The CUE Labs Modules Registry is in alpha testing
Modules Registry

Terms of Service & Privacy Policy – Central Registry

Preamble: These “Terms of Service – Central Registry" cover the use of the Central Registry. The Central Registry is in an experimental phase and will exist for a limited time period. At the end of the experiment, the Central Registry will be deleted. The purpose of the experimental phase is to test, evaluate and optimize the Central Registry.

1. Scope of these Terms of Service

1.1. CUE Labs Ltd, Grienbachstrasse 11, 6300 Zug, Switzerland (Company) is a Swiss company based in Zug which offers the services described on the website registry.cue.works. These “Terms of Service – Central Registry” cover the service called Central Registry of the Company which can be accessed via the website of the Company registry.cue.works (Registry).

1.2. Besides the Registry, there is an open source software language called CUE (Software) and other services of the Company (i.e. applications). The terms and conditions regarding the Software (Apache 2.0) can be found on https://github.com/cue-lang/cue. These “Terms of Service – Central Registry” (Terms of Service) only cover the use of the Registry and are not applicable to the Software and other services of the Company.

2. Conclusion of Agreement

2.1. Agreement. The agreement regarding the Registry (Agreement) is concluded between the Company and the user who uses the Registry or the organization that the user acts on behalf of while using the Registry (User). These Terms of Service are an integral part of the Agreement.

2.2. Contracting Party. If the user signing in to the Registry (Individual User) is acting as private person, the Individual User is the contracting party of the Company and confirms that:

(a) they are at least 18 years old or the legal representor(s) have confirmed that they can enter into the Agreement with Company; and

(b) they agree that they have read, understood and are bound to the Terms of Service.

If the Individual User is acting on behalf of a company, organization or any other legal entity (e.g. his employer) (Organization), the Individual User confirms that:

(a) they have full legal authority to bind the Organization to the Agreement; and

(b) they agree to the terms of the Terms of Service on behalf of the Organization.

2.3. Authentication Process. The Registry at registry.cue.works can be accessed after registering via GitHub. The User may be obliged to complete an authentication process before signing in for the Registry. The authentication process may vary depending on the User (Individual User or Organization) and depending on what functionalities of the Registry are used.

2.4. Authorisation Process. If a User wants to upload a module from a different namespace than their own on GitHub (especially if an Individual User acts for an Organization), an additional authorization process will be performed by the Company.

3. Functionalities of the Registry

3.1. General. The Registry is a platform provided by the Company to its Users for the purpose of sharing software modules for the Software (Modules). Users can upload and download Modules and share them publicly or with a specific group of people.

3.2. Uploading. Users can upload Modules for the Software to the Registry. Before uploading, the User has to decide whether the Module shall be available publicly or privately. Without the decision of the User to share the Modules only privately, the Module will be available publicly.

(a) Public Module. If a Module is uploaded and shared publicly (Public Module), the Module will be available a) to all Users of the Central Registry and b) to the Company with the right to copy the Module and share it with third parties e.g. via other platforms. The uploaded Module cannot be deleted or amended by the User once it has been uploaded.

(b) Private Module. If a Module is uploaded and shared privately (Private Module), the Module will only be available to those persons the User selects via GitHub access rights. The access rights can be amended by the User anytime via GitHub. The Module cannot be deleted or amended by the User once it has been uploaded. The Company will make a copy of the Module but will not share it with any third party (except the persons selected by the User).

3.3. Downloading. Users can download Modules as follows:

(a) Public Modules. Public Modules can be downloaded by the Company or any other User of the Registry. The Company does not proof or check the Public Modules and it is in the downloading User’s responsibility to assess the Module.

(b) Private Module. Private Modules can only be downloaded by the authorized persons defined by the User who uploaded the Private Module. The Company does not proof or check the Private Modules and it is in the downloading Users responsibility to assess the Module.

3.4. Company’s activity in the Registry. By signing up for the Registry, the User agrees that Company may access, store and read the uploaded Modules, source codes and other files uploaded to the Registry (Data). User further agrees that the Company receives automated notification via GitHub regarding specific events in the Registry (e.g. change of Data by User).

4. User’s Consent and Obligations

4.1. General Consent. The User agrees that the Company can use the Data as described in section 3.

4.2. Viruses. The User warrants that its Data does not contain any worms, viruses, spyware or malware, or any code of a destructive nature or which could be detrimental to the Company or any other User of the Central Registry or any other user of the Data.

4.3. Content of Data. The User warrants that the Data does not comprise any unlawful or illegal content and in no way infringes any personal, intellectual or other rights of third parties. The User represents and warrants, and will continuously ensure that it has the rights and/or the sufficient licenses or permissions to share the Data with, and make the Data available to, the Company and third parties.

4.4. Personal Data. The User confirms that they are allowed to share with the Company any personal data (e.g. names of software engineers as notes in the source code) which are part of the Data; and in case of Public Modules that such personal data may be shared with third parties.

4.5. Lawful Use. The User must only use the Registry in a manner that is compatible with applicable laws and regulations. The User must not use the Registry for any illegal or unauthorized purposes. The User’s use of the Registry must not infringe or violate any applicable laws or rights of third parties (including but not limited to intellectual property rights of third parties).

4.6. GitHub Account. The User is solely responsible for maintaining the security of its account with GitHub (e.g. password). The Company shall not be responsible if someone else has used the User’s GitHub account or if User has provided its account name or password to any third party. The Organization is responsible for its Individual Users’ compliance with the Terms of Service and preventing unauthorized access to the User’s account at GitHub by third parties.

4.7. Notification. The User shall promptly notify the Company of any suspected or alleged violation of the Terms of Service and shall cooperate with the Company with respect to investigation of any suspected or alleged violation of the Terms of Service.

5. Data Security and Confidentiality

5.1. Data Hosting. If the Company stores a copy of Data, such copy will be saved on servers operated by Google Ireland Limited, Dublin, Ireland (Google) which are located in the European Union.

Please see https://cloud.google.com/docs/security/encryption/default-encryption for information regarding the data security provided by Google. The Company downloads copies of the Data with reasonable security measures and over encrypted channels (e.g., https://). User explicitly agrees that a copy of the Data may be stored on servers according to this section 5.1.

5.2. Confidentiality of Data. The Company will keep the Private Modules strictly confidential and not share it with any third party, except to the extent as may be required by any competent judicial, governmental or regulatory body or to deliver the services as outlined in section 3. These confidentiality provisions do not apply to the Public Modules and any information that is available in the public domain.

6. Privacy

6.1. User personal data. The Company processes personal data of the Users for the purposes set out in these Terms of Service in compliance with applicable data protections laws (especially the General Data Protection Regulation of the European Union (GDPR)) as follows:

(a) The Company processes the following personal data: (i) GitHub username and e-mail address of Individual User; (ii) namespace of the Individual User and Organization; (iii) all interactions of the Users with the Registry; (iv) GitHub repository collaborator lists; (v) IP addresses.

(b) The personal data is used by the Company to conclude the Agreement and act according to the Terms of Service.

(c) The personal data is processed on the basis of Article 6(1)(b) GDPR for the performance of the Agreement.

(d) The personal data is only disclosed to Google which acts as Company’s data processor when copies of Modules are downloaded by the Company.

(e) The personal data is saved in Switzerland and countries of the European Union.

(f) The personal data is saved during the term of the Agreement and deleted as soon as the Company does not need the data anymore.

6.2. Other Personal Data. The Company further processes personal data contained in the Data as follows: Personal data included in the copies of the Data downloaded by the Company is saved on the server’s according to section 5.1 incidentally to the downloading of copies of the Data. The Company will not use this personal data for any purposes besides according to sections 3.

6.3. Data Controller. The Company is the data controller according to applicable data protection laws (especially GDPR) for processing of personal data according to this section 6. The contact person of the Company for the User regarding data protection can be reached via e-mail to contact@cuelabs.dev.

7. Intellectual Property

7.1. Company’s IP. The Company owns all intellectual property and other rights to a) the Registry and b) all services related to the Registry (Company’s IP). The User is not allowed to use Company’s IP except as provided in this Terms of Service.

7.2. User Data. The User confirms that it owns all intellectual property rights in the Data or has the legal right to use such Data and provide it to Company according to these Terms of Service.

7.3. Public Modules. User grants the Company a worldwide, non-exclusive, royalty-free, sublicensable, transferable license in the Public Modules to receive, host, store, analyze, process, copy, create derivative works distribute, publicly perform, publicly display, publicly share, amend and adapt the Public Modules.

7.4. Private Modules. User grants the Company a worldwide, non-exclusive, royalty-free license to host, store, read and distribute the Private Modules according to these Terms of Service.

7.5. User Rights. The User downloading a Public Module is granted a non-exclusive, non-transferable, non-sublicensable, worldwide license to use the Public Module for internal purposes. The User especially is not allowed to share the Public Modules with third parties.

8. Warranty and Liability

8.1. No warranties. The Registry is provided by the Company without any warranty of any kind, express or implied, including but not limited: any warranty to merchantability, fitness for a particular purpose, security, confidentiality or noninfringement. The Company especially does not warrant anything regarding the Modules uploaded to the Registry. Downloaded Modules are used on the sole responsibility of the downloading User and the User cannot make the Company liable for any damages that might arise from the use of a Module.

8.2. Limitation of Liability. The liability of the Company in connection with the Agreement is excluded to the extent possible by applicable law, especially the liability for slight negligence and auxiliary persons is excluded.

8.3. No liability Regarding Servers. The User explicitly agrees that the Data (including personal data contained in the Data) is stored on the servers according to section 5.1. The Company is not liable for any damages (including loss of data) due to breach of security of the servers according to section 5.1 caused by Google or any third parties.

8.4. Data Loss. The Company is not obliged to provide the User any copies of Data in case the User loses its Data.

8.5. Intellectual Property. The User shall not infringe the intellectual property rights of the Company or of any third parties. The User expressly agrees to defend, hold harmless and indemnify the Company against any claim, demand, suit or proceeding made or brought against the Company by any third party alleging that the Data or use of the Data infringes any intellectual property rights of a third party, or violates any applicable laws or regulations. The User agrees to a) promptly give the Company written notice of any such claim, demand, suit or proceeding; and b) give the Company sufficient control to defend and settle such claim, demand, suit or proceeding (provided that the User may not settle any claim, demand, suit or proceeding itself and the settlement unconditionally releases the Company from all liability).

9. Term

9.1. Start. The Agreements starts at the moment the User signs in for the first time to the Registry.

9.2. Termination by User. The User can terminate the Agreement at any time by deleting their account on the Registry. The uploaded Modules remain on the Registry according to the terms in this Agreement.

9.3. Termination by Company. The Company can terminate or suspend the Agreement at any time.

10. Amendments

10.1. The Company may amend or change these Terms of Service at any time. Amended Terms of Service are valid as soon as published by the Company on its website registry.cue.works/terms.

11. General Provisions

11.1. Assignment. Neither party may assign or otherwise transfer this Agreement, or any of a party’s rights or obligations under this Agreement, to any third party without the other party’s prior written consent, which consent must not be unreasonably withheld, delayed or conditioned; provided, however, that the Company may assign or otherwise transfer this Agreement, (a) to a successor-in-interest in connection with a merger, acquisition, reorganization, a sale of all or substantially all of its assets, or other change of control, or (b) to a affiliate.

11.2. No Partnership. Nothing in the Agreement is intended nor shall be deemed to create any partnership, agency or joint venture relationship by or between the parties.

11.3. Severability. Should any part or provision of this Agreement be held to be invalid or unenforceable, the other provisions of this Agreement will nonetheless remain valid. In this case, the invalid or unenforceable provisions shall be replaced by a substitute provision that best reflects the economic intentions of the parties.

11.4. Applicable Law. This Agreement and all claims arising out of, or in connection with, this Agreement (including all claims arising out of contract, tort, or unjust enrichment) are in all respects governed, construed, and enforced according to the substantive laws of Switzerland.

11.5. Jurisdiction. The courts at the registered seat of the Company have exclusive jurisdiction for any and all disputes arising out of or in connection with this Agreement.