Contribly Terms & Conditions
and Data Protection Policy
Table of Contents:
Terms and Conditions
1. DEFINITIONS
2. CUSTOMER SUBSCRIPTIONS 3
3. ADDITIONAL CUSTOMER SUBSCRIPTIONS
4. FEES
5. SERVICES
6. DATA PROTECTION
7. CONTRIBLY'S OBLIGATIONS
8. CUSTOMER'S OBLIGATIONS
9. CHARGES AND PAYMENT
10. PROPRIETARY RIGHTS
11. CONFIDENTIALITY AND COMPLIANCE WITH POLICIES
12. INDEMNITY
13. LIMITATION OF LIABILITY
14. TERM AND TERMINATION
15. FORCE MAJEURE
16. CONFLICT
17. VARIATION
18. WAIVER
19. RIGHTS AND REMEDIES
20. SEVERANCE
21. ENTIRE AGREEMENT
22. ASSIGNMENT
23. NO PARTNERSHIP OR AGENCY
24. THIRD PARTY RIGHTS
25. NOTICES
26. GOVERNING LAW
27. JURISDICTION
Data Protection Agreement March 2026
Part 1 Particulars of the processing
Part 2 Technical and organisational measures
Part 3 List of Sub-Processors
Contribly Terms and Conditions
Contribly has developed services for managing content generated by the Customers’ End Users which is then moderated by the Customer and, if approved, published on the Customer’s Website(s) through Call Outs and other requests for material, and using Widgets and Software created by Contribly.
The terms below (described as “the agreement”) govern the use of the service.
DEFINITIONS
1.1 The definitions and rules of interpretation in this clause apply in this agreement.
Anonymous or Anonymised Data: means data that does not relate to an identified or identifiable person.
Business Day: a day other than a Saturday, Sunday or public holiday in England when banks in London are open for business.
Call Out(s): A request from the Customer to End Users for Content to upload to the Customers Website(s).
Confidential Information: information that is proprietary or confidential and is either clearly labelled as such or identified as Confidential Information in clause 11.1.
Contract year: a 12 month period commencing on the date of the Effective Date or any anniversary of it.
Content Data: the data generated by the End User or Contributor that has been uploaded to the agreed Customer Website(s).
Customer Data: the data inputted by the Customer, Moderator(s), or the Supplier on the Customer's behalf for the purpose of using the Services or facilitating the Customer's use of the Services.
Customer Subscriptions: the customer subscriptions purchased by the Customer pursuant to clause 9.1 which entitle End Users and Moderator(s) to access and use the Services and the Documentation in accordance with this agreement.
Customer Website(s): The websites owned by the Customer which use the Contribly Software.
Documentation: the document(s) and other materials made available to the Customer by Contribly online via https://www.contribly.com/ or whichever other web address notified by Contribly to the Customer from time to time which sets out a description of the Services and the user instructions for the Services.
End User(s), Readers or Contributors: means any person who can upload content in response to Call Outs to be reviewed by a Moderator before going live on the Customer Website(s).
Moderator(s): the employees, agents and independent contractors of the Customer who are authorised by the Customer to use the Services and the Documentation with the Customer company. They are further described in clause 2.2(d).
Normal Business Hours: 8.00 am to 6.00 pm local UK time, each Business Day.
Renewal Period: the period described in clause 14.1.
Services: the subscription services provided by Contribly to the Customer under this agreement that are described as:
(a) Allowing the Customer to issue Call Outs using the Software to End Users to provide Content Data that allows the End Users to provide images, videos or information on the Customer’s Websites; or
(b) a Service described via Contribly’s website at https://www.contribly.com/product/ or any other website notified to the Customer by Contribly from time to time;
as more particularly described in the Documentation.
Software: the online software applications provided by the Supplier as part of the Services.
Subscription Fees: the subscription fees payable by the Customer to the Supplier for the User Subscriptions, as set out in the Booking Form.
Subscription Term: has the meaning given in clause 14.1 (being the Initial Subscription Term together with any subsequent Renewal Periods).
Virus: any thing or device (including any software, code, file or programme) which may: prevent, impair or otherwise adversely affect the operation of any computer software, hardware or network, any telecommunications service, equipment or network or any other service or device; prevent, impair or otherwise adversely affect access to or the operation of any programme or data, including the reliability of any programme or data (whether by re-arranging, altering or erasing the programme or data in whole or part or otherwise); or adversely affect the user experience, including worms, trojan horses, viruses and other similar things or devices.
1.2 In the case of actual or apparent conflict between these terms and the Booking Form, the Booking Form will have precedence.
1.3 A person includes an individual, corporate or unincorporated body (whether or not having separate legal personality) and that person's legal and personal representatives, successors or permitted assigns.
1.4 A reference to a statute or statutory provision is a reference to it as it is in force as at the date of this agreement.
1.5 A reference to a statute or statutory provision includes all subordinate legislation made as at the date of this agreement under that statute or statutory provision.
1.6 A reference to writing or written excludes fax but not email.
1.7 References to clauses and schedules are to the clauses and schedules of this agreement; references to paragraphs are to paragraphs of the relevant schedule to this agreement.
CUSTOMER SUBSCRIPTIONS
2.1. Subject to the Customer purchasing the Customer Subscriptions in accordance with this clause 2 and clause 9.1, the restrictions set out in this clause 2 and the other terms and conditions of this agreement, Contribly grants a non-exclusive, non-transferable right and licence to the Customer, without the right to grant sublicences, to permit the Customer and Moderators to access and use the Services and the Documentation during the Subscription Term solely for the Customer's internal business operations.
2.2 In relation to the Moderator(s), the Customer:
(a) Cannot use more Customer Subscriptions or Customer Websites using the Software than it has purchased but the Customer has the option to purchase more Customer Subscriptions from Contribly in accordance with Clause 4.2; so long as:
(b) Shall ensure that each Moderator User:
(i) keeps a secure password for their use of the Services and Documentation
(ii) keeps that password and their account secure, not sharing it with anyone else, and
(iii) is over the age of 18 years old.
(c) shall allow Contribly and its auditor to audit the Services to establish the name and password of each Moderator and the Customer's data processing facilities to audit compliance with this agreement. Each audit may be conducted no more than twice per annum, at Contribly's expense, and this right shall be exercised with reasonable prior notice, in a way as not to substantially interfere with the Customer's normal conduct of business; but:
(i) if any of the audits referred to in clause 2.2(c) reveal that any password has been provided to any individual who is not a Moderator, then without prejudice to Contribly's other rights, the Customer shall promptly disable such passwords and Contribly shall not issue any new passwords to that individual; and
(ii) if any of the audits referred to in clause 2.2(c) reveal that the Customer has underpaid Subscription Fees to Contribly, then without prejudice to Contribly's other rights, the Customer will pay to Contribly an amount equal to that underpayment calculated in accordance with the prices set out in the Booking Form within 10 Business Days of the date of the relevant audit.
2.3 Will comply with the Acceptable Use Policy in relation to the Content Data. The Customer shall not access, store, distribute or transmit any Viruses, or any material during the course of its use of the Services that:
(a) is unlawful, harmful, threatening, defamatory, obscene, infringing, harassing or racially or ethnically offensive;
(b) facilitates illegal activity;
(c) depicts sexually explicit images;
(d) promotes unlawful violence;
(e) is discriminatory based on race, gender, colour, religious belief, sexual orientation, disability; or
(f) is otherwise illegal or causes damage or injury to any person or property;
and Contribly reserves the right, without liability or prejudice to its other rights to the Customer, to disable the Customer's access to any material that breaches the provisions of this clause, and/or to require the Customer to remove and not to publish such material.
2.4 The Customer will not:
(a)
(i) attempt to copy, modify, duplicate, create derivative works from, frame, mirror, republish, download, display, transmit, or distribute all or any portion of the Software, the Services and/or Documentation (as applicable) in any form or media or by any means; or
(ii) attempt to de-compile, reverse compile, disassemble, reverse engineer or otherwise reduce to human-perceivable form all or any part of the Software or the Services;
(except as may be allowed by any applicable law which is incapable of exclusion by agreement between the parties and except to the extent expressly permitted under this agreement);
or
(b) access all or any part of the Services and Documentation in order to build a product or service which competes with the Services and/or the Documentation; or
(c) use the Services and/or Documentation to provide services to third parties; or
(d) subject to clause 22.1, license, sell, rent, lease, transfer, assign, distribute, display, disclose, or otherwise commercially exploit, or otherwise make the Services and/or Documentation available to any third party, or
(e) attempt to obtain, or assist third parties in obtaining, access to the Services and/or Documentation, other than as provided under this clause 2; or
(f) introduce or permit the introduction of, any Virus into the Services or the Contribly's network and information systems.
2.5 The Customer will use all reasonable endeavours to prevent any unauthorised access to, or use of, the Services and/or the Documentation and, in the event of any such unauthorised access or use, promptly notify Contribly.
2.6 The rights provided under this clause 2 are granted to the Customer only, and shall not be considered granted to any subsidiary or holding company of the Customer.
3. ADDITIONAL CUSTOMER SUBSCRIPTIONS
3.1 Subject to clause 3.2 and clause 3.3, the Customer may, from time to time during any Subscription Term, purchase additional Customer Subscriptions for its Customer Website(s) and Contribly shall grant access to the Services and the Documentation in accordance with the provisions of this agreement.
3.3 If the Customer wants to purchase additional Customer Subscriptions, it will ask Contribly. Contribly will evaluate the request and respond to the Customer with approval or rejection of the request (such approval not to be unreasonably withheld). Where Contribly approves the request, Contribly will activate the additional Customer Subscriptions within 7 days of its approval of the Customer's request.
3.4 If Contribly approves the Customer's request, the Customer will pay Contribly the relevant fees and, if the additional Customer Subscriptions are bought by the Customer during any Renewal Period (as applicable), the fees will be pro-rated from the date of activation by Contribly for the remainder of the monthly period or the current Renewal Period (as applicable).
4. FEES
4.1 SUBSCRIPTION FEES
(a) The Subscription Fees shall amount to a total agreed per month, based on an agreed number of Customer Subscriptions as shown on the Booking Form that allow for Call Out(s) on the Customers Website(s).
4.2 ADDITIONAL CUSTOMER SUBSCRIPTION FEES and ADDITIONAL STORAGE FEES
(a) If the Customer requires Additional Customer Subscriptions these may be purchased by the Customer in accordance with clause 3 and in accordance with the Booking Form per Customer Subscription; or
(b) If additional storage is required in a single month this shall be charged at cost price for any additional traffic in excess of the 1 Terabytes allowance, of which Contribly will notify the Customer in advance of the storage being exceeded.
5. SERVICES
5.1 Contribly will, during the Subscription Term, provide the Services and make available the Documentation to the Customer on and subject to the terms of this agreement.
5.2 Contribly will use commercially reasonable endeavours to make the Services available 24 hours a day, seven days a week, except for:
(a) planned maintenance carried out during the maintenance window which has (where practicable) been notified to the Customer;
(b) unscheduled maintenance where necessary for the maintenance and/or security of the Services or similar purposes; and
(c) From time to time may:
(i) modify the Services by issuing updates; and
(ii) make new features, functionality, applications or tools available in respect of the Services,
and shall give the Customer prompt notice of material modifications to the Services and any such new features, functionality, applications or tools.
5.3 Contribly will, as part of the Services provide the Customer with Contribly's standard customer support services during Normal Business Hours which is limited to assistance with support of ensuring the Software runs smoothly for the Customer. Contribly may amend their standard customer support services in its sole and absolute discretion from time to time except that any such amendments shall not materially alter the support services to the Customer’s detriment.
6. DATA PROTECTION
6.1 Definitions within this clause
(a) Applicable Laws: means:
(i) To the extent the UK GDPR applies, the law of the United Kingdom or of a part of the United Kingdom.
(ii) To the extent EU GDPR applies, the law of the European Union or any member state of the European Union to which Contribly is subject.
(b) Applicable Data Protection Laws: means:
(i) To the extent the UK GDPR applies, the law of the United Kingdom or of a part of the United Kingdom which relates to the protection of personal data.
(ii) To the extent the EU GDPR applies, the law of the European Union or any member state of the European Union to which Contribly is subject, which relates to the protection of personal data.
(c) Customer Personal Data: any personal data which Contribly processes in connection with this agreement, in the capacity of a processor on behalf of the Customer.
(d) EU GDPR: the General Data Protection Regulation ((EU) 2016/679).
(e) Purpose: the purposes for which the Customer Personal Data is processed, as set out in: Clause 6.4(a).
(f) Customer Personal Data: any personal data which Contribly processes in connection with this agreement, in the capacity of a controller.
(g) UK GDPR: has the meaning given to it in the Data Protection Act 2018.
6.2 For the purposes of this clause 6, the terms controller, processor, data subject, personal data, personal data breach and processing shall have the meaning given to them in the UK GDPR.
6.3 Both parties will comply with all applicable requirements of Applicable Data Protection Laws. This clause 6 is in addition to, and does not relieve, remove or replace, a party's obligations or rights under Applicable Data Protection Laws.
6.4 The parties have determined that, for the purposes of Applicable Data Protection Laws:
(a) The Customer shall act as controller in respect of the personal data and processing activities;
(b) Contribly shall process the personal data, as a processor on behalf of the Customer in respect of the processing activities.
6.5 Should the determination in clause 6.4 change, then each party shall work together in good faith to make any changes which are necessary to this clause 6 or the related schedules.
6.6 By entering into this agreement, the Customer consents to (and shall procure all required consents, from its personnel, representatives and agents, in respect of) all actions taken by Contribly in connection with the processing of Customer Personal Data, provided these are in compliance with the then-current version of Contribly's privacy policy available at https://www.contribly.com/privacy-policy/ (Privacy Policy). In the event of any inconsistency or conflict between the terms of the Privacy Policy and this agreement, the Privacy Policy will take precedence.
6.7 The Customer agrees to Contribly using the Customer Data posted on the Software to understand market trends and news and analyse the Moderators’ use of the Software provided the Customer Data has become Anonymous Data.
6.8 The Customer agrees to Contribly using the Customer Data, provided it has become Anonymous Data, to train an Artificial Intelligence Model in ways that will aid the development and facilities of the Software; provided that such anonymised Customer Data will not be shared with, or used by, any third-party general-purpose AI models or platforms that are not directly integrated into the services provided to the Customer.
6.9 Without prejudice to the generality of clause 6.2, the Customer will ensure that it has all necessary appropriate consents and notices in place to enable lawful transfer of the Customer Personal Data to Contribly for the duration and purposes of this agreement.
6.10 In relation to the Customer Personal Data, Schedule 1 sets out the scope, nature and purpose of processing by Contribly, the duration of the processing and the types of personal data and categories of data subject.
6.11 Without prejudice to the generality of clause 6.2 Contribly shall, in relation to Customer Personal Data:
(a) process that Customer Personal Data only on the documented instructions of the Customer, which shall be to process the Customer Personal Data for the purposes set out in Schedule 1, unless Contribly is required by Applicable Laws to otherwise process that Customer Personal Data. Where Contribly is relying on Applicable Laws as the basis for processing Customer Processor Data, Contribly shall notify the Customer of this before performing the processing required by the Applicable Laws unless those Applicable Laws prohibit the Provider from so notifying the Customer on important grounds of public interest. Contribly shall inform the Customer if, in the opinion of the Contribly, the instructions of the Customer infringe Applicable Data Protection Laws;
(b) implement the technical and organisational measures set out in Schedule 1Part 2 to protect against unauthorised or unlawful processing of Customer Personal Data and against accidental loss or destruction of, or damage to, Customer Personal Data, which the Customer has reviewed and confirms are appropriate to the harm that might result from the unauthorised or unlawful processing or accidental loss, destruction or damage and the nature of the data to be protected, having regard to the state of technological development and the cost of implementing any measures;
(c) ensure that any personnel engaged and authorised by Contribly to process Customer Personal Data have committed themselves to confidentiality or are under an appropriate statutory or common law obligation of confidentiality;
(d) assist the Customer insofar as this is possible (taking into account the nature of the processing and the information available to Contribly), and at the Customer's cost and written request, in responding to any request from a data subject and in ensuring the Customer's compliance with its obligations under Applicable Data Protection Laws with respect to security, breach notifications, impact assessments and consultations with supervisory authorities or regulators;
(e) notify the Customer without undue delay on becoming aware of a personal data breach involving the Customer Personal Data;
(f) at the written direction of the Customer, delete or return Customer Personal Data and copies thereof to the Customer on termination of the agreement unless Contribly is required by Applicable Law to continue to process that Customer Personal Data. For the purposes of this clause 6.11(f) Customer Personal Data shall be considered deleted where it is put beyond further use by Contribly; and
(g) maintain records to demonstrate its compliance with this clause 6 and allow for reasonable audits by the Customer or the Customer's designated auditor, for this purpose, on reasonable written notice.
6.12 The Customer hereby provides its prior, general authorisation for Contribly to:
(a) appoint processors to process the Customer Personal Data, provided that Contribly:
(i) shall ensure that the terms on which it appoints such processors comply with Applicable Data Protection Laws, and are consistent with the obligations imposed on Contribly in this clause 6;
(ii) shall remain responsible for the acts and omission of any such processor as if they were the acts and omissions of Contribly; and
(iii) shall inform the Customer of any intended changes concerning the addition or replacement of the processors, thereby giving the Customer the opportunity to object to such changes provided that if the Customer objects to the changes and cannot demonstrate, to Contribly's reasonable satisfaction, that the objection is due to an actual or likely breach of Applicable Data Protection Law, the Customer shall indemnify Contribly for any losses, damages, costs (including legal fees) and expenses suffered by Contribly in accommodating the objection.
(b) transfer Customer Personal Data outside of the UK as required for the Purpose, provided that Contribly shall ensure that all such transfers are effected in accordance with Applicable Data Protection Laws. For these purposes, the Customer shall promptly comply with any reasonable request of Contribly, including any request to enter into standard data protection clauses adopted by the EU Commission from time to time (where the EU GDPR applies to the transfer) or adopted by the UK Information Commissioner from time to time (where the UK GDPR applies to the transfer).
Either party may, at any time on not less than 30 days' notice, revise this clause 6 with any applicable standard clauses approved by the EU Commission or the UK Information Commissioner's Office or forming part of an applicable certification scheme or code of conduct (Amended Terms). Such Amended Terms shall apply when replaced by attachment to this agreement, but only in respect of such matters which are within the scope of the Amended Terms.
6.13 Contribly will ensure that they appoint Sub-processors in accordance with the following:
(a) Appointment of Sub-processors: The Controller provides a general written authorisation for Contribly to engage third-party Sub-processors to Process Controller Personal Data;
(b) Current List and Notification of New Sub-processors: Contribly maintains a list of its current Sub-processors, as set out in Schedule 3 (Approved Sub-processors). Contribly provides the Controller with at least thirty (30) days' prior written notice of the appointment of any new Sub-processor, including full details of the Processing to be undertaken by the Sub-processor;
(c) Objection Right for New Sub-processors: The Controller may object to the appointment of a new Sub-processor within fourteen (14) days of receiving notice, provided such objection is based on reasonable data protection grounds. If the Controller objects, the Parties shall work together in good faith to find a commercially reasonable solution. If no such solution can be found, the Controller may terminate the applicable portion of the Services affected by the Sub-processor change; and
(d) Sub-processor Obligations: Contribly shall enter into a written agreement with each Sub-processor containing data protection obligations that are at least as protective as those in this DPA. Contribly shall remain fully liable to the Controller for the performance of the Sub-processor's data protection obligations.
7. CONTRIBLY'S OBLIGATIONS
7.1 Contribly shall perform the Services substantially in accordance with the Documentation and with reasonable skill and care.
7.2 Contribly’s obligations at clause 7.1 will not apply to the extent of any non-conformance which is caused by use of the Services contrary to Contribly's instructions, or modification or alteration of the Services by any party other than Contribly or Contribly's duly authorised contractors or agents. If the Services do not conform with the terms of clause 7.1, Contribly will, at its expense, use reasonable commercial endeavours to correct any such non-conformance promptly. Such correction constitutes the Customer's sole and exclusive remedy for any breach of the undertaking set out in clause 7.1.
7.3 Contribly:
(a) does not warrant that:
(i) the Customer's use of the Services will be uninterrupted or error-free; or
(ii) that the Services, Documentation and/or the information obtained by the Customer through the Services will meet the Customer's requirements (though subject to clause 7.1); or
(iii) the Software or the Services will be free from Vulnerabilities or Viruses.
7.4 is not responsible for any delays, delivery failures, or any other loss or damage resulting from the transfer of data over communications networks and facilities, including the internet, and the Customer acknowledges that the Services and Documentation may be subject to limitations, delays and other problems inherent in the use of such communications facilities.
7.5 This agreement will not prevent Contribly from entering into similar agreements with third parties, or from independently developing, using, selling or licensing documentation, products and/or services which are similar to those provided under this agreement.
7.6 Contribly warrants that it has and will maintain all necessary licences, consents, and permissions necessary for the performance of its obligations under this agreement. Contribly shall follow its archiving procedures for Customer Data as set out in its Information Security Policy which is available on request or such other website address as may be notified to the Customer from time to time, as such document may be amended by Contribly in its sole discretion from time to time. In the event of any loss or damage to Customer Data, the Customer's sole and exclusive remedy against Contribly shall be for Contribly to use reasonable commercial endeavours to restore the lost or damaged Customer Data from the latest back-up of such Customer Data maintained by Contribly in accordance with the archiving procedure described in its Policy. Contribly shall not be responsible for any loss, destruction, alteration or disclosure of Customer Data caused by any third party (except those third parties sub-contracted by Contribly to perform services related to Customer Data maintenance and back-up.
8. CUSTOMER'S OBLIGATIONS
8.1 The Customer shall:
(a) provide Contribly with:
(i) all necessary co-operation in relation to this agreement;
(ii) all necessary access to such information as may be required by Contribly;
(iii) access to its digital client-facing platform where Contribly’s code widgets are placed, by provision of such access
(iv) if the Customer builds on the Contribly API, prior approval of its code and of the intended purpose to ensure acceptable use.
in order to provide the Services, including but not limited to Customer Data, security access information and configuration services;
(b) without affecting its other obligations under this agreement, comply with all applicable laws including sanctions laws and regulations with respect to its activities under this agreement;
(c) carry out all other Customer responsibilities set out in this agreement in a timely and efficient manner. In the event of any delays in the Customer's provision of such assistance as agreed by the parties, Contribly may adjust any agreed timetable or delivery schedule as reasonably necessary and Contribly shall not be liable for any failure to deliver any or all of the Services to the extent caused by Customer’s delay;
(d) ensure that the Moderators use the Services and the Documentation in accordance with the terms and conditions of this agreement and shall be responsible for any Moderators or End Users breach of this agreement;
(e) ensure that all Content Data is moderated sufficiently to avoid any harmful content being uploaded to the Software or Customers Websites in accordance with UK and EU Legislation including but limited to the Online Safety Act 2023;
(f) obtain and shall maintain all necessary licences, consents, and permissions necessary for Contribly, its contractors and agents to perform their obligations under this agreement, including without limitation to the Services;
(g) ensure that its network and systems comply with the relevant specifications provided by Contribly from time to time; and
(h) be, to the extent permitted by law and except as otherwise expressly provided in this agreement, solely responsible for procuring, maintaining and securing its network connections and telecommunications links from its systems to Contribly's data centres, and all problems, conditions, delays, delivery failures and all other loss or damage arising from or relating to the Customer's network connections or telecommunications links or caused by the internet.
8.2 The Customer shall own all right, title and interest in and to all of the Customer Data that is not personal data and shall have sole responsibility for the legality, reliability, integrity, accuracy and quality of all such Customer Data, subject to Contribly’s right to use the Data in accordance with clause 6.7.
8.3 The Customer acknowledges and agrees that:
(a) Contribly may include the Customer’s name or trade marks in a list of subscribers in any medium or in any link from the Software to the Customers website;
(b) Contribly may refer to the Customer, orally or in writing, as a customer for promotional, marketing and financial reporting purposes; and
(c) Contribly shall use their reasonable efforts to store, keep secure and back-up all the Content and other communications maintained or transmitted through use of the Services. Contribly shall not be responsible or liable for the acts or omissions of any third party service provider outside of their control.
9. CHARGES AND PAYMENT
9.1 The Customer will pay the Subscription Fees to Contribly for the User Subscriptions in accordance with this clause 9 and in accordance with the Booking Form.
9.2 The Customer shall promptly provide to Contribly approved purchase order information acceptable to Contribly and any other relevant valid, up-to-date and complete contact and billing details and Contribly shall invoice the Customer:
(i) on or as soon as feasible after the Effective Date for the Subscription Fees payable in respect of the Initial Subscription Term; and/or
(ii) subject to clause 14.1, on the first day of the month in respect of the monthly fees;
and the Customer shall pay each invoice within 30 days after the date of such invoice.
9.3 If Contribly has not received payment within 30 days after the due date, and without prejudice to any other rights and remedies of Contribly:
(a) Contribly may, on no less than 5 Business Days' notice to the Customer and without liability to the Customer, disable the Customer's password, account and access to all or part of the Services and Contribly will be under no obligation to provide any or all of the Services while the invoice(s) concerned remain unpaid; and
(b) interest shall accrue on a daily basis on such due amounts at an annual rate equal to 3% over the then current base lending rate of Contribly's bankers in the UK from time to time, commencing on the due date and continuing until fully paid, whether before or after judgment.
9.4 All amounts and fees stated or referred to in this agreement:
(a) shall be payable in pounds sterling;
(b) are, subject to clause 13.4(b), non-cancellable and non-refundable;
(c) are exclusive of value added tax, which shall be added to Contribly's invoice(s) at the appropriate rate.
9.5 If, at any time whilst using the Services, the Customer exceeds the limit in the Booking Form, Contribly shall charge the Customer, and the Customer shall pay, Contribly's then current excess data storage fees..
9.6 Contribly will be entitled to increase the Subscription Fees at their discretion, the fees payable in respect of the additional Customer Subscriptions purchased pursuant to and clause 3.3, the support fees payable pursuant to clause 5.3 and/or the excess storage fees payable pursuant to the Booking Form at the start of each monthly period upon 30 days' prior notice to the Customer.
10. PROPRIETARY RIGHTS
10.1 The Customer acknowledges and agrees that Contribly and/or its licensors own all intellectual property rights in the Services and the Documentation. Except as expressly stated herein, this agreement does not grant the Customer any rights to, under or in, any patents, copyright, database right, trade secrets, trade names, trade marks (whether registered or unregistered), or any other rights or licences in respect of the Services or the Documentation.
10.2 Contribly confirms that it has all the rights in relation to the Services and the Documentation that are necessary to grant all the rights it purports to grant under, and in accordance with, the terms of this agreement.
11. CONFIDENTIALITY AND COMPLIANCE WITH POLICIES
11.1 Confidential Information means all confidential information (however recorded or preserved) disclosed by a party or its Representatives (as defined below) to the other party and that party's Representatives whether before or after the date of this agreement in connection with the Services being provided to the End Users, including but not limited to:
(a) the terms of this agreement or any agreement entered into in connection with this agreement;
(b) any information that would be regarded as confidential by a reasonable business person relating to:
(i) the business, assets, affairs, customers, clients, suppliers, or plans, intentions, or market opportunities of the disclosing party (or of any member of the group of companies to which the disclosing party belongs); and
(ii) the operations, processes, product information, know-how, designs, trade secrets or software of the disclosing party (or of any member of the group of companies to which the disclosing party belongs);
(c) any information developed by the parties in the course of carrying out this agreement.
Representatives means, in relation to a party, its employees, officers, contractors, subcontractors, representatives and advisers.
11.2 The provisions of this clause shall not apply to any Confidential Information that:
(a) is or becomes generally available to the public (other than as a result of its disclosure by the receiving party or its Representatives in breach of this clause);
(b) was available to the receiving party on a non-confidential basis before disclosure by the disclosing party;
(c) was, is or becomes available to the receiving party on a non-confidential basis from a person who, to the receiving party's knowledge, is not bound by a confidentiality agreement with the disclosing party or otherwise prohibited from disclosing the information to the receiving party; or
(d) the parties agree in writing is not confidential or may be disclosed.
11.3 Each party shall keep the other party's Confidential Information secret and confidential and shall not:
(a) use such Confidential Information except for the purpose of exercising or performing its rights and obligations under or in connection with this agreement (Permitted Purpose); or
(b) disclose such Confidential Information in whole or in part to any third party, except as expressly permitted by this clause 10.
11.4 A party may disclose the other party's Confidential Information to those of its Representatives who need to know such Confidential Information for the Permitted Purpose, provided that:
(a) it informs such Representatives of the confidential nature of the Confidential Information before disclosure; and
(b) at all times, it is responsible for such Representatives' compliance with the confidentiality obligations set out in this clause.
11.5 A party may disclose Confidential Information to the extent such Confidential Information is required to be disclosed by law, by any governmental or other regulatory authority or by a court or other authority of competent jurisdiction provided that, to the extent it is legally permitted to do so, it gives the other party as much notice of the disclosure as possible and, where notice of disclosure is not prohibited and is given in accordance with this clause 11.5, it takes into account the reasonable requests of the other party in relation to the content of the disclosure.
11.6 A party may, provided that it has reasonable grounds to believe that the other party is involved in activity that may constitute a criminal offence under the Bribery Act 2010, disclose Confidential Information to the Serious Fraud Office without first informing the other party of such disclosure.
11.7 Each party reserves all rights in its Confidential Information. No rights or obligations in respect of a party's Confidential Information other than those expressly stated in this agreement are granted to the other party, or to be implied from this agreement.
11.8 On termination or expiry of this agreement, each party shall:
(a) destroy or return to the other party all documents and materials (and any copies) containing, reflecting, incorporating or based on the other party's Confidential Information;
(b) erase all the other party's Confidential Information from computer and communications systems and devices used by it, including such systems and data storage services provided by third parties (to the extent technically and legally practicable); and
(c) certify in writing to the other party that it has complied with the requirements of this clause, provided that a recipient party may retain documents and materials containing, reflecting, incorporating or based on the other party's Confidential Information to the extent required by law or any applicable governmental or regulatory authority. The provisions of this clause shall continue to apply to any such documents and materials retained by a recipient party, subject to clause 14 (Termination).
11.9 No party shall make, or permit any person to make, any public announcement concerning this agreement without the prior written consent of the other parties (such consent not to be unreasonably withheld or delayed), except as required by law, any governmental or regulatory authority (including, without limitation, any relevant securities exchange), any court or other authority of competent jurisdiction.
11.10 Except as expressly stated in this agreement, no party makes any express or implied warranty or representation concerning its Confidential Information.
11.11 The above provisions of this clause 11 shall continue to apply after termination or expiry of this agreement.
12. INDEMNITY
12.1 The Customer shall defend, indemnify and hold harmless Contribly against claims, actions, proceedings, losses, damages, expenses and costs (including without limitation court costs and reasonable legal fees) arising out of or in connection with the Customer's use of the Services and/or Documentation, provided that:
(a) the Customer is given prompt notice of any such claim;
(b) Contribly provides reasonable co-operation to the Customer in the defence and settlement of such claim, at the Customer's expense; and
(c) the Customer is given sole authority to defend or settle the claim.
12.2 Contribly shall defend the Customer, its officers, directors and employees against any claim that the Customer's use of the Services or Documentation in accordance with this agreement infringes any third party United Kingdom patent effective as of the Effective Date, copyright, trade mark, database right or other intellectual property right, and shall indemnify the Customer for any amounts awarded against the Customer in judgment or settlement of such claims, provided that:
(a) Contribly is given prompt notice of any such claim;
(b) the Customer does not make any admission, or otherwise attempt to compromise or settle the claim and provides reasonable co-operation to Contribly in the defence and settlement of such claim, at Contribly’s expense; and
(c) Contribly is given sole authority to defend or settle the claim.
12.3 In the defence or settlement of any claim, Contribly may procure the right for the Customer to continue using the Services, replace or modify the Services so that they become non-infringing or, if such remedies are not reasonably available, terminate this agreement on two Business Days' notice to the Customer without any additional liability or obligation to pay liquidated damages or other additional costs to the Customer.
12.4 In no event shall Contribly, its employees, agents and sub-contractors be liable to the Customer to the extent that the alleged infringement is based on:
(a) a modification of the Services or Documentation by anyone other than Contribly; or
(b) the Customer's use of the Services or Documentation in a manner contrary to the instructions given to the Customer by Contribly; or
(c) the Customer's use of the Services or Documentation after notice of the alleged or actual infringement from Contribly or any appropriate authority; or
(d) the Customer Data; or
(e) the Customer's breach of this agreement.
12.5 The foregoing and clause 13.4(b) states the Customer's sole and exclusive rights and remedies, and Contribly's (including Contribly's employees', agents' and sub-contractors') entire obligations and liability, for infringement or alleged infringement of any third party patent, copyright, trade mark or database right by Contribly.
13. LIMITATION OF LIABILITY
13.1 The following definitions apply in this clause 13:
(a) liability: every kind of liability arising under or in connection with this agreement including but not limited to liability in contract, tort (including negligence), misrepresentation, restitution or otherwise; and
(b) default: any act or omission resulting in one party incurring liability to the other.
13.2 Except as expressly and specifically provided in this agreement:
(a) the Customer assumes sole responsibility for results obtained from the use of the Services and the Documentation by the Customer, and for conclusions drawn from such use. Contribly shall have no liability for any damage caused by errors or omissions in any Customer Data, information, instructions or scripts provided to Contribly by the Customer in connection with the Services, or any actions taken by Contribly at the Customer's direction;
(b) the Customer assumes sole responsibility for all Content Data that is uploaded by any End User or Moderator either within the Service or outside of the Service, and is entirely the Customers’ responsibility and liability as to what is uploaded to their Customer Website.
(c) the Customer is responsible for implementing safeguards and taking precautions necessary to protect Contribly’s organisation, devices, computers and networks from any possible harm resulting from access to User Content. The Customer agrees to indemnify, defend and hold harmless Contribly with respect to any claims with respect to Content Data and/or the Customers’ use of Content Data or any other content, and to provide the indemnity set forth in this Agreement. In the event of any inconsistency or conflict between this Agreement and any End User Agreement with the Customer, with regard to the Service and Content Data, and Contribly’s liability, this Agreement shall govern to the extent of such inconsistency or conflict.
(d) all warranties, representations, conditions and all other terms of any kind whatsoever implied by statute or common law are, to the fullest extent permitted by applicable law, excluded from this agreement; and
(e) the Services and the Documentation are provided to the Customer on an "as is" basis.
13.3 Nothing in this agreement excludes the liability of Contribly:
(a) for death or personal injury caused by Contribly's negligence; or
(b) for fraud or fraudulent misrepresentation.
13.4 Subject to clause 13.2 and clause 13.3:
(a) Contribly shall have no liability for any:
(i) loss of profits,
(ii) loss of business,
(iii) wasted expenditure,
(iv) depletion of goodwill and/or similar losses,
(v) loss or corruption of data or information, or
(vi) any special, indirect or consequential loss, costs, damages, charges or expenses; and
(b) Contribly's total aggregate liability to the Customer (including in respect of the indemnity at clause 12.2), in respect of all defaults shall not exceed the cap. If defaults committed in more than one Contract Year give rise to a single claim or a series of connected claims, Contribly’s total liability for those claims shall not exceed the single highest annual cap for those Contract Years.
(c) In clause 13.4(b), the cap is the total Subscription Fees paid in the Contract Year in which the defaults occurred.
13.5 Nothing in this agreement excludes the liability of the Customer for any breach, infringement or misappropriation of Contribly’s Intellectual Property Rights.
14. TERM AND TERMINATION
14.1 This agreement shall, unless otherwise terminated as provided in this clause 14, commence on the Effective Date and shall continue for the Initial Subscription Term and, thereafter, this agreement shall be automatically renewed for successive periods of 12 months (each a Renewal Period), unless:
(a) either party notifies the other party of termination, in writing, at least 30 Business Days before the end of the Initial Subscription Term or ahead of any new monthly period, in which case this agreement shall terminate upon the expiry of the applicable Initial Subscription Term or Renewal Period; or
(b) otherwise terminated in accordance with the provisions of this agreement;
and the Initial Subscription Term together with any subsequent Renewal Periods shall constitute the Subscription Term.
14.2 Without affecting any other right or remedy available to it, either party may terminate this agreement with immediate effect by giving written notice to the other party if:
(a) the other party fails to pay any amount due under this agreement on the due date for payment and remains in default not less than 7 days after being notified in writing to make such payment;
(b) the other party commits a material breach of any other term of this agreement and (if such breach is remediable) fails to remedy that breach within a period of 30 days after being notified in writing to do so;
(c) the other party suspends, or threatens to suspend, payment of its debts or is unable to pay its debts as they fall due or admits inability to pay its debts or is deemed unable to pay its debts within the meaning of section 123 of the Insolvency Act 1986 as if the words "it is proved to the satisfaction of the court" did not appear in sections 123(1)(e) or 123(2) of the Insolvency Act 1986 or (being an individual) is deemed either unable to pay their debts or as having no reasonable prospect of so doing, in either case, within the meaning of section 268 of the Insolvency Act 1986 OR (being a partnership) has any partner to whom any of the foregoing apply;
(d) the other party commences negotiations with all or any class of its creditors with a view to rescheduling any of its debts, or makes a proposal for or enters into any compromise or arrangement with its creditors other than for the sole purpose of a scheme for a solvent amalgamation of that other party with one or more other companies or the solvent reconstruction of that other party;
(e) the other party applies to court for, or obtains, a moratorium under Part A1 of the Insolvency Act 1986;
(f) a petition is filed, a notice is given, a resolution is passed, or an order is made, for or in connection with the winding up of that other party other than for the sole purpose of a scheme for a solvent amalgamation of that other party with one or more other companies or the solvent reconstruction of that other party;
(g) an application is made to court, or an order is made, for the appointment of an administrator, or if a notice of intention to appoint an administrator is given or if an administrator is appointed, over the other party (being a company, partnership or limited liability partnership);
(h) the holder of a qualifying floating charge over the assets of that other party (being a company or limited liability partnership) has become entitled to appoint or has appointed an administrative receiver;
(i) a person becomes entitled to appoint a receiver over the assets of the other party or a receiver is appointed over the assets of the other party;
(j) a creditor or encumbrancer of the other party attaches or takes possession of, or a distress, execution, sequestration or other such process is levied or enforced on or sued against, the whole or any part of the other party's assets and such attachment or process is not discharged within 14 days;
(k) any event occurs, or proceeding is taken, with respect to the other party in any jurisdiction to which it is subject that has an effect equivalent or similar to any of the events mentioned in clause 14.2(c) to clause 14.2(j) (inclusive);
(l) the other party suspends or ceases, or threatens to suspend or cease, carrying on all or a substantial part of its business;
(m) the other party's financial position deteriorates so far as to reasonably justify the opinion that its ability to give effect to the terms of this agreement is in jeopardy.
14.3 On termination of this agreement for any reason:
(a) all licences granted under this agreement shall immediately terminate and the Customer and any Moderator(s) shall immediately cease all use of the Services and/or the Documentation;
(b) Contribly may delate any of the Customer Data in its possession in accordance with its legal obligations, unless it receives, no later than ten days after the effective date of the termination of this agreement, a written request for the delivery to the Customer of the then most recent back-up of the Customer Data. Contribly shall use reasonable commercial endeavours to deliver the back-up to the Customer within 30 days of its receipt of such a written request, provided that the Customer has, at that time, paid all fees and charges outstanding at and resulting from termination (whether or not due at the date of termination). The Customer shall pay all reasonable expenses incurred by Contribly in returning or disposing of Customer Data; and
(c) any rights, remedies, obligations or liabilities of the parties that have accrued up to the date of termination, including the right to claim damages in respect of any breach of the agreement which existed at or before the date of termination shall not be affected or prejudiced.
15. FORCE MAJEURE
Neither party shall be in breach of this agreement or otherwise liable for any delay or failure in the performance of its obligations for so long as and to the extent that such delay or failure results from events, circumstances or causes beyond its reasonable control. If the period of delay or non-performance continues for 90 days, the party not affected may terminate this agreement by giving not less than 14 days' written notice to the affected party.
16. CONFLICT
If there is an inconsistency between any of the provisions in the main body of this agreement and the Schedules, the provisions in the main body of this agreement prevail.
17. VARIATION
No variation of this agreement shall be effective unless it is in writing and signed by the parties (or their authorised representatives).
18. WAIVER
18.1 A waiver of any right or remedy is only effective if given in writing and shall not be deemed a waiver of any subsequent right or remedy.
18.2 A delay or failure to exercise, or the single or partial exercise of, any right or remedy does not waive that or any other right or remedy, nor does it prevent or restrict the further exercise of that or any other right or remedy.
19. RIGHTS AND REMEDIES
Except as expressly provided in this agreement, the rights and remedies provided under this agreement are in addition to, and not exclusive of, any rights or remedies provided by law.
20. SEVERANCE
20.1 If any provision or part-provision of this agreement is or becomes invalid, illegal or unenforceable, it shall be deemed deleted, but that shall not affect the validity and enforceability of the rest of this agreement.
20.2 If any provision or part-provision of this agreement is deemed deleted under clause 20.1 the parties shall negotiate in good faith to agree a replacement provision that, to the greatest extent possible, achieves the intended commercial result of the original provision.
21. ENTIRE AGREEMENT
21.1 This agreement constitutes the entire agreement between the parties and supersedes and extinguishes all previous and contemporaneous agreements, promises, assurances and understandings between them, whether written or oral, relating to its subject matter.
21.2 Each party acknowledges that in entering into this agreement it does not rely on, and shall have no remedies in respect of, any statement, representation, assurance or warranty (whether made innocently or negligently) that is not set out in this agreement.
21.3 Each party agrees that it shall have no claim for innocent or negligent misrepresentation based on any statement in this agreement.
21.4 Nothing in this clause shall limit or exclude any liability for fraud.
22. ASSIGNMENT
22.1 The Customer will not, without the prior written consent of Contribly, assign, transfer, mortgage, charge, subcontract, delegate, declare a trust over or deal in any other manner with any of its rights and obligations under this agreement.
22.2 Contribly may at any time assign, mortgage, charge, subcontract, delegate, declare a trust over or deal in any other manner with any or all of its rights and obligations under this agreement, provided that it gives prior written notice of such dealing to the Customer.
23. NO PARTNERSHIP OR AGENCY
Nothing in this agreement is intended to or shall operate to create a partnership between the parties, or authorise either party to act as agent for the other, and neither party shall have the authority to act in the name or on behalf of or otherwise to bind the other in any way (including, but not limited to, the making of any representation or warranty, the assumption of any obligation or liability and the exercise of any right or power).
24. THIRD PARTY RIGHTS
This agreement does not give rise to any rights under the Contracts (Rights of Third Parties) Act 1999 to enforce any term of this agreement.
25. NOTICES
25.1 Any notice given to a party under or in connection with this agreement shall be in writing and shall be:
(a) delivered by hand or by pre-paid first-class post or other next working day delivery service at its registered office (if a company) or its principal place of business (in any other case); or
(b) sent by email to the following addresses (or an address substituted in writing by the party to be served):
(i) Party 1: hello@contribly.com.
(ii) Party 2: [ADDRESS].________________________
25.2 Any notice shall be deemed to have been received:
(a) if delivered by hand, at the time the notice is left at the proper address;
(b) if sent by pre-paid first-class post or other next working day delivery service, at 9.00 am on the second Business Day after posting; or
(c) if sent by email, at the time of transmission, or, if this time falls outside Business Hours in the place of receipt, when Business Hours resume.
25.3 This clause does not apply to the service of any proceedings or other documents in any legal action or, where applicable, any arbitration or other method of dispute resolution.
26. GOVERNING LAW
This agreement and any dispute or claim arising out of or in connection with it or its subject matter or formation (including non-contractual disputes or claims) shall be governed by and interpreted in accordance with the law of England and Wales.
27. JURISDICTION
Each party irrevocably agrees that the courts of England and Wales shall have exclusive jurisdiction to settle any dispute or claim arising out of or in connection with this agreement or its subject matter or formation (including non-contractual disputes or claims).
Data Protection Policy
Data Protection Policy – Particulars of the processing
1. Processing Description and Nature of Processing
1.1 The service: The provision of Contribly's user-generated content, community engagement, and data analytics platform and services to the Controller, as detailed in the Terms and Conditions.
1.2 Processing is undertaken to enable the Controller to collect, moderate, display, and analyse user-generated content and associated user data via the Contribly platform.
1.3 This includes: user authentication, content submission, moderation workflows, data storage, analytics reporting, and communication with end-users on behalf of the Controller.
2. Duration of the processing:
2.1 For the term of the Principal Agreement, and thereafter for the period specified in the renewal.
3. Categories of Data Subjects:
3.1 End-users of the Controller's websites, applications, or digital properties who interact with the Contribly Services. This may include customers, community members, employees, or the general public.
3.2 Employees of the Controller who access the Contribly Hub in order to perform moderation tasks.
4. Categories of Data
4.1 End-User Information:
(a) Name, email address, location (as specified by the End User)
(b) Content: Text, images, videos, audio files, and any other media submitted by end-users which may contain personal data as part of the metadata
(c) Technical Data: IP addresses
4.2 Employees or Moderators of the Controller granted access to the Contribly Hub by the Controller:
(a) Name,
(b) email address,
(c) IP address.
5. Special Categories of Data
Any other data collected is determined by the Data Controller.
- Part Two Technical and organisational measures
Contribly, as Processor, will implement and maintain the following technical and organisational measures ("TOMs") to protect Controller Personal Data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access.
These measures are designed to ensure a level of security appropriate to the risk, in accordance with Article 32 of the GDPR.
For full details of Contribly's security measures and controls, please refer to our comprehensive Information Security Policy (ISP), which is reviewed at least annually and available to the Controller upon reasonable request and subject to appropriate confidentiality undertakings.
1. Information security governance & program
1.1 Information Security Policy
(a) Contribly maintains a formal, management-approved Information Security Policy (ISP) that defines mandatory requirements for information asset protection.
(b) Responsibility for the ISP is assigned to the Chief Technology Officer (CTO). All personnel are accountable for adhering to the ISP.
1.2 Roles and Responsibilities
Responsibility for the ISP is assigned to the Chief Technology Officer (CTO). All personnel are responsible for adhering to the ISP.
1.3 Personnel Security & Confidentiality
(a) Confidentiality: All Contribly personnel with access to Controller Personal Data are subject to binding confidentiality obligations.
(b) Security Training: Training covers their responsibilities for protecting Controller Personal Data, secure coding practices (for developers), and incident reporting procedures.
1.4 Access Control
(a) Principle of Least Privilege: Access to Controller Personal Data and the systems processing it is strictly limited based on the principle of least privilege. Personnel are only granted the minimum level of access required to perform their job function.
(b) Authentication: Strong authentication, including mandatory Multi-Factor Authentication (MFA) for all critical systems (e.g., cloud platforms, Google Workspace, code repositories), is enforced.
(c) Access Management: Formal processes are in place for prompt granting, modification, and revocation of access. User access rights are reviewed at least quarterly.
1.5 Data Encryption
(a) Encryption in Transit: All Controller Personal Data transmitted over public or untrusted networks (including between the end-user and Contribly's platform and between internal services) is encrypted using strong, modern protocols (TLS 1.2 or higher).
(b) Encryption at Rest: All Controller Personal Data stored at rest, including in production databases, object stores, and backups, is encrypted using industry-standard symmetric-key cryptographic algorithms (AES-256). Backups are also encrypted.
1.6 System and Network Security
(a) Secure Configuration: Our cloud infrastructure (e.g., Kubernetes on Google Cloud Platform) leverages secure configuration standards derived from robust compliance frameworks (ISO 27001, ISO 27701, SOC 2, EU Cloud Code of Conduct), ensuring alignment with established security baselines.
(b) Vulnerability Management: We conduct continuous application-level monitoring for unusual usage/access spikes, and engage independent third-party security firms for annual penetration tests of our platform and supporting infrastructure.
(c) Logging and Monitoring: System, application, and access logs are centrally collected and monitored for suspicious activity, including AI model performance and inputs/outputs.
(d) Endpoint Security: Our distributed workforce operates under a secure remote working policy, with MFA as a cornerstone for access to all critical cloud services.
(e) Secure Software Development Lifecycle (SDLC):
(i) Contribly implements a formal Secure Software Development Lifecycle (SDLC) to ensure the security and integrity of our platform. This includes secure coding practices (e.g., OWASP Top 10), mandatory peer code reviews, architectural security reviews, and a formal change management process for all production deployments.
(ii) Secure development practices extend to the design, training, and deployment of Artificial Intelligence models.
(f) Physical and Environmental Security: Contribly utilises major third-party cloud infrastructure providers (as listed in Part 3 of this Schedule 1) that maintain industry-recognised physical and environmental security certifications and attestations (e.g., ISO/IEC 27001, SOC 2 Type II, PCI DSS). Contribly does not manage or operate its own physical data centres.
(g) Personal Data Breach Management:
(i) Contribly maintains a formal Security Incident Response Plan that outlines procedures for detecting, triaging, containing, eradicating, and recovering from security incidents, including specific protocols for Personal Data Breaches.
(ii) We commit to notifying the Controller of a Personal Data Breach without undue delay, and in any event within 24 hours of becoming aware, providing necessary information to meet their own notification obligations.
(h) Business Continuity and Disaster Recovery (BCDR):
(i) Resilience: Our platform is architected for high availability using redundant components across multiple availability zones within agreed-upon cloud regions, leveraging cloud provider resilience features (e.g., Kubernetes scaling, N+1 principle).
(ii) Backups: Regular, automated, and encrypted backups of Controller Personal Data are performed, including multi-cloud backups for enhanced fault tolerance.
(iii) BCDR Testing: Our BCDR plan is tested at least annually to validate service recovery capabilities.
- Sub-processors
| Name of Sub-Processor | Purpose | Types of Data Accessed/Processed (by the infrastructure on Contribly's behalf) | Location | DPA? |
|---|---|---|---|---|
| Google Cloud | Core cloud infrastructure for hosting all Contribly services, including application hosting, primary data storage, AI model processing, and networking. |
Controller Personal Data (Client Data):
|
EU | Yes |
| AWS | Media storage, backups. | Media metadata | EU | Yes |
| Google Workspace | Internal business operations, corporate communications, document management, and team collaboration. |
|
EU/US | Yes |
| SendGrid | Email delivery service to send notification-based emails to moderators and, in some cases, to their end-users. | Moderator email address | US | Yes |