Armadillex

Terms and Conditions

Welcome to Armadillex! It's great that you're here and it means that you're serious about making data protection manageable and effective in your organization.

These terms are a binding agreement between you and Armadillex Ltd ("Armadillex", "we" and its cognates). These terms govern your use of our websites and of our web-application (the "Services") and you agree to our terms. If you have credentials to our web-application (the "Armadillex App") these terms will have been agreed to by your organization and will bind you too.

  1. Account management and responsibility. You may not create and use an account on the Armadillex App unless you are at least 18 years old and provide truthful information in establishing and using the account. Be aware that your administrator may be able to enter, view, control and delete your account. No unauthorized sharing of your account is permitted. You are solely responsible for choosing your password, for its quality and security and for protecting the confidentiality of your login credentials. You are responsible for all activity in your account. Armadillex will not be liable for any loss or harm incurred as a result of unauthorized use of your login credentials or your account. Your account management will require collection of some personal data, such as your login credentials, first name, last name, email and contact details, organization, online identifiers such as IP address and cookies. When using the Services, you will not and will not help others: do anything illegal, or engage in fraudulent, false or misleading, libelous or defamatory activity; circumvent any restrictions on access to or availability of the Services; infringe the rights of others.

  2. Modification of Services. we reserve the right to: add, modify or remove functionality or features of our Services, with or without notifying you; and charge a fee for some or all of our Services.

  3. Content created and shared by you. Any content you share with us for account management purposes, such as a support ticket or feature idea or feedback, will be shared internally and with consultants supporting our Services.

  4. Content uploaded by you to the Armadillex App. you will upload only content which you are authorized to upload. You are aware that the data will be analyzed by Armadillex's proprietary tools, including artificial-intelligence tools.

  5. Your use of the Services. you will not use the Services in any way that violates laws, infringes rights, interferes with the Services or others and which infringes anyone's rights. You are granted a limited, non-transferable, license to use the Services for the purposes of data protection management. We reserve the right to block your use, take legal action and terminate your account or take other reasonable steps, if you violate these terms. If we do not take prompt action following such infringement, that does not mean we waive our rights, nor that we will not in the future exert our rights.

  6. Intellectual Property. The Services are our intellectual property, including also our trademarks and copyrighted works: logos, brand names, website content, blogs and videos and other material. You agree not to challenge our ownership of such intellectual property.

  7. Third party sites. Our Services may contain links to sites and services of third parties. We do not control or endorse those, not the goods and services provided on and through those sites and services.

  8. Data privacy. We are a processor (service provider) and you are controller (business) of personal data which you upload to the Services. You hereby instruct us to process such data for provision of the Services and we will process the data only as instructed here, or otherwise instructed in writing. We have no control over which data you choose to upload to the Services. Armadillex uses sub-processors to provide the Services. These may change from time to time and currently include Alphabet Inc Services such as Google Cloud Platform, GSuite, Vertex AI, Firestore, Drive, Slack and SendGrid. In addition, we use multiple data security providers. We have written agreements with each subprocessor providing substantively the same protections as we have committed to here. We may add additional subprocessors with 14 days notice. You agree to the data protection terms below (Annex A).

  9. Data Transfer. We process data in the EU and in Israel which is deemed adequate by the EU Commission.

  10. Notices. You consent to receiving notifications by email or through being posted on the site. Any notice sent to you by email shall be deemed to have been received when sent to the address provided by your organization. Notifications may be sent to Armadillex at info[AT]armadillex.com.

  11. Artificial Intelligence. You are aware that Armadillex includes an Artificial Intelligence (AI) component. AI can be unpredictable, inconsistent and unstable. We undertake ethics assessments to make Armadillex ethical for use and take many steps to ensure that our AI operates in line with the industry best-practices, but we cannot assure that it will always be effective or completely reliable and sometimes it is not. All data uploaded by or for you to Armadillex, may be used to train Armadillex' AI models. . You are aware that data used to train Armadillex' AI models cannot be un-learned or deleted from that model, though on request we can remove it from future model development. Your data is secured and is not shared with any other party other than the AI provider. You are aware that the learning and analysis that Armadillex' AI models gains from your data may be used by Armadillex' AI models on other people's data.

  12. NO WARRANTY, NO LEGAL ADVICE. The Services are provided on an "as is" and "as available" basis, without any warranties of any kind whatsoever. We make no warranties whatsoever with respect to any third party services. We work hard to provide a high level of service, but use of the Services is at user's sole risk. Except in the event of willful misconduct or fraud by Armadillex, in no event shall we be liable, whether in tort, contract, or any other theory of law, for any direct, special, indirect, punitive, incidental, consequential, exemplary or other similar damages, including without limitation loss of profits, loss of business, complaints or actions brought by or against you by data subjects or data protection authorities, corruption of data or information, arising out of or in any way connected to these terms and/or the Services. The output of Armadillex is not legal advice and does not replace the need for legal advice and representation. Armadillex produces material that is useful to its clients, which may accelerate various processes and which may serve as material that may ultimately be used in situations such as negotiation, contracts, regulatory reports and so on. However, you are aware that all output must be checked for completeness, relevance and accuracy and Armadillex offers no warranty or assurance with regard to the completeness, relevance or accuracy of its output.

  13. Term and termination. This agreement will be in force for the duration of your use of the services. Either party may terminate it with immediate effect.

  14. Contact. All communications to Client will be in writing to the email provided at the time your account is opened.

  15. Applicable law and jurisdiction. Any and all disputes arising in connection with the Services are under the exclusive jurisdiction of the court of Central District, Israel and Israeli law will apply, except its choice of law and jurisdiction provisions.

Annex A: Data Processing terms

This Data Processing Agreement ("DPA") is made by and between you ("Client") and Armadillex ("Armadillex") (each a "Party" and together the "Parties") as required by applicable data privacy laws (together "Applicable Data Protection Laws"). This Agreement governs matters of Personal Data protection between the Parties, and shall be in force for as long as Parties Process Personal Data in connection with Armadillex's License Agreement located at:www.armadillex.com/terms(the "Terms") and it amends any prior agreement between the Parties with respect to data protection matters. Capitalized terms not otherwise defined herein, shall take the meaning ascribed to them by Applicable Data Protection Laws.

  1. Client is a Controller of Personal Data governed by Applicable Data Protection Laws ("Personal Data"). Armadillex is a Processor for Client. Client instructs Armadillex to process Personal Data in accordance with the Terms and this DPA and in accordance with other agreed instructions or as may be lawfully required by Armadillex.

  2. Each Party shall comply at all times with Applicable Data Protection Laws. Armadillex shall promptly notify Client of any circumstance of which it becomes aware that may prevent either party from complying with its obligations under this DPA or under Applicable Data Protection Laws. Each party shall reasonably cooperate with the other in responding to inquiries, incidents, claims and complaints regarding the Processing of the Personal Data or as otherwise needed for either party to demonstrate compliance with Applicable Data Protection Laws.

  3. Armadillex's personnel engaged in Processing Personal Data are and will remain committed to confidentiality. Armadillex takes not less than industry-appropriate technical and organizational measures to ensure the security of its Processing of Personal Data and meets or exceeds the requirements of GDPR Article 32 as detailed here:

    • Platform data is encrypted in transit and at rest. Data is siloed, backed up and stored regionally.
    • User passwords are complex and are stored in encrypted form.
    • User access is logged.
    • Backend access is multi-factor authenticated, logged and role-based.
    • Endpoint security: all Armadillex endpoints are antivirus secured, with complex passwords and multi-factor authentication.
    • Training: all Armadillex personnel are trained in data security and data privacy.

  4. Armadillex will maintain an updated list of its Sub-processors here: www.armadillex.com/subprocessor. Armadillex may add a sub-processor with 14 days notice, which will be granted to any client who signs up for email notification at that site. Armadillex shall ensure that the arrangement between Armadillex and each sub-processor is governed by a written contract including terms which offer substantively at least the same level of protection for the Personal Data being Processed hereunder as those set out in this DPA and which meet the requirements of Applicable Data Protection Laws.

  5. International Transfers. US based clients' data is stored in the US; all others are stored in the EU. Armadillex is based in Israel, a country recognized as adequate by the EU Commission.

  6. Armadillex will assist Client in responding to requests for exercising data subjects' rights. Armadillex will inform Client promptly if it receives any such request and in any event within 72 hours of receipt and will not take any other action without Client's authorization except to inform the requester to be in touch with its controller. Armadillex will likewise assist Client with its obligations pursuant to Applicable Data Protection Laws, such as regarding data security, data protection impact assessments and breach notifications. Armadillex will reasonably allow for and contribute to audits and inspection in this regard. Armadillex will inform Client without delay and in any event within 48 hours, if Armadillex experiences a Personal Data Breach and will provide all available details to Client, including all information reasonably needed by Client to comply with Applicable Data Protection Laws and will implement appropriate remedial preventive measures.

  7. Armadillex will report to Client annually upon written request on the manner in which the obligations contained in this DPA are implemented.

  8. Armadillex will use Client data to build or track and improve its platform and services, to detect data security incidents, prevent or respond to fraudulent or illegal activity, to cooperate as required with law enforcement.

  9. On termination of its account and unless instructed in writing to return it, Client data will be irreversibly deleted and Client waives any claims in connection therewith, though Armadillex may remove all personal data and continue to use such data.

  10. Armadillex may not assign its respective rights and obligations hereunder, other than if such assignment is by way of merger or acquisition of all or substantially all Armadillex's equity or assets, or change of control.

  11. Invalidation of one or more of the provisions under this DPA will not affect the remaining provisions. Invalid provisions will be replaced, to the extent possible, by such valid provisions which achieve essentially the same objectives. The choice of law and jurisdiction governing this agreement will be the same as those governing the applicable Service Agreement.

  12. Description of personal data processing:

    • Duration: personal data is processed for the duration of the license.
    • Nature and purpose: The processing involves AI analysis of client data protection agreements and associated documentation. This data is processed in connection with the Armadillex platform data protection operation services as described above.
    • Types: This typically contains email addresses and occasionally some other data, of contact people at the platform user's organization and other organizations. Armadillex also processed account management data, typically: user name (first and last), login credentials, email, phone number, company, IP address and other platform usage data.
    • Data subjects: Client's partners' contacts and Client staff using Armadillex platform.

  13. Armadillex's data protection personnel may be contact at dpo@armadillex.com.

*****