This agreement is made up of these Saidot Terms of Service (“Terms of Service”), its Annexes and Appendices, including any Order Forms and other documents incorporated by reference into these Saidot Terms of Service (collectively, the “Agreement”), and is made between the entity or person placing an order for or accessing any Services (“Customer” or “you”) and Saidot Ltd. (“Saidot”). The Customer and Saidot are also referred to as a “Party” and collectively as the “Parties”.
These Terms of Service apply to the Saidot platform available at saidot.ai, including, but not limited to, all content, Saidot Documentation, databases, professional services, AI registers provided by Saidot, as well as other features and capabilities offered as part of the Saidot platform (the “Services”).
By accessing, browsing, or using the Services, you acknowledge that you have read, understood, and agree to be bound by these Terms of Service. Acceptance of these Terms of Service constitutes a binding agreement by and between Saidot and the entity or person placing an order for or accessing any Services. If you accept these Terms of Service on behalf of a company or other legal entity, you represent that you are authorised to bind that legal entity to this Agreement. All references to “you”, “your”, and “customer” refer to the person accepting the Terms of Service as an individual or the legal entity for which the representative is acting on behalf. Saidot may make modifications, deletions, or additions to these Terms of Services. The most up-to-date version of the Terms of Service can be viewed here. Continued use of the Services following any change constitutes your acceptance of the change. If you do not accept these terms in full, you must not use the Services.
This Agreement is effective on the earliest of (i) the date Customer signs up to the Services (as defined below); (ii) Customer entering into an Order Form or another similar separate agreement with Saidot referencing or otherwise incorporating this Agreement; or (iii) Customer’s use of the Services (the “Effective Date”).
BY INDICATING YOUR ACCEPTANCE OF THESE TERMS OF SERVICE OR ACCESSING OR USING ANY SERVICES, YOU ARE AGREEING TO BE BOUND BY ALL TERMS, CONDITIONS, AND NOTICES CONTAINED OR REFERENCED HEREIN. IF YOU DO NOT AGREE TO THESE TERMS OF SERVICE, PLEASE DO NOT USE ANY SERVICES. FOR CLARITY, EACH PARTY EXPRESSLY AGREES THAT THESE TERMS OF SERVICE ARE LEGALLY BINDING UPON IT. PLEASE READ THEM CAREFULLY.
1. Services
1.1. The “Services” refer to the products and services that are provided and made available to Customer by Saidot, whether provided as free trial services or as paid services. Services cover all content, Saidot documentation, databases, professional services, AI registers provided by Saidot, as well as other features and capabilities offered as part of Saidot platform. Services may include templates, questionnaires, application programming interfaces (APIs), designs, and algorithms/use of algorithms. Services exclude any services or products provided by third parties, even if Customer has connected those services or products to the Services. Any updates, enhancements, new features, and/or the addition of any new Web properties to Services are subject to these Terms of Service.
2. Definitions
“Agreement” means these Saidot Terms of Service, its Annexes and Appendices, including any Order Forms and other documents incorporated by reference into Saidot Terms of Service.
“API” means any application programming interface made available by Saidot to Customer.
“Authorised Users” means Customer, its employees, consultants, or contractors.
“Customer Content” means any data, applications, files, materials, or information submitted by or on behalf of Customer or its Authorised Users to: (a) the Services; or (b) Saidot, in the course of performing any other services, Professional Services, Support, and other services set out in the Order Form or another separate agreement with Saidot and the Customer.
“Data Processing Addendum” means the Data Processing Addendum in available in Annex 1.
“Intellectual Property Rights” means all intellectual property rights throughout the world. means any and all proprietary rights and rights of use in intangible intellectual creations (such as technology, media, content, performances, works, materials, brands, and/or documentation) including patents; trademarks; design rights; copyrights; performers’ rights; moral rights; trade secrets; confidential information; rights in data, software, source code, user interfaces, computing models, algorithms, digital tools, computing or digital system frameworks and processes, and artificial intelligence; database rights; broadcast rights; rights in know-how, inventions, passing off, unfair competition, get-up, trade dress, domain names and website addresses; and all similar or equivalent rights or forms of protection; whether registered or unregistered, including rights to apply for and be granted such, which subsist or will subsist now or in the future, in any territory or part of the world (including physical, online or virtual locations).
“Order Form” means the signed order form between Saidot and Customer referencing these Terms of Service. The Order Form can be a form or a contract document.
“Paid Subscription” shall have a meaning given to it in Section 4.2.
“Privacy Policy” means the Saidot Privacy Policy available at https://www.saidot.ai/privacy.
“Professional Services” means the professional services provided by Saidot, which may include installation, activation, configuration, integration, optimisation,assessment, training, consulting services or other professional services.
“Saidot Documentation” means the user guides, templates, implementation guides, reports, forms, written release notes and any other technical documentation accessible through saidot.ai or https://help.saidot.ai/knowledge-base/, including the Services, or shared by Saidot to Customer.
“Saidot Partner” means an entity officially authorised by Saidot to facilitate the sale of Saidot Services through the Partner’s marketplace or service. Saidot Partners act as intermediaries and are not party to any Agreement between the Customer and Saidot.
“Subscription Term” means, collectively, the initial term of Customer’s subscription to the Service, as specified in the Order Form or other separate agreement between Saidot and Customer, and each subsequent renewal period.
“Support” means the support services related to the Customer’s subscription set out in the Order Form or other separate agreement between Saidot and the Customer.
“Trial Subscription” shall have a meaning given to it in Section 4.2.
“Upgrades” means the new releases for the Saidot platform, including upgrades, features, fixes, or patches.
3. Provision of Services
3.1. License: During the Subscription Term, Saidot provides the Customer with a limited, non-sublicensable, non-transferable, non-exclusive right to access and use the Services.
3.2. Equipment to access Services: Customer shall be responsible for obtaining and maintaining all hardware, software, and other equipment needed for access to and use of the Services and all charges related thereto.
3.3. Restrictions: Customer shall not: (a) provide access to the Services or sublicense, rent, or lease it to any third party or otherwise permit a third party to use or benefit from the Services other than as allowed by the features and functionality of the Services; (b) use the Services in violation of applicable laws or in a manner that is unethical; (c) use Services to provide, or incorporate Services into, any product or service provided to a third party, unless separately agreed by Saidot and Customer; (d) copy or modify Services or any related material, except to the extent expressly permitted by these Terms of Service, or unless separately agreed by Saidot and Customer; (e) copy, modify, or reverse engineer the Services or otherwise discover the underlying source code, non-public APIs, structure, or technical information of the Services except to the extent expressly permitted by applicable law (and then only upon advance notice to Saidot); (f) disrupt, interfere with, or gain unauthorised access to the Services; (g) use any crawler, spider, data scraping, or extraction tool or similar mechanism with respect to the Services; (h) access, store, or transmit any spam, viruses, or any other material that is unlawful, unethical, abusive, harmful, or obscene; (i) use the Services to try to gain unauthorised access to any service, device, data, account or network; or (j) use Services in a manner or submit Customer Content that violates third-party Intellectual Property Rights.
3.4. Accounts: Customer may access and use the Services solely for its own benefit and in accordance with the terms and conditions of these Terms of Service and any use restriction designated in the applicable Order Form or another similar separate agreement that the Customer has entered into with Saidot. Where Customer is given API keys or passwords to access the Services, Customer will require that Authorised Users on its account keep API keys, user ID, and password information strictly confidential and not share such information with any unauthorised persons. User IDs are granted to individual, named persons and may not be shared.
3.5. Responsibility: Except to the extent caused by a breach of the Agreement by Saidot, Customer is responsible for: (a) all use and misuse of the Services by Authorised Users’ and for their compliance with the Terms of Service; (b) all activity occurring under Customer’s user accounts; and (c) Customer Content, and shall hold Saidot harmless and indemnify them from and against all losses, damages, liabilities, costs(including legal fees) and expenses arising out of or relating to claims, actions, suits, or proceedings related to Customer Content.
3.6. Limitation: Saidot may change, suspend, or discontinue any aspect or feature of the Services at any time, including the availability of any feature, content, and equipment needed for access or use for scheduled or emergency maintenance. Saidot shall have the right to impose limits on certain features and services or restrict access to parts or all of the Services where Saidot believes that Customer's usage is in breach of these Terms of Service or may negatively affect the Services (or otherwise impose liability on Saidot).
3.7. Upgrades: Saidot may issue Upgrades which will be provided at no additional charge and will be automatically available. Customer consents to such automatic upgrading and agrees that its purchase of the Services is not contingent upon the delivery of any future functionality or features. Saidot may share roadmaps, plans or other information regarding future development of the Services, but these are always indicative, and Saidot does not commit to changes in Services, or any timelines related to changes in Services.
4. Subscription and Subscription Terms
4.1. In order to gain access to and use Services, Customer must complete a registration process by providing Saidot with current, complete, and accurate information in the applicable Order Form. The Order Form can be a form or a contract document.
4.2. The Services are provided on a subscription basis for a set term designated in the Order Form (each, a “Subscription Term”). Customer must obtain one or more of the following subscriptions to the Services:
Paid Subscription: The Paid Subscription includes a service subscription to access and use the Services.
Trial Subscription: Saidot may, in certain circumstances and at its sole discretion, make available to Customer parts or all of the Services on a trial basis. Any Services that Saidot makes available to Customer on a trial basis and at no additional cost are provided under Trial Subscription. Trial Subscription is a limited trial service where the number of users, platform features, and registered AI systems per organisation (account) maybe limited. Saidot will make such Trial Subscription available, until the earlier of: (a) the start date of the Paid Subscription for the Services; or (b) termination of the Trial Subscription by Saidot in its sole discretion.
4.3. The initial Subscription Term for the Service shall be as stated in the Order Form other separate agreement between Saidot and Customer. Unless otherwise specified on the applicable Order Form, the Subscription Term shall remain effective until terminated by either party with sixty (60) days’ notice.
5. Fees and Payment
5.1. The prices for the Services and subscriptions shall be agreed between Saidot and the Customer separately by using Order Form or otherwise in writing.
5.2. Saidot or Saidot Partner will invoice Customer for any fees payable by Customer.
5.3. If Customer believes that Saidot has charged Customer incorrectly, Customer must contact Saidot no later than thirty (30) days after having been charged by Saidot. In the event of a dispute, Customer will pay any disputed amounts in accordance with the applicable payment terms, and the parties will discuss the disputed amounts in good faith in order to resolve the dispute, subject to Section 13.2.
5.4. If Customer's account is thirty (30) days or more overdue, in addition to any of its other rights or remedies (including but not limited to any termination rights set forth herein), Saidot reserves the right to suspend Customer's access to the applicable Services without liability to Customer until such amounts are paid in full. Saidot also reserves the right to suspend Customer's access to Services without liability to Customer if Customer's use of Services is in violation of these Terms of Service.
5.5. Saidot may change or impose new conditions and additional fees or charges for use of the Services. Unless otherwise specified by Saidot, changes become effective for Customer upon renewal of Customer's current Subscription Term or entry into a new Order Form. Saidot will use reasonable efforts to notify Customer of the changes through communications via Customer's account, email or other means.
6. Limited Warranty and Warranty Disclaimer
6.1. Saidot warrants, for Customer's benefit only, that the Services will operate in substantial conformity with these Terms of Service. Saidot's sole liability (and Customer's sole and exclusive remedy) for any breach of this warranty will be, at no charge to Customer, for Saidot to use commercially reasonable efforts to correct the non-conformity reported by Customer in writing, or if Saidot determines such remedy to be impracticable, either party may terminate the applicable Subscription Term and Customer will receive as its sole remedy are fund of any fees Customer has pre-paid for use of such Services for the terminated portion of the applicable Subscription Term. The warranty set forth in this Section 6.1 will not apply: (a) unless Customer makes a claim within thirty (30) days of the date on which Customer first noticed the non-conformity; or (b) if the error was caused by Customers failure to use the Services in accordance with these Terms of Service, misuse, unauthorised modifications, or third-party hardware, software or services.
6.2. EXCEPT FOR THE LIMITED WARRANTY IN SECTION 6.1, SERVICES ARE PROVIDED ON AN "AS IS" BASIS WITHOUT WARRANTIES OF ANY KIND WHETHER EXPRESS, IMPLIED OR STATUTORY, INCLUDING, BUT NOT LIMITED TO, WARRANTIES AND CONDITIONS OF MERCHANTABILITY, FITNESS FOR A PURPOSE, TITLE AND NON-INFRINGEMENT, OTHER THAN THOSE WARRANTIES WHICH ARE IMPLIED BY AND INCAPABLE OF EXCLUSION, RESTRICTION OR MODIFICATION UNDER THE LAWS APPLICABLE TO THESE TERMS OF SERVICE. SAIDOT SHALL NOT BE LIABLE FOR DELAYS, INTERRUPTIONS, SERVICE FAILURES OR OTHER PROBLEMS INHERENT IN USE OF THE INTERNET AND ELECTRONIC COMMUNICATIONS, THIRD-PARTY PLATFORMS OR OTHER SYSTEMS OUTSIDE THE REASONABLE CONTROL OF SAIDOT.
6.3. CUSTOMER EXPRESSLY AGREES THAT USE OF SERVICES IS AT CUSTOMER'S SOLE RISK. NEITHER SAIDOT, ITS AFFILIATES NOR ANY OF THEIR RESPECTIVE EMPLOYEES, AGENTS, THIRD PARTY CONTENT PROVIDERS OR LICENSORS WARRANT THAT ACCESS TO SERVICES WILL BE UNINTERRUPTED OR ERROR FREE; NOR DO THEY MAKE ANY WARRANTY AS TO THE RESULTS THAT MAY BE OBTAINED FROM USE OF THE SERVICES, OR AS TO THE ACCURACY, RELIABILITY OR CONTENT OF ANY INFORMATION OR MATERIALS PROVIDED AS PART THEREOF. FURTHER, SAIDOT DOES NOT WARRANT THAT IT WILL REVIEW ANY CUSTOMER CONTENT STORED ON THE SAIDOT PLATFORM FOR ACCURACY OR THAT IT WILL PRESERVE OR MAINTAIN ANY CUSTOMER CONTENT WITHOUT LOSS OR CORRUPTION.
6.4. Each party is responsible for its own compliance with applicable laws. The Services or information provided by Saidot is not intended to constitute legal advice and should not be construed as such. All content, information, materials, products, features on the Services and information provided by Saidot are provided for general informational purposes only.
6.5. Saidot shall not be responsible for any Authorised Users’ use of third-party systems or software accessed from the Services.
6.6. The Services may contain hyperlinks to other websites and databases, the content of which have not been created or vetted by Saidot, and which are provided on an “as-is” and “as-available” basis.
7. Limitation of Liability
7.1. IN NO EVENT SHALL SAIDOT, OR ANY PERSON OR ENTITY INVOLVED IN CREATING, PRODUCING OR DISTRIBUTING SERVICES, BE LIABLE FOR ANY SPECIAL, INDIRECT, INCIDENTAL, CONSEQUENTIAL OR PUNITIVE DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA, CUSTOMER CONTENT, OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR ABOUT THE USE OF OR INABILITY TO USE ANY SERVICES, OR USE OR PERFORMANCE OF INFORMATION AVAILABLE THROUGH OR FROM SERVICES.
7.2. THIS DISCLAIMER OF LIABILITY APPLIES TO ANY DAMAGES OR INJURY CAUSED BY ANY FAILURE OF PERFORMANCE, ERROR, OMISSION, INTERRUPTION, DELETION, DEFECT, DELAY IN OPERATION OR TRANSMISSION, COMPUTER VIRUS, COMMUNICATION LINE FAILURE, THEFT OR DESTRUCTION OR UNAUTHORIZED ACCESS TO, ALTERATION OF, OR USE OF RECORD, WHETHER FOR BREACH OF CONTRACT, TORTIOUS BEHAVIOR, NEGLIGENCE, OR UNDER ANY OTHER CAUSE OF ACTION.
7.3. SAIDOT'S AND ITS SUPPLIERS' ENTIRE LIABILITY TO CUSTOMER ARISING OUT OF OR RELATED TO SERVICES SHALL NOT EXCEED THE AMOUNT ACTUALLY PAID BY CUSTOMER TO SAIDOT DURING THE PRECEDING SIX (6) MONTH PERIOD.
7.4. NOTWITHSTANDING THE FOREGOING, THE USE OF TRIAL SUBSCRIPTION SHALL BE AT THE SOLE RESPONSIBILITY OF CUSTOMER AND SAIDOT GIVES NO WARRANTIES OR ACCEPTS LIABILITY ON THE AVAILABILITY, PERFORMANCE OR USE OF SERVICES UNDER THE TRIAL SUBSCRIPTION TOWARDS CUSTOMER OR ANY THIRD PARTY.
8. Confidentiality
8.1. A Party (the “Receiver”) may receive Confidential Information of the other Party (the “Discloser”). The Receiver will protect the confidentiality of Confidential Information by using the same level of care and discretion that the Receiver uses with respect to its own confidential information, which shall in no case be less than reasonable care.
8.2. The Parties shall not use any Confidential Information of the Discloser for any purpose outside the Agreement. The Receiver shall not disclose Confidential Information of the Discloser to any person other than its Authorised Users who have a need to know that confidential information (where Customer is the Receiver), or subprocessors or subcontractors used by Saidot (where Saidot is the Receiver), provided that the Receiver remains responsible for such persons’ compliance with Receiver’s confidentiality obligations under this Agreement.
8.3. Notwithstanding the foregoing, either Party may disclose Confidential Information to a government authority where the disclosure is required by law, provided that: (a) the Receiver provides to the Discloser prior notice to enable the Discloser an opportunity to obtain a protective order, if such notice is permitted by law; or (b) the disclosure is necessary to exercise its rights or perform its obligations in this Agreement.
9. Data Protection and Security
9.1. For information on the collection and processing of personal data as part of the Services, please refer to Saidot’s Privacy Policy.
9.2. Customer will be responsible for any and all actions taken using Customer's accounts and passwords. If any Authorised User who has access to a user ID of Customer is no longer an employee or personnel of Customer, then Customer will immediately delete such user ID and otherwise terminate such Authorised User's access to Services. Customer agrees to notify Saidot immediately of any unauthorised use of Customer’s account or any other breach of security.
9.3. Saidot will maintain appropriate administrative, physical, and technical safeguards for the protection of the security, confidentiality, and integrity of Data and Customer Content. Those measures will include but will not be limited to measures designed to prevent unauthorised access, use, alteration or disclosure of any Services or Customer Content. However, Saidot will have no responsibility for errors in transmission, unauthorised third-party access or other causes beyond Saidot's control.
10. Intellectual Property
10.1. Customer acknowledges that it is obtaining only a limited right to Services and that irrespective of any possible use of the words «purchase», «sale» or like terms in any documentation or material related to Services, no Intellectual Property Rights or ownership rights to the Services or any part thereof are being conveyed to Customer. Customer agrees that Saidot or its suppliers retain all Intellectual Property Rights, including but not limited to, right, title and interest (including all patent, copyright, trademark, trade secret and other intellectual property rights) in and to the Services and any and all related and underlying technology and documentation as well as any modifications or improvements of any of the foregoing (collectively, “Saidot Technology”). Except as expressly set forth in these Terms of Service, no rights in any Saidot Technology are granted to Customer. Customer acknowledges that Services are offered as an on-line, hosted solution, and that Customer has no right to obtain a copy of any of Services.
10.2. Customer may utilise the Services to create Customer specific customisation of certain parts of the Services for which Saidot has enabled customisation. Such customised parts of the Services shall be considered derivative works of Services (collectively, “Derivative Works”). Customer hereby grants Saidot, a royalty-free, perpetual, irrevocable, non-exclusive right and license to use, reproduce, modify, adapt, publish, translate and distribute such Derivative Works (in whole or in part) worldwide and/or to incorporate it in other works in any form, media or technology now known or hereafter developed for the full term of any copyright that may exist in such material, provided, however, that the rights granted by Customer hereby do not extend to use of Customer’s name, trademark, or other proprietary information of Customer. Customer guarantees that Saidot is allowed to use Derivative Works without the names of their authors’ and/or right holders, including Customer’s name.
10.3. Saidot shall be the sole owner of any newly developed Intellectual Property Rights related in any way to the Services. The Customer hereby assigns to Saidot any of these newly developed Intellectual Property Rights that result from Customer’s feedback, requests, or ideas.
10.4. Customer Content shall remain the property of the Customer. Customer grants to Saidot: (a) non-exclusive, perpetual, irrevocable, worldwide license to exploit the Customer’s feedback, requests, or ideas in any manner; and (b) a worldwide and non-exclusive license to use the Customer Content in order to provide, maintain, improve, or optimise use of the Services and otherwise perform its obligations under the Agreement.
10.5. The Services may include AI-enabled features. No Customer Content or Data will interface AI models or will be used to train such models without the explicit consent of the Customer.
11. Indemnity
11.1. Customer agrees to defend, indemnify and hold harmless Saidot, its affiliates and their respective directors, officers, employees and agents from and against all claims and expenses, including attorneys' fees, arising out of a breach or alleged breach by Customer of these Terms of Service.
12. Term and Termination
12.1. These Terms of Service are effective as of the start date of any applicable Subscription Term and expire on the date of expiration or termination of all Subscription Terms.
12.2. Either party may terminate Services (including all related Order Forms) if the other party: (a) fails to cure any material breach of these Terms of Service (including a failure to pay fees) within thirty (30) days after written notice; (b) ceases operation without a successor; or (c) seeks protection under any bankruptcy, receivership, trust deed, creditors' arrangement, composition, or comparable proceeding, or if any such proceeding is instituted against that party (and not dismissed within sixty (60) days thereafter).
12.3. Upon any expiration or termination of Services, Customer will immediately cease any and all use of and access to all Services (including any and all related Saidot Technology) and delete (or, at Saidot's request, return) any and all copies of material delivered to Customer as part of the Services. Provided that termination was not due to Customer's breach, Customer may retain and use solely for its own benefit information, such as metadata of Customer's registered systems, exported from the Services within sixty (60) days after such expiration or termination. Customer acknowledges that following termination it will have no further access to any customer data stored on the Saidot platform, and that Saidot may delete any such data as may have been stored by Customer on the Saidot platform at anytime. Except where an exclusive remedy is specified, the exercise of either party of any remedy under these Terms of Service, including termination, will be without prejudice to any other remedies it may have under these Terms of Service, by law or otherwise.
12.4. The following Sections (including any Subsections thereof) of these Terms of Service will survive, as applicable, any expiration or termination of this agreement: 3. (Provision of Services), 5. (Fees and Payment), 6. (Limited Warranty and Warranty Disclaimer), 7. (Limitation of Liability), 8. (Confidentiality), 10. (Intellectual Property), 11. (Indemnity), 12. (Term and Termination), 13. (Applicable Law and Dispute Resolution), 14. (Miscellaneous).
13. Applicable Law and Dispute Resolution
13.1. These Terms of Service shall be construed and interpreted in accordance with the laws of Finland, without regard to its conflict of laws rules.
13.2. In the event of any dispute, claim, question, or disagreement arising from or relating to these Terms of Service, whether arising in contract, tort or otherwise, (“Dispute”), the parties shall first use their best efforts to resolve the Dispute. If a Dispute arises, the complaining party shall provide written notice to the other party in a document specifically titled "Initial Notice of Dispute, "specifically setting forth the precise nature of the dispute ("Initial Notice of Dispute").
If an Initial Notice of Dispute is being sent to Saidot it must be emailed to legal@saidot.ai and sent via mail to:
Attn: Legal Department
Saidot Ltd (Saidot Oy)
Lapinlahdenkatu 16
00180 Helsinki, Finland
Following receipt of the Initial Notice of Dispute, the parties shall consult and negotiate with each other in good faith and, recognising their mutual interest, attempt to reach a just and equitable solution of the Dispute that is satisfactory to both parties. If the parties are unable to reach a resolution of the Dispute through the above described process within thirty (30) days of the receipt of the Initial Notice of Dispute, then the Dispute shall subsequently be subject to the exclusive jurisdiction of the District Court of Helsinki, Finland.
14. Miscellaneous
14.1. Force Majeure. Neither party will be responsible for any failure or delay in performance due to circumstances beyond its reasonable control, including, without limitation, strikes, industrial disputes, acts of God, war, riot, civil commotion, embargoes, acts of civil or military authorities, fire, floods, accidents, service outages resulting from equipment and/or software failure and/or telecommunications failures, power failures, network failures, failures of third party service providers (including providers of internet services and telecommunications). The affected Party will notify the other Party of such event and resume performance as soon as possible.
14.2. Waivers. No waiver by either party of any breach or default hereunder shall be deemed to be a waiver of any preceding or subsequent breach or default.
14.3. Headings. The section headings used herein are for convenience only and shall not affect the interpretation or construction of these Terms of Service.
14.4. Disclosure. Saidot reserves the right to disclose any information as it deems necessary to satisfy any applicable law, regulation, legal process or governmental request.
14.5. Assignment. These Terms of Service will bind and inure to the benefit of each party's permitted successors and assigns. Neither party may assign this agreement without the advance written consent of the other party, except that either party may assign this agreement in connection with a merger, reorganization, acquisition or other transfer of all or substantially all of such party's assets or voting securities. Any attempt to transfer or assign this agreement except as expressly authorized under this Section 14.5 will be null and void.
14.6. Severability. If any provision of these Terms of Service will be adjudged by any court of competent jurisdiction to be unenforceable or invalid, that provision will be limited to the minimum extent necessary so that these Terms of Service will otherwise remain in effect.
14.7. Notices. Any notice or communication required or permitted under these Terms of Service will be in writing to the parties at the addresses set forth on the Order Form or at such other address as may be given in writing by either party to the other in accordance with this Section and will be deemed to have been received by the addressee (a) if given by hand, immediately upon receipt; (b) if given by overnight courier service, the first business day following dispatch, or (c) if given by registered or certified mail, postage prepaid and return receipt requested, the third business day after such notice is deposited in the mail.
Annex 1: Data Processing Addendum
This Data Processing Addendum (“DPA”) supplements the Saidot Terms of Service between Saidot and Customer into which it is incorporated by reference (“Agreement”).
1. Background
1.1 For the purposes of providing access and making available the Services, Saidot may collect, process, and gain access to the Personal Data of individuals on behalf of the Customer. From a data protection perspective, the Customer will be the Data Controller, and Saidot will be the Data Processor.
1.2 This DPA specifies the data protection obligations of the Parties for the provision of Services. This DPA applies to all activities performed by Saidot in connection with the Terms of Service in which Saidot, as the Data Processor, comes into contact with the Personal Data of individuals.
2. Definitions
Unless otherwise defined below, all capitalised terms in this DPA shall have the meaning given to them in the Agreement:
2.1 “Applicable Data Protection Law” means the European Union’s General Data Protection Regulation (2016/679) (“GDPR”) and to the extent applicable the data protection and privacy laws in relevant jurisdictions.
2.2 “Data Controller” means the natural or legal person, public authority, agency or other body which either alone or jointly with others, determined the purposes and means of the Processing of Personal Data.
2.3 “Data Processor” means the natural or legal person, public authority, agency or other body which Processes Personal Data on behalf of the Controller.
2.4 “Data Subject” means the natural person to whom personal data relates.
2.5 “Data Transfer” means the transfer of personal data outside the European Economic Area (the “EEA”).
2.6 “Personal Data” means any information relating to an identified or identifiable natural person.
2.7 “Personal Data Breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Personal Data transmitted, stored or otherwise processed by Saidot and/or its Sub-Processor in connection with the provision of the Services.
2.8 “Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, encompassing the collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction of Personal Data. The terms “Process”, “Processes”, and “Processed” will be interpreted correspondingly.
2.9 “Sub-Processor” means any processor engaged by Saidot to assist in fulfilling its obligations with respect to the provision of the Services under the Terms of Service.
3. Relationship of the parties; Processing of Data
3.1 The parties acknowledge that the customer, for the purposes of this DPA, acts as the Data Controller and Saidot as the Data Processor.
3.2 Customer appoints Saidot as a processor to process personal data described in Appendix 2 for the purpose of providing Services to the Customer and complying with Saidot’s obligations under the agreement as further described in Appendix 2 (or as otherwise reasonably instructed in writing by Customer and to the extent consistent with the terms of the Agreement).
3.3 The Customer is responsible for ensuring compliance with Applicable Data Protection Laws within its use of the Services and when providing instructions for the processing of Personal Data. The Customer shall ensure that the processing of Personal Data in accordance with the Customer’s instructions will not cause Saidot to be in breach of the Data Protection Laws.
3.4 Saidot shall not retain, use, or disclose the personal data for any purpose other than for the purpose described in this DPA or as otherwise permitted by the Applicable Data Protection Law.
4. Transfer of personal data
The Parties agree that Saidot may transfer Personal Data outside the EEA as necessary to provide the Services. In such a case, Saidot will ensure that it has taken such measures as are necessary to ensure the transfer is in compliance with the Applicable Data Protection Law. Such measures may include (without limitation) transferring the Data to a recipient (i) in a country that the European Commission has decided provides adequate protection for personal data, or (ii) that has executed standard contractual clauses adopted or approved by the European Commission.
5. Security
Taking into account the state of the art, the costs of implementation, the nature, scope, context, and purposes of processing, as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, Saidot shall maintain appropriate technical and organisational measures to ensure a level of security appropriate to the risk of processing Personal Data. Additional information about the technical and organisational security measures undertaken by Saidot can be found in Annex 1.
6. Subprocessing
6.1 Customer acknowledges and agrees that Saidot may (1) engage sub-processors to access and process Personal Data in connection with the Services and (2) from time to time engage additional third parties for the purpose of providing the Services, including without limitation the processing of Personal Data.
6.2 A list of Saidot’s sub-processors can be found in Appendix 3. Saidot shall update the list of sub-processors in Appendix 3 at least ten (10) business days prior to such change (except in situations where shorter notice is required due to an emergency). Customer can request e-mail updates on the changes and updates to the list of sub-processors by sending a request about this to Saidot Support at customersupport@saidot.ai. Customer may object to Saidot’s appointment of a sub-processor by informing Saidot in writing within ten (10) business days of receipt of the aforementioned e-mail notice by Saidot, provided such objection is in writing and based on reasonable grounds relating to data protection. Customer acknowledges that certain sub-processors are essential to providing the Services and that objecting to the use of sub-processor may prevent Saidot from offering the Services to the Customer.
6.3 In the event that Customer objects to the engagement in accordance with 6.2, and Saidot is unable to provide a commercially reasonable alternative within a reasonable period of time, not exceeding thirty (30) calendar days, the Customer may, upon submitting a written notice to Saidot, discontinue or suspend the use of the affected Service. The suspension or termination does not relieve the Customer of any fees owed to Saidot for the use of the Services prior to the suspension or termination.
6.4 Saidot will enter into an agreement with the sub-processor that imposes data protection obligations comparable to those imposed on Saidot under this DPA with respect to the protection of personal data.
6.5 Saidot will remain liable for any breach of this Data Processing Agreement caused by an act, error, or omission of its sub-processor.
7. Data subject rights
Saidot shall, taking into account the nature of the processing, apply appropriate technical and organisational measures to provide reasonable and timely assistance to Customer to enable Customer to respond to requests from data subject to exercise their rights under Applicable Data Protection Law as well as enable Customer to respond to any other correspondence, enquiry or complaint received from a data subject, regulator or other third-party in connection with the Personal Data processed for the purposes of providing the Services. Where Saidot directly receives any such request, correspondence, enquiry or complaint regarding such Personal Data, Saidot will, without undue delay, inform the Customer of such contact.
8. Personal data breach
In the event Saidot becomes aware of a Personal Data Breach, Saidot shall, without undue delay, inform Customer of the Personal Data Breach and shall provide reasonable information and cooperation to Customer so that Customer can fulfil any data breach reporting obligations it may have under Applicable Data Protection Law. Saidot shall further take such reasonably necessary measures and actions to mitigate the effects of the Personal Data Breach (to the extent the mitigation is within Saidot’s reasonable control) and shall keep Customer informed of all material developments in connection with the Personal Data Breach.
9. Deletion or return of Personal Data
Following the termination of the Services, Saidot returns or deletes the Customer’s Personal Data unless return or destruction is impracticable or prohibited by law. In such a situation, Saidot shall continue to appropriately protect such Personal Data in its possession, custody, or control.
10. Actions and Access Requests; Reviews
10.1 Taking into account the nature of the processing and the information available to Saidot, Saidot shall provide Customer with reasonable cooperation and assistance (at Customer’s expense) to enable Customer to comply with its obligations to conduct any data protection or transfer impact assessments that it is required to undertake under Applicable Data Protection Law and/or to consult competent supervisory authorities prior to processing where required by Applicable Data Protection Law.
10.2 Saidot shall deal promptly and adequately with any enquiries from the Customer about the processing of Personal Data in accordance with this DPA. Customer shall, with reasonable notice to Saidot, have the right to review all information reasonably necessary to demonstrate Saidot’s compliance with its obligations under this DPA.
Appendix 1 – Technical and organisational measures
Measures for data security, incl. pseudonymisation and encryption of personal data
Saidot has secure protocols and methods in place to ensure the security of all data. Saidot ensures both in-transit and at-rest encryption of all customer data, incl. personal data.
Saidot uses recommended data security practices by its cloud vendor, Azure, and integrated services, ArangoDB, and Airtable to protect data and encryption secrets.
Measures for ensuring ongoing confidentiality, integrity, availability, and resilience of processing systems and services
The Agreement between Saidot and Customer contain strict confidentiality obligations. Saidot ensures that any person it authorises to process Personal Data has committed themselves to confidentiality concerning Personal Data or are under an appropriate statutory obligation of confidentiality.
Customer data stored is accessible only to limited number of authorised Saidot individuals with appropriate access rights and solely for the purposes of maintaining the security and continuity of the Services. In addition to this, Customer content can be accessed by Saidot upon the Customer’s explicit request.
Saidot has established procedures for the appropriate management of IT systems to ensure the confidentiality, integrity, availability, and resilience of processing systems and Saidot Services.
Saidot is undergoing an ISO 27001 auditing process in 2025.
Measures for ensuring the ability to restore the availability and access to personal data in a timely manner in cases of physical or technical incidents
Automated daily full backups of production data are taken. Backups are safely stored and encrypted to enable fast recovery in case of incidents. Daily automated backups are securely stored in Microsoft Azure data centers located in Ireland.
Processes for regularly testing, assessing, and evaluating the effectiveness of technical and organizational measures in order to ensure the security of the processing
A periodic review of applied security measures is performed within Saidot.
Further tabletop exercise for incident management is performed regularly to ensure organisation preparedness.
Measures for user identification and authorisation
Saidot follows industry best practices for authentication of users accessing Services, including Multifactor Authentication where applicable, Role Based Access, and Least Privileged Access.
Measures for the protection of data during transmission
Communication interfaces with and within the Saidot platform, as well as towards integrated services, enforce the use of secure protocols to protect data in transit under all circumstances. Saidot ensures both in-transit and at-rest encryption of all customer data, incl. personal data.
Measures for the protection of data during storage
Data at rest stored in relational and graph DB services are encrypted by AES-256 encryption. Encryption keys/secrets are stored in respective services following practices provided by the service to protect encryption keys.
Measures for ensuring physical security of locations at which personal data are processed
As Saidot Services are hosted in the cloud, all Saidot processing occurs in physical data centers in EU/EEA (Ireland) managed by Azure, further details at
https://learn.microsoft.com/en-us/compliance/assurance/assurance-datacenter-security
Measures for ensuring events logging
All access to Services, being personal or programmatical is logged in Azure Monitor. Monitoring of security logs is managed by the engineering team. Log activities are reviewed as needed and escalated when appropriate. Critical events and incidents are delivered to selected mail recipients as well as to a dedicated Slack channel so engineering and management teams can react quickly if needed.
Measures for ensuring system configuration, including default configuration
Saidot adheres to DevOps principles regarding system configuration. The configuration of all environments is stored in the Saidot version control system. Changes applied to system configuration are reviewed through pull requests and deployed automatically via CI/CD pipelines when approved to ensure consistent configuration.
Measures for internal IT and IT security governance and management
Saidot has in place protocols for the management of IT security, consisting of IT management frameworks, data security controls, procedures for access management and control, incident response and recovery.
Additionally, Saidot has in place procedures for the appropriate management of IT systems to ensure the confidentiality, integrity, availability and resilience of processing systems and Saidot Services.
Measures for ensuring data minimization
The processed Personal Data Saidot collects when registering to the Service has been minimised to what is necessary for Saidot to identify the individual and communicate with them. When using the Services, the Customer has control over what data is introduced into the platform. Accordingly, Saidot and Customer operate under a shared responsibility model.
Measures for certification/assurance of processes and products
To fulfil the goal of obtaining ISO27001 certification in 2025, Saidot has started to plan and align activities to establish processes and cover, at minimum, mandatory controls and records of ISO standards. These are represented by clauses 4.3, 5.2, 6.1.2, 6.1.3, 6.2, 7.2, 8.2, 8.3, 9.1, 9.2, 9.3, 10.2, and by annexes A5.9, A5.10, A5.26, A5.31, A5.37, A6.2, A6.6, A8.15, A8.9, and A8.27.
Measures for ensuring data quality
Saidot implements data quality measures at multiple stages of data processing. Initially, at the API endpoints, schema-first design is applied to GraphQL endpoints. Secondly, at the database layer, data is validated against the database schema prior to insertion. Finally, data quality is ensured through rigorous testing to maintain high standards of code used in the processing of data.
Measures for ensuring limited data retention
All personal data is deleted from the Services following service termination. Saidot follows the applicable data protection law and retains data for a period of 6-12 months following termination.
Measures for ensuring accountability
Saidot has implemented measures to ensure accountability throughout the organisation, including the adoption of data protection and information security policies, recording and reporting personal data breaches, and designating roles and responsibilities for the various data privacy and information security duties.
Measures for data subject rights
Saidot has established processes and measures for the protection of data subjects’ rights. Details of the collection and use of personal data, including the rights of the data subjects, can be found in Saidot's Privacy Policy. https://www.saidot.ai/privacy
Measures for allowing data portability and ensuring erasure
The processed Personal Data Saidot collects when registering for the Service has been minimised to what is necessary for Saidot to identify the individual and communicate with them. Incidentally, most scenarios for transferring Personal Data from Saidot do not apply. However, Saidot will address all data portability requests to meet Customer needs.
Technical and organizational measures of sub-processors
Saidot enters into Data Processing Agreements with its Sub-Processors that include data protection obligations principally equivalent to those in this DPA.
Appendix 2 – Details on the processing of Personal Data
Nature and Purpose of Processing: Saidot will process Customer’s Personal Data as strictly necessary and required to provide the Services and otherwise in accordance with Customer’s instructions. The nature of processing includes, without limitation, the following processing activities: receive, collect, assess, retrieve, record, store, organize, structure, adapt, alter, redact, use, align, erase, destroy, and delete Customer Personal Data, as well as share, disclose or otherwise make available Customer Personal Data to sub-processors listed in Appendix 3
Duration of Processing: Saidot will process Customer’s Personal Data as long as required (i) to provide Services to Customer; or (ii) by applicable law, including Applicable Data Protection Law.
Categories of Data Subjects: Customer’s employees, consultants, contractors, and/or agents.
Categories of Personal Data: The Personal Data processed is personal data provided by Customer and processed by Saidot in the course of providing the Services. The processed personal data contains identification data such as name and email addresses, telephone number, profile pictures (optional), usernames, aliases, roles, and other authentication and security credential information.
Sensitive Data or Special Categories of Data: The personal data processed will not include sensitive personal data. Customer is prohibited from providing sensitive personal data or special categories of data to Saidot.
Appendix 3 – List of Sub-Processors
.png)
