Attached files
| file | filename |
|---|---|
| EX-32.2 - EXHIBIT 32.2 - Cloudera, Inc. | q4-1810kexhibit322.htm |
| EX-32.1 - EXHIBIT 32.1 - Cloudera, Inc. | q4-1810kexhibit321.htm |
| EX-31.2 - EXHIBIT 31.2 - Cloudera, Inc. | q4-1810kexhibit312.htm |
| EX-31.1 - EXHIBIT 31.1 - Cloudera, Inc. | q4-1810kexhibit311.htm |
| EX-23.02 - EXHIBIT 23.02 - Cloudera, Inc. | q4-1810kexhibit2302.htm |
| EX-10.21 - EXHIBIT 10.21 - Cloudera, Inc. | q4-1810kexhibit1021.htm |
| EX-10.20 - EXHIBIT 10.20 - Cloudera, Inc. | q4-1810kexhibit1020.htm |
| EX-10.19 - EXHIBIT 10.19 - Cloudera, Inc. | q4-1810kexhibit1019.htm |
| EX-10.17 - EXHIBIT 10.17 - Cloudera, Inc. | q4-1810kexhibit1017.htm |
| 10-K - 10-K - Cloudera, Inc. | fy-18cldr10k.htm |
[***] = CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY BRACKETS AND ASTERISKS, HAS BEEN OMITTED AND FILED SEPARATELY WITH THE SECURITIES AND EXCHANGE COMMISSION PURSUANT TO RULE 24B-2 OF THE SECURITIES EXCHANGE ACT OF 1934, AS AMENDED. CONFIDENTIAL TREATMENT HAS BEEN REQUESTED WITH RESPECT TO THE OMITTED INFORMATION.
Exhibit 10.18
Amendment 2
to the Enterprise Subscription Agreement No. CW1985661
This Amendment 2 (“Amendment 2”) is entered into as of November 17, 2017 (“Amendment 2 Effective Date”) by and between Cloudera, Inc., a Delaware corporation, with offices at 395 Page Mill Road, Palo Alto, CA 94306 (“Cloudera”) and Intel Corporation and its Affiliates, a Delaware corporation, with offices at 2200 Mission College Boulevard, Santa Clara, CA 94504 (“Customer”) and amends that certain Enterprise Subscription Agreement entered into by and between the parties dated April 25, 2014 (“Agreement”), CW1985661.
The parties hereby agree to amend the Agreement as follows:
1.Amended Terms.
A. Modify and append the following definitions:
The following definitions replaces the same definition in the Agreement:
1.3 “Cloudera Products” means the (i) Cloudera Open Source Distribution, the Cloudera Software and the Cloudera Online Services, and (ii) any Third Party Software (as defined below) incorporated in the foregoing.
1.4 “Cloudera Software” means Cloudera’s proprietary software components set forth in the applicable Order Form for a Subscription Period. Cloudera Software does not include Cloudera Online Services.
1.6 “Node” means a physical or virtual computer providing data processing capabilities or running coordinator processes to drive data processing activities, including but not limited to the following: Apache Hadoop (HDFS, MapReduce), Apache Hive, Apache HCatalog, Cloudera Hue, Apache Mahout, Apache Oozie, Apache Pig, Apache Sentry, Apache Sqoop / Sqoop2, Apache Whirr, Apache Zookeeper, Apache Spark, Apache Crunch, Apache HBase, Apache Kafka, Apache Accumulo, Apache Impala (Incubating), Cloudera Search, Apache Kudu or Apache YARN services.
1.7 “End User Client” means the person who actually uses the [***].
The following definitions are hereby added to the Agreement:
1.11 “Cloudera Online Services” means any Cloudera Product that is provided by Cloudera as a hosted, cloud- based service, accessible to Customer through a web browser.
1.12 “Transaction Data” means all data that is (i) input into Cloudera Online Services or generated through the use of the Cloudera Online Services, or (ii) generated for troubleshooting and diagnostics, in each case that is transmitted to Cloudera. Transaction Data does not include Customer’s originating data that might be stored in Customer’s clusters running the Cloudera Products.
B. Section 2 of the Agreement is modified as follows:
Add the following at the end of Section 2.1 (i): “For clarity, Customer’s internal use as set forth in this Section 2.1(i) and Section 2.1(ii) below includes the use of the Cloudera Software to [***], provided that all such use is limited to licensed Nodes owned or controlled by Customer, on hardware owned or controlled by Customer, or as may be deployed by Customer in a public cloud environment. Cloudera will have no direct obligation to any End User Client, including any obligation to provide support, and
[***] = CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY BRACKETS AND ASTERISKS, HAS BEEN OMITTED AND FILED SEPARATELY WITH THE SECURITIES AND EXCHANGE COMMISSION PURSUANT TO RULE 24B-2 OF THE SECURITIES EXCHANGE ACT OF 1934, AS AMENDED. CONFIDENTIAL TREATMENT HAS BEEN REQUESTED WITH RESPECT TO THE OMITTED INFORMATION.
Customer will indemnify and defend Cloudera for claims or demands against Cloudera brought by any such End User Client, excluding claims or demands for intellectual property infringement due to any Cloudera Products. Except as expressly set forth herein with respect to [***], the license grant in the preceding sentence expressly excludes any other hosting of third party data or the provision of any other products and services to third parties.”
C. Section 5 of the Agreement is modified as follows:
Add the following as Sections 5.2
“5.2 Policies; Personally Identifiable Information. Customer and Cloudera will adhere to and agree to be bound by the Data Policy with respect to the handling of Transaction Data, and the Privacy Terms with respect to the handling of PII, as defined below, attached hereto as Attachment 1, as such policies and terms may be updated by the parties from time to time (the “Data Policy” and the “Privacy Terms,” respectively). All Transaction Data (as defined in the Data Policy) will be handled in accordance with the provisions set forth in the Data Policy and governed exclusively by those terms. Subject to applicable law, in connection with the performance of this Addendum and Customer’s use of the Cloudera Online Services: (i) Cloudera agrees that it will not require Customer to deliver to Cloudera any personally identifiable information (as defined by the National Institute of Standards and Technology) (“PII”); and (ii) Customer agrees not to deliver any PII to Cloudera; provided, however, that Customer’s Account Data (as defined in the Data Policy) may include PII to the extent it is business contact information necessary to access the Service, and will be governed by the Data Policy.”
2.Exhibit C-1 attached hereto is appended to Exhibit C of the Agreement to provide licensing of Cloudera Products through the amended Expiration Date.
3.Expiration Date of the Agreement is extended to March 31, 2023.
Integration; Conflict. The provisions of this Amendment 2 will govern notwithstanding anything to the contrary in the Agreement. Except as otherwise expressly provided or modified herein, the terms and conditions of the Agreement remain in full force and effect, and the Agreement and this Amendment 2 constitute the entire and exclusive agreement between the parties regarding the subject matter hereof, and supersede all proposals and prior agreements, oral or written, and all other communications.
IN WITNESS WHEREOF, the parties have caused this Amendment 2 to be executed by their duly authorized representatives.
Customer: Intel Corporation | Cloudera, Inc. | |||
Signature: | /s/ Sommer Starr | Signature: | /s/ Wayne Kimber | |
Printed: | Sommer Starr | Printed: | Wayne Kimber | |
Title: | Commodity Manager | Title: | VP Finance & PAO | |
Date: | 17-Nov-2017 | Date: | 21-Nov-2017 | |
[***] = CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY BRACKETS AND ASTERISKS, HAS BEEN OMITTED AND FILED SEPARATELY WITH THE SECURITIES AND EXCHANGE COMMISSION PURSUANT TO RULE 24B-2 OF THE SECURITIES EXCHANGE ACT OF 1934, AS AMENDED. CONFIDENTIAL TREATMENT HAS BEEN REQUESTED WITH RESPECT TO THE OMITTED INFORMATION.
Exhibit C-1
RENEWAL ORDER FORM
Cloudera Product: Cloudera Enterprise Data Hub including NavOpt services, Gold Support providing 24x7 support as set forth in Exhibit A of the Agreement (list: $10,000 per Node)
Subscription Period: April 1, 2018 – March 31, 2021* (Years 5-7, with optional renewal years 8 and 9)
[***] begins October 31, 2017
Subscription Fees under this Exhibit C-1 are as follows:
Year 5 (April 1, 2018-March 31, 2019):
Node Quantity: [***]
Annual Subscription Fee: $[***]
Year 6 (April 1, 2019 – March 31, 2020)
Node Quantity: minimum [***] Nodes
Annual Subscription Fee per Node: [***]
Minimum Annual Subscription Fee: $[***] plus $[***] per Node for Nodes [***], plus $[***] for Nodes in excess of [***]
Year 7 (April 1, 2020 – March 31, 2021)
Node Quantity: minimum [***] Nodes Annual Subscription Fee per Node: $[***]
Minimum Annual Subscription Fee: $[***] plus $[***] per Node for Nodes [***], plus $[***] for Nodes in excess of [***]
OPTIONAL RENEWAL: Years 8 and 9 (April 1, 2021 – March 31, 2023):
Annual Subscription Fee: $[***] per Node for up to [***] Nodes Node Quantity: minimum [***] Nodes
Minimum Annual Subscription Fee: $[***] plus $[***] per Node for Nodes [***]
No additional fee for actual deployments between [***] Nodes and [***] Nodes during the Subscription Period
For Nodes [***] and greater, Customer will pay an additional annual subscription fee of $[***] per Node
Payment Schedule:
Year 5: | |||
April 1 2018 | July 1 2018 | Oct 1 2018 | Jan 1 2019 |
[***] | [***] | [***] | [***] |
Year 6*: | |||
April 1 2019 | July 1 2019 | Oct 1 2019 | Jan 1 2020 |
[***] | [***] | [***] | [***] |
[***] = CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY BRACKETS AND ASTERISKS, HAS BEEN OMITTED AND FILED SEPARATELY WITH THE SECURITIES AND EXCHANGE COMMISSION PURSUANT TO RULE 24B-2 OF THE SECURITIES EXCHANGE ACT OF 1934, AS AMENDED. CONFIDENTIAL TREATMENT HAS BEEN REQUESTED WITH RESPECT TO THE OMITTED INFORMATION.
Year 7**: | |||
April 1 2020 | July 1 2020 | Oct 1 2020 | Jan 1 2021 |
[***] | [***] | [***] | [***] |
Optional Year 8**:
April 1 2021 | July 1 2021 | Oct 1 2021 | Jan 1 2022 |
[***] | [***] | [***] | [***] |
Optional Year 9**:
April 1 2022 | July 1 2022 | Oct 1 2022 | Jan 1 2023 |
[***] | [***] | [***] | [***] |
* plus $[***] per Node for Nodes [***], plus $[***] for Nodes in excess of [***]
** plus $[***] per Node for Nodes [***], plus $[***] for Nodes in excess of [***]
Reporting and payment for Incremental Nodes:
During Years 6 through 9, inclusive, of the Subscription Period as set forth in this Exhibit C-1, Customer may elect to add Nodes that exceed the annual minimum quantity of Nodes as set forth herein (the “Incremental Nodes”). Customer agrees to notify Cloudera of its elected use of such Incremental Nodes at time of deployment. The annual subscription fees for the Incremental Nodes will be calculated for the period commencing immediately upon the installation date of the Incremental Nodes according to the fees set forth above, pro-rated such that the Subscription Period of the Incremental Nodes will terminate on the same date as the existing Subscription Period. Cloudera will invoice Customer for the Incremental Nodes upon receipt of Customer’s Purchase Order that it has so elected, and fees will be due as set forth in the Agreement.
Professional Services and Training Discount Hold:
During the Subscription Period as set forth in this Exhibit C-1, Cloudera agrees to provide the following discounts from then-current list prices at time of order:
Training, all classes: [***]% discount from list
Professional Services (Solutions Architect, Data Scientist): [***]% discount from list, billed per day
Professional Services (Technical Account Manager/Customer Success Manager, Designated Support Engineer): [***]% discount from list, billed per FTE annum
Services list rates as of the Amendment 2 Effective Date are as follows:
[***] = CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY BRACKETS AND ASTERISKS, HAS BEEN OMITTED AND FILED SEPARATELY WITH THE SECURITIES AND EXCHANGE COMMISSION PURSUANT TO RULE 24B-2 OF THE SECURITIES EXCHANGE ACT OF 1934, AS AMENDED. CONFIDENTIAL TREATMENT HAS BEEN REQUESTED WITH RESPECT TO THE OMITTED INFORMATION.
SKU | Role | Description | Discount | List Price |
DSE-03 | Designated Support Engineer | [***]. | [***] | $250,000 |
CDS-CSM | Customer Success Manger | [***]. | [***] | $100,000 |
PSHR-01 / PSHR-01- [***] | Data Scientist: [***] | [***]. | [***] | $650 |
PSHR-03 / PSHR-03- [***] | Principal Solutions Architect: [***] | [***]. | [***] | $500 |
PSHR-04 / PSHR-04- [***] | Sr. Solutions Architect: [***] | [***]. | [***] | $450 |
PSHR-05 / PSHR-05- [***] | Solutions Architect: [***] | [***]. | [***] | $400 |
RSA-SLVR | Resident Architect - Silver | [***]. | [***] | $148,000 |
RSA-Gold | Resident Architect - Gold | [***]. | [***] | $220,000 |
PSHR-09- [***] | Sr. Services Delivery Manager: One (1) Hour | [***]. | [***] | $250 |
Cloudera Data Science Workbench (“CDSW”) [***]:
[***] = CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY BRACKETS AND ASTERISKS, HAS BEEN OMITTED AND FILED SEPARATELY WITH THE SECURITIES AND EXCHANGE COMMISSION PURSUANT TO RULE 24B-2 OF THE SECURITIES EXCHANGE ACT OF 1934, AS AMENDED. CONFIDENTIAL TREATMENT HAS BEEN REQUESTED WITH RESPECT TO THE OMITTED INFORMATION.
As of the Amendment 2 Effective Date, and during Years 5-7 (April 1, 2018 – March 31, 2021) of the Subscription Period as set forth in this Exhibit C-1, Customer [***] subscriptions to Unique Identifiers of Cloudera Data Science Workbench (“CDSW”). A “Unique Identifier” means a unique user ID and password denoted for Customer’s access to and use of CDSW during the Subscription Period. Unique Identifiers may not be shared among users or used concurrently by multiple users, however, a Unique Identifier may be transferred from one individual to another if the original individual no longer requires or is no longer permitted access to or use of CDSW. During the entire duration of the Subscription Period for CDSW (“CDSW Term”), Customer must have a current valid Node license for Cloudera Enterprise Data Hub as set forth in this Exhibit C-1 (“Required License”). CDSW requires dedicated Nodes that may be in excess of the Nodes licensed under Customer’s then-current subscription for Cloudera Enterprise Data Hub, in which case Customer acknowledges and agrees that must license the applicable number of Incremental Nodes under this Exhibit C-1. In the event that the Subscription Period for the Required License expires during the CDSW Term, the CDSW rights and licenses granted to Customer under this Exhibit C-1 will immediately terminate, with no right to refund or credit.
During each of Years 8 and 9 (April 1, 2021 – March 31, 2023) Customer may purchase, at its sole election and subject to the terms as otherwise set forth in the preceding paragraph, [***], due at the beginning of each of Year 8 and Year 9.
[***] = CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY BRACKETS AND ASTERISKS, HAS BEEN OMITTED AND FILED SEPARATELY WITH THE SECURITIES AND EXCHANGE COMMISSION PURSUANT TO RULE 24B-2 OF THE SECURITIES EXCHANGE ACT OF 1934, AS AMENDED. CONFIDENTIAL TREATMENT HAS BEEN REQUESTED WITH RESPECT TO THE OMITTED INFORMATION.
Attachment 1
Privacy Terms
2.1 For the purposes of this Privacy section only, the following definitions apply:
(A)“Data Breach” means any unauthorized or unlawful processing, loss, disclosure, destruction, theft, or damage of any of the Personal Data.
(B)“Data Controller” is a person or entity who (either alone or jointly with others) determines the purposes for which and the manner in which Personal Data is to be processed
(C)“Data Processor” is a person or entity who processes Personal Data on behalf of a Data Controller. In the Agreement, Supplier is the Data Processor.
(D)“Data Subject” is the individual to which the Personal Data relates.
(E)“Personal Data” means any information relating to an identified or identifiable natural person of which Intel is the Data Controller and in relation to which Supplier is providing products or services under the Agreement. An identifiable person is one who can be identified, directly or indirectly, by reference to an identification number or to one or more factors specific to their physical, physiological, mental, economic, cultural or social identity.
(F)“Processing Country” means the country where the Personal Data is to be processed by the Supplier. Unless otherwise agreed to in writing by Intel, it is the country where the Supplier is located as specified in the Agreement.
(G)“Processing of Personal Data” means any operation or set of operations which is performed upon Personal Data, whether or not by automated means, including but not limited to collection, recording, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, deleting or destruction.
(H)“Supplier” means Cloudera, Inc.
2.2 Supplier may collect and process the Personal Data only to the extent, and in such manner, as is necessary to provide the products or services under the Agreement and in accordance with Intel’s instructions from time to time. Supplier will not collect or process the Personal Data for any other purpose.
2.3 Supplier must promptly comply with any request from Intel requiring Supplier to amend, transfer or delete the Personal Data. In any event, upon written request from Intel, Supplier must permanently delete Personal Data within 30 days after the Personal Data is no longer being actively used in fulfilling Supplier’s obligations to Intel under the Agreement.
2.4 Transfer, Disclosure, or Processing of Personal Data
It is the parties’ expectation that Personal Data that will be collected and processed under this Agreement will be limited to business contact information necessary for Intel employees to access the service,
(A)Supplier must not, except at the request of Intel, with Intel’s prior written consent, or as otherwise expressly permitted in this Section:
1.transfer the Personal Data outside the Processing Country; or
[***] = CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY BRACKETS AND ASTERISKS, HAS BEEN OMITTED AND FILED SEPARATELY WITH THE SECURITIES AND EXCHANGE COMMISSION PURSUANT TO RULE 24B-2 OF THE SECURITIES EXCHANGE ACT OF 1934, AS AMENDED. CONFIDENTIAL TREATMENT HAS BEEN REQUESTED WITH RESPECT TO THE OMITTED INFORMATION.
2.disclose the Personal Data to anyone but Intel; or
3.subcontract or assign the Processing of Personal Data
(B)Notwithstanding the foregoing, unless otherwise advised by Intel, Supplier may transfer Personal Data consisting solely of business emails, billing and account information, addresses or phone numbers outside the Processing Country, for the sole purpose of performing its obligations under the Agreement (including facilitating of invoicing and billing under the Agreement).
2.5 If Supplier receives any communication relating to the Processing of the Personal Data, Supplier must immediately notify Intel, and must fully cooperate and assist Intel in addressing the communication.
2.6 Supplier must take appropriate physical, technical and administrative security measures to protect the Personal Data against any Data Breach. Supplier must notify Intel immediately if Supplier becomes aware of any Data Breach and fully cooperate with Intel in investigating the Data Breach, including, without limitation, making available to Intel all relevant records, logs, files, data reporting and other materials related to the Data Breach required to comply with applicable law, regulation, industry standards or as otherwise required by Intel.
2.7 Supplier’s failure to comply with any of the provisions of this Section is a material breach of the Agreement, and Intel may terminate the Agreement effective immediately upon written notice to Supplier.
CLOUDERA DATA POLICY
This Data Policy (the “Policy”) describes Cloudera’s policy for handling, storing, and otherwise treating certain types of data of Cloudera’s customers (each, a “Customer”), including data associated with individual users and employees of Customer organizations, in each case pursuant to a Customer Agreement (as defined
below). “Cloudera” means Cloudera, Inc. and its subsidiaries and affiliates.
Additional policies that apply to specific Cloudera Products and Services can be found at the end of this Policy, in the section entitled “Service-Specific Terms.”
OVERVIEW
Cloudera collects information that a Customer or other data sources send to Cloudera as part of such Customer’s use of Cloudera Products and Services. This data is addressed in three categories, “Transaction Data”, “Account Data” and “Personal Data”, each as defined below.
TRANSACTION DATA AND ACCOUNT DATA
Security
Cloudera understands the sensitive nature of the data that Customer or Customer’s organization may provide while using Cloudera Products and Services. Cloudera will maintain commercially reasonable administrative, physical and technical safeguards designed for the protection, confidentiality and integrity of Customer’s Transaction Data and Account Data.
[***] = CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY BRACKETS AND ASTERISKS, HAS BEEN OMITTED AND FILED SEPARATELY WITH THE SECURITIES AND EXCHANGE COMMISSION PURSUANT TO RULE 24B-2 OF THE SECURITIES EXCHANGE ACT OF 1934, AS AMENDED. CONFIDENTIAL TREATMENT HAS BEEN REQUESTED WITH RESPECT TO THE OMITTED INFORMATION.
Data Use by Cloudera
Access. Cloudera places strict controls over its employees’ access to Customer’s Transaction Data and Account Data that resides in the Cloudera Products and Services, and is committed to ensuring that Customer’s Transaction Data and Account Data is not used by anyone who should not have access to it. The operation of the Cloudera Products and Services requires that some employees have access to Customer systems which store and process Customer’s Transaction Data and Account Data. For example, in order to diagnose a problem Customer is having with Cloudera Products and Services, the Cloudera support team may need to access Customer’s Transaction
Data. These employees are prohibited from using these permissions to view Customer’s Transaction Data unless it is necessary to do so.
Ownership. As between Cloudera and Customer, Customer or its licensors own all right, title, and interest in and to the Transaction Data and Account Data. Cloudera obtains no ownership rights under this Agreement from Customer or its licensors to any Transaction Data or Account Data.
Use of Transaction Data. Cloudera will treat Transaction Data as confidential and will use it only to: (i) facilitate operation of the Cloudera Products and Services; (ii) enhance the use of the Cloudera Products and Services and its related web pages; (iii) perform internal tracking to improve Cloudera Products and Services; (iv) analyze the extent to which Customers use Cloudera Products and Services; (v) enable Cloudera to contact its Customers; (vi) process, bill and invoice Customer’s transactions for Cloudera Products and Services usage; (vii) make backups in order to prevent data loss; and (viii) comply with the law or a binding order of a governmental body. This permission includes allowing us to use third-party service providers in the operation and administration of Cloudera Products and Services and the rights granted to us are extended to these third parties to the degree necessary in order for Cloudera Products and Services to be provided. The Privacy Terms do not apply to Transaction Data.
Use of Account Data. To the extent the Account Data constitute Personal Data (as defined in the Privacy Terms) Cloudera will only use such Account Data in accordance with the Privacy Terms, and Customer consents to such usage.
Feedback. If any Customer users provide Cloudera with any feedback, support tickets, reported defects, usability enhancements, feature requests or suggestions regarding Cloudera Products and Services, Customer grants Cloudera an unlimited, irrevocable, perpetual, free license to use any such feedback or suggestions for any purpose without any obligation to Customer.
Retention of Transaction Data and Account Data
Data collected by Cloudera as part of diagnostic bundles will be retained for a period of 12 months. All other Transaction Data and Account Data may be retained no longer than as permitted by governing law, but in no event longer than for the life of the related Cloudera product + 10 years.
Incident Management and Response
In the event of a security breach involving Cloudera Products and Services, Cloudera will promptly notify each affected Customer of any unauthorized access to any of such Customer’s Transaction Data or Account Data that was stored in Cloudera Products and Services. Cloudera has internal incident management procedures in place to handle such an event.
[***] = CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY BRACKETS AND ASTERISKS, HAS BEEN OMITTED AND FILED SEPARATELY WITH THE SECURITIES AND EXCHANGE COMMISSION PURSUANT TO RULE 24B-2 OF THE SECURITIES EXCHANGE ACT OF 1934, AS AMENDED. CONFIDENTIAL TREATMENT HAS BEEN REQUESTED WITH RESPECT TO THE OMITTED INFORMATION.
Product Security Practices
New features, functionality, and design changes go through a security review process facilitated by Cloudera’s security team. The security team works closely with development teams to resolve any additional security concerns that may arise during development.
PERSONAL DATA
The Privacy Terms in this Attachment are hereby incorporated into this document and include important terms regarding Cloudera’s handling of Personal Data. The sections above relating to Incident Management and Response and Product Security Practices also apply to Personal Data.
CUSTOMER RESPONSIBILITIES
Customer Account and Account Data
To access certain Cloudera Online Services, Customer may be asked to create a Cloudera account associated with a valid e-mail address (a “Customer Account”). Customer may only create one account per email address. Customer is responsible for: (i) maintaining the confidentiality of the Account Data, (ii) monitoring and controlling which end users have access to the Customer Account; and (iii) all activities that occur under the Customer Account, regardless of whether the activities are undertaken by Customer, Customer’s employees or a third party (including Customer’s contractors or agents). Except to the extent caused by Cloudera’s breach of this Data Policy and the Privacy Terms, Cloudera and its Affiliates are not responsible for unauthorized access to the Customer
Account. Customer will contact Cloudera immediately if Customer believes an unauthorized third party may be using the Customer Account or if Customer’s Account Information is lost or stolen.
Acceptable Use
Customer must not: (i) use, or encourage, promote, facilitate or instruct others to use, Cloudera Products and Services for any illegal, harmful or offensive use, or to transmit, store, display, distribute or otherwise make available content that is illegal, harmful, or offensive; (ii) use Cloudera Products and Services to violate the security or integrity of any network, computer or communications system, software application, or network or computing device; (iii) make network connections to any users, hosts, or networks unless Customer has permission to communicate with them; (iv) use Cloudera Products and Services to transmit spam, bulk or unsolicited communications; or (v) use Cloudera Products and Services to collect and store personally identifiable information about any person unless specifically authorized by such person.
Transaction Data, Account Data and Personal Data
Customer is solely responsible for the creation, operation and maintenance of Transaction Data, Account Data and Personal Data (unless such Personal Data is collected or transferred to Cloudera for processing). For example, Customer is solely responsible for:
• | the technical operation of Cloudera Products and Services, including ensuring that calls Customer makes to any Cloudera Online Service are compatible with then-current APIs for that Cloudera Online Service; |
• | compliance with the Acceptable Use provisions herein; |
[***] = CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY BRACKETS AND ASTERISKS, HAS BEEN OMITTED AND FILED SEPARATELY WITH THE SECURITIES AND EXCHANGE COMMISSION PURSUANT TO RULE 24B-2 OF THE SECURITIES EXCHANGE ACT OF 1934, AS AMENDED. CONFIDENTIAL TREATMENT HAS BEEN REQUESTED WITH RESPECT TO THE OMITTED INFORMATION.
• | to the extent Transaction Data, Account Data and Personal Data are under Customer’s control, compliance with all applicable laws; |
• | any claims relating to Transaction Data, Account Data and Personal Data; |
• | anonymizing data to the extent Customer deems it reasonable or prudent to do so; and |
• | properly handling and processing notices sent to Customer (or any of its affiliates) by any person claiming Customer’s data violates such person’s rights, including notices pursuant to the Digital Millennium Copyright Act. |
Customer agrees that its Transactional Data, Account Data and Personal Data will not include information regulated under the International Traffic in Arms Regulations (U.S. government regulations addressing defense- related articles and services).
Customer agrees not to upload, post or otherwise transmit to Cloudera any Transaction Data that: (a) is inaccurate, harmful, obscene, pornographic, defamatory, racist, violent, offensive, harassing, or otherwise objectionable; (b) includes unauthorized disclosure of personally identifiable information or other confidential information; (c) violates or infringes any third party intellectual property rights; or (d) contains software viruses or any other computer code, files or programs designed to interrupt, destroy or limit the functionality of any computer
software or hardware or telecommunications equipment. Cloudera reserves the right to edit or remove Transaction Data that violates this Policy.
By providing Transaction Data, Customer represents and warrants to Cloudera that Customer owns or otherwise possesses all intellectual property rights and other rights necessary to provide such Transaction Data and to permit others to make use of such Transaction Data.
Security and Backup
Customer is responsible for taking its own steps to maintain appropriate security, protection and backup of Transactional Data, Account Data and Personal Data, which may include the use of encryption technology or anonymization to protect such data from unauthorized access.
Customer Data
Cloudera Products and Services that store or process Customer Data are either located on a third-party hosting site or on Customer’s own servers. As such, Cloudera has no liabilities or obligations with respect to Customer Data under this Data Policy.
DEFINITIONS
“Account Data” means information about Customer that Customer provides to Cloudera in connection with the creation or administration of its Cloudera account. For example, Account Data includes names, user names, phone numbers, email addresses and billing information associated with Customer’s Cloudera account.
"Cloudera Products and Services" means any of Cloudera’s products and software to which Customer may have subscribed under the terms of a Customer Agreement, including but not limited to Cloudera Manager, Cloudera Enterprise, Cloudera Live, Cloudera Express, Cloudera Director, any Cloudera Online Services, any trial software, and any software related to the foregoing.
[***] = CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY BRACKETS AND ASTERISKS, HAS BEEN OMITTED AND FILED SEPARATELY WITH THE SECURITIES AND EXCHANGE COMMISSION PURSUANT TO RULE 24B-2 OF THE SECURITIES EXCHANGE ACT OF 1934, AS AMENDED. CONFIDENTIAL TREATMENT HAS BEEN REQUESTED WITH RESPECT TO THE OMITTED INFORMATION.
“Customer Agreement” means the separate agreement between Customer and Cloudera governing Customer’s use of the Cloudera Products and Services.
“Customer Data” means any of Customer’s originating data that might be stored in nodes and accessed by Cloudera’s software or other third-party software.
“Personal Data” means Personal Data as defined in the Privacy Terms.
“Privacy Terms” means the privacy terms included in this Attachment
“Transaction Data” means all data that is (i) input into Cloudera Products and Services by Customer or its end users, (ii) generated by Cloudera’s systems as a result of Customer’s or its end users’ use of the Cloudera Products and Services, or (iii) data that is generated for troubleshooting and diagnostics, in each case that is transmitted to Cloudera. Transaction Data does not include Customer Data.
In the event of a conflict between this Policy and the terms of the applicable Customer Agreement, the terms and conditions of this Policy apply, but only to the extent of such conflict.
SERVICE-SPECIFIC TERMS
Cloudera Navigator Optimizer and Workload Analytics
Data Use. Cloudera’s Navigator Optimizer service (“Optimizer”) and Workload Analytics service (“Workload Analytics”) do not collect or store any Personal Data or Customer Data. These services may collect and/or store certain types of Transaction Data such as Customer’s queries or workload information (“Analytics Data”). While Analytics Data is confidential information and will be protected pursuant to the provisions in this policy that apply to Transaction Data, Optimizer and Workload Analytics are not databases of record for the storage of Analytics Data. Retention of this Analytics Data is not Cloudera’s responsibility.
Availability. Cloudera is committed to making Optimizer and Workload Analytics highly-available services that Customers can count on. To the extent feasible, Cloudera’s infrastructure runs on systems that are fault-tolerant, for failures of individual servers. Cloudera’s operations team tests disaster-recovery measures regularly and staffs a team to quickly resolve unexpected incidents. However, at this time Cloudera makes no uptime or availability guarantees with respect to Optimizer or Workload Analytics or retention of Analytics Data.
Cloudera will host Optimizer and Workload Analytics only in the United States.