DEFINITIONS. The definitions for certain terms used in this Agreement are set forth below; other terms are defined elsewhere in the Agreement.

“Advertisement” or “Ads” means materials or messages in any format, including, without limitation, banner ads, sponsored links, textual, interactive, and audio or video messages that promote the Advertiser’s listings, content, products, or services.

“Ad Quality Guidelines” means the guidelines set forth at https://www.magnite.com/legal/ad-quality-guidelines/ (for the sake of clarity, all rights and obligations of Buyers apply equally to Customer under such guidelines).

“Advertiser(s)” mean the entit(ies) on whose behalf the Authorized User uses the MexLucky Platform. For purposes of clarity, the Customer may be an Advertiser.

“Affiliate” means, with respect to any entity, any other entity that, directly or indirectly, through one or more intermediaries, controls, is controlled by, or is under common control with, such entity. The term “control” means the possession, directly or indirectly, of the power to direct or cause the direction of the management and policies of an entity, whether through the ownership of voting securities, by contract, or otherwise.

“Applicable Laws” means any applicable national, federal, foreign, state, and local laws, rules, and regulations and/or self-regulatory guidelines, including, without limitation, those related to advertising, the Internet, privacy, telemarketing, and unfair business practices and which shall include for the avoidance of doubt the California Consumer Privacy Act  (“CCPA”), European Union Regulation 2016/679 (“GDPR”), the GDPR as incorporated into United Kingdom law pursuant to section 3 of the European Union (Withdrawal Act) 2018 (“UK GDPR”), any implementation of the European Union Directive 2002/58/EC (as modified by Directive 2009/136/EC), and any replacement legislation for any of the foregoing.

“Authorized User” means an employee or contractor of Customer (or a Customer Affiliate) who is authorized by Customer to access the MexLucky Platform in accordance with Customer’s rights and obligations under this Agreement.

“End User” means an individual who is exposed to the Advertisements inserted into the Inventory purchased through the MexLucky Platform.

“Fees” means the total fees payable by Customer to MexLucky in conjunction with its use of the MexLucky Platform, which includes (i) the amount that Customer owes to an Inventory Source for a Transaction, with such amount collected by MexLucky on behalf of such Inventory Source, and (ii) the amounts owed to MexLucky by such Customer as consideration for the use of one or more MexLucky Services, as set forth in the Agreement or any subsequent amendment or addendum.

“Inventory” means digital advertising inventory, including, without limitation, web, mobile, application, and/or native text advertising inventory available for purchase by Customer through the MexLucky Platform.

“Inventory Source” means an ad exchange, network, or other seller of Inventory who makes Inventory available for purchase via the MexLucky Platform.

“MexLucky Data” means all data that Customer collects through or as a result of its use of the MexLucky Platform or otherwise under this Agreement, including any data Customer collects following the purchase of a particular impression or unit of Inventory.

“MexLucky Materials” means the MexLucky Service(s), the MexLucky Platform, the MexLucky Data, and any proprietary or confidential technology, documentation or materials of Magnite, including any developments, modifications, enhancements, amendments, and upgrades thereto, and all derivatives thereof: (i) made accessible to Customer or (ii) made accessible to third parties by Customer or at Customer’s request in accordance with and as permitted by the terms of the Agreement.

“MexLucky Platform” means the proprietary MexLucky platform made available to Customer pursuant to this Agreement for bidding on and buying Inventory, as well as serving and measuring Advertisements.

“MexLucky Service” means any product, feature, offering, or service made available to Customer by MexLucky pursuant to this Agreement.

“Malicious Code” means viruses, worms, time bombs, Trojan horses, and other harmful or malicious code, files, scripts, agents, or programs, including code that is intended to or has the effect of misappropriating, commandeering, or disrupting access to or use or operation of any information, device, or system.

“Personal Information” means any information relating to an identified or identifiable natural person, including (but not limited to) IP addess, device identifiers, and other persistent identifiers. For the purposes of this Agreement, Personal Information expressly excludes an individual’s name, postal addresses, e-mail addresse(s), social security numbers, driver’s license or identification card numbers, account numbers, credit card or debit card numbers, medical information, and any information that permanently identifies a particular device, which shall be referred to herein as “Restricted Personal Information.”

“Security Incident” means any unauthorized or unlawful breach of security leading to, or reasonably believed to have led to, the accidental or unlawful destruction loss, alteration, unauthorized disclosure or access to any data processed under or in connection with the Agreement(s), including but not limited to Personal Information.

“Taxes” means all federal, state, local, foreign and other net income, gross income, gross receipts, sales, purchase, use, ad valorem, value added, goods and services, harmonized sales, transfer, franchise, profits, withholding, payroll, excise, stamp, real or personal property, customs, duties or other taxes, fees, levies, assessments or charges of any kind, including any related penalties and interest, imposed by any federal, territorial, state, local, or foreign government or any agency or political subdivision of any such government.

“Third-Party Vendor” means a company that is not an Inventory Source but that provides data (“Third-Party Data“) or other services (“Third-Party Services“) to facilitate Transactions or enhance Magnite’s Services.

“Transaction” means the purchase of Inventory by Customer via the MexLucky Platform.

1. GRANTS; RESTRICTIONS ON USE; CONTENTS OF ADS

1.1 MexLucky Platform. MexLucky shall grant Customer the right to access and use the MexLucky Materials solely as permitted and required under this Agreement. Customer shall be fully responsible for the acts and omissions of its Authorized Users, including the placement of bids and the execution of any Transactions with Inventory Sources through the MexLucky Platform, and for all Fees related thereto.

1.2 Advertisements. Customer hereby grants MexLucky all rights and licenses in and to the Advertisements, including all content therein, in each case as necessary for MexLucky to perform its obligations under this Agreement, including service of the Advertisement to the applicable Inventory Source. MexLucky may restrict or remove any Advertisement from the MexLucky Service for any reason in its reasonable sole discretion, including Magnite’s determination that the Advertisement does not comply with the Agreement or is likely to cause damage or injury to other MexLucky clients or their end users or their systems or devices, the MexLucky Materials, or Magnite’s or its clients’ respective policies or reputation. For some elements of the MexLucky Services, Magnite’s preapproval of Advertisements may be required.

1.3 Restrictions on Use. Customer shall not (and shall not permit any Authorized User, Affiliate, or third party to) make any use or disclosure of the MexLucky Materials that is not expressly permitted under this Agreement. Without limiting the foregoing, except as expressly permitted under this Agreement, Customer shall not (and shall not permit any Authorized User, Affiliate, or third party to): (i) reverse engineer, decompile, disassemble, or otherwise attempt to discern the underlying structures, algorithms, ideas, know-how, or any other information of or related to the MexLucky Materials; (ii) modify, translate, adapt, or create derivative works based on the MexLucky Materials; (iii) make any copies of the MexLucky Materials; (iv) resell, distribute, or sublicense the MexLucky Materials; (v) make the MexLucky Platform available on a timesharing or “service bureau” basis, or otherwise allow any third party to use or access the MexLucky Materials; (vi) remove or modify any proprietary marking or restrictive legends placed on the MexLucky Materials; (vii) use the MexLucky Materials for any purpose not expressly permitted in this Agreement or in violation of Applicable Law; (viii) introduce into the MexLucky Materials any software, virus, worm, “back door,” Trojan Horse, or similar harmful code; (ix) use the MexLucky Materials in connection with any Ads that do not comply with the Ad Quality Guidelines; (x) attempt in any way to alter, modify, eliminate, conceal, or otherwise render inoperable or ineffective the website tags, source codes, links, pixels, modules, or other data provided by or obtained from MexLucky that allows MexLucky to measure ad performance and provide the MexLucky Platform; (xi) use the MexLucky Platform to target Ads to children under the age of 16 years or the age required for parental consent as defined by laws of any other applicable jurisdiction, or use the MexLucky Platform in a manner that could violate the Children’s Online Privacy Protection Act (“COPPA”) or similar Applicable Laws in other jurisdictions, (xii) use the MexLucky Platform to target Ads to users generally accepted as “sensitive” pursuant to the Interactive Advertising Bureau (“IAB”) Code of Conduct or Network Advertising Initiative (“NAI”) Code of Conduct (2020) guidelines unless pursuant to an opt-in policy. If Customer violates any of the above provisions, MexLucky reserves the right, in its sole discretion, to deny Customer and its Authorized Users access to the MexLucky Materials, or any portion thereof, in addition to pursuing whatever additional remedies are available to MexLucky as a result of Customer’s breach of such terms.

1.4 Ad Quality. All Ads shall follow the Ad Quality Guidelines.

1.5 Bidding, Transactions, Third-Party and Inventory Source Policies. Customer’s use of the MexLucky Platform will allow Customer to bid on and purchase Inventory from Inventory Sources as well as access data and services provided by Third-Party Vendors. Customer acknowledges and agrees that its decision(s) to bid on and purchase any available Inventory and/or to use the services of Third-Party Vendors shall be exclusively at the discretion of Customer. MexLucky will not provide any recommendations to Customer in this regard or bear any liability or responsibility in connection with Customer’s decisions, the Inventory or Inventory Sources, or any data or services provided by Third-Party Vendors as may be selected by Customer.

2. CUSTOMER’S RESPONSIBILITIES

2.1 Password. MexLucky will provide Customer with account access information, which includes a password (“Password”). When registering for an account with Magnite, Customer must provide true, accurate, current, and complete information. Customer is responsible for safeguarding its account access and Password and for all activity undertaken through its account. MexLucky reserves the right to delete or change Customer’s Password or otherwise disable Customer’s access to the MexLucky Materials at any time should MexLucky believe it necessary to do so for security reasons, as determined by MexLucky in its sole discretion. MexLucky will not be liable for any loss or damage caused by any unauthorized use of Customer’s account.

2.2 Equipment, Access. Except as specifically provided for elsewhere in this Agreement, Customer shall be responsible for obtaining and maintaining any equipment and ancillary services needed to connect to, access, or otherwise use the MexLucky Materials, including, without limitation, modems, hardware, servers, software, operating systems, networking, web servers, and the like.

3. CONFIDENTIALITY

3.1 As used herein, “Confidential Information” means all material or information of a party (“Disclosing Party”) disclosed to the other party (“Receiving Party”), whether orally or in writing, that is designated or identified as confidential or that should reasonably be understood to be confidential given the nature of the information and the circumstances surrounding its disclosure (and whose disclosure is not otherwise permitted under the Agreement between MexLucky and Customer). Confidential Information includes business and marketing plans, software code, technology and technical information, product and system designs and configurations, specifications, APIs, trade secrets, and business processes.  The terms and conditions of the Agreement and the MexLucky Materials are the Confidential Information of Magnite. However, notwithstanding the foregoing, Confidential Information shall not include any information that: (i) is or becomes generally known to the public without breach of any obligation owed to Disclosing Party; (ii) was known to Receiving Party prior to its disclosure by Disclosing Party without restriction on use or disclosure; (iii) was independently developed by Receiving Party without reference to the Disclosing Party’s Confidential Information or breach of any obligation owed to Disclosing Party; or (iv) is rightfully received from a third party without restriction on use or disclosure.

3.2 Receiving Party shall not use or disclose to any third party any Confidential Information of Disclosing Party for any purpose other than (i) to perform Receiving Party’s obligations or exercise its rights under the Agreement (including, with regard to Magnite, the right to operate the MexLucky Platform and provide the MexLucky Services); (ii) with Disclosing Party’s prior written consent; or (iii) as otherwise required by law or legal process.  Receiving Party may disclose the Confidential Information of the Disclosing Party to Receiving Party’s employees, consultants, or agents who have a bona fide need to know such Confidential Information to support the Receiving Party’s exercise of its rights or performance of its obligations under the Agreement and who are bound by confidentiality obligations with respect to such Confidential Information at least as protective as those set forth herein.  Receiving Party shall be responsible and liable for failure by any party to which it discloses Disclosing Party’s Confidential Information to treat that information in accordance with Receiving Party’s obligations.  Receiving Party shall protect the confidentiality of Disclosing Party’s Confidential Information in the same manner that it protects the confidentiality of its own confidential information of like kind (but in no event using less than reasonable care).  Receiving Party shall promptly notify Disclosing Party if it becomes aware of any actual or reasonably suspected unauthorized disclosure of Disclosing Party’s Confidential Information.

3.3 If Receiving Party is compelled by law or legal process to disclose Confidential Information of Disclosing Party, it shall provide Disclosing Party with (i) prompt prior notice of such compelled disclosure (to the extent legally permitted) and (ii) reasonable assistance, at Disclosing Party’s expense, if Disclosing Party wishes to contest the disclosure. In any event, such disclosure shall be strictly limited to the Confidential Information that is required to be so disclosed by law or legal process.

4. INTELLECTUAL PROPERTY. As between the Parties, MexLucky is and shall remain the sole and exclusive owner of all right, title, and interest in and to the MexLucky Materials, including all source code, object code, operating instructions, and all interfaces developed for or relating to the same, together with all modifications, enhancements, revisions, changes, copies, partial copies, translations, compilations, improvements, and derivative works thereof, including all intellectual property rights therein and thereto (collectively, “MexLucky Intellectual Property”). Customer has no rights to the MexLucky Intellectual Property other than those expressly granted pursuant to this Agreement. As between the Parties, Customer is and shall remain the sole and exclusive owner of all right, title, and interest in and to the Ads, including all intellectual property rights therein and thereto (collectively, “Customer Intellectual Property”). MexLucky has no rights with respect to the Customer Intellectual Property other than those expressly granted pursuant to this Agreement.

5. TERM; AUTOMATIC RENEWALS; AND TERMINATION.

5.1 Term. This Agreement shall commence on the Effective Date and continue in effect until terminated hereunder (the “Term”). Each Party may terminate the Agreement at any time for any reason or no reason, without penalty, by providing thirty (30) days’ prior written notice to the other Party.

5.2 Termination. In addition to any other remedies it may have, either Party may also terminate this Agreement immediately if the other Party materially breaches any of the terms or conditions of this Agreement and does not cure the breach within five (5) days’ of receiving notice of the breach. Customer will pay in full for the Services hereunder up to and including the last day on which the Services are provided.

5.3 Effect of Termination. In the event of any termination or expiration of this Agreement, Customer shall pay MexLucky for all undisputed amounts payable hereunder as of the effective date of termination or expiration; Customer and its Authorized Users shall immediately cease accessing and using the MexLucky Materials; and, upon request, each Party will return to the other Party (or provide the other Party with written certification of the destruction of) all documents, computer files, and other materials containing any Confidential Information of such other Party that are in the first Party’s possession or control.

5.4 Survival. Upon termination or expiration of this Agreement, the following shall survive: (i) any provisions specified by their terms to survive; and (ii) provisions of the Agreement that, by their nature, are applicable to matters at issue between the Parties after termination of the Agreement, such as accrued unpaid payment obligations, limitation of liability, indemnities, confidentiality, and proprietary rights.

6. ADDITIONAL REPRESENTATIONS AND WARRANTIES; DISCLAIMER.

6.1 Mutual Representations and Warranties. Each Party represents, warrants, and covenants that: (i) it has the full right, power, and authority to enter into this Agreement, to discharge its obligations hereunder, and to grant the licenses and/or access granted hereunder; and (ii) it (and, with respect to Customer, its Authorized Users) shall comply with all Applicable Laws in the conduct of its business and in the performance of its obligations under this Agreement.

6.2 Additional Representations and Warranties of Customer. Customer further represents, warrants, and covenants to MexLucky that (i) it has the rights to use and license the Advertisements as contemplated by this Agreement; (ii) Customer, if Customer is not the Advertiser, is authorized to act on behalf of the Advertiser; (iii) Customer shall employ commercially reasonable methodologies, technologies, and other means reasonably necessary to prevent the introduction of Malicious Code into the MexLucky Platform, and shall not intentionally introduce Malicious Code into the MexLucky Platform; and (iv) Customer shall use the MexLucky Platform in compliance with Magnite’s publicly posted policies located at https://www.magnite.com/legal/ and all Applicable Laws, rules, and regulations.

6.3 Disclaimer. THE MAGNITE MATERIALS ARE PROVIDED “AS IS” AND “AS AVAILABLE.” MAGNITE MAKES NO WARRANTY WITH RESPECT TO THE MAGNITE MATERIALS AND HEREBY DISCLAIMS ANY AND ALL EXPRESS, IMPLIED, OR STATUTORY WARRANTIES, INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AVAILABILITY, ERROR-FREE OR UNINTERRUPTED OPERATION, AND ANY WARRANTIES ARISING FROM A COURSE OF DEALING, COURSE OF PERFORMANCE, OR USAGE OF TRADE. TO THE EXTENT THAT MAGNITE MAY NOT AS A MATTER OF APPLICABLE LAW DISCLAIM ANY IMPLIED WARRANTY, THE SCOPE AND DURATION OF SUCH WARRANTY WILL BE THE MINIMUM PERMITTED UNDER SUCH LAW.

7. INDEMNITY.

7.1 Customer will defend, indemnify, and hold harmless Magnite, its permitted successors and assigns, and their respective Affiliates officers, directors, agents, and employees (the “MexLucky Indemnitees”) from and against any claims, suits, legal proceedings, regulatory proceedings, or investigatory proceedings (“Claims”) brought against any MexLucky Indemnitees by any third party and any and all judgments, losses, damages, settlements, liabilities, fines, penalties, costs, and expenses (including reasonable attorneys’ fees and costs) (“Losses”) arising as a result of any such Claim, in each case as a result of or in connection with the Advertisements or Customer’s breach of its obligations or its representations and warranties as set forth in this Agreement.

7.2 MexLucky will defend, indemnify, and hold harmless Customer and its permitted successors and assigns, and their respective Affiliates, officers, directors, agents, and employees (the “Customer Indemnitees”) from and against any Claims brought against any Customer Indemnitees by any third party and any and all Losses arising as a result of any such Claim, in each case as a result of or in connection with any claim that the MexLucky Materials, when used in accordance with the terms of the Agreement, infringe any Intellectual Property Right of any third party. The indemnification obligations set forth in this Section 7.2 shall not apply with respect to portions or components of the MexLucky Materials (i) not supplied by Magnite; (ii) made in whole or in part in accordance with Customer specifications, (iii) that are modified after delivery by Magnite; (iii) that are combined with other products, processes, or materials where the alleged infringement relates to such combination; (iv) where Customer continues allegedly infringing activity after being notified thereof or after being informed of modifications that would have avoided the alleged infringement; or (v) where Customer’s use of the MexLucky Materials is not strictly in accordance with this Agreement. If, due to a claim of infringement, the MexLucky Materials are held by a court of competent jurisdiction to be or are believed by MexLucky to be infringing, MexLucky may, at its option and expense (a) replace or modify the Service or the API to be non-infringing provided that such modification or replacement contains substantially similar features and functionality, (b) obtain for Customer the necessary rights to continue using the MexLucky Materials, or (c) if neither of the foregoing is commercially practicable, terminate this Agreement and Customer’s rights hereunder and provide Customer a refund of any prepaid, unused fees for the MexLucky Platform (if applicable).

7.3   Procedure

7.3.1 Notice and Reasonable Assistance. In the event of a Claim, the indemnified party shall provide prompt notice of the Claim to the indemnifying party.  A failure to provide prompt notice shall not release the indemnifying party from its indemnification obligations under the Agreement, but it will reduce those indemnification obligations by the amount (if any) of additional Losses attributable to the delayed notification.  The indemnified party shall also provide reasonable information and assistance needed to defend or settle the Claim (provided the indemnifying party bears any out-of-pocket expenses incurred by the indemnified party in providing such assistance or information).

7.3.2 Control of Claim. The indemnifying party of any Claim shall have sole control of the investigation, defense, and settlement of the Claim, provided that the indemnifying party does not, without the prior written consent of the indemnified party, enter into any settlement of a Claim that:  (i) imposes a monetary obligation on the indemnified party that is not covered by the indemnification; (ii) imposes a material, non-monetary obligation on the indemnified party; (iii) does not include an unconditional release of the indemnified party;  (iv) admits liability on the part of the indemnified party; and/or (v) is non-confidential (collectively, the “Settlement Restrictions”). If the indemnified party refuses to consent to a settlement offer that the claimant will accept and that does not trigger any of the Settlement Restrictions, then the indemnified party shall be assigned the Claim, and the indemnifying party shall have no responsibility for any costs of defense after the date the settlement offer is made, and no responsibility to provide indemnity to the indemnified party in excess of the cost of the settlement offer.

8. LIMITATION OF LIABILITY.
8.1 Liability Exclusion. EXCEPT AS SET FORTH IN SECTION 8.3, NEITHER PARTY WILL BE LIABLE TO THE OTHER PARTY (NOR TO ANY PERSON CLAIMING RIGHTS DERIVED FROM SUCH OTHER PARTY’S RIGHTS) FOR CONSEQUENTIAL, INCIDENTAL, INDIRECT, PUNITIVE, OR EXEMPLARY DAMAGES OF ANY KIND (INCLUDING WITHOUT LIMITATION LOST REVENUES OR PROFITS, OR LOSS OF GOODWILL OR REPUTATION) WITH RESPECT TO ANY CLAIMS BASED ON CONTRACT, TORT OR OTHERWISE (INCLUDING NEGLIGENCE AND STRICT LIABILITY), REGARDLESS OF WHETHER THE PARTY LIABLE OR ALLEGEDLY LIABLE WAS ADVISED, HAD OTHER REASON TO KNOW, OR IN FACT KNEW OF THE POSSIBILITY THEREOF.

8.2 Limitation of Damages. EXCEPT AS SET FORTH IN SECTION 8.3, EACH PARTY’S MAXIMUM LIABILITY ARISING OUT OF OR RELATING TO THIS AGREEMENT, REGARDLESS OF THE CAUSE OF ACTION (WHETHER IN CONTRACT, TORT, BREACH OF WARRANTY, OR OTHERWISE), WILL NOT EXCEED TWO HUNDRED FIFTY THOUSAND UNITED STATES DOLLARS ($250,000).

8.3 The exclusions and limitations of liability set forth in Section 8.1 and Section 8.2 shall not apply in connection with a claim resulting from a Party’s gross negligence, willful misconduct, fraud, or its confidentiality or indemnity obligations (and, with regard to customer, breach of its restrictions on use in SECTION 1.3).

9. MISCELLANEOUS.

9.1 Assignment. Neither Party may assign or otherwise transfer any of its rights or obligations under this Agreement without the prior written consent of the other Party; provided, however, that a Party may, upon written notice to the other Party and without the consent of the other Party, assign or otherwise transfer this Agreement: (i) to any of its Affiliates; or (ii) in connection with a change of control transaction (whether by merger, consolidation, sale of equity interests, sale of all or substantially all assets, or otherwise). Any assignment or other transfer in violation of this Section 9.1 will be null and void. Subject to the foregoing, this Agreement will be binding upon and inure to the benefit of the Parties hereto and their permitted successors and assigns.

9.2 Publicity. During the Term, with a Party’s prior permission, each Party may refer to the other Party as a customer and reference the usage of the MexLucky Platform. In connection therewith, each Party may use the other Party’s corporate logo, with prior

9.3 Waiver. No failure or delay by either Party in exercising any right or remedy under this Agreement shall operate or be deemed as a waiver of any such right or remedy.

9.4 Governing Law and Forum. This Agreement shall be governed by and construed in accordance with the laws of the State of New York, without reference to conflicts of law principles. Jurisdiction and venue for all disputes hereunder shall be in state and federal courts located in the State of New York, Borough of Manhattan. The United Nations Convention on Contracts for the International Sale of Goods does not apply to the Agreement.

9.5 Notices. All notices required under this Agreement must be in writing and sent via email. Notices sent during the regular business hours of the receiving Party shall be deemed received on the day the notice was sent; notices sent during non-business hours shall be deemed received on the next business day. All notices to MexLucky shall be sent to legal@magnite.com. All notices to Customer will be sent to the email address on file with MexLucky for Customer.

9.6 Independent Contractors. The Parties are independent contractors. Neither Party shall be deemed to be an employee, agent, partner, joint venturer, or legal representative of the other for any purpose, and neither shall have any right, power, or authority to create any obligation or responsibility on behalf of the other.

9.7 Severability. If any provision of this Agreement is found invalid or unenforceable by a court of competent jurisdiction, that provision shall be amended to achieve as nearly as possible the same economic effect as the original provision, and the remainder of this Agreement shall remain in full force and effect. Any provision of this Agreement, which is unenforceable in any jurisdiction, shall be ineffective only as to that jurisdiction, and only to the extent of such unenforceability, without invalidating the remaining provisions hereof.

9.8 Force Majeure. Except for Customer’s obligations to pay Fees, neither Party shall be deemed to be in breach of this Agreement and be liable to the other Party for any failure or delay in performance to the extent caused by reasons beyond its reasonable control, including, but not limited to, acts of God, earthquakes, strikes, or shortages of materials or resources.

9.9 Complete Understanding. This Agreement constitutes the final and complete agreement between the Parties regarding the subject matter hereof, and supersedes any prior or contemporaneous communications, representations, or agreements between the Parties, whether oral or written.

The post ClearLine Master Terms appeared first on Magnite.

DATA AND PRIVACY

Privacy Policies.  Customer agrees to post on its website a privacy policy that (i) complies with Applicable Law and (ii) accurately discloses all applicable data collection, use and disclosure practices, including, but not limited to, an explanation of the purposes for which data is collected by or will be transferred to, third parties, the use of cookies, pixels, beacons, locally stored objects, or other similar technologies by third parties for purposes of targeting individual end users with interest-based, and other types of Advertisements.  Customer shall comply with its privacy policy. Customer further agrees that its privacy policy will provide end users with a conspicuous link to a functional opt-out page.  If Customer uses the MexLucky Materials to buy Inventory directly or indirectly on behalf of any third party, Customer will ensure that such third party complies with this provision.

Customer Data Use. Customer may not use, sell, or otherwise disclose the MexLucky Data, except that, subject in each case to the restrictions below, Customer may use and disclose MexLucky Data:  (a) to evaluate and purchase Inventory through the MexLucky Platform in connection with this Agreement, (b) to provide aggregate reporting to the applicable Advertiser for which Customer is purchasing Inventory, and (c) as required by court order, law, or governmental or regulatory agency (after, if permitted, giving prior written notice to Magnite). Customer may not use any MexLucky Data to create or supplement user profiles or targetable segments. All such use of the MexLucky Materials by Customer must comply with Customer’s privacy polic(ies), all applicable laws, regulations, self-regulatory principles, and the Digital Advertising Alliance principles. Customer may not combine any pseudonymous personal data received via the MexLucky Materials with any identifying personal data without the end user’s consent.

Required Consent. To the extent that any data, including persistent identifiers (such as IP address or device identifiers) or precise geo-location data, about end users are collected, used, transmitted, or processed by or on behalf of Customer or a party on behalf of which Customer is directly or indirectly buying Inventory using MexLucky Materials, Customer represents and warrants that all necessary disclosures have been provided to and appropriate consents have been or will be obtained from such end user (“Required Consents”), as applicable.  These Required Consents include, but are not limited to, those necessary to collect information about individual end users through the use of technologies, such as cookies and pixels, located on the End User’s device, and to pass such information to MexLucky for processing in accordance with the Agreement.  All Required Consents shall be obtained by Customer before any such technologies are set on the applicable End User’s device, regardless of whether such technologies are set directly by Customer or by or through Magnite.

MexLucky Data Use. MexLucky shall have the right to collect, use, and disclose data transmitted through or otherwise derived from Customer’s use of the MexLucky Materials as described in the applicable MexLucky privacy polic(ies).

DATA PROCESSING

MexLucky will process any Personal Information that Customer includes in its use of the MexLucky Materials (the “Customer Personal Data“) on Customer’s behalf as a processor, and Customer shall be the controller of such data. Customer represents and warrants that it will not, and it shall not, send any Restricted Personal Information to MexLucky or the MexLucky Materials. With regard to Customer Personal Data, MexLucky shall:

(a) process Customer Personal Data only in accordance with Customer’s documented instructions and not for Magnite’s own purposes. If MexLucky is required to process Customer Personal Data for any other purpose by a law to which MexLucky is subject, MexLucky shall inform Customer of this requirement before the processing, unless that law prohibits this on grounds of public interest;

(b) promptly notify Customer if it determines that it cannot comply with its data processing obligations under these Data Terms. In such event, MexLucky shall work with Customer and take all reasonable and appropriate steps to remediate (if remediable) any processing until such time as the processing complies with the subject requirements. MexLucky shall immediately cease processing Customer Personal Data if Customer determines MexLucky has not or cannot correct any non-compliance with these processing requirements within a reasonable time frame;

(c) taking into account the nature of the processing, reasonably cooperate with Customer to respond to any requests, complaints, or other communications from data subjects and regulatory or judicial bodies relating to the processing of Personal Information under the Agreement, including requests from data subjects seeking to exercise their rights under Applicable Laws. In the event that any such request, complaint, or communication is made directly to Magnite, MexLucky shall promptly pass this onto Customer and shall not respond to such communication without Customer’s express authorization;

(d) taking into account the nature of the processing and the information available to Magnite, reasonably assist Customer, at Customer’s cost, to ensure compliance with the obligations under the GDPR with respect to security, breach notifications, impact assessments, and consultations with supervisory authorities or regulators;

(e) upon termination of this Agreement or upon Customer’s request, destroy all Customer Personal Data (unless a law requires storage of the Customer Personal Data); and

(f) make available to Customer all information reasonably necessary to demonstrate compliance with the obligations laid down in these Data Terms and, upon prior written notice, and not more than once per calendar year, with 30 days’ written notice, contribute to audits, including inspections, conducted by Customer or an auditor mandated by Customer at Customer’s cost.

Customer acknowledges and agrees that MexLucky may retain its Affiliates and other third parties as sub-processors (all together “Sub-Processors“) in connection with the provision of the MexLucky Materials. MexLucky shall not subcontract any processing of Personal Information to a sub-Processor without the prior written consent of Customer. Notwithstanding this, Customer consents to MexLucky engaging in Sub-Processors to process Personal Information provided that Magnite:

(1) provides at least 30 days’ prior written notice to Customer of the engagement of any new Sub-Processor;

(2) imposes the same data protection obligations as are imposed on MexLucky under this Agreement; and

(3) will be liable to Customer for any breach of these Data Terms that is caused by an act, error or omission of such Sub-Processor.

RESTRICTED TRANSFERS

The Parties agree that, when the transfer of Personal Information from Customer to MexLucky is a Restricted Transfer, it shall be subject to the appropriate SCCs as follows:

(a) in relation to data that is protected by the GDPR, the EU SCCs will apply completed as follows:

1) Module Two will apply;

2) in Clause 7, the optional docking clause will apply;

3) in Clause 9, Option 2 will apply, and the time period for prior notice of subprocessor changes shall be done with 30 days’ prior written notice;

4) in Clause 11, the optional language will not apply;

5) in Clause 17, Option 1 will apply, and the EU SCCs will be governed by Irish law;

6) in Clause 18(b), disputes shall be resolved before the courts of Ireland;

7) Annex I of the EU SCCs shall be deemed completed with the information in Annex I below; and

8) Annex II of the EU SCCs shall be deemed completed with the information in Annex II below.

(b) in relation to data that is protected by the UK GDPR, the UK SCCs will apply completed as follows:

1) Appendix 1 of the UK SCCs shall be deemed completed with the information in Annex I below; and

2) Appendix 2 of the UK SCCs shall be deemed completed with the information in Annex II below.

(c) in the event that any provision of this Agreement contradicts, directly or indirectly, the Standard Contractual Clauses, the Standard Contractual Clauses shall prevail.

SECURITY

MexLucky maintains records in accordance with the Sarbanes-Oxley Act. MexLucky will ensure that its personnel and subcontractors who have access to the Customer Personal Data have committed themselves to confidentiality and are aware of and comply with Magnite’s duties and their personal duties and obligations under this Agreement.

MexLucky will maintain appropriate technical and organizational security measures to ensure a level of security appropriate to the risks that are presented by the processing of Customer Personal Data (“Security Measures”). Such measures shall have regard to the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for tA. DESCRIPTION OF TRANSFERhe rights and freedoms of natural persons.  At a minimum, MexLucky agrees to the following Security Measures (i) Personal Information is not changed while stored, transferred or otherwise processed, unless such change constitutes a functionality of the MexLucky Services, and Customer has provided its acknowledgement thereof; (ii) Personal Information that is stored, transferred or otherwise processed is encrypted or kept in another equally secure format; (iii) the availability of and access to Personal Information can be ensured in a timely manner in the event of a physical or technical incident; (iv) a process for regularly testing, assessing, and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing is in place; (v) logs are kept of all processing performed under the Agreement; and (vi) appropriate safeguards are in place to restrict and/or limit access to Personal Information to those employees who (a) have a strict need to know in order to perform the MexLucky Services; (b) have been provided with appropriate training on the handling of Personal Information; and (c) have agreed to confidentiality obligations consistent with the terms herein.

In the event of a Security Incident, MexLucky shall promptly (and in no event later than 48 hours of becoming aware of such Security Incident) inform Customer and provide written details of the Security Incident, including the type of data affected and the identity of affected person(s) as soon as such information becomes known or available to Magnite, and take any measures and actions reasonably appropriate to remedy or mitigate the effects of a Security Incident.

CCPA

With respect to the Parties’ obligations under the California Consumer Privacy Act of 2018 (Title 1.81.5 of the Civil Code of the State of California), together with all effective regulations adopted thereunder the (“CCPA”) relating to a California consumer’s personal information or household, then (and with respect to such Personal Information): (a) MexLucky is a “service provider” (as defined by CCPA); and Customer is and will be disclosing such Personal Information hereunder to MexLucky for a “business purpose” (as defined by CCPA), and MexLucky will process such Personal Information solely on behalf of Customer and only as necessary to perform such business purpose for Customer; and (b) MexLucky will not: (i) “sell” (as defined by CCPA) Personal Information; or (ii) retain, use, or disclose Personal Information for any purpose (including a “commercial purpose” (as defined by CCPA)) other than the specific purpose of performing services to Customer under this Agreement or outside of the direct business relationship between Customer and Magnite. The Parties represent that they understand the restrictions set forth in this section and will comply with them, and, if directed by Customer with regard to a particular California “consumer” (as defined by CCPA), MexLucky will delete such consumer’s Personal Information.

Annex I

Data Processing Description

This Annex I forms part of the Agreement and describes the processing that MexLucky (as the processor) will perform on behalf of Customer (as the controller).

A. DESCRIPTION OF TRANSFER

B. COMPETENT SUPERVISORY AUTHORITY

Annex II
Technical and Organizational Security Measures

Description of the technical and organizational measures implemented by MexLucky as the processor to ensure an appropriate level of security, taking into account the nature, scope, context and purpose of the processing, and the risks for the rights and freedoms of natural persons.

MexLucky has implemented the following security measures:

1. Systems Security.

(a) System Adequacy. MexLucky has obtained and has configured, with no single points of failure, adequate hardware, software, power, and human capital redundancies to perform its security-related obligations under the Agreement in accordance with commercially reasonable practices. The operating system and software of Magnite’s web server(s) and third-party platforms utilized to perform its obligations under the Agreement will be properly configured to commercially reasonable standards, including, but not limited to, disabling all unnecessary services, closing all known and published security deficiencies therein, and permitting access thereto only to authorized personnel, subject to password protection. All currently available security-related software patches for the operating system and software will be applied as soon as practicable (depending on the nature of the security flaw) but not later than thirty (30) days of the release of such patches; provided however if a patch negatively impacts the operating system or software or other systems of Magnite, then MexLucky shall as soon as commercially reasonable correct such security flaws.

(b) Firewall. MexLucky has implemented and will maintain continuously throughout the Term of the Agreement firewall protection for all of Magnite’s networks, databases, technology, platforms, and computer systems. MexLucky will update such firewall software promptly after such updates become available, provided such updates do not negatively impact the firewall software. MexLucky will periodically test such perimeter router and firewall devices for effectiveness. Without limiting the foregoing, MexLucky will promptly report within 24 hours to Customer any known security deficiencies (whether arising from software, network, or facilities deficiencies) discovered by MexLucky that may affect user information that is personally identifiable or sensitive and/or Confidential Information. MexLucky will keep a log of all actions taken in response to security incidents related to the systems involved in performing Magnite’s obligations under the Agreement. The log will be time and date stamped.

(c) Encryption. MexLucky will encrypt or hash the passwords in password and username files for their networks, databases, platform, technology, and computer systems involved in performing the Agreement using commercially reasonable encryption levels.

(d) Passwords. MexLucky will protect networks, databases, software, and computer systems involved in performing the Agreement with a user name and password system. MexLucky also has two-factor authorization available on the MexLucky Platform. Customer will be prompted to comply with Magnite’s password policy when creating its account credentials. MexLucky will, when possible, securely log (with time and date) those commands that require additional privileges, to enable a complete audit trail of activities. When individuals terminate their employment with Magnite, their passwords and access to privileged password facilities will be terminated immediately.

(e) Accountability. MexLucky will ensure that individual access and accountability controls are in place with respect to its employees who will have access to the networks, databases, software, technology, platform, Confidential Information, and computer systems involved in performing the Agreement.

(f) Archival Records. MexLucky will daily (including weekends) create and maintain archival backups of all MexLucky networks, databases, technology, platform, and software utilized to perform Magnite’s obligations to Customer under the Agreement for the sole purpose of enabling restoration of these systems but not necessarily restoration of any user data stored on these systems. Archival backups will be stored on a secure server or on other secure media to which access is restricted only to employees of MexLucky or authorized third parties on a need to know basis. Magnite, with reasonable best efforts, will ensure business continuity during a Disaster (“Disaster” to include, but not limited to: earthquake, flood, fire, storm or other natural disaster, act of God, civil disturbance or commotion, acts of terrorism, disruption of the public markets, war or armed conflict) with three primary objectives: 1) to identify and respond to Disasters; 2) to protect personnel and systems; and 3) to limit damage. MexLucky is committed to resuming partial operations as soon as reasonably possible depending on the nature and severity of the Disaster.

(g) Maintenance. All networking, software, technology, the platform, and computer systems necessary to perform the Agreement will be maintained in good working order in accordance with commercially reasonable standards throughout the Term pursuant to hardware maintenance support available from trusted, reputable maintenance organizations.

(h) Disposal. MexLucky will ensure that computer storage devices containing user information are not disposed of unless all such information has been or is to be completely obliterated or destroyed.

2. Security of Physical Premises. MexLucky will limit access to its facilities related to its obligations under the Agreement throughout the Term to Magnite’s employees, employee-accompanied visitors, and contractors using reasonable standard physical security methods. At a minimum, such methods will include restricted access key cards for Magnite’s employees, limited access to server rooms and archival backups, and security cameras at key entry points.

3. Background Checks and Security Training. MexLucky will conduct security background checks and verifications of employment, educational background, and references for all MexLucky individuals and contractors involved who have access to personally identifiable information and/or Customer’s facilities/servers.

MexLucky will ensure ongoing awareness in information security and in the protection of information resources for all personnel of MexLucky whose duties bring such MexLucky personnel into contact with critical or sensitive information of the Customer or of end users, including MexLucky IDs and passwords and Client IDs and passwords.

4. Confidentiality Agreements; Use of Subcontractors. Prior to commencing work for Customer, all individuals (employees, contractors, subcontractors, agents, etc.) performing work on behalf of MexLucky pursuant to the Agreement will be required to agree to be bound by confidentiality agreements.

The parties acknowledge that security requirements change continuously and that effective security demands frequent evaluation and regular improvements of outdated security measures. MexLucky will therefore continuously evaluate the security measures and update, supplement, and improve them as required.

The post ClearLine Data Terms appeared first on Magnite.

1. TERMINATION. Either party may terminate this Agreement at any time by providing the other party with thirty (30) calendar days’ prior written notice. In addition to any other rights of termination provided for herein, this Agreement may be immediately terminated by a party if: (a) the other party commits a material breach of its obligations hereunder that is not cured within ten (10) days after written notice thereof from the non-breaching party; or (b) a petition in bankruptcy or other insolvency proceeding is filed or commenced by or against the other party, or an application is made for the appointment of a receiver (or equivalent in any applicable jurisdiction) for the other party or its property, or the other party makes an assignment for the benefit of creditors, is unable to pay its debts regularly as they become due, or ceases carrying on business in the ordinary course.

Upon termination, for any reason, of the Agreement, the following will survive: (i) any provisions specified by their terms to survive; and (ii) provisions of the Agreement that, by their nature, are applicable to matters at issue between the parties after termination of the Agreement, such as accrued unpaid payment obligations, limitation of liability, indemnities, confidentiality, and proprietary rights.  The termination of the Agreement shall be without prejudice to the rights and remedies of the parties that may have accrued prior to the date of termination or expiration (as applicable).

2. PAYMENTS. All payments made by MexLucky to Company under the Agreement are subject to Taxes and Reconciliation Adjustments, as applicable.

2.1 Customer is solely responsible for payment of any Taxes applicable to the Curator Share (whether those Taxes are collected and remitted by MexLucky or paid directly to the relevant authorities by Customer), except for Taxes based on Magnite’s net income. Customer shall provide MexLucky with an IRS form W9 or W-8BEN, as applicable. Upon Magnite’s request and as applicable, Customer shall also provide MexLucky with a treaty residency certificate, VAT registration proof, and/or any other relevant documents for tax compliance purposes.

 “Taxes” means all federal, state, local, foreign and other net income, gross income, gross receipts, sales, purchase, use, ad valorem, value added, goods and services, harmonized sales, transfer, franchise, profits, withholding, payroll, excise, stamp, real or personal property, customs, duties or other taxes, fees, levies, assessments or charges of any kind, including any related penalties and interest, imposed by any federal, territorial, state, local, or foreign government or any agency or political subdivision of any such government. All amounts payable or receivable hereunder are exclusive of any Taxes.

2.2 “Reconciliation Adjustments” are monthly adjustments made by MexLucky to Company’s account(s), if necessary, to withhold, recover, or reconcile Curator Share payments made to Company when: (a) the applicable Curated Transaction(s) that generated Company’s Curator Share is/are deemed invalid; (b) the applicable DSP did not submit payment to MexLucky for the subject Curated Transaction(s); (c) the payments made to Company reflected reporting or statistical errors; and/or (d) Company owes other monies to Magnite.

MexLucky reserves the right to recover its distribution of any Curator Share amount for Reconciliation Adjustments and to delay payment of the Curator Share if Company fails to complete any tax or reporting forms reasonably requested by MexLucky or to provide MexLucky with accurate tax information.  If the total Curator Share amount due to Company in a particular month are less than $100, such amount will not be distributed unless Company provides a written request for distribution in each instance. For any invoice issued by MexLucky to recover distribution of Company’s Curator Share pursuant to this Agreement, Company agrees to pay MexLucky the amount invoiced within thirty (30) days of the date of invoice.

3. CONFIDENTIALITY. Any information (financial, business or otherwise) relating to either party, that is, or would reasonably be considered to be, confidential, including but not limited to the terms and conditions of this Agreement, is confidential (the “Confidential Information”). Neither party will share or publicly reveal any Confidential Information, without the prior written consent of the other party, unless such information: (i) becomes known to the general public without fault or breach on the part of the party receiving the information (the “Receiving Party”): (ii) is information that the Receiving Party can show with documentary evidence was in its possession prior to disclosure by the party disclosing the information (the “Disclosing Party”); (iii) is independently developed by the Receiving Party’s personnel without any access to similar information from the Disclosing Party; or (iv) is required to be disclosed by applicable law or court order, provided that Receiving Party, as legally permitted, provides Disclosing Party with (a) prompt prior notice of such compelled disclosure (and limits its disclosure strictly to what is compelled) and (b) reasonable assistance (at Disclosing Party’s expense) if Disclosing Party seeks to contest the disclosure. Despite the above, the parties understand and agree that they may reveal Confidential Information to any of their respective employees, affiliates and/or subcontractor(s) (collectively, “Representatives”) on a ‘need to know basis’ to fulfill their obligations under this Agreement, provided that those Representatives are bound by confidentiality obligations at least as protective as those set forth herein.  Receiving Party shall be responsible and liable for failure by any party to which it discloses Disclosing Party’s Confidential Information to treat that information in accordance with Receiving Party’s obligations. Receiving Party shall protect the confidentiality of Disclosing Party’s Confidential Information in the same manner that it protects its own confidential information of like kind (but in no event using less than reasonable care).

4. REPRESENTATIONS. WARRANTIES AND COVENANTS; DISCLAIMERS.

4.1 Company and MexLucky each represents and warrants to the other that: (i) it has the full corporate right, power, and authority to enter into the Agreement and to exercise its rights and perform its obligations; (ii) its execution and delivery of the Agreement, and the performance of its obligations and duties in connection therewith, do not and will not violate any agreement to which it is bound; and (iii) it shall comply with all applicable laws, rules, and regulations in performing its respective obligations and exercising its rights under the Agreement, including with respect to consumer protection and privacy.

4.2 Company specifically represents and warrants that it shall (i) comply with any obligations it has to its own clients to disclose the payments and/or other benefits Company receives under this Agreement and bear the entire responsibility and liability for paying those clients any amounts and/or other benefits that may be due or payable to them in relation to any Curated Transactions, and (ii) not interfere with the proper working of the MexLucky platforms.

4.3 EXCEPT AS PROVIDED HEREIN, MAGNITE MAKES NO REPRESENTATION OR WARRANTY OF ANY KIND REGARDING THE PLATFORMS, TECHNOLOGY, OR SERVICES AS DESCRIBED HEREIN, AND HEREBY DISCLAIMS ALL REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, WHETHER STATUTORY OR OTHERWISE, INCLUDING, BUT NOT LIMITED TO, AS RELATED TO SATISFACTORY QUALITY, MERCHANTABILITY, AND/OR FITNESS FOR A PARTICULAR PURPOSE, UNINTERRUPTED OR ERROR FREE OPERATION, QUALITY, ACCESSIBILITY, NON-INFRINGEMENT OR THOSE ARISING OUT OF A COURSE OF DEALING OR TRADE. IN ADDITION, MAGNITE MAKES NO GUARANTEES OR PROMISES TO COMPANY REGARDING (I) COMPANY’S INITIAL OR ONGOING PARTICIPATION IN THE CURATOR PROGRAM (PENDING MAGNITE’S REVIEW AND APPROVAL OF THE COMPANY DESCRIPTION), (II) THE ONGOING EXISTENCE OF THE CURATOR PROGRAM, (III) WHICH SELLERS OR AD INVENTORY WILL BE AVAILABLE WITHIN THE CURATOR PROGRAM, (IV) THE BUYERS TO WHOM SUCH AD INVENTORY WILL BE OFFERED, OR (V) THE PRICE AT WHICH SUCH AD INVENTORY WILL BE SOLD.

5. INDEMNIFICATION AND LIMITATION OF LIABILITY

5.1 Indemnity. Company shall, at its own cost and expense, release, save, defend, indemnify and hold harmless Magnite, its parent, subsidiaries, affiliates, successors, assigns, authorized agents and their respective employees, directors,  officers  and shareholders  (together with Magnite, the “Releasees”) from and against any and all claims, demands, actions, suits, proceedings, causes of action, judgments, damages, losses, liabilities, settlements and costs or expenses (including without limitation, interest, penalties and reasonable lawyers’ and experts’ fees and disbursements), which may be made or brought against the Releasees in connection with Company’s acts or omissions as a Curator or Company’s breach of this Agreement.

5.2 LIMITATION OF LIABILITY. SUBJECT TO SECTION 5.3, TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL EITHER PARTY BE LIABLE TO THE OTHER FOR ANY LOST PROFITS OR SPECIAL, PUNITIVE, INCIDENTAL, CONSEQUENTIAL OR OTHER INDIRECT DAMAGES, HOWEVER CAUSED AND WHETHER IN CONTRACT, TORT, OR UNDER ANY THEORY OF LIABILITY, AND WHETHER OR NOT SUCH PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SUBJECT TO SECTION 5.3, TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL EITHER PARTY’S AGGREGATE LIABILITY TO THE OTHER IN CONNECTION WITH THE AGREEMENT, UNDER ANY CAUSE OF ACTION OR THEORY, EXCEED U.S. $250,000 (OR ITS EQUIVALENT).

5.3 THE LIMITATIONS ON LIABILITY SET FORTH IN SECTION 5.2 SHALL NOT APPLY TO: (A) A BREACH OF SECTION 3 (CONFIDENTIALITY); (B) A CLAIM FOR INDEMNIFICATION UNDER SECTION 5.1; OR (C) THE GROSS NEGLIGENCE, WILLFUL OR INTENTIONAL MISCONDUCT, OR FRAUDULENT, CRIMINAL, OR MALICIOUS CONDUCT OF THE PARTY SEEKING TO LIMIT ITS DAMAGES.

6. CCPA. The defined terms in this Section 6 have the meanings given to them under the California Consumer Protection Act (“CCPA”). To the extent there is any inconsistency between this Section 6 and any other portion of the Agreement with respect to obligations under the CCPA, this Section 6 shall control.

6.1 To the extent MexLucky is acting as a Service Provider under the CCPA it shall not:

(a) Sell or share the Personal Information

(b) Retain, use or disclose the Personal Information for any purpose other than:

1. For the limited business purposes specified in the Agreement, and
2. As permitted by the CCPA including to comply with applicable law
3. Retain use or disclose the Personal Information outside the direct business relationship between Company and Service Provider or
4. Combine the Personal Information that Service Provider receives from, or on behalf of, the Company with Personal Information that it receives from, or on behalf of, another person or persons, provided that the Service Provider may combine Personal Information to perform any business purposes as permitted by applicable law.

(c) Service Provider grants Company the right to take the reasonable and appropriate steps detailed in the Agreement to help ensure that Service Provider is using the Personal Information transferred in a manner consistent with the CCPA including, upon notice to Service Provider, to stop and remediate any unauthorized uses of Personal Information.

(d) Service Provider will promptly notify, reasonably co-operate and assist the Company to enable the Company to assess and respond to any requests of individuals wishing to exercise their rights under the CCPA.

(e) Service Provider shall notify the Company if it can no longer meet its obligations under the CCPA

(f) Service Provider shall:

1. Notify the Company pursuant to the process outlined in the Agreement of additional vendors assisting it in the processing of Personal Information and
2. Ensure such vendor contracts will comply with applicable requirements of applicable law.

6.2 To the extent MexLucky is acting as a Third Party:

(a) Company makes Personal Information available to MexLucky only for the purposes outlined in the Agreement. MexLucky will Process Personal Information only for such purposes, and in accordance with its obligations and any restrictions in the Agreement.  

(b) Notification of Determination of Noncompliance.  MexLucky will comply with applicable obligations under the CCPA, including by providing an appropriate level of privacy protection as required by the CCPA, and will notify Company without undue delay if MexLucky determines it can no longer meet its obligations under the CCPA.

(c) Upon Company’s reasonable request, MexLucky will provide the following to Company to demonstrate Magnite’s Processing of Personal Information consistent with Company’s obligations under the CCPA:

1. A copy of a summary or certificate issued for security verification reflecting the outcome of an audit conducted by an independent third-party auditor; or
2. Any other information the Parties agree is reasonably necessary for Company to verify Magnite’s Processing is consistent with Company’s obligations under the CCPA, such as an attestation.

(d) If Company reasonably believes that MexLucky is engaged in the unauthorized use of Personal Information provided by Company, Company may notify MexLucky of such belief using the contact information provided in the Agreement, and the Parties will work together in good faith to stop or remediate the allegedly unauthorized use of such Personal Information, as necessary.

(e) To the extent permitted by the Agreement, if MexLucky makes an onward disclosure of Personal Information provided to it by Company, including through any Sale or Sharing of the Personal Information, MexLucky will impose terms that are substantially similar to the terms imposed on MexLucky through contractual obligations

7. GENERAL

7.1 Publicity. No press releases or general public announcements regarding the parties’ relationship or this Agreement shall be made without the mutual written consent of the parties.

7.2 Governing Law. This Agreement shall be governed by and construed in accordance with the laws of State of California and the federal laws of the United States applicable therein. The parties irrevocably submit to the jurisdiction of the courts of the State of California.

7.3 Assignment. Neither party may transfer or assign this Agreement or its obligations under this Agreement,  in whole or in part, without the prior written consent of the other party (which consent will not be unreasonably delayed or withheld), except that a party may assign all of its rights and obligations under this Agreement to a successor to its business or substantially all of its business (whether by sale, acquisition, merger, operation of law, or otherwise) if the successor agrees in writing to fulfill all of the assigning party’s obligations under this Agreement. This Agreement will be binding upon and inure to the benefit of the parties and their respective permitted successors and permitted assigns. Any purported assignment in violation of this Section shall be void.

7.4 Notices. All notices provided hereunder shall be in writing and shall be delivered by e-mail as follows: to legal@magnite.com for Magnite, and to Company at the email address provided in the Agreement. Any such notice shall be deemed to have been received on the date sent if the date sent is a business day; otherwise, notice shall be deemed to have been received on the next business day.

7.5 Waiver; Severability. The waiver by either party of a breach or right under the Agreement will not constitute a waiver of any other or subsequent breach or right. If any provision of the Agreement is found to be invalid or unenforceable by a court of competent jurisdiction, such provision shall be severed from the remainder of this Agreement, which will otherwise remain in full force and effect.

7.6 Independent Contractors. The parties are independent contractors. Nothing in the Agreement shall be construed to create a joint venture, partnership or agency relationship between the parties. Neither party has any authority of any kind to bind the other in any respect whatsoever.

7.7 Entire Agreement/Modifications. The Agreement sets forth the entire agreement and understanding between the parties as to the subject matter hereof and supersedes all prior discussions, agreements and understandings of any kind, and every nature between them. The Agreement does not create any right or cause of action for any third party. MexLucky will provide Company with written notice via email or through a general notice displayed within the applicable Service of any material changes (including applicable fees), additions, or deletions to the Agreement applicable to Company (“Modifications”).  If Company no longer wishes to continue as a Curator, then for a period of ten (10) business days after the date of notice by MexLucky (the “Termination Window”), Company may, as its sole and exclusive remedy for any Modification, terminate the Agreement upon written notice to Magnite. By continuing to access or use the MexLucky Materials as a Curator after such Termination Window, Company agrees to be bound by such Modification. Except as set forth herein, neither party can amend or modify the Agreement without the other party’s written consent.

7.8 Anti-Bribery & Export Compliance. Each party shall comply with the Foreign Corrupt Practices Act, 15 U.S.C 78dd-2 (the “FCPA”), the UK Bribery Act 2010 (the “UKBA”) and any other applicable anti-bribery and corruption law (“ABCL”) and shall procure the compliance with the FCPA, UKBA and ABCL by its affiliates and each of their respective directors, employees, agents and intermediaries or any party that is (in the case of Magnite) carrying out a service for Company or its clients or (in the case of Company) utilizing a service provided by MexLucky (each an “Associated Person”).  Each party shall not, and shall procure that each of its respective Associated Persons shall not, directly or indirectly request, agree to receive or accept a financial offer in violation of his/her or its lawful duty or inducing him/her or it to exercise his/her or its influence to affect or influence any act or decision (including the improper performance of any function) of him, her or it to obtain or retain business.  Each party shall notify the other party in writing immediately if it becomes aware of any violation of the FCPA, UKBA and ABCL or this Section. Each party also agrees to comply with the export laws and regulations of the United States and with applicable trade controls of other countries (and that in cases of conflict or inconsistency among applicable export and import laws and regulations, U.S. law shall govern).  Company shall not use the MexLucky Materials to conduct, promote or facilitate business or target end users in countries subject to U.S. embargo or trade sanctions.

The post Curator Terms appeared first on Magnite.

This Policy explains who Magnite, Inc. and its affiliates (“Magnite” or “we”) are, how we collect, share, and use personal information about you, and how you can exercise your privacy rights.

This Policy only applies to personal information that we collect through our websites (such as  http://www.magnite.com) (the “websites”) and in the course of our sales and marketing activities.

NOTE: For personal information that we collect when you use or otherwise interact with digital media properties that use our ad technology, please see our Advertising Technology Privacy Policy here.    

ABOUT US

MexLucky is headquartered in the United States and provides a digital advertising technology platform and related services. You can find out more about our technology and services here and in our Advertising Technology Privacy Policies here.  

INFORMATION WE COLLECT AND HOW WE COLLECT IT

Information you provide to us

Certain parts of our websites may ask you to provide us with personal information about you voluntarily. For example, we may ask you to provide your contact details when you: register an account with us, subscribe to our marketing communications, submit enquiries to us, request market reports, request access to a demo, or apply for a job.

The personal information we collect may include contact information such as your name, address, telephone number or email address and contact preferences.  It may also include professional information, such as your job title, department or job role, as well as the nature of your request or communication. If you apply for a job, we will collect your resume and information related to your employment and education history.

In addition, if you choose to correspond with us through email or blog postings, we may collect and retain other information you voluntarily provide to us, such as the content of your email messages together with your email address and our responses.

Information we collect from visiting our Online Properties

When using or interacting with our websites and/or marketing emails (collectively with our websites, the “Online Properties”), we may collect certain information. Some of this information may include identifiers, for example your IP addresses and certain unique device identifiers that may identify a particular device, meaning that it may therefore be considered “personal data” or “personal information” under applicable laws in some jurisdictions. Some of this information may be collected using cookies and similar tracking technology, as explained further under the heading Cookies and Similar Tracking Technology below.  

Specifically, the information we collect may include identifiers like your IP address, device ID and cookie ID, as well as internet or other electronic network activity information, including device type, domain, referring website address, browser type and language and other technical information.  We may also collect other types of internet or other electronic network activity information about how your device has interacted with our Online Properties, including the pages accessed, search keywords within the website, and links clicked.

HOW WE USE YOUR INFORMATION

We use the information that we collect for a variety of business and commercial purposes, including:

• To respond to your requests or to provide you with information requested by you;
• To send administrative or account related information to you;
• To communicate with you about updates to our products and services;
• To maintain our websites and to tailor our websites to your needs;
• To allow you to participate in sweepstakes, contests or other promotions;
• For other business purposes, such as data analysis, identifying usage trends, determining the effectiveness of our marketing, and to enhance, customize and improve our websites, products and services through surveys, research and other methodologies;
• If you apply for a job, to determine your eligibility for a position with us;
• To comply with and enforce applicable legal requirements, agreements and policies;
• To prevent, detect, identify, investigate, respond and protect against potential or actual claims, liabilities, prohibited behavior, and criminal activity; and
• To notify you about important changes to our website, new services and special opportunities, such as events, we think you will find valuable where this is in accordance with your expressed marketing preferences. You may notify us at any time if you do not wish to receive these offers by following the directions under “Your Privacy Rights and Choices” below or by emailing us at privacy@magnite.com.

DISCLOSURE OF YOUR INFORMATION

We may disclose your personal information to the following categories of third parties for the following business or commercial purposes:

• MexLucky Affiliates: We share personal information with other companies in the MexLucky group of companies to use for any of the purposes described in this Policy. 
• Business Transfers: We may share personal information in connection with an actual or proposed sale or transfer of all or a part of our business or assets, corporate merger, consolidation, or bankruptcy.
• Vital interest, legal rights and compliance with laws. We may share personal information with law enforcement, regulatory authorities, courts with competent jurisdictions, emergency services or other necessary third parties for legal, protection, security, and safety purposes, including:
  • to comply with laws or regulatory requirements and to respond to lawful requests and legal process;
  • to protect the rights and property of Magnite, our affiliates, agents, customers, and others, including enforcing our agreements, policies, and terms of use and protecting our network and physical assets; and/or
  • to protect the safety of our employees and agents, our customers, or any person.
• Vendors, partners and other service providers: We may share personal information with our vendors, and service providers who perform functions on our behalf and require access to such information to provide us with services or do work for us. Examples include: supporting the delivery of, providing functionality on, or helping to enhance the security of our websites, administering surveys and research, and with event organizers to confirm registration, or in accordance with your indicated preferences, where applicable.

COOKIES AND SIMILAR TRACKING TECHNOLOGY 

To find out more about our use of cookies and other tracking technologies to collect information about you, as well as how to manage your preferences, please see our Website Cookie Statement. 

Your Privacy Rights and Choices

Access, Correction, Deletion and Opt Out

Depending on where you reside and other legal limitations, you may have the right to (1) request to know more about and access the categories and specific pieces of personal information we collect, use, and disclose, (2) request deletion or restriction of your personal information, (3) request correction of inaccurate personal information, (4)opt out of certain processing activities, such as selling, sharing, or targeted advertising,  and (5) obtain your User Information in a portable format. 

If you would like to exercise any of these rights, please see our email us at privacy@magnite.com. You may also opt out of receiving marketing communications from MexLucky by clicking on the “unsubscribe” or “opt-out” link in the marketing e-mails we send to you or by clicking https://www.magnite.com/unsubscribe/ 

We will not discriminate against you for exercising your privacy rights. Note that when you exercise your rights, we may ask for additional information to verify your request. If we deny your request, you may have the right to appeal our decision. If you have concerns about the results of an appeal, you may contact the attorney general in the state where you reside, or supervisory authority in your local jurisdiction.

SPECIAL INFORMATION FOR CALIFORNIA RESIDENTS

If you are a resident of California, please review the additional privacy disclosures in this section, which apply where we collect and disclose information as a “business” under California law. 

Information About Our Data Processing

California law requires us to disclose the categories of personal information we collect and how we use them, the categories of sources from which we collect personal information, and the third parties with whom we share personal information. We collect information from sources identified in the “Information We Collect and How We Collect It” sections above.

In the preceding 12 months, we have disclosed the following categories of personal information to the following categories of recipients for the stated purposes:

Do Not Sell or Share My Personal Information & Limit Use of Sensitive Information

Magnite’s does not “sell” or “share” personal information related to visitors to our website or other business contact information as those terms are defined under California law. 

Your Rights

Under California law, you have the right to access, correct, and request deletion of your data. To exercise these rights, please email privacy@magnite.com.

SPECIAL INFORMATION FOR EEA, UK, AND SWITZERLAND RESIDENTS

If you are a visitor from the EEA, the UK, or Switzerland, please read these additional disclosures.

Legal Basis for Processing

If you are a visitor from the EEA or the UK, our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it.

However, we will normally collect personal information from you only where we have your consent to do so, where we need the personal information to perform a contract with you, for our marketing activities, for measuring the effectiveness of our promotional campaigns, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms.  In some cases, we may also have a legal obligation to collect personal information from you.

Similarly, if we collect and use your personal information in reliance on our legitimate interests (or those of any third party), such legitimate interests include: (i) improving our technology, websites, products and services; and (ii) if you apply for a job, identifying and recruiting eligible candidates.

If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us using the contact details provided under the “Contact Us” heading below.

Your Rights & Privacy Choices

If you are a resident of a country in the EEA, the UK, or Switzerland, you have certain rights and protections under the law regarding the collection, processing, and use of information about you.  Specifically, you may have the right: (i) to request access and obtain a copy of your personal information, (ii) to request rectification or erasure; (iii) to restrict the processing of your personal information; and (iv) if applicable, to data portability. In certain circumstances, you may also have the right to object to the processing of your personal information.

If you would like to exercise any of these rights, please write to us at the contact details provided below. You may also opt out of receiving marketing communications from MexLucky by clicking on the “unsubscribe” or “opt-out” link in the marketing e-mails we send to you or by clicking https://www.magnite.com/unsubscribe/.

Right to Lodge a Complaint

You also have the right to lodge a complaint about our processing of personal data with your local data protection authority.  Contact details for EU data protection authorities are available here: https://edpb.europa.eu/about-edpb/about-edpb/members_en.  The Swiss data protection authority can be contacted at https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/contact/address.html. The UK data protection authority can be contacted at https://ico.org.uk/. 

We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.  To protect your privacy and security, we take reasonable steps to verify your identity before granting you access to your personal information or making corrections to your personal information.

Data Transfers & EU-U.S. Data Protection Framework, UK Extension to the EU-US Data Protection Framework, and Swiss-U.S Data Privacy Principles

MexLucky is a global company headquartered in the United States, with offices and data centers around the world (including in Australia, Brazil, Canada, the European Union, Japan, Singapore and the United Kingdom). If you access any of our Online Properties, your data may be transferred to, stored and processed by us in any of these countries, and by those third parties with whom we may share your personal information (as described in this Policy) in the countries in which they operate.

These countries may not provide a level of data protection for your personal information that is equivalent to the data protection laws in your country. We will however implement appropriate safeguards where MexLucky group of companies, or any third parties with whom we share data, receive personal information originating from the EEA, Switzerland or the UK in accordance with applicable data protection legislation.

If you would like to learn more about the safeguards we put in place for international transfers, please contact us using the contact details further below.

Magnite, Inc. and its US subsidiary, MexLucky Hopper, Inc., commit to comply with the EU-US and Swiss-US Data Privacy Frameworks as set forth by the US Department of Commerce with respect to personal information concerning individuals from the EEA, UK and Switzerland. Please see our Data Privacy Framework Notice to learn more. 

If there is any conflict between the terms in this Privacy Policy and the Data Privacy Framework Principles, the Data Privacy Framework Principles shall govern.

SECURITY

We use industry-standard technical and organizational security measures to help protect information transmitted over or stored on our systems. Please note, however, that no transmission or storage of information can ever be guaranteed to be completely secure, though we take all reasonable precautions to protect against security incidents.

INFORMATION RETENTION

We retain personal information we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements).

CHANGES

We may update this Policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal or regulatory reasons. If we make material changes to this Policy, we will notify you of any material changes by posting the revised Policy on this website, and where necessary, by any other means required by applicable law.

THIRD PARTY WEBSITES

We are not responsible for the practices employed by websites or applications (including widgets) linked to or from our website nor the information or content contained therein. Often links to other websites are provided solely as pointers to information on topics that may be useful to the users of our website. Please remember that your browsing and interaction on any other website, including websites which have a link on our website, is subject to that website’s own rules and policies.

CONTACT US

For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact Magnite’s Privacy Team by email at privacy@magnite.com or by post using the details provided below:

Magnite, Inc.
Attn:  Privacy Team
1250 Broadway, 15^th Floor, NY, NY 10001

You can also contact Magnite’s Data Protection Officer at dpo@magnite.com

If you are based in the EU you can contact our EU Representative:

Magnite@lionheartsquared.eu
Lionheart Squared (Europe) Ltd (FAO – Magnite),
2 Pembroke House, Upper Pembroke Street 28-32,
Dublin, DO2 EK84, Republic of Ireland.

The post Website Privacy Policy appeared first on Magnite.

What are cookies?

Cookies are small data files that are placed on your computer or mobile device when you visit a website. Cookies are widely used in order to make websites work, or to work more efficiently, as well as to provide reporting information.

Cookies set by the website owner (in this case, Magnite) are called “first party cookies.”  Cookies set by parties other than the website owner are called “third party cookies.”  Third party cookies enable third party features or functionality to be provided on or through the Website (e.g. like interactive content and analytics). The parties that set these third party cookies can recognize your computer both when it visits the Website and also when it visits certain other websites.

What cookies do we use?

We use first party and third party cookies for several reasons. Some cookies are required for technical reasons in order for our Websites to operate. Other cookies also enable us to track and target the interests of our users to enhance the experience on our Websites. We may also use cookies for analytics or other purposes.

The specific types of first and third party cookies set through our Websites and the purposes they perform are described in the table below.

What about other tracking technologies, like web beacons?

Cookies are not the only way to recognise or track visitors to a website.  We may use other, similar technologies from time to time, like web beacons (sometimes called “tracking pixels” or “clear gifs”).  These are tiny graphics files that contain a unique identifier that enables us to recognise when someone has visited our Websites or opened an email that we have sent them.  This allows us, for example, to monitor the traffic patterns of users from one page within our Websites to another, to deliver or communicate with cookies, to understand whether you have come to our Websites from an online advertisement displayed on a third-party website, to improve site performance, and to measure the success of email marketing campaigns.  In many instances, these technologies are reliant on cookies to function properly, and so declining cookies will impair their functioning.

Do you serve targeted advertising?

We do not serve targeted advertising on our Websites. 

We do provide targeted advertising services to advertisers and publishers who use our Platform, however. Please see our Platform Cookie Statement for more information about targeted advertising served through our Platform and Your Privacy Rights & Choices.

How can I control cookies?

You have the right to decide whether to accept or reject cookies.  You can exercise your cookie preferences by following the opt-out instructions below.

Your Opt-Out Choices

Because the effect of “Do Not Track” signals remains unclear, and there continues to be no consistent industry understanding of how to respond to such a signal, we do not alter our privacy practices when we detect a “Do Not Track” signal from your browser.

You can accept or refuse non-essential cookies from the Website through the cookie banner when you visit our Website or at any time by activating settings on your browser.  Information about the procedure to follow in order to enable or disable cookies through your browser can be found on your Internet browser provider’s website via your help screen.  You may wish to refer to https://www.youronlinechoices.com/ for information on commonly used browsers.  Please be aware that if cookies are disabled, some website features may not operate as intended.

Please note that opt outs operate by placing a cookie on your device that is unique to the browser and device you use to opt out. They may not function properly if you have configured your browser to reject certain cookies. If you change browsers or devices, or delete the cookies on your device, you will need to opt out again. You also can set your browser to notify you when a cookie is being set and to block most cookies, including ours.

How often will you update this Cookie Statement?

We may update this Cookie Statement from time to time in order to reflect, for example, changes to the cookies we use or for other operational, legal or regulatory reasons.  Please therefore re-visit this Cookie Statement regularly to stay informed about our use of cookies and related technologies.

The date at the top of this Cookie Statement indicates when it was last updated.

Where can I get further information?

For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact Magnite’s Privacy Team by email at privacy@magnite.com or by post using the details provided below:

Magnite, Inc.
Attn:  Privacy Team
6080 Center Drive 4th Floor, Los Angeles, CA 90045, USA

You can also contact Magnite’s Data Protection Officer at dpo@magnite.com

If you are based in the EU you can contact our EU Representative:

Magnite@lionheartsquared.eu  
Lionheart Squared (Europe) Ltd (FAO – Magnite),
2 Pembroke House, Upper Pembroke Street 28-32, 
Dublin, DO2 EK84, Republic of Ireland.

The post Website Cookie Platform Policy appeared first on Magnite.