Terms of Service

1. DEFINITIONS

“Authorized Users”means individuals authorized by Customer to access and use the Platform on Customer’s behalf.

“Class A Data” (Operational Data) means data that supports day-to-day Platform use, including but not limited to: standalone personnel records, trip planning data, organizational settings, document uploads, user account information, and non-finalized trip instances. Information from a personnel record or other Class A Data that is incorporated into a finalized or completed operational record at the time that record is finalized becomes part of that Class B Data record and is governed by the Class B Data provisions of these Terms.

“Class B Data” (Operational Records) means records that have been finalized or completed within the Platform and are designated as immutable for audit trail integrity, including but not limited to: completed trip briefings, incident reports, communication logs, equipment checkout records, post-trip debriefs, and system audit logs. Class B Data includes information from a personnel record or other Class A Data that was incorporated into a finalized operational record at the time of its completion. Such information remains part of the finalized operational record as Class B Data regardless of any subsequent modification, deletion, or expiration of the underlying standalone Class A record.

“Class C Data”(De-identified Aggregates) means aggregated, de-identified data derived from Customer’s use of the Platform that cannot reasonably be used to identify Customer, its staff, or its participants.

“Customer”means the company, organization, or other legal entity on whose behalf these Terms are accepted, as further described in the introductory provisions of these Terms. Where no organization is identified, "Customer" means the individual accepting these Terms.

“Customer Data” means all data, content, documents, and information entered into, uploaded to, or generated within the Platform by or on behalf of Customer.

“Platform”means the Field Risk OS™ software-as-a-service application, which provides tools for documentation, operational workflow management, trip logistics, communication logging, incident documentation, and operational recordkeeping, including all updates, modifications, and enhancements made available by Provider. The Platform is a documentation and workflow tool only and does not provide safety advice, emergency communications, real-time field monitoring, or life-safety decision-making support.

“Service Agreement”means any executed agreement between Provider and Customer governing the commercial terms of Customer’s use of the Platform.

2. ACCOUNTS AND ACCESS

2.1 Account Creation

Access to the Platform is by invitation only. Each Authorized User must accept these Terms upon account creation.

2.2 Account Responsibility

You are responsible for maintaining the confidentiality of your login credentials and for all activity under your account. You must notify Provider immediately of any unauthorized use. Provider is not liable for loss or damage arising from failure to protect login credentials.

2.3 Account Restrictions

You may not share login credentials. Each Authorized User must have their own account.

3. ACCEPTABLE USE

3.1 Permitted Use

The Platform is licensed solely for Customer’s internal business operations, including: (a) documentation of trip planning, logistics, and execution; (b) operational workflow management; (c) communication logging; (d) incident documentation and recordkeeping; and (e) management of organizational and personnel records related to outdoor and expedition programs. The Platform is a documentation and workflow tool that Customer may use to support its own internal risk-management documentation processes; the Platform does not perform, evaluate, or advise on risk management, and Provider assumes no role in Customer's risk-management program. The Platform is not designed or intended for use as an emergency communication system, real-time field monitoring tool, or life-safety decision-making system, and must not be used for those purposes. Nothing in these Terms or the Platform's functionality constitutes safety advice, risk-management services, program approval, supervision of field operations, or emergency-response services by Provider.

3.2 Prohibited Conduct

You shall not:

• Use the Platform except as expressly permitted by these Terms and the applicable Service Agreement.
• Reverse engineer, decompile, disassemble, or derive source code from the Platform.
• Remove, alter, or obscure any proprietary notices on the Platform.
• Modify, adapt, or create derivative works based on the Platform.
• Sell, license, rent, or make the Platform available to any third party.
• Use the Platform to store or transmit unlawful, infringing, or harmful content.
• Use the Platform to store or transmit malicious code.
• Interfere with or disrupt the integrity or performance of the Platform.
• Attempt to gain unauthorized access to the Platform or its underlying systems.
• Use the Platform to build a competitive product or service.
• Share login credentials or provide access to unauthorized individuals.
• Use the Platform in any manner that violates applicable laws or regulations, including privacy and child protection laws.

3.3 Customer Operational Responsibilities

Customer is solely responsible for all aspects of its outdoor program operations, without limitation, including: (a) trip planning, route selection, and itinerary development; (b) recruitment, training, supervision, and credentialing of all staff and volunteers; (c) participant screening, intake, and health and fitness assessment; (d) development, maintenance, and implementation of emergency-action plans and emergency-response protocols; (e) all field decisions and operational judgments made during program activities; (f) compliance with all applicable federal, state, and local laws, regulations, ordinances, and permit requirements governing outdoor programs and participant safety; (g) satisfaction of all applicable accreditation standards; and (h) procurement and maintenance of all required insurance coverage. Nothing in these Terms, and no feature, output, template, or record generated through the Platform, constitutes or may be relied upon as safety guidance, operational approval, regulatory compliance advice, risk-management services, or a substitute for Customer's independent professional judgment, organizational standard operating procedures, emergency-response protocols, or Customer's own risk-management program. Provider's role is limited solely to providing a documentation and workflow platform; Provider does not perform, evaluate, supervise, or advise on risk management, field operations, or safety decisions of any kind.

4. DATA

4.1 Ownership

Customer retains all right, title, and interest in Customer Data. Provider retains all right, title, and interest in the Platform, including all software, algorithms, interfaces, documentation, and intellectual property.

4.2 Data Processing

With respect to Customer Data containing personal information, the parties acknowledge the following roles and obligations:

• Customer is the data controller. Customer solely determines what personal information is collected, entered into, and submitted to the Platform. Customer is responsible for ensuring it has a lawful basis for submitting personal information to the Platform and for compliance with all applicable privacy and data protection laws governing Customer's collection and use of personal information.
• Provider is the data processor. Provider processes Customer Data solely for the following purposes: (a) providing, maintaining, and operating the Platform; (b) securing and monitoring the Platform for unauthorized access, misuse, and security threats; (c) supporting, troubleshooting, and responding to Customer support requests; (d) improving and developing Platform features and functionality; (e) administering the Platform and Provider's business relationship with Customer; (f) complying with applicable law, regulation, or legal process; and (g) as otherwise described in these Terms, the applicable Service Agreement, or Provider's Privacy Policy at fieldriskos.com/legal. Provider will not use or disclose Customer Data for any purpose outside the foregoing without Customer's prior written consent.
• Provider will implement and maintain reasonable administrative, technical, and organizational safeguards appropriate to the nature of the Platform, the sensitivity of Customer Data, and the size and nature of Provider's operations, designed to protect Customer Data from unauthorized access, disclosure, alteration, and destruction. Provider does not guarantee absolute security and does not warrant that the Platform or Customer Data will be free from unauthorized access, security incidents, or data loss.
• Customer Data is stored primarily in the United States. Provider will use commercially reasonable efforts to ensure that Customer Data is not stored or transferred outside the United States, except as may be necessary in connection with authorized Sub-processors under Section 4.3.

4.3 Sub-Processors

Provider may engage third-party service providers ("Sub-processors") as necessary to operate, maintain, secure, and improve the Platform. Provider will ensure that each Sub-processor is bound by data protection obligations at least as protective as those set forth in these Terms with respect to Customer Data. A current list or description of Sub-processors, including the categories of data they process, is available to Customer upon written request. Provider may add, replace, or remove Sub-processors as necessary for Platform operation without prior notice to Customer, provided that Provider will update its Sub-processor information upon request.

4.4 Data Breach Notification

If Provider confirms, or reasonably believes based on available information, that a security incident has resulted in unauthorized access to Customer Data, Provider will notify Customer without undue delay and, where feasible, within ninety-six (96) hours of forming that belief. Notice may be delayed if a law enforcement agency requests delay in connection with an investigation, for the duration of that request. Notice will include, to the extent then known, a description of the nature of the incident, the categories of Customer Data believed to have been affected, and any steps Provider has taken or is taking in response. Provider does not guarantee that every security event will be identified within any specific time period.

4.5 Customer Content Responsibility

Customer is solely responsible for all data, documents, files, and content uploaded to, entered into, or generated through the Platform, including the accuracy, completeness, and currency of all such content. Provider does not review, verify, moderate, or screen Customer content. Customer represents and warrants that it has all necessary rights to upload or enter such content and that the content does not violate any applicable law. Provider is not responsible for any loss, liability, or adverse outcome arising from inaccurate, incomplete, or outdated data entered into or generated through the Platform.

4.6 Data Accuracy

Customer is solely responsible for the accuracy, completeness, quality, and legality of all Customer Data entered into or generated through the Platform. Provider makes no representation that the Platform will detect, flag, or correct inaccurate or incomplete data.

4.7 Emergency Contact Data

Emergency contact information constitutes personal information of third parties who are not Platform users. Customer is responsible for ensuring it has appropriate basis to provide this information.

4.8 Minor Participant Data

The Platform is a business-to-business service accessed and used exclusively by authorized adult personnel of Customer organizations. Minors do not create accounts, receive invitations, log in, or otherwise directly interact with the Platform. Parents and guardians do not access or use the Platform directly. All information about minor participants entered into the Platform is entered solely by Customer's authorized adult personnel acting within the scope of their responsibilities for Customer's programs.

Provider does not collect personal information directly from minors. Provider does not independently verify the age of individuals whose information Customer enters into the Platform and does not determine whether any particular consent, notice, permission, or legal authority is required in connection with any individual or program.

Customer is solely responsible for determining whether any consent, notice, permission, or other legal authority is required from a parent, legal guardian, or other person before collecting, uploading, using, or processing personal information about a minor through the Platform, and for obtaining and maintaining all such consents, notices, and permissions as required by applicable law, including the Children's Online Privacy Protection Act (COPPA), applicable state children's privacy laws, and any other applicable federal, state, or local law or regulation governing the collection and use of information about minors. Customer represents and warrants that it has obtained all legally required authority before submitting any personal information about a minor to the Platform.

Customer is solely responsible for ensuring that its collection, entry, use, storage, and processing of personal information about minor participants through the Platform complies with all applicable laws. Provider makes no representation that the Platform's architecture, features, or functionality satisfies any legal requirement applicable to Customer's collection or use of minor participant data.

4.9 Medical Information

The Platform is not a medical-record system and is not designed or intended to store comprehensive medical histories, diagnoses or medical conditions, prescriptions, medication lists, treatment plans, or medical profiles of any individual. Customer must not use the Platform to create or maintain records of that nature.

If enabled by the Platform, Customer may enter limited operational information - such as allergy information or dietary restrictions - for use in Customer's own internal program operations. Such information must be limited to what is reasonably necessary for Customer's program operations and must not constitute a comprehensive medical record or health profile. The Platform does not provide medical advice and does not replace Customer's emergency procedures, field protocols, or independent professional judgment regarding participant health or safety.

Incident reports and communication logs may include event-specific descriptions of injuries sustained, illness observed, first aid or medical treatment provided in the field, medications administered during an incident, evacuation details, and similar information that outdoor programs routinely document as part of incident recordkeeping. This type of operational incident documentation describes what occurred during a specific event and does not constitute a comprehensive medical record, diagnosis, or treatment plan.

Customer is solely responsible for the accuracy, completeness, legality, and appropriate use of all health-related information entered into or generated through the Platform. Customer is responsible for determining what health-related information it is legally permitted to collect, enter, store, and use in connection with its programs and for complying with all applicable laws and regulations governing that information. Customer's field personnel must independently verify all health-related and safety-critical information entered into the Platform before relying on it for any field decision, participant safety determination, or emergency response. Provider does not review, verify, or screen health-related information entered by Customer and makes no representation regarding Customer's compliance with any applicable law governing health information.

Unless Provider and Customer have executed a separate written Business Associate Agreement or equivalent written agreement expressly authorizing Provider to receive, maintain, or process protected health information ("PHI") as defined under the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations ("HIPAA"), Customer must not submit, upload, or enter into the Platform any information that constitutes PHI subject to HIPAA. Provider is not acting as a HIPAA Business Associate under these Terms, and no business associate relationship is created by these Terms alone. If Customer is a HIPAA covered entity or business associate and requires Provider to receive or process PHI on Customer's behalf, Customer must contact Provider prior to submitting any such information to discuss and, if agreed, execute a separate written agreement governing that arrangement. Customer is solely responsible for determining whether it is a covered entity or business associate under HIPAA and for ensuring that its use of the Platform complies with all applicable requirements of HIPAA and its implementing regulations.

4.10 Record Immutability

Record immutability is a Platform feature designed to support operational record integrity and audit trail consistency for Customer's programs. Once a record is marked as complete within the Platform, it cannot be edited or deleted through ordinary application functionality by any Authorized User. This feature is intended to assist Customer in maintaining consistent operational documentation and is not a legal record-retention service, a compliance guarantee, or a substitute for Customer's own recordkeeping obligations.

Notwithstanding the foregoing, Provider retains full administrative ability at the database or system level to delete, export, restrict, archive, or otherwise manage records where Provider determines, in its reasonable discretion, that such action is necessary for: (a) legal compliance or response to a legal process or governmental request; (b) data retention management, including implementation of data retention schedules; (c) security incident response or threat mitigation; (d) customer support, troubleshooting, or technical maintenance; (e) system administration; or (f) cessation, wind-down, or transition of Platform operations. Provider may exercise these administrative capabilities without prior notice to Customer where circumstances reasonably require prompt action.

Customer is solely responsible for satisfying all of its own legal, regulatory, accreditation, insurance, and program-specific recordkeeping obligations, including any obligation to retain, produce, or preserve records under applicable federal, state, or local law, accreditation standards, or insurance requirements. The Platform's record immutability feature does not satisfy, substitute for, or guarantee compliance with any such obligation. Customer must maintain its own independent copies of all records it is required to retain. Deletion or archiving of a standalone personnel record or other Class A record does not remove historical references to information from that record that was incorporated into a finalized Class B operational record at the time of its completion; such information remains part of the finalized operational record as Class B Data in accordance with Section 1 of these Terms. Provider does not guarantee that any record will be deleted within a particular timeframe, nor that deletion of one category of data will necessarily remove all references to that information contained in finalized operational records.

4.11 System Administrative Access

Consistent with and confirmatory of the administrative rights reserved in Section 4.10, Provider maintains elevated database and system-level access for customer support, maintenance, troubleshooting, data export, and legal compliance. Nothing in this Section 4.11 limits or supersedes the administrative capabilities described in Section 4.10, and nothing in Section 4.10 limits the scope of the access described in this Section 4.11.

4.12 De-identified Data

Provider may use aggregated or de-identified data derived from Customer's use of the Platform for Provider's internal purposes, including analytics, product improvement, research, and Platform development and enhancement. Data used for these purposes must be aggregated and de-identified such that it does not reasonably identify Customer, any other organization, any individual, or any participant in Customer's programs, whether alone or in combination with other reasonably available information.

For external purposes, including publication, benchmarking reports, or industry research, Provider may use aggregated or de-identified data only if such data is aggregated across a sufficient number of customers or records so that neither Customer, any other organization, nor any individual can reasonably be identified from the published or shared data, whether alone or in combination with other reasonably available information. Provider will not externally publish or share data derived solely or primarily from Customer's use of the Platform in a manner that would permit identification of Customer or any individual associated with Customer's programs.

5. DATA ON TERMINATION

5.1 Data Export

Upon termination or expiration of the applicable Service Agreement, Provider will use commercially reasonable efforts to make available a complete export of Customer Data in machine-readable format (CSV and/or JSON), including uploaded documents to the extent technically feasible, within the timeframe specified in the applicable Service Agreement. If no timeframe is specified in the Service Agreement, Provider will use commercially reasonable efforts to make the export available within sixty (60) days following the effective date of termination or expiration. Customer is responsible for requesting and retrieving its data export promptly following termination. Provider's data export obligations under this Section are subject to technical limitations, the availability of Provider personnel and systems, and any legal, backup retention, or security constraints applicable at the time of export. Provider is not responsible for any loss of data attributable to Customer's failure to request or retrieve an export within the applicable period.

5.2 Post-Export Data Handling

Following export delivery:

• Class A Data: Retained for up to ninety (90) days following export delivery, then permanently deleted, subject to any longer retention required by applicable law, backup retention cycles, security requirements, or technical limitations. Deletion of a standalone Class A record, including a personnel record, does not affect or delete historical references to that information contained within finalized Class B operational records.
• Class B Data:May be retained for up to three (3) years following the effective date of termination, subject to Provider’s continued operation, applicable legal obligations, backup retention cycles, security requirements, and technical limitations. Provider may delete Class B Data at any time within this period in its reasonable discretion.
• Class C Data: Retained indefinitely.

5.3 Customer Responsibility

Customer is solely responsible for maintaining its own copies of all Customer Data and records for legal, regulatory, accreditation, insurance, and operational purposes. Provider's data export obligations under these Terms do not modify or substitute for Customer's independent recordkeeping obligations under applicable law, accreditation standards, insurance requirements, or Customer's own program policies. Customer must not rely solely on the Platform as its system of record for any legal, compliance, or operational purpose.

6. INTELLECTUAL PROPERTY

6.1 Provider IP

The Platform and all associated intellectual property are and remain the sole and exclusive property of Provider.

6.2 Feedback

If Customer or any Authorized User provides suggestions, recommendations, or other feedback, Provider may use such feedback for any purpose without obligation or compensation.

7. FEES AND PAYMENT

7.1 Fees

Customer will pay the fees set forth in the applicable Service Agreement.

7.2 Billing

Unless otherwise specified, fees are billed quarterly in advance. Payment is due within thirty (30) days of invoice date (Net 30).

7.3 Late Payment

If payment is not received within thirty (30) days of invoice date, Provider may suspend Customer’s access upon written notice. If payment remains outstanding sixty (60) days after invoice date, Provider may terminate the Service Agreement upon written notice.

7.4 Taxes

All fees are exclusive of taxes. Customer is responsible for all applicable taxes, excluding taxes based on Provider’s income.

8. AVAILABILITY

8.1 Uptime

Provider will use commercially reasonable efforts to maintain availability. Provider does not guarantee any specific level of uptime and makes no service level commitments.

8.2 Maintenance

The Platform may be temporarily unavailable for maintenance, updates, or circumstances beyond Provider’s control.

8.3 Early-Stage Software

The Platform is in active development. Field Risk Systems LLC is an early-stage company with limited personnel and resources. Support response times, development capacity, and operational availability may be constrained accordingly.

9. DISCLAIMER

9.1 Safety Disclaimer

THE PLATFORM IS A DOCUMENTATION, WORKFLOW, AND OPERATIONAL-RECORD TOOL ONLY. THE PLATFORM SUPPORTS RECORDKEEPING, TRIP LOGISTICS, COMMUNICATION LOGGING, INCIDENT DOCUMENTATION, AND RELATED OPERATIONAL RECORDS MANAGEMENT. THE PLATFORM DOES NOT PROVIDE, AND IS NOT INTENDED TO PROVIDE, ANY SAFETY, MEDICAL, LEGAL, OUTDOOR, EDUCATIONAL, EMERGENCY-RESPONSE, OR RISK-MANAGEMENT ADVICE OR SERVICES OF ANY KIND, AND IS NOT DESIGNED OR INTENDED FOR USE AS AN EMERGENCY COMMUNICATION SYSTEM, REAL-TIME FIELD MONITORING TOOL, OR LIFE-SAFETY DECISION-MAKING SYSTEM. THE PLATFORM IS A TOOL THAT CUSTOMER MAY USE TO SUPPORT ITS OWN INTERNAL DOCUMENTATION OF ITS RISK-MANAGEMENT PROCESSES; PROVIDER DOES NOT PERFORM, EVALUATE, SUPERVISE, OR ADVISE ON RISK MANAGEMENT FOR CUSTOMER.

PROVIDER DOES NOT AND WILL NOT: (A) PLAN, APPROVE, SUPERVISE, GUIDE, MONITOR, OR CONDUCT TRIPS OR PROGRAM ACTIVITIES; (B) SELECT ROUTES, CAMPSITES, TRANSPORTATION MEANS, STAFF, OR PARTICIPANTS; (C) EVALUATE WEATHER CONDITIONS, TERRAIN, WATER CONDITIONS, PARTICIPANT FITNESS OR MEDICAL CONDITIONS, STAFFING RATIOS, OR EMERGENCY-ACTION PLANS; (D) VERIFY, CONFIRM, OR AUDIT ANY INFORMATION ENTERED INTO OR GENERATED THROUGH THE PLATFORM BY CUSTOMER OR ANY AUTHORIZED USER; (E) MONITOR FIELD OPERATIONS, PARTICIPANT SAFETY, OR PROGRAM ACTIVITIES IN REAL TIME; OR (F) DECIDE OR ADVISE WHETHER ANY TRIP OR PROGRAM ACTIVITY SHOULD PROCEED, BE MODIFIED, OR BE CANCELLED.

PROVIDER ASSUMES NO LIABILITY FOR SAFETY OUTCOMES IN THE FIELD, REGARDLESS OF WHETHER THE PLATFORM FUNCTIONED CORRECTLY, DISPLAYED COMPLETE OR ACCURATE INFORMATION, OR WAS USED AT ALL. CUSTOMER REMAINS SOLELY RESPONSIBLE FOR: ALL SAFETY DECISIONS AND FIELD OPERATIONS; STAFF TRAINING, CREDENTIALING, AND SUPERVISION; PARTICIPANT SCREENING AND SAFETY; TRIP PLANNING, ROUTE SELECTION, AND ITINERARY DEVELOPMENT; EMERGENCY-RESPONSE PLANNING AND EXECUTION; CUSTOMER'S OWN RISK-MANAGEMENT PROGRAM AND PRACTICES; DEVELOPMENT AND IMPLEMENTATION OF PROGRAM POLICIES AND STANDARD OPERATING PROCEDURES; AND COMPLIANCE WITH ALL APPLICABLE LAWS, REGULATIONS, PERMITS, ACCREDITATION STANDARDS, AND INSURANCE REQUIREMENTS. PROVIDER DOES NOT REPLACE AND HAS NOT REPLACED ANY PROFESSIONAL JUDGMENT, ORGANIZATIONAL STANDARD OPERATING PROCEDURES, OR EMERGENCY-RESPONSE PROTOCOLS.

9.2 Warranty Disclaimer

THE PLATFORM IS PROVIDED “AS IS” AND “AS AVAILABLE” WITHOUT WARRANTY OF ANY KIND. PROVIDER EXPRESSLY DISCLAIMS ALL WARRANTIES, WHETHER EXPRESS, IMPLIED, OR STATUTORY, INCLUDING WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT. PROVIDER DOES NOT WARRANT THAT: (A) THE PLATFORM WILL BE UNINTERRUPTED, TIMELY, SECURE, OR ERROR-FREE; (B) ANY DATA, RECORDS, OUTPUT, OR OTHER INFORMATION OBTAINED THROUGH THE PLATFORM WILL BE ACCURATE, COMPLETE, RELIABLE, OR CURRENT; OR (C) THE PLATFORM IS SUITABLE OR FIT FOR USE IN CONNECTION WITH EMERGENCY COMMUNICATIONS, LIFE-SAFETY DECISIONS, RISK-MANAGEMENT DETERMINATIONS, MISSION-CRITICAL OPERATIONS, MEDICAL DECISIONS, OR FIELD-SAFETY DETERMINATIONS OF ANY KIND. NO ORAL OR WRITTEN INFORMATION OR ADVICE GIVEN BY PROVIDER OR ITS PERSONNEL WILL CREATE ANY WARRANTY NOT EXPRESSLY STATED IN THESE TERMS. CUSTOMER IS SOLELY RESPONSIBLE FOR INDEPENDENTLY VERIFYING ALL INFORMATION, DATA, RECORDS, AND OUTPUT GENERATED BY OR THROUGH THE PLATFORM BEFORE RELYING ON IT FOR ANY PURPOSE.

10. LIMITATION OF LIABILITY

10.1 Exclusion of Consequential Damages

IN NO EVENT WILL EITHER PARTY BE LIABLE FOR ANY INDIRECT, SPECIAL, INCIDENTAL, CONSEQUENTIAL, COVER, OR PUNITIVE DAMAGES, INCLUDING LOSS OF PROFITS, LOSS OF REVENUE, LOSS OF DATA, DATA CORRUPTION, COST OF SUBSTITUTE SERVICES, BUSINESS INTERRUPTION, PERSONAL INJURY, OR PROPERTY DAMAGE, EVEN IF SUCH PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES AND REGARDLESS OF THE THEORY OF LIABILITY, WHETHER IN CONTRACT, TORT, STRICT LIABILITY, OR OTHERWISE. THE FOREGOING EXCLUSION APPLIES TO ANY CLAIM ARISING FROM OR RELATED TO FIELD OPERATIONS, OUTDOOR PROGRAM ACTIVITIES, PARTICIPANT SAFETY, EMERGENCY RESPONSE, CUSTOMER'S OWN RISK-MANAGEMENT PROGRAM OR PRACTICES, OR ANY FAILURE OF CUSTOMER TO INDEPENDENTLY VERIFY INFORMATION GENERATED BY OR THROUGH THE PLATFORM. THE LIMITATIONS OF LIABILITY SET FORTH IN THIS SECTION 10 WILL APPLY NOTWITHSTANDING THE FAILURE OF ESSENTIAL PURPOSE OF ANY LIMITED REMEDY.

10.2 Liability Cap

PROVIDER'S TOTAL AGGREGATE LIABILITY TO CUSTOMER AND ALL AUTHORIZED USERS, FROM ALL CAUSES OF ACTION AND ALL THEORIES OF LIABILITY, WILL NOT EXCEED THE TOTAL FEES ACTUALLY PAID BY CUSTOMER TO PROVIDER IN THE TWELVE (12) MONTHS IMMEDIATELY PRECEDING THE FIRST INCIDENT GIVING RISE TO LIABILITY (THE "LIABILITY CAP"). THIS CAP APPLIES TO ALL CLAIMS IN THE AGGREGATE, INCLUDING WITHOUT LIMITATION CLAIMS ARISING FROM DATA SECURITY INCIDENTS, SECURITY BREACHES, LOSS OF CUSTOMER DATA, OR FAILURE OF PLATFORM FUNCTIONALITY.

10.3 Exceptions

The exclusions and limitations in Sections 10.1 and 10.2 do not apply to: (a) Customer’s payment obligations under Section 7; (b) Customer’s indemnification obligations under Section 11; (c) either party’s liability for gross negligence or willful misconduct; or (d) either party's liability for misappropriation or infringement of the other party's intellectual property. For the avoidance of doubt, all claims arising from data security incidents or breaches remain subject to the aggregate Liability Cap in Section 10.2 unless the parties have expressly activated the optional security super-cap by written agreement in a signed Service Agreement.

11. INDEMNIFICATION

11.1 Scope of Customer Indemnification.

Customer will indemnify, defend, and hold harmless Provider and its members, managers, officers, employees, agents, successors, and assigns (collectively, "Provider Indemnitees") from and against any and all third-party claims, demands, actions, damages, losses, liabilities, costs, and expenses (including reasonable attorneys’ fees) ("Losses") arising from or relating to:

(a) Customer’s or any Authorized User's access to or use of the Platform, including any use that exceeds the scope of the license granted under these Terms;

(b) Customer Data or any data, documents, files, or content uploaded to, entered into, or generated through the Platform by or on behalf of Customer;

(c) Customer’s breach of these Terms or any Service Agreement;

(d) Customer’s violation of any applicable federal, state, or local law, regulation, ordinance, or permit requirement;

(e) Customer's own safety practices, risk-management program and decisions, emergency-response planning or execution, and field operations, including any trip, program activity, or outdoor expedition conducted by or under the supervision of Customer;

(f) claims brought by participants, minor participants, parents or legal guardians of participants, staff members, volunteers, or any other third party arising from or related to Customer's outdoor programs or use of the Platform in connection therewith; or

(g) Customer's failure to independently verify information generated by or through the Platform before relying on it for any operational, safety, or field decision.

Customer's indemnification obligations under this Section 11.1 survive termination or expiration of these Terms.

11.2 Indemnification Procedure.

Provider will: (a) promptly notify Customer in writing of any claim for which indemnification is sought, provided that failure to provide timely notice shall not relieve Customer of its indemnification obligations except to the extent Customer is materially prejudiced by the delay; (b) grant Customer sole control of the defense and settlement of the claim, provided that Customer may not settle any claim that imposes any obligation, restriction, or liability on any Provider Indemnitee without Provider's prior written consent; and (c) provide Customer with reasonable cooperation and assistance in the defense of the claim at Customer's expense.

12. CONFIDENTIALITY

12.1 Definition

“Confidential Information” means all non-public information disclosed by one Party to the other in connection with these Terms or the Platform that is designated as confidential or that a reasonable party would understand to be confidential given the nature of the information and the circumstances of disclosure.

Customer Data is Customer's Confidential Information. All non-public information about Customer's programs, participants, staff, and internal operations that Customer discloses to Provider in connection with these Terms is also Customer's Confidential Information.

The Platform and all related technology are Provider’s Confidential Information, including without limitation: source code, object code, software architecture and design, algorithms, product plans and roadmaps, security information and practices, pricing and commercial terms, and non-public business and financial information of Provider. The terms of any Service Agreement are the Confidential Information of both Parties.

12.2 Obligations

Each Party will: (a) use the other’s Confidential Information only for purposes of these Terms or the applicable Service Agreement; (b) protect the other's Confidential Information using at least the same degree of care it uses to protect its own confidential information of similar sensitivity, but in no event less than reasonable care; and (c) not disclose the other's Confidential Information to any third party except as expressly permitted by these Terms.

Each Party may disclose Confidential Information to its employees, contractors, advisors, and service providers who (i) have a need to know the Confidential Information for purposes of these Terms or the applicable Service Agreement and (ii) are bound by written confidentiality obligations at least as protective as those set forth in this Section 12. Each Party remains responsible for any breach of these confidentiality obligations by persons to whom it discloses Confidential Information.

12.3 Exceptions

Confidential Information excludes information that: (a) becomes publicly known without breach; (b) was previously known; (c) is received from a third party without obligation; or (d) is independently developed.

12.4 Required Disclosure

A Party may disclose Confidential Information if required by law, with reasonable prior notice where legally permitted.

13. TERM AND TERMINATION

13.1 Term

These Terms are effective when you first access the Platform and remain in effect for as long as you have access or until terminated.

13.2 Termination

Termination of access is governed by the applicable Service Agreement. Upon termination, these Terms terminate except for provisions expressly identified in Section 13.3 as surviving.

13.3 Surviving Provisions

Sections 1, 3, 4, 5, 6, 9, 10, 11, 12, 14, 15, and 16 survive termination.

14. GOVERNING LAW AND DISPUTE RESOLUTION

14.1 Governing Law

These Terms are governed by the laws of the State of Wisconsin, without regard to conflict of laws provisions. Each party consents to personal jurisdiction and venue in the state and federal courts located in Dane County, Wisconsin for any dispute not subject to arbitration under these Terms or otherwise brought in court.

14.2 Mandatory Arbitration

Except as provided below, any dispute arising out of or relating to these Terms or the Platform will be resolved by binding arbitration in Dane County, Wisconsin, under the Commercial Arbitration Rules of the American Arbitration Association then in effect. The arbitrator’s decision is final and binding and may be enforced in any court of competent jurisdiction.

Notwithstanding the foregoing, either party may bring the following claims in a court of competent jurisdiction without first arbitrating:

(a) Small Claims. Any claim that falls within the jurisdiction of a small claims court of competent jurisdiction;

(b) Injunctive or Equitable Relief. Any claim for provisional, interim, or preliminary injunctive or other equitable relief necessary to preserve the status quo or prevent irreparable harm pending the outcome of arbitration;

(c) Intellectual Property and Unauthorized Access. Any claim arising from misuse or infringement of a party's intellectual property rights, misappropriation of trade secrets, or unauthorized access to or use of the Platform or confidential systems; or

(d) Confidentiality Violations. Any claim arising from a material breach of Section 12 of these Terms where the breach has caused or threatens to cause irreparable harm.

The existence of a dispute subject to arbitration does not prevent either party from seeking emergency or provisional court relief of the kind listed above. Any such court proceeding is not a waiver of the right to arbitrate the underlying dispute on the merits.

14.3 Arbitration Opt-Out

Customer may opt out of mandatory arbitration by providing written notice to Provider at info@fieldrisksystems.com within thirty (30) days of first accepting these Terms. The notice must state Customer’s name, contact information, and a clear statement that Customer is opting out of arbitration. The opt-out applies to Customer and its Authorized Users as a whole and does not affect any other provision of these Terms. If Customer opts out, any dispute not otherwise resolved will be subject to the jurisdiction and venue provisions of Section 14.1.

14.4 Class Action Waiver

CUSTOMER AGREES THAT ANY DISPUTE WILL BE RESOLVED ON AN INDIVIDUAL BASIS ONLY. CUSTOMER WAIVES ANY RIGHT TO PARTICIPATE IN, COMMENCE, OR MAINTAIN ANY CLASS ACTION, COLLECTIVE ACTION, CONSOLIDATED ACTION, OR REPRESENTATIVE PROCEEDING AGAINST PROVIDER, WHETHER IN ARBITRATION OR IN COURT. THE ARBITRATOR MAY NOT CONSOLIDATE MORE THAN ONE PERSON'S OR ENTITY'S CLAIMS AND MAY NOT PRESIDE OVER ANY CLASS OR REPRESENTATIVE PROCEEDING. IF THIS WAIVER IS FOUND UNENFORCEABLE WITH RESPECT TO ANY CLAIM, THAT CLAIM MUST BE SEVERED FROM ARBITRATION AND LITIGATED IN COURT, BUT THE WAIVER REMAINS IN EFFECT FOR ALL OTHER CLAIMS.

14.5 Waiver of Jury Trial

TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, EACH PARTY IRREVOCABLY WAIVES ITS RIGHT TO TRIAL BY JURY IN ANY ACTION, PROCEEDING, OR COUNTERCLAIM ARISING UNDER OR RELATING TO THESE TERMS THAT IS NOT RESOLVED BY ARBITRATION. THIS WAIVER APPLIES WHETHER THE CLAIM IS ASSERTED AS A COUNTERCLAIM, CROSS-CLAIM, OR OTHERWISE, AND REGARDLESS OF THE FORM OF THE ACTION OR THE NATURE OF THE RELIEF SOUGHT.

15. GENERAL PROVISIONS

15.1 Entire Agreement

These Terms, together with the applicable Service Agreement and Privacy Policy, constitute the entire agreement regarding use of the Platform.

15.2 Amendments

Provider may update these Terms from time to time by posting the updated version at fieldriskos.com/legal and updating the effective date.

Non-material updates - including clarifications, typographical corrections, reorganization of existing provisions, and changes that do not materially affect Customer's rights or obligations - are effective upon posting. Continued use of the Platform after such updates are posted constitutes acceptance.

Material changes - including changes to fees or payment terms, data handling practices, Customer's substantive rights or obligations, the limitation of liability or indemnification provisions, or the dispute resolution process - will be communicated to Customer with reasonable advance notice, by email to the address on file or by in-Platform notification, where practicable. Material changes will become effective no sooner than thirty (30) days after notice is provided, unless a shorter period is required by law, a security requirement, or an operational necessity that Provider could not reasonably anticipate. If Customer does not agree to a material change, Customer’s sole remedy is to terminate the applicable Service Agreement in accordance with its terms before the effective date of the change.

Notwithstanding the foregoing, Provider may make updates effective immediately and without advance notice where required by applicable law, court order, regulatory requirement, or to address an urgent security vulnerability or risk to the Platform or Customer Data. Provider will notify Customer of such updates as soon as reasonably practicable.

15.3 Assignment

Customer may not assign without Provider’s consent. Provider may assign to a successor in connection with a merger, acquisition, or sale of substantially all assets.

15.4 Severability

If any provision is held invalid, the remaining provisions continue in full force.

15.5 Notices

All notices must be in writing. Notices to Provider: info@fieldrisksystems.com. Notices to Customer: the email address on file.

15.6 Force Majeure

Neither Party is liable for delays or failures in performance due to causes beyond its reasonable control, including but not limited to acts of God, natural disasters, pandemic, war, terrorism, governmental action, civil disturbance, power or internet failure, or third-party hosting or infrastructure outages. Force majeure does not excuse either party's payment obligations under these Terms or any applicable Service Agreement. Provider's obligations with respect to advance notice, data export, and transition assistance upon cessation or wind-down of operations are governed exclusively by Section 16, which sets out the specific commitments and qualifications applicable in those circumstances, and are not modified or expanded by this Section 15.6.

15.7 Independent Contractors

The Parties are independent contractors.

15.8 Waiver

No failure to exercise any right constitutes a waiver.

15.9 No Third-Party Beneficiaries

These Terms do not confer any rights on any third party. No person other than the Parties is a beneficiary of these Terms.

15.10 Electronic Acceptance

Each Authorized User's access to the Platform requires affirmative acceptance of these Terms by clicking "I Agree" or a similarly labeled acceptance button or checkbox presented at account creation or upon first login. Such affirmative click-through action constitutes a legally binding electronic signature and agreement to these Terms, with the same force and effect as a handwritten signature, pursuant to the Electronic Signatures in Global and National Commerce Act (E-SIGN Act), 15 U.S.C. 7001 et seq., and applicable state electronic signature laws. Provider maintains records of each acceptance event, including the date, time, and identity of the accepting user. No Authorized User may access the Platform without completing this acceptance.

16. CESSATION OF OPERATIONS

If Field Risk Systems LLC ceases operations, winds down, or transitions the Platform to another operator or successor, Provider will use commercially reasonable efforts to take the steps set out below. Provider's ability to fulfill these commitments may be limited or prevented by circumstances beyond Provider's reasonable control, including but not limited to insolvency or bankruptcy proceedings, emergency shutdown, security incidents, loss of hosting infrastructure, regulatory action, or other events that impair orderly wind-down operations. Nothing in this Section creates an absolute obligation or guarantee of performance in those circumstances.

• Provider will use commercially reasonable efforts to notify affected Customers in advance of the cessation or transition date, where practicable. Provider will aim to provide at least sixty (60) days' advance notice, but cannot guarantee this timeline where circumstances prevent or impair orderly wind-down operations.
• Provider will use commercially reasonable efforts to make Customer Data available for export in machine-readable format prior to or promptly following cessation, to the extent Provider has the technical capacity and operational resources to do so at the time.
• Provider will use commercially reasonable efforts to make available transition information where practicable, including information about the format and content of available Customer Data exports, to assist Customer in migrating or preserving its records.
• Customer is solely responsible for maintaining its own copies of all records at all times and must not rely on the Platform as its primary or only copy of any data, document, or record. Provider's cessation-related commitments under this Section do not modify or substitute for Customer's independent legal, regulatory, accreditation, insurance, or operational recordkeeping obligations.

17. CONTACT

Field Risk Systems LLC

info@fieldrisksystems.com