Terms & Conditions

STANDARD TERMS AND CONDITIONS OF SERVICE

What’s a Rich Text element?

Last Updated July 6, 2023

These Standard Terms and Conditions of Service (the “Terms”) govern all logistics and related services that the company agreeing to these Terms and/or any Order Form (“Company”) may solicit or receive from Veho Logistics LLC (“Veho”) or its affiliates. “Party” or “Parties” shall mean, individually Veho or Company, as the context requires and, collectively, Veho and Company.

Please read carefully. These Terms constitute a legally binding contract between Veho and Company. Veho may update these Terms from time-to-time at Veho’s sole discretion. The Terms in force each time any of the services are performed will govern. Company accepts and agrees to be bound and abide by these Terms by the act of receiving services from Veho or its affiliates. Reasonable communication of any update to these Terms will be issued by Veho. If Company does not wish to be bound by these Terms, then it must not use Veho’s or its affiliates services or technology.

1. VEHO’S SERVICES

1.1 Services. Veho is a third-party logistics company and property broker licensed by the Federal Motor Carrier Safety Administration (“FMCSA”) under docket number MC1255848 and USDOT number 3647353. Veho provides shippers of merchandise, like Company, with a variety of logistics services, including access to a digital marketplace platform, arranging for first-, middle-, and last-mile transportation services via motor carriers and other service providers (“Carriers”) from or to destinations including those of Company’s customers (“Retail Customers”), and other similar services as requested by Company from time to time (the “Services”). Company acknowledges Veho owns no trucks and provides Services solely in its capacity as a third-party intermediary.

1.2 Order Forms. The Parties will from time to time agree upon the Services available to Company via one or more order forms that Veho will make available to Company (each an “Order Form”). These Terms will govern all Services delivered to Company under all Order Forms, subject to periodic amendment through publication of updates to these Terms. Order Forms will set out the Fees applicable to the Services. In the event of any direct conflict between these Terms and the terms of an applicable Order Form, the terms of the applicable Order Form will control.

1.3 No Volume or Service Commitment. Except as otherwise provided in an Order Form or these Terms, neither Veho nor Company makes any volume or service commitments under these Terms. Company understands and agrees that except for ensuring Carriers perform with reasonable dispatch, Veho makes no guarantee or warranty of timeliness for Services.

1.4 Completed Delivery and Completed Pickup. Unless otherwise expressly instructed by Company or the Retail Customer, Carriers providing last-mile delivery or pickup services will release or pick up parcels at the Retail Customer’s address as it appears on the shipping label or pickup order, including Retail Customer’s front door, back door, or a similar drop-off or pick-up point in the immediate surroundings, provided that such drop-off or pick-up point is reasonably safe in the  discretion of the Carrier (“Completed Delivery” or “Completed Pickup”). Neither Veho nor Carriers shall be liable for any theft, loss, or damage that occurred to parcel or the merchandise after completion of a Completed Delivery or before completion of a Complete Pickup.

1.5 Communications with Retail Customers. Veho may proactively contact Retail Customers through text, phone, email and/or app in connection with arranging delivery and/or pickup and to collect feedback.

1.6 Handling of Delivery or Pickup Attempts.

(a) Unless a parcel is Undeliverable, if a Carrier is unable to make a Completed Delivery or Completed Pickup, then Veho will, in its sole discretion, arrange reattempt of delivery or pickup, contact Retail Customer to coordinate delivery or pickup, or consult with Company for further information.

(b) If a parcel is Undeliverable, (a) Company shall pay for the delivery as if a Completed Delivery had been made, and (b) Veho shall make a good faith effort to arrange the return of the parcel to Company at Company’s expense or dispose of the parcel as directed by Company. Notwithstanding the foregoing, Veho will not arrange return of parcels containing perishable goods and shall dispose of such parcels.

Undeliverable” means a parcel where (a) a Completed Delivery of the parcel cannot be made after two attempts due to no fault of Veho or the Carrier; (b) the shipping label is damaged or otherwise unreadable or unable to be scanned; (c) the Retail Customer address is outside of the Veho service area in the market where the parcel was scheduled for delivery; (d) Company provides insufficient or inaccurate Retail Customer information; (e) the parcel is tendered to Veho with damage in excess of the threshold for acceptable damage separately agreed upon between Veho and Company (the “Damage Threshold”); (f) other defects reasonably prevent Veho from arranging delivery of the parcel in the normal course of business; (g) Company tenders to Veho duplicate parcels, or (h) Veho is directed by Company or Retail Customer not to arrange delivery, including but not limited to order cancellation by Retail Customer or by Company outside the cancellation window as set forth in Section 2.12 Cancellation Window, or refusal of delivery by Retail Customer. Veho shall determine in its sole reasonable discretion whether a parcel is Undeliverable.

(c) Company shall pay for each Completed Pickup and pickup attempt unless the failure to make a Completed Pickup is due to the fault of Veho or a Carrier. Unless directed otherwise by Company or the Retail Customer, Veho shall continue to arrange pickup attempts until a Completed Pickup is made.

1.7 Severe Weather Conditions. In order to ensure the safety of Carriers, Veho may suspend the Services on days of severe weather conditions or when driving is considered dangerous. Veho will use reasonable efforts to give Company prior notice whenever severe weather conditions are expected to delay the Services, and will provide Company with updated delivery times and/or hours of operation. When Services have been suspended due to such conditions, Services shall be resumed as soon as practicable once such conditions cease to exist.

1.8 Services Receipts. All last-mile Services shall be evidenced by a Services receipt in the form of a GPS stamp or a photo of the parcel at the delivery address. A Services receipt will be deemed sufficient evidence for the successful completion of the Services. Veho will make all Services receipts available to Company upon request subject to the record retention policy described in these Terms.

1.9 Record Retention. Veho or its affiliates shall keep electronic records of Company’s parcels for a period of not less than three (3) years.

1.10 Liability and Compensation for Lost and Damaged Parcels. It is understood and agreed that Veho is not a carrier and that Veho shall not be held liable for loss, shortage, damage, or delay in the transportation of Company’s parcels or the merchandise within unless caused by Veho’s negligent acts or omissions. Veho shall require each Carrier agree that the Carrier’s liability for cargo loss or damage shall be no less than that of a common carrier as provided for in 49 U.S.C. § 14706, subject to a limitation of $100,000.00 per truckload for truckload shipments or $100.00 per parcel for parcel shipments, as applicable. Veho may, at Company’s request and at Veho’s sole discretion, provide cargo claims management services. If Veho has agreed to manage Company’s claim, Company must file claims for cargo loss, shortage, or damage with Veho within one hundred eighty (180) days from the date of such loss, shortage, or damage, which for purposes of these Terms shall be the delivery date or, in the event of non-delivery, the scheduled delivery date. As part of the claims management service, Veho will process, submit, and negotiate claims on Company’s behalf. Veho makes no guarantee of recovery on any cargo claim and does not assume any liability for cargo claims solely because it offers to manage Company’s claim. If Veho elects, in its sole discretion, to pay delivery credits to Company in connection with Company’s claim, then Company shall automatically assign its rights and interest in the claim to Veho so as to allow Veho to subrogate its loss. For the avoidance of doubt, neither Veho nor Carriers shall be held liable for any consequential damage to either the Retail Customer or Company as a result of delay or lost or damaged parcels.

1.11 Prohibited Commodities. Company is prohibited from using the Services to arrange for transportation of parcels containing hazardous materials and dangerous goods, including but not limited to: (a) tobacco, vaping and related products; (b) live animals; (c) currency and currency-like instruments; (d) infectious and suspected infectious materials; (e) items that may require special license for transportation or that may cause damage or harm to personnel, equipment, or other shipments; (f) any item whose transportation is prohibited by law, statute, or regulation, for any reason, in a state where it is intended to be transported, (g) firearms and ammunition; (h) fireworks and explosives; and (i) wet, leaking, or odorous packages. To the extent Company tenders prohibited commodities to Veho or a Carrier, Company does so at its sole risk.

1.12 Regulated Commodities. Company shall at all times fully disclose in writing any pertinent information regarding the cargo, including but not limited to the kind and quantity of any hazardous materials if tendered, whether the cargo includes human or animal food products subject to federal regulations for the sanitary transportation of food, and any other information necessary for Veho and Carrier to fully comply with all applicable laws and safety requirements. Neither Veho nor any Carriers will be responsible, and Company will hold Veho, its affiliates, and any Carrier harmless, for any cargo-related issues or damages arising from food or hazardous contents of Company’s parcels, or any tender of prohibited commodities as described in Section 1.11, including, but not limited to, death or injury to a customer as a result of food poisoning, spoilage, food-borne pathogen, or any other cause. The Parties agree that Carriers are not required to use climate control when transporting or holding Company’s parcels. All parcels will be transported and held in ambient facility/vehicle temperatures. Furthermore, neither Veho nor any Carriers will compensate Company for spoilage or any consequential damage that arises from the lack of climate control in vehicles and facilities. Company will not tender any food products to Veho or Carrier if the food products are not completely enclosed by a container or if they require temperature control for safety. If Company tenders any perishable food products or other goods that are subject to laws or rules related to the transportation of food, or any hazardous products subject to laws or rules for transportation, neither Veho nor Carrier will be responsible for any failure to comply with such laws or rules, and Company will defend, indemnify and hold Veho and Carrier harmless for any claims, fines, fees, investigation costs, or other amounts of any kind and from any source incurred due to the content of the cargo.

1.13 Insurance. Veho shall maintain where applicable the following insurance coverages and shall require Carriers to maintain such coverage for themselves: (a) Workers’ Compensation insurance coverage in accordance with applicable laws; (b) Commercial General Liability insurance on an occurrence basis with minimum limits of $1,000,000 per occurrence; (c) Auto Liability insurance insuring against liability arising out of and covering the use of any vehicle, with a minimum combined single limit of liability of $1,000,000 per occurrence for bodily injury, including injuries resulting in death, damage arising out of pollutants that escape the vehicle, and property damage; (d) Cargo insurance with minimum policy limits of $10,000 per occurrence; and (e) Employee Theft and Dishonesty, Crime, or a Fidelity Bond of $10,000 per occurrence.

1.14 Right to Inspection and Refusal. Veho, its affiliates, and Carriers reserve the right to open and inspect any parcel and also reserve the right to refuse acceptance of any parcel in their individual discretion.

1.15 Shipments Requiring Prior Approval. Company must obtain prior written approval from Veho prior to using the Services to arrange for transportation of any of the following: (a) alcohol or alcoholic beverages; (b) biological substances, category B, and exempt human or animal specimens; and (c) perishables including, but not limited to, plants, meat, poultry, fish, and perishable products derived therefrom. Where Company receives prior written approval and tenders any materials described in this Section, Company must package shipments in accordance with applicable law and to allow for the safe transportation of such materials and to prevent damage to other packages. It is the responsibility of Company to adequately package parcels for all temperature extremes and handling conditions. Company understands and agrees it assumes all risk of loss or damage to any commodity tendered pursuant to this section.

1.16 Payment Schedule. Except as otherwise provided in an Order Form, Veho or its affiliates shall bill Company once per week. Company shall pay the full amount of all invoices within seven (7) days from receipt of an invoice from Veho. Every invoice shall include the Services provided within the specified week, the Fee for each delivery and/or pickup, and any additional fees or charges. Past due amounts are subject to a finance charge of the lesser of 1.5% per month or the maximum amount permitted by law.

2. COMPANY RESPONSIBILITIES

2.1 Fees. Company will pay to Veho the fees established under and according to the payment schedule set forth on each Order Form (the “Fees”) for labels generated, other than those canceled in accordance with the terms of Section 2.15. Company accepts and agrees that any expenditures, third-party fees, or other charges assessed to Veho by any third-party, which are compensation for or incidental to the Services, shall be charged to Company for payment in addition to the Fees. Company agrees that changes in shipping characteristics, including but not limited to package dimensions or weight, tendering or delivery of non-palletized parcels, or changes to supply chain logistics of Company, may, at Veho’s sole discretion, entitle Veho to update pricing previously agreed to on any Order Form upon notice to Company. Company’s obligation to pay the Fees for Services provided shall survive termination or expiration of these Terms.


2.2 General Rate Increases. Company agrees that the Fees are subject to annual or ad hoc general rate increase (“GRI”) in the sole discretion of Veho. Veho shall provide advance notice to Company of the timing and terms of any GRI.


2.3 Limits to Parcel Size. Unless separately agreed in writing otherwise, Company may not use the Services for the shipment of any parcels (a) having length in excess of 48 inches, (b) having weight in excess of 50 lb, (c) having a Total Girth in excess of 100 inches, or (d) which cannot reasonably be handled by a single able-bodied individual. Services do not include assembly or disassembly.


Total Girth = Length (the longest dimension) + (2 * Width) + (2 * Height)
Where the parties agree to allow Company to use the Services for shipment of parcels in excess of these limits, such agreement will include additional surcharges for oversized parcels.


2.4 Carrier Detention Fee. When a Carrier is held at Company’s warehouse or distribution center for loading more than two (2) hours from arrival, Company shall pay Veho one hundred dollars ($100) for every additional hour (whether a full hour or part of an hour) until loading of all parcels is complete. Such detention fees shall be in addition to any fees due in accordance with Section 2.7.

2.5 Timely Injection by Company.

a. Where Company is responsible for delivering parcels to a warehouse operated by Veho or its affiliates (a “Veho Warehouse”), either directly or via a third-party carrier or broker (an “ Injection”):
i. Veho and Company shall agree upon a period of time within which the vehicle delivering Company’s goods shall arrive at the Veho Warehouse for such Injection (the “Appointment Window”);
ii. Company will provide Veho with contact information for any carrier or broker providing or arranging for delivery to the Veho Warehouse, and request such carrier or broker provide regular updates to Veho upon the status and expected arrival time at the Veho Warehouse; and
iii. It is at Veho’s sole discretion whether to receive an Injection that arrives at a Veho Warehouse outside of the Appointment Window.

b. If an Injection arrives at a Veho Warehouse more than 30 minutes after the end of the Appointment Window, and Veho agrees in its sole discretion to receive the Injection:
i. Company shall pay Veho a fee of three hundred dollars ($300) per such Injection;
ii. Company acknowledges and agrees that delivery of parcels contained in such Injection may be delayed; and
iii. Veho may, in its sole discretion, treat parcels contained in such Injection as if they had been received on the following day, and adjust accordingly the scheduled distribution of such parcels to Carriers for delivery.

2.6 Company’s Goods. Company represents and warrants that it will: (a) submit true, accurate, and correct information regarding itself, its goods, and the circumstances of its movements; (b) have sufficient right, title, and interest in and to the goods allowing it to tender to Carriers for transportation; (c) not tender any items prohibited by Veho or by Carriers, including any items prohibited by these Terms; and (d) not violate any applicable law or regulation of any governmental authority with jurisdiction over Company, Company’s goods, or the Services Company requests.

2.7 Readiness for Parcel Collection from Company Location. Where the Services include collection of parcels by a Carrier from a Company location (a “Collection”), Company will ensure that all parcels are readily available for Collection upon the Carrier’s arrival at the Company location. Any items not packaged, labeled and ready for Collection at the designated time will not be collected by the Carrier until the following scheduled Collection. Where a Carrier arrives at a Company location to make a Collection and the Collection cannot be completed because no parcels are present or Company is otherwise not prepared for the Collection in the Carrier’s or Veho’s discretion, (a) Company shall pay Veho the Fees associated with the Collection and an additional fee of one hundred dollars ($175.00) per vehicle utilized in the Collection, and (b) Company acknowledges and agrees that delivery of uncollected parcels may be delayed and any scheduled distribution of such parcels to Carriers for delivery shall be adjusted accordingly based on the actual date of Collection.

2.8 Advance Notice for Canceled Collections or Service Disruptions. Where a Collection is scheduled and Company’s facility will be closed or otherwise unavailable to facilitate the Collection, Company will provide Veho notice at least 24 hours in advance of the scheduled Collection. If Company fails to provide such advance notice, Company shall pay Veho the Fees associated with the Collection regardless of whether the Collection occurs.

2.9 Reliance on Information Provided. Company acknowledges and agrees that Company is required to review and confirm the accuracy of all information, documents, and declarations submitted to Veho, its affiliates, or Carriers. Company must immediately advise Veho of any errors, discrepancies, incorrect statements, or omissions. Company warrants that it will use reasonable care to ensure the correctness of all such information, including, without limitation, any contact information for Retail Customers provided to Veho.


2.10 Disposal. Where at Company’s request or in accordance with Section 2.14 or 2.15 Veho disposes of more than twenty-five (25) parcels in a week, Veho will charge Company a disposal surcharge of two dollars ($2) per each parcel in excess of twenty-five disposed of in such week Company warrants and agrees it shall provide all necessary information to Veho when requesting any parcel be disposed of so that Veho can comply with any applicable laws related to disposal.

Safety. In the event Company transfers or seeks to transfer goods or parcels to Veho that, in Veho’s sole discretion, (a) represent a risk to the safety of Veho, any Carrier, or any third party, whether the risk is to property or persons, including but not limited to pallets that are stacked greater than eight (8) feet inclusive of pallet height, or (b) are improperly wrapped, then Veho may refuse to accept or return to Company such goods or parcels.


2.11 Cancellation of Scheduled Deliveries and Pickups. Company may cancel any scheduled delivery without charge up until the parcel is tendered to Veho or a Carrier; scheduled deliveries canceled after tendering will be charged as if the delivery had been completed. Company may cancel any scheduled pickup without charge up until 8AM on the day of the scheduled pickup; scheduled pickups canceled after this time will be charged as if the pickup had been completed. For the avoidance of doubt, 8AM shall refer to 8AM local time where the parcel is scheduled for delivery or pickup.


2.12 Label Quality Fee. If a printed label attached to a parcel cannot be scanned by Veho due to poor print quality, damage to the label, or other quality issue that occurred prior to Veho’s receipt of the parcel, Veho may charge an additional handling fee.


2.13 Disposal of Damaged Parcels Containing Perishables. If damaged parcels with perishable contents exceed the damage threshold separately agreed upon between Veho and Company, Veho or its affiliates will dispose of the parcel. If such parcels arrive at the Veho facility in a state that exceeds damage thresholds, Company is responsible for all associated disposal fees. It is at the sole discretion of Veho and its affiliates to dispose of parcels per the agreed upon damage threshold.


2.14 Missorted Parcels. Where Company tenders or delivers parcels to a Carrier or Veho that are not intended for Veho or tenders or delivers parcels to the incorrect Veho Warehouse (each a “Missorted Parcel”), Veho may, at Veho’s sole discretion, (a) return such parcels to Company at Company’s expense, (b) offer to arrange for transportation of those parcels to the intended recipient at Company’s expense, or (c) dispose of any such parcels containing perishable goods. Veho will make reasonable efforts to determine Company’s preferred approach to address Missorted Parcels.

2.15 Surcharge for Non-Palletized Parcels. Unless Veho and Company otherwise agree in writing, including in any Order Form or addendum, Veho shall charge an additional fee of two hundred and fifty dollars ($250) where (a) a Carrier is asked to accept non-palletized parcels during a Collection at a Company location, or (b) Company delivers non-palletized parcels to a Veho Warehouse. Such fee shall be charged for each truck that accepts or delivers non-palletized parcels and shall be in addition to any changes to the Fees made in accordance with Section 2.1 .


2.16 Additional Surcharges. Veho reserves the right to assess surcharges in connection with the Services, including but not limited to fuel surcharges, surcharges for correction of incorrect delivery addresses, and surcharges for use of the Services during times of high utilization. Veho will determine the amount and duration of any such surcharges in its sole discretion. Veho will provide notice to Company of any such surcharges. By using the Services, Company agrees to pay the surcharges, if any, as determined by Veho.

3. TERM & TERMINATION

3.1 Term. The term of these Terms shall commence upon initiation of the Services by Company under an Order Form and shall continue until terminated in accordance with Section 3.2 below.

3.2  Termination. Either Party may terminate these Terms and all operative Order Forms, without cause, upon providing thirty (30) days’ written notice to the other Party. Either Party may terminate these Terms and the respective Order Form in the event of a material breach, as defined herein, by the other Party, (i) upon the other Party’s failure to cure within fifteen (15) days of written notice of such breach, or (ii) immediately upon written notice to the other Party if such breach is incurable. The following events shall constitute a material breach by either Party:
(a) The non-payment of any compensation, charges, costs, debts, expenses or other obligations accruing and owed under these Terms or any Order Form; (b) The material failure to perform any obligation of these Terms or any Order Form; or (c) the material violation of or failure to comply with any covenant, representation, or warranty made in these Terms or any Order Form.


4. PROPRIETARY INFORMATION AND TECHNOLOGY

4.1 Company Data. To the extent Company provides Veho with personal data, Veho shall process such personal data in accordance with the Data Processing Addendum (“DPA”) and Security Measures, attached hereto as Schedule 1 (DPA) and Annex #2 (Security Measures), hereby incorporated by reference. Any such Personal Data will be used by Veho and its affiliates to provide the Services or collect feedback from Retail Customers. Notwithstanding anything to the contrary herein, Veho, its affiliates, and Carriers will not be liable to Company for any claims arising out of communications with Retail Customers in connection with the Services that are made in good faith reliance on the accuracy of the Personal Data about Company’s Retail Customers provided by Company.

Company shall ensure (and is solely responsible for ensuring) that it has given such notices to and obtained such consents and permissions from all third parties and has reserved all necessary rights, including as may be required under applicable law or otherwise, for Company and Veho and its affiliates to collect, use and share Company Customer Data as required to provide the Services and as contemplated by these Terms and any applicable Order Form.

4.2 Consent to Disclosure of Company Customer Data. Company hereby consents to Veho providing Company Customer Data to employees of Veho and its affiliates or Carriers to the extent necessary to provide the Services. Veho will use reasonable efforts to prohibit Carriers from accessing Company Customer Data upon the completion of Services, except to the extent necessary to comply with applicable transportation laws.

4.3 Veho Technology. Nothing in these Terms shall grant Company the right to use Veho or its affilate’s technology, including the digital marketplace platform operated by Veho Tech, Inc. (collectively, “Veho Technology”) other than for receipt of the Services. Company shall not present, disclose, or discuss Veho’s technology to any third party during or after the duration of these Terms unless required to do so by law or with explicit written consent from Veho.

4.4 Development of Intellectual Property. In the event that either Party anticipates that there will be intellectual property development for the other party under these Terms, the Party anticipating such development will notify the other prior to the commencement of any such intellectual property development and the Parties shall define their rights under a separate written agreement.


4.5 Disclosure of Information for Public Relation or Fundraising Purposes. Either Party may, subject to providing prior notice to the other Party, disclose general, non-personally identifiable details about the Services and mention the existence of these Terms, for purposes of a press release, marketing campaign, or fundraising.


4.6 Logo Use. Company hereby provides its consent for Veho to use Company’s name, logo, or trademark in any public communication, including, without limitation, press releases, advertising, marketing materials, mobile applications, or web sites.


5. INDEMNIFICATION.


5.1 Veho’s Obligations. Veho shall defend, indemnify, and hold harmless Company against any and all actual, potential, threatened, or pending claims, demands, actions, causes of action, liabilities, judgments, fines, penalties, orders, decrees, awards, costs, expenses, including reasonable attorneys’ fees, settlements, and claims arising out of or related to: (a) loss or damage to property (other than goods), or personal injury, including death, which may be sustained by Company, its employees, or third parties, arising out of or in connection with Veho’s negligent performance of the Services, except as specifically stated otherwise herein; (b) Veho’s breach of any of its representations, warranties, or covenants in these Terms or any Order Form; (c) Veho’s intentional or willful misconduct; or (d) Veho’s violation of any applicable law, rule, or regulation.


5.2 Company’s Obligations. Company shall defend, indemnify, and hold harmless Veho, its affiliates, and their respective officers, directors, shareholders, parent companies, subsidiary companies, affiliated or related companies, employees, agents, representatives, vendors, customers, and consignees against any and all actual, potential, threatened, or pending claims, demands, actions, causes of action, liabilities, judgments, fines, penalties, orders, decrees, awards, costs, expenses, including reasonable attorneys’ fees, settlements, and claims arising out of or related to: (a) loss or damage to property or personal injury, including death, arising out of or in connection with Company’s delivery or tender of goods to Veho, its affiliates, or Carriers;
(b) Company’s breach of any of its representations, warranties, or covenants in these Terms or any Order Form; (c) Company’s negligence or intentional or willful misconduct; (d) any incorrect or false information provided by Company or Company’s failure to disclose information; (e) Company’s violation of any applicable law, rule, or regulation; (f) any claim based on any alleged misuse of any technology, or a claim that any user data infringes the copyright, trademark, or patent rights of Company or any third party; or (g) any other act or omission by Company with indemnification obligations as outlined elsewhere in these Terms.

5.3 Anti-Indemnity. The preceding indemnity obligations will not be construed in any circumstance to constitute an indemnification contrary to any law that prohibits indemnification against loss, liability, costs or expenses incident thereto caused by the negligence of such indemnitee. Exclusions in any Party’s insurance coverage(s) shall not exonerate such Party from this liability

5.4 Relationship of the Parties. Each of the Parties is an independent contractor of the other party and shall not be considered to be an employee, agent, partner, distributor or representative of the other. Nothing in these Terms or any Order Form will be construed to create a partnership, joint venture, franchise, fiduciary, employment, or agency relationship between the Parties. Neither Party has any express or implied authority to assume or create any obligations on behalf of the other or to bind the other to any contract, agreement or undertaking with any third party except as may be explicitly provided for herein or authorized in writing by the Parties.

5.5 Survival. The provisions of this Section 5 shall survive the expiration or termination of these Terms.

6. DAMAGES EXCLUSION. IN NO EVENT SHALL (A) VEHO, (B) ITS AFFILIATES,(C) ANY EMPLOYEES, AGENTS, OFFICERS OR DIRECTORS OF VEHO OR ITS AFFILIATES, OR (D) CARRIERS BE LIABLE FOR ANY LOST PROFITS, LOST REVENUE, OR CONSEQUENTIAL, INCIDENTAL, INDIRECT, SPECIAL, EXEMPLARY, OR PUNITIVE DAMAGES ARISING IN CONNECTION WITH THE SERVICES, THESE TERMS OR THEIR SUBJECT MATTER, OR ANY CLAIMS OR DEMANDS AGAINST COMPANY BY A THIRD PARTY ARISING OUT OF OR CONNECTED WITH THE SERVICES, REGARDLESS OF THE THEORY OF LIABILITY GIVING RISE TO SUCH DAMAGES, WHETHER ARISING IN CONTRACT, TORT, OR OTHERWISE, AND REGARDLESS OF WHETHER ADVISED OR AWARE OF THE POSSIBILITY OF SUCH DAMAGES. EACH PARTY REPRESENTS THAT IT IS SOPHISTICATED IN THE COMMERCIAL MATTERS CONTEMPLATED BY THESE TERMS AND THAT IT HAS RECEIVED ADVICE FROM COUNSEL PRIOR TO EXECUTION. FOR THE AVOIDANCE OF DOUBT, THE WAIVER OF DAMAGES IN THIS SECTION APPLIES TO ALL CLAIMS, INCLUDING THOSE ASSERTED PURSUANT TO SECTION 5.1. EACH PARTY ACCEPTS THAT THE PROVISIONS OF THESE TERMS RELATED TO LEGAL LIABILITY ARE ECONOMICALLY SOUND AND CONSTITUTE A MATERIAL INDUCEMENT FOR THE PARTIES ENTERING INTO THESE TERMS.
IN NO EVENT WILL VEHO, ITS AFFILIATES OR ITS OR THEIR LICENSORS, SERVICE PROVIDERS, EMPLOYEES, AGENTS, OFFICERS OR DIRECTORS BE LIABLE FOR DAMAGES OF ANY KIND, UNDER ANY LEGAL THEORY, ARISING OUT OF OR IN CONNECTION WITH COMPANY’S USE, OR INABILITY TO USE, VEHO TECHNOLOGY, ANY WEBSITES LINKED TO VEHO TECHNOLOGY, ANY CONTENT, SERVICES, OR ITEMS OBTAINED OR TRANSACTED THROUGH VEHO TECHNOLOGY, INCLUDING ANY INDIRECT, SPECIAL, INCIDENTAL, CONSEQUENTIAL OR PUNITIVE DAMAGES, INCLUDING BUT NOT LIMITED TO, PERSONAL INJURY, PAIN AND SUFFERING, EMOTIONAL DISTRESS, LOSS OF REVENUE, LOSS OF PROFITS, LOSS OF BUSINESS OR ANTICIPATED SAVINGS, LOSS OF USE, LOSS OF GOODWILL, LOSS OF DATA, AND WHETHER CAUSED BY TORT (INCLUDING NEGLIGENCE), BREACH OF CONTRACT OR OTHERWISE, EVEN IF FORESEEABLE. THE FOREGOING DOES NOT AFFECT ANY DAMAGES OR LIABILITY THAT CANNOT BE EXCLUDED OR LIMITED UNDER APPLICABLE LAW.

7. FORCE MAJEURE. In the event performance by Veho, a Carrier, or a broker is affected by any cause beyond reasonable control, including without limitation, fire, labor strife, riot, war, weather conditions, acts of the public enemy, acts of God, acts of terrorism, acts of government authority, pandemic or health crisis, local or national disruptions to transportation networks or operations, fuel shortages, governmental regulations, or requisition for national defense, then the performance of all affected obligations required under these Terms, any Order Form, or otherwise shall be suspended during the continuance of such interruption, and Company shall receive reasonably prompt notice of such interruption. Such period of suspension shall not in any way invalidate these Terms, but on resumption of operations, any affected performance shall be resumed. No liability shall be incurred by Veho, its affiliates, or Carriers for damages resulting from such suspensions.


8. NOTICES. Any notice required or permitted by these Terms shall be delivered to Veho at the address listed below, or at such other addresses as Veho may designate by written notice.

If to Veho:

Veho Logistics LLC

2093Philadelphia Pike #8346

Claymont, DE19703

AND by email                        

legal@shipveho.com

9. ENTIRE AGREEMENT. These Terms contain the entire agreement between the Parties, and Company acknowledges and agrees that it may not alter these Terms without the written consent of Veho. Company acknowledges and agrees that Veho may unilaterally update these Terms from time-to-time at Veho’s sole discretion. The Section and paragraph headings in these Terms have been inserted solely for convenience of reference and do not constitute part of these Terms.


10. ICCTA WAIVER. The Parties agree that these Terms are entered into in accordance with 49 USC § 14101(b)(1) if applicable. The Parties expressly waive any and all rights and remedies that either may have under 49 USC § 13101 through § 14914 that are contrary to the specific provisions of these Terms or any Order Form.


11. ASSIGNMENT. Veho may, without notice, assign its rights and delegate its duties under these Terms or any Order Form. Under such assignment or delegation, Company shall be deemed to have attorned to such assignee and shall owe the same duties and obligation to such assignee and shall accept performance hereunder by such assignee as if such assignee were Veho. Whether or not assigned, Company acknowledges and agrees that certain elements of the performance and administration of these Terms or any Order Form including enforcement thereof may be provided through any of Veho’s affiliates. Neither these Terms, nor any Order Form, nor any rights, interests or obligations may be assigned by Company without the prior written consent of Veho.

12. SEVERABILITY. If any of the provisions of these Terms shall be invalid or unenforceable, such invalidity or unenforceability shall not invalidate or render unenforceable the entire Terms, but rather these entire Terms shall be construed as if not containing the particular invalid or unenforceable provision or provisions, and the rights and obligations of the Parties shall be construed and enforced accordingly.


13. WAIVER. The waiver of any breach of any provision of these Terms or any Order Form by either Party shall not be deemed to be a waiver of any preceding or subsequent breach under these Terms or any Order Form. No such waiver shall be effective unless in writing.


14. ADDITIONAL  REPRESENTATIONS  AND  WARRANTIES  OF  COMPANY. Company warrants and represents that: (a) it is duly organized, validly existing and in good standing under the laws of the jurisdiction in which it was formed and engaged in its own independent trade or business prior to entering into these Terms; (b) it has full power and authority to execute, deliver, and perform under these Terms; (c) these Terms have been duly authorized, executed, and delivered by a corporate representative and are their legal, valid, and binding obligations in accordance with the terms herein; and (d) obligations under these Terms shall be performed in compliance with any obligations to third parties and all applicable law, rules, or regulations of any governmental entity or agency.

15. VEHO’S DISCLAIMER OF WARRANTIES. Company understands that Veho cannot guarantee or warrant that files available for downloading from the internet or Veho Technology will be free of viruses or other destructive code. Company is responsible for implementing sufficient procedures and checkpoints to satisfy its particular requirements for anti-virus protection and accuracy of data input and output, and for maintaining a means for any reconstruction of any lost data. VEHO WILL NOT BE LIABLE FOR ANY LOSS OR DAMAGE CAUSED BY A DISTRIBUTED DENIAL-OF-SERVICE ATTACK, VIRUSES, OR OTHER TECHNOLOGICALLY HARMFUL MATERIAL THAT MAY INFECT COMPANY’S COMPUTER EQUIPMENT, COMPUTER PROGRAMS, DATA OR OTHER PROPRIETARY MATERIAL DUE TO COMPANY’S USE OF VEHO TECHNOLOGY OR TO COMPANY’S DOWNLOADING OF ANY MATERIAL POSTED ON IT, OR ON ANY WEBSITE LINKED TO IT.

COMPANY’S USE OF THE SERVICES, VEHO TECHNOLOGY, AND ANY SERVICES OR ITEMS OBTAINED OR TRANSACTED THROUGH VEHO TECHNOLOGY IS AT COMPANY’S OWN RISK. THE SERVICES, VEHO TECHNOLOGY, ANY CONTENT CONTAINED ON VEHO TECHNOLOGY, AND ANY SERVICES OR ITEMS OBTAINED OR TRANSACTED THROUGH VEHO TECHNOLOGY ARE PROVIDED ON AN “AS IS” AND “AS AVAILABLE” BASIS, WITHOUT ANY WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED. VEHO MAKES NO REPRESENTATIONS OR WARRANTIES REGARDING THE ACCURACY OR COMPLETENESS OF ANY INFORMATION PROVIDED TO COMPANY. VEHO EXPRESSLY DISCLAIMS ALL WARRANTIES OF

MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, NONINFRINGEMENT, AND ANY AND ALL WARRANTIES ARISING FROM COURSE OF DEALING OR USAGE OF TRADE. VEHO MAKES NO WARRANTY OR REPRESENTATION WITH RESPECT TO THE COMPLETENESS, SECURITY, RELIABILITY, QUALITY, ACCURACY OR AVAILABILITY OF SERVICES. WITHOUT LIMITING THE FOREGOING, VEHO DOES NOT REPRESENT OR WARRANT THAT THE SERVICES, VEHO TECHNOLOGY, ANY CONTENT CONTAINED ON VEHO TECHNOLOGY, OR ANY SERVICES OR ITEMS OBTAINED OR TRANSACTED THROUGH VEHO TECHNOLOGY WILL BE ACCURATE, RELIABLE, ERROR-FREE OR UNINTERRUPTED, THAT DEFECTS WILL BE CORRECTED, THAT VEHO TECHNOLOGY IS FREE OF VIRUSES OR OTHER HARMFUL COMPONENTS OR THAT THE SERVICES, VEHO TECHNOLOGY OR ANY SERVICES OR ITEMS OBTAINED OR TRANSACTED THROUGH VEHO TECHNOLOGY WILL OTHERWISE MEET COMPANY’S NEEDS OR EXPECTATIONS.

VEHO MAKES NO REPRESENTATIONS OR WARRANTIES AS TO THE CONDUCT OF USERS OF THE SERVICES. COMPANY AGREES TO TAKE REASONABLE PRECAUTIONS IN ALL INTERACTIONS WITH OTHER USERS OF VEHO TECHNOLOGY. VEHO HEREBY DISCLAIMS ALL LIABILITY FOR (A) ALL ACTS OR OMISSIONS OF USERS OF VEHO TECHNOLOGY, AND (B) ALL TRANSACTIONS BETWEEN USERS ARISING FROM INTERACTIONS ON VEHO TECHNOLOGY. VEHO WILL NOT BE LIABLE FOR COMPANY’S FAILURE TO PAY FOR SERVICES, OR FOR TAX LIABILITIES RELATING TO TRANSACTIONS BETWEEN USERS. VEHO WILL NOT BE LIABLE FOR, AND USERS SHALL BE SOLELY LIABLE FOR, THEIR COMPLIANCE WITH ALL TAX, ADVERTISING AND OTHER LAWS APPLICABLE TO THEIR TRANSACTIONS.


THE FOREGOING DOES NOT AFFECT ANY WARRANTIES THAT CANNOT BE EXCLUDED OR LIMITED UNDER APPLICABLE LAW.

16. LIMITATION ON LIABILITY. IN NO EVENT WILL EITHER PARTY’S AGGREGATE LIABILITY ARISING OUT OF OR RELATING TO THESE TERMS (REGARDLESS OF THE FORM OF ACTION GIVING RISE TO SUCH LIABILITY, WHETHER IN CONTRACT, TORT, OR OTHERWISE) EXCEED THE GREATER OF (A) ONE MILLION ($1,000,000) DOLLARS OR (B) TWO (2) TIMES THE TOTAL AMOUNT PAID OR PAYABLE BY COMPANY UNDER THIS AGREEMENT IN THE 12 MONTHS PRECEDING THE FIRST INCIDENT OUT OF WHICH LIABILITY AROSE. FOR THE AVOIDANCE OF DOUBT, THE LIMITATION OF DAMAGES IN THIS SECTION APPLIES TO ALL CLAIMS, INCLUDING THOSE ASSERTED PURSUANT TO SECTIONS 5.1 AND 5.2; PROVIDED, HOWEVER, THAT THE FOREGOING LIMITATION WILL NOT APPLY WITH RESPECT TO ANY INTENTIONAL OR WILLFUL MISCONDUCT, GROSS NEGLIGENCE, OR TO THE INDEMNITY DESCRIBED IN SECTION 5.2(d). THE FOREGOING DOES NOT AFFECT ANY LIABILITIES THAT CANNOT BE EXCLUDED OR LIMITED UNDER APPLICABLE LAW.

17. GOVERNING LAW AND JURISDICTION. Company and Veho mutually acknowledge and agree that these Terms shall be construed and enforced in accordance with the laws of the State of Delaware without giving effect to jurisdictional conflict of laws provisions.

Schedule 1: DATA PROCESSING ADDENDUM

What’s a Rich Text element?

To the extent Veho (“Provider”) will be Processing Personal Data provided by Company, Veho shall do so in accordance with this Data Processing Addendum.  


1. Definitions

For purposes of this DPA, the terms below have the meanings set forth below.  Capitalized terms that are used but not defined in this DPA have the meanings given in the Agreement.

(a) Affiliate means any entity that directly or indirectly controls, is controlled by, or is under common control with the subject entity, where “control” refers to the power to direct or cause the direction of the subject entity, whether through ownership of voting securities, by contract or otherwise.

(b) Applicable Data Protection Laws means the privacy, data protection and data security laws and regulations of any jurisdiction applicable to the Processing of Personal Data under the Agreement, including, without limitation, the CCPA and VDCPA.

(c) CCPA means the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (the “CPRA”), and any binding regulations promulgated thereunder.

(d) VDCPA means Virginia Consumer Data Protection Act (2021; effective Jan. 1, 2023).

(e) Company Data means information provided or made available to Provider for Processing on Company’s behalf to perform the Services.

(f) Information Security Incident means the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Data in Provider’s possession, custody or control. Information Security Incidents do not include unsuccessful attempts or activities that do not compromise the security of Personal Data, including unsuccessful log-in attempts, pings, port scans, denial of service attacks, or other network attacks on firewalls or networked systems.

(g) Personal Data means Company Data that constitutes “personal data,” “personal information,” or “personally identifiable information” defined in Applicable Data Protection Laws or information of a similar character regulated thereby, except that Personal Data does not include such information pertaining to Company’s business contacts who are Company personnel or such information received by Provider directly or from other sources (such as its other companies) independent of Provider’s relationship with Company.

(h) Processing means any operation or set of operations which is performed by (or on behalf of Provider) on behalf of Company under this Agreement, on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

(i) Security Measures has the meaning given in Section 4(a) (Provider’s Security Measures).

(j) Subprocessors means third parties that Provider engages to Process Personal Data in relation to the Service.

(k) Third Party Subprocessors has the meaning given in Section 7 (Subprocessors).

2. Duration and Scope of DPA

(a) This DPA will remain in effect so long as Provider Processes Personal Data, notwithstanding the expiration or termination of the Agreement.

(b) Processing of Personal Data subject to the CCPA with respect to which Company is a Business or Service Provider (as defined in CCPA) shall be subject to Annex 1 (California Annex) to this DPA.

3. Company Instructions

Provider will Process Personal Data only in accordance with Company's instructions to Provider. This DPA is a complete expression of such instructions, and Company's additional instructions will be binding on Provider only pursuant to an amendment to this DPA signed by both parties. By entering into this DPA, Company instructs Provider to Process Personal Data to provide the Service and to perform its other obligations and exercise its right under the Agreement.


4. Security

(a) Provider Security Measures. Provider will implement and maintain technical and organizational measures designed to protect Personal Data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or access to Personal Data (the “Security Measures”) as described in Annex 2 (Security Measures).  Provider may update the Security Measures from time to time, so long as the updated measures do not decrease the overall protection of Personal Data.


(b) Security Compliance by Provider Staff. Provider shall require that its personnel who are authorized to access Personal Data are subject to appropriate confidentiality obligations.

(c) Information Security Incidents. Provider will notify Company without undue delay of any Information Security Incident of which Provider becomes aware. Such notifications will describe available details of the Information Security Incident, including steps taken to mitigate the potential risks and steps Provider recommends Company take to address the Information Security Incident.  Provider’s notification of or response to an Information Security Incident will not be construed as Provider’s acknowledgement of any fault or liability with respect to the Information Security Incident.

(d) Company’s Security Responsibilities and Assessment

i) Company’s Security Responsibilities. Company agrees that, without limitation of Provider’s obligations under Section 4 (Security), Company is solely responsible for its use of the Service, including (a) making appropriate use of the Service to ensure a level of security appropriate to the risk in respect of the Personal Data; (b) securing the account authentication credentials, systems and devices Company uses to access the Service; (c) securing Company’s systems and devices that Provider uses to provide the Service; and (d) backing up Personal Data.

(ii) Company’s Security Assessment. Company agrees that the Service, the Security Measures and Provider’s commitments under this DPA are adequate to meet Company’s needs, including with respect to any security obligations of Company under Applicable Data Protection Laws, and provide a level of security appropriate to the risk in respect of the Personal Data.

5. Data Subject Rights

(a) Provider’s Data Subject Request Assistance. Provider will (taking into account the nature of the Processing of Personal Data) provide Company with assistance reasonably necessary for Company to perform its obligations under Applicable Data Protection Laws to fulfill requests by data subjects to exercise their rights under Applicable Data Protection Laws (“Data Subject Requests”) with respect to Personal Data in Provider’s possession or control.  Company shall compensate Provider for any such assistance at Provider’s then-current professional services rates, which shall be made available to Company upon request.

(b) Company’s Responsibility for Requests. If Provider receives a Data Subject Request, Provider will (i) notify Company; and (ii) advise the data subject to submit the request to Company, and Company will be responsible for responding to any such request.

6. CompanyResponsibilities

(a) Company shall ensure (and is solely responsible for ensuring) that it has given such notices to and obtained such consents and permissions from third parties (including, without limitation, data subjects), and has reserved all rights, in each case, as may be required under applicable law or otherwise for Provider to Process Personal Data as contemplated by the Agreement.

(b) Company represents and warrants to Provider that Customer Data does not and will not contain any social security numbers or other government-issued identification numbers, protected health information subject to the Health Insurance Portability and Accountability Act (HIPAA) or other information regarding an individual’s medical history, mental or physical condition, or medical treatment or diagnosis by a health care professional; health insurance information; biometric information; passwords for online accounts; credentials to any financial accounts; tax return data; any payment card information subject to the Payment Card Industry Data Security Standard; personal data of children under 13 years of age; or any other information that falls within any special categories of data (as defined in Applicable Data Protection Laws).

7. Subprocessors

(a) Consent to Subprocessor Engagement. Company specifically authorizes the engagement of Provider’s Affiliates as Subprocessors and generally authorizes the engagement of any other third parties as Subprocessors (“Subprocessors”).

(b) Information about Subprocessors. Information about Subprocessors, including their functions and locations, is available in Annex 3 of this DPA/at [WEBSITE] (the “Subprocessor Site”).

(c) Requirements for Subprocessor Engagement. When engaging any Subprocessor, Provider will enter into a written contract with such Subprocessor containing data protection obligations not less protective than those in this DPA with respect to Personal Data to the extent applicable to the nature of the services provided by such Subprocessor. Provider shall be liable for all obligations subcontracted to, and all acts and omissions of, the Subprocessor.

(d) Opportunity to Object to Subprocessor Changes. When Provider engages any new Subprocessor after the effective date of the Agreement, Provider will notify Company of the engagement (including the name and location of the relevant Subprocessor and the activities it will perform) by updating the

Subprocessor Site or by other written means. If Company objects to such engagement, Company may within 15days of receipt of notice from Veho, as its sole and exclusive remedy, terminate the Agreement and cancel the Service by providing written notice to Provider and pay Provider for all amounts due and owing under the Agreement as of the date of such termination.

8. Audits

Reviews and Audits of Compliance. Company may audit Provider’s compliance with its obligations under this DPA up to once per year and on such other occasions as may be required by Applicable Data Protection Laws. Provider will contribute to such audits by providing Company with the information and assistance reasonably necessary to conduct the audit.  If a third party is to conduct the audit, Provider may object to the auditor if the auditor is, in Provider’s reasonable opinion, not independent, a competitor of Provider, or otherwise manifestly unsuitable.  Such objection by Provider will require Company to appoint another auditor or conduct the audit itself.  To request an audit, Company must submit a proposed audit plan to Provider at least four weeks in advance of the proposed audit date and any third-party auditor must sign a customary non-disclosure agreement mutually acceptable to the parties (such acceptance not to be unreasonably withheld) providing for the confidential treatment of all information exchanged in connection with the audit and any reports regarding the results or findings thereof. The proposed audit plan must describe the proposed scope, duration, and start date of the audit. Provider will review the proposed audit plan and provide Company with any concerns or questions (for example, any request for information that could compromise Provider security, privacy, employment or other relevant policies). Provider will work cooperatively with Company to agree on a final audit plan.  Nothing in this Section 8 shall require Provider to breach any duties of confidentiality.  If the Provider undergoes a SOC 2 Type 2, ISO, NIST or similar audit and receives a report within twelve (12) months of Company’s audit request and Provider has confirmed there have been no known material changes in the controls audited since the date of such report, Company agrees to accept such report in lieu of requesting an audit of such controls or measures.  The audit must be conducted during regular business hours, subject to the agreed final audit plan and Provider’s safety, security or other relevant policies, and may not unreasonably interfere with Provider business activities.  Company will promptly notify Provider of any non-compliance discovered during the course of an audit and provide Provider any audit reports generated in connection with any audit under this Section 8, unless prohibited by Applicable Data Protection Laws. Company may use the audit reports only for the purposes of meeting Company’s regulatory audit requirements and/or confirming compliance with the requirements of this DPA.  Any audits are at the Company's sole expense. Company shall reimburse Provider for any time expended by Provider and any third parties in connection with any audits or inspections under this Section 8 at Provider’s then-current professional services rates, which shall be made available to Company upon request. Company will be responsible for any fees charged by any auditor appointed by Company to execute any such audit.

9. Miscellaneous

Except as expressly modified by the DPA, the terms of the Agreement remain in full force and effect. To the extent of any conflict or inconsistency between this DPA and the other terms of the Agreement, this DPA will govern. Notwithstanding anything in the Agreement or any order form entered in connection therewith to the contrary, the parties acknowledge and agree that Provider’s access to Personal Data does not constitute part of the consideration exchanged by the parties in respect of the Agreement.  Notwithstanding anything to the contrary in the Agreement, any notices required or permitted to be given by Provider to Company under this DPA may be given (a) in accordance with any notice clause of the Agreement; (b) to Provider’s primary points of contact with Company; or (c) to any email provided by Company for the purpose of providing it with Service-related communications or alerts. Company is solely responsible for ensuring that such email addresses are valid.

Annex 1 to: DPA CaliforniaAnnex

What’s a Rich Text element?

1. For purposes of this Annex 1, the terms “business,” “commercial purpose,” “sell,” “share” and “service provider” shall have the respective meanings given thereto in the CCPA, and “personal information” shall mean Personal Data that constitutes personal information governed by the CCPA.

2. It is the parties’ intent that with respect to any personal information, Provider is a service provider. Provider
(a) acknowledges that personal information is disclosed by Company only for limited and specified purposes described in the Agreement; (b) shall comply with applicable obligations under the CCPA and shall provide the same level of privacy protection to personal information as is required by the CCPA; (c) agrees that Company has the right to take reasonable and appropriate steps to help to ensure that Provider’s use of personal information is consistent with Company’s obligations under the CCPA; (d) shall notify Company in writing of any determination made by Provider that it can no longer meet its obligations under the CCPA; (e) shall return or delete the personal information processed on behalf of Company at the termination of the Agreement; (e) shall assist Company in the event Company initiates a data privacy impact assessment and (g) agrees that Company has the right, upon notice, including pursuant to the preceding clause, to take reasonable and appropriate steps to stop and remediate unauthorized use of personal information.

3. Provider shall not (a) sell or share any personal information; (b) retain, use or disclose any personal information for any purpose other than for the specific purpose of providing the Service, including retaining, using, or disclosing the personal information for a commercial purpose other than the provision of the Service, or as otherwise permitted by the CCPA; (c) retain, use or disclose the personal information outside of the direct business relationship between Provider and Company; or (d) combine personal information received pursuant to the Agreement with personal information (i) received from or on behalf of another person, or (ii) or collected from Provider’s own interaction with any Consumer to whom such personal information pertains, except as and to the extent necessary as a part of Provider’s provision of the Service. Provider hereby certifies that it understands its obligations under this Section 2 and will comply with them.

4. Giving Company notice of Subprocessor engagements in accordance with Section 7 of the DPA shall satisfy Provider’s obligation under the CPRA to give notice of such engagements.

5. Obligations under this California Annex that are neither required to be imposed on Provider for Provider to qualify as a Service Provider under the CCPA nor for the Parties to comply with their obligations under the CCPA in relation to the required terms of contracts, in each case, before the CPRA takes effect on January 1, 2023, shall apply to Provider only on and after January 1, 2023.

6. The parties acknowledge that Provider’s retention, use and disclosure of personal information authorized by Company’s instructions documented in the DPA are integral to Provider’s provision of the Services and the business relationship between the parties.

Annex 2 to DPA: Security Measures

What’s a Rich Text element?

1. Organizational management and dedicated staff responsible for the development, implementation and maintenance of the Provider’s information security program.

2. Audit and risk assessment procedures for the purposes of periodic review and assessment of risks to Provider’s organization, monitoring and maintaining compliance with the Provider’s policies and procedures, and reporting the condition of its information security and compliance to internal senior management.

3. Data security controls which include, at a minimum, logical segregation of data, restricted (e.g., role-based) access and monitoring, and utilization of commercially available industry standard encryption technologies for Personal Data that is transmitted over public networks (i.e., the Internet) or when transmitted wirelessly or at rest or stored on portable or removable media (i.e., laptop computers, CD/DVD, USB drives, back-up tapes).

4. Logical access controls designed to manage electronic access to data and system functionality based on authority levels and job functions, (e.g., granting access on a need-to-know and least privilege basis, use of unique IDs and passwords for all users, periodic review and revoking/changing access promptly when employment terminates or changes in job functions occur).

5. Password controls designed to manage and control password strength, expiration and usage including prohibiting users from sharing passwords and requiring that the Provider’s passwords that are assigned to its employees:  (i) be at least eight (8) characters in length, (ii) not be stored in readable format on the Provider’s computer systems; (iii) must have defined complexity; (iv) must have a history

6. Threshold to prevent reuse of recent passwords; and (v) newly issued passwords must be changed after first use.

7. System audit or event logging and related monitoring procedures to proactively record user access and system activity.

8. Operational procedures and controls to provide for configuration, monitoring and maintenance of technology and information systems, including secure disposal of systems and media to render all information or data contained therein as undecipherable or unrecoverable prior to final disposal or release from the Provider’s possession.

9. Change management procedures and tracking mechanisms designed to test, approve and monitor all material changes to the Provider’s technology and information assets.

10. Incident management procedures are designed to allow the Provider to investigate, respond to, mitigate and notify of events related to the Provider’s technology and information assets.

11. Network security controls that provide for the use of enterprise firewalls and layered DMZ architectures, and intrusion detection systems and other traffic and event correlation procedures designed to protect systems from intrusion and limit the scope of any successful attack.

Annex 3 to DPA: List of Subprocessors

What’s a Rich Text element?

Name: Description of processing (delimitation of  responsibilities)

AutoPilot: In-app chat & text drivers

AWS: Cloud computing services and  data storage    

Metabase: Business intelligence query  building, dash-boarding, reporting

MongoDB: Database services

Salesforce: Cloud computing services

FiveTran: BI / Data Ingest

Google: Address geocoding, data  storage, analytics, tracking

Mapbox: Address geocoding

Twilio: Customer and driver messaging

LogDNA: Logging & Monitoring

New Relic: Logging & Monitoring

Sentry: Monitoring and alerting

Bugsnag: Logging & Monitoring

Slack: Team collaboration and chat  platform

Rockset: Database services

LaunchDarkly: Product feature flags

DBT: Business intelligence data  model building

Zendesk: Support ticket processing

Typeform: Support incident reporting

Segment (Twilio): Customer data platform

TaskUs: Customer Support

Loris: AI ticket routing

OSANO: Privacy operations tool

Deel: Software Engineering  development

DialPad: Telephone and Voicemail  provider

Shippo: Shipping Software

Hex: Data analytics platform

Proship: Shipping Software

Logistyx: Shipping Software

Easypost: Shipping Software

Shipium: Shipping Software

project44: Shipping Software

Convey (subs of project 44): Shipping Software

Manhattan: Shipping Software

Transplace: Shipping Software

Intelligent Audit: Billing Auditing

Trax: Billing Auditing

Green Mountain Technology: Billing Auditing

Transportation Insight: Billing Auditing

Smarty: Geocoding services

Additional third-party sub-processors

Name: Description of processing (delimitation of  responsibilities)

Veho Tech, Inc: Fulfillment Services

Spruce Transport Operations  LLC: Fulfillment Services

Cedar Logistics LLC: Fulfillment Services

Redbud Logistics LLC: Fulfillment Services

What’s a Rich Text element?

You can check out the previews terms

You can check out the previews terms

You can check out the previews terms

You can check out the previous terms

Download previous terms