Brightloom Terms of Service

Last Updated: January 2024

These Terms of Service (the “Terms“) and any accompanying or future Order Form you enter into with SF2 GSW LLC, a Delaware limited liability company, dba Brightloom (“Brightloom” or “we“ or “us”) issued under these Terms (together with these Terms, the “Agreement“) govern your access to and use of the services provided to you by Brightloom (the “Brightloom Services“). As set forth in an Order Form (or as otherwise agreed to by Brightloom), the Brightloom Services may include one or more of the following:

(a) subscription software services (the “Platform Services“);

(b) subscription support services (“Support Services“);

(c) training services (the “Training Services“);

(d) professional services (the “Professional Services“); or

(e) any other services the parties agree in an Order Form that Brightloom will provide.

If you are acting on behalf of an entity, you represent and warrant that you are authorized to bind that entity to these Terms, in which case “Customer,” “you,” or “your” shall refer to that entity (otherwise, such terms refer to you as an individual). By accepting these Terms, either by executing these Terms separately or by executing an initial Order Form that indicates your acceptance of these Terms (an “Initial Order Form“), whether by signature or by clicking an “I Accept” button or checkbox, you agree in full to these Terms. If you do not have authority to bind your entity or do not agree with these Terms, you must not accept these Terms and may not use the Brightloom Services. The “Effective Date” of these Terms is set forth on the Initial Order Form.

1. Order Forms.

Order Forms for Brightloom Services shall identify: (i) specific Brightloom Services to be provided; (ii) Fees; (iii) any applicable limitations on number or type of Authorized Users; (iv) the service term or other timing considerations; and (v) any other applicable terms and conditions, including any limitations on permitted use that may differ from those set forth in these Terms (“Order Terms“).

2. Authorized Users. 

a. Authorized User Credentials. If we have agreed to provide you with Subscription Services, you may select Authorized Users to access and use the Subscription Services, subject to the restrictions set forth below. You must obtain separate credentials (user IDs and passwords) via the Subscription Services for each Authorized User (“Authorized User Credentials”). You will contact us promptly if: (a) any Authorized User’s credentials have been lost, stolen, or disclosed to an unauthorized person; (b) you reasonably believe that your access to Subscription Services has been compromised, including, any unauthorized access, use, or disclosure of Authorized User Credentials; or (c) any other breach of security in relation to its passwords, usernames, or other access information that may have occurred or is likely to occur.

b. Responsibilities for Authorized Users. You shall at all times be responsible for and expressly assume the risks associated with all use of the Subscription Services under an Authorized User’s account (including for the payment of Fees related to such use), whether such action was taken by an Authorized User or by another party, and whether or not such action was authorized by an Authorized User, provided that such action was not (1) taken by Brightloom or by a party acting under the direction of Brightloom or (2) an action by a third party that Brightloom should reasonably have prevented. This responsibility includes the security of each Authorized User’s credentials, and you shall not share (and shall instruct each Authorized User not to share) such credentials with any other person or entity, or otherwise permit any other person or entity to access or use the Subscription Services, except to the extent permitted in an Order Form.

3. Brightloom Services.

a. Subscription Services. Subject to your compliance (and your Authorized Users’ compliance) with the terms of this Agreement (including payment of any Fees as due under Section 8), Brightloom will provide you with the Subscription Services, and you (and your Authorized Users) may access and use the Subscription Services through a web browser, unless any other permitted use is set forth in an applicable Order Form. Brightloom reserves the right to improve or otherwise modify Brightloom Systems at any time subject to maintaining appropriate industry standards of practice relating to the provision and security of the Subscription Services, and provided that any such modification does not materially diminish the core functionality of the Subscription Services (e.g., customer profiling and segmentation for the purposes of targeted marketing, as applicable).

b. Onboarding Services, Training Services, and Professional Services. Terms regarding the delivery of Onboarding Services, Training Services, and Professional Services, if applicable, shall be set forth in an Order Form.

c. Beta Services. Brightloom may make Beta Services available to Customer. Customer may choose to try such Beta Services at its sole discretion. Beta Services are intended for evaluation purposes only and not for production use, are not supported, and may be subject to additional terms. Unless otherwise agreed by the parties, use of Beta Services expires on the date a version of the Beta Services becomes generally available without the applicable Beta Service designation. Brightloom may discontinue Beta Services at any time in its sole discretion and may never make them generally available.

d. Limited Liability — Beta Services. Beta Services are not considered Subscription Services under this Agreement, but all restrictions, reservation of rights, Customer’s obligations concerning the Subscription Services, and rights granted by Customer to Brightloom regarding Customer Data will apply equally to Customer’s use of Beta Services. Beta Services are provided “AS IS”, and Brightloom will have no liability for any harm or damage arising out of a Beta Service.

4. Intellectual Property

a. Ownership of the Brightloom Services. Except as expressly set forth in this Agreement, Brightloom retains all IP Rights and all other proprietary rights related to the Brightloom Services. You shall not delete or alter the copyright, trademark, or other proprietary rights notices or markings appearing within the Brightloom Services as delivered to you. You agree that the Brightloom Services are provided on a non-exclusive basis and that no transfer of ownership of IP Rights shall occur. You further acknowledge and agree that portions of the Brightloom Services, including but not limited to the source code and the specific design and structure of individual modules or programs, constitute or contain trade secrets and other IP Rights of Brightloom and its licensors.

b. Continuous Development. Customer acknowledges that Brightloom may continually develop, deliver and provide to Customer ongoing innovation to the Brightloom Services in the form of new features,

functionality, and efficiencies. Accordingly, Brightloom reserves the right to modify the Brightloom Services from time to time. Some modifications will be provided to Customer at no additional charge. Some modifications may not. In the event Brightloom adds additional functionality to a particular Brightloom Service, Brightloom may condition the implementation of such modifications on Customer’s payment of additional fees, provided that Customer may continue to use the version of the Brightloom Services that Brightloom previously provided to Customer (without such features) without paying additional fees, provided that Brightloom, in its sole discretion, may discontinue to provide that version with six (6) months’ notice to Customer.

c. Feedback. In the event that Customer elects, in connection with any of the Brightloom Services, to communicate any comments and suggestions for improvements, enhancement requests, or other feedback to the Brightloom Services, whether written or oral (collectively, “Feedback”), Brightloom, in its sole discretion, shall be entitled to use the Feedback without restriction. You are under no duty to provide Feedback, and such Feedback is not considered Customer Confidential Information. If you choose to offer Feedback to Brightloom, you hereby grant Brightloom a perpetual, irrevocable, non-exclusive, worldwide, fully-paid, sub-licensable, assignable license to incorporate into the Brightloom Services or otherwise use any Feedback Brightloom receives from you. You also irrevocably waive in favor of Brightloom any moral rights which you may have in such Feedback pursuant to applicable copyright law.

5. Customer Data.

a. Ownership of Customer Data. As between Brightloom and Customer, you exclusively own all rights, title, and interest in and to all Customer Data and Customer Results (collectively, “Customer Content”). During the Term and subject to the terms of this Agreement, you grant to Brightloom a license and right to host, access, process, display, copy, transmit, modify, create derivative works of and models, and otherwise use Customer Data solely to the extent necessary to: (a) fulfill its obligations to you under this Agreement; (b) maintain, evaluate, secure, develop, or improve the applicable Subscriptions Services provided or used by you (e.g., develop and enhance the models and data science technology powering the Subscription Services); (c) invoice you the amounts due under this Agreement; and (d) respond to and resolve an Authorized User’s request for customer support. Nothing in this Agreement transfers or conveys to Brightloom any ownership interest in or to Customer Data, and Customer Data remains Customer’s property and Confidential Information.

b. End Customer Data. In connection with Brightloom performance of Subscription Services and Professional Services, Brightloom may collect data from Customer’s customers as a result of Customer’s use of Brightloom Services (“End Customer Data”). Customer acknowledges that such End Customer Data may include non-personal information and Personal Data of Customer’s customers as well as data relating to interactions with Customer’s customers, including emails, SMS/MMS, communications through websites and transactions, and similar communications (“End Customer Interactions”). Brightloom will not retain, use or disclose such End Customer Data for any purpose other than to provide Brightloom Services to Customer, to improve the Services generally, or as otherwise directed by Customer, provided, however, that Brightloom may create and derive from Processing related to the Brightloom Services anonymized and/or aggregated data to develop or improve Brightloom Services (e.g., develop and enhance the models and data science technology powering the Subscription Services). Except as expressly provided herein or as directed by Customer, no End Customer Data or End Customer Interactions data will be disclosed to any third party.

c. Permission. You represent and warrant to Brightloom that your use of Brightloom Services shall comply with all applicable Laws, including without limitation any Applicable Data Protection Laws, and that, without limiting the foregoing, Customer Data shall not contain:

i. any data for which you do not have all rights, power and authority necessary for its collection, use and Processing as contemplated by this Agreement;

ii. any data with respect to which your use and provision to Brightloom pursuant to this

Agreement would breach any agreement between you and any third party; or

iii. any data with respect to which its usage as contemplated herein would violate any applicable Laws, including without limitation any Applicable Data Protection Laws.

6. Customer Obligations.

a. Use Restrictions. You shall not (and shall not permit your Authorized Users to):

i. violate the Acceptable Use Policy set forth in Exhibit A;

ii. copy, modify, disassemble, decompile, reverse engineer, or attempt to view or discover the

source code of the Brightloom Services, in whole or in part, or permit or authorize a third party to do so, except to the extent such activities are expressly permitted by this Agreement or by

law notwithstanding this prohibition;

iii. sell, resell, license, sublicense, distribute, rent, lease, or otherwise provide access to the

Brightloom Services to any third party except to the extent explicitly authorized in writing

by Brightloom;

iv. use the Brightloom Services to develop or offer a service made available to any third party that could reasonably be seen to serve as a substitute for such third party’s possible subscription

to any Brightloom product or service; or

v. transfer or assign any of your rights hereunder except as permitted under Section 15(e).

b. Unsolicited Email / SPAM Restrictions. You shall not (and shall not permit your Authorized Users to) directly or indirectly send, transmit, distribute, or deliver as part of your use of Brightloom Services:

i. unsolicited bulk email (“spam” or “spamming”) or any emails to persons who have not

consented to the receipt of such emails by providing their email address in a manner

from which consent to receive email may be reasonably implied;

ii. email to an address obtained via Internet harvesting or other surreptitious methods (e.g.,

scraping, renting, purchased list, co-registration, affiliate marketing, incomplete or old lists; or

email appending or any practice that involves taking Customer Data (name, address, etc.)

and matching it against a third-party vendor’s database to obtain email addresses); or

iii. email that generates abuse / spam complaints or spam trap hits resulting in IP/Domain block listing or other deliverability issues that could have material impact on Brightloom or your


c. Opt-Out Provisioning: You must ensure all commercial emails sent as part of your use of Brightloom Services include a provision for recipients to “opt-out” or revoke permission of receiving any future messages from you. To that end, you agree:

i. to use the unsubscribe tools provided by Brightloom, as applicable; or

ii. to provide to Brightloom (and keep Brightloom updated with) Customer’s opt-out link for use with Brightloom Services; or

iii. to have procedures in place to allow a recipient to easily opt-out, such as: (A) a clear appended link for recipients to easily opt-out of receiving future messages, or (B) instructions to reply

with the word “Remove” in the subject line; and

iv. unsubscribes should be removed without delay with no future messages being sent unless future permission is granted.

d. Customer Data Source Integration. You will comply with Applicable Data Protection Laws and use only secure methods, according to accepted industry standards, when transferring or otherwise making available Personal Data to Brightloom. You shall at all times be responsible for and expressly assume the risks associated with any actions related to providing the credentials that are used to enable the integration between your Customer Data Source and Brightloom Services, whether such action was taken by an Authorized User or by another party, and whether or not such action was authorized by an Authorized User, provided that such action was not (1) taken by Brightloom (or by a party acting under the direction of Brightloom) unless expressly directed by Customer or (2) an action by a third party that Brightloom should reasonably have prevented. Unless explicitly permitted on an Order Form, you shall not provide Brightloom with any (i) Personal Data, (ii) any cardholder data as defined under PCI-DSS, or (iii) health information regulated by HIPAA (or by any similar privacy Law governing the use of or access to health information) (collectively, “Protected Information”). If you have not entered into such a mutually executed Order Form with Brightloom that permits the transfer of such Protected Information, Brightloom will have no liability under this Agreement relating to such Protected Information, notwithstanding anything in this Agreement, PCI-DSS, HIPAA, Applicable Data Protection Laws, or any similar regulations or Laws to the contrary.

e. Customer Contact. In addition to the responsibilities set forth in Section 6, you are responsible for ensuring that Brightloom at all times has updated and accurate contact information for the appropriate person for Brightloom to notify regarding changes in Brightloom’s Acceptable Use Policy and/or data security issues relating to the Brightloom Services, with such contact information to be updated in each Order Form and any subsequent changes to be provided by email to (with “CGP Customer POC Change” in the subject).

7. Term.

a. Term. This Agreement shall become effective on the Effective Date and shall continue in full force and effect until terminated by either party pursuant to this Section 7.

b. Termination by Either Party. The Agreement may be terminated by either party by written notice (email is sufficient)1 (a) as provided on the most recent Order Form, (b) on thirty (30) days’ prior written notice by Brightloom that your use of Subscription Services is Inactive or (b) on thirty (30) days’ prior written notice that the other party is in material breach of the Agreement and the breaching party fails to cure the breach prior to the end of the notice period. If the Agreement terminates pursuant to the prior sentence due to Brightloom’s material breach, Brightloom will refund to you that portion of any prepayments related to Brightloom Services not yet provided. Either party can immediately terminate the Agreement if the other becomes insolvent, makes an assignment for the benefit of its creditors, has a receiver, examiner, or administrator of its undertaking or the whole or a substantial part of its assets appointed, or an order is made, or an effective resolution is passed, for its administration, examinership, receivership, liquidation, winding-up or other similar process, or has any distress, execution or other process levied or enforced against the whole or a substantial part of its assets (which is not discharged, paid out, withdrawn or removed within thirty (30) days), or is subject to any proceedings which are equivalent or substantially similar to any of the foregoing under any applicable jurisdiction, or ceases to conduct business or threatens to do so. 1To Brightloom: via

To Customer: via the last provided email of Customer’s Customer Contact per Section 6(e).

c. Suspension or Termination By Brightloom. Brightloom may temporarily suspend or terminate the Brightloom Services at any time (a) immediately without notice if Brightloom reasonably suspects that you have violated Section 2, Section 6, or Section 10(a-d) in a manner that may cause material harm or material risk of harm to Brightloom or to any other party, (b) upon ten (10) business days’ notice if Brightloom reasonably suspects that you have committed any other violation of Section 2, Section 6, or Section 10(a-d), or (c) if you fail to pay undisputed Fees after receiving notice that you are more than thirty (30) days delinquent in payment. Without limiting the generality of this Section, Brightloom shall have no liability for any damages, liabilities or losses as a result of any suspension, limitation or termination of your right to use the Brightloom Services pursuant to this Section 7(c).

d. Effects of Termination. Upon termination for any reason, all Customer Content, End Customer Data, and End Customer Interaction Data that is stored within the Subscription Services or other Brightloom Systems will be deleted within thirty (30) days, and both parties are required to purge all Confidential Information of the other party with certification of such action upon request by the other party. For clarity, Brightloom will not delete or revert back any changes to its models and data science technology powering the Subscriptions Services that resulted from the permitted user of Customer Data, End Customer Data, and End Customer Interaction data during the Term (but otherwise do not include any such data). All provisions of the Agreement that by their nature should survive termination shall so survive, including without limitation each party’s confidentiality obligations under Section 10.

8. Payment Terms.

a. Fees, Invoicing, and Payment. Brightloom will invoice all amounts payable for Brightloom Services under an applicable Order Form (“Fees”). Except as specifically set forth on such an Order Form: (a) all Fees owed to Brightloom are due and payable in U.S. Dollars and non-refundable; (b) invoiced payments will be due within thirty (30) days of the invoice; and (c) Brightloom shall be entitled to withhold performance and suspend or discontinue Brightloom Services until all (undisputed) amounts due are paid in full. If Customer is paying by credit card, electronic funds transfer / ACH, or eCheck: (a) Customer hereby irrevocably authorizes Brightloom to charge the credit card or other payment method provided for any such amounts when due; (b) amounts due will be automatically charged; (c) if Customer’s credit card is declined, Brightloom will attempt to reach out to Customer for a new payment method; and (d) if Customer’s credit card expires, Customer hereby gives Brightloom permission to submit the credit card charge with a later expiration date. If Brightloom fails to resolve an issue with Customer resulting from a credit card decline or expiration, Brightloom may terminate the account due to non-payment. All billing disputes must be emailed to within fourteen (14) days of delivery of the billing statement or invoice, and disputes not made within that time are waived by Customer. Late payments, including those resulting from credit card declines, will accrue interest at a rate of one and one-half percent (1.5%) per month, or the highest rate allowed by applicable law, whichever is lower. Customer will be liable for all costs of collection of undisputed overdue amounts including, without limitation, all court costs and attorneys’ fees Brightloom incurs.

b. Taxes. Fees are exclusive of all applicable sales, use, value-added and other taxes, and all applicable duties, tariffs, assessments, export and import fees, or other similar charges, and Customer will be responsible for payment of all such taxes (other than taxes based on Brightloom’s income), fees, duties, and charges and any related penalties and interest, arising from the payment of the Fees.

9. Data Protection.

Brightloom shall maintain appropriate administrative, physical, and technical safeguards designed to protect the security of Brightloom Services and Customer Data in accordance with the security provisions set forth in Exhibit B.

10. Confidentiality.

a. Confidential Information. During the Term of this Agreement, each party (the “Disclosing Party“) may provide the other party (the “Receiving Party“) with certain information regarding the Disclosing Party’s business, technology, products, or services, or other confidential or proprietary information (collectively, “Confidential Information“) in whatever form (written, oral or visual) that is furnished or made available to the Receiving Party by or on behalf of the Disclosing Party that (a) if in tangible form, the Disclosing Party has labeled in writing as proprietary or confidential, (b) if in oral or visual form, the Disclosing Party has identified as proprietary or confidential at the time of disclosure, or (c) under the circumstances, a person exercising reasonable business judgment would understand to be confidential or proprietary. Without limiting the foregoing, all Customer Data is considered to be Customer’s Confidential Information, all non public elements of the Brightloom Services considered to be Brightloom’s Confidential Information, and the terms of this Agreement, any information that either party derives relating to the conduct or performance of the other party’s personnel, services or systems, and any information that either party conveys to the other party concerning data security measures, incidents, or findings constitute Confidential Information of both parties.

b. Protection of Confidential Information. The Receiving Party agrees that it will not use or disclose to any third party any Confidential Information of the Disclosing Party, except for exercising its rights and performing its obligations under this Agreement. The Receiving Party will limit access to the Confidential Information to its employees and contractors who have a need to know, who have confidentiality obligations no less restrictive than those set forth herein, and who have been informed of the confidential nature of such information. In addition, the Receiving Party will protect the Disclosing Party’s Confidential Information from unauthorized use, access, or disclosure in the same manner that it protects its own proprietary information of a similar nature, but in no event with less than reasonable care. At the Disclosing Party’s request or upon termination of this Agreement, the Receiving Party will return to the Disclosing Party or destroy (or permanently erase in the case of electronic files) all copies of the Confidential Information that the Receiving Party does not have a continuing right to use under this Agreement, and, upon request, the Receiving Party shall provide to the Disclosing Party written notice certifying compliance with this sentence, unless prohibited by applicable law.

c. Exceptions. The confidentiality obligations set forth in this section will not apply to any information that: (a) is or becomes publicly known through no fault of the Receiving Party; (b) is, when it is supplied, already known to whoever it is disclosed to in circumstances in which they are not prevented from disclosing it to others; (c) is independently obtained by whoever it is disclosed to in circumstances in which they are not prevented from disclosing it to others; or (d) was independently developed by the Receiving Party without use of or reference to the Confidential Information. In addition, the Receiving Party may disclose Confidential Information to the extent that such disclosure is necessary for the Receiving Party to enforce its rights under this Agreement or is required by law or by the order of a court or similar judicial or administrative body, provided that the Receiving Party promptly notifies the Disclosing Party in writing of such required disclosure and cooperates with the Disclosing Party if the Disclosing Party seeks an appropriate protective order.

11. Warranties, Disclaimer, and Remedy.

a. Warranties. Brightloom warrants that during the term of the Agreement it will employ appropriate industry standards of practice: (i) to ensure that its provision of the Brightlooms Services under the Agreement will not infringe any third-party IP Rights; and (ii) designed to meet its confidentiality and other obligations under the Agreement.





12. Indemnification.

a. Indemnification by Brightloom. Subject to Section 12(e) (Conditions of Indemnification), Brightloom will defend Customer against any claim, demand, suit or proceeding made or brought against Customer by a third party (a “Claim Against Customer”) alleging that the Brightloom Services as provided to Customer infringes or misappropriates such party’s IP Rights (an “IP Claim”), and will indemnify Customer from and against any damages, attorney fees and costs finally awarded against Customer as a result of, or for amounts paid by Customer under a settlement approved by Brightloom in writing of, a Claim Against Customer. Notwithstanding the foregoing, Brightloom will have no liability for any infringement or misappropriation claim of any kind if such claim arises from: (i) the combination, operation or use of the Brightloom Services with equipment, devices, software or data (including without limitation your Confidential Information) not supplied by Brightloom, if a claim would not have occurred but for such combination, operation or use; or (ii) your or an Authorized User’s use of the Brightloom Services other than in accordance with the Agreement.

b. Alleged Infringement or Illegality. If Brightloom receives information about an infringement or misappropriation claim related to a Brightloom Service or otherwise becomes aware of a claim that the

provision of any of the Brightloom Services is unlawful in a particular territory, then Brightloom may at its sole option and expense: (i) replace or modify the applicable Brightloom Services to make them non infringing and of substantially equivalent functionality; (ii) procure for you the right to continue using the Brightloom Services under the terms of the Agreement; or (iii) if Brightloom is unable to accomplish either (i) or (ii) despite using its reasonable efforts, terminate your rights and Brightloom’s obligations under the Agreement with respect to such Brightloom Services and refund to you any Fees prepaid by you to Brightloom for Brightloom Services not yet provided.

c. Indemnification by Customer. Subject to Section 12(e) (Conditions of Indemnification), Customer will defend Brightloom and each of its officers, employees, directors, and agents (each, a “Brightloom Indemnitee”) against any claim, demand, suit or proceeding made or brought against a Brightloom Indemnitee by a third party (a “Claim Against Brightloom”) arising from or related to Customer’s use of the Brightloom Services in violation of any applicable laws or the Agreement and will indemnify each Brightloom Indemnitee from and against any damages, attorney fees and costs finally awarded against a Brightloom Indemnitee as a result of, or for amounts paid by a Brightloom Indemnitee under a settlement approved by Customer in writing of, a Claim Against Brightloom.

d. Sole Remedy for Infringement of IP Rights. SUBJECT TO SECTION 12(e) (CONDITIONS OF


e. Conditions of Indemnification. The indemnifying party’s obligations as set forth above are expressly

conditioned upon each of the foregoing: (a) the indemnified party shall promptly notify the indemnifying party in writing of any threatened or actual claim or suit; (b) the indemnifying party shall have sole control of the defense or settlement of any claim or suit; and (c) the indemnified party shall cooperate with the indemnifying party to facilitate the settlement or defense of any claim or suit.

13. Limitation of Liability.


14. Export.

Customer agrees not to export, re-export, or transfer, directly or indirectly, any U.S. technical data acquired from Brightloom, or any products utilizing such data, in violation of the United States export laws or regulations.

15. General.

a. Governing law and Venue. This Agreement and any action related thereto will be governed and interpreted by and under the laws of the State of New York, without giving effect to any conflicts of laws principles that require the application of the law of a different jurisdiction. Customer hereby expressly consents to the personal jurisdiction and venue in the state and federal courts located in New York, New York for any lawsuit arising from or related to this Agreement. The United Nations Convention on Contracts for the International Sale of Goods does not apply to this Agreement.

b. Insurance Coverage. Brightloom will maintain commercially appropriate insurance coverage given the nature of the Brightloom Services and Brightloom’s obligations under the Agreement. Such insurance will be in an industry standard form with admitted insurance carriers with A.M. ratings of A-IX or better, and will include commercially appropriate cyber liability insurance coverage. Upon request, Brightloom will provide Customer with certificates of insurance evidencing such coverage.

c. Entire Agreement, Construction, and Amendment. The Agreement (including any and all Order Forms and related Exhibits) is the complete and exclusive understanding and agreement between the parties regarding its subject matter. To the extent any provision in an Order Form clearly conflicts with a provision of these Terms or a provision of an earlier Order Form, the provision in the new Order Form will be binding and the conflicting provision in these Terms or in the earlier Order Form will be deemed modified solely to the extent reasonably necessary to eliminate the conflict and solely with respect to the new Order Form (unless expressly intended to permanently amend these Terms). If any provision of the Agreement is held to be unenforceable or invalid, that provision will be enforced to the maximum extent possible, and the other provisions will remain in full force and effect. The headings in the Agreement are solely for convenience and will not be taken into consideration in interpretation of the Agreement. Each party acknowledges and agrees that it has adequate sophistication, including legal representation, to fully review and understand the Agreement; therefore, in interpretation of the Agreement with respect to any drafting ambiguities that may be identified or alleged, no presumption will be given in favor of the non-drafting party. The Agreement may not be modified or amended except by mutual written agreement of the parties.

d. Execution. The Agreement may be executed in two or more counterparts, each of which will be deemed an original and all of which, taken together, will constitute one and the same instrument. A party’s electronic signature or transmission of any document by electronic means will be deemed to bind such party as if signed and transmitted in physical form.

e. Assignment. No assignment, novation or transfer of a party’s rights and obligations under the Agreement (“Assignment”) is permitted except with the prior written approval of the other party, which will not be unreasonably withheld; provided, however, that either party may freely make an Assignment to a successor in interest upon a change of control, except that if such Assignment is to a direct competitor of the other party or would cause the other party to become in violation of applicable laws that is not reasonably addressable, such other party may terminate the Agreement upon written notice.

f. Notice. Except as expressly specified herein, any required notice under the Agreement will be deemed given when received by letter delivered by nationally recognized overnight delivery service or recorded prepaid mail. Unless notified in writing of a change of address, you will send any required notice to Brightloom, ATTN: Legal, 100 Pine St., Ste. 1250, San Francisco, CA 94111, USA, and Brightloom will send any required notice to you directed to the most recent address you have provided to Brightloom either on an Order Form or via email to (with “CGP Customer Address for Notice Change” in the subject).

g. Force Majeure. Neither party will be liable or responsible to the other party nor be deemed to have defaulted under or breached the Agreement for any failure or delay in fulfilling or performing any term of the Agreement (except for any obligations to make payments to the other party), when and to the extent such failure or delay is caused by or results from acts beyond the impacted party’s (“Impacted Party”) reasonable control, including without limitation the following force majeure events (“Force Majeure Event(s)“): (a) acts of God, (b) acts of government, including any changes in law or regulations, (c) acts or omissions of third parties, (d) flood, fire, earthquakes, civil unrest, wars, acts of terror, pandemics, or strikes or other actions taken by labor organizations, (e) computer, telecommunications, the Internet, Internet service provider or hosting facility failures or delays involving hardware, software or power systems not within the Impacted Party’s possession or reasonable control, (f) network intrusions or denial of service attacks, or (g) any other cause, whether similar or dissimilar to any of the foregoing, that is beyond the Impacted Party’s reasonable control.

16. Definitions.

Terms not defined elsewhere in the Agreement are defined below (noting that capitalized terms used but not defined in an Order Form shall have the meaning assigned to them, if any, within these Terms):

Applicable Data Protection Laws” means all worldwide data protection and privacy Laws applicable to the Processing of the Personal Data in question, including without limitation to the extent applicable, the EU GDPR, UK GDPR, CCPA, and the data protection and privacy Laws of the United States, the European Economic Area (including the European Union and their member states, and Switzerland) (“EEA“), the United Kingdom, Canada, Mexico, Australia, Japan and Singapore.

Authorized User” means employees or agents of Customer (or other individuals solely to the extent explicitly permitted in an Order Form) selected by Customer to access and use the Subscription Services.

Beta Service” means any Brightloom Service (or feature of a Brightloom Service) that is clearly designated as “beta”, “experimental”, “preview” or similar, that is provided prior to general commercial release, and that Brightloom at its sole discretion offers to Customer, and Customer at its sole discretion elects to use.

Brightloom Personnel” means employees, agents, contractors or other individuals under the control or direction of Brightloom.

Brightloom System” means any application, computing or storage device, or network used by Brightloom to deliver Brightloom Services.

CCPA” means the California Consumer Privacy Act of 2018, as amended (Cal. Civ. Code §§ 1798.100 to 1798.199), the CCPA Regulations (Cal. Code Regs. tit. 11, §§ 999.300 to 999.337), and any related regulations or guidance provided by the California Attorney General.

Customer Data” means the data, information, and materials made available by Customer and its Authorized Users for Processing by, or use within, the Subscription Services.

Customer Data Source” means the cloud / server environment used by Customer to store Customer Data. “Customer Results” means any output the Customer or its Authorized Users generate from their use of the Platform Services.

GDPR” means the laws and regulations of the European Union, the European Economic Area, and their member states, applicable to the Processing of Personal Data under the Agreement(s), including (where applicable) the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 also known as the EU General Data Protection Regulation.

HIPAA” means the Health Insurance Portability and Accountability Act of 1996, as amended and supplemented from time to-time.

Inactive” means that:

your account is set up to be paid by credit card, but you (i) did not provide a valid credit card number or (ii) you failed to update an expired or invalid credit card number and at least three months has passed without a valid credit card number being on file (provided, that for the avoidance of doubt, this does not limit Brightloom’s right to terminate your account for non-payment relating to actual usage); or no Authorized User has logged into their account for more than six (6) months; or no Fees incurred for at least six months.

IP Rights” means all worldwide intellectual property rights available under applicable law including without limitation rights with respect to patents, copyrights, moral rights, trademarks, trade secrets, know-how, and databases.

Law(s)“ means any international, federal, state, provincial or other local laws, rules, regulations, ordinances or judicial decisions enacted or issued by a court or other governmental authority of any country, state, province, county, city or other municipality, and any self-regulatory regimes applicable to Customer’s use of the Brightloom Services. “Order Form” means an order form, online order (including click-thru setup of the Brightloom Services) or similar agreement, including any exhibits or attachments thereto, for the provision of Brightloom Services, entered into by the parties, incorporated by reference into, and governed by, the Agreement.

PCI-DSS” means the Payment Card Industry Data Security Standard.

Personal Data”’ means “personal information”, “personal data” or other similar term as defined under the Applicable Data Protection Laws that is contained within the Customer Data.

Processing” means any operation or set of operations which is performed on Customer Data or on sets of Customer Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Subscription Services” means the Platform Services and Support Services.


The restrictions set forth in this Acceptable Use Policy (AUP) are not exhaustive. Any violation of this AUP may result in the suspension or termination of your access to and use of the Brightloom Services.

You shall not (and shall not permit your Authorized Users to): 

attempt to create multiple accounts for the purpose of extending your free trial;

attempt to access, search, or create accounts for any Brightloom Services by any means other than our publicly supported interfaces or as otherwise authorized by us;

interfere with or disrupt (or attempt to interfere with or disrupt) the Brightloom Services, or gain (or attempt to gain) access to any Brightloom Systems that connect thereto (except as required to appropriately access and use the Brightloom Services);

use the Brightloom Services to violate the security or integrity of, or otherwise abuse, any Brightloom System (including without limitation the Subscription Services), including but not limited to gaining unauthorized access to any Brightloom System (including attempting to probe, scan, monitor, or test the vulnerability of a Brightloom System), interfering with the proper functioning of any Brightloom System (including any deliberate attempt by any means to overload a Brightloom System), implementing denial-of-service attacks, operating non-permissioned network services (including open proxies, mail relays or recursive domain name servers), or using any means to bypass Brightloom System usage limitations,

use the Brightloom Services to distribute or facilitate the sending of content that is threatening, abusive, discriminatory, harassing, defamatory, deceptive, false, fraudulent, vulgar, obscene, indecent, or illegal;

use the Brightloom Services to distribute or facilitate the sending of any sensitive information as that term may be used in applicable laws, or where no laws apply, individuals’ financial account information, sexual preferences, medical or health information, and/or personal information of children protected under any child protection laws;

use the Brightloom Services to engage in or promote any other fraudulent, deceptive or illegal activities;

use the Brightloom Services to process, store or transmit material, including any Customer Data, in violation of any Law or any third party rights, including without limitation privacy rights;

disclose to any third party the results of any testing or benchmarking of the Brightloom Services that you might conduct unless pre-approved by Brightloom in writing; or

use the Brightloom Services in any circumstances where failure could lead to death, personal injury or environmental damage, and you further acknowledge that the Brightloom Services are not designed

or intended for such use.

Brightloom reserves the right to update this AUP in accordance with industry best practices and applicable law from time-to-time upon reasonable notice, which may be provided through the Brightlooms Services or via email to your Customer Contact. Such updates become binding — including on existing Authorized Users — on the later of the date specified in the updated AUP or thirty (30) days after the update email is sent to the Customer Contact last identified by you. Any modification to the AUP within an update will relate solely to restrictions on use of, and access to, the Brightloom Services.


Brightloom believes that information security is fundamental and critical to the success of Brightloom’s business and the business of Brightloom’s Customers. Brightloom has a comprehensive data security and privacy program to secure Customer Data in a manner commensurate with each asset’s value and sensitivity and shall maintain security measures consistent with applicable industry standards designed to ensure the security, confidentiality, availability and integrity of Customer Data and protect against unauthorized disclosure or access of Customer Data (the “Brightloom InfoSec Program”).

1. Security Measures and Controls. 

a. Brightloom will maintain the Brightloom InfoSec Program, including: (a) defining security needs based on a regular Privacy Impact Assessment (“PIA”); (b) allocating responsibility for implementing the policy to a specific individual or members of a team;2 and (c) ensuring that the Brightloom InfoSec Program is

disseminated to and annual security and privacy training completed by all Brightloom employees.

2This includes having a Data Protection Officer in place if required by the EU GDPR or other applicable law.

b. Brightloom will comply with all applicable privacy and data security laws and regulations governing its use, Processing and storage of Customer Data.

c. Brightloom will maintain security measures and controls designed to: (i) protect the security of Brightloom Systems that interact with Customer Data; (ii) protect against any anticipated threats or hazards to the security or integrity of Brightloom Systems that interact with Customer Data; and (iii) protect against unauthorized access to or use of Brightloom Systems that interact with Customer Data that could result in harm to Customer’s customers.

d. Brightloom will maintain security measures and controls including, but not limited to:

i. Ensuring that storage of Customer Data conforms with the industry practice such that the

Brightloom Systems on which Customer Data is recorded are stored in secure locations and access by Brightloom Personnel to Customer Data is strictly monitored and controlled;

ii. Taking reasonable steps to ensure the reliability of Brightloom Personnel who have access to the Customer Data, ensuring in each case that access is strictly limited to those individuals who need to know or access the relevant Customer Data, as strictly necessary for the purposes of the Agreement, and to comply with Applicable Data Protection Laws in the context of that individual’s duties to the Brightloom;

iii. Ensuring that Brightloom Personnel who have access to the Customer Data do not publish, disclose or divulge any of the Customer Data to any third party unless directed in writing to do so by Customer;

iv. Removing access by Brightloom Personnel to Customer Data upon termination of employment or a change in job status that results in the Brightloom Personnel no longer requiring access to Customer Data;

v. Ensuring that appropriate security safeguards and virus protection are in place to protect the Brightloom Systems used in Processing Customer Data in accordance with industry practice;

vi. Using password protection on Brightloom Systems on which Customer Data is stored and

ensure that only authorized Brightloom Personnel are given details of the password;

vii. Having secure methods in place for the transit of Customer Data within Brightloom Systems and the CGP console (for instance, by using encryption);

viii. Having in place methods for detecting and dealing with breaches of security (including loss, damage or destruction of Customer Data) including: (a) the ability to identify which individuals have worked with specific Personal Data; and (b) having a proper procedure in place for

investigating and remedying breaches of the data protection principles contained in all Applicable Data Protection Laws, including written records; and

ix. Having a secure method of disposal for unwanted Customer Data including back-ups, disks, print outs and redundant equipment.

e. Brightloom will monitor Brightloom Systems, as well as implement and maintain security controls and procedures designed to prevent, detect and respond to identified threats and risks, including, but not limited to:

i. Employing an industry standard network intrusion detection system to monitor and block suspicious network traffic;

ii. Reviewing access logs on servers and security events and retaining network security logs for 90 days;

iii. Reviewing all access to production systems;

iv. Performing network vulnerability assessments on a regular basis; and

v. Engaging third parties to perform network penetration testing on at least an annual basis.

2. Security Breach Notification. Brightloom shall notify Customer within seventy-two (72) hours of confirming there was a breach after becoming aware of the unauthorized acquisition, destruction, loss, modification, use or disclosure of Customer Data (“Security Breach”).

a. Brightloom will immediately investigate and take all reasonable necessary steps to eliminate or contain the exposures that lead to such Security Breach.

b. Brightloom will, as soon as reasonably practicable, provide Customer with a written description of the Security Breach, as well as the mitigation steps taken by Brightloom.

3. Annual Reports and Audit Requests. 

a. Brightloom will obtain attestation reports related to the Brightloom InfoSec Program at least annually and keep such reports for at least three (3) years following each attestation.

b. Customer shall have the right, upon written request and not more than once annually, to conduct reasonable information security assessments that consist of a review of Brightloom’s records relating to its compliance with this Agreement. Customer and Brightloom will discuss and agree in advance on the reasonable start date, scope and duration of and security and confidentiality controls applicable to any audit. Brightloom reserves the right to charge a fee (based on Brightloom’s reasonable costs) for any audit and Brightloom will provide further details of any applicable fee and the basis of its calculation to Customer in advance of an audit. During any such review, Brightloom shall have no obligation to expose other customers’ or Brightloom employees’ personal or private information or any data that Brightloom reasonably believes would adversely impact its customers’ or employees’ security or privacy and such review shall be subject to reasonable confidentiality provisions and restrictions that Brightloom may impose. An auditor shall not be permitted to remove any physical or electronic copies of Brightloom’s Confidential Information.

4. Business Continuity. Brightloom has policies and procedures in place for responding to an emergency or other occurrence (for example, fire, vandalism, system failure, pandemic, and natural disaster) that could affect the availability, integrity or confidentiality of Customer Data or Brightloom Systems that contain Customer Data or that would interrupt Brightloom’s ability to provide Brightloom Services under the Agreement.


Please read carefully, this agreement contains a release of liability. If you do not understand this release, you should consult legal counsel.

These Additional Terms of Service (the “Additional Terms“) supplement the Terms of Service and any accompanying or future Order Form you entered or will enter into with SF2 GSW LLC, a Delaware limited liability company, dba Brightloom (“Brightloom” or “we“ or “us”). The Terms of Service, Additional Terms, and any Order Form govern your access to and use of Beta Services provided to you by Brightloom, and particularly your use of the BrightloomAnswers AI chatbot (“answers”). Any capitalized term not defined in the Additional Terms shall have the same meaning given to it in the Terms of Service.

If you are acting on behalf of an entity, you represent and warrant that you are authorized to bind that entity to these Additional Terms, in which case “Customer,” “you,” or “your” shall refer to that entity (otherwise, such terms refer to you as an individual). By accepting these Additional Terms, either by executing these Additional Terms separately or by executing an initial Order Form that indicates your acceptance of these Additional Terms (an “Initial Order Form“), whether by signature or by clicking an “I Accept” button or checkbox, you agree in full to these Additional Terms. If you do not have authority to bind your entity or do not agree with these Additional Terms, you must not accept these Additional Terms and may not use the Brightloom Services described below.

Customer agrees and acknowledges that:

  • BrightloomAnswers is not a fully developed product and is a Beta Service, as that term is defined in the Terms of Service;

  • BrightloomAnswers is powered by OpenAI’s Chat GPT;

  • Brightloom has offered the Customer the opportunity to participate in the development and testing of BrightloomAnswers;

  • Customer is voluntarily choosing to use BrightloomAnswers in Customer’s sole discretion; and

  • Use of BrightloomAnswers entails certain unavoidable requirements and risks.

Customer understands that Brightloom and BrightloomAnswers will share Customer’s data, including Customer Data, End Customer Data, and Confidential Information, with third parties; Customer consents to such sharing of information and Confidential Information.

Customer agrees to assume the following risks:

  • The risk that Customer’s access to BrightloomAnswers may be slowed or discontinued at any time for any reason;

  • The risk that BrightloomAnswers may provide incorrect information;

  • The risk that BrightloomAnswers may return offensive answers or inappropriate content in response to queries;

  • Other risks, including unknown risks, inherent in the use and testing of generative AI, as well as software beta-testing generally.

In exchange for early access to BrightloomAnswers, Customer hereby releases and indemnifies Brightloom from any damages or liabilities caused by Customer’s use of BrightloomAnswers.

Let’s improve your
restaurant together

Let us help you make the right recommendation to
the right customer at the right time.