Terms of Service

Introduction

These Terms of Service together with all applicable Supplemental Terms (together, the Terms) govern your
access and use of our Services and form a legally binding contract between you and us.

The Agreement between you and us is made up of all Order Form(s) entered into between you and us, the
Terms and any amendments made to those documents from time to time in accordance with the Agreement.
In the event of any conflict, the following order of priority applies: the Order Form(s) (with those entered into
later in time taking precedence over those entered into earlier in time); the Supplemental Terms; then the
Terms of Service.
‍

‘Aether’, ‘we’, ‘our’ and ‘us’ refers to:

1. if you are domiciled in Australia, Aether Group Australia Pty Ltd; and
2. ‍if you are domiciled in New Zealand or elsewhere in the world, Aether Group Limited,

and in each case, the relevant entity’s permitted successors or assigns.

‘Client’, ‘you’ or ‘your’ refers to you, the Client entity, set out in the Order Form.

‍1. Services

1. ‍Services: We will provide you with the Services in accordance with and subject to the Agreement. As part of the Services, we grant you and your Authorized Users a non- transferable, non-sublicensable right to access and use the Application and the Application Data made available to you as part of the Services during the Term for the Permitted Use and in accordance with the Agreement.

2. Term and Termination

‍

2.1. Term:

1. The Agreement starts when the first Order Form is entered into by both parties and, unless terminated earlier in accordance with the Agreement, will continue until all Order Forms executed under the Agreement have either expired in accordance with their terms or been terminated in accordance with the Agreement (Term).
2. ‍Each Order Form starts on the applicable Start Date of that Order Form and, unless terminated earlier in accordance with the Agreement, will continue until the applicable End Date.
3. ‍Unless set out otherwise in the Order Form, at the End Date of an Order Form that Order Form will renew automatically for successive renewal periods of 12 months each / the length set out in the Order Form (each a Renewal Period). Either party may terminate an Order Form by giving the other party not less than 30 days’ written notice to terminate in advance of the End Date or the then- current Renewal Period of that Order Form (the Renewal Notice Period), in which case the Order Form ends on the End Date or the then-current Renewal Period (as applicable).
   ‍

2.2. Termination for cause:

Either party may terminate the Agreement (which, for the avoidance of doubt, terminates all Order Forms entered into by the parties) immediately by notice in writing to the other party if the other party: (a) commits any material breach of the Agreement which is not capable of remedy; (b) commits any material breach of the Agreement which is capable of remedy (which includes your failure to make any payment due under the Agreement) and fails to remedy such breach within thirty (30) days of receipt of written notice requiring it to do so; (c) commits repeated breaches of the Agreement that, while individually do not constitute a material breach, collectively amount to a material breach when taken together; or (d) becomes insolvent, liquidated or bankrupt, has an administrator, receiver, liquidator, statutory manager, mortgagee’s or chargees' agent appointed, becomes subject to any form of insolvency action or external administration, or ceases to continue business for any reason.
‍

2.3. Refund or payment upon termination:
‍

If the Agreement is terminated by you under clause 2.2 (Termination for Cause) or by us under clause 9.3 (Indemnification remedy), we will refund you the pro-rata amount of any Fees prepaid by you for the period following termination (if any). You will also be released from any obligation to pay Fees due for the period after termination.

If the Agreement is terminated by us under clause 2.2 (Termination for Cause), you will not be entitled to a refund of any prepaid Fees and must pay any unpaid Fees for the remainder of the Term, to the extent permitted by Applicable Law.

Termination will not relieve you of your obligation to pay any Fees payable to us for the period up to termination.
‍

2.4. Effect of termination or expiry:

‍On termination or expiry of the Agreement: (a) Your right to access and use the Services ends, and you shall destroy all access codes or passwords related to the Service in your possession or control. (b) Each party will delete, destroy, or return the other party’s Confidential Information in its possession or control, unless Applicable Law requires retention or a party retains one archival copy solely for internal record-keeping, tax, legal, or regulatory compliance purposes. Any retained Confidential Information must be securely stored and remain subject to the confidentiality restrictions in clause 6 (Confidential Information). (c) The rights and liabilities of the parties accrued at any time up to the termination date are not affected. (d) All clauses and sections of the Agreement which by their nature should survive termination will survive, including, without limitation, accrued rights to payment, confidentiality obligations, warranty disclaimers, and limitations of liability.

‍3. Restrictions and Responsibilities

‍

3.1. Restrictions:
‍

You will not, and you will ensure that your Authorized Users do not (nor attempt to), directly or indirectly:

1. ‍access or use the Services, or make the Services, available to any third party, other than for the Permitted Use (and provided that all such use otherwise remains subject to compliance with this clause 3.1 (Restrictions));
2. sell, resell or otherwise commercialise (including by way of repackaging as part of any product or service) the Services (without limiting your rights in respect of your Clint Data or Client Generated Data);
3. reverse engineer, de-aggregate, decompile, disassemble, translate or otherwise attempt to discover the source code, object code or underlying structure, ideas, know-how or algorithms forming part of, incorporated into or relevant to the Services;
4. data mine, scrape, crawl, aggregate, copy, extract or attempt to harvest (whether by any automated process, ‘brute force attack’ or otherwise) the Services for any purpose;
5. use the Services in a way that may damage, disable, overburden, or impair the Services or the networks connected to the Services;
6. access or use the Services in any way to build a product or service that competes in any way with our business;
7. remove, alter or deface any copyright notices, disclaimers or other proprietary notice appearing on or in the Services;
8. attempt to undermine the security of any part of the Services or use them in a manner which may impair their functionality, including by distributing through the Services any attachments, documents or files that contain viruses, trojan horses, worms, time bombs, or similar harmful programming routines;
9. provide Services passwords or other user credentials or log-in information to any third party (other than an Authorized User), unless expressly permitted under the Order Form; or
10. access or use the access or use the Services in any way that constitutes a misuse, misappropriation or infringement of any person’s Confidential Information or rights (including Intellectual Property and privacy) or breaches Applicable Law.
    ‍

3.2. Unauthorised access:
‍

You must take reasonable steps to prevent unauthorised access to the Services, including, without limitation, protecting user credentials and log-in information. You must notify us immediately of any known or suspected unauthorised use of the Services or any security breach, and use your best efforts to stop such unauthorised use or breach and mitigate its impact.
‍

3.3. Authorized Users and responsibility for account:
‍

‍You are responsible and liable for any use of the Services through your account or the accounts of your Authorized Users. This includes, without limitation, the acts, omissions, misconduct, or breaches of the Agreement by your Authorized Users. You must ensure that all Authorized Users comply with the Agreement, and you will be directly liable to us for any failure to do so. Any breach of the Agreement by an Authorized User will be deemed a breach by you.

3.4. Monitoring:
‍

Although we are not obligated to monitor your use of the Services, we may do so and may suspend your access or use of the Services if we become aware of, or reasonably suspect, a breach of the Agreement.

4. Fees and Payment

‍

4.1. Fees:
‍

‍You will pay us the Fees as set out in each Order Form. Payment obligations are non-cancellable, and, except as provided in the Agreement, all Fees are non-refundable. Fees are exclusive of Taxes.

Unless otherwise stated in an Order Form, payment of Fees is due within 30 days of the applicable invoice date. All amounts due must be paid in full without any set-off, counterclaim, deduction, or withholding, except for any deduction or withholding of Taxes required by law. If such a deduction or withholding is required, you must pay us an additional amount so that we receive the same total amount as we would have if no deduction or withholding had been required.

4.2. Late payments:
‍

If Fees are not paid when due, we may, no less than 14 days after providing you with written notice of the late payment, suspend your access to and use of the Services until the overdue amount is received in full. This is without prejudice to any other rights or remedies available to us.

4.3. Changing Fees:

‍

Where applicable, we may change the Fees for the next Renewal Period of an Order Form, effective from the start of that Renewal Period. At least 45 days before the end of the Initial Period or the then-current Renewal Period (as applicable), we will notify you by email of any changes to the Fees for the next Renewal Period.

5. Privacy and Security
‍

5.1. Personal information:
‍

To the extent either party collects, uses, accesses, or processes any Personal Information in connection with the Agreement, each party warrants and agrees that it will comply with applicable Privacy Laws.

In addition to applicable Privacy Laws, our Privacy Policy sets out how we process any Personal Information disclosed by you, or on your behalf, to us in connection with the Agreement. The Privacy Policy applies only to the Services and does not apply to any third-party website or service linked to the Services or recommended or referred to through the Services or by our personnel.

To the extent that we collect, use, access, or process any Personal Information in connection with the Agreement, we will take measures to protect all Personal Information from unauthorised access, modification, use, or disclosure caused by our act or omission (a “Data Security Breach”), and will promptly notify you if we become aware of an actual or potential Data Security Breach.

5.2. Security:

We will use commercially reasonable efforts to maintain the security and integrity of the Services and to implement appropriate administrative, physical, and technical safeguards designed to protect the security, confidentiality, and integrity of Confidential Information and any Client Data.

6. Confidential Information

‍

6.1 Confidentiality:

‍

Each party (the Receiving Party) agrees and acknowledges that the other party (the Disclosing Party) has disclosed, or may disclose, Confidential Information under or in connection with the Agreement. Where the Receiving Party receives Confidential Information from the Disclosing Party under or in connection with the Agreement, the Receiving Party will: (a) keep the Confidential Information strictly confidential; (b) use, modify, reproduce or exploit the Confidential Information solely as is necessary to exercise its rights or perform its obligations under this Agreement; and (c) subject to clause 6.3 (Exclusions), not disclose Confidential Information to any person other than its representatives whose access is necessary to enable it to exercise its rights or perform its obligations under the Agreement and who are under obligations of confidentiality substantially similar to those in this clause 6 (Confidential Information) or otherwise as is permitted under the Agreement. Other than as expressly stated, the Agreement does not transfer ownership of Confidential Information or grant a licence thereto. The Disclosing Party retains all right, title, and interest in and to all relevant Confidential Information.

‍

6.2 Permitted disclosures:

‍

Notwithstanding clause 6 (Confidentiality), the Receiving Party may disclose Confidential Information: (a) to its professional advisors, to obtain legal or other professional advice in relation to matters arising under or in connection with the Agreement; and (b) to the extent required to comply with Applicable Law, binding directive of a regulator or a court order, in which case the Recipient must use reasonable endeavours to give the Disclosing Party prior notice of such disclosure (to the extent permitted by Applicable Law) and disclose only that portion of the Confidential Information necessary to satisfy the relevant requirement.

‍

6.3 Exclusions:

‍

The Disclosing Party agrees that clause 6 (Confidentiality) will not apply in relation to any information that: (a) is or becomes generally available to the public through no act or fault of the Receiving Party; (b) was in the possession of the Receiving Party or known by the Receiving Party prior to receipt from the Disclosing Party; (c) was rightfully disclosed to the Receiving Party without restriction by a third party; (d) was independently developed without use of any Confidential Information of the Disclosing Party; or (e) is disclosed by the Receiving Party if required as part of a bona fide sale of its business (assets or shares, whether in whole or in part) to a third party, provided that the Receiving Party enters into a confidentiality agreement with the third party on terms no less restrictive than this clause 6 (Confidential Information).
‍

6.4 Remedies:
‍

Each party agrees that breach of this clause 6 (Confidential Information) may cause irreparable injury to the other party, for which monetary damages may not provide adequate compensation, and that, in addition to any other remedy, the other party will be entitled to seek injunctive relief against any breach or threatened breach, without proving actual damage or, to the extent required by law, posting a bond or other security.

7. Intellectual Property and Data
‍

7.1 Ownership of Intellectual Property:

‍

You acknowledge and agree that we (or our third party suppliers) own and/or retain all Intellectual Property: (a) in or arising out of the Services (including the Application, Application Data, Software and all graphics, user interfaces, logos, data, and trademarks reproduced through the Services or Application); (b) in any software, applications, inventions or other technology developed in connection with the Services; and (c) all improvements, enhancements or modifications to the foregoing in (a) and (b). The Agreement does not grant you any rights, title or licence to the Intellectual Property in or to the Services or any of its components, except as expressly set out in the Agreement.

‍

7.2 Feedback and analytics:

‍

If you provide us with any feedback about the Services, we may use that feedback to improve the Services without any restriction or compensation to you provided that any feedback we use will not publicly identify you. We acknowledge all feedback you provide is provided as-is without warranties of any kind and that use of the feedback by us is at our own risk. We also reserve the right to gather analytics in relation to your activity on, and use of, the Services (Usage Data) and to use the Usage Data for our internal purposes, such as identifying usage patterns, research and development and to maintain, improve, and enhance our products or services, and you agree that such Usage Data is not Client Data for the purposes of the Agreement. 

‍

7.3 Client Data and Client Generated Data:

‍

We acknowledge and agree that you (or your licensors, as applicable) are and remain the sole and exclusive owner of all Intellectual Property in the Client Data and Client Generated Data. You acknowledge and agree that we are entitled to rely on the accuracy and completeness of the Client Data and, unless expressly required otherwise, we have no obligation to verify the accuracy or completeness of the Client Data. You grant us a non-transferable license to use Client Data and Client Generated Data during the Term for the limited purpose of providing the Services to you (including generation of Client Generated Data) and as otherwise set out in the Agreement. We will not use Client Data or Client Generated Data for any other purpose, including ‘training’ our Services, without your prior approval. You represent and warrant that: (a) our use of the Client Data and/or Client Generated Data in accordance with the Agreement will not infringe Applicable Law or the Intellectual Property, privacy or any rights of any third party; and (b) you hold and will continue to hold all necessary licences, consents and authorisations required for us to use the Client Data and Client Generated Data in accordance with the Agreement.

‍

7.4 Brand

‍

We are proud to have you as a customer and appreciate being able to acknowledge that relationship. You grant us a royalty-free, non-exclusive licence to display your name and logo on our website and in marketing materials for the limited purpose of identifying you as a customer. We will follow any reasonable brand guidelines you provide and will obtain your written approval for any other use.

8. Warranties and Disclaimers
‍

8.1 Mutual warranties:
‍

Each party warrants to the other:

1. on a continuing basis that it will comply with all Applicable Law relating to (i) in our case, providing the Services; and (ii) in your case, the Client Data and your use of the Services; and
2. it has the full right and power to enter into and perform its obligations under the Agreement.
   ‍

8.2 Aether Warranties:
‍

We warrant that:

1. we will provide the Services in accordance with Good Industry Practice; and
2. the Services will materially comply with any Specifications.
   ‍

Provided that, without limiting the above, you acknowledge that we may release updates to or changes to the Services (or any parts of it, including the Application and Application Data), change the method of provision of, or access by you to, the Services, including as a result of changes to our arrangements with third party suppliers and/or to change or discontinue any feature or functionality of the Services for any reason as part of the evolution of the Services.

8.3 Services availability:

You acknowledge that the Services may be temporarily unavailable for scheduled maintenance, updates or changes, or for unscheduled emergency maintenance, either by us or by our third party providers, or because of other causes beyond our reasonable control. We will use reasonable efforts to provide advance notice in writing of any scheduled disruption and to schedule any maintenance, updates or changes to occur outside of business hours.

8.4 Other services:
‍

The Services may include links, integrations, or connections to third party websites, applications or other services. Such connections do not imply review or endorsement by us. You proceed at your own risk to a third party website, application, or service.

8.5 DISCLAIMER:
‍

EXCEPT AS EXPRESSLY SET OUT IN THE AGREEMENT AND TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE SERVICES (INCLUDING THE APPLICATION, THE APPLICATION DATA AND CLIENT GENERATED DATA) ARE PROVIDED ON AN “AS-IS” AND “AS AVAILABLE” BASIS AND ALL TERMS, WARRANTIES, REPRESENTATIONS AND CONDITIONS ARE EXPRESSLY EXCLUDED AND DISCLAIMED BY US (WHETHER EXPRESS OR IMPLIED, BY LAW OR OTHERWISE) IN RESPECT OF THE SERVICES (INCLUDING THE APPLICATION, APPLICATION DATA AND CLIENT GENERATED DATA), INCLUDING THAT THE SERVICES (INCLUDING THE APPLICATION, APPLICATION DATA AND CLIENT GENERATED DATA) WILL BE MERCHANTABLE; WILL MEET YOUR REQUIREMENTS; ARE FIT OR SUITABLE FOR YOUR INTENDED PURPOSE OR USE; OR WILL BE UNINTERRUPTED, ERROR-FREE, CORRECT, ACCURATE, COMPLETE, CURRENT OR UP-TO-DATE. WE DO NOT GUARANTEE ANY OUTCOMES OR RESULTS BASED ON THE USE OF THE SERVICES (INCLUDING THE APPLICATION, APPLICATION DATA AND CLIENT GENERATED DATA) AND YOU ARE SOLELY RESPONSIBLE FOR ANY BUSINESS DECISIONS MADE BASED ON THE INFORMATION (INCLUDING THE APPLICATION DATA AND CLIENT GENERATED DATA) DERIVED FROM USING THE SERVICES.

9. Indemnity

9.1 Indemnification:
‍

The first party (Indemnifying Party) will defend the other party (Indemnified Party) against any third party claim against the other party, and indemnify and keep indemnified the other party from and against any liabilities, losses, damages, costs and expenses including reasonable legal costs (on a solicitor-client basis) associated with such third party claim, to the extent such third party claim is caused by:

1. where we are the Indemnifying Party, your use of the Services infringing upon such third party’s Intellectual Property; and
2. where you are the Indemnifying Party, our use of the Client Data or Client Generated Data infringing upon any third party rights,
   ‍

The indemnifying Party’s obligations under this clause will not apply to the extent that the Third Party Claim results from the Indemnified Party’s breach of the Agreement.

9.2 Indemnification procedure:
‍

If either party becomes aware of or receives a Third Party Claim for which it seeks or may seek indemnification under clause 9.1 (Indemnification):

1. the Indemnified Party will promptly notify the Indemnifying Party in writing of the Third Party Claim;
2. if the Indemnifying Party requests, the Indemnified Party will afford the Indemnifying Party sole control (at the Indemnifying Party’s cost) over the conduct of the defence of the Third Party Claim and all negotiations for its settlement, in which case:
3. the Indemnifying Party must consult with and keep the Indemnified Party informed regarding the settlement and/or defence of the Third Party Claim and obtain the Indemnified Party’s prior written approval to any settlement or compromise (not to be unreasonably withheld); and
4. the Indemnified Party will provide the Indemnifying Party with reasonable information and assistance in relation to the settlement and/or defence of the Third Party Claim.

9.3 Indemnification remedy:
‍

Where we are the Indemnifying Party and the Services are held by a court of competent jurisdiction to be or are believed by us to be potentially infringing a third party’s Intellectual Property, we may, at our option and expense:

1. replace or modify the Services to be non-infringing provided that such modification or replacement contains substantially similar features and functionality;
2. obtain for you a licence to continue using the Services; or
3. if neither of the foregoing options are commercially practicable, terminate the Agreement and provide a refund of prepaid Fees in accordance with clause 2.3 (Refund or payment upon termination).

10. Limitation of Liability

10.1 Limitation of liability: EXCEPT IN RESPECT OF EXCLUDED CLAIMS:

1. EACH PARTY’S MAXIMUM AGGREGATE LIABILITY TO THE OTHER PARTY UNDER OR IN CONNECTION WITH THE AGREEMENT WILL NOT EXCEED THE TOTAL AMOUNT OF FEES PAID AND PAYABLE BY YOU TO US UNDER THE AGREEMENT DURING THE 12 MONTHS PRIOR TO THE DATE OF THE FIRST EVENT GIVING RISE TO LIABILITY (GENERAL CAP), EXCEPT THAT FOR BREACHES OF CLAUSE 5 (PRIVACY AND SECURITY) BY US OUR MAXIMUM AGGREGATE LIABILITY TO YOU UNDER OR IN CONNECTION WITH THE AGREEMENT WILL NOT EXCEED THREE TIMES (3X) THE GENERAL CAP; AND
2. NEITHER PARTY WILL BE LIABLE TO THE OTHER PARTY FOR ANY (I) SPECIAL, INDIRECT, CONSEQUENTIAL LOSS; (II) LOSS OF USE; (III) LOSS OF REVENUE; (IV) LOSS OF PROFIT; (V) LOSS OF SAVINGS; (VI) LOSS OF OPPORTUNITY; (VII) LOSS OR DAMAGE TO OR CORRUPTION OF DATA: (VIII) LOSS OF BUSINESS; (IX) LOSS OF GOODWILL; OR (X) LOSS OF REPUTATION. THE FOREGOING APPLIES IN EACH CASE WHETHER ARISING IN EQUITY, FOR BREACH OF CONTRACT, TORT (INCLUDING NEGLIGENCE), BREACH OF STATUTORY DUTY, INDEMNITY OR OTHERWISE, AND IN EACH CASE REGARDLESS OF WHETHER SUCH LOSS WAS FORESEEABLE, AND WHETHER OR NOT ADVISED OF THE POSSIBILITY OF SUCH LOSS OR DAMAGE, IN EACH CASE ARISING OUT OF OR IN CONNECTION WITH THE AGREEMENT.
   ‍

10.2 Contributory liability:
‍

Each party’s liability to the other party in connection with the Agreement will be reduced proportionately by the extent to which the acts or omissions of the other party caused or contributed to the relevant liability, losses or damage suffered or incurred by the other party.

10.3 Mitigation of liability:

Each party must take reasonable steps to mitigate any liabilities, losses or damages it may suffer or incur arising out of anything done or not done by the other party under or in connection with the Agreement (including any amount sought under the indemnity at clause 9 (Indemnity)).

11. Disputes

For any dispute between the parties, both parties agree to first contact the other party in writing and refer such dispute to a senior executive officer of each party who will use all reasonable endeavours to resolve the dispute informally and in good faith. If the dispute is not resolved within 30 days of the written notice of dispute, then either party may commence proceedings in any court or tribunal of competent jurisdiction. Nothing in this clause prevents either party from seeking urgent interim or interlocutory or equitable relief from a court of competent jurisdiction as necessary to prevent an actual or threatened infringement of the Agreement, to preserve property or to prevent irreparable harm.

12. Miscellaneous

12.1 Waivers and Severability:
‍

Waivers must be signed by the waiving party’s authorized representative and cannot be implied from conduct. If any provision of the Agreement is held invalid, illegal or unenforceable, it will be limited to the minimum extent necessary so that the applicable provision (where possible) and the rest of the Agreement remains in effect.

12.2 Force majeure:
‍

No delay, failure, or default, other than a failure to pay Fees when due, will constitute a breach of the Agreement to the extent caused by acts of war, terrorism, hurricanes, earthquakes, other acts of God or of nature, strikes or other labour disputes, riots or other acts of civil disorder, embargoes, or other causes beyond the performing party’s reasonable control.

12.3 Assignment and Sub-contracting:
‍

Neither party may assign any of its rights or obligations hereunder, whether by operation of law or otherwise, without the other party’s prior written consent (not to be unreasonably withheld), provided that either party may assign the Agreement in its entirety, with notice to the other party but without the other party’s consent, to its Affiliate or in connection with a merger, acquisition, corporate reorganization, or sale of all or substantially all of its assets. Any attempted assignment in violation of this clause will be null and void. The terms of the Agreement will be binding upon the parties and their respective successors and permitted assigns. We may perform certain of our obligations under the Agreement using sub-contractors, but we remain responsible and liable for the performance of our obligations under the Agreement. 

12.4 Entire agreement:
‍

The Agreement is the complete and exclusive statement of the mutual understanding of the parties and supersedes and cancels all previous written and oral agreements, representations, proposals, communications and other understandings relating to the subject matter of the Agreement, including any confidentiality agreements previously entered into in relation to the subject matter. Each party acknowledges that in entering into the Agreement it does not rely on, and will have no remedies in respect of, any warranty or representation that is not set out in the Agreement. The Agreement applies to the exclusion of any other terms that you seek to impose or incorporate, or which are implied by law, trade custom, practice or course of dealing.

12.5 No agency:
‍

No agency, partnership, joint venture, or employment is created as a result of the Agreement and neither party has any power or authority to act for or to assume any obligation or responsibility on behalf of the other party or to bind the other party to any agreement.

12.6 Delivery of notices:

All notices under the Agreement will be in writing and will be deemed to have been duly given: (a) when received, if personally delivered; (b) if sent by e-mail, when sent provided that the sending party does not receive a bounce-back or error message; (c) the day after it is sent, if sent for next day delivery by a recognised overnight delivery service; and (d) upon receipt, if sent by certified or registered mail, return receipt requested.

12.7 Contracting entity and governing law:

The laws by which the Agreement will be governed and interpreted (and that will apply in any dispute or lawsuit arising out of or in connection with the Agreement) and the courts that have non-exclusive jurisdiction over any dispute or lawsuit concerning matters involving the Agreement is set out in the table in the Schedule. 

12.8 Amendments:

Subject to clause 12.9 (Permitted Updates), no variation to the terms of the Agreement will be of any force or effect unless it is in writing and agreed by the parties.

12.9 Permitted updates:
‍

We may update the Terms (including, for the avoidance of doubt, the Supplementary Terms) at any time by posting a revised version on our website atwww.theaether.co/terms. Any such updated Terms will not apply during the then-current term of an Order Form. The updated Terms will only apply to: (a) new Order Forms entered into after the update; and (b) existing Order Forms that automatically renew, from the start of the next applicable Renewal Period. For any such Order Forms that automatically renew, we will notify you by email of any material updates to the Terms. If the update occurs during any Renewal Notice Period, you may terminate the applicable Order Form at any time during that Renewal Notice Period, in which case the Order Form will expire at the end of the then-current Order Form term.

12.10 Counterparts:
‍

An Order Form may be executed in counterparts, including by electronic copies or electronic acceptance mechanism. Each copy will be deemed an original and all copies, when taken together, will form the same agreement.

13. Definitions

Except when expressly provided otherwise, the definitions in this clause apply in the Agreement.

Affiliate means an entity that, directly or indirectly, controls, is under the control of, or is under common control with a party, where control means having more than fifty percent (50%) of the voting stock or other ownership interest.

Aether Data means:
‍

1. Application Data;
2. any metadata generated by us and the Services in connection with your use of the Services.

regardless of format and delivery method, but excluding any Client Data.

‍
‍Agreement means all Order Forms entered into between you and us and the Terms (and any amendments made to those documents from time to time).

Applicable Law means all laws, regulations, rules, court orders or other binding requirements of a government authority that apply to a party.

Application means the Software and Application Data presented in an online application hosted by us and which may be accessed by you and your Authorized Users (including via the web application).

Application Data means all data, instructions, prompts and information provided or made available by us to you as part of the Services, regardless of format and delivery method, but excluding any Client Data.

Authorized User means: (a) the personnel of you and your Affiliates; (b) any third parties who are approved as Authorized Users in the Order Form; and (c) any third parties who are otherwise approved as Authorized Users in writing by us, in each case who are authorized by you to access the Services for the purposes permitted under the Agreement.

Client has the meaning set out in the Introduction to the Terms.

Client Data means any data, information, text, content or other materials which you provide or make available to us in connection with the Agreement and/or the Services (both directly and/or indirectly) but, for clarity, does not include any data, information, text, content or other materials already held by us prior to any supply by you to us or any metadata generated by us and the Services in connection with your use of the Services, any Application Data or our Confidential Information.

Client Generated Data means any data, information, or content that is generated, derived, or produced as a result of your use of the Services, including but not limited to where such data is a summarised, aggregated or processed form of the Client Data, but excluding any Aether Data.
‍

Confidential Information means the Agreement and any information that is not public knowledge that is directly or indirectly obtained from the other party in the course of, or in connection with, the Agreement and the provision and use of the Services (regardless of whether identified as such or not), and includes:

1. the business, technical or financial information relating to the relevant party’s business;
2. the terms of the Agreement and the commercial arrangements between the parties;
3. any information that the other party knows, or ought to know, is confidential; and
4. trade secrets, know-how, specifications, inventions, processes or initiatives which are of a confidential nature,

but excludes Personal Information, which is governed exclusively by clause 5 (Privacy and Security).
‍

End Date has the meaning given to it in the applicable Order Form.

Excluded Claims means: (a) claims arising from the gross negligence or wilful misconduct of a party; (b) claims arising from the death or personal injury caused by a party; (c) claims arising from fraudulent acts or fraudulent misrepresentations by a party; (d) the indemnification obligations under clause 9 (Indemnity); (e) breaches of clause 6 (Confidential Information); (f) your failure to pay us any Fees due; and (g) any liability to the extent such liability cannot be limited or excluded by Applicable Law.

Fees means the fees payable by you for the Services as set out in an Order Form (as varied from time to time in accordance with the Agreement).

Good Industry Practice means exercising the degree of skill, diligence, prudence, foresight, and care which would reasonably and ordinarily be expected from a skilled and experienced provider of services or software products similar to those contemplated under the Agreement, operating in similar circumstances.

Intellectual Property means all present and future industrial and intellectual property rights whether conferred by statute, at common law or in equity, including all patents, utility models, rights to inventions, copyright and related rights, trademarks and service marks, trade names and domain names, rights in get-up, goodwill and the right to sue for passing off or unfair competition, rights in designs, rights in computer software, database rights, rights to preserve the confidentiality of information (including know-how and trade secrets) and any other intellectual property rights (whether registrable or unregistrable), including all applications for (and rights to apply for and be granted), renewals or extensions of, and rights to claim priority from, such rights and all similar or equivalent rights or forms of protection which subsist or will subsist, now or in the future, in any part of the world.

Order Form means an ordering document entered into between the parties for Services, whether: (a) executed in writing (including electronic signature); or (b) completed through an online or electronic ordering process (such as a checkout page) that records the ordering party’s acceptance of the Agreement and submission of the applicable order.

Permitted Use mean for your own internal business purposes and any other use set out in any Supplemental Terms or otherwise approved by us in writing.
‍

Personal Information means: (a) any information that relates to a natural living person that either directly identifies them, such as their name or image, or allows them to be identified when combined with other reasonably available information; and (b) any information as defined by similar terms under any applicable Privacy Laws.

Privacy Laws means any applicable privacy or data protection laws or regulations in Australia (e.g., the Privacy Act 1988) and New Zealand (e.g., the Privacy Act 2020) (as amended from time to time) applicable to the Services performed by us under the Agreement. 

Privacy Policy means the privacy policy posted at www.theaether.co/privacy, as updated from time to time.

Start Date has the meaning given to it in the applicable Order Form.

Supplemental Terms means the Supplemental Terms below (at the end of these Terms of Service).

‍
‍Renewal Period has the meaning given to it in clause 2.1(c).

Renewal Notice Period has the meaning given to it in clause 2.1(c).

Services means those services agreed to be provided to you in an Order Form and which includes, unless otherwise stated, the Application and Application Data.

Software means the Aether platform software application and any software, documentation or data related to the Services and/or made available to you, and includes any maintenance releases or updates to that software from time to
time.

Specifications means the specifications set out in the relevant Order Form.

Taxes means taxes, levies, duties or other charges of any kind imposed by any governmental authority, including but not limited to sales, use, goods and services, value-added, excise and withholding taxes, as well as any interest, penalties, or additions thereto (excluding for the avoidance of doubt our income tax).

Term has the meaning set out in clause 2.1 (Term).
‍

Terms has the meaning set out in the Introduction to this document, as amended from time to time (and, for the avoidance of doubt, includes the Supplementary Terms).

EU DATA ACT COMPLIANCE SUPPLEMENTAL TERMS

This Supplemental Terms set out the terms and conditions that apply to and govern your use of the applicable Services to which they relate, as identified below, in addition to, and supplementing, the Terms of Service (and are deemed to be incorporated into and constitute part of the Terms). If you do not agree with the applicable Supplemental Terms, you must not purchase or use applicable Services to which the Supplemental Terms relate.

Capitalized terms used but not defined in these Supplemental Terms have the meanings ascribed to them in Terms of Service.

1. Purpose and Application

This Supplemental Terms apply to Clients established in the European Union and supplement the Terms of Service. It is intended to ensure compliance of the Services with the mandatory provisions of the EU Data Act (Regulation (EU) 2023/2854) (EU Data Act) concerning data portability, switching and fairness of contractual terms.

2. Data Portability and Switching

1. Client Access and Export Rights: You may, at any time during the Term (acting reasonably and in compliance with Applicable Law) or within 30 days after termination, request a complete export of your Portable Data (to the extent technically feasible). We will make that Portable Data available in a commonly used, machine-readable format (for example, CSV or JSON) via standard APIs or download mechanisms.
2. Assistance and Continuity: We will provide reasonable technical assistance, documentation, and interface information to support you (or your replacement provider) in transitioning to another data-processing service or an on-premises solution. We will both act in good faith to maintain service continuity during that transition.
3. Timing of Transfer: Unless otherwise agreed in writing, Portable Data export and transfer will be completed within 30 days of your request or the effective date of termination, whichever is later.
4. Charges for Export and Switching: Until 12 January 2027, any charge for Portable Data export or switching will be limited to our direct and demonstrable costs of providing that export or switching (with no mark-up). From 12 January 2027, no fee will be charged for Portable Data export or switching.
5. Retention and Deletion: After the 30-day post-termination period, we may delete any remaining Portable Data unless retention is required by law or agreed otherwise in writing.
6. Technical Standards: We will use reasonable efforts to ensure interoperability and compliance with any common specifications or standards adopted under the EU Data Act relating to portability and switching.

3. Early Termination and Switching Rights

1. Early Termination: You may terminate an Order Form for convenience at any time for the purpose of switching to another data-processing service or to an on-premises environment, by giving up to two (2) months’ written notice.
2. Fees on Termination under these Supplemental Terms: Upon termination under this paragraph and to the extent permitted by Applicable Law (including the EU Data Act): (a) any Fees already paid in advance for Services performed or made available prior to termination are non-refundable; and (b) where you have pre-paid, or contractually agreed to pay, Fees for a fixed-term subscription (for example, committed to pay fees over a three-year Term), we may also retain all such pre-paid Fees and/or invoice you for early termination charges equal to the remaining committed Fees, less any demonstrable savings in Supplier costs, and you agree that this fairly reflects a combination of: (i) any implementation, onboarding, configuration, or customization work already performed; (ii) costs and discounts amortised over the originally procured Term; and (iii) our unrecovered investment in capacity or third-party commitments entered into to support your subscription, and that such retention does not reflect a ‘switching fee’.

4. Fair Terms for Clients

1. Good-Faith Contracting: The parties acknowledge that the Agreement is intended to be fair and reasonable and consistent with the principles set out in the EU Data Act, including protection against unfair terms for small or medium-sized enterprise (SME) customers located in the European Union.
2. No Unfair Restrictions: We will not include or rely on contractual terms that: (a) unreasonably restrict your right to access, export, or reuse your own Portable Data; or (b) grant us disproportionate intellectual-property or usage rights over your Portable Data.
3. Balanced Risk Allocation: You agree that any limitations of liability, indemnities or remedies in the Agreement are intended to reflect a reasonable and proportionate allocation of risk between the parties, having regard to the nature of the Services, the fees payable and industry practice.
4. Compliance with EU Data Act: Nothing in the Agreement limits or excludes any mandatory rights or obligations that apply under the EU Data Act to the extent it governs cross-border provision of the Services to you.

5. Governing Law and Mandatory Effect

The parties acknowledge that certain rights and obligations under the EU Data Act may apply on a mandatory basis to you and agree to give full effect to those rights notwithstanding this governing-law clause of the Terms.

6. Interpretation

Portable Data means any digital representation, including personal data and non-personal data, that is: (a) Client Data; (b) Client Generated Data; or (c) otherwise derived from your use of the Services, including associated metadata, configuration data, or system logs that relate to such use, in each case to the extent such data is accessible to us as part of the operation or delivery of the Services, but does not include: (d) aggregated or anonymized data that does not identify you or your Authorized Users; (e) our internal operational, diagnostic, or performance data used to maintain or improve the Services; or (f) any Intellectual Property, data or materials owned or controlled by the us or our licensors, including that constitute our trade secrets or proprietary analytics.

DATA PROCESSING SUPPLEMENTAL TERMS

This Supplemental Terms set out the terms and conditions that apply to and govern your use of the applicable Services to which they relate, as identified below, in addition to, and supplementing, the Terms of Service (and are deemed to be incorporated into and constitute part of the Terms). If you do not agree with the applicable Supplemental Terms, you must not purchase or use applicable Services to which the Supplemental Terms relate.

Capitalized terms used but not defined in these Supplemental Terms have the meanings ascribed to them in Terms of Service.

1. Purpose and Application

By this Supplemental Terms, you (Controller) agree and authorise us (Processor), where we are processing Personal Information as a data processor on behalf of Controller, to process its Personal Information to provide the Services in accordance with the Terms of Service agreed to between the Controller and Processor and this Supplemental Terms.

2. Definitions

1. Definitions: Unless the context otherwise requires:

Controller Personal Information means any Personal Information in respect of which the Controller is a data controller, including the type of Personal Information and categories of data subjects referred to in the Privacy Policy, and which is processed by the Processor on the instructions of the Controller.

Personal Information Breach means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to Controller Personal Information.

Regulatory Bodies means those government departments and regulatory, statutory and other bodies, entities and committees which, whether under statute, rule, regulation, code of practice or otherwise, are entitled to regulate, investigate or influence the matters relating to the security of data, Personal Information, privacy protection or other laws connected to this Agreement.

Sub-processor shall mean any data processor engaged by the Processor (or by any other Sub-processor of the Processor) in order to be able to perform the Services.

2. Interpretation: In this Supplemental Term where the context permits references to data subject, data controller, data processor and processing shall have the same meanings ascribed to them by the Privacy Laws.

3. Data Controller and Processor

1. Data Controller: The Processor acknowledges that, in respect of the Controller Personal Information and for the purposes of the Privacy Laws, the Controller (and each group company of the Controller) is the data controller. The Controller agrees to comply with its obligations under this Supplemental Terms and, as controller, under all Privacy Laws.
2. Privacy notices: The Controller is solely responsible for all data controller obligations under Privacy Laws, including providing any required notices and obtaining any required consents, and for the processing instructions that it gives to the Processor.
3. Controller warranties: The Controller warrants that:

a. no contractual obligations prohibit the processing of the Controller Personal Information as described in the Agreement and this Supplemental Terms; and

b. the production, collection, and processing of Controller Personal Information has been and will continue to be carried out in accordance with the Privacy Laws.

4. Appointment as Data Processor: The Controller appoints the Processor as a data processor of the Controller Personal Information, and the Processor accepts the appointment and agrees to comply with its obligations under this Supplemental Terms.

4. Data Processing

1. Principles: Controller Personal Information will be processed by the Processor under the general principles of lawfulness, fairness, transparency, purpose limitation, data minimisation, accuracy, storage limitation, integrity and confidentiality, and accountability.
   ‍
2. Processing restrictions: Subject to paragraph 4.3, the Processor shall ensure that all Controller Personal Information is processed only:

a. according to the instructions of the Controller, which shall include the purposes described in the Agreement;

b. in accordance with this Supplemental Terms;

c. in compliance with Privacy Laws; and

d. except as otherwise specified in paragraph 7, within countries that ensure an adequate level of protection as indicated or recognised by Privacy Laws or any applicable Regulatory Bodies.
‍

4. Outside of instructions: The Processor may process Controller Personal Information outside of the Controller’s instructions if laws to which the Processor is subject require or allow it. The Processor shall notify the Controller if it is of the opinion that any instruction provided by the Controller is in breach of any Privacy Law.

5. Cooperation Obligations

1. Assistance: The Processor shall take any steps reasonably requested by the Controller to assist the Controller to demonstrate compliance with its obligations under Privacy Laws, including to assist and support the Controller:

a. in the event of an investigation or other control measures or by any Regulatory Body to the extent that such investigation relates to Controller Personal Information;

b. in the event of the exercise of any claims by data subjects or third parties related to the processing under this Supplemental Terms or the Agreement;

c. in complying with the rights of data subjects, including the right to obtain transparent information, the right to access, rectify, and erase their Personal Information, restrict, or object to, the processing of their Personal Information, exercise their right to data portability;

d. in notifying, consulting with and obtaining approvals from Regulatory Bodies where required; and

e. in performing data protection impact assessments.

2. Data subject rights:

a. The Processor shall promptly comply with any request from the Controller requiring the Processor to access, amend, transfer or delete any Controller Personal Information.

b. The Processor must inform the Controller promptly, taking into account the notification requirements imposed on the Controller under Privacy Laws, following the Processor’s receipt of any inquiry from a data subject with respect to Controller Personal Information.

c. Provided that the Controller acts in accordance with Privacy Laws, the Processor shall not respond to any such request referred to in paragraph 5.2(b) unless expressly authorised to do so by the Controller.
‍

3. Regulatory action: The Processor will promptly notify the Controller about:
   ‍

a. any binding request addressed to the Processor or any of its Subprocessors for the disclosure of Controller Personal Information by a Regulatory Body, unless otherwise prohibited by the applicable law; and

b. any monitoring activities and measures undertaken by the Regulatory Body, including where a Regulatory Body investigates the Processor for a possible breach of Privacy Laws.

4. Audit rights: The Controller has the right to, on reasonable notice and in a reasonable manner, audit and inspect the implemented technical and organisational measures of the Processor and the Processor’s compliance with this Supplemental Terms to the extent such measures are able to be audited. If the Processor notifies the Controller of a Personal Information Breach, then the Controller shall have the right to perform an on-site audit of the Processor on notice without undue delay. Any audit or inspection undertaken by the Controller shall be at the Controller’s cost.

6. Personal Information Breach

1. ‍Data breach:  To the extent the Processor becomes aware of any Personal Information Breach or if it has reason to believe that a Personal Information Breach may have occurred, then the Processor must without undue delay (and where feasible, within 72 hours of becoming aware of the breach):

a. notify the Controller, taking into account the notification duty requirements imposed on the Controller under the Privacy Laws; and

b. investigate the Personal Information Breach and provide the Controller with the information set out in paragraph 6.2; and

c. with the prior consent of the Controller (not to be unreasonably withheld or delayed), take measures to prevent further Personal Information Breaches, and mitigate or remedy the Personal Information Breach.‍

2. Information obligations:  The Processor shall summarise in reasonable detail the impact of the Personal Information Breach, including describing to the extent this is known to the Processor:

a. the nature of the Personal Information Breach;

b. the categories and numbers of data subjects concerned;

c. the categories and numbers of Personal Information records concerned;

d. the details of any unlawful recipient (including names, addresses and business sectors);

e. the estimated risk and the likely consequences of the Personal Information Breach; and

f. the measures taken or proposed to be taken to address the Personal Information Breach.

3. Records: The Processor shall maintain records of any actual or suspected Personal Information Breach in accordance with commercially accepted industry practices. The Processor shall make such records reasonably available to the Controller.

7. Technical and Organizational Measures

1. Confidentiality: The Processor will:

a. ensure that the personnel it authorises to process Controller Personal Information are under appropriate confidentiality obligations; and

b. inform its authorised personnel that the Controller Personal Information is only to be processed in accordance with the Agreement and as otherwise instructed by the Controller.
‍

2. Data Security:  During the processing of Controller Personal Information, the Processor shall take appropriate technical and organisational measures to ensure a level of security appropriate to the risk of a Personal Information Breach.
   ‍
3. Security Measures: The Processor shall:

a. take reasonable steps to ensure the reliability of any staff who have access to Controller Personal Information;

b. ensure the ongoing confidentiality, integrity, availability and resilience of the systems and services processing Controller Personal Information;

c. implement a process for testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing of Controller Personal Information; and

d. take any other steps required by Privacy Laws.

8. Cross-Border Transfer

It is acknowledged that the Processor is based in New Zealand and/or Australia (as applicable). Please refer to the Privacy Policy for the Processor’s Subprocessors. The Controller gives the Processor general written consent to transfer Controller Personal Information to a country where the relevant Subprocessor:
‍

a. is in a country where Privacy Laws or Regulatory Bodies applicable to such Controller Personal Information has recognised that country and its laws as providing adequate protection;

b. is a Subprocessor identified at the date of the Agreement; or

c. has entered into a contract with the Processor containing applicable standard contractual clauses or equivalent contractual protections for the transfer to countries not otherwise recognised as offering an adequate level of protection.

9. Subprocessors

1. Subprocessors: Without limiting paragraph 8, the Controller gives the Processor general written consent for the Processor to authorise any third party to process Controller Personal Information as a Subprocessor, subject to the following conditions:
   ‍

a. the Processor must maintain an up-to-date list of the names and locations of all Subprocessors, and shall make this list reasonably available to the Controller; and

b. except in respect of any Subprocessors existing at the date of this Supplemental Terms, the contract entered into between the Processor and a Subprocessor will include terms which are substantially the same as those set out in this Supplemental Terms.

The Processor will assume liabilities for the acts and omissions of its Subprocessors in relation to the Services provided to the Controller, subject to the limitations of liability under this Supplemental Terms and the Agreement.

10. Return/Destruction of Controller Personal Information

Except as otherwise directed by the Controller, when requested to do so by the Controller the Processor shall hand over to the Controller all Controller Personal Information, and shall erase or destroy related data as described in the Privacy Policy (www.theaether.co/privacy).