Supplier Artificial Intelligence Policy

This Supplier Artificial Intelligence Policy establishes mandatory requirements for the use of Artificial Intelligence (“AI”) by Suppliers and their Representatives. Dynatrace may update this policy from time to time.

Supplier and its Representatives may perform only Approved Training. Additional Training is prohibited unless, prior to such Training:

• Supplier secures Dynatrace’s written permission for the Additional Training; or
• if the Product is configurable to control Additional Training, Supplier has explicitly disclosed the Additional Training in Dynatrace’s supplier questionnaire and Dynatrace has, within the Product, either enabled the Additional Training (if disabled by default) or elected not to disable the Additional Training (if enabled by default).

Supplier must minimize retention of AI prompts, outputs, conversation histories, and other artifacts that contain Dynatrace Data. Requests for permission to performA dditional Training must be submitted to aicouncil@dynatrace.com and include all information reasonably required by Dynatrace to evaluate the request. If granted, permission will be conditioned on Supplier’s ongoing compliance with the Agreement, this policy, and the scope and limitations of such permission. In evaluating requests, Dynatrace may consider, among other factors, Supplier’s AI governance program.

Before providing any Professional Services, Supplier must detail in the Agreement (e.g. in a statement of work or an exhibit):

• all deliverables and material components of the Professional Services or work product that will be developed or performed using AI; and
• the AI (including the version) to be used for such purposes.

All AI outputs that inform material decisions, deliverables, or professional advice must be substantively reviewed and validated by qualified personnel, and such outputs must be disclosed to Dynatrace. If AI is used to support decisions that affect individuals, qualified humans must review and be able to override the AI-based determination.

No Offering may include, or be performed using, AI that collects, processes, or infers any Dynatrace Data constituting biometric data under any applicable law.

All confidentiality, security, and data processing obligations set forth in the Agreement apply to Supplier’s and its Representatives’ AI-enabled processing of Dynatrace Data in any manner (e.g. through prompts, conversation histories, RAG stores, model memory, or similar mechanisms), and compliance with all applicable laws includes compliance with applicable AI laws and regulations.

“Additional Training” means Training that exceeds the scope of Approved Training.

“Agreement” means the agreement pursuant to which Supplier will provide any Offerings.

“Approved Training” means Training that is performed only for the exclusive benefit of, and only to the extent needed to provide Offerings to, Dynatrace and its Representatives.

“Artificial Intelligence” or “AI” means any service or system that utilizes or relies on deep learning, diffusion or other foundation models, neural networks, reinforcement, or machine learning, or any other capability that, based on inputs and the application of learning or other cognitive process, produces outputs or behaviors.

“Custom Model” means any model, program, or algorithm used with AI and trained on, or developed with, Dynatrace Data.

“Dynatrace” means Dynatrace LLC and its affiliates.

“Dynatrace Data” means all data provided by or collected from Dynatrace or any of its Representatives during account creation or the provision or use of Offerings, including but not limited to all personal and telemetry data and all Custom Models.

“Offering” means any Product or Professional Service.

“Product” means any software, SaaS, hardware, or other product provided by Supplier to Dynatrace or its Representatives.

“Professional Service” means any development, consulting, legal, implementation, or support or other service performed by Supplier for Dynatrace or its Representatives, whether as a standalone Offering or in conjunction with a Product.

“Representatives” means the officers, directors, employees, agents, contractors, service providers, sub-processors, and consultants of Dynatrace or Supplier (and, in each case, of its affiliates).

“Supplier” has the same meaning as set forth in Dynatrace’s Supplier Code of Conduct .

“Supplier Security Policy” means Dynatrace’s Supplier Security Policy or, if different, the supplier security policy that Dynatrace and Supplier have agreed is applicable to Offerings.

“Training” means any activity involving access to, or collection or use of, Dynatrace Data to create Custom Models, or to train, re-train, or fine-tune any AI.