Hosted Services Agreement

Terms and Conditions Hosted Services

PLEASE READ CAREFULLY: THESE TERMS AND CONDITIONS FOR SUBSCRIPTIONS AND SERVICES (THESE “SUBSCRIPTION TERMS”), ARE A LEGAL AND BINDING PART OF THE APPLICABLE SUBSCRIPTION ORDER OR QUOTE (the “SUBSCRIPTION ORDER”; AND COLLECTIVELY WITH THESE SUBSCRIPTION TERMS, THE “AGREEMENT”), BY AND BETWEEN THE LICENSEE NAMED IN THE SUBSCRIPTION ORDER (HEREIN REFERRED TO AS, “COMPANY”) AND SECURELINK, INC. (“SECURELINK”).  COLLECTIVELY, SECURELINK AND COMPANY MAY BE REFERRED TO AS THE “PARTIES” OR IN THE SINGULAR AS “PARTY”.  USE OF THE SECURELINK SERVICES AND SOFTWARE, INCLUDING WITHOUT LIMITATION ALL ASSOCIATED DOCUMENTATION, IS SUBJECT TO THESE SUBSCRIPTION TERMS, WHICH ARE INCORPORATED INTO AND FORM AN INTEGRAL PART OF THE AGREEMENT.

BY USING THE SERVICES, INSTALLING OR USING THE SOFTWARE, BREAKING THE SEAL ON ANY SOFTWARE MEDIA PACKAGE, OR OTHERWISE SIGNIFYING ACCEPTANCE OF THE SUBSCRIPTION ORDER, COMPANY AGREES TO THE SUBSCRIPTION ORDER AND THESE SUBSCRIPTION TERMS.

  1. Background.  SecureLink provides a hosted solution for remote computer access and support (the “Service”). This Agreement sets forth the terms pursuant to which SecureLink will provide the Services to Company and provide other related services set forth in this Agreement and the Subscription Order or Quotation executed contemporaneously with this Agreement (the “Subscription Order”).  The term “Services” includes any related services provided by SecureLink to Company as well as the Documentation (as defined below).
  2. Services.

2.1 Access and Use.  Subject to the timely payment by Company of all applicable fees, SecureLink hereby grants to Company, and Company hereby accepts, a limited, non-exclusive, term-limited, non-transferable, non-sublicensable, right to access and use the Services (including the Documentation) during the Term (defined below) solely (i) in connection with Company’s normal business operations, (ii) in accordance with the documentation provided by SecureLink with the Services (the “Documentation”), and (iii) subject to any limitations set forth in this Agreement or in the Subscription Order.  

2.2 Use by Employees and Contractors.  Employees or authorized independent contractors of Company may access  and use the Service provided that all such use shall be solely for the benefit of Company and in accordance with the terms and conditions of this Agreement. Company shall ensure that its employees and any independent contractors comply with the terms and conditions contained in this Agreement.  Company shall remain fully liable for all acts and omissions of its employees and independent contractors, as if such acts and omissions had been committed by Company itself.  The Services may not be used by Company to facilitate remote access by its employees or contractors to Company’s own systems unless Company has purchased an internal use license.  

 2.3  Service and System Control. Except as otherwise expressly provided in this Agreement, as between the parties: 

(a) SecureLink has and will retain sole responsibility for the operation, provision, maintenance, and management of the SecureLink Materials. “SecureLink Materials” means the Services, Documentation, and SecureLink’s systems and any and all other information, data, documents, materials, works, and other content, devices, methods, processes, hardware, software, and other technologies and inventions, including any deliverables, technical or functional descriptions, requirements, plans, or reports, that are provided or used by SecureLink or any subcontractor in connection with the Services or otherwise comprise or relate to the Services or SecureLink’s systems. 

(b) Company has and will retain sole responsibility for the operation, maintenance, and management of, and all access to and use of, the Company Systems (as defined below), and sole responsibility for all access to and use of the SecureLink Materials by any person by or through the Company Systems or any other means controlled by Company or any Company authorized user, including any: (i) information, instructions, or materials provided by any of them to the Services or SecureLink; (ii) results obtained from any use of the Services or SecureLink Materials; and (iii) conclusions, decisions, or actions based on such use.  “Company Systems” means Company’s information technology infrastructure, including computers, software, databases, electronic systems (including database management systems), and networks, whether operated directly by Company or through the use of third-party services. 

2.4 Limitations.  Company shall not, and shall not permit any other person to, access or use the Services or SecureLink Materials except as expressly permitted by this Agreement. For purposes of clarity and without limiting the generality of the foregoing, Company shall not, except as this Agreement expressly permits: (i) decompile, reverse engineer, decode, or disassemble the SecureLink Materials or otherwise attempt to reduce or access the SecureLink Materials to a human perceivable form in whole or in part; (ii) decrypt, circumvent, bypass, breach, or disable any security or other technological features or measures of the  SecureLink Materials; (iii) access or attempt to access or use the Services for purposes of competitive analysis of the Services or SecureLink Materials, the development, provision, or use of a competing software service or product or any other purpose that is to the SecureLink’s detriment or commercial disadvantage; (iv) copy, publish, release, rent, lease, loan, sell, distribute, or transfer the SecureLink Materials; (iv) frame or mirror any content forming part of the SecureLink Materials; (v) use or permit the use of the SecureLink Materials for commercial time-sharing arrangements or providing service bureau, data processing, rental, or other services to any third party; (vi) alter, modify, adapt, translate, or create derivative works based upon the SecureLink Materials either in whole or in part; (vii) remove any copyright notice or other proprietary rights notices that may appear in or on the SecureLink Materials; (viii) perform any security or penetration testing of the SecureLink Materials; (ix) input, upload, transmit, or otherwise provide to or through the Services, any information or materials that are unlawful or injurious, or contain, transmit, or activate any virus, trojan horse, or other malicious code; (x) damage, destroy, disrupt, disable, impair, interfere with, or otherwise impede or harm in any manner the Services, SecureLink Systems, or SecureLink’s provision of services to any third party, in whole or in part; or (xi) use the Services to harass any person; cause damage or injury to any person or property; publish any material that is false, defamatory, harassing or obscene; violate privacy rights; promote bigotry, racism, hatred or harm; send unsolicited bulk e-mail, junk mail, spam or chain letters; infringe property rights; or otherwise violate applicable laws, ordinances or regulations.  Company will use the Services in compliance with all applicable laws and regulations, and refrain from any unethical conduct or any other conduct that tends to damage the reputation of SecureLink.  However, where Company has other rights under statute that make any portion of the foregoing contractual prohibition void, Company agrees to provide SecureLink with reasonably detailed information regarding any intended disassembly or de-compilation.  Company may not access the Services if Company is a direct competitor of SecureLink.  With any mission-critical activity, the Services should not be Company’s only means of receiving or providing remote support, and Company acknowledges and agrees that it is responsible for taking steps to protect against system failures, including (without limitation) providing back-up remote access methods. 

2.5 Service Usage and Data Storage. Exhibit A sets forth Fees for designated levels of usage and data storage (each a “Service Allocation”), beginning with the Fees payable by Company for the levels of usage and data storage in effect as of the Effective Date. SecureLink will use commercially reasonable efforts to notify Company in writing if Company has reached 80 percent of its then current Service Allocation and Company may increase its Service Allocation and corresponding Fee obligations in accordance with Exhibit A. If Company exceeds its Service Allocation for any relevant period, Company shall also pay to SecureLink the applicable excess usage and storage Fees set forth in Exhibit A. Company acknowledges that if it exceeds its Service Allocation by (i) exceeding Company’s network usage, then its access to the Services will be throttled or (ii) exceeding storage limits, then audit data will automatically be deleted.  

2.6 Reservation of Rights.  Nothing in this Agreement grants any right, title, or interest in or to (including any license under) any intellectual property rights in or relating to, the Services or SecureLink Materials whether expressly, by implication, estoppel, or otherwise. SecureLink (and its licensors) retains all title, interest, and ownership rights in and to the SecureLink Materials and reserves all rights not expressly granted to Company in this Agreement.  If Company provides any suggestions, ideas, enhancement requests, feedback (including identifying potential errors and improvements), recommendations or other information relating to the Services to SecureLink (collectively “Feedback”), then SecureLink may use the Feedback without payment or restriction.  The SecureLink name, the SecureLink logo, and the product names associated with the Services are trademarks of SecureLink, and no right or license is granted to use them.  Company will not accrue any rights (including residual rights) to the Services or SecureLink Materials or any related technology, including any rights to the underlying intellectual property rights.  

  1. Additional Services; Updates; Company Obligations.

3.1 Services.  As part of the Services, SecureLink will provide Company with the implementation, training, and support services identified in the Subscription Order.

3.2 Updates.  SecureLink may update the SecureLink Materials from time to time.  The terms “Services,” “SecureLink Materials,” and “Documentation” shall include all updates provided by SecureLink.

3.3.  Company Obligations.  Company shall at all times during the Term: (a) set up, maintain, and operate in good repair all Company Systems on or through which the Services are accessed or used; (b) provide SecureLink with such access to Company Systems as is necessary for SecureLink to perform the Services in accordance with this Agreement; and (c) provide all cooperation and assistance as SecureLink may reasonably request to enable SecureLink to exercise its rights and perform its obligations under and in connection with this Agreement.  SecureLink is not responsible or liable for any delay or failure of performance caused in whole or in part by Company’s delay in performing, or failure to perform, any of its obligations under this Agreement.

  1. Account Information and Data

4.1 Company Data” means any data, information or material provided or submitted to the Services by the Company in the course of using the Services.   “Resultant Data” means data and information related to Customer’s use of the Services that is used by SecureLink in an aggregate and anonymized manner, including to compile statistical and performance information related to the provision and operation of the Services.  For the avoidance of doubt, SecureLink Materials includes (and Company Data excludes) Resultant Data and any other information reflecting the access or use of the Services by or on behalf of Company. In furtherance of the foregoing, Customer hereby unconditionally and irrevocably grants to SecureLink an assignment of all right, title, and interest in and to the Resultant Data.  Terms such as controller, processor, process or processing, data subject, data exporter, and data importer that are not defined in this Agreement shall have the meanings provided by applicable law.

4.2 SecureLink does not own any Company Data.  Company, not SecureLink, shall have sole responsibility for the accuracy, quality, integrity, legality, reliability, appropriateness, and intellectual property ownership or right to use of all Company Data and SecureLink shall not be responsible or liable for the deletion, correction, destruction, damage, or loss of any data that result from Company’s actions.  SecureLink is not responsible for restoring lost data or damage to Company Data that results from Company’s actions.  Company hereby grants to SecureLink a non-exclusive, fully-paid and royalty-free license to reproduce, distribute, perform, display and otherwise use the Company Data as necessary or reasonable to provide the Services to Company as described herein and to collect, compile and use De-identified information collected in the performance of the Services (“Benchmarking Statistics”), for the purpose of analyzing and reporting the effectiveness of and any trends in corporate ethics and compliance programs according to industry, company size, country, geographic region or other relevant classification or for other uses as SecureLink may decide. “De-identified information” means data or information that neither identifies nor provides a reasonable basis to identify a company or an individual, where, without limitation, the following identifiers have been removed: company names and the names of individuals, addresses, account numbers, social security numbers, phone numbers, e-mail address(es) and any other information which could reasonably be anticipated to identify, when taken in the aggregate, a specific company, organization or individual.  Company shall have no right to access or use SecureLink’s aggregate Benchmarking Statistics.  Company represents and warrants that: (i) Company owns or otherwise has the right to grant the license set forth in this section for the Company Data, (ii) the Company Data, and provision of Company Data to SecureLink under this Agreement, does not violate the privacy rights, publicity rights, copyright rights, or other rights of any person or entity, and (iii) Company shall use the Services in compliance with applicable laws.  

4.3 Data about data subjects such as Company users and/or Company employees, customers, contractors or affiliates that is recognized under law as “personal data” or equivalent terms and which is provided by or on behalf of Company to SecureLink in connection with the Services (“Personal Data”) may be processed in relation to this Agreement and includes information such as name, contact information (e.g. addresses, emails and telephone number), IP address, location, images, video and system, facility, device or equipment usage data. Unless set forth in a Subscription Order, Company Data may not include any sensitive or special data that imposes specific data security or data protection obligations on SecureLink in addition to or different from those specified in the Documentation or which are not provided as part of the Services. If laws of a jurisdiction recognize the roles of “controller” and “processor” as applied to Personal Data then, as between Company and SecureLink, Company acts as controller and SecureLink acts as processor (or sub-processor, as the case may be) of Company Data, SecureLink is controller of Resultant Data and Benchmarking Statistics, and SecureLink shall process Personal Data within Company Data on behalf of and in accordance with Company’s documented instructions, this Agreement and applicable laws and only to the extent, and for so long as necessary, to provide, protect, or develop the Services and perform rights and obligations under this Agreement. Company’s instructions shall be contained entirely within this Agreement and any applicable Subscription Order. Any additional instructions must be agreed to by Company and SecureLink in writing. For purposes of this Agreement, “sub-processor” means any processor engaged by SecureLink to process Personal Data on SecureLink’s behalf. 

4.4 Company authorizes SecureLink to share Personal Data with sub-processors located in any jurisdiction, provided SecureLink uses legally compliant transfer mechanisms and contractually requires them to abide by similar terms as those contained herein with regards to processing of Personal Data. SecureLink shall have no liability arising from processing of Personal Data in compliance with this Agreement. To assist Company in complying with applicable law, and to the extent required of SecureLink in accordance with applicable law, SecureLink shall: (a) where a data subject identifies Company as its controller, refer data subject requests to Company and reasonably assist Company with fulfilling such requests to the extent the Services do not enable Company to do so and provided Company follows SecureLink’s procedures for requesting such assistance including submitting a support ticket; (b) respond to Company inquiries and provide information regarding SecureLink’s compliance with applicable law and this Section 4 or reasonably assist with any legally-required impact assessments; and (c) verify compliance with SecureLink obligations in this Section 4 by first providing to Company for its review documentation regarding the same and, if such documentation is not reasonably sufficient to address Company’s inquiries, contribute to reasonable Personal Data audits as set forth in Section 4.6. Upon termination SecureLink shall delete or De-identify all Personal Data within Company Data, except if required or permitted by applicable law or for compliance, audit or security purposes. Company is solely responsible for determining whether the Service enables Company to comply with laws applicable to Company. 

4.5 If SecureLink processes Personal Data relating to data subjects in the European Economic Area (“EEA”), Switzerland or other applicable jurisdictions (“EU Personal Data”): (I) if SecureLink believes any instruction (as set forth in Section 4.3) will violate applicable privacy laws, or if applicable law requires SecureLink to process Personal Data relating to data subjects in the EEA or other applicable jurisdictions in a way that is not in compliance with Company’s documented instructions SecureLink shall notify Company in writing, unless the law prohibits such notification, and provided SecureLink is not responsible for performing legal research and/or for providing legal advice to Company; (II) SecureLink shall upon request make available the identity of sub-processors and notify intended addition or replacement sub-processors and Company has five business days to object. If Company objects on reasonable and objective grounds that the sub-processor does not or cannot comply with the requirements in Section 4 herein or applicable laws, Company and SecureLink will work together in good faith to find a mutually acceptable resolution to address such objection, including but not limited to reviewing additional documentation supporting the sub-processor’s compliance with this Section 4 or applicable laws. To the extent Company and SecureLink do not reach a mutually acceptable resolution within a reasonable timeframe, SecureLink will use reasonable efforts to change the Services for Company, or will recommend a commercially reasonable change to the Services to prevent the applicable sub-processor from processing the Company Data. If SecureLink is unable to make available such a change within a reasonable timeframe, Company shall have the right to terminate the relevant Services (a) in accordance with the termination provisions in the Agreement; (b) without liability to Company or SecureLink, and (c) without relieving Company from its payment obligations under the Agreement up to the date of termination. 

4.6 Where applicable cross-border transfers of EU Personal Data are required, the Standard Contractual Clauses for the transfer of personal data to processors established in third countries adopted by the European Commission in accordance with Decision 2010/87/EU (“SCC”)  shall be deemed to have been signed by Company or Company affiliates, in the capacity of “data exporter”, and by SecureLink, in the capacity of “data importer”. Details for Appendixes 1 and 2 of the SCCs are contained within this Section 4. SecureLink will maintain administrative, physical, and technical safeguards for protection of the security, confidentiality and integrity of Personal Data transferred to SecureLink, as further described in the security documentation made available to Company upon request. The SCCs shall govern to the extent of any conflict between the SCCs and this Agreement with regard to the transfer of Personal Data.

4.7 Company may, upon thirty (30) days prior written notice and at reasonable times, subject to requirements set forth in Section 4.4, audit (either by itself or using independent third party auditors) SecureLink’s compliance with the provisions in Section 4. SecureLink shall assist with and contribute to any audits conducted in accordance with this Section. Such audits may be carried out once per year, or more often if required by applicable law or Company’s applicable supervisory authority. Any third party engaged by Company to conduct an audit must be pre-approved by SecureLink (such approval not to be unreasonably withheld) and sign SecureLink’s confidentiality agreement. Company must provide SecureLink with a proposed audit plan at least two weeks in advance of the audit, after which Company and SecureLink shall discuss in good faith and finalize the audit plan prior to commencement of audit activities. Audits may be conducted only during regular business hours, in accordance with the finalized audit plan, and may not unreasonably interfere with SecureLink’s regular business activities. Each party shall bear its own costs in relation to any audit, provided Company shall reimburse SecureLink for any costs or expenses incurred by SecureLink in granting access to its data processing facilities. Information obtained or results produced in connection with an audit are SecureLink confidential information and may only be used by Company to confirm compliance with this Section 4 and complying with its requirements under applicable laws. 

4.8 In accordance with, and to the extent required by, applicable law, SecureLink shall put procedures in place designed to ensure that all persons acting under its authority entrusted with the processing of Personal Data (i) have committed themselves to keep Personal Data confidential and not to use such Personal Data for any other purposes except for the provision of the Services, or (ii) are under an appropriate statutory obligation of confidentiality. SecureLink shall implement reasonable and appropriate security measures designed to protect Personal Data from a Security Incident, including those measures set forth in this Article 4. If SecureLink becomes aware of and determines a Security Incident has occurred, SecureLink will to the extent required by applicable law: 

    1. notify Company of the Security Incident promptly, and at the latest within the time period specified by applicable law after such determination, at the contact information on file, where such notification shall describe (1) the nature of the Security Incident including where possible, the categories and approximate number of data subjects concerned and the categories and approximate number of Personal Data records concerned; (2) the reasonably anticipated consequence of the Security Incident; (3) measures taken to mitigate any possible adverse effects; and (4) other information concerning the Security Incident reasonably known or available to SecureLink that Company is required to disclose to a supervisory authority or data subjects under applicable laws; and
    2. investigate the Security Incident and provide such reasonable assistance to Company (and any law enforcement or regulatory official) as required to investigate the Security Incident.

For purposes of this Agreement, “Security Incident” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, any Personal Data that compromises the security, confidentiality or integrity of such Personal Data.

4.9 The SecureLink Systems are programmed to perform routine data backups in the form of daily snapshots. SecureLink may update this backup policy from time to time.  In the event of any loss, destruction, damage, or corruption of Customer Data caused by the SecureLink Systems or Services, SecureLink will, as its sole obligation and liability and as Customer’s sole remedy, use commercially reasonable efforts to restore the Customer Data from SecureLink’s then most current backup of such Customer Data. 

  1. Fees.

5.1 Fees.  Upon execution of the Subscription Order, Company will pay SecureLink the fees for the Services set forth in the Subscription Order for the first Contract Year.  “Contract Year” shall mean the first twelve month period immediately following the Effective Date and each subsequent twelve month period thereafter. The fees for each subsequent Contract Year will be calculated in accordance with the Subscription Order. SecureLink may invoice for each Contract Year beginning thirty days prior to the start of the Contract Year.  Fees are determined based on the usage of the Services during the preceding Contract Year.  Accordingly, any increase in Company’s use of the Services (e.g., more Concurrent Connections or use by more Vendors, as applicable) will require payment of additional fees for the subsequent Contract Year in accordance with the Subscription Order.  SecureLink may update the per-unit pricing for any Renewal Term (as defined below) by providing Company written notice at least ninety days prior to the end of the then-current Term. The per-unit pricing for each Contract Year during the Initial Term shall be increased as set forth in the Subscription Order.  The following terms may be used in the Subscription Order in calculating the applicable fees:

(i) “Average Peak Usage” for any given Contract Year means the number calculated by averaging the peak number of Concurrent Connections during the three highest months of the applicable Contract Year. 

(ii) “Concurrent Connections” means the total number of simultaneous connections on the Services at any one time.

(iii) Site” shall mean a single physical location unless otherwise defined in the Subscription Order.

(iv) A “Vendor” means a single entity using the Services to access Company’s systems.

5.2 Service Fees.  Company will pay any fees for Services provided by SecureLink in accordance with the Subscription Order. Company will reimburse SecureLink for any pre-approved, out-of-pocket expenses incurred by SecureLink in connection with performing any Services at Company’s site.

5.3 Payment of Fees.  All invoices are due within thirty days of receipt.  All fees and amounts set forth in this Agreement are exclusive of taxes.  Company shall be solely responsible for all sales, service, value-added, use, excise, consumption, and any other taxes, duties, and charges of any kind, if any, imposed by any federal, state, or local governmental entity on any amounts payable by Company under this Agreement, other than any taxes with respect to SecureLink’s income, revenues, gross receipts, personnel, real or personal property, or other assets.  Company shall pay interest on all amounts not paid when due, calculated daily and compounded monthly at the lesser of the rate of 1.5% per month or the highest rate permissible under applicable law.  Company shall also reimburse SecureLink for all reasonable costs incurred in collecting any amounts not paid when due, including any attorneys’ fees.

  1. Term and Termination.

6.1 Term.  The initial term of this Agreement will begin on the Effective Date and continue for the number of Contract Years indicated on the Subscription Order (the “Initial Term”).  This Agreement will automatically renew for subsequent one-year periods (each a “Renewal Term”) unless either Party gives the other Party written notice of termination at least sixty days prior to the end of the then-current Term.  The Initial Term together with all Renewal Terms are referred to in this Agreement as the “Term.”

6.2 Termination.  Either Party may terminate this Agreement by written notice if the other Party materially breaches this Agreement and fails to cure the breach within thirty days of receiving written notice specifying the breach in reasonable detail.

6.3 Effect of Termination.  Upon termination Company shall have no further right to access the Services or SecureLink Materials.  SecureLink will use commercially reasonable efforts to make Company Data available to Company to download in the format in which it is stored by SecureLink.

6.3 SurvivalSections 2.2, 2.3, 2.4, and 8.3, and Articles 4, 5, 6, 7, 9, 10 and 11 shall survive any termination or expiration of this Agreement, regardless of the cause of termination.

  1. Confidentiality.

7.1 Confidentiality.  “Confidential Information” means any confidential or proprietary information of a Party (the “Discloser”) that is disclosed in any manner to the other Party (the “Recipient”) in connection with this Agreement and that at the time of disclosure either (i) is marked as being “Confidential” or “Proprietary,” (ii) is otherwise reasonably identifiable as the confidential or proprietary information of Discloser, or (iii) under the circumstances of disclosure should reasonably be considered as confidential or proprietary information. SecureLink’s “Confidential Information” shall include all features and functionality of the Services or SecureLink Materials and the results of any benchmark or other tests of the Services or SecureLink Materials.  Recipient shall not disclose Discloser’s Confidential Information to any third party without Discloser’s prior written approval; provided, that, Recipient may disclose the Confidential Information to its employees, contract personnel, subcontractors, officers, directors, shareholders, consultants, agents, attorneys, accountants, or advisors (collectively, “Representatives”) who need to know such information for the purposes of this Agreement, provided that such Representatives shall be informed by Recipient of the confidential nature of the Confidential Information and shall have agreed in writing to terms and conditions as protective of the Confidential Information as those in this Agreement.  Recipient shall use the same procedures to protect Discloser’s Confidential Information as it uses to protect its own Confidential Information, but in any event no less than commercially reasonable procedures.

7.2 Exclusions.  The restrictions under Section 7.1 above shall not apply to information that: (i) Recipient independently develops without use of Discloser’s Confidential Information; (ii) was, at the time of disclosure, already known to Recipient without restriction on use or disclosure and was not obtained from Discloser; (iii) is lawfully disclosed to Recipient without restriction on use or disclosure by a third party who is not required to maintain its confidentiality; or (iv) is publicly available through no fault of the Recipient.

7.3 Ownership of Confidential Information.  The Confidential Information of Discloser is and will remain the property of Discloser.  Nothing in this Agreement grants or confers any rights to Recipient by license or otherwise in Discloser’s Confidential Information, except as expressly provided in this Agreement.

7.4 Remedies Upon Breach.  Recipient agrees that in the event of a breach or threatened breach of this Agreement, Discloser may have no adequate remedy in money damages and, accordingly, will be entitled to seek an injunction against such breach, in addition to any other legal or equitable remedies available to Discloser.

7.5 Legally Required Disclosure.  If Recipient is legally required to disclose any of Discloser’s Confidential Information, then it may do so provided that Recipient (i) provides prompt written notice to Discloser (to the extent permitted by law), (ii) provides all reasonably requested assistance to Discloser in attempting to limit the scope of the disclosure, and (iii) only discloses Discloser’s Confidential Information to the extent actually required by law.

  1. Warranties and Disclaimers.

8.1 Mutual Representations and Warranties.  Each Party represents and warrants that: (i) it has the legal power to enter into this Agreement; (ii) the signatory hereto has the authority to bind the applicable organization; and (iii) when executed and delivered, this Agreement will constitute the legal, valid, and binding obligation of such Party, enforceable in accordance with its terms, subject to bankruptcy, insolvency, moratorium, reorganization, or similar laws affecting the rights of creditors generally and the availability of equitable remedies.

8.2 Additional SecureLink Warranty.  SecureLink represents and warrants that the Services will conform to the Documentation in all material respects and that all Services will be performed in a professional and workmanlike manner.  COMPANY’S EXCLUSIVE REMEDY, AND SECURELINK’S ENTIRE LIABILITY, FOR ANY BREACH OF THIS SECTION 8.2 OR THE FAILURE OR UNAVAILABILITY OF THE SERVICES, IS LIMITED TO, AT SECURELINK’S OPTION, THE REPAIR OF ANY MATERIAL, REPRODUCIBLE IMPAIRMENT TO THE FEATURES AND FUNCTIONALITY IN THE SERVICES (OR DEFECTIVE PORTION OF THE SERVICES), REPERFORMANCE OF THE SERVICES, OR REFUNDING THE FEES PAID TO SECURELINK FOR THE DEFICIENT SERVICES FOR THE THEN-CURRENT CONTRACT YEAR, IN WHICH CASE, COMPANY SHALL IMMEDIATELY RETURN AND CEASE USE OF THE SERVICES.

8.3 DISCLAIMERS.  EXCEPT AS OTHERWISE SPECIFICALLY PROVIDED HEREIN AND TO THE MAXIMUM EXTENT PERMITTED BY LAW, SECURELINK EXPRESSLY DISCLAIMS ANY AND ALL WARRANTIES, CONDITIONS, REPRESENTATIONS, AND GUARANTEES WITH RESPECT TO THE SECURELINK MATERIALS AND THE SERVICES, WHETHER EXPRESS OR IMPLIED, ARISING BY LAW, USAGE OF TRADE, COURSE OF DEALING, COURSE OF PERFORMANCE, PRIOR ORAL OR WRITTEN STATEMENTS, OR OTHERWISE, INCLUDING ANY WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.  WITHOUT LIMITING THE FOREGOING, SECURELINK DOES NOT WARRANT (I) THAT THE SECURELINK MATERIALS OR THE SERVICES WILL BE FREE FROM ANY INTERRUPTIONS, DELAYS, INACCURACIES, SERVER DOWN-TIME, ERRORS, OR OMISSIONS, (II) THE PERFORMANCE OR RESULTS COMPANY MAY OBTAIN BY RECEIVING OR USING THE SERVICES OR THE SECURELINK MATERIALS, OR (III) THE SECURELINK MATERIALS OR THE SERVICES WILL MEET COMPANY’S REQUIREMENTS.  NO REPRESENTATION OR OTHER AFFIRMATION OF FACT, INCLUDING STATEMENTS REGARDING CAPACITY, SUITABILITY FOR USE, OR PERFORMANCE OF THE SECURELINK MATERIALS OR ANY SERVICES, NOT CONTAINED IN THIS AGREEMENT SHALL BE DEEMED TO BE A WARRANTY, CONDITION, REPRESENTATION, OR GUARANTY BY SECURELINK.  

  1. LIMITATIONS OF LIABILITY.

9.1 LIMITATION OF LIABILITY.  TO THE FULLEST EXTENT PERMITTED UNDER APPLICABLE LAW AND NOTWITHSTANDING ANYTHING TO THE CONTRARY IN THIS AGREEMENT OR ELSEWHERE: (I) IN NO EVENT SHALL THE AGGREGATE LIABILITY OF THE SECURELINK PARTIES (DEFINED BELOW) EXCEED THE AVERAGE ANNUAL SUMS PAID BY COMPANY TO SECURELINK HEREUNDER; (II) IN NO EVENT SHALL ANY SECURELINK PARTY BE LIABLE TO ANY COMPANY PARTY (DEFINED BELOW) OR THIRD PARTY FOR, AND COMPANY AND EACH COMPANY PARTY HEREBY WAIVES ANY CLAIM AGAINST ANY SECURELINK PARTY FOR, ANY INDIRECT, INCIDENTAL, PUNITIVE, CONSEQUENTIAL, EXEMPLARY, SPECIAL, LOSS OF DATA, OR LOST PROFITS DAMAGES OF ANY KIND (INCLUDING ANY LOST REVENUE, PROFITS, SAVINGS, BUSINESS OPPORTUNITIES, USE, OR GOODWILL) HOWEVER ARISING, REGARDLESS OF WHETHER SUCH DAMAGES ARE FORESEEABLE AND WHETHER SECURELINK HAS BEEN ADVISED OF THE POSSIBILITY OR LIKELIHOOD OF SUCH DAMAGES.  

THE LIMITATIONS OF LIABILITY ABOVE SHALL APPLY: (A) TO ALL CLAIMS IN THE AGGREGATE ARISING UNDER OR RELATING TO THIS AGREEMENT OR THE SUBJECT MATTER OF THIS AGREEMENT; (B) REGARDLESS OF THE LEGAL OR EQUITABLE THEORY UNDER WHICH THE CLAIM ARISES, INCLUDING BREACH OF CONTRACT, TORT (INCLUDING NEGLIGENCE), INDEMNITY, STRICT LIABILITY, OR OTHERWISE; (C) REGARDLESS OF WHETHER SECURELINK HAS BEEN ADVISED OF THE POSSIBILITY OR LIKELIHOOD OF SUCH DAMAGES; AND (D) REGARDLESS OF IF THE REMEDIES UNDER THIS AGREEMENT FAIL OF THEIR ESSENTIAL PURPOSE. THE LIMITATION OF LIABILITY IS AN AGGREGATE LIMIT AND WILL NOT BE INCREASED BY THE EXISTANCE OF MORE THAN ONE CLAIM.

THE DISCLAIMER OF WARRANTIES AND LIMITATIONS OF LIABILITY CONTAINED IN THIS AGREEMENT ARE FUNDAMENTAL PARTS OF THE BASIS OF SECURELINK’S BARGAIN HEREUNDER, AND COMPANY ACKNOWLEDGES THAT SUCH PROVISIONS REPRESENT A REASONABLE ALLOCATION OF RISK. 

9.2 Jurisdictions Preventing Limitation or Exclusion of Warranty or Liability. Since some states do not allow certain limitations or exclusions of warranties or liability, some or all of the limitations and exclusions set forth in Sections 8.3 and 9.1 above may be held unenforceable as applied to Company.  In such cases, SecureLink’s liability shall be limited to the greatest extent permitted under applicable law.

  1. Indemnification

10.1 Claims Related to the Service or Service Deliverable.  Provided that Company complies with the procedures set forth in Section 10.5 and subject to Section 10.2, SecureLink will, at SecureLink’s expense, defend and/or settle any claim, suit or proceeding brought by a third party against Company or Company’s officers, directors, employees, agents and affiliates (collectively, “Company Parties”) alleging that the Services, as provided by SecureLink, infringes any copyright, trademark, trade secret or patent protectable under U.S. law that is issued as of the date of this Agreement.  In addition, SecureLink will pay any judgment awarded against Company or any settlement amount agreed to by SecureLink and, subject to Section 10.5, any authorized expenses incurred by Company all in relation to the indemnified claim.  This indemnity shall be the Company’s exclusive remedy with respect to any claim of infringement.

10.2 Exclusions.  SecureLink will have no obligation under Section 10.1 with respect to any claim of infringement arising out of or based upon: (i) Company Data used with the Services or otherwise, (ii) use of the Services in any manner other than as expressly authorized and contemplated in this Agreement and the Documentation, (iii) the combination of the Services with any other software, hardware, material, or processes, or (iv) Company otherwise causing the Services to become infringing.

10.3 Injunction.  If SecureLink reasonably believes that a claim of infringement relating to the Services may arise, SecureLink may, without limiting SecureLink’s indemnity obligations hereunder, procure the right for Company to continue to use the Services or modify the Services in a functionally equivalent manner so as to avoid such claim of infringement.  If the foregoing options are not available on commercially reasonable terms and conditions, SecureLink may immediately terminate the Agreement and refund to Company a prorated amount of prepaid fees for access to the Services actually paid by Company for the remainder of the then-current Contract Year.  

10.4 Claims Related to Company Data.  Provided that SecureLink complies with the procedures set forth in Section 10.5, Company will, at Company’s expense, defend and/or settle any claim, suit or proceeding brought by a third party against SecureLink or SecureLink’s officers, directors, employees, agents and affiliates (collectively, “SecureLink Parties”) and arising out of or related to Company Data or any Company breaches of Sections 2.4 or 4.2.  In addition, Company will pay any judgment awarded against SecureLink or any settlement amount agreed to by Company and, subject to Section 10.5, any authorized expenses incurred by SecureLink all in relation to the indemnified claim.

10.5 Procedure.  If one Party (the “Indemnitee”) receives any notice of a claim or other allegation with respect to which the other Party (the “Indemnitor”) has an obligation of indemnity hereunder, then the Indemnitee will, within 15 days of receipt of such notice, give the Indemnitor written notice of such claim or allegation setting forth in reasonable detail the facts and circumstances surrounding the claim.  The Indemnitee will not make any payment or incur any costs or expenses with respect to such claim, except as requested by the Indemnitor or as necessary to comply with this procedure.  The Indemnitee will not make any admission of liability or take any other action that limits the ability of the Indemnitor to defend the claim.  The Indemnitor shall immediately assume the full control of the defense or settlement of such claim or allegation, including the selection and employment of counsel, and shall pay all authorized costs and expenses of such defense.  The Indemnitee will fully cooperate, at the expense of the Indemnitor, in the defense or settlement of the claim.  The Indemnitee shall have the right, at its own expense, to employ separate counsel and participate in the defense or settlement of the claim.  The Indemnitor shall have no liability for costs or expenses incurred by the Indemnitee, except to the extent authorized by the Indemnitor or pursuant to this procedure.

  1. General Provisions.

11.1 Relationship of the Parties; Third Party Beneficiaries.  This Agreement does not create a partnership, franchise, joint venture, agency, fiduciary, or employment relationship between the parties.  There are no third-party beneficiaries to this Agreement.

11.2 Force Majeure.  Neither Party is responsible for delays or failures to perform its responsibilities under this Agreement (other than payment of money due) due to causes beyond its reasonable control, including: acts of God; acts of government; flood; fire; earthquakes; tornadoes; civil unrest; acts of terror; strikes or other labor problems; computer, telecommunications, internet service provider, or hosting facility failures or delays involving hardware, software, or power systems; pandemic or disease; denial of service attacks; or power failures. 

11.3 Attorney’s Fees.  The prevailing Party in disputes concerning this Agreement shall be entitled to the costs of collections and enforcement, including but not limited to reasonable attorney’s fees, court costs and all necessary expenses.  Notwithstanding anything in this Agreement to the contrary, in the event of Company’s bankruptcy or insolvency, SecureLink will be entitled to recover from Company SecureLink’s costs and expenses, including, without limitation, reasonable attorneys’ fees and costs, that SecureLink incurs enforcing and/or otherwise protecting SecureLink’s rights and remedies under this Agreement or amendments and modifications thereto.

11.4 Company Trademarks.  Company agrees that SecureLink can list Company on SecureLink’s website as a customer of SecureLink and hereby grants SecureLink a limited, non-exclusive license to copy and display Company’s logo or trademark on SecureLink’s website in connection with its customer list.  SecureLink will provide samples of use upon request and will modify the use as reasonably requested by Company.

11.5 Notices.  Any notices or other communications required to be given in writing under this Agreement (“Notices”) shall be in writing and addressed to the parties at the addresses set forth in the Subscription Order (or to such other address that may be designated by the receiving party from time to time in accordance with this section). Notices must be delivered by personal or courier delivery (with all fees prepaid), or certified or registered mail (in each case, return receipt requested, postage prepaid).  Except as otherwise provided in this Agreement, a Notice is effective only upon receipt by the receiving party.

11.6 Waiver and Cumulative Remedies.  No failure or delay by either Party in exercising any right under this Agreement shall constitute a waiver of that right.  Other than as expressly stated herein, the remedies provided are in addition to, and not exclusive of, any other remedies available at law or in equity.

11.7 Invalidity.  If any provision of this Agreement is determined to be illegal or unenforceable, then the provision will be deemed to be restated to reflect as nearly as possible the original intentions of the parties in a manner that complies with applicable law.  The remainder of this Agreement, if capable of substantial performance, will remain in full force and effect.

11.8 Assignment.  Neither Party may assign this Agreement or any of its rights or obligations hereunder, whether by operation of law or otherwise, without the prior written consent of the other Party, which shall not be unreasonably withheld.  Notwithstanding the foregoing, SecureLink may assign this Agreement in its entirety, without the consent of Company, in connection with a merger, acquisition, corporate reorganization, or sale of all or substantially all of SecureLink’s assets.  Any attempt by a Party to effect an assignment in breach of this Section 11.8 shall be void.  Subject to the foregoing, this Agreement shall be binding upon and inure to the benefit of the parties, their respective successors, and permitted assigns.

11.9 GOVERNING LAW; VENUE.  THIS AGREEMENT, AND ALL CLAIMS ARISING OUT OF OR RELATING TO ITS SUBJECT MATTER, SHALL BE EXCLUSIVELY GOVERNED BY AND CONSTRUED UNDER THE INTERNAL LAWS OF THE STATE OF TEXAS, WITHOUT REGARD TO ITS CONFLICTS OF LAWS RULES.  THE UNITED NATIONS CONVENTION ON CONTRACTS FOR THE INTERNATIONAL SALE OF GOODS IS EXPRESSLY DISCLAIMED.  ANY ACTION, SUIT, OR OTHER LEGAL PROCEEDING THAT IS COMMENCED TO RESOLVE ANY MATTER ARISING UNDER OR RELATING TO THIS AGREEMENT SHALL BE COMMENCED AND MAINTAINED ONLY IN THE STATE AND FEDERAL COURTS LOCATED IN TRAVIS COUNTY, TEXAS.  COMPANY CONSENTS TO THE PERSONAL JURISDICTION OF SUCH COURTS AND HEREBY WAIVES ANY OBJECTION TO VENUE OF SUCH COURTS.

11.10 Case Study. Company agrees to reasonably cooperate with SecureLink to serve as a reference account upon request and to allow a case study to be developed about Company’s experience (e.g. in video or text form), which SecureLink may publish or otherwise use for marketing purposes. 

11.11 Entire Agreement; Amendment.  This Agreement, including the Subscription Order and these Terms and Conditions, constitutes the entire agreement between the parties with respect to the subject matter set forth herein, and supersedes all prior and contemporaneous agreements, proposals, or representations, written or oral, concerning its subject matter.  No terms, provisions, or conditions of any purchase order, acknowledgement, check, or other business form that Company may use in connection with the acquisition or licensing of the Service will have any effect on the rights, duties, or obligations of the parties under this Agreement, regardless of any failure of SecureLink to object to such terms, provisions, or conditions.  The Subscription Order and these Terms and Conditions shall be read together as a single agreement so as to give effect to all terms in both documents to the extent possible.  To the extent there is a direct conflict between this Agreement and the Subscription Order, these Terms and Conditions shall control except to the extent the Subscription Order explicitly states otherwise.  As used in this Agreement, the terms “including,” “include,” and “includes” are not limiting and shall be deemed to be followed by the phrase “without limitation.”  Use of the terms “hereunder,” “herein,” “hereby,” and similar terms refer to this Agreement.  No modification, amendment, or waiver of any provision of this Agreement shall be effective unless in writing and signed by both parties hereto.  

11.12 Export.  Company agrees to comply with all U.S. export and re-export control laws and regulations and the U.S. economic sanctions, including the Export Administration Regulations (“EAR”) administered by the U.S. Department of Commerce, the laws and regulations administered by the U.S. Department of the Treasury’s Office of Foreign Assets Control, and the International Traffic in Arms Regulations (“ITAR”) administered by the U.S. Department of State, and not cause SecureLink to violate the same.  Notwithstanding anything contained in this Agreement to the contrary, Company shall not export or import, directly or indirectly, the SecureLink Materials or information pertaining thereto to or from any country (such as Cuba, Iran, North Korea, Sudan, or Syria), to which such export or import is restricted or prohibited or as to which such government or any agency thereof requires a license or other governmental approval at the time of export or import without first obtaining such license or approval.  Furthermore, Company agrees to cooperate as requested by SecureLink to ensure compliance with any such export or import restrictions.  Company agrees to hold harmless and defend, to the fullest extent permitted by law, at SecureLink’s option, SecureLink and its successors and assigns from and against any fines, penalties, judgments, settlements, and reasonable documented costs, including attorney’s fees, that may arise as a result of a failure to comply with this Section 11.12 by Company’s agents, officers, directors or employees.

11.13 Governmental Use.  If Company is a branch or agency of the United States Government or a contractor thereto, then the following provision applies.  The SecureLink Materials are comprised of “commercial computer software” and “commercial computer software documentation” as such terms are used in 48 C.F.R. 12.212 (Sept. 1995) and are provided to the Government (i) for acquisition by or on behalf of civilian agencies, consistent with the policies set forth in 48 C.F.R. 12.212; or (ii) for acquisition on behalf of the Department of Defense consistent with the policies set for the in 48 C.F.R. 227.7202-1 (Aug. 1995) and 227.7202-3 (Aug. 1995).

close close