Previous version: November 18, 2018
1. Agreement with mod.io
1.2. "The Services" means the services that mod.io Pty Ltd, 164 Kings Way; AU 3205 South Melbourne, Australia (ACN 628 999 039) (and its Associates, as defined by the Corporations Act 2001) (we, us, our, mod.io) operates and makes available to game developers (Developers, you) to integrate within your game through the mod.io website, API, the SDK, source code, official engine plugins and tools and any related services.
1.4. These Developer Terms are incorporated into all agreements for the Developer's use of the Services. These Developer Terms supersede all prior understandings, arrangements and agreements relating to such use. If there is any inconsistency between these Developer Terms and any other communication from mod.io, these Developer Terms prevail unless mod.io specifies otherwise in writing.
1.5. You agree that the mod.io Payment and Revenue Sharing Terms found at https://mod.io/payments (Payment Terms) and the Acceptable Use Policy found at https://mod.io/aup (Acceptable Use Policy) are incorporated into these Developer Terms and by agreeing to be bound by these Developer Terms, you agree to be bound by the Payment Terms and Acceptable Use Policy.
1.6. Any breach of the Payment Terms or Acceptable Use Policy is a breach of these Developer Terms.
1.7. You agree that your use of the Services is not contingent or reliant upon the delivery of any future functionality or features or any representations that mod.io may have made for potential future features or functionality of the Services.
1.8. Nothing in these Developer Terms creates a partnership, joint venture, agent, or employment relationship. mod.io is an independent contractor of the Developer.
2. Grant of Licence
2.1. mod.io grants you a worldwide, non-exclusive, non-transferrable, non-sublicensable licence to access, use, and integrate the Services and associated functionality within your game (Licence) subject to you complying with these Developer Terms.
2.2. The Licence shall be continuous until terminated in accordance with these Developer Terms.
2.3. mod.io grants you a worldwide, non-exclusive, non-transferrable, non-sublicensable licence to use the mod.io name and logo for the sole purpose of advertising or publicising your use of the Services as required by these Developer Terms.
2.4. You acknowledge and agree that nothing in these Developer Terms is intended to transfer any rights of ownership in the Services.
2.5. Some components of the Services are governed by separate open source licences. If any open source licence for a component of the Services conflicts with these Developer Terms, the open source licence shall prevail to the extent of such inconsistency, but only to the extent that (i) the open source software license expressly supersede these Developer Terms and (ii) mod.io has informed the Developer of any terms and conditions from any open source software licenses superseding these Developer Terms.
3. Your Developer Account
3.1. To access and use the Services, you must register as a user of mod.io and create a developer account (Developer Account).
3.2. You can access and use the Services through your Developer Account in connection with any game (and related source code) owned, written, published or otherwise distributed by you (Game).
3.4. You are solely responsible for all activities that relate to and occurs on your Developer Account.
3.5. You must keep your Access Information secure and protect it from unauthorised access or use and agree not to disclose this authentication method to any third party.
3.6. You must notify us immediately if you are aware of or suspect any breach of security or unauthorized use of your Developer Account.
4. Use of the mod.io Services
4.1. You agree to only use the Services to develop and run Games that are linked to your Developer Account.
4.2. Each Game that you link to your Developer Account will have an online control panel (Control Panel). You are authorised to set up and link administration accounts for you for use and access by any authorised representative, employee, officer, or agent of your choice who you nominate as an administrator for that Game.
4.3. You agree to include mod.io's branding at all times in any Game that you have linked to your Developer Account such as on your Game's mod browsing screen. You agree to not whitewash the Services or represent the Services as your own or owned by any third party other than mod.io. The mod.io branding materials can be accessed at https://mod.io/about. mod.io grants you a worldwide non-transferrable, non-sublicensable, royalty free licence to use its branding material for the purposes of complying with this clause 4.3.
4.4. Your Game may be subject to usage limits. Any usage limits that apply to your Game are set out at https://docs.mod.io/#rate-limiting and in your Control Panel as amended from time to time at mod.io's sole discretion. mod.io will inform you of any amendment of these usage limited before they are applicable. mod.io is entitled to enforce these usage limits, which may result in mod.io denying the Services to you or your End Users. Repeated exceeding of the usage limits may lead to termination of your Developer Account and access to the Services for your Game.
4.5. Where an End User has created, posted or acquired any User Generated Content available for your Game through the Services, you agree to provide reasonable support services to the End User directly. Such support services shall include (without limitation) responding to general End User queries, and diagnostic and correctional services for technical issues encountered by End Users in using the User Generated Content.
4.6. Unless mod.io otherwise agrees in writing, you must not access or attempt to access the administrative interface of the Services by any means other than through the Website or the API that is provided to you by mod.io in connection with your Developer Account.
4.7. You warrant and agree that your use of the Services and agreement with these Developer Terms will:
- not conflict with or violate any law or constitute any breach of contractual obligation that applies to you; and
- comply with all applicable laws, regulations, rules or ordinances including any law that relates to the export or transferring of data or software.
5. User Accounts
5.2. You agree that:
- You will comply with all applicable laws relating to the privacy of End Users;
- You will protect the privacy and legal rights of the End Users of your Game;
- You will provide privacy notices to End Users that are legally compliant with all applicable laws including Data Protection Laws;
- If there is a situation where End User Information is considered Personal Data and mod.io may be considered a Processor of that Personal Data, then clause 9.7 applies.
6. User Generated Content
6.1. You acknowledge and agree that:
- Your End Users are responsible for all User Generated Content that they create, transmit or display through the Services.
- You control the manner in which the User Generated Content can be moderated and be made available to your End Users through the Services. You can manage your End Users' access to and moderation of the User Generated Content in your Game's Control Panel.
6.2. mod.io provides an interface via the API at https://docs.mod.io/#reports and Website available at https://mod.io/report, for End Users to report User Generated Content. You agree to support these interfaces and that you are responsible for responding to any notices of alleged infringement for or to your Game or any User Generated Content, including notices that comply with the United States' Digital Millennium Copyright Act.
6.3. You can use your Control Panel to respond to such notices and to take down any infringing materials. You indemnify mod.io from and against all losses and claims arising from your failure to properly respond to any notices of alleged infringement, provided that such failure is entirely due to you.
6.4. mod.io will comply with any substantial claim of Intellectual Property Right infringement raised by any third party against any content and User Generated Content that you or your End Users upload through the Services, including any DMCA Takedown Notice or other applicable copyright notices. mod.io may terminate the User Accounts of repeat infringers.
6.5. mod.io reserves the right to take down User Generated Content or, if necessary, the Game itself upon receipt of a valid DMCA notice. If mod.io intends to take down your Game, we will give prior notice to you. Subject to compliance by mod.io with the provisions to the present clause, you agree to release mod.io from and against any claims or Loss that you may suffer from such take down.
7. mod.io marketplace
7.1. The Services enable End Users to use, access and sell or trade (if applicable) User Generated Content.
7.3. You may set the fee payable for a UGC Subscription or UGC Sale or enable the End User to do so. End Users control the fee payable for a UGC Trade or Sponsorship.
7.4. You agree and acknowledge that mod.io sets and charges a commission fee on all transactions in the mod.io marketplace (Commission Fee).
7.5. All payments on the Services are governed by our Payment Terms.
7.6. If You are unable to use any of the Payment Processors described in the Payment Terms, and You use a store provided in-app purchase flow or any other payment method that results in You collecting the proceeds arising from any UGC Subscription, UGC Sale, UGC Trade or Sponsorship (Direct Fees), then you acknowledge and agree that:
- You will be required to remit any payments to mod.io, less the share you are entitled to as set out in the Payment Terms and Control Panel;
- mod.io will have a record of all Direct Fees that relate to your Game that occurs through the Services;
- mod.io will invoice you at the beginning of each calendar month for you to pay to it all proceeds arising from the Direct Fees except for the share that you are entitled to (Transactions Invoice). This includes without limitation, the Commission Fee, Revenue Share, Royalty Fee or Sponsorship (as defined in the Payment Terms) owed to mod.io and the End User;
- You agree that you will pay the Transaction Invoice within 10 Business Days from the date that the Transaction Invoice is sent to you;
- When you pay the Transaction Invoice, mod.io will collect the Commission Fee that it is entitled to and agrees to publish on the Control Panel of the relevant End User, all proceeds arising from the Transactions Invoice that they may be entitled to under the Payment Terms;
- If you fail to pay the Transaction Invoice in accordance with clause 7.6 (d) then mod.io can suspend or cancel Your Developer User Account and Game until You pay the Transaction Invoice;
- All End Users entitlements to any payment arising from a transaction is contingent on You paying the Transaction Invoice to mod.io; and
- You agree to indemnify mod.io against any claims arising from Your failure to pay the Transaction Invoice including any claims from any End Users that may be entitled to proceeds under the Payment Terms.
7.7. If you authorise UGC Subscriptions, UGC Sales, UGC Trades or Sponsorships for User Generated Content for your Game, you are solely responsible to provide support services to End Users.
7.8. mod.io makes no representations or warranties in relation to any UGC Subscriptions, UGC Sales, UGC Trades and Sponsorships and you agree that any participation in any UGC Subscriptions, UGC Sales, UGC Trades and Sponsorships are solely the responsibility of you or the relevant End User.
7.9. You may cease authorising UGC Subscriptions, UGC Sales, UGC Trades and Sponsorships for your Game in the marketplace at any time.
8. Game Data
8.1. By submitting, posting or displaying your Game on or through the mod.io Services, you grant to mod.io a worldwide, royalty-free, and non-exclusive license to reproduce, adapt, modify, translate, publish, publicly perform, publicly display and distribute such Game and content to allow mod.io to provide the Services.
8.2. mod.io will collect User Generated Content and game data associated with your Game from you and your End Users in connection with the Services (Game Data). Game Data includes logos, text, sound, video, images, files, icons, screenshots, names, descriptions and tags, sales or downloads of your Game and User Generated Content associated with your Game through the Services.
8.3. You acknowledge that the mod.io API is open to third parties and agree that any Game or Game Data you upload will be publicly accessible by any End User or user of the Services.
8.4. You agree to ensure that your End Users are aware that mod.io will have access to Game Data and User Generated Content.
8.5. mod.io is permitted to use the Game Data for the purpose of providing, generating insights, improving, and adding new functionality or features to the Services.
8.6. Game Data may be transferred to, and stored and processed in the United States, Australia and in any other country that mod.io operates in. You appoint mod.io to transfer and store Game Data for the purposes of providing the Services.
8.7. You agree that you are responsible for (and that mod.io has no responsibility to you or to any third party) your Game, Game Data and any related data that you create, transmit or display while using the Services, except for the storage of Game Data which remains the responsibility of mod.io.
9. Personal Data and Data Protection
9.1. mod.io is the independent Controller of any Personal Data collected through its API and Website.
9.2. You are the independent Controller of any Personal Data that you collect that allows End Users to access mod.io in-game and to allow mod.io to work within your Game.
9.3. You agree that nothing in these Developer Terms creates a joint Controller relationship. You and mod.io agree to comply with, and are independently and severally liable and responsible for complying with, all obligations that apply to independent Controllers under applicable Data Protection Laws for any and all Personal Data that it collects or Processes in accordance with these Terms. You agree to comply with the following:
- ensuring that there is a lawful basis to collect and process Personal Data, especially regarding the provision of the Services;
- collecting the necessary consents from End Users about collecting, disclosing, processing, sharing and storing their Personal Data;
- complying with any privacy notices;
- not processing Personal Data or instructing the Processing of Personal Data in such a way that substantial distress is, or is likely to be, caused to any End Users;
- complying with all storage, disclosure and destruction requirements for all Personal Data collected, disclosed, processed or stored; and
- providing reasonable assistance as may be required for the Processor (if applicable) to ensure compliance with its obligations under Data Protection Laws.
9.4. You acknowledge and agree that mod.io shares and stores data including Personal Data collected to third party service providers located the United States of America for the provision of the Services. You agree to the standard contractual clauses in Annex 1 for all Personal Data to which the GDPR applies.
9.5. Both you and mod.io agree to implement reasonable and appropriate technical, physical and organizational security measures to protect Personal Data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access, and against all other forms of unlawful processing including, but not limited to, unnecessary collection or further processing. You may request from mod.io their description of these appropriate technical, physical and organizational security measures.
9.7. If there is a situation where clause 5.2(e) applies and you share data that is considered Personal Data with mod.io and mod.io is considered a Processor of that Personal Data, in addition to the other terms in this clause 9, you and mod.io agree that the following provisions comprise the data processing agreement:
- mod.io is authorised to process on your behalf the End User Information that is considered Personal Data for the performance of the Services for the purposes set out below and for the duration of these Developer Terms:
- to allow End Users to register, access and use a mod.io account;
- to allow End Users to create, share and access User Generated Content;
- to allow End Users to subscribe, rate, report and comment on User Generated Content;
- to allow the mod.io website, API, SDK, official engine plugins and tools to work so the Services can be provided to End Users;
- to notify End Users about activity relevant to them and make content recommendations;
- to identify and facilitate End Users messaging other End Users;
- to identify End Users' User Generated Content to support moderation of content, comply with copyright regulations and enforce User Terms.
- mod.io will comply with its obligations as a Processor as set out in the GDPR and will only process the Personal Data for the Permitted Purpose and strictly based on your documented instruction, as described;
- mod.io will inform you if, in mod.io's opinion, an instruction pursuant to subsection (b) infringes Data Protection Laws.
- mod.io will ensure that its affiliates, officers, directors, agents and employees authorized to Process Personal Data have committed to keeping the Personal Data confidential;
- both parties will assist each other with their compliance obligations as a Controller and Processor as set out in the GDPR (including the data subject rights) and provide each other with any necessary documentation;
- mod.io will not provide the Personal Data to government agencies, organisations or anyone else unless:
- mod.io has notified you and you consent to mod.io to providing such information;
- the provision of such information is required or authorized by law; and
- the provision of such information will prevent or obviate a serious and imminent threat to a person's life or health;
- mod.io will seek your consent, that must not be unreasonably withheld, if it changes its service providers in the future;
- mod.io ensures that service providers meet the same data protection obligations as set out in these Developer Terms and takes reasonable steps to ensure they are compliant with the relevant Data Protection Laws;
- mod.io will implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including (i) the pseudonymisation and encryption of personal data (if technically possible) (ii) the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services; (iii) the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident; (iv) a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing;
- mod.io will notify you of any personal data breach no later than 24 hours of becoming aware it; and
- mod.io will, at your choice, delete or return all Personal Data and existing copies to you after the end of the provision of the Services relating to processing, unless mod.io is required by law to store the Personal Data further.
9.8. You and mod.io agree that neither party will disclose or make available Personal Data to each other, other than as required under these Developer Terms or as agreed in writing.
9.9. mod.io shall take all reasonable steps to ensure that all Personal Data and Personal Information is treated and handled in accordance with the Privacy Act, or if applicable the GDPR and other applicable Data Protection Laws.
9.10. Notwithstanding anything else in this Agreement, mod.io shall not be responsible or liable for any Loss arising out of or in relation to any loss, destruction, alteration or disclosure of any data, other than under the applicable Data Protection Laws.
10. Maintenance, Updates and 3rd Party Tools
10.1. We are continually innovating to provide the best possible Services for Developers. You agree that mod.io may change the form and nature of the Services at any time. When making such changes mod.io will take steps to minimise any changes to the functionality or API that would adversely impact your Games.
10.3. When making such changes, mod.io will create a new version of the API and use commercially reasonable efforts to continue to support the old version of the API for at least 90 days, unless it is not commercially or legally viable for mod.io to do so.
10.4. You acknowledge and agree that mod.io may make changes and terminate support for old versions of the Services due to security issues, updates to laws, or issues impacting system performance, without advance notice.
10.5. You agree that mod.io may undertake maintenance of the Services at any time and that during time, some or all of the functionality of the Services may be compromised or unavailable.
10.6. mod.io may provide updates the Services from time to time to enhance or improve the quality, functionality or operation of the Services (Update) and may require you to accept the Updates. Your ability to access or use the Services may be adversely impacted if you fail to accept the Updates.
10.7. The Services may include additional features, functionality and services (Tools) made by mod.io's third-party partners (Tool Provider). Your use of Tools is subject to these Developer Terms.
10.8. You agree that the Tool Provider is solely responsible for its Tools and for any claims that you or any of your End Users may have relating to that Tool.
10.9. If you or any of your End Users purchase any Tools from a Tool Provider through the Services, you acknowledge that:
- mod.io does not act as the agent for any Tool Provider;
- mod.io is not a party to any license between you, any End Users and a Tool Provider for a Tool; and
- mod.io is not responsible for any Tool or any claims that you or any End Users may have relating to that Tool.
10.10. By acquiring a Tool, you grant mod.io permission to share your Game, Game Data, and Your Information with the Tool Provider as necessary in order to provide you with the Tool.
11. Accessibility and Hosting
11.1. You acknowledge and agree that the Services are hosted on cloud servers operated by a third party, and hardware operated by mod.io.
11.2. mod.io will endeavour to provide the Services to you with due care and skill but does not warrant that the Services will be provided without defect or disruption.
11.3. You agree and acknowledge that:
- your access to or use of the Services may be suspended due to Force Majeure for the duration of the Force Majeure event;
- the Services may be unavailable due to unplanned interruptions resulting from hardware, software and/or internet failures that mod.io has no responsibility for;
- You will maintain all necessary hardware and third-party software licences necessary for you to be able to access the Services; and
- mod.io will not be in breach of the obligation to provide the Services and will not be liable for any Loss arising in connection with any lack of accessibility, availability or failure, defect, interruption or limitation of the Services.
12. Statutory Conditions and Warranty
12.1. Provision of the Services may come with guarantees that cannot be excluded under the Australian Consumer Law. Nothing in these Developer Terms purports to modify or exclude the conditions, warranties, guarantees and undertakings, and other legal rights, under the Australian Consumer Law and other laws which cannot be modified or excluded.
12.2. Where any law implies a warranty into this agreement which may not be lawfully excluded (Warranty) then to the extent allowed by law, any liability imposed upon mod.io for a breach of Warranty will at your option be limited to:
- the resupply of services, or
- the refund of the price you paid for the Services.
12.3. To the extent permitted by law, the following are not covered by Warranty:
- failure or defect resulting from your improper care or use;
- your faulty or incorrect use of the Services; and
- any modification or alteration of the Services mod.io does not conduct or authorize.
13. Indemnity and Limitation of Liability
13.1. You will at all times indemnify and keep mod.io and its directors, officers, employees and agents indemnified, from and against any Loss (including reasonable legal costs and expenses on a full indemnity basis) or liability that you, your End Users or mod.io incurs or suffers arising from any claim, demand, suit, action or proceeding by any person against you or against mod.io where such loss or liability arose out of, in connection with your use of the Services, or your or your End User's breach of these Developer Terms, including any costs of enforcement.
13.2. You will indemnify mod.io against any claims made that relates to your Game, Game Data, your End Users User Generated Content or services you provide, directly or indirectly, in using the Services, including in relation to an infringement of a third party's Intellectual Property Rights.
13.3. Each party acknowledges and agrees that:
- except for any claim arising under clauses 15 and 16, to the maximum extent permitted by law, mod.io will not be liable to any party or any other person under any circumstances for any indirect, incidental or consequential damages sustained or incurred by the other party whether such liability arises directly or indirectly as a result of the supply, performance, payment or use of the Services;
- mod.io's aggregate liability to you for any loss suffered in connection with the Services is capped at $5,000;
- no other term, condition, agreement, warranty, representation or understanding (whether express or implied) in any way binding upon mod.io, other than these Developer Terms, is made or given by or on behalf of mod.io; and
- You are solely responsible for making an assessment that the Services are reasonably fit for your intended purpose and required use, and such purpose or required use is in accordance with all applicable laws.
13.4. mod.io excludes all liability to you, any End User or anyone else for loss or damage of any kind (however caused or arising) relating in any way to the Services including, but not limited to, loss or damage You might suffer as a result of your use of the Services.
14. Suspension and Termination
14.2. Unless you have entered into a separate agreement or alternative terms with mod.io that does not permit termination for a fixed period of time, you may terminate the Licence at any time by cancelling your Developer Account.
14.3. You are solely responsible for exporting your Game Data, Games and your End Users User Generated Content from the Services prior to termination of your account for any reason. If mod.io terminates your Developer Account, it will provide you a reasonable opportunity to retrieve your Game Data, Games and your End Users User Generated Content.
14.4. If the Licence is terminated for any reason, then, in addition and without prejudice to any other rights or remedies available:
- Your right to use the Services immediately ceases and all licences granted under these Developer Terms immediately terminate;
- We will immediately stop your access to the Services;
- the Developer must deliver to mod.io any adaptations or versions created by the Developer whether authorised by mod.io or not, of any code, media, content, documents or anything constituting or containing mod.io's Intellectual Property Rights or any other thing provided to the Developer under these Developer Terms, in your possession, custody or control, which does not constitute or contain your Intellectual Property Rights or Confidential Information.
14.5. Termination will not affect the parties accrued rights and obligations prior to the date of termination.
14.6. Upon any termination of the mod.io Services or your Developer Account, these Developer Terms will also terminate, however sections 12, 13, 14, 15 and 16 and 18 shall continue to be effective after these Developer Terms are terminated.
15.1. The parties agree to:
- keep confidential all information (written or oral) concerning the business and internal affairs of the other party that it shall have obtained or received as a result of discussions leading up to or the entering into or performance of these Developer Terms (Confidential Information);
- not without the other party's written consent to disclose Confidential Information in whole or in part to any other person save those of its personnel, representatives, sub-contractors and agents involved in the performance of Services, who are themselves subject to confidentiality obligations, and who have a need to know the same; and
- use Confidential Information solely in relation to the Services and not for its own benefit or the benefit of any third party.
15.2. The provisions of clause 15.1 above shall not apply to the whole or any part of the Confidential Information that it is already in the public domain or already in the other party's possession other than as the result of a breach of this section.
15.3. Each party hereby undertakes to the other: (i) to make all relevant employees, representatives, agents and subcontractors aware of the confidentiality of the Information and the provisions of this clause 15, (ii) to subject them to confidentiality obligations and (iii) without prejudice to the generality of the foregoing to take all such steps as shall from time to time be necessary to ensure compliance by its employees, representatives, agents and subcontractors with the provisions of this clause 15.
15.4. The parties agree that this clause 15 will survive during the suspension of the License and after the termination of this License, whatever the cause of termination and as long as required.
16. Intellectual Property
16.1. mod.io does not confer or assign any Intellectual Property Rights that subsist in the Services or any other materials supplied by mod.io (including user guides, instruction manuals and other documents but excluding any open source materials) under this Developer Agreement. You agree that you will not assert any rights in, or challenge mod.io's title to such Intellectual Property Rights.
16.2. You do not confer to mod.io any Intellectual Property Rights in your Game, User Generated Content and Game Data created using the Services. mod.io agrees that it will not assert any rights in or challenge your title to such Intellectual Property Rights.
16.3. You acknowledge that you may provide us with documents, business information, data, records and information relating to you in connection with the Services including without limitation any personal information (Your Information).
16.4. You warrant that:
- you own or have obtained a valid license for the Intellectual Property Rights in all material that you upload through the Services; and
- you own and will continue to own all of the rights, title and interest in (and You are solely responsible for the legality, reliability, integrity, accuracy and quality of) Your Information and that mod.io's use of Your Information in accordance with these Terms will not infringe the Intellectual Property Rights or any other rights of any third party.
16.5. You grant mod.io a worldwide, non-exclusive, non-transferrable, non-sublicensable licence to:
- use your name and logo for the sole purpose of advertising or publicising your use of the Services; and
- access and use Your Information for the purpose of allowing access to the Services and undertaking an analysis of the way in which You use the Services for the purposes of developing the Services or assessing its business operations.
17. Transfer and Assignment
17.1. If mod.io merges, sells or otherwise undergoes a change control of its business or the Services to a third-party, it reserves the right, without giving notice or seeking consent, to transfer or assign the Personal Information and Personal Data, content and rights that it has collected from you and any agreements between you and mod.io.
18. Governing law
18.1. These Developer Terms and any agreement between mod.io and the Developer are governed by and interpreted in accordance with the laws of Victoria, Australia. The parties irrevocably submit to the non-exclusive jurisdiction of the courts of the State of Victoria, Australia.
18.2. If any part of these Terms is found to be void or unenforceable then that part will be deemed to be severable from the balance of these Terms and will not affect the validity and enforceability of any remaining provisions.
18.3. If a party does not exercise or enforce any right or provision under these Developer Terms, it will not constitute a waiver of such right or provision. Any waiver of any provision under this agreement will only be effective if it is in writing and signed by the waiving party.
Australian Consumer Law means Schedule 2 of the Competition and Consumer Act 2010 (Cth) and the corresponding provisions of State fair trading legislation;
CCPA means the California Consumer Privacy Act of 2018;
Controller has the meaning given to it in the GDPR;
Data Protection Laws means any applicable laws and regulations relating to the controlling, processing, privacy, and use of Personal Data in connection with this Agreement, including, without limitation, the GDPR, the CCPA, the Privacy Act, and/or any corresponding or equivalent national or state laws or regulations;
End User means a user of your Game that accesses the Services for your Game;
Force Majeure means any act or event caused by any factor that is not within the reasonable control of mod.io, including without limitation, act of God; war; pandemic; national emergency; cyber-attack; explosion; damage to telecommunications infrastructure or internet services;
GDPR means the European Union General Data Protection Regulation 2016/679;
Intellectual Property Rights means all intellectual property rights (whether created before, on or after the date of these Developer Terms and whether registered or unregistered) in respect of copyright, any patents, trademarks, logos, designs, software, domain names, business or trade name, together with marketing concepts and designs, product knowledge, training systems and materials, protection of confidential information, circuit layouts, inventions, know-how, product or business concepts, details of product development, and any other identifiable result of intellectual endeavour, whether arising under statute or otherwise or any similar industrial property right or any right to, or application for registration of, any of them;
Loss means any loss including any liability, cost, expense, (including legal costs on a full indemnity basis), claim, proceeding, action, demand or damage;
Personal Data has the meaning given to it in the GDPR;
Personal Information has the meaning given to it in the Privacy Act;
Privacy Act means Privacy Act 1988 (Cth) as amended from time to time;
Processor and Processing has the meaning given to it in the GDPR;
User Generated Content means any content, data, text, image, code or information whatsoever that is created or published by an End User through the Services;
Website means the website with the designated URL "https://mod.io", any subdomains or pages, and its associated services and/or functionality;
This Annex applies to the transfer of Personal Data which is covered by the GDPR.
Commission Decision C(2010)593
Standard Contractual Clauses (processors)
For the purposes of Article 26(2) of Directive 95/46/EC for the transfer of personal data to processors established in third countries which do not ensure an adequate level of data protection
Name of the data exporting organisation: Developer agreeing to the Developer Terms
(the data exporter)
Name of the data importing organisation: mod.io Pty Ltd
Address: 164 Kings Way, AU 3205 South Melbourne, Australia.
(the data importer)
each a "party"; together "the parties",
HAVE AGREED on the following Contractual Clauses (the Clauses) in order to adduce adequate safeguards with respect to the protection of privacy and fundamental rights and freedoms of individuals for the transfer by the data exporter to the data importer of the personal data specified in Appendix 1.
Clause 1 Definitions
For the purposes of the Clauses:
- 'personal data', 'special categories of data', 'process/processing', 'controller', 'processor', 'data subject' and 'supervisory authority' shall have the same meaning as in Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data;
- 'the data exporter' means the controller who transfers the personal data;
- 'the data importer' means the processor who agrees to receive from the data exporter personal data intended for processing on his behalf after the transfer in accordance with his instructions and the terms of the Clauses and who is not subject to a third country's system ensuring adequate protection within the meaning of Article 25(1) of Directive 95/46/EC;
- 'the subprocessor' means any processor engaged by the data importer or by any other subprocessor of the data importer who agrees to receive from the data importer or from any other subprocessor of the data importer personal data exclusively intended for processing activities to be carried out on behalf of the data exporter after the transfer in accordance with his instructions, the terms of the Clauses and the terms of the written subcontract;
- 'the applicable data protection law' means the legislation protecting the fundamental rights and freedoms of individuals and, in particular, their right to privacy with respect to the processing of personal data applicable to a data controller in the Member State in which the data exporter is established;
- 'technical and organisational security measures' means those measures aimed at protecting personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing.
Clause 2 Details of the transfer
The details of the transfer and in particular the special categories of personal data where applicable are specified in Appendix 1 which forms an integral part of the Clauses
Clause 3 Third-party beneficiary clause
1. The data subject can enforce against the data exporter this Clause, Clause 4(b) to (i), Clause 5(a) to (e), and (g) to (j), Clause 6(1) and (2), Clause 7, Clause 8(2), and Clauses 9 to 12 as third-party beneficiary.
2. The data subject can enforce against the data importer this Clause, Clause 5(a) to (e) and (g), Clause 6, Clause 7, Clause 8(2), and Clauses 9 to 12, in cases where the data exporter has factually disappeared or has ceased to exist in law unless any successor entity has assumed the entire legal obligations of the data exporter by contract or by operation of law, as a result of which it takes on the rights and obligations of the data exporter, in which case the data subject can enforce them against such entity.
3. The data subject can enforce against the subprocessor this Clause, Clause 5(a) to (e) and (g), Clause 6, Clause 7, Clause 8(2), and Clauses 9 to 12, in cases where both the data exporter and the data importer have factually disappeared or ceased to exist in law or have become insolvent, unless any successor entity has assumed the entire legal obligations of the data exporter by contract or by operation of law as a result of which it takes on the rights and obligations of the data exporter, in which case the data subject can enforce them against such entity. Such third-party liability of the subprocessor shall be limited to its own processing operations under the Clauses.
4. The parties do not object to a data subject being represented by an association or other body if the data subject so expressly wishes and if permitted by national law.
Clause 4 Obligations of the data exporter
The data exporter agrees and warrants:
- that the processing, including the transfer itself, of the personal data has been and will continue to be carried out in accordance with the relevant provisions of the applicable data protection law (and, where applicable, has been notified to the relevant authorities of the Member State where the data exporter is established) and does not violate the relevant provisions of that State;
- that it has instructed and throughout the duration of the personal data processing services will instruct the data importer to process the personal data transferred only on the data exporter's behalf and in accordance with the applicable data protection law and the Clauses;
- that the data importer will provide sufficient guarantees in respect of the technical and organisational security measures specified in Appendix 2 to this contract;
- that after assessment of the requirements of the applicable data protection law, the security measures are appropriate to protect personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing, and that these measures ensure a level of security appropriate to the risks presented by the processing and the nature of the data to be protected having regard to the state of the art and the cost of their implementation;
- that it will ensure compliance with the security measures;
- that, if the transfer involves special categories of data, the data subject has been informed or will be informed before, or as soon as possible after, the transfer that its data could be transmitted to a third country not providing adequate protection within the meaning of Directive 95/46/EC;
- to forward any notification received from the data importer or any subprocessor pursuant to Clause 5(b) and Clause 8(3) to the data protection supervisory authority if the data exporter decides to continue the transfer or to lift the suspension;
- to make available to the data subjects upon request a copy of the Clauses, with the exception of Appendix 2, and a summary description of the security measures, as well as a copy of any contract for subprocessing services which has to be made in accordance with the Clauses, unless the Clauses or the contract contain commercial information, in which case it may remove such commercial information;
- that, in the event of subprocessing, the processing activity is carried out in accordance with Clause 11 by a subprocessor providing at least the same level of protection for the personal data and the rights of data subject as the data importer under the Clauses; and
- that it will ensure compliance with Clause 4(a) to (i).
Clause 5 Obligations of the data importer
The data importer agrees and warrants:
- to process the personal data only on behalf of the data exporter and in compliance with its instructions and the Clauses; if it cannot provide such compliance for whatever reasons, it agrees to inform promptly the data exporter of its inability to comply, in which case the data exporter is entitled to suspend the transfer of data and/or terminate the contract;
- that it has no reason to believe that the legislation applicable to it prevents it from fulfilling the instructions received from the data exporter and its obligations under the contract and that in the event of a change in this legislation which is likely to have a substantial adverse effect on the warranties and obligations provided by the Clauses, it will promptly notify the change to the data exporter as soon as it is aware, in which case the data exporter is entitled to suspend the transfer of data and/or terminate the contract;
- that it has implemented the technical and organisational security measures specified in Appendix 2 before processing the personal data transferred;
- that it will promptly notify the data exporter about:
- any legally binding request for disclosure of the personal data by a law enforcement authority unless otherwise prohibited, such as a prohibition under criminal law to preserve the confidentiality of a law enforcement investigation,
- any accidental or unauthorised access, and
- any request received directly from the data subjects without responding to that request, unless it has been otherwise authorised to do so;
- to deal promptly and properly with all inquiries from the data exporter relating to its processing of the personal data subject to the transfer and to abide by the advice of the supervisory authority with regard to the processing of the data transferred;
- at the request of the data exporter to submit its data processing facilities for audit of the processing activities covered by the Clauses which shall be carried out by the data exporter or an inspection body composed of independent members and in possession of the required professional qualifications bound by a duty of confidentiality, selected by the data exporter, where applicable, in agreement with the supervisory authority;
- to make available to the data subject upon request a copy of the Clauses, or any existing contract for subprocessing, unless the Clauses or contract contain commercial information, in which case it may remove such commercial information, with the exception of Appendix 2 which shall be replaced by a summary description of the security measures in those cases where the data subject is unable to obtain a copy from the data exporter;
- that, in the event of subprocessing, it has previously informed the data exporter and obtained its prior written consent;
- that the processing services by the subprocessor will be carried out in accordance with Clause 11;
- to send promptly a copy of any subprocessor agreement it concludes under the Clauses to the data exporter.
Clause 6 Liability
1. The parties agree that any data subject, who has suffered damage as a result of any breach of the obligations referred to in Clause 3 or in Clause 11 by any party or subprocessor is entitled to receive compensation from the data exporter for the damage suffered.
2. If a data subject is not able to bring a claim for compensation in accordance with paragraph 1 against the data exporter, arising out of a breach by the data importer or his subprocessor of any of their obligations referred to in Clause 3 or in Clause 11, because the data exporter has factually disappeared or ceased to exist in law or has become insolvent, the data importer agrees that the data subject may issue a claim against the data importer as if it were the data exporter, unless any successor entity has assumed the entire legal obligations of the data exporter by contract of by operation of law, in which case the data subject can enforce its rights against such entity.
The data importer may not rely on a breach by a subprocessor of its obligations in order to avoid its own liabilities.
3. If a data subject is not able to bring a claim against the data exporter or the data importer referred to in paragraphs 1 and 2, arising out of a breach by the subprocessor of any of their obligations referred to in Clause 3 or in Clause 11 because both the data exporter and the data importer have factually disappeared or ceased to exist in law or have become insolvent, the subprocessor agrees that the data subject may issue a claim against the data subprocessor with regard to its own processing operations under the Clauses as if it were the data exporter or the data importer, unless any successor entity has assumed the entire legal obligations of the data exporter or data importer by contract or by operation of law, in which case the data subject can enforce its rights against such entity. The liability of the subprocessor shall be limited to its own processing operations under the Clauses.
Clause 7 Mediation and jurisdiction
1. The data importer agrees that if the data subject invokes against it third-party beneficiary rights and/or claims compensation for damages under the Clauses, the data importer will accept the decision of the data subject:
- to refer the dispute to mediation, by an independent person or, where applicable, by the supervisory authority;
- to refer the dispute to the courts in the Member State in which the data exporter is established.
2. The parties agree that the choice made by the data subject will not prejudice its substantive or procedural rights to seek remedies in accordance with other provisions of national or international law.
Clause 8 Cooperation with supervisory authorities
1. The data exporter agrees to deposit a copy of this contract with the supervisory authority if it so requests or if such deposit is required under the applicable data protection law.
2. The parties agree that the supervisory authority has the right to conduct an audit of the data importer, and of any subprocessor, which has the same scope and is subject to the same conditions as would apply to an audit of the data exporter under the applicable data protection law.
3. The data importer shall promptly inform the data exporter about the existence of legislation applicable to it or any subprocessor preventing the conduct of an audit of the data importer, or any subprocessor, pursuant to paragraph 2. In such a case the data exporter shall be entitled to take the measures foreseen in Clause 5 (b).
Clause 9 Governing Law
The Clauses shall be governed by the law of the Member State in which the data exporter is established.
Clause 10 Variation of the contract
The parties undertake not to vary or modify the Clauses. This does not preclude the parties from adding clauses on business related issues where required as long as they do not contradict the Clause.
Clause 11 Subprocessing
1. The data importer shall not subcontract any of its processing operations performed on behalf of the data exporter under the Clauses without the prior written consent of the data exporter. Where the data importer subcontracts its obligations under the Clauses, with the consent of the data exporter, it shall do so only by way of a written agreement with the subprocessor which imposes the same obligations on the subprocessor as are imposed on the data importer under the Clauses. Where the subprocessor fails to fulfil its data protection obligations under such written agreement the data importer shall remain fully liable to the data exporter for the performance of the subprocessor's obligations under such agreement.
2. The prior written contract between the data importer and the subprocessor shall also provide for a third-party beneficiary clause as laid down in Clause 3 for cases where the data subject is not able to bring the claim for compensation referred to in paragraph 1 of Clause 6 against the data exporter or the data importer because they have factually disappeared or have ceased to exist in law or have become insolvent and no successor entity has assumed the entire legal obligations of the data exporter or data importer by contract or by operation of law. Such third-party liability of the subprocessor shall be limited to its own processing operations under the Clauses.
3. The provisions relating to data protection aspects for subprocessing of the contract referred to in paragraph 1 shall be governed by the law of the Member State in which the data exporter is established.
4. The data exporter shall keep a list of subprocessing agreements concluded under the Clauses and notified by the data importer pursuant to Clause 5 (j), which shall be updated at least once a year. The list shall be available to the data exporter's data protection supervisory authority.
Clause 12 Obligation after the termination of personal data processing services
1. The parties agree that on the termination of the provision of data processing services, the data importer and the subprocessor shall, at the choice of the data exporter, return all the personal data transferred and the copies thereof to the data exporter or shall destroy all the personal data and certify to the data exporter that it has done so, unless legislation imposed upon the data importer prevents it from returning or destroying all or part of the personal data transferred. In that case, the data importer warrants that it will guarantee the confidentiality of the personal data transferred and will not actively process the personal data transferred anymore.
2. The data importer and the subprocessor warrant that upon request of the data exporter and/or of the supervisory authority, it will submit its data processing facilities for an audit of the measures referred to in paragraph 1.
Appendix 1 to the Standard Contractual Clauses
This Appendix forms part of the Clauses and must be completed and signed by the parties. The Member States may complete or specify, according to their national procedures, any additional necessary information to be contained in this Appendix.
The data exporter is: The Developer, a games developer providing games to players
The data importer is: mod.io Pty Ltd, a provider of a mod platform, providing the Services
The personal data transferred concern the following categories of data subjects:
- Players of the Developer who want to use mod.io in-game
Categories of data
The personal data transferred concern the following categories of data:
- User ID (or other ID for means of identification, like email address, facebook id, steam id etc)
- Country (language and timezone preference)
- Age range
- Display Name
- IP address or device ID
Special categories of data (if appropriate)
The personal data transferred concern the following special categories of data:
The personal data transferred will be subject to the following basic processing activities:
- Providing the Services, making available and allowing to make available User Generated Content to other players through the mod.io platform.
Appendix 2 to the Standard Contractual Clauses
This Appendix forms part of the Clauses and must be completed and signed by the parties. Description of the technical and organisational security measures implemented by the data importer in accordance with Clauses 4(d) and 5(c) (or document/legislation attached):
Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing (see Appendix 1) as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, mod.io implements appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including inter alia as appropriate:
- the pseudonymization and encryption of personal data;
- the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;
- the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident;
- a process for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing.
mod.io will provide a list of the actual technical and organizational measures on request of the Developer.
mod.io uses the following third party service providers:
- AWS Amazon Web Services, USA
- Microsoft Azure, USA
- Google Analytics, Google Cloud and GSuite, USA
- Stackpath CDN, USA
- Cloudflare Inc., USA