Portal Terms of Use
NOWSTA, INC. PORTAL TERMS OF USE (Effective December 19, 2025)
These Portal Terms of Use (these “TOU”) describes the relationship between Nowsta, Inc., (“Nowsta”) (“Nowsta” “we,” “us,” or “our”) and you or the entity on behalf of whom you are using the Service (“you” or “your” or “Customer”). These TOU set forth the terms and conditions that govern your access to and use of the Service. YOUR USE OF ANY PART OF THE SERVICE INDICATES THAT YOU ACCEPT THESE TERMS OF USE. YOU REPRESENT THAT YOU HAVE THE AUTHORITY TO BIND SUCH ENTITY TO THESE TOU AND THAT “YOU” AND “YOUR” WILL REFER TO THAT COMPANY OR ORGANIZATION. IF YOU DO NOT AGREE TO THESE TERMS OF USE OR DO NOT HAVE THE AUTHORITY SPECIFIED ABOVE, DO NOT USE SERVICE AND CONTACT THE SUBSCRIBER WHICH REQUESTED YOUR ACCESS TO THE SERVICE. NOTE THAT ALL REFERENCES TO THE WORD “PURCHASE” OR “SELL” IN THESE TERMS MEANS “LICENSE” WITH RESPECT TO THE SERVICE.
NOW THEREFORE, the parties agree as follows:
1. DEFINITIONS. For purposes of these TOU, the following terms have the following meanings:
1.1 “Anonymized Data” means Customer Data that is de-identified in such a fashion that it cannot be reidentified
with any known or reasonably anticipated technology. Without limiting the foregoing, “Anonymized Data” shall
meet the definitions of “Aggregated consumer information” and “de-identified” under the California Consumer
Protection Act (substituting “data subject” for “consumer” where applicable”).
1.2 “Confidential Information” means non-public information which one party (“Discloser”) may disclose to the
other party (“Recipient”) in connection with these TOU including: (a) Customer Data, (b) all software and
technical information used to provide the Service; (c) the provisions of these TOU, (d) any commercial, financial,
marketing, business, technical or other data, security measures and procedures, know-how, trade secrets or
other information that: (i) in the case of information in tangible form, is marked “confidential” or “proprietary;”
(ii) in the case of information disclosed orally, visually or any other intangible form, is designated confidential or
proprietary at the time of disclosure, and if disclosed orally, is summarized in reasonable detail in a writing
delivered to the Recipient within ten (10) days following disclosure; or (iii) under the circumstances, a person
exercising reasonable business judgment would understand to be confidential or proprietary; and (e) any
reproduction of such information in any form or medium, or any part of such information.
1.3 “Customer Data” means all electronic data or information submitted to and stored in the Service by you and/or
you Users or that we collect from you or from any other person on your behalf and process via the Service.
1.4 “Documentation” means any online documentation regarding the use and/or operation of the Service, which
may be updated from time to time at our sole discretion (subject to Section 2.2).
1.5 “Service” means the Nowsta cloud-based, workforce management SaaS platform that allows Customer to
streamline and automate the management of its shift-based or seasonal employees, and general contingent
labor with the Subscriber as described in Exhibit 2, as may be updated from time to time at our sole discretion
(subject to Section 2.2), excluding all Third-Party Applications.
1.6 “Service Term” means the time period that your access to the Service is authorized as requested by the
Subscriber.
1.7 “Subscriber” means the staffing agency or corporate client which requested you to have access to the Service.
1.8 “Third-Party Applications” means other products and services which are licensed or manufactured by a party
other than us that are made available via the Service, but which do not form a part of the Service.
1.9 “Users” means individuals who are authorized by you to use the Service pursuant to these TOU. Users may
include you and your employees, consultants, contractors and agents.
2. ACCESS TO THE SERVICE.
2.1 General. Subject to payment by Subscriber of the applicable license fees owned to Nowsta for your access to
the Service and your compliance with these TOU, you are granted a nonexclusive, limited right to have your Users use the Service during the Service Term solely in conjunction with managing your business with
Subscriber. If you require use of the Service with additional staffing agencies or corporate customers, you will
need to purchase a license to use Nowsta’s standard product directly from Nowsta. You are responsible for your
Users’ compliance with these TOU. To initiate the registration process, you will identify an administrative
username and password for your Nowsta account. You will provide Nowsta with information that is reasonably
necessary for us to provide the Service to you. We reserve the right to refuse registration of any User or cancel
passwords we deem inappropriate. You are responsible for: (a) obtaining and maintaining any equipment and
ancillary services needed to connect to, access or otherwise use the Service, including, without limitation,
modems, hardware, servers, software, operating systems, networking, web servers and the like (“Equipment”);
and (b) maintaining the security of the Equipment, your account, passwords (including but not limited to
administrative and User passwords) and files, and for all uses of your account. The Service is controlled and
operated from facilities in the United States. We make no representations that the Service is appropriate or
available for use in other locations. You and your Users who access or use the Service from other jurisdictions do
so at their own volition and are entirely responsible for compliance with all applicable United States and foreign
laws and regulations, including export and import regulations.
2.2 Modifications. During the Service Term, we or our hosting providers may update the Service and
Documentation to reflect changes in, among other things, laws, regulations, rules, technology, industry
practices, patterns of system use, and availability of Third-Party Applications. We may also change these TOU
from time to time provided we notify you (which may be via the portal to the Service) and your continued use
of the Service reflects your acceptance of such changes.
practices, patterns of system use, and availability of Third-Party Applications. We may also change these TOU
from time to time provided we notify you (which may be via the portal to the Service) and your continued use
of the Service reflects your acceptance of such changes.
2.3 Use Restrictions. You will use the Service consistent with these TOU, our Privacy Policy found at
www.nowsta.com/privacy-policy/ (“Privacy Policy”), and all applicable laws and regulations. You remain
responsible for all acts or omissions of your Users as if performed by you. Additionally, you and your Users may
not, and may not cause or permit others to: (a) use the Service to harass any person; cause damage or injury to
any person or property; publish any material that is false, defamatory, harassing or obscene; violate privacy
rights; promote bigotry, racism, hatred or harm; send unsolicited bulk e-mail, junk mail, spam or chain letters;
infringe intellectual or other property rights; sell, manufacture, market and/or distribute any product or service
in violation of applicable laws; or otherwise violate applicable laws, ordinances or regulations; (b) perform or
disclose any benchmarking or availability testing of the Service; (c) perform or disclose any performance or
vulnerability testing of the Service, or perform or disclose network discovery, port and service identification,
vulnerability scanning, password cracking or remote access testing of the Service; (d) reverse engineer,
decompile, disassemble or otherwise attempt to discover the source code, object code or underlying structure,
ideas, know how or algorithms relevant to the Service or any software, documentation or data related thereto;
(e) access or use the Service to build or support, directly or indirectly, products or services competitive to the
Service; (f) introduce viruses, malware, trojan horses, etc. into the Service; (g) modify, translate, or create
derivative works based on the Service; (h) license, sell, transfer, assign, distribute, outsource, permit timesharing
or service bureau use of, commercially exploit, or make available the Service to any third party other than your
Users; (i) access or use the Service to circumvent or exceed service account limitations or requirements or
attempt to bypass measures we use to prevent or restrict access to the Service or use other than in connection
with your business with Subscriber; (j) remove any proprietary notices or labels found in the Service or
Documentation; (k) copy, distribute, or disclose any part of the Service in any medium, including by any
automated or non-automated “scraping”; (l) use any automated system, including “robots,” “spiders,” “offline
readers,” etc., to access the Service in a manner that sends more request messages to our servers than a
human can reasonably produce in the same period of time by using a conventional on-line web browser; (m)
collect or harvest any personally identifiable information, including account names, from the Service; (n) use the
Service other than as permitted pursuant to these TOU; or (o) impersonate another person or otherwise
misrepresent your affiliation with a person or entity, conduct fraud, hide or attempt to hide your identity. In
addition to other rights that we have in these TOU, we have the right to take remedial action which may include
removing or disabling access to the Service. Although we have no obligation to monitor your use of the Service,
we may do so and may prohibit any use of the Service we reasonably believe may be in violation of the
foregoing.
2.4 Government Rights. The Service is a “Commercial Cloud Service” and the Documentation is “Commercial
Computer Software Documentation”. Consistent with 48 C.F.R. §12.211, §12.212 or §227-7202-1 through
227.7202-4 and DFAR Subpart 239.76 and DFAR §227.7202, §227.7203 and §252.227-7015, as applicable, the
Commercial Cloud Services and Commercial Computer Software Documentation are being licensed to U.S.
Government end users (a) only as commercial Items and (b) with only those rights as are granted to all other end
users as described in these TOU.
2.5 Statistical Data. We may: (a) compile statistical and other information related to the performance, operation,
and use of the Service, (b) use Anonymized Data from the Service for security and operations management, to
create statistical analyses for research and development, and other lawful purposes and (c) use Customer Data
to train, test, or otherwise enhance our machine learning algorithms, for the purposes of operating, providing,
and improving the Service. We may make service analyses publicly available or commercialize such analysis;
however, services analyses will not incorporate Customer Data, personal information or Confidential Information
in a form that could serve to identify you or any individual. We retain all intellectual property rights in such
services analyses.
2.6 Monitoring Tools. We continuously monitor the Service to facilitate our operation of the Service; to help
resolve service requests; to detect and address threats to the functionality, security, integrity, and availability of
the Service as well as any content, data, or applications in the Service; and to detect and address illegal acts or
violations of these TOU. Our monitoring tools do not collect or store any Customer Data residing in the Service
except as needed for the above purposes. Information collected by our monitoring tools (excluding Customer
Data) may also be used to assist in managing the Service, to help us address deficiencies in our product and
service offerings, and for license management purposes.
2.7 Discontinuation of Service. We reserve the right to discontinue offering the Service (or portions of the Service)
on thirty (30) days prior written notice or upon termination of our agreement with your Subscriber. We shall not
be liable to you nor to any third party for any discontinuation of the Service as described in this Section.
3. OWNERSHIP RIGHTS AND RESTRICTIONS.
3.1 Ownership of Customer Data. You or your licensors and Users retain all ownership and intellectual property
rights in and to your Customer Data.
3.2 Our Ownership. We and our licensors retain all ownership and intellectual property rights in and to the Service,
Documentation, technology used to provide the Service, derivative works thereof, and anything developed or
delivered by or on behalf of us under these TOU, and nothing contained in these TOU gives you any right, title or
interest in any of them, except for the limited license to use them during the Service Term consistent with these
TOU. Any rights not expressly granted herein by us are reserved by us.
3.3 Feedback. You grant us a royalty-free, worldwide, perpetual, irrevocable, transferable right to use, modify,
distribute, and incorporate into the Service (without attribution of any kind) any suggestions, enhancement
requests, recommendations, proposals, corrections or other feedback or information provided by you or any
Users related to the operation or functionality of the Service.
3.4 Limited License to Customer Data. You have the authority to and do grant us the right during the applicable
Service Term, to host, use, process, display and transmit Customer Data (including to our subprocessors) to
provide the Service pursuant to and in accordance with these TOU and to train, test, or otherwise enhance our
machine learning algorithms, for the purposes of operating, providing, and improving the Service. Our current
subprocessors are listed at https://www.nowsta.com/subprocessor/and may be updated from time to time. We
maintain agreements with our subprocessors sufficient to ensure our compliance with our obligations hereunder.
You have sole responsibility for the accuracy, quality, integrity, legality, reliability, and appropriateness of the
Customer Data, and for obtaining all rights and consents related to Customer Data required by us to provide the
Service. We are not responsible for any electronic communications and/or Customer Data which are delayed, lost,
altered, intercepted, or stored during the transmission of any data whatsoever across networks not owned
and/or operated by us or our subprocessors, including, but not limited to, the internet and your local network.
We may store and maintain Customer Data for a period consistent with our standard business processes for the
Service subject to our continued compliance with our obligations related to confidentiality hereunder.
4. DATA SECURITY.
4.1 Security. We shall maintain reasonable and appropriate security measures to protect Customer Data in
accordance with commercially reasonable industry standards which shall not be less protective of Customer Data
than those set forth in Exhibit 1 (“Security Requirements”). We shall promptly notify Customer of any security
incidents involving Customer Data. We will use Customer Data only as specified in these TOU (including our
Privacy Policy).
5. NONDISCLOSURE
5.1 General. In connection with their relationship, Discloser may disclose to Recipient Confidential Information of
Discloser. Recipient agrees not to disclose the Discloser’s Confidential Information to any third party other than as
set forth in the following sentence, for a period of five (5) years from the date of termination or expiration of
these TOU, provided, (a) that trade secret information will be held in confidence until such information no longer
qualifies as a trade secret under applicable law, (b) personally identifiable information will be held in confidence
as required by applicable laws, and (c) we will protect the confidentiality of Customer Data residing in the Service
for as long as such information resides in the Service. Each party may disclose Confidential Information only to
those employees, agents or subcontractors (including our subprocessors) with a need to know such information
to comply with its obligations under these TOU and who are required to protect it against unauthorized disclosure
in a manner no less protective than required under these TOU. In addition, Recipient may disclose Discloser’s
Confidential Information in any legal proceeding or to a governmental entity as required by law provided that
Recipient provides prompt written notice thereof to Discloser (to the extent legally permitted) and assistance (at
Discloser’s expense) to enable Discloser to seek a protective order or otherwise prevent or restrict such
disclosure.
5.2 Exceptions. Notwithstanding Section 5.1, the following shall not be deemed Confidential Information: (a)
information that was in the public domain at the time of its disclosure, or which becomes public domain property
through no fault of Recipient; (b) information that was rightfully in Recipient’s possession without restriction prior
to disclosure; (c) information that was rightfully disclosed to Recipient by a third party without restriction; (d)
information that was independently developed by employees and/or contractors of Recipient without access to,
use of, or reference to Discloser’s Confidential Information; and (e) Anonymized Data collected or generated by
us or on behalf of us regarding the Service.
5.3 Injunctive Relief. It is understood and agreed that notwithstanding any other provision of these TOU, a breach by
either party of this Section 5 may cause the other party irreparable damage for which recovery of money
damages might be inadequate, and that the other party shall therefore be entitled to seek timely injunctive relief,
without posting bond, to protect such party’s rights under these TOU, in addition to all remedies available at law
or equity.
5.4 Return of Confidential Information. On Discloser’s written request or upon expiration or termination of
Customer’s access to the Service for any reason, Recipient will promptly return or securely destroy, at Discloser’s
option, all of Discloser’s Confidential Information in any form or media and provide a written statement to
Discloser certifying the return or destruction of such Confidential Information. Customer Data will be made
available to you or returned and/or destroyed as described in Section 9.4.
6. WARRANTIES AND DISCLAIMERS.
6.1 Service Warranty. Each party represents that it has validly entered into these TOU and that it has the power and
authority to do so. We warrant that during the Service Term, we will provide the Service using commercially
reasonable care and skill and in all material respects as described in the Documentation (the “Service Warranty”).
If the Service fails to conform to the Service Warranty, you must promptly provide us with a written notice that
describes the deficiency in the Service (including, as applicable, the service request number notifying us of the
deficiency in the Service). These warranties shall not apply, and we shall not be responsible for our inability to
provide the Service to the extent such failure is due to: (a) third party software, hardware, or network
infrastructure, including but not limited to any Third-Party Applications; (b) failure of the external internet beyond
our network; (c) electrical or internet access disruptions not due to us or our systems; (d) any actions or inactions
of you and/or your Users in violation of these TOU; (e) caused by your Equipment; or (f) attacks (i.e. hacks,
malicious introduction of viruses and disabling devices) caused by third parties.
6.2 Remedies. FOR ANY BREACH OF THE SERVICE WARRANTY, YOUR EXCLUSIVE REMEDY AND OUR ENTIRE LIABILITY
SHALL BE TO CORRECT THE DEFICIENT SERVICES AT OUR COST SO THAT THE SERVICE CONFORMS TO THE SERVICE
WARRANTY, OR, IF WE CANNOT SUBSTANTIALLY CORRECT THE DEFICIENCY IN A COMMERCIALLY REASONABLE
MANNER, YOU MAY END THE DEFICIENT SERVICE AND WE WILL REFUND TO YOUR SUBSCRIBER THE FEES FOR THE
SERVICE THAT WERE PRE-PAID TO US FOR THE PERIOD FOLLOWING THE EFFECTIVE DATE OF TERMINATION.
6.3 Disclaimer. WE DO NOT WARRANT THAT THE SERVICE WILL BE ERROR-FREE OR UNINTERRUPTED, THAT WE WILL
CORRECT ALL ERRORS, OR THAT THE SERVICE WILL MEET YOUR REQUIREMENTS OR EXPECTATIONS. WE ARE NOT
RESPONSIBLE FOR ANY ISSUES RELATED TO THE PERFORMANCE, OPERATION OR SECURITY OF THE SERVICE THAT
ARISE FROM CUSTOMER DATA OR THIRD-PARTY APPLICATIONS.
6.4 EXCLUSIVE WARRANTIES. TO THE EXTENT NOT PROHIBITED BY LAW, THESE WARRANTIES AND SUCH
WARRANTIES AS ELSEWHERE EXPRESSED IN THESE TOU ARE EXCLUSIVE AND THERE ARE NO OTHER WARRANTIES,
TERMS OR CONDITIONS, EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, INCLUDING WITHOUT LIMITATION,
ANY WARRANTIES, TERMS, OR CONDITIONS OF MERCHANTABILITY, SATISFACTORY QUALITY, NON-
INFRINGEMENT, OR FITNESS FOR A PARTICULAR PURPOSE.
7. INDEMNIFICATION.
7.1 Infringement. Subject to the terms and conditions set forth in this Section 7, we shall, at our own expense,
defend you from and against any and all allegations, threats, claims, suits, and proceedings brought by third
parties (excluding Subscriber) (collectively “Claims”) alleging that the Service, as used in accordance with these
TOU, infringes such third party’s copyrights or trademarks, or misappropriates such third party’s trade secrets and
we shall indemnify you from and against liability, damages, and costs finally awarded or entered into in
settlement (including, without limitation, reasonable attorneys’ fees) (collectively, “Losses”) to the extent based
upon such Claim(s).
7.2 Exclusions. We will have no liability for Claims or Losses to the extent arising from: (a) use of the Service in
violation of these TOU or applicable law; (b) use of the Service after we notify you to discontinue use because of
an infringement claim; (c) modifications to the Service not made by us or made by us based on your or your
Subscriber’s specifications or requirements; (d) use of the Service in combination with any non-Nowsta software,
application or service, including Third-Party Applications; or (e) our use of Customer Data consistent with the
provisions of these TOU.
7.3 Remedies. If a Claim of infringement as set forth above is brought or threatened, we shall, at our sole option and
expense, use commercially reasonable efforts either: (a) to procure a license that will protect you against such
Claim without cost; (b) to modify or replace all or portions of the Service as needed to avoid infringement, such
update or replacement having substantially similar or better capabilities; or (c) if (a) and (b) are not commercially
feasible, terminate these TOU and refund to your Subscriber a pro-rata refund of the prepaid, unused access fees
for the terminated portion of the Service Term. The rights and remedies granted to you under this Section 7.3
state our entire liability, and your exclusive remedy, with respect to any claim of infringement of the intellectual
property rights of a third party.
7.4 Customer’s Indemnity. Subject to the terms and conditions set forth in this Section 7.4 you shall, at you own
expense, defend us and our Affiliates, officers, directors, employees and agents (“Nowsta Parties”) from and
against any and all Claims alleging that: (a) our use of the Customer Data as permitted by these TOU infringes the
intellectual property, proprietary rights, or privacy rights of any third party; (b) your use of Third-Party
Applications is outside the scope of the licenses granted with respect to such Third-Party Applications; (c) your
failure to obtain proper consents for our processing of Customer Data; (d) your use of the Service violates any
applicable laws or the provisions of Section 2.3 of these TOU; or (e) arising out of your use of the Service other
than in connection with your business with Subscriber, and you shall indemnify us from and against liability for
any Losses to the extent based upon such Claims. In addition, you agree that your workers, employees,
contractors, and other personnel shall neither be considered employees or personnel of Nowsta nor shall we be
deemed to be a supervisor of, or responsible for, any such personnel. You shall indemnify, defend and hold
harmless all Nowsta Parties for any action that may be raised against Nowsta Parties alleging violation of any
federal or state wage and hour, tax, workplace safety laws or other federal or state law, or for property damage,
bodily injury, or death caused by you or your workers, employees, contractors and personnel. You will have no
liability under this Section 7.4 to the extent such Losses result from our gross negligence, willful misconduct or
fraud.
7.5 Indemnification Procedures and Survival. In the event of a potential indemnity obligation under this Section 7,
the indemnified party shall: (a) promptly notify the indemnifying party in writing of such Claim; (b) allow the
indemnifying party to have sole control of its defense and settlement; and (c) upon request of the indemnifying
party, cooperate in all reasonable respects, at the indemnifying party’s cost and expense, with the indemnifying
party in the investigation, trial, and defense of such Claim and any appeal arising therefrom. The indemnification
obligations under this Section 7 are expressly conditioned upon the indemnified party’s compliance with this
Section 7.5 except that failure to notify the indemnifying party of such Claim shall not relieve that party of its
obligations under this Section 7 but such obligations shall be reduced to the extent of any damages attributable to
such failure. The indemnification obligations contained in this Section 7 shall survive termination or expiration of
your Service Term for one year.
8. LIMITATION OF LIABILITY.
8.1 EXCLUSION OF CERTAIN DAMAGES. IN NO EVENT WILL EITHER PARTY OR ITS AFFILIATES BE LIABLE FOR ANY
INDIRECT, CONSEQUENTIAL, INCIDENTAL, SPECIAL, PUNITIVE, OR EXEMPLARY DAMAGES, OR ANY LOSS OF
REVENUE, PROFITS (EXCLUDING FEES UNDER THESE TOU), SALES, DATA, DATA USE, GOODWILL, OR REPUTATION.
CERTAIN STATES AND/OR JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF INCIDENTAL OR CONSEQUENTIAL
DAMAGES, IN WHICH CASE SUCH DAMAGES SHALL BE SUBJECT TO THE LIMITATIONS SET FORTH IN SECTION 8.2
BELOW.
8.2 LIMITATION OF LIABILITY. THE MAXIMUM AGGREGATE LIABILITY OF NOWSTA AND ITS AFFILIATES ARISING OUT
OF OR IN CONNECTION WITH THESE TOU, WHETHER SUCH LIABILITY ARISES FROM ANY CLAIM BASED ON BREACH
OR REPUDIATION OF CONTRACT, BREACH OF WARRANTY, NEGLIGENCE, OR OTHERWISE, SHALL NOT EXCEED THE
TOTAL FEES PAID OR PAYABLE BY YOUR SUBSCRIBER FOR YOUR ACCESS TO THE SERVICE DURING THE TWELVE
(12) MONTH PERIOD IMMEDIATELY PRECEDING THE EVENT OUT OF WHICH THE LIABILITY AROSE.
NOTWITHSTANDING THE FOREGOING, IN THE EVENT OF LIABILITY ARISING IN CONNECTION WITH AN
INDEMNIFICATION OBLIGATION PURSUANT TO SECTION 7.1, THE CAP SET FORTH IN THIS SECTION 8.2 SHALL NOT
APPLY
8.3 Acknowledgement. BOTH PARTIES ACKNOWLEDGE THAT THE FEES REFLECT THE ALLOCATION OF RISK SET FORTH
IN THESE TOU AND THAT THE PARTIES WOULD NOT ENTER INTO THESE TOU WITHOUT THESE LIMITATIONS ON
THEIR LIABILITY. NOTWITHSTANDING ANYTHING TO THE CONTRARY IN THIS SECTION 8, NEITHER PARTY SHALL BE
LIABLE TO THE OTHER PARTY TO THE EXTENT SUCH LIABILITY WOULD NOT HAVE OCCURRED BUT FOR THE OTHER
PARTY’S FAILURE TO COMPLY WITH THESE TOU.
9. TERM AND TERMINATION
9.1 Term. These TOU shall remain in effect unless terminated as specified in these TOU. These TOU may be
terminated upon the Subscriber (a) failing to pay us the applicable access fees for your access to the Service; (b)Page | 7
WFM For Portal Customer TOU (20251219)(V1)
requesting that we remove your access to the Service; or (c) no longer maintaining its own subscription to
Nowsta’s workforce management platform. In addition, if you no longer wish to have access to the Service, you
need to notify the Subscriber of your intention to cease access to the Service at least forty five (45) days prior to
the anniversary date of your Service Term.
requesting that we remove your access to the Service; or (c) no longer maintaining its own subscription to
Nowsta’s workforce management platform. In addition, if you no longer wish to have access to the Service, you
need to notify the Subscriber of your intention to cease access to the Service at least forty five (45) days prior to
the anniversary date of your Service Term.
9.2 Suspension. We may suspend your and/or your Users’ access to, or use of, the Service if we believe that: (a)
such use presents a significant threat to the functionality, security, integrity, or availability of the Service or any
content, data, or applications in the Service; (b) you or your Users are accessing or using the Service to commit an
illegal act; or (c) we do not receive payment of the applicable access fees from the Subscriber. When reasonably
practicable and lawfully permitted, we will provide You with advance notice of any such suspension. We will use
reasonable efforts to limit any suspension only to the portion of the Service related to the issue causing
suspension. We will use reasonable efforts to re-establish the Service promptly after we determine that the issue
causing the suspension has been resolved.
9.3 Termination for Breach. Your access to and use of the Service may be terminated at any time: (a) by either party,
effective on written notice to the other party, if the other party materially breaches these TOU and the breach
remains uncured thirty (30) days after the non-breaching party provides the breaching party with written notice
of such breach; or (b) by either party, effective immediately, if the other party: (i) is dissolved or liquidated or
takes any corporate action for such purpose; (ii) becomes insolvent or is generally unable to pay its debts as they
become due; (iii) becomes the subject of any voluntary or involuntary bankruptcy proceeding under any domestic
or foreign bankruptcy or insolvency Law which remains undismissed after sixty (60) days; (iv) makes or seeks to
make a general assignment for the benefit of its creditors; or (v) applies for, or consents to, the appointment of a
trustee, receiver or custodian for a substantial part of its property.
9.4 Effect of Termination. At the end of the Service Term (including any renewals thereof) or upon termination of
these TOU, you shall have no further right to use or access the Service, and we will make your Customer Data (as
it existed at the end of the Service Term) available for retrieval by you for thirty (30) days. Following the retrieval
period, and except as may be required by law, we will deactivate your accounts and securely delete all Customer
Data that remains in the Service except to the extent, and only for so long as, retention is mandated under
applicable Law (e.g., a litigation hold).
9.5 Survival. Provisions that survive termination or expiration of these TOU are those relating to limitation of
liability, confidentiality, indemnification, payment, ownership of data, and others which by their nature are
intended to survive.
10. COMPLIANCE WITH LAWS.
10.1 Export. Export control and economic sanctions laws and regulations (“export laws”) of the United States and any
other relevant local export laws apply to the Service. Such export laws govern use of the Service (including
technical data) and deliverables provided under these TOU, and you and we each agree to comply with all such
export laws (including “deemed export” and “deemed re-export” regulations). We each agree that no data,
information, software programs and/or materials resulting from the Service (or direct product thereof) will be
exported, directly or indirectly, in violation of these laws, or will be used for any purpose prohibited by these
laws. You are solely responsible for the authorization and management of User accounts across geographic
locations, as well as export control and geographic transfer of Customer Data.
10.2 Laws. The parties shall both comply with all applicable local, state, provincial, national and foreign laws, treaties
and regulations in connection with the use and performance of the Service.
11. FORCE MAJEURE. Neither you nor we shall be responsible for failure or delay of performance to the
extent caused by: an act of war, hostility, or sabotage; act of God; pandemic; electrical, internet, or
telecommunication outage that is not caused by the obligated party; government restrictions (including, without
limitation, an embargo, economic sanction or the denial or cancellation of any export, import or other license); or
other event outside the reasonable control of the obligated party. Both you and we will use reasonable efforts to
mitigate the effect of a force majeure event. If such event continues for more than 30 days, either party may
cancel these TOU upon written notice. If you terminate the Service under such circumstances, we will refund to
your Subscriber the unused portion of any pre-paid access fees. This Section does not excuse either party’s
obligation to take reasonable steps to follow its normal disaster recovery procedures.
12. DISPUTE RESOLUTION AND ARBITRATION. The parties agree that in the event any dispute arises
between us, we agree to first attempt to resolve any dispute or disagreement collegially and in good faith. If that
is not successful, then either party may choose to engage in voluntary mediation. The parties agree that if any
dispute cannot be resolved informally or through mediation, any controversy or claim arising out of or relating to
these TOU, shall be mandatorily settled by arbitration administered by the Judicial Arbitration and Mediation
Service, Inc. (“JAMS”), under the Streamlined Arbitration Rules and Procedures. This arbitration agreement and
these provisions shall be governed by, and construed and interpreted, in accordance with the Federal Arbitration
Act. Judgment on the award rendered by the arbitrator may be entered in any court having jurisdiction thereof.
Regardless of the amount of money at issue in any arbitration, and notwithstanding JAMS Rules to the contrary,
the arbitration shall be decided by a single arbitrator who is a neutral, retired state or federal judge. The costs of
any arbitration shall be equally divided, with no shifting of attorneys’ fees to the non-prevailing Party. No class
action or collective claims may be submitted for arbitration or considered by the Arbitrator. Arbitration
proceedings shall be conducted in New York, New York. The arbitration proceedings and results therein shall be
kept confidential, unless it becomes necessary for a party to seek court action and assistance to enforce any
award. The arbitrator and not a court shall be authorized to determine arbitrability. In the event any dispute is
determined not arbitrable by the arbitrator, each Party agrees that any proceeding (in contract, tort or otherwise)
arising out of or relating to these TOU, involves complicated and difficult issues. Therefore, each party irrevocably
and unconditionally waives any right it may have to a trial by jury in respect of any such proceeding.
Notwithstanding the foregoing, each party reserves the right to file suit or action in any court of competent
jurisdiction as such party deems necessary to protect its intellectual property rights and to recoup any payments
due.
13. GOVERNING LAW AND JURISDICTION. These TOU are governed by the substantive and procedural laws
of the State of New York excluding its conflict of laws rules, and the parties both agree to submit to the exclusive
jurisdiction of, and venue in, the courts located in New York, New York in connection with any dispute arising out
of or relating to these TOU other than as specified in Section 12. The Uniform Computer Information Transactions
Act does not apply to these TOU.
14. NOTICE. Any notice required under these TOU shall be provided to the other party in writing. If you have
a legal dispute with us or if you wish to provide a notice under the Indemnification Section of these TOU, or if you
become subject to insolvency or other similar legal proceedings, you will promptly send written notice to us at:
Nowsta, Inc., 228 Park Ave South, PMB 62909, New York, NY 10003-1502, Attention: Legal Department with a
copy to legal2@nowsta.com. Notices to you will go to the point of contact specified in the request for access
submitted by your Subscriber. Notices shall be deemed delivered as follows: (a) by personal delivery when
delivered by hand, (b) by registered or certified mail, postage prepaid, return receipt requested, five (5) days after
deposit in the mail, (c) by overnight courier upon written verification of receipt, or (d) by confirmed fax or email
upon receipt. In addition, we may give general notices applicable to our customers by means of a general notice
on our customer portal for the Service or via email to Customer’s point of contact on the access request form.
15. ASSIGNMENT. These TOU shall inure to benefit and bind the parties hereto, their successors and
assigns, but neither party may assign these TOU without written consent of the other, except that we may assign
without consent to an Affiliate or the successor of all or substantially all of our business or assets to which these
TOU relate.
16. GENERAL PROVISIONS.
16.1 Independent Contractors. We are an independent contractor, and each party agrees that no partnership, joint
venture, or agency relationship exists between the parties.
16.2 Third Parties. Our business partners and other third parties, including the Subscriber, or other parties that are
retained by you to provide consulting services, implementation services or applications that interact with the
Service, are independent of us and are not our agents. Even if recommended by us, we are not liable for, bound
by, or responsible for any problems with the Service or Customer Data arising due to any acts or omissions of any
business partner or third party, unless the business partner or third party is providing Service as our
subcontractor or is otherwise engaged by us in connection with performance of our obligations under these TOU,
and, if so, then only to the same extent as we would be responsible for our resources under these TOU.
Service, are independent of us and are not our agents. Even if recommended by us, we are not liable for, bound
by, or responsible for any problems with the Service or Customer Data arising due to any acts or omissions of any
business partner or third party, unless the business partner or third party is providing Service as our
subcontractor or is otherwise engaged by us in connection with performance of our obligations under these TOU,
and, if so, then only to the same extent as we would be responsible for our resources under these TOU.
16.3 Severability. If any provision of these TOU is found to be invalid or unenforceable, the remaining provisions will
remain effective and such term shall be replaced with another term consistent with the purpose and intent of
these TOU.
16.4 Amendment and Waiver. These TOU shall not be modified or amended, except as expressly set forth herein, or
in writing and signed or accepted electronically by the party against whom the modification, amendment or
waiver is to be asserted, however, we may update the Documentation and policies referenced in these TOU,
including by posting updated documents on our website, provided that such updated Documentation and policies
shall apply only to Orders placed after such updates are provided.
17. ENTIRE AGREEMENT
17.1 Entire Agreement. You agree that these TOU and the information which is incorporated herein by reference
(including reference to information contained in a URL or referenced policy), is the complete agreement for
Service made available to you and supersedes all prior or contemporaneous agreements, proposals, negotiations,
demonstrations or representations, written or oral, regarding such Service.
Exhibit 1 – SECURITY REQUIREMENTS
These Security Requirements describe how Nowsta works to protect the security of its customer’s data in
connection with their use of the Service. For purposes of these Security Requirements: the word “including”
means “including, without limitation”; “Malicious Code” means any harmful, malicious, or hidden code,
programs, procedures, routines, or mechanisms, including malware, Trojan horses, viruses, worms, time bombs,
time locks, devices, traps, access codes, or drop dead, or trap door devices; “Customer” means a party who has
entered into a Master Subscription Services Agreement or other agreement to use the Service, including any
Terms of Use with Nowsta (“Agreement”) in connection with their use the Service. “Customer Data” means all
data or information of any type (including all software, data, text, audio, video, or images) that Nowsta accesses,
processes, or stores; “Customer Systems” means any Customer or third-party infrastructure, systems, or
applications that access, process, or store Customer Data; “Nowsta Personnel” means the employees and
contractors providing Service or accessing or using Nowsta Systems; and “Nowsta Systems” means the
infrastructure, systems and applications that access or support Service or that access, process, or store Customer
Data.
1. Endpoint Controls
1.1. Nowsta Personnel shall only use endpoints that comply with these Security Requirements to:
1.1.1. access, process, or store Customer Data;
1.1.2. access any Customer Systems; or
1.1.3. access any Nowsta Systems.
1.2. Nowsta shall not transmit Customer Data from such endpoints to any infrastructure, systems, or applications other
than Customer Systems or other infrastructure, systems or applications authorized by Customer. Notwithstanding
the foregoing, Customer acknowledges that Nowsta is permitted to transmit such Customer Data to its
subprocessors as described in the Agreement and that by using certain features and functionality in the Service, that
it will permit Nowsta to transmit Customer Data as required to provide those services.
1.3. Nowsta Personnel shall only (a) access Customer Systems, Customer Data or Nowsta Systems or (b) process or store
Customer Data, using endpoints that: (1) utilize security controls that include (i) disk encryption, (ii) endpoint
detection and response (EDR) tools to monitor and alert for suspicious activities and Malicious Code, and (iii)
vulnerability scanning and management in accordance with Section 1.4, and (2) are configured to automatically
activate a password protected screensaver after 15 minutes of inactivity and run up-to-date host-based firewall
software.
1.4. Nowsta shall ensure that vulnerabilities meeting defined risk criteria set forth below will trigger alerts and that such
vulnerabilities are prioritized for remediation based on their potential impact to Customer Data, Customer Systems,
and Nowsta Systems. Upon becoming aware of such vulnerabilities, Nowsta shall remediate private and public
“critical” and “high”’ vulnerabilities within thirty (30) calendar days, and “medium” vulnerabilities t within ninety
(90) calendar days To assess whether a vulnerability is “critical”, “high”, or “medium”, Nowsta shall use the National
Vulnerability Database’s (NVD) Common Vulnerability Scoring System (CVSS) (NVD Site).
1.5. Nowsta Personnel shall securely and permanently delete all Customer Data on all endpoints and Nowsta Systems
within thirty (30) days after the expiration or termination of the Agreement.
2. Encryption
2.1. Encryption of Customer Data. Nowsta must encrypt all Customer Data containing PII (as defined NIST (NIST Site)) or
PCI (as defined by Payment Card Industry Security Standards Council (PCI SSC Site)) at-rest using AES 256-bit (or
better) encryption. Nowsta shall use Transport Layer Security (TLS) 1.2 (or better) for all Customer Data in-transit
over untrusted networks.
3. Administrative Controls
3.1. Personnel Security. Nowsta shall conduct the following background screening on its employee and contractor
candidates that Nowsta proposes assigning as Nowsta Personnel, to the extent permitted by applicable law, and
Nowsta shall not assign any employee or contractor as Nowsta Personnel if such individual has any unfavorable or
non-standard results:
- Identity Verification
- Criminal Search
- Education Verification
- Employment Verification
- Global Watchlist
3.2. Personnel Training. Nowsta shall maintain a documented security awareness and training program for Nowsta
Personnel, including onboarding and on-going training.
3.3. Personnel Agreements. Nowsta shall require Nowsta Personnel to sign confidentiality agreements and a policy that
includes acknowledging responsibility for reporting Security Incidents (as defined below).
3.4. Personnel Access Reviews & Separation. Nowsta shall review the access privileges of Nowsta Personnel to the
endpoints and Nowsta Systems at least quarterly, and promptly remove access privileges for Nowsta Personnel who
no longer need such access privileges. Nowsta shall promptly remove access privileges for all separated Nowsta
Personnel. If Customer has granted any Nowsta Personnel access privileges to Customer Systems or Customer Data,
Nowsta shall notify Customer promptly if any such Nowsta Personnel are separated or no longer need such access
privileges.
3.5. Change Management. Nowsta shall maintain a documented change management program for Nowsta Systems.
3.6. Third Party Risk Management. For Nowsta’s vendors that (a) access Customer Systems or Nowsta Systems, or (b)
access, process, or store Customer Data, Nowsta shall maintain a Nowsta risk management program designed to
ensure each such Nowsta vendor maintains security measures consistent with, and complies with, Nowsta’s
obligations described in these Security Requirements.
4. Incident Detection & Response
4.1. Security Incident Reporting. If Nowsta becomes aware of any (a) accidental, unauthorized, or unlawful destruction,
loss, alteration, or disclosure of, or access to Customer Data, or (b) any accidental, unauthorized or unlawful access
to or alteration of Customer Systems or Nowsta Systems (“Security Incident”), then, in each such case Nowsta shall
notify Customer thereof without undue delay, and in any case within 72 hours, after becoming aware of the Security
Incident.
4.2. Investigation. If a Security Incident occurs, Nowsta shall promptly take reasonable steps to contain, mitigate, and
investigate the Security Incident. Any logs determined to be relevant to the Security Incident, shall be preserved for
at least one year, and made available to Customer upon its request.
4.3 Communication and Cooperation. If a Security Incident occurs, Nowsta shall provide Customer timely information
about the Security Incident, including the nature and consequences of the Security Incident, the measures taken or
proposed by Nowsta to contain and mitigate the Security Incident, the status of Nowsta’s investigation, a contact
person from which additional information may be obtained, and the categories and approximate number of data
records concerned.
records concerned.
5. Customer Rights
5.1 Audit Rights. At no additional cost to Customer, Nowsta shall provide Customer, or its appropriately qualified
third-party representative, access to appropriate Nowsta Personnel and reasonably requested documentation,
logs, and data evidencing Nowsta’s compliance with its obligations under these Security Requirements.
Service Description:
Description of Service Features – For use solely in connection with Customer’s relationship with Subscriber
(not for internal use or with other agencies/customers).
- Scheduling for event-based and weekly businesses
- Integrated order portal for submitting orders to and connect directly with your staffing agency or corporate
customer - Real-time digital time tracking
- GPS clock-in with geofencing
- Digital timeclock
- Timecard supervisors
- Timecard anomaly detection and approval
- Communication and messaging with workers, including automated shift and clock in reminders
- Communication and messaging with your staffing agency or corporate customer
- Reporting and analytics for time & attendance, payroll, staff performance, labor costing, and more