Subscription Services Agreement
This Subscription Services Agreement, including all Order Forms, addenda, exhibits and schedules hereto (collectively, this “Agreement”), is between Function Flo Corporation, with offices located at 1807 Crooked Lane, Austin, Texas 78741] (“Function Flo”) and (“Customer”), is effective as of October 31, 2022 (“Effective Date”).
Function Flo and Customer are each referred to individually as a “party,” and collectively as the “parties.”
This Agreement governs Function Flo’s provision of the Services and Customers access to and use of the Services. This Agreement contains general terms and conditions applicable to all such Services. Order Forms contain additional terms specific to the Services provided thereunder. The parties agree as follows:
“Data” means the raw data Customer and/or its Clients uploads or submits to Function Flo and the resulting data from the processing of such raw data using the Services.
“Feedback” means all suggestions, comments, opinions, code, input, ideas, reports, information, know-how or other feedback provided by Customer (whether in oral, electronic or written form) to Function Flo related to the Services.
“Internal Purposes” means internal business use within Customer’s systems, networks, and devices (“Customer Environment”), to manage Customer’s food and/or beverage services business, as well as testing and evaluation of the Services in order to provide Feedback to Function Flo. Such purposes also include use of Services as part of services Customer provides to its third party customers and/or suppliers (“Clients”) to sell or purchase food and/or beverages to or from such Clients, so long as the product is not incorporated into a Customer, Client or other third-party product or software.
“Malicious Code” means without limitation code, files, scripts, agents or programs intended to do harm, including without limitation viruses, worms, time bombs and trojan horses.
“Order Form” means each mutually agreed upon order on Function Flo’s Order Form template that specifies the Services, including the type or quantity of items, including the number of seats or users (if applicable), the fees for such items and any additional terms applicable to the use of such items.
“Payment Method” means Customer’s or its Client’s credit or debit card or other permitted payment method that is charged on behalf of Customer for which Customer or Client is making a purchase through the Services, including without limitation Point of Sale, the mobile applications, or Digital Ordering.
“Payment Transaction” means facilitation of payment to Customer by Clients for those purchases with an eligible Payment Method.
“Professional Services” means any integration, training, Support or other professional services to be provided by Function Flo as specified in the Order Form or any SOW.
“Project Intellectual Property” means either the Intellectual Property Rights created or developed by Function Flo in connection with any SOW and/or Professional Services.
“SaaS Platform” means everything at https://www.functionflo.com, and related services located in such domain and subdomains, including software, code, algorithms, hosted services, and web interfaces.
“Services” means any and all of the services, software and other offerings, including without limitation digital ordering features that Function Flo offers to Customers, including a Customer’s online ordering page and order & pay at the table features (collectively “Digital Ordering”); and Payment Transactions facilitated on the Function Flo point of sale or via Function Flo’s scan to pay feature (“Point of Sale”), provided by to Function Flo pursuant to this Agreement, including the SaaS Platform, Project Intellectual Property, the offerings provided through https://www.functionflo.com, any mobile applications, APIs, provided by Function Flo, and all such services and software labeled as alpha, beta, pre-release, trial, preview or otherwise. Services may include any enhancements, updates, upgrades, derivatives or bug fixes to such services, software, and offerings, and any documentation, add-ons, templates, sample data sets, and hardware devices as provided by to Function Flo.
“SOW” means a statement of work executed in writing by the parties under this Agreement.
“Support” means the maintenance and support services for the Services to be provided by Function Flo to Customer as specified in Schedule 1 hereto.
2. LICENSE GRANT.
Customer’s use of the Services is subject to and governed by the terms and conditions in this Agreement, including those in the applicable Order Form. In the event of a conflict between the terms in an Order Form and this Agreement, the terms in the Order Form shall control with respect the Services provided under such Order Form. Subject to and conditioned on Customer’s compliance with the terms and conditions of this Agreement and those in the applicable Order Form, Function Flo grants Customer a non-exclusive, non-sublicensable, non-transferable, revocable, limited license during the Term to use the Services only for the Internal Purposes.
3. LICENSE RESTRICTIONS.
4. PROFESSIONAL SERVICES.
Function Flo shall provide Customer with the Professional Services set forth in the Order Form or in an SOW. Each SOW will be governed by the terms and conditions of this Agreement and will specify, among other terms the parties deem relevant: (i) a description of the Professional Services that Function Flo will provide; (ii) the schedule for performance; and (iii) the fees that Customer will pay and the schedule for payment. An exemplary format for each SOW is set forth as Exhibit A to this Agreement. In the event of any conflict between the terms and conditions of this Agreement and any SOW, the terms and conditions of this Agreement shall take precedence except as expressly and unambiguously stated otherwise in the applicable SOW.
6. TERM AND TERMINATION.
Upon Function Flo’s request, Customer will certify in writing that Customer has returned or destroyed all copies of Function Flo’s Confidential Information. Sections 1, 3, 5- 13 , and 15 – 17 , will survive termination of this Agreement. Neither party shall be under any obligation to enter into an agreement after termination or expiration of this Agreement.
The Services are licensed, not sold, and Function Flo, its suppliers or its licensors, retains and reserves all rights not expressly granted in this Agreement. Function Flo, its suppliers or its licensors own all worldwide right, title and interest in and to the Services, including all worldwide patent rights (including patent applications and disclosures); copyright rights (including copyrights, copyright registration and copy rights with respect to computer software, software design, software code, software architecture, firmware, programming tools, graphic user interfaces, reports, dashboard, business rules, use cases, screens, alerts, notifications, drawings, specifications and databases); moral rights; trade secrets and other rights with respect to confidential or proprietary information; know-how; other rights with respect to inventions, discoveries, ideas, improvements, techniques, formulae, algorithms, processes, schematics, testing procedures, technical information and other technology; and any other intellectual and industrial property rights, whether or not subject to registration or protection; and all rights under any license or other arrangement with respect to the foregoing (collectively, “Intellectual Property Rights”). Except as expressly stated in this Agreement, Function Flo does not grant Customer any Intellectual Property Rights in the Services. If Function Flo provides any third party and open source software (“OSS”), it will be aggregated and provided as object code in a separate library, but shall not be considered part of the Services. Use of such open source software is subject to the applicable open source license provided with the OSS. Customer agrees to comply with all open source software licenses. Customer will not distribute the Services or combine it with any other software which would result in an obligation to license the aggregate software in any manner. The OSS attributions and location where the open source version of the OSS is available for download is found at https:www.functionflo.com/thirdparty. Function Flo will provide support for OSS in the binary version provided by Function Flo with the Services as part of support and maintenance. The Services is copyrighted and protected by the laws of the United States and other countries, and international treaty provisions.
(both currently contracted and in the future), or require other assurances to secure Customer’s payment obligations hereunder.
Customer agrees to provide Function Flo with Feedback. Function Flo, in its sole discretion, may or may not respond to Customer’s Feedback or promise to address all of Customer’s Feedback in the development of future features or functionalities of the Services or any related or subsequent versions of such Services. Customer assigns, at no charge, all rights, title and interests in Feedback to Function Flo, and agrees that Function Flo is free to use, reproduce, modify, adapt, create derivative works from, publicly perform, publicly display, distribute, make, have made, assign, pledge, transfer or otherwise grant rights in the Feedback in any form and any medium (whether now known or later developed), without credit or compensation to Customer. Customer warrants that the Feedback does not infringe any copyright or trade secret of any third party, and that Customer has no knowledge of any patent of any third party that may be infringed by the Feedback (including any implementation thereof recommended by Customer). Customer further warrants that its Feedback is not subject to any license terms that would purport to require Function Flo to comply with any additional obligations with respect to any Services that incorporates Customer’s Feedback.
AND ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, TITLE, QUIET ENJOYMENT AND WARRANTIES ARISING OUT OF COURSE OF DEALING, USAGE OR TRADE PRACTICE, OR BY STATUTE OR IN LAW. FUNCTION FLO
SPECIFICALLY DOES NOT WARRANT THAT THE SERVICES OR PROFESSIONAL SERVICES WILL MEET CUSTOMER’S REQUIREMENTS, THE OPERATION OR OUTPUT OF THE SERVICES OR PROFESSIONAL SERVICES WILL BE ERROR-FREE, VIRUS-FREE, SECURE, ACCURATE, RELIABLE, COMPLETE OR UNINTERRUPTED. EXCEPT AS OTHERWISE PROVIDED IN THIS AGREEMENT, CUSTOMER PROVIDES THE DATA ON AN “AS IS” BASIS AND PROVIDES NO GUARANTEE OF THE ACCURACY OF THE DATA PROVIDED TO FUNCTION FLO. Function Flo is not obligated to support, update or upgrade the Services.
13 . LIMITATION OF LIABILITY.
14 . COMPLIANCE WITH LAWS.
Customer will comply fully with all applicable laws, including all applicable laws relating to bribery or corruption, and export laws and regulations of the United States and any other country (“Export Laws”) where Customer uses any of the Services. Customer represents and warrants that it is not (a) located in, or a resident or a national of, a restricted country; or (b) on any of the relevant U.S. Government Lists of prohibited persons, including but not limited to the Treasury Department’s List of Specially Designated Nationals and the Commerce Department’s List of Denied Persons or Entity List. Customer further represents and warrants that it shall not export, re-export, ship, or transfer the Services to any restricted countries or restricted end users or use the Services in any restricted countries or for any purposes prohibited by the Export Laws, including, but not limited to, nuclear, chemical, missile or biological weapons related end uses. Customer understands that the requirements and restrictions of the Export Laws may vary depending on the specific Services and may change over time, and that, to determine the precise controls applicable to the Services, it is necessary to refer to the U.S. Export Administration Regulations and the U.S. Department of Treasury, Office of Foreign Assets Control Regulations.
Customer further agrees to comply with all federal, state, provincial, local and foreign laws, rules and regulations applicable to Customer’s business in relation to Customer’s use of the Services, including any applicable privacy and consumer protection laws, tax laws and regulations, the Americans with Disabilities Act of 1990, the then-current version of the Payment Card Industry Data Security Standards as made available at https://www.pcisecuritystandards.org and the by-laws, and any and all other rules, policies and procedures of VISA, MasterCard, Discover and/or other card networks as in effect from time to time.
15. CHOICE OF LAW.
This Agreement shall be governed by and construed in accordance with the laws of the State of Texas, as if performed wholly within the state and without giving effect to the principles of conflict of law rules of any jurisdiction. The parties agree that neither the Uniform Computer Information Transaction Act (UCITA) nor the United Nations Convention on Contracts for the International Sale of Goods shall apply to this Agreement, regardless of the states in which the parties do business or are incorporated.
Function Flo may include the name, logo of and success stories of Customer in Function Flo’s website, press releases, promotional and sales literature, and lists of customers, in each case in accordance with Customer’s standard trademark usage guidelines. All notices required or permitted under this Agreement hereto will be in writing and delivered in person, by email to the address designated in the applicable Order Form, by confirmed facsimile transmission, by overnight delivery service, or by registered or certified mail, postage prepaid with return receipt requested, and in each instance will be deemed given upon receipt. Customer may not assign, delegate or transfer this Agreement, in whole or in part, by agreement, operation of law or otherwise. Any attempt to assign this Agreement other than as permitted herein shall be null and void. Customer acknowledges that Function Flo may assign, subcontract or delegate any of its rights or obligations under this Agreement. Subject to the foregoing, this Agreement will bind and inure to the benefit of the parties’ permitted successors and assigns. This Agreement along with any additional terms incorporated herein by reference constitute the complete and exclusive understanding and agreement between the parties relating only to the subject matter of the Services, including Confidential Information, and shall supersede any and all prior or contemporaneous agreements, communications and understandings, written or oral, relating to such subject matter. This Agreement is limited to the use of Services, Data and Confidential Information and as such, this Agreement is separate from and shall have no effect on any other agreement Customer may have with Function Flo. Any waiver, modification or amendment of any provision of this Agreement will be effective only if in writing and signed by duly authorized representatives of both parties. All rights and remedies, whether conferred hereunder or by any other instrument or law, will be cumulative and may be exercised singularly or concurrently. The failure by either party to enforce any provisions of this Agreement will not constitute a waiver of any other right hereunder or of any subsequent enforcement of that or any other provisions. The terms and conditions stated herein are declared to be severable. If a court of competent jurisdiction holds any provision of this Agreement invalid or unenforceable, the remaining provisions of the Agreement will remain in full force and effect, and the provision affected will be construed so as to be enforceable to the maximum extent permissible by law. For the purposes of this Agreement, the words “such as,” “include,” “includes” and “including” shall be deemed to be followed by the words “without limitation.” Any prevention of or delay in performance by Function Flo hereunder due to labor disputes, acts of god, failure of the Internet, governmental restrictions, enemy or hostile governmental action, fire or other casualty or other causes beyond its reasonable control shall excuse the performance of its obligations for a period equal to the duration of any such prevention or delay.
Severity Level 1
Critical error that renders all essential functions of the Services unusable in any material manner.
Severity Level 2
Significant error that renders an essential function of the Services unusable or negatively impacts the usability or performance of a major function of the Services in a material manner. User-implemented workaround is not available to avoid the error.
Severity Level 3
Minor error that renders a non-essential function of the Services unusable or negatively impacts the usability or performance of a non-essential function but does not significantly affect the overall usability or performance of the Services.
Severity Level 4
Information request or request for clarification on use of a function.
Severity Level 1
Six (6) hours.
Function Flo shall promptly initiate the following procedures: (i) assign resources to diagnose and correct the error on an expedited basis using commercially reasonable efforts; (ii) provide ongoing communication on the status of remedial measures; and (iii) advise of a temporary workaround or fix, if available.
Severity Level 2
Twelve (12) hours.
Function Flo shall promptly initiate the following procedures: (i) assign resources to diagnose and correct the error using commercially reasonable efforts; (ii) provide ongoing communication on the status of remedial measures; and (iii) advise of a temporary workaround or fix, if available.
Severity Level 3
One (1) business day.
Function Flo shall advise of a temporary workaround or fix, if available, or Function Flo may implement a fix in the next general release of the Services.
Severity Level 4
Three (3) business days.
Function Flo shall provide the information or clarification requested.
Assurance. Function Flo shall use commercially reasonable efforts to ensure that the Services maintains a monthly Uptime Percentage of at least 99.9%.
Data Processing Agreement
Insofar as the Function Flo Corporation (“Data Processor”) will be processing personal data on behalf of Customer (“Data Controller”) pursuant to the Subscription Services Agreement or other written or electronic agreement (the “Agreement”) between Data Processor and Data Controller for the purchase of online services from Data Processor, the terms of this Data Processing Agreement (“DPA”) shall apply. Any capitalized terms not otherwise defined in this DPA shall have the meaning given to them in the Agreement. In the event of a conflict between any provisions of the Agreement and this DPA, the provisions of this DPA shall govern and control with regard to the processing of personal data. References to “Data Protection Laws” shall mean any law applicable to Data Processor’s processing or use of personal data, including (to the extent applicable), (a) (i) prior to 25 May 2018, Directive 95/46/EC of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data (“Directive”) and on and after 25 May 2018, Regulation 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation) (“GDPR”); and (ii) Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector and applicable national implementations of it (as may be amended, superseded or replaced), and (b) The California Consumer Privacy Act of 2018, AB375, Title 1.81.5, § 1798.100 et seq., including any implementing law, as amended (“CCPA”).
The Data Processor shall treat all personal data as Confidential Information under the Agreement, and it shall inform all its employees, agents and approved sub-processors engaged in processing the personal data of the confidential nature of the personal data. The Data Processor shall ensure that all such persons or parties have signed confidentiality agreements with obligations no less restrictive in the use and protection of Confidential Information than those in the Agreement.
conducting appropriate background checks, requiring employees, vendors and others with access to personal data to enter into written confidentiality agreements, and conducting training to make employees and others with access to the personal data aware of information security risks presented by the processing.
Data Processor may transfer personal data across the border to a country outside of the United States, as necessary to provide the Services. Upon request by the Data Controller, Data Processor will provide details of its transfers of the European Economic Area (the “EEA”) personal data outside of the United States.
Solely to the extent Data Controller transfers any personal data from (a) the EEA, or (b) a jurisdiction where a European Commission positive adequacy decision under Article 25(6) of Directive 95/46/EC is in force and covers such transfer, then the parties agree that such personal data is subject to the model contractual clauses attached hereto as Appendix 1 and annexed to Commission Decision 2004/915/EC (the “Clauses”), which are hereby incorporated into the Agreement. In such cases, Data Controller is the ‘data exporter’ and Data Processor is the ‘data importer’ as defined in the Clauses.
The Data Processor will notify the Data Controller without undue delay upon discovery of any suspected or actual security or confidentiality breach or other compromise of personal data, describing the breach in reasonable detail, the status of any investigation or mitigation taken by the Data Processor, and if applicable, the potential number of data subjects affected. Data Processor will not communicate with any third party regarding any security breach except as specified by other party or by applicable law.
The Data Processor may subcontract any of its Services-related activities or allow any personal data to be processed by a third party, provided that such subprocessors are bound by data protection obligations compatible with those of the Data Processor under this DPA.
The Data Processor shall assist the Data Controller by appropriate technical and organizational measures, insofar as it is possible, for the fulfillment of the Data Controller’s obligation to respond to requests for exercising the data subject’s rights under the Data Protection Laws.
Appendix 1 – Model Clauses
Data Controller and Data Processor have agreed on the following Contractual Clauses (the Clauses) in order to adduce adequate safeguards with respect to the protection of privacy and fundamental rights and freedoms of individuals for the transfer by the data exporter to the data importer of the personal data specified in Appendix 1/A.
‘the data exporter’ means the controller who transfers the personal data;
‘the data importer’ means the processor who agrees to receive from the data exporter personal data intended for processing on his behalf after the transfer in accordance with his instructions and the terms of the Clauses and who is not subject to a third country’s system ensuring adequate protection within the meaning of Article 25(1) of Directive 95/46/EC;
‘the sub-processor’ means any processor engaged by the data importer or by any other sub-processor of the data importer who agrees to receive from the data importer or from any other sub-processor of the data importer personal data exclusively intended for processing activities to be carried out on behalf of the data exporter after the transfer in accordance with his instructions, the terms of the Clauses and the terms of the written subcontract;
‘the applicable data protection law’ means the legislation protecting the fundamental rights and freedoms of individuals and, in particular, their right to privacy with respect to the processing of personal data applicable to a data controller in the Member State in which the data exporter is established;
‘technical and organizational security measures’ means those measures aimed at protecting personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access, in particular where the processing involves the trans-mission of data over a network, and against all other unlawful forms of processing.
Details of the transfer
The details of the transfer and in particular the special categories of personal data where applicable are specified in Appendix 1/A which forms an integral part of the Clauses.
Third-party beneficiary clause
Obligations of the data exporter The data exporter agrees and warrants:
Obligations of the data importer
The data importer agrees and warrants:
notify the change to the data exporter as soon as it is aware, in which case the data
exporter is entitled to suspend the transfer of data and/or terminate the contract;
Appendix 1/B before processing the personal data transferred;
The data importer may not rely on a breach by a sub-processor of its obligations in order to avoid its own liabilities.
exporter or the data importer, unless any successor entity has assumed the entire legal obligations of the data exporter or data importer by contract or by operation of law, in which case the data subject can enforce its rights against such entity. The liability of the sub-processor shall be limited to its own processing operations under the Clauses.
Mediation and jurisdiction
Cooperation with supervisory authorities
The Clauses shall be governed by the law of the Member State in which the data exporter is established.
Variation of the contract
The parties undertake not to vary or modify the Clauses. This does not preclude the parties from adding clauses on business related issues where required as long as they do not contradict the Clause.
shall be governed by the law of the Member State in which the data exporter is established.
Obligation after the termination of personal data-processing services
This Appendix forms part of the Clauses and must be completed and signed by the parties.
The Member States may complete or specify, according to their national procedures, any additional necessary information to be contained in this Appendix.
The data exporter is: the non-Function Flo Corporation entity that is a party to the Clauses.
The data importer is: Function Flo Corporation 1807 Crooked Lane, Austin, Texas 78741.
The personal data transferred concern the following categories of data subjects: data subjects include individuals about whom data that originated in the EEA is provided to Function Flo Corporation via its services by (or at the direction of) the data exporter.
Categories of data
The personal data transferred concern the following categories of data (please specify):
Special categories of data (if appropriate)
The personal data transferred concern the following special categories of data (please specify): None Processing operations
The personal data transferred will be subject to the following basic processing activities (please specify): Function Flo Corporation will process the personal data for the purposes of providing its services to the data exporter in accordance with and as described in the Agreement, the DPA, and these Clauses.
This Appendix forms part of the Clauses and must be completed and signed by the parties.
Description of the technical and organizational security measures implemented by the data importer in accordance with Clauses 4(d) and 5(c) (or document/legislation attached):
Function Flo Corporation is committed to implementing appropriate technical and organizational security measures to meet its obligations to the data exporter. Function Flo Corporation has internally documented policies and controls.
These policies refer to all data collected from employees, candidates, users, customers, vendors, or other parties that provide information to Function Flo Corporation.
Function Flo Corporation employees must follow these policies. Contractors, consultants, partners and any other external entities are also covered. Generally, our policy refers to anyone we collaborate with or who acts on our behalf and may need access to Function Flo Corporation data.
To help comply with these policies and controls, Function Flo Corporation will:
Perform periodic reviews of all our security policies and controls
Perform annualized security training for all Function Flo Corporation employees