Last modified: November 12, 2025


DIGITAL OPERATIONAL RESILIENCE ADDENDUM

This Digital Operational Resilience Addendum (the "Addendum") forms an integral part of the Terms of Use available at https://www.coupler.io/terms-of-use and any incorporated documents, as amended from time to time (the "Terms of Use"), entered into by and between the Customer and Railsware (collectively, the "Parties" and each, a "Party").

This Addendum applies to the Customer’s use of Coupler.io under the Terms of Use to the extent the Customer is a regulated entity subject to applicable regulations, including the Digital Operational Resilience Act (DORA), as further defined below.

1. Definitions

1.1. Applicable Law: Refers to the Digital Operational Resilience Act (DORA), its implementing regulations, and any other laws, rules, or regulatory guidelines applicable to the Customer's digital operational resilience.

1.2. Critical Services: Refers to the services provided by Railsware that are deemed essential to ensuring the Customer’s operational resilience and cybersecurity.

1.3. Resilience Measures: Refers to the processes, practices, and technical or organizational controls implemented by Railsware to comply with DORA and ensure the operational continuity and security of Critical Services.

1.4. Significant Incident: Refers to any cybersecurity breach, Critical Services interruption, or other event that may materially impact the availability, confidentiality, or integrity of Critical Services.

Capitalized terms used but not defined in this Addendum shall have the meanings assigned to them in the Terms of Use.

2. Scope of Addendum

This Addendum governs all Critical Services provided by Railsware to the Customer under the Terms of Use. In the event of any conflict between the provisions of this Addendum and the Terms of Use, the provisions of this Addendum shall prevail, solely to the extent of the conflict.

3. Railsware Obligations

3.1. Operational Resilience

Railsware agrees to implement and maintain appropriate Resilience Measures to ensure the uninterrupted delivery of Critical Services. These measures shall include, but are not limited to:

  • Business Continuity and Disaster Recovery (BCDR) Planning: Comprehensive plans to mitigate service disruptions.
  • Cybersecurity Risk Management: Ongoing risk assessments and management practices to address emerging threats.
  • Regular Testing: Routine testing of systems, controls, and processes to ensure resilience.
  • Incident Response Protocols: Procedures to detect, respond to, and recover from Significant Incidents.

3.2. Reporting Obligations

Railsware shall promptly notify the Customer of any Significant Incident and provide timely updates, including:

  • Nature of the incident.
  • Immediate measures were taken to mitigate the incident.
  • Ongoing steps to prevent recurrence.

4. Testing and Monitoring

4.1. Regular Testing

Railsware shall conduct regular testing of its Resilience Measures, including vulnerability assessments, and other controls, as required by DORA or other Applicable Laws. Upon reasonable written request, Railsware shall provide the Customer with summaries of such assessments.

5. Subcontractors

5.1. Subcontractor List

An up-to-date list of Railsware subcontractors and their locations is available at https://www.coupler.io/privacy-policy and https://www.coupler.io/dpa. This list will be maintained and updated as necessary.

6. Recordkeeping and Audits

6.1. Record Maintenance

Railsware shall maintain comprehensive records of all activities, controls, and incidents related to the delivery of Critical Services.

6.2. Customer Audits

Railsware agrees to cooperate with reasonable audit requests from the Customer to verify compliance with this Addendum and DORA. Audits shall:

  • Be conducted no more than once annually, except in the event of a Significant Incident or regulatory requirement.
  • Be carried out with reasonable notice, but no less than 30 (thirty) calendar days prior to the desirable date of audit, and during standard business hours of Railsware.
  • Be subject to appropriate confidentiality obligations.

Audit costs shall be borne by the Customer unless otherwise agreed in writing.

7. Incident Reporting and Response

7.1. Significant Incident Notification

Railsware shall promptly notify the Customer in writing upon identifying any Significant Incident.

7.2. Collaboration

Railsware shall work collaboratively with the Customer to address and resolve any Significant Incident.

8. Termination Rights

8.1. Termination for Material Breach

The Customer may terminate the Terms of Use or any Critical Services governed by this Addendum if Railsware or any its subcontractors or sub-processors materially breaches its obligations under this Addendum and fails to remedy such breach within thirty (30) days of receiving written notice.

9. Limitation of Liability

In no event, the total liability of Railsware under this Addendum shall not exceed the liability cap set forth in the Terms of Use.

10. Governing Law and Dispute Resolution

This Addendum shall be governed by and construed in accordance with the governing law specified in the Terms of Use. Disputes arising from this Addendum shall be resolved in accordance with the dispute resolution provisions of the Terms of Use.

11. Miscellaneous

11.1. Amendments

Amendment to this Addendum may be made by signing the updated version by Railsware and the Customer.

11.2. Severability

If any provision of this Addendum is found to be invalid or unenforceable, the remaining provisions shall remain in full force and effect.

11.3. Entire Agreement

This Addendum, together with the Terms of Use, constitutes the entire agreement between the Parties regarding digital operational resilience.

Coupler.io uses cookies to enhance your browsing experience, analyze traffic and serve targeted ads. By continuing to use our site and application, you agree to our Privacy Policy.