License Agreement

OUSTER STUDIO TERMS AND CONDITIONS

Ouster, Inc. and/or its Affiliates (“Ouster”) provide the Offering subject to the following conditions.

Please review these Ouster Studio Terms of Use (this “Agreement”) carefully. This Agreement is between Customer, and the Ouster entity that owns or operate the Offering that Customer is using or accessing. If you are accessing or using the Offering on behalf of an organization or entity who is the Customer, you hereby represent that (a) you have full legal authority to bind your employer or such entity (as applicable) to this Agreement; and (b) after reading and understanding this Agreement, you agree to this Agreement on behalf of your employer or the respective entity (as applicable), and this Agreement shall bind your employer or such entity (as the case may be). PLEASE NOTE THAT YOU ARE DEEMED AS AN AUTHORIZED REPRESENTATIVE OF YOUR EMPLOYER OR AN ENTITY (AS APPLICABLE) IF YOU ARE USING YOUR EMPLOYER OR AN ENTITY’S EMAIL ADDRESS IN REGISTERING AN ACCOUNT TO USE THE OFFERING.

1. DEFINITIONS

The following capitalized terms, shall have the meanings set forth below:

“Documentation” means any instructions, manuals, usage guides, or other materials provided to Customer by Ouster or published and made generally available in connection with the Offering.

“Intellectual Property Rights” mean all intellectual property rights or interests, including without limitation, copyrights, trademarks, trade dress, patents, trade secrets, logos, trade names, any and all proprietary rights, publicity and/or privacy rights, industrial property rights, whether statutory or otherwise, and whether registered or not, all registrations, rights to register or apply for registration, renewals, reversions, all waivers and assignments of moral rights, all assignments of model and property releases, and all rights to enforce such rights or interests, in any work, including without limitation, the structure, sequence and organization of the same, worldwide and in perpetuity.

“Confidential Information” means any material or information disclosed by either party to the other party either directly or indirectly, relating to this Agreement, in writing, orally or by inspection of tangible objects (including without limitation material or information relating to such party’s research, development, know-how, products, product plans, services, customer, customer lists, markets, software, developments, inventions, processes, formulas, technology, designs, drawings, marketing, finances, or other business information or trade secrets), which is designated as “Confidential,” “Proprietary” or some similar designation, or information the confidential or proprietary nature of which is reasonably apparent under the circumstances. Confidential Information shall not include information which (i) becomes a part of the public domain through no act or omission of recipient; (ii) was in recipient’s lawful possession prior to the disclosure by discloser and had not been subject to limitations on disclosure or use, as shown by recipient’s files existing at the time of disclosure; (iii) is independently developed by recipient’s employees or independent contractors who have not had access to the Confidential Information; or (iv) is lawfully disclosed hereafter to recipient, without restriction, by a third party who did not acquire the information directly or indirectly from discloser.

“Customer” means the party downloading or using the Offering.

“Customer Data” means any of Customer’s data, content, video, images, point cloud data, objects, patterns, or other materials of any type that Ouster hosts or otherwise processes for Customer in performance of the Offering. Customer Data does not include Usage Data.

“Offering” means Ouster’s commercially available software marketed as Ouster Studio.

“Privacy Law” means, as applicable, the laws, regulations or other legal requirements relating to data protection, privacy, security or otherwise with respect to the use, collection, retention, storage, security, disclosure, transfer, disposal, and other processing of personal data.

“Scope of Use” means Customer’s authorized scope of use of an applicable Offering in compliance with the applicable Documentation and as designated on an order form, which may include (as applicable): (i) subscription period, (ii) number and type of Users or organizations, (iii) numbers of sensors, licenses, copies, instances, nodes, executions or parallel execution sessions, (iv) usage metrics, usage limits, data retention period, or other scope of use parameters, or (v) entity, division, business unit, website, field of use or other restrictions or billable units.

“Usage Data” means information relates to Customer’s relationship with Ouster, including User information, authorization information (e.g., username, password, two factor authentication), as well as system logs and user account activity and other information relating to the provision, use and performance of various aspects of the Offering and related systems and technologies, including without limitation operating speed, memory usage, throughput, bandwidth, errors and error rates, user logins, feature usage, performance data, and other information collected in the general operation of its Offering.

2. ACCESS TO, AND USE OF, OFFERING

   2.1 Access. Subject to the terms and conditions of this Agreement, Customer is granted a non-exclusive, non-sublicensable and non-transferable right for Users to access and use the Offering within the Scope of Use for Customer’s internal business purposes for Customer’s benefits.

   2.2 Account. Customer may be required to create an account and/or access the Offering via a web browser or a remote server. The Offering may permit Customer to create user accounts to permit authorized individual users to access the Offering (“Users”). When creating an account or when adding a User into a User account, Customer: (i) agrees to provide Ouster with accurate, complete, and current registration information for all Users, and ensure it is provided to Ouster in accordance with applicable Privacy Law; (ii) acknowledges that it is Customer’s and each User’s responsibility to ensure that such User’s password remain confidential and secure; (iii) agrees to future updates, patches and enhancements or fixes, including new versions of the Offering, all of which will become part of the Offering; (iv) agrees to maintain and use the current release of the Offering; (v) agrees that Customer is fully responsible for all activities that occur under User accounts; and (vi) undertake to promptly notify Ouster in writing if Customer becomes aware of any unauthorized access or use of User accounts and/or any breach of this Agreement. Ouster may assume that any communications Ouster receives under User accounts have been made by Customer. Customer will be solely responsible and liable for any losses, damages, liability and expenses incurred by Ouster or a third party, due to any unauthorized usage of a User account by either Customer or any User or third party on Customer’s behalf. In any event, Customer’s account is only for use for Customer’s business purposes. Customer is prohibited from providing access to the Offering to any third party, except for the limited extent necessary to enable Customer’s own use of the Offering on Customer’s behalf. Customer shall ensure that any such third party complies with this Agreement and all terms of use of the Offering, and Customer will be responsible for any acts or omissions by the third party.

3. TRIAL SERVICES; PRE-RELEASED SERVICES

   3.1 Trial Services. Ouster may offer part or all of Ouster products and services (including without limitation, the Offering) on a free, no-obligation trial version (“Trial Services”). Ouster reserves the right to modify, cancel and/or limit any Trial Services at any time and without liability or explanation. Trial Services for the Offering are limited to a 30-day period, unless otherwise designated.

   3.2 Pre-Released Services. Ouster may offer certain products and services in Alpha or Beta version or still under development (“Pre-Released Services”). Ouster use its best endeavors to identify such Pre-Released Services as such. Pre-Released Services may be inoperable or incomplete, and may contain bugs, suffer disruptions and/or not operate as intended and designated, more than usual. Customer shall designate a Pre-Released Services coordinator (the “Coordinator”) as the primary contact for Ouster during the term of this Agreement. Customer will cooperate and consult with Ouster in the evaluation of Pre-Released Services based on Customer’s operation, use, and testing of such Pre-Released Services. If Customer discovers errors or bugs in the Pre-Released Services, the Coordinator will promptly call Ouster to report such problems. Ouster may, at any time and in its sole discretion replace, modify, alter, improve, enhance or change the Pre-Released Services and in such event the replaced version shall be deemed part of the Pre-Released Services. If Ouster provides Customer with a corrected or updated Pre-Released Services, Customer shall promptly install such Pre-Released Services solely as a version replacement and erase from memory any and all copies of the previous Pre-Released Services. It is understood that any corrected or updated versions of the Pre-Released Services shall be used solely as version replacements and shall not expand the Scope of Use.

   3.3 Governing Terms of Trial Services and Pre-Released Services. Ouster grants Customer access and use of the Trial Services and Pre-Released Services subject to this Agreement and within the Scope of Use, provided that notwithstanding anything in this Agreement or elsewhere to the contrary, in respect of Trial Services and Pre-Released Services (i) such services are provided or licensed (as applicable) hereunder on as “As-Is”, “With All Faults”, “As Available” basis, with no warranties, express or implied, of any kind; (ii) any indemnity undertaking by Ouster in this Agreement herein shall not apply; and (iii) IN NO EVENT SHALL THE TOTAL AGGREGATE LIABILITY OF OUSTER, ITS AFFILIATES OR ITS THIRD PARTY SERVICE PROVIDERS, UNDER, OR OTHERWISE IN CONNECTION WITH, THIS AGREEMENT, EXCEED US$100. Ouster makes no promises that any Trial Services and/or Pre-Released Services will be made available to Customer and/or generally available.

4. RIGHT AND RESTRICTIONS

   4.1 Ownership. As between Ouster and Customer, Ouster or its licensors, as applicable, retain sole and exclusive ownership of all right, title and interest in and to the Offering and all Intellectual Property Rights relating thereto, including Usage Data. In addition, Ouster owns all rights in any copy, translation, modification, adaptation or derivative work of the Offering. All rights not expressly granted hereunder are reserved by Ouster and its licensors. Usage Data shall be subject to Ouster’s publicly-posted privacy policy and Privacy Law.

   4.2 Feedback. Customer may provide suggestions, feedback and other information to Ouster regarding possible improvements in the operation, functionality or use of the Offering (“Feedback”). Customer hereby grants to Ouster a perpetual, irrevocable, sublicensable right to use, copy, modify, create derivative works of and otherwise fully exploit the Feedback to improve the operation, functionality or use of Ouster’s existing and future offerings and commercializing such offerings, and Customer expressly waives any Intellectual Property Rights in the foregoing.

   4.3 No Implied License and Restrictions. Except as expressly provided herein, nothing in this Agreement is intended to grant any rights, license or ownership to either party, by implication, estoppel or otherwise, under any Intellectual Property Rights of the other party. Customer will not, and will not enable or assist any third-party to, attempt to reverse engineer (except as permitted by law), decompile, disassemble, or otherwise attempt to discover the source code, object code or underlying structure, ideas, or algorithms of Ouster products. Customer agrees that it will not itself, or through any third party: (i) use the Offering to provide services to third parties, commercial timesharing, rental or sharing arrangements, or otherwise use the Offering on a “service bureau” basis; (ii) modify, translate, or create derivative works based on the Offering; (iii) introduce any virus, worm, spyware or any other computer code, file or program that may or is intended to damage or hijack the operation of any hardware, software or telecommunications equipment, or any other aspect of Ouster products or services; (iv) scrape, spider, use a robot or other automated means of any kind to access the Offering; (v) use the Offering with any non-Ouster LiDAR products or data recorded

   from non-Ouster LiDAR products; (vi) attempt to create a substitute or similar service through use of, or access to, the Offering; (vii)

   use the Offering for competitive analysis, product benchmark or to build competitive products; (viii) remove or obscure any proprietary or other notices on the Offering, (ix) attempt to gain unauthorized access to the Offering, interfere with, or otherwise circumvent any security measures or mechanisms intended to limit Customer’s use within the Offering, (x) publicly disseminate information regarding the performance of any products or services on the Offering; or (xi) encourage or assist any third party to do any of the foregoing. Customer shall comply with all additional restrictions (if any) that are set forth in the Order Form.

   4.4 Approved Uses. Customer will use the Offering solely and exclusively in accordance with the terms and conditions of this Agreement and any applicable Documentation. Without limiting the foregoing, Customer will not, directly or indirectly: (i) use the Offering in violation of any applicable law, including, but not limited to, Privacy Law and Export Control and Sanctions Laws; (ii) use, sell, dispose of, or otherwise operate or transfer the Offering for any military operations or purposes of incarceration, excluding only those non-combat, non-weaponized products, applications, and uses by the militaries and incarceration institutions of the governments of Approved Countries; (iii) sell, provide, or otherwise dispose of any Offering on a standalone basis without Ouster’s prior written approval; or (iv) permit or assist any third party to do any of the foregoing. The foregoing restrictions are intended to protect the legitimate interests of Ouster and will apply only to the extent permitted by applicable law. For the purposes of this Agreement, the following are “Approved Countries”: Australia, Austria, Belgium, Bulgaria, Canada, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Iceland, Ireland, Italy, Japan, Latvia, Lithuania, Luxembourg, Malta, Netherlands, New Zealand, Norway, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Taiwan, United Kingdom, and the United States. The list of Approved Countries is subject to change upon written notification (email to suffice) by Ouster to Customer. By written request (email to suffice) to Customer, Ouster may require Customer to certify in writing its compliance with this Section.

5. CUSTOMER DATA

   5.1 Ownership Rights. As between the parties, Customer retains all right, title and interest (including any and all Intellectual Property Rights) in and to Customer Data and any modifications made thereto in the course of the operation of the Offering. Subject to the terms of this Agreement, Customer hereby grants to Ouster a non-exclusive, worldwide, royalty-free right to use, copy, store, transmit, modify, create derivative works of, and display (i) Customer Data solely to the extent necessary to provide the Offering to Customer, or to prevent or address service or technical problems under this Agreement, or as may be required by law; and (ii) Customer Data for any internal business purposes of Ouster provided that is transformed and maintained in anonymized and aggregated form such that it does not contain any personal data subject to Privacy Law (“Anonymized Data”).

   5.2 Use of Customer Data. Customer will ensure that its use of the Offering and all Customer Data is at all times compliant with this Agreement, Customer’s privacy policies, and all applicable laws and regulations and conventions including Privacy Law. Customer is solely responsible for the accuracy, content and legality of all Customer Data. Customer represents and warrants that Customer has sufficient rights in Customer Data, provided any required notices and received any required consents as necessary to grant the rights granted to Ouster hereunder and that Customer Data does not infringe or violate the intellectual property, publicity, privacy or other rights of any third party. Customer Data hosted or otherwise processed by Ouster shall be subject to the Data Processing Addendum (“DPA”) set forth in Exhibit A.

   5.3 Data Security. Ouster will implement and maintain administrative, physical, and technical safeguards for the protection of the security, confidentiality and integrity of, and prevention of any unauthorized use, access, processing, destruction, loss, alteration, or disclosure of, Customer Data, in accordance with applicable industry standards. Ouster will notify Customer immediately following discovery of any suspected breach or compromise of the security, confidentiality, or integrity of Customer Data. Written notification provided pursuant to this paragraph will include a brief summary of the available facts, the status of Ouster’s investigation, and if known and applicable, the potential number of persons affected by release of data relating to such person.

6. WARRANTY

   6.1 No Other Warranty. OUSTER DOES NOT REPRESENT THAT THE OFFERING WILL BE ERROR-FREE OR THAT THE OFFERING WILL MEET CUSTOMER’S OR USERS’ REQUIREMENTS OR THAT ALL ERRORS IN THE OFFERING WILL BE CORRECTED. NOTWITHSTANDING ANYTHING TO THE CONTRARY, THE FOREGOING WARRANTY DOES NOT APPLY, AND OUSTER STRICTLY DISCLAIMS ALL WARRANTIES, WITH RESPECT TO ANY THIRD-PARTY COMPONENTS, THIRD PARTY PRODUCTS OR APPLICATIONS. THE WARRANTIES STATED IN THIS SECTION ARE THE SOLE AND EXCLUSIVE WARRANTIES OFFERED BETWEEN THE PARTIES. THERE ARE NO OTHER WARRANTIES OR CONDITIONS, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION, THOSE OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

7. LIMITATION OF LIABILITY

IN NO EVENT WILL OUSTER BE LIABLE UNDER THIS AGREEMENT FOR: (I) THE COST OF PROCUREMENT OF SUBSTITUTE GOODS OR TECHNOLOGY, LOSS OF PROFITS, OR FOR ANY SPECIAL, CONSEQUENTIAL, INCIDENTAL, PUNITIVE OR INDIRECT DAMAGES ON ANY THEORY OF LIABILITY; OR (II) CUMULATIVE LIABILITY UNDER THIS AGREEMENT IN EXCESS OF THE AMOUNTS PAID BY CUSTOMER TO OUSTER FOR THE OFFERING AT ISSUE IN THE TWELVE (12) MONTHS PRECEDING THE FIRST EVENT GIVING RISE TO LIABILITY. THE FOREGOING LIMITATIONS APPLY IN CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY OR OTHERWISE AND EVEN IF IT HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH LOSS OR DAMAGES. The limitations of liability set forth in this Section will not apply to gross negligence or intentional misconduct, and any obligation where the applicable law does not allow the limitation(s) thereof.

8. TERM AND TERMINATION

   8.1 Term. This Agreement will commence upon the date Customer accesses or uses the Offering will remain in effect until otherwise terminated as set forth below.

   8.2 Termination of Agreement.

   1. Material Breach. A party may terminate this Agreement if the other party commits any material breach and does not remedy the breach within thirty (30) days after the date that it receives notice of the breach. Ouster may terminate this Agreement in the event Customer fails to make any payments for any products or services of Ouster when such payments are due.

   2. Insolvency. This Agreement may be terminated by either party immediately upon written notice to the other party, in the event the other party (i) makes an assignment for the benefit of creditors; (ii) files a voluntary bankruptcy petition; (iii) acquiesces to any involuntary bankruptcy petition; (iv) is adjudicated bankrupt; or (v) ceases to do business.

   3. Convenience. Ouster may terminate this Agreement for convenience by giving Customer thirty (30) day’s prior written notice.

   4. Effect of Termination. Upon termination for any reason, Customer shall cease all use of the Offering, and Customer will promptly at Ouster’s option either return or destroy all copies of the Offering and any related Documentation in Customer’s possession or control. Upon termination of an Offering, Ouster may delete any and all Customer Data related to the Offering, and Customer may no longer be able to access such Customer Data.

   8.3 Survival. Upon any expiration or earlier termination of this Agreement, all rights and duties of Ouster and Customer toward each other shall cease except:

   1. Customer will pay, within fifteen (15) days after the effective date of termination, all amounts owing to Ouster under this Agreement; and

   2. Sections 1, 3.3, 4, 6, 7, 8.4, 9 and 10, and any payment obligations hereunder, will survive any termination or expiration of this Agreement in accordance with their terms.

9. CONFIDENTIALITY

   9.1 Non-Use and Nondisclosure. Each party shall treat as confidential all Confidential Information of the other party, shall not use such Confidential Information except to exercise its rights and perform its obligations under this Agreement, and shall not disclose such Confidential Information to any employee or third party, except to those Users, employees, advisors or representatives of the recipient who are under a contractual or fiduciary duty of confidentiality similar in content to the provisions hereof and whom the recipient will remain responsible for hereunder (“Representatives”) and who are required to have access to such Confidential Information in order to perform the obligations under this Agreement. Without limiting the foregoing, each of the parties shall use at least the same degree of care it uses to prevent the disclosure of its own confidential information of like importance, which care shall be no less than reasonable care, to prevent the disclosure of Confidential Information of the other party.

   9.2 Exceptions. The receiving party may disclose Confidential Information of the disclosing party if so required pursuant to a regulation, law, subpoena, or court order (collectively, “Compelled Disclosures”), provided the receiving party gives the disclosing party notice of a Compelled Disclosure (to the extent legally permitted). The receiving party will provide reasonable cooperation to the disclosing party in connection with a Compelled Disclosure at the disclosing party’s sole expense.

10. GENERAL

    10.1 Governing Law; Dispute Resolution.

    1. Applicable Law. This Agreement shall be governed by the laws of the State of California, without regard to the conflicts of law provisions of any jurisdiction.

    2. Disputes. All disputes arising directly under the express terms of this Agreement or the grounds for termination thereof shall be resolved as follows: the parties’ respective senior executives (which will be any employee of Vice President level or above) will diligently work in good faith to resolve the dispute. In the event the senior executives are unable to resolve the dispute, a party may make a written demand for formal dispute resolution and specify therein the scope of the dispute. Within thirty (30) days after such written notification, the parties agree to meet for one (1) day with an impartial mediator. If after the one (1) day mediation, the parties are still unable to resolve the dispute, any party may begin arbitration proceedings in accordance to Section 15.1(c).

    3. Arbitration. The parties consent that any dispute or claim relating in any way to this Agreement will be resolved by binding arbitration as described in this paragraph, rather than in court. Any arbitration will be conducted in San Francisco, California, before one arbitrator, and shall be administered by JAMS pursuant to JAMS’ Streamlined Arbitration Rules and Procedures. EXCEPT AS PROVIDED BY THIS AGREEMENT, ARBITRATION SHALL BE THE SOLE, EXCLUSIVE, AND FINAL REMEDY FOR ANY DISPUTE AMONG THE PARTIES. ACCORDINGLY, AND NO PARTY WILL BE PERMITTED TO PURSUE COURT ACTION REGARDING CLAIMS THAT ARE SUBJECT TO ARBITRATION.

    4. Court Action. Nothing contained in this Agreement shall deny either party the right to seek injunctive or other equitable relief from a court of competent jurisdiction: (i) in the context of a bona fide emergency or prospective irreparable harm to preserve the status quo pending resolution of a dispute between the parties and (ii) where a party alleges or claims a violation of any agreement regarding Intellectual Property Rights, Confidential Information or noninterference. Such an action may be filed and maintained notwithstanding any ongoing discussions between the parties or any ongoing arbitration proceeding. The parties hereby irrevocably agree to the exclusive jurisdiction of the state and federal courts located in San Francisco, California for any court actions included in this Section, the entry of the arbitrators judgment following arbitral resolution in Section 15.1(c), and any action which is prohibited from being arbitrated.

    10.2 Assignment. Neither this Agreement nor any rights or obligations under this Agreement may be assigned or otherwise transferred by either party without the prior written consent of the other party; provided, however, that either party may assign its rights and obligations hereunder to its affiliate or to a successor-in-interest in the event of a merger, reorganization or sale of all or substantially all of the assets or business of such party. This Agreement shall be binding upon and inure to the benefit of the parties hereto and their respective successors and permitted assigns.

    10.3 Independent Contractors. The relationship between the parties to this Agreement is and shall be that of independent contractors. It is expressly agreed that nothing in this Agreement shall be construed to create or imply a partnership, joint venture, agency relationship or contract of employment.

    10.4 Force Majeure. Nonperformance of either party, except for the making of payments, shall be excused to the extent that performance is rendered impossible by strike, fire, flood, earthquake, governmental acts or orders or restrictions, cyber-attacks, information security and data breaches caused by third parties, failure of cloud services, failure of suppliers, or any other reason where failure to perform is beyond the reasonable control of such party.

    10.5 Entire Agreement; Amendment. This Agreement constitutes the entire agreement between the parties regarding the subject matter hereof. All prior or contemporaneous agreements, proposals, understandings and communications between the parties regarding the subject matter hereof, whether oral or written, are superseded by and merged into this Agreement. Neither this Agreement nor any Attachments hereto may be modified or amended except by a written instrument executed by both parties.

    10.6 Export Compliance. Customer agrees to comply fully with all laws and regulations of the United States and other countries governing the import or export of products or technology to any individual or entity who is the subject of or target of any law or order related to (i) export controls, including the U.S. Export Administration Regulations and the International Traffic in Arms Regulations, or (ii) economic sanctions, including those administered by the U.S. Department of the Treasury’s Office of Foreign Assets Control and the U.S. Department of State (“Export Control and Sanctions Laws”). Customer shall assure that the Ouster’s products are not: (a) exported, directly or indirectly, in violation of Export Control and Sanctions Laws, to any individual or entity (1) listed on any Export Control and Sanctions Law-related list of designated individuals or entities maintained by any government, (2) located, organized, or resident in a country or territory that is the subject of or target of any Export Control and Sanctions Laws (“Sanctioned Country”), or (3) owned, directly or indirectly, by such individuals or entities in clauses (1) or (2) (“Sanctioned Person”); or (b) intended to be used for any purpose prohibited by Export Control and Sanctions Laws, including nuclear, chemical, or biological weapons proliferation. Notwithstanding anything to the contrary contained herein, all obligations of Ouster and Customer are subject to obtaining all necessary approvals required by the applicable agencies of the governments of the United States and foreign jurisdictions. The parties will cooperate with each other and will provide reasonable assistance to the other to obtain any required approvals.

    10.7 Severability. If any term, condition, or provision in this Agreement is found to be invalid, unlawful or unenforceable to any extent, the invalid, unlawful or unenforceable term, condition or provision shall be severed from the remaining terms, conditions and provisions, which shall continue to be valid and enforceable to the fullest extent permitted by law.

    10.8 Notices. All notices, consents and other communications hereunder shall be provided in writing and shall be delivered personally, by registered or certified mail (return receipt requested) or by email or similar method of communication, to the parties at the addresses set forth on an order form or in a User account (or such other address as may have been furnished by or on behalf of such party by like notice); provided that, for any notices sent to Ouster, a copy of the notice will be sent to legal@ouster.io. Communications sent by email shall be deemed effectively delivered upon dispatch. Communications sent by registered or certified mail shall be deemed effectively delivered three (3) calendar days after mailing.

    10.9 Waiver. Any waiver of the provisions of this Agreement or of a party’s rights or remedies under this Agreement must be in writing to be effective. Failure, neglect, or delay by a party to enforce the provisions of this Agreement or its rights or remedies at any time shall not be deemed to be a waiver of such party’s rights under this Agreement and shall not prejudice such party’s right to take subsequent action.

    10.10 Headings. The article, section and subsection headings used in this Agreement are intended for reference purposes only and shall not affect the interpretation or construction of any provision of this Agreement.

EXHIBIT A: Data Processing Addendum

To the extent Customer Data hosted or otherwise processed by Ouster in connection with the Offering (e.g., cloud services) contains personal data subject to Privacy Law, this Data Processing Addendum (DPA) forms part of the accompanying Agreement between Customer and Ouster. Capitalized terms herein will have the meaning given to them in this DPA or the Agreement, and otherwise as defined by Privacy Law (including with respect to similar nomenclature).

1. Relationship of the Parties. The Parties acknowledge and agree that with regard to the processing of Customer Data, Customer may act either as a controller or processor and Ouster is a processor. Customer appoints Ouster as a processor to process Customer Data (i) in accordance with Customer’s instructions as set forth in the Agreement and this DPA and as otherwise necessary to provide the Offering to Customer, (ii) as necessary to comply with applicable laws including Privacy Law, and (iii) additional instructions as otherwise agreed-upon in writing by the Parties, including any additional fees for fulfilling additional instructions. Customer represents that its instructions will comply with Privacy Law, and acknowledges that Ouster is neither responsible for determining which laws are applicable to Customer’s business nor whether Ouster’s provision of the Offering meet or will meet the requirements of such applicable laws. Ouster will inform Customer if it reasonably believes that any Customer instructions violate applicable laws including Privacy Law.

2. Third Party Requests. In the event any third party request is made directly to Ouster in connection with Customer Data, Ouster will promptly inform Customer to the extent legally permitted. Ouster will not respond to any such request without Customer’s prior consent, except as legally required.

3. Ouster Affiliates and Personnel. Ouster will ensure that any affiliates or employees it authorizes to process Customer Data are subject to non-disclosure and confidentiality obligations consistent with Ouster’s confidentiality obligations in the Agreement and this DPA.

4. Authorization for Onward Sub-processing. Customer provides a general authorization for Ouster to engage onward sub-processors that is conditioned on the following requirements: (A) Ouster will restrict the onward sub-processor’s access to Customer Data only to what is strictly necessary to provide the Offering, and Ouster will prohibit the sub-processor from processing the personal data for any other purpose; (B) Ouster agrees to impose contractual data protection obligations, including appropriate technical and organizational measures to protect personal data, on any sub-processor it appoints that requires such sub-processor to protect Customer Data as required by Privacy Law; and (C) Ouster will remain liable for any breach of this DPA that is caused by an act, error, or omission of its sub-processors as if such breach is attributable to Ouster itself, subject to the terms on liability and indemnity under the Agreement.

5. Notifications Regarding Sub-processors. Customer consents to Ouster engaging third party sub-processors to process Customer Data within the Offering as provided herein, provided that Ouster notify Customer of new sub-processors (including via email). Ouster will provide such notice no less than thirty (30) days prior to the addition of any sub-processor (the “Notice Period”). Customer may object to the addition of a sub-processor during the Notice Period, provided such objection is in writing and based on reasonable grounds relating to data protection. In such event, the Parties agree to discuss the objection in good faith, and if the Parties cannot reach a resolution within thirty (30) days of Customer’s written objection, Customer may discontinue use of the affected Offering by providing written notice to Ouster, without prejudice to any fees incurred by Customer prior to discontinuation of the affected Offering. If no objection is received during the Notice Period, the Customer is deemed to have authorized the new sub-processor.

6. Data Subject Rights. Ouster will endeavor to provide Customer with means to delete, obtain a copy of, or restrict use of Customer Data. Customer may use this functionality to comply with Privacy Law in response to data subject requests. To the extent Customer is unable to fulfill a data subject request accordingly, Ouster will, upon request, provide reasonable additional and timely assistance to assist Customer in complying with Privacy Law in response to the data subject request.

7. Impact Assessments and Audits. Ouster will provide reasonable cooperation to Customer in connection with any data protection impact assessment or similar undertaking (at Customer’s expense only if such reasonable cooperation will require Ouster to assign significant resources to that effort) or cooperation with regulatory authorities that may be required under Privacy Law.

8. Deletion of Customer Data. Ouster will delete or return to Customer any Customer Data stored upon request, subject to any legal retention obligations. Ouster may delete all Customer Data upon expiration or termination of the Agreement and/or this DPA, unless otherwise agreed-upon in writing. Customer Data stored in backup and disaster recovery repositories may be retained for a longer duration provided that it remains subject to this DPA until deleted.

9. Security. Ouster has implemented and will maintain technical and organizational security measures as set forth in the Agreement and this DPA. Ouster will share more detailed descriptions of such security measures with Customer from time-to-time.

10. Cross Border Data Transfers. To the extent Customer’s use of the Offering requires an onward transfer mechanism to lawfully transfer personal data from one jurisdiction to another, the following shall apply:

    1. Transfer Mechanism: The transfer of personal data will be subject to a single transfer mechanism in accordance with the following order of precedence:

       1. One-Time Transfers. The Parties may expressly agree in writing (including via email) that a specified one-time transfer of personal data will be subject to a designated transfer mechanism (e.g., consent or another derogation);

       2. EU Standard Contractual Clauses. The Parties agree that the Standard Contractual Clauses approved by the European Commission in decision 2021/914 and as amended or replaced thereafter (“EU SCCs”) will apply to personal data that is transferred via the Offering from the EEA/EU or Switzerland, either directly or via onward transfer, to any country or recipient outside the EEA that is: (a) not recognized by the European Commission (or, in the case of transfers from Switzerland, the competent authority for Switzerland) as providing an adequate level of protection for personal data. For data transfers from the EEA that are subject to the EU SCCs:

          1. In Clause 7 of the EU SCCs, the optional docking clause may be exercised by Customer’s legal affiliates; In Clause 9 of the EU SCCs, Option 2 will apply and the time period for prior written notice of sub-processor changes will be as set forth in this DPA; In Clause 11 of the EU SCCs, the optional language will not apply; In Clause 17 (Option 1), the EU SCCs will be governed by Irish law; In Clause 18(b) of the EU SCCs, disputes will be resolved before the courts of Ireland.

          2. In Annex I, Part A of the EU SCCs: Customer is the data exporter, and its contact is identified on an order form or User account. By entering into the Agreement, data exporter is deemed to have signed these EU SCCs incorporated herein, including their Annexes, as of the effective date of the Agreement. Ouster is the data importer, and its contact is identified on order form or User account. By entering into the Agreement, data importer is deemed to have signed these EU SCCs incorporated herein, including their Annexes, as of the effective date of the Agreement.

          3. In Annex I, Part B of the EU SCCs: The categories of data subjects are individuals captured in a recording or other form of data processed by Ouster as Customer Data on behalf of Customer; no sensitive data is anticipated to be processed by Ouster hereunder; the frequency of the transfer is a continuous basis for the duration of the Agreement; the nature and purpose of the processing is to provide the Offering for Customer as contemplated in order form or User account; the period for which the personal data will be retained is primarily the duration of the Agreement. For transfers to sub-processors, the subject matter, nature, and duration of the processing will be included in the list of its sub-processors referenced in, and made available pursuant to, the DPA.

          4. In Annex I, Part C of the EU SCCs: The Irish Data Protection Commission will be the competent supervisory authority unless otherwise agreed upon by the parties in writing. Security Measures in support of Annex II of the EU SCCs are described in the Agreement and DPA, and will be supplemented upon Customer’s request.

       3. UK International Data Transfer Addendum. The Parties agree that the EU SCCs supplemented by the International Data Transfer Addendum to the EU Commission Standard Contractual Clauses issued by the UK Information Commissioner, Version B1.0, in force 21 March 2022 and as amended or replaced thereafter (“UK IDTA”) will apply to personal data that is transferred via the Offering from the UK, either directly or via onward transfer, to any country or recipient outside of the UK that is not recognized by the competent UK regulatory authority or governmental body for the UK as providing an adequate level of protection for personal data. For data transfers from the UK that are subject to the UK IDTA, the UK IDTA is hereby entered into, incorporated by reference in this DPA, and completed as follows:

       1. In Table 1 of the UK IDTA, the Parties’ details and key contact information is located in order form or User account.

       2. In Table 2 of the UK IDTA, information about the version of the approved EU SCCs is provided herein.

       3. In Table 3 of the UK IDTA: The list of Parties is located in order form or User account; the description of the transfer is set forth in regard to the EU SCCs above; Security Measures in support of Annex II of the EU SCCs are described in the Agreement and DPA, and will be supplemented upon Customer’s request; The list of sub-processors is referenced in, and made available pursuant to, the DPA.

       4. In Table 4 of the UK IDTA, both the importer and the exporter may end the UK IDTA in accordance with the terms of the UK IDTA.

       4. Transfers From Other Jurisdictions. Except as otherwise addressed under the DPA, any jurisdiction requiring a transfer mechanism not otherwise provided for under this DPA or the Agreement will be subject to EU SCCs as provided above.

11. Conflicts. To the extent there is any conflict or inconsistency between the (i) EU SCCs or UK IDTA and (ii) any other terms in the Agreement or this DPA, the provisions of the EU SCCs or UK IDTA, as applicable, will prevail. Notwithstanding the foregoing, any liability or indemnity claims brought in connection with this DPA (with the EU SCCs and UK IDTA) will be subject to the limitations of liability and other liability and indemnity terms and disclaimers set forth in the Agreement except to the extent prohibited by applicable law.