Android Zero-touch Customer Agreement

This Android Zero-Touch End Customer Agreement (“Agreement”) is entered into by and between Google LLC, a Delaware limited liability corporation, with offices at 1600 Amphitheatre Parkway, Mountain View, California 94043 (“Google”) and your employer or another legal entity that you represent (“Customer”) to allow Customer to access and use the Services. This Agreement does not alter or modify the terms of any other written agreement that Customer may have with Google for other products, services or otherwise.

If you are accepting this Agreement on behalf of Customer, you represent and warrant that (a) you have full legal authority to bind that entity to this Agreement, (b) you have read and understand the Agreement, and (c) you agree to the terms and conditions of this Agreement. If you don’t have the legal authority to bind Customer, please do not click the “I accept the Terms of Service” button below. This Agreement is effective as of the date you click “I accept the Terms of Service” below (the “Effective Date”).

  1. ZERO-TOUCH ENROLLMENT
    • 1.1 Services Use. Subject to this Agreement, during the Term, you, Customer, may: (a) use the Services, and (b) use any Software provided by Google as part of the Services. Customer may not sublicense or transfer these rights except as permitted under Section 7.2 of the Agreement. Google will provide the Services to Customer. As part of receiving the Services, Customer will have access to the Services, through which Customer may, in conjunction with an EMM or as otherwise approved in advance by Google in writing, administer the Services for use on Customer’s Android devices.
    • 1.2 Facilities. All facilities used to store and process Customer Data will adhere to reasonable security standards no less protective than the security standards at facilities where Google processes and stores its own information of a similar type. Google has implemented at least industry standard systems and procedures to (i) ensure the security and confidentiality of Customer Data, (ii) protect against anticipated threats or hazards to the security or integrity of Customer Data, and (iii) protect against unauthorized access to or use of Customer Data.
    • 1.3 Accounts. A Customer Record shall be created for Customer, which is tied to Accounts for Customer IT Admin(s) to use the Services. Customer IT Admin(s) are responsible for the information they provide to create the Account, the security of the password used for the Account, and for any use of its Account. If Customer or Customer IT Admin becomes aware of any unauthorized use of its password or its Account, Customer will notify Google as promptly as possible.
    • 1.4 New Applications and Services. Google may: (a) make new applications, tools, features or functionality available from time to time through the Services and (b) add new services to the "Services" definition from time to time (by adding them at the URL set forth under that definition), the use of which may be contingent upon Customer’s agreement to additional terms.
    • 1.5 Modifications.
      • a. To the Services. Google may make updates to the Services from time to time. If Google makes a material change to the Services, Google will inform Customer.
      • b. To the Agreement. Google may make changes to this Agreement (and any linked documents) from time to time. Unless otherwise noted by Google, material changes to the Agreement will become effective 30 days after they are posted, except if the changes apply to new functionality in which case they will be effective immediately. If Customer does not agree to the revised Agreement, please stop using the Services. Google will post any modification to this Agreement at https://www.android.com/enterprise/enrollment/terms/ or such other URL as Google may provide and as may be amended from time to time.
      • c. To the Data Processing and Security Terms. The Data Processing and Security Terms and the Android GDPR Commitments reflect the parties’ agreement with respect to the terms governing the processing and security of Customer Data under the Agreement. Google may only change the Data Processing and Security Terms where such change is required to comply with applicable law, applicable regulation, court order, or guidance issued by a governmental regulator or agency, where such change is expressly permitted by the Data Processing and Security Terms, or where such change:
        • 1. is commercially reasonable;
        • 2. does not result in a degradation of the overall security of the Services
        • 3. does not expand the scope of or remove any restrictions on Google’s processing of Customer Personal Data, as described in Section 5.2 (Scope of Processing) of the Data Processing and Security Terms; and
        • 4. does not otherwise have a material adverse impact on Customer’s rights under the Data Processing and Security Terms.
      • d. If Google makes a material change to the Data Processing and Security Terms in accordance with this Section 1.5, Google will post the modification to the URL provided in Section 8.7 below.
  2. CUSTOMER OBLIGATIONS
    • 2.1 In addition to Customer’s other obligations set forth in this Agreement, Customer agrees that:
      • a. Customer will not use the Services for an illegal purpose, including but not limited to violating applicable laws and misusing the provisioning service;
      • b. Customer will only use the Services on enterprise Android devices or on such other Android devices as otherwise may be approved in advance by Google in writing;
      • c. Customer and/or authorized subcontractors transfer or share any of the Services without notification to Google;
      • d. Customer will not reproduce, change or tamper with the Identifiers on the Android devices or allow anyone else to do so;
      • e. Customer is responsible for the integrity of the Identifier data that resides on the provisioning console;
      • f. Customer is responsible for deprovisioning the devices from managed state when the devices are being end-of-lifed; and
      • g. in the event Customer disposes of any Android devices using the Services, Customer and/or its authorized subcontractor is responsible for removing such Android devices from the Services.
    • 2.2 Compliance. Customer is solely responsible for its Customer Data. Google reserves the right to review the Customer Data for compliance with applicable laws. Customer is responsible for ensuring all Customer IT Admins comply with Customer’s obligations under this Agreement including but not limited to, the restrictions in Sections 2.3 and 2.4 below.
    • 2.3 Privacy.
      • a. Customer Obligations. Customer will obtain and maintain any required consents necessary or other lawful basis to permit the use of the Services or processing of Customer Data under this Agreement and will comply in all respects with the Data Processing and Security Terms.
      • b. Application of the Data Processing and Security Terms. Google will process Customer Data accessed in connection with the Services in accordance with the Data Processing and Security Terms and the Android GDPR Commitments.
    • 2.4 Restrictions. Customer will not, and will not allow third parties under its control to: (a) copy, modify, create a derivative work of, reverse engineer, decompile, translate, disassemble, or otherwise attempt to extract any or all of the source code of the Services (subject to Section 2.5 below and except to the extent such restriction is expressly prohibited by applicable law); (b) use the Services for High Risk Activities; (c) sublicense, resell, or distribute any or all of the Services; or (d) process or store any Customer Data that is subject to the International Traffic in Arms Regulations maintained by the U.S. Department of State. Unless otherwise specified in writing by Google, Google does not intend uses of the Services to create obligations under HIPAA, and makes no representations that the Services satisfy HIPAA requirements. If Customer is (or becomes) a Covered Entity or Business Associate (as defined in HIPAA), Customer will not use the Services for any purpose or in any manner involving Protected Health Information (as defined in HIPAA) unless Customer has received prior written consent to such use from Google.
    • 2.5 Third Party Components. Third party components (which may include open source software) of the Services may be subject to separate license agreements. To the limited extent a third party license expressly supersedes this Agreement, that third party license governs Customer’s use of that third party component.
    • 2.6 Documentation. Google may provide documentation for Customer’s use of the Services. The documentation may specify restrictions (e.g. attribution or HTML restrictions) on how the Services may be used and Customer will comply with any such restrictions specified.
    • 2.7 Copyright Policy. Google provides information to help copyright holders manage their intellectual property online, but Google cannot determine whether something is being used legally or not without their input. Google responds to notices of alleged copyright infringement and terminates Accounts of repeat infringers according to applicable copyright laws including in particular the process set out in the U.S. Digital Millennium Copyright Act. If Customer thinks somebody is violating Customer’s or Customer IT Admins’ copyrights and wants to notify Google, Customer can find information about submitting notices, and Google’s policy about responding to notices at http://www.google.com/dmca.html or such other URL as Google may provide and as may be amended from time to time.
    • 2.8 Permissible Usage Policy. Customer agrees to comply with the Permissible Usage Policy (“Policy”), available at https://developers.google.com/zero-touch/permissible-usage , when using the zero-touch enrollment portal as referenced in https://developers.google.com/zero-touch/ . Google reserves the right to update the Policy from time to time.
  3. TERM, TERMINATION, SUSPENSION AND SURVIVAL
    • 3.1 Term and Termination. This Agreement will commence on the Effective Date and will continue unless terminated by either party in accordance with this Section 3.1. Google reserves the right to terminate this Agreement for any reason without notice and at any time without liability or other obligation to Customer. In addition, Google reserves the right, in its sole discretion, to remove Customer’s access to the Services at any time. Upon termination of this Agreement, Customer will immediately stop using the Services.
    • 3.2 Suspension/Removals. If Customer becomes aware that any Customer Data violates applicable law, Customer will immediately suspend the Service and/or remove the relevant Customer Data (as applicable). If Customer fails to suspend or remove as noted in the prior sentence, Google may specifically request that Customer do so. If Customer fails to comply with Google’s request to do so within twenty-four hours, then Google may disable the Service, and/or disable the Account(s) (as may be applicable) until such violation is corrected.
    • 3.3 Survival. Following termination of this Agreement or suspension of the Services, the terms of this Agreement that by their nature are intended to continue indefinitely will continue to apply, including but not limited to terms restricting use or disclosure of data and Sections 3.3, and 4 - 7.
  4. CONFIDENTIALITY, PUBLICITY
    • 4.1 Definition. “Confidential Information” means information that one party (or an affiliate) discloses to the other party under this Agreement, and that is marked as confidential or would normally be considered confidential information under the circumstances. It does not include information that is independently developed by the recipient, is rightfully given to the recipient by a third party without confidentiality obligations, or becomes public through no fault of the recipient.
    • 4.2 Confidentiality Obligations. The recipient will not disclose the other party’s Confidential Information, except to employees, affiliates, agents, or professional advisors (“Delegates”) who need to know it and who have a legal obligation to keep it confidential. The recipient will use the other party’s Confidential Information only to exercise rights and fulfill obligations under this Agreement while using reasonable care to protect the Confidential Information. The recipient will ensure that its Delegates are also subject to the same non-disclosure and use obligations. The recipient may disclose Confidential Information when required by law after giving reasonable notice to the disclosure, if permitted by law.
    • 4.3 Publicity. Neither party may make any public statement, including issuing any press releases or announcements, or any marketing, advertising, or other promotional materials, regarding this Agreement without the other’s written approval. Furthermore, if Customer wishes to include Google’s name and/or Company’s trade names, trademarks, or service marks in any promotional materials, Customer must also abide by the Android enterprise branding requirements provided at https://partnermarketinghub.withgoogle.com/#/brands/1ataz0_wriMlnCG4SYdQIisIqt2YiHcp6/1epD7rYx6AOouO425UbgsLh1U5-lN_uwwqjf2EpFpjSs or such other URL as Google may provide and as may be amended from time to time.
  5. DISCLAIMER OF WARRANTIES
    • 5.1 NEITHER GOOGLE NOR ITS SUPPLIERS OR DISTRIBUTORS MAKE ANY SPECIFIC PROMISES ABOUT THE SERVICES, INCLUDING THAT THE SERVICES WILL BE UNINTERRUPTED OR ERROR-FREE. FOR EXAMPLE, GOOGLE DOES NOT MAKE ANY COMMITMENTS ABOUT THE DATA ACCESSED THROUGH THE SERVICES (INCLUDING THE RELIABILITY OR ACCURACY OF THE DATA), ANY SPECIFIC FUNCTIONS OR ASPECTS OF THE SERVICES, OR THEIR RELIABILITY, AVAILABILITY, OR ABILITY TO MEET CUSTOMER’S NEEDS. GOOGLE PROVIDES THE SERVICES "AS IS".
    • 5.2 TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, GOOGLE DISCLAIMS ALL WARRANTIES AS TO THE PROGRAM, INCLUDING IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT AND FITNESS FOR A PARTICULAR PURPOSE.
  6. LIMITATION OF LIABILITY
    • 6.1 TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, GOOGLE, AND GOOGLE’S SUPPLIERS AND DISTRIBUTORS, WILL NOT BE RESPONSIBLE FOR LOST PROFITS, REVENUES, OR DATA; FINANCIAL LOSSES; OR INDIRECT, SPECIAL, CONSEQUENTIAL, EXEMPLARY, OR PUNITIVE DAMAGES.
    • 6.2 TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, THE TOTAL LIABILITY OF GOOGLE, AND ITS SUPPLIERS AND DISTRIBUTORS, FOR ANY CLAIM UNDER THESE TERMS IS LIMITED TO THE GREATER OF AMOUNTS PAID OR PAYABLE BY COMPANY UNDER THESE TERMS OR US$100.
    • 6.3 IN ALL CASES, GOOGLE, AND ITS SUPPLIERS AND DISTRIBUTORS, WILL NOT BE LIABLE FOR ANY EXPENSE, LOSS, OR DAMAGE THAT IS NOT REASONABLY FORESEEABLE.
  7. GENERAL
    • 7.1 Notices. All legal notices must be in English, in writing and addressed to the other party’s Legal Department. The address for notices to Google’s Legal Department is legal-notices@google.com. All other notices must be in English, in writing and addressed to the other party’s primary contact. Emails are written notices. Notice will be treated as given on receipt, as verified by written or automated receipt or by electronic log (as applicable).
    • 7.2 Assignment. Neither party may assign any part of this Agreement without the written consent of the other, except to an affiliate where: (a) the assignee has agreed in writing to be bound by the terms of this Agreement; (b) the assigning party remains liable for obligations under this Agreement if the assignee defaults on them; and (c) the assigning party has notified the other party of the assignment. Any other attempt to assign is void.
    • 7.3 Change of Control. During the Agreement’s term, if a party experiences a change of control (for example, through a stock purchase or sale, merger, or other form of corporate transaction): (a) that party will give written notice to the other party within 30 days after the change of control; and (b) the other party may immediately terminate this Agreement any time between the change of control and 30 days after it receives that written notice.
    • 7.4 Subcontracting. Either party may subcontract any of its obligations under this Agreement, but will remain liable for all subcontracted obligations and its subcontractors’ acts or omissions.
    • 7.5 Force Majeure. Neither party will be liable for failure or delay in performance to the extent caused by circumstances beyond its reasonable control.
    • 7.6 No Waiver. Neither party will be treated as having waived any rights by not exercising (or delaying the exercise of) any rights under this Agreement.
    • 7.7 No Agency. This Agreement does not create any agency, partnership, or joint venture between the parties.
    • 7.8 No Third-Party Beneficiaries. This Agreement does not confer any benefits on any third party unless it expressly states that it does.
    • 7.9 Amendments. Any amendment must be in writing, signed by both parties, and expressly state that it is amending this Agreement.
    • 7.10 Entire Agreement. This Agreement states all terms agreed between the parties and supersedes all other agreements between the parties relating to its subject matter. If any term (or part of a term) of this Agreement is invalid, illegal or unenforceable, the rest of this Agreement will remain in effect. If there is a conflict between any term of this Agreement and a term of a separate agreement between the parties, the term of this Agreement will govern. If this Agreement is translated into any other language, and there is a discrepancy between the English text and the translated text, the English text will govern. The parties may execute this Agreement in counterparts, including facsimile, PDF, and other electronic copies, which taken together will constitute one instrument.
    • 7.11 Governing Law. ALL CLAIMS ARISING OUT OF OR RELATING TO THIS AGREEMENT WILL BE GOVERNED BY CALIFORNIA LAW, EXCLUDING CALIFORNIA’S CONFLICT OF LAWS RULES, AND WILL BE LITIGATED EXCLUSIVELY IN THE FEDERAL OR STATE COURTS OF SANTA CLARA COUNTY, CALIFORNIA, USA; THE PARTIES CONSENT TO PERSONAL JURISDICTION IN THOSE COURTS. NOTHING IN THIS AGREEMENT WILL LIMIT EITHER PARTY’S ABILITY TO SEEK INJUNCTIVE RELIEF.
  8. DEFINITIONS
    • 8.1 “Account” means the individual Google account that allows a Customer IT Admin to use the Services.
    • 8.2 “Android” is the open-source application framework, libraries, runtime, and kernel which are published at http://source.android.com (or successor sites), and any software development kits made available at http://developer.android.com (or successor sites).
    • 8.3 “Android GDPR Commitments” means the terms available at https://www.android.com/enterprise/data-protection/ or such other URL as Google may provide and as may be amended from time to time.
    • 8.4 “Customer API” means the API that allows Customer to access the Services programmatically and is described at https://developers.google.com/zero-touch/reference/customer/rest or such other URL as Google may provide and as may be amended from time to time.
    • 8.5 “Customer Data” means data provided by or on behalf of Customer or Customer IT Admins under this Agreement.
    • 8.6 “Customer IT Admin” means Customer’s IT admin that has been granted permission by Customer to access the Services provided under this Agreement.
    • 8.7 “Customer Record” means an enterprise-level account created for Customer in order to use the Services.
    • 8.8 “Data Processing and Security Terms” means Google’s Android Enterprise Data Processing and Security Terms available at https://www.android.com/enterprise/data-protection/terms/ or such other URL as Google may provide and as may be amended from time to time.
    • 8.9 “EMM” means a third-party Enterprise Mobility Management provider who Customer elects to work with to allow Customer to manage their enterprise devices.
    • 8.10 “High Risk Activities” means activities where the failure of the Services could lead to death, serious personal injury, or severe environmental or property damage.
    • 8.11 “Identifier” means the applicable device serial number, International Mobile Equipment Identity (IMEI) number, Mobile Directory Number (MDN) and/or the Mobile Equipment Identifier (MEID) as the case may be.
    • 8.12 “Services” means the zero-touch portal and the Customer API that Google provides to Customer to enable Customer to enroll Android devices for enterprise use or for such other use as may be pre-approved by Google in writing.
April 17, 2024