Terms & Conditions (California only)

Terms and Agreements

Content:

  • SERVICE LEVEL AGREEMENT (SLA)
  • DATA PROCESSING ADDENDUM (DPA)
  • PUBLIC RECORDS ACT SUMMARY

SERVICE LEVEL AGREEMENT (SLA)

(California Municipal Version)

This Service Level Agreement (“SLA”) is entered into by and between Eulora LLC, d/b/a ToltHawk (“ToltHawk”) and the customer (“Customer”), and is incorporated by reference into the applicable agreement between the parties.

1. Purpose and Scope

ToltHawk provides remote environmental monitoring services, including sensor data collection, transmission, cloud hosting, dashboards, and alerting (“Services”).

The Services are intended solely as situational awareness and decision-support tools. They are not designed, intended, or warranted as emergency response systems, life-safety systems, or fail-safe infrastructure.

2. Service Availability

Services are provided on a commercially reasonable, best-effort basis, consistent with industry practice for distributed IoT monitoring systems.

ToltHawk does not guarantee:

  • Continuous availability
  • Real-time data delivery
  • Specific polling intervals, latency, or alert timing
  • Uninterrupted cellular or satellite connectivity

Service availability may be impacted by factors outside ToltHawk’s control, including weather conditions, network congestion, power limitations, environmental interference, or third-party service providers.

3. Maintenance

ToltHawk may perform scheduled or unscheduled maintenance that temporarily affects Services. When practicable, reasonable notice will be provided.

Emergency maintenance may be performed without prior notice.

4. Support and Incident Response

Support is provided during standard business hours unless otherwise agreed in writing.

ToltHawk will use commercially reasonable efforts to investigate reported issues but does not commit to guaranteed response or resolution times unless expressly stated in a signed agreement.

5. Alerts and Notifications

Alerts are generated and delivered on a best-effort basis.

ToltHawk does not warrant or guarantee:

  • Delivery, receipt, acknowledgment, or timeliness of alerts
  • Detection of all flooding, blockages, equipment failures, or hazardous conditions

Customer is solely responsible for:

  • Configuring alert thresholds
  • Maintaining accurate contact information
  • Establishing operational response procedures

Alerts are supplemental tools and do not replace field inspections, engineering judgment, or emergency protocols.

6. Service Credits

Unless explicitly stated in a signed agreement, no service credits, penalties, or refunds apply for service interruptions, missed alerts, or data latency.

7. Exclusions

This SLA does not apply to service issues caused by:

  • Improper installation or mounting
  • Customer-supplied structures, power, or access
  • Vandalism, theft, or physical damage
  • Acts of God or force majeure (including storms, flooding, fires, earthquakes)
  • Third-party carrier or infrastructure failures

8. Limitation of Liability

Any liability related to service availability is subject to the limitation of liability set forth in the governing agreement. In no event shall ToltHawk be liable for indirect, incidental, special, or consequential damages.

9. Governing Law

This SLA is governed by the laws of the State of California, without regard to conflict-of-law principles. Venue shall lie in California courts of competent jurisdiction unless otherwise required by statute.


DATA PROCESSING ADDENDUM (DPA)

(California CPRA-Aware / Municipal Version)

This Data Processing Addendum (“DPA”) forms part of the agreement between Eulora LLC, d/b/a ToltHawk (“Service Provider”) and the customer (“Customer”) and governs the processing of data generated by ToltHawk monitoring systems.

This DPA is intended to comply with the California Privacy Rights Act (CPRA) and the California Public Records Act, California Government Code §6250 et seq.

1. Roles Under CPRA

For purposes of the California Privacy Rights Act:

  • Customer is the Business
  • ToltHawk is a Service Provider

ToltHawk processes data solely on behalf of Customer and only for the purposes described in this DPA and the governing agreement.

2. Scope of Data Processed

ToltHawk may process the following categories of data (“Customer Data”):

  • Environmental sensor measurements (e.g., water level, temperature, flow indicators)
  • Images or visual data where enabled by Customer
  • Device diagnostics, health metrics, and configuration metadata
  • Alerting logs and system activity records

ToltHawk systems are not designed to intentionally collect personal information. Any incidental personal information captured is processed solely at the direction of the Customer.

3. Data Ownership

All Customer Data generated by sensors deployed at Customer sites remains the exclusive property of the Customer.

Nothing in this DPA transfers ownership of Customer Data to ToltHawk.

4. Purpose Limitation and Use Restrictions (CPRA)

ToltHawk shall:

  • Process Customer Data only to provide the contracted services
  • Not sell, share, or disclose Customer Data for targeted advertising or unrelated purposes
  • Not retain, use, or disclose Customer Data outside the scope of the governing agreement

ToltHawk may use aggregated and anonymized data that cannot reasonably identify the Customer or any individual for system improvement and analytics.

5. Security Safeguards

ToltHawk shall implement reasonable administrative, technical, and physical safeguards appropriate to the nature of the Customer Data, including:

  • Secure data transmission methods where supported
  • Logical access controls and authentication
  • Role-based internal access limitations

6. Subprocessors

ToltHawk may engage subprocessors (such as cloud hosting providers or network carriers) to deliver the services.

ToltHawk shall require subprocessors to comply with obligations consistent with this DPA and applicable CPRA service-provider requirements.

7. Data Retention and Deletion

Customer Data shall be retained only as long as necessary to provide the services or as otherwise agreed in writing.

Upon termination of services, Customer may request export or deletion of Customer Data, subject to reasonable technical, legal, and archival constraints applicable to public agencies.

8. California Public Records Act (Gov. Code §6254)

8.1 Public Records Acknowledgment

Customer is a public agency subject to the California Public Records Act, California Government Code §6250 et seq. (“PRA”).

Customer Data may constitute public records subject to disclosure under the PRA unless an exemption applies, including exemptions set forth in California Government Code §6254.

Nothing in this DPA shall be construed to limit Customer’s legal obligations or authority under the PRA.

8.2 No Confidentiality Assertion by Default

ToltHawk acknowledges that Customer cannot agree to keep records confidential where disclosure is required by law.

ToltHawk shall not assert confidentiality over Customer Data solely because such data is generated, hosted, or processed by ToltHawk systems.

8.3 Assistance with PRA Requests

Upon reasonable written request, ToltHawk shall provide commercially reasonable assistance to Customer in locating, retrieving, or exporting Customer Data necessary for Customer to respond to a PRA request.

ToltHawk is not required to create new records, summaries, or analyses not maintained in the ordinary course of business.

8.4 PRA Exemptions and Security-Sensitive Information

Customer retains sole discretion to determine the applicability of PRA exemptions, including but not limited to exemptions under California Government Code §6254 related to:

  • Infrastructure security
  • Critical facilities or systems
  • Vulnerability assessments
  • Public safety or emergency response information

ToltHawk shall reasonably cooperate with Customer in identifying data that may fall within such exemptions, while final disclosure determinations remain with the Customer.

8.5 Costs of Compliance

If compliance with a PRA request requires extraordinary effort beyond normal service operations, Customer agrees that ToltHawk may recover reasonable, documented costs associated with data retrieval or export, consistent with California law and the governing agreement.

8.6 No Independent Disclosure by ToltHawk

ToltHawk shall not disclose Customer Data in response to a PRA request or other third-party demand without Customer’s prior written direction, unless required by law or court order.

If ToltHawk receives a direct request or legal demand for Customer Data, it shall promptly notify Customer unless legally prohibited from doing so.

9. CPRA Certifications

ToltHawk certifies that it:

  • Acts solely as a Service Provider under CPRA
  • Does not sell or share Customer Data
  • Will comply with CPRA-consistent instructions provided by Customer

10. Limitation of Liability

Any liability arising from data processing activities is subject to the limitation of liability provisions set forth in the governing agreement.

11. Governing Law

This DPA is governed by the laws of the State of California, without regard to conflict-of-law principles.

PUBLIC RECORDS ACT SUMMARY

(California Government Code §6250 et seq.)

Purpose

This summary explains how data generated and processed by ToltHawk systems is handled in the context of the California Public Records Act (PRA). It is provided for convenience only and does not replace the governing agreement or applicable law.

1. Public Records Applicability

Customer is a public agency subject to the California Public Records Act.

Data generated by ToltHawk monitoring systems may constitute public records unless an exemption applies under California law, including exemptions set forth in California Government Code §6254.

Nothing in ToltHawk’s agreements restricts or limits Customer’s obligations under the PRA.

2. Ownership and Control of Records

  • All data generated at Customer sites remains Customer-owned
  • Customer retains full authority to determine:
    • Whether a record is subject to disclosure
    • Whether an exemption applies
    • The form and timing of any disclosure

ToltHawk does not independently determine PRA applicability.

3. No Automatic Confidentiality

ToltHawk does not assert confidentiality over Customer Data by default.

Any confidentiality provisions in the governing agreement are subject to PRA disclosure requirements and applicable exemptions under California law.

4. Security and Infrastructure-Sensitive Exemptions

Certain data associated with flood monitoring, stormwater infrastructure, or critical facilities may qualify for exemption under California Government Code §6254, including exemptions related to:

  • Infrastructure security
  • Vulnerability assessments
  • Emergency response systems
  • Public safety operations

Customer retains sole discretion in determining whether such exemptions apply.

5. ToltHawk’s Role in PRA Requests

Upon reasonable request, ToltHawk will provide commercially reasonable assistance to help Customer:

  • Locate relevant data
  • Export records in commonly used electronic formats
  • Understand data structure or metadata where needed

ToltHawk is not required to create new records or analyses that do not already exist.

6. No Independent Disclosure by ToltHawk

ToltHawk will not disclose Customer Data directly in response to a PRA request or third-party demand without Customer’s written direction, unless required by law or court order.

If ToltHawk receives a direct request for Customer Data, it will promptly notify Customer unless legally prohibited.

7. Cost Considerations

If responding to a PRA request requires extraordinary data retrieval or export efforts beyond normal service operations, reasonable costs may be recoverable as permitted by law and the governing agreement.

8. Relationship to Governing Agreement

This summary is informational only. The legally binding terms governing Public Records Act compliance are set forth in:

  • The Data Processing Addendum (DPA)
  • The Master Services Agreement or Terms and Conditions
  • Applicable California law

In the event of any conflict, the governing agreement and applicable law control.