Terms of Service

Last updated: December 20, 2023

These Terms of Service set out the terms and conditions upon which you may use the API Hero Ltd (trading as Trigger.dev) service made available through www.trigger.dev.

By signing up to or using the Trigger.dev Service, you agree to and accept these Terms of Service.

Please read these Terms of Service carefully and make sure you understand and agree to them before using the Trigger.dev Service. If you have any questions relating to these Terms of Service please contact us at [email protected].

---

IF YOU DO NOT ACCEPT THESE TERMS OF SERVICE, PLEASE DO NOT USE THE TRIGGER.DEV SERVICE.

---

1. Information about Trigger.dev

1.1. The Trigger.dev Service is provided by API Hero Ltd, a company incorporated and registered in England and Wales under company number 14441978 whose registered office is at 3rd Floor 1 Ashley Road, Altrincham, Cheshire, United Kingdom, WA14 2DT VAT number is 437608871.

1.2. Trigger.dev is the provider of an open source framework that allows developers to write ‘background jobs’ in code in order to automate tasks in their business or for their users.

2. Interpretation

In these Terms of Service, save where the context requires otherwise, the following words and expressions have the following meaning:

“Account” means the Customer’s account on the Trigger.dev Service;

“Agreement” means the agreement between the Customer and Trigger.dev for the provision of the Trigger.dev Service comprising these Terms of Service and any terms in Trigger.dev Service Plan;

“Billing Period” means the billing period for the Service Fees as set out in the applicable Trigger.dev Service Plan;

“Cloud Trigger.dev Platform” means the Trigger.dev Service made available to the Customer as a cloud-based service accessible through the Website;

“Commencement Date” means the date the Customer creates an Account;

“Confidential Information” means information which is identified as confidential or proprietary by either party or by the nature of which is clearly confidential or proprietary;

“Customer” means the person or organisation identified as the “Customer” in the Account;

“Customer Data” means any content or data transferred to Trigger.dev as a result of the Customer’s use of the Trigger.dev Service;

“Initial Term” means the subscription period set out in the applicable Trigger.dev Service Plan, or in the absence of any such period in the Trigger.dev Service Plan, the period of one (1) month, in each case commencing on the Commencement Date;

“Integrations” means a piece of software that makes it easier to use a third party API with the Trigger.dev Platform;

“Intellectual Property Rights” means copyright, database right, domain names, patents, registered and unregistered design rights, registered and unregistered trade marks (including, where applicable the Trade Marks) and all other industrial, commercial or intellectual property rights;

“Jobs” means a predefined set of instructions or rules that control the execution and scheduling of batch applications or background processes within a computer system or software application;

“Local Trigger.dev Platform” means a version of the Trigger.dev Service installed locally on the Customer’s own cloud infrastructure;

“Malware” means any thing or device (including any software, code, file or programme) which may: prevent, impair or otherwise adversely affect the operation of any computer software, hardware or network, any telecommunications service, equipment or network or any other service or device; prevent, impair or otherwise adversely affect access to or the operation of any programme or data, including the reliability of any programme or data (whether by re-arranging, altering or erasing the programme or data in whole or part or otherwise); or adversely affect the user experience (including all viruses, worms, trojan horses, spyware, logic bombs and similar files, scripts, agents, things or devices);

“Overage Fees” means the volume based charges (if any) set out in the applicable Trigger.dev Service Plan which are payable by the Customer where the Customer’s and its User’s use of the Trigger.dev Service exceeds the Use Allowance;

“Renewal Term” means either the period of time described as such in the applicable Trigger.dev Service Plan, or in the absence of any such description, a period of time equal to the Initial Term, in each case commencing on the expiry of the Initial Term or the immediately preceding Renewal Term (as appropriate);

“Service Fees” means the fees (if any) payable in respect of the provision of the Trigger.dev Service, according to the applicable Trigger.dev Service Plan;

“Sign Up Process” means the process (whether electronic or otherwise) by which the Customer signs up to use the Trigger.dev Service and, which amongst other things, identifies the Customer and the applicable Trigger.dev Service Plan;

“Term” means the Initial Term and successive Renewal Terms;

“Terms of Service” means these terms and conditions of service as amended from time to time;

“Trigger.dev Platform” means, as the case may be, either the Cloud Trigger.dev Platform or the Local Trigger.dev Platform, in the form made availably by Trigger.dev from time to time;

“Trigger.dev Service” means access to the open source background Jobs framework Trigger.dev makes available either through the Cloud Trigger.dev Platform or by permitting Customer to run a Local Trigger.dev Platform;

“Trigger.dev Service Plan” means the service plan relating to the Trigger.dev Service which (amongst other things) sets out the applicable Service Fees, Usage Limits, and Term, and which shall be (i) available on the Website from time to time, or (ii) as agreed with the Customer in such form as Trigger.dev may require;

“Use Allowance” means the limitations on the permitted use of the Trigger.dev Service by the Customer and its Users set out in the applicable Trigger.dev Service Plan;

“User” means any person authorised by the Customer to access the Trigger.dev Service on behalf of the Customer; and

“Website” means www.trigger.dev and any subdomains.

3. Creating an account

3.1. To use certain features and functionalities of the Trigger.dev Service, the Customer must first register and create an Account.

3.2. The customer is able to create an account either by using their email address or by logging in with their GitHub account.

3.3. If the Customer is a legal entity (rather than an individual), the individual creating the Account on the Customer’s behalf must have the necessary authority, power and right to fully bind the Customer.

3.4. The Customer must promptly update the Customer’s Account information in the event of any changes to this information.

3.5. Trigger.dev reserves the right to suspend or terminate the Customer’s Account and access to the Trigger.dev Service if any information provided proves not to be accurate or current.

3.6. All Users of the Trigger.dev Service must be over the age of 16.

4. Duration

4.1 The Agreement shall start on the Commencement Date and continue for the Term unless terminated earlier.

5. Access to the Trigger.dev service

5.1. Trigger.dev grants the Customer a non-exclusive, non-transferable, personal and non sub-licensable licence to permit Users to use the Trigger.dev Service as permitted by the functionality of the Trigger.dev Service.

5.2. The Customer must treat any login details used to access the Trigger.dev Service or the Customer’s Account as Confidential Information, and it must not disclose it to any third party (other than to Users).

5.3. In relation to Users, Customer shall procure that each User keeps secure and confidential any log-in details provided to them for the User’s use of the Trigger.dev Service and shall not disclose such login details to any third party including any other Users.

5.4. The Customer shall procure that each of its Users has its own login details and will ensure that such login details are not shared.

5.5. Trigger.dev may disable any login details, at any time and at Trigger.dev’s sole discretion, if a User or the Customer has failed to comply with any of the provisions of the Agreement.

5.6. The Customer is responsible for maintaining the confidentiality of login details for its Account and any activities that occur under its Account including the activities of Users. If the Customer has any concerns about the login details for its Account or thinks they have been misused, please contact Trigger.dev at [ ].

5.7. The Customer must take reasonable precautions to prevent any unauthorised access to, or use of, the Trigger.dev Service and, in the event of any such unauthorised access or use, promptly notify Trigger.dev.

5.8. The Customer recognises that Trigger.dev is always innovating and finding ways to improve the Trigger.dev Service with new features and services. Therefore, the Customer agrees that the Trigger.dev Service may change from time to time and no warranty, representation or other commitment is given in relation to the continuity of any functionality of the Trigger.dev Service.

5.9. The Customer shall indemnify and defend Trigger.dev, its agents and contractors from and against any and all losses, damages, claims, liabilities or expenses (including reasonable lawyer’s fees) arising out of a claim brought by a third party relating to the Customer’s use of the Trigger.dev Service (except to the extent caused by Trigger.dev’s negligence).

5.10. If the Customer has subscribed to the Trigger.dev Service using the Sign Up Process on the Website, the Customer may, using the functionality within the Trigger.dev Platform, change to a different Trigger.dev Service Plan at any time during the Term (a “Service Plan Change”) and where the Customer elects to do so, the Service Plan Change will take effect:

5.10.1. when moving from a paid Trigger.dev Service Plan to a free of charge Trigger.dev Service Plan, on expiry of the then then-current Billing Period; or

5.10.2. except where 5.10.1 applies, immediately.

5.11. If, when making a Service Plan Change, the Customer chooses to downgrade the Trigger.dev Service Plan it has previously selected, the Customer acknowledges that this may result in the loss of certain Customer Data and certain elements of the Trigger.dev Service and Trigger.dev shall not be liable for any such loss.

6. Trigger.dev Cloud

6.1 By using the Trigger.dev Service through the Cloud Trigger.dev Platform, you understand that when you run a Job, the Trigger.dev Service will receive any associated data that you pass through to our API.

6.2 If this data contains personal data it shall be subject to our data processing agreement outlined in the schedule to this Agreement. You are able to use the redactString feature to replace the display of personal data on the dashboard with a *. More information about this feature can be found here.

7. Local Trigger.dev Platform

7.1. It is possible to deploy the Trigger.dev Service locally within your cloud environment (your “Environment”).

7.2. Trigger.dev does not guarantee that the Trigger.dev Service will be compatible with your Environment.

7.3. In order to host the Trigger.dev Service locally, you must complete the instructions found here.

8. APIs

8.1. The Customer may access Customer Data via Trigger.dev’s API (Application Program Interface).

8.2. The Customer acknowledges that abuse or excessively frequent requests to the Trigger.dev Service via the API may result in the temporary or permanent suspension of the Customer’s access to the API.

8.3. Trigger.dev, in its sole discretion, will determine abuse or excessive usage of the API.

8.4. Trigger.dev will make a reasonable attempt via email to warn the Customer prior to suspension.

8.5. When implementing a Job, Customer may use one of the third-party Integrations provided by Trigger.dev.

8.6. Customer acknowledges that Trigger.dev shall have no liability to Customer for any loss or damage that arises from the use of such Integrations, save as where they arise from Trigger.dev’s negligence.

8.7. Customer shall be liable for any consequences that flow from the use of bespoke Integrations run through the Cloud Trigger.dev Platform.

9. Customer obligations

9.1. Trigger.dev may monitor the Customer’s use of the Trigger.dev Service to ensure quality, improve the Trigger.dev Service, and verify the Customer’s compliance with the Agreement.

9.2. The Customer:

9.2.1. must comply with all applicable laws and regulations with respect to its use of the Trigger.dev Service and its activities under the Agreement;

9.2.2. must use and ensure its Users use the Trigger.dev Service in accordance with the terms of the Agreement and shall be responsible for any actions and omissions in connection with the use of the Trigger.dev Service by any Users;

9.2.3. must obtain and shall maintain all necessary licences, consents, and permissions necessary for Trigger.dev to perform its obligations to the Customer under the terms of the Agreement;

9.2.4. must ensure that its network and systems, including its internet browser used complies with any relevant specifications provided by Trigger.dev from time to time;

9.2.5. is solely responsible for procuring and maintaining its network connections and telecommunications links from its systems in order to access and use the Trigger.dev Service;

9.2.6. must not modify another website so as to falsely imply that it is associated with the Trigger.dev Service, any of Trigger.dev’s other services or Trigger.dev or its affiliates.

9.2.7. must not carry out any penetration testing or automated or manual vulnerability scans (or similar security testing) in relation to the Trigger.dev Service without first having obtained the prior written authorisation of Trigger.dev; and

9.2.8. must not use the Trigger.dev Service: (a) to access, store, distribute or transmit or prepare for distribution or transmission any Malware; (b) to access, store, distribute or transmit or prepare for distribution or transmission any material that is unlawful, harmful, threatening, defamatory, obscene, infringing, harassing or racially or ethnically offensive; (c) in a manner that is illegal or causes damage or injury to any person or property; (d) to infringe any copyright, database right or trademark of any person; (e) to transmit, send prepare for transmission or prepare for sending any unsolicited or unauthorised advertising or promotional material or any other form of similar solicitation (‘spam’); or (f) to interfere with or attempt to interfere with or compromise the Trigger.dev Service integrity or security.

9.3. The Customer agrees that failure to comply with this clause constitutes a material breach of the Agreement, and may result in Trigger.dev taking all or any of the following actions:

9.3.1. immediate, temporary or permanent withdrawal of any rights to use the Trigger.dev Service;

9.3.2. removing any violating Customer Data;

9.3.3. the issuing of a warning;

9.3.4. legal action against the Customer including proceedings for reimbursement of all costs and expenses (including, but not limited to, reasonable administrative and legal costs) incurred by us resulting from the breach; or

9.3.5. disclosure of such information to law enforcement authorities as we reasonably feel is necessary.

9.4. The Customer acknowledges that it is responsible for all Customer Data distributed or transmitted under its Account (including by its Users).

9.5. The Customer acknowledges that the responses described in this clause are not limited, and we may take any other action we reasonably deem appropriate.

10. Important note on intellectual property rights

10.1. Trigger.dev is the owner of or the licensee of all Intellectual Property Rights in the Trigger.dev Service. These works may be protected by copyright and other laws and treaties around the world. All such rights are reserved.

10.2. Certain parts of the Trigger.dev Service may be subject to an open source licence, the applicable open source licences are detailed here: https://github.com/triggerdotdev/trigger.dev/blob/main/LICENSE. The Customer will not, when using the Trigger.dev Service, except as may be allowed by any applicable law or open source licence which is incapable of exclusion by Trigger.dev and to the extent expressly permitted under these Terms of Service:

10.2.1. attempt to copy, modify, duplicate, create derivative works from, frame, mirror, republish, download, display, transmit, or distribute all or any portion of the Trigger.dev Service in any form or media or by any means;

10.2.2. attempt to reverse compile, disassemble, reverse engineer or otherwise reduce to human-perceivable form all or any part of the Trigger.dev Service; or

10.2.3. access all or any part of the Trigger.dev Service in order to build a product or service which competes with the Trigger.dev Service or use or attempt to use the Trigger.dev Service to directly compete with Trigger.dev.

10.3. The Customer grants Trigger.dev a licence to access, download and use the Customer Data for the purpose of analysing the Customer Data in accordance with the Trigger.dev Service functionality, displaying the results of such analysis to Users, developing, testing, improving and altering the functionality of the Trigger.dev Service and producing anonymised or anonymised and aggregated statistical reports and research. Otherwise, Trigger.dev claims no rights in the Customer Data. The Customer shall maintain a backup of Customer Data and Trigger.dev shall not be responsible or liable for the deletion, correction, alteration, destruction, damage, loss, disclosure or failure to store any Customer Data.

10.4. As between the parties any and all Intellectual Property Rights subsisting in any derivative work or improvements made to the Trigger.dev Service by Customer, whether on Cloud Trigger.dev Platform or Local Trigger.dev Platform will, on creation, vest and remain vested in Trigger.dev (or its relevant licensors) and to the extent that any rights in such materials and data vest in Customer by operation of law, Customer hereby assigns such rights to Trigger.dev with full title guarantee by way of present and future assignment, free of any charge, lien, or royalty except to the extent the Customer is unable to do so due to the provisions of any open source licence relating to an element or elements of such derivative works or improvements.

10.5. Where such derivative work or improvements are made on Local Trigger.dev Platform, Customer must disclose this to Trigger.dev as soon as practicably possible and provide Trigger.dev with the source code to any such derivative work or improvements.

11. Publicity

11.1. Trigger.dev may use the Customer’s name, logo and related trade marks in any of Trigger.dev’s publicity or marketing materials (whether in printed or electronic form) for the purpose of highlighting that the Customer uses the Trigger.dev Service and alongside any testimonials that the Customer has agreed to give.

11.2. The Customer may request Trigger.dev to stop using the Customer’s name, logo and related trademarks at any time by contacting Trigger.dev in writing at [email protected].

12. Data protection

12.1. If any of the Customer Data contains personal data, the parties will process such personal data in accordance with the Data Processing Schedule.

12.2. For the purposes of the Agreement, “personal data” and “process” shall have the meanings as set out in the Data Processing Schedule.

13. Additional terms for specific services

13.1. In addition, certain elements of the Service are governed by additional terms and conditions and privacy policies which can be requested by contacting [email protected].

14. Confidential information

14.1. Each party may be given access to Confidential Information from the other party in order to perform its obligations under the Agreement. A party’s Confidential Information shall not be deemed to include information that:

14.1.1. is or becomes publicly known other than through any act or omission of the receiving party;

14.1.2. was in the other party’s lawful possession before the disclosure; 

14.1.3. is lawfully disclosed to the receiving party by a third party without restriction on disclosure;

14.1.4. is independently developed by the receiving party, which independent development can be shown by written evidence; or

14.1.5. is required to be disclosed by law, by any court of competent jurisdiction or by any regulatory or administrative body.

14.2. Each party shall hold the other’s Confidential Information in confidence and, unless required by law, not make the other’s Confidential Information available for use for any purpose other than as needed to perform the terms of the Agreement.

14.3. Each party shall take all reasonable steps to ensure that the other’s Confidential Information to which it has access is not disclosed or distributed by it or its employees or agents in violation of the terms of the Agreement.

14.4. Each party shall take a back-up of its own Confidential Information and shall not be responsible to the other for any loss, destruction, alteration or disclosure of Confidential Information.

15. Price and payment

15.1. The Customer will pay the Service Fees in accordance with the Trigger.dev Service Plan, the Billing Period, and this clause 15.

15.2. If the applicable Trigger.dev Service Plan refers to:

15.2.1. any Use Allowance, the Service Fees are linked to that Use Allowance; and

15.2.2. Overage Fees, the Service Fees will be deemed to include the applicable Overage Fees relating to the Customer’s and its User’s use of the Trigger.dev Service in excess of the Use Allowance.

15.3. The Service Fees shall be payable in accordance with the Billing Period.

15.4. Unless the Commencement Date falls on the first day of the then-current month, where the Billing Period is monthly, the Service Fees (excluding Overage Fees) for the first Billing Period will be reduced on a pro-rated basis to reflect the number of days remaining in the then-current Billing Period and shall thereafter be payable in full in each further Billing Period.

15.5. Unless the applicable Trigger.dev Service Plan states otherwise, the Service Fees for each Billing Period are due and payable in advance save that any Overage Fees will be due and payable in arrears upon expiry of the Billing Period in which they accrued.

15.6. The Customer agrees that the Service Fees (including any Overage Fees) are non-refundable except where this clause 15 provides otherwise.

15.7. The Customer shall pay the Service Fees by card payment or, if agreed in advance with Trigger.dev (including in the applicable Trigger.dev Service Plan), by bank transfer within 14 days after receipt of an invoice from Trigger.dev.

15.8. If the Customer makes a Service Plan Change, upon the Service Plan Change taking effect (according to clause 5.10):

15.8.1. where the Service Plan Change is to a Trigger.dev Service Plan with lower Service Fees (in comparison with the previously applicable Trigger.dev Service Plan) Trigger.dev shall issue an invoice for a refund in respect of the prepaid Service Fees excluding Overage Fees) relating to the unexpired term of the then-current Billing Period in respect of the preceding Trigger.dev Service Plan; and

15.8.2. unless the Service Plan Change takes effect on the first day of the then-current month, the Service Fees relating to the newly applicable Trigger.dev Service Plan for the then-current Billing Period will be reduced on a pro-rated basis to reflect the number of days remaining in that Billing Period and shall thereafter be payable in full in each further Billing Period.

15.9. Trigger.dev does not collect or store any of the Customer’s payment information. Payment of the Service Fees may be managed by a third-party payment provider, in which case the Customer may have to accept the terms and conditions of relevant third party payment processor used by Customer to make payment.

15.10. If Trigger.dev has not received payment within 14 days after the due date, and without prejudice to any other rights and remedies available to Trigger.dev:

15.10.1. Trigger.dev may, without liability to the Customer, suspend or temporarily disable all or part of its access to the Trigger.dev Service and Trigger.dev shall be under no obligation to provide any access to the Trigger.dev Service while the invoice(s) concerned remain unpaid; and

15.10.2. interest shall accrue on such due amounts at an annual rate equal to 3% over the then current base lending rate of Barclays Bank PLC at the date the relevant invoice was issued, commencing on the due date and continuing until fully paid, whether before or after judgment.

15.11. All amounts and fees stated or referred to in the Agreement:

15.11.1. are payable in the currency specified as stipulated by Trigger.dev; and

15.11.2. are exclusive of value added tax (“VAT”) or any other applicable taxes, levies or duties imposed by taxing authorities (excluding only United States federal or state taxes), unless otherwise expressly stated, which shall be paid at the same time as payment of the Service Fees. Trigger.dev shall send the Customer a VAT invoice if Trigger.dev is requested to do so.

15.12. Unless otherwise agreed in writing, Trigger.dev may increase the Service Fees upon 30 days’ notice in writing to the Customer, such increase to take effect from the start date of the next applicable Billing Period.

16. Service levels and support

16.1. Where the Customer has paid for access to the Trigger.dev Service, we will use commercially reasonable endeavours to make the Trigger.dev Service available with an uptime rate of 99%, except for: 

16.1.1. planned maintenance for which 24 hours’ notice will be given; or 

16.1.2. unscheduled maintenance during normal business hours (UK time) or otherwise, for which we will use reasonable endeavours to give the Customer advance notice.

16.2. Where the Customer has paid for access to the Trigger.dev Service, Trigger.dev will, as part of the Trigger.dev Service, use reasonable endeavours to provide a level of support that is appropriate to the nature of any issues requiring support during normal business hours (UK time). The Customer can access such support through the following means:

16.2.1. Email: [email protected]

16.2.2. In-app messenger service

16.2.3. For Customers with priority support as part of their Trigger.dev Service Plan, Slack messenger service

16.3. Support for Customers using the Trigger.dev Service for free will be provided entirely at Trigger.dev’s option and discretion.

16.4. The Customer acknowledges that elements of the Trigger.dev Service are dependent on access to various third party services and APIs. The Customer agrees that Trigger.dev is not responsible for the non-availability or interruption to the Trigger.dev Service caused by any such non-availability of any such third party services or APIs.

17. Suspension and termination

17.1. If the Customer has subscribed to the Trigger.dev Service using the Sign Up Process on the Website, the Customer may terminate the Agreement at any time via the settings in the Customer’s Account and such termination shall take effect at the end of the then-current Billing Period.

17.2. If the Customer fails to pay any sum due to Trigger.dev and such sum remains outstanding for a further 14 days following notice requiring such sum to be paid, Trigger.dev may terminate the Agreement with the Customer immediately by notice and without any liability for Trigger.dev to the Customer. 

17.3. Trigger.dev may terminate the Agreement with effect from expiry of the notice by giving not less than 30 days’ notice in writing to the Customer. 

17.4. Trigger.dev may terminate the Agreement by notice with immediate effect, or such notice as Trigger.dev may elect to give, if the Customer:

17.4.1. is in breach of applicable law; or

17.4.2. infringes Trigger.dev’s Intellectual Property Rights in the Trigger.dev Service.

17.5. Either party may terminate the Agreement at any time on written notice to the other if the other:

17.5.1. is in material or persistent breach of any of the terms of the Agreement and either that breach is incapable of remedy, or the other party fails to remedy that breach within 30 days after receiving written notice requiring it to remedy that breach; or

17.5.2. is unable to pay its debts (within the meaning of section 123 of the Insolvency Act 1986), or becomes insolvent, or is subject to an order or a resolution for its liquidation, administration, winding-up or dissolution (otherwise than for the purposes of a solvent amalgamation or reconstruction), or has an administrative or other receiver, manager, trustee, liquidator, administrator or similar officer appointed over all or any substantial part of its assets, or enters into or proposes any composition or arrangement with its creditors generally, or is subject to any analogous event or proceeding in any applicable jurisdiction.

17.6. On termination of the Agreement for any reason all licences granted under the Agreement shall immediately terminate and the Customer’s right to access and use the Trigger.dev Service will end. 

17.7. Upon termination of the Agreement, the Customer may request that any Customer Data is actively deleted, passively deleted or parked in accordance with Trigger.dev’s Data Deletion Policy. If the Customer fails to make such an election, Customer Data will be subject to passive deletion and Trigger.dev shall not be held responsible for the deletion of such Customer Data.

17.8. The accrued rights of the parties as at termination, or the continuation after termination of any provision expressly stated to survive or implicitly surviving termination shall not be affected or prejudiced.

18. Limited warranty

18.1. Trigger.dev undertakes to support the Trigger.dev Service as specified in clause 17 with reasonable skill and care. Otherwise, the Trigger.dev Service is provided on an “AS IS” basis and Trigger.dev gives no representations, warranties, conditions or other terms of any kind in respect of the Trigger.dev Service, whether express or implied, including, but not limited to, warranties of satisfactory quality, merchantability fitness for a particular purpose or non-infringement.

18.2. Except as expressly and specifically provided for in the Agreement:

18.2.1. the Customer assumes sole responsibility for any results obtained from the use of the Trigger.dev Service and for any decisions or actions taken arising from such use and it relies on the results obtained from the Trigger.dev Service at its own risk;

18.2.2. all representations, warranties, conditions and all other terms of any kind whatsoever implied by statute or common law are, to the fullest extent permitted by law, excluded from the Agreement; and 

18.2.2. Trigger.dev will not be responsible for any interruptions, delays, failures or non-availability affecting the Trigger.dev Service or the performance of the Trigger.dev Service which are caused by third party services (such as the Integrations) or errors or bugs in software, hardware or the internet on which Trigger.dev relies to provide the Trigger.dev Service and the Customer acknowledges that Trigger.dev does not control such third party services and that such errors and bugs are inherent in the use of such software, hardware and the Internet.

19. Trigger.dev’s liability

19.1. Subject to clause 20.2, Trigger.dev will not be liable for losses that result from Trigger.dev’s failure to comply with the Agreement, in tort (including unless expressly stated otherwise negligence) or otherwise in conditions that fall into the following categories: loss of income or revenue; loss of business; loss of profits; loss of anticipated savings; loss of data; waste of management or office time; or any indirect, consequential or special damages, costs or expenses.

19.2. Nothing in the Agreement excludes or limits Trigger.dev’s liability for death or personal injury caused by Trigger.dev’s negligence or for fraud or fraudulent misrepresentation.

19.3. Trigger.dev’s total liability in contract, tort (including negligence or breach of statutory duty), misrepresentation, restitution or otherwise arising in connection with the performance or contemplated performance of the Agreement shall in all circumstances be limited to the Service Fees paid by the Customer in the 6 months prior to the event giving rise to the claim or, where no Service Fees are payable (e.g. if the Customer is using a free of charge Trigger.dev Service Plan), £1.

20. Written communications

20.1. Applicable laws may require that some of the information or communications Trigger.dev sends to the Customer should be in writing. When using the Trigger.dev Service, the Customer accepts that communication with Trigger.dev will be mainly electronic.

20.2. Trigger.dev will contact the Customer by e-mail or provide the Customer with information by posting notices on the Trigger.dev Service.

20.3. For contractual purposes, the Customer agrees to this electronic means of communication and the Customer acknowledges that all contracts, notices, information and other communications that Trigger.dev provides to the Customer electronically comply with any legal requirement that such communications be in writing.

21. Notices

21.1. All notices given by the Customer to Trigger.dev must be given to [email protected]. Trigger.dev may give notice to the Customer by posting on the Trigger.dev Service, at the e-mail or postal address the Customer provides to Trigger.dev, or in any other way Trigger.dev deems appropriate. Notice will be deemed received and properly served immediately when posted on the Trigger.dev Service or 24 hours after an e-mail is sent or 3 days after the date of posting of any letter. In proving the service of any notice, it will be sufficient to prove, in the case of a letter, that such letter was properly addressed, stamped and placed in the post and, in the case of an e-mail that such e-mail was sent to the specified e-mail address of the addressee.

22. Transfer of rights and obligations

22.1. The Customer may not transfer, assign, charge or otherwise deal in the Agreement, or any of the Customer’s rights or obligations arising under the Agreement, without Trigger.dev’s prior written consent.

23. Events outside Trigger.dev’s control

23.1. No party shall be liable to the other for any delay or non-performance of its obligations under the Agreement arising from any cause beyond its control including, without limitation, any of the following: telecommunications failure, pandemic, internet failure, act of God, governmental act, war, fire, flood, explosion or civil commotion. For the avoidance of doubt, nothing in this clause 24 shall excuse the Customer from any payment obligations under the Agreement.

24. Waiver

24.1. No forbearance or delay by either party in enforcing its rights shall prejudice or restrict the rights of that party, and no waiver of any such rights or of any breach of any contractual terms shall be deemed to be a waiver of any other right or of any later breach.

25. Severability

25.1. If any provision of the Agreement is judged to be illegal or unenforceable, the continuation in full force and effect of the remainder of the provisions shall not be prejudiced.

26. Trigger.dev's right to vary the terms of service

26.1. Trigger.dev has the right to revise and amend these Terms of Service from time to time to reflect changes in market conditions affecting Trigger.dev’s business. The most current Terms of Service will always be at https://trigger.dev/legal.

26.2. The Customer will be subject to the Terms of Service in force at the time that it makes use of the Trigger.dev Service, or if Trigger.dev notifies the Customer of changes to these Terms of Service and it continues to use the Trigger.dev Service the Customer will be subject to those changes.

26.3. Trigger.dev will use reasonable endeavours to notify the Customer of any material changes to these Terms of Service by the placement of a notice on the Trigger.dev Service.

27. Entire agreement

27.1. The Agreement constitutes the entire agreement between the parties and supersedes and extinguishes all previous agreements, promises, assurances, warranties, representations and understandings between them, whether written or oral, relating to its subject matter.

28. Third party rights

28.1. A person who is not party to the Agreement shall not have any rights under or in connection with them under the Contracts (Rights of Third Parties) Act 1999.

29. Law and jurisdiction

29.1. The Agreement shall be governed by and construed in accordance with the law of England and Wales and each party hereby submits to the exclusive jurisdiction of the courts of England and Wales.

---

Schedule

1. Data processing schedule

1.1. This Schedule forms part of the Terms of Service between Trigger.dev and the Customer for the provision of the Trigger.dev Service and sets out the terms upon which Trigger.dev will process personal data on the Customer’s behalf when providing the Trigger.dev Service and acting as a data processor.

2. Definitions

2.1. In this Schedule, save where the context requires otherwise, the following words and expressions have the following meaning:

“Business Day” means a day other than a Saturday, Sunday or bank or public holiday in England;

“Data Subject Request” means a request made by a data subject to exercise any rights of data subjects under Data Protection Laws relating to the Personal Data;

“Data Protection Laws” means any applicable law relating to the protection of personal data and privacy in force from time to time, including (i) the General Data Protection Regulation ((EU) 2016/679) (“GDPR”); (ii) the Data Protection Act 2018; and (iii) the Privacy and Electronic Communications Directive 2002/58/EC (as updated by Directive 2009/136/EC) and the Privacy and Electronic Communications Regulations 2003 (SI 2003/2426) as amended; in each case together with all laws implementing, replacing or supplementing the same and any other applicable data protection or privacy laws;

“EEA” means the European Economic Area;

“Personal Data” means the personal data described in Annex 1 (Data Processing Information) and any other personal data processed by Trigger.dev on behalf of the Customer pursuant to or in connection with the Agreement;

“Personal Data Breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Personal Data transmitted, stored or otherwise processed by the Processor or any Sub-processor;

“Standard Contractual Clauses” means the European Commission’s Standard Contractual Clauses for the transfer of personal data to third countries pursuant to the EU GDPR as set out in the Annex to Commission Implementing Decision (EU) 2021/914 of 4 June 2021, or any set of clauses approved by the European Commission which amends, replaces or supersedes these and, where UK GDPR applies, the UK ICO’s International Data Transfer Addendum to the Standard Data Protection Clauses

“Sub-processor” means any data processor (including any affiliate of Trigger.dev) appointed by Trigger.dev to process Personal Data on behalf of the Customer;

“Supervisory Authority” means any regulatory authority responsible for the enforcement of Data Protection Laws; and

“UK” means the United Kingdom.

2.2. Terms such as “controller”, “data protection impact assessment”, “data subject”, “process/processing” and “processor” shall have the same meaning ascribed to them in Data Protection Laws.

2.3. Any other terms which appears as defined in this Schedule shall have the meaning given to them in the Terms of Service.

3. Processing of personal data

3.1. Each party acknowledges and agrees that for the purposes of the Agreement and Data Protection Laws, the Customer shall be the controller and Trigger.dev the processor in respect of the Personal Data.

3.2. Each party confirms that in the performance of the Agreement it will comply with Data Protection Laws.

3.3. Trigger.dev shall only process the types of Personal Data relating to the categories of data subjects for the specific purposes in each case as set out in Annex 1 (Data Processing Information) to this Schedule and shall not process the Personal Data other than in accordance with the Customer’s documented instructions (whether in the Agreement or otherwise) unless processing is required by applicable law to which Trigger.dev is subject, in which case Trigger.dev shall, to the extent permitted by such law, inform the Customer of that legal requirement before processing that Personal Data.

3.4. Trigger.dev shall inform the Customer if, in its opinion, an instruction it receives from the Customer pursuant to the Agreement infringes the GDPR.

4. Customer warranty

4.1. The Customer warrants that it has all necessary rights to provide the Personal Data to Trigger.dev for the processing to be performed in relation to the Trigger.dev Service.

5. Supplier personnel

5.1. Trigger.dev shall treat all Personal Data as confidential and shall use reasonable efforts to inform all its relevant employees, contractors and/or any Sub-processors engaged in processing the Personal Data of the confidential nature of such Personal Data.

5.2. Trigger.dev shall take reasonable steps to ensure the reliability of any employee, contractor and/or any Sub-processor who may have access to the Personal Data, ensuring in each case that access is limited to those persons or parties who need to access the relevant Personal Data, as necessary for the purposes set out in paragraph 3.3 in the context of that person’s or party’s duties to Trigger.dev.

5.3. Trigger.dev shall ensure that all such persons or parties involved in the processing of Personal Data are subject to:

5.3.1 confidentiality undertakings or are under an appropriate statutory obligation of confidentiality; and

5.3.2 user authentication processes when accessing the Personal Data.

6. Security

6.1. Trigger.dev shall implement the technical and organisational measures set out in Annex 2 (Security Measures) to this Schedule and the Customer acknowledges that such measures ensure a level of security of the Personal Data appropriate to the risks that are presented by the processing.

7. Subprocessing

7.1. The Customer hereby grants its general authorisation to the appointment of Sub-processors by Trigger.dev under the Agreement.

7.2. If Trigger.dev seeks to replace any existing Sub-processor and/or appoint any new Sub-processor, Trigger.dev will provide the Customer with 30 days’ prior notice of the proposed change in Sub-processor(s) and the Customer shall have the right to object to such change within 14 days after its receipt of such notice.

7.3. The Customer’s sole remedy if it does not agree to the replacement or appointment of a Sub-processor shall be to terminate the Agreement.

7.4. With respect to each Sub-processor, Trigger.dev shall:

7.4.1. enter into a written contract with the Sub-processor which shall contain terms materially the same as those set out in this Schedule;

7.4.2 remain liable to the Customer for any failure by the Sub-processor to fulfil its obligations in relation to the processing of any Personal Data.

7.5. An overview of the Sub-processors Trigger.dev relies upon as at the Commencement Date (and which shall be deemed to be approved by the Customer), including their functions and locations, is available at [ ].

8. Data subject rights

8.1. Trigger.dev shall refer all Data Subject Requests it receives to the Customer without undue delay and, in any event, within 2 Business Days. The Trigger.dev Service will enable the Customer to access, rectify and restrict processing of the Personal Data, and to erase and export the Personal Data. In the event that the Customer cannot fulfil any Data Subject Request itself using the means described in paragraph 8.2, Trigger.dev shall co-operate as reasonably requested by the Customer to enable the Customer to comply with any such request.

9. Incident management

9.1. In the case of a Personal Data Breach, Trigger.dev shall not later than 24 hours after having become aware of it notify the Personal Data Breach to the Customer providing the Customer with sufficient information which allows the Customer to meet any obligations to report a Personal Data Breach under Data Protection Laws.

10. Data protection impact assessments and prior consultation

10.1. Trigger.dev shall, at the Customer’s request, provide reasonable assistance to the Customer with any data protection impact assessments which are required under applicable Data Protection Laws and with any prior consultations to any Supervisory Authority of the Customer or any of its affiliates which are required under Data Protection Laws, in each case in relation to processing of Personal Data by Trigger.dev on behalf of the Customer and taking into account the nature of the processing and information available to Trigger.dev.

11. Deletion or return of customer personal data

11.1. On cessation of processing of Personal Data by Trigger.dev, or termination of the Agreement, Trigger.dev shall permit Customer (at its option) to:

11.1.1. extract a complete copy of all Personal Data by secure file transfer and securely wipe all other copies of the Personal Data processed by Trigger.dev or any Sub-processor unless required to retain such data in order to comply with applicable laws; or

11.1.2. request Trigger.dev to delete the Personal Data (and procure that any Sub-processor does the same) unless required to retain such data in order to comply with applicable laws.

11.2. If the Customer fails to exercise its rights under paragraphs 11.1.1 and 11.1.2 above, Trigger.dev shall delete the Personal Data (and procure that any Sub-processor does the same) within 90 days following the termination of the Agreement, unless required to retain such data in order to comply with applicable laws.

12. Audit rights

12.1. Trigger.dev shall make available to the Customer on request all information reasonably necessary to demonstrate compliance with this Schedule and Data Protection Laws and allow for and contribute to audits in accordance with Trigger.dev’s or its Sub-processors polices in place from time to time.

12.2. Prior to conducting any audit pursuant to paragraph 12.1, the Customer must submit an audit request to Trigger.dev and the Customer and Trigger.dev must agree the start date, scope and duration of and security and confidentiality controls applicable to any such audit.

12.3. Trigger.dev may (acting reasonably) object to the appointment by the Customer of an independent auditor to carry out an audit pursuant to paragraph 12.1 and, where this is the case, the Customer shall be required to appoint another auditor or conduct the audit itself.

13. International transfers of personal data

13.1. In the event that a transfer of Personal Data to Trigger.dev or any Sub-processor is reasonably considered to involve a transfer of Personal Data outside of the UK and/or the EEA to a country which is not recognised by the UK ICO or the European Commission (as the case may be) as having an adequate level of protection for personal data, Trigger.dev shall, upon request, enter into Standard Contractual Clauses with the Customer or with the relevant Sub-processor (as agent on behalf of the Customer) for such transfer of Personal Data.

14. Costs

14.1. The Customer shall pay any reasonable costs and expenses incurred by Trigger.dev in meeting the Customer’s requests made under paragraphs 8, 10 and 12 of this Schedule.

15. Miscellaneous

15.1. Any obligation imposed on Trigger.dev under the Agreement in relation to the processing of Personal Data shall survive any termination or expiration of the Agreement.

15.2. In the event of inconsistencies between any provision of the Agreement and provision of this Schedule, the provision of this Schedule shall prevail with regard to the parties’ obligations relating to the processing of the Personal Data.

15.3. This Agreement shall be governed by and construed in accordance with English law unless the Customer is established in the EEA in which case the governing law shall be the law of the country in which the Customer is established.

---

Annex 1

Data processing information

This Annex 1 includes certain details of the processing of Personal Data as required by Article 28(3) GDPR.

• Subject matter, nature and purposes of the processing of Personal Data: Processing for the purposes of provision of the Trigger.dev Service and any technical support in connection with the Customer’s use of the services.
• Duration of the processing: The duration of the Agreement.
• Type of personal data: Personal data Customer processes using the Trigger.dev Service intentionally or inadvertently
• Categories of data subjects: Customers (if applicable) and Customers’ Users

---

Annex 2

Security measures

As from the Commencement Date, Trigger.dev will implement and maintain the security measures set out in this Annex 2 to the Schedule to the Agreement. Trigger.dev may update or modify such security measures from time to time provided that such updates and modifications do not result in the degradation of the overall security of the Trigger.dev Service.

1. Data and Physical Security

Trigger.dev utilizes Amazon Web Services and Cloudflare to provide the infrastructure (data centres, servers and similar) to provide the Cloud Trigger.dev Service. Details of this infrastructure and security measures can be found here:

• AWS
• Cloudflare

2. Network and Application

2.1. Intrusion Detection.

Intrusion detection is intended to provide insight into ongoing attack activities and provide adequate information to respond to incidents. Trigger.dev’s intrusion detection involves:

2.1.1. Tightly controlling the size and make-up of Trigger.dev’s attack surface through preventative measures;

2.1.2. Employing intelligent detection controls at data entry points; and

2.1.3. Employing technologies that automatically remedy certain dangerous situations.

2.2. Incident response

Trigger.dev monitors a variety of communication channels for security incidents, and Trigger.dev’s security personnel will react promptly to known incidents.

2.3. Transit Encryption Technologies

Trigger.dev makes HTTPS encryption (also referred to as SSL or TLS connection) available. Trigger.dev servers support ephemeral elliptic curve Diffie-Hellman cryptographic key exchange signed with RSA and ECDSA. These perfect forward secrecy (PFS) methods help protect traffic and minimize the impact of a compromised key, or a cryptographic breakthrough.

2.4. Audit

Trigger.dev has an infrastructure and network and application audit logging for compliance and security monitoring.

2.5. Secure coding

All code is scanned through static analysis on a daily basis to identify bugs and vulnerabilities before they are released. Developers all undergo secure coding training.

2.6. Scans

Trigger.dev runs regular web application and vulnerability scans. Regular scans are made of the infrastructure to identify infrastructure vulnerabilities. Identified issues are reviewed and addressed at the earliest possible time.

3. Business Security

3.1. Business Continuity.

Trigger.dev replicates data over multiple systems to help to protect against accidental destruction or loss. Trigger.dev has designed and regularly plans and tests its business continuity planning/disaster recovery programs.

4. Data

4.1. Data Storage, Isolation & Authentication.

Trigger.dev stores data in a multi-tenant environment in AWS East-1. Data, database and file system architecture are replicated between multiple geographically dispersed data centres.

Trigger.dev logically isolates data on a per Customer basis at the application layer. Trigger.dev logically separates each Customer’s data from the data of other Customers, and data for an authenticated User will not be displayed to another User (unless both Users have access to the same Customer Account).

A central authentication system is used across all services to increase uniform security of data. Customer will be given control over specific data sharing policies. Those policies, in accordance with the functionality of the Trigger.dev Service, will enable Customer to determine the product sharing settings applicable to Users for specific purposes. Customer may choose to make use of certain logging capability that Trigger.dev may make available via the Trigger.dev Service, products and APIs.

4.2. Encryption.

All data is encrypted at rest using AES-256 industry standard. All data backups are encrypted using the same standard.

4.3. Backups & redundancy.

Backups are created continuously and incrementally to allow recovery from a failure. The backups are stored in S3 for high availability.

5. Personnel Security

Trigger.dev personnel are required to conduct themselves in a manner consistent with the company’s guidelines regarding confidentiality, business ethics, appropriate usage, and professional standards. Trigger.dev conducts reasonably appropriate backgrounds checks to the extent legally permissible and in accordance with applicable local labour law and statutory regulations.

Personnel are subject to a duty of confidentiality and must acknowledge receipt of, and compliance with, Trigger.dev’s confidentiality and privacy policies.

Personnel are provided with security training.

6. Sub-processor Security

Before onboarding Sub-processors, Trigger.dev conducts an audit of the security and privacy practices of Sub-processors to ensure Sub-processors provide a level of security and privacy appropriate to their access to data and the scope of the services they are engaged to provide.