This Master Subscription Agreement is effective as of April 8, 2020
This Fivetran Master Service Agreement (the “Agreement”) is made between Fivetran, Inc., a Delaware corporation (“Fivetran”) and the party (“Customer”) that subscribes for the Services, as defined below. Between Fivetran and each Customer the Agreement consists of these terms, each signed order form or online enrollment (including any notes, pricing or other terms listed therein) (the “Order Form”), including any exhibits, and any updates or amendments to each. This Agreement is effective as of the date of Customer’s initial Order Form (the “Effective Date”). By executing the initial Order Form or accessing the Services, Customer agrees to all the terms set forth below. Customer’s usage of the Services is governed by Fivetran’s Service Consumption Table at https://fivetran.com/legal/credit-consumption.
In certain cases Fivetran may provide a trial version of the Services. In that case each Customer consents to this Agreement by clicking Agree or using the Services. If Customer and Fivetran execute a subsequent agreement regarding commercial use of the Services, its terms will supersede the terms here to the extent of any conflict.
THE PARTIES AGREE AS FOLLOWS:
1. SERVICES AND SUPPORT
1.1 Services. Fivetran will use commercially reasonable efforts to provide to Customer the services identified on each Order Form and the technical support on Exhibit A, and Customer will have use and access to such services, each according to the terms of the Agreement. The term “Services” includes the customer-facing services, implementation services, support, Software (as defined below) and any other services provided by Fivetran to Customer. As part of the registration process, Customer will identify an administrative username(s) and password(s) for Customer’s Fivetran user(s).
1.2 Orders by Affiliates. Customers and Affiliates may each use the Fivetran service pursuant to this Agreement. To the extent Customer’s Affiliates wish to make separate purchases, any of Customer’s Affiliates may execute a new Order Form for credits purchased specifically for that Affiliate entity and will be subject to this Agreement unless otherwise noted. “Affiliate” means an entity controlling, controlled by or under common control with a party to this Agreement at any time during the term of this Agreement, for so long as such ownership and control exists, provided such entity is not a current or prospective competitor to Fivetran or in the business of developing and offering products or technologies that are substantially similar to the Services.
2. RESTRICTIONS AND RESPONSIBILITIES
2.1 Use of Software Underlying Services. Customer will not, directly or indirectly: reverse engineer, decompile, disassemble or otherwise attempt to discover the source code, object code or underlying structure, ideas, know-how or algorithms relevant to the Services or any software, documentation or data related to the Services (the “Software”); modify, translate, or create derivative works based on the Services or any Software (except to the extent expressly permitted by Fivetran in writing or authorized within the Services); frame, mirror or use the Services or any Software for timesharing or service bureau purposes or otherwise for the benefit of a third party, except as part of a Powered by Fivetran deployment identified on an Order Form; or remove any proprietary notices or labels.
2.2 Appropriate Use of Services. Customer will not, and will not permit its users to:
(a) Post, upload, forward, or otherwise transmit any file or software code which contains, facilitates, or launches viruses, worms, trojan horses or any other contaminating or destructive features, or that otherwise interfere with the proper working of the Services; or
(b) Attempt to access any other Fivetran systems that are not part of these Services;
(c) Use the Services to upload, post, process, distribute, link to, publish, reproduce, or transmit any of the following, including but not limited to:
(i) Illegal, fraudulent, libelous, defamatory, obscene, pornographic, profane, threatening, abusive, hateful, harassing, offensive, inappropriate or objectionable information or communications of any kind, including without limitation conduct that would encourage or constitute an attack or “flaming” others, or criminal or civil liability under any local, state, federal or foreign law; or
(ii) Any information, software or content Customer does not have the legal right to process or transmit.
2.3 Although Fivetran has no obligation to monitor Customer’s use of the Services, Fivetran may do so and may prohibit any use of the Services it believes may be in violation of the foregoing.
3.1 Confidential Information. Subject to the limitations set forth in Section 3.2, all information disclosed by one party to the other party during the term of this Agreement, whether in oral, written, graphic or electronic form, shall be deemed to be “Confidential Information”. Confidential Information of Fivetran includes non-public information regarding features, functionality and performance of the Services and Software. Confidential Information of Customer includes all data provided by Customer to Fivetran to enable the provision of the Services (“Customer Data”).
3.2 Exceptions. Confidential Information does not include information which: (a) is part of the public domain at the time of disclosure; (b) becomes a part of the public domain through no fault of the receiving party or persons or entities to whom the receiving party has disclosed, transferred or permitted access to such information; (c) becomes available to the receiving party on a non-confidential basis from a source legally entitled to share the information without confidential treatment; (d) is independently developed by the receiving party without use of or access to the disclosing party's Confidential Information; or (e) is released from the confidentiality obligations herein by written consent of the disclosing party.
3.3 Nondisclosure. Each party covenants that it will not disclose any Confidential Information of the other party to any person or entity except: (a) to agents of the receiving party who have a need to know such information, who are subject to confidentiality agreements with the receiving party at least as protective of the disclosing party’s Confidential Information as this Agreement, or (b) pursuant to the terms of a valid and effective subpoena or court order, provided that the receiving party immediately notifies the disclosing party (to the extent permitted) of the existence, terms and circumstances surrounding such a request so that the disclosing party may seek appropriate protective action. Neither party may use the other party's Confidential Information in any directly competitive manner or for any purpose other than to exercise its rights and comply with its obligations under this Agreement.
3.4 Return; Destroy; Protect. On the disclosing party’s request, the receiving party must return or destroy all Confidential Information of the disclosing party which has been supplied to or acquired by the receiving party other than: (a) records the receiving party has a separate legal right or obligation to retain; and (b) copies of Confidential Information created in the ordinary course of the receiving party’s business and retained in accordance with its internal document retention and information technology policies. To the extent the receiving party retains information disclosed by the disclosing party, the receiving party will continue to protect such information in accordance with Section 3.3: (x) for so long as it meets the definition of Confidential Information above; (y) if it constitutes a trade secret for so long as required under applicable law, and/or (z) if it constitutes personal data received from the disclosing party for so long as required by applicable law.
3.5 Customer Identification. Upon Customer’s prior written consent, Fivetran may identify Customer as a user of the Services and may use Customer’s name and logo in Fivetran’s customer list, press releases, blog posts, advertisements, and website.
4. PROPRIETARY RIGHTS
4.1 Ownership Rights. Customer owns all right, title and interest in and to the Customer Data as well as any data that is based on or derived from the Customer Data and provided to Customer as part of the Services, and all intellectual property rights related to any of the foregoing. Fivetran owns and retains all right, title and interest in and to (a) the Services and Software, all improvements, enhancements or modifications thereto, (b) any software, applications, inventions or other technology developed by or on behalf of Fivetran in connection with the Services, and (c) all intellectual property rights related to any of the foregoing.
4.2 Protection of Customer Data. Fivetran will maintain administrative, physical, and technical safeguards for protection of the security, confidentiality and integrity of Customer Data. Those safeguards will include, but will not be limited to, measures for preventing access, use, modification or disclosure of Customer Data by Fivetran personnel except (a) to provide the Services and to prevent or address service or technical problems, or (b) as Customer expressly permits in writing. To the extent applicable, Fivetran’s Data Protection Agreement (available at www.fivetran.com/data-protection-agreement) is incorporated by reference into this Agreement.
4.3 Removal of Customer Data. Upon termination or expiration of this Agreement, in the event Fivetran has any Customer Data, Fivetran shall delete all such Customer Data from its systems without retaining any copies thereof.
4.4 Injunction for Breach. The parties agree that damages would be an inadequate remedy in the event of a breach of Sections 3 or 4. Therefore, the parties agree that a party is entitled, in addition to any other rights and remedies otherwise available, to seek injunctive and other equitable relief in the event of a breach or threatened breach by the other party of Sections 3 or 4.
5. PAYMENT OF FEES
5.1 Calculation of Fees. Customer will pay Fivetran the applicable fees described in each Order Form (the “Fees”). Fees for committed prepaid subscriptions are identified on the initial Order Form. Fees for month-to-month plans are outlined in the terms attached to such plans. Except as otherwise provided herein all fees are noncancelable and nonrefundable. If Customer’s use of the Services exceeds the Services capacity set forth on the Order Form(s) or terms, or otherwise requires the payment of additional fees (per the terms of this Agreement), Fivetran will invoice Customer in arrears for such additional usage and Customer agrees to pay the additional Fees in the manner provided herein.
5.2 Payment Terms. Fivetran will bill for the Services through an invoice, through the marketplace where the original purchase was made, or directly through credit card if provided. Full payment for invoices issued in any given month must be received by Fivetran within 30 days after the issuance of the invoice (which may be sent by email). If Customer is paying by credit card, Customer represents and warrants that it has the right to use the credit card provided and grants Fivetran the right to provide the credit card information, including the credit card number, its expiration date and billing address, to third parties for the purposes of facilitating payment transactions. Verification of information may be required prior to the acknowledgment or completion of any payment transaction. Unpaid amounts are subject to a finance charge of 1.5% per month on any outstanding balance, or the maximum permitted by law, whichever is lower, plus all expenses of collection and may result in immediate termination of Services. Customer is responsible for any sales, use, value added, excise, property, withholding or similar tax and any related tariffs, and similar charges, except taxes based on Fivetran’s net income. If Customer is required to pay any such taxes, Customer shall pay such taxes with no reduction or offset in the amounts payable to Fivetran hereunder. If an applicable tax authority requires Fivetran to pay any taxes that should have been payable by Customer, Fivetran will advise Customer in writing, and Customer will promptly reimburse Fivetran for the amounts paid. If Customer believes that Fivetran has billed Customer incorrectly, Customer must contact Fivetran no later than 60 days after the date of the first billing statement in which the error or problem appeared, in order to receive an adjustment or credit. Inquiries should be directed to Fivetran’s customer support department. Without limiting its other remedies, Fivetran may suspend Services for nonpayment of fees.
6. TERM AND TERMINATION
6.1 Term. This Agreement will continue from the Effective Date until the earlier of: (a) the expiration of all Services subscriptions, (b) for month-to-month customers, until such date as a monthly plan is cancelled, or (c) termination pursuant to Section 6.2 below (together, the “Term”). Month-to-month plans will renew automatically each month and may be cancelled at any time on notice by either party to the other. If Customer uses all credits prior to the end of the subscription period listed on the Order Form, Customer will be billed in arrears according to the Order Form for any continued usage of the Services and consumption of credits in arrears. Each Services subscription will run for the subscription term specified in the applicable Order Form and will renew automatically on Fivetran’s then-current terms and conditions for one-year periods, unless a party provides notice of nonrenewal to the other part at least 30 days prior to expiration of the applicable. Fivetran will notify Customer in connection with any renewal to provide opportunity for notice and/or cancellation.
6.2 Termination for Cause. In addition to any other remedies it may have, (A) either party may terminate this Agreement upon written notice (or without notice in the case of nonpayment), if the other party (i) materially breaches any of the terms or conditions of this Agreement and fails to cure such breach within 30 days after written notice describing the breach; or (ii) files for bankruptcy or is the subject of an involuntary filing in bankruptcy (in the latter case, which filing is not discharged within 60 days) or makes an assignment for the benefit of creditors or a trustee is appointed over all or a substantial portion of its assets and (B) Fivetran may additionally terminate this Agreement and the Services (or any portion of the Services) (i) immediately and without notice if it has reason to believe Customer is violating Section 2 of this Agreement; or (ii) following notice, in the case a Customer has no more Credits available and has not transferred data using the Services for a consecutive 90 day period (each, “Termination for Cause”). In the case of Termination for Cause under Section 6.2(B)(ii), a Customer may revive its account by purchasing additional Credits or by recommencing data transfers (in which case, payment will be made in arrears according to the Order Form). Fivetran terminates this Agreement for Customer’s breach, Customer remains obligated to pay the balance due on Customer’s account for the remainder of the Term, computed in accordance with the applicable Order Form(s), and will be billed for such unpaid fees.
6.3 Survival. All sections of this Agreement which by their nature should survive termination will survive termination, including, without limitation, accrued rights to payment, confidentiality obligations, warranty disclaimers, and limitations of liability.
7. WARRANTIES AND DISCLAIMER
7.1 Authority. Each of Fivetran and Customer represents and warrants that: (a) it has the full right, power and authority to enter into and fully perform this Agreement; (b) the person signing this Agreement on its behalf is a duly authorized representative of such party who has in fact been authorized to execute this Agreement; (c) its entry herein does not violate any other agreement by which it is bound; and (d) it is a legal entity in good standing in the jurisdiction of its formation.
7.2 Services Warranty. Fivetran shall use reasonable efforts consistent with prevailing industry standards to maintain the Services in a manner which minimizes errors and interruptions in the Services and shall perform implementation and support Services in a professional and workmanlike manner.
7.3 FIVETRAN DOES NOT WARRANT THAT THE SERVICES WILL BE UNINTERRUPTED OR ERROR FREE; NOR DOES IT MAKE ANY WARRANTY AS TO THE RESULTS THAT MAY BE OBTAINED FROM USE OF THE SERVICES. EXCEPT AS EXPRESSLY SET FORTH IN THIS SECTION, THE SERVICES ARE PROVIDED “AS IS” AND FIVETRAN DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT.
8.1 By Fivetran. Fivetran will defend or settle any claims, actions and demands brought by third parties against Customer and Customer’s subsidiaries, affiliates, officers, directors, shareholders, employees, attorneys and agents (collectively “Indemnified Parties”) where the third party expressly asserts that the Software: infringes such third party’s trademark or copyright arising under the laws of the United States, or Fivetran misappropriated such third party’s trade secrets in the development of the Software (collectively, “Claims”). Customer must give written notice of the Claim to Fivetran promptly after Customer becomes aware of the Claim, and Fivetran’s indemnity obligations will be waived only if and to the extent that its ability to conduct the defense are materially prejudiced by this failure to give notice. The foregoing obligations do not apply with respect to portions or components of the Services (i) not supplied by Fivetran, (ii) made in whole or in part in accordance with Customer specifications, (iii) that are modified after delivery by Fivetran or combined with other products, processes or materials where the alleged infringement relates to such combination, (iv) where Customer continues the allegedly infringing activity after being notified thereof or after being informed of modifications that would have avoided the alleged infringement, or (v) where Customer’s use of the Services is not strictly in accordance with this Agreement. If, due to a claim of infringement, the Services are held by a court of competent jurisdiction to be or are believed by Fivetran to be infringing, Fivetran may, at its option and expense (x) replace or modify the Services to be non-infringing provided that such modification or replacement contains substantially similar features and functionality, (y) obtain for Customer a license to continue using the Services, or (z) if neither of the foregoing is commercially practicable, terminate this Agreement and provide Customer a refund of any prepaid, unused fees for the Services.
8.2 By Customer. Customer will indemnify, defend and hold harmless (by counsel reasonably satisfactory to Fivetran) Fivetran and its Indemnified Parties against all liabilities, damages, fines, judgments, settlements, costs or expenses (including reasonable attorney’s fees and disbursements) alleging that the Customer Data or its use has infringed the rights of or otherwise caused harm to a third party, or violated applicable law; provided that in any such case Fivetran gives written notice of the Claim to Customer promptly after Fivetran becomes aware of such Claim, and Customer’s indemnity obligations will be waived only if and to the extent that its ability to conduct the defense are materially prejudiced by this failure to give notice.
9. LIMITATION OF LIABILITY
9.1 NO CONSEQUENTIAL DAMAGES. IN NO EVENT SHALL EITHER PARTY OR ITS AGENTS AND SUPPLIERS (INCLUDING THEIR DIRECTORS, OFFICERS, EMPLOYEES, REPRESENTATIVES, AGENTS AND SUPPLIERS) BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL OR CONSEQUENTIAL DAMAGES, INCLUDING WITHOUT LIMITATION PROCUREMENT OF SUBSTITUTE PRODUCTS OR SERVICES OR LOSS OF PROFITS, REVENUE, DATA OR DATA USE, EVEN IF FIVETRAN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. NOTHING IN THIS AGREEMENT WILL LIMIT CUSTOMER’S LIABILITY FOR MISAPPROPRIATION OF FIVETRAN’S INTELLECTUAL PROPERTY RIGHTS IN THE SOFTWARE AND SERVICES.
9.2 DIRECT DAMAGES. THE AGGREGATE, CUMULATIVE LIABILITY OF EACH PARTY (INCLUDING ITS DIRECTORS, OFFICERS, EMPLOYEES, REPRESENTATIVES, AGENTS AND SUPPLIERS) UNDER THIS AGREEMENT SHALL BE LIMITED TO THE FEES PAID OR PAYABLE BY CUSTOMER TO FIVETRAN DURING THE TWELVE MONTH PERIOD PRIOR TO THE EVENT GIVING RISE TO ANY CLAIM, OR $100 IF CUSTOMER IS USING A TRIAL OF THE SERVICES. THE FOREGOING SHALL NOT LIMIT CUSTOMER’S PAYMENT OBLIGATIONS UNDER SECTION 5.
10.1 No Agency. No agency, partnership, joint venture, or employment is created as a result of this Agreement and neither party has any authority of any kind to bind the other party in any respect whatsoever to any third party.
10.2 Notices. All notices under this Agreement must be in writing and will be deemed to have been duly given when received, if personally delivered; when receipt is electronically confirmed, if transmitted by facsimile or e-mail; the day after it is sent, if sent for next day delivery by recognized overnight delivery service; and upon receipt, if sent by certified or registered mail, return receipt requested to each party at its respective address provided on the initial Order Form.
10.3 Enforceability. If any provision of this Agreement is adjudicated invalid or unenforceable, this Agreement will be amended to the minimum extent necessary to achieve, to the maximum extent possible, the same legal and commercial effect originally intended by the parties. To the extent permitted by applicable law, the parties waive any provision of law that would render any clause of this Agreement prohibited or unenforceable in any respect.
10.4 Force Majeure. If the performance of this Agreement or any obligations (other than payment obligations) hereunder is prevented or interfered with by any act or condition beyond the reasonable control of a party hereto, that party upon giving prompt notice to the other party shall be excused from such performance during such occurrence.
10.5 Assignment. This Agreement may not be assigned by either party without the other party’s consent, whether by operation of law or otherwise; provided that either party may assign this Agreement to its successor in the event of a merger, acquisition or sale of all or substantially all of the assets of such party. Any other purported assignment shall be void.
10.6 Integration. This Agreement is the complete statement of the mutual understanding of the parties and supersedes and cancels all previous written and oral agreements, communications and other understandings relating to the subject matter of this Agreement. This Agreement shall supersede the terms of any purchase order or other business form. If accepted by Fivetran in lieu of or in addition to Fivetran’s Order Form, Customer’s purchase order shall be binding only as to the following terms: (a) the Services ordered and (b) the appropriately calculated fees due. Other terms shall be void.
10.7 Amendment; Counterparts. Except as otherwise stated in this Section 10.7, no supplement, modification, or amendment of this Agreement shall be binding, unless executed in writing by a duly authorized representative of each party. No waiver will be implied from conduct or failure to enforce or exercise rights under this Agreement, nor will any waiver be effective unless in a writing signed by a duly authorized representative on behalf of the party claimed to have waived. This Agreement may be executed by written signature or electronically and delivered in multiple counterparts, including facsimile, PDF, or other electronic counterparts, all of which will constitute one and the same instrument and agreement. From time to time Fivetran may modify this Agreement. Unless another agreement between the parties supersedes this Agreement, changes become effective for Customer upon renewal of the then-current subscription term or entry into a new Order Form after the updated version of this Agreement goes into effect.
10.8 Governing Law and Jurisdiction; Attorney Fees. This Agreement shall be governed by the laws of the State of California without regard to its conflict of laws provisions. This Agreement shall not be governed by the United Nations Convention on Contracts for the International Sale of Goods or the Uniform Computer Information Transactions Act. Any legal action relating to this Agreement must be brought in the federal or state courts in the Northern District of California, U.S.A., and the parties agree to the exercise of jurisdiction by such courts. In the event of any action, suit or proceeding related to this Agreement, the prevailing party, in addition to its rights and remedies otherwise available, shall be entitled to receive reimbursement of reasonable attorney’s fees and expenses and court costs.
Fivetran will provide Technical Support to Customer via email 24 hours per day, seven days a week.
Customer may initiate a Helpdesk ticket 24 hours per day, seven days a week using Fivetran’s Support Form provided at www.fivetran.com/support. The Support Form is visible to Customer when logged in within the Fivetran interface (www.fivetran.com).
Fivetran will use commercially reasonable efforts to provide an initial response to any Helpdesk Ticket within one hour of creation time.
Fivetran offers the SLA available online at www.fivetran.com/consumption-sla, as applicable.
Updated Sept 17, 2020
For Standard and Enterprise Plan Level Customers, Fivetran guarantees that at least 99.9% of the time, the Core Services will be available and operational.
For Enterprise Plan Level Customers, for properly setup connector services, Fivetran guarantees to reliably load data on schedule at least 99.9% of the time.
This SLA applies to the (a) availability of Fivetran’s Core Services, and (b) Fivetran’s Data Delivery Services for connections to Customer data sources, both as described in this SLA. If Fivetran does not achieve and maintain the Service Levels for each Service as described in this SLA, then Customer may be eligible for a credit towards a portion of its monthly service fees. Any modifications to the terms of this SLA will not be effective during the initial term of Customer’s subscription; however, if Customer renews its subscription, the version of this SLA that is current at the time of renewal will apply throughout the renewal term. Fivetran will provide at least 90 days’ notice for adverse material changes to this SLA.
“Applicable Monthly Service Fees” - means the total fees actually paid by Customer for a Service that are applied to the month in which a Service Credit is owed. For Data Delivery Services, this will be each individual service affected by Downtime, for example a specific connector like Salesforce, or Mailchimp.
“Monthly Pipeline Minutes” - All of the minutes that a single Fivetran pipeline is turned on or activated during the month of a Downtime.
"Service Credit" - is the percentage of the Applicable Monthly Service Fees credited to Customerfollowing Fivetran’s claim approval.
“Service Credit Percentage” means for every hour of Downtime, the percentage of the Applicable Monthly Service Fees applied back to the Customer in the form of Service Credits.
Customer must submit claims to Fivetran customer support at support.fivetran.com along with all information necessary for Fivetran to validate each claim, including: (i) a detailed description of the incident; (ii) information regarding the time and duration of the Downtime; (iii) the number and location(s) of affected users (if applicable); and (iv) descriptions of Customer’s attempts to resolve the incident.
Fivetran must receive the claim within two months of the end of the month in which the incident occurred. Fivetran will evaluate all reasonably available information and make a good faith determination of whether a Service Credit is owed. Fivetran will use commercially reasonable efforts to process claims within 45 days of receipt. Customer must be in compliance with the Agreement to be eligible for Credits. If a Service Credit is owed to Customer, Fivetran will apply the Service Credit to Customer’s subsequent service term or to any additional Services added during the current term.
If Customer experiences Downtime for multiple Services, they must submit a separate claim for each Service. For example, if Customer experienced Downtime for both Salesforce Data Replication and MySQL Data Replication, Customer could be eligible for two separate Service Credits for Data Delivery (one for each Service), by submitting two claims under this SLA. Service Credits are Customer’s sole remedy for performance or availability issues for any Service under the Agreement and this SLA.
Service Credits are Customer’s sole and exclusive remedy for any performance or availability issues for any Service under the Agreement and this SLA. Customer may not unilaterally offset Applicable Monthly Service Fees for any performance or availability issues.
Service Credits for Core Services that are given for Downtime for Core Services experienced may not be redeemed for cash and may not exceed 25% of the total monthly fees paid to Fivetran in the month that the incident occurred, and may not exceed 10% of annualized fees paid for the current term. These lower limits are due to the fact that Data Delivery services can still perform while the API, or Web Application are experiencing downtime. Service Credits will be credited to Customer’s account in the form of Fivetran Credits at Customer’s current plan level.
Note: With Fivetran, not all Core Services are directly correlated with Data Delivery Services. For example, Fivetran’s Web Application, and APIs could be down and Fivetran could still be delivering data on schedule. In addition, Fivetran’s replication servers could be available, but data is not being delivered due to load errors, source API issues, etc.
If one Core Service has Downtime, Customer will receive a Service Credit as outlined above even if the other Core Services are working. If more than one Core Service is down concurrently, the Customer will receive the same Service Credit, not multiple credits.
Service Credits for Data Delivery may not be redeemed for cash, and may not exceed 50% of the total monthly fees paid to Fivetran for the affected connector in the month that the incident occurred. Service Credits will be credited to Customer’s account in the form of Fivetran credits at Customer’s current plan level.
Downtime does not include Service unavailability due to the following:
Maintenance requested by Customer, scheduled maintenance or unscheduled emergency maintenance, either by Fivetran or by third-party providers. Fivetran will provide seven days’ advance notice in writing or by e-mail of scheduled maintenance, not to exceed 24 hours per month.
Failure of equipment, software or other parts of the Services not listed as a Core Service or Data Delivery Service.
Outages of third party connections or utilities or other reasons beyond Fivetran’s reasonable control.
If Fivetran’s cloud vendor (GCP, or AWS) experiences downtime, Customer does not accrue Downtime for Core Services during this downtime period.
The Customer uses equipment, software or Services in a way that is not recommended by Fivetran.
The Customer has delayed, hindered or prevented Fivetran from providing Services, such as removing Fivetran’s access to Customer data sources or warehouses.
The Service has become unavailable as a result of unsupported equipment, software or other third-party services which are not fully functional, which includes but is not limited to undocumented API changes, API limits, or sync failures due to new or changed data that disrupts the schema mapping rules.
Customer’s breach of any of its agreements with Fivetran, or Fivetran’s responses thereto.
The Service is a private preview or beta release or other pre-production release of a component of the Services.
Fivetran offers an Uptime SLA for Core Services for Customers who purchase a pricing plan that includes this option as specified on Customer’s executed Order Form.
“Core Services” - means following Core Services, with their Monthly Uptime Percentage, and Service Credit Percentages are applicable to Customers who have purchased Core Service SLA:
|CORE SERVICE||DESCRIPTION||MONTHLY UPTIME PERCENTAGE||SERVICE CREDIT PERCENTAGE|
|Web Application||Fivetran’s web application for accessing, viewing, and controlling Fivetran services.||99.9%||1%|
|API||Fivetran’s REST API for programmatically controlling Fivetran services.||99.9%||1%|
|Replication Servers||Fivetran’s replication servers that run Fivetran data replication services.||99.9%||1%|
“Downtime” - When a Core Service, described below in the table in Monthly Uptime Percentage, is unavailable. For example, for Fivetran’s Web Application, if a user tries to access it and receives a 404 page, or the application will not load it is considered unavailable. Downtime is measured in minutes.
"Maximum Available Monthly Minutes" - is the absolute maximum number of Monthly Pipeline Minutes across all of Customer’s Services, that is not to exceed the total minutes in an average month (43,000).
For example, if Customer has two pipeline services, Salesforce, which ran for a total of 30,000 minutes, and Marketo, which ran for 23,000, Customer’s Maximum Available Monthly Minutes would equal 30,000.
”Monthly Uptime Percentage” - for Core Services is calculated as Maximum Available Monthly Minutes less Downtime divided by the Maximum Available Monthly Minutes. Monthly Uptime Percentage is represented by the following formula:
MONTHLY UPTIME % = (MAXIMUM AVAILABLE MINUTES - DOWNTIME) / MAXIMUM AVAILABLE MONTHLY MINUTES
Uptime for Core Services is monitored via status.fivetran.com.
”Service Credit Calculation” - If a service is considered to be down longer than the Monthly Uptime Percentage, and if Customer has purchased Fivetran’s Uptime SLA, Customer will accrue Service Credits. Service Credits for Core Services is represented by the following formula:
SERVICE CREDITS = DOWNTIME * APPLICABLE MONTHLY SERVICE FEES * SERVICE CREDIT PERCENTAGE
In April, Customer uses a total of 100 Fivetran Credits, costing a total of $100 (Applicable Monthly Service Fees). During that month Fivetran’s Web Application was unavailable for 4.27 hours due to a server failure. For every hour of the 4.27 hours of Downtime that Core Services experienced, Customer is credited back 1% of the $100 against Customer’s usage of Fivetran services in May or future months for a total of $4.27.
$4.27 (Service Credits) = 4.27 Hours (Downtime for Core Services ) * $100 (Application Monthly Service Fees) * 1% (Service Credit Percentage)
Fivetran offers a Data Delivery SLA for Customers who purchase a pricing plan that includes this option as specified on Customer’s executed Order Form.
“Allowed Downtime Interval” - 12 hours is added to the Normal Update Time for Fivetran to successfully sync a connector before Customer starts accruing Downtime. A Data Delivery SLA is a guarantee that Fivetran will load data on a regular interval, which is defined as the combined total time of the Normal Update Time added onto the Allowed Downtime Interval.
“Data Delivery Services” – means any data connectors that are loading data through Customer’s Fivetran account. Customer’s connectors are only included in this SLA if Customer has purchased the Data Delivery SLA for its current term.
For a Service to be covered by this Data Delivery SLA, each table from a data source must be proven capable of syncing to Customer’s target warehouse by: successfully syncing the initial data load, and then successfully syncing the fewer times of 48 incremental successful loads (approximately 2 days of syncs based on average 1 hour sync intervals) or 5 consecutive days of incremental successful loads.
The following types of Data Delivery Services, with their Monthly Uptime Percentage, and Service Credit Percentages are applicable to Customers who have purchased Fivetran’s Data Delivery SLA:
|DATA DELIVERY SERVICE||DESCRIPTION OF SERVICES||MONTHLY UPTIME PERCENTAGE||SERVICE CREDIT PERCENTAGE|
|File Storage Connectors||
|Email & Event Connectors||
“Downtime” - Downtime for Data Delivery will begin to accrue after the service has not been successfully loading data into Customers target destination for the length of the Normal Update Time plus the Allowed Downtime Interval. The Allowed Downtime Interval for Data Delivery Services is 12 hours + the connector’s Normal Update Time, which can be found on a rolling 30 day average within the Fivetran dashboard.
For example, if the affected connector’s Normal Update Time was 2 hours, then the Allowed Downtime Interval would be 12 + 2 = 14 hours, and the Customer would not start accruing Downtime until 14 hours after data loading stopped. In order to be eligible for downtime, the connection must (a) be completely broken / not loading data at all, or (b) more than 15% of tables do not load during the Normal Update Time for the Service.
”Monthly Uptime Percentage” - for Data Delivery Services is calculated as Monthly Pipeline Minutes for the affected connector less Downtime divided by Monthly Pipeline Minutes for that affected connector. Monthly Uptime Percentage is represented by the following formula:
MONTHLY UPTIME % = (MONTHLY PIPELINE MINUTES - DOWNTIME) / MONTHLY PIPELINE MINUTES
Downtime for Data Delivery is monitored via Fivetran logs at fivetran.com/dashboard or via the Fivetran Log Connector or via Fivetran’s log service that exports service logs to Customer’s designated log service, such as AWS Cloudwatch.
“Service Credit Calculation” - If a service is considered to be down longer than the Monthly Uptime Percentage, if Customer has purchased Fivetran’s Uptime SLA, Customer will accrue Service Credits. Service Credits are calculated as:
SERVICE CREDITS = DOWNTIME * APPLICABLE MONTHLY SERVICE FEES * SERVICE CREDIT PERCENTAGE
In April, Customer consumed 417 Fivetran Credits to load data for Customer’s Salesforce connector service, costing $417 (Applicable Monthly Service Fees). During that month Customers Salesforce connector experienced a loading error, and was unable to load data for 16.7 hours past the Allowed Downtime interval and the Normal Update Time. For every hour of the 16.7 hours of Downtime experienced for Customer’s Salesforce Connector, Customer is credited back 0.25% of the $417 against Customer’s usage of Fivetran services in May or future months for a total of $17.40.
$17.40 (Service Credits) = 16.7 Hours (Downtime) * $417 (Application Monthly Service Fees) * 0.25% (Service Credit Percentage)
“Normal Update Time” – the average time between successful syncs over the previous 14 days, as specified on the connector page within the Fivetran application dashboard. Normal Update Time is not available until there have been 48 successful incremental loads.
Fivetran collects information from individuals who visit Fivetran’s web site(s) (“Visitors”) and individuals who register to use the Services (“Customers”).
When requesting information about the Services or registering to use the Services, Fivetran requires you to provide Fivetran with personal contact information, such as name, company name, address, phone number, and email address. All information you provide to Fivetran that can be directly or indirectly identified used to identify you is referred to as “Personal Data”.
In addition to the information you provide, when you use the Services Fivetran may also collect information through our automatic data collection tools, which may include web beacons, cookies, embedded web links, and other commonly used information-gathering tools (“Data Tools”). These tools collect certain standard information that your browser sends to the Services such as your browser type and language, access times, and the address of the website from which you arrived at a Fivetran website. They may also collect information about your Internet Protocol (IP) address, clickstream behavior (i.e. the pages you view, the links you click, and other actions you take in connection with the Services) and product information. Fivetran may also use some of these Data Tools in emails sent from Fivetran and therefore may collect information using these tools when you open the email or click on a link contained in the email.
Fivetran may also contract with third-party advertising networks that collect non-personally identifiable information and Personal Data through Fivetran’s web site and emails and on third-party web sites. Ad networks follow your online activities over time by collecting usage data through Data Tools. They use this information to provide advertisements about products and services tailored to your interests. You may see these advertisements on other web sites. This process also helps us manage and track the effectiveness of Fivetran’s marketing efforts. You may opt out of display advertising partners’ targeted advertising using the following links: http://www.aboutads.info/choices/, http://www.networkadvertising.org/choices/ and http://www.youronlinechoices.eu/ if located in the European Union.
Fivetran tracks your use of the Services over time. Fivetran does not track you across third-party websites and therefore Fivetran does not respond to Do Not Track signals in these circumstances. However, some third-party sites do keep track of your browsing activities when they serve you content. If you are visiting such sites, many browsers will allow you to set Do Not Track signals so that third parties know that you do not want to be tracked.
Fivetran uses Personal Data to perform the Services requested, including:
To respond to your requests for information, products, or services, and to provide customer service and support.
To administer your account if you are a Customer.
To enable your access and use of the Services.
To send you technical notices, updates, security alerts, and support and administrative messages.
To inform you about Fivetran products and services.
For legal compliance, such as to enforce Fivetran’s legal rights, to comply in good faith with applicable laws, and to protect users of the Services.
For other general business purposes, such as to provide, operate, maintain, make modifications to and improve the Services, and for marketing, advertising, research and development.
For other purposes about which Fivetran notifies you.
Fivetran does not share, sell, rent, or trade Personal Data with third parties for their promotional purposes.
Fivetran may share Personal Data with: (a) Fivetran’s subsidiaries and affiliated companies; (b) subcontractors and other third party service providers; (c) auditors or advisers of our business processes; and (d) potential purchasers or investors in the company.
Fivetran may share Personal Data if you provide prior consent to do so.
To facilitate Fivetran’s global operations, Fivetran may transfer and access Personal Data from around the world, including the United States. This Privacy Statement shall apply even if Fivetran transfers Personal Data to other countries.
If you are a resident of a country that provides you with the right to request a copy of the Personal Data Fivetran holds about you and/or to correct any inaccuracies within such data, and Fivetran is required by applicable laws to respond to such requests, then you may address such requests to the contact information provided in the “Contact Us” section below. Fivetran will use reasonable efforts to supply, correct or delete information that we hold about you or to advise you if we are not required by applicable laws to comply with such requests.
Customers may update or change their registration information by logging in to their accounts at https://fivetran.com. Requests to access, change, or delete your information will be handled within 30 days.
Customers cannot opt out of receiving transactional emails related to their account with Fivetran or the Services.
Subject to certain limitations, the California Consumer Privacy Act (“CCPA”) provides California consumers the right to request to know more details about the categories or specific pieces of personal information Fivetran collects (including how Fivetran uses and discloses this information), to delete their personal information, to opt out of any “sales” that may be occurring, and to not be discriminated against for exercising these rights. If you are a resident of California (or another jurisdiction that provides comparable rights) and would like to make a request, please contact Fivetran at the address listed, below. Fivetran does not sell the personal information it collects to third parties for money or any other consideration, as that term is generally understood.
Fivetran is hosted on leading cloud service providers (linked on our security page at https://fivetran.com/docs/security#physicalandenvironmentalsafeguards) and uses industry-standard security protocols to protect Personal Data. Personal Data is stored on private servers in a protected security group. All connections between the end user and our servers are encrypted with SSL, and server software is kept continuously up to date with the latest security patches.
Fivetran‘s accountability for Personal Data that it receives under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, Fivetran remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the Personal Data on its behalf do so in a manner inconsistent with the Principles, unless Fivetran proves that it is not responsible for the event giving rise to the damage.
If you have an unresolved privacy or data use concern that Fivetran has not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (at no cost to you) at https://www.jamsadr.com/eu-us-privacy-shield.
For any Privacy Shield disputes that cannot be resolved by the methods above, you may be able to invoke a binding arbitration process under certain conditions. To find out more about the Privacy Shield’s binding arbitration scheme, please see: https://www.privacyshield.gov/article?id=ANNEX-I-introduction.
The Federal Trade Commission has investigation and enforcement authority over Fivetran’s compliance with the Privacy Shield.
The Services are not directed to, nor intended to be used by, individuals under the age of 13. Fivetran does not knowingly collect personal information from individuals under the age of 13. If you become aware that an individual under the age of 13 has provided us with personal information, please contact us immediately as described below. If we become aware that an individual under the age of 13 has provided us with personal information, we will take steps to delete such information.
Residents of California and residents of certain other jurisdictions may request certain details, pursuant to applicable laws, about how their information is shared with third parties for direct marketing purposes. If you are a resident of one of these jurisdictions, and would like to make such a request, please contact us as described below.
v1.9 Updated April 12, 2021
This Data Processing Agreement (the “DPA”) is executed as of the latest signed date by both parties below (the “DPA Effective Date”) between Fivetran, Inc. (“Fivetran”) and Customer defined below (“Customer”). Capitalized terms have the meanings provided in the MSA (defined below) except as provided here.
WHEREAS, Fivetran and Customer are parties to a Master Subscription Agreement (the “MSA”) regarding Customer’s trial and/or subscription to Fivetran’s Services; and
WHEREAS, Fivetran and Customer wish to enter this DPA, which will supplement certain provisions of the MSA regarding the parties’ security and data protection obligations.
NOW THEREFORE, the parties agree as follows:
1.1 “Breach” means a breach of security by Fivetran that results in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Data stored in the Services.
1.2 “CCPA” means the California Consumer Privacy Act, its associated regulations and their successors.
1.3 “Controller”, “Processor”, “Data Subject” and “Process” (whether or not capitalized) have the meanings ascribed to them by GDPR (as defined below) and include equivalent terms in the CCPA and other applicable laws, in each case as applicable to the Services provided by Fivetran under the MSA.
1.4 “Customer Data” means all data provided by Customer to Fivetran to enable the provision of the Services.
1.5 “Data Protection Laws” means GDPR, UK GDPR, CCPA and all other laws and regulations applicable to the Processing of Personal Data under the MSA within the United States, European Union, the European Economic Area and their member states, Switzerland and the United Kingdom.
1.6 “GDPR” means the General Data Protection Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
1.7 “Personal Data”: (a) has the meaning provided in Data Protection Laws in reference to residents of the European Economic Area, Switzerland and the United Kingdom, (b) means Personal Information as defined in the CCPA in reference to California residents, and (c) in reference to residents of other jurisdictions incorporates equivalents terms under other laws applicable to the Services.
1.8 “Standard Contractual Clauses” means the Standard Contractual Clauses for the Transfer of Personal Data to Processors Established in Third Countries approved by EC Commission Decision of 5 February 2010 or any successor clauses adopted in accordance with GDPR. For purposes of the Standard Contractual Clauses Customer is the data exporter, Fivetran is the date importer, and the information required by Appendices 1 and 2 is described in Appendices 1 and 2 of this DPA.
1.9 “UK GDPR” means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data as it forms part of the law of England and Wales, Scotland and Northern Ireland by virtue of section 3 of the European Union (Withdrawal) Act of 2018.
2. Handling of Customer Data.
2.1 General Processing Conditions. Fivetran will only process Customer Data in order to perform its obligations under the MSA or with Customer’s prior written consent.
2.2 Processing in Accordance with EU and UK Law. Customer may be the controller of Personal Data or a processor. Fivetran will act as a processor or sub-processor, as appropriate. Each party will comply with the obligations that apply to it under Data Protection Laws. Fivetran will promptly inform Customer if it becomes aware that processing requested by Customer infringes Data Protection Laws.
2.3 Processing in Accordance with California Law. In accordance with the CCPA, and with respect to Personal Data to which CCPA applies: (a) Fivetran will not “sell” (as defined in the CCPA) any Personal Data; and (b) Fivetran will not collect, share or use any Personal Data except as necessary to perform services for Customer.
2.4 Local Implementation Agreement. If and when necessary to accommodate laws, regulations, and/or local business requirements in a particular country outside the United States, European Union, the European Economic Area and their member states, Switzerland and the United Kingdom, the parties may enter into a Local Implementation Addendum covering additional requirements under such laws that are not already addressed in the MSA or this DPA.
2.5 Confidentiality of Processing. Fivetran will treat Customer Data as Customer’s Confidential Information (as that term is defined in the MSA). Fivetran will protect the Customer Data in accordance with the confidentiality obligations under the MSA.
2.6 Cooperation and Data Subjects' Rights. Fivetran will provide reasonable and timely assistance to Customer (at Customer's expense) to enable Customer to respond to: (a) any request from a data subject to exercise any of its rights under Data Protection Laws (including rights of access, correction, objection, erasure and data portability, as applicable); and (b) any other correspondence, enquiry or complaint received from a data subject, regulator or other third party in connection with the processing of the Customer Data. If any such request, correspondence, enquiry or complaint is made directly to Fivetran, Fivetran will promptly inform Customer providing full details of the same.
2.7 Customer Data Return and Disposal. Within 30 days after a written request by Customer or the termination or expiration of the MSA, Fivetran will: (a) if requested by Customer, provide Customer with a copy of any Customer Data in Fivetran’s possession that Customer does not already have; and (b) securely destroy all Customer Data in Fivetran’s possession in a manner that makes such Customer Data non-readable and non-retrievable. Notwithstanding the foregoing, Fivetran may retain copies of Customer Data: (x) to the extent Fivetran has a separate legal right or obligation to retain some or all of the Customer Data; and (y) in backup systems until the backups have been overwritten or expunged in accordance with Fivetran’s backup policy.
2.8 International Transfers. Fivetran shall not transfer the Data outside of the European Economic Area ("EEA") unless it has taken such measures as are necessary to ensure the transfer is in compliance with applicable Data Protection Laws. Without prejudice to the foregoing, Customer consents to transfers outside of the EEA where Fivetran has implemented a transfer solution compliant with Data Protection Laws, which for example may include: (a) where such transfer is subject to an adequacy decision by the European Commission; (b) the Standard Contractual Clauses, which are incorporated herein by reference; (c) another appropriate safeguard applies pursuant to Article 46 of the GDPR or other provisions of Data Protection Laws; or (d) a derogation pursuant to Article 49 of the GDPR.
2.9 Subprocessing. Customer consents to Fivetran engaging Fivetran affiliates and third party sub-processors to process Personal Data to carry out Fivetran’s obligations under the MSA. Fivetran will maintain an up-to-date list of its sub-processors on its website, which it will update with details of any change in sub-processors at least 10 days prior to any such change, thereby giving Customer the opportunity to object to such changes. Fivetran will impose data protection terms on any sub-processor it appoints as required to protect Personal Data equivalent to those imposed on Fivetran in this DPA.
2.10 Data Protection Impact Assessment. Fivetran will provide reasonable cooperation to Customer (at Customer's expense) in connection with any data protection impact assessment that Customer may be required to perform under Data Protection Laws.
3. Fivetran Security Measures.
3.1 Audit. The audit requirements under Data Protection Laws will be satisfied as follows. On Customer’s request and subject to the confidentiality obligations set forth in the MSA or an appropriate NDA in the case of third parties, Fivetran will make available to Customer a summary of its most recent SOC 2 audit report. Not more than once per year, Fivetran will also respond to a Customer security questionnaire and meet by teleconference or in person (at Customer’s expense) to address follow up questions. In addition, Customer may contact Fivetran to request an on-site audit, not more than once per year, of the procedures relevant to the protection of Personal Data. Before the commencement of any such on-site audit, Customer and Fivetran shall mutually agree upon the scope, timing, and duration of the audit and the reimbursement rate for any travel or other expenses Fivetran incurs in the course of such audit. All reimbursement rates shall be reasonable, taking into account the resources expended by Fivetran. Customer shall promptly notify Fivetran with information regarding any non-compliance discovered during the course of an audit.
3.2 Fivetran Security Responsibilities. Fivetran will: (a) use procedural, technical, and administrative safeguards on its Services designed to ensure the confidentiality, security, integrity, availability, and privacy of Customer Data when cached by the Services and in transit between Customer’s data sources and target systems; and (b) protect against any unauthorized processing, loss, use, disclosure or acquisition of or access to Customer Data via the Services.
3.3 Personnel Background Checks. Prior to engaging any employee or contractor who may receive access to Customer Data Fivetran will conduct a criminal history background check (modified as appropriate to comply with applicable law in countries outside the United States) covering the five-year period prior to the employment commencement date of such employee.
4. Customer Security Measures.
Without limiting Fivetran’s obligations in this DPA and the MSA, Customer acknowledges it is responsible for determining how to connect the Services to Customer’s data sources and data warehouses. Notwithstanding any other provision of this DPA, the MSA or any other agreement related to the Services, Fivetran will have no obligations or liability as to any loss resulting from: (a) Customer’s environment, source and target data repositories, systems or software, or (b) Customer’s security configuration or administration of the Services. In particular:
4.1 Customer Responsibilities. Customer is responsible for security relating to its environment, particularly its source systems and target warehouse, and security relating its configuration of the Services. This includes implementing and managing procedural, technical, and administrative safeguards on its systems and networks sufficient to: (a) ensure the confidentiality, security, integrity, and privacy of Customer Data while in the source and target systems; and (b) protect against breaches of Customer Data.
4.2 Appropriate Permissioning. Customer is solely responsible for provisioning users on the Services, including: (a) methods of authenticating users (such as industry-standard secure username/password policies); (b) managing admin privileges; (c) deauthorizing personnel who no longer need access to the Services; (d) setting up any API usage in a secure way; and (e) regularly auditing any public access links users create and restricting the permission to create public links, as necessary.
4.3 Fivetran Permission to Access Customer Data Sources. In order to use the Services, Customer must authorize the Services to access Customer’s databases or source systems. When granting authorization, Customer should follow the principle of least privilege to Customer database information, especially by granting no more than read-only access to database data.
5. Personal Data Breach Notification and Resolution.
5.1 Breach Notice. Fivetran will notify Customer via email of any confirmed Breach by email to the notice email address on the signature page below, or Customer’s principal contact for the Services if none is provided, without undue delay after Fivetran’s discovery or notification of a Breach. Fivetran will further take reasonably necessary measures to remedy or mitigate the effects of the Breach and will keep Customer informed of all material developments in connection with the Breach.
5.2 Cooperation. Fivetran will provide reasonable information and cooperation to Customer so that Customer can fulfil any data breach reporting obligations it may have under (and in accordance with the timescales required by) applicable law.
6.1 Construction; Interpretation. This DPA is not a standalone agreement and is only effective if a MSA is in effect between Fivetran and Customer. This DPA is part of the MSA and is governed by its terms and conditions, including limitations of liability set forth therein. This DPA and the MSA are the complete and exclusive statement of the mutual understanding of the parties and supersede and cancel all previous written and oral agreements and communications relating to the subject matter hereof. Headings contained in this DPA are for convenience of reference only and do not form part of this DPA.
6.2 Severability. If any provision of this DPA is adjudicated invalid or unenforceable, this DPA will be amended to the minimum extent necessary to achieve, to the maximum extent possible, the same legal and commercial effect originally intended by the parties. To the extent permitted by applicable law, the parties waive any provision of law that would render any clause of this DPA prohibited or unenforceable in any respect.
6.3 Amendment; Enforcement of Rights. No modification of or amendment to this DPA, nor any waiver of any rights under this DPA, will be effective unless in writing signed by the parties to this DPA. The failure by either party to enforce any rights under this DPA will not be construed as a waiver of any rights of such party.
6.4 Assignment. This DPA may be assigned only in connection with a valid assignment pursuant to the MSA. If the MSA is assigned by a party in accordance with its terms, this DPA will be automatically assigned by the same party to the same assignee.
6.5 Governing Law. This DPA will be governed by and construed in accordance with the laws of the jurisdiction governing the MSA unless otherwise required by GDPR or Data Protection Laws, in which case this DPA will be governed by the laws of the Republic of Ireland.
6.6 Counterparts. This DPA may be executed and delivered by facsimile or electronic signature and in two or more counterparts, each of which will be deemed an original, but all of which together will constitute one and the same instrument.
Appendix 1: Description of Data Processing
The data processing activities carried out by Fivetran under the MSA may be described as follows:
Subject Matter and Purpose
The personal data transferred will be subject to the following basic processing activities:
Fivetran will process Customer personal data in order to facilitate migration of data from Customer’s data sources into Customer’s data warehouse.
The personal data transferred concern the following categories of data subjects:
Customer’s employees and consultants who use Fivetran’s Service.
Individuals whose personal data is stored in Customer’s data sources and processed by Fivetran.
Categories of personal data
The personal data transferred concern the following categories of data:
Fivetran may have access to personal data of Customer’s employees and consultants who use Fivetran’s Service.
Fivetran may have access to personal data of Individuals whose personal data is stored in Customer’s data sources.
The types of personal data processed are determined by Customer and may include without limitation: Name, Email address, Physical address, IP-address and other online identifiers, Date of birth, Telephone/mobile number, Location Data.
Special categories of data (if appropriate)
The personal data transferred concern the following special categories of data:
Appendix 2 Technical and Organizational Security Measures
Description of the technical and organisational security measures implemented by Fivetran in accordance with Data Protection Laws:
Fivetran security measures can be found on our website at https://fivetran.com/docs/security
Security measures include:
Transport layer security
All data is transmitted to or from Fivetran over an encrypted protocol using industry-standard cryptographic protocols (TLS 1.2+)
Fivetran redirects unencrypted requests (HTTP) to an encrypted protocol (HTTPS)
Physical & Environmental Security
The Fivetran services are hosted in Google Cloud Platform (GCP) and Amazon Web Services (AWS). Hosting providers maintain physical & environmental security protections including:
Physical access is restricted to approved employees based on the principle of least privilege
Multi-factor authentication when approved personnel access facilities
Closed Circuit Television Camera (CCTV) video recording of access points
Fire detection and suppression systems
Redundant infrastructure for power, networking, and cooling
Logical Access controls
Logical access to the Fivetran services is restricted to employees based on the principle of least privilege. All access is formally approved and require multi-factor authentication.
Access is removed in the event of employee termination or if the employee changes roles and no longer requires access, as well as being reviewed on a quarterly basis
Access activity is logged in centralized logging infrastructure and protected from tampering.
Fivetran completes an annual, independent SOC 2 Type 2 audit of its facilities, networks, and systems. On Data Exporter’s request, Fivetran will provide the results of the audit.
Processing of customer data
Data pipes for each customer are managed separately within the host environment. Except as described at https://fivetran.com/docs/security#retentionofcustomerdata Fivetran does not store customer data, other than while in transit. Access information to customer resources required for data pipe functionality is logically separated within the host storage facility GCP or AWS.
Fivetran does not control the host physical infrastructure. Fivetran relies on the fault-tolerant nature of GCP and AWS across multiple availability zones, and can redeploy the platform to another region in case of catastrophic failure.
Except as described at https://fivetran.com/docs/security#retentionofcustomerdata, Fivetran will process Customer Data within the region specified by the Customer during configuration of the data pipe. Current geographic regions supported by Fivetran are found here: https://fivetran.com/docs/getting-started/ips.
What is a cookie?
A cookie is a small text file that is placed on your hard drive by a web page server. Cookies contain information that can later be read by a web server in the domain that issued the cookie to you. Some cookies are required in order for our Websites to work, and others may be disabled. You can find out more about each cookie by viewing our current cookie list below. We update this list quarterly, so there may be additional cookies that are not yet listed.
Fivetran may use web beacons, tags, flash cookies, HTML5, and scripts (“Data Tools”) in the Websites or in emails to help deliver cookies, count visits, understand usage and campaign effectiveness and determine whether an email has been opened and acted upon. Fivetran may receive reports based on the use of these technologies by our service/analytics providers on an individual and aggregated basis.
If you want to learn more about cookies, or how to control, disable or delete them, please visit http://www.allaboutcookies.org for detailed guidance. For further information on how to manage Flash cookies please click here.
Cookies collect certain standard information that your browser sends to the Websites such as your browser type and language, access times, and the address of the website from which you arrived at a Website. They may also collect information about your Internet Protocol (IP) address, clickstream behavior (i.e. the pages you view, the links you click, and other actions you take when you use the Websites) and product information. These are called first party Cookies and they are essential to the Websites’ operation.
Fivetran may also contract with third-party advertising networks that collect non-personally identifiable information and personal data through the Websites and emails and on third-party web sites. Ad networks follow your online activities over time by collecting usage data through Data Tools. They use this information to provide advertisements about products and services tailored to your interests. You may see these advertisements on other web sites. This process also helps us manage and track the effectiveness of Fivetran’s marketing efforts.
We use third-party advertising companies to display ads on the Websites tailored to your individual interests based on your internet activity, as well as to provide advertising-related services such as ad delivery, reporting, attribution, analytics, and market research. You can manage your preferences with regards to the receipt of tailored advertisements in the cookie settings described below. Please note if these cookies are switched off, you will continue to see advertisements, but they will no longer be tailored to your interests.
How to disable cookies
You can change your browser settings to control what cookies the browser stores. If you elect not to activate a cookie or to later disable cookies, you may still visit our Websites, but your ability to use some features or areas may be limited.
You may opt out of display advertising partners’ targeted advertising using the following links:
http://www.aboutads.info/choices/ and http://www.networkadvertising.org/choices/ if located in the United States
http://www.youronlinechoices.eu/ if located in the European Union.
To see information about opt-out choices for mobile devices, visit http://www.networkadvertising.org/mobile-choices.
In addition, certain third party advertising networks, including Google, permit users to opt out of or customize preferences associated with your internet browsing. To learn more about this feature from Google, click here.
Cookies we use
We may use any of the following categories of cookies on the Websites as detailed below.
Updating This Policy
If there are any material changes to this policy, we will notify you by the posting of a prominent notice on our Websites prior to the change becoming effective. We encourage you to periodically review this page for the latest information on the policy. Your continued use of the Websites constitutes your agreement to be bound by such changes to this policy. Your only remedy, if you do not accept the terms of this Policy, is to discontinue use of and access to the Websites.
If you have questions or concerns regarding this policy or about Fivetran’s privacy practices, please contact us by email at privacy@Fivetran.com, or at:
Fivetran, Inc. Attn: Chief Privacy Officer 405 14th St., Floor 11 Oakland, CA 94612 United States privacy@Fivetran.com
Updated November 23, 2020
The Fivetran Service is an automated cloud data pipeline (“Connectors”) provided by Fivetran Inc. (“Fivetran”, “we”, “us”, “our”) to Fivetran customers (each a “Customer”, “you”, “your”) as a service which consumes data from various sources and centralizes this data into a specific destination. The Fivetran Service is available in several different plans (“Plans”) and hosted in different geographical regions (“Regions”) by certain third-party cloud providers (“Cloud Providers”), as described more fully in your agreement with Fivetran (“Agreement”).
Account: The customer’s paid account on the Fivetran Service. An account may have multiple connectors and destinations. A customer may have multiple accounts.
Billing Period: A calendar month running from the first to the last day of the month. For Customers whose Plans begin midway or partially through a given Billing Period, bills may be pro-rated.
Capacity Purchase: A subscription-based plan which requires an annual upfront purchase of Credits in bulk.
Credit: Usage of the Fivetran Service is charged on the basis of “Credits” which are purchased and which provide value based on the MAR Threshold, as set forth on the Service Consumption Table, and the actual number of MARs used by the Customer in a given Billing Period.
Destination: A destination is a warehouse or database where the data is delivered.
Effective Credits: The average number or conversion price in Credits of the million MAR at the MAR Threshold for the month in question.
Incremental Credits: The average number or conversion price in Credits for the next million MAR (or portion of the next million MAR) after the MAR Threshold has been met for the month in question.
Initial Historical Sync: The first time that a connector completes a historical sync.
Monthly: A plan which is not subscription based, whereby a Customer is billed monthly in-arrears for Credits used during the prior monthly period. Monthly plans are available to purchase at fivetran.com/account/billing or through the AWS or GCP marketplaces.
Monthly Active Rows (“MAR”): The number of distinct primary keys synced via the Fivetran plan calculated on a per-Account basis. We only count a row once per Billing Period, even if it syncs multiple times.
Monthly Active Row (“MAR”) Threshold: The minimum MAR usage requirement to receive consumption rates as listed on the Service Consumption Table below.
On-Demand: For Capacity Purchase (i.e. subscription plans) only, this means any additional usage of Credits after the initial purchased Credits have been used. Capacity Purchase plans that have no more Credits available will be moved to On-Demand whereby monthly Credit usage will be billed in-arrears at list price. On-Demand occurs automatically for Capacity Purchase customers after you have depleted an initial Capacity Purchase.
Plan: The bundle of features included as a part of your Fivetran Service and outlined here. Plans may be purchased in the form of Capacity Purchase plans (which are subscription-based), or may be Monthly (which do not require subscriptions).
Primary Key: A unique identifier that specifies a distinct row within a table.
Rollover: For Capacity Purchase (i.e. subscription) plans only, this means any unused Credits at the end of your contracted period with Fivetran that can continue to be used in the following period, as long as you have an active contract.
Monthly Active Rows (MAR) are similar to total monthly synced rows but are less prone to variation and less prone to outliers. MAR is calculated as the number of distinct primary keys observed by Fivetran in a given Billing Period. Primary Keys are counted separately by Fivetran Account, Destination, and Connector. For clarity, if a distinct Primary Key is synced more than once in a given Billing Period then the distinct primary key counts as only a single Monthly Active Row. For example, a distinct Primary Key synced 30 times during a Billing Period will count as one Monthly Active Row. If a Primary Key is not available, we create a synthetic (hashed) Primary Key to ensure consistent tracking. One exception to this is that we exclude Monthly Active Rows associated with the initial historical sync for each new connector added.
Monthly Credits used are determined by the number of Monthly Active Rows within each billing account across that Billing Period. Monthly Credits are consumed based on a diminishing slope: in other words, the more unique data you sync in a Billing Period, the cheaper the incremental cost per unique Monthly Active Row.
The pricing of your Credits depends on the plan you have selected and whether you are drawing down from an initial Capacity Purchase Plan or paying for supplemental Credits via our On-Demand program. For non-subscription Plans (i.e. Monthly Plans), the pricing of your Credits is based on the prices available on our website, fivetran.com/pricing.
If you are drawing down from a Capacity Purchase Plan, your credit consumption rates will be determined by the Service Consumption Table outlined below. Capacity Credit Pricing is determined by your Order Form. Purchased Credits may be applied toward any of your Accounts on the Fivetran Service. However, the Service Consumption Table benefits for anything higher volume than is listed below may be applied on an Account by Account basis (and cannot be combined across accounts). Fivetran will provide you with monthly usage, in-arrears via the Fivetran dashboard.
On-Demand is a supplemental credit program that occurs automatically for Capacity Purchase plan customers who continue to use the Fivetran Service after depleting their available Capacity Purchase Credits. If you are drawing down Credits from On-Demand, your Credit consumption rates will be determined by the Service Consumption Table and the price per Credit of your Plan. You will not benefit from any capacity discounts for these On-Demand Credits and will be billed for On-Demand usage in-arrears for each Billing Period.
|Monthly Active Row Threshold||Base Credits per Month||Incremental Credits per Million MAR*||Effective Credits Per Million MAR|
*or portion thereof.
In order to calculate monthly Credit consumption we use the following formula:
Base Credits per Month + (MAR - Monthly Active Row Threshold) * Incremental Credits per Million MAR
To find your cost per credit:
If you are a Capacity Purchase plan customer, look to your Order Form.
If you are a Monthly customer, see our pricing page which details the price per Credit plan.
Rollover of Credits is only applicable to customers with Capacity Purchase accounts, not Monthly Plans. If you do not use the Credits that you purchased during the term of your contract, you can still use them if you renew your subscription. Subscription renewals require a minimum purchase of $1,000 worth of Credits, and when you do so the remaining Credits on your account can be rolled over to the new contract term. If you have a subscription account that is coming to an end, contact your account representative to learn more about Credit rollover.
We will adjust the use of Fivetran Service Consumption Table by pro-rating your first month’s purchase so you’re not penalized for starting the service mid-month. This helps right-size all of our new customers and ensures that you can start Fivetran easily, at any point in the month, without wasting Credits. For example, if your subscription starts on the 15th and it's a 30-day month, then we will adjust the Credit Consumption rates in the Service Consumption Table by 0.5. The pro-rating will take into account how many days in the month have already passed and the number of actual days in that month. This will be determined by Fivetran in its discretion.
If you decide to open multiple Fivetran Accounts, each account will apply the Fivetran Service Consumption Table for the MAR within that Account. You cannot add together the MAR for multiple Accounts and apply this MAR to Fivetran Service Consumption Table to get a more favorable credit consumption rate. However, if you would like to merge multiple Accounts into a single Account with separate destinations, you can reach out to Support through your dashboard or your account representative to get help with this migration. Merging accounts can have significant benefits, especially if the combined accounts have a high MAR usage.
This Fivetran Service Consumption Table may be updated from time to time and you will be subject to any future changes. Don’t worry, we won’t make changes to this table that have a material adverse effect without your consent. We may make changes, however, to improve ease of understanding among our customer base, to make credit conversions more favorable, or for other reasons. When and if changes to the Credit Consumption Table are made, Fivetran will use reasonable best efforts to provide advance notice of any material changes through the Fivetran Service dashboard or via email. Any allowable changes shall be effective immediately unless otherwise noted.
The Candidate Privacy Statement describes the ways Fivetran Inc. (“Fivetran” or “we”) collects, uses, and discloses information about you through Fivetran’s careers page and the application tracking system. In this Privacy Statement “you” refers to candidates or potential candidates who have expressed an interest in Fivetran careers. By submitting an application, you consent to the processing of your information described in this Privacy Statement.Personal Data We Use We will collect your personal data from you directly and potentially from other sources. Data we collect directly from you: The categories of data that we collect directly from you include:
Personal (e.g. name, date of birth) and contact details (e.g. phone number, email address, postal address or contact number).
Information about family and dependents (e.g., for relocation purposes).
Professional, Employment and Educational Information:
Information contained in your resume or CV, and other documents related to the application or recruitment process (e.g., cover letter, education transcripts, professional and educational certifications).
Previous employment, roles, performance history.
Additional information you may choose to voluntarily submit in connection with your application (e.g. information contained in a cover letter, information disclosed in an interview, or information you volunteer regarding your criminal records history, compensation history, family history or personal situation).
Educational details (e.g. educational history, qualifications, certifications, skills)
Data for diversity monitoring, where the collection of such data is allowed by law (e.g.,race, ethnicity, gender, veteran status and/or disabilities).
Citizenship or immigration information (e.g., for visa purposes, right to work information).
Electronic, Visual and Audio Information:
On-premise location monitoring for security purposes (e.g. video surveillance when attending our premises for an interview)
Internet Activity Information:
We collect information about you using cookies and similar technologies when you browse our website.
Data we collect from other sources: We may collect the following data about you from other sources:
Professional and Employment-Related Information:
Background check data, potentially including your criminal records history, employment history, educational history, from employment-screening agencies, former employers and/or educational institutions (as allowed by local laws).
Information about your performance or conduct from references, referees, or former employers you work with and/or or with whom you may have worked in the past who may provide feedback about you.
Information about you from Fivetran employees who interview you and who may provide feedback about you.
Internet Activity Information:
Publicly available information from websites or social media, including information that you choose to voluntarily submit to us in connection with your application (e.g. when applying through LinkedIn).
Collection, Use, and Retention Lawful basis for processing We collect and use your personal data based on: (a) our legitimate interest in processing personal data about job applicants, (b) so that we may comply with laws in our hiring and employment processes, and (c) to enter into contracts with candidates to whom we make job offers.Purposes of processing As part of all job applications at Fivetran, we collect and use your personal information for legitimate human resources and business management reasons including:
Identifying and evaluating candidates for potential employment, as well as for future roles that may become available;
Recordkeeping in relation to recruiting, hiring, and new hire onboarding;
Ensuring compliance with legal requirements, including diversity and inclusion requirements and practices;
Conducting criminal history checks as permitted by applicable law;
Verifying your information, including through reference checks and, where applicable, background checks;
Protecting our legal rights to the extent authorized or permitted by law;
Emergency situations where the health or safety of one or more individuals may be endangered; or
Responding to your enquiries and requests.
We retain this information in accordance with our retention policy of 12 months from your most recent application. International Transfer of Information Collected To facilitate Fivetran’s global operations, Fivetran may transfer and access Personal Data from around the world, including the United States. This Privacy Statement shall apply even if Fivetran transfers Personal Data to other countries.Access Your personal information may be accessed by recruiters and interviewers working in the country where the position for which you are applying is based, as well as by recruiters and interviewers working in different countries. We use third-party service providers to provide a recruiting software system. We also share your personal data with other third-party service providers that may assist us in evaluating pre-employment screening and testing, and improving our recruiting practices.Correcting and Updating Your Information You have certain rights regarding your personal data, subject to applicable local laws. These include the following rights to:
Access your personal data;
Fix any errors with your personal data;
Erase or delete your personal data;
Restrict our use of your personal data;
Object to our use of your personal data;
Receive your personal data in a usable electronic format and transmit it to a third-party (right to data portability); or
Lodge a complaint with your local data protection authority or regulatory body.
If you are a resident of a country that provides you with the right to request a copy of the Personal Data Fivetran holds about you and/or to correct any inaccuracies within such data, and Fivetran is required by applicable laws to respond to such requests, then you may address such requests to the contact information provided in the “Contact Us” section below. Fivetran will use reasonable efforts to supply, correct or delete information that we hold about you or to advise you if we are not required by applicable laws to comply with such requests. Your Rights Under The California Consumer Privacy Act (CCPA) If you are a California resident, you may request that we disclose to you the categories of personal information we collected about you in the section “Data we collect directly from you” outlined above. If you are a California resident, you may obtain information about exercising your rights, as described above, by contacting us at email@example.com.Contact Us and Changes To This Privacy Statement If you have questions or concerns regarding the way in which your personal data has been used or about this privacy statement, please contact the Privacy Team at: Fivetran, Inc. 405 14th Street, Suite 1050 Oakland, CA firstname.lastname@example.org We may modify or update this privacy statement from time to time. If we make a material change to this privacy statement, we will notify you of the change.