e01b7897-b093-468c-a08d-4d00014f9343 How to Use Ascendo AI in ServiceNow

For best customer service, user interactions go through a mix of emotions, and these emotional states play a vital role in providing a customer experience. Ascendo’s Sentiment models are built to gauge every word and emotion of the users. Understand the sentiments of each interaction to know the best way to respond to the issue. the role of sentiment analysis is growing significantly, with these insights, companies can better understand the CSAT. Sentiment Analysis Agents - Understand sentiment of each interaction to know the best way to respond to issues Sign up for free 5/5 Ratings SOC 2 certified No credit card required I I Top Call Drivers User queries and interactions with users goes through mix of emotions, and these emotional states play a vital role in providing customer experience. Determining the sentiment helps companies determine how users feel about their products and services. With the amount of unstructured data, the role of sentiment analysis is growing significantly. Collecting customer feedback and using this unstructured data is the most valuable way to expose sentiments. With these insights, companies can better understand the CSAT. Manages Your Knowledge With the amount of unstructured data, the role of sentiment analysis is growing significantly. Collecting customer feedback and using this unstructured data is the most valuable way to expose sentiments. With these insights, companies can better understand the CSAT. Manages Your Response User queries and interactions with users goes through mix of emotions, and these emotional states play a vital role in providing customer experience. Determining the sentiment helps companies determine how users feel about their products and services. 01 Real-Time Analysis Given the nature of human language, determining sentiment is extremely difficult. Ascendo’s Sentiment models are built to gauge every word that is sent, which can help you find critical issues in real-time. It can help you quickly identify different user situations and so you can take actions right away. 02 Quick Resolution Ascendo’s AI models are trained to help agents with better understanding of users emotions. Sentiments are captured throughout their interaction providing best suited solutions, everything at once place and just a click away. 03 Enhance Experience Emotions are perplexed most of the time. Ascendo’s AI comes handy here to give the best of experience. It ascertains and tracks the overall proportion of sentiments overtime. Taking it further, every word is weighed to define the context accurately and to uncover the unknown insights combining with other analytics. Ready to learn more? Contact Us

Proactive customer service with Ascendo AI. Our smart backlog system offers proactive support, predictive solutions, and personalized responses based on ticket history and context. Boost agent efficiency & deliver exceptional service. Smart Backlog Provide your experts at all times and all channels with virtual agent. Watch Demo 5/5 Ratings SOC 2 certified No credit card required I I Top Call Drivers As the volume of data increases, the complexity of the issues also goes higher exponentially. This leads to the immediate need of not just tracking issues, but also keeping an eye on how issues are changing over time, which issues are causing continuous customer dissatisfaction, what latent factors are causing issues to go up/down and which ones are completely new or unseen. With Ascendo’s AI Engine, the above challenge, which takes almost 17.2 hours a week on an average for an agent, becomes a click of a button! Auto-triage Dealing with the continuous flurry of new issues in the form of tickets is always a challenge. Ascendo surmounts this by providing you a smart backlog for your tickets that entails not only actions to prioritize, sort and keep track of your tickets but also predictions to automatically group similar tickets together and solutions to resolve them, then and there. Ascendo performs contextual clustering on your tickets and groups them into similar buckets. From here, not only can you see the number of tickets for each type of issue, but also take actions on these tickets from within Ascendo itself. Ascendo also provides predictive solutions based on the history of your tickets, contextual information and hidden intent. This knowledge can then also be applied to existing tickets in the form of responses, that are generated by Ascendo using the predictive results. 01 Understanding the Problem While it is incredibly difficult to deal with the high volume, velocity and variety of data, Ascendo has created algorithms that can help you understand the data deeply. Utilizing the state of the art NLP and ML models, we are able to generate data insights and provide relevant solutions at the same time. 02 Recommendation Engine Ascendo uses its custom advanced ranking system to choose the most valuable and relevant solutions for the problem searched. To set the right relevance, our ranking system also keeps track of any human feedback and other features such as solution’s recency, expert technicians and the number of clicks. 03 Autonomous Along with understanding keyword importance, Ascendo AI Engine uses Advanced Transformers and Attention networks to depict the text in the vector space. With the Attention mechanism and Positional Encoding, Ascendo is able to find context for any position within the sentence. 04 Categories & Sub Categories Ascendo AI engine is able to inspect the incoming issues to find the related symptoms, problem categories and problem subcategories. This gives knowledge to the agents, which otherwise goes undetected. Consequently, the agents can take the right actions and result in fewer escalations. 05 A Guide for Agents Gone are the days when agents had to do everything by themselves. Ascendo provides an always available guide to agents that intelligently pilots the agents towards the right solutions, actions, and the right game plan. 06 Resolve with Minimal Bias No matter how careful you are, where your ticket ends up always involves a bias. With Ascendo’s AI, you need not worry any more, as it removes the undetected subjectivity that often comes into play when a ticket is being routed to the right assignee. Get started with Ascendo Today Contact Us

Subscribe to our newsletter Subscribe to our Newsletter Give your teams and leadership complete visibility into all customer interactions, quality, and Voice of Customer. Know for sure what is actually coming out of your customer journey in real time. Thanks for subscribing! Enter Your Email Subscribe

With the anomaly system, we automated the root cause of any problems. With our Artificial intelligence technology-based tool, you can make easily resolve many challenges, even triaging categories and sub-categories is a challenge, but with Ascendo you can categorize customer interactions by root cause, also by sub-root cause, and symptoms autonomously. Be consistent and standardize the way to define problems to operate in autonomous mode. Auto Root Cause Categorize customer interactions by Root Cause, Sub Root Cause and Symptoms autonomously. Watch Demo 5/5 Ratings SOC 2 certified No credit card required I I Naming Categories and Sub-Categories Simple Nouns or phrases are not enough to name categories and sub-categories. This is a challenge with the traditional way of triaging category and sub-category. The process requires algorithms to consider word frequencies, probabilistic importance and contextual importance. This methodology gives us a way to be consistent and standardizes the way to define problems to operate in autonomous mode. We have also seen that an external “source of truth” can be created by experts in a different system of record. Ascendo is also able to connect to this external system of records and drive predictions in semi-autonomous mode. We find this scenario is popular with customers who have a very large install base, extensive categorization and are looking to drive consistency in agent quality. Manages Your Knowledge I'm a paragraph. Click here to add your own text and edit me. It’s easy. Just click “Edit Text” or double click me to add your own content and make changes to the font. Feel free to drag and drop me anywhere you like on your page. I’m a great place for you to tell a story and let your users know a little more about you. This is a great space to write a long text about your company and your services. You can use this space to go into a little more detail about your company. Talk about your team and what services you provide. Tell your visitors the story of how you came up with the idea for your business and what makes you different from your competitors. Make your company stand out and show your visitors who you are. 01 Understanding the Problem I'm a paragraph. Click here to add your own text and edit me. It’s easy. Just click “Edit Text” or double click me to add your own content and make changes to the font. 02 Recommendation Engine I'm a paragraph. Click here to add your own text and edit me. It’s easy. Just click “Edit Text” or double click me to add your own content and make changes to the font. 03 What is behind the engine? I'm a paragraph. Click here to add your own text and edit me. It’s easy. Just click “Edit Text” or double click me to add your own content and make changes to the font. 04 Categories & SubCategories I'm a paragraph. Click here to add your own text and edit me. It’s easy. Just click “Edit Text” or double click me to add your own content and make changes to the font. 05 A Classic Example I'm a paragraph. Click here to add your own text and edit me. It’s easy. Just click “Edit Text” or double click me to add your own content and make changes to the font. 06 Conclusion I'm a paragraph. Click here to add your own text and edit me. It’s easy. Just click “Edit Text” or double click me to add your own content and make changes to the font. Every interaction data is automatically categorized and indexed without bias. Every interaction data is automatically categorized and indexed without bias. Every interaction data is automatically categorized and indexed without bias. Every interaction data is automatically categorized and indexed without bias. Every interaction data is automatically categorized and indexed without bias. Every interaction data is automatically categorized and indexed without bias. Support with Ascendo Support without Ascendo V s The list of problems keeps expanding as product expands . Thousands of historical data points are needed. Each data point needs to be filled in with expert knowledge and accurately defined. Inaccurate learning. Even for a small support team, about 17.5 hours per week is being spent on manually classifying problems. Possibility of multiple unknown issues. Multiple people talk about the same issue differently! Mapping new problems with the existing list of problems causes inaccurate classes of category assignment. Manual work hurts getting Voice of the customer feedback into product in a timely manner. Not understanding issues in real time is an impediment to provide proactive support. As product expands, new categories are automatically created. Every interaction data is automatically categorized and indexed without bias. Every agent is an expert so escalations and onboarding goes down. Consistent learning. Realtime categorization is right at your fingertips. No surprises with unknown issues. Consistency in how issues are discussed across the teams. New problems are mapped on its own. Real time Voice of the customer feedback into product. It is not just support is fully proactive but support operations is fully proactive. Get started with Ascendo Today Contact Us

Here we introduce all our policies and agreements. We value your trust in providing us your Personal Information. This page answers all your queries and curiosity about the security and privacy policies of Ascendo AI. Security Read Below SLA GDPR Privacy User Privacy Security Policies Terms Subprocessor Policy DPA This document outlines the service level agreement for CUSTOMERs provisioned with Hosted Services with ASCENDO.AI. This document contains the Service Level Agreement for ASCENDO.AI. Please read it carefully as this is the official agreement in force at the present time. The agreement listed below supersedes any other written document you may have prior to today’s date. Exhibits to this agreement are also available highlighting additional terms. If you have questions or comments about this agreement, please do not hesitate to contact us. SLA Objective THIS SERVICE LEVEL AGREEMENT (“Agreement” or “SLA”) shall apply to all Hosted Services provided by ASCENDO.AI expressly as an addendum to the ASCENDO.AI’s Software As A Service (“SaaS”) for each customer/client/ / /administrator/end-user/user (“CUSTOMER”). ASCENDO.AI is committed to providing a highly available and secure network to support its CUSTOMERs. Providing the CUSTOMER with consistent access to Hosted Services is a high priority for ASCENDO.AI and is the basis for its commitment in the form of an SLA. The SLA provides certain rights and remedies in the event that the CUSTOMER experiences service interruption as a result of the failure of ASCENDO.AI infrastructure. The overall service availability metric is 99.99%, measured on a monthly basis. Term Definitions For the purpose of this Service Level Agreement, the terms in bold are defined as follows: Available or Availability When the CUSTOMER who’s account is active and enabled has reasonable access to the Hosted Service provided by ASCENDO.AI, subject to the exclusions defined in Downtime Minutes below. Total Monthly Minutes The number of days in the month multiplied by 1,440 minutes per day. Maintenance Time The time period during which the Hosted Service may not be Available each month so that ASCENDO.AI can perform routine maintenance to maximize performance is on an as-needed basis. Downtime The total number of minutes that the CUSTOMER cannot access the Hosted Service. The calculation of Downtime Minutes excludes time that the CUSTOMER is unable to access the Hosted Services due to any of the following: (a) Maintenance Time (b) CUSTOMER ‘sown Internet service provider (c) Force Majeure event (d) Any systemic Internet failures (e) Enhanced Services (f) Any failure in the CUSTOMER ‘sown hardware, software or network connection (g) CUSTOMER‘s bandwidth restrictions (h) CUSTOMER‘s acts or omissions (i) Anything outside of the direct control of ASCENDO.AI Cloud Providers The infrastructure inside or major hosting providers – Amazon, Google, or Microsoft. Problem Response Time The time period after ASCENDO.AI’s confirmation of the Service event, from receipt of the information required from the CUSTOMER for ASCENDO.AI’s Support Team to begin resolution and open a trouble ticket in ASCENDO.AI’s systems. Due to the wide diversity of problems that can occur, and the methods required to resolve them, problem response time IS NOT defined as the time between the receipt of a call and problem resolution. After receiving a report of fault, ASCENDO.AI shall use a reasonable method to provide CUSTOMER with a progress update. Affected Seats ASCENDO.AI’s Hosted Service is provided in a multi-tenant architecture where seats or applications of a CUSTOMER‘s domain may be extended across numerous servers. CUSTOMER may obtain remedy only for affected seats or applications residing on the server experiencing Downtime exceeding the SLA. Maintenance Notices ASCENDO.AI will communicate the date and time that ASCENDO.AI intends to make the Hosted Services un-Available via email from customer.service@ascendo.ai at least forty-eight (48) hours in advance (or longer if practical). The CUSTOMER understands and agrees that there may be instances where ASCENDO.AI needs to interrupt the Hosted Services without notice in order to protect the integrity of the Hosted Services due to security issues, virus attacks, spam issues, or other unforeseen circumstances. Below are the Maintenance Windows and their definitions: Emergency Maintenance These change controls happen immediately with little notification ahead of time; however, we will post the information to the website soon after or during the change. Preventative Maintenance These change controls are when we detect an item in the environment that we need to take action on, to avoid emergency change controls in the future. These change controls, if possible, will usually occur in low peak hours with the peak being defined by our network metrics. Planned Maintenance These are change controls being done to: Support ongoing product and operational projects to ensure optimal performance Deploy non-critical service packs or patches. Periodic redundancy testing. As a practice, Ascendo reserves the right to perform maintenance weekly on Sundays between the time of 7 PM Pacific to 10 PM Pacific. In addition to that window, if an additional maintenance window is required, where possible planned maintenance will be posted 5 days prior; however, certain circumstances may preclude us from doing so, such as an external vendor issuing a change control to ASCENDO.AI, e.g. the power company alerting us to perform power testing 48 hours ahead of time. CUSTOMER Responsibility Minimum Requirements The required configurations CUSTOMER must have to access the Hosted Services include: Internet connection with adequate bandwidth Internet Browser Standard Service Levels Term of the Service Level Agreement This Service Level Agreement shall only become applicable to the Hosted Services upon the later of (a) completion of the “stabilization period,” as such term is defined in the Statement of Work (if any), or (b) ninety (90) days from the provisioning of Hosted Services. Category Level Criteria: Unplanned interruption rendering the Services un-Available; no workaround Problem Response Time: Will respond and begin remedy the problem within four hours; will establish escalation call for a status update until resolution. If ASCENDO.AI provides the Customer with an acceptable workaround then such an error will be re-classified as a Sev 2 issue. Category Level Criteria: Unplanned interruption rendering the Services un-Available; workaround available Problem Response Time: Will respond and begin to remedy within one business day of receipt of such a request. We will provide periodic updates via the scheduled maintenance window. Category Level Criteria: Services are un-Available for a single User or a small percentage of CUSTOMER affected. Problem Response Time: Will respond and begin to remedy within one week of the request. We will provide periodic updates via the scheduled maintenance window. Service Levels – Enterprise Term of the Service Level Agreement This Service Level Agreement shall only become applicable to the Hosted Services upon the later of (a) completion of the “stabilization period,” as such term is defined in the Statement of Work (if any), or (b) ninety (90) days from the provisioning of Hosted Services. The Enterprise service levels are an extension of the standard service levels and need to be purchased separately. Measurement ASCENDO.AI uses a proprietary system to measure whether the Hosted Services are Available and the CUSTOMER agrees that this system will be the sole basis for the resolution of any dispute that may arise between the CUSTOMER and ASCENDO.AI regarding this Service Level Agreement. Availability is calculated based on the following formula: A = (T – M – D) / (T – M) x 100% A = Availability T = Total Monthly Minutes M = Maintenance Time D = Downtime Problem Response Time The response time per incident will vary upon the degrees defined below: We will also perform a Quarterly Business Review on the overall Service Levels with the customer contact Remedy and Procedure The CUSTOMER’s remedy and the procedure for obtaining the CUSTOMER’s remedy in the event that ASCENDO.AI fails to meet the Service level metrics set forth above are as follows: To qualify for remedy: (a) There must be a support ticket documenting the event within 24 hours of the service interruption (b) CUSTOMER account must be in good standing with all invoices paid and up to date The CUSTOMER must notify ASCENDO.AI in writing within five (5) business days by opening a support ticket and providing the following details: The subject of the email must be: “Claim Notice – CUSTOMER Domain.ASCENDO.AI” (CUSTOMER's main point of contact must be within Ascendo and only they can request the remedy) List the type of Hosted Service that was affected List the date the Downtime Minutes occurred List application functionality affected by Downtime Minutes List an estimate of the amount of actual Downtime Minutes Ticket number of the documented event ASCENDO.AI will confirm the information provided in the Claim Notice within five (5) business days of receipt of the Claim Notice. If ASCENDO.AI cannot confirm the Downtime Minutes, then the CUSTOMER and ASCENDO.AI agree to refer the matter to executives at each company for resolution. If ASCENDO.AI confirms that ASCENDO.AI is out of compliance with this Service Level Agreement, the CUSTOMER will receive the amount of Service Level Credits set forth above for the affected Service Level metric and the affected Seats for the affected month. The SLA credit will be reflected in the ASCENDO.AI invoice to the CUSTOMER in the month following ASCENDO.AI confirmation of the Downtime Minutes. Please note that SLA credits can only be applied to accounts that are in good standing with all invoices paid and up to date. Service Level Agreement Last Updated: May 17, 2023 GDPR Compliance Last Updated: May 17, 2023 Our Commitment The new General Data Protection Regulation (GDPR) is fundamentally about protecting and enabling the privacy rights of European Union (EU) citizens and residents. The GDPR establishes global privacy requirements governing how you manage and protect personal data while respecting individual choice—regardless of where data is sent, processed, or stored. At Ascendo.ai, we believe that the GDPR is an important step towards strengthening data protection laws across the European Union and enabling individual privacy rights. This is why Ascendo.ai is committed to being GDPR-compliant across our cloud services. Ascendo.ai takes a principled approach to privacy, security, and compliance, with strong commitments to ensuring you can trust the cloud services you rely on. Trust – Built Upon a Safe, Secure, and Compliant Cloud. As you prepare to comply with the GDPR, here is what else you can expect from Ascendo.ai: You maintain control. When you entrust your data to the Ascendo.ai cloud, you remain the sole owner: you retain the rights, title, and interest in the data you store in our cloud services. You can take advantage of the features inherent in our product to meet your GDPR obligations related to deletion, rectification, transfer of, access to, and objection to the processing of personal data. You have full visibility. The Ascendo.ai cloud service protects your data from inappropriate access or use by unauthorized individuals with robust measures, including restricting access by Ascendo.ai personnel and subcontractors. In addition to these commitments, Ascendo.ai provides you with the ability to monitor how data is managed and who has access to what data within your organization. Our service runs on world-class Cloud provider data centers and is certified to internationally recognized security standards, protected by 24-hour physical surveillance, and continuously monitored using strict access controls. Our architecture keeps your data logically isolated from the data of other customers. In addition to running on secured cloud infrastructure, we have a comprehensive security strategy. Each cloud service has built-in security features to help you secure your data, including data-at-rest encryption, encryption in transit, comprehensive role-based access control, and access monitoring. We commit to rapid response. Ascendo.ai has robust security incident response processes and commits to notifying our customers in accordance with the GDPR. Our security team does not have to wait for an incident to occur. We anticipate issues and then prioritize and resolve them based on the impact on your data or services. Partnering to Comply with the GDPR. Compliance is a shared responsibility and we are committed to partnering with you to help you successfully comply with the GDPR. Requirements such as greater data access and erasure rules, privacy by design, and data breach notification processes may mean changes for your organization. Therefore, it is important to understand your obligations related to the GDPR regardless of where your organization resides. Ascendo operates the ascendo.ai website, which provides information about our products and services. Ascendo.ai is committed to protecting the personal privacy of our website visitors and product users. We are committed to supporting GDPR and you can request our “GDPR Position” document by contacting us and requesting it. This page is used to inform website visitors regarding our policies with the collection, use, and disclosure of Personal Information for users of the ascendo.ai website. For users of our product, we ask that they consent to the “Ascendo User Consent” document. The document can be viewed here If you choose to use ascendo.ai, then you agree to the collection and use of information about this policy. The Personal Information that we collect is used for providing and improving the website and our product. We will not use or share your information with anyone except as described in this Privacy Policy. Information Collection and Use For a better experience, while using our Service, we may require you to provide us with certain personally identifiable information, including but not limited to your name, phone number, email, and postal address. The information that we collect will be used to contact or identify you. If you are a user of the Ascendo application including Slack, we store the email ID, user name, and phone number. Log Data We want to inform you that whenever you visit our Service, we collect information that your browser sends to us which is called Log Data. This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, browser version, pages of our Service that you visit, the time and date of your visit, the time spent on those pages, and other statistics. Cookies Cookies are files with a small amount of data that is commonly used as an anonymous unique identifier. These are sent to your browser from the website that you visit and are stored on your computer’s hard drive. Our website uses these “cookies” to collect information and to improve our website. Service Providers We may employ third-party companies and individuals due to the following reasons: To facilitate our website; To perform website-related services; or To assist us in analyzing how our website is used. We want to inform our Service users that these third parties have access to your Personal Information. The reason is to perform the tasks assigned to them on our behalf. However, they are obligated not to disclose or use the information for any other purpose. Security We value your trust in providing us with your Personal Information, thus we are striving to use commercially acceptable means of protecting it. Please review our complete security policy here. But remember that no method of transmission over the internet, or method of electronic storage is 100% secure and reliable, and we cannot guarantee its absolute security. Data Retention The time period for which Ascendo.ai retains customer data depends on the purpose for which it is used. Ascendo.ai retains customer data for as long as an account is active or in accordance with the agreement(s) between Ascendo.ai and the customer unless Ascendo.ai is required by law to dispose of data earlier or retain data longer. Data Disposal Ascendo.ai disposes of customer data within 30 days of a request by a current or former customer or in accordance with the Customer’s agreement(s) with Ascendo.ai. The main customer contact noted in the Customer’s agreement(s) with Ascendo.ai may send a request to delete by contacting Ascendo customer support via email at askascendo.support@ascendo.ai . Ascendo.ai may retain and use data necessary for the contract such as proof of contract in order to comply with its legal obligations, resolve disputes, and enforce agreements. Ascendo.ai hosting and service providers are responsible for ensuring the removal of data from disks allocated to Ascendo.ai use before they are repurposed and the destruction of decommissioned hardware. Only a limited number of Ascendo.ai employees have access to delete customer data. Links to Other Sites Our Service may contain links to other sites. If you click on a third-party link, you will be directed to that site. Note that these external sites are not operated by us. Therefore, we strongly advise you to review the Privacy Policy of these websites. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services. Changes to This Privacy Policy We may update our Privacy Policy from time to time. Thus, we advise you to review this page periodically for any changes. We will notify you of any changes by posting the new Privacy Policy on this page. These changes are effective immediately after they are posted on this page. Contact Us If you have any questions or suggestions about our Privacy Policy, do not hesitate to contact us at policy@ascendo.ai . Privacy Policy Last Updated: May 17, 2023 PRIVACY POLICY OF ASCENDO This consent form is part of Ascendo's GDPR compliance efforts. Ascendo is committed to protecting the privacy of our user’s Personal Information. If you have any questions about this consent or issues with the use of personal information, please contact the Ascendo Data Protection Officer: Ascendo, 228 Hamilton Avenue, Palo Alto, CA 94301. policy@ascendo.ai By consenting, you agree to provide personal information that will only be used by Ascendo for the operations of our software and system. We require only the minimum personal information necessary for the operation of the system. Without this personal information, we will not be able to provide access to the software and system. The required information is: First or Given name, Last or Surname, and Email (used as login name and for password resets/system notifications). Other optional information is requested to enable follow-up contact regarding software and system operations. If you give this optional information you consent to its use as outlined here. The optional information is: Address and phone Number(s): Personal information may be gathered as a consequence of using the system for the purpose of improving operations of the system. If you use the system you are consenting to our use of this information as outlined here. The gathered information is: IP address, Geographical Location, and Browser/Operating System details. This information may be used to determine system usage in aggregate but will not be used to profile individual work patterns or usage. The personal data gathered will be kept as long as the licensee of the system deems it necessary. You have the right to request access to the data, rectification of any errors in the data, and erasure of the data. You may also withdraw your consent. If you feel your personal data has been misused, you have the right to lodge a complaint with Ascendo and/or the EU supervisory authority in your country. User Consent : First Name: ____________________ Last Name: ____________________ Email: _______________________ By signing this you consent to the use of your personal information as described. Signature: _____________________ Date: ________________________ ASCENDO USER CONSENT Privacy User Content Last Updated: May 17, 2023 Security Policies Last Updated: May 17, 2023 ASCENDO.AI PRIVACY AND SECURITY STANDARDS 1. Purpose Ascendo.ai relies on the integrity and accuracy of its data in order to deliver Ascendo prediction SaaS services. It is therefore paramount that the confidentiality, integrity, and availability of the customer data are ensured. All employees and approved subcontractors of Ascendo that process or manage Ascendo (and customer) Information must adhere to these requirements to ensure that Ascendo.ai maintains the trust of all relevant stakeholders and remains in compliance with relevant legal and regulatory requirements. 2. Scope The scope of this document includes what Ascendo will process, have access to, transmit, or store customer information. This includes, but is not limited to: Employees involved in the design, development, operation, and hosting of information systems. All staff, including contractors and third parties employed directly and indirectly by Ascendo (i.e., subcontractors). In the instance where services are provided by Ascendo’s sub-vendors (4th, 5th, or 6th party vendors), Ascendo.ai is fully liable and responsible for all subcontractor adherence to these privacy and security standards. 3. Access Control 3.1 Access control program, applicable where Ascendo maintains access to Customer data a. Ascendo manages access to internal and external applications via security groups. b. Ascendo allocates system privileges and permissions to users and groups using the principle of least privilege. c. Ascendo assigns application and data rights based on user groups and roles, and grants access to information based on job function (i.e., role-based security). 3.2 Entitlement reviews a. Ascendo requires approval to add, change, or delete users to its networks and systems that process, transmit, or store customer information. b. Ascendo implements role-based security to ensure access to the application is restricted based on defined functional roles. c. Ascendo promptly removes application, platform, and network access for terminated users upon notification of termination. d. Ascendo promptly updates user access rights based on changes in job responsibilities. e. Ascendo reviews access privileges to systems and corporate networks, including administrative access privileges, at a minimum on a bi-annual basis. f. Ascendo uses separate administrative accounts to perform privileged functions and the accounts are restricted to individuals who are authorized. 3.3 Remote access a. Ascendo shall not allow remote access into the Ascendo’s network to perform work for or on behalf of the customer except by support resources for system administration and production system support work. b. In the case of remote access for IT support resources, traffic with the remote device will be encrypted (i.e., VPN) and the remote user must utilize multi-factor authentication. 4. Change Management a. Ascendo follows documented change management policies for requesting, testing, and approving application, infrastructure, and product-related changes. b. Changes undergo various levels of review and testing including security and code reviews, regression, and acceptance testing prior to approval for implementation. c. Following the successful completion of testing, Ascendo ensures appropriate managers must approve changes prior to implementation in a production environment. 5. Software Development Life Cycle a. Ascendo’s Software Development Life Cycle (SDLC) methodology governs the acquisition, development, configuration, maintenance, modification, and management of infrastructure and software components. The SDLC methodology is consistent with the defined security, availability, and confidentiality policies of Ascendo. b. System source/object code must be protected from unauthorized access. Access privileges to the source code repository are reviewed periodically and limited to authorized employees. c. Ascendo ensures that customer Information on the hosted environment is segregated from other customer data by appropriate physical, technical, and/or logical means. d. Application development environments must be segregated from the production environment. Usage of "Production" data in Non-Production/Lower environments is prohibited. Usage of production data in the lower environments for the intent of development or testing requires approval from the Ascendo CTO. And will be treated as an Exemption. Logical access controls for the two environments to ensure authorized individuals move code to production. 6. Maintenance Ascendo’s maintenance windows are scheduled and communicated to customers in advance. In the event of a service interruption, Ascendo notifies customers describing the affected services. If additional maintenance is needed, Ascendo notifies customers in advance of scheduled maintenance occurring outside of the scheduled window. Ascendo communicates upgrades, new releases, and minimum release version requirements to customers. 7. Data Management & Security 7.1 Data Ownership Notwithstanding anything herein to the contrary, Ascendo acknowledges that each customer is the exclusive owner of all rights, title, and interest in and to any of the customer-specific data. The foregoing includes, without limitation, all patent, copyright, trademark, trade secrets, and all other proprietary, licensing, and privacy rights in and to their respective Customer Data. Notwithstanding anything to the contrary, Ascendo shall have the right to collect and analyze data and other information relating to the provision, use, and performance of various aspects of the Services and related systems and technologies (including, without limitation, information concerning Customer Data and data derived therefrom), and Ascendo will be free to (I) use such information and data to improve and enhance the Services and for other development, diagnostic and corrective purposes in connection with the Services and other Company offerings, and (ii) disclose such data solely in aggregate, or other de-identified form in connection with its business. No rights or licenses are granted except as expressly set forth herein. Ascendo hereby waives any and all statutory and common law liens it may now or hereafter have with respect to Customer data. 7.2 Limitations on use Ascendo will access, use and disclose Confidential Information only when it is necessary to perform the customer’s obligations under a Purchasing Agreement. Ascendo will not disclose Confidential Information other than to Ascendo personnel and any other sub-contractors who: a. Need such access to assist Ascendo in the performance of a Purchasing Agreement. b. Have agreed in writing to be bound by a duty of confidentiality no less protective to the Confidential Information than the Term set forth in the respective Customer Agreement. 7.3 Applicable Laws In addition to any obligation that Ascendo may have under a Purchasing Agreement, Ascendo will comply with all applicable privacy and data protection laws, rules, and regulations in any jurisdiction where the Products and/or Services may be provided regarding Confidential Information to which it is subject including, without limitation: a. State security breach notification laws. b. Laws regarding the protection of Social Security numbers. c. Laws imposing minimum security requirements. d. Laws requiring the secure disposal of records containing certain personal data. e. All other applicable federal, state, and local requirements. f. Electronic storage industry standards concerning privacy, data protection, confidentiality, or information security. 7.4 End-of-Term Handling Upon termination or expiration of the agreement or upon the customer’s written request, Ascendo will return to the customer all copies of the customer’s information already in Ascendo’s possession or within its control within 30 (thirty) days. Ascendo shall maintain procedures for the removal of customer Information from electronic media before the media are available for re-use. Alternatively, with the customer’s prior written consent, Ascendo may destroy such customer information; provided that the customer information is: a. Destroyed in accordance with applicable laws, rules, or regulations. b. Sanitized via the use of industry-accepted standards (clear, purge, destroy). c. Rendered unreadable, undecipherable, and otherwise incapable of reconstruction. d. Backup copies are purged/removed by following an established process for data backups. 7.5 Data Encryption a. Ascendo will encrypt data at rest and in transit using industry-standard encryption techniques for b. Ascendo will also use standard encryption techniques for data backups. c. Any systems which maintain, transmit, or store customer data shall be encrypted. 7.6 Data Storage Ascendo stores data solely on their target servers and not on any laptop or portable device (unless there is explicit written permission from the customer). Ascendo uses Amazon AWS and Google GCP as the preferred cloud service providers. 7.7 Information Security Program a. Ascendo maintains a written Information Security program that complies with applicable global industry-recognized security frameworks. b. Ascendo has internal policies, standards, and operating procedures related to security, availability, and confidentiality that are available to personnel. Ascendo reviews, updates, and approves security policies and procedures at least annually to maintain their continuing relevancy and accuracy. Ascendo’s personnel Privacy Policy describes confidentiality and privacy commitments to our customers and is available on the Ascendo website. c. Ascendo’s CTO acts as the Chief Information Security Officer and Governance, Risk and Compliance officer. He/she is responsible for developing, maintaining, reviewing, and approving Ascendo’s security, availability, and confidentiality standards and policies. d. Ascendo shall monitor, evaluate, and adjust, as appropriate its Information Security program in light of any relevant changes in technology or industry standards, the sensitivity of customer information, internal or external threats to the Ascendo or customer, requirements of applicable work orders, and customer’s own changing business arrangements, such as mergers and acquisitions, alliances and joint ventures, outsourcing arrangements and changes to information systems. e. Ascendo conducts periodic security awareness campaigns to educate employees on their responsibilities for creating and maintaining a secure workplace. 7.8 Risk Management Ascendo has a formal cyber security risk assessment and management process that includes mitigation of any identified findings. 8. Incident Response & Notification a. Ascendo shall contact customers upon the occurrence of any Security Incident. b. Ascendo shall promptly notify customers of any vulnerability discovered through internal monitoring or testing that impacts its security safeguards or Services provided to the customer (each, an “Impact”). Impact means any reported security incident that materially exposes the customer’s data to unauthorized usage and that will not be remediated, and/or for which compensating control will not be in place, within ninety (90) days of the discovery of the Impact. c. Ascendo shall promptly develop and implement an appropriate action plan to address and resolve any Impact, vulnerabilities, and/or recommendations identified during such an event. Ascendo, at its own expense, shall undertake remedial action to the extent necessary to comply with Ascendo’s obligations under the respective customer agreement. d. Ascendo shall maintain a documented and tested incident-handling program, and ensure that all Security Incidents follow Ascendo’s incident-handling program. e. Ascendo shall use reasonable efforts to notify customer representatives within thirty (30) minutes after becoming aware of any Incident or suspected or actual data security breach. This includes a security breach of Ascendo’s systems used to conduct or process its Services or to store customer confidential information. Such security breaches will include, without limitation, third-party incursions that could in any way result in unauthorized access to any customer confidential information. f. Ascendo shall not notify law enforcement or federal or state regulatory authorities of any such security breach without prior notice to customers unless otherwise required by applicable law. In the event that Ascendo notifies customers of a suspected or actual security breach, Ascendo shall, if requested by the respective affected customer, grant access to customer representatives or a qualified third party agreed to by the customer and Ascendo to Ascendo’s systems and premises to allow such representatives or third party to perform an investigation (including the installation of any monitoring or diagnostic software) deemed necessary by the customer to locate the source of such security breach. Each party shall act reasonably and in good faith in the selection of such third party. g. Ascendo shall, and shall cause its Representatives to, provide the affected customer with the following information concerning any suspected or actual security breach by or involving any person or in any systems, processes, hardware or software used to store, transmit or otherwise affect confidential information: i. The date of the security breach. ii. Details concerning the data compromised (e.g., strategic financial information, or customer names and addresses). iii. The method of the security breach. iv. Appropriate Ascendo security personnel contacts and security personnel contacts of its Representatives. v. The name of any person and or law enforcement agency assisting Ascendo with the investigation of the suspected or actual data security breach. vi. A list of all parties known to have gained unauthorized access to the affected customer's confidential information for the limited purpose of assessing the customer’s exposure. vii. Any other information which affected customer reasonably requests from Ascendo and/or its Representatives concerning such suspected or actual data security breach, including without limitation any forensics report(s). Ascendo shall provide the information listed in (i)-(vii) as soon as is reasonably practicable and in any event, shall provide the information listed in (i)-(vi) to the affected customer within twelve (12) hours of Ascendo’s initial notification of the actual or suspected security breach. Ascendo and/or its Representatives must provide the affected customer with copies of any reports concerning the security breach as soon as practicable. Ascendo and/or its Representatives agree not to issue any press release or other public announcement concerning the suspected or actual data security breach without the prior approval of the affected customers. h. Ascendo shall cooperate with the affected customers to ensure that appropriate security measures and procedures are implemented by a mutually agreeable deadline and using a mutually agreeable approach if the customer notifies Ascendo that the customer believes that Ascendo’s or any of its Representatives' security procedures in connection with the Services are inadequate or do not comply with the security requirements. Ascendo shall immediately take appropriate steps to ensure that any actual data security breach does not continue. With respect to matters under this section, Ascendo and the customer agree that they shall act reasonably and in good faith and shall not unreasonably withhold, delay, or condition their consent or cooperation. i. Any fraud or security incident can be sent to Ascendo through ascendoinfosec@ascendo.ai . Note that this email should be used only for the purpose of noting security and fraud incidents and in no situation should be used for any other purposes such as spam or marketing. 9. Password Management & Authentication Controls a. Authorized users must identify and authenticate to Ascendo’s network, applications, and platforms using their unique user ID and password. i. Use of shared accounts to enable interactive access to the application and/or data by multiple users is prohibited. ii. Accounts must be locked after 60 minutes of inactivity (i.e., idle session). iv. Accounts must be removed/secured if in a disabled state for a period no greater than 90 days (if the disabled account cannot be deleted, all associated permissions must be removed). v. Accounts can use multifactor authentication to log in to Ascendo’s network. b. Password complexity. i. Passwords must be at least 8 (eight) characters in length. ii. Passwords must contain one of each character: upper case, lower case, numeric, and special character. (Note: if using multi-factor authentication (MFA), a combination of three of the above characters is acceptable). iii. Must be masked during authentication. iv. Must be set to expire within 120 days or less. v. Password history must restrict the use of the previous 4 (four) password iterations. vi. All passwords must be secured while stored or transmitted (encrypted/hashed). vii. Passwords must not be saved for the intent of bypassing future log-on (i.e., save password check box). viii. Communication of the initial password must be in a secure manner. ix. Default passwords for accounts must be changed prior to use (e.g., Ascendo supplied, application, database, etc.). 10. Network Security & Monitoring 10.1 Intrusion Detection a. Network perimeter defense solutions including an Intrusion Detection System and firewalls are in place to prevent malicious network activity. Security operations personnel monitor items detected and take appropriate action. b. Firewall configurations and rules are reviewed at least annually. Significant changes to firewall rules follow the Change Management (Section 4) process and require approval by Ascendo’s Change Advisory Board led by CTO. 10.2 Patch Management a. All Laptops, desktops, servers (and any other hardware asset) owned by the Ascendo must have up-to-date database and operating system security patches installed to protect the asset from known vulnerabilities. b. Critical security patches must be applied within 72 hours. Non-critical security patches should be applied at least quarterly or more frequently. Ascendo should be made aware of any vulnerabilities that cannot be patched. 10.3 Threat and Vulnerability Management and Security Testing a. Ascendo shall maintain a threat and vulnerability management program, which includes at a minimum regular vulnerability scans using industry-recognized tools. b. Ascendo shall perform vulnerability and threat assessment testing (VTA Testing) of Ascendo systems and facilities that are used to support customer engagements at least annually. VTA Testing shall determine if vulnerabilities exist within technology, including applications, systems, and networks that are used by Ascendo to provide Ascendo Products or Services hereunder. VTA Testing must adhere to the following: i. Be based on industry-accepted penetration testing approaches. ii. Include testing from inside and outside the network. iii. Include testing to validate segmentation. iv. Include network layer, operating system, and application layer testing. 10.4 Logging and Monitoring a. Ascendo will work with cloud service providers for real-time logging of security information from applications and databases, servers, firewalls, routers, and intrusion detection system devices. Logs contain details on the date, time, source, and type of events (actions performed, object or account affected, etc.). Ascendo’s admin team reviews key reports daily and follows up on events, as necessary. b. Ascendo continuously monitors application, infrastructure, network, and data storage space and system performance on a 24X7 basis. c. Ascendo enabled System logging for end-user and administrator activity and is reviewed as necessary and updates executed by privileged system users. 10.5 DMZ a. When providing internet-based services and products to customers Ascendo shall protect customer’s information by the implementation of a network DMZ. Web servers providing service to customers shall reside in the DMZ. Any system or information resource storing customer’s information (such application and database servers) shall reside in a trusted internal network. 11. Next Gen Anti-Virus and Malware Controls Ascendo will use a system-centric approach to endpoint security that examines every process on every endpoint to algorithmically detect and block malicious tools, tactics, techniques, and procedures upon which attackers rely. All Ascendo desktops and laptops have next-gen anti-virus installed for virus and malware infections. Endpoint devices are scanned in real-time and a full system scan is performed weekly. Virus definition updates are pushed out to endpoint devices automatically from the anti-virus software central administration console as they become available. 12. Mobile and Portable Devices Not applicable at this time. 13. Human Resources & Third-Party Security a. New employees sign a confidentiality agreement and acknowledge security policies during the new employee onboarding process. b. Background checks are run in accordance with relevant laws and regulations. The background checks are commensurate to an individual's job duties and include at minimum social security verification and a criminal history check. c. Ascendo maintains a disciplinary process to take action against personnel that do not comply with company policies, including but not limited to, those put in place to meet its security, availability, and confidentiality commitments and requirements. d. Ascendo management team assesses the risk associated with new vendors (i.e., sub-vendors and/or sub-contractors) prior to onboarding and has an ongoing risk management process for existing vendors. e. Ascendo communicates security and confidentiality requirements and operational responsibilities to third parties (i.e., sub-vendors, 4th or 5th party, etc.) through contractual agreements. 14. Business Continuity 14.1 Business Continuity Management and Disaster Recovery Ascendo has a business continuity plan and a disaster recovery plan in place to manage significant disruptions to its operations and infrastructure. Ascendo will be able to resume the full performance of their contractual services in 72 hours. a. Management reviews, updates, and approves these plans annually. b. Exercises are conducted to test the response to a specific incident on a regular basis. 14.2 Backup Procedures Ascendo will provide the Products, Services, and/or Network (as applicable) in accordance with the following procedures to enhance security. Ascendo will: a. Ensure that customer data is backed up on a daily basis and backup is encrypted b. Store copies of customer data and data recovery procedures in a different place from where the primary computer equipment processing the customer data is located. c. Have specific procedures in place governing access to copies of customer data. d. Review data recovery procedures at least annually. 15. Physical & Environmental Security Ascendo uses third-party cloud service providers and as such the physical access is controlled by Amazon and Google. 16. Standard of Conduct Ascendo and any of its Representatives performing Services or providing Products on the customer’s premises or accessing the customer’s networks remotely shall comply with all of the customer’s security, supervision, and other standard procedures and policies as communicated to Ascendo and such Representatives. Appendix A - Glossary Term Definition Critical Security Patch A set of changes to a computer program to fix security vulnerabilities. Finding An issue related to an internal control review. Risk A potential situation where the system or data may be exposed to a cyber threat. Security Breach A security breach is any incident that results in unauthorized access to data, applications, services, networks, and/or devices by bypassing their underlying security mechanisms. Security Event A security event is a change in the everyday operations of a network or information technology service indicating that a security policy may have been violated or a security safeguard may have failed. Security Incident A security incident is an event that may indicate that an organization's systems or data have been compromised or that measures put in place to protect them have failed. Vulnerability A vulnerability is a weakness that can be exploited by a Threat Actor, such as an attacker, to perform unauthorized actions within a computer system. Terms of Service (“ Agreement ”) constitute a contract between Ascendo.AI (“Ascendo”), and you, the customer that has signed up for the Services and agreed to the terms of this Agreement (“ Customer ”). Ascendo wishes to provide and you wish to have the right to access pursuant to the terms of this Agreement, a subscription service. This Agreement includes and incorporates the Order Form with which you purchased the Services and any subsequent Order Forms (submitted in written or electronic form). By accessing or using the Services, you agree to be bound by this Agreement. If you are entering into this Agreement on behalf of a company, organization or other entity, you represent that you have such authority to bind such entity and are agreeing to this Agreement on behalf of such entity. If you do not have such authority to enter into this Agreement or do not agree with these terms and conditions, you may not use the Services. Ascendo Terms of Service Section 1: Definitions 1.1 The following terms, when used in this Agreement will have the following meanings: “Confidential Information” means any information or data disclosed by either party that is marked or otherwise designated as confidential or proprietary or that should otherwise be reasonably understood to be confidential in light of the nature of the information and the circumstances surrounding disclosure. However, “Confidential Information” will not include any information which (a) is in the public domain through no fault of receiving party; (b) was properly known to receiving party, without restriction, prior to disclosure by the disclosing party; (c) was properly disclosed to receiving party, without restriction, by another person with the legal authority to do so; or (d) is independently developed by the receiving party without use of or reference to the disclosing party’s Confidential Information. “Documentation” means the printed and digital instructions, online help files, technical documentation, and user manuals made available by Ascendo for the Services, which Ascendo may modify from time to time. “Order Form” means an invoice, order form, quote, or other similar document that sets forth the specific Services and pricing therefore, and that references this Agreement and is mutually executed by the parties. “Services” means the SaaS-based platform and Software products ordered by or made available to the Customer under an Order Form (collectively with the described services in the applicable Order Form or Documentation). “Software” means Ascendo proprietary software which may integrate with Customer’s Third-Party Services, network or applications, as provided in the Documentation and any updates, fixes, or patches developed from time to time. Section 2: Services 2.1 Provision of Ascendo Platform. Subject to the terms and conditions of this Agreement, Ascendo hereby grants Customer and its registered employees and contractors (“Users”) a non-exclusive, non-sublicensable, non-transferable license to use and access the Services. The Services are subject to modification from time to time at Ascendo’s sole discretion, provided the modifications do not materially diminish the functionality of the Services provided by Ascendo. 2.2 Data Security. Ascendo maintains a commercially reasonable security program that is designed to (i) ensure the security and integrity of Customer data uploaded by or on behalf of Customer to the Services (“Customer Data”); (ii) protect against threats or hazards to the security or integrity of Customer Data; and (iii) prevent unauthorized access to Customer Data. Solely if and to the extent Ascendo processes Customer Personal Data (as defined in the DPA) that is subject to the GDPR (as defined in the DPA), the GDPR Data Processing Addendum provided onhttps://www.ascendo.ai/security-standards will apply (“DPA”). Solely if and to the extent Ascendo processes Customer Personal Information (as defined in the CCPA Addendum) that is subject to the CCPA (as defined in the CCPA Addendum), the CCPA Addendum provided on, will apply. 2.3 Limitations. The rights granted herein are subject to the following restrictions (the “License Restrictions”). Customer will not directly or indirectly: (a) reverse engineer, decompile, disassemble, modify, create derivative works of or otherwise create, attempt to create or derive, or permit or assist any third party to create or derive, the source code, object code or underlying structures, ideas or algorithms of the Services or any data related to the Services; (b) attempt to probe, scan, or test the vulnerability of the Services, breach the security or authentication measures of the Services without proper authorization, or willfully render any part of the Services unusable; (c) use or access the Services to develop a product or service that is competitive with Ascendo’s products or Services or engage in competitive analysis or benchmarking; (d) share, transfer, distribute, resell, lease, license, or assign Services or otherwise offer the Services on a standalone basis; or (e) otherwise, use the Services outside the scope expressly permitted hereunder and in the applicable Order Form. 2.4 Ascendo reserves the right to suspend Customer’s (or any User’s) access to the Services immediately (i) in the event that Customer breaches this Section 2.3 or Section 4 of this Agreement, or breaches any other provision of this Agreement and fails to correct that breach within the applicable cure period; or (ii) as it deems reasonably necessary to respond to any actual or potential security or availability concern that may affect customers or Users. Customer Responsibilities. (a) Customer will only use the Services in accordance with the Documentation and as set forth in this Agreement. Customer acknowledges that Ascendo’s provision of the Services is dependent on Customer providing all reasonably required cooperation (including the prompt provision of access to Customer’s applications, software systems, personnel, cooperation, and materials as reasonably required and any other access as may be specified in the applicable Order Form), and Customer will provide all such cooperation in a diligent and timely manner. (b) Customer will (i) be responsible for all use of the Services under its account (whether or not authorized), (ii) use commercially reasonable efforts to prevent unauthorized access to or use of the Services and notify Ascendo promptly of any such unauthorized access or use and (iii) be responsible for obtaining and maintaining any equipment, software, and ancillary services needed to connect to, access or otherwise use the Services, including as set forth in the Documentation. The customer will be solely responsible for its failure to maintain such equipment, software, and services, and Ascendo will have no liability for such failure (including under any service level agreement, if applicable). In addition, the Customer will be responsible for ensuring that its systems (e.g., APIs) have sufficient bandwidth to use the Services. (c) Customer will not use the Services to transmit or provide to Ascendo any financial or medical information of any nature, or any sensitive personal data (e.g ., social security numbers, driver’s license numbers, birth dates, personal bank account numbers, passport or visa numbers, and credit card numbers). (d) Customer’s use of third-party products or services that are not licensed to Customer directly by Ascendo (“Third Party Services”) shall be governed solely by the terms and conditions applicable to such Third-Party Services, as agreed to between Customer and the third party. Ascendo does not endorse or support is not responsible for, and disclaims all liability with respect to Third Party Services, including without limitation, the privacy practices, data security processes, or other policies related to Third Party Services. The customer agrees to waive any claim against Ascendo with respect to any Third-Party Services. (e) Customer may enable integrations between the Services and Third-Party Services (each, an “Integration”). By enabling an Integration between the Services and its third-party Services, Customer is instructing Ascendo to share the Customer Data necessary to facilitate the Integration. The customer is responsible for providing any and all instructions to the Third-Party Service provider about the use and protection of Customer Data. Ascendo and Third-Party Service providers are not subprocessors of each other. (f) Customer acknowledges that the Services will require Users to share with Ascendo certain information which may include personal information regarding Users (such as usernames, passwords, email addresses and/or phone numbers) solely for the purposes of providing and improving the Services. Prior to authorizing an individual to become a User, Customer is fully responsible for obtaining the consent of that individual, in accordance with Applicable Law, to the use of his/her information by Ascendo AI, which use is described in Ascendo’s Services Privacy Notice, located at https://www.ascendo.ai/privacy. Customer represents and warrants that all such consents have been or will be obtained prior to authorizing any individual to become a User. (g) Customer will be fully responsible for Users’ compliance with this Agreement and any breach of this Agreement by a User shall be deemed to be a breach by Customer. Ascendo’s relationship is with Customer and not individual Users or third parties using the Services through Customer, and Customer will address all claims raised by its Users directly with Ascendo AI. Section 3: Fees 3.1 Fees. The Customer will pay Ascendo AI the fees set forth in the Order Form. Except as otherwise specified herein or in any applicable Order Form, (a) fees are quoted and payable in United States dollars and (b) payment obligations are non-cancelable and non-pro-ratable for partial months, and fees paid are non-refundable. Ascendo reserves the right to change the fees or applicable charges and to institute new charges and fees at the end of the initial term, as specified in the Order Form, or then-current renewal term, upon thirty (30) days prior notice to Customer (which may be sent by email). 3.2 Late Payment. Ascendo may suspend access to the Services immediately upon notice if the Customer fails to pay any amounts hereunder at least fifteen (15) days past the applicable due date. 3.3 Taxes. All amounts payable hereunder are exclusive of any sales, use, and other taxes or duties, however designated (collectively “Taxes”). The Customer will be solely responsible for payment of all Taxes, except for those taxes based on the income of Ascendo. The Customer will not withhold any taxes from any amounts due to Ascendo. Section 4: Proprietary Rights and Confidentiality 4.1 Proprietary Rights. As between the parties, Ascendo exclusively owns all rights, title, and interest in and to the Services and Ascendo’s Confidential Information, and Customer exclusively owns all rights, title, and interest in and to the Customer Data and Customer’s Confidential Information. 4.2 Feedback. Customers may from time to time provide Ascendo suggestions or comments for enhancements or improvements, new features or functionality, or other feedback (“Feedback ”) with respect to the Services. Ascendo will have full discretion to determine whether or not to proceed with the development of any requested enhancements, new features, or functionality. Ascendo will have the full, unencumbered right, without any obligation to compensate or reimburse the Customer, to use, incorporate, and otherwise fully exercise and exploit any such Feedback in connection with its products and services. 4.3 Confidentiality. Each party agrees that it will use the Confidential Information of the other party solely in accordance with the provisions of this Agreement and it will not disclose, or permit to be disclosed, the same directly or indirectly, to any third party without the other party’s prior written consent, except as otherwise permitted hereunder. However, either party may disclose Confidential Information (a) to its employees, officers, directors, attorneys, auditors, financial advisors, and other representatives who have a need to know and are legally bound to keep such information confidential by confidentiality obligations consistent with those of this Agreement; and (b) as required by law (in which case the receiving party will provide the disclosing party with prior written notification thereof, will provide the disclosing party with the opportunity to contest such disclosure, and will use its reasonable efforts to minimize such disclosure to the extent permitted by applicable law. Neither party will disclose the terms of this Agreement to any third party, except that Ascendo may confidentially disclose such terms to actual or potential lenders, investors, or acquirers. Each party agrees to exercise due care in protecting Confidential Information from unauthorized use and disclosure. In the event of an actual or threatened breach of the provisions of this Section or the License Restrictions, the non-breaching party will be entitled to seek immediate injunctive and other equitable relief, without waiving any other rights or remedies available to it. Each party will promptly notify the other in writing if it becomes aware of any violations of the confidentiality obligations set forth in this Agreement. 4.4 Machine Learning and Aggregation. The Customer acknowledges that a fundamental component of the Services is the use of data aggregation and machine learning for the purpose of improving and providing Ascendo’s products and services. Notwithstanding anything to the contrary, Customer agrees that Ascendo is hereby granted the right to use (during and after the term hereof) information submitted using the Services to aggregate personally identifiable information and de-identify such information, including information related to vendors and train its algorithms internally through machine learning techniques for such purpose. 4.5 Performance Metrics. Customer agrees that Ascendo has the right to aggregate, collect, and analyze data and other information relating to the access or use of the Services by or on behalf of Customer or any User, including any performance, analytics, or statistical data and shall be free (during and after the term hereof) to (i) use such data and other information to improve Ascendo’s products and services, and (ii) disclose such data and other information solely in an aggregated and de-identified format. Section 5: Warranties and Disclaimers 5.1 Ascendo. Ascendo represents and warrants that it will not knowingly include, in the Services released to Users and provided to Customer hereunder, any computer code or other computer instructions, devices, or techniques, including without limitation those known as viruses, disabling devices, trojans, or time bombs, that intentionally disrupt, disable, harm, infect, defraud, damage, or otherwise impede in any manner, the operation of a network, computer program or computer system or any component thereof, including its security or User data. If, at any time, Ascendo fails to comply with the warranty in Section 5 .1, Customer may promptly notify Ascendo in writing of any such noncompliance. Ascendo will, within 30 days of receipt of such written notification, either correct the noncompliance or provide Customer with a plan for correcting the noncompliance. If the noncompliance is not corrected or if a reasonably acceptable correction plan is not established during such period, Customer may terminate this Agreement and receive a refund of any pre-paid but unearned subscription fees, prorated on a monthly basis, as its sole and exclusive remedy for such noncompliance. This provision does not apply to the Customer’s use of free Services. 5.2 Customer. Customer warrants that it has all rights necessary to provide any information, data or other materials that it provides hereunder, and to permit Ascendo to use the same as contemplated hereunder. 5.3 DISCLAIMERS. EXCEPT AS EXPRESSLY SET FORTH HEREIN, EACH PARTY DISCLAIMS ANY AND ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WARRANTIES OF MERCHANTABILITY, TITLE, NON- INFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE. THE CUSTOMER ACKNOWLEDGES THAT THE SERVICES ARE BASED ON PREDICTIVE STATISTICAL MODELS, AND ARE INTENDED TO AUGMENT THE EFFICIENCY OF, BUT NOT REPLACE, CUSTOMER’S IT HELPDESK. THE SERVICES MAY CONTAIN BUGS, MAKE ERRORS, OR MISINTERPRET IT ISSUES, AND IN SUCH CASES ASCENDO CAN DISENGAGE ANY FUNCTIONALITY OF THE SERVICES AT THE CUSTOMER’S REQUEST. ASCENDO DOES NOT REPRESENT OR WARRANT THAT ANY OR ALL IT HELPDESK TICKETS WILL BE RESOLVED OR THAT HUMAN INTERVENTION WILL NOT BE REQUIRED TO RESOLVE AN IT HELPDESK TICKET. 5.4 BETA PRODUCTS. FROM TIME TO TIME, CUSTOMERS MAY HAVE THE OPTION TO PARTICIPATE IN A PROGRAM WITH ASCENDO WHERE CUSTOMER GETS TO USE ALPHA OR BETA PRODUCTS, FEATURES, OR DOCUMENTATION (COLLECTIVELY, “BETA PRODUCTS”) OFFERED BY ASCENDO. THE BETA PRODUCTS ARE NOT GENERALLY AVAILABLE AND ARE PROVIDED “AS IS”. ASCENDO DOES NOT PROVIDE ANY INDEMNITIES, SERVICE LEVEL COMMITMENTS OR WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WARRANTIES OF MERCHANTABILITY, TITLE, NON-INFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE, IN RELATION THERETO. CUSTOMERS OR ASCENDO MAY TERMINATE THE CUSTOMER’S ACCESS TO THE BETA PRODUCTS AT ANY TIME. Section 6: Indemnification 6.1 Indemnity by Ascendo. Ascendo will defend Customer against any claim, demand, suit, or proceeding (“ Claim ”) made or brought against Customer by a third party alleging that the use of the Services as permitted hereunder infringes a United States patent or copyright or misappropriates a trade secret and will indemnify Customer for any damages finally awarded against (or any settlement approved by Ascendo) Customer in connection with any such Claim; provided that (a) Customer will promptly notify Ascendo of such Claim, (b) Ascendo will have the sole and exclusive authority to defend and/or settle any such Claim (provided that Ascendo may not settle any Claim without Customer’s prior written consent, which will not be unreasonably withheld unless it unconditionally releases Customer of all related liability) and (c) Customer reasonably cooperates with Ascendo in connection therewith. If the use of the Services by Customer has become, or in Ascendo’s opinion is likely to become, the subject of any claim of infringement, Ascendo may at its option and expense (i) procure for Customer the right to continue using and receiving the Services as set forth hereunder; (ii) replace or modify the Services to make it non-infringing (with comparable functionality); or (iii) if the options in clauses (i) or (ii) are not reasonably practicable, terminate this Agreement and provide a pro-rata refund of any prepaid fees corresponding to the terminated portion of the applicable subscription term. Ascendo will have no liability or obligation with respect to any Claim if such Claim is caused in whole or in part by (A) compliance with designs, guidelines, plans, or specifications provided by Customer; (B) use of the Services by Customer not in accordance with this Agreement; (C) modification of the Services by any party other than Ascendo without Ascendo’s express consent; (D) Customer Confidential Information or (E) the combination, operation or use of the Services with other applications, portions of applications, product(s) or services where the Services would not by itself be infringing (clauses (A) through (E), “ Excluded Claims ”). This Section states Ascendo’s sole and exclusive liability and obligation, and Customer’s exclusive remedy, for any claim of any nature related to infringement or misappropriation of intellectual property. 6.2 Indemnification by Customer. Customer will defend Ascendo against any Claim made or brought against Ascendo by a third party arising out of the (i) Customer breach of any laws or regulations (including with respect to privacy); (ii) Customer’s or any User's use of the Services; (iii) Customer’s violation of any agreements it has with any User; or (iv) Excluded Claims, and Customer will indemnify Ascendo for any damages finally awarded against (or any settlement approved by Customer) Ascendo in connection with any such Claim; provided that (a) Ascendo will promptly notify Customer of such Claim, (b) Customer will have the sole and exclusive authority to defend and/or settle any such Claim (provided that Customer may not settle any Claim without Ascendo’s prior written consent, which will not be unreasonably withheld unless it unconditionally releases Ascendo of all liability) and (c) Ascendo reasonably cooperates with Customer in connection therewith. Section 7: Limitation of Liability UNDER NO LEGAL THEORY, WHETHER IN TORT, CONTRACT, OR OTHERWISE, WILL EITHER PARTY BE LIABLE TO THE OTHER UNDER THIS AGREEMENT FOR (A) ANY INDIRECT, SPECIAL, INCIDENTAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES OF ANY CHARACTER, INCLUDING DAMAGES FOR LOSS OF GOODWILL, LOST PROFITS, LOST SALES OR BUSINESS, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, LOST CONTENT OR DATA, EVEN IF A REPRESENTATIVE OF SUCH PARTY HAS BEEN ADVISED, KNEW OR SHOULD HAVE KNOWN OF THE POSSIBILITY OF SUCH DAMAGES, OR (B) EXCLUDING A PARTY’S INDEMNIFICATION OBLIGATIONS OR THE BREACH OF SECTION 2.3 (LIMITATIONS), SECTION 2.4 (CUSTOMER RESPONSIBILITIES) OR SECTION 3 (FEES), ANY DIRECT DAMAGES, COSTS, OR LIABILITIES IN EXCESS OF THE AMOUNTS PAID BY CUSTOMER UNDER THE APPLICABLE ORDER FORM DURING THE TWELVE (12) MONTHS PRECEDING THE INCIDENT OR CLAIM. Section 8: Termination 8.1 Term. The term of this Agreement will commence on the effective date of the initial Order Form and continue until terminated as set forth below. The initial term of each Order Form will begin on the Order Form effective date of such Order Form and will continue for the subscription term set forth therein. Except as set forth in such Order Form, the term of such Order Form will automatically renew for successive renewal terms equal to the length of the initial term of such Order Form, unless either party provides the other party with written notice of non-renewal at least thirty (30) days prior to the end of the then-current term. 8.2 Termination. Each party may terminate this Agreement upon written notice to the other party if there are no Order Forms then in effect. Each party may also terminate this Agreement or the applicable Order Form upon written notice in the event (a) the other party commits any material breach of this Agreement or the applicable Order Form and fails to remedy such breach within thirty ( 3 0) days after written notice of such breach or (b) subject to applicable law, upon the other party’s liquidation, commencement of dissolution proceedings or assignment of substantially all its assets for the benefit of creditors, or if the other party become the subject of bankruptcy or similar proceeding that is not dismissed within sixty (60) days. 8.3 Survival. Upon termination of this Agreement, all rights and obligations will immediately terminate except that any terms or conditions that by their nature should survive such termination will survive, including the License Restrictions and terms and conditions relating to proprietary rights and confidentiality, disclaimers, indemnification, limitations of liability and termination and the general provisions below. Section 9: General 9.1 Export Compliance. Each party will comply with the export laws and regulations of the United States, European Union, and other applicable jurisdictions in providing and using the Services. 9.2 Publicity. Customer agrees that Ascendo may refer to Customer’s name and trademarks in Ascendo’s marketing materials and website; however, Ascendo will not use Customer’s name or trademarks in any other publicity (e.g., press releases, customer references, and case studies) without Customer’s prior written consent (which may be by email). 9.3 Assignment; Delegation. Neither party hereto may assign or otherwise transfer this Agreement, in whole or in part, without the other party’s prior written consent, except that either party may assign this Agreement without consent to a successor to all or substantially all of its assets or business related to this Agreement. Any attempted assignment, delegation, or transfer by either party in violation hereof will be null or void. Subject to the foregoing, this Agreement will be binding on the parties and their successors and assigns. 9.4 Amendment; Waiver. No amendment or modification to this Agreement, nor any waiver of any rights hereunder, will be effective unless assented to in writing by both parties. Any such waiver will be only to the specific provision and under the specific circumstances for which it was given and will not apply with respect to any repeated or continued violation of the same provision or any other provision. Failure or delay by either party to enforce any provision of this Agreement will not be deemed a waiver of future enforcement of that or any other provision. 9.5 Relationship. Nothing contained herein will in any way constitute any association, partnership, agency, employment, or joint venture between the parties hereto, or be construed to evidence the intention of the parties to establish any such relationship. Neither party will have the authority to obligate or bind the other in any manner, and nothing herein contained will give rise or is intended to give rise to any rights of any kind to any third parties. 9.6 Unenforceability. If a court of competent jurisdiction determines that any provision of this Agreement is invalid, illegal, or otherwise unenforceable, such provision will be enforced as nearly as possible in accordance with the stated intention of the parties, while the remainder of this Agreement will remain in full force and effect and bind the parties according to its terms. 9.7 Governing Law. This Agreement will be governed by the laws of the State of California, exclusive of its rules governing choice of law and conflict of laws. This Agreement will not be governed by the United Nations Convention on Contracts for the International Sale of Goods. 9.8 Notices. Any notice required or permitted to be given hereunder will be given in writing by personal delivery, certified mail, return receipt requested, or by overnight delivery. Ascendo may provide notice using the information provided in the most recent Order Form and Customer may provide notice using the contact information provided on https://www.ascendo.ai . 9.9 Entire Agreement. This Agreement comprises the entire agreement between Customer and Ascendo with respect to its subject matter and supersedes all prior and contemporaneous proposals, statements, sales materials, or presentations and agreements (oral and written). No oral or written information or advice given by Ascendo, its agents, or employees will create a warranty or in any way increase the scope of the warranties in this Agreement. In the event of any conflict between this Agreement and the DPA or CCPA Addendum, the DPA and/or CCPA Addendum, as applicable, will govern 9.10 Force Majeure . Neither Party will be deemed in breach hereunder for any cessation, interruption, or delay in the performance of its obligations due to causes beyond its reasonable control (“ Force Majeure Event ”), including earthquake, flood, or other natural disasters, act of God, labor controversy, civil disturbance, terrorism, war (whether or not officially declared), cyber-attacks (e.g., denial of service attacks), or the inability to obtain sufficient supplies, transportation, or other essential commodity or service required in the conduct of its business, or any change in or the adoption of any law, regulation, judgment or decree. 9.11 Government Terms. Ascendo provides the Services, including related software and technology, for ultimate federal government end use solely in accordance with the terms of this Agreement. If Customer (or any of its customers) is an agency, department, or other entity of any government, the use, duplication, reproduction, release, modification, disclosure, or transfer of the Services, or any related documentation of any kind, including technical data, software, and manuals, is restricted by the terms of this Agreement. All other use is prohibited and no rights than those provided in this Agreement are conferred. The Services were developed fully at private expense. 9.12 Interpretation. For purposes hereof, “including” means “including without limitation”. Last Updated: May 17, 2023 Register now Submit First Name Last Name Email Company Name Thanks for submitting! Ascendo.AI Subprocessors Please register to be notified of any changes to the Subprocessor list on this page. If a change occurs, you will receive an email to the address that you provide. Subprocessor Policy Last Updated: June 2, 2023 Ascendo.AI may engage the following entities to process personal data that you include in your use of Ascendo.AI’s Cloud Services: Cloud Providers Data Types Description of Processing Third-Party Entity Google, Inc. Cloud Provider Ascendo.AI, runs on top of GCP. These cloud providers host the personal data you store in the Cloud Services. Cloud Provider MongoDB, Inc. Cloud Provider DB Headquartered Location Data Types Description of Processing Third-Party Entity To provide support and perform other service functions, we may also engage the following entities to process personal data on your behalf: Other Third-Party Subprocessor Twilio, Inc. 2FA and SMS Alerts If you turn on two-factor authentication or SMS alerts, Twilio receives basic info to provide you authentication codes and text alerts (e.g., phone number). San Francisco, CA Slack Technologies Support Channel If you engage in Support via Slack receives basic Contact info( e.g., name, email address). San Francisco, CA Google Inc. Email Support If you engage in email support via Gmail, Google receives basic contact info (e.g., name, email address). If you include other personal data in your support emails (e.g., snippets of database logs, query outputs, etc.), this information would also be processed by Google Mountain View, CA Affiliates Ascendo.AI may engage the following entities to process personal data that you include in your use of Ascendo.AI’s Cloud Services: Location Affiliate Entity Ascendo.AI, Inc. United States MongoDB.Inc Cloud Provider DB These cloud providers host all the data you store in the Cloud Services Google, Inc. Cloud Provider Ascendo.AI, runs on top of GCP.These cloud providers host the personal data you store in the Cloud Services. Ascendo.AI, runs on top of GCP. These cloud providers host the personal data you store in the Cloud Services. MongoDB, Inc. These cloud providers host all the data you store in the Cloud Services Third-Party Entity Description of Processing Slack Technologies Cloud Provider Ascendo.AI, runs on top of GCP. These cloud providers host the personal data you store in the Cloud Services. Support Channel Twilio, Inc. 2FA and SMS Alerts Google, Inc. Email Support Data Types Slack Technologies Cloud Provider Ascendo.AI, runs on top of GCP. These cloud providers host the personal data you store in the Cloud Services. If you engage in Support via Slack receives basic Contact info( e.g., name, email address). Twilio, Inc. If you turn on two-factor authentication or SMS alerts, Twilio receives basic info to provide you authentication codes and text alerts (e.g., phone number). Google, Inc. If you engage in email support via Gmail, Google receives basic contact info (e.g., name, email address). If you include other personal data in your support emails (e.g., snippets of database logs, query outputs, etc.), this information would also be processed by Google. Headquartered Location Slack Technologies Cloud Provider Ascendo.AI, runs on top of GCP. These cloud providers host the personal data you store in the Cloud Services. San Francisco, CA Twilio, Inc. Google, Inc. Mountain View, CA San Francisco, CA Last updated at " June 2rd 2023 Last updated at " June 2rd 2023 Data Processing Agreement and its Annexes (“DPA”) reflect the parties’ agreement with respect to the Processing of Personal Data by us on behalf of you in connection with the Ascendo Services under the Ascendo Customer Terms of Service available at Terms | Ascendo | Ascendo Terms of Service between you and us (also referred to in this DPA as the “Agreement”). This DPA is supplemental to, and forms an integral part of, the Agreement and is effective upon its incorporation into the Agreement, which may be specified in the Agreement, an Order Form, or an executed amendment to the Agreement. In case of any conflict or inconsistency with the terms of the Agreement, this DPA will take precedence over the terms of the Agreement to the extent of such conflict or inconsistency. The term of this DPA will follow the term of the Agreement. Terms not otherwise defined in this DPA will have the meaning as set forth in the Agreement. 1. Definitions “California Personal Information” means Personal Data that is subject to the protection of the CCPA. "CCPA" means California Civil Code Sec. 1798.100 et seq. (also known as the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 or "CPRA"). "Consumer", "Business", "Sell", "Service Provider", and "Share" will have the meanings given to them in the CCPA. “Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data. “Data Protection Laws” means all applicable worldwide legislation relating to data protection and privacy which applies to the respective party in the role of Processing Personal Data in question under the Agreement, including without limitation European Data Protection Laws, the CCPA and other applicable U.S. federal and state privacy laws, and the data protection and privacy laws of Australia, Singapore, and Japan, in each case as amended, repealed, consolidated or replaced from time to time; with regard to Ascendo.AI, Data Protection Laws exclude laws governing Sensitive Information, as defined in the General Terms. “Data Subject” means the individual to whom Personal Data relates. "Europe" means the European Union, the European Economic Area and/or their member states, Switzerland and the United Kingdom. “European Data” means Personal Data that is subject to the protection of European Data Protection Laws. "European Data Protection Laws" means data protection laws applicable in Europe, including: (i) Regulation 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation) ("GDPR"); (ii) Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector; and (iii) applicable national implementations of (i) and (ii); or (iii) GDPR as it forms parts of the United Kingdom domestic law by virtue of Section 3 of the European Union (Withdrawal) Act 2018 ("UK GDPR"); and (iv) Swiss Federal Data Protection Act on 19 June 1992 and its Ordinance ("Swiss DPA"); in each case, as may be amended, superseded or replaced. “Instructions” means the written, documented instructions issued by a Controller to a Processor, and directing the same to perform a specific or general action with regard to Personal Data (including, but not limited to, depersonalizing, blocking, deletion, making available). "Permitted Affiliates" means any of your Affiliates that (i) are permitted to use the Subscription Services pursuant to the Agreement, but have not signed their own separate agreement with us and are not a “Customer” as defined under the Agreement, (ii) qualify as a Controller of Personal Data Processed by us, and (iii) are subject to European Data Protection Laws. “Personal Data” means any information relating to an identified or identifiable individual where (i) such information is contained within Customer Data; and (ii) is protected similarly as personal data, personal information, or personally identifiable information under applicable Data Protection Laws. “Personal Data Breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Data transmitted, stored or otherwise Processed by us and/or our Sub-Processors in connection with the provision of the Subscription Services. "Personal Data Breach" will not include unsuccessful attempts or activities that do not compromise the security of Personal Data, including unsuccessful log-in attempts, pings, port scans, denial of service attacks, and other network attacks on firewalls or networked systems. "Privacy Shield" means the EU-U.S. and Swiss-US Privacy Shield self-certification program operated by the U.S. Department of Commerce and approved by the European Commission pursuant to its Decision of July 12, 2016, and by the Swiss Federal Council on January 11, 2017, respectively; as may be amended, superseded or replaced. "Privacy Shield Principles" means the Privacy Shield Principles (as supplemented by the Supplemental Principles) contained in Annex II to the European Commission Decision of July 12, 2016; as may be amended, superseded, or replaced. “Processing” means any operation or set of operations which is performed on Personal Data, encompassing the collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction or erasure of Personal Data. The terms “Process”, “Processes” and “Processed” will be construed accordingly. “Processor” means a natural or legal person, public authority, agency or other body which Processes Personal Data on behalf of the Controller. “Standard Contractual Clauses” means the standard contractual clauses annexed to the European Commission’s Decision (EU) 2021/914 of 4 June 2021 currently found at https://eur-lex.europa.eu/eli/dec_impl/2021/914 , as may be amended, superseded or replaced. “Sub-Processor” means any Processor engaged by us or our Affiliates to assist in fulfilling our obligations with respect to the provision of the Subscription Services under the Agreement. Sub-Processors may include third parties or our Affiliates but will exclude any Ascendo.AI employee or consultant. “UK Addendum” means the International Data Transfer Addendum issued by the UK Information Commissioner under section 119A (1) of the Data Protection Act 2018 currently found at https://ico.org.uk/media/for-organisations/documents/4019539/international-data-transfer-addendum.pdf , as may be amended, superseded, or replaced. 2. Customer Responsibilities a. Compliance with Laws. Within the scope of the Agreement and in its use of the services, you will be responsible for complying with all requirements that apply to it under applicable Data Protection Laws with respect to its Processing of Personal Data and the Instructions it issues to us. In particular but without prejudice to the generality of the foregoing, you acknowledge and agree that you will be solely responsible for: (i) the accuracy, quality, and legality of Customer Data and the means by which you acquired Personal Data; (ii) complying with all necessary transparency and lawfulness requirements under applicable Data Protection Laws for the collection and use of the Personal Data, including obtaining any necessary consents and authorizations (particularly for use by Customer for marketing purposes); (iii) ensuring you have the right to transfer, or provide access to, the Personal Data to us for Processing in accordance with the terms of the Agreement (including this DPA); (iv) ensuring that your Instructions to us regarding the Processing of Personal Data comply with applicable laws, including Data Protection Laws; and (v) complying with all laws (including Data Protection Laws) applicable to any emails or other content created, sent or managed through the Subscription Services, including those relating to obtaining consents (where required) to send emails, the content of the emails and its email deployment practices. You will inform us without undue delay if you are not able to comply with your responsibilities under this 'Compliance with Laws' section or applicable Data Protection Laws. b. Controller Instructions. The parties agree that the Agreement (including this DPA), together with your use of the Subscription Service in accordance with the Agreement, constitute your complete Instructions to us in relation to the Processing of Personal Data, so long as you may provide additional instructions during the subscription term that are consistent with the Agreement, the nature and lawful use of the Subscription Service. c. Security. You are responsible for independently determining whether the data security provided for in the Subscription Service adequately meets your obligations under applicable Data Protection Laws. You are also responsible for your secure use of the Subscription Service, including protecting the security of Personal Data in transit to and from the Subscription Service (including to securely backup or encrypt any such Personal Data). 3. Ascendo.AI Obligations a. Compliance with Instructions. We will only Process Personal Data for the purposes described in this DPA or as otherwise agreed within the scope of your lawful Instructions, except where and to the extent otherwise required by applicable law. We are not responsible for compliance with any Data Protection Laws applicable to you or your industry that are not generally applicable to us. b. Conflict of Laws. If we become aware that we cannot Process Personal Data in accordance with your Instructions due to a legal requirement under any applicable law, we will (i) promptly notify you of that legal requirement to the extent permitted by the applicable law; and (ii) where necessary, cease all Processing (other than merely storing and maintaining the security of the affected Personal Data) until such time as you issue new Instructions with which we are able to comply. If this provision is invoked, we will not be liable to you under the Agreement for any failure to perform the applicable Subscription Services until such time as you issue new lawful Instructions with regard to the Processing. c. Security. We will implement and maintain appropriate technical and organizational measures to protect Personal Data from Personal Data Breaches, as described under Annex 2 to this DPA ("Security Measures"). Notwithstanding any provision to the contrary, we may modify or update the Security Measures at our discretion provided that such modification or update does not result in a material degradation in the protection offered by the Security Measures. d. Confidentiality. We will ensure that any personnel whom we authorize to Process Personal Data on our behalf is subject to appropriate confidentiality obligations (whether a contractual or statutory duty) with respect to that Personal Data. e. Personal Data Breaches. We will notify you without undue delay after we become aware of any Personal Data Breach and will provide timely information relating to the Personal Data Breach as it becomes known or reasonably requested by you. At your request, we will promptly provide you with such reasonable assistance as necessary to enable you to notify relevant Personal Data Breaches to competent authorities and/or affected Data Subjects, if you are required to do so under Data Protection Laws. f. Deletion or Return of Personal Data. We will delete or return all Customer Data, including Personal Data (including copies thereof) Processed pursuant to this DPA, on termination or expiration of your Subscription Service in accordance with the procedures set out in our Product Specific Terms. This term will apply except where we are required by applicable law to retain some or all of the Customer Data, or where we have archived Customer Data on back-up systems, which data we will securely isolate and protect from any further Processing and delete in accordance with our deletion practices. You may request the deletion of your Ascendo.AI account after the expiration or termination of your subscription by sending a request to policy@ascendo.ai We strongly recommend retrieving your Customer Data prior to the end of your Subscription. If you need help retrieving your Customer Data during the Subscription Term, we will provide reasonable assistance to you, at your cost, and in accordance with the ‘Confidentiality’ section of the General Terms . 4. Data Subject Requests The Subscription Service provides you with a number of controls that you can use to retrieve, correct, delete or restrict Personal Data, which you can use to assist it in connection with its obligations under Data Protection Laws, including your obligations relating to responding to requests from Data Subjects to exercise their rights under applicable Data Protection Laws ("Data Subject Requests"). To the extent that you are unable to independently address a Data Subject Request through the Subscription Service, then upon your written request we will provide reasonable assistance to you to respond to any Data Subject Requests or requests from data protection authorities relating to the Processing of Personal Data under the Agreement. You will reimburse us for the commercially reasonable costs arising from this assistance. If a Data Subject Request or other communication regarding the Processing of Personal Data under the Agreement is made directly to us, we will promptly inform you and, will advise the Data Subject to submit their request to you. You will be solely responsible for responding substantively to any such Data Subject Requests or communications involving Personal Data. 5. Sub-Processor You agree we may engage Sub-Processors to Process Personal Data on your behalf, and we do so in three ways. First, we may engage Sub-Processors to assist us with hosting and infrastructure. Second, we may engage with Sub-Processors to support product features and integrations. Third, we may engage with Ascendo.AI Affiliates as Sub-Processors for service and support. Some Sub-Processors will apply to you as default, and some Sub-Processors will apply only if you opt in. We have currently appointed, as Sub-Processors, the third parties and Ascendo.AI Affiliates listed in Annex 3 to this DPA. You may subscribe to receive notifications by email if we add or replace any Sub-Processors by completing the form available at here If you opt-in to receive such email, we will notify you at least 30 days prior to any such change. We will give you the opportunity to object to the engagement of new Sub-Processors on reasonable grounds relating to the protection of Personal Data within 30 days of notifying you. If you do notify us of such an objection, the parties will discuss your concerns in good faith with a view to achieving a commercially reasonable resolution. If no such resolution can be reached, we will, at our sole discretion, either not appoint the new Sub-Processor, or permit you to suspend or terminate the affected Subscription Service in accordance with the termination provisions of the Agreement without liability to either party (but without prejudice to any fees incurred by you prior to suspension or termination). The parties agree that by complying with this sub-section, Ascendo.AI fulfills its obligations under Section 9 of the Standard Contractual Clauses. Where we engage Sub-Processors, we will impose data protection terms on the Sub-Processors that provide at least the same level of protection for Personal Data as those in this DPA (including, where appropriate, the Standard Contractual Clauses), to the extent applicable to the nature of the services provided by such Sub-Processors. We will remain responsible for each Sub-Processor’s compliance with the obligations of this DPA and for any acts or omissions of such Sub-Processor that cause us to breach any of its obligations under this DPA. 6. Data Transfers You acknowledge and agree that we may access and Process Personal Data on a global basis as necessary to provide the Subscription Service in accordance with the Agreement, and in particular that Personal Data may be transferred to and Processed by Ascendo.AI, Inc. in the United States and to other jurisdictions where Ascendo.AI Affiliates and Sub-Processors have operations. Wherever Personal Data is transferred outside its country of origin, each party will ensure such transfers are made in compliance with the requirements of Data Protection Laws. 7. Demonstration of Compliance We will make all information reasonably necessary to demonstrate compliance with this DPA available to you and allow for and contribute to audits, including inspections conducted by you or your auditor in order to assess compliance with this DPA, where required by applicable law. You acknowledge and agree that you will exercise your audit rights under this DPA and Clause 8.9 of the Standard Contractual Clauses by instructing us to comply with the audit measures described in this 'Demonstration of Compliance' section. You acknowledge that the Subscription Service is hosted by our hosting Sub-Processors who maintain independently validated security programs (including SOC 2) and that our systems are audited annually as part of SOC 2 compliance and regularly tested by independent third-party penetration testing firms. Upon request, we will supply (on a confidential basis) our SOC 2 report and summary copies of our penetration testing report(s) to you so that you can verify our compliance with this DPA. Further, at your written request, we will provide written responses (on a confidential basis) to all reasonable requests for information made by you necessary to confirm our compliance with this DPA, provided that you will not exercise this right more than once per calendar year unless you have reasonable grounds to suspect non-compliance with the DPA. 8. Additional Provisions for European Data a. Scope. This 'Additional Provisions for European Data' section will apply only with respect to European Data. b. Roles of the Parties. When Processing European Data in accordance with your Instructions, the parties acknowledge and agree that you are the Controller of European Data and we are the Processor. c. Instructions. If we believe that your Instruction infringes European Data Protection Laws (where applicable), we will inform you without delay. d. Sub-Processor Agreements. For the purposes of Clause 9(c) of the Standard Contractual Clauses, you acknowledge that we may be restricted from disclosing Sub-Processor agreements but we will use reasonable efforts to require any Sub-Processor we appoint to permit it to disclose the Sub-Processor agreement to you and will provide (on a confidential basis) all information we reasonably can. e. Data Protection Impact Assessments and Consultation with Supervisory Authorities. To the extent that the required information is reasonably available to us, and you do not otherwise have access to the required information, we will provide reasonable assistance to you with any data protection impact assessments, and prior consultations with supervisory authorities (for example, the French Data Protection Agency (CNIL), the Berlin Data Protection Authority (BlnBDI) and the UK Information Commissioner's Office (ICO)) or other competent data privacy authorities to the extent required by European Data Protection Laws. f. Transfer Mechanisms for Data Transfers. (A) Ascendo.AI will not transfer European Data to any country or recipient not recognized as providing an adequate level of protection for Personal Data (within the meaning of applicable European Data Protection Laws) unless it first takes all such measures as are necessary to ensure the transfer is in compliance with applicable European Data Protection Laws. Such measures may include (without limitation) transferring such data to a recipient that is covered by a suitable framework or other legally adequate transfer mechanism recognized by the relevant authorities or courts as providing an adequate level of protection for Personal Data, to a recipient that has achieved binding corporate rules authorization in accordance with European Data Protection Laws, or to a recipient that has executed appropriate standard contractual clauses in each case as adopted or approved in accordance with applicable European Data Protection Laws. (B) You acknowledge that in connection with the performance of the Subscription Services, Ascendo.AI, Inc. is a recipient of European Data in the United States. Subject to sub-sections (C) and (D), the parties agree that the Standard Contractual Clauses will be incorporated by reference and form part of the Agreement as follows: (a) EEA Transfers. In relation to European Data that is subject to the ⁠GDPR (i) Customer is the "data exporter" and Ascendo.AI, Inc. is the "data importer"; (ii) the Module Two terms apply to the extent the Customer is a Controller of European Data and the Module Three terms apply to the extent the Customer is a Processor of European Data; (iii) in Clause 7, the optional docking clause applies; (iv) in Clause 9, Option 2 applies and changes to Sub-Processors will be notified in accordance with the ‘Sub-Processors’ section of this DPA; (v) in Clause 11, the optional language is deleted; (vi) in Clauses 17 and 18, the parties agree that the governing law and forum for disputes for the Standard Contractual Clauses will be determined in accordance with the 'Contracting Entity; Applicable Law; Notice’ section of the Jurisdiction Specific Terms or, if such section does not specify an EU Member State, the Republic of Ireland (without reference to conflicts of law principles); (vii) the Annexes of the Standard Contractual Clauses will be deemed completed with the information set out in the Annexes of this DPA; and (viii) if and to the extent the Standard Contractual Clauses conflict with any provision of this DPA the Standard Contractual Clauses will prevail to the extent of such conflict. (b) UK Transfers. In relation to European Data that is subject to the UK GDPR, the Standard Contractual Clauses will apply in accordance with sub-section (a) and the following modifications (i) the Standard Contractual Clauses will be modified and interpreted in accordance with the UK Addendum, which will be incorporated by reference and form an integral part of the Agreement; (ii) Tables 1, 2 and 3 of the UK Addendum will be deemed completed with the information set out in the Annexes of this DPA and Table 4 will be deemed completed by selecting “neither party”; and (iii) any conflict between the terms of the Standard Contractual Clauses and the UK Addendum will be resolved in accordance with Section 10 and Section 11 of the UK Addendum. (c) Swiss Transfers. In relation to European Data that is subject to the Swiss DPA, the Standard Contractual Clauses will apply in accordance with subsection (a), and the following modifications (i) references to "Regulation (EU) 2016/679" will be interpreted as references to the Swiss DPA; (ii) references to "EU", "Union" and "Member State law" will be interpreted as references to Swiss law; and (iii) references to the "competent supervisory authority" and "competent courts" will be replaced with the "the Swiss Federal Data Protection and Information Commissioner " and the "relevant courts in Switzerland". (C) Where the Ascendo.AI contracting entity under the Agreement is not Ascendo.AI, Inc., such contracting entity (not Ascendo.AI, Inc.) will remain fully and solely responsible and liable to you for the performance of the Standard Contractual Clauses by Ascendo.AI, Inc., and you will direct any instructions, claims or enquiries in relation to the Standard Contractual Clauses to such contracting entity. If Ascendo.AI cannot comply with its obligations under the Standard Contractual Clauses or is breach of any warranties under the Standard Contractual Clauses or UK Addendum (as applicable) for any reason, and you intend to suspend the transfer of European Data to Ascendo.AI or terminate the Standard Contractual Clauses ,or UK Addendum, you agree to provide us with reasonable notice to enable us to cure such non-compliance and reasonably cooperate with us to identify what additional safeguards, if any, may be implemented to remedy such non-compliance. If we have not or cannot cure the non-compliance, you may suspend or terminate the affected part of the Subscription Service in accordance with the Agreement without liability to either party (but without prejudice to any fees you have incurred prior to such suspension or termination). (D) Although Ascendo.AI, Inc. does not currently rely on the EU-US Privacy Shield as a legal basis for transfers of European Data in light of the judgment of the Court of Justice of the EU in Case C-311/18, for as long as Ascendo.AI, Inc. is self-certified to the Privacy Shield Ascendo.AI, Inc will process European Data in compliance with the Privacy Shield Principles and let you know if it is unable to comply with this requirement. In the event that Ascendo.AI adopts an alternative transfer mechanism (including any new or successor version of the EU-US Privacy Shield) for transfers of European Data to Ascendo.AI, Inc., such alternative transfer mechanism will apply automatically instead of the Standard Contractual Clauses described in this DPA (but only to the extent such alternative transfer mechanism complies with European Data Protection Laws), and you agree to execute such other documents or take such action as may be reasonably necessary to give legal effect such alternative transfer mechanism. 9. Additional Provisions for California Personal Information a. Scope. The 'Additional Provisions for California Personal Information' section of the DPA will apply only with respect to California Personal Information. b. Roles of the Parties. When processing California Personal Information in accordance with your Instructions, the parties acknowledge and agree that you are a Business and we are a Service Provider for the purposes of the CCPA. c. Responsibilities. We certify that we will Process California Personal Information as a Service Provider strictly for the purpose of performing the Subscription Services and Consulting Services under the Agreement (the "Business Purpose") or as otherwise permitted by the CCPA, including as described in the 'Usage Data' section of our Privacy Policy. Further, we certify we i) will not Sell or Share California Personal Information; (ii) will not Process California Personal Information outside the direct business relationship between the parties, unless required by applicable law; and (iii) will not combine the California Personal Information included in Customer Data with personal information that we collect or receive from another source (other than information we receive from another source in connection with our obligations as a Service Provider under the Agreement). d. Compliance. We will (i) comply with obligations applicable to us as a Service Provider under the CCPA and (ii) provide California Personal Information with the same level of privacy protection as is required by the CCPA. We will notify you if we make a determination that we can no longer meet our obligations as a Service Provider under the CCPA. e. CCPA Audits. You will have the right to take reasonable and appropriate steps to help ensure that we use California Personal Information in a manner consistent with Customer’s obligations under the CCPA. Upon notice, you will have the right to take reasonable and appropriate steps in accordance with the Agreement to stop and remediate unauthorized use of California Personal Information. f. Not a Sale. The parties acknowledge and agree that the disclosure of California Personal Information by the Customer to Ascendo.AI does not form part of any monetary or other valuable consideration exchanged between the parties. 10. General Provisions a. Amendments. Notwithstanding anything else to the contrary in the Agreement and without prejudice to the ‘Compliance with Instructions’ or ‘Security’ sections of this DPA, we reserve the right to make any updates and changes to this DPA and the terms that apply in the ‘Amendment; No Waiver’ section of the General Terms will apply. b. Severability. If any individual provisions of this DPA are determined to be invalid or unenforceable, the validity and enforceability of the other provisions of this DPA will not be affected. c. Limitation of Liability. Each party and each of their Affiliates' liability, taken in aggregate, arising out of or related to this DPA (and any other DPAs between the parties) and the Standard Contractual Clauses (where applicable), whether in contract, tort or under any other theory of liability, will be subject to the limitations and exclusions of liability set out in the 'Limitation of Liability' section of the General Terms and any reference in such section to the liability of a party means aggregate liability of that party and all of its Affiliates under the Agreement (including this DPA). For the avoidance of doubt, if Ascendo.AI, Inc. is not a party to the Agreement, the ‘Limitation of Liability’ section of the General Terms will apply as between you and Ascendo.AI, Inc., and in such respect, any references to ‘Ascendo.AI’, ‘we’, ‘us’ or ‘our’ will include both Ascendo.AI, Inc. and the Ascendo.AI entity that is a party to the Agreement. In no event will either party's liability be limited with respect to any individual's data protection rights under this DPA (including the Standard Contractual Clauses) or otherwise. d. Governing Law. This DPA will be governed by and construed in accordance with the ‘Contracting Entity; ‘Applicable Law; Notice' sections of the Jurisdiction Specific Terms, unless required otherwise by Data Protection Laws. 11. Parties to this DPA a. Permitted Affiliates . By signing the Agreement, you enter into this DPA (including, where applicable, the Standard Contractual Clauses) on behalf of yourself and in the name and on behalf of your Permitted Affiliates. For the purposes of this DPA only, and except where indicated otherwise, the terms “Customer”, “you” and “your” will include you and such Permitted Affiliates. b. Authorization. The legal entity agreeing to this DPA as Customer represents that it is authorized to agree to and enter into this DPA for and on behalf of itself and, as applicable, each of its Permitted Affiliates. c. Remedies. The parties agree that (i) solely the Customer entity that is the contracting party to the Agreement will exercise any right or seek any remedy any Permitted Affiliate may have under this DPA on behalf of its Affiliates, and (ii) the Customer entity that is the contracting party to the Agreement will exercise any such rights under this DPA not separately for each Permitted Affiliate individually but in a combined manner for itself and all of its Permitted Affiliates together. The Customer entity that is the contracting entity is responsible for coordinating all Instructions, authorizations, and communications with us under the DPA and will be entitled to make and receive any communications related to this DPA on behalf of its Permitted Affiliates. d. Other rights. The parties agree that you will, when reviewing our compliance with this DPA pursuant to the ‘Demonstration of Compliance’ section, take all reasonable measures to limit any impact on us and our Affiliates by combining several audit requests carried out on behalf of the Customer entity that is the contracting party to the Agreement and all of its Permitted Affiliates in one single audit. Annex 1 - Details of Processing A. List of Parties Data Exporter: Name: The Customer, as defined in the Ascendo.AI Customer Terms of Service (on behalf of itself and Permitted Affiliates) Address: The Customer's address, as set out in the Order Form Contact person’s name, position, and contact details: The Customer's contact details, as set out in the Order Form and/or as set out in the Customer’s Ascendo.AI Account Activities relevant to the data transferred under these Clauses: Processing of Personal Data in connection with Customer's use of the Ascendo.AI Subscription Services under the Ascendo.AI Customer Terms of Service Role (controller/processor): Controller Data Importer: Name: Ascendo.AI, Inc. Address: 228 Hamilton Avenue, Floor 3, Palo Alto, CA 94301 USA Contact person’s name, position, and contact details: Ramki PitchuIyer, CPO, Ascendo.AI, Inc., 228 Hamilton Avenue, Floor 3, Palo Alto, CA 94301USA Activities relevant to the data transferred under these Clauses: Processing of Personal Data in connection with Customer's use of the Ascendo.AI Subscription Services under the Ascendo.AI Customer Terms of Service Role (controller/processor): Processor B. Description of Transfer Categories of Data Subjects whose Personal Data is Transferred You may submit Personal Data in the course of using the Subscription Service, the extent of which is determined and controlled by you in your sole discretion, and which may include, but is not limited to Personal Data relating to the following categories of Data Subjects: Your Contacts and other end users including your employees, contractors, collaborators, customers, prospects, suppliers and subcontractors. Data Subjects may also include individuals attempting to communicate with or transfer Personal Data to your end users. Categories of Personal Data Transferred You may submit Personal Data to the Subscription Services, the extent of which is determined and controlled by you in your sole discretion, and which may include but is not limited to the following categories of Personal Data: 1. Contact Information (as defined in the General Terms ). 2. Any other Personal Data submitted by, sent to, or received by you, or your end users, via the Subscription Service. Sensitive Data transferred and applied restrictions or safeguards The parties do not anticipate the transfer of sensitive data. Frequency of the transfer Continuous Nature of the Processing Personal Data will be Processed in accordance with the Agreement (including this DPA) and may be subject to the following Processing activities: 1. Storage and other Processing necessary to provide, maintain and improve the Subscription Services provided to you; and/or 2. Disclosure in accordance with the Agreement (including this DPA) and/or as compelled by applicable laws. Purpose of the transfer and further processing We will Process Personal Data as necessary to provide the Subscription Services pursuant to the Agreement, as further specified in the Order Form, and as further instructed by you in your use of the Subscription Services. Period for which Personal Data will be retained Subject to the 'Deletion or Return of Personal Data' section of this DPA, we will Process Personal Data for the duration of the Agreement, unless otherwise agreed in writing. C. Competent Supervisory Authority For the purposes of the Standard Contractual Clauses, the supervisory authority that will act as competent supervisory authority will be determined in accordance with ⁠GDPR . Annex 2 - Security Measures We are currently observing the Security Measures described in Annex 2. All capitalized terms not otherwise defined herein will have meanings as set forth in the General Terms. For more information on these security measures, please refer to Ascendo.AI SOC 2 Type II Report. a) Access Control i) Preventing Unauthorized Product Access Outsourced processing: We host our Service with outsourced cloud infrastructure providers. Additionally, we maintain contractual relationships with vendors in order to provide the Service in accordance with our DPA. We rely on contractual agreements, privacy policies, and vendor compliance programs in order to protect data processed or stored by these vendors. Physical and environmental security: We host our product infrastructure with multi-tenant, outsourced infrastructure providers. We do not own or maintain hardware located at the outsourced infrastructure providers’ data centers. Production servers and client-facing applications are logically and physically secured from our internal corporate information systems. The physical and environmental security controls are audited for SOC 2 Type II, among other certifications. Authentication: We implement a uniform password policy for our customer products. Customers who interact with the products via the user interface must authenticate before accessing non-public customer data. Authorization: Customer Data is stored in multi-tenant storage systems accessible to Customers via only application user interfaces and application programming interfaces. Customers are not allowed direct access to the underlying application infrastructure. The authorization model in each of our products is designed to ensure that only the appropriately assigned individuals can access relevant features, views, and customization options. Authorization to data sets is performed through validating the user’s permissions against the attributes associated with each data set. Application Programming Interface (API) access: Public product APIs may be accessed using an API key or through Oauth authorization. ii) Preventing Unauthorized Product Use We implement industry-standard access controls and detection capabilities for the internal networks that support its products. Access controls: Network access control mechanisms are designed to prevent network traffic using unauthorized protocols from reaching the product infrastructure. The technical measures implemented differ between infrastructure providers and include Virtual Private Cloud (VPC) implementations, security group assignments, and traditional firewall rules. Intrusion detection and prevention: We implement a Web Application Firewall (WAF) solution to protect hosted customer websites and other internet-accessible applications. The WAF is designed to identify and prevent attacks against publicly available network services. Static code analysis: Code stored in our source code repositories is checked for best practices and identifiable software flaws using automated tooling. Penetration testing: We maintain relationships with industry-recognized penetration testing service providers for penetration testing of Ascendo.AI web application at least annually. The intent of these penetration tests is to identify security vulnerabilities and mitigate the risk and business impact they pose to the in-scope systems. Bug bounty: A bug bounty program invites and incentivizes independent security researchers to ethically discover and disclose security flaws. We implement a bug bounty program in an effort to widen the available opportunities to engage with the security community and improve the product defenses against sophisticated attacks. iii) Limitations of Privilege & Authorization Requirements Product access: A subset of our employees have access to the products and to customer data via controlled interfaces. The intent of providing access to a subset of employees is to provide effective customer support, product development, and research, to troubleshoot potential problems, to detect and respond to security incidents, and implement data security. Access is enabled through “just in time” (JITA) requests for access; all such requests are logged. Employees are granted access by role, and reviews of high-risk privilege grants are initiated daily. Administrative or high-risk access permissions are reviewed at least once every six months. Background checks: Where permitted by applicable law, Ascendo.AI employees undergo third-party background or reference checks. In the United States, employment offers are contingent upon the results of a third-party background check. All Ascendo.AI employees are required to conduct themselves in a manner consistent with company guidelines, non-disclosure requirements, and ethical standards. b) Transmission Control In-transit: We require HTTPS encryption (also referred to as SSL or TLS) on all login interfaces and for free on every customer site hosted on the Ascendo.AI products. Our HTTPS implementation uses industry-standard algorithms and certificates. At-rest: We store user passwords following policies that follow industry standard practices for security. We have implemented technologies to ensure that stored data is encrypted at rest. c) Input Control Detection: We designed our infrastructure to log extensive information about the system behavior, traffic received, system authentication, and other application requests. Internal systems aggregate log data and alert appropriate employees of malicious, unintended, or anomalous activities. Our personnel, including security, operations, and support personnel, are responsive to known incidents. Response and tracking: We maintain a record of known security incidents that includes description, dates and times of relevant activities, and incident disposition. Suspected and confirmed security incidents are investigated by security, operations, or support personnel; and appropriate resolution steps are identified and documented. For any confirmed incidents, we will take appropriate steps to minimize product and Customer damage or unauthorized disclosure. Notification to you will be in accordance with the terms of the Agreement. d) Availability Control Infrastructure Availability: The infrastructure providers use commercially reasonable efforts to ensure a minimum of 99.95% uptime. The providers maintain a minimum of N+1 redundancy to power, network, and heating, ventilation, and air conditioning (HVAC) services. Fault Tolerance: Backup and replication strategies are designed to ensure redundancy and fail-over protections during a significant processing failure. Customer data is backed up to multiple durable data stores and replicated across multiple availability zones. Online Replicas And Backups: Where feasible, production databases are designed to replicate data between no less than 1 primary and 1 secondary database. All databases are backed up and maintained using at least industry-standard methods. Disaster Recovery Plans: We maintain and regularly test disaster recovery plans to help ensure the availability of information following interruption to, or failure of, critical business processes. Our products are designed to ensure redundancy and seamless failover. The server instances that support the products are also architected with a goal of preventing single points of failure. This design assists our operations in maintaining and updating the product applications and backend while limiting downtime. Annex 3 - Sub-Processors To help Ascendo.AI deliver the Subscription Service, we engage Sub-Processors to assist with our data processing activities. A list of our Sub-Processors and our purpose for engaging them is located on our Ascendo.AI Sub-Processors Page available at https://www.ascendo.ai/subprocessor, which is incorporated into this DPA. Data Processing Agreement Last Updated: June 2, 2023 Ready to learn more? Contact Us For Security Questions Contact - ascendoinfosec@ascendo.ai

Interested in joining Go To Market with us. Drop us a line! Want to Become partner with us? OEM Partners 01 Add Ascendo's technology to your product to create a better solution for your customers. Distributor or Reseller Partner 02 Promote or sell Ascendo's technology in a certain region or market. Add Ascendo's technology to the solutions you implement for your clients. 03 System Integrator Partner Referral Partner 04 Help to find new places to implement Ascendo's technology Tech Partners We have connectors to over 400+ systems across Knowledge bases, Ticketing, Bug Tracking, Alerting, Monitoring, Chat Provisions, Portals and RPA. Integration Partners We have connectors to over 400+ systems across Knowledge bases, Ticketing, Bug Tracking, Alerting, Monitoring, Chat Provisions, Portals and RPA. READY FOR PROACTIVE SUPPORT? Connect Now First Name Last Name Email Submit Thanks for submitting!

Boost Customer Engagement with AI Support! Join Ascendo's Podcast Dialogue with Customer Support Experts. Learn from Industry Leaders on AI-powered CX & Automation. Where Experience speaks Dialogue About E xperience D ialogue! In these interactions, we pick a hard topic that doesn’t have really a straightforward answer. We then bring in speakers who have been there, and seen this but approached it in very different ways. This is a space for healthy disagreements and discussions but in a respectful way. Just by the nature of how we have conceived this, you will see passionate voices of opinions, friends having a dialogue and thereby even interrupting each other or finishing each other’s sentences. Our Mission "At the end of each dialogue, we want you and our audience to leave with valuable insights and approaches that you can try at your workplace- and continue the discourse in our slack channels! " 11 LinkedIn groups 5 Slack Channels Continuous Engagement 4818 members in leadership Our Support Community Total audience of 330K READY FOR PROACTIVE SUPPORT? Connect Now First Name Last Name Email Submit Thanks for submitting! GPT (Generative Pre-trained Transformer) prompts and associated best-knowledgeable posts. Dated : 19th Jan 2023 Duration : 35 Minutes Turning customer service into profit center Read Summary There is excitement on many tech and business channels on ChatGPT from Open.AI. Dated : 20 December 2022 Duration : 24 Minutes ChatGPT and the future of Customer Support Read Summary “Support today reacts to external metrics rather than proactively creating and using data” Dated : 1st December 2022 Duration : 48 Minutes Using proactive metrics for support operations Read Summary Learn how to use everyday interactions , to automate creating knowledge, and spreading knowledge to help colleagues and serve customers efficiently. Utilize knowledge objects in Salesforce to be able to bring value to Slack. Dated : 10th November 2022 Duration : 16 Minutes Automation Dreamin' 2022 Knowledge Intelligence with Salesforce and Slack. Read Summary In these interactions, we pick a hard topic that doesn’t really have a straightforward answer. We then bring in speakers who have been there, seen this but approached it in very different ways. Dated : 27th October 2022 Duration : 30 Minutes Using AI to Drive Service Improvements Read Summary Essential for any business in discovering markets and developing products. Dated : 11th August 2022 Duration : 54 Minutes The voice of the customer in discovering markets, developing products Read Summary A series of tasks can be delegated to a group of users at different measures Dated : 28th June 2022 Duration : 32 Minutes Customer Playbooks: When is it useful and how to create one that evolves? Read Summary Facilitates the ability to keep customers satisfied and to retain them. Dated : 10th June 2022 Duration : 30 Minutes Deepdive Voice of the Customer Playbook Read Summary Whether it is a small or a larger organization, diverse talent or hiring should be important for real growth. Dated : 7th April 2022 Duration : 57 Minutes How to Attract and Hire Diverse Talent? Read Summary An organization that sees its customer service department as a cost center is ignoring a significant opportunity to increase customer loyalty and lifetime value. Dated : 10th March 2022 Duration : 42 Minutes Growth Through Support Dialogue Read Summary The pandemic has taught us innovative ways to connect with key customers more than ever before. Dated : 5th May 2022 Duration : 61 Minutes Strategies to manage difficult situations with key customers Read Summary Does your client portfolio include international customers or do you expect it to in the future? Dated : 25th May 2022 Duration : 25 Minutes Cultural changes that we see within CX in the African continent Read Summary

Modern Customer Support with Ascendo AI. Self-Service & AI match "Right Agent-Right Issue-Right Time" with Generative AI Service CRM. Know the Expert Right agent - Right issue - Right time Sign up for free 5/5 Ratings SOC 2 certified No credit card required I I Modern Problems Modern Solution When an agent Prior to the “remote” workforce model, many agents were collocated and had the luxury to “swing” their chair and talk to their colleague to get help. There is an inherent challenge in that Agent “supposed to know who to go to for help”. With increased remote workforce that has become a bit harder. Also, knowing the expert has become a unique trait of Agents rather than a corporate knowledge. Even in a colocation scenario, Agents tend to ask their neighbour like “hey, do you know the answer for this?” and not necessarily the true expert that might know the answer in the back of their hand. This is where Ascendo comes into help. Ascendo has a way to automatically identify the “experts” based on how prior similar issues are solved, how many and how effective they were. Ascendo uses its own unique modeling technique to derive the expert by first understanding the context in which the question is being asked, knowing the intent, and quickly maps the issues that were similar to being asked, and detects the experts based on how well they solved the issues. Ascendo knows the difference between quantity and quality. The modeling technique uses the customer satisfaction on the prior solutions to improve the ability to determine the expert. Know who to call for help Ascendo uses the context and intent behind the question, and uses self learning model to find the expert that can answer the question - inference is based on the product, question, depth of knowledge, customer satisfaction and solution effectiveness. No more hard coding. Make your expert virtually available at all times and on all channels. 01 Product based Inference Ascendo models know who the expert is for a particular product or even an area of the product. 02 Question Expert is defined by the type of issue that is being raised. This enables the right person to handle the right request at the right time. 03 Depth of Knowledge Ascendo models provide not just the right solution, but includes several parameters, eg., recency of it being used to solve the issue. 04 Customer Satisfaction Satisfaction derived by the customer is not just in the right solution but also the way it is presented to them. 05 Solution Effectiveness A solution effectiveness is measured by follow-on actions by the customer. Did they come back with the same issue again? Was there a follow up in the ticket? Ready to learn more? Contact Us Auto Identifies the experts Experts are identified based on how many similar issues they solved before and how well they solved based on the customer experience. The learning is automatic and autonomous. Remote, Hybrid, Co-located - No Problem Irrespective of the staffing model whether in-sourced, outsourced, colocated, fully remote or hybrid, Ascendo removes the guess work of an agent “knowing who to go for help to the real experts.

AI-powered Support Solutions by Ascendo AI. Automate & optimize your contact center with Generative AI Service CRM. Contact us today! Ready to automate Support Operations? Ascendo helps companies provide stellar customer support No credit card required I 5/5 Ratings I SOC 2 certified Contact Us First name Last name Business Email* Phone number Submit Why Ascendo? The one solution for all Support Operations Ascendo combines automation, intelligence, prediction tools and insights for support leaders, agents and end customers. Make your support proactive today! Chris Dickerson VP Service Planning and Logistics Optimized Inventory, Improved SLA We are able to achieve a 95% SLA with hardly any firefighting. We proactively manage and optimize the inventory of 5,000 unique spare parts across 300 depots. Payam Karbassi Global Service Segment Leader MUST HAVE solution for customer support Easy to setup and configure. The game-plan for remote as well as field support prediction results are right-on. Ascendo AI provides excellent support for initial setup and on-going collaboration. We needed an advanced tool to realize labor and material cost savings while maintaining enhanced experience for customers and partners. We are on the path to realize improved benefits across our product portfolio. Kevin Yang Senior Data Scientist Superb models that provides results With Ascendo AI, we are able to enhance patient experience and predict outcomes. The tool also calls out Top trending issues from all of the Voice of the Customer interactions to provide Product Feedback. Ascendo AI helps us to predict patient churn so we can proactively address to improve patient treatment and therapy. Being proactive will enable us to stay as a market leader. Viktor Kehayov VP, Product Engineering SAP FSM Leveraging Enterprise Data: Our SAP FSM with Ascendo AI Our SAP AI-driven FSM solution, alongside partner offering Ascendo AI, is well-equipped for finding reliable solutions using existing data in SAP and other knowledge content. Brenda Guardado Senior Director Customer Success Innovative product offerings and amazing support The Ascendo AI team is extremely pleasant to work with. They are responsive, they show they truly care about your experience with their product, and were quick to iterate on any feedback provided. Ascendo AI has an amazing product offering that integrates well with shared Slack channels and empowers our team to seamlessly support customers effectively and accurately. Cedric Prevost Service Delivery and Infrastructure Leader for Life Care Solution Must have solution finder tool for Field Service Ascendo AI is extremely easy to add new products. We like the design and the easy of use in terms of getting the solutions to customer reported problems. Ascendo ai is helping to support Field engineers doing field and remote support. This is a very useful tool to support new hired field engineer less experience than the others. Alexandra Pham Senior Customer Success Manager Ascendo AI is a must have for CX! Ascendo AI made it so easy to bring Trending issues, Knowledge intelligence, Quality and Voice of the Customer across our support channels. We used Slack as a channel and Ascendo AI helps learn from the interactions. Automatically coming up with Trending issues that we can feed back to the Product team. It is like having Voice of the Customer in our back pockets. Brenda Bernal Vice President AI-Driven Solutions and Knowledge Creation Ascendo AI solves 88% of customer issues immediately and for the rest, guides us by helping to create knowledge. Atad Bronstein Director of Customer Success Transforming Knowledge Dynamics Anjuna’s Product Support team uses Ascendo AI to quickly assimilate knowledge and rapidly resolve new support requests across a variety of customer deployment environments. Our products are highly-technical and always-evolving, and Ascendo AI helped us achieve and even overachieve Support KPIs such as: reducing Time-To-Resolution and increasing the number of Resolution-In-First-Touch. John Heald Global VP, SAP CX SAP and Ascendo AI Partner to Enhance Customer Support Happy to celebrate this news about having Ascendo.ai on our SAP Store. Looking forward to working with them and our great customers, empowering resolution at every point and channel of service. Stacy McQuestion Sr. Logistics Analyst Absolute must for managing customer support SLA Ascendo AI is so easy to get a proactive measure of where we need to stock spare parts to address potential customer demand. We have very stringent and critical SLA requirements and Ascendo AI helps us to take proactive actions. Infinera products are used in mission-critical environments, and it is crucial to provide top-notch customer service while optimizing for cost. Ascendo AI helps us to do just that. Kiet Dam LCS Service VCP & Product Quality Leader Ascendo AI is transforming field service team delivery The tool is very initutive to use and navigate. The tool also constantly improves upon itself as additional data gets uploaded or as users give input. It gives our field team a great gameplan to resolve customer issues based on previous service records. We are trying to improve labor and parts efficiencies along with reducing customer downtime. We have realized labor and material savings year over year. Deovrat Vibhandik Lead Engineer Service Engineering Best Predictor tool for support and troubleshooting for Field Engineers Easy interface that provides the best solution along with guidance on root cause and solution areas. We can also get the best technician to provide guidance on the fix. Ease of troubleshooting and clear gameplan for our field engineers to solve customer issues. We are getting benefits on both labor and material cost. Matt Mitchell Technical Support Principal Engineer From Reactive to Proactive: Ascendo AI Revolutionized Support Ascendo AI has transformed the battleground of technical support, turning what was once a two-week reactive struggle into a one-day proactive plan, ensuring the right solutions (activity and part) are in place before they're needed. Ahmad Azlan Isa Country Senior Engineer Search Resolution Feedback Ascendo AI is helping resolve GE customer devices and systems problems. I appreciate the search engine, which organizes products into distinct groups. Chandrasekar Elongovan Senior Quality Manager Technical Service APAC Deeper insights on the field usage of our equipment We have complex medical devices and we perform varying types of preventative maintenance (PM). Ascendo AI brought out the insights into the cause and effect of such PMs and the trending issues using inference models. These insights are helping us to make proactive steps in the way we provide services. With the recommendation from Ascendo AI we are able to proactively determine PM offerings. James Fitts Director of Service Planning Perfect Solution for Reverse Logistics Spare parts Support Ascendo was Flexible to support our unique business needs. We are able to address our SLA requirements proactively resulting in enhanced Customer Satisfaction and Less Escalation. We are able to predict how much parts we need, where we need it, in time to meet our SLA. With our current Supply Chain Constraints, Planning moves to the forefront of our customer experience. Amitkumar Parihar Customer Success Manager Easy to use and clear prediction results. It is user friendly Easy to connect with CRM data. We can add knowledge enrichment at any point of time. Ascendo AI self learning engine provides best results for customer support team. We introduced new products and also support legacy products, it is so much easier to use Ascendo for new users to ramp up with products. Using Ascendo AI is like Google search for customer support. Amy Waranauskas Service Product Line Manager Easy to use reliable platform with a robust roadmap Ascendo AI has collaboratively worked with us, meeting with us every week to discuss status and collaborate on new ideas. The use case I am involved in is a spares planning application including predictive algorithms. The Ascendo AI application has contributed to significant improvements in SLA compliance for these services. Industry leaders soar with Ascendo.AI it’s your turn to elevate with AI and communications. Testimonials Chris Dickerson VP Service Planning and Logistics Optimized Inventory, Improved SLA We are able to achieve a 95% SLA with hardly any firefighting. We proactively manage and optimize the inventory of 5,000 unique spare parts across 300 depots. Payam Karbassi Global Service Segment Leader MUST HAVE solution for customer support Easy to setup and configure. The game-plan for remote as well as field support prediction results are right-on. Ascendo AI provides excellent support for initial setup and on-going collaboration. We needed an advanced tool to realize labor and material cost savings while maintaining enhanced experience for customers and partners. We are on the path to realize improved benefits across our product portfolio. Kevin Yang Senior Data Scientist Superb models that provides results With Ascendo AI, we are able to enhance patient experience and predict outcomes. The tool also calls out Top trending issues from all of the Voice of the Customer interactions to provide Product Feedback. Ascendo AI helps us to predict patient churn so we can proactively address to improve patient treatment and therapy. Being proactive will enable us to stay as a market leader. Viktor Kehayov VP, Product Engineering SAP FSM Leveraging Enterprise Data: Our SAP FSM with Ascendo AI Our SAP AI-driven FSM solution, alongside partner offering Ascendo AI, is well-equipped for finding reliable solutions using existing data in SAP and other knowledge content. Brenda Guardado Senior Director Customer Success Innovative product offerings and amazing support The Ascendo AI team is extremely pleasant to work with. They are responsive, they show they truly care about your experience with their product, and were quick to iterate on any feedback provided. Ascendo AI has an amazing product offering that integrates well with shared Slack channels and empowers our team to seamlessly support customers effectively and accurately. Cedric Prevost Service Delivery and Infrastructure Leader for Life Care Solution Must have solution finder tool for Field Service Ascendo AI is extremely easy to add new products. We like the design and the easy of use in terms of getting the solutions to customer reported problems. Ascendo ai is helping to support Field engineers doing field and remote support. This is a very useful tool to support new hired field engineer less experience than the others. Alexandra Pham Senior Customer Success Manager Ascendo AI is a must have for CX! Ascendo AI made it so easy to bring Trending issues, Knowledge intelligence, Quality and Voice of the Customer across our support channels. We used Slack as a channel and Ascendo AI helps learn from the interactions. Automatically coming up with Trending issues that we can feed back to the Product team. It is like having Voice of the Customer in our back pockets. Brenda Bernal Vice President AI-Driven Solutions and Knowledge Creation Ascendo AI solves 88% of customer issues immediately and for the rest, guides us by helping to create knowledge. Atad Bronstein Director of Customer Success Transforming Knowledge Dynamics Anjuna’s Product Support team uses Ascendo AI to quickly assimilate knowledge and rapidly resolve new support requests across a variety of customer deployment environments. Our products are highly-technical and always-evolving, and Ascendo AI helped us achieve and even overachieve Support KPIs such as: reducing Time-To-Resolution and increasing the number of Resolution-In-First-Touch. John Heald Global VP, SAP CX SAP and Ascendo AI Partner to Enhance Customer Support Happy to celebrate this news about having Ascendo.ai on our SAP Store. Looking forward to working with them and our great customers, empowering resolution at every point and channel of service. Stacy McQuestion Sr. Logistics Analyst Absolute must for managing customer support SLA Ascendo AI is so easy to get a proactive measure of where we need to stock spare parts to address potential customer demand. We have very stringent and critical SLA requirements and Ascendo AI helps us to take proactive actions. Infinera products are used in mission-critical environments, and it is crucial to provide top-notch customer service while optimizing for cost. Ascendo AI helps us to do just that. Kiet Dam LCS Service VCP & Product Quality Leader Ascendo AI is transforming field service team delivery The tool is very initutive to use and navigate. The tool also constantly improves upon itself as additional data gets uploaded or as users give input. It gives our field team a great gameplan to resolve customer issues based on previous service records. We are trying to improve labor and parts efficiencies along with reducing customer downtime. We have realized labor and material savings year over year. Deovrat Vibhandik Lead Engineer Service Engineering Best Predictor tool for support and troubleshooting for Field Engineers Easy interface that provides the best solution along with guidance on root cause and solution areas. We can also get the best technician to provide guidance on the fix. Ease of troubleshooting and clear gameplan for our field engineers to solve customer issues. We are getting benefits on both labor and material cost. Matt Mitchell Technical Support Principal Engineer From Reactive to Proactive: Ascendo AI Revolutionized Support Ascendo AI has transformed the battleground of technical support, turning what was once a two-week reactive struggle into a one-day proactive plan, ensuring the right solutions (activity and part) are in place before they're needed. Ahmad Azlan Isa Country Senior Engineer Search Resolution Feedback Ascendo AI is helping resolve GE customer devices and systems problems. I appreciate the search engine, which organizes products into distinct groups. Chandrasekar Elongovan Senior Quality Manager Technical Service APAC Deeper insights on the field usage of our equipment We have complex medical devices and we perform varying types of preventative maintenance (PM). Ascendo AI brought out the insights into the cause and effect of such PMs and the trending issues using inference models. These insights are helping us to make proactive steps in the way we provide services. With the recommendation from Ascendo AI we are able to proactively determine PM offerings. James Fitts Director of Service Planning Perfect Solution for Reverse Logistics Spare parts Support Ascendo was Flexible to support our unique business needs. We are able to address our SLA requirements proactively resulting in enhanced Customer Satisfaction and Less Escalation. We are able to predict how much parts we need, where we need it, in time to meet our SLA. With our current Supply Chain Constraints, Planning moves to the forefront of our customer experience. Amitkumar Parihar Customer Success Manager Easy to use and clear prediction results. It is user friendly Easy to connect with CRM data. We can add knowledge enrichment at any point of time. Ascendo AI self learning engine provides best results for customer support team. We introduced new products and also support legacy products, it is so much easier to use Ascendo for new users to ramp up with products. Using Ascendo AI is like Google search for customer support. Amy Waranauskas Service Product Line Manager Easy to use reliable platform with a robust roadmap Ascendo AI has collaboratively worked with us, meeting with us every week to discuss status and collaborate on new ideas. The use case I am involved in is a spares planning application including predictive algorithms. The Ascendo AI application has contributed to significant improvements in SLA compliance for these services. Optimized Inventory, Improved SLA Chris Dickerson We are able to achieve a 95% SLA with hardly any firefighting. We proactively manage and optimize the inventory of 5,000 unique spare parts across 300 depots. VP Service Planning and Logistics From Reactive to Proactive: Ascendo AI Revolutionized Support Matt Mitchell Ascendo AI has transformed the battleground of technical support, turning what was once a two-week reactive struggle into a one-day proactive plan, ensuring the right solutions (activity and part) are in place before they're needed. Principal Engineer MUST HAVE solution for customer support Payam Karbassi Easy to setup and configure. The game-plan for remote as well as field support prediction results are right-on. Ascendo AI provides excellent support for initial setup and on-going collaboration. We needed an advanced tool to realize labor and material cost savings while maintaining enhanced experience for customers and partners. We are on the path to realize improved benefits across our product portfolio. Global Service Segment Leader Trusted by Awards Awards & Achievements We rely on the power of data, and so can you. All G2 ratings "Easy interface that provides the best solution along with guidance on root cause and solution areas. We can also get the best technician to provide guidance on the fixReview collected by and hosted on G2.com." Deovrat Vibhandik Lead Engineer: Service Engineering Enterprise Start your journey towards Modern Support Operations Enter Your Email Subscribe Thanks for subscribing!