifiers, and cookies) and internet and device activity with advertising platforms and advertising networks. To opt out of such "sharing," please submit a request to legal@ironcladhq.com or submit this form.
Children Under 16
We do not knowingly "sell" or "share" the personal information of children under 16.
Sensitive Personal Information
The CCPA also allows you to limit the use or disclosure of your "sensitive personal information" (as defined in the CCPA) if your sensitive personal information is used for certain purposes. Please note that we do not use or disclose sensitive personal information other than for purposes for which you cannot opt out under the CCPA.
Retention of Your Personal Information
Please see the "Data Retention" section above.
California Shine the Light
We do not disclose personal information to third parties for their direct marketing purposes.
Children’s Privacy
The Online Services are not directed to children under the age of 13. We do not knowingly collect personal information (as that term is defined in the Children’s Online Privacy Protection Act (COPPA)) from children under 13. If we discover that an individual under 13 has provided us with personal information, we will delete the personal information to the extent required by COPPA.
We do not knowingly process data of EU residents under the age of 16 without parental consent. If we become aware that we have collected data from an EU resident under the age of 16 without parental consent, we will take reasonable steps to delete it as soon as possible.
Changes to this Policy
We may update this privacy policy to reflect changes to our information practices. If we make any material changes a notice may be posted on this page along with the updated Privacy Policy prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.
Contact Us
If you have any questions or concerns regarding our Privacy Policy, please contact us at legal@ironcladhq.com.
Effective March 15th 2023 to March 15th 2023
DownloadTable of Contents
Ironclad, Inc. (“Ironclad” “We”, “Us”) is sensitive to your concerns about how we use the personal information we collect from you through Ironclad’s website (the “Site”) and other plug-ins exchanging information with Ironclad (“Applications”). (The Site and Applications are sometimes collectively referred to as “Online Services” for simplicity.) This Privacy Policy covers Ironclad’s treatment of the Personally Identifiable Information we collect when you use the Online Services. It also describes the choices available to you regarding our use of your personal information and how you can access and update this information. By using Ironclad Online Services, you accept the terms of this Privacy Policy. If you have questions or concerns about the Privacy Policy, please contact Customer Care at support@ironcladhq.com.
For purposes of data protection laws, Ironclad Inc., 71 Stevenson St #600, San Francisco, CA 94105, is the entity responsible for your information.
What information do we collect?
Information You Provide to Us
Ironclad requires each customer to provide us with personal information (collectively “Personally Identifiable Information”) to access and use Ironclad products and services. Personally Identifiable Information is captured when a visitor accesses Online Services, or speaks on the phone with or emails an Ironclad employee, and willingly discloses that information. This disclosure may occur when a visitor registers with an Online Service, engages in transactions, contacts customer service, or participates in contests, promotions, surveys, forums, content submissions, requests for suggestions, or other aspects of services offered by Ironclad.
Personally Identifiable Information includes: (i) “Contact Data” (such as your name, address, city, state, zip code, phone number, and email address); (ii) “Financial Data” (such as your credit card number, expiration date, and verification code or bank account information); (iii) “Demographic Data” (such as your zip code and sex).
Calls/Electronic Communications. In the regular course of our business, Ironclad may monitor and record phone conversations or email communications between you and Ironclad employees for training and quality assurance purposes. We may receive a confirmation when you open or click on content in an email from us, which helps us make our communications to you more useful and interesting.
Surveys, Sweepstakes, and Contests. We may provide you the opportunity to participate in surveys on our site, to measure customer satisfaction. If you participate, we may request certain personally identifiable information from you. Participation in these surveys, sweepstakes, or contests is completely voluntary and you therefore have a choice whether or not to disclose this information. The requested information typically includes name, email address, and mailing address.
Testimonials and Reviews. We may display personal testimonials of satisfied customers. We will ask for your specific consent as part of the survey. If you wish to update or delete your testimonial, you can contact us at support@ironcladhq.com. We may also display customer reviews. If you provide a review that we display and wish to update or delete it, you can also contact us at support@ironcladhq.com.
Information We Collect Automatically.
Traffic Data. Ironclad or its third-party service providers may collect a variety of visitor data such as IP addresses, browser settings, internet service provider (ISP) information, referring/exit pages, operating systems, date/time stamps, and clickstream data (collectively “Visitor Data”). The Ironclad internal servers and software automatically recognize Visitor Data. The Site may use Visitor Data to compile traffic data about the types of visitors who use the Site at specific intervals (collectively “Traffic Data”).
We may use Traffic Data to analyze Site traffic. We may also use Traffic Data to diagnose problems with our server, administer our Site, or display content according to your preferences. Visitor Data and Traffic Data may also be disclosed to business partners, affiliates, or advertisers on an aggregated and anonymous basis.
Cookies. Ironclad may use the standard cookie feature of major browser applications and third-party providers, including Google Analytics features (Remarketing, Google Display Network Impression Reporting, the DoubleClick Campaign Manager Integration and Google Analytics Demographics and Interest Reporting), or employ internally developed cookies, clear GIFs, pixel tags, tracking codes, and other technologies that allow Ironclad to store a small piece of data on a visitor’s computer, or any other device a visitor uses to access Online Services, about his or her visit to the Site or use of Applications. You can remove persistent cookies by following directions provided in your Internet browser’s “help” directory. If you reject cookies, you may still use our site, but your ability to use some areas of our site will be limited.
Location Information. When you use the Online Services, we may collect general location information (such as general location inferred from an IP address).
Information from Other Sources. We may collect information about you from third parties, such as marketing partners and researchers. Our customers may give us information about you, such as your Contact Data, in order to facilitate contracting through our Online Services. We may combine this information with information we collect from you and use it as described in this Privacy Policy.
How do we use the information we collect?
We use information we collect from the Online Services to: provide you with the Online Services; communicate with you; process your orders; manage and remember your preferences and customize the Online Services; analyze and improve the Online Services or any other products and Online Services we provide; improve our advertising and marketing; verify your identity; facilitate your transactions with our third-party marketing partners; inform you of offers and discounts; comply with our legal obligations or as permitted by law; protect the safety and/or integrity of our users, employees, third parties, members of the public, and/or the Online Services; and prevent fraud and enforce our legal terms.
We may combine information that we collect from you through the Online Service with information that we obtain from other sources. We may also aggregate and/or de-identify information collected through the Online Services. We may use de-identified or aggregated data for any purpose, including without limitation for research and marketing purposes.
How do we disclose the information we receive?
Except as disclosed here, we do not rent, sell, or disclose your personal information to third parties. We disclose customer information as follows:
- Order Processing. Ironclad, sometimes with the assistance of a third party or Ironclad subsidiary, may use your Personally Identifiable Information to process your payment through merchant account services, and to generate the products and services you order. Your Contact Data may be used to follow up with you on transactions you initiate through Online Services, respond to inquiries made through Online Services, inform you of changes to Online Services, and send you additional information about Ironclad and its products and services.
- Third Party Marketing. Unless specifically authorized by you, we do not provide Personally Identifiable Information to third parties for marketing purposes. If you express interest in a third party offer or purchase a package that includes a third party offer, we may provide your Personally Identifiable Information to that third party solely in connection with the offer you have selected.
- Required by Law. We may also disclose your personal information: as required by law, such as in response to a subpoena or similar legal process, and when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a legal request.
- Visitor Demographics. Contact Data and Traffic Data are used to gather general statistics about our customers and visitors. We may use Demographic Data to generate collective information about our users, but not in a way that identifies any user specifically. For example, we may inform third parties about the number of registered users and unique visitors, and the pages most frequently browsed.
- Service Providers. We may disclose your Personally Identifiable Information to companies that provide support services to us (such as a printer or email service provider), or help us market our products and services. These companies may need information about you in order to perform their functions.
- Blogs and Forums. The Site may include a publicly accessible blog and interactive forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. You should use caution when deciding whether to disclose your personal information in these areas of the site. To request removal of your personal information from our community forums, contact us at support@ironcladhq.com. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.
- Other Transfers. We may disclose Personally Identifiable Information and other data to businesses controlling, controlled by, or under common control with Ironclad. If Ironclad is merged, acquired, or sold, or if some or all of our assets or equity are transferred, we may disclose or transfer Personally Identifiable Information and other data in connection with the associated transactions.
- Bankruptcy. In the event of an Ironclad bankruptcy, insolvency, reorganization, receivership, or assignment for the benefit of creditors, or the application of laws or equitable principles affecting creditors’ rights generally, we may not be able to control how your personal information is treated, transferred, or used. If such an event occurs, your Personally Identifiable Information may be treated like any other Ironclad asset and sold, transferred, or disclosed to third parties, or used in ways not contemplated or permitted under this Privacy Policy. In this case, you will be notified via email and/or a prominent notice on our site of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
- Consent. In addition to the disclosures described in this Policy, we may disclose information about you whenever you consent to or direct such disclosure.
Analytics & Advertising
Analytics. We may use third-party web analytics services on the Online Services, such as those of Google Analytics. These service providers use the sort of technology described in the “Information We Collect Automatically” section above to help us analyze how users use the Online Services, including by noting the third-party website from which you arrive. The information collected by the technology will be disclosed to or collected directly by these service providers, who use the information to evaluate your use of the Service. We also use Google Analytics for certain purposes related to advertising, as described in the following section. To prevent Google Analytics from using your information for analytics, you may install the Google Analytics Opt-Out Browser Add-on.
Advertising. Our partners and affiliates, including Google Analytics (Remarketing, Google Display Network Impression Reporting, the DoubleClick Campaign Manager Integration, and Google Analytics and Interest Reporting), may use cookies and web beacons to collect information about your activities on this and other websites to provide you targeted advertising based upon your interests. This means that these partners and affiliates may show our ads on sites across the Internet based upon your previous visits to our site. Together with our partners and affiliates, we may use these cookies and web beacons to report how your ad impressions, other uses of ad services, and interactions with these ad impressions and ad services are related to your visits to our site.
The use of tracking technologies by our service providers, technology partners or other third party assets (such as social media links) on the site is not covered by our Privacy Policy. We do not have access or control over these technologies.
If you would like to learn more or opt out of receiving online display advertising tailored to your interests, please visit the Networking Advertising Initiative at www.networkadvertising.org/managing/opt_out.asp or the Digital Advertising Alliance at http://aboutads.info/choices. Please note this does not opt you out of being served advertising. You will continue to receive generic ads. If you delete your cookies, use a different browser, or buy a new computer, you will need to renew your online display advertising opt-out choice. To opt out of Google Analytics for Display Advertising or customize Google Display Network ads, you can visit the Google Ads Settings page.
Do Not Track. We do not recognize or respond to browser-initiated Do Not Track signals, as the Internet industry is currently still working on Do Not Track standards, implementations, and solutions.
Data we process on behalf of our customers
We receive information from and on behalf of our customers when they use our Online Services. Because of the nature of the services, this information may contain any type of personal identifiable information, including Contact Data, Financial Data, Demographic Data, and Legal Data (such as social security numbers, company information, trade secrets, inventions, and idea submissions and other sensitive information necessary to generate legal documents). We process such data only in accordance with our customers’ instructions. For such data, the customer is the "data controller" (for purposes of GDPR) or the “business” (for purposes of the CCPA) and is responsible for most aspects of the processing of the personal information. If you have any questions or concerns about how your personal information is processed in these cases, including how to exercise your rights as a data subject, please contact the customer. If we receive any rights requests concerning instances where we act as data processor, we will forward your query on to the relevant customer.
We may also collect the information of third party individuals on behalf of our customers. For example, our customers may use our service to collect counterparty information to populate a contract. Ironclad primarily uses this information for the purpose of administering and improving its services for our customers. Where the third party individual chooses to create an Ironclad account with us, however, we will process their information in accordance with this Privacy Policy.
Third-Party Websites
Ironclad may maintain links to other websites and other websites may maintain links to the Online Services. This Privacy Policy applies only to ironcladapp.com and not to other websites accessible from Ironclad or that you use to access Ironclad, each of which may have privacy policies materially different from this Privacy Policy. If you visit other websites, Ironclad is not responsible for the privacy practices or content of those sites. It is your responsibility to review the privacy policies of non-Ironclad websites to confirm that you understand and agree with them.
Your Options
You may choose not to provide Ironclad with Personally Identifiable Information or you may turn off cookies in your browser by changing its settings. If you make these decisions, you may continue to use the Online Services and browse its pages. However, Ironclad cannot process orders without Personally Identifiable Information.
User and Authorized Contact Access to Order Information. Ironclad will give you, or anyone listed as an authorized contact for your account, information about your order. This may include information about the nature and status of your order, information you provided to process your order, payment information, and contact information. If you want someone to have access to your order, you must list them as an authorized contact or they may not obtain information.
Deleting Your Information. If you no longer desire our services, or if you want to remove your Personally Identifiable Information from our Site, you may terminate your account by contacting support@ironcladhq.com.
Opting Out of Marketing. We send promotional emails and newsletters from time to time to users who have registered on the site and to those who have opted in to receive such emails. You can opt-out of promotional communications by following the unsubscribe instructions in any communication or by emailing us at support@ironcladhq.com. Generally, you may not opt-out of service-related or transactional communications, which are not promotional. If you do not wish to receive service-related communications, however, you may terminate your account by contacting support@ironcladhq.com.
Data Retention
At minimum, we will retain your information for as long as needed to provide you services, and as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Ironclad may maintain some or all of this data in its archives even after it has been removed from the Site.
Data Security
We strive to make certain that our servers and connections incorporate the latest encryption and security devices. We have implemented physical, electronic, and managerial procedures to safeguard and secure the information we collect. Credit card and personal information are transmitted by secure servers (SSL). In the event that we mail you documents, documents are delivered to you via UPS or similar overnight delivery services, the United States Postal Service, or email. Unfortunately, no data transmission is guaranteed to be 100% secure and we therefore cannot guarantee the security of information you transmit to or from the Site, Applications, or through the use of our services, and you provide this information at your own risk. ACCORDINGLY, WE DISCLAIM LIABILITY FOR THE THEFT, LOSS, OR INTERCEPTION OF, OR UNAUTHORIZED ACCESS OR DAMAGE TO, YOUR DATA OR COMMUNICATIONS BY USING THE SITE, APPLICATIONS, AND OUR SERVICES. YOU ACKNOWLEDGE THAT YOU UNDERSTAND AND ASSUME THESE RISKS.
IF YOU BELIEVE YOUR PRIVACY HAS BEEN BREACHED THROUGH USE OF OUR WEBSITE, APPLICATIONS, OR OTHER SERVICES PLEASE CONTACT US IMMEDIATELY AT support@ironcladhq.com.
EEA, Switzerland, and UK Individuals
Legal Bases for Use of Your Information. Our legal grounds for processing your information are as follows:
- To honor our contractual commitments to you: Much of our processing of personal data is to meet our contractual obligations to our users, or to take steps at users’ requests in anticipation of entering into a contract with them. For example, we handle personal data on this basis to allow you to sign up for our Online Services.
- Consent: Where required by law, and in some other cases, we handle personal data on the basis of your implied or express consent.
- Legitimate interests: In many cases, we handle personal data on the ground that it furthers our legitimate interests in commercial activities in ways that are not overridden by the interests or fundamental rights and freedoms of the affected individuals. This includes: operating our business and the Online Services; providing security for our websites, products, software, or applications; marketing; receiving payments; preventing fraud; and knowing the customer to whom we are providing the Online Services.
- Legal compliance: We need to use and disclose personal data in certain ways to comply with our legal obligations (such as our obligation to disclose data to tax authorities).
Data Subject Rights. Residents of the European Economic Area (“EEA”), Switzerland, and the UK can exercise certain data subject rights available to them under applicable data protection laws. Where such rights apply, we will comply with requests to exercise these rights in accordance with applicable law. Please note, however, that certain information may be exempt from such requests in some circumstances, which may include if we need to keep processing your information for our legitimate interests or to comply with a legal obligation. If these rights apply to you, they may permit you to request that we:
- provide access to and/or a copy of certain information we hold about you
- prevent the processing of your information for direct-marketing purposes (including any direct marketing processing based on profiling)
- update information which is out of date or incorrect
- delete certain information which we are holding about you
- restrict the way that we process and disclose certain of your information
- transfer your information to a third party provider of services
- revoke your consent for the processing of your information
For more information on how to exercise these rights, please contact us using the information in the “Contact Us” section below. If applicable, you may make a complaint to the data protection supervisory authority in the country where you are based. Alternatively, you may seek a remedy through local courts if you believe your rights have been breached.
In instances where we process personal information on behalf of our customer, rights requests should be directed to the relevant customer. Any request sent directly to us that pertains to information collected on behalf of a customer will be forwarded on to that customer.
International Data Transfers. Information submitted to Ironclad will be transferred to, processed, and stored in the United States, or for certain customers, the European Union or Japan. If you post or transfer any information to or through the Online Services, you are agreeing to such information, including Personally Identifiable Information, being hosted and accessed in the United States, the European Union, and Japan. Please note that the privacy laws of the United States, the European Union, and Japan may be different from those in the place where you are a resident.
Where required, we will use appropriate safeguards for transferring data outside of the EEA, Switzerland, and the UK. This includes signing Standard Contractual Clauses that govern the transfers of such data, which may be used in conjunction with additional safeguards. For more information about these transfer mechanisms, please contact us as detailed in the “Contact us” section below.
Supplemental Privacy Notice for California Residents
This Supplemental Privacy Notice supplements the information in our Privacy Policy above, and except as provided herein, applies solely to California residents. It applies to personal information we collect on or through the Online Services and through other means (such as information collected offline, in person, and over the telephone). It does not apply to personal information we collect from our employees and job applicants in their capacity as employees and job applicants. It also does not apply to personal information we process as a service provider.
Summary of Information We Collect
If you are a California resident, California law requires us to provide you with some additional information regarding how we collect, use, and disclose your “personal information” and "sensitive personal information" (as defined in the California Consumer Privacy Act (“CCPA”)).
Throughout our Privacy Policy, we describe the specific pieces of personal information and sensitive personal information we collect, the sources of that information, and how we disclose it. Under the CCPA, we also have to provide you with the "categories" of personal information we collect and disclose for “business purposes” (as those terms are defined by applicable law). Those categories are identifiers (such as name, address, email address, phone number, other account information, and cookies); commercial information (such as transaction data); financial data (such as credit card and other financial account information); internet or other network or device activity (such as IP address or service usage); geolocation information (general location); inference data about you; sensory information (such as audio recordings if you call customer service); professional or employment related data; education data; insurance (including health insurance) information; medical information; physical characteristics or description; legally protected classifications (such as gender); other information that identifies or can be reasonably associated with you.The categories of sensitive personal information are account log-in, financial account information, and password or other credentials allowing access to your account.
We collect the categories of personal information identified above from the following sources: (1) directly from you; (2) through your use of the Online Services; (3) affiliates; and (4) third parties such as social networks and other Ironclad users.
We or our service providers may collect and disclose the above categories of information for the purposes described in our Privacy Policy. This includes the following business or commercial purposes (as those terms are defined in applicable law):
- Our or our service provider’s operational purposes;
- Auditing consumer interactions on our site;
- Detecting, protecting against, and prosecuting security incidents and fraudulent or illegal activity;
- Bug detection and error reporting;
- Customizing content that we or our service providers display on the Online Services;
- Providing the Online Services (e.g., account servicing and maintenance, order processing and fulfillment, customer service, advertising and marketing, analytics, and communication about the Online Services);
- Improving the Online Services and developing new services (e.g., by conducting research to develop new products or features);
- Other uses that advance our commercial or economic interests, such as third party advertising and communicating with you about relevant offers from third party partners;
- Other uses about which we notify you.
We may also use the above categories of personal information for compliance with applicable laws and regulations, and we may combine the information we collect (“aggregate”) or remove pieces of information (“de-identify”) to limit or prevent identification of any particular user or device.
We describe our information disclosure practices in our Privacy Policy. We may disclose certain categories of personal information with third parties (as defined by the CCPA) for the business purposes described above. For example, we may disclose identifiers and other information that identifies or can reasonably be associated with you with counterparties to your agreements. We may disclose identifiers with our marketing partners, and we may also disclose any of the categories described above with our subsidiaries and affiliates. If you connect your account with social media services or interact with social media plugins or links on the Online Service, we may disclose identifiers, commercial information, internet or other network or device activity, or general location with those social media services.
Consumer Rights
If you are a California resident, you may have certain rights. California law may permit you to request that we:
- Provide you the categories of personal information we have collected or disclosed about you; the categories of sources of such information; the business or commercial purpose for "collecting," "selling," or "sharing" your personal information; the categories of third parties to whom we disclose or "sell," or with whom we "share," personal information; and the categories of personal information we "sell."
- Provide access to and/or a copy of certain information we hold about you.
- Delete certain information we have about you.
- Correct inaccurate personal information that we maintain about you.
You may have the right to receive information about the financial incentives that we offer to you (if any). You also have the right to not be discriminated against (as provided for in applicable law) for exercising certain of your rights. Certain information may be exempt from such requests under applicable law. We need certain types of information so that we can provide the Online Services to you. If you ask us to delete it, you may no longer be able to access or use the Online Services.
In instances where we process personal information on behalf of our customer, rights requests should be directed to the relevant customer. Any request sent directly to us that pertains to information collected on behalf of a customer will be forwarded on to that customer.
If you would like to exercise any of these rights, you can submit a request at legal@ironcladhq.com, call (855) 999-4766, or submit this form. You will be required to verify your identity before we fulfill your request. To do so, you will need to provide information to match with our existing records to verify your identity, depending on the nature of the request and the sensitivity of the information sought. You can also designate an authorized agent to make a request on your behalf. To do so, you must provide us with written authorization or a power of attorney, signed by you, for the agent to act on your behalf. You will still need to verify your identity directly with us.
“Sale” of Personal Information
California residents may opt out of the "sale" of their personal information. The CCPA broadly defines "sale" in a way that may include allowing third parties to receive certain information such as cookie identifiers, IP addresses and/or browsing behavior to add to a profile about your device, browser or you. Such profiles may enable delivery of interest-based advertising by such third parties within their platform or on other sites.
Depending on how you use the Service, we may disclose the following categories of information for such interest-based advertising, which may be considered a “sale” as defined by the CCPA: identifiers (such as IP address, device identifiers, and cookies) and internet and device activity. To opt out of such "sales," please submit a request to legal@ironcladhq.com or submit this form.
"Sharing" of Personal Information
California residents may opt out of the "sharing" of their personal information. The CCPA defines "sharing" as the targeting of advertising to a consumer based on that consumer's personal information obtained from the consumer's activity across websites. We "share" information fo these purposes to provide more relevant and tailored advertising to you regarding our Services. As part of this advertising, we may "share" identifiers (such as IP address, device identifiers, and cookies) and internet and device activity with advertising platforms and advertising networks. To opt out of such "sharing," please submit a request to legal@ironcladhq.com or submit this form.
Children Under 16
We do not knowingly "sell" or "share" the personal information of children under 16.
Sensitive Personal Information
The CCPA also allows you to limit the use or disclosure of your "sensitive personal information" (as defined in the CCPA) if your sensitive personal information is used for certain purposes. Please note that we do not use or disclose sensitive personal information other than for purposes for which you cannot opt out under the CCPA.
Retention of Your Personal Information
Please see the "Data Retention" section above.
California Shine the Light
We do not disclose personal information to third parties for their direct marketing purposes.
Children’s Privacy
The Online Services are not directed to children under the age of 13. We do not knowingly collect personal information (as that term is defined in the Children’s Online Privacy Protection Act (COPPA)) from children under 13. If we discover that an individual under 13 has provided us with personal information, we will delete the personal information to the extent required by COPPA.
We do not knowingly process data of EU residents under the age of 16 without parental consent. If we become aware that we have collected data from an EU resident under the age of 16 without parental consent, we will take reasonable steps to delete it as soon as possible.
Changes to this Policy
We may update this privacy policy to reflect changes to our information practices. If we make any material changes a notice may be posted on this page along with the updated Privacy Policy prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.
Contact Us
If you have any questions or concerns regarding our Privacy Policy, please contact us at legal@ironcladhq.com.
Effective December 27th 2022 to March 15th 2023
DownloadTable of Contents
Ironclad, Inc. (“Ironclad” “We”, “Us”) is sensitive to your concerns about how we use the personal information we collect from you through Ironclad’s website (the “Site”) and other plug-ins exchanging information with Ironclad (“Applications”). (The Site and Applications are sometimes collectively referred to as “Online Services” for simplicity.) This Privacy Policy covers Ironclad’s treatment of the Personally Identifiable Information we collect when you use the Online Services. It also describes the choices available to you regarding our use of your personal information and how you can access and update this information. By using Ironclad Online Services, you accept the terms of this Privacy Policy. If you have questions or concerns about the Privacy Policy, please contact Customer Care at support@ironcladhq.com.
For purposes of data protection laws, Ironclad Inc., 71 Stevenson St #600, San Francisco, CA 94105, is the entity responsible for your information.
What information do we collect?
Information You Provide to Us
Ironclad requires each customer to provide us with personal information (collectively “Personally Identifiable Information”) to access and use Ironclad products and services. Personally Identifiable Information is captured when a visitor accesses Online Services, or speaks on the phone with or emails an Ironclad employee, and willingly discloses that information. This disclosure may occur when a visitor registers with an Online Service, engages in transactions, contacts customer service, or participates in contests, promotions, surveys, forums, content submissions, requests for suggestions, or other aspects of services offered by Ironclad.
Personally Identifiable Information includes: (i) “Contact Data” (such as your name, address, city, state, zip code, phone number, and email address); (ii) “Financial Data” (such as your credit card number, expiration date, and verification code or bank account information); (iii) “Demographic Data” (such as your zip code and sex).
Calls/Electronic Communications. In the regular course of our business, Ironclad may monitor and record phone conversations or email communications between you and Ironclad employees for training and quality assurance purposes. We may receive a confirmation when you open or click on content in an email from us, which helps us make our communications to you more useful and interesting.
Surveys, Sweepstakes, and Contests. We may provide you the opportunity to participate in surveys on our site, to measure customer satisfaction. If you participate, we may request certain personally identifiable information from you. Participation in these surveys, sweepstakes, or contests is completely voluntary and you therefore have a choice whether or not to disclose this information. The requested information typically includes name, email address, and mailing address.
Testimonials and Reviews. We may display personal testimonials of satisfied customers. We will ask for your specific consent as part of the survey. If you wish to update or delete your testimonial, you can contact us at support@ironcladhq.com. We may also display customer reviews. If you provide a review that we display and wish to update or delete it, you can also contact us at support@ironcladhq.com.
Information We Collect Automatically.
Traffic Data. Ironclad or its third-party service providers may collect a variety of visitor data such as IP addresses, browser settings, internet service provider (ISP) information, referring/exit pages, operating systems, date/time stamps, and clickstream data (collectively “Visitor Data”). The Ironclad internal servers and software automatically recognize Visitor Data. The Site may use Visitor Data to compile traffic data about the types of visitors who use the Site at specific intervals (collectively “Traffic Data”).
We may use Traffic Data to analyze Site traffic. We may also use Traffic Data to diagnose problems with our server, administer our Site, or display content according to your preferences. Visitor Data and Traffic Data may also be disclosed to business partners, affiliates, or advertisers on an aggregated and anonymous basis.
Cookies. Ironclad may use the standard cookie feature of major browser applications and third-party providers, including Google Analytics features (Remarketing, Google Display Network Impression Reporting, the DoubleClick Campaign Manager Integration and Google Analytics Demographics and Interest Reporting), or employ internally developed cookies, clear GIFs, pixel tags, tracking codes, and other technologies that allow Ironclad to store a small piece of data on a visitor’s computer, or any other device a visitor uses to access Online Services, about his or her visit to the Site or use of Applications. You can remove persistent cookies by following directions provided in your Internet browser’s “help” directory. If you reject cookies, you may still use our site, but your ability to use some areas of our site will be limited.
Location Information. When you use the Online Services, we may collect general location information (such as general location inferred from an IP address).
Information from Other Sources. We may collect information about you from third parties, such as marketing partners and researchers. Our customers may give us information about you, such as your Contact Data, in order to facilitate contracting through our Online Services. We may combine this information with information we collect from you and use it as described in this Privacy Policy.
How do we use the information we collect?
We use information we collect from the Online Services to: provide you with the Online Services; communicate with you; process your orders; manage and remember your preferences and customize the Online Services; analyze and improve the Online Services or any other products and Online Services we provide; improve our advertising and marketing; verify your identity; facilitate your transactions with our third-party marketing partners; inform you of offers and discounts; comply with our legal obligations or as permitted by law; protect the safety and/or integrity of our users, employees, third parties, members of the public, and/or the Online Services; and prevent fraud and enforce our legal terms.
We may combine information that we collect from you through the Online Service with information that we obtain from other sources. We may also aggregate and/or de-identify information collected through the Online Services. We may use de-identified or aggregated data for any purpose, including without limitation for research and marketing purposes.
How do we disclose the information we receive?
Except as disclosed here, we do not rent, sell, or disclose your personal information to third parties. We disclose customer information as follows:
- Order Processing. Ironclad, sometimes with the assistance of a third party or Ironclad subsidiary, may use your Personally Identifiable Information to process your payment through merchant account services, and to generate the products and services you order. Your Contact Data may be used to follow up with you on transactions you initiate through Online Services, respond to inquiries made through Online Services, inform you of changes to Online Services, and send you additional information about Ironclad and its products and services.
- Third Party Marketing. Unless specifically authorized by you, we do not provide Personally Identifiable Information to third parties for marketing purposes. If you express interest in a third party offer or purchase a package that includes a third party offer, we may provide your Personally Identifiable Information to that third party solely in connection with the offer you have selected.
- Required by Law. We may also disclose your personal information: as required by law, such as in response to a subpoena or similar legal process, and when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a legal request.
- Visitor Demographics. Contact Data and Traffic Data are used to gather general statistics about our customers and visitors. We may use Demographic Data to generate collective information about our users, but not in a way that identifies any user specifically. For example, we may inform third parties about the number of registered users and unique visitors, and the pages most frequently browsed.
- Service Providers. We may disclose your Personally Identifiable Information to companies that provide support services to us (such as a printer or email service provider), or help us market our products and services. These companies may need information about you in order to perform their functions.
- Blogs and Forums. The Site may include a publicly accessible blog and interactive forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. You should use caution when deciding whether to disclose your personal information in these areas of the site. To request removal of your personal information from our community forums, contact us at support@ironcladhq.com. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.
- Other Transfers. We may disclose Personally Identifiable Information and other data to businesses controlling, controlled by, or under common control with Ironclad. If Ironclad is merged, acquired, or sold, or if some or all of our assets or equity are transferred, we may disclose or transfer Personally Identifiable Information and other data in connection with the associated transactions.
- Bankruptcy. In the event of an Ironclad bankruptcy, insolvency, reorganization, receivership, or assignment for the benefit of creditors, or the application of laws or equitable principles affecting creditors’ rights generally, we may not be able to control how your personal information is treated, transferred, or used. If such an event occurs, your Personally Identifiable Information may be treated like any other Ironclad asset and sold, transferred, or disclosed to third parties, or used in ways not contemplated or permitted under this Privacy Policy. In this case, you will be notified via email and/or a prominent notice on our site of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
- Consent. In addition to the disclosures described in this Policy, we may disclose information about you whenever you consent to or direct such disclosure.
Analytics & Advertising
Analytics. We may use third-party web analytics services on the Online Services, such as those of Google Analytics. These service providers use the sort of technology described in the “Information We Collect Automatically” section above to help us analyze how users use the Online Services, including by noting the third-party website from which you arrive. The information collected by the technology will be disclosed to or collected directly by these service providers, who use the information to evaluate your use of the Service. We also use Google Analytics for certain purposes related to advertising, as described in the following section. To prevent Google Analytics from using your information for analytics, you may install the Google Analytics Opt-Out Browser Add-on.
Advertising. Our partners and affiliates, including Google Analytics (Remarketing, Google Display Network Impression Reporting, the DoubleClick Campaign Manager Integration, and Google Analytics and Interest Reporting), may use cookies and web beacons to collect information about your activities on this and other websites to provide you targeted advertising based upon your interests. This means that these partners and affiliates may show our ads on sites across the Internet based upon your previous visits to our site. Together with our partners and affiliates, we may use these cookies and web beacons to report how your ad impressions, other uses of ad services, and interactions with these ad impressions and ad services are related to your visits to our site.
The use of tracking technologies by our service providers, technology partners or other third party assets (such as social media links) on the site is not covered by our Privacy Policy. We do not have access or control over these technologies.
If you would like to learn more or opt out of receiving online display advertising tailored to your interests, please visit the Networking Advertising Initiative at www.networkadvertising.org/managing/opt_out.asp or the Digital Advertising Alliance at http://aboutads.info/choices. Please note this does not opt you out of being served advertising. You will continue to receive generic ads. If you delete your cookies, use a different browser, or buy a new computer, you will need to renew your online display advertising opt-out choice. To opt out of Google Analytics for Display Advertising or customize Google Display Network ads, you can visit the Google Ads Settings page.
Do Not Track. We do not recognize or respond to browser-initiated Do Not Track signals, as the Internet industry is currently still working on Do Not Track standards, implementations, and solutions.
Data we process on behalf of our customers
We receive information from and on behalf of our customers when they use our Online Services. Because of the nature of the services, this information may contain any type of personal identifiable information, including Contact Data, Financial Data, Demographic Data, and Legal Data (such as social security numbers, company information, trade secrets, inventions, and idea submissions and other sensitive information necessary to generate legal documents). We process such data only in accordance with our customers’ instructions. For such data, the customer is the "data controller" (for purposes of GDPR) or the “business” (for purposes of the CCPA) and is responsible for most aspects of the processing of the personal information. If you have any questions or concerns about how your personal information is processed in these cases, including how to exercise your rights as a data subject, please contact the customer. If we receive any rights requests concerning instances where we act as data processor, we will forward your query on to the relevant customer.
We may also collect the information of third party individuals on behalf of our customers. For example, our customers may use our service to collect counterparty information to populate a contract. Ironclad primarily uses this information for the purpose of administering and improving its services for our customers. Where the third party individual chooses to create an Ironclad account with us, however, we will process their information in accordance with this Privacy Policy.
Third-Party Websites
Ironclad may maintain links to other websites and other websites may maintain links to the Online Services. This Privacy Policy applies only to ironcladapp.com and not to other websites accessible from Ironclad or that you use to access Ironclad, each of which may have privacy policies materially different from this Privacy Policy. If you visit other websites, Ironclad is not responsible for the privacy practices or content of those sites. It is your responsibility to review the privacy policies of non-Ironclad websites to confirm that you understand and agree with them.
Your Options
You may choose not to provide Ironclad with Personally Identifiable Information or you may turn off cookies in your browser by changing its settings. If you make these decisions, you may continue to use the Online Services and browse its pages. However, Ironclad cannot process orders without Personally Identifiable Information.
User and Authorized Contact Access to Order Information. Ironclad will give you, or anyone listed as an authorized contact for your account, information about your order. This may include information about the nature and status of your order, information you provided to process your order, payment information, and contact information. If you want someone to have access to your order, you must list them as an authorized contact or they may not obtain information.
Deleting Your Information. If you no longer desire our services, or if you want to remove your Personally Identifiable Information from our Site, you may terminate your account by contacting support@ironcladhq.com.
Opting Out of Marketing. We send promotional emails and newsletters from time to time to users who have registered on the site and to those who have opted in to receive such emails. You can opt-out of promotional communications by following the unsubscribe instructions in any communication or by emailing us at support@ironcladhq.com. Generally, you may not opt-out of service-related or transactional communications, which are not promotional. If you do not wish to receive service-related communications, however, you may terminate your account by contacting support@ironcladhq.com.
Data Retention
At minimum, we will retain your information for as long as needed to provide you services, and as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Ironclad may maintain some or all of this data in its archives even after it has been removed from the Site.
Data Security
We strive to make certain that our servers and connections incorporate the latest encryption and security devices. We have implemented physical, electronic, and managerial procedures to safeguard and secure the information we collect. Credit card and personal information are transmitted by secure servers (SSL). In the event that we mail you documents, documents are delivered to you via UPS or similar overnight delivery services, the United States Postal Service, or email. Unfortunately, no data transmission is guaranteed to be 100% secure and we therefore cannot guarantee the security of information you transmit to or from the Site, Applications, or through the use of our services, and you provide this information at your own risk. ACCORDINGLY, WE DISCLAIM LIABILITY FOR THE THEFT, LOSS, OR INTERCEPTION OF, OR UNAUTHORIZED ACCESS OR DAMAGE TO, YOUR DATA OR COMMUNICATIONS BY USING THE SITE, APPLICATIONS, AND OUR SERVICES. YOU ACKNOWLEDGE THAT YOU UNDERSTAND AND ASSUME THESE RISKS.
IF YOU BELIEVE YOUR PRIVACY HAS BEEN BREACHED THROUGH USE OF OUR WEBSITE, APPLICATIONS, OR OTHER SERVICES PLEASE CONTACT US IMMEDIATELY AT support@ironcladhq.com.
EEA, Switzerland, and UK Individuals
Legal Bases for Use of Your Information. Our legal grounds for processing your information are as follows:
- To honor our contractual commitments to you: Much of our processing of personal data is to meet our contractual obligations to our users, or to take steps at users’ requests in anticipation of entering into a contract with them. For example, we handle personal data on this basis to allow you to sign up for our Online Services.
- Consent: Where required by law, and in some other cases, we handle personal data on the basis of your implied or express consent.
- Legitimate interests: In many cases, we handle personal data on the ground that it furthers our legitimate interests in commercial activities in ways that are not overridden by the interests or fundamental rights and freedoms of the affected individuals. This includes: operating our business and the Online Services; providing security for our websites, products, software, or applications; marketing; receiving payments; preventing fraud; and knowing the customer to whom we are providing the Online Services.
- Legal compliance: We need to use and disclose personal data in certain ways to comply with our legal obligations (such as our obligation to disclose data to tax authorities).
Data Subject Rights. Residents of the European Economic Area (“EEA”), Switzerland, and the UK can exercise certain data subject rights available to them under applicable data protection laws. Where such rights apply, we will comply with requests to exercise these rights in accordance with applicable law. Please note, however, that certain information may be exempt from such requests in some circumstances, which may include if we need to keep processing your information for our legitimate interests or to comply with a legal obligation. If these rights apply to you, they may permit you to request that we:
- provide access to and/or a copy of certain information we hold about you
- prevent the processing of your information for direct-marketing purposes (including any direct marketing processing based on profiling)
- update information which is out of date or incorrect
- delete certain information which we are holding about you
- restrict the way that we process and disclose certain of your information
- transfer your information to a third party provider of services
- revoke your consent for the processing of your information
For more information on how to exercise these rights, please contact us using the information in the “Contact Us” section below. If applicable, you may make a complaint to the data protection supervisory authority in the country where you are based. Alternatively, you may seek a remedy through local courts if you believe your rights have been breached.
In instances where we process personal information on behalf of our customer, rights requests should be directed to the relevant customer. Any request sent directly to us that pertains to information collected on behalf of a customer will be forwarded on to that customer.
International Data Transfers. Information submitted to Ironclad will be transferred to, processed, and stored in the United States, or for certain customers, the European Union or Japan. If you post or transfer any information to or through the Online Services, you are agreeing to such information, including Personally Identifiable Information, being hosted and accessed in the United States, the European Union, and Japan. Please note that the privacy laws of the United States, the European Union, and Japan may be different from those in the place where you are a resident.
Where required, we will use appropriate safeguards for transferring data outside of the EEA, Switzerland, and the UK. This includes signing Standard Contractual Clauses that govern the transfers of such data, which may be used in conjunction with additional safeguards. For more information about these transfer mechanisms, please contact us as detailed in the “Contact us” section below.
Supplemental Privacy Notice for California Residents
This Supplemental Privacy Notice supplements the information in our Privacy Policy above, and except as provided herein, applies solely to California residents. It applies to personal information we collect on or through the Online Services and through other means (such as information collected offline, in person, and over the telephone). It does not apply to personal information we collect from our employees and job applicants in their capacity as employees and job applicants. It also does not apply to personal information we process as a service provider.
Summary of Information We Collect
If you are a California resident, California law requires us to provide you with some additional information regarding how we collect, use, and disclose your “personal information” and "sensitive personal information" (as defined in the California Consumer Privacy Act (“CCPA”)).
Throughout our Privacy Policy, we describe the specific pieces of personal information and sensitive personal information we collect, the sources of that information, and how we disclose it. Under the CCPA, we also have to provide you with the "categories" of personal information we collect and disclose for “business purposes” (as those terms are defined by applicable law). Those categories are identifiers (such as name, address, email address, phone number, other account information, and cookies); commercial information (such as transaction data); financial data (such as credit card and other financial account information); internet or other network or device activity (such as IP address or service usage); geolocation information (general location); inference data about you; sensory information (such as audio recordings if you call customer service); professional or employment related data; education data; insurance (including health insurance) information; medical information; physical characteristics or description; legally protected classifications (such as gender); other information that identifies or can be reasonably associated with you.The categories of sensitive personal information are account log-in, financial account information, and password or other credentials allowing access to your account.
We collect the categories of personal information identified above from the following sources: (1) directly from you; (2) through your use of the Online Services; (3) affiliates; and (4) third parties such as social networks and other Ironclad users.
We or our service providers may collect and disclose the above categories of information for the purposes described in our Privacy Policy. This includes the following business or commercial purposes (as those terms are defined in applicable law):
- Our or our service provider’s operational purposes;
- Auditing consumer interactions on our site;
- Detecting, protecting against, and prosecuting security incidents and fraudulent or illegal activity;
- Bug detection and error reporting;
- Customizing content that we or our service providers display on the Online Services;
- Providing the Online Services (e.g., account servicing and maintenance, order processing and fulfillment, customer service, advertising and marketing, analytics, and communication about the Online Services);
- Improving the Online Services and developing new services (e.g., by conducting research to develop new products or features);
- Other uses that advance our commercial or economic interests, such as third party advertising and communicating with you about relevant offers from third party partners;
- Other uses about which we notify you.
We may also use the above categories of personal information for compliance with applicable laws and regulations, and we may combine the information we collect (“aggregate”) or remove pieces of information (“de-identify”) to limit or prevent identification of any particular user or device.
We describe our information disclosure practices in our Privacy Policy. We may disclose certain categories of personal information with third parties (as defined by the CCPA) for the business purposes described above. For example, we may disclose identifiers and other information that identifies or can reasonably be associated with you with counterparties to your agreements. We may disclose identifiers with our marketing partners, and we may also disclose any of the categories described above with our subsidiaries and affiliates. If you connect your account with social media services or interact with social media plugins or links on the Online Service, we may disclose identifiers, commercial information, internet or other network or device activity, or general location with those social media services.
Consumer Rights
If you are a California resident, you may have certain rights. California law may permit you to request that we:
- Provide you the categories of personal information we have collected or disclosed about you; the categories of sources of such information; the business or commercial purpose for "collecting," "selling," or "sharing" your personal information; the categories of third parties to whom we disclose or "sell," or with whom we "share," personal information; and the categories of personal information we "sell."
- Provide access to and/or a copy of certain information we hold about you.
- Delete certain information we have about you.
- Correct inaccurate personal information that we maintain about you.
You may have the right to receive information about the financial incentives that we offer to you (if any). You also have the right to not be discriminated against (as provided for in applicable law) for exercising certain of your rights. Certain information may be exempt from such requests under applicable law. We need certain types of information so that we can provide the Online Services to you. If you ask us to delete it, you may no longer be able to access or use the Online Services.
In instances where we process personal information on behalf of our customer, rights requests should be directed to the relevant customer. Any request sent directly to us that pertains to information collected on behalf of a customer will be forwarded on to that customer.
If you would like to exercise any of these rights, you can submit a request at legal@ironcladhq.com, call (855) 999-4766, or submit this form. You will be required to verify your identity before we fulfill your request. To do so, you will need to provide information to match with our existing records to verify your identity, depending on the nature of the request and the sensitivity of the information sought. You can also designate an authorized agent to make a request on your behalf. To do so, you must provide us with written authorization or a power of attorney, signed by you, for the agent to act on your behalf. You will still need to verify your identity directly with us.
“Sale” of Personal Information
California residents may opt out of the "sale" of their personal information. The CCPA broadly defines "sale" in a way that may include allowing third parties to receive certain information such as cookie identifiers, IP addresses and/or browsing behavior to add to a profile about your device, browser or you. Such profiles may enable delivery of interest-based advertising by such third parties within their platform or on other sites.
Depending on how you use the Service, we may disclose the following categories of information for such interest-based advertising, which may be considered a “sale” as defined by the CCPA: identifiers (such as IP address, device identifiers, and cookies) and internet and device activity. To opt out of such "sales," please submit a request to legal@ironcladhq.com or submit this form.
"Sharing" of Personal Information
California residents may opt out of the "sharing" of their personal information. The CCPA defines "sharing" as the targeting of advertising to a consumer based on that consumer's personal information obtained from the consumer's activity across websites. We "share" information fo these purposes to provide more relevant and tailored advertising to you regarding our Services. As part of this advertising, we may "share" identifiers (such as IP address, device identifiers, and cookies) and internet and device activity with advertising platforms and advertising networks. To opt out of such "sharing," please submit a request to legal@ironcladhq.com or submit this form.
Children Under 16
We do not knowingly "sell" or "share" the personal information of children under 16.
Sensitive Personal Information
The CCPA also allows you to limit the use or disclosure of your "sensitive personal information" (as defined in the CCPA) if your sensitive personal information is used for certain purposes. Please note that we do not use or disclose sensitive personal information other than for purposes for which you cannot opt out under the CCPA.
Retention of Your Personal Information
Please see the "Data Retention" section above.
California Shine the Light
We do not disclose personal information to third parties for their direct marketing purposes.
Children’s Privacy
The Online Services are not directed to children under the age of 13. We do not knowingly collect personal information (as that term is defined in the Children’s Online Privacy Protection Act (COPPA)) from children under 13. If we discover that an individual under 13 has provided us with personal information, we will delete the personal information to the extent required by COPPA.
We do not knowingly process data of EU residents under the age of 16 without parental consent. If we become aware that we have collected data from an EU resident under the age of 16 without parental consent, we will take reasonable steps to delete it as soon as possible.
Changes to this Policy
We may update this privacy policy to reflect changes to our information practices. If we make any material changes a notice may be posted on this page along with the updated Privacy Policy prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.
Contact Us
If you have any questions or concerns regarding our Privacy Policy, please contact us at legal@ironcladhq.com.
Effective August 26th 2021 to December 27th 2022
DownloadTable of Contents
Ironclad, Inc. (“Ironclad” “We”, “Us”) is sensitive to your concerns about how we use the personal information we collect from you through Ironclad’s website (the “Site”) and other plug-ins exchanging information with Ironclad (“Applications”). (The Site and Applications are sometimes collectively referred to as “Online Services” for simplicity.) This Privacy Policy covers Ironclad’s treatment of the Personally Identifiable Information we collect when you use the Online Services. It also describes the choices available to you regarding our use of your personal information and how you can access and update this information. By using Ironclad Online Services, you accept the terms of this Privacy Policy. If you have questions or concerns about the Privacy Policy, please contact Customer Care at support@ironcladhq.com.
For purposes of data protection laws, Ironclad Inc., 71 Stevenson St #600, San Francisco, CA 94105, is the entity responsible for your information.
What information do we collect?
Information You Provide to Us
Ironclad requires each customer to provide us with personal information (collectively “Personally Identifiable Information”) to access and use Ironclad products and services. Personally Identifiable Information is captured when a visitor accesses Online Services, or speaks on the phone with or emails an Ironclad employee, and willingly discloses that information. This disclosure may occur when a visitor registers with an Online Service, engages in transactions, contacts customer service, or participates in contests, promotions, surveys, forums, content submissions, requests for suggestions, or other aspects of services offered by Ironclad.
Personally Identifiable Information includes: (i) “Contact Data” (such as your name, address, city, state, zip code, phone number, and email address); (ii) “Financial Data” (such as your credit card number, expiration date, and verification code or bank account information); (iii) “Demographic Data” (such as your zip code and sex).
Calls/Electronic Communications. In the regular course of our business, Ironclad may monitor and record phone conversations or email communications between you and Ironclad employees for training and quality assurance purposes. We may receive a confirmation when you open or click on content in an email from us, which helps us make our communications to you more useful and interesting.
Surveys, Sweepstakes, and Contests. We may provide you the opportunity to participate in surveys on our site, to measure customer satisfaction. If you participate, we may request certain personally identifiable information from you. Participation in these surveys, sweepstakes, or contests is completely voluntary and you therefore have a choice whether or not to disclose this information. The requested information typically includes name, email address, and mailing address.
Testimonials and Reviews. We may display personal testimonials of satisfied customers. We will ask for your specific consent as part of the survey. If you wish to update or delete your testimonial, you can contact us at support@ironcladhq.com. We may also display customer reviews. If you provide a review that we display and wish to update or delete it, you can also contact us at support@ironcladhq.com.
Information We Collect Automatically.
Traffic Data. Ironclad or its third-party service providers may collect a variety of visitor data such as IP addresses, browser settings, internet service provider (ISP) information, referring/exit pages, operating systems, date/time stamps, and clickstream data (collectively “Visitor Data”). The Ironclad internal servers and software automatically recognize Visitor Data. The Site may use Visitor Data to compile traffic data about the types of visitors who use the Site at specific intervals (collectively “Traffic Data”).
We may use Traffic Data to analyze Site traffic. We may also use Traffic Data to diagnose problems with our server, administer our Site, or display content according to your preferences. Visitor Data and Traffic Data may also be shared with business partners, affiliates, or advertisers on an aggregated and anonymous basis.
Cookies. Ironclad may use the standard cookie feature of major browser applications and third-party providers, including Google Analytics features (Remarketing, Google Display Network Impression Reporting, the DoubleClick Campaign Manager Integration and Google Analytics Demographics and Interest Reporting), or employ internally developed cookies, clear GIFs, pixel tags, tracking codes, and other technologies that allow Ironclad to store a small piece of data on a visitor’s computer, or any other device a visitor uses to access Online Services, about his or her visit to the Site or use of Applications. You can remove persistent cookies by following directions provided in your Internet browser’s “help” directory. If you reject cookies, you may still use our site, but your ability to use some areas of our site will be limited.
Location Information. When you use the Online Services, we may collect general location information (such as general location inferred from an IP address).
Information from Other Sources. We may collect information about you from third parties, such as marketing partners and researchers. Our customers may give us information about you, such as your Contact Data, in order to facilitate contracting through our Online Services. We may combine this information with information we collect from you and use it as described in this Privacy Policy.
How do we use the information we collect?
We use information we collect from the Online Services to: provide you with the Online Services; communicate with you; process your orders; manage and remember your preferences and customize the Online Services; analyze and improve the Online Services or any other products and Online Services we provide; improve our advertising and marketing; verify your identity; facilitate your transactions with our third-party marketing partners; inform you of offers and discounts; comply with our legal obligations or as permitted by law; protect the safety and/or integrity of our users, employees, third parties, members of the public, and/or the Online Services; and prevent fraud and enforce our legal terms.
We may combine information that we collect from you through the Online Service with information that we obtain from other sources. We may also aggregate and/or de-identify information collected through the Online Services. We may use de-identified or aggregated data for any purpose, including without limitation for research and marketing purposes.
How do we share the information we receive?
Except as disclosed here, we do not rent, sell, or share your personal information with third parties. We share customer information with third parties as follows:
- Order Processing. Ironclad, sometimes with the assistance of a third party or Ironclad subsidiary, may use your Personally Identifiable Information to process your payment through merchant account services, and to generate the products and services you order. Your Contact Data may be used to follow up with you on transactions you initiate through Online Services, respond to inquiries made through Online Services, inform you of changes to Online Services, and send you additional information about Ironclad and its products and services.
- Third Party Marketing. Unless specifically authorized by you, we do not provide Personally Identifiable Information to third parties for marketing purposes. If you express interest in a third party offer or purchase a package that includes a third party offer, we may provide your Personally Identifiable Information to that third party solely in connection with the offer you have selected.
- Required by Law. We may also disclose your personal information: as required by law, such as in response to a subpoena or similar legal process, and when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a legal request.
- Visitor Demographics. Contact Data and Traffic Data are used to gather general statistics about our customers and visitors. We may use Demographic Data to generate collective information about our users, but not in a way that identifies any user specifically. For example, we may inform third parties about the number of registered users and unique visitors, and the pages most frequently browsed.
- Service Providers. We may share your Personally Identifiable Information with companies that provide support services to us (such as a printer or email service provider), or help us market our products and services. These companies may need information about you in order to perform their functions.
- Blogs and Forums. The Site may include a publicly accessible blog and interactive forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. You should use caution when deciding whether to disclose your personal information in these areas of the site. To request removal of your personal information from our community forums, contact us at support@ironcladhq.com. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.
- Other Transfers. We may share Personally Identifiable Information and other data with businesses controlling, controlled by, or under common control with Ironclad. If Ironclad is merged, acquired, or sold, or if some or all of our assets or equity are transferred, we may disclose or transfer Personally Identifiable Information and other data in connection with the associated transactions.
- Bankruptcy. In the event of an Ironclad bankruptcy, insolvency, reorganization, receivership, or assignment for the benefit of creditors, or the application of laws or equitable principles affecting creditors’ rights generally, we may not be able to control how your personal information is treated, transferred, or used. If such an event occurs, your Personally Identifiable Information may be treated like any other Ironclad asset and sold, transferred, or shared with third parties, or used in ways not contemplated or permitted under this Privacy Policy. In this case, you will be notified via email and/or a prominent notice on our site of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
- Consent. In addition to the sharing described in this Policy, we may share information about you whenever you consent to or direct such sharing.
Analytics & Advertising
Analytics. We may use third-party web analytics services on the Online Services, such as those of Google Analytics. These service providers use the sort of technology described in the “Information We Collect Automatically” section above to help us analyze how users use the Online Services, including by noting the third-party website from which you arrive. The information collected by the technology will be disclosed to or collected directly by these service providers, who use the information to evaluate your use of the Service. We also use Google Analytics for certain purposes related to advertising, as described in the following section. To prevent Google Analytics from using your information for analytics, you may install the Google Analytics Opt-Out Browser Add-on.
Advertising. Our partners and affiliates, including Google Analytics (Remarketing, Google Display Network Impression Reporting, the DoubleClick Campaign Manager Integration, and Google Analytics and Interest Reporting), may use cookies and web beacons to collect information about your activities on this and other websites to provide you targeted advertising based upon your interests. This means that these partners and affiliates may show our ads on sites across the Internet based upon your previous visits to our site. Together with our partners and affiliates, we may use these cookies and web beacons to report how your ad impressions, other uses of ad services, and interactions with these ad impressions and ad services are related to your visits to our site.
The use of tracking technologies by our service providers, technology partners or other third party assets (such as social media links) on the site is not covered by our Privacy Policy. We do not have access or control over these technologies.
If you would like to learn more or opt out of receiving online display advertising tailored to your interests, please visit the Networking Advertising Initiative at www.networkadvertising.org/managing/opt_out.asp or the Digital Advertising Alliance at http://aboutads.info/choices. Please note this does not opt you out of being served advertising. You will continue to receive generic ads. If you delete your cookies, use a different browser, or buy a new computer, you will need to renew your online display advertising opt-out choice. To opt out of Google Analytics for Display Advertising or customize Google Display Network ads, you can visit the Google Ads Settings page.
Do Not Track. We do not recognize or respond to browser-initiated Do Not Track signals, as the Internet industry is currently still working on Do Not Track standards, implementations, and solutions.
Data we process on behalf of our customers
We receive information from and on behalf of our customers when they use our Online Services. Because of the nature of the services, this information may contain any type of personal identifiable information, including Contact Data, Financial Data, Demographic Data, and Legal Data (such as social security numbers, company information, trade secrets, inventions, and idea submissions and other sensitive information necessary to generate legal documents). We process such data only in accordance with our customers’ instructions. For such data, the customer is the data controller (for purposes of GDPR) or the “business” (for purposes of the CCPA) and is responsible for most aspects of the processing of the personal information. If you have any questions or concerns about how your personal information is processed in these cases, including how to exercise your rights as a data subject, please contact the customer. If we receive any rights requests concerning instances where we act as data processor, we will forward your query on to the relevant customer.
We may also collect the information of third party individuals on behalf of our customers. For example, our customers may use our service to collect counterparty information to populate a contract. Ironclad primarily uses this information for the purpose of administering and improving its services for our customers. Where the third party individual chooses to create an Ironclad account with us, however, we will process their information in accordance with this Privacy Policy.
Third-Party Websites
Ironclad may maintain links to other websites and other websites may maintain links to the Online Services. This Privacy Policy applies only to ironcladapp.com and not to other websites accessible from Ironclad or that you use to access Ironclad, each of which may have privacy policies materially different from this Privacy Policy. If you visit other websites, Ironclad is not responsible for the privacy practices or content of those sites. It is your responsibility to review the privacy policies of non-Ironclad websites to confirm that you understand and agree with them.
Your Options
You may choose not to provide Ironclad with Personally Identifiable Information or you may turn off cookies in your browser by changing its settings. If you make these decisions, you may continue to use the Online Services and browse its pages. However, Ironclad cannot process orders without Personally Identifiable Information.
User and Authorized Contact Access to Order Information. Ironclad will give you, or anyone listed as an authorized contact for your account, information about your order. This may include information about the nature and status of your order, information you provided to process your order, payment information, and contact information. If you want someone to have access to your order, you must list them as an authorized contact or they may not obtain information.
Deleting Your Information. If you no longer desire our services, or if you want to remove your Personally Identifiable Information from our Site, you may terminate your account by contacting support@ironcladhq.com.
Opting Out of Marketing. We send promotional emails and newsletters from time to time to users who have registered on the site and to those who have opted in to receive such emails. You can opt-out of promotional communications by following the unsubscribe instructions in any communication or by emailing us at support@ironcladhq.com. Generally, you may not opt-out of service-related or transactional communications, which are not promotional. If you do not wish to receive service-related communications, however, you may terminate your account by contacting support@ironcladhq.com.
Data Retention
At minimum, we will retain your information for as long as needed to provide you services, and as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Ironclad may maintain some or all of this data in its archives even after it has been removed from the Site.
Data Security
We strive to make certain that our servers and connections incorporate the latest encryption and security devices. We have implemented physical, electronic, and managerial procedures to safeguard and secure the information we collect. Credit card and personal information are transmitted by secure servers (SSL). In the event that we mail you documents, documents are delivered to you via UPS or similar overnight delivery services, the United States Postal Service, or email. Unfortunately, no data transmission is guaranteed to be 100% secure and we therefore cannot guarantee the security of information you transmit to or from the Site, Applications, or through the use of our services, and you provide this information at your own risk. ACCORDINGLY, WE DISCLAIM LIABILITY FOR THE THEFT, LOSS, OR INTERCEPTION OF, OR UNAUTHORIZED ACCESS OR DAMAGE TO, YOUR DATA OR COMMUNICATIONS BY USING THE SITE, APPLICATIONS, AND OUR SERVICES. YOU ACKNOWLEDGE THAT YOU UNDERSTAND AND ASSUME THESE RISKS.
IF YOU BELIEVE YOUR PRIVACY HAS BEEN BREACHED THROUGH USE OF OUR WEBSITE, APPLICATIONS, OR OTHER SERVICES PLEASE CONTACT US IMMEDIATELY AT support@ironcladhq.com.
EEA, Switzerland, and UK Individuals
Legal Bases for Use of Your Information. Our legal grounds for processing your information are as follows:
- To honor our contractual commitments to you: Much of our processing of personal data is to meet our contractual obligations to our users, or to take steps at users’ requests in anticipation of entering into a contract with them. For example, we handle personal data on this basis to allow you to sign up for our Online Services.
- Consent: Where required by law, and in some other cases, we handle personal data on the basis of your implied or express consent.
- Legitimate interests: In many cases, we handle personal data on the ground that it furthers our legitimate interests in commercial activities in ways that are not overridden by the interests or fundamental rights and freedoms of the affected individuals. This includes: operating our business and the Online Services; providing security for our websites, products, software, or applications; marketing; receiving payments; preventing fraud; and knowing the customer to whom we are providing the Online Services.
- Legal compliance: We need to use and disclose personal data in certain ways to comply with our legal obligations (such as our obligation to share data with tax authorities).
Data Subject Rights. Residents of the European Economic Area (“EEA”), Switzerland, and the UK can exercise certain data subject rights available to them under applicable data protection laws. Where such rights apply, we will comply with requests to exercise these rights in accordance with applicable law. Please note, however, that certain information may be exempt from such requests in some circumstances, which may include if we need to keep processing your information for our legitimate interests or to comply with a legal obligation. If these rights apply to you, they may permit you to request that we:
- provide access to and/or a copy of certain information we hold about you
- prevent the processing of your information for direct-marketing purposes (including any direct marketing processing based on profiling)
- update information which is out of date or incorrect
- delete certain information which we are holding about you
- restrict the way that we process and disclose certain of your information
- transfer your information to a third party provider of services
- revoke your consent for the processing of your information
For more information on how to exercise these rights, please contact us using the information in the “Contact Us” section below. If applicable, you may make a complaint to the data protection supervisory authority in the country where you are based. Alternatively, you may seek a remedy through local courts if you believe your rights have been breached.
In instances where we process personal information on behalf of our customer, rights requests should be directed to the relevant customer. Any request sent directly to us that pertains to information collected on behalf of a customer will be forwarded on to that customer.
International Data Transfers. Information submitted to Ironclad will be transferred to, processed, and stored in the United States, or for certain customers, the European Union or Japan. If you post or transfer any information to or through the Online Services, you are agreeing to such information, including Personally Identifiable Information, being hosted and accessed in the United States, the European Union, and Japan. Please note that the privacy laws of the United States, the European Union, and Japan may be different from those in the place where you are a resident.
Where required, we will use appropriate safeguards for transferring data outside of the EEA, Switzerland, and the UK. This includes signing Standard Contractual Clauses that govern the transfers of such data, which may be used in conjunction with additional safeguards. For more information about these transfer mechanisms, please contact us as detailed in the “Contact us” section below.
Supplemental Privacy Notice for California Residents
This Supplemental Privacy Notice supplements the information in our Privacy Policy above, and except as provided herein, applies solely to California residents. It applies to personal information we collect on or through the Online Services and through other means (such as information collected offline, in person, and over the telephone). It does not apply to personal information we collect from our employees and job applicants in their capacity as employees and job applicants. It also does not apply to personal information we collect from employees, owners, directors, officers, or contractors of businesses in the course of our provision or receipt of business-related services.
Summary of Information We Collect
If you are a California resident, California law requires us to provide you with some additional information regarding how we collect, use, and share your “personal information” (as defined in the California Consumer Privacy Act (“CCPA”)).
Throughout our Privacy Policy, we describe the specific pieces of personal information we collect, the sources of that information, and how we share it. Under the CCPA, we also have to provide you with the "categories" of personal information we collect and disclose for “business purposes” (as those terms are defined by applicable law). Those categories are identifiers (such as name, address, email address, phone number, other account information, and cookies); commercial information (such as transaction data); financial data (such as credit card and other financial account information); internet or other network or device activity (such as IP address or service usage); geolocation information (general location); inference data about you; sensory information (such as audio recordings if you call customer service); professional or employment related data; education data; insurance (including health insurance) information; medical information; physical characteristics or description; legally protected classifications (such as gender); other information that identifies or can be reasonably associated with you.
We collect the categories of personal information identified above from the following sources: (1) directly from you; (2) through your use of the Online Services; (3) affiliates; and (4) third parties such as social networks and other Ironclad users.
We or our service providers may collect the above categories of information for the following business or commercial purposes:
- Our or our service provider’s operational purposes;
- Auditing consumer interactions on our site;
- Detecting, protecting against, and prosecuting security incidents and fraudulent or illegal activity;
- Bug detection and error reporting;
- Customizing content that we or our service providers display on the Online Services;
- Providing the Online Services (e.g., account servicing and maintenance, order processing and fulfillment, customer service, advertising and marketing, analytics, and communication about the Online Services);
- Improving the Online Services and developing new services (e.g., by conducting research to develop new products or features);
- Other uses that advance our commercial or economic interests, such as third party advertising and communicating with you about relevant offers from third party partners;
- Other uses about which we notify you.
We may also use the above categories of personal information for compliance with applicable laws and regulations, and we may combine the information we collect (“aggregate”) or remove pieces of information (“de-identify”) to limit or prevent identification of any particular user or device.
We describe our information sharing practices in our Privacy Policy. We may share certain categories of personal information with third parties for business purposes. For example, we may share identifiers and other information that identifies or can reasonably be associated with you with counterparties to your agreements. We may share identifiers with our marketing partners, and we may also share any of the categories described above with our subsidiaries and affiliates. If you connect your account with social media services or interact with social media plugins or links on the Online Service, we may share identifiers, commercial information, internet or other network or device activity, or general location with those social media services.
Consumer Rights
If you are a California resident, you may have certain rights. California law may permit you to request that we:
- Provide you the categories of personal information we have collected or disclosed about you in the last twelve months; the categories of sources of such information; the business or commercial purpose for collecting or selling your personal information; and the categories of third parties with whom we shared personal information.
- Provide access to and/or a copy of certain information we hold about you.
- Delete certain information we have about you.
You also have the right to not be discriminated against (as provided for in applicable law) for exercising certain of your rights. Certain information may be exempt from such requests under applicable law. We need certain types of information so that we can provide the Online Services to you. If you ask us to delete it, you may no longer be able to access or use the Online Services.
In instances where we process personal information on behalf of our customer, rights requests should be directed to the relevant customer. Any request sent directly to us that pertains to information collected on behalf of a customer will be forwarded on to that customer.
If you would like to exercise any of these rights, you can submit a request at legal@ironcladhq.com, or through the form here. You will be required to verify your identity before we fulfill your request. To do so, you will need to provide information to match with our existing records to verify your identity, depending on the nature of the request and the sensitivity of the information sought. You can also designate an authorized agent to make a request on your behalf. To do so, you must provide us with written authorization or a power of attorney, signed by you, for the agent to act on your behalf. You will still need to verify your identity directly with us.
“Sale” of Personal Information
California residents may opt out of the "sale" of their personal information. The CCPA broadly defines "sale" in a way that may include allowing third parties to receive certain information such as cookie identifiers, IP addresses and/or browsing behavior to add to a profile about your device, browser or you. Such profiles may enable delivery of interest-based advertising by such third parties within their platform or on other sites.
Depending on how you use the Service, we may share the following categories of information for such interest-based advertising, which may be considered a “sale” as defined by the CCPA: identifiers (such as IP address, device identifiers, and cookies) and internet and device activity. For information on how you can control or opt of such tracking technologies, see the “Analytics & Advertising” section above.
California Shine the Light
We do not share personal information with third parties for their direct marketing purposes.
Children’s Privacy
The Online Services are not directed to children under the age of 13. We do not knowingly collect personal information (as that term is defined in the Children’s Online Privacy Protection Act (COPPA)) from children under 13. If we discover that an individual under 13 has provided us with personal information, we will delete the personal information to the extent required by COPPA.
We do not knowingly process data of EU residents under the age of 16 without parental consent. If we become aware that we have collected data from an EU resident under the age of 16 without parental consent, we will take reasonable steps to delete it as soon as possible.
Changes to this Policy
We may update this privacy policy to reflect changes to our information practices. If we make any material changes a notice may be posted on this page along with the updated Privacy Policy prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.
Contact Us
If you have any questions or concerns regarding our Privacy Policy, please contact us at support@ironcladhq.com.
Effective May 14th 2021 to August 26th 2021
DownloadTable of Contents
Ironclad, Inc. (“Ironclad” “We”, “Us”) is sensitive to your concerns about how we use the personal information we collect from you through Ironclad’s website (the “Site”) and other plug-ins exchanging information with Ironclad (“Applications”). (The Site and Applications are sometimes collectively referred to as “Online Services” for simplicity.) This Privacy Policy covers Ironclad’s treatment of the Personally Identifiable Information we collect when you use the Online Services. It also describes the choices available to you regarding our use of your personal information and how you can access and update this information. By using Ironclad Online Services, you accept the terms of this Privacy Policy. If you have questions or concerns about the Privacy Policy, please contact Customer Care at support@ironcladhq.com.
For purposes of data protection laws, Ironclad Inc., 71 Stevenson St #600, San Francisco, CA 94105, is the entity responsible for your information.
What information do we collect?
Information You Provide to Us
Ironclad requires each customer to provide us with personal information (collectively “Personally Identifiable Information”) to access and use Ironclad products and services. Personally Identifiable Information is captured when a visitor accesses Online Services, or speaks on the phone with or emails an Ironclad employee, and willingly discloses that information. This disclosure may occur when a visitor registers with an Online Service, engages in transactions, contacts customer service, or participates in contests, promotions, surveys, forums, content submissions, requests for suggestions, or other aspects of services offered by Ironclad.
Personally Identifiable Information includes: (i) “Contact Data” (such as your name, address, city, state, zip code, phone number, and email address); (ii) “Financial Data” (such as your credit card number, expiration date, and verification code or bank account information); (iii) “Demographic Data” (such as your zip code and sex).
Calls/Electronic Communications. In the regular course of our business, Ironclad may monitor and record phone conversations or email communications between you and Ironclad employees for training and quality assurance purposes. We may receive a confirmation when you open or click on content in an email from us, which helps us make our communications to you more useful and interesting.
Surveys, Sweepstakes, and Contests. We may provide you the opportunity to participate in surveys on our site, to measure customer satisfaction. If you participate, we may request certain personally identifiable information from you. Participation in these surveys, sweepstakes, or contests is completely voluntary and you therefore have a choice whether or not to disclose this information. The requested information typically includes name, email address, and mailing address.
Testimonials and Reviews. We may display personal testimonials of satisfied customers. We will ask for your specific consent as part of the survey. If you wish to update or delete your testimonial, you can contact us at support@ironcladhq.com. We may also display customer reviews. If you provide a review that we display and wish to update or delete it, you can also contact us at support@ironcladhq.com.
Information We Collect Automatically.
Traffic Data. Ironclad or its third-party service providers may collect a variety of visitor data such as IP addresses, browser settings, internet service provider (ISP) information, referring/exit pages, operating systems, date/time stamps, and clickstream data (collectively “Visitor Data”). The Ironclad internal servers and software automatically recognize Visitor Data. The Site may use Visitor Data to compile traffic data about the types of visitors who use the Site at specific intervals (collectively “Traffic Data”).
We may use Traffic Data to analyze Site traffic. We may also use Traffic Data to diagnose problems with our server, administer our Site, or display content according to your preferences. Visitor Data and Traffic Data may also be shared with business partners, affiliates, or advertisers on an aggregated and anonymous basis.
Cookies. Ironclad may use the standard cookie feature of major browser applications and third-party providers, including Google Analytics features (Remarketing, Google Display Network Impression Reporting, the DoubleClick Campaign Manager Integration and Google Analytics Demographics and Interest Reporting), or employ internally developed cookies, clear GIFs, pixel tags, tracking codes, and other technologies that allow Ironclad to store a small piece of data on a visitor’s computer, or any other device a visitor uses to access Online Services, about his or her visit to the Site or use of Applications. You can remove persistent cookies by following directions provided in your Internet browser’s “help” directory. If you reject cookies, you may still use our site, but your ability to use some areas of our site will be limited.
Location Information. When you use the Online Services, we may collect general location information (such as general location inferred from an IP address).
Information from Other Sources. We may collect information about you from third parties, such as marketing partners and researchers. Our customers may give us information about you, such as your Contact Data, in order to facilitate contracting through our Online Services. We may combine this information with information we collect from you and use it as described in this Privacy Policy.
How do we use the information we collect?
We use information we collect from the Online Services to: provide you with the Online Services; communicate with you; process your orders; manage and remember your preferences and customize the Online Services; analyze and improve the Online Services or any other products and Online Services we provide; improve our advertising and marketing; verify your identity; facilitate your transactions with our third-party marketing partners; inform you of offers and discounts; comply with our legal obligations or as permitted by law; protect the safety and/or integrity of our users, employees, third parties, members of the public, and/or the Online Services; and prevent fraud and enforce our legal terms.
We may combine information that we collect from you through the Online Service with information that we obtain from other sources. We may also aggregate and/or de-identify information collected through the Online Services. We may use de-identified or aggregated data for any purpose, including without limitation for research and marketing purposes.
How do we share the information we receive?
Except as disclosed here, we do not rent, sell, or share your personal information with third parties. We share customer information with third parties as follows:
- Order Processing. Ironclad, sometimes with the assistance of a third party or Ironclad subsidiary, may use your Personally Identifiable Information to process your payment through merchant account services, and to generate the products and services you order. Your Contact Data may be used to follow up with you on transactions you initiate through Online Services, respond to inquiries made through Online Services, inform you of changes to Online Services, and send you additional information about Ironclad and its products and services.
- Third Party Marketing. Unless specifically authorized by you, we do not provide Personally Identifiable Information to third parties for marketing purposes. If you express interest in a third party offer or purchase a package that includes a third party offer, we may provide your Personally Identifiable Information to that third party solely in connection with the offer you have selected.
- Required by Law. We may also disclose your personal information: as required by law, such as in response to a subpoena or similar legal process, and when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a legal request.
- Visitor Demographics. Contact Data and Traffic Data are used to gather general statistics about our customers and visitors. We may use Demographic Data to generate collective information about our users, but not in a way that identifies any user specifically. For example, we may inform third parties about the number of registered users and unique visitors, and the pages most frequently browsed.
- Service Providers. We may share your Personally Identifiable Information with companies that provide support services to us (such as a printer or email service provider), or help us market our products and services. These companies may need information about you in order to perform their functions.
- Blogs and Forums. The Site may include a publicly accessible blog and interactive forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. You should use caution when deciding whether to disclose your personal information in these areas of the site. To request removal of your personal information from our community forums, contact us at support@ironcladhq.com. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.
- Other Transfers. We may share Personally Identifiable Information and other data with businesses controlling, controlled by, or under common control with Ironclad. If Ironclad is merged, acquired, or sold, or if some or all of our assets or equity are transferred, we may disclose or transfer Personally Identifiable Information and other data in connection with the associated transactions.
- Bankruptcy. In the event of an Ironclad bankruptcy, insolvency, reorganization, receivership, or assignment for the benefit of creditors, or the application of laws or equitable principles affecting creditors’ rights generally, we may not be able to control how your personal information is treated, transferred, or used. If such an event occurs, your Personally Identifiable Information may be treated like any other Ironclad asset and sold, transferred, or shared with third parties, or used in ways not contemplated or permitted under this Privacy Policy. In this case, you will be notified via email and/or a prominent notice on our site of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
- Consent. In addition to the sharing described in this Policy, we may share information about you whenever you consent to or direct such sharing.
Analytics & Advertising
Analytics. We may use third-party web analytics services on the Online Services, such as those of Google Analytics. These service providers use the sort of technology described in the “Information We Collect Automatically” section above to help us analyze how users use the Online Services, including by noting the third-party website from which you arrive. The information collected by the technology will be disclosed to or collected directly by these service providers, who use the information to evaluate your use of the Service. We also use Google Analytics for certain purposes related to advertising, as described in the following section. To prevent Google Analytics from using your information for analytics, you may install the Google Analytics Opt-Out Browser Add-on.
Advertising. Our partners and affiliates, including Google Analytics (Remarketing, Google Display Network Impression Reporting, the DoubleClick Campaign Manager Integration, and Google Analytics and Interest Reporting), may use cookies and web beacons to collect information about your activities on this and other websites to provide you targeted advertising based upon your interests. This means that these partners and affiliates may show our ads on sites across the Internet based upon your previous visits to our site. Together with our partners and affiliates, we may use these cookies and web beacons to report how your ad impressions, other uses of ad services, and interactions with these ad impressions and ad services are related to your visits to our site.
The use of tracking technologies by our service providers, technology partners or other third party assets (such as social media links) on the site is not covered by our Privacy Policy. We do not have access or control over these technologies.
If you would like to learn more or opt out of receiving online display advertising tailored to your interests, please visit the Networking Advertising Initiative at www.networkadvertising.org/managing/opt_out.asp or the Digital Advertising Alliance at http://aboutads.info/choices. Please note this does not opt you out of being served advertising. You will continue to receive generic ads. If you delete your cookies, use a different browser, or buy a new computer, you will need to renew your online display advertising opt-out choice. To opt out of Google Analytics for Display Advertising or customize Google Display Network ads, you can visit the Google Ads Settings page.
Do Not Track. We do not recognize or respond to browser-initiated Do Not Track signals, as the Internet industry is currently still working on Do Not Track standards, implementations, and solutions.
Data we process on behalf of our customers
We receive information from and on behalf of our customers when they use our Online Services. Because of the nature of the services, this information may contain any type of personal identifiable information, including Contact Data, Financial Data, Demographic Data, and Legal Data (such as social security numbers, company information, trade secrets, inventions, and idea submissions and other sensitive information necessary to generate legal documents). We process such data only in accordance with our customers’ instructions. For such data, the customer is the data controller (for purposes of GDPR) or the “business” (for purposes of the CCPA) and is responsible for most aspects of the processing of the personal information. If you have any questions or concerns about how your personal information is processed in these cases, including how to exercise your rights as a data subject, please contact the customer. If we receive any rights requests concerning instances where we act as data processor, we will forward your query on to the relevant customer.
We may also collect the information of third party individuals on behalf of our customers. For example, our customers may use our service to collect counterparty information to populate a contract. Ironclad primarily uses this information for the purpose of administering and improving its services for our customers. Where the third party individual chooses to create an Ironclad account with us, however, we will process their information in accordance with this Privacy Policy.
Third-Party Websites
Ironclad may maintain links to other websites and other websites may maintain links to the Online Services. This Privacy Policy applies only to ironcladapp.com and not to other websites accessible from Ironclad or that you use to access Ironclad, each of which may have privacy policies materially different from this Privacy Policy. If you visit other websites, Ironclad is not responsible for the privacy practices or content of those sites. It is your responsibility to review the privacy policies of non-Ironclad websites to confirm that you understand and agree with them.
Your Options
You may choose not to provide Ironclad with Personally Identifiable Information or you may turn off cookies in your browser by changing its settings. If you make these decisions, you may continue to use the Online Services and browse its pages. However, Ironclad cannot process orders without Personally Identifiable Information.
User and Authorized Contact Access to Order Information. Ironclad will give you, or anyone listed as an authorized contact for your account, information about your order. This may include information about the nature and status of your order, information you provided to process your order, payment information, and contact information. If you want someone to have access to your order, you must list them as an authorized contact or they may not obtain information.
Deleting Your Information. If you no longer desire our services, or if you want to remove your Personally Identifiable Information from our Site, you may terminate your account by contacting support@ironcladhq.com.
Opting Out of Marketing. We send promotional emails and newsletters from time to time to users who have registered on the site and to those who have opted in to receive such emails. You can opt-out of promotional communications by following the unsubscribe instructions in any communication or by emailing us at support@ironcladhq.com. Generally, you may not opt-out of service-related or transactional communications, which are not promotional. If you do not wish to receive service-related communications, however, you may terminate your account by contacting support@ironcladhq.com.
Data Retention
At minimum, we will retain your information for as long as needed to provide you services, and as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Ironclad may maintain some or all of this data in its archives even after it has been removed from the Site.
Data Security
We strive to make certain that our servers and connections incorporate the latest encryption and security devices. We have implemented physical, electronic, and managerial procedures to safeguard and secure the information we collect. Credit card and personal information are transmitted by secure servers (SSL). In the event that we mail you documents, documents are delivered to you via UPS or similar overnight delivery services, the United States Postal Service, or email. Unfortunately, no data transmission is guaranteed to be 100% secure and we therefore cannot guarantee the security of information you transmit to or from the Site, Applications, or through the use of our services, and you provide this information at your own risk. ACCORDINGLY, WE DISCLAIM LIABILITY FOR THE THEFT, LOSS, OR INTERCEPTION OF, OR UNAUTHORIZED ACCESS OR DAMAGE TO, YOUR DATA OR COMMUNICATIONS BY USING THE SITE, APPLICATIONS, AND OUR SERVICES. YOU ACKNOWLEDGE THAT YOU UNDERSTAND AND ASSUME THESE RISKS.
IF YOU BELIEVE YOUR PRIVACY HAS BEEN BREACHED THROUGH USE OF OUR WEBSITE, APPLICATIONS, OR OTHER SERVICES PLEASE CONTACT US IMMEDIATELY AT support@ironcladhq.com.
EEA, Switzerland, and UK Individuals
Legal Bases for Use of Your Information. Our legal grounds for processing your information are as follows:
- To honor our contractual commitments to you: Much of our processing of personal data is to meet our contractual obligations to our users, or to take steps at users’ requests in anticipation of entering into a contract with them. For example, we handle personal data on this basis to allow you to sign up for our Online Services.
- Consent: Where required by law, and in some other cases, we handle personal data on the basis of your implied or express consent.
- Legitimate interests: In many cases, we handle personal data on the ground that it furthers our legitimate interests in commercial activities in ways that are not overridden by the interests or fundamental rights and freedoms of the affected individuals. This includes: operating our business and the Online Services; providing security for our websites, products, software, or applications; marketing; receiving payments; preventing fraud; and knowing the customer to whom we are providing the Online Services.
- Legal compliance: We need to use and disclose personal data in certain ways to comply with our legal obligations (such as our obligation to share data with tax authorities).
Data Subject Rights. Residents of the European Economic Area (“EEA”), Switzerland, and the UK can exercise certain data subject rights available to them under applicable data protection laws. Where such rights apply, we will comply with requests to exercise these rights in accordance with applicable law. Please note, however, that certain information may be exempt from such requests in some circumstances, which may include if we need to keep processing your information for our legitimate interests or to comply with a legal obligation. If these rights apply to you, they may permit you to request that we:
- provide access to and/or a copy of certain information we hold about you
- prevent the processing of your information for direct-marketing purposes (including any direct marketing processing based on profiling)
- update information which is out of date or incorrect
- delete certain information which we are holding about you
- restrict the way that we process and disclose certain of your information
- transfer your information to a third party provider of services
- revoke your consent for the processing of your information
For more information on how to exercise these rights, please contact us using the information in the “Contact Us” section below. If applicable, you may make a complaint to the data protection supervisory authority in the country where you are based. Alternatively, you may seek a remedy through local courts if you believe your rights have been breached.
In instances where we process personal information on behalf of our customer, rights requests should be directed to the relevant customer. Any request sent directly to us that pertains to information collected on behalf of a customer will be forwarded on to that customer.
International Data Transfers. Information submitted to Ironclad will be transferred to, processed, and stored in the United States, or for certain customers, the European Union. If you post or transfer any information to or through the Online Services, you are agreeing to such information, including Personally Identifiable Information, being hosted and accessed in the United States and the European Union. Please note that the privacy laws of the United States and the European Union may be different from those in the place where you are a resident.
Where required, we will use appropriate safeguards for transferring data outside of the EEA, Switzerland, and the UK. This includes signing Standard Contractual Clauses that govern the transfers of such data, which may be used in conjunction with additional safeguards. For more information about these transfer mechanisms, please contact us as detailed in the “Contact us” section below.
Supplemental Privacy Notice for California Residents
This Supplemental Privacy Notice supplements the information in our Privacy Policy above, and except as provided herein, applies solely to California residents. It applies to personal information we collect on or through the Online Services and through other means (such as information collected offline, in person, and over the telephone). It does not apply to personal information we collect from our employees and job applicants in their capacity as employees and job applicants. It also does not apply to personal information we collect from employees, owners, directors, officers, or contractors of businesses in the course of our provision or receipt of business-related services.
Summary of Information We Collect
If you are a California resident, California law requires us to provide you with some additional information regarding how we collect, use, and share your “personal information” (as defined in the California Consumer Privacy Act (“CCPA”)).
Throughout our Privacy Policy, we describe the specific pieces of personal information we collect, the sources of that information, and how we share it. Under the CCPA, we also have to provide you with the "categories" of personal information we collect and disclose for “business purposes” (as those terms are defined by applicable law). Those categories are identifiers (such as name, address, email address, phone number, other account information, and cookies); commercial information (such as transaction data); financial data (such as credit card and other financial account information); internet or other network or device activity (such as IP address or service usage); geolocation information (general location); inference data about you; sensory information (such as audio recordings if you call customer service); professional or employment related data; education data; insurance (including health insurance) information; medical information; physical characteristics or description; legally protected classifications (such as gender); other information that identifies or can be reasonably associated with you.
We collect the categories of personal information identified above from the following sources: (1) directly from you; (2) through your use of the Online Services; (3) affiliates; and (4) third parties such as social networks and other Ironclad users.
We or our service providers may collect the above categories of information for the following business or commercial purposes:
- Our or our service provider’s operational purposes;
- Auditing consumer interactions on our site;
- Detecting, protecting against, and prosecuting security incidents and fraudulent or illegal activity;
- Bug detection and error reporting;
- Customizing content that we or our service providers display on the Online Services;
- Providing the Online Services (e.g., account servicing and maintenance, order processing and fulfillment, customer service, advertising and marketing, analytics, and communication about the Online Services);
- Improving the Online Services and developing new services (e.g., by conducting research to develop new products or features);
- Other uses that advance our commercial or economic interests, such as third party advertising and communicating with you about relevant offers from third party partners;
- Other uses about which we notify you.
We may also use the above categories of personal information for compliance with applicable laws and regulations, and we may combine the information we collect (“aggregate”) or remove pieces of information (“de-identify”) to limit or prevent identification of any particular user or device.
We describe our information sharing practices in our Privacy Policy. We may share certain categories of personal information with third parties for business purposes. For example, we may share identifiers and other information that identifies or can reasonably be associated with you with counterparties to your agreements. We may share identifiers with our marketing partners, and we may also share any of the categories described above with our subsidiaries and affiliates. If you connect your account with social media services or interact with social media plugins or links on the Online Service, we may share identifiers, commercial information, internet or other network or device activity, or general location with those social media services.
Consumer Rights
If you are a California resident, you may have certain rights. California law may permit you to request that we:
- Provide you the categories of personal information we have collected or disclosed about you in the last twelve months; the categories of sources of such information; the business or commercial purpose for collecting or selling your personal information; and the categories of third parties with whom we shared personal information.
- Provide access to and/or a copy of certain information we hold about you.
- Delete certain information we have about you.
You also have the right to not be discriminated against (as provided for in applicable law) for exercising certain of your rights. Certain information may be exempt from such requests under applicable law. We need certain types of information so that we can provide the Online Services to you. If you ask us to delete it, you may no longer be able to access or use the Online Services.
In instances where we process personal information on behalf of our customer, rights requests should be directed to the relevant customer. Any request sent directly to us that pertains to information collected on behalf of a customer will be forwarded on to that customer.
If you would like to exercise any of these rights, you can submit a request at legal@ironcladhq.com, or through the form here. You will be required to verify your identity before we fulfill your request. To do so, you will need to provide information to match with our existing records to verify your identity, depending on the nature of the request and the sensitivity of the information sought. You can also designate an authorized agent to make a request on your behalf. To do so, you must provide us with written authorization or a power of attorney, signed by you, for the agent to act on your behalf. You will still need to verify your identity directly with us.
“Sale” of Personal Information
California residents may opt out of the "sale" of their personal information. The CCPA broadly defines "sale" in a way that may include allowing third parties to receive certain information such as cookie identifiers, IP addresses and/or browsing behavior to add to a profile about your device, browser or you. Such profiles may enable delivery of interest-based advertising by such third parties within their platform or on other sites.
Depending on how you use the Service, we may share the following categories of information for such interest-based advertising, which may be considered a “sale” as defined by the CCPA: identifiers (such as IP address, device identifiers, and cookies) and internet and device activity. For information on how you can control or opt of such tracking technologies, see the “Analytics & Advertising” section above.
California Shine the Light
We do not share personal information with third parties for their direct marketing purposes.
Children’s Privacy
The Online Services are not directed to children under the age of 13. We do not knowingly collect personal information (as that term is defined in the Children’s Online Privacy Protection Act (COPPA)) from children under 13. If we discover that an individual under 13 has provided us with personal information, we will delete the personal information to the extent required by COPPA.
We do not knowingly process data of EU residents under the age of 16 without parental consent. If we become aware that we have collected data from an EU resident under the age of 16 without parental consent, we will take reasonable steps to delete it as soon as possible.
Changes to this Policy
We may update this privacy policy to reflect changes to our information practices. If we make any material changes a notice may be posted on this page along with the updated Privacy Policy prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.
Contact Us
If you have any questions or concerns regarding our Privacy Policy, please contact us at support@ironcladhq.com.
Effective May 6th 2021 to May 14th 2021
DownloadTable of Contents
Ironclad, Inc. (“Ironclad” “We”, “Us”) is sensitive to your concerns about how we use the personal information we collect from you through Ironclad’s website (the “Site”) and other plug-ins exchanging information with Ironclad (“Applications”). (The Site and Applications are sometimes collectively referred to as “Online Services” for simplicity.) This Privacy Policy covers Ironclad’s treatment of the Personally Identifiable Information we collect when you use the Online Services. It also describes the choices available to you regarding our use of your personal information and how you can access and update this information. By using Ironclad Online Services, you accept the terms of this Privacy Policy. If you have questions or concerns about the Privacy Policy, please contact Customer Care at support@ironcladhq.com.
For purposes of data protection laws, Ironclad Inc., 71 Stevenson St #600, San Francisco, CA 94105, is the entity responsible for your information.
What information do we collect?
Information You Provide to Us
Ironclad requires each customer to provide us with personal information (collectively “Personally Identifiable Information”) to access and use Ironclad products and services. Personally Identifiable Information is captured when a visitor accesses Online Services, or speaks on the phone with or emails an Ironclad employee, and willingly discloses that information. This disclosure may occur when a visitor registers with an Online Service, engages in transactions, contacts customer service, or participates in contests, promotions, surveys, forums, content submissions, requests for suggestions, or other aspects of services offered by Ironclad.
Personally Identifiable Information includes: (i) “Contact Data” (such as your name, address, city, state, zip code, phone number, and email address); (ii) “Financial Data” (such as your credit card number, expiration date, and verification code or bank account information); (iii) “Demographic Data” (such as your zip code and sex).
Calls/Electronic Communications. In the regular course of our business, Ironclad may monitor and record phone conversations or email communications between you and Ironclad employees for training and quality assurance purposes. We may receive a confirmation when you open or click on content in an email from us, which helps us make our communications to you more useful and interesting.
Surveys, Sweepstakes, and Contests. We may provide you the opportunity to participate in surveys on our site, to measure customer satisfaction. If you participate, we may request certain personally identifiable information from you. Participation in these surveys, sweepstakes, or contests is completely voluntary and you therefore have a choice whether or not to disclose this information. The requested information typically includes name, email address, and mailing address.
Testimonials and Reviews. We may display personal testimonials of satisfied customers. We will ask for your specific consent as part of the survey. If you wish to update or delete your testimonial, you can contact us at support@ironcladhq.com. We may also display customer reviews. If you provide a review that we display and wish to update or delete it, you can also contact us at support@ironcladhq.com.
Information We Collect Automatically.
Traffic Data. Ironclad or its third-party service providers may collect a variety of visitor data such as IP addresses, browser settings, internet service provider (ISP) information, referring/exit pages, operating systems, date/time stamps, and clickstream data (collectively “Visitor Data”). The Ironclad internal servers and software automatically recognize Visitor Data. The Site may use Visitor Data to compile traffic data about the types of visitors who use the Site at specific intervals (collectively “Traffic Data”).
We may use Traffic Data to analyze Site traffic. We may also use Traffic Data to diagnose problems with our server, administer our Site, or display content according to your preferences. Visitor Data and Traffic Data may also be shared with business partners, affiliates, or advertisers on an aggregated and anonymous basis.
Cookies. Ironclad may use the standard cookie feature of major browser applications and third-party providers, including Google Analytics features (Remarketing, Google Display Network Impression Reporting, the DoubleClick Campaign Manager Integration and Google Analytics Demographics and Interest Reporting), or employ internally developed cookies, clear GIFs, pixel tags, tracking codes, and other technologies that allow Ironclad to store a small piece of data on a visitor’s computer, or any other device a visitor uses to access Online Services, about his or her visit to the Site or use of Applications. You can remove persistent cookies by following directions provided in your Internet browser’s “help” directory. If you reject cookies, you may still use our site, but your ability to use some areas of our site will be limited.
Location Information. When you use the Online Services, we may collect general location information (such as general location inferred from an IP address).
Information from Other Sources. We may collect information about you from third parties, such as marketing partners and researchers. Our customers may give us information about you, such as your Contact Data, in order to facilitate contracting through our Online Services. We may combine this information with information we collect from you and use it as described in this Privacy Policy.
How do we use the information we collect?
We use information we collect from the Online Services to: provide you with the Online Services; communicate with you; process your orders; manage and remember your preferences and customize the Online Services; analyze and improve the Online Services or any other products and Online Services we provide; improve our advertising and marketing; verify your identity; facilitate your transactions with our third-party marketing partners; inform you of offers and discounts; comply with our legal obligations or as permitted by law; protect the safety and/or integrity of our users, employees, third parties, members of the public, and/or the Online Services; and prevent fraud and enforce our legal terms.
We may combine information that we collect from you through the Online Service with information that we obtain from other sources. We may also aggregate and/or de-identify information collected through the Online Services. We may use de-identified or aggregated data for any purpose, including without limitation for research and marketing purposes.
How do we share the information we receive?
Except as disclosed here, we do not rent, sell, or share your personal information with third parties. We share customer information with third parties as follows:
- Order Processing. Ironclad, sometimes with the assistance of a third party or Ironclad subsidiary, may use your Personally Identifiable Information to process your payment through merchant account services, and to generate the products and services you order. Your Contact Data may be used to follow up with you on transactions you initiate through Online Services, respond to inquiries made through Online Services, inform you of changes to Online Services, and send you additional information about Ironclad and its products and services.
- Third Party Marketing. Unless specifically authorized by you, we do not provide Personally Identifiable Information to third parties for marketing purposes. If you express interest in a third party offer or purchase a package that includes a third party offer, we may provide your Personally Identifiable Information to that third party solely in connection with the offer you have selected.
- Required by Law. We may also disclose your personal information: as required by law, such as in response to a subpoena or similar legal process, and when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a legal request.
- Visitor Demographics. Contact Data and Traffic Data are used to gather general statistics about our customers and visitors. We may use Demographic Data to generate collective information about our users, but not in a way that identifies any user specifically. For example, we may inform third parties about the number of registered users and unique visitors, and the pages most frequently browsed.
- Service Providers. We may share your Personally Identifiable Information with companies that provide support services to us (such as a printer or email service provider), or help us market our products and services. These companies may need information about you in order to perform their functions.
- Blogs and Forums. The Site may include a publicly accessible blog and interactive forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. You should use caution when deciding whether to disclose your personal information in these areas of the site. To request removal of your personal information from our community forums, contact us at support@ironcladhq.com. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.
- Other Transfers. We may share Personally Identifiable Information and other data with businesses controlling, controlled by, or under common control with Ironclad. If Ironclad is merged, acquired, or sold, or if some or all of our assets or equity are transferred, we may disclose or transfer Personally Identifiable Information and other data in connection with the associated transactions.
- Bankruptcy. In the event of an Ironclad bankruptcy, insolvency, reorganization, receivership, or assignment for the benefit of creditors, or the application of laws or equitable principles affecting creditors’ rights generally, we may not be able to control how your personal information is treated, transferred, or used. If such an event occurs, your Personally Identifiable Information may be treated like any other Ironclad asset and sold, transferred, or shared with third parties, or used in ways not contemplated or permitted under this Privacy Policy. In this case, you will be notified via email and/or a prominent notice on our site of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
- Consent. In addition to the sharing described in this Policy, we may share information about you whenever you consent to or direct such sharing.
Analytics & Advertising
Analytics. We may use third-party web analytics services on the Online Services, such as those of Google Analytics. These service providers use the sort of technology described in the “Information We Collect Automatically” section above to help us analyze how users use the Online Services, including by noting the third-party website from which you arrive. The information collected by the technology will be disclosed to or collected directly by these service providers, who use the information to evaluate your use of the Service. We also use Google Analytics for certain purposes related to advertising, as described in the following section. To prevent Google Analytics from using your information for analytics, you may install the Google Analytics Opt-Out Browser Add-on.
Advertising. Our partners and affiliates, including Google Analytics (Remarketing, Google Display Network Impression Reporting, the DoubleClick Campaign Manager Integration, and Google Analytics and Interest Reporting), may use cookies and web beacons to collect information about your activities on this and other websites to provide you targeted advertising based upon your interests. This means that these partners and affiliates may show our ads on sites across the Internet based upon your previous visits to our site. Together with our partners and affiliates, we may use these cookies and web beacons to report how your ad impressions, other uses of ad services, and interactions with these ad impressions and ad services are related to your visits to our site.
The use of tracking technologies by our service providers, technology partners or other third party assets (such as social media links) on the site is not covered by our Privacy Policy. We do not have access or control over these technologies.
If you would like to learn more or opt out of receiving online display advertising tailored to your interests, please visit the Networking Advertising Initiative at www.networkadvertising.org/managing/opt_out.asp or the Digital Advertising Alliance at http://aboutads.info/choices. Please note this does not opt you out of being served advertising. You will continue to receive generic ads. If you delete your cookies, use a different browser, or buy a new computer, you will need to renew your online display advertising opt-out choice. To opt out of Google Analytics for Display Advertising or customize Google Display Network ads, you can visit the Google Ads Settings page.
Do Not Track. We do not recognize or respond to browser-initiated Do Not Track signals, as the Internet industry is currently still working on Do Not Track standards, implementations, and solutions.
Data we process on behalf of our customers
We receive information from and on behalf of our customers when they use our Online Services. Because of the nature of the services, this information may contain any type of personal identifiable information, including Contact Data, Financial Data, Demographic Data, and Legal Data (such as social security numbers, company information, trade secrets, inventions, and idea submissions and other sensitive information necessary to generate legal documents). We process such data only in accordance with our customers’ instructions. For such data, the customer is the data controller (for purposes of GDPR) or the “business” (for purposes of the CCPA) and is responsible for most aspects of the processing of the personal information. If you have any questions or concerns about how your personal information is processed in these cases, including how to exercise your rights as a data subject, please contact the customer. If we receive any rights requests concerning instances where we act as data processor, we will forward your query on to the relevant customer.
We may also collect the information of third party individuals on behalf of our customers. For example, our customers may use our service to collect counterparty information to populate a contract. Ironclad primarily uses this information for the purpose of administering and improving its services for our customers. Where the third party individual chooses to create an Ironclad account with us, however, we will process their information in accordance with this Privacy Policy.
Third-Party Websites
Ironclad may maintain links to other websites and other websites may maintain links to the Online Services. This Privacy Policy applies only to ironcladapp.com and not to other websites accessible from Ironclad or that you use to access Ironclad, each of which may have privacy policies materially different from this Privacy Policy. If you visit other websites, Ironclad is not responsible for the privacy practices or content of those sites. It is your responsibility to review the privacy policies of non-Ironclad websites to confirm that you understand and agree with them.
Your Options
You may choose not to provide Ironclad with Personally Identifiable Information or you may turn off cookies in your browser by changing its settings. If you make these decisions, you may continue to use the Online Services and browse its pages. However, Ironclad cannot process orders without Personally Identifiable Information.
User and Authorized Contact Access to Order Information. Ironclad will give you, or anyone listed as an authorized contact for your account, information about your order. This may include information about the nature and status of your order, information you provided to process your order, payment information, and contact information. If you want someone to have access to your order, you must list them as an authorized contact or they may not obtain information.
Deleting Your Information. If you no longer desire our services, or if you want to remove your Personally Identifiable Information from our Site, you may terminate your account by contacting support@ironcladhq.com.
Opting Out of Marketing. We send promotional emails and newsletters from time to time to users who have registered on the site and to those who have opted in to receive such emails. You can opt-out of promotional communications by following the unsubscribe instructions in any communication or by emailing us at support@ironcladhq.com. Generally, you may not opt-out of service-related or transactional communications, which are not promotional. If you do not wish to receive service-related communications, however, you may terminate your account by contacting support@ironcladhq.com.
Data Retention
At minimum, we will retain your information for as long as needed to provide you services, and as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Ironclad may maintain some or all of this data in its archives even after it has been removed from the Site.
Data Security
We strive to make certain that our servers and connections incorporate the latest encryption and security devices. We have implemented physical, electronic, and managerial procedures to safeguard and secure the information we collect. Credit card and personal information are transmitted by secure servers (SSL). In the event that we mail you documents, documents are delivered to you via UPS or similar overnight delivery services, the United States Postal Service, or email. Unfortunately, no data transmission is guaranteed to be 100% secure and we therefore cannot guarantee the security of information you transmit to or from the Site, Applications, or through the use of our services, and you provide this information at your own risk. ACCORDINGLY, WE DISCLAIM LIABILITY FOR THE THEFT, LOSS, OR INTERCEPTION OF, OR UNAUTHORIZED ACCESS OR DAMAGE TO, YOUR DATA OR COMMUNICATIONS BY USING THE SITE, APPLICATIONS, AND OUR SERVICES. YOU ACKNOWLEDGE THAT YOU UNDERSTAND AND ASSUME THESE RISKS.
IF YOU BELIEVE YOUR PRIVACY HAS BEEN BREACHED THROUGH USE OF OUR WEBSITE, APPLICATIONS, OR OTHER SERVICES PLEASE CONTACT US IMMEDIATELY AT support@ironcladhq.com.
EEA, Switzerland, and UK Individuals
Legal Bases for Use of Your Information. Our legal grounds for processing your information are as follows:
- To honor our contractual commitments to you: Much of our processing of personal data is to meet our contractual obligations to our users, or to take steps at users’ requests in anticipation of entering into a contract with them. For example, we handle personal data on this basis to allow you to sign up for our Online Services.
- Consent: Where required by law, and in some other cases, we handle personal data on the basis of your implied or express consent.
- Legitimate interests: In many cases, we handle personal data on the ground that it furthers our legitimate interests in commercial activities in ways that are not overridden by the interests or fundamental rights and freedoms of the affected individuals. This includes: operating our business and the Online Services; providing security for our websites, products, software, or applications; marketing; receiving payments; preventing fraud; and knowing the customer to whom we are providing the Online Services.
- Legal compliance: We need to use and disclose personal data in certain ways to comply with our legal obligations (such as our obligation to share data with tax authorities).
Data Subject Rights. Residents of the European Economic Area (“EEA”), Switzerland, and the UK can exercise certain data subject rights available to them under applicable data protection laws. Where such rights apply, we will comply with requests to exercise these rights in accordance with applicable law. Please note, however, that certain information may be exempt from such requests in some circumstances, which may include if we need to keep processing your information for our legitimate interests or to comply with a legal obligation. If these rights apply to you, they may permit you to request that we:
- provide access to and/or a copy of certain information we hold about you
- prevent the processing of your information for direct-marketing purposes (including any direct marketing processing based on profiling)
- update information which is out of date or incorrect
- delete certain information which we are holding about you
- restrict the way that we process and disclose certain of your information
- transfer your information to a third party provider of services
- revoke your consent for the processing of your information
For more information on how to exercise these rights, please contact us using the information in the “Contact Us” section below. If applicable, you may make a complaint to the data protection supervisory authority in the country where you are based. Alternatively, you may seek a remedy through local courts if you believe your rights have been breached.
In instances where we process personal information on behalf of our customer, rights requests should be directed to the relevant customer. Any request sent directly to us that pertains to information collected on behalf of a customer will be forwarded on to that customer.
International Data Transfers. Information submitted to Ironclad will be transferred to, processed, and stored in the United States, or for certain customers, the European Union. If you post or transfer any information to or through the Online Services, you are agreeing to such information, including Personally Identifiable Information, being hosted and accessed in the United States and the European Union. Please note that the privacy laws of the United States and the European Union may be different from those in the place where you are a resident.
Where required, we will use appropriate safeguards for transferring data outside of the EEA, Switzerland, and the UK. This includes signing Standard Contractual Clauses that govern the transfers of such data, which may be used in conjunction with additional safeguards. For more information about these transfer mechanisms, please contact us as detailed in the “Contact us” section below.
Supplemental Privacy Notice for California Residents
This Supplemental Privacy Notice supplements the information in our Privacy Policy above, and except as provided herein, applies solely to California residents. It applies to personal information we collect on or through the Online Services and through other means (such as information collected offline, in person, and over the telephone). It does not apply to personal information we collect from our employees and job applicants in their capacity as employees and job applicants. It also does not apply to personal information we collect from employees, owners, directors, officers, or contractors of businesses in the course of our provision or receipt of business-related services.
Summary of Information We Collect
If you are a California resident, California law requires us to provide you with some additional information regarding how we collect, use, and share your “personal information” (as defined in the California Consumer Privacy Act (“CCPA”)).
Throughout our Privacy Policy, we describe the specific pieces of personal information we collect, the sources of that information, and how we share it. Under the CCPA, we also have to provide you with the "categories" of personal information we collect and disclose for “business purposes” (as those terms are defined by applicable law). Those categories are identifiers (such as name, address, email address, phone number, other account information, and cookies); commercial information (such as transaction data); financial data (such as credit card and other financial account information); internet or other network or device activity (such as IP address or service usage); geolocation information (general location); inference data about you; sensory information (such as audio recordings if you call customer service); professional or employment related data; education data; insurance (including health insurance) information; medical information; physical characteristics or description; legally protected classifications (such as gender); other information that identifies or can be reasonably associated with you.
We collect the categories of personal information identified above from the following sources: (1) directly from you; (2) through your use of the Online Services; (3) affiliates; and (4) third parties such as social networks and other Ironclad users.
We or our service providers may collect the above categories of information for the following business or commercial purposes:
- Our or our service provider’s operational purposes;
- Auditing consumer interactions on our site;
- Detecting, protecting against, and prosecuting security incidents and fraudulent or illegal activity;
- Bug detection and error reporting;
- Customizing content that we or our service providers display on the Online Services;
- Providing the Online Services (e.g., account servicing and maintenance, order processing and fulfillment, customer service, advertising and marketing, analytics, and communication about the Online Services);
- Improving the Online Services and developing new services (e.g., by conducting research to develop new products or features);
- Other uses that advance our commercial or economic interests, such as third party advertising and communicating with you about relevant offers from third party partners;
- Other uses about which we notify you.
We may also use the above categories of personal information for compliance with applicable laws and regulations, and we may combine the information we collect (“aggregate”) or remove pieces of information (“de-identify”) to limit or prevent identification of any particular user or device.
We describe our information sharing practices in our Privacy Policy. We may share certain categories of personal information with third parties for business purposes. For example, we may share identifiers and other information that identifies or can reasonably be associated with you with counterparties to your agreements. We may share identifiers with our marketing partners, and we may also share any of the categories described above with our subsidiaries and affiliates. If you connect your account with social media services or interact with social media plugins or links on the Online Service, we may share identifiers, commercial information, internet or other network or device activity, or general location with those social media services.
Consumer Rights
If you are a California resident, you may have certain rights. California law may permit you to request that we:
- Provide you the categories of personal information we have collected or disclosed about you in the last twelve months; the categories of sources of such information; the business or commercial purpose for collecting or selling your personal information; and the categories of third parties with whom we shared personal information.
- Provide access to and/or a copy of certain information we hold about you.
- Delete certain information we have about you.
You also have the right to not be discriminated against (as provided for in applicable law) for exercising certain of your rights. Certain information may be exempt from such requests under applicable law. We need certain types of information so that we can provide the Online Services to you. If you ask us to delete it, you may no longer be able to access or use the Online Services.
In instances where we process personal information on behalf of our customer, rights requests should be directed to the relevant customer. Any request sent directly to us that pertains to information collected on behalf of a customer will be forwarded on to that customer.
If you would like to exercise any of these rights, you can submit a request at legal@ironcladhq.com, or through the form here. You will be required to verify your identity before we fulfill your request. To do so, you will need to provide information to match with our existing records to verify your identity, depending on the nature of the request and the sensitivity of the information sought. You can also designate an authorized agent to make a request on your behalf. To do so, you must provide us with written authorization or a power of attorney, signed by you, for the agent to act on your behalf. You will still need to verify your identity directly with us.
“Sale” of Personal Information
California residents may opt out of the "sale" of their personal information. The CCPA broadly defines "sale" in a way that may include allowing third parties to receive certain information such as cookie identifiers, IP addresses and/or browsing behavior to add to a profile about your device, browser or you. Such profiles may enable delivery of interest-based advertising by such third parties within their platform or on other sites.
Depending on how you use the Service, we may share the following categories of information for such interest-based advertising, which may be considered a “sale” as defined by the CCPA: identifiers (such as IP address, device identifiers, and cookies) and internet and device activity. For information on how you can control or opt of such tracking technologies, see the “Analytics & Advertising” section above.
California Shine the Light
We do not share personal information with third parties for their direct marketing purposes.
Children’s Privacy
The Online Services are not directed to children under the age of 13. We do not knowingly collect personal information (as that term is defined in the Children’s Online Privacy Protection Act (COPPA)) from children under 13. If we discover that an individual under 13 has provided us with personal information, we will delete the personal information to the extent required by COPPA.
We do not knowingly process data of EU residents under the age of 16 without parental consent. If we become aware that we have collected data from an EU resident under the age of 16 without parental consent, we will take reasonable steps to delete it as soon as possible.
Changes to this Policy
We may update this privacy policy to reflect changes to our information practices. If we make any material changes a notice may be posted on this page along with the updated Privacy Policy prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.
Contact Us
If you have any questions or concerns regarding our Privacy Policy, please contact us at support@ironcladhq.com.
Effective May 5th 2021 to May 6th 2021
DownloadTable of Contents
Ironclad, Inc. (“Ironclad” “We”, “Us”) is sensitive to your concerns about how we use the personal information we collect from you through Ironclad’s website (the “Site”) and other plug-ins exchanging information with Ironclad (“Applications”). (The Site and Applications are sometimes collectively referred to as “Online Services” for simplicity.) This Privacy Policy covers Ironclad’s treatment of the Personally Identifiable Information we collect when you use the Online Services. It also describes the choices available to you regarding our use of your personal information and how you can access and update this information. By using Ironclad Online Services, you accept the terms of this Privacy Policy. If you have questions or concerns about the Privacy Policy, please contact Customer Care at support@ironcladhq.com.
For purposes of data protection laws, Ironclad Inc., 71 Stevenson St #600, San Francisco, CA 94105, is the entity responsible for your information.
What information do we collect?
Information You Provide to Us
Ironclad requires each customer to provide us with personal information (collectively “Personally Identifiable Information”) to access and use Ironclad products and services. Personally Identifiable Information is captured when a visitor accesses Online Services, or speaks on the phone with or emails an Ironclad employee, and willingly discloses that information. This disclosure may occur when a visitor registers with an Online Service, engages in transactions, contacts customer service, or participates in contests, promotions, surveys, forums, content submissions, requests for suggestions, or other aspects of services offered by Ironclad.
Personally Identifiable Information includes: (i) “Contact Data” (such as your name, address, city, state, zip code, phone number, and email address); (ii) “Financial Data” (such as your credit card number, expiration date, and verification code or bank account information); (iii) “Demographic Data” (such as your zip code and sex).
Calls/Electronic Communications. In the regular course of our business, Ironclad may monitor and record phone conversations or email communications between you and Ironclad employees for training and quality assurance purposes. We may receive a confirmation when you open or click on content in an email from us, which helps us make our communications to you more useful and interesting.
Surveys, Sweepstakes, and Contests. We may provide you the opportunity to participate in surveys on our site, to measure customer satisfaction. If you participate, we may request certain personally identifiable information from you. Participation in these surveys, sweepstakes, or contests is completely voluntary and you therefore have a choice whether or not to disclose this information. The requested information typically includes name, email address, and mailing address.
Testimonials and Reviews. We may display personal testimonials of satisfied customers. We will ask for your specific consent as part of the survey. If you wish to update or delete your testimonial, you can contact us at support@ironcladhq.com. We may also display customer reviews. If you provide a review that we display and wish to update or delete it, you can also contact us at support@ironcladhq.com.
Information We Collect Automatically.
Traffic Data. Ironclad or its third-party service providers may collect a variety of visitor data such as IP addresses, browser settings, internet service provider (ISP) information, referring/exit pages, operating systems, date/time stamps, and clickstream data (collectively “Visitor Data”). The Ironclad internal servers and software automatically recognize Visitor Data. The Site may use Visitor Data to compile traffic data about the types of visitors who use the Site at specific intervals (collectively “Traffic Data”).
We may use Traffic Data to analyze Site traffic. We may also use Traffic Data to diagnose problems with our server, administer our Site, or display content according to your preferences. Visitor Data and Traffic Data may also be shared with business partners, affiliates, or advertisers on an aggregated and anonymous basis.
Cookies. Ironclad may use the standard cookie feature of major browser applications and third-party providers, including Google Analytics features (Remarketing, Google Display Network Impression Reporting, the DoubleClick Campaign Manager Integration and Google Analytics Demographics and Interest Reporting), or employ internally developed cookies, clear GIFs, pixel tags, tracking codes, and other technologies that allow Ironclad to store a small piece of data on a visitor’s computer, or any other device a visitor uses to access Online Services, about his or her visit to the Site or use of Applications. You can remove persistent cookies by following directions provided in your Internet browser’s “help” directory. If you reject cookies, you may still use our site, but your ability to use some areas of our site will be limited.
Location Information. When you use the Online Services, we may collect general location information (such as general location inferred from an IP address).
Information from Other Sources. We may collect information about you from third parties, such as marketing partners and researchers. Our customers may give us information about you, such as your Contact Data, in order to facilitate contracting through our Online Services. We may combine this information with information we collect from you and use it as described in this Privacy Policy.
How do we use the information we collect?
We use information we collect from the Online Services to: provide you with the Online Services; communicate with you; process your orders; manage and remember your preferences and customize the Online Services; analyze and improve the Online Services or any other products and Online Services we provide; improve our advertising and marketing; verify your identity; facilitate your transactions with our third-party marketing partners; inform you of offers and discounts; comply with our legal obligations or as permitted by law; protect the safety and/or integrity of our users, employees, third parties, members of the public, and/or the Online Services; and prevent fraud and enforce our legal terms.
We may combine information that we collect from you through the Online Service with information that we obtain from other sources. We may also aggregate and/or de-identify information collected through the Online Services. We may use de-identified or aggregated data for any purpose, including without limitation for research and marketing purposes.
How do we share the information we receive?
Except as disclosed here, we do not rent, sell, or share your personal information with third parties. We share customer information with third parties as follows:
- Order Processing. Ironclad, sometimes with the assistance of a third party or Ironclad subsidiary, may use your Personally Identifiable Information to process your payment through merchant account services, and to generate the products and services you order. Your Contact Data may be used to follow up with you on transactions you initiate through Online Services, respond to inquiries made through Online Services, inform you of changes to Online Services, and send you additional information about Ironclad and its products and services.
- Third Party Marketing. Unless specifically authorized by you, we do not provide Personally Identifiable Information to third parties for marketing purposes. If you express interest in a third party offer or purchase a package that includes a third party offer, we may provide your Personally Identifiable Information to that third party solely in connection with the offer you have selected.
- Required by Law. We may also disclose your personal information: as required by law, such as in response to a subpoena or similar legal process, and when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a legal request.
- Visitor Demographics. Contact Data and Traffic Data are used to gather general statistics about our customers and visitors. We may use Demographic Data to generate collective information about our users, but not in a way that identifies any user specifically. For example, we may inform third parties about the number of registered users and unique visitors, and the pages most frequently browsed.
- Service Providers. We may share your Personally Identifiable Information with companies that provide support services to us (such as a printer or email service provider), or help us market our products and services. These companies may need information about you in order to perform their functions.
- Blogs and Forums. The Site may include a publicly accessible blog and interactive forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. You should use caution when deciding whether to disclose your personal information in these areas of the site. To request removal of your personal information from our community forums, contact us at support@ironcladhq.com. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.
- Other Transfers. We may share Personally Identifiable Information and other data with businesses controlling, controlled by, or under common control with Ironclad. If Ironclad is merged, acquired, or sold, or if some or all of our assets or equity are transferred, we may disclose or transfer Personally Identifiable Information and other data in connection with the associated transactions.
- Bankruptcy. In the event of an Ironclad bankruptcy, insolvency, reorganization, receivership, or assignment for the benefit of creditors, or the application of laws or equitable principles affecting creditors’ rights generally, we may not be able to control how your personal information is treated, transferred, or used. If such an event occurs, your Personally Identifiable Information may be treated like any other Ironclad asset and sold, transferred, or shared with third parties, or used in ways not contemplated or permitted under this Privacy Policy. In this case, you will be notified via email and/or a prominent notice on our site of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
- Consent. In addition to the sharing described in this Policy, we may share information about you whenever you consent to or direct such sharing.
Analytics & Advertising
Analytics. We may use third-party web analytics services on the Online Services, such as those of Google Analytics. These service providers use the sort of technology described in the “Information We Collect Automatically” section above to help us analyze how users use the Online Services, including by noting the third-party website from which you arrive. The information collected by the technology will be disclosed to or collected directly by these service providers, who use the information to evaluate your use of the Service. We also use Google Analytics for certain purposes related to advertising, as described in the following section. To prevent Google Analytics from using your information for analytics, you may install the Google Analytics Opt-Out Browser Add-on.
Advertising. Our partners and affiliates, including Google Analytics (Remarketing, Google Display Network Impression Reporting, the DoubleClick Campaign Manager Integration, and Google Analytics and Interest Reporting), may use cookies and web beacons to collect information about your activities on this and other websites to provide you targeted advertising based upon your interests. This means that these partners and affiliates may show our ads on sites across the Internet based upon your previous visits to our site. Together with our partners and affiliates, we may use these cookies and web beacons to report how your ad impressions, other uses of ad services, and interactions with these ad impressions and ad services are related to your visits to our site.
The use of tracking technologies by our service providers, technology partners or other third party assets (such as social media links) on the site is not covered by our Privacy Policy. We do not have access or control over these technologies.
If you would like to learn more or opt out of receiving online display advertising tailored to your interests, please visit the Networking Advertising Initiative at www.networkadvertising.org/managing/opt_out.asp or the Digital Advertising Alliance at http://aboutads.info/choices. Please note this does not opt you out of being served advertising. You will continue to receive generic ads. If you delete your cookies, use a different browser, or buy a new computer, you will need to renew your online display advertising opt-out choice. To opt out of Google Analytics for Display Advertising or customize Google Display Network ads, you can visit the Google Ads Settings page.
Do Not Track. We do not recognize or respond to browser-initiated Do Not Track signals, as the Internet industry is currently still working on Do Not Track standards, implementations, and solutions.
Data we process on behalf of our customers
We receive information from and on behalf of our customers when they use our Online Services. Because of the nature of the services, this information may contain any type of personal identifiable information, including Contact Data, Financial Data, Demographic Data, and Legal Data (such as social security numbers, company information, trade secrets, inventions, and idea submissions and other sensitive information necessary to generate legal documents). We process such data only in accordance with our customers’ instructions. For such data, the customer is the data controller (for purposes of GDPR) or the “business” (for purposes of the CCPA) and is responsible for most aspects of the processing of the personal information. If you have any questions or concerns about how your personal information is processed in these cases, including how to exercise your rights as a data subject, please contact the customer. If we receive any rights requests concerning instances where we act as data processor, we will forward your query on to the relevant customer.
We may also collect the information of third party individuals on behalf of our customers. For example, our customers may use our service to collect counterparty information to populate a contract. Ironclad primarily uses this information for the purpose of administering and improving its services for our customers. Where the third party individual chooses to create an Ironclad account with us, however, we will process their information in accordance with this Privacy Policy.
Third-Party Websites
Ironclad may maintain links to other websites and other websites may maintain links to the Online Services. This Privacy Policy applies only to ironcladapp.com and not to other websites accessible from Ironclad or that you use to access Ironclad, each of which may have privacy policies materially different from this Privacy Policy. If you visit other websites, Ironclad is not responsible for the privacy practices or content of those sites. It is your responsibility to review the privacy policies of non-Ironclad websites to confirm that you understand and agree with them.
Your Options
You may choose not to provide Ironclad with Personally Identifiable Information or you may turn off cookies in your browser by changing its settings. If you make these decisions, you may continue to use the Online Services and browse its pages. However, Ironclad cannot process orders without Personally Identifiable Information.
User and Authorized Contact Access to Order Information. Ironclad will give you, or anyone listed as an authorized contact for your account, information about your order. This may include information about the nature and status of your order, information you provided to process your order, payment information, and contact information. If you want someone to have access to your order, you must list them as an authorized contact or they may not obtain information.
Deleting Your Information. If you no longer desire our services, or if you want to remove your Personally Identifiable Information from our Site, you may terminate your account by contacting support@ironcladhq.com.
Opting Out of Marketing. We send promotional emails and newsletters from time to time to users who have registered on the site and to those who have opted in to receive such emails. You can opt-out of promotional communications by following the unsubscribe instructions in any communication or by emailing us at support@ironcladhq.com. Generally, you may not opt-out of service-related or transactional communications, which are not promotional. If you do not wish to receive service-related communications, however, you may terminate your account by contacting support@ironcladhq.com.
Data Retention
At minimum, we will retain your information for as long as needed to provide you services, and as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Ironclad may maintain some or all of this data in its archives even after it has been removed from the Site.
Data Security
We strive to make certain that our servers and connections incorporate the latest encryption and security devices. We have implemented physical, electronic, and managerial procedures to safeguard and secure the information we collect. Credit card and personal information are transmitted by secure servers (SSL). In the event that we mail you documents, documents are delivered to you via UPS or similar overnight delivery services, the United States Postal Service, or email. Unfortunately, no data transmission is guaranteed to be 100% secure and we therefore cannot guarantee the security of information you transmit to or from the Site, Applications, or through the use of our services, and you provide this information at your own risk. ACCORDINGLY, WE DISCLAIM LIABILITY FOR THE THEFT, LOSS, OR INTERCEPTION OF, OR UNAUTHORIZED ACCESS OR DAMAGE TO, YOUR DATA OR COMMUNICATIONS BY USING THE SITE, APPLICATIONS, AND OUR SERVICES. YOU ACKNOWLEDGE THAT YOU UNDERSTAND AND ASSUME THESE RISKS.
IF YOU BELIEVE YOUR PRIVACY HAS BEEN BREACHED THROUGH USE OF OUR WEBSITE, APPLICATIONS, OR OTHER SERVICES PLEASE CONTACT US IMMEDIATELY AT support@ironcladhq.com.
EEA, Switzerland, and UK Individuals
Legal Bases for Use of Your Information. Our legal grounds for processing your information are as follows:
- To honor our contractual commitments to you: Much of our processing of personal data is to meet our contractual obligations to our users, or to take steps at users’ requests in anticipation of entering into a contract with them. For example, we handle personal data on this basis to allow you to sign up for our Online Services.
- Consent: Where required by law, and in some other cases, we handle personal data on the basis of your implied or express consent.
- Legitimate interests: In many cases, we handle personal data on the ground that it furthers our legitimate interests in commercial activities in ways that are not overridden by the interests or fundamental rights and freedoms of the affected individuals. This includes: operating our business and the Online Services; providing security for our websites, products, software, or applications; marketing; receiving payments; preventing fraud; and knowing the customer to whom we are providing the Online Services.
- Legal compliance: We need to use and disclose personal data in certain ways to comply with our legal obligations (such as our obligation to share data with tax authorities).
Data Subject Rights. Residents of the European Economic Area (“EEA”), Switzerland, and the UK can exercise certain data subject rights available to them under applicable data protection laws. Where such rights apply, we will comply with requests to exercise these rights in accordance with applicable law. Please note, however, that certain information may be exempt from such requests in some circumstances, which may include if we need to keep processing your information for our legitimate interests or to comply with a legal obligation. If these rights apply to you, they may permit you to request that we:
- provide access to and/or a copy of certain information we hold about you
- prevent the processing of your information for direct-marketing purposes (including any direct marketing processing based on profiling)
- update information which is out of date or incorrect
- delete certain information which we are holding about you
- restrict the way that we process and disclose certain of your information
- transfer your information to a third party provider of services
- revoke your consent for the processing of your information
For more information on how to exercise these rights, please contact us using the information in the “Contact Us” section below. If applicable, you may make a complaint to the data protection supervisory authority in the country where you are based. Alternatively, you may seek a remedy through local courts if you believe your rights have been breached.
In instances where we process personal information on behalf of our customer, rights requests should be directed to the relevant customer. Any request sent directly to us that pertains to information collected on behalf of a customer will be forwarded on to that customer.
International Data Transfers. Information submitted to Ironclad will be transferred to, processed, and stored in the United States, or for certain customers, the European Union. If you post or transfer any information to or through the Online Services, you are agreeing to such information, including Personally Identifiable Information, being hosted and accessed in the United States and the European Union. Please note that the privacy laws of the United States and the European Union may be different from those in the place where you are a resident.
Where required, we will use appropriate safeguards for transferring data outside of the EEA, Switzerland, and the UK. This includes signing Standard Contractual Clauses that govern the transfers of such data, which may be used in conjunction with additional safeguards. For more information about these transfer mechanisms, please contact us as detailed in the “Contact us” section below.
Supplemental Privacy Notice for California Residents
This Supplemental Privacy Notice supplements the information in our Privacy Policy above, and except as provided herein, applies solely to California residents. It applies to personal information we collect on or through the Online Services and through other means (such as information collected offline, in person, and over the telephone). It does not apply to personal information we collect from our employees and job applicants in their capacity as employees and job applicants. It also does not apply to personal information we collect from employees, owners, directors, officers, or contractors of businesses in the course of our provision or receipt of business-related services.
Summary of Information We Collect
If you are a California resident, California law requires us to provide you with some additional information regarding how we collect, use, and share your “personal information” (as defined in the California Consumer Privacy Act (“CCPA”)).
Throughout our Privacy Policy, we describe the specific pieces of personal information we collect, the sources of that information, and how we share it. Under the CCPA, we also have to provide you with the "categories" of personal information we collect and disclose for “business purposes” (as those terms are defined by applicable law). Those categories are identifiers (such as name, address, email address, phone number, other account information, and cookies); commercial information (such as transaction data); financial data (such as credit card and other financial account information); internet or other network or device activity (such as IP address or service usage); geolocation information (general location); inference data about you; sensory information (such as audio recordings if you call customer service); professional or employment related data; education data; insurance (including health insurance) information; medical information; physical characteristics or description; legally protected classifications (such as gender); other information that identifies or can be reasonably associated with you.
We collect the categories of personal information identified above from the following sources: (1) directly from you; (2) through your use of the Online Services; (3) affiliates; and (4) third parties such as social networks and other Ironclad users.
We or our service providers may collect the above categories of information for the following business or commercial purposes:
- Our or our service provider’s operational purposes;
- Auditing consumer interactions on our site;
- Detecting, protecting against, and prosecuting security incidents and fraudulent or illegal activity;
- Bug detection and error reporting;
- Customizing content that we or our service providers display on the Online Services;
- Providing the Online Services (e.g., account servicing and maintenance, order processing and fulfillment, customer service, advertising and marketing, analytics, and communication about the Online Services);
- Improving the Online Services and developing new services (e.g., by conducting research to develop new products or features);
- Other uses that advance our commercial or economic interests, such as third party advertising and communicating with you about relevant offers from third party partners;
- Other uses about which we notify you.
We may also use the above categories of personal information for compliance with applicable laws and regulations, and we may combine the information we collect (“aggregate”) or remove pieces of information (“de-identify”) to limit or prevent identification of any particular user or device.
We describe our information sharing practices in our Privacy Policy. We may share certain categories of personal information with third parties for business purposes. For example, we may share identifiers and other information that identifies or can reasonably be associated with you with counterparties to your agreements. We may share identifiers with our marketing partners, and we may also share any of the categories described above with our subsidiaries and affiliates. If you connect your account with social media services or interact with social media plugins or links on the Online Service, we may share identifiers, commercial information, internet or other network or device activity, or general location with those social media services.
Consumer Rights
If you are a California resident, you may have certain rights. California law may permit you to request that we:
- Provide you the categories of personal information we have collected or disclosed about you in the last twelve months; the categories of sources of such information; the business or commercial purpose for collecting or selling your personal information; and the categories of third parties with whom we shared personal information.
- Provide access to and/or a copy of certain information we hold about you.
- Delete certain information we have about you.
You also have the right to not be discriminated against (as provided for in applicable law) for exercising certain of your rights. Certain information may be exempt from such requests under applicable law. We need certain types of information so that we can provide the Online Services to you. If you ask us to delete it, you may no longer be able to access or use the Online Services.
In instances where we process personal information on behalf of our customer, rights requests should be directed to the relevant customer. Any request sent directly to us that pertains to information collected on behalf of a customer will be forwarded on to that customer.
If you would like to exercise any of these rights, you can submit a request at legal@ironcladhq.com, or through the form here. You will be required to verify your identity before we fulfill your request. To do so, you will need to provide information to match with our existing records to verify your identity, depending on the nature of the request and the sensitivity of the information sought. You can also designate an authorized agent to make a request on your behalf. To do so, you must provide us with written authorization or a power of attorney, signed by you, for the agent to act on your behalf. You will still need to verify your identity directly with us.
“Sale” of Personal Information
California residents may opt out of the "sale" of their personal information. The CCPA broadly defines "sale" in a way that may include allowing third parties to receive certain information such as cookie identifiers, IP addresses and/or browsing behavior to add to a profile about your device, browser or you. Such profiles may enable delivery of interest-based advertising by such third parties within their platform or on other sites.
Depending on how you use the Service, we may share the following categories of information for such interest-based advertising, which may be considered a “sale” as defined by the CCPA: identifiers (such as IP address, device identifiers, and cookies) and internet and device activity. For information on how you can control or opt of such tracking technologies, see the “Analytics & Advertising” section above.
California Shine the Light
We do not share personal information with third parties for their direct marketing purposes.
Children’s Privacy
The Online Services are not directed to children under the age of 13. We do not knowingly collect personal information (as that term is defined in the Children’s Online Privacy Protection Act (COPPA)) from children under 13. If we discover that an individual under 13 has provided us with personal information, we will delete the personal information to the extent required by COPPA.
We do not knowingly process data of EU residents under the age of 16 without parental consent. If we become aware that we have collected data from an EU resident under the age of 16 without parental consent, we will take reasonable steps to delete it as soon as possible.
Changes to this Policy
We may update this privacy policy to reflect changes to our information practices. If we make any material changes a notice may be posted on this page along with the updated Privacy Policy prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.
Contact Us
If you have any questions or concerns regarding our Privacy Policy, please contact us at support@ironcladhq.com.
Effective May 4th 2021 to May 5th 2021
DownloadTable of Contents
What information do we collect?
Information You Provide to Us
Information We Collect Automatically.
How do we use the information we collect?
How do we share the information we receive?
- Order Processing. Ironclad, sometimes with the assistance of a third party or Ironclad subsidiary, may use your Personally Identifiable Information to process your payment through merchant account services, and to generate the products and services you order. Your Contact Data may be used to follow up with you on transactions you initiate through Online Services, respond to inquiries made through Online Services, inform you of changes to Online Services, and send you additional information about Ironclad and its products and services.
- Third Party Marketing. Unless specifically authorized by you, we do not provide Personally Identifiable Information to third parties for marketing purposes. If you express interest in a third party offer or purchase a package that includes a third party offer, we may provide your Personally Identifiable Information to that third party solely in connection with the offer you have selected.
- Required by Law. We may also disclose your personal information: as required by law, such as in response to a subpoena or similar legal process, and when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a legal request.
- Visitor Demographics. Contact Data and Traffic Data are used to gather general statistics about our customers and visitors. We may use Demographic Data to generate collective information about our users, but not in a way that identifies any user specifically. For example, we may inform third parties about the number of registered users and unique visitors, and the pages most frequently browsed.
- Service Providers. We may share your Personally Identifiable Information with companies that provide support services to us (such as a printer or email service provider), or help us market our products and services. These companies may need information about you in order to perform their functions.
- Blogs and Forums. The Site may include a publicly accessible blog and interactive forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. You should use caution when deciding whether to disclose your personal information in these areas of the site. To request removal of your personal information from our community forums, contact us at support@ironcladhq.com. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.
- Other Transfers. We may share Personally Identifiable Information and other data with businesses controlling, controlled by, or under common control with Ironclad. If Ironclad is merged, acquired, or sold, or if some or all of our assets or equity are transferred, we may disclose or transfer Personally Identifiable Information and other data in connection with the associated transactions.
- Bankruptcy. In the event of an Ironclad bankruptcy, insolvency, reorganization, receivership, or assignment for the benefit of creditors, or the application of laws or equitable principles affecting creditors’ rights generally, we may not be able to control how your personal information is treated, transferred, or used. If such an event occurs, your Personally Identifiable Information may be treated like any other Ironclad asset and sold, transferred, or shared with third parties, or used in ways not contemplated or permitted under this Privacy Policy. In this case, you will be notified via email and/or a prominent notice on our site of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
- Consent. In addition to the sharing described in this Policy, we may share information about you whenever you consent to or direct such sharing.
Analytics & Advertising
Data we process on behalf of our customers
Third-Party Websites
Your Options
Data Retention
Data Security
EEA, Switzerland, and UK Individuals
- To honor our contractual commitments to you: Much of our processing of personal data is to meet our contractual obligations to our users, or to take steps at users’ requests in anticipation of entering into a contract with them. For example, we handle personal data on this basis to allow you to sign up for our Online Services.
- Consent: Where required by law, and in some other cases, we handle personal data on the basis of your implied or express consent.
- Legitimate interests: In many cases, we handle personal data on the ground that it furthers our legitimate interests in commercial activities in ways that are not overridden by the interests or fundamental rights and freedoms of the affected individuals. This includes: operating our business and the Online Services; providing security for our websites, products, software, or applications; marketing; receiving payments; preventing fraud; and knowing the customer to whom we are providing the Online Services.
- Legal compliance: We need to use and disclose personal data in certain ways to comply with our legal obligations (such as our obligation to share data with tax authorities).
- provide access to and/or a copy of certain information we hold about you
- prevent the processing of your information for direct-marketing purposes (including any direct marketing processing based on profiling)
- update information which is out of date or incorrect
- delete certain information which we are holding about you
- restrict the way that we process and disclose certain of your information
- transfer your information to a third party provider of services
- revoke your consent for the processing of your information
California Shine the Light
Children’s Privacy
Changes to this Policy
Contact Us
Effective March 24th 2021 to May 4th 2021
DownloadTable of Contents
What information do we collect?
Information You Provide to Us
Information We Collect Automatically.
How do we use the information we collect?
How do we share the information we receive?
- Order Processing. Ironclad, sometimes with the assistance of a third party or Ironclad subsidiary, may use your Personally Identifiable Information to process your payment through merchant account services, and to generate the products and services you order. Your Contact Data may be used to follow up with you on transactions you initiate through Online Services, respond to inquiries made through Online Services, inform you of changes to Online Services, and send you additional information about Ironclad and its products and services.
- Third Party Marketing. Unless specifically authorized by you, we do not provide Personally Identifiable Information to third parties for marketing purposes. If you express interest in a third party offer or purchase a package that includes a third party offer, we may provide your Personally Identifiable Information to that third party solely in connection with the offer you have selected.
- Required by Law. We may also disclose your personal information: as required by law, such as in response to a subpoena or similar legal process, and when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a legal request.
- Visitor Demographics. Contact Data and Traffic Data are used to gather general statistics about our customers and visitors. We may use Demographic Data to generate collective information about our users, but not in a way that identifies any user specifically. For example, we may inform third parties about the number of registered users and unique visitors, and the pages most frequently browsed.
- Service Providers. We may share your Personally Identifiable Information with companies that provide support services to us (such as a printer or email service provider), or help us market our products and services. These companies may need information about you in order to perform their functions.
- Blogs and Forums. The Site may include a publicly accessible blog and interactive forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. You should use caution when deciding whether to disclose your personal information in these areas of the site. To request removal of your personal information from our community forums, contact us at support@ironcladhq.com. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.
- Other Transfers. We may share Personally Identifiable Information and other data with businesses controlling, controlled by, or under common control with Ironclad. If Ironclad is merged, acquired, or sold, or if some or all of our assets or equity are transferred, we may disclose or transfer Personally Identifiable Information and other data in connection with the associated transactions.
- Bankruptcy. In the event of an Ironclad bankruptcy, insolvency, reorganization, receivership, or assignment for the benefit of creditors, or the application of laws or equitable principles affecting creditors’ rights generally, we may not be able to control how your personal information is treated, transferred, or used. If such an event occurs, your Personally Identifiable Information may be treated like any other Ironclad asset and sold, transferred, or shared with third parties, or used in ways not contemplated or permitted under this Privacy Policy. In this case, you will be notified via email and/or a prominent notice on our site of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
- Consent. In addition to the sharing described in this Policy, we may share information about you whenever you consent to or direct such sharing.
Analytics & Advertising
Data we process on behalf of our customers
Third-Party Websites
Your Options
Data Retention
Data Security
EEA, Switzerland, and UK Individuals
- To honor our contractual commitments to you: Much of our processing of personal data is to meet our contractual obligations to our users, or to take steps at users’ requests in anticipation of entering into a contract with them. For example, we handle personal data on this basis to allow you to sign up for our Online Services.
- Consent: Where required by law, and in some other cases, we handle personal data on the basis of your implied or express consent.
- Legitimate interests: In many cases, we handle personal data on the ground that it furthers our legitimate interests in commercial activities in ways that are not overridden by the interests or fundamental rights and freedoms of the affected individuals. This includes: operating our business and the Online Services; providing security for our websites, products, software, or applications; marketing; receiving payments; preventing fraud; and knowing the customer to whom we are providing the Online Services.
- Legal compliance: We need to use and disclose personal data in certain ways to comply with our legal obligations (such as our obligation to share data with tax authorities).
- provide access to and/or a copy of certain information we hold about you
- prevent the processing of your information for direct-marketing purposes (including any direct marketing processing based on profiling)
- update information which is out of date or incorrect
- delete certain information which we are holding about you
- restrict the way that we process and disclose certain of your information
- transfer your information to a third party provider of services
- revoke your consent for the processing of your information
California Shine the Light
Children’s Privacy
Changes to this Policy
Contact Us
Effective July 27th 2015 to March 24th 2021
DownloadTable of Contents
Ironclad, Inc. (“Ironclad” “We”, “Us”) is sensitive to your concerns about how we use the personal information we collect from you through Ironclad’s website (the “Site”) and other plug-ins exchanging information with Ironclad (“Applications”). (The Site and Applications are sometimes collectively referred to as “Online Services” for simplicity.) Ironclad takes your privacy seriously, and has implemented this privacy policy (the “Privacy Policy”) and internal policies and practices to keep your personal and financial information secure. The Privacy Policy covers Ironclad’s treatment of the Personally Identifiable Information we collect when you use the Online Services. It also describes the choices available to you regarding our use of your personal information and how you can access and update this information. This Privacy Policy is incorporated into our Terms of Service, and therefore governs your use of the Online Services. By using Ironclad Online Services, you accept the terms of this Privacy Policy. If you have questions or concerns about the Privacy Policy, please contact Customer Care at support@ironcladapp.com.
What information do we collect about our customers?
We may use Traffic Data to analyze Site traffic, but this information is not examined for Personally Identifiable Information. We may also use Traffic Data to diagnose problems with our server, administer our Site, or display content according to your preferences. Visitor Data and Traffic Data may also be shared with business partners, affiliates, or advertisers on an aggregated and anonymous basis.
Cookies. Ironclad may use the standard cookie feature of major browser applications and third-party providers, including Google Analytics features (Remarketing, Google Display Network Impression Reporting, the DoubleClick Campaign Manager Integration and Google Analytics Demographics and Interest Reporting), or employ internally developed cookies and tracking codes, that allow Ironclad to store a small piece of data on a visitor’s computer, or any other device a visitor uses to access Online Services, about his or her visit to the Site or use of Applications. Ironclad does not capture Personally Identifiable Information in cookies or use cookies to mine Personally Identifiable Information. You can remove persistent cookies by following directions provided in your Internet browser’s “help” directory. If you reject cookies, you may still use our site, but your ability to use some areas of our site, such as order forms, will be limited.
3rd Party Tracking. The use of tracking technologies by our service providers, technology partners or other 3rd party assets (such as social media links) on the site is not covered by our Privacy Policy. These 3rd parties may use cookies, clear gifs, images, and scripts to help them better manage their content on our site. We do not have access or control over these technologies. We do not tie the information gathered to our Customers’ or Users’ Personally Identifiable Information.
Personal Information. Ironclad requires each customer to provide us with personal information (collectively “Personally Identifiable Information”) to access and use Ironclad products and services. Personally Identifiable Information is captured only when a visitor accesses Online Services, or speaks on the phone with a Ironclad employee, and willingly discloses that information. This disclosure may occur when a visitor registers with an Online Service, engages in transactions, contacts customer service, or participates in contests, promotions, surveys, forums, content submissions, requests for suggestions, or other aspects of services offered by Ironclad.
Personally Identifiable Information includes: (i) “Contact Data” (such as your name, address, city, state, zip code, phone number, and email address); (ii) “Financial Data” (such as your credit card number, expiration date, and verification code or bank account information); (iii) “Demographic Data” (such as your zip code and sex); and (iv) other “Legal Data” (such as your social security number, company information, trade secrets, inventions, and idea submissions and other sensitive information necessary to generate legal documents).
We may collect the information of 3rd party individuals as necessary, such as to ask our customers to indicate beneficiaries of a will, record shareholders of a company, or register authorized contacts to access their Ironclad account. Ironclad uses this information for the sole purpose of administering its services for our customers, and does not use such information for any other reason.
Certain personal information becomes public record when documents are filed with the federal or state government, or with a court. For example, a corporation’s name, business address, and registered agent name become public information when its articles of incorporation are filed. A Secretary of State may publish this information to its website or provide this information to third parties for a fee. The U.S. Patent and Trademark Office publishes the names and addresses of trademark registrants. In some states, fictitious business names, including the name and address of the business owner, must be published in a newspaper. The Ironclad Privacy Policy does not cover these or similar third-party actions.
Testimonials and Reviews. We may display personal testimonials of satisfied customers. We will ask for your specific consent as part of the survey. If you wish to update or delete your testimonial, you can contact us at support@ironcladapp.com. We may also display customer reviews. If you provide a review that we display and wish to update or delete it, you can also contact us at support@ironcladapp.com.
Calls/Electronic Communications. In the regular course of our business, Ironclad may monitor and record phone conversations or email communications between you and Ironclad employees for training and quality assurance purposes. We may receive a confirmation when you open or click on content in an email from us, which helps us make our communications to you more useful and interesting. If you do not wish to receive email from Ironclad, you may unsubscribe from our mailing list on any of the emails we send.
How do we use the information we collect and do we share the information we receive?
Opting Out. We send promotional emails and newsletters from time to time to users who have registered on the site and to those who have opted in to receive such emails. Generally, you may not opt-out of service-related or transactional communications, which are not promotional. If you do not wish to receive service-related communications, you may terminate your account by contacting support@ironcladapp.com. However, you can opt-out of promotional communications by following the unsubscribe instructions in any communication or by emailing us at support@ironcladapp.com.
You may choose not to provide Ironclad with Personally Identifiable Information or you may turn off cookies in your browser by changing its settings. If you make these decisions, you may continue to use the Online Services and browse its pages. However, Ironclad cannot process orders without Personally Identifiable Information.
Surveys, Sweepstakes, and Contests. We may provide you the opportunity to participate in surveys on our site, to measure customer satisfaction. If you participate, we may request certain personally identifiable information from you. Participation in these surveys, sweepstakes, or contests is completely voluntary and you therefore have a choice whether or not to disclose this information. The requested information typically includes name, email address, and mailing address.
We share customer information with third parties only as follows:
- Order Processing. Ironclad, sometimes with the assistance of a third party or Ironclad subsidiary, may use your Personally Identifiable Information to process your payment through merchant account services, and to generate the products and services you order. Your Contact Data may be used to follow up with you on transactions you initiate through Online Services, respond to inquiries made through Online Services, inform you of changes to Online Services, and send you additional information about Ironclad and its products and services.
- Registered Agent Requests. If you designate a person or company other than Ironclad to serve as the registered agent for your business entity, Ironclad may provide your name and contact information to that party, if the designee requests. Third Party Marketing. Unless specifically authorized by you, we do not provide Personally Identifiable Information to third parties for marketing purposes. If you express interest in a third party offer or purchase a package that includes a third party offer, we may provide your Personally Identifiable Information to that third party solely in connection with the offer you have selected.
- Required by Law. We may also disclose your personal information: as required by law, such as in response to a subpoena or similar legal process, and when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a legal request.
- Visitor Demographics. Contact Data and Traffic Data are used to gather general statistics about our customers and visitors. We may use Demographic Data to generate collective information about our users, but not in a way that identifies any user specifically. For example, we may inform third parties about the number of registered users and unique visitors, and the pages most frequently browsed.
- Service Providers. We may share your Personally Identifiable Information with companies that provide support services to us (such as a printer or email service provider), or help us market our products and services. These companies may need information about you in order to perform their functions. These companies are not authorized to use the information we share with them for any other purpose.
- Partner and Affiliate Tracking. Our partners and affiliates, including Google Analytics (Remarketing, Google Display Network Impression Reporting, the DoubleClick Campaign Manager Integration, and Google Analytics and Interest Reporting), may use cookies and web beacons to collect non-personally identifiable information about your activities on this and other websites to provide you targeted advertising based upon your interests. This means that these partners and affiliates may show our ads on sites across the Internet based upon your previous visits to our site. Together with our partners and affiliates, we may use these cookies and web beacons to report how your ad impressions, other uses of ad services, and interactions with these ad impressions and ad services are related to your visits to our site.
If you would like to learn more or opt out of receiving online display advertising tailored to your interests, please visit the Networking Advertising Initiative at www.networkadvertising.org/managing/opt_out.asp or the Digital Advertising Alliance at http://aboutads.info/choices. If you wish to not have this information used for the purpose of serving your targeted ads, you may opt out by clicking here. Please note this does not opt you out of being served advertising. You will continue to receive generic ads. If you delete your cookies, use a different browser, or buy a new computer, you will need to renew your online display advertising opt-out choice. You may also visit Google Analytics’ Ads Settings to opt out of Google’s use of cookies and customize Google Display Network ads, and Google Analytics’ Opt Out Browser Add-on for the web.
Blogs and Forums. The Site may include a publicly accessible blog and interactive forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. You should use caution when deciding whether to disclose your personal information in these areas of the site. To request removal of your personal information from our community forums, contact us at support@ironcladapp.com. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.
Other Transfers. We may share Personally Identifiable Information and other data with businesses controlling, controlled by, or under common control with Ironclad. If Ironclad is merged, acquired, or sold, or if some or all of our assets or equity are transferred, we may disclose or transfer Personally Identifiable Information and other data in connection with the associated transactions.
Bankruptcy. In the event of an Ironclad bankruptcy, insolvency, reorganization, receivership, or assignment for the benefit of creditors, or the application of laws or equitable principles affecting creditors’ rights generally, we may not be able to control how your personal information is treated, transferred, or used. If such an event occurs, your Personally Identifiable Information may be treated like any other Ironclad asset and sold, transferred, or shared with third parties, or used in ways not contemplated or permitted under this Privacy Policy. In this case, you will be notified via email and/or a prominent notice on our site of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
Links
Third-Party Websites. Ironclad may maintain links to other websites and other websites may maintain links to the Online Services. This Privacy Policy applies only to ironcladapp.com and not to other websites accessible from Ironclad or that you use to access Ironclad, each of which may have privacy policies materially different from this Privacy Policy. If you visit other websites, Ironclad is not responsible for the privacy practices or content of those sites. It is your responsibility to review the privacy policies of non-Ironclad websites to confirm that you understand and agree with them.
Accessing and Changing Your Account
User and Authorized Contact Access to Order Information. Ironclad will give you, or anyone listed as an authorized contact for your account, information about your order. This may include information about the nature and status of your order, information you provided to process your order, payment information, and contact information. If you want someone to have access to your order, you must list them as an authorized contact or they may not obtain information.
If you no longer desire our services, or if you want to remove your Personally Identifiable Information from our Site, you may terminate your account by contacting support@ironcladapp.com.
Data Retention. At minimum, we will retain your information for as long as needed to provide you services, and as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Ironclad may maintain some or all of this data in its archives even after it has been removed from the Site.
How secure is the personal information we collect?
Our Commitment to Data Security. We strive to make certain that our servers and connections incorporate the latest encryption and security devices. We have implemented physical, electronic, and managerial procedures to safeguard and secure the information we collect. Credit card and personal information are transmitted by secure servers (SSL). In the event that we mail you documents, documents are delivered to you via UPS or similar overnight delivery services, the United States Postal Service, or email. Unfortunately, no data transmission is guaranteed to be 100% secure and we therefore cannot guarantee the security of information you transmit to or from the Site, Applications, or through the use of our services, and you provide this information at your own risk. ACCORDINGLY, WE DISCLAIM LIABILITY FOR THE THEFT, LOSS, OR INTERCEPTION OF, OR UNAUTHORIZED ACCESS OR DAMAGE TO, YOUR DATA OR COMMUNICATIONS BY USING THE SITE, APPLICATIONS, AND OUR SERVICES. YOU ACKNOWLEDGE THAT YOU UNDERSTAND AND ASSUME THESE RISKS.
IF YOU BELIEVE YOUR PRIVACY HAS BEEN BREACHED THROUGH USE OF OUR WEBSITE, APPLICATIONS, OR OTHER SERVICES PLEASE CONTACT US IMMEDIATELY AT support@ironcladapp.com.
Enforcement. We periodically review this Privacy Policy and our compliance with it to verify that both are accurate. We encourage you to contact us with any concerns, and we will investigate and attempt to resolve any complaints and disputes about our privacy practices.
Changes to this Policy. We may update this privacy policy to reflect changes to our information practices. If we make any material changes a notice will be posted on this page along with the updated Privacy Policy prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.
Contact Us. If you have any questions regarding our Privacy Policy, please contact us at support@ironcladapp.com.
Sandbox Trial License Agreement
Effective February 8th 2024
DownloadTable of Contents
- Affiliate means a legal entity that controls, is controlled by, or is under common control with a party, where “control” is defined as owning more than 50% of the voting shares of such entity.
- Authorized User means an employee or contractor of User or its Affiliates that User has registered to access and use the Sandbox Trial.
- Confidential Information means any business or technical information disclosed by one party to the other party, including User Data, provided that it is identified as confidential at the time of disclosure or that under the circumstances, a person exercising reasonable business judgment would understand it to be confidential or proprietary.
- User Data means the data and information input or uploaded into the Sandbox Trial by User or Authorized Users.
- Access to the Sandbox Trial. Subject to the terms of this Agreement, Ironclad grants to User a non-exclusive, non-sublicensable, non-transferable license to access and use a sandbox, test version of Ironclad’s digital contracting platform (the ”Sandbox Trial”) while this Agreement is in effect, solely for User’s evaluation and testing for the purpose of purchasing Ironclad products and services (“Evaluation Period”). Ironclad may provide assistance, support, maintenance, or other services relating to the Sandbox Trial during the Evaluation Period in its sole discretion. Ironclad may not backup User data or other information entered into the Sandbox Trial, and such User data or information may not be available for retrieval or otherwise compatible or usable with the Ironclad services. Ironclad may modify or discontinue the Sandbox Trial at any time. Use of the Ironclad platform after the Evaluation Period is subject to the parties entering into Ironclad’s Enterprise Services Agreement or similar definitive agreement. Direct competitors of Ironclad may not access or use the Sandbox Trial.
- Fees. There will be no fee for use of the Sandbox Trial.
- Use of the Sandbox Trial. User may access and use the Sandbox Trial only pursuant to any instructions provided by Ironclad to User. User will not, and will not encourage any third party to: (a) reverse-engineer, decompile, disassemble, or attempt to derive the source code for the Sandbox Trial, in whole or in part, except to the extent that such activities are permitted under applicable law; (b) copy, frame, mimic, replicate, or mirror any part of Ironclad or the Sandbox Trial, or distribute, license, sublicense, lease, rent, loan, or otherwise transfer access rights to the Sandbox Trial to any third party; (c) use the Sandbox Trial for the purpose of creating a product or service competitive with Ironclad, the Sandbox Trial, or a derivative work of the Sandbox Trial; (d) disclose the results of any benchmark tests on the Sandbox Trial without Ironclad’s prior written consent; (e) remove, delete, alter, or obscure any trademarks, specifications, documentation, end user license agreement, Privacy Policy, warranties or disclaimers, or any intellectual property or proprietary rights notices regarding the Sandbox Trial; (f) remove, circumvent, disable, damage, or otherwise interfere with security-related features of the Sandbox Trial or features that enforce limitations on use of the Sandbox Trial; (g) upload any sensitive, personal, or other information to the Sandbox Trial that would subject Ironclad to any data privacy or data protection laws; or (h) use the Sandbox Trial other than as described in the documentation provided or in violation of applicable law or any party’s rights.
- Restrictions. User will not allow anyone other than their own Authorized Users to access or use the Sandbox Trial from User’s accounts. User will not and will ensure that its Authorized Users do not: (i) attempt to interfere with or disrupt the Sandbox Trial (or any related systems or networks) or use the Sandbox Trial other than directly for User’s benefit; (ii) copy, modify or distribute any portion of the Sandbox Trial; (iii) rent, lease, or resell the Sandbox Trial; (iv) transfer any of its rights hereunder; or (v) reverse-engineer or access the Sandbox Trial in order to build a competitive product or service.
- Term. This Agreement shall commence on the Effective Date and shall continue until sixty (60) days after the Effective Date, unless otherwise agreed by both parties in writing, or upon either party’s written notice to the other of termination of this Agreement.
- Termination. Either party may terminate this Agreement upon written notice at any time and for any reason.
- Rights and Obligations Upon Expiration or Termination. Upon expiration or termination of this Agreement, User’s right to access and use the Sandbox Trial shall immediately terminate, and User shall immediately cease all use of the Sandbox Trial.
- Data Deletion. Within ninety (90) calendar days of the Agreement’s expiration or termination, Ironclad will securely destroy (per subsection (iii) below) all copies of User Data (including automatically created archival copies).
- User owns and retains: (i) the User Data; (ii) User’s name, logo and other trademarks; and (iii) all Intellectual Property Rights in and to any of the foregoing.
- Ironclad owns and retains: (i) the Ironclad platform, and all improvements, enhancements or modifications made by any party; (ii) any software, applications, inventions or other technology developed by Ironclad in connection with providing the Sandbox Trial; (iii) Ironclad’s name, logo, and other trademarks; and (iv) all Intellectual Property Rights in and to any of the foregoing.
- Use and Nondisclosure. A receiving party will not use the disclosing party’s Confidential Information except as necessary under this Agreement and will not disclose Confidential Information to any third party except: (a) to those of its employees and contractors who have a business need to know such Confidential Information; provided that each such employee and contractor is bound to confidentiality restrictions at least as restrictive as the terms set forth in this Agreement. Each receiving party will protect the disclosing party’s Confidential Information from unauthorized use and disclosure using efforts equivalent to the efforts that the receiving party uses with respect to its own Confidential Information and in no event less than a reasonable standard of care. The provisions of this Section will remain in effect during the Term and for a period of five (5) years after the expiration or termination thereof, except with regard to trade secrets of the disclosing party, which will be held in confidence for as long as such information remains a trade secret.
- Exclusions. The obligations and restrictions set forth in this Section will not apply to any information that: (i) is or becomes generally known to the public through no fault of or breach of this Agreement by the receiving party; (ii) is rightfully known by the receiving party at the time of disclosure; (iii) is independently developed by the receiving party without access to the disclosing party’s Confidential Information; or (iv) the receiving party rightfully obtains from a third party who has the right to disclose such information without breach of any confidentiality obligation to the disclosing party.
- Permitted Disclosures. The provisions of this Section will not restrict either party from disclosing the other party’s Confidential Information: (i) pursuant to the order or requirement of a court, administrative agency, or other governmental body; provided that to the extent legally permitted, the party required to make such a disclosure gives reasonable notice to the other party to enable it to contest such order or requirement or limit the scope of such request; (ii) on a confidential basis to its legal or professional financial advisors; or (iii) as required under applicable securities regulations.
- Injunctive Relief. The receiving party acknowledges that disclosure of Confidential Information could cause substantial harm for which damages alone may not be a sufficient remedy, and therefore that upon any such disclosure by the receiving party, the disclosing party will be entitled to seek appropriate equitable relief in addition to whatever other remedies it might have at law.
- Amendment. Ironclad may modify the terms of this Agreement from time to time in its sole discretion by posting a revised version at https://legal.ironcladapp.com/#sandbox-trial-license-agreement. Ironclad will provide you with notice of any major changes by requiring you to accept the updated Agreement before accessing the Sandbox Trial. Continued use of the Sandbox Trial after changes have been posted constitutes acceptance of the revised Agreement.
- Relationship Between the Parties. Nothing in this Agreement shall be construed as to create a partnership, joint venture, or agency relationship between the parties. Any such relationship can only be formed through separate agreement.
- Entire Agreement. This Agreement constitutes the complete and exclusive agreement between the parties concerning its subject matter and supersedes all prior or contemporaneous agreements or understandings, written or oral, concerning the subject matter of this Agreement.
- Governing Law. This Agreement will be governed by the laws of the State of California without reference to conflict of law principles. Each party agrees to submit to the exclusive jurisdiction of the courts located within the county of San Francisco, California to resolve any legal matter arising from this Agreement.
- Assignment. Neither party may assign any of its rights or obligations under this Agreement, whether by operation of law or otherwise, without the prior written consent of the other party (not to be unreasonably withheld).
Effective February 8th 2024 to February 8th 2024
DownloadTable of Contents
- Affiliate means a legal entity that controls, is controlled by, or is under common control with a party, where “control” is defined as owning more than 50% of the voting shares of such entity.
- Authorized User means an employee or contractor of User or its Affiliates that User has registered to access and use the Sandbox Trial.
- Confidential Information means any business or technical information disclosed by one party to the other party, including User Data, provided that it is identified as confidential at the time of disclosure or that under the circumstances, a person exercising reasonable business judgment would understand it to be confidential or proprietary.
- User Data means the data and information input or uploaded into the Sandbox Trial by User or Authorized Users.
- Access to the Sandbox Trial. Subject to the terms of this Agreement, Ironclad grants to User a non-exclusive, non-sublicensable, non-transferable license to access and use a sandbox, test version of Ironclad’s digital contracting platform (the ”Sandbox Trial”) while this Agreement is in effect, solely for User’s evaluation and testing for the purpose of purchasing Ironclad products and services (“Evaluation Period”). Ironclad may provide assistance, support, maintenance, or other services relating to the Sandbox Trial during the Evaluation Period in its sole discretion. Ironclad may not backup User data or other information entered into the Sandbox Trial, and such User data or information may not be available for retrieval or otherwise compatible or usable with the Ironclad services. Ironclad may modify or discontinue the Sandbox Trial at any time. Use of the Ironclad platform after the Evaluation Period is subject to the parties entering into Ironclad’s Enterprise Services Agreement or similar definitive agreement. Direct competitors of Ironclad may not access or use the Sandbox Trial.
- Fees. There will be no fee for use of the Sandbox Trial.
- Use of the Sandbox Trial. User may access and use the Sandbox Trial only pursuant to any instructions provided by Ironclad to User. User will not, and will not encourage any third party to: (a) reverse-engineer, decompile, disassemble, or attempt to derive the source code for the Sandbox Trial, in whole or in part, except to the extent that such activities are permitted under applicable law; (b) copy, frame, mimic, replicate, or mirror any part of Ironclad or the Sandbox Trial, or distribute, license, sublicense, lease, rent, loan, or otherwise transfer access rights to the Sandbox Trial to any third party; (c) use the Sandbox Trial for the purpose of creating a product or service competitive with Ironclad, the Sandbox Trial, or a derivative work of the Sandbox Trial; (d) disclose the results of any benchmark tests on the Sandbox Trial without Ironclad’s prior written consent; (e) remove, delete, alter, or obscure any trademarks, specifications, documentation, end user license agreement, Privacy Policy, warranties or disclaimers, or any intellectual property or proprietary rights notices regarding the Sandbox Trial; (f) remove, circumvent, disable, damage, or otherwise interfere with security-related features of the Sandbox Trial or features that enforce limitations on use of the Sandbox Trial; (g) upload any sensitive, personal, or other information to the Sandbox Trial that would subject Ironclad to any data privacy or data protection laws; or (h) use the Sandbox Trial other than as described in the documentation provided or in violation of applicable law or any party’s rights.
- Restrictions. User will not allow anyone other than their own Authorized Users to access or use the Sandbox Trial from User’s accounts. User will not and will ensure that its Authorized Users do not: (i) attempt to interfere with or disrupt the Sandbox Trial (or any related systems or networks) or use the Sandbox Trial other than directly for User’s benefit; (ii) copy, modify or distribute any portion of the Sandbox Trial; (iii) rent, lease, or resell the Sandbox Trial; (iv) transfer any of its rights hereunder; or (v) reverse-engineer or access the Sandbox Trial in order to build a competitive product or service.
- Term. This Agreement shall commence on the Effective Date and shall continue until sixty (60) days after the Effective Date, unless otherwise agreed by both parties in writing, or upon either party’s written notice to the other of termination of this Agreement.
- Termination. Either party may terminate this Agreement upon written notice at any time and for any reason.
- Rights and Obligations Upon Expiration or Termination. Upon expiration or termination of this Agreement, User’s right to access and use the Sandbox Trial shall immediately terminate, and User shall immediately cease all use of the Sandbox Trial.
- Data Deletion. Within ninety (90) calendar days of the Agreement’s expiration or termination, Ironclad will securely destroy (per subsection (iii) below) all copies of User Data (including automatically created archival copies).
- User owns and retains: (i) the User Data; (ii) User’s name, logo and other trademarks; and (iii) all Intellectual Property Rights in and to any of the foregoing.
- Ironclad owns and retains: (i) the Ironclad platform, and all improvements, enhancements or modifications made by any party; (ii) any software, applications, inventions or other technology developed by Ironclad in connection with providing the Sandbox Trial; (iii) Ironclad’s name, logo, and other trademarks; and (iv) all Intellectual Property Rights in and to any of the foregoing.
- Use and Nondisclosure. A receiving party will not use the disclosing party’s Confidential Information except as necessary under this Agreement and will not disclose Confidential Information to any third party except: (a) to those of its employees and contractors who have a business need to know such Confidential Information; provided that each such employee and contractor is bound to confidentiality restrictions at least as restrictive as the terms set forth in this Agreement. Each receiving party will protect the disclosing party’s Confidential Information from unauthorized use and disclosure using efforts equivalent to the efforts that the receiving party uses with respect to its own Confidential Information and in no event less than a reasonable standard of care. The provisions of this Section will remain in effect during the Term and for a period of five (5) years after the expiration or termination thereof, except with regard to trade secrets of the disclosing party, which will be held in confidence for as long as such information remains a trade secret.
- Exclusions. The obligations and restrictions set forth in this Section will not apply to any information that: (i) is or becomes generally known to the public through no fault of or breach of this Agreement by the receiving party; (ii) is rightfully known by the receiving party at the time of disclosure; (iii) is independently developed by the receiving party without access to the disclosing party’s Confidential Information; or (iv) the receiving party rightfully obtains from a third party who has the right to disclose such information without breach of any confidentiality obligation to the disclosing party.
- Permitted Disclosures. The provisions of this Section will not restrict either party from disclosing the other party’s Confidential Information: (i) pursuant to the order or requirement of a court, administrative agency, or other governmental body; provided that to the extent legally permitted, the party required to make such a disclosure gives reasonable notice to the other party to enable it to contest such order or requirement or limit the scope of such request; (ii) on a confidential basis to its legal or professional financial advisors; or (iii) as required under applicable securities regulations.
- Injunctive Relief. The receiving party acknowledges that disclosure of Confidential Information could cause substantial harm for which damages alone may not be a sufficient remedy, and therefore that upon any such disclosure by the receiving party, the disclosing party will be entitled to seek appropriate equitable relief in addition to whatever other remedies it might have at law.
- Amendment. Ironclad may modify the terms of this Agreement from time to time in its sole discretion by posting a revised version at https://legal.ironcladapp.com/#sandbox-trial-license-agreement. Ironclad will provide you with notice of any major changes by requiring you to accept the updated Agreement before accessing the Sandbox Trial. Continued use of the Sandbox Trial after changes have been posted constitutes acceptance of the revised Agreement.
- Relationship Between the Parties. Nothing in this Agreement shall be construed as to create a partnership, joint venture, or agency relationship between the parties. Any such relationship can only be formed through separate agreement.
- Entire Agreement. This Agreement constitutes the complete and exclusive agreement between the parties concerning its subject matter and supersedes all prior or contemporaneous agreements or understandings, written or oral, concerning the subject matter of this Agreement.
- Governing Law. This Agreement will be governed by the laws of the State of California without reference to conflict of law principles. Each party agrees to submit to the exclusive jurisdiction of the courts located within the county of San Francisco, California to resolve any legal matter arising from this Agreement.
- Assignment. Neither party may assign any of its rights or obligations under this Agreement, whether by operation of law or otherwise, without the prior written consent of the other party (not to be unreasonably withheld).
Effective January 27th 2023 to February 8th 2024
DownloadTable of Contents
- Affiliate means a legal entity that controls, is controlled by, or is under common control with a party, where “control” is defined as owning more than 50% of the voting shares of such entity.
- Authorized User means an employee or contractor of User or its Affiliates that User has registered to access and use the Sandbox Trial.
- Confidential Information means any business or technical information disclosed by one party to the other party, including User Data, provided that it is identified as confidential at the time of disclosure or that under the circumstances, a person exercising reasonable business judgment would understand it to be confidential or proprietary.
- User Data means the data and information input or uploaded into the Sandbox Trial by User or Authorized Users.
- Access to the Sandbox Trial. Subject to the terms of this Agreement, Ironclad grants to User a non-exclusive, non-sublicensable, non-transferable license to access and use a sandbox, test version of Ironclad’s digital contracting platform (the ”Sandbox Trial”) while this Agreement is in effect, solely for User’s evaluation and testing for the purpose of purchasing Ironclad products and services (“Evaluation Period”). Ironclad may provide assistance, support, maintenance, or other services relating to the Sandbox Trial during the Evaluation Period in its sole discretion. Ironclad may not backup User data or other information entered into the Sandbox Trial, and such User data or information may not be available for retrieval or otherwise compatible or usable with the Ironclad services. Ironclad may modify or discontinue the Sandbox Trial at any time. Use of the Ironclad platform after the Evaluation Period is subject to the parties entering into Ironclad’s Enterprise Services Agreement or similar definitive agreement. Direct competitors of Ironclad may not access or use the Sandbox Trial.
- Fees. There will be no fee for use of the Sandbox Trial.
- Use of the Sandbox Trial. User may access and use the Sandbox Trial only pursuant to any instructions provided by Ironclad to User. User will not, and will not encourage any third party to: (a) reverse-engineer, decompile, disassemble, or attempt to derive the source code for the Sandbox Trial, in whole or in part, except to the extent that such activities are permitted under applicable law; (b) copy, frame, mimic, replicate, or mirror any part of Ironclad or the Sandbox Trial, or distribute, license, sublicense, lease, rent, loan, or otherwise transfer access rights to the Sandbox Trial to any third party; (c) use the Sandbox Trial for the purpose of creating a product or service competitive with Ironclad, the Sandbox Trial, or a derivative work of the Sandbox Trial; (d) disclose the results of any benchmark tests on the Sandbox Trial without Ironclad’s prior written consent; (e) remove, delete, alter, or obscure any trademarks, specifications, documentation, end user license agreement, Privacy Policy, warranties or disclaimers, or any intellectual property or proprietary rights notices regarding the Sandbox Trial; (f) remove, circumvent, disable, damage, or otherwise interfere with security-related features of the Sandbox Trial or features that enforce limitations on use of the Sandbox Trial; (g) upload any sensitive, personal, or other information to the Sandbox Trial that would subject Ironclad to any data privacy or data protection laws; or (h) use the Sandbox Trial other than as described in the documentation provided or in violation of applicable law or any party’s rights.
- Restrictions. User will not allow anyone other than their own Authorized Users to access or use the Sandbox Trial from User’s accounts. User will not and will ensure that its Authorized Users do not: (i) attempt to interfere with or disrupt the Sandbox Trial (or any related systems or networks) or use the Sandbox Trial other than directly for User’s benefit; (ii) copy, modify or distribute any portion of the Sandbox Trial; (iii) rent, lease, or resell the Sandbox Trial; (iv) transfer any of its rights hereunder; or (v) reverse-engineer or access the Sandbox Trial in order to build a competitive product or service.
- Term. This Agreement shall commence on the Effective Date and shall continue until sixty (60) days after the Effective Date, unless otherwise agreed by both parties in writing, or upon either party’s written notice to the other of termination of this Agreement.
- Termination. Either party may terminate this Agreement upon written notice at any time and for any reason.
- Rights and Obligations Upon Expiration or Termination. Upon expiration or termination of this Agreement, User’s right to access and use the Sandbox Trial shall immediately terminate, and User shall immediately cease all use of the Sandbox Trial.
- Data Deletion. Within ninety (90) calendar days of the Agreement’s expiration or termination, Ironclad will securely destroy (per subsection (iii) below) all copies of User Data (including automatically created archival copies).
- User owns and retains: (i) the User Data; (ii) User’s name, logo and other trademarks; and (iii) all Intellectual Property Rights in and to any of the foregoing.
- Ironclad owns and retains: (i) the Ironclad platform, and all improvements, enhancements or modifications made by any party; (ii) any software, applications, inventions or other technology developed by Ironclad in connection with providing the Sandbox Trial; (iii) Ironclad’s name, logo, and other trademarks; and (iv) all Intellectual Property Rights in and to any of the foregoing.
- Use and Nondisclosure. A receiving party will not use the disclosing party’s Confidential Information except as necessary under this Agreement and will not disclose Confidential Information to any third party except: (a) to those of its employees and contractors who have a business need to know such Confidential Information; provided that each such employee and contractor is bound to confidentiality restrictions at least as restrictive as the terms set forth in this Agreement. Each receiving party will protect the disclosing party’s Confidential Information from unauthorized use and disclosure using efforts equivalent to the efforts that the receiving party uses with respect to its own Confidential Information and in no event less than a reasonable standard of care. The provisions of this Section will remain in effect during the Term and for a period of five (5) years after the expiration or termination thereof, except with regard to trade secrets of the disclosing party, which will be held in confidence for as long as such information remains a trade secret.
- Exclusions. The obligations and restrictions set forth in this Section will not apply to any information that: (i) is or becomes generally known to the public through no fault of or breach of this Agreement by the receiving party; (ii) is rightfully known by the receiving party at the time of disclosure; (iii) is independently developed by the receiving party without access to the disclosing party’s Confidential Information; or (iv) the receiving party rightfully obtains from a third party who has the right to disclose such information without breach of any confidentiality obligation to the disclosing party.
- Permitted Disclosures. The provisions of this Section will not restrict either party from disclosing the other party’s Confidential Information: (i) pursuant to the order or requirement of a court, administrative agency, or other governmental body; provided that to the extent legally permitted, the party required to make such a disclosure gives reasonable notice to the other party to enable it to contest such order or requirement or limit the scope of such request; (ii) on a confidential basis to its legal or professional financial advisors; or (iii) as required under applicable securities regulations.
- Injunctive Relief. The receiving party acknowledges that disclosure of Confidential Information could cause substantial harm for which damages alone may not be a sufficient remedy, and therefore that upon any such disclosure by the receiving party, the disclosing party will be entitled to seek appropriate equitable relief in addition to whatever other remedies it might have at law.
- Amendment. Ironclad may modify the terms of this Agreement from time to time in its sole discretion by posting a revised version at https://legal.ironcladapp.com/#sandbox-trial-license-agreement. Ironclad will provide you with notice of any major changes by requiring you to accept the updated Agreement before accessing the Sandbox Trial. Continued use of the Sandbox Trial after changes have been posted constitutes acceptance of the revised Agreement.
- Relationship Between the Parties. Nothing in this Agreement shall be construed as to create a partnership, joint venture, or agency relationship between the parties. Any such relationship can only be formed through separate agreement.
- Entire Agreement. This Agreement constitutes the complete and exclusive agreement between the parties concerning its subject matter and supersedes all prior or contemporaneous agreements or understandings, written or oral, concerning the subject matter of this Agreement.
- Governing Law. This Agreement will be governed by the laws of the State of California without reference to conflict of law principles. Each party agrees to submit to the exclusive jurisdiction of the courts located within the county of San Francisco, California to resolve any legal matter arising from this Agreement.
- Assignment. Neither party may assign any of its rights or obligations under this Agreement, whether by operation of law or otherwise, without the prior written consent of the other party (not to be unreasonably withheld).
Effective January 26th 2023 to January 27th 2023
DownloadTable of Contents
- Affiliate means a legal entity that controls, is controlled by, or is under common control with a party, where “control” is defined as owning more than 50% of the voting shares of such entity.
- Authorized User means an employee or contractor of User or its Affiliates that User has registered to access and use the Sandbox Trial.
- Confidential Information means any business or technical information disclosed by one party to the other party, including User Data, provided that it is identified as confidential at the time of disclosure or that under the circumstances, a person exercising reasonable business judgment would understand it to be confidential or proprietary.
- User Data means the data and information input or uploaded into the Sandbox Trial by User or Authorized Users.
- Access to the Sandbox Trial. Subject to the terms of this Agreement, Ironclad grants to User a non-exclusive, non-sublicensable, non-transferable license to access and use a sandbox, test version of Ironclad’s digital contracting platform (the ”Sandbox Trial”) while this Agreement is in effect, solely for User’s evaluation and testing for the purpose of purchasing Ironclad products and services (“Evaluation Period”). Ironclad may provide assistance, support, maintenance, or other services relating to the Sandbox Trial during the Evaluation Period in its sole discretion. Ironclad may not backup User data or other information entered into the Sandbox Trial, and such User data or information may not be available for retrieval or otherwise compatible or usable with the Ironclad services. Ironclad may modify or discontinue the Sandbox Trial at any time. Use of the Ironclad platform after the Evaluation Period is subject to the parties entering into Ironclad’s Enterprise Services Agreement or similar definitive agreement. Direct competitors of Ironclad may not access or use the Sandbox Trial.
- Fees. There will be no fee for use of the Sandbox Trial.
- Use of the Sandbox Trial. User may access and use the Sandbox Trial only pursuant to any instructions provided by Ironclad to User. User will not, and will not encourage any third party to: (a) reverse-engineer, decompile, disassemble, or attempt to derive the source code for the Sandbox Trial, in whole or in part, except to the extent that such activities are permitted under applicable law; (b) copy, frame, mimic, replicate, or mirror any part of Ironclad or the Sandbox Trial, or distribute, license, sublicense, lease, rent, loan, or otherwise transfer access rights to the Sandbox Trial to any third party; (c) use the Sandbox Trial for the purpose of creating a product or service competitive with Ironclad, the Sandbox Trial, or a derivative work of the Sandbox Trial; (d) disclose the results of any benchmark tests on the Sandbox Trial without Ironclad’s prior written consent; (e) remove, delete, alter, or obscure any trademarks, specifications, documentation, end user license agreement, Privacy Policy, warranties or disclaimers, or any intellectual property or proprietary rights notices regarding the Sandbox Trial; (f) remove, circumvent, disable, damage, or otherwise interfere with security-related features of the Sandbox Trial or features that enforce limitations on use of the Sandbox Trial; (g) upload any sensitive, personal, or other information to the Sandbox Trial that would subject Ironclad to any data privacy or data protection laws; or (h) use the Sandbox Trial other than as described in the documentation provided or in violation of applicable law or any party’s rights.
- Restrictions. User will not allow anyone other than their own Authorized Users to access or use the Sandbox Trial from User’s accounts. User will not and will ensure that its Authorized Users do not: (i) attempt to interfere with or disrupt the Sandbox Trial (or any related systems or networks) or use the Sandbox Trial other than directly for User’s benefit; (ii) copy, modify or distribute any portion of the Sandbox Trial; (iii) rent, lease, or resell the Sandbox Trial; (iv) transfer any of its rights hereunder; or (v) reverse-engineer or access the Sandbox Trial in order to build a competitive product or service.
- Term. This Agreement shall commence on the Effective Date and shall continue until sixty (60) days after the Effective Date, unless otherwise agreed by both parties in writing, or upon either party’s written notice to the other of termination of this Agreement.
- Termination. Either party may terminate this Agreement upon written notice at any time and for any reason.
- Rights and Obligations Upon Expiration or Termination. Upon expiration or termination of this Agreement, User’s right to access and use the Sandbox Trial shall immediately terminate, and User shall immediately cease all use of the Sandbox Trial.
- Data Deletion. Within ninety (90) calendar days of the Agreement’s expiration or termination, Ironclad will securely destroy (per subsection (iii) below) all copies of User Data (including automatically created archival copies).
- User owns and retains: (i) the User Data; (ii) User’s name, logo and other trademarks; and (iii) all Intellectual Property Rights in and to any of the foregoing.
- Ironclad owns and retains: (i) the Ironclad platform, and all improvements, enhancements or modifications made by any party; (ii) any software, applications, inventions or other technology developed by Ironclad in connection with providing the Sandbox Trial; (iii) Ironclad’s name, logo, and other trademarks; and (iv) all Intellectual Property Rights in and to any of the foregoing.
- Use and Nondisclosure. A receiving party will not use the disclosing party’s Confidential Information except as necessary under this Agreement and will not disclose Confidential Information to any third party except: (a) to those of its employees and contractors who have a business need to know such Confidential Information; provided that each such employee and contractor is bound to confidentiality restrictions at least as restrictive as the terms set forth in this Agreement. Each receiving party will protect the disclosing party’s Confidential Information from unauthorized use and disclosure using efforts equivalent to the efforts that the receiving party uses with respect to its own Confidential Information and in no event less than a reasonable standard of care. The provisions of this Section will remain in effect during the Term and for a period of five (5) years after the expiration or termination thereof, except with regard to trade secrets of the disclosing party, which will be held in confidence for as long as such information remains a trade secret.
- Exclusions. The obligations and restrictions set forth in this Section will not apply to any information that: (i) is or becomes generally known to the public through no fault of or breach of this Agreement by the receiving party; (ii) is rightfully known by the receiving party at the time of disclosure; (iii) is independently developed by the receiving party without access to the disclosing party’s Confidential Information; or (iv) the receiving party rightfully obtains from a third party who has the right to disclose such information without breach of any confidentiality obligation to the disclosing party.
- Permitted Disclosures. The provisions of this Section will not restrict either party from disclosing the other party’s Confidential Information: (i) pursuant to the order or requirement of a court, administrative agency, or other governmental body; provided that to the extent legally permitted, the party required to make such a disclosure gives reasonable notice to the other party to enable it to contest such order or requirement or limit the scope of such request; (ii) on a confidential basis to its legal or professional financial advisors; or (iii) as required under applicable securities regulations.
- Injunctive Relief. The receiving party acknowledges that disclosure of Confidential Information could cause substantial harm for which damages alone may not be a sufficient remedy, and therefore that upon any such disclosure by the receiving party, the disclosing party will be entitled to seek appropriate equitable relief in addition to whatever other remedies it might have at law.
- Amendment. Ironclad may modify the terms of this Agreement from time to time in its sole discretion by posting a revised version at https://legal.ironcladapp.com/#sandbox-trial-license-agreement. Ironclad will provide you with notice of any major changes by requiring you to accept the updated Agreement before accessing the Sandbox Trial. Continued use of the Sandbox Trial after changes have been posted constitutes acceptance of the revised Agreement.
- Relationship Between the Parties. Nothing in this Agreement shall be construed as to create a partnership, joint venture, or agency relationship between the parties. Any such relationship can only be formed through separate agreement.
- Entire Agreement. This Agreement constitutes the complete and exclusive agreement between the parties concerning its subject matter and supersedes all prior or contemporaneous agreements or understandings, written or oral, concerning the subject matter of this Agreement.
- Governing Law. This Agreement will be governed by the laws of the State of California without reference to conflict of law principles. Each party agrees to submit to the exclusive jurisdiction of the courts located within the county of San Francisco, California to resolve any legal matter arising from this Agreement.
- Assignment. Neither party may assign any of its rights or obligations under this Agreement, whether by operation of law or otherwise, without the prior written consent of the other party (not to be unreasonably withheld).
Effective January 26th 2023 to January 26th 2023
DownloadTable of Contents
- Affiliate means a legal entity that controls, is controlled by, or is under common control with a party, where “control” is defined as owning more than 50% of the voting shares of such entity.
- Authorized User means an employee or contractor of User or its Affiliates that User has registered to access and use the Sandbox Trial.
- Confidential Information means any business or technical information disclosed by one party to the other party, including User Data, provided that it is identified as confidential at the time of disclosure or that under the circumstances, a person exercising reasonable business judgment would understand it to be confidential or proprietary.
- User Data means the data and information input or uploaded into the Sandbox Trial by User or Authorized Users.
- Access to the Sandbox Trial. Subject to the terms of this Agreement, Ironclad grants to User a non-exclusive, non-sublicensable, non-transferable license to access and use a sandbox, test version of Ironclad’s digital contracting platform (the ”Sandbox Trial”) while this Agreement is in effect, solely for User’s evaluation and testing for the purpose of purchasing Ironclad products and services (“Evaluation Period”). Ironclad may provide assistance, support, maintenance, or other services relating to the Sandbox Trial during the Evaluation Period in its sole discretion. Ironclad may not backup User data or other information entered into the Sandbox Trial, and such User data or information may not be available for retrieval or otherwise compatible or usable with the Ironclad services. Ironclad may modify or discontinue the Sandbox Trial at any time. Use of the Ironclad platform after the Evaluation Period is subject to the parties entering into Ironclad’s Enterprise Services Agreement or similar definitive agreement. Direct competitors of Ironclad may not access or use the Sandbox Trial.
- Fees. There will be no fee for use of the Sandbox Trial.
- Use of the Sandbox Trial. User may access and use the Sandbox Trial only pursuant to any instructions provided by Ironclad to User. User will not, and will not encourage any third party to: (a) reverse-engineer, decompile, disassemble, or attempt to derive the source code for the Sandbox Trial, in whole or in part, except to the extent that such activities are permitted under applicable law; (b) copy, frame, mimic, replicate, or mirror any part of Ironclad or the Sandbox Trial, or distribute, license, sublicense, lease, rent, loan, or otherwise transfer access rights to the Sandbox Trial to any third party; (c) use the Sandbox Trial for the purpose of creating a product or service competitive with Ironclad, the Sandbox Trial, or a derivative work of the Sandbox Trial; (d) disclose the results of any benchmark tests on the Sandbox Trial without Ironclad’s prior written consent; (e) remove, delete, alter, or obscure any trademarks, specifications, documentation, end user license agreement, Privacy Policy, warranties or disclaimers, or any intellectual property or proprietary rights notices regarding the Sandbox Trial; (f) remove, circumvent, disable, damage, or otherwise interfere with security-related features of the Sandbox Trial or features that enforce limitations on use of the Sandbox Trial; (g) upload any sensitive, personal, or other information to the Sandbox Trial that would subject Ironclad to any data privacy or data protection laws; or (h) use the Sandbox Trial other than as described in the documentation provided or in violation of applicable law or any party’s rights.
- Restrictions. User will not allow anyone other than their own Authorized Users to access or use the Sandbox Trial from User’s accounts. User will not and will ensure that its Authorized Users do not: (i) attempt to interfere with or disrupt the Sandbox Trial (or any related systems or networks) or use the Sandbox Trial other than directly for User’s benefit; (ii) copy, modify or distribute any portion of the Sandbox Trial; (iii) rent, lease, or resell the Sandbox Trial; (iv) transfer any of its rights hereunder; or (v) reverse-engineer or access the Sandbox Trial in order to build a competitive product or service.
- Term. This Agreement shall commence on the Effective Date and shall continue until sixty (60) days after the Effective Date, unless otherwise agreed by both parties in writing, or upon either party’s written notice to the other of termination of this Agreement.
- Termination. Either party may terminate this Agreement upon written notice at any time and for any reason.
- Rights and Obligations Upon Expiration or Termination. Upon expiration or termination of this Agreement, User’s right to access and use the Sandbox Trial shall immediately terminate, and User shall immediately cease all use of the Sandbox Trial.
- Data Deletion. Within ninety (90) calendar days of the Agreement’s expiration or termination, Ironclad will securely destroy (per subsection (iii) below) all copies of User Data (including automatically created archival copies).
- PROPRIETARY RIGHTS.
- User owns and retains: (i) the User Data; (ii) User’s name, logo and other trademarks; and (iii) all Intellectual Property Rights in and to any of the foregoing.
- Ironclad owns and retains: (i) the Ironclad platform, and all improvements, enhancements or modifications made by any party; (ii) any software, applications, inventions or other technology developed by Ironclad in connection with providing the Sandbox Trial; (iii) Ironclad’s name, logo, and other trademarks; and (iv) all Intellectual Property Rights in and to any of the foregoing.
- Use and Nondisclosure. A receiving party will not use the disclosing party’s Confidential Information except as necessary under this Agreement and will not disclose Confidential Information to any third party except: (a) to those of its employees and contractors who have a business need to know such Confidential Information; provided that each such employee and contractor is bound to confidentiality restrictions at least as restrictive as the terms set forth in this Agreement. Each receiving party will protect the disclosing party’s Confidential Information from unauthorized use and disclosure using efforts equivalent to the efforts that the receiving party uses with respect to its own Confidential Information and in no event less than a reasonable standard of care. The provisions of this Section will remain in effect during the Term and for a period of five (5) years after the expiration or termination thereof, except with regard to trade secrets of the disclosing party, which will be held in confidence for as long as such information remains a trade secret.
- Exclusions. The obligations and restrictions set forth in this Section will not apply to any information that: (i) is or becomes generally known to the public through no fault of or breach of this Agreement by the receiving party; (ii) is rightfully known by the receiving party at the time of disclosure; (iii) is independently developed by the receiving party without access to the disclosing party’s Confidential Information; or (iv) the receiving party rightfully obtains from a third party who has the right to disclose such information without breach of any confidentiality obligation to the disclosing party.
- Permitted Disclosures. The provisions of this Section will not restrict either party from disclosing the other party’s Confidential Information: (i) pursuant to the order or requirement of a court, administrative agency, or other governmental body; provided that to the extent legally permitted, the party required to make such a disclosure gives reasonable notice to the other party to enable it to contest such order or requirement or limit the scope of such request; (ii) on a confidential basis to its legal or professional financial advisors; or (iii) as required under applicable securities regulations.
- Injunctive Relief. The receiving party acknowledges that disclosure of Confidential Information could cause substantial harm for which damages alone may not be a sufficient remedy, and therefore that upon any such disclosure by the receiving party, the disclosing party will be entitled to seek appropriate equitable relief in addition to whatever other remedies it might have at law.
- Amendment. Ironclad may modify the terms of this Agreement from time to time in its sole discretion by posting a revised version at https://legal.ironcladapp.com/#sandbox-trial-license-agreement. Ironclad will provide you with notice of any major changes by requiring you to accept the updated Agreement before accessing the Sandbox Trial. Continued use of the Sandbox Trial after changes have been posted constitutes acceptance of the revised Agreement.
- Relationship Between the Parties. Nothing in this Agreement shall be construed as to create a partnership, joint venture, or agency relationship between the parties. Any such relationship can only be formed through separate agreement.
- Entire Agreement. This Agreement constitutes the complete and exclusive agreement between the parties concerning its subject matter and supersedes all prior or contemporaneous agreements or understandings, written or oral, concerning the subject matter of this Agreement.
- Governing Law. This Agreement will be governed by the laws of the State of California without reference to conflict of law principles. Each party agrees to submit to the exclusive jurisdiction of the courts located within the county of San Francisco, California to resolve any legal matter arising from this Agreement.
- Assignment. Neither party may assign any of its rights or obligations under this Agreement, whether by operation of law or otherwise, without the prior written consent of the other party (not to be unreasonably withheld).
API Terms of Use
Effective December 18th 2023
DownloadTable of Contents
Ironclad API Terms of Use
A. These API Terms of Use (“API Terms”) form a binding contract between you and Ironclad and explain your rights and obligations when using Ironclad’s application programming interfaces (the “Ironclad APIs”).
B. “We”, “our” and “us” refers to Ironclad, Inc. and “you” and “your” refers to the individual, or company or other legal entity, on behalf of which the Ironclad APIs are used.
C. If you are using the Ironclad APIs on behalf of a company or other legal entity, you represent that you have the authority to bind such entity to these API Terms. If you do not have such authority, or do not agree with these API Terms, you must not use the Ironclad APIs.
D. These API Terms do not apply to your use of the software, and other products and services, made available by Ironclad (the “Ironclad Software”), including without limitation, the Ironclad SaaS contract lifecycle management and clickwrap platforms. Your use of the Ironclad Software is subject to a separate written agreement between you and Ironclad or one of its affiliates entered into prior to such use.
E. We may revise these API Terms from time to time at our sole discretion. All changes are effective immediately when posted. Your continued use of the Ironclad APIs following the posting of revised API Terms signifies your acceptance of the revised API Terms.
F. In the event of an inconsistency between these API Terms and those of an agreement governing (i) your use of the Ironclad Software; or (ii) your partnership with Ironclad, the provisions of such other agreement(s) will prevail to the extent of such inconsistency.
1. License and Use
1.1. Provided that you comply with these API Terms, all documentation relating to the Ironclad APIs at https://developer.ironcladapp.com/ and https://clickwrap-developer.ironcladapp.com/, as may be updated from time to time (the “Ironclad API Documentation”), and all applicable laws, we grant you a non-exclusive, non-transferable, non-sublicensable, revocable, limited right to access and use the Ironclad APIs to:
1.1.1. Develop, test and support any application or integration developed by you which interacts with the Ironclad APIs (each, an “Integration”) and;
1.1.2. Distribute, or allow third parties to access, your Integration.
1.2. You acknowledge that there are no implied licenses granted under these API Terms, and we reserve all rights not expressly granted.
1.3. When using, or attempting to use, the Ironclad APIs, you agree:
1.3.1. To adhere to any applicable guidelines, restrictions, or requirements set out in the Ironclad API Documentation;
1.3.2. Not to share any API keys or authentication tokens for the Ironclad APIs with any other individuals, companies, or entities outside of your own, (each a “third party”), including potential competitors of Ironclad, and to keep these secure at all times;
1.3.3. Not to misrepresent or mask either your identity or your systems’ identity;
1.3.4. Not to remove any proprietary notices or intellectual property from the Ironclad APIs;
1.3.5. That to protect the security, integrity, and operability of the Ironclad APIs, Ironclad may place limits on your use of the Ironclad APIs (like limits on call volumes or requests that can be sent and received by the Ironclad APIs during a defined period of time), which limits will be specified in the Ironclad API Documentation. You accept that:
1.3.5.1. Ironclad, in its sole discretion, will determine what constitutes abuse or excessive usage of the Ironclad APIs;
1.3.5.2. You will not use, or attempt to use, the Ironclad APIs in a manner that exceeds such limitations, including rate limits, or in a manner that constitutes excessive or abusive usage; and
1.3.5.3. Ironclad may monitor the volume of requests sent to the Ironclad APIs for compliance with these API Terms;
1.3.6. Not to use the Ironclad APIs in any manner that poses a security risk to other users of the Ironclad APIs or Ironclad Software, or tests the vulnerability of our systems or networks or those of any third party;
1.3.7 Not to use the Ironclad APIs in any manner that compromises, breaks, or circumvents any of our technical processes or security measures associated with the Ironclad APIs or Ironclad Software;
1.3.8. Not to use the Ironclad APIs for competitive analysis, or to disseminate performance information (including uptime, response time, and benchmarks), relating to the Ironclad APIs or the Ironclad Software;
1.3.9. Not to use the Ironclad APIs in order to replicate, copy, frame, mimic, mirror, or compete with aspects of the Ironclad Software or its functionality, or to develop or utilize an application or integration with the purpose of competing with Ironclad or migrating customers off of the Ironclad Software;
1.3.10 Not to modify, translate, reverse engineer, disassemble, reconstruct, decompile, copy, or create derivative works of the Ironclad APIs, the Ironclad Software, Ironclad customer data, or any aspect or portion thereof, except to the extent that this restriction is expressly prohibited by applicable law;
1.3.11. Not to use the Ironclad APIs in any manner or for any purpose that infringes, misappropriates, or otherwise violates the rights of any third party;
1.3.12 Not to distribute, license, sublicense, lease, rent, loan, or otherwise transfer access rights to the Ironclad API to any third party without Ironclad’s written permission;
1.3.14. Not to use the Ironclad APIs for the bulk collection or scraping of information.
1.4. If you are, or are suspected of being, in violation of these API Terms, we reserve the right to take remedial measures up to and including terminating your access to the Ironclad APIs, at any time and at our discretion.
2. Intellectual Property
2.1. We own all rights, title, and interest in the Ironclad APIs and the Ironclad Software. By using the Ironclad APIs, you do not acquire ownership of any rights in them, or the content that is accessed through them.
2.2. Subject to section 2.1, you own all rights, title, and interest in any Integrations.
2.3. Ironclad will retain all intellectual property rights relating to any suggestions, ideas, enhancement requests, feedback, or other recommendations you provide relating to the Ironclad APIs and Ironclad Software (“Feedback Materials”), which are hereby assigned to Ironclad. Feedback Materials will not include any intellectual property owned by you.
2.4. You may not use any registered or unregistered Ironclad trademarks without written authorization from Ironclad. You may request authorization to use Ironclad trademarks by reaching out to ecosystem@ironcladhq.com. If you have written authorization to use Ironclad trademarks, your use is subject to any Ironclad trademark or brand guidelines and directions from Ironclad employees, as updated from time to time. Ironclad reserves the right to demand that you immediately cease use and remove any Ironclad trademarks you may be using or displaying for any reason and at any time without liability or other obligation to you.
3. Processing of Personal Data
Any personal data processed related to your use of the Ironclad APIs will be processed in accordance with Ironclad’s Privacy Policy.
4. Export
The Ironclad APIs are subject to US global trade control laws and regulations, including the U.S. Export Administration Regulations and various sanctions programs administered by the U.S. Office of Foreign Assets Control. You will not, directly or indirectly, export, re-export, release, or make the APIs available for use, in contravention with these laws and regulations.
5. Warranty and Indemnification
5.1. EXCEPT AS EXPRESSLY STATED HEREIN, ANYTHING PROVIDED IN CONNECTION WITH THESE API TERMS, INCLUDING, WITHOUT LIMITATION, THE IRONCLAD APIS, IS PROVIDED “AS-IS”, WITHOUT ANY WARRANTIES OF ANY KIND. EACH PARTY DISCLAIMS ANY IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
5.2. If you develop an Integration for commercial use or for use outside of your organization, you will indemnify, defend (at Ironclad’s request) and hold harmless Ironclad and its affiliates and their respective directors, officers, employees, agents, contractors, end users, and licensees from and against any claims, losses, costs, expenses (including reasonable attorneys' fees), damages or liabilities based on or arising from (a) your Integration and any derivatives / combination of your Integration with the Ironclad APIs (b) your relationships or interactions with any end users, or third-party distributors, of your Integration, or (c) your infringement of Ironclad’s or any third party’s intellectual property rights. Ironclad may at its own expense participate in the defense and settlement of any claim with its own counsel, and you may not settle a claim without Ironclad's prior written consent (not to be unreasonably withheld).
6. Limitation of Liability
6.1. THIS SECTION 6 DOES NOT APPLY TO THE EXTENT YOU HAVE ALREADY ENTERED INTO ANOTHER AGREEMENT WITH IRONCLAD THAT CONTAINS LIMITATIONS OF LIABILITY TERMS COVERING YOUR USE OF THE IRONCLAD APIS. FOR THE AVOIDANCE OF DOUBT, THIS SECTION 6 WILL NOT APPLY TO IRONCLAD CUSTOMERS WHO HAVE ENTERED INTO AN ENTERPRISE SERVICES AGREEMENT OR SIMILAR MASTER AGREEMENT FOR ACCESS TO IRONCLAD SOFTWARE, AND THE LIMITATION OF LIABILITY TERMS IN THAT SEPARATE AGREEMENT WILL CONTROL.
6.2. WITH THE EXCEPTION OF YOUR (A) INDEMNIFICATION OBLIGATIONS UNDER SECTION 5.2; AND (B) OBLIGATIONS UNDER SECTION 4 (EXPORT), TO THE MAXIMUM EXTENT PERMITTED BY LAW:
6.2.1. IN NO EVENT SHALL IRONCLAD BE LIABLE FOR LOST PROFITS OR REVENUE OR LOSS OF USE OR DATA, COSTS OF COVER OR SUBSTITUTE GOODS OR SERVICES, OR FOR INCIDENTAL, CONSEQUENTIAL, PUNITIVE, SPECIAL OR EXEMPLARY DAMAGES, OR INDIRECT DAMAGES OF ANY TYPE OR KIND, HOWEVER CAUSED, RELATED TO OR ARISING OUT OF THESE API TERMS OR THE RIGHTS, LICENSES, PRODUCTS OR SERVICES PROVIDED UNDER THESE API TERMS WHETHER BY BREACH OF WARRANTY, BREACH OF CONTRACT, NEGLIGENCE, TORT, OR ANY OTHER LEGAL THEORY, AND WHETHER OR NOT IRONCLAD HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES; AND
6.2.2. THE TOTAL, CUMULATIVE LIABILITY OF IRONCLAD ARISING OUT OF OR RELATED TO THESE API TERMS OR THE RIGHTS, LICENSES, PRODUCTS OR SERVICES PROVIDED UNDER THESE API TERMS, WHETHER BASED ON CONTRACT, TORT (INCLUDING NEGLIGENCE), OR ANY OTHER LEGAL THEORY, SHALL BE LIMITED TO FIVE HUNDRED U.S. DOLLARS ($500.00).
7. Term and Termination
7.1. These API Terms shall remain in effect until terminated.
7.2. You may terminate these API Terms at any time by ceasing all use of the Ironclad APIs and any relevant credentials.
7.3. Unless you have purchased access to Ironclad APIs for a predetermined period, Ironclad reserves the right to terminate these API Terms or your use of the Ironclad APIs with immediate effect for any reason and at any time without liability or other obligation to you.
7.4. Upon termination:
7.4.1. All licenses granted herein immediately expire and you must cease use of the Ironclad APIs;
7.4.2. The terms of these API Terms that by their nature are intended to continue indefinitely will continue to apply.
8. Governing Law; Severability
These API Terms shall be construed and enforced in accordance with the laws of California, U.S.A., and you and Ironclad submit to the jurisdiction of the State and Federal courts in San Francisco, California, without giving effect to any conflicts of laws principles. If any provision in API Terms is held by a court of competent jurisdiction to be unenforceable, such provision shall be modified by the court and interpreted so as to best accomplish the original provision to the fullest extent permitted by law, and the remaining provisions of these API Terms shall remain in effect.
Effective May 19th 2023 to December 18th 2023
DownloadTable of Contents
Ironclad API Terms of Use
A. These API Terms of Use (“API Terms”) form a binding contract between you and Ironclad and explain your rights and obligations when using Ironclad’s application programming interfaces (the “Ironclad APIs”).
B. “We”, “our” and “us” refers to Ironclad, Inc. and “you” and “your” refers to the individual, or company or other legal entity, on behalf of which the Ironclad APIs are used.
C. If you are using the Ironclad APIs on behalf of a company or other legal entity, you represent that you have the authority to bind such entity to these API Terms. If you do not have such authority, or do not agree with these API Terms, you must not use the Ironclad APIs.
D. These API Terms do not apply to your use of the software, and other products and services, made available by Ironclad (the “Ironclad Software”), including without limitation, the Ironclad SaaS contract lifecycle management and clickwrap platforms. Your use of the Ironclad Software is subject to a separate written agreement between you and Ironclad or one of its affiliates entered into prior to such use.
E. We may revise these API Terms from time to time at our sole discretion. All changes are effective immediately when posted. Your continued use of the Ironclad APIs following the posting of revised API Terms signifies your acceptance of the revised API Terms.
F. In the event of an inconsistency between these API Terms and those of an agreement governing (i) your use of the Ironclad Software; or (ii) your partnership with Ironclad, the provisions of such other agreement(s) will prevail to the extent of such inconsistency.
1. License and Use
1.1. Provided that you comply with these API Terms, all documentation relating to the Ironclad APIs at https://developer.ironcladapp.com/ and https://clickwrap-developer.ironcladapp.com/, as may be updated from time to time (the “Ironclad API Documentation”), and all applicable laws, we grant you a non-exclusive, non-transferable, non-sublicensable, revocable, limited right to access and use the Ironclad APIs to:
1.1.1. Develop, test and support any application or integration developed by you which interacts with the Ironclad APIs (each, an “Integration”) and;
1.1.2. Distribute, or allow third parties to access, your Integration.
1.2. You acknowledge that there are no implied licenses granted under these API Terms, and we reserve all rights not expressly granted.
1.3. When using, or attempting to use, the Ironclad APIs, you agree:
1.3.1. To adhere to any applicable guidelines, restrictions, or requirements set out in the Ironclad API Documentation;
1.3.2. Not to share any API keys or authentication tokens for the Ironclad APIs with any other individuals, companies, or entities outside of your own, (each a “third party”), including potential competitors of Ironclad, and to keep these secure at all times;
1.3.3. Not to misrepresent or mask either your identity or your systems’ identity;
1.3.4. Not to remove any proprietary notices or intellectual property from the Ironclad APIs;
1.3.5. That to protect the security, integrity, and operability of the Ironclad APIs, Ironclad may place limits on your use of the Ironclad APIs (like limits on call volumes or requests that can be sent and received by the Ironclad APIs during a defined period of time), which limits will be specified in the Ironclad API Documentation. You accept that:
1.3.5.1. Ironclad, in its sole discretion, will determine what constitutes abuse or excessive usage of the Ironclad APIs;
1.3.5.2. You will not use, or attempt to use, the Ironclad APIs in a manner that exceeds such limitations, including rate limits, or in a manner that constitutes excessive or abusive usage; and
1.3.5.3. Ironclad may monitor the volume of requests sent to the Ironclad APIs for compliance with these API Terms;
1.3.6. Not to use the Ironclad APIs in any manner that poses a security risk to other users of the Ironclad APIs or Ironclad Software, or tests the vulnerability of our systems or networks or those of any third party;
1.3.7 Not to use the Ironclad APIs in any manner that compromises, breaks, or circumvents any of our technical processes or security measures associated with the Ironclad APIs or Ironclad Software;
1.3.8. Not to use the Ironclad APIs for competitive analysis, or to disseminate performance information (including uptime, response time, and benchmarks), relating to the Ironclad APIs or the Ironclad Software;
1.3.9. Not to use the Ironclad APIs in order to replicate, copy, frame, mimic, mirror, or compete with aspects of the Ironclad Software or its functionality, or to develop or utilize an application or integration with the purpose of competing with Ironclad or migrating customers off of the Ironclad Software;
1.3.10 Not to modify, translate, reverse engineer, disassemble, reconstruct, decompile, copy, or create derivative works of the Ironclad APIs, the Ironclad Software, Ironclad customer data, or any aspect or portion thereof, except to the extent that this restriction is expressly prohibited by applicable law;
1.3.11. Not to use the Ironclad APIs in any manner or for any purpose that infringes, misappropriates, or otherwise violates the rights of any third party;
1.3.12 Not to distribute, license, sublicense, lease, rent, loan, or otherwise transfer access rights to the Ironclad API to any third party without Ironclad’s written permission;
1.3.13. Not to use the Ironclad APIs for the bulk collection or scraping of information.
1.4. If you are, or are suspected of being, in violation of these API Terms, we reserve the right to take remedial measures up to and including terminating your access to the Ironclad APIs, at any time and at our discretion.
2. Intellectual Property
2.1. We own all rights, title, and interest in the Ironclad APIs and the Ironclad Software. By using the Ironclad APIs, you do not acquire ownership of any rights in them, or the content that is accessed through them.
2.2. Subject to section 2.1, you own all rights, title, and interest in any Integrations.
2.3. Ironclad will retain all intellectual property rights relating to any suggestions, ideas, enhancement requests, feedback, or other recommendations you provide relating to the Ironclad APIs and Ironclad Software (“Feedback Materials”), which are hereby assigned to Ironclad. Feedback Materials will not include any intellectual property owned by you.
2.4. Your use of any registered or unregistered Ironclad trademarks is subject to any Ironclad trademark or brand guidelines and directions from Ironclad employees, as updated from time to time. Ironclad reserves the right to demand that you immediately cease use and remove any Ironclad trademarks you may be using or displaying for any reason and at any time without liability or other obligation to you.
3. Processing of Personal Data
Any personal data processed related to your use of the Ironclad APIs will be processed in accordance with Ironclad’s Privacy Policy.
4. Export
The Ironclad APIs are subject to US global trade control laws and regulations, including the U.S. Export Administration Regulations and various sanctions programs administered by the U.S. Office of Foreign Assets Control. You will not, directly or indirectly, export, re-export, release, or make the APIs available for use, in contravention with these laws and regulations.
5. Warranty and Indemnification
5.1. EXCEPT AS EXPRESSLY STATED HEREIN, ANYTHING PROVIDED IN CONNECTION WITH THESE API TERMS, INCLUDING, WITHOUT LIMITATION, THE IRONCLAD APIS, IS PROVIDED “AS-IS”, WITHOUT ANY WARRANTIES OF ANY KIND. EACH PARTY DISCLAIMS ANY IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
5.2. If you develop an Integration for commercial use or for use outside of your organization, you will indemnify, defend (at Ironclad’s request) and hold harmless Ironclad and its affiliates and their respective directors, officers, employees, agents, contractors, end users, and licensees from and against any claims, losses, costs, expenses (including reasonable attorneys' fees), damages or liabilities based on or arising from (a) your Integration and any derivatives / combination of your Integration with the Ironclad APIs (b) your relationships or interactions with any end users, or third-party distributors, of your Integration, or (c) your infringement of Ironclad’s or any third party’s intellectual property rights. Ironclad may at its own expense participate in the defense and settlement of any claim with its own counsel, and you may not settle a claim without Ironclad's prior written consent (not to be unreasonably withheld).
6. Limitation of Liability
6.1. THIS SECTION 6 DOES NOT APPLY TO THE EXTENT YOU HAVE ALREADY ENTERED INTO ANOTHER AGREEMENT WITH IRONCLAD THAT CONTAINS LIMITATIONS OF LIABILITY TERMS COVERING YOUR USE OF THE IRONCLAD APIS. FOR THE AVOIDANCE OF DOUBT, THIS SECTION 6 WILL NOT APPLY TO IRONCLAD CUSTOMERS WHO HAVE ENTERED INTO AN ENTERPRISE SERVICES AGREEMENT OR SIMILAR MASTER AGREEMENT FOR ACCESS TO IRONCLAD SOFTWARE, AND THE LIMITATION OF LIABILITY TERMS IN THAT SEPARATE AGREEMENT WILL CONTROL.
6.2. WITH THE EXCEPTION OF YOUR (A) INDEMNIFICATION OBLIGATIONS UNDER SECTION 5.2; AND (B) OBLIGATIONS UNDER SECTION 4 (EXPORT), TO THE MAXIMUM EXTENT PERMITTED BY LAW:
6.2.1. IN NO EVENT SHALL IRONCLAD BE LIABLE FOR LOST PROFITS OR REVENUE OR LOSS OF USE OR DATA, COSTS OF COVER OR SUBSTITUTE GOODS OR SERVICES, OR FOR INCIDENTAL, CONSEQUENTIAL, PUNITIVE, SPECIAL OR EXEMPLARY DAMAGES, OR INDIRECT DAMAGES OF ANY TYPE OR KIND, HOWEVER CAUSED, RELATED TO OR ARISING OUT OF THESE API TERMS OR THE RIGHTS, LICENSES, PRODUCTS OR SERVICES PROVIDED UNDER THESE API TERMS WHETHER BY BREACH OF WARRANTY, BREACH OF CONTRACT, NEGLIGENCE, TORT, OR ANY OTHER LEGAL THEORY, AND WHETHER OR NOT IRONCLAD HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES; AND
6.2.2. THE TOTAL, CUMULATIVE LIABILITY OF IRONCLAD ARISING OUT OF OR RELATED TO THESE API TERMS OR THE RIGHTS, LICENSES, PRODUCTS OR SERVICES PROVIDED UNDER THESE API TERMS, WHETHER BASED ON CONTRACT, TORT (INCLUDING NEGLIGENCE), OR ANY OTHER LEGAL THEORY, SHALL BE LIMITED TO FIVE HUNDRED U.S. DOLLARS ($500.00).
7. Term and Termination
7.1. These API Terms shall remain in effect until terminated.
7.2. You may terminate these API Terms at any time by ceasing all use of the Ironclad APIs and any relevant credentials.
7.3. Unless you have purchased access to Ironclad APIs for a predetermined period, Ironclad reserves the right to terminate these API Terms or your use of the Ironclad APIs with immediate effect for any reason and at any time without liability or other obligation to you.
7.4. Upon termination:
7.4.1. All licenses granted herein immediately expire and you must cease use of the Ironclad APIs;
7.4.2. The terms of these API Terms that by their nature are intended to continue indefinitely will continue to apply.
8. Governing Law; Severability
These API Terms shall be construed and enforced in accordance with the laws of California, U.S.A., and you and Ironclad submit to the jurisdiction of the State and Federal courts in San Francisco, California, without giving effect to any conflicts of laws principles. If any provision in API Terms is held by a court of competent jurisdiction to be unenforceable, such provision shall be modified by the court and interpreted so as to best accomplish the original provision to the fullest extent permitted by law, and the remaining provisions of these API Terms shall remain in effect.
International Compliance
Effective October 16th 2024
DownloadTable of Contents
Data Privacy Framework Notice
Digital Services Act
Export Control & Economic Sanctions
Cybersecurity and Firewall Factors
Effective June 12th 2024 to October 16th 2024
DownloadTable of Contents
Digital Services Act
Export Control & Economic Sanctions
Cybersecurity and Firewall Factors
Effective June 7th 2024 to June 12th 2024
DownloadTable of Contents
Digital Services Act
Export Control & Economic Sanctions
Cybersecurity and Firewall Factors
Effective June 6th 2024 to June 7th 2024
DownloadTable of Contents
Digital Services Act
Export Control & Economic Sanctions
Cybersecurity and Firewall Factors
Effective June 5th 2024 to June 6th 2024
DownloadTable of Contents
Digital Services Act
Virtual Patent Marking
Effective August 21st 2024
DownloadTable of Contents
Virtual Patent Marking
AI Addendum
Effective December 18th 2024
DownloadTable of Contents
AI Addendum
This AI Addendum (“Addendum”) governs Customer’s use of Ironclad’s AI features and Ironclad Jurist. These terms are expressly incorporated into the Enterprise Services Agreement (or other similar customer agreement) with Ironclad (the “Governing Agreement”). Notwithstanding the foregoing, these terms shall govern in the event of a conflict with any of the other terms in your Agreement but only with respect to the AI Products (defined below). For additional information on specific Ironclad’s AI Products, please refer to the Ironclad AI Overview page.
- Definitions.
The terms used herein with initial capitalized letters shall have the meanings provided herein. Capitalized terms used but not defined herein shall have the meanings assigned to them in the Agreement and references in the Agreement to the “Enterprise Services” shall include the AI Products.
- “AI Products” means any products or features, made available to Customer either as part of the Enterprise Services or as a standalone product, that utilize artificial intelligence. AI Products includes, but is not limited to: AI Assist and Jurist.
- “AI Subprocessors” means third party AI providers that Ironclad leverages to provide the AI Products.
- “Input” means prompts, information or data submitted by Customer to Ironclad through the AI Products for processing.
- “Output” means responses generated by the AI Products in response to Customer’s use of the AI Products or Customer’s Input.
2. Use of AI Products. Customer acknowledges that use of the AI Products is optional. Output is generated by artificial intelligence and should be verified for accuracy by Customer prior to use. Ironclad makes no warranties about the accuracy, completeness, or reliability of the Output.
3. Ownership. Customer retains all right, title, and interest in and to Customer Data, Input, and Output. Customer grants to Ironclad a non-exclusive, worldwide, royalty-free license to use the Input and Output generated by the AI Products for the purpose of enhancing and improving the Enterprise Services offered by Ironclad, subject to compliance with applicable data protection laws and regulations.
4. Customer Responsibility. Customer will ensure that Customer’s use of the AI Products does not violate any applicable law. Customer warrants that Customer has all rights, licenses, and permissions necessary to provide the Input to Ironclad.
5. Security Measures. Ironclad shall implement and maintain reasonable and appropriate security measures designed to protect Customer Data against unauthorized access, alteration, disclosure, or destruction. These security measures shall include, but not be limited to, encryption of Customer Data in transit and at rest, access controls, and secure software development practices.
6. Permitted Improvements. Ironclad may use Input and Output to evaluate and improve the performance and accuracy of the AI Products.
7. Sub-processing. Ironclad may engage AI Subprocessors as necessary to provide the AI Products to Customer. AI Subprocessors may process Customer Data. Ironclad agrees to (i) enter into data protection agreements with each AI Subprocessor; (ii) enable zero data retention where available; and (iii) prohibit each AI Subprocessor from training their own AI models on Customer Data. Ironclad’s current list of subprocessors, including AI Subprocessors, is available at ironcladapp.com/subprocessors/.
8. EU Data Transfer. If Customer’s instance of Ironclad is hosted on Ironclad’s EU datacenter, Customer acknowledges that in order to enable the AI Product features, Customer Data used in connection with the AI product features will be transferred from the EU to the United States in accordance with the terms of the Data Processing Addendum or similar data privacy agreement executed between Ironclad and Customer (“DPA”). In accordance with the terms of the DPA, OpenAI will be added as an additional subprocessor for the purposes of enabling the AI product features. For the avoidance of doubt, this section does not apply if Customer’s instance of Ironclad is hosted on the US datacenter.
9. Disclaimer. Notwithstanding the above, Customer acknowledges that: (i) Customer is solely responsible for any liability arising from the use or reliance on AI-generated outputs, and that Ironclad is not a legal advisor to the Customer; the Customer is advised to consult their own legal counsel for any legal, regulatory, or compliance matters; (ii) other customers of Ironclad providing similar Input to the AI Products may receive the same or similar Output; (iii) due to the nature of artificial intelligence and machine learning, information generated by the AI Products may be incorrect or inaccurate; and (iv) Ironclad features that include artificial intelligence or machine learning models are not human and are not a substitute for human oversight. Further, Customer acknowledges and agrees that Customer is responsible for reviewing and validating Output for its needs before electing to use Output in its documents or work product. NOTWITHSTANDING ANYTHING TO THE CONTRARY, IRONCLAD DOES NOT REPRESENT OR WARRANT THAT THE OUTPUT WILL BE ACCURATE, COMPLETE, ERROR-FREE, OR FIT FOR A PARTICULAR PURPOSE. Customer assumes sole responsibility and liability for results obtained from the use of the AI Products, including Outputs and for conclusions drawn from such use.
10. Order of Preference. In the event of a conflict between this Addendum and the Governing Agreement, the order of preference will be this Addendum with respect to the subject matter herein, then the Enterprise Services Agreement.
Effective October 22nd 2024 to December 18th 2024
DownloadTable of Contents
AI Addendum
This AI Addendum (“Addendum”) governs Customer’s use of Ironclad’s AI features and Jurist. These terms are expressly incorporated into the Enterprise Services Agreement (or other similar customer agreement) with Ironclad (the “Governing Agreement”). Notwithstanding the foregoing, these terms shall govern in the event of a conflict with any of the other terms in your Agreement but only with respect to the AI Products (defined below). For additional information on specific Ironclad’s AI Products, please refer to the Ironclad AI Overview page.
1. Definitions.
The terms used herein with initial capitalized letters shall have the meanings provided herein. Capitalized terms used but not defined herein shall have the meanings assigned to them in the Agreement and references in the Agreement to the “Enterprise Services” shall include the AI Products.
- “AI Products” means any products or features, made available to Customer either as part of the Enterprise Services or as a standalone product, that utilize artificial intelligence. AI Products includes, but is not limited to: AI Assist, AI Playbooks, Custom Clauses, and Jurist.
- “AI Subprocessors” means third party AI providers that Ironclad leverages to provide the AI Products.
- “Input” means prompts, information or data submitted by Customer to Ironclad through the AI Products for processing.
- “Output” means responses generated by the AI Products in response to Customer’s use of the AI Products or Customer’s Input.
2. Use of AI Products. Customer acknowledges that use of the AI Products is optional. Output is generated by artificial intelligence and should be verified for accuracy by Customer prior to use. Ironclad makes no warranties about the accuracy, completeness, or reliability of the Output.
3. Ownership. Customer retains all right, title, and interest in and to Customer Data, Input, and Output.
4. Customer Responsibility. Customer will ensure that Customer’s use of the AI Products does not violate any applicable law. Customer warrants that Customer has all rights, licenses, and permissions necessary to provide the Input to Ironclad.
5. Security Measures. Ironclad shall implement and maintain reasonable and appropriate security measures designed to protect Customer Data against unauthorized access, alteration, disclosure, or destruction. These security measures shall include, but not be limited to, encryption of Customer Data in transit and at rest, access controls, and secure software development practices.
6. Permitted Improvements. Ironclad may use Input and Output to evaluate and improve the performance and accuracy of the AI Products.
7. Subprocessing. Ironclad may engage AI Subprocessors as necessary to provide the AI Products to Customer. AI Subprocessors may process Customer Data. Ironclad agrees to (i) enter into data protection agreements with each AI Subprocessor; (ii) enable zero data retention where available; and (iii) prohibit each AI Subprocessor from training their own AI models on Customer Data. Ironclad’s current list of subprocessors, including AI Subprocessors, is available at ironcladapp.com/subprocessors/.
8. Disclaimer. Notwithstanding the above, Customer acknowledges that: (i) other customers of Ironclad providing similar Input to the AI Products may receive the same or similar Output; (ii) due to the nature of artificial intelligence and machine learning, information generated by the AI Products may be incorrect or inaccurate; and (iii) Ironclad features that include artificial intelligence or machine learning models are not human and are not a substitute for human oversight. Further, Customer acknowledges and agrees that Customer is responsible for reviewing and validating Output for its needs before electing to use Output in its documents or work product. NOTWITHSTANDING ANYTHING TO THE CONTRARY, IRONCLAD DOES NOT REPRESENT OR WARRANT THAT THE OUTPUT WILL BE ACCURATE, COMPLETE, ERROR-FREE, OR FIT FOR A PARTICULAR PURPOSE. Customer assumes sole responsibility and liability for results obtained from the use of the AI Products, including Outputs and for conclusions drawn from such use.
9. Order of Preference. In the event of a conflict between this Addendum and the Governing Agreement, the order of preference will be this Addendum with respect to the subject matter herein, then the Enterprise Services Agreement.
Effective October 22nd 2024 to October 22nd 2024
DownloadTable of Contents
AI Addendum
This AI Addendum (“Addendum”) governs Customer’s use of Ironclad’s AI features and Jurist. These terms are expressly incorporated into the Enterprise Services Agreement (or other similar customer agreement) with Ironclad (the “Governing Agreement”). Notwithstanding the foregoing, these terms shall govern in the event of a conflict with any of the other terms in your Agreement but only with respect to the AI Products (defined below). For additional information on specific Ironclad’s AI Products, please refer to the Ironclad AI Overview page.
1. Definitions.
The terms used herein with initial capitalized letters shall have the meanings provided herein. Capitalized terms used but not defined herein shall have the meanings assigned to them in the Agreement and references in the Agreement to the “Enterprise Services” shall include the AI Products.
- “AI Products” means any products or features, made available to Customer either as part of the Enterprise Services or as a standalone product, that utilize artificial intelligence. AI Products includes, but is not limited to: AI Assist, AI Playbooks, Custom Clauses, and Jurist.
- “AI Subprocessors” means third party AI providers that Ironclad leverages to provide the AI Products.
- “Input” means prompts, information or data submitted by Customer to Ironclad through the AI Products for processing.
- “Output” means responses generated by the AI Products in response to Customer’s use of the AI Products or Customer’s Input.
2. Use of AI Products. Customer acknowledges that use of the AI Products is optional. Output is generated by artificial intelligence and should be verified for accuracy by Customer prior to use. Ironclad makes no warranties about the accuracy, completeness, or reliability of the Output.
3. Ownership. Customer retains all right, title, and interest in and to Customer Data, Input, and Output.
4. Customer Responsibility. Customer will ensure that Customer’s use of the AI Products does not violate any applicable law. Customer warrants that Customer has all rights, licenses, and permissions necessary to provide the Input to Ironclad.
5. Security Measures. Ironclad shall implement and maintain reasonable and appropriate security measures designed to protect Customer Data against unauthorized access, alteration, disclosure, or destruction. These security measures shall include, but not be limited to, encryption of Customer Data in transit and at rest, access controls, and secure software development practices.
6. Permitted Improvements. Ironclad may use Input and Output to evaluate and improve the performance and accuracy of the AI Products.
7. Subprocessing. Ironclad may engage AI Subprocessors as necessary to provide the AI Products to Customer. AI Subprocessors may process Customer Data. Ironclad agrees to (i) enter into data protection agreements with each AI Subprocessor; (ii) enable zero data retention where available; and (iii) prohibit each AI Subprocessor from training their own AI models on Customer Data. Ironclad’s current list of subprocessors, including AI Subprocessors, is available at ironcladapp.com/subprocessors/.
8. Disclaimer. Notwithstanding the above, Customer acknowledges that: (i) other customers of Ironclad providing similar Input to the AI Products may receive the same or similar Output; (ii) due to the nature of artificial intelligence and machine learning, information generated by the AI Products may be incorrect or inaccurate; and (iii) Ironclad features that include artificial intelligence or machine learning models are not human and are not a substitute for human oversight. Further, Customer acknowledges and agrees that Customer is responsible for reviewing and validating Output for its needs before electing to use Output in its documents or work product. NOTWITHSTANDING ANYTHING TO THE CONTRARY, IRONCLAD DOES NOT REPRESENT OR WARRANT THAT THE OUTPUT WILL BE ACCURATE, COMPLETE, ERROR-FREE, OR FIT FOR A PARTICULAR PURPOSE. Customer assumes sole responsibility and liability for results obtained from the use of the AI Products, including Outputs and for conclusions drawn from such use.
9. Order of Preference. In the event of a conflict between this Addendum and the Governing Agreement, the order of preference will be this Addendum with respect to the subject matter herein, then the Enterprise Services Agreement.
Effective October 22nd 2024 to October 22nd 2024
DownloadTable of Contents
AI Addendum
This AI Addendum (“Addendum”) governs Customer’s use of Ironclad’s AI features and Ironclad AI Assistant. These terms are expressly incorporated into the Enterprise Services Agreement (or other similar customer agreement) with Ironclad (the “Governing Agreement”). Notwithstanding the foregoing, these terms shall govern in the event of a conflict with any of the other terms in your Agreement but only with respect to the AI Products (defined below). For additional information on specific Ironclad’s AI Products, please refer to the Ironclad AI Overview page.
1. Definitions.
The terms used herein with initial capitalized letters shall have the meanings provided herein. Capitalized terms used but not defined herein shall have the meanings assigned to them in the Agreement and references in the Agreement to the “Enterprise Services” shall include the AI Products.
- “AI Products” means any products or features, made available to Customer either as part of the Enterprise Services or as a standalone product, that utilize artificial intelligence. AI Products includes, but is not limited to: AI Assist, AI Playbooks, Custom Clauses, and AI Assistant.
- “AI Subprocessors” means third party AI providers that Ironclad leverages to provide the AI Products.
- “Input” means prompts, information or data submitted by Customer to Ironclad through the AI Products for processing.
- “Output” means responses generated by the AI Products in response to Customer’s use of the AI Products or Customer’s Input.
2. Use of AI Products. Customer acknowledges that use of the AI Products is optional. Output is generated by artificial intelligence and should be verified for accuracy by Customer prior to use. Ironclad makes no warranties about the accuracy, completeness, or reliability of the Output.
3. Ownership. Customer retains all right, title, and interest in and to Customer Data, Input, and Output.
4. Customer Responsibility. Customer will ensure that Customer’s use of the AI Products does not violate any applicable law. Customer warrants that Customer has all rights, licenses, and permissions necessary to provide the Input to Ironclad.
5. Security Measures. Ironclad shall implement and maintain reasonable and appropriate security measures designed to protect Customer Data against unauthorized access, alteration, disclosure, or destruction. These security measures shall include, but not be limited to, encryption of Customer Data in transit and at rest, access controls, and secure software development practices.
6. Permitted Improvements. Ironclad may use Input and Output to evaluate and improve the performance and accuracy of the AI Products.
7. Subprocessing. Ironclad may engage AI Subprocessors as necessary to provide the AI Products to Customer. AI Subprocessors may process Customer Data. Ironclad agrees to (i) enter into data protection agreements with each AI Subprocessor; (ii) enable zero data retention where available; and (iii) prohibit each AI Subprocessor from training their own AI models on Customer Data. Ironclad’s current list of subprocessors, including AI Subprocessors, is available at ironcladapp.com/subprocessors/.
8. Disclaimer. Notwithstanding the above, Customer acknowledges that: (i) other customers of Ironclad providing similar Input to the AI Products may receive the same or similar Output; (ii) due to the nature of artificial intelligence and machine learning, information generated by the AI Products may be incorrect or inaccurate; and (iii) Ironclad features that include artificial intelligence or machine learning models are not human and are not a substitute for human oversight. Further, Customer acknowledges and agrees that Customer is responsible for reviewing and validating Output for its needs before electing to use Output in its documents or work product. NOTWITHSTANDING ANYTHING TO THE CONTRARY, IRONCLAD DOES NOT REPRESENT OR WARRANT THAT THE OUTPUT WILL BE ACCURATE, COMPLETE, ERROR-FREE, OR FIT FOR A PARTICULAR PURPOSE. Customer assumes sole responsibility and liability for results obtained from the use of the AI Products, including Outputs and for conclusions drawn from such use.
9. Order of Preference. In the event of a conflict between this Addendum and the Governing Agreement, the order of preference will be this Addendum with respect to the subject matter herein, then the Enterprise Services Agreement.