Perplexity API Terms of Service

Last Updated: February 17th,  2024

These API Terms and Conditions are an agreement between Perplexity AI, Inc., a Delaware corporation (“Perplexity”) and you (“Customer”) that governs Customer’s access to and use of the API Platform and other Perplexity Materials (each, as defined below). By creating an account to use the Perplexity Materials or by accessing or using the Perplexity Materials, Customer agrees to be bound by these API Terms and Conditions.  If you are an individual using the Perplexity Materials on behalf of an entity, then “Customer” includes you and the entity, and you represent to Perplexity that (a) you are an authorized representative of the Customer entity with the authority to bind the Customer entity to these API Terms and Conditions, and (b) you agree to these API Terms and Conditions on the entity’s behalf.

These API Terms and Conditions also refer to and incorporate the Data Processing Agreement (“DPA”), and any other guidelines or policies we may provide in writing and any ordering document signed by Customer and Perplexity or Perplexity webpage that Customer uses to purchase access to the Perplexity Materials (the “Order,” and together with the DPA and these API Terms and Conditions, the “Agreement”). 

1. DEFINITIONS.  As used herein, the following capitalized terms shall carry the indicated meanings, and other capitalized terms shall have the meaning set forth for such term elsewhere in the Agreement:

   1. “API Documentation” means any reference materials relating to integration with the API Platform which may be provided by Perplexity to Customer from time to time. 

   2. “API Key” means each unique identifier or credential issued by Perplexity to Customer that must be sent as part of each Call.  

   3. “API Platform” means Perplexity’s proprietary API integration platform intended to allow software applications that are integrated with the API Platform to send requests to and receive responses from multiple open-source large language models (“LLMs”); 

   4. “Call” means any request for a response or result from the API Platform enabled by Perplexity to be sent to the API Platform, as set forth in the API Documentation. 

   5. “Customer Application” means the software and other applications that Customer integrates with the API Platform.  

   6. “Response” means a response sent by the API Platform in response to a Call. 

2. USE OF PLATFORM.

   1. Right to Use.  Subject to all terms and conditions of the Agreement, including Customer’s compliance with all payment obligations hereunder, Customer may, on a non-exclusive and non-transferable (except in connection with a permitted assignment under Section 10.4) basis during the term of the Agreement: (i) internally use the API Documentation for purposes of enabling and maintaining the integration between the Customer Application and the API Platform, and (ii) following the successful completion of such integration, use the Customer Application to send Calls and receive and display corresponding Responses within the Customer Application through the API Platform, in each case through use of the API Key provided by Perplexity and in accordance with the most current API Documentation. Customer acknowledges and agrees that Perplexity reserves the right to suspend or terminate Customer’s access to the API Platform and the other Perplexity Materials for any or no reason.

   2. Restrictions.  Customer is solely responsible for all content, including but not limited to code, video, images, information, data, text, software, messages, or other materials (“Customer Content”) that Customer or its users transmits via the API Platform. Customer’s use of the API Platform may also be subject to license and use restrictions set forth in the applicable LLM license. Perplexity reserves the right to investigate and take appropriate legal action against anyone who, in Perplexity’s sole discretion, violates this Section 2.2, including without limitation, removing the offending Customer Content from Perplexity’s website or API Platform, suspending or terminating the account of such violators, and reporting them to applicable law enforcement authorities.  Customer has no right or license to, and shall not nor permit others to: 

      1. upload or transmit any Customer Content that: (i) infringes any intellectual property or other proprietary rights of any party; (ii) is prohibited under any law or contractual or other relationships; (iii) contains software viruses or any other computer code, files, or programs designed to interrupt, destroy, or limit the functionality of any computer software or hardware or telecommunications equipment; (iv) poses or creates a privacy or security risk to any person; (v) constitutes unsolicited or unauthorized advertising, promotional materials, commercial activities and/or sales, “junk mail,” “spam,” “chain letters,” “pyramid schemes,” “contests,” “sweepstakes,” or any other form of solicitation; (vi) is unlawful, harmful, threatening, abusive, harassing, tortious, excessively violent, defamatory, vulgar, obscene, pornographic, libelous, invasive of another's privacy, hateful racially, ethnically or otherwise objectionable; or (vii) in the sole judgment of Perplexity, is objectionable or which restricts or inhibits any other person from using or enjoying Perplexity’s website or the API Platform, or which may expose Perplexity or its users to any harm or liability of any type;

      2. copy, distribute, rent, lease, lend, sublicense, transfer or make derivative works of the API Platform, API Documentation, API Key, or any related materials provided by Perplexity (collectively, the “Perplexity Materials”) or use any of the foregoing on a service bureau basis; 

      3. decompile, reverse engineer, or disassemble the Perplexity Materials or otherwise attempt to discover the source code of the Perplexity Materials; 

      4. use the Perplexity Materials to create or make available an application programming interface or other product or service similar to, or that would otherwise be a substitute for, the API Platform; 

      5. engage in any activity with the Perplexity Materials that interferes with, disrupts, damages or accesses in an unauthorized manner the servers, networks or other properties or services of Perplexity or any third party; 

      6. violate, encourage the violation of, or offer guidance on violating any applicable local, state, national, or international law, or any regulations having the force of law;

      7. pretend to be someone or something else, or provide false information or misrepresent Customer’s connection to a person or entity;

      8. solicit personal information from anyone under the age of 18;

      9. gather or accumulate email addresses or any contact details of other users from Perplexity’s website or the API Platform through electronic or alternative methods with the intent of dispatching unsolicited emails or other unrequested communications; or

      10. utilize the API Platform to generate harmful or offensive content (as determined solely by Perplexity) or any content that breaches a Perplexity policy; or employ the API Platform (or any aspect thereof or the technology within) in a way that infringes upon, wrongfully appropriates, or otherwise breaches the intellectual property rights or any other rights of individuals, or contravenes any applicable laws.

   3. Customer Account.  To use the Perplexity Materials, Customer will need to create an account (“Account”).  Customer agrees to provide Perplexity with accurate, complete and updated information in Customer’s Account.  Customer is solely responsible for any activity on its Account and for maintaining the confidentiality and security of Customer’s password.  Perplexity is not liable for any acts and omissions by Customer in connection with its Account.  Customer shall immediately notify Perplexity if Customer expects its account or password have been stolen, misappropriated or otherwise compromised, or in case of any actual or suspected unauthorized use of Customer’s Account.

   4. API Key.  Customer is responsible for the compliance with this Agreement of any and all persons accessing the API Platform using any API Key.  Customer shall use all reasonable means to secure API Keys, and shall promptly notify Perplexity if it suspects that any API Key has been compromised.

   5. Data.  Customer agrees that Perplexity may use and disclose all data submitted to the API Platform through the Customer Application as follows: (i) Perplexity may use and disclose such data as is reasonably necessary or desirable for purposes of providing the functionality of the API Platform to Customer and end users of the Customer Application during the term of the Agreement (and for such additional period set forth in Section 9.2, if applicable); (ii) Perplexity may use such data for its internal business purposes (e.g., for informing its product development efforts); (iii) Perplexity may engage in analysis and processing of such data and disclose the results of such analysis and processing; provided that such results do not identify Customer or any of its employees, agents, clients or end users; and (iv) Perplexity may disclose such data to the extent required by applicable law or legal process.  Unless otherwise agreed in writing by the parties, Perplexity does not receive any “Personal Data” through the API Platform (including about any authorized end user who submits data to the API Platform), as such term is defined in the DPA, and instead receives log information and metadata relating to any Call. Notwithstanding the foregoing, the parties agree that the DPA applies to the extent that Personal Data is received by Perplexity from Customer or end users of Customer through the API Platform.  

3. INTELLECTUAL PROPERTY.  As between the parties, Perplexity retains all right title and interest, including all intellectual property rights, in and to the Perplexity Materials and any and all improvements, modifications or enhancements thereto, well as all related software programs, data, documentation, specifications, descriptions, algorithms, methods, processes, techniques and know-how (the “Perplexity Property”).  Perplexity shall be free to use, implement and exploit in any manner any and all ideas, suggestions, recommendations and/or feedback from Customer and/or its personnel relating to the Perplexity Property. As between the parties, Customer retains all intellectual property rights in and to all Customer Content (subject to Perplexity’s ownership of any Perplexity Materials contained therein).    

4. FEES.

   1. Usage Fees.  Customer agrees to pay the fees charged to its Account according to the prices and terms on the Pricing Page, or as otherwise stated in an Order. All price changes will be effective thirty (30) days after they are posted, unless such changes are made for legal reasons, in which case, they will be effective immediately.  Perplexity has the right to correct pricing errors or mistakes even after issuing an invoice or receiving payment.  Customer hereby authorizes Perplexity and its third-party payment processor(s) to charge the payment method provided through Customer’s Account on a monthly basis (or other periodic basis set forth in an Order), but Perplexity may reasonably change the date on which the charge is posted.  If Perplexity issues an invoice, Customer shall pay such invoice within thirty (30) days of the invoice date. Any payments due to Perplexity under the Agreement not received by the date due will be subject to a late fee of 1.5% per month, or the maximum charge permitted by law, whichever is less.  All payments are non-refundable and must be made in U.S. dollars.  

   2. Taxes.  Customer is responsible for paying any and all withholding, sales, value added or other taxes, duties or charges applicable to the fees payable by Customer under this Agreement, other than taxes based on Perplexity’s income.

5. CONFIDENTIALITY

   1.   Confidential Information.  Each party (the “receiving party”) shall keep confidential and not disclose to any third party all information and materials provided or made available by the other party (the “disclosing party”) which the receiving party should reasonably understand to be confidential or proprietary to the disclosing party due to its content and/or the circumstances surrounding its disclosure (“Confidential Information”). Without limitation, the API Documentation, API Keys, features, functionality and performance of the API Platform, and any information regarding potential or actual modifications or updates to any of the foregoing constitutes Confidential Information of Perplexity. “Confidential Information” shall not include any Personal Data provided by Customer or end users of Customer.

   2. Protection of Confidential Information.  The receiving party agrees: (i) to protect the confidentiality of the disclosing party’s Confidential Information with at least the same degree of care that it utilizes with respect to its own similar confidential information; (ii) not to disclose or otherwise permit any other person or entity access to, in any manner, the Confidential Information, or any part thereof in any form whatsoever, except that such disclosure or access shall be permitted to an employee of the receiving party requiring access to the Confidential Information in the course of his or her employment in connection with this Agreement and who has signed an agreement obligating the employee to maintain the confidentiality of the confidential information of third parties in the receiving party’s possession; (iii) to notify the disclosing party promptly and in writing of the circumstances surrounding any suspected possession, use or knowledge of the Confidential Information or any part thereof at any location or by any person or entity other than those authorized by this Agreement; and (iv) not to use the Confidential Information for any purpose other than as explicitly set forth herein. 

   3. Exceptions.  Confidential Information shall not include information that:  (a) was rightfully possessed by the receiving party without restrictions before it was received from the disclosing party, as supported by documentary evidence; (b) is independently developed by the receiving party without reference to or use of the disclosing party’s information or data, as supported by documentary evidence; (c) is subsequently furnished to the receiving party by a third party not under any obligation of confidentiality with respect to such information or data, and without restrictions on use or disclosure; or (d) is or becomes available to the general public otherwise than through any act or default of the receiving party.  In addition, the receiving party shall not be in breach of this Section 5 for any disclosure of Confidential Information required by law or legal process, provided that in the event of such requirement the receiving party shall (other than to the extent prohibited by law) provide prior written notice to the disclosing party and reasonably cooperate, at the disclosing party’s expense, with any efforts by the disclosing party to contest or limit such disclosure requirement (e.g., a protective order). 

   4. Injunctive Relief.  Because the unauthorized use, transfer or dissemination of any Confidential Information provided may diminish substantially the value of such information and may irreparably harm the disclosing party, the disclosing party shall, without limiting its other rights or remedies, be entitled to equitable relief, including but not limited to injunctive relief, with respect to any actual or threatened breach of the provisions of this Section 5 by the receiving party.

6. REPRESENTATIONS AND WARRANTIES.  Each party represents and warrants to the other party that: (i) it has the requisite power and authority and the legal right to enter into the Agreement and to perform its obligations hereunder; and (ii) the entry into the Agreement and the performance of such party’s obligations hereunder do not conflict with, or constitute a default under, any contractual obligation of such party.

7. LIMITATION OF LIABILITY; DISCLAIMERS.

   1. EXCEPT AS EXPRESSLY SET FORTH HEREIN, THE API PLATFORM, API KEYS, AND API DOCUMENTATION ARE PROVIDED “AS IS” AND “WITH ALL FAULTS” AND PERPLEXITY MAKES NO EXPRESS OR IMPLIED WARRANTIES OF ANY KIND WITH RESPECT THERETO OR THE SUBJECT MATTER OF THIS AGREEMENT AND DISCLAIMS ALL OTHER WARRANTIES, WHETHER EXPRESS, IMPLIED OR STATUTORY, INCLUDING BUT NOT LIMITED TO WARRANTIES OF MERCHANTABILITY, NONINFRINGEMENT OR FITNESS FOR A PARTICULAR PURPOSE.  WITHOUT LIMITING THE GENERALITY OF THE FOREGOING, PERPLEXITY MAKES NO REPRESENTATION OR WARRANTY THAT THE API PLATFORM SHALL BE ERROR-FREE, THAT DEFECTS WILL BE CORRECTED OR THAT ACCESS TO THE API PLATFORM WILL BE UNINTERRUPTED. CUSTOMER ACKNOWLEDGES AND AGREES THAT PERPLEXITY SHALL HAVE NO LIABILITY RESULTING FROM ANY FAILURE OR DEFECT IN THE API PLATFORM, API KEYS, OR API DOCUMENTATION.

   2. OTHER THAN INDEMNIFICATION OBLIGATIONS UNDER SECTION 8 OR A BREACH OF SECTION 5, AND LIABILITY ARISING FROM A PARTY’S GROSS NEGLIGENCE OR WILLFUL MISCONDUCT, TO THE MAXIMUM EXTENT PERMITTED UNDER APPLICABLE LAW: (I) IN NO EVENT SHALL EITHER PARTY BE LIABLE FOR SPECIAL, INCIDENTAL, CONSEQUENTIAL OR OTHER INDIRECT DAMAGES ARISING OUT OF OR RELATING TO THIS AGREEMENT, INCLUDING WITHOUT LIMITATION ANY LOST PROFITS OR BUSINESS, REGARDLESS OF THE FORESEEABILITY OR ANY NOTICE OF SUCH DAMAGES AND REGARDLESS OF THE THEORY OF LIABILITY; AND (II) THE TOTAL AGGREGATE LIABILITY OF EACH PARTY ARISING OUT OF OR RELATED TO THIS AGREEMENT WILL NOT EXCEED THE AMOUNTS PAID BY CUSTOMER TO PERPLEXITY UNDER THE AGREEMENT, REGARDLESS OF THE THEORY OF LIABILITY.  

8. INDEMNIFICATION. Customer agrees to indemnify and hold harmless Perplexity and its directors, officers, employees or agents (the “Perplexity Indemnitees”) from and against any liabilities, damages, interest, losses, costs, expenses (including reasonable attorneys’ fees) to the extent arising out of Customer’s use of the Perplexity Materials or Responses or from the Customer Application.

9. TERM; TERMINATION

   1. Term.  This Agreement shall commence upon the earlier of Customer’s online acceptance of these API Terms and Conditions, the effective date of and Order or the date Customer first uses the API Platform or other Perplexity Materials and shall continue until terminated in accordance with Section 9.2. 

   2. Termination Rights. This Agreement may be terminated at any time by either party, effective immediately upon notice, if the other party: breaches any of its material obligations under this Agreement and the breach is not cured within thirty (30) days from written notice of such breach from the other party (provided that Perplexity may terminate the Agreement immediately if Customer breaches Section 2.1).  Perplexity may terminate the Agreement for any or no reason by providing written notice to Customer at least thirty (30) days before the desired termination date (“Termination for Convenience”) or immediately if the Perplexity Materials or the provision thereof under the Agreement are suspected to infringe or otherwise violate a third party’s intellectual property rights or violate applicable laws, rules or regulations. For six (6) months immediately following a Termination for Convenience, each party shall continue to perform its obligations under this Agreement with respect to Customer’s then existing and current users of the API Platform through the Customer Application and all terms of this Agreement shall govern such performance; provided, that Customer may not implement new uses of the API Platform or other Perplexity Materials during such six (6) month period including any new customer sales or extensions for existing customers. Nothing in this Section 9.2 limits Perplexity’s termination or suspension rights under Section 2.1.

   3. Effect of Expiration or Termination.  Upon the expiration or termination of this Agreement, each party shall return to the other party all Confidential Information of the other party and all copies thereof.  For the avoidance of doubt, Perplexity may retain the data submitted to the API Platform through the Customer Application and continue to use and disclose such data solely in accordance with Section 2.5(ii)-(iv).  Expiration or termination of this Agreement shall be without prejudice to any rights which shall have accrued to the benefit of a party prior to such expiration or termination.  Sections 2.2, 2.4, 2.5, 3, 4, 5, 7, 8, 9.2, 9.3 and 10, survive any expiration or termination of the Agreement. 

10. MISCELLANEOUS

    1. 10.1.Governing Law; Dispute Resolution.  This Agreement shall be governed by the laws of California  The parties shall try in good faith to resolve any dispute or claim related to or arising out of this Agreement, or the interpretation, making, performance, breach or termination thereof, amicably by themselves.  If the dispute or claim cannot be resolved by the parties themselves, then it shall be adjudicated exclusively by the state and federal courts located in California.  Notwithstanding the foregoing, the parties may apply to any court of competent jurisdiction for temporary or permanent injunctive relief without breach of this Section 10.1.  

    2. 10.2.Severability.  In the event any one or more of the provisions of this Agreement are unenforceable, it shall be stricken from this Agreement but the remainder of the Agreement shall be unimpaired.

    3. 10.3.Waiver.  No waiver of any term of this Agreement shall bind the party making such waiver unless in writing and signed by the party making such waiver.  Any such waiver shall be effective only in the specific instance and for the specific purpose given.  No waiver by a party hereto of any breach or default of any of the covenants or agreements herein set forth shall be deemed a waiver as to any subsequent and/or similar breach or default.

    4. 10.4.Assignment.  Neither party may assign any of its rights or obligations under this Agreement without the prior written consent of the other party, except that either party may assign its rights and obligations under this Agreement without the consent of the other party to an affiliate of the assigning party or as part of any merger (by operation of law or otherwise), consolidation, reorganization, change in control or sale of all or substantially all of its assets related to this Agreement or similar transaction. The Agreement shall be binding upon and inure to the benefit of the permitted successors and assigns of the parties.

    5. 10.5.Independent Contractors.  The relationship of the parties hereto is that of independent contractors.  The parties hereto are not deemed to be agents, partners or joint venturers of the others for any purpose as a result of this Agreement or the transactions contemplated thereby.

    6. 10.6.Notices.  All requests and notices required or permitted to be given to the parties hereto shall be given in writing and shall be delivered to the other party, effective on receipt. Customer shall send notices to Perplexity AI, Inc., at 575 Market Street San Francisco, CA 94105, Attn: Dmitry Shevelenko, or to api@perplexity.ai. Perplexity shall send notices to the physical address or email address on Customer’s Account.

    7. 10.7.Force Majeure.  In the event that either party is prevented from performing, or is unable to perform, any of its obligations under the Agreement due to any cause beyond the reasonable control of the party invoking this provision, the affected party’s performance shall be excused and the time for performance shall be extended for the period of delay or inability to perform due to such occurrence.

    8. 10.8.Publicity.  Perplexity may reproduce and display Customer’s trademarks and logos on its websites and other marketing materials for the purpose of identifying Customer as a Customer of the API Platform.

    9. 10.9.Headings.  The captions to the several sections in these API Terms and Conditions are not a part of the Agreement, but are included merely for convenience of reference only and shall not affect its meaning or interpretation.

    10. 10.10.Amendment.  Perplexity may modify these API Terms and Conditions from time to time in which case Perplexity will update the “Last Revised” date at the top of these API Terms and Conditions. If Perplexity makes changes that are material, Perplexity will use reasonable efforts to attempt to notify Customer, such as by email and/or by placing a prominent notice on the first page of its website.  However, it is Customer’s sole responsibility to review these API Terms and Conditions from time to time to view any such changes. The updated API Terms and Conditions will be effective as of the time of posting, or such later date as may be specified in the updated API Terms and Conditions.  Customer’s continued access or use of the Perplexity Materials after the modifications have become effective will be deemed Customer’s acceptance of the modified API Terms and Conditions.

    11. 10.11.Entire Agreement.  The Agreement constitutes the entire agreement between the parties with regard to the subject matter hereof.  In entering into the Agreement, neither party is relying on any statements, representations or warranties not contained herein.  In the event of any conflict between the terms of an Order, these API Terms and Conditions and the DPA, the following order of precedence shall apply unless explicitly overridden by the terms of the Order with reference to the specific affected sections of the API Terms and Conditions or DPA: (i) the DPA, (ii) the API Terms and Conditions and (iii) the Order.

DATA PROCESSING ADDENDUM

This Data Processing Addendum (“DPA”) forms part of and is incorporated into the API Terms and Conditions and any Order entered into between Customer and Perplexity governing Customer’s use of the API Platform (the “Agreement”). To the extent that Perplexity processes any Personal Data in connection Customer’s use of the API Platform, this DPA sets forth Customer’s instructions for the processing of such Personal Data and the rights and obligations of both Parties. Except as expressly set forth in this DPA, the API Terms and Conditions and Order shall remain unmodified and in full force and effect. In the event of any conflicts between this DPA and the API Terms and Conditions or an Order, this DPA will govern to the extent of the conflict.

1. Definitions. For the purposes of this DPA, the following terms shall have the meanings set out below. Capitalized terms used but not defined in this DPA shall have the meanings given in the API Terms and Conditions. All other capitalized terms in this DPA not otherwise defined in the API Terms and Conditions shall have the corresponding meanings given to them in Privacy Laws. 

   1. “Controller to Processor Clauses” means (i) in respect of transfers of Personal Data subject to the GDPR, the standard contractual clauses for the transfer of Personal Data to third countries set out in Commission Decision 2021/914 of 4 June 2021, specifically including Module 2 (Controller to Processor) (“EU SCCs”); and (ii) in respect of transfers of Personal Data subject to the UK GDPR, the International Data Transfer Addendum to the EU Commission Standard Contractual Clauses (version B.1.0) issued by the UK Information Commissioner (“UK Addendum”), in each case as amended, updated or replaced from time to time.

   2. “EU/UK Privacy Laws” means, as applicable: (i) the General Data Protection Regulation 2016/679 (the “GDPR”); (ii) the Privacy and Electronic Communications Directive 2002/58/EC; (iii) the UK Data Protection Act 2018, the UK General Data Protection Regulation as defined by the UK Data Protection Act 2018 as amended by the Data Protection, Privacy and Electronic Communications (Amendments etc.) (EU Exit) Regulations 2019 (together with the UK Data Protection Act 2018, the “UK GDPR”), and the Privacy and Electronic Communications Regulations 2003; and (iv) any relevant law, directive, order, rule, regulation or other binding instrument which implements any of the above, in each case, as applicable and in force from time to time, and as amended, consolidated, re-enacted or replaced from time to time. 

   3. “Personal Data” means any information that Perplexity processes on behalf of Customer to provide the API Platform that is defined as “personal data,” “personal information” or “personally identifiable information” under any Privacy Law.

   4. “Privacy Laws” means, as applicable, EU/UK Privacy Laws, US Privacy Laws and any similar law of any other jurisdiction which relates to data protection, privacy or the use of Personal Data and requires Controllers and Processors to agree to specific contractual commitments regarding the processing of Personal Data, in each case, as applicable and in force from time to time, and as amended, consolidated, re-enacted or replaced from time to time.

   5. “Processor to Processor Clauses” means (i) in respect of transfers of Personal Data subject to the GDPR, the standard contractual clauses for the transfer of personal data to third countries set out in Commission Decision 2021/914 of 4 June 2021, specifically including Module 3 (Processor to Processor); and (ii) in respect of transfers of Personal Data subject to the UK GDPR, the International Data Transfer Addendum to the EU Commission Standard Contractual Clauses (version B.1.0) issued by the UK Information Commissioner, in each case as amended, updated or replaced from time to time.

   6. “Third Country” means any country or territory outside of the scope of the data protection laws of the European Economic Area or the UK, as relevant, excluding countries or territories approved as providing adequate protection for Personal Data by the relevant competent authority from time to time. 

   7. “US Privacy Laws” means, as applicable, the California Consumer Privacy Act, Colorado Privacy Act, Connecticut Data Privacy Act, Utah Consumer Privacy Act, and Virginia Consumer Data Protection Act, and any similar law of any other state related to the processing of Personal Data, in each case, as applicable and in force from time to time, and as amended, consolidated, re-enacted or replaced from time to time.

   8. The terms “Business,” “Controller,” “Processor,” “Sell,” “Service Provider,” and “Share” shall have the meaning given to them under applicable Privacy Laws.  

2. Amendments. Customer agrees that Perplexity may make modifications to this DPA if changes are required for Perplexity to continue to process the Personal Data as contemplated by the Agreement or this DPA in compliance with Privacy Laws, or to address the legal interpretation of the Privacy Laws.

3. Roles of the Parties. The Parties acknowledge that in relation to any Personal Data received from Customer in providing the API Platform, for purposes of Privacy Laws, Customer is the Controller or Business and Perplexity is the Service Provider or Processor. 

4. Customer Obligations: Customer shall comply with all Privacy Laws in providing Personal Data to Perplexity in connection with its use of the API Platform, including any integration between the Customer Application and the API Platform. Customer represents and warrants that (a) all Personal Data was collected and at all times processed and maintained by or on behalf of Customer in compliance with all Privacy Laws, including with respect to any obligations to provide notice to and/or obtain consent from individuals and (b) Customer has complied with Privacy Laws in, including having a lawful basis for, disclosing the Personal Data to Perplexity and enabling Perplexity to process the Personal Data as set out in the Agreement and this DPA. Customer shall notify Perplexity without undue delay if Customer makes a determination that the processing of Personal Data under the Agreement does not or will not comply with Privacy Laws, in which case, Perplexity shall not be required to continue processing such Personal Data.

5. Processing of Personal Data. The Parties agree that the details of processing are as described in Annex 1. In processing Personal Data under the Agreement, Perplexity shall:

   1. only process Personal Data on documented instructions from Customer, for the limited and specific purpose described in Annex 1, unless otherwise permitted to process such Personal Data by applicable Privacy Laws, and at all times in compliance with Privacy Laws and the terms of this DPA, providing the same level of privacy protection as is required by Privacy Laws; 

   2. notify Customer promptly if it makes a determination that (i) it can no longer comply with Customer’s instructions for the processing of Personal Data, its obligations under Privacy Laws or the terms of this DPA or (ii) if it believes that the instruction of Customer infringes applicable Privacy Laws;

   3. to the extent required by Privacy Laws, grant Customer the right to take reasonable and appropriate steps to help ensure that Perplexity uses the Personal Data in a manner consistent with Customer’s obligations under this DPA and Privacy Laws, and stop and remediate any unauthorized use of the Personal Data; 

   4. require that each employee or other person processing Personal Data is subject to an appropriate duty of confidentiality with respect to such Personal Data.

6. Prohibitions. To the extent required by Privacy Laws, Perplexity shall not (a) Sell or Share Personal Data, (b) retain, use, or disclose the Personal Data outside of the direct business relationship between Perplexity and Customer and for any purpose other than for the specific purpose of providing the API Platform to Customer  or (c) combine the Personal Data received from, or on behalf of, Customer with any Personal Data that may be collected from Perplexity’s separate interactions with the individual(s) to whom the Personal Data relates or from any other sources. 

7. Use of Subcontractors. 

   1. Customer hereby grants Perplexity general written authorization to engage the subcontractors set out in Annex 2, subject to the requirements of this Section 7. 

   2. If Perplexity appoints a new subcontractor or intends to make any changes concerning the addition or replacement of any subcontractor, it shall provide Customer with seven business days’ prior written notice, during which Customer can object to the appointment or replacement on reasonable and documented grounds related to the confidentiality or security of Personal Data or the subcontractor’s compliance with Privacy Laws (and if Customer does not so object, Perplexity may proceed with the appointment or replacement).

   3. Perplexity shall engage subcontractors only pursuant to a written agreement that contains obligations on the subcontractor which are no less onerous on the relevant subcontractor than the obligations on Perplexity under this DPA.

   4. In the event Perplexity engages a subcontractor to carry out specific processing activities on behalf of Customer pursuant to EU/UK Privacy Laws, where that subcontractor fails to fulfil its obligations, Perplexity shall remain fully liable under applicable EU/UK Privacy Laws to Customer for the performance of that subcontractor’s obligations.

8. Assistance. Perplexity shall, in relation to the processing of Personal Data and to enable Customer to comply with its obligations which arise as a result thereof, provide assistance to Customer, through appropriate technical and organizational measures, in entering into this DPA and: 

   1. notifying Customer of, and (if authorized by Customer) responding to, requests from individuals pursuant to their rights under Privacy Laws, including by providing, deleting or correcting the relevant Personal Data, or by enabling Customer to do the same, insofar as this is possible;

   2. implementing reasonable security procedures and practices appropriate to the nature of the Personal Data to protect the Personal Data from unauthorized or illegal access, destruction, use, modification, or disclosure; 

   3. to the extent required by Privacy Laws, conducting data protection impact assessments and, if required, prior consultation with relevant competent authorities; and

   4. notifying relevant competent authorities and/or affected individuals of Personal Data breaches. 

9. Security Measures. Perplexity shall, taking into account the state-of-the-art, the costs of implementation and the nature, scope, context and purpose of the processing, implement appropriate technical, physical and organizational measures designed to provide a level of security appropriate to the risk, as set out in Annex 3, or otherwise agreed and documented between Customer and Perplexity from time to time, and shall continue to comply with them during the term of the Agreement. Perplexity shall provide data protection and security training to those employees and other persons authorized to access Personal Data. 

10. Access and Audits. Upon reasonable written request of Customer, Perplexity shall allow for and contribute to inspections and audits regarding Perplexity’s compliance with its obligations under this DPA and Privacy Laws by, on Customer’s request, providing to Customer such information in Perplexity’s possession as is reasonably necessary to demonstrate such compliance and/or arranging for a qualified and independent auditor to conduct an assessment of Perplexity’s policies and technical and organizational measures for such compliance, using an appropriate and accepted control standard or framework and assessment procedure for such assessments. Perplexity will provide a report of such assessment to Customer upon reasonable request. Customer shall be permitted to request such information and/or audit no more than once every 12 months, upon 30 days’ advance written notice to Perplexity, and only after the Parties come to agreement on the scope of the audit and provided the auditor is bound by a duty of confidentiality. Notwithstanding the foregoing, in no event shall Vendor be required to give Customer access to information, facilities or systems to the extent doing so would cause Vendor to be in violation of confidentiality obligations owed to other customers or its legal obligations.

11. Deletion of Personal Data.  At Customer’s choice and direction, Perplexity shall delete or return all Personal Data to Customer as requested at the end of the provision of the API Platform to Customer, unless retention of the Personal Data is required by law, in which case, Perplexity shall notify Customer without undue delay of such legal requirement and shall upon the expiration of such retention obligation immediately delete or return the Personal Data, at Customer’s choice and direction. 

12. Data Transfers. To the extent Perplexity processes Personal Data subject to EU/UK Privacy Laws in a Third Country, and it is acting as data importer, Perplexity shall comply with the data importer’s obligations set out in the Controller to Processor Clauses, which are hereby incorporated into and form part of this DPA, and: 

    1. for the purposes of Annex I or Part 1 (as relevant), Customer is a controller and Perplexity is a processor, and the parties, contact person’s details and processing details set out in the Agreement, this DPA and Annex 1 shall apply and the Start Date is the effective date of the Agreement;

    2. if applicable, for the purposes of Part 1 of the UK Addendum, the relevant Addendum EU SCCs (as such term is defined in the UK Addendum) are the EU SCCs as incorporated into this DPA by virtue of this Section 12;

    3. for the purposes of Annex II or Part 1 (as relevant), the technical and organizational security measures, and the technical and organizational measures taken by Perplexity to assist Customer, as each are set out in Annex 3, shall apply; 

    4. if applicable, for the purposes of Annex III or Part 1 (as relevant), the list of authorized sub-contractors set out in Annex 2 shall apply; and 

    5. if applicable, for the purposes of: (i) Clause 9, Option 1 (“Specific prior authorization”) is deemed to be selected and a notice period of 30 days shall apply; (ii) Clause 11(a), the optional wording in relation to independent dispute resolution is deemed to be included; (iii) Clause 13 and Annex I.C, the competent supervisory authority shall be the Irish regulator; (iv) Clauses 17 and 18, Option 1 is deemed to be selected and the governing law and the competent courts shall be Irish law and Irish courts, respectively; (vi) Part 1, Customer as exporter may terminate the UK Addendum pursuant to Section 19 of such UK Addendum. 

To the extent Perplexity appoints an affiliate or third-party subcontractor to process the Personal Data in a Third Country, Perplexity shall execute the Processor to Processor Clauses with any relevant subcontractor (including affiliates) it appoints on behalf of Customer. At Customer’s request, Perplexity shall enter separately into the Controller to Processor Clauses with Customer and shall take any other alternative or additional steps reasonably requested by Customer in order to ensure that Perplexity’s processing of Personal Data takes place in accordance with the requirements of Privacy Laws. 

Annex 1

Details of Processing 

Nature of the processing

The provision of the API Platform to Customer as set out in the Agreement.

Purpose(s) of the processing

The provision of the API Platform to Customer as set out in the Agreement.

Categories of individuals whose Personal Data is processed

Users of API Platform.

Categories of Personal Data processed

Email address for users of the API Platform and information provided by users in unstructured data

Types of Personal Data subject to the processing that are considered “sensitive” or “special category” under Privacy Laws

None.

Frequency (e.g. one-off or continuous) and duration of the processing

On a continuous basis, for the duration of the term of the Agreement and any post-termination retention period as set out in the Agreement.

The subject matter, nature and duration of processing carried out by any sub-processors authorized pursuant to Section 7 is as set out in this Annex 1 and in Annex 2.

Annex 2

Authorized Subcontractors 

Subcontractor Name: Amazon Web Services

Type of Service: Cloud infrastructure

Location: Worldwide

Annex 3 

Security Measures 

Perplexity maintains reasonable Security Measures in proportionate measure to the risk presented by the processing of Personal Data and otherwise relies on security measures implemented and maintained by subcontractors set out in Annex 2, including Amazon Web Services.