SUBSCRIPTION SERVICES AGREEMENT
Effective: February 10, 2022
THIS REACH SECURITY SUBSCRIPTION SERVICES AGREEMENT TOGETHER WITH ANY ACCEPTED REACH SECURITY ORDER FORM(S) (THIS "AGREEMENT") IS A BINDING LEGAL AGREEMENT BETWEEN THE CUSTOMER SPECIFIED IN THE ORDER FORM(S) (“CUSTOMER”). AND REACH SECURITY, INC., A DELAWARE CORPORATION ("REACH SECURITY"). BY AGREEING TO AN ORDER FORM INCORPORATING THIS AGREEMENT, CLICKING “I ACCEPT”, OR ACCESSING AND/OR USING THE REACH SECURITY SERVICE (AS DEFINED IN SECTION 1 BELOW), OR ANY PART THEREOF, AS AN AUTHORIZED REPRESENTATIVE OF THE CUSTOMER NAMED ON THE APPLICABLE ORDER FORM ON WHOSE BEHALF YOU ACCESS AND/OR USE THE REACH SECURITY SERVICE, YOU: (1) ARE INDICATING THAT YOU HAVE READ, UNDERSTAND AND ACCEPT THIS AGREEMENT, AND THAT YOU AGREE TO BE BOUND BY ITS TERMS, AND (2) REPRESENT THAT YOU HAVE THE AUTHORITY TO ENTER INTO THIS AGREEMENT AND TO USE THE REACH SECURITY SERVICE ON BEHALF OF THE CUSTOMER AND TO BIND CUSTOMER TO THE TERMS OF THIS AGREEMENT. IF YOU DO NOT AGREE WITH ALL OF THE TERMS OF THIS AGREEMENT OR DO NOT HAVE SUCH AUTHORITY, DO NOT ACCESS OR USE THE REACH SECURITY SERVICE. THE “EFFECTIVE DATE” OF THIS AGREEMENT SHALL BE THE DATE THAT THIS AGREEMENT IS ACCEPTED BY OR ON BEHALF OF THE CUSTOMER AS SET FORTH ABOVE.
- DEFINITIONS
1.1. “API” means Reach Security’s proprietary application programming interfaces (APIs) specified on the applicable Order Form, and any and all modified, updated, or enhanced versions thereof.
1.2. “Authorized Users” means employees and/or contractors of Customer who are authorized to use the Reach Security Service as authorized in this Agreement and subject to any applicable Usage Parameters.
1.3. “Customer Applications” means the security products, services and/or applications deployed in the Customer Environment owned and/or controlled by Customer.
1.4. “Customer Data” means all data and other information transmitted, uploaded and/or submitted by Customer and/or Authorized Users through the API and/or Platform or otherwise provided or made available by Customer and/or its Customer Users to Reach Security in connection with the use of the Reach Security Service. “Customer Data” does not include Operational Metrics.
1.5. “Customer Environment” means the network, infrastructure, digital system, facility or environment operated or managed by Customer as described in an Order Form.
1.6. “Documentation” means Reach Security’s then-current technical user manuals and/or documentation for the APIs, the Platform, and/or Implementation Code, as applicable, made available to Customer hereunder by Reach Security.
1.7. “Implementation Code” means any and all documentation, methodologies, network configurations and architectures, subroutines, procedures, processes, and/or software code included or contained in any Reports, together with any modifications, enhancements, and/or derivative works thereof, provided and/or made available by Reach Security to Customer under this Agreement as part of Customer’s Subscription.
1.8. “Intellectual Property Rights” means patents and patent applications, inventions (whether or not patentable), trademarks, service marks, trade dress, copyrights, trade secrets, know-how, data rights, specifications, mask-work rights, moral rights, author’s rights, and other intellectual property rights, as may exist now or hereafter come into existence, and all derivatives, renewals and extensions thereof, regardless of whether any of such rights arise under the laws of the United States or of any other state, country or jurisdiction.
1.9. “Operational Metrics” means statistics, metrics, analytics, and data regarding the performance and operation of the Software and/or Platform that Reach Security collects in connection with Customer’s and/or its Authorized Users’ use of the Software and/or Platform, and other operational and technical metrics necessary to manage and perform the Software and/or Platform.
1.10. “Order Form” means a written or electronic order form referencing this Agreement that is mutually agreed upon and entered into by the parties for Customer’s purchase of a Subscription, Professional Services, and/or other services from Reach Security under this Agreement.
1.11. “Platform” means Reach Security’s proprietary hosted platform, together with any modifications, enhancements, and/or derivative works thereof, which enables users to track and manage security risk assessments related to their internal security protocols and processes, as further described on the applicable Order Form.
1.12. “Professional Services” has the meaning given to such term in Section 2.5.
1.13. “Reach Security Service” means the Platform, API, Reports, Implementation Code, and/or Support made available and/or provided by Reach Security to Customer as part of or in connection with the Subscription purchased by Customer under this Agreement.
1.14. “Reports” means the security risk assessment and health check reports generated through the Platform as further described on the applicable Order Form.
1.15. “Software” means individually and collectively, (a) the API, (b) the Implementation Code, and (c) the software used to operate the Platform and any and all modified, updated, or enhanced versions thereof.
1.16. “Subscription” means a subscription license purchased by Customer hereunder for access and use of the components and features of the Reach Security Service as specified on the applicable Order Form during the applicable Subscription Term.
1.17. “Subscription Term” means the subscription term specified on the applicable Order Form.
1.18. “Support” has the meaning given to such term in Section 2.4.
1.19. “Usage Parameters” means the maximum number of permitted users and/or seats for the use of the Platform specified on the applicable Order Form(s), and any other parameters specified in the applicable Documentation, Order Form, or in writing by Reach Security regarding the scope of use of the Reach Security Service (or any part thereof), Implementation Code, and/or Reports by Customer and/or its Authorized Users.
- ACCESS AND USE OF THE REACH SECURITY SERVICE
2.1. Rights and Licenses
(a) APIs and Platform. Subject to the terms and conditions of this Agreement (including payment of applicable fees), Reach Security grants to Customer a non-exclusive, non-sublicensable, non-transferable limited right during the applicable Subscription Term to permit Authorized Users to (i) use the API specified in the Order Form to enable the Customer Environment to interact with and connect to the Platform, solely through the calls and commands explicitly covered in the API and/or Documentation, (ii) access and use the Platform specified in the Order Form, over the internet, to access, view and download Reports, and to manage and assess the Customer Environment, Customer Applications, and Customer’s internal security protocols and processes, and (iii) reproduce and use a reasonable number of copies of the applicable Documentation in support of the exercise of the licenses and rights granted in this Section 2.1(a).
(b) Reports and Implementation Code. Subject to the terms and conditions of this Agreement, Reach Security grants to Customer a limited, personal, perpetual, revocable, non-exclusive, non-sublicensable, non-transferable limited license to (i) use the Reports downloaded through the Platform during the Subscription Term, solely to the extent necessary to manage and assess the Customer Environment, Customer Applications, and Customer’s internal security protocols and processes, and (ii) implement and deploy the Implementation Code solely in the Customer Environment. For the avoidance of doubt, the licenses granted to Customer in this Section 2.1(b) do not permit or grant any continued right to access or use the Platform following termination or expiration of this Agreement or the applicable Order Form. Customer is solely responsible for downloading Reports prior to such termination or expiration. The licenses granted in this Section 2.1(b) shall automatically terminate (without any requirement for Reach Security to provide notice) upon termination of this Agreement for Customer’s breach, or if Customer at any time is in violation of the scope of license grant and/or the use limitations or restrictions set forth in this Agreement with respect to the Reports and/or Implementation Code. Upon termination of the license grants as set forth above, Customer shall immediately cease, and ensure its Authorized Users’ cease, any and all use of the Reports and Implementation Code, and Customer shall destroy all copies of the Reports and Implementation Code, including, without limitation, permanently deleting the Implementation Code (and any copies thereof) from the Customer Environment.
(c) Use Limitations. The licenses granted to Customer under this Section 2.1 are limited to Customer’s use of the Platform, APIs, Documentation, Reports, and/or Implementation Code (as applicable), solely for Customer’s internal non-commercial purposes, in accordance with this Agreement and the applicable Documentation, and subject to any applicable Usage Parameters.
2.2. Trial Version. Notwithstanding Section 2.1, if Customer has obtained the Reach Security Service (or any component thereof) on a trial basis as specified on the applicable Order Form (the “Trial Version”), Customer understands and agrees that the applicable licenses and rights set forth in Section 2.1 are granted by Reach Security to Customer for the Trial Version solely for the trial period set forth in the applicable Order Form (“Trial Period”) for Customer’s own internal evaluation purposes, and subject to any and all technical limitations implemented by Reach Security in the Trial Version. Customer acknowledges and agrees that, unless otherwise specified in the applicable Order Form, if Customer has not purchased a Subscription prior to the expiration of the Trial Period, this Agreement will automatically terminate (without the requirement of providing any termination notice) and the Trial Version may cease functioning. NOTWITHSTANDING ANYTHING IN THIS AGREEMENT TO THE CONTRARY, CUSTOMER ACKNOWLEDGES AND AGREES THAT THE TRIAL VERSION IS PROVIDED “AS-IS’ AND WITHOUT ANY WARRANTY WHATSOEVER OR ANY SUPPORT OR OTHER SERVICES (INCLUDING ANY UPDATES OR UPGRADES).
2.3. Restrictions. Customer shall not, and shall not permit any third party (including, without limitation, any Authorized Users) to: (a) use the Reach Security Service (or any part or component thereof) or allow access to it, in a manner that circumvents contractual usage restrictions or that exceeds any applicable Usage Parameters; (b) license, sub-license, sell, re-sell, rent, lease, transfer, distribute, time share or otherwise make any portion of the Reach Security Service (or any part or component thereof) available for access by third parties except as otherwise expressly provided in this Agreement; (c) access or use the Reach Security Service (or any part or component thereof) and/or Professional Services for the purpose of developing competitive products or services; (d) reverse engineer, decompile, disassemble, copy, or otherwise attempt to derive source code or other trade secrets, or any underlying ideas, algorithms and/or technology from or about the Software (or any part thereof); (e) use the Reach Security Service (or any part thereof) in a way that violates or infringes upon the rights of a third party, including those pertaining to: contract, intellectual property, privacy, or publicity; (f) use any aspect of the Software and/or Platform, or any components or functionality thereof, other than those specifically identified in the applicable Order Form, even if technically possible; (g) remove, alter, or obscure in any way any proprietary rights notices (including copyright notices) of Reach Security or its suppliers on or within the Platform, Software, Reports and/or Documentation; (h) interfere with or disrupt the integrity or performance of the Software (or any part therefor), or any system, network or data or cause or aid in the cause of the destruction, manipulation, removal, disabling, or impairment of any portion of the Platform and/or Software; (i) attempt to gain unauthorized access to the Platform and/or Software (or any part thereof), or its related systems or networks or attempt to disable or circumvent any security mechanisms used by the Reach Security Service (including, without limitation, any time-control disabling functionality or other mechanisms in the Trial Version); (j) frame or utilize framing techniques to enclose the Software and/or Platform or any portion thereof; (k) use any meta tags, "hidden text", robots, spiders, crawlers, or other tools, whether manual or automated, to collect, scrape, index, mine, republish, redistribute, transmit, sell, license or download the Software, Platform, Reports (or any part thereof), content, and/or the personal information of others without Reach Security’s prior written permission or authorization; (l) use the Software and/or Platform to store or transmit any malicious or unsolicited code or software, or store, transmit or upload any material and/or content that violates any third party’s intellectual property rights and/or privacy rights; (m) impersonate any person or entity, use a fictitious name, or falsely state or otherwise misrepresent Customer’s affiliation with any person or entity; or (n) use the Reach Security Service (or any part thereof), or transmit Customer Data, in any manner that violates in any law, rule, regulation or any other legal or regulatory requirement imposed by any regulatory or government agency, including, without limitation, export laws and regulations. Customer agrees that it shall not permit any person other than Authorized Users to access and use the Reach Security Service (or any part or component thereof), and shall ensure that Authorized Users use the Reach Security Service solely in accordance with this Agreement and the applicable Usage Parameters. Customer is solely responsible for the use of the Reach Security Service by Authorized Users, and any breach of this Agreement by any Authorized User will be deemed a breach by Customer.
2.4. Support. During the applicable Subscription Term (subject to Customer’s payment of applicable fees), Reach Security will use commercially reasonable efforts to provide Customer remote technical support services by email or phone during Reach Security’s normal business hours (8am-5pm Pacific, Monday through Friday, excluding holidays) for Customer’s use of the API and/or Platform (“Support”) in accordance with Reach Security’s then current Support terms and conditions.
2.5. Professional Services. Subject to the terms and conditions of this Agreement (including the payment of applicable fees), Reach Security will provide to Customer, the technical, integration, implementation, and/or other professional services specified in the applicable Order Form and/or a statement of work mutually agreed upon and executed by both parties (each such statement of work, a “Statement of Work,” and such services, the “Professional Services”). The scope, timeline and tasks of the parties with respect to the Professional Services shall be as specified in the Order Form or Statement of Work, as applicable. Each Statement of Work shall be incorporated into and made a part of this Agreement upon execution. If any terms of a Statement of Work conflict with the terms of this Agreement, the terms of this Agreement will govern unless the Statement of Work specifically cites the section of this Agreement it is modifying or deleting.
2.6. Third Party Software. Reach Security may in its sole discretion, make available third party software and/or open source software components (collectively, “Third Party Software”) embedded in, or otherwise provided with, the Software. Third Party Software is expressly excluded from the defined term “Software” as used throughout this Agreement. Third Party Software is not licensed under this Agreement and Customer’s use of such Third Party Software is subject to the applicable third party license terms which are available to Customer on request from Reach Security. Customer is solely responsible for its compliance with the licenses and other terms and agreements applicable to the Third Party Software and for determining if Customer is permitted to use the Third Party Software in connection with any Customer Application and/or the Customer Environment, if applicable.
- CUSTOMER DATA
3.1. Customer Data. As between the parties, Customer shall retain all right, title and interest in and to Customer Data. Customer hereby grants to Reach Security a worldwide, royalty-free, non-exclusive license to use (including through the use of subcontractors) the Customer Data solely to the extent to provide Customer the Reach Security Service and other services hereunder. Customer represents and warrants that it has all the rights necessary to grant the licenses granted herein to Reach Security in and to such Customer Data. Customer represents and warrants that, with respect to any Customer Data (including, without limitation, any Personal Data), transmitted, hosted, stored or processed in connection with the use of the Platform and/or otherwise provided or made available to Reach Security in connection with the Reach Security Service (a) Customer is in compliance with all Data Protection Laws, and (b) Customer has obtained all permissions and/or approvals from each applicable data source as may be necessary or required to transmit such data through the Platform, and/or provide or make available such data to Reach Security hereunder.
3.2. Personal Data. To the extent any Customer Data includes any personally identifiable information (“Personal Data”), which is subject to any applicable data protection laws and/or regulations (“Data Protection Laws”), Customer acknowledges and agrees that as between Customer and Reach Security, Customer is the data controller and/or business and Reach Security is merely a data processor and/or service provider as such terms are defined pursuant to Data Protection Laws. At Reach Security’s request Customer agrees to execute and/or enter into any documents, agreements, statements, or policies deemed necessary or appropriate by Reach Security in its discretion to comply with any Data Protection Laws with respect to any Personal Data. Personal Data provided to, or collected by, Reach Security in connection with Reach Security Service shall only be used in accordance with this Agreement
- CUSTOMER OBLIGATIONS
4.1. Customer Assistance. Customer will provide reasonable assistance and support to Reach Security in the provision of the Reach Security Service and/or performance of any services under this Agreement, including, without limitation, any assistance and/or support specified in an Order Form and/or Statement of Work and any other materials, personnel and access (including, if applicable, remote access) to Customer systems and premises as reasonably requested by Reach Security to provide the Reach Security Service, Professional Services, and/or any other services hereunder.
4.2. Third Party Integrations. The Platform may allow Customer to integrate with and/or connect to and use certain third party products, services or software (including, without limitation, data products and services) which are subject to separate terms and conditions (collectively, “Third Party Integrations”). If Customer decides to access and use such Third Party Integrations, Customer’s use of such Third Party Integrations is governed solely by the terms and conditions of such Third Party Integrations, and Reach Security does not endorse, is not responsible for, and makes no representations as to such Third Party Integrations, their content or the manner in which they handle Customer’s and/or its Authorized Users’ data. Reach Security is not liable for any damage or loss caused or alleged to be caused by or in connection with Customer’s and/or any Authorized Users’ access or use of any such Third Party Integrations, or Customer’s reliance on the privacy practices or other policies of such Third Party Integrations. REACH SECURITY DOES NOT WARRANT, ENDORSE, GUARANTEE OR ASSUME RESPONSIBILITY FOR ANY THIRD PARTY PRODUCTS OR SERVICES (INCLUDING, BUT NOT LIMITED TO, THIRD-PARTY INTEGRATIONS), AND REACH SECURITY WILL NOT BE A PARTY TO, OR IN ANY WAY MONITOR, ANY TRANSACTION BETWEEN CUSTOMER AND ANY THIRD-PARTY PROVIDERS OF SUCH THIRD PARTY PRODUCTS OR SERVICES AND/OR THIRD PARTY INTEGRATIONS.
- REACH SECURITY PROPRIETARY RIGHTS
5.1. Proprietary Rights. As between Reach Security and Customer, Reach Security or its licensors retain all right, title and interest in and to any and all Intellectual Property Rights in and to the Reach Security Service, and all components thereof, including, without limitation, the Platform, Software and Reports (but excluding any Customer Data contained in any Reports), and any and all modifications, enhancements and/or improvements thereto. Reach Security reserves all rights and licenses not expressly granted to Customer in Sections 2.1 and 2.2 and no implied license or right is granted by Reach Security. Title to the Software shall not pass from Reach Security to Customer, and the Software and all copies thereof shall at all times remain the sole and exclusive property of Reach Security.
5.2. Operational Metrics. Reach Security monitors and collects Operational Metrics for its own business purposes, such as improving, testing, and maintaining the Software and Platform, and developing additional products and services. Customer grants to Reach Security a non-exclusive, irrevocable, transferable, worldwide, and royalty-free license to collect, analyze and use Operational Metrics relating to its delivery of the Software and Platform, that are derived from, or related to, Customer Data, including the generation of reports for internal, external, and public use, and to use Operational Metrics for Reach Security’s internal business purposes. Reach Security may only publicly distribute Operational Metrics in aggregate, non-personally identifiable form that cannot be used to identify Customer or any individual Authorized User.
5.3. Feedback. To the extent Customer and/or any Authorized User provides any suggestions and feedback to Reach Security regarding the functioning, features, and other characteristics of the Reach Security Service (or any part thereof) and/or other materials or services provided or made available by Reach Security hereunder (“Feedback”), Customer hereby grants Reach Security a perpetual, irrevocable, non-exclusive, royalty-free, fully-paid-up, fully-transferable, worldwide license (with rights to sublicense through multiple tiers of sublicensees) under Customer’s and its licensors’ Intellectual Property Rights to use and exploit such Feedback in any manner and for any purpose.
- FEES; PAYMENT TERMS
6.1. Subscription Fees. The fees payable by Customer for the Subscription will be set forth in the applicable Order Form (the “Subscription Fees”). Unless otherwise set forth on the Order Form, the Subscription Fees will remain fixed during each Subscription Term unless Customer at any time during the applicable Subscription Term (a) exceeds the applicable Usage Parameters, or (b) Customer increases the Usage Parameters or the Support level, or subscribes to additional features, services or products. Upon any increase in fees pursuant to clause (a) or (b) above, Customer shall pay the Subscription Fees for such increase, pro-rated for the remainder of Customer’s then-current Subscription Term.
6.2. Professional Services. Unless the fees for Professional Services specified in any Order Form or Statement of Work are set forth in that Order Form or Statement of Work, as applicable, the fees payable to Reach Security for Professional Services shall be based on a time and materials basis at Reach Security’s then-current rates for such Professional Services.
6.3. Payment Terms. Unless otherwise set forth on the Order Form, the Subscription Fees are due and payable in advance. The fees due for Professional Services shall be due and payable to Reach Security within thirty (30) days after the date of the applicable invoice for such fees, unless otherwise set forth on the applicable Order Form and/or Statement of Work (as applicable). Customer agrees to pay interest at the rate of 1.5% per month (or the maximum rate allowed by applicable law, whichever is lower) on amounts more than thirty (30) days past due, and to pay all reasonable costs, including attorneys’ fees and costs, associated with Reach Security’s collection of past due amounts. In addition, Reach Security reserves the right to suspend any or all services (including access to the API and/or Platform) hereunder if payments are more than thirty (30) days past due. All amounts due hereunder are non-refundable and non-cancelable, and will be paid in U.S. dollars.
6.4. Taxes. The fees are exclusive of all applicable sales, use, value-added and other taxes, or other similar charges, and Customer will be responsible for payment of all such taxes (other than taxes based on Reach Security’s income), and any related penalties and interest, arising from the payment of the fees, the delivery of the Reach Security Service, or performance of any services by Reach Security.
6.5. Changes to Fees. Reach Security may change its fees and payment terms at its discretion; provided however, that such changes will not take effect for Customer until the start of the next Subscription Term (as specified in the applicable Order Form). Reach Security will provide written notice to Customer of any changes to the fees that affect the Subscription purchased by Customer hereunder.
- TERM AND TERMINATION
7.1. Term of Agreement. Unless earlier terminated in accordance with the terms of this Agreement, the term of this Agreement will commence on the Effective Date and will continue until the date of expiration or termination of the last Subscription Term.
7.2. Order Forms; Subscriptions. Each Order Form shall commence on the effective date and continue for the Subscription Term, each as set forth therein, and will automatically renew for additional successive terms equal in duration to the initial Subscription Term, unless at least thirty (30) days before the end of the then-current Subscription Term either party provides written notice of non-renewal to the other party. Each Subscription, and (subject to Section 6.5) the corresponding periodic Subscription Fees set forth in an Order Form, shall automatically renew for successive terms equal in duration to the initial Subscription Term, unless the Order Form is terminated as set forth above.
7.3. Termination for Cause. Either party may terminate this Agreement immediately upon written notice if the other party breaches its obligations under this Agreement and does not remedy such breach within thirty (30) days of the date on which the breaching party receives written notice of such breach from the non-breaching party. Either party may terminate this Agreement in its entirety upon written notice if the other party becomes the subject of a petition in bankruptcy or any proceeding related to its insolvency, receivership or liquidation, in any jurisdiction, that is not dismissed within sixty (60) days of its commencement, or makes an assignment for the benefit of creditors.
7.4. Effect of Termination. If this Agreement expires or is terminated for any reason: (a) Customer will pay to Reach Security any amounts that have accrued before, and remain unpaid as of, the effective date of termination, for the Reach Security Service, including, without limitation, any fees payable for Professional Services performed by Reach Security to Customer prior to the effective date of the expiration or termination; (b) any and all liabilities of either party to the other party that have accrued before the effective date of the expiration or termination will survive; (c) except as otherwise set forth in, and subject to, Section 2.1(b), all rights and licenses granted to Customer under this Agreement shall immediately terminate and Customer shall immediately cease, and ensure its Authorized Users’ cease, any and all use of the Reach Security Service; and (d) Reach Security’s obligations to perform Support, Professional Services and/or any other services hereunder shall immediately terminate.
7.5. Survival. The following Section shall survive any termination or expiration of this Agreement: 1, 2.1(b), 2.1(c), 2.3, 4, 5, 6, 7.4, 7.5, 8, 9, 10, 11, 12.1, and 13 through 20 (inclusive).
- DISCLAIMER. THE REACH SECURITY SERVICE (AND ALL PARTS AND COMPONENTS THEREOF), PROFESSIONAL SERVICES, AND ANY OTHER MATERIALS OR SERVICES PROVIDED BY REACH SECURITY HEREUNDER ARE PROVIDED TO CUSTOMER ON AN “AS IS” BASIS, WITH ANY AND ALL FAULTS, AND WITHOUT ANY WARRANTY OF ANY KIND. REACH SECURITY EXPRESSLY DISCLAIMS ALL REPRESENTATIONS, WARRANTIES AND CONDITIONS WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, ANY IMPLIED WARRANTIES OF TITLE, MERCHANTABILITY, SATISFACTORY QUALITY, FITNESS FOR A PARTICULAR PURPOSE OR NONINFRINGEMENT OF THIRD PARTY RIGHTS. REACH SECURITY DOES NOT WARRANT OR MAKE ANY GUARANTEE THAT DEFECTS WILL BE CORRECTED OR THAT THE REACH SECURITY SERVICE (OR ANY PART OR COMPONENT THEREOF), PROFESSIONAL SERVICES, OR ANY OTHER MATERIALS OR SERVICES PROVIDED BY REACH SECURITY: (A) WILL MEET CUSTOMER’S AND/OR ANY AUTHORIZED USERS’ REQUIREMENTS; (B) WILL BE COMPATIBLE WITH THE CUSTOMER ENVIRONMENT, CUSTOMER’S OR ANY AUTHORIZED USERS’ NETWORK, COMPUTER, MOBILE DEVICE AND/OR TABLET, OR ANY THIRD PARTY PRODUCTS OR SERVICES INCLUDING, WITHOUT LIMITATION, ANY THIRD PARTY INTEGRATIONS AND/OR CUSTOMER APPLICATIONS; (C) WILL BE AVAILABLE ON AN UNINTERRUPTED, TIMELY, SECURE OR ERROR-FREE BASIS; OR (D) WILL BE ACCURATE OR RELIABLE.
- EXCLUSIONS. Notwithstanding anything in this Agreement to the contrary, Reach Security will have no responsibility or liability of any kind under this Agreement, arising or resulting from: (a) problems caused by failed Internet connections or other hardware, software or equipment which is not owned, controlled or operated by Reach Security; (b) nonconformities resulting from Customer’s, its Authorized Users’, or any third party’s misuse, abuse, negligence, or improper or unauthorized use of all or any part of the Reach Security Service, Support, Professional Services, and/or other services provided hereunder by Reach Security; (c) modification, amendment, revision, or change to the Software, Platform, Reports, and/or Documentation by any person other than Reach Security; or (d) any other factor outside of Reach Security’s reasonable control.
- INDEMNIFICATION
10.1. By Reach Security. Reach Security hereby agrees to indemnify, defend and hold harmless Customer from and against any and all liability and costs (including, without limitation, attorneys’ fees and costs) incurred by Customer in connection with any actual or alleged claim made by a third party against Customer arising from or relating to: (a) Customer’s use of the Software as authorized herein infringing or misappropriating a third party’s copyright, trade secret or patent issued as of the Effective Date (except to the extent Customer is responsible for the event giving rise to Reach Security’s liability under this Section 10.1); and/or (b) Reach Security’s gross negligence, willful misconduct, or fraudulent misrepresentation. Reach Security shall have no indemnity obligation to the extent that the infringement arises out of or is based on: (i) Customer’s continued allegedly infringing activity after being notified thereof or after being informed of modifications that would have avoided the alleged infringement; (ii) any Third Party Software, Third Party Integrations, Customer Applications, and/or Customer Data; (iii) Customer’s or any Authorized User’s use of the Software other than in accordance with this Agreement or the applicable Documentation; (iv) Customer’s combination or use of the Software with products, services, software and/or hardware not provided by Reach Security; (v) modifications of the Software by anyone other than Reach Security; or (vi) any Trial Version or any Reach Security products and/or services provided on a “free” or “beta” basis (including, without limitation, the Reach Security Service offered under a “free” subscription plan). If Customer’s use of any Software is enjoined or Reach Security reasonably believes Customer’s use of any Software may be enjoined, Reach Security may elect to obtain a license for Customer to continue using, or modify, the Software so that it no longer infringes. THE FOREGOING SHALL BE CUSTOMER’S SOLE AND EXCLUSIVE REMEDY AND REACH SECURITY’S SOLE AND EXCLUSIVE OBLIGATION WITH RESPECT TO ANY CLAIM OF INTELLECTUAL PROPERTY INFRINGEMENT AND/OR MISAPPROPRIATION.
10.2. By Customer. Customer hereby agrees to indemnify, defend and hold harmless Reach Security and its parents, affiliates, subsidiaries, licensors, and third party service providers, and its and their respective officers, directors, employees, agents, representatives, and contractors (each, a “Reach Security Party”), from and against any and all liability and costs (including, without limitation, attorneys’ fees and costs) incurred by any Reach Security Party in connection with any actual or alleged claim arising out of, or relating to: (a) Customer’s or any Authorized Users’ breach of this Agreement and/or any terms and conditions or other agreement applicable to any Third Party Software and/or Third Party Integrations; (b) Customer’s or its Authorized Users’ use of the Reach Security Service and/or any Professional Services; (c) Customer Data or a violation of any applicable privacy law, rule or regulation by Customer; and/or (d) Customer’s gross negligence, fraudulent misrepresentation or willful misconduct or violation of any applicable laws, rules, regulations.
10.3. Procedure. The party to be indemnified under Section 10.1 or 10.2, as applicable, (the “Indemnitee”) shall (a) promptly notify the party obligated to indemnify the Indemnitee under Section 10.1 or 10.2, as applicable, (the “Indemnitor”) in writing of any Claim asserted against the Indemnitee, (b) give the Indemnitor sole control of the defense thereof, and, (c) at the Indemnitor’s reasonable request and expense, cooperate and assist in such defense. The Indemnitee shall promptly deliver to the Indemnitor the original or a true copy of any summons or other process, pleading, or notice issued or served in any suit or other proceeding to assert or enforce any such Claim. Under no circumstances shall the Indemnitor enter into any settlement that involves an admission of liability, negligence or other culpability of any Indemnitee or requires any Indemnitee to contribute to the settlement without the Indemnitee’s prior written consent. Any Indemnitee may participate and retain its own counsel at its own expense.
- LIMITATION OF LIABILITY. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL REACH SECURITY BE LIABLE OR OBLIGATED, WITH RESPECT TO THIS AGREEMENT, THE REACH SECURITY SERVICE (OR ANY PART THEREOF), PROFESSIONAL SERVICES, AND ANY OTHER MATERIALS AND/OR SERVICES PROVIDED BY REACH SECURITY, WHETHER UNDER ANY CONTRACT, NEGLIGENCE, STRICT LIABILITY OR OTHER LEGAL OR EQUITABLE THEORY AND EVEN IF REACH SECURITY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH LIABILITY OR OBLIGATION: (A) IN THE AGGREGATE, FOR ANY AMOUNTS IN EXCESS OF THE GREATER OF (I) THE FEES PAID OR PAYABLE BY CUSTOMER TO REACH SECURITY UNDER THE APPLICABLE ORDER FORM AND/OR STATEMENT OF WORK FOR THE REACH SECURITY SERVICE AND/OR PROFESSIONAL SERVICES (AS APPLICABLE) GIVING RISE TO THE LIABILITY DURING THE 12 MONTH PERIOD IMMEDIATELY PRIOR TO THE CAUSE OF ACTION, OR (II) ONE HUNDRED DOLLARS ($100); (B) FOR ANY COST OF PROCUREMENT OF SUBSTITUTE GOODS, TECHNOLOGY, SERVICES OR RIGHTS; (C) FOR ANY INCIDENTAL, SPECIAL, EXEMPLARY, PUNITIVE, RELIANCE, OR CONSEQUENTIAL DAMAGES; (D) FOR INTERRUPTION OF USE OR LOSS OR CORRUPTION OF DATA; OR (E) FOR ANY MATTER BEYOND REACH SECURITY’S REASONABLE CONTROL. THE PARTIES AGREE THAT THESE LIMITATIONS SHALL APPLY EVEN IF THIS AGREEMENT OR ANY LIMITED REMEDY SPECIFIED HEREIN IS FOUND TO HAVE FAILED OF ITS ESSENTIAL PURPOSE. THE PARTIES AGREE THAT THIS SECTION 11 REPRESENTS A REASONABLE ALLOCATION OF RISK AND THAT REACH SECURITY WOULD NOT PROCEED IN THE ABSENCE OF SUCH ALLOCATION. THIS ALLOCATION OF RISK IS AN ESSENTIAL ELEMENT OF THE BASIS OF THE BARGAIN BETWEEN THE PARTIES.
- CONFIDENTIALITY; PUBLICITY
12.1. Confidentiality. “Confidential Information” means any proprietary information received by the other party during, or prior to entering into, this Agreement that a party should know is confidential or proprietary based on the circumstances surrounding the disclosure. Confidential Information of Reach Security shall include the fees payable hereunder, Software, Documentation, Reports, Feedback, and any non-public technical and business information regarding the Reach Security Service (or any part thereof). Confidential Information does not include information that (a) is or becomes generally known to the public through no fault of or breach of this Agreement by the receiving party; (b) is rightfully known by the receiving party at the time of disclosure without an obligation of confidentiality; (c) is independently developed by the receiving party without use of the disclosing party’s Confidential Information; or (d) the receiving party rightfully obtains from a third party without restriction on use or disclosure. The receiving party of any Confidential Information of the other party will maintain the confidentiality of Confidential Information and further agrees not to use such Confidential Information for any purpose except as necessary to fulfill its obligations and exercise its rights under this Agreement. The receiving party shall protect the secrecy of and prevent disclosure and unauthorized use of the disclosing party's Confidential Information using the same degree of care that it takes to protect its own confidential information and in no event shall use less than reasonable care. The receiving party may disclose the Confidential Information of the disclosing party if required by judicial or administrative process, provided that the receiving party first provides to the disclosing party prompt notice of such required disclosure to enable the disclosing party to seek a protective order. The Receiving Party shall promptly return or destroy, at the Disclosing Party’s request, the Disclosing Party’s Confidential Information (including all copies thereof) in each party’s possession or control. and agrees, at the Disclosing Party’s request, to certify that it has complied with the foregoing requirements. Neither party will disclose any terms of this Agreement to anyone other than its attorneys, accountants, and other professional advisors under a duty of confidentiality except: (i) as required by applicable law, or (ii) in connection with a proposed merger, financing, or sale of such party’s business (provided that any third party to whom the terms of this Agreement are to be disclosed is under a duty of confidentiality).
12.2. Publicity. During the term of this Agreement, Customer hereby agrees that Reach Security shall have the right, but not the obligation, to include Customer’s name and logo as a customer who uses the Reach Security Service on Reach Security’s websites and in other marketing materials promoting the Reach Security Service.
- GOVERNING LAW; VENUE. This Agreement shall be governed by, construed and enforced in accordance with, the laws of the State of California, without reference to its choice of law rules to the contrary. The United Nations Convention on Contracts for the International Sale of Goods in its entirety is expressly excluded from this Agreement. Furthermore, this Agreement (including without limitation, the Platform, Software, and any services provided hereunder) will not be governed or interpreted in any way by referring to any law based on the Uniform Computer Information Transactions Act (UCITA) or any other act derived from or related to UCITA. Each party hereby irrevocably consents to the exclusive jurisdiction and venue of the federal, state, and local courts in San Francisco County, California, in connection with any action arising out of or in connection with this Agreement. Notwithstanding anything to the contrary herein, either party may seek injunctive or other appropriate relief in any court with competent jurisdiction in any country, in the event of any actual or alleged violation of such party’s Intellectual Property Rights or Confidential Information by the other party.
- EXPORT CONTROL. Customer acknowledges that the laws and regulations of the United States of America and foreign jurisdictions may restrict the export and re-export of certain commodities and technical data of United States of America origin, including the Platform and Software. Customer agrees that it will not export or re-export the Platform and/or Software (or any part thereof) without the appropriate United States or foreign government licenses or permits.
- U.S. GOVERNMENT RIGHTS. The Software (including the Platform) is commercial computer software and all services are commercial items. “Commercial computer software” has the meaning set forth in Federal Acquisition Regulation (“FAR”) 2.101 for civilian agency purchases and the Department of Defense (“DOD”) FAR Supplement (“DFARS”) 252.227-7014(a)(1) for defense agency purchases. If the Software and/or Platform is licensed or acquired by or on behalf of a civilian agency, Reach Security provides the commercial computer software and/or commercial computer software documentation and other technical data subject to the terms of this Agreement as required in FAR 12.212 (Computer Software) and FAR 12.211 (Technical Data) and their successors. If the Software and//or Platform is licensed or acquired by or on behalf of any agency within the DOD, Reach Security provides the commercial computer software and/or commercial computer software documentation and other technical data subject to the terms of this Agreement as specified in DFARS 227.7202-3 and its successors. Only if this is a DOD prime contract or DOD subcontract, the Government acquires additional rights in technical data as set forth in DFARS 252.227-7015. Except as otherwise set forth in an applicable Order Form, this Section 15 is in lieu of, and supersedes, any other FAR, DFARS or other clause or provision that addresses U.S. Government rights in computer software or technical data.
- NOTICES. Except as otherwise set forth in Section 17 below, all notices permitted or required under this Agreement shall be in writing and shall be delivered by personal delivery, e-mail, or by certified or registered mail, return receipt requested, and shall be deemed given upon personal delivery, five (5) business days after deposit in the U.S. mail, or upon confirmation of transmission if sent by e-mail. Notices shall be sent to (a) Reach Security at: 1725 Hyde St. #6, San Francisco, CA 94109; Attn: Garrett Hamilton, and (b) Customer at the address as set forth in the applicable Order Form. Each party may update its contact information from time-to-time pursuant to this Section 16.
- ELECTRONIC COMMUNICATIONS. Customer consents to receiving electronic communications from Reach Security, which may include notices about applicable fees and charges, transactional information and other information concerning or related to Customer’s use of the Reach Security Service. These electronic communications are part of Customer’s relationship with Reach Security and Customer receive them as part of Customer’s access and use of the Reach Security Service. Customer agrees that any notices, agreements, disclosures or other communications that Reach Security sends Customer electronically will satisfy any legal communication requirements, including that such communications be in writing, to the extent permitted by applicable law.
- FORCE MAJEURE. Neither party shall be responsible for any delay in its performance due to labor disputes, shortage of materials, fire, earthquake, flood, telecommunications failure, plague, epidemic, pandemic, outbreaks of infectious disease or any other public health crisis, including quarantine or other employee restrictions, or any other cause beyond its reasonable control, except payments by Customer to Reach Security that are due pursuant to the terms of the Agreement.
- MODIFICATIONS TO THIS AGREEMENT. Reach Security reserves the right to change, update or modify this Agreement at any time (excluding any Order Forms). The revised Agreement will be posted on the webpage located at [insert webpage address] (the “Site”), and, except with respect to material changes to the Agreement as set forth below, Reach Security will use commercially reasonable efforts to notify Customer of such updated Agreement by posting a notice on the Site that the Agreement has been updated and/or through the user interface of the Platform. With respect to material changes to this Agreement, Reach Security will provide Customer with reasonable notice prior to such change taking effect by emailing Customer at the email address associated with Customer’s account. Material changes to this Agreement will become effective on the date set forth in the notice, and all other changes will become effective from the day they are posted on the Site. Customer is solely responsible for reviewing this Agreement for any changes and/or modifications. If Customer (or any Authorized User) accesses or uses the Reach Security Service (or any part thereof) after the applicable effective date of the revised Agreement, that use will constitute Customer’s acceptance of any revised terms and conditions.
- MISCELLANEOUS. Customer may not assign its rights or obligations under this Agreement without the Reach Security’s prior written consent. Any attempted assignment or transfer of this Agreement by Customer in contravention of the foregoing shall be null and void. Reach Security may freely assign or transfer this Agreement hereunder without Customer’s consent and Reach Security may delegate the performance of any services hereunder to its affiliates and contractors. This Agreement is not intended to grant rights to anyone except Customer and Reach Security, and in no event shall this Agreement create any third party beneficiary rights. Any waiver of any provision of this Agreement must be in writing and executed by both parties. The failure of either party to exercise any right provided for by this Agreement shall not be deemed a waiver of that right. Each party represents and warrants to the other that the execution and delivery of this Agreement and the performance of such party’s obligations have been duly authorized and that this Agreement is a valid and legal agreement binding on the party and enforceable according to its terms. The Parties are independent contractors. This Agreement does not create a partnership, franchise, joint venture, agency, fiduciary or employment relationship between the Parties. This Agreement shall not be interpreted or construed to confer any rights or remedies on or to any third parties. If any part of this Agreement is found to be illegal, unenforceable, or invalid, the remaining portions of this Agreement will remain in full force and effect. This Agreement, including any and all Statement of Works and/or Order Forms entered into hereunder, constitutes the entire agreement between the parties regarding this subject matter, and supersedes all prior oral or written agreements or communications with regard to the subject matter described. If any terms of an Order Form conflict with the terms of this Agreement, the terms of the Order Form will control, solely with respect to the subject matter of such Order Form. The terms on any purchase order, confirmation, or similar document submitted by Customer to Reach Security that are in addition to or inconsistent with this Agreement will have no effect and are hereby rejected. The headings of Sections of this Agreement are for convenience and are not to be used in interpreting this Agreement. As used in this Agreement, the word “including” means “including but not limited to.”
QUESTIONS AND ADDITIONAL INFORMATION. Please feel free to contact Reach Security at salesops@reach.security if you have any questions about this Agreement.