GeneXus™ Next - Terms and Conditions
Latest update: October 1, 2025
Introduction.
GeneXus™ Next forms part of Globant Enterprise AI’s software development products and it is also built on top of Globant Enterprise AI (GEAI). Accordingly, your access to and use of GeneXus™ Next is governed by the GEAI Terms of Use, which are incorporated herein by reference and are also available at the Globant website.
Terms of Use
Definitions
Capitalized terms shall have the following meanings:
“Access Credentials”: any username, password, security key, PIN, or other method used, alone or in combination, to verify a user’s identity and authorization to access and use the Software (as defined below).
“Agreement”: means either the license agreement or the subscription agreement entered into between Provider and Customer.
“Authorized User(s)": an employee, contractor or agent of the Customer that is authorized to use the Software in accordance with the Agreement and these Terms.
“Confidential Information”: any non-public information concerning the business, technology, or operations of a Party (the “Disclosing Party”), including but not limited to: (i) technical data, software, inventions, designs, processes, and algorithms; (ii) business plans, financial information, customer data, marketing strategies, and pricing information; and (iii) any other information identified as confidential or that a reasonable person would understand to be confidential.
“Customer”: the person or legal entity using of the Software and/or entering into an Agreement.
“Customer Data”: input from the Customer or its Authorized Users submitted to, stored in and/or processed by the Software by the Customer.
“Force Majeure Event”: an event or circumstance that prevents or delays a Provider from performing its obligations under the Agreement and that event or circumstance: (i) is not within the reasonable control of Provider and is not the result of Provider’s negligence (including, without limitation, acts of God, natural disaster, acts of government, flood, fire, earthquakes, pandemics, civil unrest, acts of terror or general labor disturbances such as strikes), and (ii) cannot be overcome or avoided by Provider using reasonably diligent efforts.
“Hosted Services”: hosting, management, customization, operation, maintenance and/or support services provided by the Provider in SaaS mode.
“Intellectual Property Rights”: any and all rights, titles, and interests in and to intellectual property, whether registered or unregistered, granted, applied for or otherwise now or hereafter in existence under or related to any patent, copyright, trademark, trade secret, database protection or other intellectual property rights laws, and all similar or equivalent rights or forms of protection in any part of the world.
“On-Premise”: the licensing model of the Software (as defined below), which is installed and operated on the Customer’s infrastructure and the Customer is responsible for its operation, maintenance, and management.
“Provider”: GeneXus S.A., Globant LLC or any other affiliate entities from the Globant group.
“Provider Materials”: all materials, documentation, data, information, libraries, tutorial, demonstration programs and other content provided or made available by the Provider in connection with the Software, including but not limited to user manuals, technical specifications, training materials, reports, and any other deliverables provided under the Agreement.
“Provider Systems”: the Provider’s information technology infrastructure, including but not limited to servers, networks, databases, software, hardware, and other systems used to provide the Software, Hosted Services or support under the Agreement.
“SaaS” (Software as a Service): the subscription model of the Software, which is hosted and managed by the Provider and the Customer accesses it remotely over a network on a term-use basis.
“Services”: Hosted Services, support, maintenance and any other services provides by the Provider under the Agreement, including Updates, Provider Materials and access to Provider Systems.
“Software" or “GEAI”: Provider’s proprietary software named Globant Enterprise AI, a middleware that allows access to large language models (“LLMs”), document indexing and built-in observability, and any new versions, updates, revisions, improvements and modifications of the foregoing, developed and/or published by Provider from time to time.
“Terms": these Terms of Use together with the Agreement and any annexes.
“Third-Party Provider(s)": external providers of services, including cloud or LLM services, as selected by the Customer under an Agreement.
“Updates": new versions, patches, enhancements and/or modifications to the Software that the Provider may make generally available to the Customer, including bug fixes, security updates and new features, as specified under the Agreement.
Specific Terms
The specific terms and conditions applicable to the On-Premises and SaaS versions of the Software are set forth in Annex A or Annex B, respectively, which form an integral part of these Terms.Use of the Software
By using the Software, Customer agrees to these Terms.The Provider reserves the right to modify these Terms at any time. The Provider will notify the Customer’s administrator of any material changes, and the Customer is responsible for informing its Authorized Users of such changes. If the Customer continues to use the Software after being notified of changes to these Terms, such use constitutes acceptance of the modified Terms.
Restrictions: The Customer shall not: (i) use the Software for unauthorized or anti-competitive purposes; (ii) transfer the Software to third parties without prior written consent from the Provider. Customer will contact Provider immediately if Customer believes an unauthorized third party may be using Customer's (or Authorized Representative's) account or if Customer's (or Authorized Representative's) account information is lost or stolen.
Third-Party Libraries: The Software may incorporate third-party libraries, frameworks, or components ("Third-Party Libraries") to enable functionality. The Provider cannot guarantee the Third Party Libraries are free from all vulnerabilities. The Customer acknowledges hereby that Third-Party Libraries may pose unforeseen security risks and that the Provider is not liable for damages arising from vulnerabilities.
Customer obligations and responsibilities
Operation and management: The Customer acknowledges and agrees that it has and will retain sole control over all access to and use of the Software by its Authorized Users. The Customer shall be solely responsible for: (i) any information, instructions, or materials provided to the Provider or the Software in connection with these Terms; (ii) the results obtained from the use of the Software; and (iii) any conclusions, decisions, or actions based on such use.Cooperation and Assistance: The Customer shall provide all reasonable cooperation and assistance requested by the Provider to enable the Provider to exercise its rights and perform its obligations under these Terms, including but not limited to: (i) providing access to necessary systems and data; (ii) responding promptly to requests for information or approvals; and (iii) facilitating the installation of Updates or the resolution of technical issues.
Security: The Customer must protect its credentials and systems to prevent unauthorized access to the Software.
Responsibility: The Customer and its Authorized Users are bound by these Terms. The Customer is responsible for ensuring that its representatives and Authorized Users comply with these Terms and for any damages caused by their non compliance.
Customer-Caused Delays or Failures: The Provider shall not be responsible or liable for any delay or failure in performance caused, in whole or in part, by the Customer’s delay in performing or failure to perform any of its obligations under these Terms. The Provider shall not be liable for any damages, losses, or liabilities arising from the Customer’s failure to comply with its obligations, including but not limited to delays in providing access, information, or approvals necessary for the Provider to perform its obligations.
Use restrictions: The Customer may access and use the Software and Provider Materials solely for the Permitted Use. The Customer shall not, and shall not permit any third party to: (i) copy, modify, or create derivative works of the Software or Provider Materials; (ii) reverse engineer, decompile, disassemble, or attempt to derive the source code of the Software; (iii) rent, lease, lend, sell, sublicense, or otherwise transfer the Software or Provider Materials to any third party; (iv) remove or alter any copyright, trademark, or other proprietary notices from the Software or Provider Materials; or (v) use the Software or Provider Materials for any purpose that is competitive with the Provider’s business or detrimental to its commercial interests.
Prohibited Activities: In addition to the aforementioned, the Customer shall not: (i) knowingly introduce any harmful or malicious code into the Software or Provider Systems; (ii) use the Software in any hazardous, safety-critical, or unlawful environments; or (iii) access or use the Software beyond the scope of the authorization granted under these Term.
Results and Limitations
Dependence on Input Data: The results generated by the artificial intelligence are directly dependent on the quality, relevance, and accuracy of the data provided by the Customer. The Customer acknowledges that if the data used to train or interact with the Software is incomplete, inaccurate, biased, or otherwise unsuitable, the results may be unreliable, misleading, or unhelpful.No Guarantee of Accuracy: The Provider does not guarantee that the results obtained through the use of the Software will be accurate, complete, or reliable. The Customer is solely responsible for: (i) the selection, quality, and suitability of the data provided to the Software; and (ii) any decisions, actions, or outcomes based on the results generated by the Software. The Customer is solely responsible for validating results before use. By using this Software, the Customer agrees that any decision or action taken based on such information is at their own risk.
No Liability for Output: The Provider shall not be liable for any damages, losses, or liabilities arising from the Customer’s use of the Software, including but not limited to errors, inaccuracies, or inappropriate decisions made based on the Software’s Output.
Changes and updates
Right to Modify: The Provider reserves the right, at its sole discretion, to modify the Software or its systems to: (i) maintain or enhance the quality, performance, or cost efficiency of the Software and Services; (ii) comply with applicable laws or regulations; or (iii) improve the competitive strength or market position of the Software and Services. For SaaS, such modifications may include updates to the Hosted Services, which will be implemented by the Provider without requiring action by the Customer. For On-Premises, such modifications will be made available as Updates, which the Customer is responsible for installing.Notification of Changes: The Provider shall use commercially reasonable efforts to notify the Customer of any material changes to the Software that may affect its functionality or use. However, the Provider is not obligated to provide prior notice for minor updates, bug fixes, or security patches.
Suspension, Term and Termination
Suspension: The Provider may immediately suspend Customer's access to the Software without prior notice if: (i) required by law; (ii) the Provider, in good faith, believes there is a security risk or unlawful activity. If access was suspended due to the Provider’s error of fact (not breach), and Customer provides sound evidence within 7 days, access will be restored within 7 business days after verification. For SaaS, suspension may include disabling API keys or user accounts. If suspension is lifted after verification, Provider will extend the subscription term equivalent to the downtime incurred.Termination for Convenience: Either party may terminate the Agreement with 30 days’ written notice. in the event of a Customer termination for convenience, Customer shall not be entitled to any refund or relief from payment of any fees paid or payable under the Agreement and, if the Subscription Fee is payable monthly, Provider will be entitled to charge the Customer with the Subscription Fee attributable to the corresponding calendar month of the effective date of termination.
Termination for Breach: Either party may terminate the Agreement if the other breaches a material obligation and fails to cure it within 30 days, except that termination will take immediate effect on written notice in the event of a breach of the obligations related to Use Restrictions and Prohibited Activities, Confidentiality or Proprietary Rights.
Termination for Insolvency: Either party may immediately terminate the Agreement in the event the other party becomes the subject of a petition in bankruptcy or any other proceeding relating to insolvency, receivership, liquidation or assignment for the benefit of creditors (and not dismissed within 60 days thereafter).
Effects of Termination: Upon any termination or expiration of an Agreement or the use of the Software, the Customer shall cease using the Software, Provider Materials and Provider Systems and destroy all copies in Customer’s possession or control. Provider may disable such access or license and immediately cease all use of any Customer Data. Any fees owed to Provider shall further become immediately due and payable even if longer terms have been agreed earlier.
Survival. All provisions of the Agreement and these Terms, which by their nature should survive termination, will survive termination.
Billing and Payments
Fees: The Customer shall pay the agreed fees according to the terms of the Agreement. To the extent permitted by the applicable law, and except as herein included, fees are non-refundable for any reason.Third-Party Payment Processor Network: Where Customer designates use of a third-party payment processor network, Customer shall be responsible for payment of all fees and charges associated with use of such network (including registration, participation, and payment processing fees) and Provider may invoice for such fees together with the subscription fees or on separate invoice(s).
Taxes: All fees are exclusive of any taxes, levies, or duties. Customer will be responsible for payment of any sales, VAT, GST, or similar taxes applicable to the Services, except taxes based on Provider's net income. If Customer is required by law to withhold taxes on payments: (i) Customer must notify Provider immediately and provide tax receipts to Provider within 30 days; and (ii) Customer will "gross up" payments so Provider receives the full invoiced amount. If Customer claims a tax exemption, it must provide a valid exemption certificate before invoicing.
Late Payment: The Provider may suspend service if the Customer fails to pay fees on time. Unpaid amounts may be subject to interest at the lesser of 1% per month or the maximum permitted by law, plus all collection costs.
Intellectual Proprietary Rights
Provider Ownership:Provider owns all Intellectual Property Rights related to the Software (including but not limited to patents, copyrights, trademarks, trade secrets, and database rights and derivatives) and Intellectual Property Rights related to all Provider Materials (including deliverables, Updates, enhancements, modifications, and derivative works). . Customer does not receive any rights in and to the Software except as explicitly permitted herein. Without limiting the foregoing, Customer will not permit any third party to: (i) use the Software in a manner that infringes, misappropriates or otherwise violates any party’s intellectual property rights; (ii) modify or create derivative works of the Software; (iii) reverse, assemble, compile, decompile, translate, engage in model extraction or stealing attacks, or otherwise attempt to discover the source code or underlying components of models, algorithms, and systems of the Software (except to the extent such restrictions are contrary to applicable law); (iv) use the Software to develop foundation models or other softwares that compete with GEAI; (v) use any method to extract data from the Software other than as permitted through the API; or (vii) buy, sell, or transfer API keys from, to or with a third party without GEAI prior written consent.
Customer Content:
Customers and its Authorized Users may provide input to be processed by the Software (“Input”), and receive output generated and returned by the Software based on the Input (“Output”). Input and Output are collectively “Customer Content.” As between the parties and to the extent permitted by applicable law, Customer owns all Customer Content. Provider will only use Customer Content as necessary to provide and maintain the Services, comply with applicable law, and enforce Provider’s safety policies. Customer will ensure that the use of Customer Content will not violate any applicable law or Provider’s Policies.
Customer is solely responsible for the development, content, operation, maintenance, and use of Customer Content.
Similarity of Output: Customer acknowledges that due to the nature of machine learning, the Software may generate the same or similar output for third parties. For the avoidance of doubt, Customer shall not own output generated by third parties.
Improvement of Services: Artificial intelligence and machine learning models can improve over time to better address specific use cases. Provider may use Customer Content to develop and improve the Software.
Customer Data: Customer hereby grants to Provider a limited, perpetual, non-exclusive, non-transferable (except in connection with the permitted assignment of this Agreement), and royalty-free license to reproduce, distribute, display and otherwise use the Customer Data for the purposes of (i) providing the Services; and (ii) Provider’s internal business purposes including using such Customer Data in an aggregated and/or de-identified form, including but not limited for running analytics, machine learning, or training AI models, for the purposes of improving the Provider’s services and offerings.
Trademarks: The Customer acknowledges it has no right, title, or interest in the Software’s and or Provider Materials’ trademarks, whether registered or unregistered (collectively the “Trademarks”). The Customer may only use Trademarks as expressly authorized in these Terms , without alteration. Any other use requires the Provider’s prior written consent. The Customer shall not: (i) remove or alter any proprietary notices from the Software or Provider Materials; (ii) claim ownership or register any rights in the Provider’s Intellectual Property; or (iii) use the Trademarks to imply endorsement or affiliation without Provider’s consent.
Feedback. Provider shall be free to use, irrevocably, in perpetuity, for free and for any purpose, all suggestions, ideas, fixed, enhancements and/or feedback, whether oral or in writing, relating to the Software provided to Customer and Authorized Users. Provider may use such feedback without any payment or restriction.
Confidentiality duties
Obligations: The receiving party agrees to: (i) use the Confidential Information solely for the purposes of performing its obligations under these Terms; (ii) disclose the Confidential Information only to its employees, agents, or subcontractors who need to know it and are bound by confidentiality obligations at least as protective as those in these Terms; and (iii) protect the Confidential Information using at least the same level of care it uses to protect its own confidential information, but in no event less than reasonable care.Exclusions: Confidential Information does not include information that: (i) is or becomes publicly available without breach of these Terms; (ii) was already in the receiving party’s possession without restriction prior to disclosure; (iii) is received from a third party without breach of any confidentiality obligation; (iv) is independently developed by the receiving party without reference to the disclosing Party’s Confidential Information; or (v) is required to be disclosed by law or legal process, provided that the receiving Party notifies the disclosing Party in advance (if permitted by law) and cooperates to limit the disclosure.
Return or Destruction: Upon the Disclosing Party’s request or upon termination of this Agreement, the receiving party shall: (i) promptly return all Confidential Information (including copies) to the Disclosing Party; or (ii) certify in writing that it has destroyed all Confidential Information in its possession or control.
Prior Confidential Information: To the extent the parties exchanged any Confidential Information prior to the execution of the Agreement, such information shall be subject to the confidentiality obligations set forth herein.
Limitation of liability
Disclaimers. TO THE MAXIMUM EXTENT PERMITTED BY LAW, IN NO EVENT WILL PROVIDER BE LIABLE FOR ANY (I) INDIRECT, SPECIAL, INCIDENTAL, PUNITIVE OR CONSEQUENTIAL DAMAGES, OR (II) DAMAGES FOR THE (A) COST OF PROCURING SUBSTITIVE GOODS, OR (B) LOST PROFITS, REVENUE, USE, DATA OR GOODWILL ARISING OUT OF OR IN CONNECTION WITH AN AGREEMENT, THESE TERMS AND/OR THE USE OR THE PERFORMANCE OF THE SOFTWARE WHETHER BASED ON BREACH OF CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY, OR OTHERWISE, AND EVEN IF PROVIDER HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES AND EVEN IF A PARTY’S REMEDIES FAIL THEIR ESSENTIAL PURPOSE.Damages Capped. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, PROVIDER’S TOTAL CUMULATIVE AGGREGATE LIABILITY FOR ANY AND ALL LIABILITIES, OBLIGATIONS OR CLAIMS ARISING OUT OF OR RELATED TO AN AGREEMENT, THESE TERMS OR THE USE OR THE PERFORMANCE OF THE SOFTWARE WILL NOT EXCEED THE NET AMOUNT PAID BY CUSTOMER UNDER AN ACTIVE SOFTWARE SUBSCRIPTION, LICENSE OR UNDERLYING AGREEMENT GIVING RISE TO THE CLAIM BEFORE THE LIABILITY AROSE (OR NO MORE THAN TEN USD ($10.00) IF THE CUSTOMER OBTAINED SUCH SOFTWARE LICENSE OR SAAS AT NO CHARGE).
Indemnification
Customer’s indemnity: Customer agrees to defend, indemnify and hold harmless Provider, and their respective employees, contractors, agents, officers and directors, from and against any and all claims, damages, obligations, losses, liabilities, costs or debt, fines, restitutions and expenses (including but not limited to attorney’s fees and costs incident to establishing the right of indemnification) arising out of or related to (i) products or services that have been developed or deployed with or using the Software (including results or data generated from such use), or claims that they violate laws, or infringe, violate, or misappropriate any third party right; or (ii) a violation of the terms and conditions of the Agreement or these Terms. If Customer is prohibited by law from entering into the indemnification obligation above, then Customer assumes, to the extent permitted by law, all liability for all claims, demands, actions, losses, liabilities, and expenses (including attorneys’ fees, costs and expert witnesses’ fees) that are the stated subject matter of the indemnification obligation above.Exclusions: The Provider shall not be held liable for any IP Claims arising from: (i) modifications made by parties other than by Provider; (ii) combination of the Software with non-Provider materials; or (iii) any continued use of the Software after being notified of the infringement.
Procedures: The indemnified party must promptly notify the indemnifying party in writing. The indemnifying party controls the defense (including settlements) but cannot settle claims admitting fault without consent. The indemnified party must provide reasonable assistance.
Mitigation Rights: If the Software is subject to an IP Claim, the Provider may, at its option: (i) modify the Software to be non-infringing; (ii) replace it with functionally equivalent software; or (iii) terminate the Agreement and refund prepaid unused fees.
Sole Remedy: This Section states the entire liability of the Provider regarding infringement claims.
Warranties and Compliance
Limited warranty: The Provider warrants that the Software will substantially conform to the Provider Materials. In the event of a material breach of the foregoing warranty, Customer’s exclusive remedy and Customer’s entire liability, shall be for Provider to use commercially reasonable efforts to correct the reported non-conformity within 30 days, or if Customer determines such remedy to be impracticable, Customer at its discretion, may terminate the Agreement and Customer will receive, as its sole remedy, a refund of any fees Customer has pre-paid for use of affected Services for the terminated portion.Exclusions: The warranty set forth in this section shall not apply if the error was caused by misuse, unauthorized modifications or third-party hardware, software or services, including Third-Party Providers or any use provided on a no-charge or evaluation basis.
Disclaimer: Except for the express warranties stated in this Agreement, the Software and Provider Materials are provided "as is" and "as available". To the maximum extent permitted by law, the Provider disclaims all implied warranties, including but not limited to merchantability, fitness for a particular purpose, non-infringement, and accuracy or reliability of results. The Provider does not warrant that (i) the Software will meet the Customer’s specific requirements; or (ii) the Software will operate uninterrupted or compatible with all third-party systems; or (iv) security measures will prevent all breaches or vulnerabilities.
Non-Sanctioned Status: The Customer warrants that neither it nor its Affiliates, executive officers, directors, or any individuals or entities with a significant ownership or control interest in the Customer are prohibited from dealing with the Provider under any U.S. law, regulation, or executive order, including those listed on the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) and Specially Designated Nationals and Blocked Persons List (SDN List). If, at any time during the Agreement's term, the Customer or any of its executive officers, directors, or significant ownership interests is found to be or becomes an individual or entity with whom the Provider is prohibited from dealing under this clause, the Customer must provide immediate written notice to the Provider. The Provider shall then have the right to terminate the Agreement immediately, without fault or liability. In the event of such termination, the Customer shall pay the Provider for any Services rendered prior to the termination date, unless such payment is legally prohibited.
Compliance: Both parties shall comply with all applicable laws and regulations in performing their obligations under these Terms, including but not limited to: (i) Data protection laws (GDPR, CCPA, or local equivalents); (ii) Export control laws (U.S. EAR, SDN List or equivalents); and (iii) Industry-specific regulations if applicable. Neither Party shall, directly or indirectly (z) offer, promise, or give anything of value (money, gifts, travel, entertainment) to government officials (including employees of state-owned entities); political parties or candidates; or any third party to corruptly influence business decisions; or engage in any conduct violating the U.S. Foreign Corrupt Practices Act (FCPA), U.K. Bribery Act 2010; or other applicable anti-corruption laws ("Anti-Corruption Laws"). Each party shall ensure its employees, agents, and subcontractors comply with Anti-Corruption Laws.
General Provisions
Governing Law: These Terms are governed by the laws of the country or state where the Provider is located. The United Nations Convention for the International Sale of Goods does not apply to this Agreement.Entire agreement: These Terms are the complete and exclusive statement of the mutual understanding of the parties and supersede all previous written and oral agreements and communications relating to the subject matter of these Terms.
Assignment: Customer may not assign the Agreement without the Provider’s written consent.
Severability: If any provision is held invalid or unenforceable, the remainder of these Terms remains in full force. Parties shall negotiate in good faith to replace invalid provisions with valid ones that reflect the original intent.
Interpretation and order of precedence: "Including" means "including without limitation". Headings are for reference only and do not affect meaning. Written notice includes email or electronic communication. In case of conflict, the following order of precedence shall apply: 1° Agreement; 2° these Terms; 3° Exhibits/Attachments.
Interpretación y orden de prioridad: La expresión “incluyendo” se entenderá como “incluyendo sin carácter limitativo”. Los títulos o encabezados se incluyen únicamente como referencia y no afectan la interpretación del contenido. La notificación por escrito incluye el envío por correo electrónico u otro medio electrónico de comunicación. En caso de conflicto, se aplicará el siguiente orden de prioridad: 1° Contrato; 2° estas Condiciones; 3° Apéndices/Anexos.
Notices: All notices hereunder must be in writing and sent to the other party, at the address included in the Agreement. A notice given under these Terms must be: (a) in writing in the English language; (b) sent for the attention of the person, and to the address or email address given in the Agreement.
Waiver: No waiver of any provision is effective unless in writing and signed by the waiving party. Failure to enforce a right does not constitute a waiver of future enforcement. Waivers are strictly limited to the specific instance and terms outlined.
Independent Contractors: Parties are not agents, partners, or joint venturers. Neither Party may bind the other without written consent.
EXHIBIT A - Specific Terms for On-Premise
License
Subject to these Terms and the Agreement, and to the payment of any fees due under the Agreement, the Provider grants the Customer a non-exclusive, non-transferable and non-sublicensable license to use the Software, installed on the Customer’s infrastructure, solely for Customer’s internal business purposes (the “Permitted Use”).The Provider will provide Updates, patches, and new versions of the Software as part of the Hosted Services.
Control of Services and systems
Setup and Maintenance: The Customer has sole control over operation, set up and maintenance of its systems in accordance with the Provider Materials to ensure proper access to and use of the Software or Services; and shall ensure that its systems meet the minimum technical requirements specified by the Provider.Configuration. Software shall be configured within the limits permitted by the Provider and Customer is responsible for ensuring that such configurations comply with the Provider Materials and these Terms. The Customer shall maintain the systems on which the Software is installed to ensure proper operation and performance.
Customer control. The Customer shall have sole control over the operation, and maintenance of the Software on its infrastructure, including: (i) the Customer’s systems and infrastructure; (ii) the location(s) where the Software is installed and operated; (iii) the configuration and use of the Software; and (iv) the security and access controls for the Software and related systems. Customer Data resides on Customer’s infrastructure unless shared for support. Provider accesses data only for troubleshooting at Customer’s request; or mandatory Updates. Customer’s indemnity covers claims from local data protection laws due to Customer’s configuration/storage of data.
Provider control. The Provider shall retain control over: (i) the provision of Updates, patches, and new versions of the Software; and (ii) the provision of set up, support and maintenance services, if agreed under the Agreement. Provided does not warrant performance on unsupported hardware.
Data Breach Incidents: The Provider shall not be liable for any direct, indirect, incidental, special, consequential, or punitive damages arising from or related to any Data Breach of Customer Data that is hosted in the Customer's own infrastructure. This includes, but is not limited to, any loss of data, loss of business, or any other damages resulting from unauthorized access to, or disclosure of, Customer Data.
EXHIBIT B - Specific Terms for SaaS
Right to access and use
Subject to these Terms and the Agreement, and to the payment of any fees due under the Agreement, the Provider grants the Customer a right to access and use the Software solely for the Permitted Use.
Control of Services and systems
Provider control. The Provider shall have sole control over the operation, maintenance and management of the Software and Hosted Services, including: (i) the Provider’s systems and infrastructure; (ii) the location(s) where the Hosted Services are performed; (iii) the deployment, modification and replacement of the Software; and (iv) the performance of support services, maintenance, patches and Updates.Customer control. The Customer shall have sole control over: (i) the access and use of the Software by its Authorized Users; (ii) the configuration of the Software within the limits permitted by the Provider; and (iii) the data inputted into the Software and the results obtained from its use. The Customer shall ensure that its systems and internet connectivity meet the minimum requirements for accessing the Hosted Services, as specified in the Provider Materials.
Disclaimer. The Customer acknowledges that: (i) the Provider has no control over the data inputted by the Customer or its Authorized Users into the Software; (ii) the Provider is not responsible for the accuracy, completeness, or suitability of the results generated by the Software; and (iii) the Customer is solely responsible for any decisions or actions taken based on the use of the Software.
Third-Party services
Acknowledgement. If the Customer uses Third-Party Provider(s) services, the Customer acknowledges and agrees that:- The Provider does not assume any responsibility or liability for the performance, availability, or compliance of Third-Party Providers’ services, nor for the accuracy, quality or regulatory compliance of any LLM from a Third-Party Provider.
- The Provider shall not be responsible for and makes no representations, warranty, express or implied, concerning the extent to whichThird-Party Providers’ services or the output of Third-Party Providers’ LLM’s are appropriate, permissible, lawful, accurate, correct, or otherwise suitable for the Customer or its intended use.
No warranty. The Provider does not endorse, guarantee, or assume responsibility for any Third-Party Provider’s service accessible through the Software. The Provider disclaims all liability for: (a) the accuracy, completeness, or reliability of any data processed or generated by a Third-Party Provider; (b) any downtime, interruptions, or failures of Third-Party Provider’s services; and (c) any damages or losses resulting from the Customer’s reliance on Third-Party Provider’s services.
Service levels and availability
Service Level Agreement (SLA). The Provider shall use commercially reasonable efforts to ensure that the Software is available at least 99.5% of the time, excluding scheduled maintenance and Force Majeure Events in accordance with the terms set forth in https://statics.globant.com/production/public/2025-10/sla-en-globant-enterprise-ai.pdf.Exceptions to Service Levels. The following events shall not be considered a breach of these Terms, and the Software shall not be deemed unavailable, if the impairment to access results, in whole or in part, from: (i) acts or omissions by the Customer or its Authorized Users, including misuse of Access Credentials or failure to comply with these Terms or the Provider Materials; (ii) the Customer’s failure or delay in fulfilling its obligations under these Terms; (iii) issues with the Customer’s or its Authorized Users’ internet connectivity; (iv) Force Majeure Events, including but not limited to strikes, lockouts, natural disasters, war, riots, or government actions; (v) failures of third-party software, hardware, systems, or networks not provided by the Provider; (vi) scheduled downtime as described below; or (vii) the suspension or termination of the Services in accordance with these Terms.
Scheduled Downtime: The Provider shall use commercially reasonable efforts to: (i) schedule routine maintenance of the Hosted Services between midnight and 06:00 a.m. (Eastern Time); and (ii) provide the Customer with at least 24 hours’ prior notice in Provider’s portal of any scheduled outages.
Customer Data
Accuracy and Legality: The Customer is solely responsible for the accuracy, content, and legality of all Customer Data. The Customer represents and warrants that it has all necessary rights, consents, authorizations and permissions to collect, share, store and use Customer Data as contemplated in these Terms, without violating any third-party rights or applicable laws and regulations.Privacy Policy: All Customer Data provided will be stored and used in accordance with Provider's Privacy Policy, as may be amended by from time to time.
Compliance with Laws: The Customer agrees to comply with all applicable laws, including data protection and privacy laws, in its use of the Services and the Software. Customer indemnifies Provider for claims arising from unlawful or infringing Customer Data.
Configuration and Security: The Customer is responsible for properly using the Software, as well as taking reasonable measures to secure and protect its accounts and Customer Data. Customer Data shall be stored with logical separation from information of other customers.
Processing of Personal Data: Solely to the extent necessary for the provision of the Services, Provider (in its capacity as Data Processor) may from time to time collect, store, use and process, or otherwise be provided with, or have access to, information and other data of Customer (in its capacity as Data Controller) or of other third parties (where Customer is acting in the capacity of a Data Processor for such third parties) including information and data which may qualify as Personal Data (as defined in Attachment 1) . The parties’ rights and obligations with respect to the Personal Data processing activities shall be subject to Attachment 1.
Attachment 1: Data Processing Agreement (“DPA”)
In addition to those terms defined elsewhere in this DPA, the following terms shall have the meanings set forth below:“Appropriate Safeguards” means such legally enforceable mechanism(s) for Transfers of personal data as may be permitted under Data Protection Law from time to time;
“Data Controller” means the Customer;
“Data Processing Services” mean the services described in Schedule 1 to this DPA;
“Data Processor” means the Provider;
“Data Protection Law” means all data privacy regulations that are applicable and binding on the Controller, the Processor and/or the Data Processing Services, including, but not limited to the Uruguay’s data protection laws and regulation, EU General Data Protection Regulation 2016/679 (“EU GDPR”), the UK Data Protection Act of 2018, and the UK GDPR (“UK GDPR”), Argentina’s Personal Data Protection Law (No. 25.326), California Consumer Privacy Act (“CCPA”);
“Onward Transfer” means a Transfer from one International Recipient to another International Recipient;
“Personal Data” means the information referring to a Data Subject that is processed by the Processor by instruction of the Controller in the context of the provision of Data Processing Services;
“Regulator” means any regulatory body with responsibility for ensuring compliance with Data Protection Law;
“Restricted Transfer” means an overseas transfer to a country that is not subject to an adequacy decision or otherwise requires some form of transfer mechanism to be implemented in order to comply with such Data Protection Law;
“Security Breach” means any actual or suspected compromise of either the integrity, security, physical, technical, administrative or organizational safeguards implemented by Globant that leads to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, any Personal Data;
“Standard Contractual Clauses” means (a) with respect to a Restricted Transfer which is subject to the EU GDPR, the Controller-to-Processor standard contractual clauses, as set out in the European Commission’s Implementing Decision (EU) 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to GDPR, as may be amended or replaced by the European Commission from time to time (the “EU SCCs”), (b) with respect to a Restricted Transfer subject to the UK GDPR, the International Data Transfer DPA to the EU Commission Standard Contractual of 21 March 2022, as may be amended or replaced by the UK Information Commissioner’s Office from time to time (the “UK IDTA”), (c) with respect to other Restricted Transfer subject to Argentina’s Personal Data Protection Law, the Controller to Processor standard contractual clauses, as set out in Regulation No. 60-E/2016, as may be amended or replaced by the National Directorate for the Protection of Personal Data from time to time (“Argentinian SCCs”), and (d) with respect to Restricted Transfers subject to other Data Protection Laws, such other standard contract clauses as may be required to be implemented between Controller and Processor (“Other Applicable Transfer Clauses”);
“Sub-Processor” means any third party appointed by the Processor to process Personal Data.
References in this DPA to “Data Subject", “Processing”, “Data Protection Officer” and “Transfer” shall have the same meaning as defined in Data Protection Law.
Controller’s Obligations. The Controller shall:
- Comply with all applicable Data Protection Law;
- Instruct Processor (and authorize Processor to instruct each of its approved Sub-Processors) to process Personal Data;
- Warrant and represent that it is and will at all relevant times remain duly and effectively authorized to give the instruction set out above;
- Warrant and represent that the Personal Data sourced by the Controller for use in connection with Schedule 1 of this DPA, shall comply in all respects, including in terms of its collection, storage and processing, with Data Protection Law;
- Perform an assessment of the impact on personal data protection of the processing operations to be conducted by the Processor as required by Data Protection Law;
- Implement the relevant prior consultations;
- Inform the Processor, to the best of Controller’s knowledge, if any Personal Data disclosure is somehow restricted (including but not limited to, any restriction from further disclosure to Controller’s subcontractors and/or any international transfer of the Personal Data allowed hereunder);
- These same obligations apply when Controller is acting as data processor for a different end client.