Last Updated May 2024
This PRODUCTS AND SERVICES AGREEMENT (this “Agreement”) is incorporated by reference into the fully executed DFSI Order Form or DFSI Statement of Work (collectively, the “Principal Agreement“) between: (i) DFSI acting on its own behalf and as agent for each DFSI Affiliate; and (ii) Customer acting on its own behalf and possibly as agent for each Customer Affiliate. DFSI and Customer are each a “Party” and, collectively, the “Parties” to this Agreement.
WHEREAS, DFSI provides products and services assessing employment culture, performance, certification, and accreditation to assist companies and organizations in evaluating and improving their workplaces; and
WHEREAS, Customer wishes to engage DFSI to perform the Services (defined below) pursuant to the terms of this Agreement.
NOW, THEREFORE, in consideration of the promises and the mutual covenants contained herein and for other good and valuable consideration, the Parties hereto agree as follows:
GENERAL TERMS AND CONDITIONS
Disclaimer:
Work is based on primary and secondary market research and analysis of publicly available data or data provided to Diversity for Social Impact (DFSI). Achieving any of the certifications is a positive recognition based on research of publicly available data sources and data provided to DFSI at the time of evaluation. DFSI makes no claim to the completeness or accuracy of the information provided by the companies examined. The certification reflects the status of the company at the time of evaluation and does not account for any future changes in the company’s practices or status. The information provided in the certification should be considered in conjunction with other available information.
Neither DFSI nor any parent, subsidiary, affiliated and associated person or entity, and together with all respective officers, directors, employees, servants, agents, and their successors or administrators, accept any responsibility or liability with respect to the use of or reliance on any information or analysis contained in the certification. The quality of companies that are not included in the certification is not disputed. This work is copyright by DFSI and may not be published, transmitted, broadcast, copied, reproduced, or reprinted in whole or in part without the explicit written permission of Diversity for Social Impact. Copyright ©2024 Diversity for Social Impact. All rights reserved.
The certification is provided “as is” without any warranties, express or implied, including but not limited to warranties of merchantability, fitness for a particular purpose, or non-infringement. The use of the certification is at the client’s own risk. The client agrees to indemnify and hold harmless DFSI and its affiliates from any claims, damages, or expenses arising from their use of the certification.
DFSI reserves the right to modify the terms and conditions of certification and services at any time. Clients are responsible for regularly reviewing the terms and conditions to ensure compliance with any updates. Continued use of the certification after modifications constitutes acceptance of the updated terms and conditions.
1. DEFINITIONS
Capitalized terms not defined in this Section 1 have the meaning ascribed to them where used in the Agreement.
1.1 “Affiliate” means DFSI wholly-owned and majority-owned subsidiaries and Diversity for Social Impact. licensees with no ownership interest by DFSI.
1.2 “Aggregate Data” means (a) the Customer-specific information, data, and content contained in any report(s) delivered by DFSI to Customer pursuant to this Agreement; and (b) any other aggregated data that is derived from the Raw Data and that is delivered by DFSI to Customer pursuant to this Agreement. For the avoidance of doubt, Aggregate Data does not include any Raw Data or Customer Data.
1.3 “Assessment” means any assessment conducted by DFSI as part of the Services pursuant to which DFSI uses its tools and methodologies to assess and measure employment culture.
1.4 “Certification” means the process through which Customers may measure their employees’ diversity experiences and which such employees’ experiences may be “Certified” through the confirmation and performance with the Diversity for Social Impact Models.
1.5 “Customer Affiliate” means Customer wholly-owned and majority-owned subsidiaries.
1.6 “Customer Data” means Customer’s proprietary data and information that Customer provides to DFSI so that DFSI may, as part of the Services, conduct an Assessment and the proprietary data that may be provided by Customer to DFSI. For the avoidance of doubt, Customer Data does not include either Aggregate Data or Raw Data.
1.7 “Customer Personal Data” means any Personal Data Processed by a Processor on behalf of Customer.
1.8 “Consent” of the Data Subject means any freely given, specific, informed and unambiguous indication of the Data Subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of Personal Data relating to him, her, or them.
1.9 “Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data.
1.10 “Data” means the Raw Data and the Aggregate Data.
1.11 “Data Protection Laws” means the European Union (EU) 2016 General Data Protection Regulation (GDPR), the California Consumer Protection Act of 2018 AB 375 (CCPA), and the Data Protection Laws of all other country, state, or regulating bodies.
1.12 “Fees” means the fees to be paid by Customer to DFSI as set forth in this Agreement, including in the applicable Principal Agreement.
1.13 “GDPR” means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (General Data Protection Regulation).
1.14 “DFSI Intellectual Property” means (a) all copyrightable works owned by Diversity for Social Impact, whether or not the copyrights in such works have been registered in the U.S. or any other jurisdiction; (b) all confidential information and material belonging to Diversity for Social Impact; (c) all Diversity for Social Impact names, service marks, icons, and logos; (d) all techniques, algorithms and methods or rights thereto owned by, or licensed to, Diversity for Social Impact during the term of this Agreement and employed by Diversity for Social Impact in connection with the DFSI Services provided to Customer; (e) the Raw Data and DFSI Aggregate Data; (f) the DFSI Services; and (g) the Applications.
1.15 “DFSI Materials” means all techniques, algorithms and methods or rights thereto owned by, or licensed to, DFSI during the term of this Agreement and employed by DFSI in connection with the Services provided to Customer.
1.17 “Intellectual Property Rights” means patent rights (including, without limitation, patent applications and disclosures), copyrights, trade secrets, moral rights, know-how, and any other intellectual property rights recognized in any country or jurisdiction in the world.
1.17 “Survey” means the web-based Customer employee engagement survey consisting of DFSI’s standard survey questions and/or additional questions as requested by Customer.
1.18 “Supervisory Authority” means an independent public authority which is established by a Member State pursuant to Article 51 of the GDPR.
1.19 “Personal Data” means any information relating to an identified or identifiable natural person (‘Data Subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. For purposes of this Agreement, Personal Data excludes information provided by an individual directly to DFSI so long as DFSI was not collecting such information on behalf of Customer or in furtherance of completing transactions as required pursuant to this Agreement.
1.20 “Personal Data Breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed.
1.21 “Subprocessor” means any person (including any third party and any DFSI Affiliate, but excluding an employee of DFSI or any of its sub-contractors) appointed by or on behalf of DFSI or any DFSI Affiliate to Process Customer Personal Data on behalf of Customer in connection with the Principal Agreement.
1.22 “Processing” means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. The nature and purpose as well as the subject matter and duration of the Processing of the Customer Personal Data is to collect Customer employee survey data for processing and archiving scientific and historical research purposes and statistical purposes assessing workplace culture, performance, and accreditation to assist organizations in evaluating and improving their workplaces.
1.23 “Processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
1.24 “Raw Data” means the confidential and anonymous responses received by DFSI from Customer and Customer’s employees in connection with, among other things, surveys, focus groups, and one-to-one interviews administered by DFSI pursuant to this Agreement. For the avoidance of doubt, Raw Data does not include any Aggregate Data or Customer Data.
1.25 “Software” means any software owned or licensed by DFSI and used by DFSI to provide the Services.
1.26 “Services” means the services that DFSI will perform for Customer as described in the applicable Agreement.
2. CUSTOMER OBLIGATIONS
2.1 Cooperation and Assistance. As a condition to DFSI’s performance hereunder, Customer will at all times: (a) provide DFSI with good faith cooperation and access to such information, facilities, and equipment as may be reasonably required by DFSI in order to provide the Services, including, but not limited to, providing Customer Data; (b) provide such personnel assistance, as may be reasonably requested by DFSI from time to time; and (c) comply with its obligations under this Agreement.
2.2 Telecommunications and Internet Services. Customer acknowledges and agrees that Customer’s and Customer’s users’ use of the Assessment portion of the Services is dependent upon access to telecommunications and Internet services. Customer and Customer’s users will be solely responsible for acquiring and maintaining all telecommunications and Internet services and other hardware and software required to access and use the Assessment portion of the Services, including, without limitation, all costs, fees, expenses, and taxes of any kind related to the foregoing.
3. FEES
3.1 Fees. In consideration for DFSI performing the Services, Customer will pay to DFSI the Fees in the amounts and in accordance with the terms set forth in the Principal Agreement.
3.2 Invoices and Payment.
(a) Customer will pay to DFSI the full amount of undisputed Fees according to the Payment Terms set forth in the Principal Agreement and sent by invoice to the Customer. DFSI reserves the right to cease performance of the Services to Customer if payment(s) is not made on time. An additional fee may need to be paid before the Services are reinstated.
(b) DFSI will email invoices to the primary Customer contact specified in the Principal Agreement. Further invoice requirements with respect to payment due dates are specified in the Principal Agreement. Payment remittance options will be set forth in the invoice and will include payment by check or wire, or payment online.
3.3 Credits for Future Services. If at any time DFSI issues a credit for future services to Customer, Customer must use the credits within twelve (12) months of the credit being issued.
3.4. Subscription Services. You are free to cancel your subscription at any time. To initiate the cancellation, please cancel your subscription directly through the payment processsor e.g. Stripe, Substack. However, please note that we do not offer refunds for any remaining subscription period. Per our agreement with the payment processor, a $75 processing fee will apply.
If you are on a monthly subscription, your access will expire at the end of the current billing cycle.
For annual subscriptions, your access will continue until the end date of your one-year term. Cancellations will prevent the subscription from renewing, but will not result in a pro-rated refund for any time remaining on your current subscription period.
4. OWNERSHIP AND USE OF DATA
4.1 Customer Data.
(a) As between DFSI and Customer, the Customer Data, and all Intellectual Property Rights therein or relating thereto, are and will remain the exclusive property of Customer or its licensors.
(b) DFSI will use Customer Data solely to perform the Services and in a manner that is compatible with the purposes for which such Customer Data is furnished to DFSI or subsequently authorized to be used, and DFSI will ensure that any Personal Information included in Customer Data is properly maintained.
4.2 Aggregate Data and Raw Data.
(a) As between DFSI and Customer, the Raw Data and the Aggregate Data, and all Intellectual Property Rights therein or relating thereto, are and will remain the exclusive property of DFSI.
(b) The Raw Data will not be provided to Customer by DFSI to protect the confidentiality of Customer respondents. Customer may use Aggregate Data solely as described in Section 5.3.
(c) DFSI covenants to use the Aggregate Data solely for the purposes of DFSI, including without limitation for benchmarking, creation of best practices, certification of companies as recognized workplaces, creation of lists of companies for publication, statistical analysis, and other R&D purposes.
(d) To protect the confidentiality of Customer respondents, DFSI will not report on Assessment results in which fewer than five (5) people in a Customer demographic group have responded.
5. TREATMENT OF INTELLECTUAL PROPERTY
5.1 Notwithstanding any provision of this Agreement to the contrary, (a) all Intellectual Property Rights belonging to a Party, sub-contractor or third party prior to the Effective Date, or created other than in connection with DFSI’s provision of the Services (“Pre-existing IPR”) will remain with, and vested in, that Party, sub-contractor or third party (as applicable) and will not be assigned hereunder, and (b) all Intellectual Property Rights in all enhancements and modifications to, or derivative works of, any Pre-existing IPR made by either Party will be with, and vest in, the owner of the relevant Pre-existing IPR.
5.2 As between DFSI and Customer, the DFSI Intellectual Property, and all Intellectual Property Rights therein or relating thereto (except for limited rights granted to Customer and Customer’s users herein), are and will remain the exclusive property of DFSI or its licensors. Customer is not acquiring any rights to any DFSI Intellectual Property. Any use of DFSI Intellectual Property other than as expressly described in this Agreement requires prior written approval from DFSI.
5.3 Without DFSI’s prior written approval, which may be withheld in DFSI’s sole discretion, Customer will not use or re-use any DFSI Intellectual Property in any manner other than pursuant to its receipt of the Services during the Term (including in any surveying conducted either in-house or with another vendor outside of the scope of this Agreement). Reports provided by DFSI to Customer may be distributed internally by Customer, but any external distribution requires prior written approval from DFSI which will not be unreasonably withheld.
5.4 Each Party will not infringe or misappropriate the Intellectual Property Rights of the other Party or of any third party while performing its obligations under this Agreement.
5.5 Each Party acknowledges and agrees that the other Party’s Intellectual Property is the valuable property of the other Party. Each Party will safeguard and protect the Intellectual Property that it receives. Each Party will not alter or modify or permit others to alter or modify the other Party’s Intellectual Property without the prior written approval of the other Party. As examples only, and in no way as any limitation of this provision, no text may be revised nor may any mark or logo be altered, distorted or modified in any way.
5.6 In the event a Party becomes aware of any infringement or unauthorized use of the other Party’s Intellectual Property by that Party, its personnel or by any third party, that Party will immediately notify the other Party of such infringement or unauthorized use. If such infringement or unauthorized use is by that Party or its personnel, that Party immediately will cease such infringement or unauthorized use; if such infringement or unauthorized use is by a third party, that Party will cooperate with the other Party in causing the third party to cease such infringement or unauthorized use.
6. CONFIDENTIALITY
6.1 Any Customer Data providedCustomer to DFSI or otherwise obtained by DFSI as a receiving Party relating to the business or operations of Customer or its clients or any person, firm, Customer or organization associated with Customer, will be treated by DFSI as confidential, and DFSI will not disclose the same to third parties without the prior written consent of Customer. The Parties acknowledge and agree that the Customer Data Customer does not include the Raw Data and the Aggregate Data, which is DFSI Intellectual Property.
6.2 In the event that Customer as a receiving Party has access to any confidential information and/or material belonging to DFSI (including DFSI Intellectual Property), whether such access is intended or inadvertent, then Customer will treat such information and/or material as confidential and will not disclose such information and/or material to third parties without the prior written consent of DFSI.
6.3 The confidentiality provisions set forth herein will not apply to confidential information which (a) is in or enters the public domain other than by acts or omissions of the receiving Party, (b) is obtained by the receiving Party from a third party who obtained it lawfully without obligation of confidentiality, (c) is or has been independently generated by the receiving Party as evidenced in written documents, or (d) is properly disclosed by the receiving Party pursuant to a statutory obligation, the order of a court of competent jurisdiction or that of a competent regulated body that requires the disclosure of confidential information or material belonging to the other Party, provided that the receiving Party will before disclosure notify the other Party, unless such notice is prohibited, so that steps may be taken to attempt to quash or limit any disclosure.
6.4 The foregoing obligations as to confidentiality will apply retrospectively, from the point of first contact between Customer and DFSI regarding the Services and will remain in full force and effect notwithstanding any termination of this Agreement.
7. DATA SECURITY
7.1 The DFSI analytical survey platform named Emprising is hosted by the cloud provider Microsoft Azure and AWS. DFSI contracts with Azure to maintain the highest level of Data Security and Data Privacy global compliance at all times. This legal protection is passed along to all DFSI clients though the warranties in the Products and Services Agreement for the entire term of our engagement as detailed below.
7.2 DFSI provides the highest standard of legal protection by warranting to our clients that during the entire term of the engagement, DFSI has not received notice of non-compliance with the following industry standards: CPA-audited financial statements by the firm Abbott, Stringham & Lynch, the International Organization for Standardization (ISO) for data security ISO 27001:2013, business continuity management ISO 22301:2019, and quality management ISO 9001:2015 as well as the National Institute of Standards and Technology (NIST 2015) cybersecurity framework. If applicable, DFSI also complies with the Payment Card Industry Data Security Standard (PCI DSS) through a third-party provider. DFSI also provides these warranties and representations for the DFSI Network even though it does not support Emprising. The Emprising survey questions and responses never touch the DFSI Network. Any communication between Emprising hosted on Azure and the DFSI Network is strictly limited to an end-to-end secure VPN connection using IPSec protocol. Accordingly, DFSI considers the third-party financial and security audits of the DFSI Network to be for “restricted use” and confidential and does not release them to any Customer.
7.3 DFSI maintains a Chief Data Protection Officer (CDPO) and a Certified Lead Auditor (Auditor) for ISO 27001:2013 to ensure compliance with these industry standards. The CDPO and Auditor report directly to the CEO and President of DFSI.
8. DATA PRIVACY
8.1 DFSI will use commercially reasonable efforts consistent with industry standards to collect, transmit, store, protect and maintain the Data and Customer Data obtained through the Services in accordance with the details provided in the DFSI Global Privacy Policy found at the following URL: https://diversity.social/privacy. DFSI represents and warrants that during the Term it complies with the European Union (EU) 2016 General Data Protection Regulation (GDPR), the California Consumer Protection Act of 2018 AB 375 (CCPA), the Asia-Pacific Economic Cooperation (APEC) Cross Border Privacy Rules, and the Data Protection Laws of all other country, state, or regulating bodies. DFSI is also certified under the US/EU and US/CH Privacy Shield. If needed, appended to this Agreement is an executed Standard Contractual Clauses (new SCC) recited in the June 4, 2021 final Implementing Decision released by the European Commission.. DFSI collects Data for processing and archiving scientific and historical research purposes and statistical purposes assessing workplace culture, performance, and accreditation to assist organizations in evaluating and improving their workplaces. This exact language is found in Article 89 of the GDPR. The types and categories of Customer Personal Data to be processed is found in the demographic section and Trust Index questions of the survey. DFSI DOES NOT SELL PERSONAL DATA to any third party.
8.2 In connection with the Services, DFSI may receive, process and store Personal Data in the United States or other jurisdictions. Personal Information received by DFSI will be protected by DFSI as described in the Section above. In the event that consent of any individual is required to be obtained before transfer of Personal Information to DFSI, Customer is responsible for obtaining the consent of any affected individual. Said consent needs to be freely given, specific, informed, unambiguous and given by a statement or clear affirmative action.
8.4 Data Subject’s Rights. Taking into account the nature of the Processing, DFSI and each DFSI Affiliate shallassist Customer to respond to requests toexercise Data Subject rights under any Data Protection Laws. DFSI shallpromptly notify Customer if any Processor receives a request from a Data Subject under any Data Protection Law in respect of Customer Personal Data. DFSI shall ensure that the Processor does not respond to that request except on the documented instructions of Customer or as required by any Data Protection Law to which the Processor is subject, in which case DFSI shall to the extent permitted by any Data Protection Law inform Customer of that legal requirement before Processor responds to the request. The nature and purpose as well as the subject matter and duration of the Processing of the acco is to collect Customer employee survey data for processing and archiving scientific and historical research purposes and statistical purposes assessing workplace culture, performance, and accreditation to assist organizations in evaluating and improving their workplaces. The types and categories of Customer Personal Data to be processed are found in the demographic section of the survey.
8.5 Personal Data Breach. DFSI shall notify Customer without undue delay and in no case more than 72 hours upon a Processor becoming aware of a Personal Data Breach affecting Customer Personal Data. Customer shall be provided with sufficient information to allow Customer to meet any obligations to report or inform Data Subjects of the Personal Data Breach under the Data Protection Laws. DFSI shall co-operate with Customer and take such reasonable commercial steps as are directed by Customer to assist in the investigation, mitigation and remediation of each such Personal Data Breach.
9. LIMITATION OF LIABILITY
9.1 If A Party should become entitled to claim damages from the other Party for any reason in connection with this Agreement (including without limitation, for breach of contract, breach of warranty, negligence or other tort claim), the other Party will be liable only for the amount of the other Party’s actual direct damages up to the amount that Customer paid DFSI for the Services that are the subject of the claim. In no event will the other Party’s aggregate liability to the Party for all claims arising under or relating to this Agreement exceed the amount of twelve (12) months’ worth of Fees paid by Customer to DFSI under this Agreement. These limits are the maximum liability for which the other Party is responsible.
9.2 In no event will either Party be liable for: (a) any damages arising out of or related to the failure of the other Party or its affiliates or personnel to perform their responsibilities; and/or (b) any lost profits, loss of business, loss of data, loss of use, lost savings or other consequential, special, incidental, indirect, exemplary or punitive damages, even if either Party has been advised of the possibility of such damages.
9.3 The limitations of liability contained in this agreement shall not apply to liabilities arising from: (a) a Party’s gross negligence, fraud, violation of law, or misrepresentation; (b) a Party’s indemnity obligations; or (c) claims covered by a Party’s insurance.