Goodnotes Education License Agreement and Data Processing Agreement for Schools

Last Updated: Feb 2026

PLEASE READ THE TERMS OF THIS LICENCE AGREEMENT CAREFULLY

This is a legally binding agreement (the 'Agreement') between you (the 'Licensee', ‘Institution’) and us Goodnotes Limited and its affiliates (the 'Company', 'we', 'our' or 'us'). We are a company with our registered office at 5 Churchill Place, 10th Floor, Canary Wharf, London, E14 5HU (Owner); (and, 'Licensor', 'we' or 'us'), granting you a licence (the 'Licence') for Goodnotes Education, including any free Updates, Upgrades, patches, fixes or workarounds made available by Licensor under this Licence, and any data, media or documents associated with it (together, the 'Software').

For the avoidance of doubt, this Licence shall not be deemed to amount to a sale of the Software. We remain the sole and beneficial owners of the Software at all times.

BY CLICKING ‘ACCEPT’ AT THE END OF THIS AGREEMENT, YOU AGREE TO AND ACCEPT THE FOLLOWING TERMS WHICH WILL BE BINDING ON YOU AND ANY AUTHORISED LICENSEES WHEN ACCESSING, DOWNLOADING, OR USING THE SOFTWARE. PLEASE NOTE, IN PARTICULAR, THE PROVISIONS ON LIABILITY IN CLAUSE 9. THIS IS A BUSINESS-TO-BUSINESS LICENCE AND IS NOT TO BE ENTERED INTO BY CONSUMERS OR AN INDIVIDUAL. YOU SHOULD ONLY CHOOSE ‘ACCEPT’ IF YOU ARE A SCHOOL. TO THE MAXIMUM EXTENT PERMITTED BY LAW, YOU HEREBY ACKNOWLEDGE AND AGREE THAT CONSUMER LAWS DO NOT APPLY. NOTHING IN THIS AGREEMENT WILL RESTRICT, EXCLUDE OR MODIFY ANY STATUTORY WARRANTIES, GUARANTEES, RIGHTS OR REMEDIES THAT YOU HAVE UNDER CONSUMER LAW THAT CANNOT BE LAWFULLY EXCLUDED.

WHERE YOU DO NOT AGREE TO ANY OF THE TERMS OF THIS LICENCE, YOU SHALL CLICK ‘REJECT’. DOING SO MEANS THAT YOU ARE NOT ALLOWED TO ACCESS, INSTALL OR USE THE SOFTWARE AND WILL PREVENT YOU FROM ACCESSING THE SOFTWARE BY ANY MEANS.

  1. 1. Definitions and Interpretation

    1. In this Agreement:
      Admin Console
      means the portal to which the Licensee is granted access in order to configure the Subscription Services and allocate the Permitted Usage Rights to the Authorised Licensees.
      Applicable Laws
      means any laws, regulations, regulatory constraints, obligations or rules (including binding codes of conduct and binding statements of principle incorporated and contained in such rules) applicable to the existence or operation of this Agreement or the provision of the Subscription Services in the Territory from time to time;
      Authorised Licensees
      means users being students, teachers, employees, personnel or contractors of Licensee and/or Licensee group companies authorised by you to use the Subscription Services and the Documentation;
      Authorised Resellers
      means third parties which have entered into an agreement with the Licensor to market, promote, and accept orders for the Software on the Licensor’s behalf;
      Business Day
      means a day other than a Saturday, Sunday or bank or public holiday in England;
      Commencement Date
      means the date on which you accept this Agreement;
      Confidential Information
      means all information relating to a party's business which may reasonably be considered to be confidential in nature including information relating to that party's technology, know-how, Intellectual Property Rights, products and customers. All information relating to the Software including any technical or operational specifications or data shall be part of Licensor's Confidential Information;
      Documentation
      means the document made available to Licensee by Licensor online via email or via a licence key or such other web address notified by Licensor to Licensee from time to time which sets out a description of the Subscription Services and the user instructions for the Subscription Services;
      Feedback
      has the meaning given to it at clause ‎8.4;
      Goodnotes Cloud
      means the cloud service developed by Licensor;
      Intellectual Property Rights

      means any and all copyright, rights in inventions, patents, know-how, trade secrets, trademarks and trade names, service marks, design rights, rights in get-up, database rights and rights in data, semiconductor chip topography rights, utility models, domain names and all similar rights and, in each case:

      (a) whether registered or not;

      (b) including any applications to protect or register such rights;

      (c) including all renewals and extensions of such rights or applications;

      (d) whether vested, contingent or future; and

      (e) wherever existing;

      IPR Claim
      has the meaning given to it at clause ‎8.2;
      Licensee Data
      means all data (in any form) that is uploaded to any part of any Subscription Services by Licensee or by any Authorised Licensees or any data that is generated as a result of Licensee or any Authorised Licensees' use of its own data in the Subscription Services (but excluding Feedback);
      Order Form
      means (i) an ordering document agreed to in writing or electronically by the Licensee and the Licensor, or issued by one of the Licensor’s Authorised Reseller(s) and/or Third Party Platform; (ii) a purchase order issued by the Licensee and accepted by Licensor in writing or electronically, in each case which references this Licence and sets forth the applicable Subscription Services to be provided by Licensor;
      Permitted Purpose
      means the purpose of facilitating classroom teaching at Licensee and such internal purpose only;
      Permitted Usage Rights
      means the permitted number of concurrent users across the permitted number of simultaneous devices for the licensed instance of the Subscription Services allocated by the Licensee via the Admin Console, under this Agreement as set out in the Order Form;
      Personal Data
      means any information which are related to an identified or identifiable natural person;
      Renewal Term
      has the meaning given in clause ‎11.1;
      Subscription Services
      means the online software features provided by Licensor, as more particularly described in the Documentation;
      Subscription Term
      is as set out in the Order Form;
      Third Party Software
      means any third party software in the Software;
      Territory
      means the territory as specified in the Order Form;
      Update
      means a software maintenance update, patch or bug-fix which does not constitute an Upgrade;
      Upgrade
      means a version or release of software intended to have new or improved functionality or designated by Licensor as an upgrade;
      VAT
      means United Kingdom value added tax, any other tax imposed in substitution for it and any equivalent or similar tax imposed outside the United Kingdom;
      Virus
      any thing or device (including any software, code, file or programme) which may: (i) prevent, impair or otherwise adversely affect the operation of any computer software, hardware or network, any telecommunications service, equipment or network or any other service or device; (ii) prevent, impair or otherwise adversely affect access to or the operation of any programme or data, including the reliability of any programme or data (whether by re-arranging, altering or erasing the programme or data in whole or part or otherwise); or (iii) adversely affect the user experience, including worms, trojan horses, viruses and other similar things or devices;
    2. In this Agreement:
      1. headings are included for convenience only and shall have no effect on interpretation;
      2. a reference to a 'party' includes that party's successors and permitted assigns;
      3. a reference to a 'person' includes a natural person, corporate or unincorporated body (in each case whether or not having separate legal personality) and that person's personal representatives, successors and permitted assigns;
      4. words in the singular include the plural and vice versa;
      5. any words that follow 'include', 'includes', 'including', 'in particular' or any similar words and expressions shall be construed as illustrative only and shall not limit the sense of any word, phrase, term, definition or description preceding those words; a reference to any legislation or legislative provision is a reference to it as in force at the date of this Agreement OR as amended, extended, re-enacted or consolidated from time to time except to the extent that any such amendment, extension or re-enactment would increase or alter the liability of a party under this Agreement;
      6. a reference to the Order Form includes this Agreement, the Schedules and their respective schedules, appendices and annexes (if any).
  2. 2. System Requirements

    1. The Licensee acknowledges and agrees that its access to, and receipt of, the Use of the Subscription Services requires the technical specifications to operate correctly as set out on our Goodnotes Support site.
    2. The Licensee is responsible for ensuring that its systems meet the technical requirements for the Software and for implementing all arrangements necessary to access and update the Software at its own cost.
  3. 3. Licence

    1. Subject to the terms of this Agreement and in consideration of the Licensor granting to the Licensee a limited, revokable, non-exclusive, non-transferable, non-sublicensable (other than as permitted under clause ‎3.2) licence to permit Authorised Licensees to use the Subscription Services and the Documentation during the Subscription Term solely for the Permitted Purpose only in the Territory and for the duration of the Subscription Term, the Licensee agrees to comply with the terms of this Agreement. The parties agree that such access and use of the Subscription Services and the Documentation constitutes sufficient consideration.
    2. The Licence granted under this Agreement includes a right for you to grant sub-licences to Authorised Licensees provided always that you shall:
      1. be liable for the acts and omissions of Authorised Licensees as if they were your own;
      2. procure that each Authorised Licensee is aware of, and complies with, the obligations and restrictions imposed on you under this Agreement, including all obligations and restrictions relating to record keeping, audits and download, installation or use of the Software and Licensor's Confidential Information;
      3. ensure that the maximum number of Authorised Licensees that you authorise to access and use the Subscription Services and the Documentation shall not exceed the number of Permitted Usage Rights from time to time; and
      4. ensure each Authorised Licensee shall keep a secure password for his use of the Subscription Services and Documentation, that such password shall be changed no less frequently than QUARTERLY and that each Authorised Licensee shall keep his password confidential.
    3. Licensee shall use all reasonable endeavours to prevent any unauthorised access to, or use of, the Subscription Services and/or the Documentation and, in the event of any such unauthorised access or use, promptly notify Licensor.
    4. Additional Permitted Usage Rights
      1. Subject to clause ‎3.4.2, Licensee may, from time to time during any Subscription Term, order additional Permitted Usage Rights in excess of the number set out in the Order Form and Licensor shall grant access to the Subscription Services and the Documentation to such additional Authorised Licensees in accordance with the provisions of this Agreement.
      2. If Licensee wishes to order additional Permitted Usage Rights, Licensee shall notify Licensor in writing. Licensor shall evaluate such a request for additional Permitted Usage Rights and respond to Licensee with approval or rejection of the request and such approval not to be unreasonably withheld.
    5. Admin Console. You undertake and agree that it will be your duty to allocate your Permitted Usage Rights to the Authorised Licensees under your Licence. The Admin console will give you the right to allocate licences as described in the help centre.
  4. 4. Limitations on Use

    1. Except as expressly permitted under this Agreement or by law, you shall not:
      1. use, copy, modify, adapt, correct errors, or create derivative works from, the Software;
      2. decode, reverse engineer, disassemble, decompile or otherwise translate, make alterations to, the Software, create any derivative works based on the whole or any part of the Software, convert the Software, or otherwise seek to obtain or derive the source code, underlying ideas, algorithms, file formats or non-public APIs to the Software;
      3. assign, rent, loan, transfer, provide access, sub-licence, lease, resell, distribute or otherwise deal in or encumber the Software;
      4. remove or modify any copyright or similar notices, or any of Licensor's or any other person's branding, that the Software causes to be displayed when used;
      5. install or use the Software, or permit it to be installed or used, by or on behalf of any third party, otherwise than for Permitted Purpose;
      6. interfere with any licence key mechanism in the Software or otherwise attempt to circumvent or interfere with any security features of the Software or mechanisms intended to limit your use;
      7. make the Software or copies of the Software available over a network or any other method of remote access, or facilitate the same;
      8. access all or any part of the Subscription Services and Documentation in order to build a product or service which competes with the Subscription Services and/or the Documentation;
      9. use the Subscription Services and/or Documentation to provide services to third parties;
      10. subject to clause 19, licence, sell, rent, lease, transfer, assign, distribute, display, disclose, or otherwise commercially exploit, or otherwise make the Subscription Services and/or Documentation available to any third party except Authorised Licensees; or
      11. attempt to obtain, or assist third parties in obtaining, access to the Subscription Services and/or Documentation, other than as provided under this clause ‎4.
    2. You may make such backup copies of the Software for operational security or as otherwise reasonably necessary to support the normal use of the Software in accordance with this Agreement.
    3. You shall use the Subscription Services at all times in accordance with any instructions or Documentation and all other terms of this Agreement.
    4. You shall notify us in writing as soon as you become aware of any actual or suspected unauthorised use of the Subscription Services and Documentation (including any use in excess of the Permitted Usage Rights).
    5. Licensee shall not access, store, distribute or transmit any Viruses, or any material during the course of its use of the Subscription Services that:
      1. is unlawful, harmful, threatening, defamatory, obscene, infringing, harassing or racially or ethnically offensive;
      2. facilitates illegal activity;
      3. depicts sexually explicit images;
      4. promotes unlawful violence;
      5. is discriminatory based on race, gender, colour, religious belief, sexual orientation, disability; or
      6. in a manner that is otherwise illegal or causes damage or injury to any person or property;
      7. and Licensor reserves the right, without liability or prejudice to its other rights to Licensee, to disable Licensee's access to any material that breaches the provisions of this clause.
    6. You shall not: (i) use the Subscription Services in violation of Applicable Laws; (ii) in connection with the Subscription Services, send or store infringing, obscene, threatening, or otherwise unlawful or tortious material, including material that violates privacy rights; (iii) knowingly interfere with or disrupt performance of the Subscription Services or the data contained therein.
    7. You acknowledge that Licensor is entitled to disable any artificial intelligence (AI) enabled features in the Subscription Services immediately if any of these features violates Applicable Laws and any such change in the Subscription Services shall not be regarded as a breach of this Agreement on the part of Licensor.
  5. 5. Download and Installation

    1. We shall provide Documentation and all reasonable instructions, including any necessary activation codes or licence keys, once the Subscription Services have been downloaded and/or used. It is your responsibility to ensure that your (computer) system and network connection is capable of accessing, using and/or downloading the Subscription Services.
    2. You shall be responsible for accessing, using and/or downloading the Subscription Services in accordance with the Documentation and instructions that we provide.
    3. We shall not be responsible for any delays, delivery failures, or any other loss or damage resulting from the transfer of the Subscription Services and Documentation over communications networks and facilities that we do not own, control or operate, including the internet.
  6. 6. Records and Audit

    1. You shall maintain accurate and complete records of Licensee's and its Authorised Licensees' installation and/or usage of the Subscription Services, including:
      1. number of Permitted Usage Rights that you have ordered under this Agreement;
      2. number of any Authorised Licensees; and
      3. location of sites and equipment or devices on which it is installed.
    2. You shall allow and procure for Licensor (and any authorised representatives of Licensor) access to remotely inspect the equipment or device(s) on which the Subscription Services is accessed, used and/or installed and to audit the relevant records of Licensee and Authorised Licensees, to the extent necessary to verify that the access, use and/or installation and use of the Subscription Services is in accordance with this Agreement.
    3. Unless otherwise agreed in writing, the inspections and audits referred to in clause ‎6.2 shall be undertaken:
      1. in accordance with Applicable Law;
      2. during your normal business hours on Business Days;
      3. subject to the provision by us of a minimum of 5 (five) Business Days' notice; and
      4. not more than twice in any calendar year during the Subscription Term.
    4. You shall, at your own cost, provide all reasonable assistance and co-operation to us in conducting any inspection or audit undertaken under this clause ‎6. We will comply with your reasonable directions to minimise disruption to your business and to safeguard the confidentiality of your Confidential Information.
    5. The provisions of this clause 6 shall survive termination or expiry of this Agreement for a period of 12 (twelve) months.
  7. 7. Warranty

    1. The Subscription Services and the Software are provided "as is" without any representation or warranty of any kind, including without limitation with respect to any of the following:
      1. incorrect download, installation, operation or use of the Subscription Services and/or Software (including any failure to follow any instructions set out on Licensor's website);
      2. access, download, installation or use of the Subscription Services and/or Software other than for the purposes for which it is intended;
      3. modification or alteration of the Subscription Services and/or Software without our written consent;
      4. access, download, installation or use of the Subscription Services and/or Software with other software or on equipment with which it is incompatible;
      5. attempted repair, rectification or maintenance by any person other than Licensor or a third party authorised by Licensor;
      6. failure to notify us of any error within a reasonable period of time of it first occurring;
      7. failure to install any Update or Upgrade recommended and made available by us;
      8. any Third Party Software;
      9. Subscription Services and/or Software meeting Licensee's individual needs or business requirements, whether or not such needs or requirements have been communicated to us;
      10. the Subscription Services and/or Software operating in a manner which is uninterrupted or free from minor errors or defects; or
      11. the Subscription Services and/or Software being compatible with any software other than the Third Party Software or with any particular hardware.
    2. Subject to clause ‎9, all warranties, conditions, terms, undertakings or obligations whether express or implied and including any implied terms relating to quality, fitness for any particular purpose, reasonable care and skill or ability to achieve a particular result are excluded to the fullest extent allowed by Applicable Law.
  8. 8. Intellectual Property Rights and Licensee Data

    1. Licensee acknowledges that all Intellectual Property Rights in the Subscription Services, Documentation and Software are owned by or licensed to Licensor, that the right to use the Subscription Services, Documentation and Software is licensed (not sold) to Licensee and that Licensee shall have no other rights other than those granted under the terms of this Agreement. For the avoidance of doubt, Licensee shall have no right to access the Subscription Services, Documentation and Software in source code form.
    2. If Licensor has reason to believe that a third party claim may be brought by any third party alleging that the Software infringes any Intellectual Property Rights of a third party (an 'IPR Claim'), Licensor may at its sole option and expense, and Licensee shall permit Licensor to:
      1. modify or replace the Subscription Services, Documentation and/or Software to avoid infringement or alleged infringement; or
      2. terminate this Agreement.
    3. Subject to clause ‎7.1, the provisions of this clause 8 set out Licensee's sole and exclusive remedy (however arising, including in contract, tort, negligence or otherwise) for any IPR Claim.
    4. Licensor may use any feedback, testing and suggestions for improvement relating to the Subscription Services and the related data provided by Licensee or any Authorised Licensees without charge or limitation (the 'Feedback'). In consideration of Licensor granting Licensee access to the Subscription Services and the opportunity to use and evaluate them, Licensee hereby assigns (or shall procure the assignment of) all Intellectual Property Rights in the Feedback with full title guarantee (including by way of present assignment of future Intellectual Property Rights) to Licensor at the time such Feedback is first provided to Licensor. Licensor may use any Feedback for improvement relating to the Subscription Services without charge or limitation.
    5. Licensee and/or Authorised Licensees own all Intellectual Property Rights in Licensee Data.
    6. The rights and obligations of Licensor and Licensee in relation to Personal Data processed in connection with the Subscription Services (if any) and Goodnotes Cloud (where applicable) are set out in the Data Processing Addendum in ‎Schedule 2.
  9. 9. Limitation of Liability

    1. The Licensee acknowledges that the Subscription Services and Documentation are provided free of charge, and accordingly, the Licensor shall not be liable under or in connection with this Agreement (regardless of whether such liability arises in tort, contract or in any other way and whether or not caused by negligence or misrepresentation) subject only to clause 9.2. In particular, and notwithstanding the foregoing, the Licensor shall not be liable for any of the following except in the cases of clause 9.2:
      1. consequential, indirect or special losses;
      2. loss of profit;
      3. loss of revenue;
      4. loss or corruption of data;
      5. loss or corruption of software or systems;
      6. loss or damage to equipment;
      7. loss of use;
      8. loss of production;
      9. loss of contract;
      10. loss of commercial opportunity;
      11. loss of savings, discount or rebate (whether actual or anticipated);
      12. harm to reputation or loss of goodwill;
      13. loss of business; and
      14. wasted expenditure.
    2. Notwithstanding any other provision of this Agreement, Licensor's liability shall not be limited in any way in respect of the following:
      1. death or personal injury caused by negligence;
      2. fraud or fraudulent misrepresentation; or
      3. any other losses which cannot be excluded or limited by applicable law.
  10. 10. Indemnity

    YOU SHALL INDEMNIFY, KEEP INDEMNIFIED AND HOLD HARMLESS US (ON OUR OWN BEHALF ON BEHALF OF EACH OF OUR AFFILIATES) FROM AND AGAINST ANY LOSSES, CLAIMS, DAMAGES, LIABILITY, DATA PROTECTION LOSSES, COSTS (INCLUDING LEGAL AND OTHER PROFESSIONAL FEES) AND EXPENSES INCURRED BY US (OR ANY OF OUR AFFILIATES) AS A RESULT OF YOUR BREACH OF THIS AGREEMENT. THIS CLAUSE ‎10 SHALL SURVIVE TERMINATION OR EXPIRY OF THIS LICENCE.
  11. 11. Term and Termination

    1. This Agreement shall enter into force on the Commencement Date and, unless terminated earlier by Licensor in accordance with the terms of this Agreement, shall continue in force until the last day of the Subscription Term after which it shall automatically renew for a further year (the 'Renewal Term') unless Licensor or Licensee gives the other party written notice of non-renewal within 30 (thirty) Business Days. We may terminate this Agreement at any time by giving you notice in writing if:
      1. you commit a material breach of this Agreement and such breach is not remediable;
      2. you commit a material breach of this Agreement which is not remedied within 10 (ten) Business Days of receiving written notice of such breach; or
      3. you fail to pay any amount due under this Agreement on the due date and such amount remains unpaid within 10 (ten) Business Days after you have received notification that the payment is overdue.
    2. Any breach by Licensee of clause ‎4 shall be deemed a material breach of this Agreement which is not remediable.
  12. 12. Consequences of Termination

    1. Immediately on termination or expiry of this Agreement (for any reason), the licences and rights granted by us shall terminate and you shall (and, if applicable, shall procure that each Authorised Licensee shall):
      1. stop using, uninstall, delete or otherwise remove the Subscription Services, Documentation and Software from all computers or devices in your possession or control (or in the possession or control of any Authorised Licensee); and
      2. immediately and permanently destroy and delete or, if requested by us, return any copies of the Documentation and Software in its possession, custody or control and, in case of destruction, issue a certification to us that you (and any Authorised Licensees) have done so.
    2. You shall be responsible for backing up your data regularly and extracting it from the Subscription Services and the Software prior to the termination or expiry of this Agreement. We shall not be obliged to provide you with any assistance extracting or recovering data whether during or after the Subscription Term.
    3. Termination or expiry of this Agreement shall not affect any accrued rights and liabilities of either party at any time up to the date of termination or expiry and shall not affect any provision of this Agreement that is expressly or by implication intended to continue beyond termination.
  13. 13. Confidentiality

    1. Any Confidential Information obtained by either party in connection with the provision of the licence under this Agreement shall be treated by the receiving party as confidential, maintaining at least the same degree of care used to protect its own Confidential Information but not less than a reasonable degree of care, and the receiving party shall not, without the disclosing party's prior written consent disclose, copy or modify any such Confidential Information (or permit others to do so) other than as necessary for the exercise of its rights and performance of its obligations under this Agreement.
    2. The obligations under this clause ‎13 shall survive the termination or expiry of this Agreement for a period of 2 (two) years.
  14. 14. Entire Agreement

    1. This Agreement and any descriptions of the Software made available by Licensor, constitute the entire agreement between the parties and supersede all previous agreements, understandings and arrangements between them in respect of its subject matter, whether in writing or oral.
    2. No variation of these terms or to an order or to this Agreement, shall be binding unless expressly agreed in writing and executed by a duly authorised signatory on behalf of each of Licensee and Licensor respectively.
    3. Each party acknowledges that it has not entered into this Agreement in reliance on, and shall have no remedies in respect of, any representation or warranty that is not expressly set out in this Agreement.
  15. 15. Notices

    1. Any notice or other communication given by a party under this Agreement shall be:
      1. in writing and in English;
      2. signed by, or on behalf of, the party giving it (except for notices sent by email); and
      3. where sent to Licensor, sent to the address set out in 'contact us' details on Licensor's website at https://www.goodnotes.com;
      4. where sent to Licensee, the address provided to us by you when you registered to download and install the Software.
    2. Notices may be given, and are deemed received:
      1. by hand: on receipt of a signature at the time of delivery;
      2. by Royal Mail Recorded Signed For post: at 9.00 am on the second Business Day after posting;
      3. by Royal Mail International Tracked & Signed OR Royal Mail International Signed post: at 9.00 am on the fourth Business Day after posting; and
      4. by email: on receipt of a delivery email from the correct address.
    3. Notices and other communications sent to Licensor shall be sent to:
      Nebahat Arslan, Group General Counsel, at legal@goodnotesapp.com.
    4. This clause does not apply to notices given in legal proceedings or arbitration.
  16. 16. Variation

    No variation of this Agreement shall be valid or effective unless it is in writing, refers to this Agreement and is duly signed or executed by, or on behalf of, each party.
  17. 17. Assignment and Subcontracting

    1. We may at any time assign, sub-contract, transfer, mortgage, charge, declare a trust of or deal in any other manner with any or all of Licensor's rights or obligations under this Agreement, provided that we give you prior written notice.
    2. Except as expressly permitted by this Agreement, you shall not assign, transfer, sub-license, mortgage, charge, declare a trust of or deal in any other manner with any or all of your rights or obligations under this Agreement (including the licence rights granted), in whole or in part, without Licensor's prior written consent.
  18. 18. No Partnership or Agency

    The parties are independent and are not partners or principals or agents and this Agreement does not establish any joint venture, trust, fiduciary or other relationship between them, other than the contractual relationship expressly provided for in it. Neither party shall have, nor shall represent that it has, any authority to make any commitments on the other party's behalf.
  19. 19. Severance

    1. If any provision of this Agreement (or part of any provision) is or becomes illegal, invalid or unenforceable, the legality, validity and enforceability of any other provision of this Agreement shall not be affected.
    2. If any provision of this Agreement (or part of any provision) is or becomes illegal, invalid or unenforceable but would be legal, valid and enforceable if some part of it were deleted or modified, the provision or part-provision in question shall apply with such deletions or modifications as may be necessary to make the provision legal, valid and enforceable. In the event of such deletion or modification, the parties shall negotiate in good faith in order to agree the terms of a mutually acceptable alternative provision.
  20. 20. Waiver

    No failure, delay or omission by either party in exercising any right, power or remedy provided by law or under this Agreement shall operate as a waiver of that right, power or remedy, nor shall it preclude or restrict any future exercise of that or any other right, power or remedy.
  21. 21. Compliance with Law

    1. Licensee shall comply with all Applicable Laws and shall maintain such authorisations and approvals as required from time to time to perform its obligations under or in connection with this Agreement.
    2. Without prejudice to the generality of clause ‎21.1, Licensee shall comply with all Applicable Laws, rules, and regulations governing export of goods and information that apply to the Software, and shall not export or re-export, directly or indirectly, separately or as a part of a system, the Software to any country for which an export licence or other approval is required, without first obtaining such licence or other approval. Licensee shall be solely responsible for ensuring its access, importation or use of the Software in or into any part of the Territory complies with all export laws.
  22. 22. Third Party Rights

    A person who is not a party to this Agreement shall not have any rights under the Contracts (Rights of Third Parties) Act 1999 to enforce any of its provisions.
  23. 23. Arbitration

    Except as provided in clause ‎24, the parties agree that any dispute or controversy arising out of, relating to or in connection with the interpretation, validity, construction, performance, breach or termination of this Agreement finally resolved by arbitration under the London Court of International Arbitration Rules (LCIA Rules). The number of arbitrators shall be one. The seat, or legal place, of arbitration shall be London. The decision of the arbitrator shall be final, conclusive and binding on the parties to the arbitration. Judgement may be entered on the arbitrator's decision in any court of competent jurisdiction. The parties may apply to any court of competent jurisdiction for a temporary restraining order, preliminary injunction, or other interim or conservatory relief, as necessary, without breach of this Agreement and without abridgement of the powers of the arbitrator.
  24. 24. Governing Law and Jurisdiction

    1. This Agreement and any dispute or claim arising out of, or in connection with, its subject matter or formation (including non-contractual disputes or claims) shall be governed by, and construed in accordance with, the laws of England and Wales.
    2. The parties irrevocably agree that the courts of England and Wales shall have exclusive jurisdiction to settle any dispute or claim arising out of, or in connection with, this Agreement, its subject matter or formation (including non-contractual disputes or claims).
  25. The parties agree that all other terms and conditions are expressly excluded. LICENSEE HEREBY CONFIRMS FULL ACCEPTANCE OF THE SaaS SUBSCRIPTION LICENCE TERMS AND CONDITIONS.

Data Processing Addendum For Goodnotes Education

This data processing addendum ("DPA") shall govern the Processing of Licensee Personal Data in connection with the Software licensed under the Goodnotes Education Licence Agreement ("Licence Agreement") entered into between you (the "Licensee") and Goodnotes Limited, a company incorporated in England and Wales with a registered office at 1 Bartholomew Lane, London, United Kingdom, EC2N 2AX (the "Licensor").In consideration of the mutual obligations set out in this DPA, the Parties agree that the provisions set out in this DPA are supplemental to the relevant Licence Agreement and shall form part of the Licence Agreement. In the event of any conflict or inconsistency between the provisions of this DPA and the provisions of the Licence Agreement in connection with the Processing of Licensee Personal Data, the provisions of this DPA shall take precedence. Except where the context requires otherwise, references in this DPA to the Licence Agreement are to the Licence Agreement as amended by, and including, this DPA.
  1. 1. Definitions and Interpretation

    1. In this DPA, the following terms shall have the meanings set out below and cognate terms shall be construed accordingly:
      Applicable Data Protection Laws
      means all applicable laws relating to the protection of Personal Data as amended, updated or replaced from time and time and which apply to the Licensor or Licensee  in the processing of Licensee Personal Data in the circumstances governed by this DPA, including but not limited to: (a) the EU General Data Protection Regulation 2016/679 of the European Parliament and of the Council ("GDPR"); (b) the UK version of the GDPR which is part of UK law by virtue of the European Union (Withdrawal) Act 2018 ("UK GDPR") and the Data Protection Act 2018, in each case together with all laws and regulations supplementing, amending or replacing the same in any EU Member State or the UK; and (d) the data protection or privacy laws of any other country;"Controller", "Data Subject", "Personal Data", "Personal Data Breach", "Process", "Processor" and "Special Categories of Personal Data" have the meanings described in the Applicable Data Protection Laws and cognate terms shall be construed accordingly;
      Authorised Licensees
      has the meaning given to that term in the Licence Agreement;
      EU Restricted Transfer
      means a transfer of Licensee Personal Data from the Licensee to the Licensor (or vice versa) or an onward transfer of Licensee Personal Data made by the Licensor, where such transfer would at the time of the transfer be prohibited by the GDPR (or by the terms of data transfer agreements put in place to address the data transfer restrictions of the GDPR) in the absence of the EU Standard Contractual Clauses to be established under clause 5 of this DPA (Data Transfers).
      EU Standard Contractual Clauses
      means the Standard Contractual Clauses forming part of Decision 2021/914/EC (as amended or replaced from time to time), including their appendices and with the relevant Modules and Options set out in clause 5 of this DPA (Data Transfers) incorporated;
      Goodnotes Cloud
      has the meaning given to that term in the Licence Agreement;
      Licensee Data
      has the meaning given to that term in the Licence Agreement;
      Licensee Personal Data
      means Personal Data contained in the Licensee Data and Processed by the Licensor under this DPA;
      Licensor Privacy Notice
      means the Licensor's privacy notice found at https://www.goodnotes.com/privacy-policy;
      Party
      means a party to this DPA;
      Software
      has the meaning given to that term in the Licence Agreement.
      Subscription Services
      has the meaning given to that term in the Licence Agreement;
      UK Addendum
      has the meaning set out in clause 5.5 of this DPA (Data Transfers); and
      UK Restricted Transfer
      means a transfer of personal data from the Licensee to the Licensor (or vice versa) or an onward transfer of Licensee Personal Data made by the Licensor, where such transfer would at the time of the transfer be prohibited by the UK GDPR (or by the terms of data transfer agreements put in place to address the data transfer restrictions of the UK GDPR) in the absence of the relevant UK Addendum established under clause 5 of this DPA (Data Transfers).
  2. 2. Compliance

    1. Each Party shall comply with Applicable Data Protection Laws when Processing Licensee Personal Data in connection with this DPA.
    2. The Licensee shall:
      1. ensure that all Licensee Personal Data has been collected and provided to the Licensor in compliance with Applicable Data Protection Laws and, where required by the Applicable Data Protection Laws, shall obtain Data Subjects’ consent (including consents of the parents or guardians of minors in accordance with paragraph 2.3 below) prior to providing their Personal Data to the Licensor;
      2. notify Data Subjects that their Personal Data may be provided to the Licensor; 
      3. ensure that all Licensee Personal Data is accurate, and where appropriate kept up to date; and 
      4. notify the Licensor if it becomes aware that any Licensee Personal Data is inaccurate.
    3. If a Data Subject is a minor (i.e. under the age of 16) and the Licensee is required to obtain the Data Subject's consent prior to providing their Personal Data to the Licensor, the Licensee shall obtain such consent from the holder of parental responsibility over the minor (i.e. their parent or guardian). The Licensee is solely responsible for obtaining such consent of the Personal Data from such Data Subjects.
    4. If during the term of this DPA, Applicable Data Protection Laws change in a way that this DPA is no longer adequate for the purpose of governing lawful sharing and Processing of Licensee Personal Data, the Parties agree that the Licensor may make such amendments to this DPA which it reasonably considers to be necessary to address the relevant change in Applicable Data Protection Laws and such amended DPA shall take effect between the Parties upon being published on this page https://goodnotes.com/data-processing-addendum
    5. This DPA shall terminate upon expiration or termination of the Licence Agreement.
  3. 3. Obligations when Processing Licensee Personal Data as a Controller

    1. The Parties acknowledge and agree that the Licensor shall in certain circumstances Process Licensee Personal Data as an independent Controller, and the circumstances under which it Processes Licensee Personal Data as an independent Controller are set out in the Licensor Privacy Notice.
    2. To the extent that the Licensor is acting as an independent Controller of Licensee Personal Data under this DPA: 
      1. the Licensee agrees to bring the Licensor Privacy Notice to the attention of Data Subjects whose Personal Data may be Processed by the Licensor in connection with this DPA;
      2. each Party shall, at the other Party's sole expense, provide the other Party with such co-operation as reasonably requested to assist the other Party’s compliance with its obligations under Applicable Data Protection Laws in relation to the Licensee Personal Data; and
      3. the Licensor shall notify the Licensee upon becoming aware of any Personal Data Breach affecting the Licensee Personal Data.
  4. 4. Obligations when Processing Licensee Personal Data as a Processor

    1. Except to the extent that the Licensor Processes Licensee Personal Data as an independent Controller pursuant to Clause 3, the Parties acknowledge and agree that the Licensor will Process Licensee Personal Data as a Processor on behalf of the Licensee, in the capacity of Controller. The details of this Processing activity are set out in Appendix 1 (Data Processing Details).
    2. To the extent that the Licensor is acting as a Processor of Licensee Personal Data under this DPA, the Licensor shall:
      1. process Licensee Personal Data on the documented instructions of the Licensee, in order to supply its services and the Software, and as otherwise necessary to perform its obligations under the Licence Agreement unless required to do otherwise by applicable law, in which case the Licensor, if permitted by such law, shall inform the Licensee of that legal requirement before such Processing;
      2. ensure that persons authorised to process the Licensee Personal Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality;
      3. implement and maintain appropriate technical and organisational measures including those set out inj Appendix 3, to protect against unauthorised or unlawful Processing of the Licensee Personal Data and against accidental loss or destruction of, or damage to, the Licensee Personal Data, appropriate to the harm that might result and the nature of the Licensee Personal Data to be protected, having regard to the state of technological development and the cost of implementing any measures;
      4. be generally authorised by the Licensee to engage another Processor to Process the Licensee Personal Data ("Subprocessor"), provided that the Licensor maintains a list of such Subprocessors (which can be found below in Appendix 2) and subject to (i) the Licensor ensuring that the Subprocessor enters into binding contractual obligations which are substantially similar to those set out in Clause 4.2 of this DPA and (ii) the Licensor remaining fully liable to the Licensee for the performance by such Subprocessor of such obligations. The Licensor will provide notice of the addition or replacement of Subprocessors at least fourteen (14) calendar days in advance of the change becoming effective upon which the Licensee may object to the change in Subprocessor. If such an objection is raised within this 30-day period, the Parties shall discuss in good faith a resolution to this objection;
      5. taking into account the nature of the Processing, assist the Licensee by appropriate technical and organisational measures, insofar as this is possible, for the fulfilment of the Licensee's obligation to respond to requests from Data Subjects to exercise their rights laid down in Applicable Data Protection Laws in relation to the Licensee Personal Data;
      6. notify the Licensee without undue delay of any Personal Data Breach in relation to the Licensee Personal Data upon becoming aware of the same, and provide all information reasonably required by the Licensee to comply with its obligations under Applicable Data Protection Laws in relation to such Personal Data Breach, and assist the Licensee with its obligations pursuant to Applicable Data Protection Laws in relation to data protection impact assessments and prior consultations with relevant data protection authorities (and with any similar obligations under other Applicable Data Protection Laws) taking into account the nature of the Processing and information available to the Licensor;
      7. not transfer the Licensee Personal Data outside of the EU, UK or a jurisdiction in respect of which there has been a finding of adequacy by the European Commission pursuant to Article 45 of the GDPR or by the Secretary of State pursuant to Article 45 of the UK GDPR (as applicable) (Relevant Jurisdictions) unless it ensures that any such transfer of Licensee Personal Data outside the Relevant Jurisdictions is subject to appropriate safeguards as recognised by Applicable Data Protection Laws;
      8. upon the termination or expiry of the relevant Licence Agreement and at the Licensee's option, either return or securely destroy all copies of the Licensee Personal Data Processed by the Licensor and in the Licensor's possession unless applicable law requires storage of such Licensee Personal Data; and
      9. make available to the Licensee on request all information necessary to demonstrate compliance with Article 28 of the UK GDPR and GDPR (and with any similar requirements under other Applicable Data Protection Laws) in relation to its Processing of Licensee Personal Data and shall, no more than once per calendar year, during the Licensor's normal business hours and subject to reasonable prior written notice and upon agreeing appropriate confidentiality provisions, allow for and contribute to audits, including inspections, by the Licensee or an auditor mandated by the Licensee.
  5. 5. Data Transfers


               EU Restricted Transfers
    1. With respect to any EU Restricted Transfers, Licensee and Licensor hereby enter into the EU Standard Contractual Clauses incorporating: (i) the general clauses (Clauses 1-6); (ii) Modules One (Transfer Controller to Controller), Two (Transfer Controller to Processor) and Four (Transfer Processor to Controller) as applicable in accordance with ‎Part A of ‎Appendix 4 to this DPA; (iii) the relevant options set out in ‎Part A of Appendix 4 to this DPA; and (iv) with the Annexes populated as set out below:
      1. Annex I of the EU Standard Contractual Clauses shall be pre-populated with the details set out in ‎Part B of ‎Appendix 4 to this DPA;
      2. Annex II of the EU Standard Contractual Clauses shall be pre-populated with the details set out in ‎Appendix 3 (Technical and Organizational Measures) to this ‎DPA; and
      3. Annex III of the EU Standard Contractual Clauses shall be pre-populated with the details set out in ‎Appendix 2 (Subprocessors) to this DPA.
    2. For the purposes of clause ‎5.1, the EU Standard Contractual Clauses shall come into effect upon commencement of an EU Restricted Transfer.
    3. Prior to the commencement of any EU Restricted Transfer to or from a Sub-processor, Licensor will enter into the EU Standard Contractual Clauses with such Sub-processor, incorporating the general Clauses (Clauses 1-6) and Module 3 (Transfer Processor to Processor).

      UK Restricted Transfers
    4. With respect to any UK Restricted Transfers, Licensee and Licensor hereby enter into the EU Standard Contractual Clauses in accordance with clause ‎5.1 and the UK Addendum in respect of any such UK Restricted Transfer.
    5. For the purposes of this DPA, “UK Addendum” means the Addendum to the EU Standard Contractual Clauses issued by the UK Information Commissioner's Office in accordance with S119A of the UK Data Protection Act 2018 and incorporating:
      1. the party details as set out in Part B of Appendix 4 to this DPA, inserted in Table 1 (Parties) of such UK Addendum;
      2. the first option in Table 2 to clarify that the UK Addendum incorporates the Approved EU SCCs as incorporated into this DPA;
      3. the list of parties and the description of the transfer of Personal Data, each as set out in ‎Part B of ‎Appendix 4 to this DPA, inserted in Table 3 (Appendix Information) of such UK Addendum;
      4. the description of the technical and organizational security measures as set out in ‎ Appendix 3 (Technical and Organizational Measures) to this ‎DPA, inserted in Table 3 (Appendix Information) of such UK Addendum;
      5. the list of Sub-processors as set out in ‎Appendix 2 (Subprocessors) to this DPA, inserted in Table 3 (Appendix Information) of such UK Addendum; and
      6. the option exporter set out in Table 4 of such UK Addendum;
    6. Licensee and Licensor agree that:
      1. the UK Addendum shall be deemed incorporated into the EU Standard Contractual Clauses entered into in accordance with clause ‎5.1 above;
      2. they shall be bound by the UK Addendum as incorporated into the EU Standard Contractual Clauses; and
      3. such UK Addendum and the EU Standard Contractual Clauses into which it is incorporated shall come into effect upon commencement of any UK Restricted Transfer.
    7. Prior to the commencement of any UK Restricted Transfer to or from a sub-processor, Licensor will enter into the EU Standard Contractual Clauses with such sub-processor, incorporating the general Clauses (Clauses 1-6), Module 3 (Transfer Processor to Processor) and the UK Addendum.
  6. 6. General Terms

    1. No variation of this DPA will be effective unless it is in writing and signed by the Parties.

APPENDIX 1 – DATA PROCESSING DETAILS

This Appendix 1 forms part of the DPA and describes the Processing of Licensee Personal Data that the Licensor will perform on behalf of Licensee.
  1. The subject matter of the Processing of the Licensee Personal Data is as follows:

    1. Licensor's provision of Goodnotes Cloud to the Licensee: in the event that Licensee and its Authorised Licensees are users of Goodnotes Cloud, Licensor hosts Licensee Personal Data stored in the Goodnotes Cloud in the capacity of a Processor on behalf of the Licensee
    2. Licensor's provision of the Subscription Services and the Software to the Licensee: Licensor processes Licensee Personal Data to set up, administer and otherwise provide the Subscription Services to the Licensee and its Authorised Licensees in the capacity of a Processor on behalf of the Licensee
    The duration of the Processing of the Licensee Personal Data is for the term of the Licence Agreement.
  2. B. The nature and purpose of the Processing of the Personal Data:

    1. The nature and purpose of the Processing of the Licensee Personal Data is to enable the Licensor to provide Goodnotes Cloud, the Subscription Services and the Software to the Licensee.
  3. C. The type of Personal Data:

    1. The Licensee Personal Data Processed may include some or all of the following attributes: (i) personal identifiers and contact information (including email address); (ii)education institution details; (iii) diagnostic data (which includes information necessary to diagnose and resolve issues which an Authorised Licensee might experience with the Software); (iv) information automatically collected or generated about an Authorised Licensee use of the Software; (v) any information/selections that an Authorised Licensee chooses to upload onto or share through Goodnotes Cloud, the Subscription Services and/or the Software or that an Authorised Licensee chooses to tell the Licensor.
  4. D. Special Categories of Personal Data:

    None.
  5. E. The categories of Data Subject to whom the Licensee Personal Data relates:

    The categories of Data Subject may include some or all of the following: the Licensee's users of the Subscription Services and Goodnotes Cloud (including the Authorised Licensees).
  6. F. The obligations and rights of the Licensee:

    The obligations and rights of the Licensee are set out in the Licence Agreement.

APPENDIX 2 – SUBPROCESSORS

The Licensor uses the following Subprocessors:

  • Amazon Web Services
  • Amplitude 
  • Braze 
  • Data Dog
  • Google 
  • Google Forms
  • HubSpot
  • Lyssna 
  • Mail Chimp
  • Markany
  • Mixpanel
  • Paddle (or other similar third party merchant of record)
  • Sprig
  • UserInterviews
  • UserTesting
  • UserVoice
  • Zendesk Inc
  • Summize
  • StreamNative
  • Snowflake
  • Statsig
  • Hex.Technologies

APPENDIX 3 – TECHNICAL AND ORGANISATIONAL MEASURES

  • Data stored on AWS servers is encrypted at rest;
  • Access to the network is heavily restricted and logged using Teleport;
  • Data is protected against DDoS attacks using AWS Shield; and
  • Intrusion detection is in place using AWS GuardDuty
  • Database servers are in a private network, and access is restricted.
  • Access is logged using a zero-trust solution called Teleport, authenticated through Okta.
  • The data is encrypted in transit via TLS v1.2.

APPENDIX 4 - CONTENT OF EU STANDARD CONTRACTUAL CLAUSES

PART 1: SELECTED MODULES AND OPTIONS OF THE EU STANDARD CONTRACTUAL CLAUSES

For the purposes of Clause 5 of the DPA, Licensee and Licensor agree that the following Modules and Options of the EU Standard Contractual Clauses shall be deemed to be incorporated:

Clause 7 (Docking clause)
Clause 7 shall not be incorporated;
Clause 8 (Data protection safeguards)
Modules One, Two and Four;
Clause 9 (Use of sub-processors)
Module Two, Option 1 and the specific time period referred to shall be 14 days;
Clause 10 (Data subject rights)
Modules One, Two and Four;
Clause 11 (Redress)
Modules One and Two and the Option in Clause 11(a) shall not be incorporated;
Clause 12 (Liability)
Modules One, Two and Four;
Clause 13 (Supervision)
Modules One and Two incorporating all paragraphs of Clause 13(a) as applicable;
Clause 14 (Local laws and practices affecting compliance with the Clauses)
Modules One, Two and Four;
Clause 15 (Obligations of the data importer in case of access by public authorities)
Modules One, Two and Four;
Clause 16 (Non-compliance with the Clauses and termination)
For Clause 16(d) the relevant parts for Modules One, Two and Four;
Clause 17 (Governing law)
Modules One and Two, Options 1 and 2 as applicable and the law inserted shall be the laws of the EU Member State in which the data exporter is established, save that: (i) where such laws do not allow for third-party beneficiary rights; or (ii) the data exporter is not established in an EU Member State, the law inserted shall be the laws of England and Wales;

Module Four and the law inserted shall be the laws of the country stated in the governing law clause of the License Agreement, save that where such law does not allow for third-party beneficiary rights, the law inserted shall be the laws of England and Wales;
Clause 18 (Choice of forum and jurisdiction)
Modules One and Two and the courts inserted shall be the courts in the Member State referred to in Clause 17 (Governing law); and

Module Four and the country inserted shall be the country stated to have jurisdiction in the Licence Agreement, save that where the laws of that country do not allow for third-party beneficiary rights, the country inserted shall be England.


PART 2: CONTENT OF ANNEX I TO THE EU STANDARD CONTRACTUAL CLAUSES

List of Parties

Data Exporter

Name: Licensee, as set out in the Licence Agreement.

Address: as set out in the Licence Agreement.

Contact person's name, position and contact details: as set out in the notice provisions in the Licence Agreement, unless the data importer notifies the data exporter otherwise.

Activities relevant to the data transferred under these Clauses: as set out in the Licence Agreement.

Role (controller/processor): controller (as applicable)

Data Importer(s)

Name: Licensor, as set out in the Licence Agreement.

Address: as set out in the Licence Agreement.

Contact person's name, position and contact details: as set out in the notice provisions in the Licence Agreement, unless the data importer notifies the data exporter otherwise.

Activities relevant to the data transferred under these Clauses: as set out in the Licence Agreement.

Role (controller/processor): controller/processor (as applicable)

Description of Transfer

Categories of data subjects whose personal data is transferred: as per the categories of data subject to whom the personal data relates set out in Appendix 1.

Categories of personal data transferred: as per the types of personal data to be processed set out in Appendix 1.

Sensitive data transferred (if applicable) and applied restrictions or safeguards that fully take into consideration the nature of the data and the risks involved, such as for instance strict purpose limitation, access restrictions (including access only for staff having followed specialised training), keeping a record of access to the data, restrictions for onward transfers or additional security measures: N/A

The frequency of the transfer (e.g. whether the data is transferred on a one-off or continuous basis): continuous unless otherwise specified in the Licence Agreement.

Nature of the processing: as per the nature of the processing set out in Appendix 1.

Purpose(s) of the data transfer and further processing: as per the purpose(s) set out Appendix 1

The period for which the personal data will be retained, or, if that is not possible, the criteria used to determine that period: as per Clause 4.2.8 of the DPA

For transfers to (sub-) processors, also specify the subject matter, nature and duration of the processing: as per the subject matter, nature and duration set out in Appendix 1.

Competent Supervisory Authority

Identify the competent supervisory authority/ies in accordance with Clause 13: The competent supervisory authority in the EU Member State in which the data exporter is established and, in the event that the data exporter is not established in an EU Member State, the data protection authority of England and Wales.


PART 3: CONTENT OF ANNEX III TO THE EU STANDARD CONTRACTUAL CLAUSES

The controller has authorised the use of the following subprocessors:
The entities set out in Appendix 2