Cyberfish Terms of Use

Last Updated: April 27, 2021

We are excited You are ordering Cyberfish! Please read on to understand the terms that govern Your use of and access to the Cyberfish services (the “Services”). As used herein, “You” or “Your" refers to the business, government or entity ordering and accessing the Services. “We”, “Us”, or “Our” refers to Cofense Cyberfish Ltd. We or You may be referred to individually as a “Party,” or collectively as the “Parties.”

Access to the Services for Your own internal use will be governed by the CUSTOMER TERMS OF USE (the “Customer Agreement”). Access to the Services to provide managed security services to third party end customers (where You have been authorized to do so by Us) will be governed by the MSSP SERVICES TERMS OF USE (the “MSSP Agreement”).

PLEASE NOTE THE CUSTOMER AGREEMENT AND/OR MSSP AGREEMENT, AS APPLICABLE, GOVERNS ACCESS TO THE SERVICES PROVIDED BY US UNLESS YOU (OR THE BUSINESS, GOVERNMENT OR ENTITY YOU REPRESENT) HAVE EXECUTED A SEPARATE WRITTEN AGREEMENT WITH US GOVERNING SUCH SERVICES. PLEASE READ THESE ACCEPTANCE TERMS AND THE APPLICABLE CUSTOMER AGREEMENT AND/OR MSSP AGREEMENT CAREFULLY. CLICKING ON THE “YES” OR “I ACCEPT” BUTTON (OR OTHER BUTTON OR MECHANISM DESIGNED TO ACKNOWLEDGE AGREEMENT TO THE TERMS OF THESE AGREEMENTS) OR ACCESSING OR USING THE SERVICES CONSTITUTES ACCEPTANCE OF THE CUSTOMER AGREEMENT AND/OR MSSP AGREEMENT, AS APPLICABLE. WITHOUT LIMITING THE FOREGOING, YOU ACKNOWLEDGE THAT YOUR SUBMISSION OF AN ORDER AND/OR ORDER FORM FOR THE SERVICES CONSTITUTES AN ACCEPTANCE OF THE CUSTOMER AGREEMENT AND/OR MSSP AGREEMENT, AS APPLICABLE, AND THAT ALL FUTURE ORDERS FOR THE SERVICES FOLLOWING YOUR ACCEPTANCE OF THE APPLICABLE AGREEMENT WILL BE GOVERNED BY THE TERMS OF THE APPLICBLE AGREEMENT.

IF YOU AGREE TO THE CUSTOMER AGREEMENT AND/OR MSSP AGREEMENT ON BEHALF OF A BUSINESS, GOVERNMENT, OR OTHER ENTITY, YOU REPRESENT AND WARRANT THAT YOU HAVE THE POWER AND AUTHORITY TO BIND SUCH BUSINESS, GOVERNMENT, OR OTHER ENTITY TO THE AGREEMENT, AND YOUR AGREEMENT TO THESE APPLICABLE TERMS WILL BE TREATED AS THE AGREEMENT OF SUCH BUSINESS, GOVERNMENT, OR OTHER ENTITY.

IF YOU ARE UNWILLING TO AGREE TO THE CUSTOMER AGREEMENT AND/OR MSSP AGREEMENT, AS APPLICBLE, OR YOU DO NOT HAVE THE RIGHT, POWER AND AUTHORITY TO ACT ON BEHALF OF AND BIND SUCH BUSINESS, GOVERNMENT, OR OTHER ENTITY TO THESE AGREEMENTS, DO NOT CLICK ON THE BUTTON AND DO NOT ACCESS, OR OTHERWISE USE THE SERVICES.

IF YOU RECEIVE THE SERVICES THROUGH ONE OF OUR AUTHORIZED RESELLERS, PARTNERS OR DISTRIBUTORS (COLLECTIVELY, “AUTHORIZED PARTNER”), ALL FEES AND OTHER PROCUREMENT AND DELIVERY TERMS WILL BE AGREED BETWEEN YOU AND THE AUTHORIZED PARTNER; HOWEVER, THE TERMS SET FORTH IN THE APPLICABLE CUSTOMER AGREEMENT AND/OR MSSP AGREEMENT REGARDING YOUR USE OF THE SERVICES REMAIN APPLICABLE. FOR CLARIFICATION, YOUR AGREEMENT WITH THE AUTHORIZED PARTNER IS BETWEEN YOU AND THE AUTHORIZED PARTNER ONLY AND SUCH AGREEMENT IS NOT BINDING ON US.

IF YOU DO NOT AGREE TO ALL OF THE FOLLOWING, YOU MAY NOT USE OR ACCESS THE SERVICES IN ANY MANNER.

THE CUSTOMER AGREEMENT OR MSSP AGREEMENT MAY NEED TO CHANGE ALONG WITH THE SERVICES. WE RESERVE THE RIGHT TO CHANGE THE APPLICABLE AGREEMENT AT ANY TIME, BUT IF WE DO, WE WILL BRING IT TO YOUR ATTENTION BY PLACING A NOTICE ON OUR WEBSITE, AND/OR BY SENDING YOU AN EMAIL, AND/OR BY SOME OTHER MEANS. WE FURTHER RESERVE THE RIGHT TO MODIFY THE SERVICES AT ANY TIME WITHOUT NOTICE TO YOU.

IF YOU DON’T AGREE WITH THE CHANGES TO THE APPLICABLE AGREEMENT, YOU ARE FREE TO REJECT IT; UNFORTUNATELY, THAT MEANS YOU WILL NO LONGER BE ABLE TO USE THE SERVICES. IF YOU USE THE SERVICES IN ANY WAY AFTER A CHANGE TO THE APPLICABLE AGREEMENT IS EFFECTIVE, THAT MEANS YOU AGREE TO ALL OF THE CHANGES.

ALL OF THE DEFINED TERMS USED ABOVE ARE HEREBY INCORPORATED INTO THE CUSTOMER AGREEMENT AND MSSP AGREEMENT.

CUSTOMER TERMS OF USE

Where You are ordering the Services for Your own internal use, the terms of the following Customer Agreement apply.

  1. Definitions

“Authorized Users” means Your authorized employees, agents or independent contractors with an assigned unique email address (i) who may access the Services; and/or (ii) whose email accounts are being used with the Services. 

Customer Data” means the information submitted or provided by You and Your Authorized Users for use with the Services.

Our IP” means all of Our proprietary materials, including without limitation, the Services, Our Confidential Information, APIs, software, threat intelligence and threat indicators, intelligence alerts and reports, and/or investigation tools, Aggregate Data, Documentation, proprietary processes and methods, and any of Our templates and/or forms.

Documentation” means the Services user manuals provided by Us to Our customers (which may be in electronic format), as amended from time to time by Us.

Intellectual Property Rights” means copyrights (including, without limitation, the exclusive right to use, reproduce, modify, distribute, publicly display and publicly perform the copyrighted work), trademark rights (including, without limitation, trade names, trademarks, service marks, and trade dress), patent rights (including, without limitation, the exclusive right to make, use and sell), trade secrets, moral rights, right of publicity, authors’ rights, contract and licensing rights, goodwill and all other intellectual property rights as may exist now and/or hereafter come into existence and all renewals and extensions thereof.

Order” means (i) a quotation, proposal, or pricing offer issued to You by Us that is signed by both Parties or to which You have confirmed acceptance in writing, (ii) a quotation, proposal, or pricing offer issued by Us to You at the time of the sign-up for an evaluation described in Section 2 of this Customer Agreement, which You will be deemed to have accepted if You do not provide Us notice of cancellation prior to the end of the evaluation period, or (iii) a written purchase order or similar ordering document, signed or submitted by You and accepted by Us, under which You agree to purchase the Services. It is agreed that all Orders for the Services will incorporate the terms of this Customer Agreement, whether expressly referenced or not, and will only be accepted subject to the terms of this Customer Agreement. The terms and conditions of this Customer Agreement will govern all Orders, and any additional or different terms in an Order are deemed void and of no effect unless such additional or different terms are agreed upon by the Parties in writing. For clarity, acceptance by Us of Your purchase order or similar ordering document will not be deemed an acceptance of any conflicting or additional terms and conditions. 

  1. Evaluations

If We provide the Services, along with any other related materials and documentation for Your evaluation purposes, then We grant You a limited, nontransferable, non-assignable, non-sublicensable right to use the Services, subject to the terms of this Customer Agreement and any other limitations communicated to You. You may use the Services for Your own internal evaluation purposes from the date in which You access the Services, until the expiration date We provide You, or, if no expiration date is provided, for a period of up to thirty (30) days from the date of first accessing the Services. If You do not provide Us notice to cancel Your evaluation prior to the expiration of the applicable evaluation period, Your subscription to the Services will automatically begin upon expiration of the evaluation period, subject to and governed by this Customer Agreement, and You will be deemed to have accepted the quotation or proposal provided by Us at the time of the evaluation sign-up, and We will charge You at the pricing stated therein. If You cancel before the end of Your Evaluation, You will not be charged. Your eligibility for a free evaluation offer is determined solely by Us and Your access to any free evaluation offer is provided at Our sole discretion. The Services are provided to You “AS-IS”, and to the extent permitted by applicable law, We disclaim all indemnities and warranties relating to the evaluation, express or implied, including but not limited to any warranties against infringement of third-party rights, merchantability, and fitness for a particular purpose. You acknowledge that the Services are Our intellectual property. At the end of the evaluation period, all evaluation licenses granted herein will automatically terminate and You will delete or return any of Our Confidential Information in Your possession and provide written certification of such destruction or return in writing to Us. You understand that We may disable access to the Services automatically at the end of the evaluation period, without notice to You. This Section will take precedence over any contradictory language in this Customer Agreement as it relates to an evaluation.

  1. Ordering and Services Term

We will provide the Services set forth in Orders pursuant and subject to this Customer Agreement. The term of the Services is specified in the applicable Order or, if no period of time for the Services is specified, for a period of one (1) month from the date in which access to the Services was made available to You (“Initial Services Term”).  Unless otherwise stated on the Order, the Services will automatically renew after its Initial Services Term for additional periods equal in length to the Initial Services Term (each, a “Renewal Services Term” and together with the Initial Services Term, the “Services Term”), unless either Party notifies the other of its intention not to renew the Services at least thirty (30) days prior to the expiration of the then-current Services Term. In the event You add additional Authorized Users during the Services Term, You will be billed for the additional Authorized Users at the pricing set forth in the applicable Order. For the duration of the applicable Services Term set forth in the applicable Order and in accordance with the terms of this Customer Agreement, We grant You a non-exclusive, non-transferable, non-assignable right to access the Services, including the applicable Documentation and Our IP associated with the Services, for Your internal use only. You acknowledge that We have no delivery obligation and will not ship copies of software as part of the Services.

  1. Paying for the Services

You will pay the fees for the Services set forth in the applicable Order and the renewals thereof (“Fees”). All Fees will be fully billed in advance, unless otherwise agreed by the Parties in writing. You may cancel Your Services at any time, but no refunds will be issued for Fees due. Fees are exclusive of all tariffs, duties or taxes imposed or levied by any government or governmental agency, including without limitation, federal, state and local sales, use, value added or other similar taxes (collectively, “Taxes”) and You are responsible for paying all Taxes applicable to the Services. In the event We are obligated to collect and pay indirect Taxes for the Fees, You agree to pay any indirect Taxes that may be added to the payment of any outstanding Fees and will be reflected in the invoice or subsequently invoiced if the Fees were previously paid. You will reimburse Us for any and all expenses incurred by Us so long as such expenses are directly attributable to the Services provided to You. You agree to pay all Fees, in full, within thirty (30) days. If You fail to make any payment when due, then interest at a rate of one and one-half percent (1.5%) per month will accrue on such unpaid, undisputed amounts, calculated from the date the payment was originally due. Credit card payments may incur additional fees.  If You dispute any invoice, You will promptly notify Us of the disputed amount, but in no event later than the date payment is due, with an explanation of the reasons therefor. In the event of non-payment or any action at law or in equity necessary to enforce or interpret the terms of this Customer Agreement for non-payment, You agree to pay all of Our reasonable attorneys’ fees and collection costs and expenses associated with the collection of such debt, to the fullest extent permitted by applicable law.

  1. Using Cyberfish

 

  1. Your log-in to the Services is via the Google or Microsoft Office 365 accounts. We use Google or Microsoft Office 365 permissions granted to Us by You, to provide You the Services.

 

  1. You (i) are responsible for the use of the Services by You and Your Authorized Users in compliance with this Customer Agreement, including any applicable exhibits, addenda, Documentation and applicable laws and government regulations; (ii) are responsible for all activity relating to Your account, including without limitation ensuring that all usernames and passwords for the Services are kept secure and confidential at all times; (iii) are responsible for the accuracy, quality and legality of Your Data, including the lawful use and transmission of Your Data provided by You and Your Authorized Users in connection with the Services; (iv) will obtain all rights, permissions or consents from Authorized Users and other of Your personnel that are necessary to grant the rights and licenses in this Customer Agreement; and (iv) will use commercially reasonable efforts to prevent unauthorized access to or use of Our IP and Services, and will notify Us promptly of such unauthorized use.  

 

  1. You may only designate Authorized User’s email addresses with Internet domain names that You own or are authorized by the Internet domain name owner to use for the purposes contemplated herein. You acknowledge and agree that the maximum number of Authorized Users will not exceed the number of Authorized Users You ordered.

 

  1. You represent, warrant, and agree that You will not submit Customer Data or otherwise use the Services or interact with the Services in a manner that:
  1. Infringes or violates the intellectual property rights or any other rights of anyone
  2. Violates any law or regulation, including any applicable export control laws;
  1. Jeopardizes the security of Your account or anyone else’s (such as allowing someone else to log in to the Services as You);
  2. Attempts, in any manner, to obtain the password, account, or other security information from any other user;
  3. Violates the security of any computer network, or cracks any passwords or security encryption codes;
  1. Copies or stores any significant portion of the Services;
  2. Stores or transmit infringing, libelous, or otherwise unlawful or tortious material, or stores or transmits material in violation of third-party privacy or other rights; and
  3. Decompiles, reverse engineers, or otherwise attempts to obtain the source code or underlying ideas or information of or relating to the Services.

A violation of any of the foregoing is grounds for termination of Your right to use or access the Services.

  1. You may use “Third-Party Products” (as such term is defined in this paragraph) in combination with the Services, provided, however that We do not make any representations and warranties or covenants of any nature or kind with respect to any Third Party Products, nor will We have any liability for any damages that You may directly or indirectly incur or suffer as result of or arising from Your use of any Third Party Product in combination with the Services. You further acknowledge and agree that it is subject to a third party’s respective terms and conditions with respect to the use of any Third-Party Products. “Third-Party Products” means any third-party products authorized by Us and selected by You, for use in combination with the Services. You acknowledge and agree that any data, including personal information, You provide when using the Third-Party Products may be collected, stored, processed and transferred by the applicable third party provider in accordance with that third party provider’s privacy policy and You represent and warrant that You have obtained any required consent by the Authorized Users and any applicable regulatory body to do the foregoing.

 

  1. Termination

 

  1. We may terminate (or suspend access to) Your use of the Services or Your account for any breach of this Customer Agreement. We have the sole right to decide whether You are in violation of any of the restrictions set forth in this Customer Agreement. Account termination may result in deletion of any Customer Data associated with Your account. You may terminate this Customer Agreement if We commit a material breach and fail to remedy such breach within thirty (30) days of being notified by You of such breach (“Cure Period”).

 

  1. If We terminate this Customer Agreement due to Your material breach, We will not refund any amounts to You. If You terminate the Services for Our material breach, You will receive a refund for the remainder of the then-current term for such Services; provided that You will not be entitled to any refund if You are also in breach of the Customer Agreement at the time of such termination. If You terminate the Services other than for Our material breach, You will not receive a refund or credit of any fees already paid or due to Us and, if applicable, all outstanding Services fees will accelerate and become immediately due and payable.

 

  1. Upon termination of the Services for any reason, all access rights and licenses granted herein will immediately terminate.

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      

  1. Confidentiality and Privacy

 

  1. “Confidential Information” means any non-public, confidential, or proprietary information of a disclosing Party (“Discloser”) that should reasonably be understood by the receiving Party (“Recipient”) to be confidential because of (i) legends or other markings; (ii) the circumstances of disclosure; or (iii) the nature of the information, which may be disclosed either directly or indirectly, in writing, visual, orally or by inspection of tangible objects (including without limitation documents, prototypes, samples, products, software, product specifications and white papers) or other means. Confidential Information includes but is not limited to technology and technical information, promotional and marketing activities, inventions, finances and financial plans, customers, business and product plans, know-how, source code, data, algorithms, methods and processes, trade secrets, designs, techniques, analyses, models, strategies and objectives, and any third-party information that Discloser is otherwise obligated to keep confidential.

 

  1. Recipient will: (i) not use any Confidential Information for any purpose except to evaluate and engage in discussions concerning a potential business relationship between the Parties and/or to fulfill its obligations under this Customer Agreement; (ii) use at least the same degree of care as Recipient uses to protect its own confidential information from unauthorized use, access or disclosure, but in no event less than a reasonable degree of care; (iii) limit disclosure of Confidential Information to those persons within Recipient’s organization who have a need to know and who have previously agreed in writing, prior to the receipt of Confidential Information, to be bound by confidentiality obligations similar to those set forth in this Customer Agreement; (iv) not disclose any Confidential Information to third parties without Discloser’s prior written consent; (v) not copy, reverse engineer, disassemble, create any works from, or decompile any prototypes, software or other tangible objects which embody Discloser’s Confidential Information; and (vi) comply with, and obtain all required authorizations arising from, all U.S. and other applicable export control laws or regulations. Any reproduction of Confidential Information requires Discloser’s prior written consent and will remain the property of Discloser. Any reproductions will contain any and all notices of confidentiality contained on the original Confidential Information.

 

  1. The foregoing confidentiality obligations will not apply to information that Recipient can demonstrate: (i) is publicly known and made generally available through no improper action or inaction of Recipient; (ii) was already in the possession of, or known by Recipient prior to the time of disclosure by Discloser through no fault or breach of this Customer Agreement by Recipient; (iii) was rightfully obtained by, or disclosed to, Recipient from a third party without any obligation to maintain the Confidential Information as proprietary or confidential; or (iv) is independently developed by Recipient without use of or reference to Discloser’s Confidential Information. Recipient may disclose Confidential Information to the extent such disclosure is required to comply with applicable law or a valid order or requirement of a governmental or regulatory agency or court of competent jurisdiction, provided that Recipient (a) restricts such disclosure to the maximum extent legally permissible; (b) notifies Discloser as soon as practicable of any such requirement to the extent such provision of prior notice is permitted by applicable law; and (c) that subject to such disclosure, such disclosed materials will in all respects remain subject to the restrictions set forth in this Customer Agreement.

 

  1. Within thirty (30) days of the termination of this Customer Agreement or upon Discloser’s written request, Recipient will promptly, at Recipient’s election, destroy or return all of Discloser’s Confidential Information in Recipient’s possession or in the possession of any representative of Recipient; provided, however, that Recipient will not, in connection with the foregoing obligations, be required to delete Confidential Information held electronically in archive or back-up systems, and such Confidential Information will in all respects remain subject to the restrictions set forth in this Customer Agreement. Upon Discloser’s written request, Recipient will provide a certification, signed by an officer of Recipient, as to the destruction or return of Discloser’s Confidential Information.

 

  1. Discloser retains all right, title and interest to its Confidential Information. Recipient acknowledges that the disclosure of Confidential Information may cause irreparable injury to Discloser. Discloser will, therefore, be entitled to seek injunctive relief upon a disclosure or threatened disclosure of any Confidential Information, without a requirement that Discloser prove irreparable harm and without the posting of a bond. This provision will not in any way limit such other remedies as may be available to Discloser at law or in equity. ALL CONFIDENTIAL INFORMATION IS PROVIDED “AS IS.” DISCLOSER MAKES NO WARRANTIES, EXPRESS, IMPLIED OR OTHERWISE, REGARDING ITS ACCURACY, COMPLETENESS OR PERFORMANCE.

 

  1. You will ensure that: (i) You are entitled to transfer any relevant personal data to Us so that We may lawfully use, process and transfer the personal data on Your behalf and in accordance with this Customer Agreement; and (ii) the relevant third parties have been informed of, and have given their consent to, such use, processing, and transfer as required by all applicable data protection laws. You represent and warrant that You have obtained all necessary rights, permissions, or consents from Authorized Users and any applicable regulatory body prior to using the Services to comply with applicable laws and regulations, including, without limitation, the EU General Data Protection Regulation 2016/679, the Wiretap Act 1979 of the State of Israel, and the Protection of Privacy Regulations (Information Security) 2017 of the State of Israel. We will process personal information in connection with the use of the Services in accordance with the Privacy Policy, available at https://Cyberfish.io/privacy (“Privacy Policy”).

 

  1. We will: (i) process personal data in compliance with and subject to this Customer Agreement and any lawful and reasonable instructions received from You that are consistent with this Customer Agreement; (ii) not use or process or permit any of Our subcontractors to use or process, any personal data except to the extent necessary to perform Our obligations under this Customer Agreement; (iii) implement and maintain adequate and reasonable technical and organizational safeguards designed to protect against the unauthorized or accidental access, loss, alteration, disclosure or destruction of personal data in Our possession or control; (iv) ensure that we have appropriate procedures in place designed to comply with applicable data protection laws and will take all reasonable steps to ensure that persons employed by Us, and other persons engaged Our place of work, comply with applicable data privacy laws and regulations.

 

  1. We may process or otherwise transfer personal data in or to any country outside the European Economic Area or any country not deemed adequate by the European Commission pursuant to applicable data protection laws to the extent necessary for the provision of the Services. If required, We will enter into the EU Standard Contractual Clauses as approved by the European Commission for ensuring an adequate level of data protection in respect of the personal data that will be processed or transferred.

 

  1. We will not sell, process, retain, disclose, or use (i) for a commercial purpose or (ii) outside of the direct business relationship between the Parties, any Customer Data that, under the California Consumer Privacy Act (“CCPA”) constitutes “personal information” (“CA Personal Information”), except to provide the Services or as permitted by CCPA. Notwithstanding anything in this Customer Agreement, the Parties acknowledge and agree that Our access to CA Personal Information or any other Customer Data does not constitute part of the consideration exchanged by the Parties in respect of this Customer Agreement.

 

  1. Intellectual Property

 

  1. Intellectual Property Rights in Our IP belong exclusively to Us or Our licensors. You acknowledge and agree that You will not (and will not allow any third party), in whole or in part, to directly or indirectly: (i) disassemble,  decompile, reverse compile, reverse engineer or attempt to discover any source code or underlying ideas or algorithms of any of Our IP (except to the limited extent that applicable law prohibits reverse engineering restrictions solely for interoperability purposes), (ii) sell, resell,  distribute, sublicense or otherwise transfer, Our IP, or make the functionality of Our IP available to any other party through any means (unless We have provided prior written consent), or (iii) reproduce, alter,  modify or create derivatives of Our IP (unless as expressly permitted in this Customer Agreement). You will maintain the copyright notice and any other notices that appear on Our IP, including any interfaces related to the Services.

 

  1. You acknowledge and agree that You will not (and will not allow any third party), in whole or in part, to directly or indirectly: (i) disassemble, decompile, reverse compile, reverse engineer or attempt to discover any source code or underlying ideas or algorithms of any of Our IP (except to the limited extent that applicable law prohibits reverse engineering restrictions solely for interoperability purposes), (ii) sell, resell,  distribute, sublicense or otherwise transfer Our IP, or make the functionality of Our IP available to any other party through any means (unless We have provided prior written consent), or (iii) reproduce, alter,  modify or create derivatives of Our IP (unless as expressly permitted in this Customer Agreement). You will maintain the copyright notice and any other notices that appear on Our IP, including any interfaces related to the Services.

 

  1. We own all Intellectual Property Rights in and to Aggregate Data, and may use, reproduce, sell, publicize or otherwise exploit Aggregate Data in any way, in Our sole discretion. “Aggregate Data” refers to Customer Data that is de-identified (stripped of any information used to identify You, including personal data). Aggregate Data will also include statistical information related to the use and performance of the Services, provided that such statistical information is de-identified. You grant to Us a worldwide, perpetual, irrevocable, royalty-free, fully paid-up license to use and exploit any suggestion, enhancement request, recommendation, correction or other feedback (“Feedback”) provided by You or Your Authorized Users relating to the Services. Feedback will not include Confidential Information.

 

  1. We acknowledge that You own all right, title, and interest in and to Customer Data (excluding Aggregate Data). You grant to Us the worldwide right to use, access, host, copy, transmit, modify and display Customer Data, as reasonably necessary for Us to perform Our obligations in accordance with this Customer Agreement. We may disclose Customer Data to Our third-party contractors and service providers (including cloud service providers) to the extent necessary to provide the Services in accordance with this Customer Agreement; provided that such third-party contractors and service providers are bound by confidentiality obligations similar to the provisions of this Customer Agreement.

 

  1. S. Government Restricted Rights. Our IP Services are “commercial items”, “commercial computer software” and “commercial computer software documentation,” pursuant to DFARS Section 227.7202 and FAR Sections 12.211-12.212, as applicable.  All Our IP and Services are and were developed solely at private expense and the use of Our IP and Services by the United States Government are governed solely by this Customer Agreement and are prohibited except to the extent expressly permitted by this Customer Agreement.

 

  1. Warranty Disclaimer and Indemnity

We expressly disclaim any Customer Data which You have generated for use with the Services, and You agree to indemnify, hold harmless and, at Our option, to defend Us, Our officers, directors, employees, affiliates contractors and agents from and against any losses, liabilities, damages, costs and expenses (including reasonable attorneys’ fees) incurred as a result of a) any alleged or actual violations of any third party rights arising out of the Customer Data, including without limitation claims related to the unauthorized disclosure or exposure of personal data or other private information, failure to obtain required consents, claims that the Customer Data infringes a third party right, and b) claims arising from Customer’s use of the Services in violation of this Customer Agreement. THE SERVICES ARE PROVIDED ON AN “AS IS” BASIS WITHOUT ANY WARRANTY WHATSOEVER AND WE EXPRESSLY DISCLAIM, TO THE MAXIMUM EXTENT PERMISSIBLE UNDER APPLICABLE LAW, ALL WARRANTIES, EXPRESS, IMPLIED AND STATUTORY, INCLUDING WITHOUT LIMITATION ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, ACCURACY, NONINFRINGEMENT, OR ARISING FROM COURSE OF PERFORMANCE, DEALING, USAGE OR TRADE.  WE ALSO MAKE NO WARRANTY REGARDING NONINTERRUPTION OF USE OR FREEDOM FROM BUGS, AND MAKE NO WARRANTY THAT THE SERVICES WILL BE ERROR-FREE. WE DO NOT GUARANTEE ANY SPECIFIC RESULTS FROM USING THE SERVICES.

  1. Limitation of Liability

TO THE FULLEST EXTENT ALLOWED BY APPLICABLE LAW, UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY (INCLUDING, WITHOUT LIMITATION, TORT, CONTRACT, STRICT LIABILITY, OR OTHERWISE) SHALL WE (OR OUR LICENSORS OR SUPPLIERS) BE LIABLE TO YOU OR TO ANY OTHER PERSON FOR (A) SPECIAL, INCIDENTAL, CONSEQUENTIAL OR EXEMPLARY DAMAGES OF ANY KIND, INCLUDING BUT NOT LIMITED TO ANY LOST PROFITS LOST SAVINGS, LOSS OF PROFITS, BUSINESS INTERRUPTION, OR LOSS OF INFORMATION, HOWEVER CAUSED, WHETHER FOR BREACH OR REPUDIATION OF CONTRACT, TORT, BREACH OF WARRANTY, NEGLIGENCE, OR OTHERWISE, WHETHER OR NOT WE WERE ADVISED OF THE POSSIBILITY OF SUCH LOSS OR DAMAGES OR (B) ANY AMOUNT, IN THE AGGREGATE, IN EXCESS OF THE GREATER OF (I) $100 OR (II) THE AMOUNTS PAID BY YOU TO US FOR THE SERVICES DURING THE TWELVE (12) MONTHS PRIOR TO THE FIRST EVENT GIVING RISE TO SUCH LIABILITY.

THE LIMITATIONS AND EXCLUSIONS CONTAINED HEREIN WILL APPLY ONLY TO THE MAXIMUM EXTENT PERMISSIBLE UNDER APPLICABLE LAW, AND NOTHING HEREIN PURPORTS TO LIMIT EITHER PARTY’S LIABILITY IN A MANNER THAT WOULD BE UNENFORCEABLE OR VOID AS AGAINST PUBLIC POLICY IN THE APPLICABLE JURISDICTION.

  1. Miscellaneous

 

  1. This Customer Agreement is governed by and construed in accordance with the laws of the State of Delaware and the United States without regard to conflicts of laws provisions thereof, and without regard to the United Nations Convention on the International Sale of Goods. The Parties agree that the Uniform Computer Information Transactions Act or any version thereof, adopted by any state, in any form, will not apply to this Customer Agreement.

 

  1. Any assignment of this Customer Agreement by You to another party, including any transfer by operation of law or otherwise, without the other Party's prior written consent (which consent will not be unreasonably withheld) will be null and void; provided, however, that You may assign this Customer Agreement without consent, to an affiliate or in connection with any merger, asset purchase or sale, stock purchase or sale or similar change of control transaction.

 

  1. We may use subcontractors in the performance of Our obligations. We will disclose subcontractors having access to Customer Data upon Your written request.

 

  1. The provisions of the following Sections and all accrued payment obligations will survive the termination of this Customer Agreement: Section 4 (Paying for the Services), Section 7 (Confidentiality and Privacy), Section 8 (Intellectual Property), Section 9 (Warranty Disclaimer), Section 10 (Limitation of Liability), and Section 11 (Miscellaneous).

 

  1. Each Party acknowledges that it is familiar with and understands the provisions of applicable anti-corruption laws, including but not limited to FCPA or UKBA, and agrees not to violate or knowingly let anyone such laws. You agree that no payment You make will constitute a bribe, influence payment, kickback, rebate, or other payment that would violate applicable anti-corruption or anti-bribery laws. You agree that at Our request, You will furnish Us a certification signed by Your authorized representative verifying that the Services are being used in accordance with this Customer Agreement.

 

  1. This Customer Agreement constitutes the complete and entire agreement between the Parties with respect to the Services. It replaces and supersedes any prior agreements, oral or written, between the Parties concerning the subject matter hereof. We hereby reject and deem deleted any additional or different terms or conditions that You present, including, but not limited to, any terms or conditions contained or referenced in any purchase order, acceptance, or acknowledgement.  No amendment to this Customer Agreement will be effective unless it is in writing and signed by the authorized representatives of each Party. With the exception of Your obligation to make payments due and payable to Us, neither Party will be considered to be in breach or default of this Customer Agreement as a result of its delay or failure to perform its obligations herein when such delay or failure arises out of causes beyond the reasonable control of the Party whose performance has been affected. Nothing in this Customer Agreement will benefit or create any right or cause of action in or on behalf of any person or entity other than the Parties.  The failure of a Party to exercise or enforce any right or provision of this Customer Agreement will not constitute a waiver of such right or provision.  If any provision of this Customer Agreement is held to be invalid or unenforceable, the remaining provisions of this Customer Agreement will remain in full force and effect.

MSSP SERVICES TERMS OF USE

Where You are ordering the Services to manage them as part of Your managed security services program for Applicable Customers (as defined below) (“MSSP Services”), You acknowledge You must be authorized by Us prior to providing the MSSP Services to Applicable Customers, and You may only use the MSSP Services as a managed security service provider to Applicable Customers pursuant to this MSSP Agreement. If You are separately ordering the Services for Your internal use, then such use will be separately governed by the Customer Agreement. Capitalized terms used but not defined in this MSSP Agreement will have the same meanings set forth in the Customer Agreement.

  1. Definitions

Applicable Customers” means those customers located in the Territory(ies) for which We have given You prior written approval for You to provide MSSP Services.

Applicable Customer Data” means the information submitted or provided by Applicable Customers for use with the Services.

Authorized Users” means (i) Your authorized employees, agents or independent contractors with an assigned unique email address, who may access or provide the Services to the Applicable Customers; and/or (ii) employees and personnel of Applicable Customers whose email accounts are being used with the Services. 

Intellectual Property Rights” means copyrights (including, without limitation, the exclusive right to use, reproduce, modify, distribute, publicly display and publicly perform the copyrighted work), trademark rights (including, without limitation, trade names, trademarks, service marks, and trade dress), patent rights (including, without limitation, the exclusive right to make, use and sell), trade secrets, moral rights, right of publicity, authors’ rights, contract and licensing rights, goodwill and all other intellectual property rights as may exist now and/or hereafter come into existence, and all renewals and extensions thereof, of any state, country or jurisdiction.

 “Order Form” means (i) a quotation, proposal, or pricing offer issued to You by Us that is signed by both Parties or to which You have confirmed acceptance in writing, (ii) a quotation, proposal, or pricing offer issued by Us to You at the time of the sign-up for an evaluation described in Section 2(d) of this MSSP Agreement, which You will be deemed to have accepted if You do not provide Us notice of cancellation prior to the end of the evaluation period, or (iii) a written purchase order or similar ordering document, signed or submitted by You and accepted by Us, under which You agree to purchase a license to the Services to provide MSSP Services under this Agreement. It is agreed that all Order Forms for the Services will incorporate the terms of this MSSP Agreement, whether expressly referenced or not, and will only be accepted subject to the terms of this MSSP Agreement. The terms and conditions of this MSSP Agreement will govern all Order Forms, and any additional or different terms in an Order Form are deemed void and of no effect unless such additional or different terms are agreed upon by the Parties in writing. For clarity, acceptance by Us of Your purchase order or similar ordering document will not be deemed an acceptance of any conflicting or additional terms and conditions.

“Territory(ies)” means the territories We authorize You to provide the MSSP Services. You may only provide the MSSP Services in those territories where We have provided our prior written authorization.  Notwithstanding the foregoing, You will not provide the MSSP Services in the following Territories: North Korea, Iran, Syria, Lebanon, Cuba, Sudan, and Crimea Region of Ukraine.

  1. MSSP Partner Program

 

  1. Subject to the terms and conditions set forth herein, You may provide MSSP Services to Applicable Customers for the Services.

 

  1. For purposes of providing MSSP Services to Applicable Customers, You will purchase the licenses in Your own name at the prices set forth in the applicable Order Form. In addition to any other information to be provided to Us by You in an Order Form, You will provide the name of the Applicable Customer (along with any other information We reasonably request). 

 

  1. You will market and promote the MSSP Services in the Territory(ies). You may also market, at Your own expense, and resell licenses to the Services to Your customers for their direct use, subject always to the customer accepting the Customer Agreement to govern their use of the Services, in the Territory(ies) only upon Our prior written approval in each instance, and You will always comply with all applicable laws and regulations reselling the Services.

 

  1. If We provide the Services, along with any other related materials and documentation for Your Applicable Customer’s evaluation purposes, then We grant a limited, nontransferable, non-assignable, non-sublicensable right to use the Services for the Applicable Customer, subject to the terms of this MSSP Agreement and any other limitations communicated to You. You may use the Services for Your Applicable Customer’s own internal evaluation purposes from the date in which You access the Services for the Applicable Customer, until the expiration date We provide You, or, if no expiration date is provided, for a period of up to fourteen (14) days from the date of first deploying the Services for the Applicable Customer. If You do not provide Us notice to cancel the evaluation for the Applicable Customer prior to the expiration of the applicable evaluation period, Your subscription to the Services for the Applicable Customer will automatically begin upon expiration of the evaluation period, subject to and governed by this MSSP Agreement, and You will be deemed to have accepted the quotation or proposal provided at the time of the evaluation sign-up, and We will charge You at the pricing stated therein. If You cancel the evaluation for the Applicable Customer before the end of the applicable evaluation period, You will not be charged. Your eligibility for a free evaluation offer for each Applicable Customer is determined solely by Us and Your access to any free evaluation offer is provided at Our sole discretion. The Services are provided to You “AS-IS”, and to the extent permitted by applicable law, We disclaim all indemnities and warranties relating to the evaluation, express or implied, including but not limited to any warranties against infringement of third-party rights, merchantability, and fitness for a particular purpose. You acknowledge that the Services are Our intellectual property. At the end of the applicable evaluation period, all evaluation licenses granted herein will automatically terminate and You will delete or return any of Our Confidential Information in Your possession related to the evaluation and provide written certification of such destruction or return in writing to Us. You understand that We may disable access to the Services for each evaluation automatically at the end of the evaluation period, without notice to You. This Section will take precedence over any contradictory language in this MSSP Agreement as it relates to an evaluation.

 

  1. You will pay the fees for the Services set forth in the applicable Order Form and the renewals thereof (“Fees”). All Fees will be fully billed in advance, unless otherwise agreed by the Parties in writing. Fees are exclusive of all tariffs, duties or taxes imposed or levied by any government or governmental agency, including without limitation, federal, state and local sales, use, value added or other similar taxes (collectively, “Taxes”) and You are responsible for paying all Taxes applicable to the Services. In the event We are obligated to collect and pay indirect Taxes for the Fees, You agree to pay any indirect Taxes that may be added to the payment of any outstanding Fees and will be reflected in the invoice or subsequently invoiced if the Fees were previously paid. You will reimburse Us for any and all expenses incurred by Us so long as such expenses are directly attributable to the Services provided to You. You agree to pay all Fees, in full, within thirty (30) days. If You fail to make any payment when due, then interest at a rate of one and one-half percent (1.5%) per month will accrue on such unpaid, undisputed amounts, calculated from the date the payment was originally due. Credit card payments may incur additional fees.  If You dispute any invoice, You will promptly notify Us of the disputed amount, but in no event later than the date payment is due, with an explanation of the reasons therefor. In the event of non-payment or any action at law or in equity necessary to enforce or interpret the terms of this MSSP Agreement for non-payment, You agree to pay all of Our reasonable attorneys’ fees and collection costs and expenses associated with the collection of such debt, to the fullest extent permitted by applicable law.

 

  1. For each Order Form, we will provide the Services pursuant and subject to this MSSP Agreement. The term of the Services for the Applicable Customer is specified in the applicable Order Form or, if no period of time for the Services is specified, for a period of one (1) month from the date in which access to the Services was made available to You (“Initial Services Term”). Unless otherwise stated on the Order Form, the Services will automatically renew after its Initial Services Term for additional periods equal in length to the Initial Services Term (each, a “Renewal Services Term” and together with the Initial Services Term, the “Services Term”), unless either Party notifies the other of its intention not to renew the Services at least thirty (30) days prior to the expiration of the then-current Services Term. In the event You add additional Authorized Users for the Applicable Customer during the Services Term, You will be billed for the additional Authorized Users at the pricing set forth in the applicable Order Form. For the duration of the applicable Services Term and in accordance with the terms of this MSSP Agreement, We grant You a non-exclusive, non-transferable, non-assignable right to access the Services, including the applicable Documentation and Our IP associated with the Services, solely for the provision of the MSSP Services to the Applicable Customer. You acknowledge that We have no delivery obligation and will not ship copies of software as part of the Services. For the duration of the applicable Services Term, We grant You a non-exclusive, revocable, non-transferable, non-assignable right to access the Services, including the applicable Documentation and any other of Our IP provided with respect to this MSSP Agreement, for Your provision of MSSP Services to Applicable Customers.

 

  1. Applicable Customer Restrictions

You may only use the license purchased pursuant to the Agreement for the Services with only One Applicable Customer. For clarification, pricing will be based on the number of employees and/or email addresses with respect to an Applicable Customer, unless otherwise agreed by the Parties in writing in the applicable Order Form. You may not use one license to provide MSSP Services to multiple Applicable Customers. The license for the Services will be provided and used in accordance with the terms of the Customer Agreement, except that the prohibition of using the Services with third parties in the Customer Agreement will not be applicable to the extent You are providing the Services to Applicable Customers in compliance with this Agreement and You are not permitted to use the MSSP Services for Your internal use as part of Your order of the MSSP Services. Under no circumstances may You use a single license for multiple Applicable Customers.

  1. Term and Termination

 

  1. We may terminate this MSSP Agreement and Your license to provide MSSP Services upon ninety (30) days’ prior written notice for Our convenience.

 

  1. We may, in our sole and absolute discretion, immediately terminate this MSSP Agreement or an individual license, or suspend Your access to the Services in connection with any actual, alleged or suspected: (i) breach of confidentiality obligations and license or use restrictions set forth in the Customer Agreement and this MSSP Agreement, (ii) direct or indirect technical or security issues or problems caused by or relating to You or an Applicable Customer, (iii) violations of applicable law. A Party may otherwise terminate this MSSP Agreement if the other Party commits a material breach, and fails to remedy such breach within thirty (30) days of being notified by the non-breaching Party of such breach. If We terminate this MSSP Agreement due to Your material breach, We will not refund any amounts to You.

 

  1. Upon termination or expiration of this MSSP Agreement: (a) You will promptly return to Us all materials related to us in Your possession, and You will cease representing yourself as one of Our authorized MSSP partners; (b) all licenses granted hereunder will terminate; and (c) each Party will cease using, return or destroy, at the sole election of the other Party, all Confidential Information of such other Party relating to this MSSP Agreement, and You will cease using any of Our IP (as defined in the Customer Agreement).

 

  1. Your Responsibilities

 

  1. Prior to providing the MSSP Services to Applicable Customers, You will, upon request, successfully complete and pass the Managed Security Services Provider Program certification training for the MSSP Services. If at any time, We find that You are not providing MSSP Services up to Our standards, We may suspend this MSSP Agreement immediately and require that You attend additional training, as reasonably necessary. You must follow Our reasonable instructions regarding use of the Services and training.

 

  1. You will complete any due diligence questionnaires We request from time to time.

 

  1. In providing the MSSP Services, You will comply with the Acceptable Use Policy attached hereto as Exhibit A.

 

  1. You (i) are responsible for the use of the Services and Our IP by Your personnel (including Authorized Users) and the Applicable Customer in compliance with this MSSP Agreement, including any applicable exhibits, addenda, Documentation and applicable laws and government regulations; (ii) are responsible for the accuracy, quality and legality of Applicable Customer Data, including the lawful use and transmission of Applicable Customer Data provided by Applicable Customer and any Authorized Users in connection with the Services; (iii) will obtain all rights, permissions or consents from Authorized Users and other Applicable Customer personnel that are necessary to grant Us the rights and licenses in this MSSP Agreement; and (iv) will use commercially reasonable efforts to prevent unauthorized access to or use of Our IP and Services, and will notify Us promptly of such unauthorized use.

 

  1. You will ensure that: (i) You and the Applicable Customer are entitled to transfer the relevant personal data to You and Us so that the Parties may lawfully use, process and transfer the personal data on the Applicable Customer’s behalf and in accordance with this MSSP Agreement; and (ii) the relevant third parties have been informed of, and have given their consent to, such use, processing, and transfer as required by all applicable data protection laws. You may only use Authorized User’s email addresses with Internet domain names that are authorized by the Internet domain name owner to use for the purposes contemplated herein.

 

  1. You agree that at Our request, You will furnish Us a certification signed by Your authorized representative verifying that the Services are being used in accordance with this MSSP Agreement.

 

  1. Applicable Customers

 

  1. We may reject Your request to provide MSSP Services to a potential Applicable Customer at any time for any reason, without incurring any liability to You and/or Applicable Customer.

 

  1. The Parties acknowledge that You will have Your own agreements with the Applicable Customers pursuant to which You will provide MSSP Services to the Applicable Customers. You acknowledge and agree that We will not be a party to the contract between You and the Applicable Customer and, further, that We will not be liable to You or to Applicable Customer in respect of any claims made by the Applicable Customers under contract between You and the Applicable Customer. 

 

  1. Prior to providing MSSP Services for each Applicable Customer, We may request a letter of acknowledgment in place executed between Us and the Applicable Customer.

 

  1. Intellectual Property

 

  1. Any documentation, materials, intelligence, and any other proprietary information provided by Us, or on Our behalf, in connection with the MSSP Services are also Our IP, to which We own all Intellectual Property Rights. Notwithstanding anything in the Customer Agreement to the contrary, You will use Our IP under this MSSP Agreement solely for the purposes of providing MSSP Services to Applicable Customers. You will not modify any documentation We provide without Our prior written permission each time. We will automatically own and have title to any derivative works based on Our IP.

 

  1. You understand, acknowledge and agree that We own all Intellectual Property Rights in and to Aggregate Data, and may use, reproduce, sell, publicize or otherwise exploit Aggregate Data in any way, in Our sole discretion. “Aggregate Data” refers to Applicable Customer Data that is de-identified (stripped of any information used to identify Applicable Customer, including personal data). Aggregate Data will include data identified through the Services as malicious and also include statistical information related to the use and performance of the Services, provided that such information is de-identified. You grant Us a worldwide, perpetual, irrevocable, royalty-free, fully paid-up license to use and exploit any suggestion, enhancement request, recommendation, correction or other feedback (“Feedback”) You provide relating to the Services. Feedback will not include Confidential Information. You will provide Us with all threat intelligence learned and collected with the use of the Services and such threat intelligence will not include Confidential Information.

 

  1. You acknowledge and agree that the maximum number of Authorized Users will not exceed the number of Authorized Users set forth in the applicable Order Form. At the beginning of the applicable Services Term, You will designate and allocate the Authorized Users on behalf of the Applicable Customer. The Parties acknowledge and agree that Authorized Users may not be reassigned or replaced (except for those designated by You to act as administrators) prior to the expiration of the applicable Services Term. Any breach by You and Your Authorized Users of this Section may, in Our sole discretion, result in the immediate suspension or termination of You and Your Authorized Users’ access to the Services and or termination of this MSSP Agreement.

 

  1. You may not enter into new license agreements for the Services with customers who already have direct agreements in place with Us.

 

  1. Confidentiality

 

  1. “Confidential Information” means all non-public information, whether written, electronic, oral or graphic, that a disclosing party (“Discloser”) may disclose or reveal to the receiving party (“Recipient”), that is either (i) identified as confidential at the time of disclosure by Discloser, or (ii) disclosed under circumstances that would indicate to a reasonable person that the information should be treated as confidential by Recipient. Confidential Information includes, but is not limited to, technical or business information, pricing, financial plans and records, marketing plans, research, present and proposed products, trade secrets, know how, processes, intelligence, computer software programs, software tools and descriptions of functions and features of software, source code, information regarding customers and suppliers, employees and affiliates, and methods for systems integration, company systems or software.

 

  1. Recipient will maintain all Confidential Information of the Discloser in strict confidence. Except as provided in this MSSP Agreement, the Recipient will not use Confidential Information of the Discloser, except to perform or otherwise fulfill the purpose of this MSSP Agreement or disclose it in any manner to any third party without the prior express written consent of the Discloser. Recipient will restrict access to, and use of, Confidential Information of the Discloser to those employees and agents of Recipient’s organization with a need to use the information to perform under or otherwise fulfill the purpose of this MSSP Agreement. Recipient will use the same degree of care in handling and safeguarding Confidential Information that it uses in handling and safeguarding its own Confidential Information, and in any case not less than reasonable care. Before disclosing any Confidential Information to its officers or employees, Recipient will subject such officers and employees to an obligation of confidentiality no less stringent than that by which Recipient is bound.

 

  1. The obligations set forth in the subsection above will not apply to information which is: (i) already known to or otherwise in the possession of the Recipient at the time of disclosure and which was not so known or received in violation of any confidentiality obligation; (ii) publicly available or otherwise in the public domain prior to disclosure by the Recipient; (iii) rightfully obtained by the Recipient from any third party without restriction and without breach of any confidentiality obligation by such third party; or (iv) developed by the Recipient without reference to the Discloser’s Confidential Information and independent of any disclosure hereunder, as evidenced by written records.

 

  1. Each Party may disclose Confidential Information to the limited extent necessary to comply with the order of a court or administrative body of competent jurisdiction or a government agency, provided that the Recipient will notify the Discloser prior to such disclosure, if permissible, and will cooperate with the Discloser if the Discloser elects to legally contest, request confidential treatment of, or otherwise avoid such disclosure.

 

  1. Warranty and Indemnification

 

  1. You represent and warrant that You will not (i) make or publish any false or misleading representations, warranties, or guarantees on Our behalf or Our suppliers, or (ii) make any representations warranties, or guarantees with respect to Us, the Services or any of Our obligations that are inconsistent with the terms of this MSSP Agreement.

 

  1. You agree to indemnify, defend and hold Us, and Our affiliates, directors and officers, employees and agents harmless from any and all claims and/or demands, including reasonable attorneys’ fees, made by any third party arising out of or related to Your and/or Authorized Users’ alleged or actual use or misuse of the Services and Our IP, including without limitation: (a) claims related to the unauthorized disclosure or exposure of personal data or other private information, violations of any third party rights, and failure to obtain required consents for Us to provide the Services under this MSSP Agreement; (b) claims that You are infringing on any third party intellectual property or data privacy right; (c) a breach of the Acceptable Use Policy; or (d) claims arising from Your use of the Services in violation of the Customer Agreement or this MSSP Agreement. Further, You will indemnify Us, Our employees, officers, directors, affiliates, independent contractors, and agents against any claim made by an Applicable Customer against Us arising in connection with the MSSP Services or the contract between the You and the Applicable Customer.

 

  1. Limitation of Liability

TO THE FULLEST EXTENT ALLOWED BY APPLICABLE LAW, UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY (INCLUDING, WITHOUT LIMITATION, TORT, CONTRACT, STRICT LIABILITY, OR OTHERWISE) SHALL WE (OR OUR LICENSORS OR SUPPLIERS) BE LIABLE TO YOU OR TO ANY OTHER PERSON FOR (A) SPECIAL, INCIDENTAL, CONSEQUENTIAL OR EXEMPLARY DAMAGES OF ANY KIND, INCLUDING BUT NOT LIMITED TO ANY LOST PROFITS LOST SAVINGS, LOSS OF PROFITS, BUSINESS INTERRUPTION, OR LOSS OF INFORMATION, HOWEVER CAUSED, WHETHER FOR BREACH OR REPUDIATION OF CONTRACT, TORT, BREACH OF WARRANTY, NEGLIGENCE, OR OTHERWISE, WHETHER OR NOT WE WERE ADVISED OF THE POSSIBILITY OF SUCH LOSS OR DAMAGES OR (B) ANY AMOUNT, IN THE AGGREGATE, IN EXCESS OF THE GREATER OF (I) $100 OR (II) THE AMOUNTS PAID BY YOU TO US FOR THE SERVICES DURING THE TWELVE (12) MONTHS PRIOR TO THE FIRST EVENT GIVING RISE TO SUCH LIABILITY.

THE LIMITATIONS AND EXCLUSIONS CONTAINED HEREIN WILL APPLY ONLY TO THE MAXIMUM EXTENT PERMISSIBLE UNDER APPLICABLE LAW, AND NOTHING HEREIN PURPORTS TO LIMIT EITHER PARTY’S LIABILITY IN A MANNER THAT WOULD BE UNENFORCEABLE OR VOID AS AGAINST PUBLIC POLICY IN THE APPLICABLE JURISDICTION.

  1. Data Privacy and Compliance

 

  1. You will (i) comply with all applicable legal requirements regarding privacy and data protection; and (ii) provide sufficient notice to, and obtain sufficient consent and authorization from, Applicable Customers and any other party providing personal data to You and Us to permit the processing of the data by You, Us, and either Party’s respective affiliates, subsidiaries, and service providers as contemplated by this MSSP Agreement.

 

  1. You will comply with all applicable export controls, trade sanctions, and import laws and regulations in Your use of the Services, including without limitation the regulations of the U.S. Commerce Department’s Bureau of Industry and Security (“BIS”) and the U.S. Treasury Department’s Office of Foreign Assets Control (“OFAC”) (collectively, “Export Control Laws”). You will not, directly or indirectly, export or re-export, or knowingly permit the export or re-export of any of the Services, without any required government authorization, to any person, or entity (i) located or resident in any country or territory that is subject to comprehensive U.S. trade sanctions or other significant trade restrictions (including without limitation, Cuba, Iran, North Korea, Sudan, Syria, and the Crimea region of Ukraine) (“Sanctioned Countries”); or (ii) identified on any U.S. government restricted party lists (including the Specially Designated Nationals and Blocked Persons List, Foreign Sanctions Evaders List, and Sectoral Sanctions Identifications List, administered by OFAC, and the Denied Party List, Entity List and Unverified List, administered by BIS) (“Restricted Party Lists”). You represent and warrant that You are not (i) a citizen of, or located in, a Sanctioned Country, or (ii) identified on, or more than 50 percent (50%) owned or controlled by one or more persons or entities identified on, a Restricted Party List.

 

  1. Each Party acknowledges that it is familiar with and understands the provisions of the U.S. Foreign Corrupt Practices Act of 1977, as amended (the “FCPA”) and the U.K. Bribery Act of 2010 (“UKBA”) and agrees not to violate or knowingly let anyone violate the FCPA, UKBA, or any other applicable anti-corruption laws. You agree that no payment You make will constitute a bribe, influence payment, kickback, rebate, or other payment that violates the FCPA, the UKBA, or any other applicable anti-corruption or anti-bribery laws.

 

  1. You will perform Your obligations hereunder in compliance with Our applicable rules, policies and regulations (“Policies”), now in effect or hereafter amended or established by Us from time to time. You will require Your employees, agents or consultants performing services directly in connection with this MSSP Agreement to comply with such Policies and will be responsible for any violation of such Policies by Your employees, agents or consultants.

 

  1. You will comply with all applicable laws and regulations with respect to Your use of the Services. You will obtain all licenses and approvals required under and will otherwise comply with all laws of the Territory(ies) governing the importation, management, marketing or distribution of the Services into and throughout the Territory(ies) and will pay (and reimburse Us if it is required to pay) all related governmental charges and related expenses. You will (i) comply with all applicable legal requirements regarding privacy and data protection; and (ii) provide sufficient notice to, and obtain sufficient consent and authorization from Applicable Customers and any other party providing personal data to You and Us to permit the processing of the data by You, Us, and each Party’s respective affiliates, subsidiaries, and service providers as contemplated by this MSSP Agreement. You understand that We may be required to disclose certain information received in connection with this this MSSP Agreement (including, for example, the names of Applicable Customers and details of security incidents observed) to government authorities as required by applicable laws.  You will ensure that each Applicable Customers understands and agrees to comply with this provision.

 

  1. Insurance

You will maintain commercial property, casualty, errors and omissions, and liability insurance in amounts customary for businesses operating in Your industry and for the provision of the Services. All liability and errors and omissions insurance will designate Us as an additional insured. All such insurance must be primary and require the issuer to respond and pay prior to any other available coverage. You agree that You and anyone claiming by, through, under, or on Your behalf will have no claim, right of action, or right of subrogation against Us based on any loss or liability insured against under the foregoing insurance. You will provide Us with certificates or adequate proof of the foregoing insurance within thirty (30) days of request and thereafter promptly each year after renewal. Such insurance policies or endorsements will entitle Us to receive notice at least thirty (30) days prior to any cancellation (including for nonrenewal) or change.

  1. Audits

You will provide Us reports (within 15 days of requests) and such reports will provide the following information: (i) details about the Applicable Customers, including Applicable Customer name and address; (ii) the number of licenses and Authorized Users being used in connection with the Services for each Applicable Customer; and (iii) any other information We request.  We will have the right to audit Your MSSP Services activities (including Your use of the Services and information provided in any reports) to ensure compliance with this MSSP Agreement and You will provide Us with access and information as We may request in connection with such audits.

  1. Miscellaneous Provisions

 

  1. Nothing in this MSSP Agreement will be construed as limiting Our appointment of other managed security service providers, dealers, licensees or agents in any way, or limiting Our other marketing or distribution activities in any way or granting similar rights as those set out herein to any other party in any way.

 

  1. In making and performing this MSSP Agreement, the Parties have acted, and will act, always, as independent contractors, and, except as expressly set forth in this MSSP Agreement or any exhibits, nothing contained in this MSSP Agreement or any exhibits will be construed or implied to create an agency, partnership or employer and employee relationship between them. Except as expressly set forth in this MSSP Agreement, at no time will either Party make commitments or incur any charges or expenses for, or in the name of, or act as agent of the other Party.

 

  1. You will not assign Your rights (by operation of law or otherwise) or delegate Your obligations under this MSSP Agreement without Our prior written consent, and, absent such consent, such assignment or delegation by You will be null, void and of no effect. This Agreement will be binding upon and inure to the benefit of each Party and their successors and permitted assigns.

 

  1. This Agreement and the rights and obligations of the Parties hereunder and thereunder, will be construed in accordance with, and will be governed by, the laws of the Commonwealth of Virginia, without giving effect to its conflict of laws principles. The United Nations Convention on Contracts for the International Sale of Goods does not apply to this MSSP Agreement.

 

  1. This Agreement may not be amended or modified except in a writing duly executed by authorized representatives of both Parties. If any term or provision of this MSSP Agreement is determined by a court of competent jurisdiction to be illegal, invalid, or unenforceable, the legality, validity, or enforceability of the remainder of this MSSP Agreement will not thereby be affected, and this MSSP Agreement will be deemed amended to the extent necessary to delete such provision. The waiver by either Party of a breach of any provision of this MSSP Agreement will not operate or be construed as a waiver of the same or any other breach by that Party, whether prior or subsequent. Any waiver under this MSSP Agreement must be in writing and signed by an authorized representative of the waiving Party. In the event of a contractual dispute arising out of or relating to payment obligations of a Party, the Party prevailing in such dispute will be entitled to collect from the other Party all costs of collection in such dispute, including reasonable attorneys’ fees.

 

  1. Except with respect to payment obligations, if a Party is prevented or delayed in performance of its obligations under this MSSP Agreement as a result of circumstances beyond such Party’s reasonable control, including, without limitation, war, terrorist act, riot, fires, floods, epidemics, or failure of public utilities or public transportation systems, such failure or delay will not be deemed to constitute a material breach of this MSSP Agreement, but such obligation will remain in full force and effect and will be performed or satisfied as soon as reasonably practicable after the termination of the relevant circumstances causing such failure or delay. The terms set out in the Customer Agreement incorporated herein along with the terms set out in the MSSP Agreement will be considered as one agreement, to be read together and constituting the applicable terms in respect of Your usage of the Services for providing MSSP Services to Your Applicable Customers and supersedes all prior agreements, representations, negotiations, or other understandings of the Parties with respect to such subject matter, whether written or oral. In the event of any conflict between this MSSP Agreement and any Order Form, the terms of this MSSP Agreement will govern and control.

 

  1. With respect to U.S. government Applicable Customers, Our IP, including the Services, are “commercial items”, “commercial computer software” and “commercial computer software documentation,” pursuant to DFARS Section 227.7202 and FAR Sections 12.211-12.212, as applicable. All Our IP, including the Services are and were developed solely at private expense and the use of Our IP, including the Services, by the United States Government are governed solely by this MSSP Agreement and are prohibited except to the extent expressly permitted by this MSSP Agreement.

 

  1. The provisions of Section 7, Section 8, and Sections 10 through 14, as well as any obligations to pay any amounts due and outstanding hereunder, will survive termination of this MSSP Agreement.

 

 

 

 

 

 

 

 

EXHIBIT A

ACCEPTABLE USE POLICY

When providing MSSP Services to Applicable Customers, You will comply with this Acceptable Use Policy (this “AUP”).  You and Your Authorized Users must promptly notify Us of any actual or suspected illegal or unauthorized activity or a security breach involving the Services. You are responsible for Your Authorized Users’ compliance with the MSSP Agreement and this AUP.

You and Your Authorized Users may not:

  1. transmit unlawful materials, e-mail or information;
  2. transmit harassing, threatening or abusive materials, e-mail or information;
  3. transmit defamatory, libelous, slanderous or scandalous materials, e-mail or information;
  4. transmit obscene, pornographic, profane or otherwise objectionable information of any kind;
  5. transmit materials, e-mail or information that would constitute an infringement upon the patents, copyrights, trademarks, trade secrets or other intellectual property rights of others;
  6. transmit materials constituting or encouraging conduct that would constitute a criminal offence, give rise to civil liability, or otherwise violate any local, state, national or international law, including without limitation, the U.S. export control laws and regulations;
  7. transmit materials that would give rise to liability under the Computer Fraud and Abuse Act;
  8. use the Services to commit fraud or engage in other misleading or deceptive activities;
  9. upload to, or transmit from the Services any viruses, worms, defects, Trojan horses, time-bombs, malware, spyware, or any other computer code of a destructive or interruptive nature other than any of the foregoing contained in the emails or links provided by the Applicable Customer to You for the purpose of analyzing the emails and links for malicious content as part of the Services;
  10. share the Services and any of Our IP and Our Confidential Information with any third-parties, except as permitted by this MSSP Agreement or expressly authorized in advance by Us in writing;
  11. use the Services and Our IP in any way to provide services to any third-party except to the Applicable Customer in accordance with this MSSP Agreement;
  12. disassemble, decompile, reverse compile, reverse engineer or attempt to discover any source code or underlying ideas or algorithms of the Services and any of Our IP (except to the limited extent that applicable law prohibits reverse engineering restrictions solely for interoperability purposes);
  13. sell, resell, distribute, sublicense or otherwise transfer, the Services and any of Our IP, or make the functionality of the Services available to any other party through any means (unless We have provided prior written consent); and
  14. reproduce, alter, modify or create derivatives of Our IP (unless as expressly permitted in the MSSP Agreement).

Authorized Users must comply with any of Our Intellectual Property Rights asserted in any of Our IP provided to You for the purposes of using with the Services.  Authorized Users will maintain and not remove or obscure any proprietary notices on Our IP.

Remedies. Violation of this AUP may result in civil or criminal liability, and We may, in addition to any other remedy that We may have at law or in equity, terminate any permission for You and any Authorized User to access the Services or immediately remove the offending material. In addition, We may investigate incidents that are contrary to this AUP.

We reserve the right to update and modify this AUP at any time from time-to-time. Your continued use of the Services and Your Authorized Users after such update or modification will indicate Your acceptance of the updates and/or modifications to this AUP.