Legal & Compliance

Overview

Welcome to onedge.co (the "Edge Platform"), which is owned and operated by Edge Services & Solutions LLC and our affiliated entities ("Edge", "Company", "we" or "us"). We respect your privacy and are committed to protecting it through compliance with this Privacy Policy.

This Privacy Policy describes and governs the manner in which we collect, use, maintain and disclose information about you when you download, install, register with, access, or use the Edge Platform and our other online services (collectively, the "Services").

Please read this Privacy Policy carefully before you start to use the Services. By accessing and/or using the Services, you accept and agree to be bound and abide by this Privacy Policy and our Terms of Service available at https://onedge.co/terms (the "Terms of Service") incorporated herein by reference and to comply with all applicable laws, rules and regulations (collectively, "Applicable Law"). If you do not want to agree to this Privacy Policy and the Terms of Service, you must not access or use the Services.

Personal Information

We may collect personal information from you in a variety of ways, including the following key categories and types of personal information:

• General personal information: Name, username and password used as login credentials, address, email address and phone number, date of birth, and any other personal information requested by our team to comply with applicable laws.
• Professional or employment-related information: Professional or employment information shared by you, including positions you have held, previous employers, and your past educational experience.
• Information you upload: Any content you provide or upload using our Services.
• Information about your transaction: We will collect information from use of the Services and information related to the fees we charge for use of our platform, including information you provide to us when you use our website and/or other online services to purchase our Services, including but not limited to general transaction details and timing related to your transaction.
• Geolocation data: The general region or area from which you access our Services.
• Internet or other online activity: Referral channels that led you to our Services, browsing and click history, device information, browser information, operating system information, IP address, page views, button clicks, and information about how you navigate our Services.
• Inferences: We may make inferences based on the information we collect.
• Information from public sources: We may obtain information about you and your business or project on the internet or through offline sources and other public or commercial sources.

How We Use Collected Information

We may collect and use your personal information for the following purposes:

• To provide and improve customer service: We use your contact information to answer your questions and respond to your requests and inquiries, provide you technical support, notify you of changes to the Services, and maintain and improve functionality of our Services.
• To provide the Services: We use personal information to provide you the Services. For example, we may use your personal information to enable academic and other professional associates or referees to create reference letters using our Services.
• For analytical purposes: We use aggregated information collected detailing your internet activity, browsing history and geolocation data to analyze preferences, trends and statistics relating to the usage of our Services. We may also use your activity on our Services in an aggregate way in order to improve our Services. We may also use your information to protect the Company, our Services and our website, and to prevent fraud, theft and misconduct.
• For relevant updates, marketing and promotional purposes: We use your contact information, employment-related information, other personal information and various inferences described above to send you relevant articles, blog posts, newsletters, podcasts, offers, products and other information we think may be relevant to you and to notify you of changes to this Privacy Policy. We may also use information about your use of our Services in an anonymized and aggregate way to analyze trends and statistics and to promote and market our Services.
• To ensure compliance: We use your personal information to enforce and comply with the law, including to conduct an investigation, to protect the property and rights belonging to us or a third party, to protect the safety of the public or any person, or to prevent or stop activity we may consider to be, or to pose a risk of being, illegal, fraudulent, unethical or legally actionable activity.

How We Collect Your Personal Information

We collect personal information from the following sources:

Directly: We collect personal information directly from you. When you register for the Services, submit information in an online form, request information from us, upload content to the platform, or otherwise communicate with us or our support personnel, you may provide us with information, for example, your name, email address, and personal information you wish to be included in a reference letter. By providing us with this information, you consent to your information being collected, used, disclosed, processed and stored by us in accordance with this Privacy Policy.

Passively: We and our service providers collect personal information from you passively from the internet and other automatic data collection tools, such as cookies and web beacons, which are summarized below:

• Cookies (or browser cookies): A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting you may be unable to access certain parts of our website. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our website.
• Web Beacons: Pages of our website may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
• Tracking Tools: We use the following tracking tools:
  • Google Analytics and Adwords: We use Google tools such as Google Analytics and Google Adwords to understand how users use our website. These analytics service providers use cookies or other tracking technologies to help us analyze how users interact with and use our Services, compile reports about activity on our website, and provide us other services. The technologies may collect information such as your IP address, time of visit, whether you are a return visitor, any referring website, general location, and other information. Google Analytics provides an opt-out for its tool here.
  • Heap: We use services provided by Heap Inc. ("Heap") to monitor how users interact with our Services for the purposes of improving and understanding the nature of how users use our products. Heap may collect anonymous data on our users' interactions within our website, which includes pages users visit, how users interact with our website, and users' IP address and users' device information (device model, operating system, and version). For further details, please see Heap's privacy policy.
  • Other tracking tools: We may deploy other automatic tracking tools in the future. Similar to the tools we currently use, such future tracking tools will track data about our visitors only in the aggregate and on an anonymized basis and will not reveal personal information about you.

When We Share Your Personal Information with Third Parties

• With the consent of the user: We may share your personal information with third parties with your consent or as requested by you, or in connection with interactions you engage in through the Services.
• In connection with payments: We use a third-party payment service provided by Stripe, Inc. ("Stripe"), to process all payments made through the Services, and for related analytics and business services. If you make a payment through the Services, you will receive an email confirmation automatically generated by stripe.com. Any personal information, including credit card and other payment information, that you provide through Stripe's website may be collected by Stripe and by us for purposes of processing the payment, and will be subject to Stripe's privacy policy. Stripe collects identifying information about the devices that connect to its services. Stripe uses this information to operate and improve the services it provides to us, including for fraud detection. We have no control over, and shall not be responsible for, Stripe's use of information collected through Stripe's website. PLEASE NOTE THAT THIS POLICY DOES NOT ADDRESS THE COLLECTION AND USE OF INFORMATION THROUGH STRIPE'S WEBSITE OR STRIPE'S PRIVACY OR INFORMATION PRACTICES. You can learn more about Stripe and read its privacy policy at https://stripe.com/privacy. We also use Plaid Inc. (Plaid), to facilitate communication between your bank and credit card provider for purposes of facilitating transactions made through the Services, and for related analytics and business services. Any personal information, including credit card and other payment information, that you provide through Plaid's website may be collected by Plaid and by us for purposes of processing the payment, and will be subject to Plaid's privacy policy. Plaid collects identifying information about the devices that connect to its services. Plaid uses this information to operate and improve the services it provides to us, including for fraud detection. We have no control over, and shall not be responsible for, Plaid's use of information collected through Plaid's website. PLEASE NOTE THAT THIS POLICY DOES NOT ADDRESS THE COLLECTION AND USE OF INFORMATION THROUGH PLAID'S WEBSITE OR PLAID'S PRIVACY OR INFORMATION PRACTICES. You can learn more about Plaid and read its privacy policy at https://plaid.com/legal/#consumers.
• With service providers who take action on our behalf: For example, we may share general personal information with third-party service providers to facilitate the usage of our Services or we may share information with vendors and contractors who conduct email marketing for us or who assist us with developing and providing the Services and customer support. Such service providers may reside outside the United States and in countries that may not provide the same level of protections as the laws of the United States.
• To comply with applicable law: We may share your information with the appropriate authorities without your consent if we believe disclosure is in accordance with, or required by, any applicable law, including in response to lawful requests by public authorities to provide information to deter and combat fraud, money-laundering, securities violation, data and privacy breaches or for other legal purposes.
• To protect the rights and property of the Company: We may also share your personal information with third parties to protect the property and rights belonging to us or a third party, to protect the safety of the public or any person, or to prevent or stop activity we may consider to be, or to pose a risk of being, illegal, fraudulent, unethical or legally actionable activity.
• In connection with sale of the Company: In the event of a reorganization, merger, or sale we may transfer your personal information we collect to the relevant third party.

Third-Party Links and Websites

Our Services may contain advertising, links or other content from the websites and services of our partners, suppliers, advertisers, sponsors, licensors and other third parties and we use third-party payment processors to facilitate all payments between users of our Services (collectively, the "Third-Party Platform"). We do not control the content or links that appear on these Third-Party Platforms and are not responsible for the practices employed by such Third-Party Platform. In addition, these Third-Party Platforms may have their own privacy policies and customer service policies. Browsing and interacting on any of these Third-Party Platform, are subject to such Third-Party Platform' own terms and policies.

Our Content on Third-Party Platform

Our Services may be provided on or hosted on a third-party platform or otherwise make use of Third-Party Platform. We do not control the content or links that appear on these Third-Party Platform and are not responsible for the practices employed by such Third-Party Platform. Your browsing and interacting on any of these Third-Party Platform are subject to such Third-Party Platform' own terms and policies. Any visit you make to those other services is at your own risk. Such third parties' use of any information you share is governed by the third party's privacy policy. The Services may also use third-party service remarketing services to advertise to previous visitors to the Services on such Third-Party Platform. Such third parties may use tracking technology (e.g., cookies) to serve ads to you based on your past activity on our Services and other websites and applications, subject to their own privacy policies.

Your Choices

You have certain choices on how we treat your personal information, described below:

• Modifications to Personal Information: You may review and request modifications to your personal information by editing your profile directly on our website or by contacting us at legal@onedge.co. Please note that Personal Information is stored for as long as reasonably necessary and proportionate to achieve the purposes for which the Personal Information was collected or processed. If you provide us with updated information, we will do our best to keep your information accurate and up-to-date. We will make good-faith efforts to make requested changes in any active database as soon as practicable.
• Marketing Communications: You can opt out of promotional marketing communications by unsubscribing through the Services or contacting us at legal@onedge.co. We may give choices about other emails and communications you receive from us. If you opt out, we may still send you non-promotional communications, such as those about your account or our ongoing business.
• Ad Choices: Some advertisements and other content may be delivered by third-party advertising networks and advertisers that may use cookies and similar and/or your advertiser ID for mobile devices to collect and track information such as demographic information, inferred interests, aggregated information, and activity to assist them in delivering advertising that is more relevant to your interests. To find out more about third-party advertising networks and similar entities that use these technologies, see www.aboutads.info. If you would like to opt-out of such ad networks' and services' advertising practices, you may find a service provider (for example, www.aboutads.info/choices) to opt out in desktop and mobile web browsers.
• Tracking Technology: You may turn off part or all of our tracking software that has been placed on your computer by following the instructions on your browser. On a mobile device, you may turn off part or all of mobile tracking through your mobile device settings. However, if you prevent the use of tracking software or tracking through your mobile device, it will be more difficult, and may be impossible, for you to use the Service or portions of the Services.
• Location and Analytics: If we use a Third-Party Platform to automatically collect your personal information, such a Third-Party Platform may offer you a choice to stop the automatic collection of your information. Please see our "How we collect your personal information" above with respect to our tracking tools.
• Cookies: Most web browsers are set by default to accept cookies. You can usually set your browser to remove or reject cookies. Please note if you choose to reject, this could affect the availability and functionality of our Services.

Where Your Information Is Stored

We store your information in the United States. However, we may transfer your information to our service providers who may reside in other countries.

By using the Services or otherwise providing information to us, you understand and consent to having any personal information transferred to and processed in the United States.

Information Security

We use commercially reasonable security technologies and procedures to help protect your personal information from unauthorized access, use or disclosure. However, we cannot guarantee the complete safety of your information. It is your responsibility to keep your information confidential.

How Long We Keep Your Information

We retain, store and use your information for the least amount of time necessary to fulfill the purpose for which it was collected in accordance with data retention policies and applicable law.

Our Services Are Not Intended For Children

We do not knowingly collect personal information, as defined under the Children's Online Privacy Protection Act, directly from children under 18 years old. We do not knowingly collect information, including personal information, from such individuals. If we obtain actual knowledge that we have collected such information from children, then we will promptly delete it. If you believe we have mistakenly collected information from children listed above, please contact us at legal@onedge.co.

"Do Not Track" Policy as Required by California Online Privacy Protection Act ("CalOPPA")

Our Service does not respond to Do Not Track ("DNT") signals. However, some third-party websites do keep track of your browsing activities. If you are visiting such websites, you can set your preferences in your web browser to inform websites that you do not want to be tracked. You can enable or disable DNT by visiting the preferences or settings page of your web browser.

California's Shine the Light Law

If you are a California resident, California's "Shine the Light" law (Civil Code Section § 1798.83) permits users of our Services to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes and to opt-out of the sharing of your personal information with such third parties. To make such a request, please send an email to legal@onedge.co.

Usage and Deletion of Personal Information

If you are not a California resident, you may request what personal information we have collected, used and disclosed about you as well as the identity of third parties to which we have disclosed your personal information. You may also request deletion of your personal information. Please note that we may not delete all of your information if:

1. we need it to complete a service as requested by you or perform under a contract we have with you;
2. we need such information to repair any errors to our Services or detect data security violations;
3. we need such information to protect against fraud or illegal activity or to comply with applicable law; or
4. we determine in our sole discretion that we need such information to protect our rights or ensure compliance with our Terms of Service.

Please note that if we delete your personal information, we may not be able to provide you the Services with the same functionality. To make any request for personal information or deletion, please send an email to legal@onedge.co.

Deidentified Information

Where we maintain or use deidentified information, we will continue to maintain and use the deidentified information only in a deidentified fashion and will not attempt to re-identify the information.

Changes to this Privacy Policy

We have the discretion to update this Privacy Policy at any time. Updates to this Privacy Policy will be posted to our website from time to time with notice provided to you via the email address we have on record. We encourage you to frequently check this page for any changes. While we may make reasonable attempts to notify you when this Privacy Policy is updated, you acknowledge and agree that it is your responsibility to review this Privacy Policy periodically and become aware of modifications. Subject to applicable law, your continued use of our Services shall be deemed an acceptance of our revised policy.

You Can Contact Us

If you have any questions about this Privacy Policy, you can email us at legal@onedge.co.

1. Changes to Terms

We reserve the right to make modifications to these Terms at any time and for any reason, and in our sole discretion. Please check these Terms regularly to ensure you are aware of any modifications made by us. All changes are effective immediately when we post them, and apply to all access to and use of the Edge Platform thereafter. By continuing to access or use the Services or by clicking to accept or agree to the revised Terms after those revisions become effective, you agree to be bound by the revised Terms. If you do not agree to these Terms, you must immediately stop using our Services.

2. Platform Services

2.1 Platform Overview and Purpose: Edge provides a platform that enables Customers and Talent to connect and manage their business relationships. "Customers" are individuals and/or businesses seeking to retain Talent to provide services, and "Talent" are individuals and/or businesses seeking to provide individualized services for Customers. Customers and Talent are hereinafter referred to as "Users." Subject to these Terms, we provide the Services including hosting and maintaining the Edge Platform, offering a global talent marketplace for Customers and Talent, conducting background checks, automating payroll, providing HR services, assisting with regulation and compliance issues, and more. You acknowledge that Edge does not guarantee any particular User's offered services, or the success of engagements facilitated through the platform.

2.2 Talent Application and Engagement Guidelines: Edge reserves the right to review and accept or reject Talent applications at its sole discretion and does not guarantee acceptance into the Edge Platform, to the maximum extent permitted by applicable law. Edge acts solely as a platform facilitating engagements between Customers and Talent. Customers assume responsibility for managing the day-to-day operations and outcomes of their engagement with Talent.

3. Talent Engagement Model

The Edge Platform operates through a structured model designed to ensure the quality and efficiency of Services provided to Customers while maintaining transparency in Talent management. The key stages of the Talent engagement process are as follows:

3.1 Application Phase:

• Talent Application: Talent submits applications to Edge, expressing interest in providing services in specific industries. Edge reviews all applications and conducts identity and location verification to ensure compliance with eligibility requirements and local regulations. Edge reserves the right to accept or reject any application at its sole discretion.
• Training and Certification: Once accepted, Talent must undergo mandatory, industry-specific training to prepare for Customer engagements. Edge evaluates Talent's proficiency during this training and determines whether they meet the required standards for onboarding. Talent training is intended to prepare Talent for potential Customer engagements and interviews. Completion of training does not guarantee selection for interviews or Customer placement.

3.2 Customer Pairing and Hiring Phase:

• Pairing and Interview: After Customer identifies a need for Talent, Edge completes a job description form outlining role requirements such as industry, job title, location, skills, and scheduling needs. Edge then matches Talent profiles based on eligibility, training, experience, and alignment with the Customer's specifications. Preliminary vetting is conducted by Edge to assess each Talent's compatibility with the Customer's role requirements. Following the interviews, both the Customer and the Talent candidate must affirmatively express interest in proceeding with the engagement. A match will only be finalized if both parties approve. If an offer is extended by the Customer and the Talent declines, the Talent may become ineligible for continued participation on the Edge Platform. Edge does not guarantee a return to the Talent pool for candidates who decline a confirmed engagement.
• Hiring Process: Upon successful pairing between Talent and Customer, Edge and Talent will enter into a fixed-term employment agreement.

3.3 Maintenance Phase:

• Customer Responsibilities and Management: Customers are fully responsible for the day-to-day supervision, performance monitoring, and adherence to workplace policies of Talent. Edge provides facilitation and administrative support but does not oversee Talent's work on behalf of Customers.
• Paid Time-Off and Public Holiday Policies: Customers are responsible for providing Talent with clear and documented policies regarding paid time-off (PTO) and recognized public holidays applicable to the engagement. Customers must share such policies with Talent prior to the commencement of services and ensure they remain accessible throughout the engagement. In the absence of a specific policy provided by the Customer, the default statutory public holiday and PTO entitlements in the jurisdiction where Talent performs services shall apply.

3.4 Disengagement Phase:

• Termination Process: Edge will terminate the Talent's employment in all cases where the Customer engagement is terminated. Edge's contractual obligations with Talent are contingent on active Customer placement.
• Platform Continuation: At its sole discretion, Edge may allow terminated Talent to continue using the Edge Platform for future placement opportunities. This may require Talent to complete additional training or recertification to meet updated standards.

4. Customer Engagement Model

4.1 Customer Onboarding Phase: Customers must complete a Master Services Agreement ("MSA") process with Edge before gaining access to the Edge Platform. This agreement, along with these Terms, outlines the terms, conditions, and responsibilities governing Edge Platform usage and any engagement with Talent.

4.2 Talent Pairing and Hiring Phase: Edge selects and presents Talent for Customer interviews based on the Customer's role requirements. If a Customer decides to hire Talent and the Talent accepts the engagement, the Customer assumes full responsibility for the day-to-day administration and management of the Talent, including assigning tasks, performance monitoring, and adherence to workplace policies. Customer also assumes any liabilities arising from the Talent's work.

4.3 Talent Disengagement Phase: If Talent is terminated, with or without cause, by a Customer or voluntarily resigns: (i) Edge assumes no liability for the termination or resignation of Talent. Customers bear full responsibility for the management and outcomes of their engagements with Talent. (ii) Edge may assist the Customer in sourcing replacement Talent, but obtaining replacement Talent is not guaranteed and is subject to availability and MSA terms.

4.4 Customer Assumed Liability: In addition to limitations on liability set forth elsewhere in these Terms, Edge's liability is limited as follows: (i) While Edge undertakes reasonable efforts to train and vet Talent, it does not guarantee and shall not be held liable for Talent performance, reliability, or engagement outcomes. (ii) Edge is not liable for delays, errors, or disruptions caused by third-party payment processors, including but not limited to Stripe, Plaid, Payoneer, or DCS Innov. (iii) Edge's role is limited to facilitating the engagement and onboarding process between Talent and Customer. Edge is not liable for any disputes, misconduct, or disengagement of Talent during their engagement with Customers.

5. Privacy; Data Protection

By accessing or using the Services, you intend to and expressly agree to be bound by all the terms and conditions of this Agreement and our Privacy Policy (available at onedge.co/privacy) (the "Privacy Policy"), which is incorporated herein by reference. If you do not agree to these terms and conditions, you may not use the Services. Any information that you provide to us is subject to the Privacy Policy, which governs our collection and use of your information. You understand that through your use of the Services you consent to the collection and use of your information as set forth in the Privacy Policy. You acknowledge and agree that Edge may collect and process your personal data in connection with your receipt of the Services. Edge shall process such personal data in accordance with Edge's Data Processing Addendum (available at onedge.co/legal#dpa) which forms an integral part of these Terms.

6. Accounts

Some Services offered by the Company require you to create an account or profile ("Account"). If you create an Account, you agree that all the information you provide will be true and accurate, and that you have the authority to create the Account. You are responsible for keeping your account information secure and confidential. You agree to inform us immediately if you suspect that your account or login information has been compromised. If you provide the Company an email address as part of an account creation, the Company may furnish you with written correspondence regarding your account and/or other Edge-related material, including promotional materials.

7. Eligibility

You may provide access to the Services to other Users within your organization as authorized by us and/or by your subscription level to our Services in place from time to time (each, an "Authorized User"). You are solely responsible for Authorized User activities and interaction with the Services. You agree to ensure all Authorized Users are aware of all restrictions of use in these Terms, the Privacy Policy, and any other rules or requirements applicable to the Services. You agree to cause Authorized Users to comply with such provisions. You are solely responsible for all actions taken by and interactions with Authorized Users.

By using our Services, you represent and warrant that you and each Authorized User: (1) If an individual, are at least 18 years old; (2) Are legally qualified to enter a binding contract with us; (3) Are not located in a country that is subject to a U.S. Government embargo, or that has been designated by the U.S. Government as a "terrorist supporting" country; (4) Are not on any list of individuals prohibited from conducting business with the United States; (5) Are not prohibited by law from using our Services; (6) Do not have more than one account on our Services; and (7) Have not previously been removed from our Services by us, unless you have our express written permission to create a new account.

If at any time you cease to meet these requirements, we reserve the right to delete your account with us, to revoke all credentials held by you and any of your Authorized Users and to delete all Content uploaded by you to our Services. In addition, your eligibility to use the Services as a Talent may require you to meet certain minimum requirements mandated by the Company. Failure to meet these minimum requirements may be grounds for the Company to deny you access to the Services as a Talent. The Company shall have sole discretion to mandate, interpret, and enforce any such minimum requirements.

8. Intellectual Property Ownership

To the extent permitted by applicable law, Edge shall assign all intellectual property rights such that Customer shall be the sole and exclusive owner of all right, title and interest in and to any and all materials and other deliverables provided or created by Talent in the provision of services to Customer via the Edge Platform ("Customer IP"). Edge shall ensure that Talent, as part of its engagement by Edge and its provision of services for Customer via the Edge Platform, shall execute, in accordance with the local laws and regulations where it performs the services, an invention assignment agreement in favor of Edge in connection with the Customer IP. Subject to the terms and conditions hereof, Edge shall assign all right, title and interest in and to any Customer IP to Customer.

Except as otherwise specifically stated herein with respect to the assignment of Customer IP, Edge does not assign and expressly retains all intellectual property rights in all other Edge materials, including the Edge Platform and the Services ("Edge IP"). No User has any right, license, or authorization with respect to the Edge IP except as expressly set forth herein. All other rights in and to the Edge IP are expressly reserved by Edge. In furtherance of the foregoing, Users hereby unconditionally and irrevocably grant to Edge an assignment of all right, title, and interest in and to the Resultant Data, including all intellectual property rights relating thereto. "Resultant Data" means data and information related to a User's use of the Services that is used by Edge in an aggregate and anonymized manner, including to compile statistical and performance information related to the provision and operation of the Services.

9. User Content

Subject to the terms of this Agreement, you are responsible for your use of the Services, and for any information, content, reports, data, databases, graphics, interfaces, web pages, text, files, software, product names, company names, trademarks, logos and trade-names (collectively, the "Content") you post to the Services, any Content you access from the Services, and for any consequences thereof. The Services may allow you from time to time to upload Content and permit the hosting, sharing, or publishing of Content. You have sole responsibility for all Content uploaded to the Services by you. We are not responsible and make no representation or warranty concerning any Content uploaded to the Services by any third party.

You shall be solely responsible for the Content you submit and the consequences of our posting, display, distribution, or publishing of such Content. In connection with any Content you or any of your Authorized Users submit, you affirm, represent, and warrant that: (i) you own or have the necessary licenses, rights, consents, and permissions to use and authorize us to use all patent, trademark, trade secret, copyright or other proprietary rights in and to any and all Content to enable inclusion and use of the Content in the manner contemplated by these Terms; and (ii) you have the written consent, release, or permission to use the name, image, or likeness of each individual identified in the Content.

Without limiting the foregoing, you agree that you will not transmit, submit or upload any Content to the Edge Platform and/or Services or act in any way that: (a) restricts or inhibits use of the Services; (b) imposes an unreasonably or disproportionately large load on our infrastructure; (c) violates the legal rights of others, including defaming, abuse, stalking or threatening Users; (d) infringes (or results in the infringement of) the intellectual property rights, moral rights, publicity, privacy, or other rights of any third party; (e) is (or you reasonably believe or should reasonably believe to be) stolen, illegal, counterfeit, fraudulent, pirated, violent or unauthorized; (f) does not comply with all applicable laws, rules and regulations; or (g) posts, stores, transmits, offers, or solicits anything that contains material that we determine to be offensive, defamatory, harassing or threatening, pornography or obscene material, any virus, worm, trojan horse, or other harmful or disruptive component; or anything that encourages conduct that would be considered a criminal offense, give rise to civil liability, violate any law or regulation or is otherwise inappropriate or offensive. You agree to defend, indemnify, and hold us harmless for all damage or liability we incur because of your violation of this Section.

10. Non-Circumvention

You acknowledge and agree that a substantial portion of the compensation we receive for providing Customers with specialized Talent comes through the fees described in this Section 10, and that in exchange a substantial value to Customers is the relationships they make with Talent identified through the Services (each, an "Edge-Sourced Employee"). For 36 months from the time you retain an Edge-Sourced Employee through the Services as a Customer (the "Non-Circumvention Period"), you agree to use the Edge Platform as your exclusive method to pay and receive services from such Edge-Sourced Employee. You shall pay to Edge an amount of $97,200.00 for each Edge-Sourced Employee who you pay or from whom you receive services during the Non-Circumvention Period in violation of this Section 10 (each, a "Non-Circumvention Breach"). The parties intend that these damages constitute compensation, and not a penalty. The parties acknowledge and agree that Edge's harm caused by a Non-Circumvention Breach would be impossible or very difficult to accurately estimate, and that the liquidated damages are a reasonable estimate of the anticipated or actual harm that might arise from a Non-Circumvention Breach. Your payment of the liquidated damages is your sole liability and entire obligation and Edge's exclusive remedy for any Non-Circumvention Breach. You acknowledge and agree that in the event of a Non-Circumvention Breach, and after giving ten days written notice to you, Edge Group may charge all funds and liquidated damages due hereunder against any one of your payment methods held on file.

11. Compliance with Laws

You agree to use the Services only for lawful purposes, and to conduct your business and any transaction that uses the Services, in accordance with all applicable laws and regulations, including all federal and state laws and regulations relating to taxes, banking, money laundering, securities and counterterrorism. You will not use the Services for any fraudulent or illegal activity.

12. Fees; Payment Processing

In general, we make money by charging fees to Users relating to use of our Services. The amount of our fees and charges may be disclosed on the appropriate page on the Edge Platform summarizing the transaction and requiring your authorization before proceeding or through a separate written agreement with you. By using our Services, you agree to pay all fees. Subject to applicable law and as authorized by our agreements with you, we reserve the right to adjust our pricing and fees at any time. All payments will be processed through third-party payment processors or from time to time, any other method in Edge's sole discretion. We use:

1. Stripe, Inc. ("Stripe") as a third-party payment processor and may use other sub-processors;
2. Plaid Inc. ("Plaid") to facilitate communication between your bank and credit card provider for purposes of facilitating transactions made through the Services, and for related analytics and business services;
3. Payoneer Inc. ("Payoneer") as a digital wallet through which salaries of Edge's Pakistani Talent are disbursed;
4. DCS Innov. PTE. Ltd. ("DCS Innov") as a digital wallet provider.

In addition to the Privacy Policy and these Terms, the processing of payments will be subject to: Stripe's Service Agreement (stripe.com/ssa); Stripe's Privacy Policy (stripe.com/privacy); Plaid's Privacy Policy; Payoneer's Terms and Conditions; Payoneer's Privacy Policy. We are not responsible for any errors by Stripe or Plaid or any sub-processor. We have no control over, and shall not be responsible for, the use of information collected through the websites of Stripe, Plaid, Payoneer, or DCS Innov.

13. Your License to the Services

Subject to your payment of applicable fees and continued compliance with this Agreement and any separate agreements we may have with you, we hereby grant you a limited, non-exclusive, revocable, non-transferable, non-sublicensable license to access the Services as authorized in these Terms. Except for the limited license to access the Services identified in the preceding paragraph, you acknowledge that nothing contained in these Terms shall be construed as granting or conferring to you, by implication, estoppel or otherwise, any right, title, or interest to any intellectual property of the Company, our third-party service providers or any other third party.

14. Restrictions on Use

You agree that you will not: (1) Distribute the Services for any purpose; (2) Create derivative works of, reverse engineer, decompile, disassemble, adapt, translate, transmit, arrange, modify, copy, bundle, sell, sublicense, export, merge, transfer, adapt, loan, rent, lease, assign, share, outsource, host, publish, make available to any person or otherwise use, either directly or indirectly, the Services in whole or in part; (3) Permit, allow or do anything that would infringe or otherwise prejudice the proprietary rights of the Company or its licensors; (4) Probe, scan or test the vulnerability of the Services and any system or network; (5) Breach or otherwise circumvent any security or authentication measures; (6) Access, tamper with, or use non-public areas or parts of the Services; (7) Access, search, or create accounts for the Services by any means other than our publicly supported interfaces; (8) Promote or advertise products or services other than your own without appropriate authorization; (9) Circumvent storage space, usage, or transaction limits for improper means; (10) Publish or share materials that are unlawful or indecent; (11) Advocate bigotry or hatred against any person or group; (12) Harass or abuse our personnel or representatives; (13) Store, publish or share material that is fraudulent, defamatory, or misleading; (14) Violate the law in any way.

15. License Grant to Your Content

By submitting or entering any Content or information into the Platform, you hereby grant to the Company a perpetual, unlimited, royalty-free, worldwide, non-exclusive, irrevocable, transferable license to use, display, reproduce, store, modify, distribute, sublicense, and otherwise exploit any Content, including your likeness, or other information you provide on or through the Services or which is sent to the Company by email or other correspondence for any purpose deemed advisable by the Company, including but not limited to operational, promotional, analytical, or commercial purposes, to the maximum extent permitted by applicable law. This license includes the right for the Company to use such Content or information in aggregate or to aggregate, anonymize, or otherwise modify the Content for business purposes. The Company shall not be obligated to provide you compensation of any sort for such license.

16. Suspension of Transactions and Services

Without limiting our ability to terminate under this Agreement or our right to change, modify, suspend or discontinue the Services at any time as set forth elsewhere in these Terms, we also reserve the right to cancel or suspend transactions and/or our Services due to fraud or compliance-related concerns.

17. Third-Party Links and Services

Our Services may contain links to other websites. The Company does not assume responsibility for the accuracy or appropriateness of the information, data, opinions, advice or statements contained at such websites, and when you access such websites, you are doing so at your own risk. In providing links to the other websites, the Company is in no way acting as a publisher or disseminator of the material contained on those other websites and does not seek to monitor or control such websites. A link to another website should not be construed to mean that the Company is affiliated or associated with same. The Company does not recommend or endorse any of the content, including without limitation any hyperlinks to, or content found, on other websites. The Company will not be responsible for any damages you or any third party may suffer because of the transmission, storage or receipt of confidential or proprietary information that you make or that you expressly or implicitly authorize the Company to make.

18. Feedback

If you or any of your employees or Authorized Users sends or transmits any communications or materials to us by mail, email, telephone, or otherwise, suggesting or recommending changes to the Services, including, without limitation, new features or functionality relating thereto, or any comments, questions, suggestions, or the like ("Feedback"), we are free to use such Feedback and any ideas, know-how, concepts, techniques, or other intellectual property rights contained in the Feedback, for any purpose whatsoever, without any attribution or compensation to any party, although we are not required to use any Feedback.

19. Indemnity

Except as expressly provided in a separate agreement, you agree to indemnify, defend and hold harmless the Company, its agents, suppliers, licensors, affiliates and their respective directors, officers and employees (collectively, the "Indemnified Parties") against all losses, liabilities, suits, claims, actions, costs, damages and expenses (including, without limitation, reasonable attorneys' fees and expenses) sustained, incurred or paid by any Indemnified Party directly or indirectly resulting from, arising out of, relating to or in connection with: (i) violation of these Terms by you, any Authorized User or other person using your account or credentials; (ii) your or any Authorized User's access to or use of the Services; (iii) any information used, stored, or transmitted in connection with your account or credentials; (iv) breach of the rights of any third party, including but not limited to privacy, publicity, intellectual property, or other proprietary rights; or (v) violation of any law, regulation, or other legal requirement. This paragraph is intended to be applicable to the maximum extent permitted by applicable law.

20. Limitations on Liability

20.1 NO WARRANTIES. EXCEPT AS EXPRESSLY PROVIDED IN A SEPARATE AGREEMENT WITH YOU, THE SERVICES ARE PROVIDED "AS IS" WITHOUT ANY REPRESENTATIONS, WARRANTIES, GUARANTEES OR CONDITIONS, OF ANY KIND, WHETHER EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, BUT NOT LIMITED TO, WARRANTIES AS TO UNINTERRUPTED OR ERROR-FREE OPERATION, AVAILABILITY, ACCURACY, COMPLETENESS, RELIABILITY, TIMELINESS, LEGALITY, SUITABILITY, PRIVACY, SECURITY, MERCHANTABILITY, QUALITY, TITLE, NON-INFRINGEMENT OR FITNESS FOR A PARTICULAR PURPOSE.

20.2 NO SPECIAL DAMAGES. IN NO EVENT WILL THE COMPANY, ITS AFFILIATES, AGENTS, LICENSORS, SUPPLIERS OR THEIR RESPECTIVE DIRECTORS, OFFICERS OR EMPLOYEES BE LIABLE FOR ANY SPECIAL, INDIRECT, INCIDENTAL, PUNITIVE, EXEMPLARY, AGGRAVATED, ECONOMIC OR CONSEQUENTIAL DAMAGES, HOWSOEVER CAUSED, INCLUDING BUT NOT LIMITED TO: DAMAGES FOR LOSS OF USE, LOST PROFITS OR LOST SAVINGS, EVEN IF THE COMPANY OR ANY OF ITS LAWFUL AGENTS OR EMPLOYEES HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES OR CLAIM.

20.3 ADDITIONAL LIMITATION. IN NO EVENT WILL COMPANY, ITS AFFILIATES, AGENTS, LICENSORS, SUPPLIERS OR THEIR RESPECTIVE DIRECTORS, OFFICERS OR EMPLOYEES BE LIABLE FOR DAMAGES OR LOSSES RESULTING FROM: VIRUSES, DATA CORRUPTION, FAILED MESSAGES, TRANSMISSION ERRORS OR PROBLEMS; TELECOMMUNICATIONS SERVICE PROVIDERS; LINKS TO THIRD PARTY WEBSITES; PERSONAL INJURY; THIRD PARTY CONTENT, PRODUCTS OR SERVICES; DAMAGES OR LOSSES CAUSED BY YOU OR YOUR RESPECTIVE EMPLOYEES, AGENTS OR SUBCONTRACTORS; LOSS OF USE OR LACK OF AVAILABILITY OF FACILITIES; THE USE OR INABILITY TO USE THE SERVICES; OR EVENTS BEYOND THE REASONABLE CONTROL OF THE COMPANY.

20.4 AGGREGATE LIABILITY. IN NO CASE WILL THE COMPANY'S, ITS AFFILIATES', AGENTS', LICENSORS', SUPPLIERS' AND THEIR RESPECTIVE DIRECTORS', OFFICERS' AND EMPLOYEES' CUMULATIVE TOTAL LIABILITY FOR ANY CAUSE WHATSOEVER (INCLUDING WITHOUT LIMITATION BREACH OF CONTRACT, TORT, NEGLIGENCE, GROSS NEGLIGENCE OR OTHERWISE) ARISING UNDER OR RELATING TO THE SERVICES BE MORE THAN THE VALUE OF THE FEES ACTUALLY PAID TO US BY YOU DURING THE SIX (6) MONTHS IMMEDIATELY PRECEDING THE DATE OF ANY CLAIM GIVING RISE TO SUCH LIABILITY.

21. Term and Termination

21.1 We may, at any time and in its sole discretion, without prior notice, and without any liability to you, modify or discontinue any portion of our Services, either temporarily or permanently.

21.2 At any time and in our sole discretion, without prior notice, and without any liability to you, we may (i) cancel or deactivate your account; or (ii) temporarily or permanently, suspend, restrict, or terminate access to any or all of Services for any reason or for no reason. We are under no obligations to disclose its reason for any termination or suspension of the Service to you or generally.

21.3 In the event of any termination of this Agreement, discontinuation of all Services, or termination of your right to access all Services: (i) all fees and amounts payable to us by you shall immediately become due; (ii) we may delete any of your User data without any liability to you, provided that we also reserve the right to retain your User data for seven (7) years following termination; and (iii) we may cancel any open transactions that are pending at the time of the termination. We reserve the right to retain aggregated anonymized User data for longer to improve Services, prevent fraud and produce aggregated statistics.

21.4 The provisions of these Terms relating to indemnification, our limitations of liability and disclaimers, your warranties and any other provisions which by their terms should reasonably survive termination, shall survive termination of the Services or this Agreement.

22. Disclaimers

Edge is not a law firm, and is not permitted to engage in the practice of law. Edge employees do not act as your attorney or otherwise provide legal advice to you. Any templates, forms, and other sample documents available to you on Edge are made available to you for informational purposes only and are not a substitute for the advice of an attorney. Your use any portion of the Services does not create an attorney-client relationship with us. You understand and agree that you or your attorneys or advisors represent you in any legal matter you undertake related in any manner to any template, form or any other document you obtain through the Edge Platform. Accordingly, while communications between you and Edge are protected by our Privacy Policy, they are not protected by any attorney-client privilege or attorney work product doctrine. Edge is prohibited from providing any kind of advice, explanation, opinion, or recommendation to you about possible legal rights, remedies, defenses, options, selection of forms or strategies. Edge and the Services are not a substitute for the advice of an attorney. Although Edge takes every reasonable effort to ensure that the information and documents on the Edge Platform are up-to-date and reflect our best understanding of compliance matters, the information on the Edge Platform is not legal advice and is not guaranteed to be correct, complete or up-to-date.

23. Use of Vivo AI Tools

23.1 Purpose and Scope: The Edge Platform includes access to Vivo AI tools ("Vivo AI") to assist Talent in their engagements with Customers. Vivo AI is an AI-powered interface that may include functionalities such as generating responses, content creation, problem-solving, and other productivity tools.

23.2 User Responsibility: Any questions, prompts, or content uploaded to Vivo AI, including Customer-related information, are provided at their sole discretion and risk. Talent must ensure that no confidential, proprietary, or sensitive information belonging to Customers or third parties is uploaded unless explicitly authorized by the Customer and permitted under applicable laws. Talent remains solely responsible for reviewing and validating the accuracy, completeness, and suitability of outputs generated by Vivo AI before using them for Customer engagements or other purposes.

23.3 Edge's Role and Limitations: Vivo AI is provided as a facilitation feature, and Edge does not monitor, store, or validate inputs or outputs generated through the tool unless required for Edge Platform security or legal compliance. Edge makes no representations, warranties, or guarantees regarding the accuracy, reliability, or appropriateness of responses generated by Vivo AI. Edge disclaims any liability for errors, omissions, or misuse of outputs generated by Vivo AI.

23.4 Content Ownership and Usage: By using Vivo AI, Talent grants Edge a perpetual, irrevocable, royalty-free, worldwide license to use, analyze, aggregate, anonymize, and store inputs and outputs for Edge Platform improvement, analytics, research, or compliance purposes. Edge will take reasonable steps to anonymize and aggregate data to prevent the identification of specific Users or Customers.

23.5 Prohibited Use: To generate or upload content that is illegal, discriminatory, defamatory, harassing, or in violation of any intellectual property rights; for purposes unrelated to their engagement with Customers on the Edge Platform; or in a manner that violates any applicable laws or regulations, including data protection and privacy laws.

23.6 Limited Liability: Edge is not liable for any direct, indirect, incidental, or consequential damages arising from the use of Vivo AI, including but not limited to errors in generated content, misuse of the tools, or breaches of confidentiality by Talent.

24. Disclaimers for Vivo AI

24.1 Data Submission: Talent acknowledges that any data or content submitted to Vivo AI may be processed and stored on third-party systems for the purpose of providing its functionality. Edge will take reasonable measures to secure such data but cannot guarantee absolute confidentiality or security.

24.2 Customer Data Use: Talent must ensure that any Customer data uploaded to Vivo AI is used solely for the purposes of their engagement with that Customer and in compliance with applicable laws and agreements. Unauthorized sharing or misuse of Customer data through Vivo AI is strictly prohibited and may result in immediate termination of platform access.

24.3 Audit and Compliance: Edge reserves the right to audit Vivo AI usage to ensure compliance with these Terms and applicable laws. Any misuse or violations may result in suspension or termination of Edge Platform access, as well as legal action if warranted.

25. Separate Agreement

From time to time, we may enter into separate agreements to govern your use of the Services. Where the terms of such separate agreement(s) conflict with these Terms, those terms will prevail, but only to the extent they conflict.

26. Notices

We may provide you with notices in any of the following methods: (1) via the Services, including by a banner or pop-up within the applicable Edge Platform, account or elsewhere; (2) by e-mail, sent to the e-mail address you provided us; and/or (3) through any other means, including any phone number, SMS or text message or physical address you provided us. Such notice to you will be deemed received and effective upon receipt or twenty-four (24) hours after it was published or sent through any of the foregoing methods, unless otherwise indicated in the notice. If we choose to notify you through electronic communication, you agree to receive such communications, including but not limited to our applicable policies, statements, reports, invoices, receipts, disclosures, legal or regulatory statements or documents via electronic delivery.

27. Binding Arbitration

PLEASE READ THIS SECTION CAREFULLY, AS IT LIMITS THE MANNER IN WHICH YOU MAY SEEK RELIEF, AND REQUIRES YOU ARBITRATE DISPUTES WITH US. If you have a dispute with us, we will first seek to resolve such a dispute through our support team.

Except for disputes in which either party seeks equitable and other relief for the alleged unlawful use of intellectual property, copyrights, trademarks, trade names, logos, trade secrets or patents, any dispute, claim or controversy arising out of or relating to this Agreement or the breach, termination, enforcement, interpretation or validity thereof, including the determination of the scope or applicability of this Agreement to arbitrate, will be determined by binding arbitration. The location of the arbitration will be determined by Edge to be in either (i) the state of your residence or (ii) the county and state of our chosen legal counsel at the time of the dispute. The arbitration will be administered by the American Arbitration Association (AAA) in accordance with its Commercial Arbitration Rules. Disputes will not be resolved in any other forum or venue. You agree that any arbitration will be conducted by a sole arbitrator. Pre-arbitration discovery will be limited to the greatest extent provided by the rules of AAA, the arbitration award will not include factual findings or conclusions of law, and no punitive damages will be awarded. Notwithstanding any other rules, no arbitration proceeding brought against Edge will be consolidated with any other arbitration proceeding without Edge's written consent. Judgment may be entered upon any award granted in any arbitration in any court of competent jurisdiction.

The arbitrator will, in the award, allocate all of the costs of the arbitration, including the fees of the arbitrator and the reasonable attorneys' fees of the prevailing party, against the party who did not prevail.

28. Governing law

This Agreement shall be governed pursuant to the laws of the State of California, USA, without regard to principles of conflict of laws. You agree that Edge may initiate a proceeding related to the enforcement or validity of Edge's intellectual property rights in any court having jurisdiction. With respect to any proceeding that is not subject to arbitration under this Agreement or policies incorporated herein, you agree that any proceedings shall be in the federal or state courts located in California. You waive any objection to venue and to submit to personal jurisdiction in any such courts.

29. Interpretation

The division of this Agreement into sections and the insertion of headings are for convenience of reference only and shall not affect the construction or interpretation of this Agreement. In this Agreement, words importing the singular number include the plural and vice versa; words importing gender include all genders; and words importing persons include individuals, sole proprietors, partnerships, corporations, trusts and unincorporated associations.

30. Entire Agreement

This Agreement as it may be amended from time to time in accordance with these Terms, and all other legal notices and policies on this website, constitutes the entire agreement between you and the Company with respect to the use of the Services.

31. Amendment and Waiver

The Company reserves the right, in its discretion, to amend this Agreement at any time by posting amendments on this website. You are responsible for periodically reviewing the amendments on this website, and you are deemed to be aware of such amendments. If you do not agree to the amended terms and conditions, you shall immediately stop using this website. Access to this website or use of the Edge Platform after any amendments have been posted shall constitute your acknowledgement and acceptance of the amended terms and conditions. No supplement, modification or amendment to this Agreement and no waiver of any provision of this Agreement shall be binding on the Company unless executed by the Company in writing. No waiver of any of the provisions of this Agreement shall be deemed to be or shall constitute a waiver of any other provision (whether or not similar) nor shall such waiver constitute a continuing waiver unless otherwise expressly provided.

32. Severability

Any provision of this Agreement which is held by a court of competent jurisdiction to be illegal, invalid or unenforceable in such jurisdiction shall, as to that jurisdiction, be ineffective to the extent of such illegality, invalidity or unenforceability and shall otherwise be enforced to the maximum extent permitted by law, all without affecting the remaining provisions of this Agreement or affecting the legality, validity or enforceability of such provision in any other jurisdiction.

33. Inurement

This Agreement shall inure to the benefit of and be binding upon each of us and our respective successors and permitted assigns. You acknowledge having read this Agreement before accepting it, having the authority to accept this Agreement and having received a copy of this Agreement.

34. Assignment

You shall not assign or transfer any of your rights or obligations under this Agreement without our prior written consent, which we may withhold at our sole and absolute discretion. Any actual or attempted assignment hereof by you contrary to the terms of this Agreement shall be null and void. We may, at our discretion, assign some or all our rights or obligations to a third party, without your consent or approval. If we are acquired by, sold to, or merged with a third-party entity, we reserve the right to transfer or assign all your User data as part of such merger, acquisition, sale, or change of control.

35. Support

Please direct questions, complaints, or issues to legal@onedge.co.

Overview

This Data Processing Addendum ("DPA") is incorporated into, and is subject to the terms and conditions of the Edge Terms of Service found at onedge.co/terms which you (the "Client") have accepted, unless Client has entered into a superseding written subscription agreement with Edge, in which case, it forms a part of such written agreement in addition to the Terms of Service (in either case, the "Agreement").

This Data Processing Addendum (hereinafter "DPA" or "Addendum") and its applicable DPA Appendixes apply to the Processing of Personal Data by Parties subject to the Data Protection Laws in order to provide services ("Services") pursuant to the Agreement between Edge and Client (collectively, the "Parties").

As part of their contractual relations, the Parties shall undertake to comply with the applicable Data Protection Laws on personal data processing.

Definitions

Affiliate means any person or entity that owns or controls, is owned or controlled by, or is under common control or ownership with, a party to this Agreement, where "control" is defined as the possession, directly or indirectly, of the power to direct or cause the direction of the management and policies of an entity, whether through ownership of voting securities, by contract, or otherwise.

Controller has the same meaning as "controller" in GDPR-modeled Data Protection Laws.

Client means the individual or entity that has entered into the Agreement and agreed to the incorporation of this DPA into the Agreement.

Client Content means any data, file attachments, text, images, reports, personal information, or other content that is uploaded or submitted to an online Service by Client or users and is Processed by Edge on behalf of Client. For the avoidance of doubt, Client Content does not include usage, statistical, learned, or technical information that does not reveal the actual contents of Client Content.

Client Personal Data has the same meaning as "controller" in GDPR-modeled Data Protection Laws.

Data Breach means a breach of security resulting in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Client Content.

Data Protection Laws means, to the extent applicable to a Party, the data protection or privacy laws of any country regarding the Processing of Client Personal Data.

Data Subject means an identified or identifiable natural person about whom Personal Information relates.

Edge Platform means the Edge software-as-a-service solution that allows Clients to seamlessly manage relationships with local and international independent contractors, including, the receipt of services from Consultants.

Europe means, for the purposes of this DPA, the European Union, the European Economic Area and/or their member states, Switzerland, and the United Kingdom.

Personal Data means any information relating to, identifying, describing, or capable of being associated with a Data Subject or a household.

Process means any operation or set of operations performed upon Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, alignment, combination, restriction, erasure, destruction or disclosure by transmission, dissemination or otherwise making available.

Processor has the same meaning as "processor" in GDPR-modeled Data Protection Laws, and includes any party that constitutes a "service provider" within the meaning of the CCPA.

Professional Services means implementation, configuration, integration, training, advisory, and other professional services related to the online Services that are provided or controlled by Edge.

Services means the services and software provided on Edge's platform, any services, content, communications, and product features relating to the Edge platform and as set forth in this DPA and any other online service or application provided or controlled by Edge for use with Edge's services.

Edge Personnel means any individual authorized by Edge to Process Client Personal Data.

Restricted Transfer means: (i) where the GDPR applies, a transfer of personal data from the European Economic Area or Switzerland to a country outside of the European Economic Area or Switzerland which is not subject to an adequacy determination by the European Commission; and (ii) where the UK Data Protection Law applies, a transfer of personal data from the United Kingdom to any other country which is not based on adequacy regulations pursuant to Section 17A of the UK Data Protection Law.

Standard Contractual Clauses means the standard contractual clauses annexed to the European Commission's Decision (EU) 2021/914 of 4 June 2021 currently found here as may be amended, superseded or replaced.

Sub-Processor means any Processor engaged by us or our affiliates to assist in fulfilling our obligations with respect to the provision of the Services under the Agreement. Sub-Processors may include third parties or our affiliates but will exclude any Edge employee or consultant.

Capitalized terms used in this DPA shall have the same meaning given to them under Data Protection Laws or if not defined thereunder, the GDPR, unless a different meaning is specified herein. In regards to the CCPA, terms used in the applicable provisions of the DPA where the CCPA is the applicable law shall be replaced as follows: "Personal Data" shall mean "Personal Information"; "Controller" shall mean "Business"; "Processor" shall mean "Service Provider"; and "Data Subject" shall mean "Consumer".

1. Contractual Documents / Duration of the DPA & Notice of Termination

This Addendum and its Appendixes constitute the entire Data Processing Agreement between the Parties. It replaces all previous agreements relating to its object. Any prior agreements between the Parties relating to personal data are not binding on the Parties. Some of the contractual documents may be amended or enriched during the fulfilment of the Addendum. In any event, these amendments or enrichments must be covered by an amendment signed by the Parties. No modifications may be made to the Addendum and its Appendixes without a document signed by both Parties.

• The term of the DPA is coextensive with the term of the Agreement.
• The termination of this DPA therefore depends on the provisions concerning the duration and the termination of the Agreement. Termination of the Agreement shall also have the effect of terminating this DPA.
• Furthermore, the premature termination of this DPA upon written notice to the other Party shall be permissible in the event of such other Party's serious breach of statutory or contractual data protection provisions under the Data Protection Laws, insofar as the contracting Party in question cannot reasonably be expected to continue this DPA.
• The Parties acknowledge that the termination of the DPA at any time and for any reason, does not exempt them from their obligations under the Data Protection Laws relating to the collection, processing and use of Personal Data.

2. Processing of Personal Data

The Parties agree that Edge and Client are each independent Controllers with respect to the processing of such Personal Data under this DPA as described in Appendix 1. The purpose(s) and nature of operations carried out on the Personal Data is the one as described in the Agreement. To perform the Services covered herein, the Client shall provide Edge with all the necessary information. Each party shall comply with the obligations applicable to it under the Data Protection Laws with respect to the processing of Personal Data covered under this DPA.

3. Processors

Client acknowledges and agrees that Edge may engage third-party Processors in connection with the provision of the Services. Edge acknowledges and agrees that Client may engage third-party Processors in connection with the receipt of the Services. Both Parties shall have a written agreement with each Processor and agree that any agreement with a Processor shall include substantially the similar data protection obligations as set out in this DPA.

Both Parties shall be liable for the acts and omissions of its respective Processors to the same extent such party would be liable under the terms of this DPA, except as otherwise set forth in the Agreement.

Client acknowledges that in the provision of some services, Edge, on receipt of instructions from Client, may transfer Personal Data to and otherwise interact with third party data processors. Client agrees that if and to the extent such transfers occur, Client is responsible for entering into separate contractual arrangements with such third-party data processors binding them to comply with obligations in accordance with the Data Protection Laws. For the avoidance of doubt, such third-party data processors are not Sub-Processors.

4. Technical and organizational measures

Edge shall take suitable technical and organizational measures appropriate to the risk to ensure for protection of the security, confidentiality and integrity of Personal Data it Processes under this DPA. Edge guarantees that it has carried out the technical and organizational measures specified in Appendix 2 to this DPA.

The technical and organizational measures are subject to the current state of technology and technical progress. In this regard, Edge is permitted to implement adequate alternative measures, provided that these measures may not provide a lower level of security to Client data than the stipulated measures in Appendix 2.

5. Sub-Processors

Client agrees that Edge may engage Sub-Processors to Process Personal Data on its behalf. Edge has currently appointed, as Sub-Processors, the third parties listed in Appendix 3 to this DPA. Edge will notify Client if Edge adds or replaces any Sub-Processors listed in Appendix 3 at least 30 days prior to any such changes.

Where Edge engages Sub-Processors, Edge will impose data protection terms on the Sub-Processors that provide at least the same level of protection for Personal Data as those in this DPA (including, where appropriate, the Standard Contractual Clauses), to the extent applicable to the nature of the services provided by such Sub-Processors. Edge will remain responsible for each Sub-Processor's compliance with the obligations of this DPA and for any acts or omissions of such Sub-Processor that cause Edge to breach any of its obligations under this DPA.

6. Cross-Border Transfers of Personal Information

Edge shall, at all times provide an adequate level of protection for the Personal Information, wherever Processed, in accordance with the requirements of the applicable Data Protection Law.

If Personal Information originates from the UK, EEA or Switzerland and is transferred by Client to Edge for Processing in a country not subject to an adequacy decision in accordance with the GDPR ("UK/EEA/Switzerland Data Transfer"), the Parties will conduct such UK/EEA/Switzerland Data Transfer in accordance with all applicable laws. The Parties hereby agree to the Standard Contractual Clauses for EEA/Switzerland Data Transfers, together with the version as modified by the UK Information Commissioner's Office's international data transfer addendum ("IDTA") (together, "EU SCCs") (which will be deemed executed by the Parties upon the Client's acceptance of the Agreement.).

For the purpose of this Section 6 the EU SCCs means Module Two (Transfer controller to processor) of the Commission Implementing Decision (EU) 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council (the text of which is available here), and the IDTA means the International Data Transfer Addendum to the EU Commission Standard Contractual Clauses published by the UK Information Commissioner's Office (the text of which is available here) (or any successor IDTA approved by the relevant UK authorities) in which Edge will be referred to as the "data exporter" and Supplier will be referred to as the "data importer." For the purposes of this Section 6, the EU SCCs will come into effect upon commencement of an EEA/Switzerland Data Transfer. If there is any conflict between the Sections of this DPA or the sections of the Agreement and the EU SCCs, in so far as the conflict relates to an EEA/Switzerland Data Transfer the EU SCCs will prevail.

7. Variations in Data Protection Laws

If any variation is required to this DPA as a result of a change in or subsequently applicable Data Protection Law, then either Party may provide written notice to the other Party of that change in law. The Parties will then discuss and negotiate in good faith any variations to this DPA necessary to address such changes, with a view to agreeing and implementing those or alternative variations as soon as practicable, provided that such variations are reasonable with regard to the functionality and performance of the Services and Edge's business operations.

8. Reservation of Rights

Notwithstanding anything to the contrary in this DPA: (a) Edge reserves the right to withhold information the disclosure of which would pose a security risk to Edge or its customers or is prohibited by applicable law or contractual obligation; and (b) Edge's notifications, responses, or provision of information or cooperation under this DPA are not an acknowledgement by Edge of any fault or liability.

9. Edge as Controller

Edge may collect Personal Data directly from Data Subject (which may be duplicative of Customer Personal Data) in accordance with Edge's internal policies and publicly posted Privacy Policy available at https://onedge.co/privacy, and nothing in this DPA will prohibit Edge from Processing such Personal Data as a Controller under Data Protection Laws, provided that Edge conspicuously notifies such Data Subjects that such information will be handled in accordance with Edge's Privacy Policy.

10. Final Provisions

• If individual provisions of this DPA should be or become ineffective, this shall not affect its remaining provisions. The Parties undertake to replace the ineffective provisions with a legally valid provision that comes closest to the purpose of the ineffective provisions.
• In the event of contradictions between this DPA and any other agreements between the Parties, especially the Agreement, the provisions of this DPA shall take precedence.
• Ancillary agreements, amendments and additions to this DPA must be made in writing. This also applies to the amendment of this requirement for written form.
• This DPA shall be governed by local law of the country where the data exporter is established, unless otherwise expressly mandated by the Data Protection Laws.
• The Parties agree to submit any claim or dispute arising from this DPA to the exclusive jurisdiction of the courts of jurisdiction of the data exporter, unless otherwise expressly mandated by the Data Protection Laws.
• Any notice or other communication given to Edge under or in connection with this DPA must be in writing and delivered to legal@onedge.co for privacy related matters, and security@onedge.co for security related matters.

Appendix 1: Details of Processing

Description of Transfer

The Client may submit Personal Data in the course of using the Services, the extent of which is determined and controlled by the Client in their sole discretion, and which may include, but is not limited to Personal Data relating to the following categories of Data Subjects: The Client's contacts and other end users including their employees, contractors, collaborators, clients, prospects, suppliers and subcontractors. Data Subjects may also include individuals attempting to communicate with or transfer Personal Data to Client's end users.

Categories of data subjects

The personal data transferred concern the following categories of data subjects: Client's representatives and users of the Services as employees, contractors and collaborators of the Client.

Categories of Personal Data Transferred

You may submit Personal Data to the Services, the extent of which is determined and controlled by you in your sole discretion, and which may include but is not limited to the following categories of Personal Data:

• Contact information: name, addresses, e-mail addresses, phone numbers and other ways in which Edge can contact the data subject
• Identity verification data: To verify an individual's identity, Edge may collect an individual's date of birth, taxpayer or government identification number, or a copy of a government-issued identification. In this identification verification process, Edge also may collect a photograph in order to be able to verify someone's identity by determining whether the photograph taken matches the photo in the government-issued identification. For this, the facial recognition technology collects information from the photos that may include biometric data. Edge also may collect information from third parties, such as credit bureaus, identity verification services, and other screening services to verify that the individual is eligible to use our Services.
• Communications: any communication Client has with Edge, like emails and phone calls
• Information regarding the usage of Edge: like payment transactions and technical connection data (IP address, location, logs, etc.)

Sensitive Categories

The personal data transferred concern the following special categories of data:

• Biometric data. To verify an individual's identity, the photograph as present on the government issued identification may be processed by Edge's facial recognition technology to produce biometric data used to identify data subjects
• Government identification number, as may be present on the copy of a government-issued identification.

Processing operations

The personal data transferred will be processed in accordance with the Agreement and may be subject to the following processing activities:

• storage and other processing necessary to provide, maintain and update the Services provided to the Client
• to provide technical support to the Client
• disclosures in accordance with the Agreement, as compelled by law

Appendix 2: Technical and organizational measures

Edge has implemented comprehensive organizational and technological measures to ensure the safety of the personal data as well as undisturbed operation in an optimal manner. The following technical and organizational measures have been taken:

Admission control

• Measures to prevent unauthorized persons from gaining access to the data processing equipment used to process personal data.
• Access control guidelines and regulations; Security areas are clearly defined; Appropriate implementation of measures to secure Datacenter Access; Security also outside working hours by alarm system and/or plant security; Access only for authorized persons (company employees and external persons); Regulation for external parties; Implementation of locks; External staff is accompanied by Edge staff

Access monitoring

• Measures and procedures to prevent unauthorized persons from using the data processing equipment. Regulation of user authorizations (administration incl. assignment of rights, assignment of special rights, revocation of authorizations, regular reviews). Password policy (secure passwords, regular changes, regular reviews). Use of encryption routines for mobile data carriers (incl. notebooks, USB sticks). Remote user authentication (cryptographic techniques, hardware identification, VPN solutions). Obligation to maintain data secrecy in accordance with Art. 28 Para. 3 lit. b GDPR. Role based authorization. Controlled destruction of data carriers. Regular security audit

Admission control (access authorization)

• Measures to ensure that those authorized for data processing can only access the personal data subject to their access authorization. Control of access authorization (differentiated authorizations via profiles, roles, time limit). Provision of appropriate authentication technologies. Security Logs (ex: unsuccessful and successful authentication attempts). Guidelines for the pseudonymization/anonymization of personal data

Transfer control

• Measures to ensure that personal data cannot be read, copied, altered or removed without authorization during electronic transmission, transport or storage on data carriers. Guidelines for the exchange of information of all kinds. Encryption during data transmission (network encryption, TLS). Logging during the transmission of data. Method for detecting and protecting malware. Access Control. Encryption of data carriers before transport. Handover of data carriers to authorized persons only. Controlled destruction of data carriers

Input control

• Measures to ensure authenticated entry of personal data. Access control. Data security policy. Process, program and workflow organization

Order control

• Measures to ensure that personal data processed is within the boundaries and conditions as set out in this DPA. Contract in writing with determination of the data protection agreements. Formalized order placement. Careful selection of the subcontractor. Separation of duty

Availability control

• Measures to ensure that personal data is protected against accidental destruction or loss. Controlled process to ensure business operations (BCM)/IT-SCM. Contingency plans. Regular back-ups according to backup plan. Protection of systems against database failure, service level agreements with IT service providers. Mirroring of data. Antivirus/Firewall. Redundant hardware

Separation control

• Measures to ensure that data collected for different purposes can be processed separately. Customer separation. Functional separations

Procedures for periodic review and evaluation

• Procedures for regular review, evaluation and evaluation of the effectiveness of technical and organizational measures. Data Protection Management. Incident response management

Contact

For questions about this DPA: privacy related matters, contact legal@onedge.co; security related matters, contact security@onedge.co.

Edge Services & Solutions LLC
800 W El Camino Real, Suite 180
Mountain View, CA 94040