Terms of Service

Updated: May 2025

Sqish and its affiliates (collectively “Sqish,” “we” or “our”) provide URL shortening, custom-branded link, link management, and analytics products and services to our users (collectively, the “Sqish Services”). Please read these Terms of Service (the “Agreement”) carefully, as they govern your access to and use of the Sqish Services and constitute a binding legal agreement between you and Sqish. If you accept this Agreement or use the Sqish Services on behalf of a company or other legal entity, you represent and warrant that you have the authority to bind that company or other legal entity to the Agreement and, in such event, “you” “your” or “Customer” will refer and apply to that company or other legal entity. If you have been granted access to and use of the Sqish Services by and on behalf of the primary account holder, whether directly or through an administrator, you also agree to abide by this Agreement. In addition to this Agreement, your use of the Sqish Services is governed by the Sqish Privacy Policy and the Sqish Acceptable Use Policy.

YOU ACKNOWLEDGE AND AGREE THAT, BY CREATING A SQISH ACCOUNT (“ACCOUNT”), PURCHASING A PAID ACCOUNT (IF APPLICABLE), OR ACCESSING OR USING THE SQISH SERVICES AND APPLICATION PROGRAM INTERFACES (“API”), YOU ARE INDICATING THAT YOU HAVE READ, UNDERSTAND AND AGREE TO BE BOUND BY THE TERMS OF THIS AGREEMENT AND THE SQISH ACCEPTABLE USE POLICY. IF YOU DO NOT AGREE TO THESE TERMS, THEN YOU HAVE NO RIGHT TO ACCESS OR USE THE SQISH SERVICES.

THIS AGREEMENT CONTAINS AN ARBITRATION PROVISION AND CLASS ACTION WAIVER AS DESCRIBED IN SECTION 12.1 BELOW. YOU AGREE THAT DISPUTES BETWEEN US WILL BE RESOLVED BY BINDING, INDIVIDUAL ARBITRATION, AND YOU ARE WAIVING YOUR RIGHT TO A TRIAL BY JURY OR TO PARTICIPATE AS A PLAINTIFF OR CLASS MEMBER IN ANY PURPORTED CLASS ACTION OR REPRESENTATIVE PROCEEDING.

1. SCOPE & MODIFICATIONS

1.1 Modifications.

Sqish reserves the right, in its sole discretion, to modify or replace this Agreement at any time. If we modify this Agreement, we will post the modification on our site and update the “Last Updated” date at the top of the Terms of Service or provide you with notice of the modification in the Sqish platform. Any change to this Agreement will be effective as of the Last Updated Date at the top of this page. By continuing to access or use the Sqish Services after the Last Updated Date, you are indicating that you agree to be bound by the modified Agreement. You agree that it is your responsibility to check this Agreement periodically for changes and that your use of the Sqish Services following the posting of any changes to this Agreement constitutes acceptance of those changes. If the modified Agreement is not acceptable to you, your only recourse is to cease using the Sqish Services.

1.2 Service Changes.

Sqish may add, remove, suspend, discontinue, modify or update the Sqish Services at any time, at its discretion. After the effective date of such a change, Sqish shall bear no obligation to run, provide or support legacy versions of any affected Sqish Services.

1.3 Customer Support.

Sqish provides a help center or support documentation for all users. More details about support services can be found in the relevant sections of the platform or website.

1.4 Destination Preview.

Certain tiers or versions of Sqish Services might include a feature akin to “Destination Preview.” If implemented, such pages may be seen by someone who interacts with your link prior to proceeding to the destination URL and may include information about the destination URL. Such pages may potentially include advertising. If an end user interacts with advertising, such interaction is not governed by the Sqish Terms of Services. Sqish makes no warranty regarding advertising content. Options for an ad-free experience may be available through paid Sqish Services, if offered.

2. PAID ACCOUNTS (If Applicable)

Note: The following sections apply if Sqish offers paid subscription plans. If Sqish is entirely free, these sections may not be relevant.

2.1 Fees.

Sqish may offer fee-based Sqish Services that provide additional features and functionality. If you sign up for a paid account, you agree to pay Sqish all applicable fees for the tier of Sqish Services according to your selection. Fees are non-refundable except as required by law or as otherwise specifically permitted in this Agreement.

2.2 Subscription Period.

Paid account plans will be charged the rate stated at the time of initial purchase on a recurring basis corresponding to the term of your subscription until you cancel. Fees are subject to change and Sqish will notify you of any pricing change prior to processing your next recurring charge. You may cancel your paid account subscription at any time, however, unless required by law, no refunds or credits will be provided for any early termination or for any non-use of the Sqish Services. Sqish reserves the right to update, change, modify or terminate your subscription benefits at any time in its sole discretion.

2.3 Payment.

You will pay Sqish on the payment interval selected. If not otherwise specified, payments will be due immediately. You authorize Sqish to charge you for all applicable fees on a recurring basis using your selected payment method through Sqish’s online payments platform (or a third-party processor). By providing a saved payment method (“Payment Method”) in your account, you expressly acknowledge and authorize Sqish (or our third party online payment processor) to charge you on a recurring basis corresponding to the term of your subscription unless you cancel your paid account subscription. You are responsible for any and all fees charged to your Payment Method. You will provide complete and accurate billing and contact information to Sqish. Sqish may make changes to the offered Payment Method from time to time. It is your responsibility to update your payment information if necessary. Sqish may suspend, downgrade or terminate the Services if Fees are past due. Unpaid Fees are subject to a finance charge of one percent (1.5%) per month (18% per annum), or the maximum permitted by law, whichever is lower, plus reasonable collection costs (including attorneys’ fees). Failure to pay Fees may lead to termination, cancellation or suspension of Services. SQISH MAY SUBMIT PERIODIC CHARGES CORRESPONDING TO THE TERM OF YOUR SELECTED SUBSCRIPTION WITHOUT FURTHER AUTHORIZATION FROM YOU, UNTIL YOU AFFIRMATIVELY CANCEL YOUR SUBSCRIPTION SERVICES OR NOTIFY SQISH THAT YOU WISH TO CHANGE YOUR PAYMENT METHOD INFORMATION.

2.4 Taxes.

Fees are exclusive of taxes, duties, levies, tariffs, and other governmental charges (collectively, “Taxes”), and you are responsible for all Taxes resulting from this Agreement or your use of the Sqish Services. Sqish will invoice you for Taxes when required to do so by applicable law, and you agree to provide payment under the terms of the invoice. If you are required by law to deduct and withhold any Taxes on amounts payable under this Agreement, any amounts required to be withheld will be promptly deducted and timely remitted by you on behalf of Sqish to the appropriate taxation authority, and you agree to provide Sqish with copies of necessary documents (e.g., tax receipts) for Sqish to claim any applicable foreign tax credit.

3. USE OF SERVICES

3.1 Use of Sqish Services.

Subject to the terms and conditions of this Agreement and payment of all applicable Fees due, Sqish grants you a non-exclusive, non-transferable, limited right to access and use the Sqish Services in accordance with our Acceptable Use Policy. You agree that you will not access the Sqish Services for competitive purposes or if you are a competitor of Sqish.

3.2 Access Credentials.

Sqish shall provide you with non-transferable access credentials (like username/password) for the Sqish Services. You will not share access credentials or exceed any user limitations of the service tier you have purchased (if applicable). You will not (i) misrepresent your identity when using the Sqish Services; (ii) select or use a username or custom domain subject to third-party rights without authorization; (iii) select or use a username or custom domain that is offensive, vulgar, obscene, or violates our Acceptable Use Policy; or (iv) exceed any access permitted by Sqish. You must safeguard your access credentials. If you are a company or organization: (A) only your authorized employees and contractors (“Personnel”) may use the Sqish Services; (B) you will require Personnel to comply with Laws and use restrictions; (C) you will not share credentials or exceed user limits; and (D) you are fully responsible for the acts or omissions of your Personnel. Sqish may update the manner of accessing the Services at its discretion.

3.3 Compliance Monitoring.

Sqish may monitor your use of the Sqish Services for compliance with this Agreement and our Acceptable Use Policy. If Sqish suspects non-compliance, Sqish may remove or disable any links, codes, or other Sqish Services suspected of violating policies. Sqish reserves the right to suspend your use of the Sqish Services without notice if we believe, in good faith, your account security is compromised or your account is being used unlawfully or in violation of our Acceptable Use Policy. Sqish may suspend access or terminate this Agreement without notice for violations.

4. YOUR SERVICES AND CONTENT

4.1 Your Service.

Sqish has no liability for any of your products, content, or services (“Your Services”) accessed through or using the Sqish Services, or their use by end users. You will not use Sqish Services in a way that implies partnership, sponsorship, or endorsement by Sqish. You won't suggest Sqish is the author of or responsible for Your Services' content. Sqish Services shall not be used with Prohibited Content (see Section 5.3) or in activities where failure could lead to death, injury, property/environmental damage, or impose liability on Sqish.

4.2 Customer Materials.

You grant Sqish an irrevocable, perpetual, non-exclusive, sublicensable, transferable, royalty-free, worldwide license to use, copy, import, display, reproduce, perform, distribute, create derivative works, alter, or modify all URLs and other information you provide to Sqish (“Customer Materials”) in connection with providing the Sqish Services and for other Sqish business purposes (including group companies).

4.3 Customer Content.

You are solely responsible for content you upload or share via the Sqish Service (“Customer Content”). You must have permission to use any Customer Content you upload. Sqish does not claim ownership over your Customer Content. Sqish’s collection, use, and sharing of personal information is described in Sqish’s Privacy Policy.

4.4 Organizational Accounts.

As stated in our Privacy Policy, where permitted, if you register an Account with an email on a domain owned by an organization (e.g., your employer), we may share your email and Account information with our sales team and the organization (including group companies) to explore business interests, provide information on services, or for related purposes.

5. INTELLECTUAL PROPERTY

5.1 Ownership.

Except for Customer Content, Your Services, and Customer Materials, Sqish is the sole owner of all right, title, and interest in the Sqish Services and related documentation, code, tools, processes, methodologies, inventions, know-how, concepts, formatting, ideas, intellectual property, and all derivatives thereof (“Sqish Materials”). This Agreement does not transfer ownership of any Sqish Materials. Except for the limited license granted, no rights to Sqish Materials are granted.

5.2 Feedback.

If you provide feedback, feature requests, comments, suggestions, or ideas for improving the Service (“Feedback”), such Feedback is fully assigned to Sqish without obligation for compensation. Sqish owns all rights to the Feedback and may incorporate it into the Services at its discretion.

5.3 General Restrictions.

You and your Personnel will not, and won't permit third parties to: (i) access or export Sqish Services data to create a competitive URL shortening service or similar service; (ii) use, modify, display, perform, copy, disclose, or create derivative works of Sqish Services except as expressly permitted; (iii) reverse engineer, decompile, disassemble, mimic, screen-scrape, frame, or mirror the Sqish Services or attempt to discover source code; (iv) encumber, distribute, sublicense, assign, sell, rent, lease, pledge, or transfer Sqish Services; (v) transmit harmful code, infringing, defamatory, unlawful, offensive content, phishing, spam, content violating privacy/publicity rights, or content violating our Acceptable Use Policy (“Prohibited Content”) through Sqish Services; (vi) access via automated/unauthorized means, interfere with, disrupt, or circumvent security measures for Sqish Services; or (vii) obscure, remove, or alter proprietary notices on Sqish Services. Sqish may immediately revoke access rights if you breach these restrictions. Sqish is entitled to seek injunctive relief for breaches without posting bond.

5.4 Technical Restrictions.

You will not exceed API call limits or other usage restrictions for your service tier (if applicable). If Sqish believes you've circumvented limitations, Sqish may suspend or block access. Sqish may monitor your use for compliance.

6. TERM AND TERMINATION

6.1 Term.

This Agreement starts when you accept it (create account or purchase plan) (“Effective Date”) and continues until terminated. If you purchased a paid account, the agreement continues for the selected term (“Initial Term”). If set to auto-renew, it renews for terms of the same length (“Renewal Term”), unless you cancel before the next cycle as per Section 6.2. (“Term” includes Initial and Renewal Terms).

6.2 Right to Terminate.

During the Term, You may terminate this Agreement (cancel your subscription) at any time as set forth in Section 2 (if applicable). However, you won't receive a refund for the current or prior billing cycles unless required by law. Upon expiration or termination, your rights and access terminate automatically. You must cease using Sqish Services and return or destroy Sqish's Confidential Information. Sections that by nature should survive termination will survive.

7. CONFIDENTIALITY

Confidential Information. Each party (the “Receiving Party”) understands the other party (the “Disclosing Party”) may disclose business, technical, or financial information (“Confidential Information”). Sqish’s Confidential Information includes non-public info about Service features, functionality, performance, and logged-in website areas. Your Confidential Information is limited to non-public data you provide to Sqish in writing for service provision. The Receiving Party agrees: (i) to take reasonable precautions to protect Confidential Information, and (ii) not to use (except for Services/as permitted) or divulge it to third parties. This doesn't apply to info that: (a) is or becomes public knowledge, (b) was known before receipt, (c) was rightfully disclosed by a third party without restriction, (d) was independently developed, or (e) is required by law to be disclosed. These obligations last for five (5) years after disclosure. Breach may cause irreparable harm, entitling the Disclosing Party to seek injunctive relief.

8. DATA PROTECTION

8.1 Data Privacy.

You must comply with all applicable privacy and data protection laws (e.g., GDPR, CCPA, UK GDPR, etc.) regarding personal data you provide for the Service. This includes complying with rules about customer databases and having appropriate privacy/cookie policies.

8.2 Data Processing.

If Sqish processes Personal Data as a processor for you and law requires a data processing agreement (DPA), the DPA in Appendix A applies and is part of this Agreement.

8.3 Privacy.

Sqish may collect and process Personal Data about you/your personnel as described in Sqish’s Privacy Policy. Sqish may share this info with partners/vendors for research, analytics, support, security, fraud/spam prevention, advertising, marketing, transactions, or compliance. You consent to this collection, use, processing, and sharing according to our Privacy Policy and applicable laws.

9. REPRESENTATIONS AND WARRANTIES

9.1 Content Warranties.

You represent and warrant that Customer Content, Customer Materials, and all info you provide, and its collection/use: (i) doesn't infringe third-party rights (IP, privacy, publicity); (ii) complies with all applicable Laws (privacy, data security, anti-spam, trade restrictions); (iii) has necessary consents/permissions and complies with privacy policies/third-party terms; and (iv) does NOT contain personal info from individuals under 16.

9.2 Further Warranties.

You further represent and warrant: (i) you use industry-standard security for Sqish Services, Customer Content/Materials, and Your Services; (ii) you won't make Sqish Services subject to open-source licenses imposing obligations on Sqish; (iii) you won't disrupt or impair Sqish Services; (iv) you'll immediately investigate/notify Sqish of security breaches and take corrective action at your cost; and (v) your use of Sqish Services, Customer Content/Materials, and Your Services complies with Laws and doesn't infringe third-party rights.

9.3 DISCLAIMERS.

SQISH SERVICES ARE PROVIDED “AS IS” AND “AS AVAILABLE” WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, IMPLIED WARRANTIES OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY, AND FITNESS FOR A PARTICULAR PURPOSE, AND ANY WARRANTIES IMPLIED BY COURSE OF PERFORMANCE OR USAGE OF TRADE, ALL OF WHICH ARE EXPRESSLY DISCLAIMED. SQISH DOES NOT WARRANT THAT: (I) THE SQISH SERVICES WILL BE SECURE OR AVAILABLE AT ANY PARTICULAR TIME OR LOCATION; (II) SHORTENED URLS OR THE SERVICES WILL BE ACCURATE OR ERROR-FREE; (III) THE SERVICES ARE FREE OF VIRUSES OR HARMFUL COMPONENTS; (IV) USING THE SERVICES WILL MEET YOUR REQUIREMENTS OR BUSINESS NEEDS; OR (V) THE SERVICES WILL BE UNINTERRUPTED OR ERRORS CORRECTED TIMELY. YOUR USE IS SOLELY AT YOUR OWN RISK. SQISH ASSUMES NO LIABILITY FOR ENSURING YOUR USE COMPLIES WITH LAWS OUTSIDE THE JURISDICTION SPECIFIED IN SECTION 12 AND YOU ARE SOLELY LIABLE FOR SUCH COMPLIANCE. SQISH IS NOT RESPONSIBLE FOR THIRD-PARTY PRODUCTS/SERVICES (E.G., SOCIAL MEDIA, HOST PROVIDERS).

10. INDEMNIFICATION

Indemnity. You will defend, indemnify, and hold harmless Sqish, its parents, subsidiaries, affiliates, employees, officers, directors, representatives, contractors, partners, successors, and assigns (“Sqish Indemnitees”) from third-party claims, damages, liabilities, and costs (including reasonable attorneys’ fees) arising from: (a) Customer Content, Customer Materials, Your Services; (b) Your breach of Section 5.3 or violation of Laws; and/or (c) allegations of IP, privacy, or publicity infringement concerning Customer Content/Materials, Your Services, or combining Sqish Services with non-Sqish materials. Sqish will promptly notify you of claims it seeks indemnification for (delay doesn't void obligation unless materially prejudicial). You have sole control over defense (Sqish may approve counsel and participate at its own cost). Settlements require Sqish's prior written consent.

11. LIMITATION OF LIABILITY

11.1 LIABILITY LIMITATION.

IN NO EVENT SHALL EITHER PARTY BE LIABLE UNDER CONTRACT, TORT, STRICT LIABILITY, NEGLIGENCE, OR ANY OTHER LEGAL/EQUITABLE THEORY REGARDING SQISH SERVICES OR THIS AGREEMENT FOR: (I) LOST PROFITS, DATA LOSS, COST OF SUBSTITUTE GOODS/SERVICES, OR SPECIAL, INDIRECT, INCIDENTAL, PUNITIVE, COMPENSATORY, OR CONSEQUENTIAL DAMAGES; (II) BUGS, VIRUSES, TROJAN HORSES; (III) SERVICE CESSATION; (IV) DELETION/CORRUPTION/FAILURE TO STORE CUSTOMER CONTENT/MATERIALS/DATA; (V) YOUR FAILURE TO PROVIDE ACCURATE INFO; (VI) LIABILITY FROM YOUR FAILURE TO KEEP PASSWORD/ACCOUNT DETAILS SECURE; OR (VII) FAILURE TO ACCESS SERVICES DUE TO YOUR EQUIPMENT/NETWORK MALFUNCTIONS.

11.2 AGGREGATE LIABILITY CAP.

EXCEPT FOR YOUR INDEMNIFICATION OBLIGATIONS (SECTION 10), EACH PARTY’S TOTAL AGGREGATE LIABILITY UNDER THIS AGREEMENT (CONTRACT, TORT, ETC.) IN ANY CALENDAR YEAR (STARTING FROM EFFECTIVE DATE/FIRST USE) SHALL NOT EXCEED THE TOTAL FEES RECEIVED BY SQISH FOR THE SERVICES IN THE TWELVE (12) MONTHS PRECEDING THE CLAIM.

12. GOVERNING LAW, VENUE & DISPUTES

12.1 For UK/International Customers (adjust as needed):

Note: The following is based on common UK/US provisions but MUST be reviewed and confirmed by legal counsel for your specific situation and target audience. The original text had separate US/EU sections. This combines and adapts, assuming a UK/International focus initially.

12.1.1 Governing Law.

This Agreement and the transactions contemplated hereby will be governed by and construed under the laws of England and Wales, without regard to its conflict of law provisions and without regard to the United Nations Convention on Contracts for the International Sale of Goods.

12.1.2 Venue.

To the extent any dispute is not subject to arbitration, the parties agree to the exclusive jurisdiction of the courts of England and Wales for resolution.

12.1.3 Limitation for Bringing Claims.

To the fullest extent permitted by law, you agree that any claim or cause of action arising out of, related to, or connected with the use of the Sqish Services or this Agreement must be filed within one (1) year after such claim or cause of action arose or be forever barred.

12.1.4 Arbitration of Disputes; Class Action Waiver.

All disputes, claims, or controversies arising out of or in connection with this Agreement or the breach, termination, enforcement, interpretation, or validity thereof or the use of the Services (collectively, “Disputes”) shall, where permitted by law, be finally resolved by binding, individual arbitration. The rules of a recognized arbitration body (e.g., LCIA, ICC) may apply. Arbitration means a neutral arbitrator decides Disputes, waiving rights to court/jury trials. The seat of arbitration shall be London, UK, unless otherwise agreed or required for consumer disputes. Each party agrees that disputes over the scope or applicability of this arbitration provision may be decided by the arbitrator. We each agree that Disputes will be adjudicated individually, and waive the right to participate in class actions. This arbitration and class action waiver provision survives termination.

(Alternative for US focus, adapted from original): This Agreement... governed by... Federal Arbitration Act and laws of the State of New York... exclusive jurisdiction... state and federal courts in Manhattan, New York... Arbitration under ICC Rules... venue in Manhattan, New York (or consumer's MSA)... small claims court exception... individual basis, class action waiver...

12.1.5 Online Dispute Resolution (If applicable for EU Consumers).

The European Commission provides an online dispute resolution platform: https://ec.europa.eu/consumers/odr/. Sqish is not obliged and generally will not participate in alternative dispute settlement procedures before a consumer dispute resolution entity unless required by law.

13. MISCELLANEOUS

13.1 Relationship of the Parties.

The parties are independent contractors. Nothing implies employer/employee, agent/representative, joint venture, or partnership.

13.2 Entire Agreement and Severability.

This Agreement is the entire agreement, superseding prior communications/proposals. It may be modified only by express written agreement. No terms on purchase orders, invoices, etc., are binding.

13.3 Force Majeure.

Neither party is liable for delays/failures due to causes beyond reasonable control (e.g., cyber-attacks, communication failures, acts of God, terrorism, war, natural disasters, third-party provider failures, labor disputes).

13.4 Assignment.

Neither party may assign this Agreement without the other's prior written permission (except to an affiliate or in a merger/acquisition). Any attempt to do so is void. Binds permitted successors/assigns.

13.5 Notices.

Notices must be in writing. Deemed given when received (personal delivery), when sent (email), or next day (overnight delivery).

13.6 Headings; Interpretation.

Headings are for convenience only. "Including," "for example," "such as" mean "without limitation."

13.7 Export.

Parties comply with export/import laws, not exporting/re-exporting Sqish Services without required licenses.

13.8 US Government Use.

Sqish Services are "commercial items" (48 C.F.R. 2.101). Use by government entities prohibited except as permitted by this Agreement. US government use per 48 C.F.R. 12.212 & 227.7202. If you are a US state/local government entity unable to accept indemnity/jurisdiction/venue clauses, those clauses don't apply to the extent required by your applicable law.

13.9 General.

Sqish's failure to enforce a right isn't a waiver. Waivers effective only if written/signed by Sqish. Remedies are cumulative. If a provision is invalid/unenforceable, it's enforced to the maximum extent permissible; other provisions remain in effect.

13.10 Publicity.

You grant Sqish the right to use your name, trademarks, and/or logos on its website, customer lists, and marketing materials to identify you as a Sqish Services customer.

APPENDIX A to SQISH TERMS OF SERVICE

DATA PROCESSING AGREEMENT

This Data Processing Agreement (“DPA”) forms part of the Agreement between [Sqish Legal Entity Name] or relevant Sqish Affiliate (“Sqish”) and Customer (“Customer”), for the provision of Services by Sqish (the “Agreement”), regarding the Processing of Customer Personal Information.

In providing Services, Sqish may Process Customer Personal Information for Customer. The parties agree to comply with the following:

1. DEFINITIONS

Capitalized terms match the Agreement unless defined here.

  • Affiliate: Entity controlling, controlled by, or under common control (>50% voting rights).
  • CCPA: California Consumer Privacy Act of 2018.
  • Customer Group Member: Customer or Customer Affiliate.
  • Customer Personal Information: Personal Information provided by Customer processed by Sqish for Customer.
  • Data Protection Laws: Applicable laws like GDPR, UK GDPR, CCPA, CPRA, CoPA, etc., as amended.
  • GDPR: EU General Data Protection Regulation 2016/679.
  • Personal Information: Information identifying or reasonably linkable to an individual/household, or as defined by Data Protection Laws.
  • Standard Contractual Clauses (SCCs): EU Commission standard clauses for data transfers (Decision 2021/914).
  • Subprocessor: Third party appointed by Sqish to Process Customer Personal Information.
  • EEA Transfer Mechanism: Approved safeguards for transferring GDPR-subject data outside EEA.
  • Third Country: Country outside EEA (for GDPR) or UK (for UK GDPR) not deemed adequate.
  • UK: United Kingdom.
  • UK GDPR: UK Data Protection Act 2018 and UK GDPR as amended.
  • Terms like Aggregated, Business, Controller, Data Subject, Deidentified, Processing, Sale, Share, Service Provider, Supervisory Authority have meanings per GDPR/CCPA.

2. PROCESSING OF PERSONAL INFORMATION

2.1 Roles of the Parties.

For GDPR/UK GDPR, Customer is Controller/Processor, Sqish is Processor/Subprocessor. For CCPA (if Customer is Business), Sqish is Service Provider.

2.2 Customer’s Processing.

Customer will only provide Personal Information necessary for Services, having given notices/obtained consents required by Data Protection Laws. Customer’s use of Services must comply with Data Protection Laws. Customer is responsible for accuracy, quality, legality of data provided.

2.3 Sqish’s Processing.

Sqish treats Customer Personal Information confidentially, processing only as needed for Services per Customer's documented instructions ("Permitted Purposes"): (i) per Agreement/Order; (ii) per DPA/Agreement/Laws; (iii) per other reasonable documented instructions. Sqish will not: (a) Sell/Share Customer Personal Information; (b) retain/use/disclose for other purposes; (c) retain/use/disclose outside the direct business relationship; (d) combine with other data unless authorized by Laws. Sqish certifies understanding/compliance with these restrictions. Sqish won't process for own/third-party purposes, but may use Aggregated/Deidentified data per Laws. Sqish will notify Customer if it can no longer meet obligations.

2.4 Details of Processing.

Subject-matter/duration: Per Agreement/DPA. Nature/purpose, types of data, categories of Data Subjects: See Schedule 1.

2.5 Instructions.

Customer instructs Sqish (and authorizes Sqish to instruct Subprocessors) to Process/transfer Customer Personal Information as needed for Services. Customer warrants authorization for these instructions. Sqish will notify Customer if an instruction appears non-compliant.

3. RIGHTS OF DATA SUBJECTS

Data Subject Request. Sqish will notify Customer (if legally permitted) of Data Subject Requests (access, rectification, restriction, objection, erasure, portability) regarding Sqish's processing. Sqish will assist Customer (using appropriate measures, where possible) to fulfill Customer's obligation to respond.

4. PERSONNEL

4.1 Confidentiality.

Sqish ensures personnel processing Customer Personal Information are informed of confidentiality, bound by obligations, and trained.

4.2 Limitation of Access.

Sqish limits access to personnel performing Services per the Agreement.

5. SUBPROCESSORS

5.1 Appointment.

Customer authorizes Sqish to appoint Subprocessors per this section. Sqish may use existing Subprocessors. Sqish will have written agreements with Subprocessors with data protection obligations no less onerous than Sqish's.

5.2 Notification.

Sqish will notify Customer (e.g., via website/email) of new Subprocessors >= 30 days prior. Customer may object in writing within 5 business days (acting reasonably); Sqish will use reasonable efforts not to disclose data to the objected Subprocessor (alternative solutions may be needed).

6. SECURITY AND AUDIT

6.1 Controls.

Sqish maintains appropriate technical/organizational measures for security, confidentiality, integrity (details available on request). Customer agrees these are adequate; if not, inform Sqish to discuss.

6.2 Audit/Reports.

On request, Sqish provides reasonably required info/certificates/reports to demonstrate compliance (subject to confidentiality). Customer has right (per Laws, on notice) to take steps to stop/remediate unauthorized use.

7. CUSTOMER DATA INCIDENT MANAGEMENT AND NOTIFICATION

Sqish maintains incident policies, notifies Customer without undue delay (per Laws) of Data Security Incidents (accidental/unlawful destruction, loss, alteration, unauthorized disclosure/access). Sqish makes reasonable efforts to identify cause/remediate (if within control). Sqish not liable for costs unless caused by Sqish's violation of Laws. Customer responsible for notifying Data Subjects/Authorities, consulting Sqish first (where feasible). Sqish provides reasonable assistance (at Customer expense) for Supervisory Authority inquiries.

8. RETURN AND DELETION OF CUSTOMER DATA

On Customer's written request, Sqish returns/deletes Customer Personal Information (except backups required by law/regulation, kept confidential).

9. TRANSFER MECHANISMS FOR DATA TRANSFERS

9.1 Authorization.

Customer authorizes international transfers per DPA/Laws.

9.2 Mechanism (EEA/GDPR).

For transfers from EEA to Third Countries (if required), Sqish complies with (i) adopted EEA Transfer Mechanism, or (ii) importer obligations in SCCs (Section 9.3).

9.3 SCC Interpretation.

Where SCCs apply: Module 2 (C2P) or Module 3 (P2P) used as appropriate. Clause 7 applies. Clause 9(a) option 2 (general auth) applies (30 days notice for changes). Clause 11 optional language excluded. Clauses 17/18 governed by German law/courts (unless Laws require otherwise - *adjust jurisdiction if needed*). Annexes I/II completed per SCC APPENDIX below.

9.4 UK Data Transfer.

For transfers from UK to Third Countries (if required), Sqish complies with (i) adopted UK transfer mechanism, or (ii) importer obligations in UK Addendum (version B.1.0) to EU SCCs (Schedule 2).

10. TERMINATION

Termination governed by the Agreement.

11. GOVERNING LAW

Without prejudice to SCC Clauses 17/18, this DPA governed by law stipulated in the Agreement. Parties submit to jurisdiction stipulated in Agreement for DPA disputes.

SCHEDULE 1 to DPA

DETAILS OF PROCESSING OF CUSTOMER PERSONAL INFORMATION

(Required by GDPR Art. 28(3) / UK GDPR)

Subject matter and duration: Performance of Services per Agreement/DPA, duration per Agreement.

Nature and purpose: Processing personal information as necessary to perform Services (URL shortening, link management, analytics, account management, support, etc.).

Types of Customer Personal Information: Determined by Customer, may include: Name, Email, Contact info (company, phone, address), IP address (of end users clicking links), User agent strings, Referrer information, Other data Customer embeds in links or provides via API/dashboard.

Categories of Data Subject: Customer’s personnel/representatives using the Services. End users interacting with Sqish links created by Customer.

Obligations and rights of Customer: Set out in Agreement/DPA.

SCC APPENDIX (for DPA Section 9.3)

ANNEX I

A. LIST OF PARTIES

Data exporter(s): Customer as defined in the Agreement.

  • Activities: Controls personal data processed by Data Importer (Processor) for Services.
  • Role: Controller (or Processor, if Customer acts as Processor for others)

Data importer(s):

  • Name: [Sqish Legal Entity Name]
  • Address: [Sqish Registered Address]
  • Contact: [Sqish Contact Person/Title/Email, e.g., Data Protection Officer, [email protected]]
  • Activities: Acts as Processor for Data Exporter for Services.
  • Role: Processor
B. DESCRIPTION OF TRANSFER

Categories of data subjects: See Schedule 1.

Categories of personal data: See Schedule 1.

Sensitive data transferred: None anticipated or intentionally collected by default service. Customer agrees not to provide sensitive data unless explicitly agreed and safeguarded.

Frequency: Continuous (each time link created/clicked/managed).

Nature of processing: Collection, storage, use, analysis, redirection, deletion as needed for Services.

Purpose(s): Providing Services (URL shortening, link management, analytics), fraud prevention, abuse detection, service notifications, account management, support.

Retention period: Data retained per Agreement or until Customer requests deletion/account termination, subject to legal requirements.

Sub-processors (onward transfers): Sqish will provide a current list upon written request.

C. COMPETENT SUPERVISORY AUTHORITY

Identified per Clause 13 of the SCCs, typically the authority of the EU Member State where the Data Exporter is established, or if not in EU, where its EU representative is, or if neither, the authority of the Member State where Data Subjects affected are located. If UK GDPR applies, the UK Information Commissioner's Office (ICO).

(Alternative if German law chosen in 9.3): Berlin Commissioner for Data Protection and Freedom of Information (Berliner Beauftragte für Datenschutz und Informationsfreiheit).

ANNEX II – TECHNICAL AND ORGANISATIONAL MEASURES

Sqish shall implement and maintain technical and organizational security measures as described in its security documentation (available upon reasonable request) or as otherwise agreed. These measures are designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access, and include measures related to pseudonymisation, encryption, confidentiality, integrity, availability, resilience, testing, and data minimisation where appropriate.

SCHEDULE 2 to DPA

International Data Transfer Addendum to the EU Commission Standard Contractual Clauses (UK Addendum)

(Required by DPA Section 9.4 if UK GDPR applies to transfers)

PART 1: TABLES

Table 1: Parties and Signature
Start dateThe date the DPA is agreed.
The PartiesExporter (who sends the Restricted Transfer):
Customer as identified in the account or applicable Order Form.
Full legal name: [Customer Legal Name]
Trading name (if different): [Customer Trading Name]
Main address: [Customer Address]
Official registration number (if any): [Customer Reg Number]
Key Contact: As identified in the account.
Importer (who receives the Restricted Transfer):
Full legal name: [Sqish Legal Entity Name]
Trading name (if different): N/A
Main address: [Sqish Address]
Official registration number (if any): [Sqish Reg Number]
Key Contact: [Sqish Contact Person/Title/Email]
Signature (if required for the purposes of Section 2)N/A (Incorporated by reference into DPA/Agreement)
Table 2: Selected SCCs, Modules and Selected Clauses
Addendum EU SCCs☒ The version of the Approved EU SCCs which this Addendum is appended to, detailed below, including the Appendix Information:
Date: Date of the DPA.
Reference (if any): N/A
Other identifier (if any): N/A
(Standard Contractual Clauses as referenced in DPA Section 9.3)
Table 3: Appendix Information
Annex 1A: List of PartiesSee SCC APPENDIX, ANNEX I A above.
Annex 1B: Description of TransferSee SCC APPENDIX, ANNEX I B above.
Annex II: Technical and organisational measuresSee SCC APPENDIX, ANNEX II above.
Annex III: List of Sub processorsAs provided to the Exporter upon written request.
Table 4: Ending this Addendum when the Approved Addendum Changes
Which Parties may end this Addendum as set out in Section 19:☒ Importer
☐ Exporter
☐ Neither Party

PART 2: MANDATORY CLAUSES

The Mandatory Clauses of the International Data Transfer Addendum to the EU Commission Standard Contractual Clauses (version B.1.0) issued by the UK Information Commissioner's Office are hereby incorporated by reference as if set forth herein in their entirety.