1. Scope; Definitions. This Software Services Agreement (“Agreement”) will govern Customer’s use of the Figma Platform. Capitalized terms used but not defined herein are defined in Exhibit A.

2. Service Terms. Customer agrees to comply with the Service Terms attached as Exhibit B.

3. Figma Obligations.

3.1. License. Subject to the terms and conditions of this Agreement, Figma hereby grants Customer a limited, non-exclusive, non-transferable (subject to Section 10.9), non-sublicensable license in the Territory, during the Order Term, for Authorized Users to access and use the Figma Platform in connection with Customer’s and its Affiliates’ internal business operations.

3.2. Figma Security Standards. Figma will comply with the security requirements set forth in Exhibit C.

4. Charges and Payment.

4.1. Fees. Customer will pay Figma all fees described in an Order in accordance with the terms therein (the “Fees”). All fees are stated and solely payable in U.S. Dollars, are non-refundable and are not subject to setoff. Customer is solely responsible for any bank fees, interest charges, finance charges, overdraft charges, and any other fees Customer incurs as a result of the charges billed by us. If the Order renews, Figma may change the fees applicable to a renewed Order Term by providing Customer with at least 45 days’ written notice of the new fees before the end of the then-current Order Term. For clarity, any change in fees will not apply to the then-current Order Term.

4.2. Payment. Unless otherwise specified in an Order, (a) Customer will be invoiced annually in advance and thereafter according to the true-up schedule described in an Order, and (b) full payment is due 30 days after the date of receipt of the applicable invoice to the email address specified in the Order. Unpaid amounts are subject to a finance charge of 1.5% per month on any outstanding balance, or the maximum permitted by law, whichever is lower. In the event that Customer fails to pay the full amount owed under an Order, Figma may limit Customer’s access to the Figma Platform, in addition to any other rights or remedies Figma may have.

4.3. Taxes. Fees do not include taxes, and Customer agrees to: (a) pay all sales/use, gross receipts, value-added, GST, personal property, or other tax (including any interest and penalties) with respect to the transactions and payments under this Agreement, other than taxes based on Figma’s income, employees, or real property; and (b) be responsible for any filing of any information or tax returns with respect thereto.

4.4. Withholding. Further, all payments made by Customer to Figma under this Agreement will be made free and clear of any deduction or withholding. If any such deduction or withholding (including but not limited to cross-border withholding taxes) is required by law, Customer will pay such additional amounts as are necessary so that the net amount received by Figma after such deduction or withholding will be equal to the full amount that Figma would have received if no deduction or withholding had been required. Each party will use commercially reasonable efforts to work with the other party to help obtain, reduce, or eliminate any necessary withholding, deduction, or royalty tax exemptions where applicable.

5. Confidentiality and Security.

5.1. Confidential Information. Each party (the “Discloser”) has disclosed or may disclose proprietary or non-public business, technical, financial, or other information in anticipation of this Agreement or during the term of this Agreement (“Confidential Information”) to the other party (the “Recipient”). Confidential Information of Figma expressly includes non-public information regarding features, functionality, and performance of the Figma Platform, and Confidential Information of the Customer expressly includes Customer Materials. However, Confidential Information excludes any information that: (a) is or becomes generally available to the public without action or omission by Recipient; (b) was in the Recipient’s possession or known by it prior to receipt from the Discloser; (c) was rightfully disclosed to the Recipient without restriction by a third party; or (d) was independently developed by Recipient without use of or reference to any Confidential Information of the Discloser.

5.2. Obligations. The Recipient will use the Discloser’s Confidential Information only to exercise its rights and fulfill its obligations under this Agreement, including, in Figma’s case, to provide the Figma Platform to Customer. The Recipient will use reasonable care to protect against disclosure of the Discloser’s Confidential Information to parties other than the Recipient’s employees, contractors, Affiliates, agents, or professional advisors (“Representatives”) who need to know it and who have a legal obligation to keep it confidential. The Recipient will ensure that its Representatives are subject to no less restrictive confidentiality obligations than those herein. Notwithstanding the foregoing, the Recipient may disclose the Discloser’s Confidential Information: (a) if directed by Discloser; or (b) to the extent required by applicable legal process, provided that the Recipient uses commercially reasonable efforts to (i) promptly notify the Discloser in advance, to the extent permitted by law, and (ii) comply with the Discloser’s reasonable requests regarding its efforts to oppose the disclosure. With respect to each Order, the obligations set forth herein will survive for the duration of the Order Term and five years following the expiration or termination of such Order.

6. Warranties.

6.1. Mutual Warranties. Each party represents and warrants to the other that: (a) this Agreement has been duly executed and delivered and constitutes a valid and binding agreement enforceable against the executing party in accordance with its terms; and (b) the execution, delivery, and performance of this Agreement by the executing party does not violate the laws of any jurisdiction or the terms or conditions of any other agreement to which it is a party or by which it is otherwise bound or require authorization or approval from any third party.

6.2. Figma Warranties. Figma represents and warrants to Customer during the applicable Order Term that: (a) Figma will provide access to the Figma Platform and related support services in substantive conformity with the Documentation; and (b) Figma will use commercially reasonable efforts to ensure the Figma Platform does not contain software viruses, Trojan horses, worms, or other destructive program or code.

6.3. DISCLAIMER. EXCEPT FOR THE EXPRESS REPRESENTATIONS AND WARRANTIES STATED IN THIS SECTION 6, THE PARTIES MAKE NO REPRESENTATION OR WARRANTY OF ANY KIND WHETHER EXPRESS, IMPLIED (EITHER IN FACT OR BY OPERATION OF LAW), OR STATUTORY, AS TO ANY MATTER WHATSOEVER RELATING TO THIS AGREEMENT. FIGMA EXPRESSLY DISCLAIMS ALL IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, QUALITY, ACCURACY, TITLE, AND NON-INFRINGEMENT. NON-FIGMA RESOURCES ARE PROVIDED BY THIRD PARTIES, NOT FIGMA. FIGMA DOES NOT WARRANT, SUPPORT, NOR ACCEPT RESPONSIBILITY OF ANY KIND FOR NON-FIGMA RESOURCES.

7. Indemnity.

7.1. Indemnification by Figma.

7.1.1. Subject to the limitations in this Section 7, Figma will indemnify, defend, and hold Customer harmless from any costs, liabilities, damages or other amounts actually paid or payable to unaffiliated third parties (including reasonable attorneys’ fees) in connection with any third party claim, action, suit, or demand (each, a “Claim”) to the extent that such Claim is based on an allegation that the Figma Platform violates, infringes, or misappropriates any third-party copyright, trade secret, or trademark.

7.1.2. Figma will have no obligation to indemnify Customer for any Claim to the extent it is based on: (a) Customer’s failure to use updates or modifications to the Figma Platform that Figma makes available to Customer that would have helped avoid or mitigate the Claim; (b) the combination, operation, or use of the Figma Platform with third-party equipment, devices, software, systems, or data, including Non-Figma Resources (subparts (a)-(b) are collectively “Indemnity Exclusions”).

7.1.3. If Customer’s use of the Figma Platform is, or in Figma’s reasonable opinion is likely to be, subject to a Claim, Figma may, at Figma’s sole option and at no charge to Customer (and in addition to Figma’s indemnity obligation to Customer): (a) procure for Customer the right to continue using the Figma Platform; (b) replace or modify the Figma Platform so that it is non-infringing and include substantially similar functionality as the original Figma Platform; or (c) if options (a) and (b) above are not commercially practicable in Figma’s reasonable estimation, Figma may terminate Customer’s right to use the impacted portion of the Figma Platform and related licenses granted hereunder (in which event, Customer will immediately stop using the impacted portion of the Figma Platform) and provide a pro-rata refund of any unused pre-paid fees for the impacted service as of the date of termination.

7.1.4. THIS SECTION 7.1 SETS FORTH FIGMA’S SOLE AND EXCLUSIVE OBLIGATIONS, AND CUSTOMER’S SOLE AND EXCLUSIVE REMEDIES, WITH RESPECT TO ANY ACTUAL OR ALLEGED INFRINGEMENT OR MISAPPROPRIATION OF ANY THIRD PARTY INTELLECTUAL PROPERTY RIGHT BY THE FIGMA PLATFORM AND ANY OTHER TYPE OF CLAIM SPECIFICALLY COVERED UNDER FIGMA’S INDEMNITY OBLIGATION (IF ANY). NO PARTY TO THIS AGREEMENT WILL BE ENTITLED TO ANY FORM OF IMPLIED OR EQUITABLE INDEMNIFICATION AT ANY TIME, WHETHER BASED ON A THEORY OF CONTRACT, TORTS (INCLUDING NEGLIGENCE), STRICT LIABILITY, OR OTHERWISE, AND ANY RIGHT THERETO IS HEREBY IRREVOCABLY WAIVED AND DISCLAIMED BY EACH OF THE PARTIES.

7.2. Indemnification by Customer. Subject to Section 7.3, Customer will indemnify, defend, and hold Figma harmless from any Claim to the extent that it is based on: (a) use of the Figma Platform by Customer or Customer’s Authorized Users other than as expressly authorized by this Agreement; (b) Customer Materials; or (c) an Indemnity Exclusion.

7.3. Process. If a party entitled to indemnification (the “Indemnified Party”) becomes aware of any indemnifiable Claim, such party will give the other party (the “Indemnifying Party”) notice of such Claim as soon as reasonably practicable. The Indemnified Party will cooperate, at the expense of the Indemnifying Party, with the Indemnifying Party and its counsel in the defense or settlement of the Claim, and will allow the Indemnifying Party to have sole control of the defense or settlement. Subject to the prior sentence, the Indemnified Party will have the right to participate fully, at its own expense, in the defense of such Claim. Any compromise or settlement of a Claim requiring the Indemnified Party to admit liability or to pay any money will require the prior written consent of both parties, such consent not to be unreasonably withheld or delayed. The indemnity obligations of the Indemnifying Party will be contingent on the Indemnified Party’s compliance with this process.

8. Limitations of Liability.

8.1. Limitation on Indirect Liability. EXCEPT FOR CLAIMS ARISING OUT OF EITHER PARTY’S WILLFUL MISCONDUCT OR GROSS NEGLIGENCE (THE “LIMITATION EXCEPTION”), UNDER NO CIRCUMSTANCES, AND UNDER NO LEGAL THEORY (WHETHER IN CONTRACT, TORT (INCLUDING NEGLIGENCE), WARRANTY, OR OTHERWISE), WILL EITHER PARTY OR ITS AFFILIATES, CONTRACTORS, EMPLOYEES, AGENTS, OR THIRD-PARTY PARTNERS, LICENSORS, OR SUPPLIERS, BE LIABLE FOR ANY SPECIAL, INDIRECT, INCIDENTAL, CONSEQUENTIAL, OR EXEMPLARY DAMAGES (INCLUDING LOSS OF PROFITS, DATA, OR USE OR COST OF COVER) ARISING OUT OF OR RELATING TO THIS AGREEMENT OR THE USE OF OR THE INABILITY TO USE THE FIGMA PLATFORM, EVEN IF SUCH PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

8.2. Limitation on Amount of Liability. EXCEPT FOR THE LIMITATION EXCEPTION, UNDER NO CIRCUMSTANCES, AND UNDER NO LEGAL THEORY (WHETHER IN CONTRACT, TORT (INCLUDING NEGLIGENCE), WARRANTY, OR OTHERWISE), WILL THE TOTAL LIABILITY OF EITHER PARTY OR ITS AFFILIATES, CONTRACTORS, EMPLOYEES, AGENTS, OR THIRD-PARTY PARTNERS, LICENSORS, OR SUPPLIERS FOR ANY AND ALL DAMAGES, LOSSES, AND CAUSES OF ACTION ARISING OUT OF OR RELATING TO THIS AGREEMENT OR THE USE OF OR THE INABILITY TO USE THE FIGMA PLATFORM, EXCEED, IN THE AGGREGATE, THE FEES PAID AND PAYABLE TO FIGMA IN THE TWELVE-MONTH PERIOD PRIOR TO THE DATE ON WHICH THE DAMAGE OCCURRED.

8.3. IN GENERAL. EACH PROVISION OF THIS AGREEMENT THAT PROVIDES FOR A LIMITATION OF LIABILITY, DISCLAIMER OF WARRANTIES, OR EXCLUSION OF DAMAGES IS TO ALLOCATE THE RISKS OF THIS AGREEMENT BETWEEN THE PARTIES. THIS ALLOCATION IS REFLECTED IN THE PRICING OFFERED BY FIGMA TO CUSTOMER AND IS AN ESSENTIAL ELEMENT OF THE BASIS OF THE BARGAIN BETWEEN THE PARTIES. EACH OF THESE PROVISIONS IS SEVERABLE AND INDEPENDENT OF ALL OTHER PROVISIONS OF THIS AGREEMENT. THE LIMITATIONS IN THIS SECTION 8 WILL APPLY TO THE MAXIMUM EXTENT NOT PROHIBITED BY LAW AND NOTWITHSTANDING THE FAILURE OF ESSENTIAL PURPOSE OF ANY LIMITED REMEDY IN THIS AGREEMENT.

9. Term.

9.1. Term. The term of this Agreement will commence on the Subscription Start Date of the first Order entered into between the parties and will continue until all Orders hereunder expire or until terminated in accordance with this Agreement, whichever happens first.

9.2. Termination for Material Breach. Either party may terminate an Order, upon written notice to the other party, if the other party materially breaches such Order and such breach is incapable of cure, or with respect to a breach capable of cure, the breaching party does not cure such breach within 30 days of receiving notice of it. Either party may terminate or suspend this Agreement or any part of it immediately upon written notice to the other party without a cure period if the other party breaches any of the terms of this Agreement relating to such party’s intellectual property rights or Confidential Information.

9.3. Independent Orders. Termination of this Agreement will result in termination of all ongoing Orders; however, termination of a single Order will not result in termination of this Agreement or any other ongoing Orders.

9.4. Post Termination. Upon any termination, Figma will make all Customer Materials then held by Figma pursuant to the applicable Order available to Customer for electronic retrieval for a period of 30 days, but thereafter Figma will delete any stored Customer Materials. The following sections of this Agreement will survive any expiration or termination of this Agreement: 1, 2, 4, 5, 6.3, and 7-10.

10. Miscellaneous.

10.1. Affiliates. A Customer Affiliate may enter into an Order under this Agreement and, in such case, by entering into the Order, the Affiliate agrees to be bound by the terms and conditions of this Agreement with respect to such Order and such Affiliate will be considered to be Customer, as such term is used herein, with respect to such Order.

10.2. Community. Figma’s Community Terms (available at www.figma.com/community-terms/) apply to any use by Customer or its Authorized Users of www.figma.com/community or such successor site  that is designated by Figma.

10.3. Development Resources.  Figma’s Developer Terms (available at www.figma.com/developer-terms/) apply to any use by Customer or its Authorized Users of Figma’s Application Programming Interfaces (APIs), Software Development Kits (SDKs), and related documentation.

10.4. Ownership. As between the parties, Figma owns all right, title, and interest in the Figma Platform, and Customer owns all right, title, and interest in the Customer Materials. Except as expressly set forth in this Agreement, each party retains all right, title, and interest in and to its intellectual property rights. All rights not expressly granted are reserved, and no license, covenant, immunity, transfer, authorization, or other right will be implied, by reason of statute, estoppel, or otherwise, under this Agreement.

10.5. Force Majeure. A party will not be liable for, or be considered to be in breach of or default under this Agreement on account of, any delay or failure to perform as required by this Agreement as a result of any cause or condition beyond such party’s reasonable control, so long as such party uses all commercially reasonable efforts to avoid or remove those causes of non-performance.

10.6. Feedback; Use Rights. To the extent that Customer gives Figma feedback, comments, or suggestions concerning the Figma Platform or other services provided by Figma (collectively, “Feedback”), Customer hereby grants Figma a worldwide, perpetual, non-exclusive, irrevocable, royalty-free, fully-paid license to use and exploit the Feedback without payment, attribution, or restriction. The portions of Feedback that are about the Figma Platform and do not identify Customer will not be considered Customer’s Confidential Information. Additionally, Figma will have the right to collect and analyze data and other information relating to the provision, use, and performance of various aspects of the Figma Platform, and related systems and technologies, and Figma will be free (during and after the Order Term) to use such data and information in a de-identified and aggregated form to maintain, improve, and enhance Figma’s products and services.

10.7. Publicity. Figma may publicly list Customer as a customer of Figma and use Customer’s trademark, trade name, and logo (collectively, “Marks”) for marketing or promotional purposes. Figma will comply with any Customer branding guidelines provided by Customer from time to time, and any goodwill that accrues in Customer’s Marks from use by Figma in accordance with this Section will inure exclusively to Customer.

10.8. Notices. All notices, requests, consents, claims, demands, waivers, and other communications under this Agreement (each, a “Notice”) must be in writing (electronic mail sufficient) and sent to: Figma: Contact identified in the Order With a copy to: legal@figma.com Customer: Contact identified in the Order

10.9. Severability. The invalidity or unenforceability of any provision of this Agreement will not affect the validity or enforceability of any other provision hereof and it is the intent and agreement of the parties that this Agreement will be deemed amended by modifying such provision to the extent necessary to render it valid, legal, and enforceable while preserving its intent or, if such modification is not possible, by substituting another provision that is legal and enforceable and that achieves the same objective.

10.10. Assignment. This Agreement is not assignable or transferable by either party without the other party’s prior written consent, except that either party may (without the other party’s prior written consent) assign this Agreement, in whole, in connection with a merger, acquisition, corporate reorganization, or sale of all or substantially all of such party’s assets.

10.11. Service Providers. For the avoidance of doubt, Figma may engage third parties as service providers to the Figma Platform (for example, as of the date of this Agreement, Figma hosts the Figma Platform on Amazon Web Services).

10.12. No Partnership. No agency, partnership, joint venture, or employment is created as a result of this Agreement, and neither party has any authority of any kind to bind the other party in any respect whatsoever.

10.13. Governing Law. This Agreement will be governed by the laws of the State of California without regard to its conflict of laws provisions. The United Nations Convention on Contracts for the International Sale of Goods is specifically disclaimed.

10.14. Dispute Resolution. Any dispute, controversy, or claim arising out of or relating to this Agreement or to a breach thereof, including its interpretation, performance, or termination, will be finally resolved by arbitration in San Francisco, California, using the English language in accordance with the Arbitration Rules and Procedures of JAMS then in effect, by one or more commercial arbitrators with substantial experience in resolving complex commercial contract disputes involving software and technology, who may or may not be selected from the appropriate list of JAMS arbitrators. If the parties cannot agree upon the number and identity of the arbitrators within 15 days following the Arbitration Date, then a single arbitrator will be selected on an expedited basis in accordance with the Arbitration Rules and Procedures of JAMS. The prevailing party in the arbitration will be entitled to receive reimbursement of its reasonable expenses (including reasonable attorneys’ fees, expert witness fees and all other expenses) incurred in connection therewith. Notwithstanding the foregoing, each party will have the right to institute an action in a court of proper jurisdiction for injunctive or other equitable relief. For all purposes of this paragraph the sole jurisdiction and venue for actions related to the subject matter hereof will be the state and U.S. federal courts located in San Francisco, California, and both parties consent to the jurisdiction of such courts. BY ENTERING INTO THESE TERMS, CUSTOMER AND FIGMA ARE EACH WAIVING THE RIGHT TO TRIAL BY JURY.

10.15. Interpretation. Whenever the words “including,” “include,” or “includes” are used herein, they will be deemed to be followed by the phrase “without limitation.”

10.16. Beta Features. Product features clearly identified as Alpha or Beta features (collectively “Early Access Features”) made available by Figma are provided to Customer for testing purposes only, and Figma does not make any commitment to provide Early Access Features in any future versions of the Figma Platform. Customer is not obligated to use Early Access Features. Figma may immediately and without notice remove Early Access Features for any reason without liability to Customer. Notwithstanding anything to the contrary in the Agreement, all Early Access Features are provided "AS IS" without warranty of any kind and without any performance obligations.

10.17. Entire Agreement This Agreement supersedes all other agreements between the parties relating to its subject matter. In the event of any conflict among any Orders and this Agreement, the order of precedence will be (a) this Agreement, and (b) the Orders (from newest to oldest), unless such Order explicitly overrides this Agreement.

Exhibit A – Definitions

1. Defined Terms.The following capitalized terms will have the meanings set forth below:

a. "Affiliate” means, with respect to any entity, any other entity that, directly or indirectly through one or more intermediaries, is controlled by such entity, and the term “controlled by” means the possession, directly or indirectly, of the power to direct or cause the direction of the management and policies of such entity, whether through ownership of voting securities, by contract or otherwise.

b. “Authorized Users” means employees, contractors, and other persons associated with the Customer or its Affiliates who access or use the Figma Platform through the Customer’s account.

c. “Customer” means the person or entity (other than Figma) that has agreed to be bound by this Agreement.

d. “Customer Materials” means any application(s) and/or material(s) that are developed by Customer on the Figma Platform or uploaded to the Figma Platform by Customer.

e. “Documentation” means Figma-provided documentation available at https://help.figma.com/hc/en-us or such successor link identified by Figma.

f. “Figma”, “we” or “us” means Figma, Inc.

g. “Figma Platform” means the Figma offering identified in an Order, including any updates, enhancements, or improvements thereto and related Documentation, but, for the avoidance of doubt, excludes www.figma.com/community and all Non-Figma Resources.

h. “Non-Figma Resources” means any application(s) and/or material(s) that are developed by a party outside of Figma’s organization, including design files, plugins, component libraries, and code components.

i. “Order” means an ordering document or online order that is entered into between Customer and Figma and specifies, among other things, details relating to the number of Authorized Users.

j. “Order Term” means the subscription term length set forth in the applicable Order.

k. “Territory” means worldwide with the exception of countries that are embargoed or designated as supporting terrorist activities by the United States Government.

Exhibit B – Service Terms

1. Use Restrictions. Except as otherwise expressly authorized in this Agreement, Customer will not, will ensure its Authorized Users do not, and will not encourage or assist third parties to:

a. rent, lease, distribute, sell, transfer,or otherwise permit third parties to use the Figma Platform;

b. circumvent or disable any security or other technological features or measures of the Figma Platform;

c. reverse engineer, decompile, disassemble, or otherwise attempt to discover the source code, object code, or underlying structure, ideas, know-how, or algorithms relevant to the Figma Platform (except to the extent that such a restriction is impermissible under applicable law);

d. reproduce, modify, adapt, or create derivative works based on the Figma Platform;

e. remove any proprietary notices or labels from the Figma Platform;

f. use the Figma Platform to build competitive products or services or otherwise compete with Figma or its Affiliates;

g. upload or publish to the Figma Platform any data subject to specific governmental regulation, such as Sensitive Data as defined under GDPR, medical information, financial information, or government identifiers;

h. upload or publish to the Figma Platform (or otherwise use the Figma Platform to develop) any Customer Material that: (i) is fraudulent, false, misleading, or deceptive; (ii) is defamatory, obscene, pornographic, vulgar, or offensive; (iii) promotes discrimination, bigotry, racism, hatred, harassment, or harm against any individual or group; (iv) is violent or threatening or promotes violence or actions that are threatening to any person or entity; (v) promotes illegal or harmful activities or substances; or (vi) otherwise violates any of Figma’s acceptable use policies or community guidelines;

i. upload or publish to the Figma Platform anything that does or would violate the intellectual property rights of others;

j. access or use the Figma Platform in a manner intended to avoid incurring fees;

k. use the Figma Platform other than in compliance with the Documentation and applicable laws and regulations; or

l. upload to the Figma Platform or use the Figma Platform to transmit or store any software viruses, Trojan horses, worms, or other destructive program or code.

In the event that Customer violates any of the foregoing restrictions in this Section 1, Figma reserves the right to suspend Customer’s use of the Figma Platform until Customer ceases such violation.

2. Authorized Users; Accounts. As part of the registration process, Customer will identify an administrative username and password for Customer’s Figma account. Customer represents and warrants that all registration information, including with respect to Customer’s domains, Customer provides is truthful, accurate, and complete, and that Customer will maintain the accuracy of such information. Customer is responsible and liable for maintaining control over Customer’s account, including the confidentiality of Customer’s username and password, and is responsible and liable for all activities that occur on or through Customer’s Account and all Authorized Users’ accounts, whether authorized by Customer or not.

Exhibit C – Figma Security Standards

1. Information Security Program. Figma will maintain a written information security program designed to (a) identify and help protect against reasonably foreseeable internal and external threats that could result in the unauthorized disclosure, misuse, alteration, or destruction of Customer Materials and (b) minimize security risks, including through risk assessment and regular testing. The information security program will include the following measures:

a. Administrative Safeguards:

i. SOC 2 Type 2 certification during the Term;

ii. A written information security program that details administrative, technical, and physical safeguards;

iii. A dedicated, independent security team responsible for Figma’s information security program;

iv. To the extent legally permissible and practicable in the applicable jurisdiction, pre-employment or pre-engagement screening on employees and contractors who have access to Customer Materials;

v. A requirement for all Figma employees and contractors to agree to a confidentiality agreement as a condition of employment or engagement and to follow policies on the protection of confidential information and information security procedures;

vi. Mandatory training for Figma employees and contractors, at least annually, on privacy and information security awareness. These trainings are reviewed and updated annually; and

vii. A Code of Conduct and disciplinary process that is used when Figma employees or contractors violate Figma’s security or privacy policies.

b. Physical Safeguards: Access ID cards, card readers, front desk officers, alarm systems, video surveillance, and exterior security for leased or owned offices and facilities.

c. Technical Safeguards:

i. Logical access to Figma systems and data that process Customer Materials are based on the principle of least privilege and designed to ensure that persons entitled to use such a data processing system have access only to the data to which they have a business need;

ii. Data handling control measures designed to ensure that the Customer Materials cannot be read, copied, modified, or removed without authorization during electronic transmission, transport, or storage on data media. In particular, Figma’s information security program will be designed to encrypt Customer Materials in-transit and at rest as appropriate.

iii. Data entry control measures designed to ensure Figma can check and establish whether and by whom the Customer Materials have been input into data processing systems, modified, or removed;

iv. Sub-processor supervision measures designed to ensure that Customer Materials are processed strictly in accordance with the Agreement, including measures designed to ensure that:

1. Customer Materials are protected from accidental destruction or loss, including data backup, retention, and secure destruction policies; secure offsite storage of data sufficient for disaster recovery; uninterrupted power supply and disaster recovery programs; and

2. data collected for different purposes can be processed separately, including physical or adequate logical separation of Customer Materials.

2. Continued Evaluation. Figma will conduct periodic reviews of the security of the Figma Platform and the adequacy of its information security program as measured against industry security standards and its policies and procedures. Figma will regularly evaluate the security of the Figma Platform to determine whether additional or different security measures are required to respond to new security risks or findings generated by the periodic reviews.