SERVICES TERMS AND CONDITIONS
Last Updated: February 15, 2024
These Services Terms and Conditions (this “Agreement”) is entered into by and between RADICL Defense, Inc., a Delaware corporation, with offices located at 1222 Pearl Street, Suite 200, Boulder, Colorado 80302 (“RADICL”), and the customer identified on the Order Form referencing this Agreement (“Customer”). RADICL and Customer are each referred to herein as a “Party” and together, the “Parties”. This Agreement is effective as of the date of the Order Form (“Effective Date”). By accepting the Order Form, Customer agrees to the terms and conditions in this Agreement.
- Definitions.
- "Active Incident Services” means certain consulting and incident response services that are contracted for under a separate order form in conjunction with the Services being provided hereunder.
- “Claims” means all third party claims, suits, actions, losses, damages, liabilities, costs, or expenses (including reasonable attorneys’ fees).
- “Confidential Information” means the information, technical data, trade secrets, or know-how disclosed by a Party or a Party’s Representative (collectively, the “Disclosing Party”) either directly or indirectly in writing, orally, or by any other means to the other Party or such other Party’s Representatives (the “Receiving Party”) in connection with this Agreement. Confidential Information does not include information which the Receiving Party can demonstrate with competent proof (a) is or has become publicly known and made generally available through no fault of the Receiving Party, (b) has been rightfully received by the Receiving Party free of any confidentiality obligations from a third party who is authorized to make such disclosure, (c) was developed independently without the use of or reference to any Confidential Information of the Disclosing Party, or (d) was already in the Receiving Party’s possession at the time of disclosure hereunder from a source other than the Disclosing Party and without any obligation of confidentiality.
- “Content” means content, data, and information that is owned by RADICL or any of its licensors that is provided or made available by RADICL through use of the Platform or as part of or in connection with RADICL’s provision of Services. Content does not include Customer Data.
- "Customer Data” means any data, information, or material provided to RADICL by or on behalf of Customer or its Protected Persons under this Agreement. Customer Data excludes Content.
- “Documentation” means any user guide, help information and other documentation and information regarding the applicable Services that is delivered by RADICL to Customer in electronic or other form, if any, including any updates provided by RADICL from time to time.
- “Intellectual Property Rights” means all rights of the following types, under the laws of any jurisdiction worldwide: (a) rights associated with works of authorship, including exclusive exploitation rights, copyrights, and moral rights; (b) trade secret rights; (c) trademark rights; (d) patent rights; (e) mask work, sui generis database rights, and industrial property rights; (f) other proprietary rights of every kind and nature; and (g) rights in or relating to registrations, renewals, extensions, combinations, divisions, and reissues of, and applications for, any of the above.
- “Machine” means any physical or virtual device, such as, a computer, server, laptop, desktop computer, mobile, cellular, container or virtual machine image.
- “Malicious Code” means viruses, worms, time bombs, Trojan horses and other harmful or malicious code, files, scripts, agents, or programs existing now, or which may exist in the future.
- “Order Form” means the written order that references this Agreement outlining the Services to be provided by RADICL to Customer.
- “Platform” means RADICL’s RADICL XTP® software and hosted software service, and all features, functionality, and Content provided or made available through such platform, and all software, derivatives, improvements, enhancements, updates and/or extensions related thereto.
- “Protected Person” means a specified individual who is an employee or contractor of Customer or of Customer’s affiliates who are authorized by Customer to access and use the Platform on Customer’s behalf, and for whom Customer has purchased access to the Services.
- “Representative” means a Party’s affiliates and its and their officers, directors, stockholders, members, partners, employees, contractors, sub-contractors, financial and other advisors, attorneys, accountants, consultants, and authorized agents.
- Services” means provision of the Platform, and any implementation and support services, Active Incident Services, and data made available by RADICL to Customer and specified in the Order Form mutually agreed upon by the Parties in writing, but excludes Third-Party Services (defined below) and Third-Party Offerings (defined below).
- “Subscription Term” means the length of the term of Customer’s subscription to the Services, as set forth in the Order Form.
- “Third-Party Offerings” means those Third-Party Services, if any, that are licensed by Customer pursuant to the Order Form.
- Services.
- DESCRIPTION OF PLATFORM. THE PLATFORM COLLECTS TELEMETRY, LOGS, AND ALERT-LEVEL DATA FROM THE CUSTOMER’S INFORMATION TECHNOLOGY ENVIRONMENT TO CONDUCT ANALYSIS ON CYBERSECURITY THREATS, VULNERABILITIES, AND SUSPICIOUS ACTIVITIES, AND PROVIDES RESPONSE TASKS DESIGNED TO MITIGATE THE FINDINGS.
- ORDER FORMS. THE SERVICES OFFERINGS ARE AVAILABLE IN VARIOUS PACKAGES THAT OFFER DIFFERENT LIMITATIONS AND VARYING LEVELS OF SUPPORT, AND CUSTOMER’S SELECTED OFFERINGS ARE AS SET FORTH IN THE ORDER FORM. SUBJECT TO THE TERMS AND CONDITIONS OF THIS AGREEMENT, RADICL WILL USE COMMERCIALLY REASONABLE EFFORTS TO PROVIDE CUSTOMER WITH THE SERVICES SPECIFIED IN THE ORDER FORM. RADICL MAY PROVIDE THE SERVICES DIRECTLY, OR INDIRECTLY USING CONTRACTORS OR OTHER THIRD PARTY VENDORS OR SERVICE PROVIDERS.
- ACTIVE INCIDENT SERVICES. FROM TIME TO TIME, RADICL MAY OFFER TO CUSTOMER CERTAIN ACTIVE INCIDENT SERVICES IN RESPONSE TO IDENTIFYING A SECURITY EVENT. IN CASE ACTIVE INCIDENT SERVICES ARE NEEDED, RADICL SHALL NOTIFY CUSTOMER IN WRITING. CERTAIN ACTIVE INCIDENT SERVICES ARE PROVIDED AS PART OF THE SERVICES PURCHASED IN THE ORDER FORM, HOWEVER, IF ADDITIONAL ACTIVE INCIDENT SERVICES, RADICL SHALL PROVIDE TO CUSTOMER A SEPARATE ORDER FORM FOR THE ACTIVE INCIDENT SERVICES, WHICH SERVICES SHALL BE GOVERNED BY THIS AGREEMENT. ACTIVE INCIDENT SERVICES ARE FURTHER DETAILED IN SCHEDULE 1, ATTACHED HERETO.
- MODIFICATIONS AND ADJUSTMENTS. UNLESS OTHERWISE SET FORTH HEREIN, RADICL MAY IN ITS SOLE DISCRETION MODIFY, ENHANCE OR OTHERWISE CHANGE THE APPLICABLE SERVICES, PROVIDED THAT ANY MATERIAL CHANGES THAT MAY MATERIALLY ADVERSELY IMPACT CUSTOMER’S ACCESS TO THE SERVICES SHALL BE NOTIFIED TO THE CUSTOMER IN ADVANCE.
- THIRD-PARTY SERVICES. CUSTOMER ACKNOWLEDGES THAT THE SERVICES UTILIZE PUBLIC APPLICATION PROGRAMMING INTERFACES FOR ACCESS AND CONNECTIVITY TO CERTAIN THIRD-PARTY APPLICATIONS, DATA SERVICES, SOFTWARE, AND CONTENT (“THIRD-PARTY SERVICES”) AND THAT RADICL DOES NOT OWN OR CONTROL, AND THAT THE ACCESS TO AND USE OF SUCH THIRD-PARTY SERVICES, INCLUDING THE AVAILABILITY THEREOF AND UPTIMES RELATED THERETO, IS SOLELY DETERMINED BY THE RELEVANT THIRD PARTIES THAT CONTROL SUCH THIRD-PARTY SERVICES. CUSTOMER AGREES THAT RADICL IS NOT LIABLE FOR ANY DOWNTIME, DISCONTINUATION, OR ANY OTHER ISSUES CAUSED BY THE THIRD-PARTY SERVICES. CUSTOMER MAY BE REQUIRED TO ENTER INTO SEPARATE AGREEMENTS WITH SUCH THIRD PARTIES TO ACCESS AND USE THIRD-PARTY SERVICES AND OBTAIN ADDITIONAL CONSENTS TO CONNECT THE THIRD-PARTY SERVICES TO THE SERVICES.
- Access to Third-Party Services. The Services may require that Customer provide to RADICL its log-in credentials so that RADICL may use an application programming interface to connect to Customer’s audit trails from its use of Third-Party Services to which Customer currently subscribes. Pursuant to the Order Form, Customer shall provide to RADICL its credentials necessary for RADICL to connect to Customer’s Third-Party Services. Customer acknowledges and agrees that RADICL is required to access Third-Party Services in order to provide the Services to Customer, and accordingly, Customer shall: 1) take all steps reasonably necessary for RADICL to access the Third-Party Services, and 2) agree to and comply with, and ensure that all of its Protected Persons agree to and comply with, all terms, conditions, and agreements related to its use of the Third-Party Services.
- Licenses and Proprietary Rights.
- SERVICES. RADICL HEREBY GRANTS CUSTOMER, DURING THE SUBSCRIPTION TERM, A LICENSE TO ACCESS AND USE THE SERVICES SOLELY FOR CUSTOMER’S INTERNAL BUSINESS PURPOSES AND IN ACCORDANCE WITH THE DOCUMENTATION AND THE TERMS AND CONDITIONS OF THIS AGREEMENT. UNDER THE RIGHTS GRANTED TO CUSTOMER UNDER THIS AGREEMENT, CUSTOMER MAY PERMIT ITS EMPLOYEES AND CONTRACTORS TO BECOME PROTECTED PERSONS IN ORDER TO ACCESS AND USE THE SERVICES IN ACCORDANCE WITH THIS AGREEMENT; PROVIDED THAT CUSTOMER SHALL BE LIABLE FOR THE ACTS AND OMISSIONS OF ALL CUSTOMER AFFILIATES AND PROTECTED PERSONS TO THE EXTENT ANY OF SUCH ACTS OR OMISSIONS, IF PERFORMED BY CUSTOMER, WOULD CONSTITUTE A BREACH OF, OR OTHERWISE GIVE RISE TO LIABILITY TO CUSTOMER UNDER, THIS AGREEMENT. CUSTOMER SHALL NOT AND SHALL NOT PERMIT ANY PROTECTED PERSON TO USE THE SERVICES EXCEPT AS EXPRESSLY PERMITTED UNDER THIS AGREEMENT. BY AGREEING TO THE TERMS AND CONDITIONS IN THIS AGREEMENT AND BY USING THE SERVICES, CUSTOMER EXPRESSLY AGREES THAT RADICL MAY MAKE CHANGES TO CUSTOMER’S MACHINES AS NECESSARY TO REDUCE, CONTAIN, OR REMEDIATE CYBERSECURITY THREATS, RECOVER FROM SECURITY INCIDENTS, OR TO OTHERWISE PROVIDE THE SERVICES.
- License Restrictions. Customer shall not, and shall not permit any Protected Persons or other Representatives to, directly or indirectly: (a) sublicense, sell, lease, sublease, rent, loan, distribute, make available, allow access to, or otherwise transfer the Platform to any third party (e.g., on a commercial timesharing, rental, or “service bureau” or other similar basis); (b) copy, modify, or create derivative works from the Platform’s software or user interface; (c) decompile, reverse engineer, or otherwise attempt to derive the source code for the Platform (or any portion thereof); (d) remove or obscure any RADICL copyright or proprietary notices contained in the Platform; (e) bypass or disable any protections that may be put in place to provide security for the Platform or to protect against unlicensed use of the Platform; (f) use the Platform, or permit the Platform to be used, for purposes of benchmarking, competitive intelligence, comparative analysis, or to develop a competing or related product or service; (g) introduce Malicious Code into the Platform; (h) attempt to gain unauthorized access to, or disrupt the integrity or performance of, the Platform or the data contained therein; or (i) otherwise use or copy the Platform except as expressly provided in this Agreement.
- Protected Persons. Under the rights granted to Customer under this Agreement, Customer may permit its employees and independent contractors to become Protected Persons in order to access and use the Services in accordance with this Agreement; provided that Customer will be liable for the acts and omissions of all Protected Persons to the extent any of such acts or omissions, if performed by Customer, would constitute a breach of, or otherwise give rise to liability to Customer under, this Agreement. Customer shall not, and shall not permit any Protected Person to, use the Services, Content, or Documentation except as expressly permitted under this Agreement. Customer is responsible for Protected Persons’ compliance with this Agreement.
- Third-Party Offerings. Subject to the terms of this Agreement and applicable Order Form, RADICL shall grant to Customer and its Protected Persons the right to access and use the Third-Party Offerings. Customer may be required to install on its Machines certain agent-based sensors (each, an “Sensor”) to obtain access to the Third-Party Offerings. Upon receipt of the Sensor from RADICL, Customer shall install the same on all of the Machines and notify RADICL of the same upon completion. Customer acknowledges that all Sensors are property of the applicable Third-Party Offerings service provider and Customer assumes all risk with regards to installation of the same on the Machines. Customer shall not use any Third-Party Offerings in excess of or beyond the Subscription Term, the Order Form and the Third-Party Offering Agreement. Third-Party Offerings are subject to the license terms and conditions identified in the applicable Order Form (“Third-Party Offering Agreement”), and Customer agrees that it shall comply, and it shall cause its Protected Persons to comply, with all such Third-Party Offering Agreements.
- Ownership. Except as to the Third-Party Services, all proprietary technology utilized by RADICL to perform its obligations under this Agreement, and all Intellectual Property Rights in and to the foregoing, as between the parties, are RADICL’s exclusive property. RADICL or its third party licensors retain ownership of all right, title, and interest to all copyrights, patents, trademarks, trade secrets, and other Intellectual Property Rights in and to the Content and the Platform, including without limitation the Documentation, all customizations, and enhancements, and all processes, know-how, and the like utilized by or created by RADICL in performing under this Agreement. RADICL reserves all rights not expressly granted to Customer hereunder. All proprietary and Intellectual Property Rights in and to the Third-Party Services shall belong to the applicable Third-Party Services provider.
- Payments and Taxes.
- Fees and Payment. Payment terms shall be as set forth in the Order Form. Unless otherwise provided in the Order Form, Customer shall pay all fees within 30 days of its receipt of the applicable invoice. Customer shall make all payments hereunder in United States dollars. Fees paid under this Agreement are non-refundable, unless otherwise mutually agreed by the Parties in writing. RADICL reserves the right to increase the fees upon at least 30 days’ advance notice (e-mail or otherwise) to Customer; provided, however, that fee increases will not take effect until the start of the next renewal Subscription Term.
- Unpaid Fees. If Customer disputes any fees set forth in an invoice, it shall pay the undisputed portion when due and promptly notify RADICL of the dispute prior to the invoice due date. The Parties shall use commercially reasonable efforts to resolve such dispute. Should Customer fail to pay any undisputed fees when due, RADICL may revoke or suspend the Services. Customer shall be responsible for interest on all undisputed fees at a rate equal to the lesser of 1.5% per month and the maximum rate permitted by applicable law, accruing from the due date until paid, plus RADICL’s reasonable costs of collection (including attorney’s fees).
- Taxes. Unless otherwise provided in the Order Form, fees specified do not include any taxes, and Customer is responsible for payment and reimbursement of all taxes associated with Customer’s purchases hereunder (excluding any taxes arising from RADICL’s income or property).
- Credit Cards. If Customer elects to pay by credit card, Customer authorizes RADICL to automatically charge the applicable credit card(s) or payment method(s) on file for all payments required under the Order Form.
- Warranties and Disclaimers.
- Mutual. Each Party represents and warrants that: (a) such Party is duly organized, validly existing, and in good standing under the laws of the state of its organization, and has the full power and authority to enter into and perform its obligations under this Agreement; (b) the execution of this Agreement by such Party, and the performance by such Party of its obligations and duties hereunder do not and will not violate any other agreement to which such Party is a Party or by which it is otherwise bound; and (c) when executed and delivered by such Party, this Agreement will constitute the legal, valid, and binding obligation of such Party, enforceable against such Party in accordance with its terms.
- RADICL. RADICL warrants to (and only to) Customer that (a) the Services will materially perform in accordance with the applicable Documentation and this Agreement for the Term (defined below); and (b) any Services performed by RADICL hereunder will be performed in a professional and workmanlike manner, in accordance with general industry standards. In the event that the Services fail to satisfy this warranty, RADICL will, at its own expense, as Customer’s sole and exclusive remedy, either: (i) promptly replace the Services with a solution that materially conforms to the Documentation and this Agreement; (ii) promptly repair or re-perform the Services so that they materially conform to the Documentation; or (iii) if RADICL cannot promptly repair or re-perform the Services as provided for in (i) or (ii) herein, RADICL may terminate this Agreement. With regards to Third-Party Offerings, Customer acknowledges that RADICL does not represent and warrant the functionality of the same; however, RADICL agrees to work in good faith with Customer and the applicable Third-Party Offering vendor to address service level issues and questions.
- Customer. Customer represents and warrants to RADICL that Customer owns all rights, title and interest in and to the Customer Data, or that Customer has otherwise secured all necessary rights in the Customer Data as may be necessary to permit the RADICL access and use thereof as contemplated by this Agreement.
- DISCLAIMERS.
- EXCEPT AS OTHERWISE PROVIDED IN THIS AGREEMENT AND TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, THE SERVICES (OR ANY PORTION THEREOF) AND ALL RELATED INFORMATION AND TECHNOLOGY PROVIDED BY OR ON BEHALF OF RADICL ARE PROVIDED “AS IS,” “AS AVAILABLE,” AND WITHOUT ANY REPRESENTATIONS OR WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, AND RADICL EXPRESSLY DISCLAIMS ANY OTHER WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE (EVEN IF ADVISED OF THE PURPOSE), ACCURACY, TITLE, AND/OR NON-INFRINGEMENT. EXCEPT AS OTHERWISE PROVIDED IN THIS AGREEMENT, RADICL DOES NOT WARRANT THAT ACCESS TO THE SERVICES (OR ANY PORTION THEREOF) WILL BE UNINTERRUPTED OR ERROR FREE, OR THAT THE SERVICES WILL GUARANTEE SECURITY FROM AND MITIGATION OF CYBERSECURITY THREATS.
- RADICL SHALL HAVE NO LIABILITY FOR ANY THIRD-PARTY SERVICES. CUSTOMER ACKNOWLEDGES THAT THE PLATFORM DOES NOT PROVIDE CYBERSECURITY SCANNING SERVICES. RADICL MAKES NO REPRESENTATIONS OR WARRANTIES RELATED TO THE RESULTS THAT CUSTOMER MAY OBTAIN IN CONNECTION WITH THE SERVICES OR CONTENT. CUSTOMER ACKNOWLEDGES THAT THE SERVICES DO NOT PROVIDE LEGAL ADVICE AND THAT CUSTOMER IS SOLELY RESPONSIBLE FOR COMPLIANCE WITH ALL REGULATIONS AND LAWS RELATED TO ITS BUSINESS AND IT INFRASTRUCTURE.
- Term, Termination, and Survival.
- Term. This Agreement commences on the Effective Date and continues for the duration of the Subscription Term, after which, unless otherwise set forth in the Order Form, the Subscription Term shall automatically renew for successive one (1) year periods (collectively, the “Term”) unless a party provides written notice to the other party of nonrenewal at least 30 days prior to the date of renewal. Subscription Terms are non-cancellable except as provided in Section 6.2.
- Termination. Either Party may terminate this Agreement or any Order Form immediately upon written notice if the other Party: (a) is in default with respect to a material term of this Agreement and such default continues unremedied for a period of 30 days (10 days for nonpayment) following written notice of such default; (b) formally declares bankruptcy, insolvency, reorganization, liquidation, or receivership; or (c) has instigated against it bankruptcy, insolvency, reorganization, liquidation, or receivership proceedings, and shall fail to remove itself from such proceedings within 30 days from the date of institution of such proceedings.
- Effect of Termination. Upon the expiration or termination of this Agreement or Order Form:
- all amounts owed to RADICL under any portion of the terminated Agreement or Order Form which accrued before such termination or expiration will be immediately due and payable;
- if terminated due to Customer’s uncured breach, all amounts that would have been payable under the terminated portion of the Agreement shall be accelerated and immediately due and payable;
- except as otherwise provided herein, all licenses granted under a terminated portion of this Agreement will immediately terminate;
- except as otherwise provided herein, Customer must promptly discontinue all access and use of the Services and return or destroy all Content and Confidential Information in Customer’s possession or control, relating to any terminated or expired portion of this Agreement, and shall provide a certificate within ten days of the effective date of termination certifying compliance with this paragraph (d); and
- Customer shall immediately cease use of all Third-Party Offerings and shall uninstall or otherwise remove all Sensors from all of its Machines.
- Suspension. Notwithstanding anything to the contrary in this Agreement, RADICL may suspend Customer’s access to the Platform if RADICL determines that: (a) there is an attack on the Platform; (b) Customer’s or any of its Protected Persons’ use of the Platform poses a reasonable risk of harm or liability to RADICL and, if capable of being cured, Customer is not taking appropriate action to cure such risk; (c) Customer has breached Section 3.2; or (d) Customer has failed to pay any undisputed amounts owed under this Agreement when due and has failed to cure such late payment within 10 days after RADICL has provided Customer with written notice of such late payment. RADICL shall use commercially reasonable efforts to provide Customer with notice of such suspension.
- Limitation of Liability. EXCEPT FOR (i) LIABILITY ARISING OUT OF A PARTY’S INFRINGEMENT OF THE OTHER PARTY’S INTELLECTUAL PROPERTY, (ii) LIABILITY ARISING OUT OF A PARTY’S BREACH OF A PARTY’S CONFIDENTIALITY OBLIGATIONS UNDER SECTION 9, OR (iii) A PARTY’S INDEMNIFICATION OBLIGATIONS UNDER SECTION 8, (1) IN NO EVENT SHALL EITHER PARTY BE LIABLE TO THE OTHER PARTY FOR PUNITIVE, INDIRECT, INCIDENTAL, SPECIAL, OR CONSEQUENTIAL DAMAGES, OR FOR ANY LOST DATA, LOST PROFITS, OR COSTS OF PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES, ARISING OUT OF OR RELATING TO THIS AGREEMENT, HOWEVER CAUSED AND UNDER ANY THEORY OF LIABILITY (INCLUDING NEGLIGENCE), EVEN IF SUCH PARTY HAS BEEN ADVISED OF THE POSSIBLE EXISTENCE OF SUCH LIABILITY; AND (2) IN NO EVENT SHALL THE TOTAL, CUMULATIVE LIABILITY OF EACH PARTY ARISING OUT OF OR RELATED TO THIS AGREEMENT, WHETHER BASED ON CONTRACT, IN TORT, OR ANY OTHER LEGAL OR EQUITABLE THEORY, EXCEED THE AMOUNT PAID OR PAYABLE BY CUSTOMER TO RADICL DURING THE 12 MONTH PERIOD IMMEDIATELY PRECEDING THE EVENT FIRST GIVING RISE TO SUCH LIABILITY. THE EXISTENCE OF MORE THAN ONE CLAIM SHALL NOT INCREASE THIS LIMIT.
- Indemnification.
- RADICL Indemnity. RADICL hereby agrees to: (a) defend Customer and its Representatives against any Claims to the extent arising out of an allegation that the Services infringe any Intellectual Property Rights of any third party, and (b) indemnify and hold Customer and its Representatives harmless against any losses that are specifically attributable to such Claim or those costs and damages agreed to in a settlement of such Claim. If the Services, or any portion thereof, become subject to any Claim or in RADICL’s reasonable judgment is likely to become subject to a Claim alleging that it infringes, misappropriates, or violates a third party’s Intellectual Property Rights, RADICL may within a reasonable time, at its sole option and expense, either: (i) secure for Customer the right to continue the use of such Services; (ii) replace such Services with a substantially equivalent product not subject to any such Claim; (iii) modify such Services so that they become no longer subject to any such Claim; or (iv) contest the Claim. If RADICL determines, in RADICL’s reasonable discretion, that it is not commercially feasible to either procure the right to continued use of the applicable Services or to replace or modify the applicable Services as provided in clauses ‘(i)’, ‘(ii)’, or ‘(iii)’ of the immediately preceding sentence, RADICL may terminate access to the Services and RADICL’s sole liability, and Customer’s exclusive remedy, under this Section shall be to refund Customer all fees and expenses paid by Customer to RADICL for such Services. The Parties acknowledge and agree that this Section states each Party’s entire liability and the other Party’s exclusive remedy for third party infringement Claims.
- Customer Indemnity. Customer hereby agrees to: (a) defend RADICL and its Representatives, and hold them harmless, against any and Claims to the extent arising out of: (i) RADICL’s use of Customer Data in accordance with this Agreement, (ii) Customer’s or its Representatives or Protected Persons’ fraud, gross negligence, or intentional misconduct, or (iii) Customer’s breach of any Third-Party Offering Agreements; and (b) indemnify and hold RADICL and its Representatives harmless, from and against losses that are specifically attributable to such Claim or those costs and damages agreed to in a settlement of such Claim.
- Indemnity Process. The indemnified Party shall (a) notify the indemnifying Party promptly in writing of any actual or threatened Claim, provided that failure to give prompt notice shall not relieve the indemnifying Party’s obligation hereunder unless the indemnifying Party’s ability to defend the Claim is prejudiced in a material way; (b) give the indemnifying Party sole control of the defense thereof and any related settlement negotiations; and (c) cooperate and, at the indemnifying Party’s request and expense, assist in such defense.
- Confidentiality.
- Protection of Confidential Information. The Confidential Information of the Disclosing Party may be used by the Receiving Party solely for the purpose of performing Receiving Party’s obligations or exercising its rights under this Agreement, and may not be used for any other purpose. During the Term of this Agreement and for so long as such Confidential Information does not fall within any of the exceptions set forth under Section 1.2(a)-(d) above for a period of five years following the date of termination or expiration of this Agreement, the Receiving Party shall hold the Disclosing Party’s Confidential Information in confidence and may not use or disclose the Confidential Information, except as expressly permitted herein, without the prior written consent of the Disclosing Party, which consent shall be at the sole and absolute discretion of the Disclosing Party. The Receiving Party shall protect the Confidential Information of the Disclosing Party from unauthorized use, access, and disclosure using at least the same degree of care that the Receiving Party uses to protect its own information of a similar nature, but in no event less than a reasonable degree of care. The Receiving Party may only disclose the Confidential Information to its Representatives who have a legitimate “need to know” such information for purposes of this Agreement, have been advised of the obligations of confidentiality under this Agreement, and are bound by obligations of confidentiality with respect to the Disclosing Party’s Confidential Information no less stringent than those set out in this Agreement. The Receiving Party shall be solely responsible for (a) all actions and omissions of the Receiving Party’s Representatives with respect to the subject matter of this Section 9 as if they were the actions and omissions of the Receiving Party, and (b) all such Representatives’ compliance with this Section 9.
- Required Disclosure. Nothing in this Agreement will prohibit the Receiving Party from disclosing Confidential Information of the Disclosing Party to the extent legally required to do so by law, by judicial or governmental order, or in a judicial or similar governmental proceeding (“Required Disclosure”); provided that the Receiving Party shall: (a) where legally permitted, give the Disclosing Party reasonable notice of such Required Disclosure prior to disclosure; (b) cooperate with the Disclosing Party in the event that it elects to contest such disclosure or seek a protective order with respect thereto at the Disclosing Party’s cost; and (c) in any event, only disclose the exact Confidential Information, or portion thereof, specifically requested by the Required Disclosure.
- Equitable Relief. In the event of a breach or threatened breach of the foregoing confidentiality obligations by one Party, the other shall suffer immediate and irreparable harm for which, money damages shall be impossible to calculate and would be inadequate compensation. Accordingly, each Party shall be entitled to seek an injunction, restraining order, or other equitable relief to enforce compliance with the provisions hereof; provided, however, that no specification herein of any particular legal or equitable remedy shall be deemed or construed to prohibit either Party from seeking or obtaining any other remedy under this Agreement, at law or in equity.
- Data Processing. The Parties agree to comply with the terms and conditions of RADICL’S Data Processing Addendum, which is located at [link] (the “DPA”). The DPA is incorporated into this Agreement by this reference. In case of any conflict between the terms of the DPA and the terms of this Agreement, the terms of the DPA shall control.
- General Provisions.
- Entire Agreement. This Agreement and the Order Form(s) constitute the entire agreement between the Parties with respect to the subject matter hereof and supersede and replace all prior or contemporaneous understandings or agreements, written or oral, regarding such subject matter.
- Governing Law; Venue. This Agreement will be governed by the laws of the State of California, and the U.S. federal laws applicable therein, without regard to the principles of conflicts of laws thereof. Customer and RADICL agree to submit to the personal and non-exclusive jurisdiction of the state and federal courts located in Santa Clara County, California.
- Relationship of the Parties. The Parties hereto are independent contractors and this Agreement does not create a joint venture, partnership, employment relationship, or other agency relationship between the Parties.
- Publicity. RADICL may refer to Customer in its marketing and sales materials and on its website or other materials as a customer, provided that RADICL does not disclose the Customer’s Confidential Information. RADICL agrees to stop using Customer’s name and/or logo or trademarks upon Customer’s written request.
- Assignment. Neither Party may assign this Agreement nor any of its rights, interests, privileges, licenses, or obligations hereunder without the other Party’s prior written consent; provided, however, RADICL may assign its rights and responsibilities hereunder to any affiliate or a successor-in-interest as part of a change-in-control transaction in which there is a merger or the sale of all, or substantially all, of RADICL’s assets to which this Agreement pertains.
- Severability. In the event that any provision of this Agreement is found to be invalid, voidable, or unenforceable by any court of law with competent jurisdiction, the Parties agree that unless it materially affects the entire intent and purpose of this Agreement, such invalidity, voidability, or unenforceability shall not affect either the validity of this Agreement or the remaining provisions herein, and the provision in question shall be deemed to be replaced with a valid and enforceable provision most closely reflecting the intent and purpose of the original provision.
- Delays and Omissions; Waiver. Any failure or delay on the part of either Party in the exercise of any right or privilege hereunder shall not operate as a waiver thereof, nor shall any single or partial exercise of any such right or privilege preclude other or further exercise thereof or of any other right or privilege. All waivers and consents, if any, given hereunder shall be in writing.
- Survival. Any rights and obligations which by their nature survive and continue after the end of this Agreement shall survive and continue and shall bind the Parties and their successors and assigns, until such obligations are fulfilled.
- Counterparts. This Agreement may be signed in one or more counterparts, each of which will be considered an original, but all of which together form one and the same instrument. Once signed, both Parties agree any reproduction of this Agreement made by reliable means (for example, photocopy or facsimile) shall be considered an original unless prohibited by law.
- Electronic Signatures. Pursuant to the Electronic Signatures in Global and National Commerce Act and the Uniform Electronic Transaction Act, both Parties agree to accept an electronic signature as a valid replacement of an ink and paper signature for an Order Form.
- Notices. Unless otherwise provided in this Agreement, all notices, requests, consents, and other communications required or permitted under this Agreement will be in writing and will be sent to each Party at the address set out above or any address later provided by such Party. All notices will be sent by registered or certified mail, overnight courier, or by e-mail with receipt confirmation. All notices sent by registered or certified mail will be deemed effective on the fifth day after deposit in the mail. All notices sent by overnight carrier or by e-mail will be deemed effective the day after deposit or transmission, as applicable.
SCHEDULE 1
Active Incident Services
All RADICL Service subscriptions include incident identification and response during the initial seventy-two (72) hour period following recognition of the incident (“Initial Response Period”). When security incidents are recognized, RADICL shall work to contain the vulnerability, including:
- Forensic investigation and analysis efforts
- Incident mitigation and/or containment management efforts
The above services will be provided during the Initial Response Period for both Minor and Major security incidents.
Minor Security Incident |
Major Security Incident |
Incidents that are narrow in scope or reach that generally may be quickly resolved. Minor Security Incidents may involve:
|
Incidents that are broad in reach and may take significant time and/or expense to resolve, and may involve:
|
When Minor Security Incidents occur, RADICL will use commercially reasonable efforts to:
- Directly implement mitigations when possible and/or provide guidance to Customer’s IT team or managed serviced provider to do so;
- Provide guidance to Customer’s IT team on full cleanup and recovery;
- Provide consultation on matter once resolved and recommend that Customer implement certain future countermeasures.
Following the Initial Response Period, Customer may elect to purchase additional Active Incident Services pursuant to a separate Order Form. Such services shall be provided on an hourly basis at a rate of $175/hour. Unless otherwise set forth in the applicable Order Form, Customer shall be billed on a monthly basis for purchased Active Incident Services, and Customer shall pay such invoices within 30 days.
When a Major Security Incident occurs, RADICL will use commercially reasonable efforts to:
- During the Initial Response Period, actively seek to address the Major Security Incident and assess vulnerability and implement or provide guidance for implementing mitigating measures;
- Inform Customer when Initial Response Period expires and advise Customer if it recommends third party intervention services (“Intervention Services”). Enlisting Intervention Services is at Customer’s sole discretion;
- If Customer elects Intervention Services, facilitate engagement with Intervention Services provider; further, RADICL will use commercially reasonable efforts to:
-
- Establish operating guidelines between RADICL, Customer, and Intervention Services provider;
- Onboard Intervention Services provider to RADICL XTP if or as appropriate;
- Continue to provide active incident response support in concert with the Intervention Services provider;
- Provide routine updates to Customer of business risk and incident response status;
- Provide “CISO” consultation as appropriate/requested;
- Perform such other consultation work as may be appropriate given the nature of the security incident and the determinations made by the Intervention Services provider.