RESHIFT SaaS Agreement


THIS RESHIFT SAAS AGREEMENT (“AGREEMENT”) GOVERNS YOUR TRIAL USE, PURCHASE AND USE OF SSCI’S RESHIFT SAAS AND SERVICES OFFERING(S). YOU ARE ENTERING INTO THIS AGREEMENT ON BEHALF OF YOUR COMPANY, EMPLOYER, OR OTHER LEGAL ENTITY (“CUSTOMER”), AND YOU REPRESENT AND WARRANT YOU HAVE THE AUTHORITY TO DO SO. IF YOU DO NOT HAVE THE AUTHORITY TO ENTER INTO THIS AGREEMENT, OR IF YOU DO NOT ACCEPT THE TERMS OF THIS AGREEMENT, YOU MUST NOT USE THE SSCI OFFERING(S).

1. DEFINITIONS
1.1 SSCI: means Software Secured Cautus Inc.
1.2 Affiliates: a legal entity that Customer directly or indirectly majority owns or controls through a majority interest.
1.3 Authorized Users: means Customer’s legal entity, its employees and independent contractors and/or its Affiliates or as otherwise defined in the order form, that access and use the SSCI Offering, provided they agree to be bound by terms and conditions no less restrictive than those contained in the Agreement and solely to the extent that they are acting on behalf of Customer or its Affiliates.
1.4 Authorized Use Limitation: means the limitation on usage of SaaS measured by billing metric specified on the order form.
1.5 SSCI Offerings: means the SSCI reShift Software as a Service (“SaaS”) and/or consulting services (“Services”).
1.6 Customer Data: means all information submitted, entered, or otherwise provided by Customer with regard to any SSCI Offering. For greater certainty, Customer Data shall not include meta data, system topography information, code snippets and/or operations data as well as any aggregated and non-personally identifiable data or anonymized data.
1. 7 Documentation: means any published technical manuals including any updates thereto, relating to the use of the SSCI Offering made generally available by SSCI or, in the case of Services, pursuant to a statement of work.
1.8 Deliverables: means all results of Services provided to Customer pursuant to an order form.
1.9 Force Majeure Event: means an event that arises out of causes beyond a party’s reasonable control, including, without limitation, war, civil commotion, act of God, strike or other stoppage (whether partial or total) of labor, any law, decree, regulation or order of any government or governmental body (including any court or tribunal) and/or delays or outages caused by an internet service provider or independent (not a party’s subcontractor) hosting facility.

2. GRANT OF RIGHTS AND RESTRICTIONS
2.1 Right to Use the SSCI Offering. SSCI grants to Customer a non-exclusive, non-transferable right for Customer and its Authorized Users to access and use the SSCI Offering in accordance with this Agreement, the order form, and the Documentation. 2.2 Trial Use. Subject to the terms and conditions offered to Customer for trial use and the terms of this Agreement, Customer may access and use the SaaS on a trial basis, for the period stated in the applicable order form, or if no time stated, for thirty (30) days from the date access is granted.
ANY ACCESS AND USE FOR TRIAL PURPOSES IS PROVIDED “AS IS” AND SSCI PROVIDES NO SERVICE LEVEL AVAILABILITIES (SLAs), WARRANTIES OR INDEMNIFICATION FOR SUCH TRIALS. ANY CUSTOMER DATA ENTERED OR CONFIGURATIONS OF THE SAAS DURING THE TRIAL PERIOD MAY NOT BE STORED OR AVAILABLE AFTER THE TRIAL PERIOD.
2.3 Service Level Availability. If provided, the targeted availability levels and any related remedies for a SaaS offering are as stated in the applicable Documentation. The following events shall be excluded from the calculation of Service Level Availability: (i) Force Majeure Event; (ii) outages due to Scheduled Downtime; (iii) outages based on Customer networks, domain name server issues, or use not in accordance with the Documentation; and (iv) outages to remedy a security vulnerability or as required by law.

3. FEES AND PAYMENT
3.1 SaaS Fees. The fees payable by Customer to SSCI are stated in the applicable order form. SSCI reserves the right to invoice Customer for any use of the SaaS in excess of the Authorized Use Limitation. Customer agrees that the purchase of any SaaS is not contingent on SSCI providing any future features or functionality.
3.2 Services Fees. SSCI will provide the Services as agreed in an order form. SSCI will invoice expenses that are approved by Customer in accordance with the SSCI expense policy, which may be provided to Customer upon request. The Services are to implement the pre-existing features and functions of the SaaS and do not include any customization or development activities. Payment of SaaS fees is not contingent upon Customer receiving the Services.
3.3 Payment. Unless otherwise stated, payment is due within thirty (30) days from receipt of SSCI’s invoice. Receipt is deemed to have occurred three (3) business days from posting. Any late payments will accrue charges at the rate of 1% of the outstanding balance per month, or the amount prescribed by law, whichever is lower. All fees listed in the order form are exclusive of any taxes. Customer agrees to pay any applicable VAT, GST, sales tax and any other applicable taxes in addition to the fees when such payments are due, excluding taxes on SSCI’s net income.

4. OWNERSHIP AND CONFIDENTIALITY
SSCI owns all right, title and interest to the SSCI Offerings, Deliverables, and feedback provided by Customer, SSCI intellectual property, and any modifications or derivatives thereof (“SSCI Intellectual Property”). Customer and SSCI agree that any Confidential Information that is exchanged will only be used for purposes relating to this Agreement, and that it will be protected in the same manner that Customer, or SSCI, would protect its own information of a similar nature, but in no less than reasonable means. Customer and SSCI agree that Confidential Information means Customer Data, either party’s intellectual property, and any other information that a reasonable person would deem to be confidential. Except where prohibited by law, the following is not considered Confidential Information: (i) information which has been authorized in writing to use without restriction; (ii) information which is rightfully in a party’s possession or becomes known to a party through proper means; and (iii) information which is independently developed without use or reference to the Confidential Information of the other party.

5. SAAS, UPDATES, UPGRADES, AND SUPPORT
5.1 Updates and Upgrades. SSCI may make changes or updates to the SaaS or SaaS infrastructure (such as compute infrastructure, storage technology, security, technical configurations, hosting facilities within the data center region, etc.). SSCI will provide Customer with at least seventy-two (72) hours advanced notice of any downtime required for such updates and upgrades to the SaaS and SaaS infrastructure (“Scheduled Downtime”).
5. 2 Support. SaaS Support will be provided by email in a timely and professional manner by qualified support engineers in accordance with SSCI’s applicable support policy.

6. CUSTOMER DATA / SECURITY
6.1 Customer Data. Customer exclusively owns all rights, title and interest in and to all Customer Data. Should SSCI store Customer Data, such data Data will be stored and processed in the data center region specified in the order form. SSCI shall not access Customer’s user accounts or Customer Data stored within such user accounts (“SaaS Customer Data”), except in response to SaaS or technical issues where Customer provides SSCI with the relevant credentials required to access such data. . SSCI is not responsible for unauthorized access, alteration, theft or destruction of Customer Data arising from Customer’s own or its Authorized Users’ actions or omissions in contravention of the Documentation. Customer’s ability to recover any lost data resulting from SSCI’s misconduct is limited to restoration by SSCI from the most recent back-up. In order to better understand and meet its customers’ needs, SSCI may collect, use, modify and analyze meta data, system topography information, code snippets and/or operations data and, in a confidential and anonymous manner, aggregate such data with similar usage data of other SSCI customers. Aggregated and non-personally identifiable dataas well as anonymized data produced or collected by SSCI shall be owned by SSCI immediately upon its creation.
6.2 Transfer of Customer Data. If Customer transfers any personal data to SSCI in connection with the SaaS, and/or provides SSCI access to any SaaS Customer Data, then Customer warrants that (i) it is duly authorized to provide personal data to SSCI and it does so lawfully in compliance with relevant legislation, (ii) SSCI and its Affiliates or its subcontractors, acting on behalf of SSCI, may use such data strictly for the purposes of performing its obligations under this Agreement, and (iii) SSCI may disclose such data to any SSCI entity and its subcontractors for this purpose and may transfer such data to countries outside of the country of origin. SSCI and its affiliates have committed to comply with relevant data protection/privacy legislation. Customer agrees not to provide any health, payment card or similarly sensitive personal information that imposes specific data security obligations for the processing of such data unless it is a supported feature in the Documentation of the applicable SaaS offering.
6.3 Security. SSCI will maintain and administer a security policy with physical and technical safeguards designed to protect the security, integrity and confidentiality of the Customer Data. Security audits may be conducted periodically to certify that security controls are in place and are being carried out. In the event that SSCI has determined that a security breach will or is likely to cause harm to the Customer or an Authorized User, SSCI will provide Customer with notice of the security breach as promptly as practicable but in no event later than five (5) working days. After initial notification, SSCI will keep Customer updated on a regular basis and provide a reasonably detailed incident report which may include the steps taken by SSCI to investigate the security breach and potential measures to be taken by the Customer to minimize potential damages. The parties understand and agree that SSCI may be prevented by law, regulation or a third-party arrangement from providing such notice(s) and/or reports within the above time frames.

7. CUSTOMER RESPONSIBILITIES
Customer shall not: (i) make SaaS available to any third party not authorized or as otherwise contemplated by this Agreement; (ii) send or store code that can harm or result in damage to SaaS (including but not limited to malicious code and malware); (iii) willfully interfere with or disrupt the integrity of SaaS or the data contained therein; (iv) attempt to gain unauthorized access to the SaaS or its related systems or networks; (v) use SaaS to provide services to third parties except as expressly permitted by the Agreement; (vi) use SaaS in order to cause harm, such as overload or create multiple agents for the purpose of disrupting operations of a third party; (vii) remove or modify any program markings or any notice of SSCI’s or its licensors’ proprietary rights; (viii) perform or disclose any benchmark or performance tests on the SaaS; or (ix) perform or disclose any of the following security testing of the SaaS environments or associated infrastructure: network discovery, port and service identification, vulnerability scanning, password cracking, remote access testing, penetration testing or any other test or procedure not authorized in the Documentation. A breach by Customer of its obligations under this section shall be considered a material breach of the Agreement.

8. TERM AND TERMINATION
8.1 Term. This Agreement will continue in effect unless otherwise terminated in accordance with this section. A party may terminate the Agreement for material breach by the other party, provided that in each instance of a claimed breach: (i) the non -breaching party notifies the breaching party in writing of such breach within thirty (30) days of its occurrence and (ii) the breach is not cured within thirty (30) days of receipt of such notice.
8. 2 Effect of Termination. In the event of an uncured material breach by SSCI, Customer will be entitled to a refund of any pre-paid unused fees calculated against the remainder of the subscription term as of the effective date of such termination. The termination of SaaS under one order form shall not impact the validity of other SaaS offerings or order forms. If the Agreement is terminated by SSCI in accordance with Section 8.1, the due dates of all invoices to be issued will be accelerated so that such invoices become due and payable on the effective date of termination. All rights granted under the Agreement will immediately terminate and each party will return or destroy all Confidential Information of the other party in its possession.
8.3 Surviving Provisions. The following provisions will survive and remain in effect after termination of the Agreement: Definitions; Fees and Payment; Ownership and Confidentiality; Term and Termination; Warranty Disclaimer; Limitation of Liability; and General Provisions.

9. WARRANTY
SSCI warrants that the (i) SaaS will materially conform to the Documentation during the subscription term and (ii) any Deliverable will conform to the Services Documentation for a period of thirty (30) days from the date of delivery. If it is established that SSCI has breached either of the above warranties, SSCI will, at its option, (a) use reasonable efforts to cure the defect; (b) replace the SaaS or Deliverable with SaaS or a Deliverable that materially conforms to the specifications in the Documentation or Services Document (as applicable); (c) in the event SSCI, cannot, after commercially practicable attempts to do so, achieve the remedies in (a) or (b), where the breach relates to SaaS, SSCI may terminate the subscription to the SaaS and provide a refund of pre-paid, unused fees calculated against the remainder of the subscription term as of the effective date of such termination, or where the breach relates to Services, the Customer will return the Deliverables and SSCI shall refund the fees paid for the Deliverable. Customer must report the alleged breach of warranty with reasonable specificity in writing within thirty (30) days of its occurrence to benefit from this warranty and the remedies stated herein.
THE ABOVE WARRANTIES ARE SSCI’S ONLY WARRANTIES AND CUSTOMER’S SOLE AND EXCLUSIVE REMEDIES FOR BREACH OF SUCH WARRANTIES. TO THE EXTENT PERMITTED BY LAW, NO OTHER WARRANTIES OR CONDITIONS, WHETHER EXPRESS OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THIRD PARTY WARRANTIES, THE IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE ARE MADE BY SSCI. SSCI DOES NOT WARRANT THAT THE SAAS OFFERED WILL MEET CUSTOMER’S REQUIREMENTS OR THAT USE OF THE SAAS WILL BE UNINTERRUPTED OR ERROR-FREE.

10. INDEMNIFICATION
10. 1 Indemnification by SSCI. SSCI will indemnify, defend, and/or at its option, settle any third party claims that the SSCI Offering as used per the Documentation infringes or misappropriates any third party valid patent, copyright or trademark or illegally misappropriates a third party’s trade secret within the jurisdictions in which Customer is authorized to use the SSCI Offering. SSCI may, at its option and expense: (i) procure for Customer the right to continue to use the applicable SSCI Offering; (ii) repair, modify or replace the SSCI Offering so that it is no longer infringing; or (iii) terminate the Agreement for the applicable SSCI Offering upon thirty (30) days’ notice and in respect of SaaS, refund any unused prepaid fees calculated against the remainder of the subscription term as of the effective date of such termination and in respect of the Services provide a pro-rata refund of the fees paid for the Services or Deliverable(s) that caused such infringement.
10.2 Indemnification by Customer. Except to the extent prohibited by law, Customer shall indemnify, defend, and/or at its option, settle any third-party claims against SSCI that Customer Data or Customer’s use of the SaaS is in breach of this Agreement, infringes or misappropriates any third party Intellectual Property rights within the jurisdictions in which Customer is using the SaaS, or violates applicable law, rules, directives or regulation.
10.3 Indemnity Conditions. Each party’s indemnification rights require: (i) prompt notice of any claim against the party seeking to be indemnified; (ii) except to the extent prohibited by law, the indemnifying party’s sole control of the defense or settlement, provided that any settlement the indemnifying party enters into releases the other party of all liability; and (iii) the party seeking to be indemnified provides reasonable assistance in the defense or settlement of such claim.
THE FOREGOING PROVISIONS STATE THE ENTIRE LIABILITY AND OBLIGATIONS OF EITHER PARTY REGARDING CLAIMS OF INFRINGMENT, AND THE EXCLUSIVE REMEDY TO EITHER PARTY WITH RESPECT TO ANY ACTUAL OR ALLEGED INFRINGEMENT OR MISAPPROPRIATION OF ANY INTELLECTUAL PROPERTY OR OTHER PROPRIETARY RIGHTS.

11. LIMITATION OF LIABILITY
EXCEPT FOR BREACHES OF THE GRANTS OF RIGHTS AND RESTRICTIONS AND THE OWNERSHIP SECTION BY CUSTOMER, CONFIDENTIALITY BY EITHER PARTY OR EITHER PARTY’S INDEMNIFICATION OBLIGATIONS, (I) IN NO EVENT SHALL EITHER PARTY BE LIABLE TO THE OTHER PARTY OR ANY OTHER PARTY, WHETHER IN CONTRACT OR TORT, OR OTHERWISE FOR ANY INCIDENTAL, INDIRECT, PUNITIVE, EXEMPLARY, SPECIAL, CONSEQUENTIAL OR UNFORESEEABLE LOSS, DAMAGE OR EXPENSE, LOSS OF PROFITS, LOSS OF BUSINESS, LOSS OF OPPORTUNITY, LOSS OR CORRUPTION OF DATA, HOWEVER ARISING, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH LOSS OR DAMAGES BEING INCURRED, AND (II) EACH PARTY’S LIABILITY TO THE OTHER UNDER THE AGREEMENT, FOR DAMAGES, LOSSES, OR LIABILITY FOR ANY CAUSE WHATSOEVER AND REGARDLESS OF THE FORM OF ACTION WHETHER CONTRACTUAL OR NON-CONTRACTUAL, SHALL BE LIMITED TO A MAXIMUM OF THE FEES PAID AND OWED FOR SAAS PROVIDED TO CUSTOMER DURING THE TWELVE (12) MONTHS PRECEDING THE CLAIM OR WHERE THE CLAIM RELATES TO SERVICES ONLY THE FEES PAID AND OWED FOR THE SERVICES GIVING RISE TO THE CLAIM. THE ABOVE LIMITATIONS WILL NOT LIMIT CUSTOMER’S OBLIGATION TO PAY IN ANY WAY.

12. GENERAL PROVISIONS
12.1 Notices. All notices under the Agreement must be in writing, addressed to the parties on the order form and sent either electronically with receipt confirmation or by pre-paid first-class mail/post. Notices will be deemed received by the party to whom the notice is addressed electronically upon receipt confirmation and by mail/post two (2) working days from posting.
12.2 Assignment. The Agreement may not be assigned by Customer without the prior written consent of SSCI, such consent not to be unreasonably withheld.
12.3 Export Requirements. Customer acknowledges that the SSCI Offering(s) are subject to control under U.S., Canadian or other applicable laws and agrees to comply with all applicable import and export laws and regulations. Customer agrees that the SSCI Offering will not be exported, re-exported or transferred in violation of U.S., Canadian or other applicable laws or used for any purpose connected with chemical, biological or nuclear weapons or missile applications, nor be transferred or resold, if Customer has knowledge or reason to know that the SSCI Offering is intended or likely to be used for such purpose.
12.4 Interpretation and Relationship of the Parties. The relationship between SSCI and Customer is strictly that of independent contractors. The validity, construction and interpretation of the Agreement will be governed by the internal laws of the province of Ontario, excluding its conflict of law provisions. If any provision of the Agreement is held to be contrary to law, then the remaining provisions of the Agreement will remain in full force and effect. No delay or omission by either party to exercise any right or power it has under the Agreement will be construed as a waiver of such right or power. This Agreement, and any applicable exhibits or referenced documents represents the entire agreement between the parties and supersedes all prior communications, understandings and agreements relating to the subject matter herein. No additional term or condition contained in Customer’s purchase order or similar document will apply and are expressly rejected by SSCI.
12.5 Order of Precedence. In the event of a conflict among this Agreement, applicable Documentation, and the order form, the order of precedence from highest to lowest shall be (i) the order form, (ii) applicable Documentation, and (iii) this Agreement.