Request a demo

Terms & Conditions

Terms & Conditions

 

For customers from European Union

Software as a Service Terms and Conditions (EU)

Read full version   PDF


For customers from the US and Canada

Software as a Service Terms and Conditions (USA & Canada)

Read full version   PDF


For customers from Rest of the World

Software as a Service Terms and Conditions (RoW)

Read full version   PDF

SOFTWARE AS A SERVICE TERMS AND CONDITIONS (EU)

These Terms and Conditions were last updated in June, the 18th 2021.

 

This Software as a Service Terms and Conditions (“Terms and Conditions”, together with any applicable Statement of Work issued hereunder, the “Agreement”), between Market Logic Software AG, Franklinstraße 28-29, 10587 Berlin, Germany (“Market Logic”) and the Subscriber named in an applicable Statement of Work (“Subscriber”, collectively the “Parties”) are effective as of the date set forth on such Statement of Work (“Effective Date”).

 

Market Logic and Subscriber agree as follows:

1. PURPOSE

Market Logic provides and operates a software, in particular a market insights platform as a Software-as-a-Service (SaaS) as well as accompanying services. This Agreement contains the terms and conditions under which Subscriber acquires and uses Market Logic’s Services.

2. DEFINITIONS

The following definitions apply to this Agreement and any related Statement of Work:

2.1Affiliate” means any entity which directly or indirectly controls, is controlled by, or is under common control of the Parties respectively. “Control”, for purposes of this definition, means direct or indirect ownership or control of more than 50% of the voting interests of the subject entity;

2.2 “Competitors of Market Logic” means any entity, company, division or department of a company, including its personnel, which is involved in the development, provision or operation of any marketing insights and knowledge management platform and/or similar tools;

2.3 “Confidential Information” has the meaning as set forth in Sec. 11;

2.4Deliverables” means the individual modules including functions and/or features to be provided by Market Logic in connection with the Software Services hereunder as set forth in an applicable SOW and/or this Agreement;

2.5Malicious Code” means viruses, worms, time bombs, Trojan horses and other harmful or malicious code, files, scripts, agents or programs;

2.6Material Breach” has the meaning as set forth in Sec. 16;

2.7 “Non-GA Services” means any software services not generally available to Market Logic’s subscribers, which Market Logic may offer a trial version to Subscriber. The Subscriber may accept or decline any such trial services at the Subscriber’s sole discretion. Any Non-GA Services will be designated as beta, pilot, limited release, developer preview, non-production or by a description of similar import. Non-GA Services are provided for evaluation purposes and not for production use, are not supported, may contain bugs or errors, and may be subject to additional terms mutually agreed upon in a Statement of Work;

2.8Open Source Software” has the meaning as set forth in Sec. 12;

2.9 “Payment Due Date” has the meaning as set forth in Sec. 7;

2.10Professional Services” means the services that are offered by Market Logic to implement and maintain the Software Services (e.g., configuring the product, uploading Subscriber Data, provide training services). The scope of such Professional Services is specified in the applicable Statement of Work;

2.11Purchased Services” means the Services purchased by Subscriber under any applicable SOW;

2.12 “Services” means the Software Services and the Professional Services;

2.12Software Services” means the Market Logic platform including its software features and functionalities that Subscriber is authorized to use as specified in the applicable Statement of Work/s. Such Software Services are made available to Subscriber online via a dedicated Subscriber login link and/or other webpages designated by Market Logic;

2.14Statement of Work” or “SOW” means any ordering document, mutually agreed by the Parties, specifying the Services to be provided under this Agreement, including any documents, attachments or forms thereto. The Parties agree that Subscriber’s Affiliates are permitted to enter into SOWs with Market Logic, which Affiliates shall, upon signing the SOW, be bound by the terms and conditions of this Agreement;

2.15Subscriber” means the legal entity accepting this Agreement and any of its Affiliates who have signed any Statements of Work governed by this Agreement;

2.17Subscriber Data” means all electronic data or information submitted by the Subscriber to the Software Services, including content and data licensed or acquired by Subscriber from third party content providers (i.e., Third Party Services);

2.18Subscription Term” means the license term granted by Market Logic to as defined in the applicable Statement of Work;

2.19Third Party Feature/s” means any service or product (including, without limitation, mobile, offline or other software services) provided by a company, other than Market Logic, and integrated by default in the Software Services by Market Logic, which can be turned off upon request of Subscriber;

2.20Third Party Service/s” means any service or product (including, without limitation, mobile, offline or other software services) provided by a company, other than Market Logic, to Subscriber and which Third Party Service has been integrated into the Software Services by Market Logic on behalf of Subscriber and the Third Party Service provider in order to allow the Software Services to interoperate with the Third Party Services;

2.21 “Users” means individuals who are authorized by Subscriber to use the Software Services as specified in a valid and active Statement of Work between Market Logic and Subscriber and who have been supplied with user identifications and passwords by Subscriber (or by Market Logic on behalf of the Subscriber and at the Subscriber’s request). Users may include, but are not limited to, the Subscriber’s employees, consultants, contractors, agents and third parties authorized by and acting on behalf of Subscriber;

3. SOFTWARE USAGE RIGHTS

3.1 Rights in Software Services. During the term of this Agreement, Market Logic grants to Subscriber a limited, non-transferable, non-exclusive, non-perpetual right to access and use the Software and Software documentation for Subscriber’s internal business purposes. The Software shall be made available to Subscriber as Software-as-a-Service that Subscriber may access and use for the Subscription Term set out in an SOW(s). Market Logic will host and retain physical control over the Software and make the Software available through the Internet for access, use and operation by Subscriber via an Internet Browser through a secure HTTP/S connection. To access the Software Services, Users shall authenticate themselves with a unique, personal username and password. Certain functions of the Software may be downloaded for installation and use on a mobile device (“Mobile Apps”).  Such Mobile Apps may be accessed and used during the term of the respective SOW/s under this Agreement and must be uninstalled upon the expiration or termination of the respective term.  Other than as specifically set forth in this Agreement and unless otherwise agreed to by Market Logic in writing, no provision under this Agreement shall obligate Market Logic to deliver or otherwise make available any copies of computer programs or code from the Software to Subscriber, whether in object code or source code form.

3.2 Usage Restrictions. The Subscriber shall not a) permit any third party to access the Software Services except as permitted herein; b) create derivative works based on the Software Services except as authorized herein; c) copy, frame or mirror any part or content of the Software Services, other than copying or framing on the Subscriber’s own intranets or otherwise for the Subscriber’s own internal business purposes; d) reverse engineer the Software Services; or e) access the Software Services in order to: (i) build a competitive product or service; and (ii) copy any features, functions or graphics of the Software Services.

4. SOFTWARE SERVICES

4.1 Updates and Support. Market Logic will a) make updates to the Software Services available to Subscriber when they become commercially available; b) provide Standard Helpdesk Support via web-content and e-mail support, in English with a maximum response time of 8 hours, available 24 hours from Monday to Friday, including public holidays, and/or upgraded support if purchased separately; and c), upon acceptance of the Services, provide second and third level support and maintain the Software Services in accordance with the Service Level Agreement attached to the applicable Statement of Work. This support is limited to technical questions and does not include general end User training and consultancy services. Subscriber agrees that Market Logic may collect and use technical information gathered as part of the support and maintenance services for the Software Services, including User’s operating system and browser, as well as statistics (including, for example terms most searched, date and time of last login, number of downloads, number of uploads, and number of views). Market Logic may use this information solely for the purpose of providing usage statistics to the Subscriber and/or improving the Software Services. Market Logic shall not disclose this information in any form that identifies the Subscriber or any Users.

4.2 Non-GA Services. NON-GA SERVICES ARE NOT CONSIDERED “SOFTWARE SERVICES” HEREUNDER AND ARE PROVIDED “AS IS” WITH NO EXPRESS OR IMPLIED WARRANTY. At any time and at its sole discretion Market Logic may discontinue any or all Non-GA Services provided to Subscriber and may never make them generally available.

4.3 Subscriptions to Software Services. Unless otherwise specified in the applicable Statement of Work, a) Software Services are purchased as User subscriptions and may be accessed by no more than the specified number of named Users; b) each individual which Subscriber wishes to register a user account for will receive a User ID and password to the Software Services. One User account equals one purchased license. Each User account may only be used by the designated User and must not be shared with any other individuals. The license fees set forth in the relevant Statement of Work allow the Subscriber to register User accounts up to the number of purchased licenses. The fees do not pertain to an actual registration or actual usage of a User account; c) additional User subscriptions may be added during the applicable Subscription Term at the same pricing as that for the pre-existing subscriptions under the applicable Statement of Work, pro-rated for the remainder of the Subscription Term in effect at the time the additional User subscriptions are added; d) the added User subscriptions shall terminate on the same date as the pre-existing subscriptions. User subscriptions are for designated Users only and cannot be shared or used by more than one User but may be reassigned to new Users replacing former Users who no longer require use of the Services. In the event Subscriber fails to comply with the contractual usage limits, Subscriber agrees to promptly execute a Statement of Work for additional Services upon Market Logic’s request and to pay any invoice for excess usage in accordance with this Agreement.

4.4 Third Party Services.

4.4.1 Market Logic shall not be liable for and makes no warranties whatsoever with respect to any Third Party Services which Subscriber uses or desires to use in conjunction with the Software Services, in particular, but not limited to, instances where a Third Party Services provider refuses to make the Third Party Services available for interoperation with the Software Services in a manner which is acceptable to Market Logic, delays the integration or ceases the provision of the Third Party Service for the integration. Market Logic will take commercially reasonable steps to alter the Software Services to facilitate such integration.

4.4.2 Subscriber may be required to grant Market Logic access to Subscriber’s account with the Third Party Service. Any use, access and interaction (including, without limitation any exchange of data) by the Subscriber of any Third Party Services via the Software Services shall be governed by a separate license, service or similar agreement between Subscriber and the applicable Third Party Services provider. Market Logic shall not be responsible for any disclosure, modification, or deletion of Subscriber Data resulting from any use of or access to Third Party Services or Third Party Services providers.

4.4.3 Subscriber acknowledges and understands that a Third Party Service provider may make the performance of such services dependent on the provision of anonymous usage statistics and Market Logic shall be permitted to disclose the anonymous usage statistics to the Third Party Services provider on Subscriber’s behalf.

4.4.4 Notwithstanding any security requirements agreed between Subscriber and Market Logic, any proprietary data of such provider shall be solely subject to separate security and confidentiality obligations between Market Logic and the respective provider.

5. PROFESSIONAL SERVICES

5.1 Provision of Professional Services. Market Logic shall conduct the Professional Services pursuant to this Agreement and the applicable Statement of Work/s. Subscriber and Market Logic agree that all Professional Services performed under the applicable SOW do not require Market Logic to attend Subscriber’s premises unless training is provided on premises at Subscriber.

5.2 Timelines. Subscriber acknowledges and agrees that the ability of Market Logic to provide the Professional Services specified in the applicable Statement of Work within a projected timeline is dependent on contributions to be provided by Subscriber. If Market Logic considers that a material contribution, response or action required from Subscriber is delayed to a point that a milestone is being negatively impacted or cannot reasonably be completed due to such delay, Market Logic will promptly notify Subscriber. The delivery timeline shall be extended for a time equal to the amount of time it takes the Subscriber to provide the material contribution, response or action requested by Market Logic. For the avoidance of doubt, in such case Subscriber’s payment obligation under Section 7 shall not be affected and remain in full force and effect.

5.3 Acceptance. Unless otherwise agreed upon in a Statement of Work, upon completion of the Professional Services and each Deliverable under a Statement of Work pursuant to any applicable acceptance criteria or test plans mutually agreed in writing between the Parties, Market Logic will, as applicable: a) inform Subscriber that all contracted configuration and content upload services have been completed; and/or b) provide access details to the Software Services to Subscriber. Both Parties agree to consider all Professional Services and each Deliverable accepted unless Market Logic is notified otherwise by Subscriber within fourteen (14) days (“Testing Period”).

5.3.1 As of the date of acceptance, the Service Level Agreement shall apply, attached as an annex to the applicable Statement of Work.

5.3.2 In the event Subscriber reasonably determines in good faith that the Professional Services or Deliverable/s do not satisfy the agreed upon acceptance criteria as specified in the applicable Statement of Work or as mutually agreed upon in writing by the parties, Subscriber must notify Market Logic of this in writing within the Testing Period, specifying the deficiencies in detail.

5.3.3 Market Logic will re-perform the defective Professional Services and/or use reasonable efforts to correct such deficiencies and resubmit the Deliverable for acceptance to Subscriber as soon as practicable (“Correction Period”). Subscriber will review and test the re-performed Professional Services and resubmitted Deliverables for acceptance within an additional Testing Period. If the Professional Services or Deliverables fail to meet acceptance after a second Correction Period, Subscriber may in its sole discretion, as a sole and exclusive remedy, either: a) allow Market Logic an additional Correction Period in accordance with the process described above; or b) terminate the relevant Statement of Work immediately upon written notice and recover all setup related one-time fees paid under the relevant Statement of Work for such deficient Deliverable.

5.3.4 Subscriber will cooperate in good faith to execute a Statement of Work for any revised requirements upon Market Logic’s request, if the parties determine that a Deliverable’s functional requirements specified in a Statement of Work require modification, for example due to incorrect assumptions or changed requirements.

6. PARTIES OBLIGATIONS

6.1 Market Logic‘s Obligations. Market Logic shall a) appoint qualified personnel to perform the Professional Services; b) nominate a single point of contact to the Subscriber for all matters relating to the provision of the Professional Services; c) replace the nominated single point of contact and/or other personnel at Market Logic’ sole discretion with immediate effect if the performance of all or any of the nominated employees is inadequate; d) provide the Professional Services only in accordance with applicable laws and government regulations.

6.2 Subscriber’s Obligations.

6.2.1 The Subscriber shall a) be responsible for Users’ compliance with this Agreement; b) be responsible for the accuracy and legality of the Subscriber Data and of the means by which the Subscriber acquired the Subscriber Data; c) be responsible for providing the system environment in accordance with the system requirements of Market Logic set forth in the Agreement and the applicable Statement of Work; d) use commercially reasonable efforts to prevent unauthorized access to or use of the Software Services, and notify Market Logic promptly of any such unauthorized access or use; e) use the Software Services only in accordance with the applicable laws and government regulations; f) provide all Subscriber Data and material contributions needed to complete the Professional Services; g) provide any Subscriber Data, Personal Information and/or Confidential Information to Market Logic via encrypted means or on encrypted media; i) name a single point of contact to Market Logic for all matters relating to the provision of the Professional Services.

6.2.2 Furthermore, the Subscriber shall not: a) make the Software Services available to anyone other than the Users; b) grant Competitors of Market Logic any access to the Software Services; c) sell, resell, rent or lease the Software Services; d) use the Software Services to store or transmit infringing, libelous, and/or otherwise unlawful material, and/or material in violation of third-party privacy rights, e) use the Software Services to store or transmit Malicious Code; f) interfere with or disrupt the integrity or performance of the Software Services or third-party data contained therein; and g) grant unauthorized access to the Software Services or their related systems or networks.

7. FEES AND PAYMENT

7.1 Fees. Subscriber shall pay all fees specified in any Statement of Work. Except as otherwise specified in a SOW, (i) fees are based on the Services purchased and not actual usage; (ii) payment obligations are non-cancellable and fees paid are non-refundable; and (iii) Services purchased cannot be decreased in quantity during the Subscription Term.

7.2 Invoicing and Payment. Market Logic will invoice the Subscriber in accordance with the applicable SOW. The Subscriber is responsible for providing complete and accurate billing and contact information to Market Logic and notifying Market Logic of any changes to such information timely in advance to a respective invoice date. If Subscriber requires a purchase order or a similar document for Subscriber’s invoicing process (“Order Document”) it is the sole responsibility of Subscriber to provide the Order Document in a valid and reasonably acceptable form and timely in advance in order to be taken into consideration within Market Logic’s invoicing process. The absence or delay of an Order Document has no effect on Market Logic’s right to receive payment by the contractually agreed due date. Any legal terms and conditions on an Order Document are void.

7.3 Payment Term. Unless otherwise stated in the applicable SOW, Subscriber shall pay fees with cleared funds without any deductions being in the bank account of Market Logic no later than 30 days from the effective date of the applicable SOW or from the start of the respective subscription period as stipulated in the applicable SOW (“Payment Due Date”). Payment shall be executed by Subscriber via wire transfer. If any fees are not received by Market Logic by the due date in the bank account of Market Logic such fees shall accrue late interest at the rate of nine percent per year or the maximum rate permitted by law, whichever is higher, from the date such payment was due until the date paid.

7. 4 Payment Disputes. Subscriber must provide written notice with reasonable details of the claimed dispute to Market Logic within seven (7) business days from receipt of invoice. If the Parties determine that any fees were incorrectly invoiced, then Market Logic will issue a credit note equal to the exceeding amount. Subscriber agrees to pay in full and without any delay any undisputed amount under such invoice.

7.5 Suspension of Services. If any undisputed amount owed by Subscriber in terms of this Section 7 is 10 days overdue, Market Logic may suspend the Services to Subscriber until such amounts are paid in full including interest payable. Market Logic will give Subscriber at least 10 days’ prior notice before suspending Services. It is understood that any such suspension does not affect Subscriber’s payment obligation attributable to such suspension period.

7.6 Price Adjustment. Unless otherwise agreed upon in a Statement of Work, the fees for the identical Services under the same SOW will be increased by 2% per year or applicable inflation rate, whichever one is higher, calculated upon each anniversary of subscription period.

8. TAXES

The fees set forth in any Statement of Work, Order Form or similar document issued pursuant to this Agreement are net of tax, as such do not include any local, state, federal or foreign taxes, levies or duties of any nature, including value-added, sales, use or withholding taxes (“Taxes“). Subscriber is solely responsible for paying all Taxes, excluding only taxes based on the net income of Market Logic. If Market Logic has the legal obligation to pay or collect Taxes under this Section, the respective fees shall be increased by an amount applicable for the Taxes and be paid by Subscriber unless Subscriber provides Market Logic with a valid tax exemption certificate authorized by the appropriate taxing authority.

Software Services are provided as a Software-as-a-Service distribution and licensing model and as such are treated accordingly for the purposes of tax assessment.

9. STATEMENTS OF WORK

Unless either Party provides 90 days written notice prior to the end of the Term of its intention not to renew, the applicable SOWs shall automatically renew for further 12 month periods.

10. OWNERSHIP

10.1 Subscriber Ownership. Subscriber owns and retains all right, title, and interest, including, without limitation, all Intellectual Property Rights, in and to the Subscriber Data. Subject to the limited licenses granted herein, Market Logic acquires no right, title or interest from Subscriber or Subscriber’s licensors under this Agreement in or to any of Subscriber Data. Subscriber grants Market Logic, its Affiliates and its approved subcontractors a worldwide, limited term right and license to store, host, reproduce, maintain and use Subscriber Data, only as reasonably necessary to provide and improve the Services in accordance with this Agreement.

10.2 Market Logic Ownership. Market Logic shall retain all right and title in and to a) the Services and all modifications and/or enhancements to the Software Services and the Deliverables, regardless of the source of inspiration for any such enhancement or modification and regardless of whether Subscriber has provided input regarding such modifications and/or enhancements, b) proprietary education or training content, c) materials related to Market Logic’s Professional Services processes and methodology, d) any Algorithms associated with the artificial Intelligence (“AI”) or Cognitive Capabilities of the Software Services. Notwithstanding any other term of this Agreement, Market Logic may access and use, and shall retain all right, title and interest in the Software Services, which may include aggregated and anonymized data based upon Subscriber Data, provided that such data does not reveal the identity or traits of any particular individual person or of Subscriber and does not contain any Subscriber Data.

10.3 Artificial Intelligence (“AI”) /Cognitive Capabilities. Subscriber understands and agrees that any functions of the Software Services that utilize AI algorithms will automatically generate output based solely on the electronic data or information submitted by Subscriber to the Software Services, including content and data, if any, licensed or acquired by Subscriber from third party content providers (“Subscriber Data”). Therefore, Subscriber understands and accepts that the quality of such Subscriber Data will directly affect the quality of the output. As such, Market Logic makes no warranty, express or implied, as to the accuracy or completeness of any of the automatically generated output.

10.4 Suggestions and Feedback. Market Logic shall have a royalty-free, worldwide, irrevocable, perpetual license to use and incorporate into the Software Services any suggestions, enhancement requests, recommendations, results of anonymous usage statistics or other feedback provided by the Subscriber, including its Users, relating to the operation of the Software Services. Market Logic acknowledges and agrees that any such feedback is provided “as is” without any warranty and that Market Logic shall have no right to any of Subscriber’s patents, registered copyrights or trademarks (“Subscriber IP”).

10.5 Usage data. Market Logic may compile statistical and other information related to the performance, operation and use of the Software Services (including, e.g. User’s operating system and browser, date and time of last login, number of downloads) solely for (i) the provision of usage statistics to the Subscriber, (ii) the maintenance of the security and integrity of the Software Services and (iii) research and development purposes related to improvements to the Software Services; such improvements must not contain any Confidential Information of Subscriber.

10.6 Rights in Mobile Apps. Mobile Apps (as defined in a Statement of Work) provided to Subscriber, are subject to the following conditions:

10.6.1 The Mobile Apps, including software embedded in the Mobile Apps, are licensed, not sold. Market Logic retains ownership of the Mobile Apps.

10.6.2 Subscriber’s Users may use the Mobile Apps on any Supported Device and on no other devices. “Supported Device” means a mobile device running a Current Release of either Android software or an Android software version(s) or an Apple device running relevant iOS software. “Current Release” means the most current major release of the respective operating software, and subsequent minor version of the operation software will be supported on its own (e.g., v1.0 is a major release and minor release v1.1, v1.2, v1.x would be supported). The Mobile App shall be provided by Market Logic pursuant to an applicable Statement of Work. Subscriber may download Mobile Apps updates made available by Market Logic to update or restore the Mobile Apps on any Supported Device.

10.6.3 Subscriber acknowledges and agrees that the Mobile Apps may collect User or device data for the purposes of providing services or functions that are relevant to use the Mobile Apps.

10.6.4 Subscriber understands that the maintenance times and procedures for the Mobile Apps may depend upon contributions to be provided by third parties, such as app store providers. Therefore, Subscriber agrees that the Service Level Agreement attached to the applicable Statement of Work shall not apply to the Mobile Apps.

11. CONFIDENTIALITY

11.1 Confidential Information. In relation to the execution of this Agreement each Party may from time to time during the term of this Agreement disclose (the “Disclosing Party”) to the other Party (the “Receiving Party”) certain non-public or proprietary information, communication or data related to a party’s business, products, or services, which the Disclosing Party identifies as confidential or which is of such a nature that the Receiving Party should reasonably understand that the Disclosing Party desires to protect such information against unrestricted disclosure or use, including information owed by third parties. Confidential Information includes, but is not limited to, algorithms, audit reports, business plans, business records, commercial information, computer programs, contracts, data-center designs, designs, diagrams, , draft publications, drawings, engineering records, financial information, , formulas, ideas, machine-readable data, market projections, marketing information, methods, offers, operational data, opinions, plans, pricing information, procedures, processes, product development plans, product information programs, projections, proposals, research data, research plans, samples, server-configuration designs, source code for computer programs, specifications, strategies, tax bills, technical information, test data (“Confidential Information”).

11.2 Non-Confidential Information. The obligations of confidentiality do not extend to any Confidential Information which the Receiving Party can show: (i) is or has become generally available to the public other than as a result of a breach of the obligations of confidentiality under this Agreement; or (ii) was in written records prior to the Effective Date and not subject to confidentiality obligations; or (iii) was or is disclosed by a third party entitled to disclose such information; or (iv) the Parties agree in writing that the information is not Confidential Information or that the information may be disclosed; or (v) is required to be disclosed under any Applicable Laws, or by order of a court or governmental body or authority of competent jurisdiction; or (vi) the Receiving Party independently developed the information without using Confidential Information.

11.3 Obligation of Confidentiality. The Receiving Party will treat all Confidential Information of the Disclosing Party with the same degree of care that the Receiving Party treats its own confidential or proprietary information, but in no event with no less than reasonable care. The obligations in this Section shall survive expiration or termination of this Agreement for a period of five (5) years.

11.4 During the Term, the Receiving Party may use Confidential Information to the extent reasonably necessary for a) performing the Receiving Party’s obligations under the Agreement, and/or b) exercising the Receiving Party’s rights under the Agreement; or c) assessing whether to enter into another agreement with the Disclosing Party; or d) any other particular authorized uses expressly agreed to in writing by the Parties. The Receiving Party will not, without the prior written consent of the Disclosing Party, disclose Disclosing Party’s Confidential Information to any third party. Notwithstanding the foregoing, the Receiving Party may, without the Disclosing Party’s prior written consent, disclose the Confidential Information to its employees, agents, affiliates, subcontractors or representatives on a need-to-know basis provided they are bound by obligations of non-disclosure.

11.5 Legally Required Disclosures. In the event the Receiving Party is required to disclose any Confidential Information by order of a court or any government agency, by law, regulation, judicial or administrative process, the Receiving Party will: a) give prior written notice of such disclosure to the Disclosing Party (if legally permitted to do so) together with a copy of the material proposed to be disclosed; b) reasonably cooperate with the Disclosing Party at the Disclosing Party’s request and expense to resist or limit such disclosure or to obtain a protective order; and c) in the absence of a protective order or other remedy, disclose only that portion of the Confidential Information that is legally required to be disclosed and assure that, if applicable, confidential treatment will be accorded the disclosed information.

11.6 Ownership and Return of Confidential Information. Unless otherwise provided for in this Agreement, all Confidential Information is provided without any warranty “as is” and shall remain the sole property of the Disclosing Party and no license or other right to such information is granted under this Agreement. Upon the Disclosing Party’s request, all Confidential Information, including copies of such information, must be promptly returned to the Disclosing Party or destroyed. Notwithstanding the foregoing obligations, Receiving Party shall be permitted to retain back-up copies of Confidential Information as required by its document retention policy.

12. WARRANTIES AND DISCLAIMERS

12.1 Mutual Warranties. Each Party warrants to the other Party that: a) it has the authorization to enter into this Agreement; b) it shall comply with all applicable federal, state, local, or other laws and regulations applicable to the performance by it of its obligations under this Agreement and it has and shall obtain all applicable permits and licenses required of it in connection with its obligations under this Agreement.

12.2 Subscriber Warranties. Subscriber warrants to Market Logic that: a) Subscriber and its Users will use the Software Services in accordance with this Agreement; b) Subscriber Data will not infringe or misappropriate any Intellectual Property Rights or Confidential Information belonging to Market Logic or any third party; Furthermore, Subscriber warrants and represents to Market Logic that it shall not: i) create derivative works based on Market Logic‘s Software Services except as authorized within Agreement; ii) copy, frame or mirror any part or content of Market Logic‘s Software Services and/or ancillary services, other than copying or framing on the Subscriber‘s own intranets or otherwise for the Subscriber’s own internal business purposes; iii) reverse engineer the Market Logic‘s Software Services and/or ancillary services or parts thereof; (iv) build a competitive product or service; and/or (v) copy any features, functions or graphics of Market Logic‘s Software Services.

12.3 Market Logic Warranties.

12.3.1 Software Services. With respect to the Software Services Market Logic warrants that a) Market Logic has the right to grant provide licenses to the Software Services to the Subscriber in accordance with the terms of this Agreement; b) to the best of Market Logic’s knowledge, the licensed use of the Software Services does not infringe the intellectual property rights of any third parties; and c) the Software Services and Mobile Apps do not contain any Open Source Software which could cause Subscriber’s products or services to be subject to any requirements or obligations arising from the Open Source Software Licenses. “Open Source Software” means any software, which is subject to license terms and conditions meeting the criteria listed at http://www.opensource.org/docs/definition.php and take the form of one of the licenses currently listed at http://opensource.org/licenses/ or which is subject to any similar license terms, which have been incorporated into the Software Services.

12.3.2 Professional Services Market Logic warrants that the Professional Services will be performed in a competent manner in accordance with generally accepted industry standards. For any breach of the above warranty, Subscribers exclusive remedy and Market Logic’s entire liability will be the re-performance of the applicable Professional Services. If Market Logic is unable to re-perform the Professional Services as warranted, Subscriber will be entitled to recover the fees paid for the deficient Professional Services. Subscriber must make any claim under the foregoing warranty to Market Logic in writing within 14 days of performance of such Professional Services in order to receive warranty remedies.

12.4 WARRANTY DISCLAIMER. EXCEPT AS EXPRESSLY PROVIDED HEREIN, NEITHER PARTY MAKES ANY WARRANTIES OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, AND EACH PARTY SPECIFICALLY DISCLAIMS ALL IMPLIED WARRANTIES, INCLUDING ANY WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW. MARKET LOGIC DOES NOT WARRANT THAT THE SERVICES WILL MEET SUBSCRIBER’S REQUIREMENTS OR THAT USE WILL BE UNINTERRUPTED OR ERROR FREE. THE SERVICES ARE PROVIDED “AS IS” AND “AS AVAILABLE”, AND THE ENTIRE RISK AS TO ITS SATISFACTORY USE IS WITH SUBSCRIBER.

13. INDEMNIFICATION

13.1 Market Logic Indemnity. Market Logic (“Indemnitor”) shall defend, indemnify and hold harmless Subscriber from and against any third-party claims asserted against Subscriber and its employees, officers, board members, agents, representatives, and officials (“Indemnitee”) based upon a) the gross negligence, willful misconduct, or violation of law by Market Logic, or b) any demand, claim or allegation that Subscriber’s licensed use of the Services by Market Logic infringes or violates any patent, copyright, trade secret, trademark, or other intellectual property right (collectively, “IP Rights”).

13.2 Subscriber Indemnity. The Subscriber (“Indemnitor”) shall defend, indemnify and hold harmless Market Logic and its Affiliates from and against any third-party claims asserted against Market Logic and its employees, officers, board members, agents, representatives, and officials (“Indemnitees”) based upon a) an allegation that the Subscriber Data infringes or violates any Intellectual Property Rights or b) Subscribers’ non-compliance with or breach of this Agreement, including unauthorized use of the Software Services.

13.3 Process. In order for an Indemnitee to be entitled to an indemnity under this Section 3, the Indemnitee must: a) provide the Indemnitor with prompt written notice within thirty (30) days of becoming aware of such claim; b) give the Indemnitor sole control and authority over the defense or settlement of such claim; and c) provide the Indemnitor with proper and full information and reasonable assistance to defend and/or settle any such claim. Neither Party shall, without the other Party’s prior written consent, accept any settlement that imposes any restrictions or obligations on the other Party, requires the other Party to make an admission, or imposes on the other Party liability not covered by the indemnities. The Indemnitee shall take reasonable steps to mitigate its loss following a breach which falls within this Section 13. If Subscriber is unable to use the Services or a portion thereof (“Infringing Item”) because a court of competent jurisdiction issues a judgement from which no appeal is taken that, by providing the Software Services, Market Logics has infringed IP Rights of a third party, Market Logic may promptly, at its expense a) procure for Subscriber the right to continue using such Infringing Item; or b) replace or modify the Infringing Item so that it becomes non-infringing. If Market Logic determines in its own reasonable discretion, that neither option is commercially reasonable, Market Logic may terminate the Agreement and refund all fees paid for such item.

13.4 This Section 13 states the entire obligations and liability of the Indemnitor and the indemnities in these provisions shall be the exclusive remedy for third-party claims for any indemnity.

14. LIMITATION OF LIABILITY

14.1 Disclaimer. Market Logic shall be liable under the terms of this Agreement only in accordance with the following provisions. Any more extensive liability of Market Logic is excluded on the merits.

14.2 Market Logic shall be liable; a) unrestricted for damages caused intentionally or with gross negligence by Market Logic, its legal representatives or senior executives and for losses caused intentionally by other assistants in performance; in respect of gross negligence of other assistants in performance Market Logic’ liability shall be as set forth in the provisions for simple negligence in lit. e) below; and b) unrestricted for death, personal injury or damage to health caused by the intent or negligence of Market Logic, its legal representatives or assistants in performance; and c) for damages arising from the lack of any warranted characteristics up to the amount which is covered by the purpose of the warranty and which was foreseeable for Market Logic at the time the warranty was given, which amount shall not exceed 110% of the monetary value contained in the applicable Statement of Work; and d) in accordance with the German Product Liability Act in the event of product liability. However, the strict liability for initial defects in Section 536a para. 1, alt. 1 of the German Civil Code (BGB) is hereby excluded for the Software Services; and e) for damages caused by the breach of its primary obligations by Market Logic, its legal representatives or assistants in performance. Primary obligations are such basic duties which form the essence of the Agreement, which were decisive for the conclusion of the Agreement and on the performance of which the Subscriber may rely. If Market Logic breaches its primary obligations through simple negligence, then its ensuing liability shall be limited to the amount which was foreseeable by Market Logic at the time the respective service was performed, however Market Logic’ liability in this instance shall not exceed 110% of the monetary value contained in the applicable Statement of Work.

14.3 Market Logic shall not be liable for damages which are a result of a breach of the obligations of the Subscriber under this Agreement, especially under Section 6.2 of this Agreement; or if the Subscriber did not follow Market Logic`s Instructions; or if results of the Software Services or the Knowledge Building Services have been altered or modified by the Subscriber; or if the damage caused by any of Subscriber’s equipment. Furthermore, Market Logic shall not in any manner be liable with regards to any of the Subscriber Data. For avoidance of doubt, Market Logic shall not be liable for any loss and/or damages suffered by the Subscriber and/or its Affiliates in relation to the content of the Software which is created and/or derived from any of the Subscriber Data.

14.4 Consequential Damages. In no event shall either Party be liable to the other for consequential damages resulting from default in the performance of its obligations under this Agreement, provided, however, that this Section 14.4 shall not limit Market Logic’ obligations pursuant to Section 14.2 above.

15. INSURANCE

During the Term, Market Logic shall maintain at its own expense insurance policies appropriate to its obligations under this Agreement, including as applicable general commercial liability, errors and omissions, employer liability and worker’s compensation insurance as required by applicable law.

16. TERM AND TERMINATION

16.1 Term. Subject to earlier termination in accordance with this Section 16, the Agreement shall take effect on the Effective Date and shall continue until the Services have been terminated or expired.

16.2 Term of Software Service Subscriptions. Subscriptions of the Software Services purchased by the Subscriber commence on the start date specified in the applicable Statement of Work and continue for the Subscription Term specified therein.

16.3 Termination for Cause. A party may terminate this Agreement or any Statement of Work for any of the reasons contained in this Section 16:

16.3.1 Material Breach. Either Party may terminate this Agreement or a specific Statement of Work if the other party is in Material Breach of this Agreement or the specific Statement of Work and the breaching party fails to cure such Material Breach within a cure period of thirty (30) days from receipt of notice of Material Breach from the non-breaching Party. Such notice of Material Breach must describe the breach as comprehensively and in as much detail as possible in order to give the other party the opportunity to respond adequately during the thirty (30) day period. A “Material Breach”, for the purposes of this Section 3.1 is a severe enough failure of a core obligation by one party to undermine the entire Agreement for the other party, for example a failure to make payment when due, breach of confidentiality obligations, infringement of IP Rights and a failure by the breaching party to remedy such breach in accordance with this Agreement, breach of applicable laws, repeated non-material breaches cumulatively amounting to a Material Breach, and failure to keep current all billing information to the extent that it interferes with invoicing.

16.3.2 Bankruptcy. Either party may terminate this Agreement or any Statement of Work effective immediately upon: a) receipt of written notice of insolvency or bankruptcy of the other party; b) the commencement by or against that party of any case or proceeding under any bankruptcy, reorganization, or insolvency law, or any other law for the relief of debtors, provided the affected party is unable to fulfill its obligations under the Agreement because of such proceedings;

16.4 Effect of Termination. Upon termination or expiry of this Agreement or the applicable Statement of Work, Market Logic shall immediately cease providing the related Services to the Subscriber and any subscriptions or licenses granted hereunder shall terminate.

16.4.1 If this Agreement is terminated by Subscriber in accordance with Section 3.1, Subscriber shall be entitled to a refund of the pro-rata amount of any pre-paid sums starting from the effective date of the termination.

16.4.2 If this Agreement is terminated by Market Logic in accordance with Section 3, Subscriber will not receive any refund of sums paid under this Agreement and Market Logic shall be entitled to all of fees due or payable under this Agreement, including the applicable SOW.

16.4.3 Upon request by the Subscriber made within 30 days from the effective date of termination of the Software Services, Market Logic will make available to the Subscriber for download a file of the Subscriber Data in an industry-standard documented file format and/or original format and inform the Subscriber accordingly in writing with explicit reference to the availability of the Subscriber Data. After a 60-day period, Market Logic shall have no obligation to maintain or provide the Subscriber Data and shall thereafter, unless legally prohibited, delete all the Subscriber Data in Market Logic systems or otherwise in Market Logic possession or under Market Logic control. In the event the 60-day period is not sufficient to download all Subscriber Data, the data return period may be extended by a further maximum of two more 60-day periods, provided that the Subscriber notifies Market Logic accordingly in due time before the expiry of the data return period and agrees to compensate Market Logic for all related costs and expenses in connection with the extension of the 60-day period. The Subscriber may instruct Market Logic at any time during the Term or within the data return period following it to immediately and permanently erase all copies of Subscriber Data from all its Market Logic systems. Market Logic will execute such request within five (5) days of receiving written notice by the Subscriber to do so.

16.4.4 Termination of this Agreement or any Statement of Work for any reason shall not affect the accrued rights of the parties arising under this Agreement, including the right to recover damages against the other party in accordance with the Agreement. In no circumstances shall any termination relieve the Subscriber of the obligation to pay any fees payable to Market Logic for the period prior to the effective date of termination nor shall Market Logic be obliged to refund of any fees referred to such period.

17. NOTICES

17.1 Manner of Giving Notice. All notices, permissions and approvals hereunder shall be in writing, email shall be considered to be sufficient when in accordance with the provisions in Section 17.2 and shall be deemed to have been given upon a) personal delivery, b) the second business day after mailing, c) the second business day after sending by confirmed facsimile, or d) the first business day after sending by email. All notices will be effective upon receipt.

To Market Logic:

Market Logic Software, AG.

Attention:

Legal Department

Franklinstraße 28-29

10587 Berlin

E-Mail: legal@marketlogicsoftware.com

 

Billing-related notices to the Subscriber shall be addressed to the relevant billing contact designated by the Subscriber. All other notices to the Subscriber shall be addressed to the relevant Services system administrator designated by the Subscriber.

17.2 E-Mail Notice. An emailed notice shall not be sufficient for notices of termination or an indemnifiable claim. An emailed notice will not be effective unless the notice is acknowledged in writing (including for example by email) by the party to which the notice was directed. If a notice is delivered by email to a specific email address; but the notice as delivered to that address is not acknowledged in writing by an individual who is an agent of the notified party for purposes of receiving notices of the type in question, then the notice is not effective as to that address, unless the party being notified has expressly designated the specific address, in writing, as one to which notices under the Agreement may be sent.

18. GENERAL PROVISIONS

18.1 Export Compliance. Both parties shall comply with all applicable UK, EU and/or US sanctions and export regulations including any restrictions or prohibitions on trade or financial transactions with certain countries or entities.

18.2 Anti-Corruption. In performing their obligations under this Agreement, the parties shall: a) comply with all applicable laws and regulations relating to anti-bribery and anti-corruption and maintain its own policies and procedures in this respect; (b) as soon as reasonably practicable report to each other any offer, request or demand for any undue financial or other advantage of any kind received by the other party in connection with the performance of this Agreement.

18.3 Relationship of the Parties. The parties are independent contractors. This Agreement does not create a partnership, franchise, joint venture, agency, fiduciary or employment relationship between the parties.

18.4 Subcontractors. Market Logic may not subcontract any part of its obligations under this Agreement except to its Affiliates or as agreed in writing by Subscriber. Notwithstanding the above, Market Logic may use subcontractors without having to obtain written consent from Subscriber where such subcontractors are used in the day-to-day business of Market Logic and where such subcontractors shall have no access to Subscriber Data. Market Logic will obligate its subcontractors (if any) to adhere to and uphold IT-security and confidentiality obligations that are at least as protective as those rights of Subscriber provided for in this Agreement.

Notwithstanding the permitted subcontracting of Services hereunder Market Logic will remain liable for all of its obligations under this Agreement, and for the acts and omissions of all Market Logic employees in connection with the performance of Services or provision of Software Services.

18.5 No Third-Party Beneficiaries. There are no third-party beneficiaries to this Agreement.

18.6 Waiver. No failure or delay by either party in exercising any right under this Agreement shall constitute a waiver of that right.

18.7 Information Security. Market Logic shall be responsible for implementing and maintaining information security controls in line with standard industry practices as set out in Annex B that are designed to: a) ensure the security, confidentiality and integrity of Services and Subscriber Data; b) protect against any anticipated threats or hazards to the security or integrity of the Services and Subscriber Data; c) protect against unauthorized physical or logical access to or use of Services and Subscriber Data; d) ensure the secure disposal of Subscriber Data as per reasonable instructions of the Subscriber; e) ensure the security and integrity of the operational environment, including the network connectivity, supporting the Services; f) ensure that changes to the Services and operational environment supporting the Services are managed following formal processes; g) segregate Subscriber Data from those of other Market Logic customers; and h) ensure appropriate measures to protect against loss of Subscriber Data.

18.8 Data Protection. The Parties agree to fully comply with applicable data protection laws, including but not limited to the Regulation (EU) 2016/679 (General Data Protection Regulation, hereinafter “GDPR”). Unless otherwise defined in this Agreement, all terms used in this Agreement that appear in GDPR shall have the meaning set out in Annex A.

18.9 Governing Law. In all respects this Agreement will be governed by, and construed in accordance with, the substantive laws Germany and the Place of Jurisdiction shall be Berlin.

18.10 Severability. If any provision of this Agreement is held by a court of competent jurisdiction to be contrary to law, the provision shall be modified by the court and interpreted so as best to accomplish the objectives of the original provision to the fullest extent permitted by law, and the remaining provisions of this Agreement shall remain in effect.

18.11 Surviving Provisions. Section 7 (Fees and Payment), Section 10 (Ownership), Section 11 (Confidentiality), Section 12 (Warranties and Disclaimers), Section 14 (Limitation of Liability), Section 16.4 (Effect of Termination), Section 17 (Notices) and Section 18 (General Provisions) shall survive any termination or expiration of this Agreement.

18.12 Assignment. Neither party may assign any of its rights or obligations hereunder, whether by operation of law or otherwise, without the prior written consent of the other party, except that either party may assign all of its rights and delegate all of its obligations under this Agreement without needing the other party’s consent to an entity: (i) which such party owns or controls; or (ii) by which such party is owned or controlled. In addition, either party may, without needing the other party’s consent assign any of its rights or obligations under this Agreement in connection with a merger, acquisition, corporate reorganization, or sale of all or substantially all of its assets not involving a direct competitor of the other party. Any consent required by this paragraph will not be unreasonably withheld, conditioned, or delayed. Subject to the foregoing, this Agreement shall bind and inure to the benefit of the parties, their respective successors and permitted assigns.

18.13 Entire Agreement. This Agreement, including all exhibits and addenda hereto and all Statement of Works, constitute the entire agreement between the Parties and supersedes all prior and contemporaneous agreements, proposals or representations, written or oral, concerning its subject matter. Market Logic may update or revise these Terms and Conditions from time to time at its sole discretion without notice to Subscriber, and Market Logic recommends that Subscriber reviews these Terms and Conditions on a regular basis to stay abreast of the most current version. The most current version will be posted on Market Logic Website. Subscriber´s continued use of the Services after any update or revision to these Terms and Conditions constitutes Subscriber´s acceptance of the updates or revisions. To the extent of any conflict or inconsistency between the provisions in the body of this Agreement and any exhibit or addendum hereto or any Statement of Work, the terms of the applicable Statement of Work shall prevail. Notwithstanding any language to the contrary therein, no terms or conditions stated in the Subscriber’s purchase orders or other order documentation shall be incorporated into or form any part of this Agreement, and all such terms or conditions shall be null and void.

18.14 Force Majeure. Neither party shall be liable to the other for any delay or failure to perform hereunder (excluding payment obligations) due to circumstances beyond such party’s reasonable control, including but not limited to acts of God, acts of government, flood, fire, earthquakes, civil unrest, acts of terror, strikes or other labor problems (excluding those involving such party’s employees), service disruptions involving hardware, software or power systems not within such party’s reasonable control, and denial of service attacks.

18.15 Counterparts. This Agreement any Statement of Work issued hereunder may be executed in any number of counterparts, each of which when executed and delivered shall constitute and original of this Agreement, but all the counterparts shall together constitute the same agreement. Transmission of an executed counterpart of this Agreement by email (in PDF, JPEG or other agreed format) shall take effect as delivery of an executed counterpart of this Agreement. If either method of delivery is adopted, without prejudice to the validity of the Agreement made, if requested each party shall provide the others with the original of such counterpart as soon as reasonably possible after. No counterpart shall be effective until each party has executed and delivered at least one counterpart.

ANNEX A

DATA PROCESSING AGREEMENT

This Data Processing Agreement (“DPA“) forms part of the Agreement between the Parties.

1. DEFINITIONS

1.1 The terms, “Controller”, “Data Subject”, “Member State”, “Personal Data”, “Personal Data Breach”, “Processing”, “Processor” and “Supervisory Authority” shall have the same meaning as in the GDPR, and their cognate terms shall be construed accordingly.

1.2 “Data Protection Laws” means the GDPR and any other applicable data protection legislation, including EU Member State legislation and any applicable data protection legislation in force from time to time in the UK (including the Data Protection Act 2018), and regulatory requirements which apply to a party to this Agreement relating to Personal Data (including without limitation the privacy of electronic communications) and any code of practice or guidance published by any other relevant Supervisory Authority, in each case as amended or replaced from time to time;

1.3 “GDPR” means the General Data Protection Regulation ((EU) 2016/679);

1.4 “Subscriber Personal Data” means any Personal Data Processed by Market Logic and/or any of its sub-processors on behalf of Subscriber pursuant to or in connection with the Agreement;

1.5 “Sub-processor” means a subcontractor engaged by Market Logic that will process Personal Data as part of the performance of the Services where Market Logic is the Processor;

Terms used but not defined in this DPA, will have the same meaning as set forth in Article 4 of the GDPR.

2. ROLES AND SCOPE

2.1 This DPA applies to the Processing of Personal Data by Market Logic on behalf of Subscriber, within the scope of the GDPR.

2.2 For purposes of this DPA, Subscriber and Market Logic agree that Subscriber is the Controller of Subscriber Data and Market Logic is the Processor of such data, except when Subscriber acts as a Processor of Personal Data (for example for one of its Affiliates), in which case Market Logic is a sub-processor.

2.3 This DPA does not limit or reduce any data protection commitments Market Logic makes to Subscriber in this Agreement.

3 OBLIGATIONS OF MARKET LOGIC: ARTICLES 28, 32 and 33 GDPR

3.1 Market Logic shall not engage another Processor for the Processing of Personal Data without prior specific authorization of Subscriber. Market Logic shall inform Subscriber of any intended changes concerning the addition or replacement of other Processors, thereby giving Subscriber the opportunity to object to such changes (Article 28 (2) of the GDPR).

3.2 Processing by Market Logic shall be governed by this DPA under European Union (“EU”) or Member State law and are binding on Market Logic with regard to Subscriber. The subject-matter and duration of the processing, the nature and purpose of the processing, the type of Personal Data, the categories of data subjects and the obligations and rights of the Subscriber are set forth in the Agreement with the Subscriber. In particular, Market Logic shall:

3.2.1 process Personal Data only on documented instructions from Subscriber, including with regard to transfers of Personal Data to a third country or an international organization, unless required to do so by EU or Member State law to which Market Logic is subject; in such case, Market Logic shall inform Subscriber of that legal requirement before processing, unless that law prohibits such information on important grounds of public interest;

3.2.2 ensure that persons authorized to process the Personal Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality;

3.2.3 take all measures required pursuant to Article 32 of the GDPR;

3.2.4 respect the conditions referred to in paragraphs 3.2.1 and 3.2.3 for engaging another Processor;

3.2.5 taking into account the nature of the processing, assist Subscriber by appropriate technical and organizational measures, insofar as this is possible, for the fulfilment of the Subscriber’s obligations to respond to requests for exercising the data subject’s rights laid down in Chapter III of the GDPR;

3.2.6 assist Subscriber in ensuring compliance with the obligations pursuant to Articles 32 to 36 of the GDPR, taking into account the nature of processing and the information available to Market Logic;

3.2.7 at the choice Subscriber, delete or return all the Personal Data to Subscriber after the end of the provision of the services relating to processing, and delete existing copies unless EU or Member State law requires storage of the Personal Data;

3.2.8 make available to Subscriber all information necessary to demonstrate compliance with the obligations laid down in Article 28 of the GDPR. Upon Subscriber’s reasonable request, and no more than once per year, unless exceptional circumstances warrant additional audit rights, Market Logic shall allow for and contribute to an audit (“Audit”). Any Audit shall be conducted by independent third-part auditor mandated by Subscriber, shall be at Subscriber’s expense and shall be done during normal business hours and upon reasonable prior notice. Any auditor chosen by Subscriber shall not be a Competitor of Market Logic. In no event shall Subscriber have access to the information of any other client of Market Logic and the disclosures made pursuant to this clause shall be held in confidence as Subscriber’s Confidential Information and subject to any confidentiality obligations agreed upon by the parties. Subscriber shall employ the same degree of care to safeguard information obtained in an Audit that it uses to protect its own confidential and proprietary information and, in any event, not less than a reasonable degree of care under the circumstances. Subscriber shall be liable for any improper disclosure or use of information obtained through an Audit by Subscriber or its agents.

3.2.9 Market Logic shall immediately inform Subscriber if, in its opinion, an instruction infringes the GDPR or other EU or Member State data protection provisions. (Article 28 (3) of the GDPR)

3.3 Where Market Logic engages another Processor for carrying out specific Processing activities on behalf of Subscriber, the same data protection obligations as set out in this DPA shall be imposed on that other Processor by way or a contract or other legal act under Union or Member State law, in particular providing sufficient guarantees to implement appropriate technical and organizational measures in such a manner that the Processing will meet the requirements of the GDPR. Where that other Processor fails to fulfil its data protection obligations, Market Logic shall remain fully liable to the Subscriber for the performance of that other Processor’s obligations. (Article 28(4))

3.4 Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of Processing as well as the risk of varying likelihood and severity of the rights and freedoms of natural persons, Subscriber and Market Logic shall implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including inter alia as appropriate:

3.4.1 the pseudonymisation and encryption of Personal Data;

3.4.2 the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;

3.4.3 the ability to restore the availability and access to Personal Data in a timely manner in the event of a physical or technical incident; and

3.4.4 a process for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing. (Article 32(1))

3.5 In assessing the appropriate level of security, account shall be taken of the risks that are presented by processing, in particular from accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Personal Data transmitted, stored or otherwise processed. (Article 32 (2))

3.6 Subscriber and Market Logic shall take steps to ensure that any natural person acting under the authority of Subscriber or Market Logic who has access to Personal Data does not process them except on instructions from Subscriber unless he or she is required to do so by EU or Member State law. (Article 32 (4))

3.7 Market Logic shall notify Subscriber without undue delay after becoming aware of a Personal Data Breach (Article 33 (2)). Such notice will, at a minimum:

3.7.1 describe the nature of the Personal Data Breach including where possible, the categories and approximate number of data subjects concerned, and the categories and approximate number of Personal Data records concerned;

3.7.2 communicate the name and contact details of the data protection officer or other contact where more information can be obtained;

3.7.3 describe the likely consequences of the Personal Data Breach; and

3.7.4 describe the measures taken or proposed to be taken by the Controller to address the Personal Data Breach, including, where appropriate, measures to mitigate its possible adverse effects. (Article 33 (3))

4 SUB-PROCESSORS

4.1 Subscriber consents to Market Logic engaging Sub-processors for the processing of Personal Data in accordance with this DPA.

4.2 Market Logic will ensure that Sub-processors are bound by written agreements that require them to provide at least the level of data protection required of Market Logic under this DPA.

4.3 The Sub-processors used by Market Logic are listed in the applicable Statement of Work.

5 ASSISTING SUBSCRIBER RESPONSE TO REQUESTS FROM DATA SUBJECTS

5.1 Market Logic will make available to Subscriber the Personal Data of its data subjects and the ability to fulfill data subject requests to exercise one or more of their rights under the GDPR in a manner consistent with the functionality of the Software Services and Market Logic’s role as Processor. Market Logic shall comply with reasonable requests by Subscriber to assist with Subscriber’s response to such a data subject request.

5.2 If Market Logic receives a request from Subscriber’s data subject to exercise one or more of its rights under the GDPR, Market Logic will redirect the data subject to make its request directly to Subscriber.

6 PROCESSING OF PERSONAL DATA

6.1 This Agreement (incl. this DPA), along with Subscriber’s use of the Services are Subscriber’s instructions to Market Logic for the processing of Personal Data. The Subscriber understands that any Subscriber Data made available on the Software Services is not monitored by Market Logic and the Subscriber is not permitted to upload or make available any special categories of Personal Data (e.g. financial or health data).

6.2 Market Logic may also transfer Personal Data if required by applicable law.

6.3 Market Logic will ensure that its personnel engaged in the processing of Personal Data (i) will process Personal Data only on instruction from Subscriber, unless required to do so by EU , Member Sate, or other applicable law and (ii) have committed to maintain the confidentiality of any Personal Data even after their engagement ends.

6.4 The subject-matter of the processing is limited to Personal Data within the scope of the GDPR, and the duration of the processing shall be for the duration of the Agreement.

6.5 The nature and purpose of the processing is:

a. providing of Services by Market Logic to Subscriber;

b. providing of usage reporting to Subscriber;

c. operate, administer and optimize the Market Logic platform and to diagnose problems with the software.

Categories of data subjects are Subscriber’s representatives and end users, such as employees, contractors, suppliers, and collaborators.

6.6 The types of Personal Data processed may include: names of users of the platform, work address, business email address, personal account number, personal reference number, employee number, IP address/device identifier and usage tracking of users, as well as other Personal Data submitted by Subscriber to the Market Logic platform. Subscriber understands that Market Logic does not monitor Subscriber Data available on the platform and does not allow the uploading of special category data, as defined under the GDPR or financial data on the platform by Subscriber.

6.7 On expiration or termination of this Agreement, Market Logic shall delete or return Personal Data in accordance with the terms and timeline set forth in this Agreement, unless EU, Member State, or other applicable law require storage of the Personal Data.

7 SECURITY

Market Logic shall (i) maintain security practices and policies for the protection of Personal Data as set forth in the written Information Security Policy and (ii) subject to non-disclosure obligations, make the Information Security Policy available to Subscriber, along with a description of the security controls in place for the Software Services and other information reasonably requested by Subscriber regarding Market Logic’s security practices and policies.

8 PERSONAL DATA BREACH

Market Logic shall make reasonable efforts to assist Subscriber in fulfilling Subscriber’s obligations to notify the relevant supervisory authority and data subjects of and Personal Data Breach under Articles 33 and 34 of the GDPR.

9 RECORDS OF PROCESSING ACTIVITIES

Market Logic shall maintain all records required by Article 30(2) of the GDPR and, to the extent applicable to the processing of Personal Data on behalf of Subscriber, make them available to Subscriber upon request.

10 MODIFICATION, SUPPLEMENTATION AND TERM

10.1 Market Logic may modify or supplement this DPA, with notice to Subscriber, (i) if required to do so by a supervisory authority or other government or regulatory entity, (ii) if necessary to comply with applicable law, (ii) to implement standard contractual clauses laid down by the European Commission or (iv) to adhere to an approved code of conduct or certification mechanism approved or certified pursuant to Articles 40, 42 and 43 of the GDPR.

10.2 Without prejudice to this DPA, Market Logic may from time to time provide additional information and detail about how it will execute this DPA in its technical, privacy or policy documentation.

10.3 This DPA become effective upon the later of (a) the start of enforcement of the GDPR or (b) Subscriber’s use of the Services.

ANNEX B

 

INFORMATION SECURITY REQUIREMENTS

 

1 . Scope

Subject to the terms and conditions of the Agreement, all Services performed by Market Logic under this Agreement, shall comply with the requirements set forth in this Annex B, as applicable in the context of the Services.

This Annex B sets out the security requirements for the IT environments, facilities, equipment and personnel used by Market Logic to store and/or process Subscriber Data in relation to the Services. This Annex and the requirements set forth herein are in addition to, and not in lieu of, other requirements incorporated into the Agreement. Notwithstanding any security requirements agreed between Subscriber and Market Logic, any proprietary data of Third Party Service Providers shall be solely subject to separate security and confidentiality obligations between Market Logic and the respective provider.

Before processing Subscriber Data under this Agreement, Market Logic and its subcontractors shall bring into effect and maintain throughout the term of this Agreement the technical and organisational measures as set out hereunder in order to meet the requirements according to this Agreement, to secure at any time the confidentiality and integrity of the Subscriber Data, to prevent unauthorised or unlawful processing of Data and to protect against accidental or unlawful destruction, damage, accidental loss, alterations or unauthorised disclose or access.

The technical and organisational measures are subject to technical progress and development. In that regard, Market Logic and its Subcontractors are allowed to implement adequate alternative measures, provided, however, that the security level shall not be undercut at any time.

Significant changes to the technical and organisational measures as set out hereunder will be documented and notified to Subscriber prior to their implementation.

2. Certification

Market Logic warrants that the third-party Data Centre it utilizing to provide the Services is ISO27001 and SOC2 certified.

Market Logic warrants that it has designed its information security management according to ISO27001.

3. Logical Security

3.1 General

The logical security processes in this Section 3 apply to all systems used to provide the Services on which Subscriber Data is accessed, processed, stored, transferred or maintained.

3.2 Systems Access Control and Network Access Control

3.2.1 Access Controls. Market Logic warrants that it employs access control mechanisms that:

a. prevent unauthorized access to Subscriber data;

b. limit access to Market Logic personnel with a business need to know;

c. follow principle of least privilege allowing access to only the information and resources that are necessary under the terms of the Agreement; and

d. have the capability of detecting, logging, and reporting access to the system or network or attempts to breach security of the system or network.

3.2.2 Authentication. All Market Logic personnel must have an individual account that authenticates that individual’s access to Subscriber Data. Market Logic will not allow sharing of accounts. Access controls and passwords must be configured in accordance with industry standards and best practices. Passwords must be (i) at least eight characters long, (ii) cannot contain the user’s account name or more than two characters that occur in the full name or the user sequentially and (iii) must contain three of the following categories: Uppercase letters, Lowercase letters, Numbers, Symbols.

3.2.3 Regular Review of Access Controls. Market Logic will maintain a process to review access controls on a minimum annual basis for all Market Logic systems that contain Subscriber Data, including any system that, via any form of communication interface, can connect to the system on which Subscriber Data is stored. These access processes and the process to establish and delete individual accounts will be documented in, and will be in compliance with, Market Logic’s security policies and procedures.

3.2.4 Revocation of Access. Market Logic will revoke its Personnel’s access to physical locations, systems, and applications that contain or process Subscriber Data within a reasonable time of the cessation of such Market Logic Personnel’s need to access the system(s) or application(s).

3.3 Telecommunication and Network Security

3.3.1 Firewalls. Market Logic will deploy reasonably appropriate firewall technology. Traffic between Subscriber and Market Logic will be protected and authenticated by industry standard cryptographic technologies.

3.3.2 Intrusion Detection and Prevention. Market Logic will deploy intrusion detection or preferably prevention systems (NIDS/NIPS) in order to generate, monitor, and respond to alerts which could indicate potential compromise of the network and/or host.

3.3.3 Log Management. Market Logic shall ensure that all systems, incl. firewalls, routers, network switches and operating systems, log information to their respective system log facility or a centralized server for a minimum period of 3 months.

3.3.4 Network Segmentation.  Market Logic shall establish and maintain appropriate network segmentation, including the use of virtual local area networks (VLANS) where appropriate, to restrict network access to systems storing Subscriber Data.

3.3.5 Wireless Security. If Market Logic deploys a wireless network, Market Logic will configure and maintain the use, configuration and management of wireless networks to meet the following:

a. Physical Access – All wireless devices shall be protected using appropriate physical controls to minimize the risk of theft, unauthorized use, or damage;

b. Network Access – Network access to wireless networks should be restricted only to those authorized;

c. Access points shall be segmented from an internal, wired LAN;

d. The service set identifier (SSID), administrator user ID, password and encryption keys shall be changed from the default value;

e. Encryption of all wireless connections will be enabled using Industry Standard Encryption Algorithms (i.e., WPA2/WPA with 802.1X authentication and AES encryption). WEP should never be used;

f. If supported, auditing features on wireless devices shall be enabled and resulting logs shall be reviewed periodically by designated staff or a wireless intrusion prevention system. Logs should be retained for ninety (90) days or longer; and

g. SNMP shall be disabled if not required for network management purposes. If SNMP is required for network management purposes, SNMP will be read-only with appropriate access controls that prohibit wireless devices from requesting and retrieving information and all default community strings will be changed.

3.3.6 Rogue Access Point Detection. Market Logic will maintain a program to detect rogue access points to ensure that only authorized wireless access points are in place.

4 Malicious Code Protection

4.1 All workstations and servers will run the current version of industry standard anti-virus software with the most recent updates available on each workstation or server. Market Logic will configure this equipment and have supporting policies to prohibit users from disabling anti-virus software, altering security configurations, or disabling other protective measures put in place to ensure the safety of the computing environment.

4.2 Market Logic will have current anti-virus software configured to run real-time scanning of machines and a full system scan on a regularly scheduled interval.

4.3 Market Logic will scan incoming and outgoing content for malicious code on all gateways to public networks, including, but not limited to, email and proxy servers.

4.4 Market Logic will quarantine or remove files that have been identified as infected and will log the event.

5 Vulnerability Management and Application Security Assessments

5.1 Market Logic shall run internal and external network vulnerability scans at least quarterly and after any material change in the network configuration (e.g., new system component installations, changes in network topology, firewall rule modifications, or product upgrades). Vulnerabilities identified and rated as high risk by the Market Logic will be remediated within (15) days s maximum.

5.2 For all Internet-facing applications that collect, transmit or display Subscriber Data, Market Logic agrees to conduct Penetration Test assessment to identify common security vulnerabilities as identified by industry-recognized organizations (e.g., OWASP Top 10 Vulnerabilities; CWE/SANS Top 25 vulnerabilities) annually or for all major releases, whichever occurs first.

5.3 For all mobile applications (i.e., running on Android, Blackberry, iOS, Windows Phone) that collect, transmit or display Subscriber Data, Subscriber agrees to conduct penetration test assessment to identify and remediate industry-recognized vulnerabilities specific to mobile applications.

5.4 Patch Management. Market Logic will patch all workstations and servers with all current operating system, database and application patches deployed in Market Logic’s computing environment according to a schedule predicated on the criticality of the patch. Market Logic must perform appropriate steps to help ensure patches do not compromise the security of the information resources being patched. All emergency or critical rated patches must be applied as soon as possible but at no time will exceed thirty (30) days from the date of release.

6. Storage, Handling and Disposal of Subscriber Data

6.1 Data Segregation. Market Logic will physically or logically separate and segregate Subscriber Data from its other customer’s data.

6.2 Electronic Form Data. Market Logic will utilize Industry Standard Encryption Algorithms and Key Strengths to encrypt the following:

a. all Subscriber Data that is in electronic form while in transit over all public wired networks (e.g., Internet) and all wireless networks.

b. all Subscriber Data while In Storage. “In Storage” means information stored in databases, in file systems, and on various forms of online is also commonly referred to as “at rest.”

c. passwords will be hashed with irreversible industry standard algorithms with randomly generated “salt” added to the input string prior to encoding to ensure that the same password text chosen by different users will yield different encodings. The randomly generated salt should be at least as long as the output of the hash function.

d. any mobile devices (e.g., laptop, cell phone, tablet) used outside of a Data Center to perform any part of the Services.

6.3 Data Retention. Upon Subscriber’s request, or, upon termination or expiration of this Agreement, all Subscriber Data, including copies of such information, must be promptly returned to Subscriber or destroyed. Notwithstanding the foregoing obligations, Market Logic shall be permitted to retain back-up copies of Subscriber Data in accordance with applicable laws; applicable regulations and the Agreement.

6.4 Destruction of Data. Market Logic will dispose of Subscriber Data when information is deemed no longer necessary to preserve as outlined above in “Data Retention” Section 6.3. Subscriber Data shall be disposed of in a method that renders it unreadable, effectively decommissioned. Market Logic will destroy any equipment containing Subscriber Data that is damaged or non-functional. All Subscriber Data must be rendered unreadable and unrecoverable regardless of the form (physical or electronic).

7. Physical Security and Personnel Security

7.1 Physical security of Market Logic’s offices. Market Logic shall have adequate physical security perimeters to safeguard Subscriber Data. Market Logic shall have a premises access control system that requires:

a. every individual to have a unique access card and or key to access the premises;

b. access to sensitive areas, e.g., server rooms to be granted only to those who need access to the area to perform their work-related duties;

c. all visitors to be identified, registered, logged and accompanied by an employee of Market Logic at all times and;

d. Market Logic employees to adhere to a Clean Desk Policy.

7.2 Market Logic Personnel. Market Logic warrants that its personnel will:

a. be provided with a clear understanding of procedures and controls reasonably necessary to comply with the Information Security requirements set out in the Agreement prior to their being granted access to Subscriber Data;

b. upon hiring, and at least annually thereafter, participate in security awareness trainings. This training will cover, at a minimum, Market Logic’s security policies, including acceptable use, password protection, data classification, incident reporting, the repercussions of violations, and;

c. also receive training regarding data privacy and protection if Market Logic or its personnel accesses Personal Data.

8. Incident Reporting and Action

In case that Market Logic detects any event that poses a risk to the security of any Subscriber Data, Market Logic shall a) immediately report the incident to the Subscriber in writing; b) promptly provide a full investigative report along with the corrective action(s) reasonably necessary to prevent a future recurrence of such violation, security incident or infraction; c) execute such corrective actions; and d) take such other investigative actions and measures to ensure that such corrective actions are and will remain effective.

SOFTWARE AS A SERVICE TERMS AND CONDITIONS (US and Canada)

These Terms and Conditions were last updated in June, the 18th 2021.

 

These Software as a Service Terms and Conditions (“Terms and Conditions”, together with any applicable Statement of Work issued hereunder, the “Agreement”), between Market Logic Software Inc, a Delaware Corporation with offices at 80 Pine Street, Floor 24, New York, New York, 10005 (“Market Logic”), and the Subscriber named in an applicable Statement of Work (“Subscriber”, collectively the “Parties”) are effective as of the date set forth on such Statement of Work (“Effective Date”).

 

Market Logic and Subscriber agree as follows:

1. PURPOSE

Market Logic provides and operates a software, in particular a market insights platform as a Software-as-a-Service (SaaS) as well as accompanying services. This Agreement contains the terms and conditions under which Subscriber acquires and uses Market Logic’s Services.

2. DEFINITIONS

The following definitions apply to this Agreement and any related Statement of Work:

2.1Affiliate” means any entity which directly or indirectly controls, is controlled by, or is under common control of the Parties respectively. “Control”, for purposes of this definition, means direct or indirect ownership or control of more than 50% of the voting interests of the subject entity;

2.2 “Competitors of Market Logic” means any entity, company, division or department of a company, including its personnel, which is involved in the development, provision or operation of any marketing insights and knowledge management platform and/or similar tools;

2.3 “Confidential Information” has the meaning as set forth in Sec. 11;

2.4Deliverables” means the individual modules including functions and/or features to be provided by Market Logic in connection with the Software Services hereunder as set forth in an applicable SOW and/or this Agreement;

2.5Malicious Code” means viruses, worms, time bombs, Trojan horses and other harmful or malicious code, files, scripts, agents or programs;

2.6Material Breach” has the meaning as set forth in Sec. 16;

2.7 “Non-GA Services” means any software services not generally available to Market Logic’s subscribers, which Market Logic may offer a trial version to Subscriber. The Subscriber may accept or decline any such trial services at the Subscriber’s sole discretion. Any Non-GA Services will be designated as beta, pilot, limited release, developer preview, non-production or by a description of similar import. Non-GA Services are provided for evaluation purposes and not for production use, are not supported, may contain bugs or errors, and may be subject to additional terms mutually agreed upon in a Statement of Work;

2.8Open Source Software” has the meaning as set forth in Sec. 12;

2.9 “Payment Due Date” has the meaning as set forth in Sec. 7;

2.10Professional Services” means the services that are offered by Market Logic to implement and maintain the Software Services (e.g., configuring the product, uploading Subscriber Data, provide training services). The scope of such Professional Services is specified in the applicable Statement of Work;

2.11Purchased Services” means the Services purchased by Subscriber under any applicable SOW;

2.12 “Services” means the Software Services and the Professional Services;

2.13Software Services” means the Market Logic platform including its software features and functionalities that Subscriber is authorized to use as specified in the applicable Statement of Work/s. Such Software Services are made available to Subscriber online via a dedicated Subscriber login link and/or other webpages designated by Market Logic;

2.14Statement of Work” or “SOW” means any ordering document, mutually agreed by the Parties, specifying the Services to be provided under this Agreement, including any documents, attachments or forms thereto. The Parties agree that Subscriber’s Affiliates are permitted to enter into SOWs with Market Logic, which Affiliates shall, upon signing the SOW, be bound by the terms and conditions of this Agreement;

2.15Subscriber” means the legal entity accepting this Agreement and any of its Affiliates who have signed any Statements of Work governed by this Agreement;

2.16Subscriber Data” means all electronic data or information submitted by the Subscriber to the Software Services, including content and data licensed or acquired by Subscriber from third party content providers (i.e., Third Party Services);

2.17Subscription Term” means the license term granted by Market Logic to as defined in the applicable Statement of Work;

2.18Third Party Feature/s” means any service or product (including, without limitation, mobile, offline or other software services) provided by a company, other than Market Logic, and integrated by default in the Software Services by Market Logic, which can be turned off upon request of Subscriber;

2.19Third Party Service/s” means any service or product (including, without limitation, mobile, offline or other software services) provided by a company, other than Market Logic, to Subscriber and which Third Party Service has been integrated into the Software Services by Market Logic on behalf of Subscriber and the Third Party Service provider in order to allow the Software Services to interoperate with the Third Party Services;

2.20 “Users” means individuals who are authorized by Subscriber to use the Software Services as specified in a valid and active Statement of Work between Market Logic and Subscriber and who have been supplied with user identifications and passwords by Subscriber (or by Market Logic on behalf of the Subscriber and at the Subscriber’s request). Users may include, but are not limited to, the Subscriber’s employees, consultants, contractors, agents and third parties authorized by and acting on behalf of Subscriber;

3. SOFTWARE USAGE RIGHTS

3.1 Rights in Software Services. During the term of this Agreement, Market Logic grants to Subscriber a limited, non-transferable, non-exclusive, non-perpetual right to access and use the Software and Software documentation for Subscriber’s internal business purposes. The Software shall be made available to Subscriber as Software-as-a-Service that Subscriber may access and use for the Subscription Term set out in an SOW(s). Market Logic will host and retain physical control over the Software and make the Software available through the Internet for access, use and operation by Subscriber via an Internet Browser through a secure HTTP/S connection. To access the Software Services, Users shall authenticate themselves with a unique, personal username and password. Certain functions of the Software may be downloaded for installation and use on a mobile device (“Mobile Apps”).  Such Mobile Apps may be accessed and used during the term of the respective SOW/s under this Agreement and must be uninstalled upon the expiration or termination of the respective term.  Other than as specifically set forth in this Agreement and unless otherwise agreed to by Market Logic in writing, no provision under this Agreement shall obligate Market Logic to deliver or otherwise make available any copies of computer programs or code from the Software to Subscriber, whether in object code or source code form.

3.2 Usage Restrictions. The Subscriber shall not a) permit any third party to access the Software Services except as permitted herein; b) create derivative works based on the Software Services except as authorized herein; c) copy, frame or mirror any part or content of the Software Services, other than copying or framing on the Subscriber’s own intranets or otherwise for the Subscriber’s own internal business purposes; d) reverse engineer the Software Services; or e) access the Software Services in order to: (i) build a competitive product or service; and (ii) copy any features, functions or graphics of the Software Services.

4. SOFTWARE SERVICES

4.1 Updates and Support. Market Logic will a) make updates to the Software Services available to Subscriber when they become commercially available; b) provide Standard Helpdesk Support via web-content and e-mail support, in English with a maximum response time of 8 hours, available 24 hours from Monday to Friday, including public holidays, and/or upgraded support if purchased separately; and c), upon acceptance of the Services, provide second and third level support and maintain the Software Services in accordance with the Service Level Agreement attached to the applicable Statement of Work. This support is limited to technical questions and does not include general end User training and consultancy services. Subscriber agrees that Market Logic may collect and use technical information gathered as part of the support and maintenance services for the Software Services, including User’s operating system and browser, as well as statistics (including, for example terms most searched, date and time of last login, number of downloads, number of uploads, and number of views). Market Logic may use this information solely for the purpose of providing usage statistics to the Subscriber and/or improving the Software Services. Market Logic shall not disclose this information in any form that identifies the Subscriber or any Users.

4.2 Non-GA Services. NON-GA SERVICES ARE NOT CONSIDERED “SOFTWARE SERVICES” HEREUNDER AND ARE PROVIDED “AS IS” WITH NO EXPRESS OR IMPLIED WARRANTY. At any time and at its sole discretion Market Logic may discontinue any or all Non-GA Services provided to Subscriber and may never make them generally available.

4.3 Subscriptions to Software Services. Unless otherwise specified in the applicable Statement of Work, a) Software Services are purchased as User subscriptions and may be accessed by no more than the specified number of named Users; b) each individual which Subscriber wishes to register a user account for will receive a User ID and password to the Software Services. One User account equals one purchased license. Each User account may only be used by the designated User and must not be shared with any other individuals. The license fees set forth in the relevant Statement of Work allow the Subscriber to register User accounts up to the number of purchased licenses. The fees do not pertain to an actual registration or actual usage of a User account; c) additional User subscriptions may be added during the applicable Subscription Term at the same pricing as that for the pre-existing subscriptions under the applicable Statement of Work, pro-rated for the remainder of the Subscription Term in effect at the time the additional User subscriptions are added; d) the added User subscriptions shall terminate on the same date as the pre-existing subscriptions. User subscriptions are for designated Users only and cannot be shared or used by more than one User but may be reassigned to new Users replacing former Users who no longer require use of the Services. In the event Subscriber fails to comply with the contractual usage limits, Subscriber agrees to promptly execute a Statement of Work for additional Services upon Market Logic’s request and to pay any invoice for excess usage in accordance with this Agreement.

4.4.Third Party Services.                                                                       

4.4.1 Market Logic shall not be liable for and makes no warranties whatsoever with respect to any Third Party Services which Subscriber uses or desires to use in conjunction with the Software Services, in particular, but not limited to, instances where a Third Party Services provider refuses to make the Third Party Services available for interoperation with the Software Services in a manner which is acceptable to Market Logic, delays the integration or ceases the provision of the Third Party Service for the integration. Market Logic will take commercially reasonable steps to alter the Software Services to facilitate such integration.

4.4.2 Subscriber may be required to grant Market Logic access to Subscriber’s account with the Third Party Service. Any use, access and interaction (including, without limitation any exchange of data) by the Subscriber of any Third Party Services via the Software Services shall be governed by a separate license, service or similar agreement between Subscriber and the applicable Third Party Services provider. Market Logic shall not be responsible for any disclosure, modification, or deletion of Subscriber Data resulting from any use of or access to Third Party Services or Third Party Services providers.

4.4.3 Subscriber acknowledges and understands that a Third Party Service provider may make the performance of such services dependent on the provision of anonymous usage statistics and Market Logic shall be permitted to disclose the anonymous usage statistics to the Third Party Services provider on Subscriber’s behalf.

4.4.4 Notwithstanding any security requirements agreed between Subscriber and Market Logic, any proprietary data of such provider shall be solely subject to separate security and confidentiality obligations between Market Logic and the respective provider.

5. PROFESSIONAL SERVICES

5.1 Provision of Professional Services. Market Logic shall conduct the Professional Services pursuant to this Agreement and the applicable Statement of Work/s. Subscriber and Market Logic agree that all Professional Services performed under the applicable SOW do not require Market Logic to attend Subscriber’s premises unless training is provided on premises at Subscriber.

5.2 Timelines. Subscriber acknowledges and agrees that the ability of Market Logic to provide the Professional Services specified in the applicable Statement of Work within a projected timeline is dependent on contributions to be provided by Subscriber. If Market Logic considers that a material contribution, response or action required from Subscriber is delayed to a point that a milestone is being negatively impacted or cannot reasonably be completed due to such delay, Market Logic will promptly notify Subscriber. The delivery timeline shall be extended for a time equal to the amount of time it takes the Subscriber to provide the material contribution, response or action requested by Market Logic. For the avoidance of doubt, in such case Subscriber’s payment obligation under Section 7 shall not be affected and remain in full force and effect.

5.3 Acceptance. Unless otherwise agreed upon in a Statement of Work, upon completion of the Professional Services and each Deliverable under a Statement of Work pursuant to any applicable acceptance criteria or test plans mutually agreed in writing between the Parties, Market Logic will, as applicable: a) inform Subscriber that all contracted configuration and content upload services have been completed; and/or b) provide access details to the Software Services to Subscriber. Both Parties agree to consider all Professional Services and each Deliverable accepted unless Market Logic is notified otherwise by Subscriber within fourteen (14) days (“Testing Period”).

5.3.1 As of the date of acceptance, the Service Level Agreement attached to the applicable Statement of Work shall apply.

5.3.2 In the event Subscriber reasonably determines in good faith that the Professional Services or Deliverable/s do not satisfy the agreed upon acceptance criteria as specified in the applicable Statement of Work or as mutually agreed upon in writing by the parties, Subscriber must notify Market Logic of this in writing within the Testing Period, specifying the deficiencies in detail.

5.3.3 Market Logic will re-perform the defective Professional Services and/or use reasonable efforts to correct such deficiencies and resubmit the Deliverable for acceptance to Subscriber as soon as practicable (“Correction Period”). Subscriber will review and test the re-performed Professional Services and resubmitted Deliverables for acceptance within an additional Testing Period. If the Professional Services or Deliverables fail to meet acceptance after a second Correction Period, Subscriber may in its sole discretion, as a sole and exclusive remedy, either: a) allow Market Logic an additional Correction Period in accordance with the process described above; or b) terminate the relevant Statement of Work immediately upon written notice and recover all setup related one-time fees paid under the relevant Statement of Work for such deficient Deliverable.

5.3.4 Subscriber will cooperate in good faith to execute a Statement of Work for any revised requirements upon Market Logic’s request, if the parties determine that a Deliverable’s functional requirements specified in a Statement of Work require modification, for example due to incorrect assumptions or changed requirements.

6. PARTIES OBLIGATIONS

6.1 Market Logic‘s Obligations. Market Logic shall a) appoint qualified personnel to perform the Professional Services; b) nominate a single point of contact to the Subscriber for all matters relating to the provision of the Professional Services; c) replace the nominated single point of contact and/or other personnel at Market Logic’ sole discretion with immediate effect if the performance of all or any of the nominated employees is inadequate; d) provide the Professional Services only in accordance with applicable laws and government regulations.

6.2 Subscriber’s Obligations.

6.2.1 The Subscriber shall a) be responsible for Users’ compliance with this Agreement; b) be responsible for the accuracy and legality of the Subscriber Data and of the means by which the Subscriber acquired the Subscriber Data; c) be responsible for providing the system environment in accordance with the system requirements of Market Logic set forth in the Agreement and the applicable Statement of Work; d) use commercially reasonable efforts to prevent unauthorized access to or use of the Software Services, and notify Market Logic promptly of any such unauthorized access or use; e) use the Software Services only in accordance with the applicable laws and government regulations; f) provide all Subscriber Data and material contributions needed to complete the Professional Services; g) provide any Subscriber Data, Personal Information and/or Confidential Information to Market Logic via encrypted means or on encrypted media; i) name a single point of contact to Market Logic for all matters relating to the provision of the Professional Services.

6.2.2 Furthermore, the Subscriber shall not: a) make the Software Services available to anyone other than the Users; b) grant Competitors of Market Logic any access to the Software Services; c) sell, resell, rent or lease the Software Services; d) use the Software Services to store or transmit infringing, libelous, and/or otherwise unlawful material, and/or material in violation of third-party privacy rights, e) use the Software Services to store or transmit Malicious Code; f) interfere with or disrupt the integrity or performance of the Software Services or third-party data contained therein; and g) grant unauthorized access to the Software Services or their related systems or networks.

7. FEES AND PAYMENT

7.1 Fees. Subscriber shall pay all fees specified in any Statement of Work. Except as otherwise specified in a SOW, (i) fees are based on the Services purchased and not actual usage; (ii) payment obligations are non-cancellable and fees paid are non-refundable; and (iii) Services purchased cannot be decreased in quantity during the Subscription Term.

7.2 Invoicing and Payment. Market Logic will invoice the Subscriber in accordance with the applicable SOW. The Subscriber is responsible for providing complete and accurate billing and contact information to Market Logic and notifying Market Logic of any changes to such information timely in advance to a respective invoice date. If Subscriber requires a purchase order or a similar document for Subscriber’s invoicing process (“Order Document”) it is the sole responsibility of Subscriber to provide the Order Document in a valid and reasonably acceptable form and timely in advance in order to be taken into consideration within Market Logic’s invoicing process. The absence or delay of an Order Document has no effect on Market Logic’s right to receive payment by the contractually agreed due date. Any legal terms and conditions on an Order Document are void.

7.3 Payment Term. Unless otherwise stated in the applicable SOW, Subscriber shall pay fees with cleared funds without any deductions being in the bank account of Market Logic no later than 30 days from the effective date of the applicable SOW or from the start of the respective subscription period as stipulated in the applicable SOW (“Payment Due Date”). Payment shall be executed by Subscriber via wire transfer. If any fees are not received by Market Logic by the due date in the bank account of Market Logic such fees shall accrue late interest at the rate of nine percent per year or the maximum rate permitted by law, whichever is higher, from the date such payment was due until the date paid.

7.4 Payment Disputes. Subscriber must provide written notice with reasonable details of the claimed dispute to Market Logic within seven (7) business days from receipt of invoice. If the Parties determine that any fees were incorrectly invoiced, then Market Logic will issue a credit note equal to the exceeding amount. Subscriber agrees to pay in full and without any delay any undisputed amount under such invoice.

7.5 Suspension of Services. If any undisputed amount owed by Subscriber in terms of this Section 7 is 10 days overdue, Market Logic may suspend the Services to Subscriber until such amounts are paid in full including interest payable. Market Logic will give Subscriber at least 10 days’ prior notice before suspending Services. It is understood that any such suspension does not affect Subscriber’s payment obligation attributable to such suspension period.

7.6 Price Adjustment. Unless otherwise agreed upon in a Statement of Work, the fees for the identical Services under the same SOW will be increased by 2% per year or applicable inflation rate, whichever one is higher, calculated upon each anniversary of subscription period.

8. TAXES

8.1 Taxes. The fees and prices specified in any Statement of Work, Order Form or similar document issued pursuant to this Agreement do not include any taxes, such as sales tax, if applicable. Where Market Logic is required by law to charge any sales, use, value added, goods and services or similar taxes (“Taxes”), Market Logic shall charge Taxes in addition to the fees contained in Section 7.1 and Subscriber shall be obliged to pay such Taxes, unless the Subscriber provides Market Logic with a valid Tax exemption certificate together with the relevant Order Document. Provision of a tax exemption certificate after issuance of Purchase Order may result in no exemption tax exemption being granted. The Subscriber shall submit the completed exemption documentation to finance@marketlogicsoftware.com. The calculation of the Taxes shall be based on the delivery address provided by the Subscriber in the applicable Statement of Work and shall be set out in the relevant invoice. In absence of a Statement of Work or Order Document the registered office of Subscriber shall be used as delivery location for the purposes of calculating Taxes. The Subscriber agrees to paying the Taxes and Fees contained in an invoice issued by MLS in full. Any unpaid Taxes not subject to a valid exemption shall be considered as Late Payment in accordance with Section 7. Market Logic shall invoice all Fees and Taxes in accordance with applicable laws and rules and, where permissible, in a manner that allows the Subscriber to reclaim the Taxes from the appropriate government authority. In the event that a Party realizes that any errors have been made relating to the omission or inclusion of Taxes, it shall make the other Party aware of such error and the Parties shall cooperate in good faith to resolve any over or under payment. Subscriber shall be responsible for any penalties and/or interest charged by a taxing authority for taxes properly charged by Market Logic, but which remain unpaid due to any delay or fault on the part of the Subscriber.

Nothing in this Agreement shall require Subscriber to pay any payroll, franchise, corporate, partnership, succession, transfer, profits or direct income tax relating to Market Logic.

8.2 Withholding Tax. Subscriber will not withhold income tax for services provided by Market Logic unless required by government regulations. Should this be required, both Parties agree that a surcharge covering the full amount required to be withheld will be added to the service fee. Subscriber shall inform Market Logic of withholding requirements 30 days prior to contractually agreed invoice date. Should Subscriber fail to do so, Market Logic reserves the right to invoice Subscriber for payment of withheld taxes and apply surcharges for all future invoicing, if taxation is required by government regulations.

9. STATEMENTS OF WORK

Unless either Party provides 90 days written notice prior to the end of the Term of its intention not to renew, the applicable SOWs shall automatically renew for further 12-month periods.

10. OWNERSHIP

10.1 Subscriber Ownership. Subscriber owns and retains all right, title, and interest, including, without limitation, all Intellectual Property Rights, in and to the Subscriber Data. Subject to the limited licenses granted herein, Market Logic acquires no right, title or interest from Subscriber or Subscriber’s licensors under this Agreement in or to any of Subscriber Data. Subscriber grants Market Logic, its Affiliates and its approved subcontractors a worldwide, limited term right and license to store, host, reproduce, maintain and use Subscriber Data, only as reasonably necessary to provide and improve the Services in accordance with this Agreement.

10.2 Market Logic Ownership. Market Logic shall retain all right and title in and to a) the Services and all modifications and/or enhancements to the Software Services and the Deliverables, regardless of the source of inspiration for any such enhancement or modification and regardless of whether Subscriber has provided input regarding such modifications and/or enhancements, b) proprietary education or training content, c) materials related to Market Logic’s Professional Services processes and methodology, d) any Algorithms associated with the artificial Intelligence (“AI”) or Cognitive Capabilities of the Software Services. Notwithstanding any other term of this Agreement, Market Logic may access and use, and shall retain all right, title and interest in the Software Services, which may include aggregated and anonymized data based upon Subscriber Data, provided that such data does not reveal the identity or traits of any particular individual person or of Subscriber and does not contain any Subscriber Data.

10.3 Artificial Intelligence (“AI”) /Cognitive Capabilities. Subscriber understands and agrees that any functions of the Software Services that utilize AI algorithms will automatically generate output based solely on the electronic data or information submitted by Subscriber to the Software Services, including content and data, if any, licensed or acquired by Subscriber from third party content providers (“Subscriber Data”). Therefore, Subscriber understands and accepts that the quality of such Subscriber Data will directly affect the quality of the output. As such, Market Logic makes no warranty, express or implied, as to the accuracy or completeness of any of the automatically generated output.

10.4 Suggestions and Feedback. Market Logic shall have a royalty-free, worldwide, irrevocable, perpetual license to use and incorporate into the Software Services any suggestions, enhancement requests, recommendations, results of anonymous usage statistics or other feedback provided by the Subscriber, including its Users, relating to the operation of the Software Services. Market Logic acknowledges and agrees that any such feedback is provided “as is” without any warranty and that Market Logic shall have no right to any of Subscriber’s patents, registered copyrights or trademarks (“Subscriber IP”).

10.5 Usage data. Market Logic may compile statistical and other information related to the performance, operation and use of the Software Services (including, e.g. User’s operating system and browser, date and time of last login, number of downloads) solely for (i) the provision of usage statistics to the Subscriber, (ii) the maintenance of the security and integrity of the Software Services and (iii) research and development purposes related to improvements to the Software Services; such improvements must not contain any Confidential Information of Subscriber.

10.6 Rights in Mobile Apps. Mobile Apps (as defined in a Statement of Work) provided to Subscriber, are subject to the following conditions:

10.6.1 The Mobile Apps, including software embedded in the Mobile Apps, are licensed, not sold. Market Logic retains ownership of the Mobile Apps.

10.6.2 Subscriber’s Users may use the Mobile Apps on any Supported Device and on no other devices. “Supported Device” means a mobile device running a Current Release of either Android software or an Android software version(s) or an Apple device running relevant iOS software. “Current Release” means the most current major release of the respective operating software, and subsequent minor version of the operation software will be supported on its own (e.g., v1.0 is a major release and minor release v1.1, v1.2, v1.x would be supported). The Mobile App shall be provided by Market Logic pursuant to an applicable Statement of Work. Subscriber may download Mobile Apps updates made available by Market Logic to update or restore the Mobile Apps on any Supported Device.

10.6.3 Subscriber acknowledges and agrees that the Mobile Apps may collect User or device data for the purposes of providing services or functions that are relevant to use the Mobile Apps.

10.6.4 Subscriber understands that the maintenance times and procedures for the Mobile Apps may depend upon contributions to be provided by third parties, such as app store providers. Therefore, Subscriber agrees that the Service Level Agreement attached to the applicable Statement of Work shall not apply to the Mobile Apps.

11. CONFIDENTIALITY

11.1 Confidential Information. In relation to the execution of this Agreement each Party may from time to time during the term of this Agreement disclose (the “Disclosing Party”) to the other Party (the “Receiving Party”) certain non-public or proprietary information, communication or data related to a party’s business, products, or services, which the Disclosing Party identifies as confidential or which is of such a nature that the Receiving Party should reasonably understand that the Disclosing Party desires to protect such information against unrestricted disclosure or use, including information owed by third parties. Confidential Information includes, but is not limited to, algorithms, audit reports, business plans, business records, commercial information, computer programs, contracts, data-center designs, designs, diagrams, , draft publications, drawings, engineering records, financial information, , formulas, ideas, machine-readable data, market projections, marketing information, methods, offers, operational data, opinions, plans, pricing information, procedures, processes, product development plans, product information programs, projections, proposals, research data, research plans, samples, server-configuration designs, source code for computer programs, specifications, strategies, tax bills, technical information, test data (“Confidential Information”).

11.2 Non-Confidential Information. The obligations of confidentiality do not extend to any Confidential Information which the Receiving Party can show: (i) is or has become generally available to the public other than as a result of a breach of the obligations of confidentiality under this Agreement; or (ii) was in written records prior to the Effective Date and not subject to confidentiality obligations; or (iii) was or is disclosed by a third party entitled to disclose such information; or (iv) the Parties agree in writing that the information is not Confidential Information or that the information may be disclosed; or (v) is required to be disclosed under any Applicable Laws, or by order of a court or governmental body or authority of competent jurisdiction; or (vi) the Receiving Party independently developed the information without using Confidential Information.

11.3 Obligation of Confidentiality. The Receiving Party will treat all Confidential Information of the Disclosing Party with the same degree of care that the Receiving Party treats its own confidential or proprietary information, but in no event with no less than reasonable care. The obligations in this Section shall survive expiration or termination of this Agreement for a period of five (5) years.

11.4 During the Term, the Receiving Party may use Confidential Information to the extent reasonably necessary for a) performing the Receiving Party’s obligations under the Agreement, and/or b) exercising the Receiving Party’s rights under the Agreement; or c) assessing whether to enter into another agreement with the Disclosing Party; or d) any other particular authorized uses expressly agreed to in writing by the Parties. The Receiving Party will not, without the prior written consent of the Disclosing Party, disclose Disclosing Party’s Confidential Information to any third party. Notwithstanding the foregoing, the Receiving Party may, without the Disclosing Party’s prior written consent, disclose the Confidential Information to its employees, agents, affiliates, subcontractors or representatives on a need-to-know basis provided they are bound by obligations of non-disclosure.

11.5 Legally Required Disclosures. In the event the Receiving Party is required to disclose any Confidential Information by order of a court or any government agency, by law, regulation, judicial or administrative process, the Receiving Party will: a) give prior written notice of such disclosure to the Disclosing Party (if legally permitted to do so) together with a copy of the material proposed to be disclosed; b) reasonably cooperate with the Disclosing Party at the Disclosing Party’s request and expense to resist or limit such disclosure or to obtain a protective order; and c) in the absence of a protective order or other remedy, disclose only that portion of the Confidential Information that is legally required to be disclosed and assure that, if applicable, confidential treatment will be accorded the disclosed information.

11.6 Ownership and Return of Confidential Information. Unless otherwise provided for in this Agreement, all Confidential Information is provided without any warranty “as is” and shall remain the sole property of the Disclosing Party and no license or other right to such information is granted under this Agreement. Upon the Disclosing Party’s request, all Confidential Information, including copies of such information, must be promptly returned to the Disclosing Party or destroyed. Notwithstanding the foregoing obligations, Receiving Party shall be permitted to retain back-up copies of Confidential Information as required by its document retention policy.

12. WARRANTIES AND DISCLAIMERS

12.1 Mutual Warranties Each Party warrants to the other Party that: a) it has the authorization to enter into this Agreement; b) it shall comply with all applicable federal, state, local, or other laws and regulations applicable to the performance by it of its obligations under this Agreement and it has and shall obtain all applicable permits and licenses required of it in connection with its obligations under this Agreement.

12.2 Subscriber Warranties. Subscriber warrants to Market Logic that: a) Subscriber and its Users will use the Software Services in accordance with this Agreement; b) Subscriber Data will not infringe or misappropriate any Intellectual Property Rights or Confidential Information belonging to Market Logic or any third party; Furthermore, Subscriber warrants and represents to Market Logic that it shall not: i) create derivative works based on Market Logic‘s Software Services except as authorized within Agreement;  ii) copy, frame or mirror any part or content of Market Logic‘s Software Services and/or ancillary services, other than copying or framing on the Subscriber‘s own intranets or otherwise for the Subscriber’s own internal business purposes; iii) reverse engineer the Market Logic‘s Software Services and/or ancillary services or parts thereof; (iv) build a competitive product or service; and/or (v) copy any features, functions or graphics of Market Logic‘s Software Services.

12.3 Market Logic Warranties.

12.3.1 Software Services.With respect to the Software Services Market Logic warrants that a) Market Logic has the right to grant provide licenses to the Software Services to the Subscriber in accordance with the terms of this Agreement; b) to the best of Market Logic’s knowledge, the licensed use of the Software Services does not infringe the intellectual property rights of any third parties; and c) the Software Services and Mobile Apps do not contain any Open Source Software which could cause Subscriber’s products or services to be subject to any requirements or obligations arising from the Open Source Software Licenses. “Open Source Software” means any software, which is subject to license terms and conditions meeting the criteria listed at http://www.opensource.org/docs/definition.php and take the form of one of the licenses currently listed at http://opensource.org/licenses/ or which is subject to any similar license terms, which have been incorporated into the Software Services.

12.3.2 Professional Services Market Logic warrants that the Professional Services will be performed in a competent manner in accordance with generally accepted industry standards. For any breach of the above warranty, Subscribers exclusive remedy and Market Logic’s entire liability will be the re-performance of the applicable Professional Services. If Market Logic is unable to re-perform the Professional Services as warranted, Subscriber will be entitled to recover the fees paid for the deficient Professional Services. Subscriber must make any claim under the foregoing warranty to Market Logic in writing within 14 days of performance of such Professional Services in order to receive warranty remedies.

12.4 WARRANTY DISCLAIMER. EXCEPT AS EXPRESSLY PROVIDED HEREIN, NEITHER PARTY MAKES ANY WARRANTIES OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, AND EACH PARTY SPECIFICALLY DISCLAIMS ALL IMPLIED WARRANTIES, INCLUDING ANY WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW. MARKET LOGIC DOES NOT WARRANT THAT THE SERVICES WILL MEET SUBSCRIBER’S REQUIREMENTS OR THAT USE WILL BE UNINTERRUPTED OR ERROR FREE. THE SERVICES ARE PROVIDED “AS IS” AND “AS AVAILABLE”, AND THE ENTIRE RISK AS TO ITS SATISFACTORY USE IS WITH SUBSCRIBER.

13. INDEMNIFICATION

13.1 Market Logic Indemnity. Market Logic (“Indemnitor”) shall defend, indemnify and hold harmless Subscriber from and against any third-party claims asserted against Subscriber and its employees, officers, board members, agents, representatives, and officials (“Indemnitee”) based upon a) the gross negligence, willful misconduct, or violation of law by Market Logic, or b) any demand, claim or allegation that Subscriber’s licensed use of the Services by Market Logic infringes or violates any patent, copyright, trade secret, trademark, or other intellectual property right (collectively, “IP Rights”).

13.2 Subscriber Indemnity. The Subscriber (“Indemnitor”) shall defend, indemnify and hold harmless Market Logic and its Affiliates from and against any third-party claims asserted against Market Logic and its employees, officers, board members, agents, representatives, and officials (“Indemnitees”) based upon a) an allegation that the Subscriber Data infringes or violates any Intellectual Property Rights or b) Subscribers’ non-compliance with or breach of this Agreement, including unauthorized use of the Software Services.

13.3 Process. In order for an Indemnitee to be entitled to an indemnity under this Section 3, the Indemnitee must: a) provide the Indemnitor with prompt written notice within thirty (30) days of becoming aware of such claim; b) give the Indemnitor sole control and authority over the defense or settlement of such claim; and c) provide the Indemnitor with proper and full information and reasonable assistance to defend and/or settle any such claim. Neither Party shall, without the other Party’s prior written consent, accept any settlement that imposes any restrictions or obligations on the other Party, requires the other Party to make an admission, or imposes on the other Party liability not covered by the indemnities. The Indemnitee shall take reasonable steps to mitigate its loss following a breach which falls within this Section 13. If Subscriber is unable to use the Services or a portion thereof (“Infringing Item”) because a court of competent jurisdiction issues a judgement from which no appeal is taken that, by providing the Software Services, Market Logics has infringed IP Rights of a third party, Market Logic may promptly, at its expense a) procure for Subscriber the right to continue using such Infringing Item; or b) replace or modify the Infringing Item so that it becomes non-infringing. If Market Logic determines in its own reasonable discretion, that neither option is commercially reasonable, Market Logic may terminate the Agreement and refund all fees paid for such item.

13.4 This Section 13 states the entire obligations and liability of the Indemnitor and the indemnities in these provisions shall be the exclusive remedy for third-party claims for any indemnity.

14. LIMITATION OF LIABILITY

NEITHER PARTY NOR ITS OR THEIR RESPECTIVE OFFICERS, DIRECTORS, EMPLOYEES, SHAREHOLDERS, REPRESENTATIVES, SHALL BE LIABLE TO THE OTHER PARTY OR TO ANY THIRD PARTY FOR ANY INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR OTHER SIMILAR DAMAGES, INCLUDING LOSS OF PROFITS, ARISING OUT OF OR RELATED TO THIS AGREEMENT, EVEN IF THE PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. FURTHERMORE, EXCEPT FOR ANY IP INFRINGMENT, EITHER PARTY’S BREACH OF ITS CONFIDENTIALITY OR INDEMNITY OBLIGATIONS UNDER THIS AGREEMENT, OR CLAIMS BASED ON FRAUD OR THE WILLFUL, MALICIOUS OR GROSSLY NEGLIGENT CONDUCT OF THE LIABLE PARTY,  EACH PARTY’S AGGREGATE LIABILITY TO THE OTHER PARTY FOR ALL DAMAGES, LOSSES, AND CAUSES OF ACTION (WHETHER IN CONTRACT, TORT (INCLUDING NEGLIGENCE), OR OTHERWISE SHALL NOT EXCEED 110% OF THE TOTAL FEES PAID OR PAYABLE UNDER THE AGREEMENT DURING THE TWELVE (12) MONTHS PRECEDING THE INITIAL EVENT GIVING RISE TO SUCH LIABILITY. NO ACTION, REGARDLESS OF FORM, ARISING OUT OF ANY OF THE TRANSACTIONS UNDER THIS AGREEMENT MAY BE BROUGHT BY EITHER PARTY MORE THAN ONE (1) YEAR AFTER SUCH ACTION ACCRUED.

15. INSURANCE

During the Term, Market Logic shall maintain at its own expense insurance policies appropriate to its obligations under this Agreement, including as applicable general commercial liability, errors and omissions, employer liability and worker’s compensation insurance as required by applicable law.

16. TERM AND TERMINATION

16.1 Term. Subject to earlier termination in accordance with this Section 16, the Agreement shall take effect on the Effective Date and shall continue until the Services have been terminated or expired.

16.2 Term of Software Service Subscriptions. Subscriptions of the Software Services purchased by the Subscriber commence on the start date specified in the applicable Statement of Work and continue for the Subscription Term specified therein.

16.3 Termination for Cause. A party may terminate this Agreement or any Statement of Work for any of the reasons contained in this Section 16:

16.3.1 Material Breach. Either Party may terminate this Agreement or a specific Statement of Work if the other party is in Material Breach of this Agreement or the specific Statement of Work and the breaching party fails to cure such Material Breach within a cure period of thirty (30) days from receipt of notice of Material Breach from the non-breaching Party. Such notice of Material Breach must describe the breach as comprehensively and in as much detail as possible in order to give the other party the opportunity to respond adequately during the thirty (30) day period. A “Material Breach”, for the purposes of this Section 3.1 is a severe enough failure of a core obligation by one party to undermine the entire Agreement for the other party , for example a failure to make payment when due, breach of confidentiality obligations, infringement of IP Rights and a failure by the breaching party to remedy such breach in accordance with this Agreement, breach of applicable laws, repeated non-material breaches cumulatively amounting to a Material Breach, and failure to keep current all billing information to the extent that it interferes with invoicing.

16.3.2 Bankruptcy. Either party may terminate this Agreement or any Statement of Work effective immediately upon: a) receipt of written notice of insolvency or bankruptcy of the other party; b) the commencement by or against that party of any case or proceeding under any bankruptcy, reorganization, or insolvency law, or any other law for the relief of debtors, provided the affected party is unable to fulfill its obligations under the Agreement because of such proceedings;

16.4 Effect of Termination. Upon termination or expiry of this Agreement or the applicable Statement of Work, Market Logic shall immediately cease providing the related Services to the Subscriber and any subscriptions or licenses granted hereunder shall terminate.

16.4.1 If this Agreement is terminated by Subscriber in accordance with Section 3.1, Subscriber shall be entitled to a refund of the pro-rata amount of any pre-paid sums starting from the effective date of the termination.

16.4.2 If this Agreement is terminated by Market Logic in accordance with Section 3, Subscriber will not receive any refund of sums paid under this Agreement and Market Logic shall be entitled to all of fees due or payable under this Agreement, including the applicable SOW.

16.4.3 Upon request by the Subscriber made within 30 days from the effective date of termination of the Software Services, Market Logic will make available to the Subscriber for download a file of the Subscriber Data in an industry-standard documented file format and/or original format and inform the Subscriber accordingly in writing with explicit reference to the availability of the Subscriber Data. After a 60-day period, Market Logic shall have no obligation to maintain or provide the Subscriber Data and shall thereafter, unless legally prohibited, delete all the Subscriber Data in Market Logic systems or otherwise in Market Logic possession or under Market Logic control. In the event the 60-day period is not sufficient to download all Subscriber Data, the data return period may be extended by a further maximum of two more 60-day periods, provided that the Subscriber notifies Market Logic accordingly in due time before the expiry of the data return period and agrees to compensate Market Logic for all related costs and expenses in connection with the extension of the 60-day period. The Subscriber may instruct Market Logic at any time during the Term or within the data return period following it to immediately and permanently erase all copies of Subscriber Data from all its Market Logic systems. Market Logic will execute such request within five (5) days of receiving written notice by the Subscriber to do so.

16.4.4 Termination of this Agreement or any Statement of Work for any reason shall not affect the accrued rights of the parties arising under this Agreement, including the right to recover damages against the other party in accordance with the Agreement. In no circumstances shall any termination relieve the Subscriber of the obligation to pay any fees payable to Market Logic for the period prior to the effective date of termination nor shall Market Logic be obliged to refund of any fees referred to such period.

17. NOTICES

17.1 Manner of Giving Notice. All notices, permissions and approvals hereunder shall be in writing, email shall be considered to be sufficient when in accordance with the provisions in Section 17.2 and shall be deemed to have been given upon a) personal delivery, b) the second business day after mailing, c) the second business day after sending by confirmed facsimile, or d) the first business day after sending by email. All notices will be effective upon receipt.

To Market Logic:

Market Logic Software, Inc.

80 Pine Street, Floor 24,

New York, New York, 10005

Attention: Mr. Olaf Lenzmann

E-Mail: ole@marketlogicsoftware.com

 

With a copy to:


Market Logic Software, AG.

Attention:

Legal Department

Franklinstraße 28-29

10587 Berlin

E-Mail: legal@marketlogicsoftware.com

 

Billing-related notices to the Subscriber shall be addressed to the relevant billing contact designated by the Subscriber. All other notices to the Subscriber shall be addressed to the relevant Services system administrator designated by the Subscriber.

17.2 E-Mail Notice. An emailed notice shall not be sufficient for notices of termination or an indemnifiable claim. An emailed notice will not be effective unless the notice is acknowledged in writing (including for example by email) by the party to which the notice was directed. If a notice is delivered by email to a specific email address; but the notice as delivered to that address is not acknowledged in writing by an individual who is an agent of the notified party for purposes of receiving notices of the type in question, then the notice is not effective as to that address, unless the party being notified has expressly designated the specific address, in writing, as one to which notices under the Agreement may be sent.

18. GENERAL PROVISIONS

18.1 Export Compliance. Both parties shall comply with all applicable UK, EU and/or US sanctions and export regulations including any restrictions or prohibitions on trade or financial transactions with certain countries or entities.

18.2 Anti-Corruption. In performing their obligations under this Agreement, the parties shall: a) comply with all applicable laws and regulations relating to anti-bribery and anti-corruption and maintain its own policies and procedures in this respect; (b) as soon as reasonably practicable report to each other any offer, request or demand for any undue financial or other advantage of any kind received by the other party in connection with the performance of this Agreement.

18.3 Relationship of the Parties. The parties are independent contractors. This Agreement does not create a partnership, franchise, joint venture, agency, fiduciary or employment relationship between the parties.

18.4 Subcontractors. Market Logic may not subcontract any part of its obligations under this Agreement except to its Affiliates or as agreed in writing by Subscriber. Notwithstanding the above, Market Logic may use subcontractors without having to obtain written consent from Subscriber where such subcontractors are used in the day-to-day business of Market Logic and where such subcontractors shall have no access to Subscriber Data. Market Logic will obligate its subcontractors (if any) to adhere to and uphold IT-security and confidentiality obligations that are at least as protective as those rights of Subscriber provided for in this Agreement.

Notwithstanding the permitted subcontracting of Services hereunder Market Logic will remain liable for all of its obligations under this Agreement, and for the acts and omissions of all Market Logic employees in connection with the performance of Services or provision of Software Services.

18.5 No Third-Party Beneficiaries. There are no third-party beneficiaries to this Agreement.

18.6 Waiver. No failure or delay by either party in exercising any right under this Agreement shall constitute a waiver of that right.

18.7 Information Security. Market Logic shall be responsible for implementing and maintaining information security controls in line with standard industry practices as set out in Annex A that are designed to: a) ensure the security, confidentiality and integrity of Services and Subscriber Data; b) protect against any anticipated threats or hazards to the security or integrity of the Services and Subscriber Data; c) protect against unauthorized physical or logical access to or use of Services and Subscriber Data; d) ensure the secure disposal of Subscriber Data as per reasonable instructions of the Subscriber; e) ensure the security and integrity of the operational environment, including the network connectivity, supporting the Services; f) ensure that changes to the Services and operational environment supporting the Services are managed following formal processes; g) segregate Subscriber Data from those of other Market Logic customers; and h) ensure appropriate measures to protect against loss of Subscriber Data.

18.8 Data Protection. The Parties agree to fully comply with applicable data protection laws.

18.9 Governing Law. In all respects this Agreement will be governed by, and construed in accordance with, the substantive laws of the State of New York without regard to conflict of law principles. Any claim or action brought by one of the parties hereto in connection with this Agreement shall be brought in the appropriate Federal or State court located in the County of New York, and the parties hereto irrevocably consent to the exclusive jurisdiction of such court.

18.9 Severability. If any provision of this Agreement is held by a court of competent jurisdiction to be contrary to law, the provision shall be modified by the court and interpreted so as best to accomplish the objectives of the original provision to the fullest extent permitted by law, and the remaining provisions of this Agreement shall remain in effect.

18.10 Surviving Provisions. Section 7 (Fees and Payment), Section 10 (Ownership), Section 11 (Confidentiality), Section 12 (Warranties and Disclaimers), Section 14 (Limitation of Liability), Section 16.4 (Effect of Termination), Section 17 (Notices) and Section 18 (General Provisions) shall survive any termination or expiration of this Agreement.

18.11 Assignment. Neither party may assign any of its rights or obligations hereunder, whether by operation of law or otherwise, without the prior written consent of the other party, except that either party may assign all of its rights and delegate all of its obligations under this Agreement without needing the other party’s consent to an entity: (i) which such party owns or controls; or (ii) by which such party is owned or controlled. In addition, either party may, without needing the other party’s consent assign any of its rights or obligations under this Agreement in connection with a merger, acquisition, corporate reorganization, or sale of all or substantially all of its assets not involving a direct competitor of the other party. Any consent required by this paragraph will not be unreasonably withheld, conditioned, or delayed. Subject to the foregoing, this Agreement shall bind and inure to the benefit of the parties, their respective successors and permitted assigns.

18.12 Entire Agreement. This Agreement, including all exhibits and addenda hereto and all Statement of Works, constitute the entire agreement between the Parties and supersedes all prior and contemporaneous agreements, proposals or representations, written or oral, concerning its subject matter. No modification, amendment and/or supplement, or waiver of any provision of this Agreement shall be effective unless in writing and either signed or accepted electronically by the party against whom the modification, amendment or waiver is to be asserted. To the extent of any conflict or inconsistency between the provisions in the body of this Agreement and any exhibit or addendum hereto or any Statement of Work, the terms of the applicable Statement of Work shall prevail. Notwithstanding any language to the contrary therein, no terms or conditions stated in the Subscriber’s purchase orders or other order documentation shall be incorporated into or form any part of this Agreement, and all such terms or conditions shall be null and void.

18.13 Force Majeure. Neither party shall be liable to the other for any delay or failure to perform hereunder (excluding payment obligations) due to circumstances beyond such party’s reasonable control, including but not limited to acts of God, acts of government, flood, fire, earthquakes, civil unrest, acts of terror, strikes or other labor problems (excluding those involving such party’s employees), service disruptions involving hardware, software or power systems not within such party’s reasonable control, and denial of service attacks.

18.14 Counterparts. This Agreement any Statement of Work issued hereunder may be executed in any number of counterparts, each of which when executed and delivered shall constitute and original of this Agreement, but all the counterparts shall together constitute the same agreement. Transmission of an executed counterpart of this Agreement by email (in PDF, JPEG or other agreed format) shall take effect as delivery of an executed counterpart of this Agreement. If either method of delivery is adopted, without prejudice to the validity of the Agreement made, if requested each party shall provide the others with the original of such counterpart as soon as reasonably possible after. No counterpart shall be effective until each party has executed and delivered at least one counterpart.

ANNEX A

INFORMATION SECURITY REQUIREMENTS

1 Scope

Subject to the terms and conditions of the Agreement, all Services performed by Market Logic under this Agreement, shall comply with the requirements set forth in this Annex A, as applicable in the context of the Services.

This Annex A sets out the security requirements for the IT environments, facilities, equipment and personnel used by Market Logic to store and/or process Subscriber Data in relation to the Services. This Annex and the requirements set forth herein are in addition to, and not in lieu of, other requirements incorporated into the Agreement. Notwithstanding any security requirements agreed between Subscriber and Market Logic, any proprietary data of Third Party Service Providers shall be solely subject to separate security and confidentiality obligations between Market Logic and the respective provider.

Before processing Subscriber Data under this Agreement, Market Logic and its subcontractors shall bring into effect and maintain throughout the term of this Agreement the technical and organisational measures as set out hereunder in order to meet the requirements according to this Agreement, to secure at any time the confidentiality and integrity of the Subscriber Data, to prevent unauthorised or unlawful processing of Data and to protect against accidental or unlawful destruction, damage, accidental loss, alterations or unauthorised disclose or access.

The technical and organisational measures are subject to technical progress and development. In that regard, Market Logic and its Subcontractors are allowed to implement adequate alternative measures, provided, however, that the security level shall not be undercut at any time.

Significant changes to the technical and organisational measures as set out hereunder will be documented and notified to Subscriber prior to their implementation.

2. Certification

Market Logic warrants that the third-party Data Centre it utilizing to provide the Services is ISO27001 and SOC2 certified.

Market Logic warrants that it has designed its information security management according to ISO27001.

3. Logical Security

3.1 General

The logical security processes in this Section 3 apply to all systems used to provide the Services on which Subscriber Data is accessed, processed, stored, transferred or maintained.

3.2 Systems Access Control and Network Access Control

3.2.1 Access Controls. Market Logic warrants that it employs access control mechanisms that:

a) prevent unauthorized access to Subscriber data;

b) limit access to Market Logic personnel with a business need to know;

c) follow principle of least privilege allowing access to only the information and resources that are necessary under the terms of the Agreement; and

d) have the capability of detecting, logging, and reporting access to the system or network or attempts to breach security of the system or network.

3.2.2 Authentication. All Market Logic personnel must have an individual account that authenticates that individual’s access to Subscriber Data. Market Logic will not allow sharing of accounts. Access controls and passwords must be configured in accordance with industry standards and best practices. Passwords must be (i) at least eight characters long, (ii) cannot contain the user’s account name or more than two characters that occur in the full name or the user sequentially and (iii) must contain three of the following categories: Uppercase letters, Lowercase letters, Numbers, Symbols.

3.2.3 Regular Review of Access Controls. Market Logic will maintain a process to review access controls on a minimum annual basis for all Market Logic systems that contain Subscriber Data, including any system that, via any form of communication interface, can connect to the system on which Subscriber Data is stored. These access processes and the process to establish and delete individual accounts will be documented in, and will be in compliance with, Market Logic’s security policies and procedures.

3.2.4 Revocation of Access. Market Logic will revoke its Personnel’s access to physical locations, systems, and applications that contain or process Subscriber Data within a reasonable time of the cessation of such Market Logic Personnel’s need to access the system(s) or application(s).

3.3 Telecommunication and Network Security

3.3.1 Firewalls. Market Logic will deploy reasonably appropriate firewall technology. Traffic between Subscriber and Market Logic will be protected and authenticated by industry standard cryptographic technologies.

3.3.2 Intrusion Detection and Prevention. Market Logic will deploy intrusion detection or preferably prevention systems (NIDS/NIPS) in order to generate, monitor, and respond to alerts which could indicate potential compromise of the network and/or host.

3.3.3 Log Management. Market Logic shall ensure that all systems, incl. firewalls, routers, network switches and operating systems, log information to their respective system log facility or a centralized server for a minimum period of 3 months.

3.3.4 Network Segmentation.  Market Logic shall establish and maintain appropriate network segmentation, including the use of virtual local area networks (VLANS) where appropriate, to restrict network access to systems storing Subscriber Data.

3.3.4 Wireless Security. If Market Logic deploys a wireless network, Market Logic will configure and maintain the use, configuration and management of wireless networks to meet the following:

a) Physical Access – All wireless devices shall be protected using appropriate physical controls to minimize the risk of theft, unauthorized use, or damage;

b) Network Access – Network access to wireless networks should be restricted only to those authorized;

c) Access points shall be segmented from an internal, wired LAN;

d) The service set identifier (SSID), administrator user ID, password and encryption keys shall be changed from the default value;

e) Encryption of all wireless connections will be enabled using Industry Standard Encryption Algorithms (i.e., WPA2/WPA with 802.1X authentication and AES encryption). WEP should never be used;

f) If supported, auditing features on wireless devices shall be enabled and resulting logs shall be reviewed periodically by designated staff or a wireless intrusion prevention system. Logs should be retained for ninety (90) days or longer; and

g) SNMP shall be disabled if not required for network management purposes. If SNMP is required for network management purposes, SNMP will be read-only with appropriate access controls that prohibit wireless devices from requesting and retrieving information and all default community strings will be changed.

3.3.6 Rogue Access Point Detection. Market Logic will maintain a program to detect rogue access points to ensure that only authorized wireless access points are in place.

4 Malicious Code Protection

4.1 All workstations and servers will run the current version of industry standard anti-virus software with the most recent updates available on each workstation or server. Market Logic will configure this equipment and have supporting policies to prohibit users from disabling anti-virus software, altering security configurations, or disabling other protective measures put in place to ensure the safety of the computing environment.

4.2 Market Logic will have current anti-virus software configured to run real-time scanning of machines and a full system scan on a regularly scheduled interval.

4.3 Market Logic will scan incoming and outgoing content for malicious code on all gateways to public networks, including, but not limited to, email and proxy servers.

4.4 Market Logic will quarantine or remove files that have been identified as infected and will log the event.

5 Vulnerability Management and Application Security Assessments

5.1 Market Logic shall run internal and external network vulnerability scans at least quarterly and after any material change in the network configuration (e.g., new system component installations, changes in network topology, firewall rule modifications, or product upgrades). Vulnerabilities identified and rated as high risk by the Market Logic will be remediated within (15) days s maximum.

5.2 For all Internet-facing applications that collect, transmit or display Subscriber Data, Market Logic agrees to conduct Penetration Test assessment to identify common security vulnerabilities as identified by industry-recognized organizations (e.g., OWASP Top 10 Vulnerabilities; CWE/SANS Top 25 vulnerabilities) annually or for all major releases, whichever occurs first.

5.3 For all mobile applications (i.e., running on Android, Blackberry, iOS, Windows Phone) that collect, transmit or display Subscriber Data, Subscriber agrees to conduct penetration test assessment to identify and remediate industry-recognized vulnerabilities specific to mobile applications.

5.4 Patch Management. Market Logic will patch all workstations and servers with all current operating system, database and application patches deployed in Market Logic’s computing environment according to a schedule predicated on the criticality of the patch. Market Logic must perform appropriate steps to help ensure patches do not compromise the security of the information resources being patched. All emergency or critical rated patches must be applied as soon as possible but at no time will exceed thirty (30) days from the date of release.

6 Storage, Handling and Disposal of Subscriber Data

6.1 Data Segregation. Market Logic will physically or logically separate and segregate Subscriber Data from its other customer’s data.

6.2 Electronic Form Data. Market Logic will utilize Industry Standard Encryption Algorithms and Key Strengths to encrypt the following:

a) all Subscriber Data that is in electronic form while in transit over all public wired networks (e.g., Internet) and all wireless networks.

b) all Subscriber Data while In Storage. “In Storage” means information stored in databases, in file systems, and on various forms of online is also commonly referred to as “at rest.”

c) passwords will be hashed with irreversible industry standard algorithms with randomly generated “salt” added to the input string prior to encoding to ensure that the same password text chosen by different users will yield different encodings. The randomly generated salt should be at least as long as the output of the hash function.

d) any mobile devices (e.g., laptop, cell phone, tablet) used outside of a Data Center to perform any part of the Services.

6.3 Data Retention. Upon Subscriber’s request, or, upon termination or expiration of this Agreement, all Subscriber Data, including copies of such information, must be promptly returned to Subscriber or destroyed. Notwithstanding the foregoing obligations, Market Logic shall be permitted to retain back-up copies of Subscriber Data in accordance with applicable laws; applicable regulations and the Agreement.

6.4 Destruction of Data. Market Logic will dispose of Subscriber Data when information is deemed no longer necessary to preserve as outlined above in “Data Retention” Section 6.3. Subscriber Data shall be disposed of in a method that renders it unreadable, effectively decommissioned. Market Logic will destroy any equipment containing Subscriber Data that is damaged or non-functional. All Subscriber Data must be rendered unreadable and unrecoverable regardless of the form (physical or electronic).

7 Physical Security and Personnel Security

7.1 Physical security of Market Logic’s offices. Market Logic shall have adequate physical security perimeters to safeguard Subscriber Data. Market Logic shall have a premises access control system that requires:

a) every individual to have a unique access card and or key to access the premises;

b) access to sensitive areas, e.g., server rooms to be granted only to those who need access to the area to perform their work-related duties;

c) all visitors to be identified, registered, logged and accompanied by an employee of Market Logic at all times and;

d) Market Logic employees to adhere to a Clean Desk Policy.

7.2 Market Logic Personnel. Market Logic warrants that its personnel will:

a) be provided with a clear understanding of procedures and controls reasonably necessary to comply with the Information Security requirements set out in the Agreement prior to their being granted access to Subscriber Data;

b) upon hiring, and at least annually thereafter, participate in security awareness trainings. This training will cover, at a minimum, Market Logic’s security policies, including acceptable use, password protection, data classification, incident reporting, the repercussions of violations, and;

c) also receive training regarding data privacy and protection if Market Logic or its personnel accesses Personal Data.

8 Incident Reporting and Action

In case that Market Logic detects any event that poses a risk to the security of any Subscriber Data, Market Logic shall a) immediately report the incident to the Subscriber in writing; b) promptly provide a full investigative report along with the corrective action(s) reasonably necessary to prevent a future recurrence of such violation, security incident or infraction; c) execute such corrective actions; and d) take such other investigative actions and measures to ensure that such corrective actions are and will remain effective.

SOFTWARE AS A SERVICE TERMS AND CONDITIONS (RoW)

These Terms and Conditions were last updated in June, the 18th 2021.

 

This Software as a Service Terms and Conditions (“Terms and Conditions”, together with any applicable Statement of Work issued hereunder, the “Agreement”), between Market Logic Software AG, Franklinstraße 28-29, 10587 Berlin, Germany (“Market Logic”) and the Subscriber named in an applicable Statement of Work (“Subscriber”, collectively the “Parties”) are effective as of the date set forth on such Statement of Work (“Effective Date”).

Market Logic and Subscriber agree as follows:

1. PURPOSE

Market Logic provides and operates a software, in particular a market insights platform as a Software-as-a-Service (SaaS) as well as accompanying services. This Agreement contains the terms and conditions under which Subscriber acquires and uses Market Logic’s Services.

2. DEFINITIONS

The following definitions apply to this Agreement and any related Statement of Work:

2.1Affiliate” means any entity which directly or indirectly controls, is controlled by, or is under common control of the Parties respectively. “Control”, for purposes of this definition, means direct or indirect ownership or control of more than 50% of the voting interests of the subject entity;

2.2 “Competitors of Market Logic” means any entity, company, division or department of a company, including its personnel, which is involved in the development, provision or operation of any marketing insights and knowledge management platform and/or similar tools;

2.3 “Confidential Information” has the meaning as set forth in Sec. 11;

2.4Deliverables” means the individual modules including functions and/or features to be provided by Market Logic in connection with the Software Services hereunder as set forth in an applicable SOW and/or this Agreement;

2.5Malicious Code” means viruses, worms, time bombs, Trojan horses and other harmful or malicious code, files, scripts, agents or programs;

2.6Material Breach” has the meaning as set forth in Sec. 16;

2.7 “Non-GA Services” means any software services not generally available to Market Logic’s subscribers, which Market Logic may offer a trial version to Subscriber. The Subscriber may accept or decline any such trial services at the Subscriber’s sole discretion. Any Non-GA Services will be designated as beta, pilot, limited release, developer preview, non-production or by a description of similar import. Non-GA Services are provided for evaluation purposes and not for production use, are not supported, may contain bugs or errors, and may be subject to additional terms mutually agreed upon in a Statement of Work;

2.8Open Source Software” has the meaning as set forth in Sec. 12;

2.9 “Payment Due Date” has the meaning as set forth in Sec. 7;

2.10Professional Services” means the services that are offered by Market Logic to implement and maintain the Software Services (e.g., configuring the product, uploading Subscriber Data, provide training services). The scope of such Professional Services is specified in the applicable Statement of Work;

2.11Purchased Services” means the Services purchased by Subscriber under any applicable SOW;

2.12 “Services” means the Software Services and the Professional Services;

2.12Software Services” means the Market Logic platform including its software features and functionalities that Subscriber is authorized to use as specified in the applicable Statement of Work/s. Such Software Services are made available to Subscriber online via a dedicated Subscriber login link and/or other webpages designated by Market Logic;

2.14Statement of Work” or “SOW” means any ordering document, mutually agreed by the Parties, specifying the Services to be provided under this Agreement, including any documents, attachments or forms thereto. The Parties agree that Subscriber’s Affiliates are permitted to enter into SOWs with Market Logic, which Affiliates shall, upon signing the SOW, be bound by the terms and conditions of this Agreement;

2.15Subscriber” means the legal entity accepting this Agreement and any of its Affiliates who have signed any Statements of Work governed by this Agreement;

2.17Subscriber Data” means all electronic data or information submitted by the Subscriber to the Software Services, including content and data licensed or acquired by Subscriber from third party content providers (i.e., Third Party Services);

2.18Subscription Term” means the license term granted by Market Logic to as defined in the applicable Statement of Work;

2.19Third Party Feature/s” means any service or product (including, without limitation, mobile, offline or other software services) provided by a company, other than Market Logic, and integrated by default in the Software Services by Market Logic, which can be turned off upon request of Subscriber;

2.20Third Party Service/s” means any service or product (including, without limitation, mobile, offline or other software services) provided by a company, other than Market Logic, to Subscriber and which Third Party Service has been integrated into the Software Services by Market Logic on behalf of Subscriber and the Third Party Service provider in order to allow the Software Services to interoperate with the Third Party Services;

2.21 “Users” means individuals who are authorized by Subscriber to use the Software Services as specified in a valid and active Statement of Work between Market Logic and Subscriber and who have been supplied with user identifications and passwords by Subscriber (or by Market Logic on behalf of the Subscriber and at the Subscriber’s request). Users may include, but are not limited to, the Subscriber’s employees, consultants, contractors, agents and third parties authorized by and acting on behalf of Subscriber;

3. SOFTWARE USAGE RIGHTS

3.1 Rights in Software Services. During the term of this Agreement, Market Logic grants to Subscriber a limited, non-transferable, non-exclusive, non-perpetual right to access and use the Software and Software documentation for Subscriber’s internal business purposes. The Software shall be made available to Subscriber as Software-as-a-Service that Subscriber may access and use for the Subscription Term set out in an SOW(s). Market Logic will host and retain physical control over the Software and make the Software available through the Internet for access, use and operation by Subscriber via an Internet Browser through a secure HTTP/S connection. To access the Software Services, Users shall authenticate themselves with a unique, personal username and password. Certain functions of the Software may be downloaded for installation and use on a mobile device (“Mobile Apps”).  Such Mobile Apps may be accessed and used during the term of the respective SOW/s under this Agreement and must be uninstalled upon the expiration or termination of the respective term.  Other than as specifically set forth in this Agreement and unless otherwise agreed to by Market Logic in writing, no provision under this Agreement shall obligate Market Logic to deliver or otherwise make available any copies of computer programs or code from the Software to Subscriber, whether in object code or source code form.

3.2 Usage Restrictions. The Subscriber shall not a) permit any third party to access the Software Services except as permitted herein; b) create derivative works based on the Software Services except as authorized herein; c) copy, frame or mirror any part or content of the Software Services, other than copying or framing on the Subscriber’s own intranets or otherwise for the Subscriber’s own internal business purposes; d) reverse engineer the Software Services; or e) access the Software Services in order to: (i) build a competitive product or service; and (ii) copy any features, functions or graphics of the Software Services.

4. SOFTWARE SERVICES

4.1 Updates and Support. Market Logic will a) make updates to the Software Services available to Subscriber when they become commercially available; b) provide Standard Helpdesk Support via web-content and e-mail support, in English with a maximum response time of 8 hours, available 24 hours from Monday to Friday, including public holidays, and/or upgraded support if purchased separately; and c), upon acceptance of the Services, provide second and third level support and maintain the Software Services in accordance with the Service Level Agreement attached to the applicable Statement of Work. This support is limited to technical questions and does not include general end User training and consultancy services. Subscriber agrees that Market Logic may collect and use technical information gathered as part of the support and maintenance services for the Software Services, including User’s operating system and browser, as well as statistics (including, for example terms most searched, date and time of last login, number of downloads, number of uploads, and number of views). Market Logic may use this information solely for the purpose of providing usage statistics to the Subscriber and/or improving the Software Services. Market Logic shall not disclose this information in any form that identifies the Subscriber or any Users.

4.2 Non-GA Services. NON-GA SERVICES ARE NOT CONSIDERED “SOFTWARE SERVICES” HEREUNDER AND ARE PROVIDED “AS IS” WITH NO EXPRESS OR IMPLIED WARRANTY. At any time and at its sole discretion Market Logic may discontinue any or all Non-GA Services provided to Subscriber and may never make them generally available.

4.3 Subscriptions to Software Services. Unless otherwise specified in the applicable Statement of Work, a) Software Services are purchased as User subscriptions and may be accessed by no more than the specified number of named Users; b) each individual which Subscriber wishes to register a user account for will receive a User ID and password to the Software Services. One User account equals one purchased license. Each User account may only be used by the designated User and must not be shared with any other individuals. The license fees set forth in the relevant Statement of Work allow the Subscriber to register User accounts up to the number of purchased licenses. The fees do not pertain to an actual registration or actual usage of a User account; c) additional User subscriptions may be added during the applicable Subscription Term at the same pricing as that for the pre-existing subscriptions under the applicable Statement of Work, pro-rated for the remainder of the Subscription Term in effect at the time the additional User subscriptions are added; d) the added User subscriptions shall terminate on the same date as the pre-existing subscriptions. User subscriptions are for designated Users only and cannot be shared or used by more than one User but may be reassigned to new Users replacing former Users who no longer require use of the Services. In the event Subscriber fails to comply with the contractual usage limits, Subscriber agrees to promptly execute a Statement of Work for additional Services upon Market Logic’s request and to pay any invoice for excess usage in accordance with this Agreement.

4.4 Third Party Services.

4.4.1 Market Logic shall not be liable for and makes no warranties whatsoever with respect to any Third Party Services which Subscriber uses or desires to use in conjunction with the Software Services, in particular, but not limited to, instances where a Third Party Services provider refuses to make the Third Party Services available for interoperation with the Software Services in a manner which is acceptable to Market Logic, delays the integration or ceases the provision of the Third Party Service for the integration. Market Logic will take commercially reasonable steps to alter the Software Services to facilitate such integration.

4.4.2 Subscriber may be required to grant Market Logic access to Subscriber’s account with the Third Party Service. Any use, access and interaction (including, without limitation any exchange of data) by the Subscriber of any Third Party Services via the Software Services shall be governed by a separate license, service or similar agreement between Subscriber and the applicable Third Party Services provider. Market Logic shall not be responsible for any disclosure, modification, or deletion of Subscriber Data resulting from any use of or access to Third Party Services or Third Party Services providers.

4.4.3 Subscriber acknowledges and understands that a Third Party Service provider may make the performance of such services dependent on the provision of anonymous usage statistics and Market Logic shall be permitted to disclose the anonymous usage statistics to the Third Party Services provider on Subscriber’s behalf.

4.4.4 Notwithstanding any security requirements agreed between Subscriber and Market Logic, any proprietary data of such provider shall be solely subject to separate security and confidentiality obligations between Market Logic and the respective provider.

5. PROFESSIONAL SERVICES

5.1 Provision of Professional Services. Market Logic shall conduct the Professional Services pursuant to this Agreement and the applicable Statement of Work/s. Subscriber and Market Logic agree that all Professional Services performed under the applicable SOW do not require Market Logic to attend Subscriber’s premises unless training is provided on premises at Subscriber.

5.2 Timelines. Subscriber acknowledges and agrees that the ability of Market Logic to provide the Professional Services specified in the applicable Statement of Work within a projected timeline is dependent on contributions to be provided by Subscriber. If Market Logic considers that a material contribution, response or action required from Subscriber is delayed to a point that a milestone is being negatively impacted or cannot reasonably be completed due to such delay, Market Logic will promptly notify Subscriber. The delivery timeline shall be extended for a time equal to the amount of time it takes the Subscriber to provide the material contribution, response or action requested by Market Logic. For the avoidance of doubt, in such case Subscriber’s payment obligation under Section 7 shall not be affected and remain in full force and effect.

5.3 Acceptance. Unless otherwise agreed upon in a Statement of Work, upon completion of the Professional Services and each Deliverable under a Statement of Work pursuant to any applicable acceptance criteria or test plans mutually agreed in writing between the Parties, Market Logic will, as applicable: a) inform Subscriber that all contracted configuration and content upload services have been completed; and/or b) provide access details to the Software Services to Subscriber. Both Parties agree to consider all Professional Services and each Deliverable accepted unless Market Logic is notified otherwise by Subscriber within fourteen (14) days (“Testing Period”).

5.3.1 As of the date of acceptance, the Service Level Agreement shall apply, attached as an annex to the applicable Statement of Work.

5.3.2 In the event Subscriber reasonably determines in good faith that the Professional Services or Deliverable/s do not satisfy the agreed upon acceptance criteria as specified in the applicable Statement of Work or as mutually agreed upon in writing by the parties, Subscriber must notify Market Logic of this in writing within the Testing Period, specifying the deficiencies in detail.

5.3.3 Market Logic will re-perform the defective Professional Services and/or use reasonable efforts to correct such deficiencies and resubmit the Deliverable for acceptance to Subscriber as soon as practicable (“Correction Period”). Subscriber will review and test the re-performed Professional Services and resubmitted Deliverables for acceptance within an additional Testing Period. If the Professional Services or Deliverables fail to meet acceptance after a second Correction Period, Subscriber may in its sole discretion, as a sole and exclusive remedy, either: a) allow Market Logic an additional Correction Period in accordance with the process described above; or b) terminate the relevant Statement of Work immediately upon written notice and recover all setup related one-time fees paid under the relevant Statement of Work for such deficient Deliverable.

5.3.4 Subscriber will cooperate in good faith to execute a Statement of Work for any revised requirements upon Market Logic’s request, if the parties determine that a Deliverable’s functional requirements specified in a Statement of Work require modification, for example due to incorrect assumptions or changed requirements.

6. PARTIES OBLIGATIONS

6.1 Market Logic‘s Obligations. Market Logic shall a) appoint qualified personnel to perform the Professional Services; b) nominate a single point of contact to the Subscriber for all matters relating to the provision of the Professional Services; c) replace the nominated single point of contact and/or other personnel at Market Logic’ sole discretion with immediate effect if the performance of all or any of the nominated employees is inadequate; d) provide the Professional Services only in accordance with applicable laws and government regulations.

6.2 Subscriber’s Obligations.

6.2.1 The Subscriber shall a) be responsible for Users’ compliance with this Agreement; b) be responsible for the accuracy and legality of the Subscriber Data and of the means by which the Subscriber acquired the Subscriber Data; c) be responsible for providing the system environment in accordance with the system requirements of Market Logic set forth in the Agreement and the applicable Statement of Work; d) use commercially reasonable efforts to prevent unauthorized access to or use of the Software Services, and notify Market Logic promptly of any such unauthorized access or use; e) use the Software Services only in accordance with the applicable laws and government regulations; f) provide all Subscriber Data and material contributions needed to complete the Professional Services; g) provide any Subscriber Data, Personal Information and/or Confidential Information to Market Logic via encrypted means or on encrypted media; i) name a single point of contact to Market Logic for all matters relating to the provision of the Professional Services.

6.2.2 Furthermore, the Subscriber shall not: a) make the Software Services available to anyone other than the Users; b) grant Competitors of Market Logic any access to the Software Services; c) sell, resell, rent or lease the Software Services; d) use the Software Services to store or transmit infringing, libelous, and/or otherwise unlawful material, and/or material in violation of third-party privacy rights, e) use the Software Services to store or transmit Malicious Code; f) interfere with or disrupt the integrity or performance of the Software Services or third-party data contained therein; and g) grant unauthorized access to the Software Services or their related systems or networks.

7. FEES AND PAYMENT

7.1 Fees. Subscriber shall pay all fees specified in any Statement of Work. Except as otherwise specified in a SOW, (i) fees are based on the Services purchased and not actual usage; (ii) payment obligations are non-cancellable and fees paid are non-refundable; and (iii) Services purchased cannot be decreased in quantity during the Subscription Term.

7.2 Invoicing and Payment. Market Logic will invoice the Subscriber in accordance with the applicable SOW. The Subscriber is responsible for providing complete and accurate billing and contact information to Market Logic and notifying Market Logic of any changes to such information timely in advance to a respective invoice date. If Subscriber requires a purchase order or a similar document for Subscriber’s invoicing process (“Order Document”) it is the sole responsibility of Subscriber to provide the Order Document in a valid and reasonably acceptable form and timely in advance in order to be taken into consideration within Market Logic’s invoicing process. The absence or delay of an Order Document has no effect on Market Logic’s right to receive payment by the contractually agreed due date. Any legal terms and conditions on an Order Document are void.

7.3 Payment Term. Unless otherwise stated in the applicable SOW, Subscriber shall pay fees with cleared funds without any deductions being in the bank account of Market Logic no later than 30 days from the effective date of the applicable SOW or from the start of the respective subscription period as stipulated in the applicable SOW (“Payment Due Date”). Payment shall be executed by Subscriber via wire transfer. If any fees are not received by Market Logic by the due date in the bank account of Market Logic such fees shall accrue late interest at the rate of nine percent per year or the maximum rate permitted by law, whichever is higher, from the date such payment was due until the date paid.

7. 4 Payment Disputes. Subscriber must provide written notice with reasonable details of the claimed dispute to Market Logic within seven (7) business days from receipt of invoice. If the Parties determine that any fees were incorrectly invoiced, then Market Logic will issue a credit note equal to the exceeding amount. Subscriber agrees to pay in full and without any delay any undisputed amount under such invoice.

7.5 Suspension of Services. If any undisputed amount owed by Subscriber in terms of this Section 7 is 10 days overdue, Market Logic may suspend the Services to Subscriber until such amounts are paid in full including interest payable. Market Logic will give Subscriber at least 10 days’ prior notice before suspending Services. It is understood that any such suspension does not affect Subscriber’s payment obligation attributable to such suspension period.

7.6 Price Adjustment. Unless otherwise agreed upon in a Statement of Work, the fees for the identical Services under the same SOW will be increased by 2% per year or applicable inflation rate, whichever one is higher, calculated upon each anniversary of subscription period.

8. TAXES

The fees set forth in any Statement of Work, Order Form or similar document issued pursuant to this Agreement are net of tax, as such do not include any local, state, federal or foreign taxes, levies or duties of any nature, including value-added, sales, use or withholding taxes (“Taxes“). Subscriber is solely responsible for paying all Taxes, excluding only taxes based on the net income of Market Logic. If Market Logic has the legal obligation to pay or collect Taxes under this Section, the respective fees shall be increased by an amount applicable for the Taxes and be paid by Subscriber unless Subscriber provides Market Logic with a valid tax exemption certificate authorized by the appropriate taxing authority.

Software Services are provided as a Software-as-a-Service distribution and licensing model and as such are treated accordingly for the purposes of tax assessment.

9. STATEMENTS OF WORK

Unless either Party provides 90 days written notice prior to the end of the Term of its intention not to renew, the applicable SOWs shall automatically renew for further 12 month periods.

10. OWNERSHIP

10.1 Subscriber Ownership. Subscriber owns and retains all right, title, and interest, including, without limitation, all Intellectual Property Rights, in and to the Subscriber Data. Subject to the limited licenses granted herein, Market Logic acquires no right, title or interest from Subscriber or Subscriber’s licensors under this Agreement in or to any of Subscriber Data. Subscriber grants Market Logic, its Affiliates and its approved subcontractors a worldwide, limited term right and license to store, host, reproduce, maintain and use Subscriber Data, only as reasonably necessary to provide and improve the Services in accordance with this Agreement.

10.2 Market Logic Ownership. Market Logic shall retain all right and title in and to a) the Services and all modifications and/or enhancements to the Software Services and the Deliverables, regardless of the source of inspiration for any such enhancement or modification and regardless of whether Subscriber has provided input regarding such modifications and/or enhancements, b) proprietary education or training content, c) materials related to Market Logic’s Professional Services processes and methodology, d) any Algorithms associated with the artificial Intelligence (“AI”) or Cognitive Capabilities of the Software Services. Notwithstanding any other term of this Agreement, Market Logic may access and use, and shall retain all right, title and interest in the Software Services, which may include aggregated and anonymized data based upon Subscriber Data, provided that such data does not reveal the identity or traits of any particular individual person or of Subscriber and does not contain any Subscriber Data.

10.3 Artificial Intelligence (“AI”) /Cognitive Capabilities. Subscriber understands and agrees that any functions of the Software Services that utilize AI algorithms will automatically generate output based solely on the electronic data or information submitted by Subscriber to the Software Services, including content and data, if any, licensed or acquired by Subscriber from third party content providers (“Subscriber Data”). Therefore, Subscriber understands and accepts that the quality of such Subscriber Data will directly affect the quality of the output. As such, Market Logic makes no warranty, express or implied, as to the accuracy or completeness of any of the automatically generated output.

10.4 Suggestions and Feedback. Market Logic shall have a royalty-free, worldwide, irrevocable, perpetual license to use and incorporate into the Software Services any suggestions, enhancement requests, recommendations, results of anonymous usage statistics or other feedback provided by the Subscriber, including its Users, relating to the operation of the Software Services. Market Logic acknowledges and agrees that any such feedback is provided “as is” without any warranty and that Market Logic shall have no right to any of Subscriber’s patents, registered copyrights or trademarks (“Subscriber IP”).

10.5 Usage data. Market Logic may compile statistical and other information related to the performance, operation and use of the Software Services (including, e.g. User’s operating system and browser, date and time of last login, number of downloads) solely for (i) the provision of usage statistics to the Subscriber, (ii) the maintenance of the security and integrity of the Software Services and (iii) research and development purposes related to improvements to the Software Services; such improvements must not contain any Confidential Information of Subscriber.

10.6 Rights in Mobile Apps. Mobile Apps (as defined in a Statement of Work) provided to Subscriber, are subject to the following conditions:

10.6.1 The Mobile Apps, including software embedded in the Mobile Apps, are licensed, not sold. Market Logic retains ownership of the Mobile Apps.

10.6.2 Subscriber’s Users may use the Mobile Apps on any Supported Device and on no other devices. “Supported Device” means a mobile device running a Current Release of either Android software or an Android software version(s) or an Apple device running relevant iOS software. “Current Release” means the most current major release of the respective operating software, and subsequent minor version of the operation software will be supported on its own (e.g., v1.0 is a major release and minor release v1.1, v1.2, v1.x would be supported). The Mobile App shall be provided by Market Logic pursuant to an applicable Statement of Work. Subscriber may download Mobile Apps updates made available by Market Logic to update or restore the Mobile Apps on any Supported Device.

10.6.3 Subscriber acknowledges and agrees that the Mobile Apps may collect User or device data for the purposes of providing services or functions that are relevant to use the Mobile Apps.

10.6.4 Subscriber understands that the maintenance times and procedures for the Mobile Apps may depend upon contributions to be provided by third parties, such as app store providers. Therefore, Subscriber agrees that the Service Level Agreement attached to the applicable Statement of Work shall not apply to the Mobile Apps.

11. CONFIDENTIALITY

11.1 Confidential Information. In relation to the execution of this Agreement each Party may from time to time during the term of this Agreement disclose (the “Disclosing Party”) to the other Party (the “Receiving Party”) certain non-public or proprietary information, communication or data related to a party’s business, products, or services, which the Disclosing Party identifies as confidential or which is of such a nature that the Receiving Party should reasonably understand that the Disclosing Party desires to protect such information against unrestricted disclosure or use, including information owed by third parties. Confidential Information includes, but is not limited to, algorithms, audit reports, business plans, business records, commercial information, computer programs, contracts, data-center designs, designs, diagrams, , draft publications, drawings, engineering records, financial information, , formulas, ideas, machine-readable data, market projections, marketing information, methods, offers, operational data, opinions, plans, pricing information, procedures, processes, product development plans, product information programs, projections, proposals, research data, research plans, samples, server-configuration designs, source code for computer programs, specifications, strategies, tax bills, technical information, test data (“Confidential Information”).

11.2 Non-Confidential Information. The obligations of confidentiality do not extend to any Confidential Information which the Receiving Party can show: (i) is or has become generally available to the public other than as a result of a breach of the obligations of confidentiality under this Agreement; or (ii) was in written records prior to the Effective Date and not subject to confidentiality obligations; or (iii) was or is disclosed by a third party entitled to disclose such information; or (iv) the Parties agree in writing that the information is not Confidential Information or that the information may be disclosed; or (v) is required to be disclosed under any Applicable Laws, or by order of a court or governmental body or authority of competent jurisdiction; or (vi) the Receiving Party independently developed the information without using Confidential Information.

11.3 Obligation of Confidentiality. The Receiving Party will treat all Confidential Information of the Disclosing Party with the same degree of care that the Receiving Party treats its own confidential or proprietary information, but in no event with no less than reasonable care. The obligations in this Section shall survive expiration or termination of this Agreement for a period of five (5) years.

11.4 During the Term, the Receiving Party may use Confidential Information to the extent reasonably necessary for a) performing the Receiving Party’s obligations under the Agreement, and/or b) exercising the Receiving Party’s rights under the Agreement; or c) assessing whether to enter into another agreement with the Disclosing Party; or d) any other particular authorized uses expressly agreed to in writing by the Parties. The Receiving Party will not, without the prior written consent of the Disclosing Party, disclose Disclosing Party’s Confidential Information to any third party. Notwithstanding the foregoing, the Receiving Party may, without the Disclosing Party’s prior written consent, disclose the Confidential Information to its employees, agents, affiliates, subcontractors or representatives on a need-to-know basis provided they are bound by obligations of non-disclosure.

11.5 Legally Required Disclosures. In the event the Receiving Party is required to disclose any Confidential Information by order of a court or any government agency, by law, regulation, judicial or administrative process, the Receiving Party will: a) give prior written notice of such disclosure to the Disclosing Party (if legally permitted to do so) together with a copy of the material proposed to be disclosed; b) reasonably cooperate with the Disclosing Party at the Disclosing Party’s request and expense to resist or limit such disclosure or to obtain a protective order; and c) in the absence of a protective order or other remedy, disclose only that portion of the Confidential Information that is legally required to be disclosed and assure that, if applicable, confidential treatment will be accorded the disclosed information.

11.6 Ownership and Return of Confidential Information. Unless otherwise provided for in this Agreement, all Confidential Information is provided without any warranty “as is” and shall remain the sole property of the Disclosing Party and no license or other right to such information is granted under this Agreement. Upon the Disclosing Party’s request, all Confidential Information, including copies of such information, must be promptly returned to the Disclosing Party or destroyed. Notwithstanding the foregoing obligations, Receiving Party shall be permitted to retain back-up copies of Confidential Information as required by its document retention policy.

12. WARRANTIES AND DISCLAIMERS

12.1 Mutual Warranties. Each Party warrants to the other Party that: a) it has the authorization to enter into this Agreement; b) it shall comply with all applicable federal, state, local, or other laws and regulations applicable to the performance by it of its obligations under this Agreement and it has and shall obtain all applicable permits and licenses required of it in connection with its obligations under this Agreement.

12.2 Subscriber Warranties. Subscriber warrants to Market Logic that: a) Subscriber and its Users will use the Software Services in accordance with this Agreement; b) Subscriber Data will not infringe or misappropriate any Intellectual Property Rights or Confidential Information belonging to Market Logic or any third party; Furthermore, Subscriber warrants and represents to Market Logic that it shall not: i) create derivative works based on Market Logic‘s Software Services except as authorized within Agreement; ii) copy, frame or mirror any part or content of Market Logic‘s Software Services and/or ancillary services, other than copying or framing on the Subscriber‘s own intranets or otherwise for the Subscriber’s own internal business purposes; iii) reverse engineer the Market Logic‘s Software Services and/or ancillary services or parts thereof; (iv) build a competitive product or service; and/or (v) copy any features, functions or graphics of Market Logic‘s Software Services.

12.3 Market Logic Warranties.

12.3.1 Software Services. With respect to the Software Services Market Logic warrants that a) Market Logic has the right to grant provide licenses to the Software Services to the Subscriber in accordance with the terms of this Agreement; b) to the best of Market Logic’s knowledge, the licensed use of the Software Services does not infringe the intellectual property rights of any third parties; and c) the Software Services and Mobile Apps do not contain any Open Source Software which could cause Subscriber’s products or services to be subject to any requirements or obligations arising from the Open Source Software Licenses. “Open Source Software” means any software, which is subject to license terms and conditions meeting the criteria listed at http://www.opensource.org/docs/definition.php and take the form of one of the licenses currently listed at http://opensource.org/licenses/ or which is subject to any similar license terms, which have been incorporated into the Software Services.

12.3.2 Professional Services Market Logic warrants that the Professional Services will be performed in a competent manner in accordance with generally accepted industry standards. For any breach of the above warranty, Subscribers exclusive remedy and Market Logic’s entire liability will be the re-performance of the applicable Professional Services. If Market Logic is unable to re-perform the Professional Services as warranted, Subscriber will be entitled to recover the fees paid for the deficient Professional Services. Subscriber must make any claim under the foregoing warranty to Market Logic in writing within 14 days of performance of such Professional Services in order to receive warranty remedies.

12.4 WARRANTY DISCLAIMER. EXCEPT AS EXPRESSLY PROVIDED HEREIN, NEITHER PARTY MAKES ANY WARRANTIES OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, AND EACH PARTY SPECIFICALLY DISCLAIMS ALL IMPLIED WARRANTIES, INCLUDING ANY WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW. MARKET LOGIC DOES NOT WARRANT THAT THE SERVICES WILL MEET SUBSCRIBER’S REQUIREMENTS OR THAT USE WILL BE UNINTERRUPTED OR ERROR FREE. THE SERVICES ARE PROVIDED “AS IS” AND “AS AVAILABLE”, AND THE ENTIRE RISK AS TO ITS SATISFACTORY USE IS WITH SUBSCRIBER.

13. INDEMNIFICATION

13.1 Market Logic Indemnity. Market Logic (“Indemnitor”) shall defend, indemnify and hold harmless Subscriber from and against any third-party claims asserted against Subscriber and its employees, officers, board members, agents, representatives, and officials (“Indemnitee”) based upon a) the gross negligence, willful misconduct, or violation of law by Market Logic, or b) any demand, claim or allegation that Subscriber’s licensed use of the Services by Market Logic infringes or violates any patent, copyright, trade secret, trademark, or other intellectual property right (collectively, “IP Rights”).

13.2 Subscriber Indemnity. The Subscriber (“Indemnitor”) shall defend, indemnify and hold harmless Market Logic and its Affiliates from and against any third-party claims asserted against Market Logic and its employees, officers, board members, agents, representatives, and officials (“Indemnitees”) based upon a) an allegation that the Subscriber Data infringes or violates any Intellectual Property Rights or b) Subscribers’ non-compliance with or breach of this Agreement, including unauthorized use of the Software Services.

13.3 Process. In order for an Indemnitee to be entitled to an indemnity under this Section 3, the Indemnitee must: a) provide the Indemnitor with prompt written notice within thirty (30) days of becoming aware of such claim; b) give the Indemnitor sole control and authority over the defense or settlement of such claim; and c) provide the Indemnitor with proper and full information and reasonable assistance to defend and/or settle any such claim. Neither Party shall, without the other Party’s prior written consent, accept any settlement that imposes any restrictions or obligations on the other Party, requires the other Party to make an admission, or imposes on the other Party liability not covered by the indemnities. The Indemnitee shall take reasonable steps to mitigate its loss following a breach which falls within this Section 13. If Subscriber is unable to use the Services or a portion thereof (“Infringing Item”) because a court of competent jurisdiction issues a judgement from which no appeal is taken that, by providing the Software Services, Market Logics has infringed IP Rights of a third party, Market Logic may promptly, at its expense a) procure for Subscriber the right to continue using such Infringing Item; or b) replace or modify the Infringing Item so that it becomes non-infringing. If Market Logic determines in its own reasonable discretion, that neither option is commercially reasonable, Market Logic may terminate the Agreement and refund all fees paid for such item.

13.4 This Section 13 states the entire obligations and liability of the Indemnitor and the indemnities in these provisions shall be the exclusive remedy for third-party claims for any indemnity.

14. LIMITATION OF LIABILITY

14.1 Disclaimer. Market Logic shall be liable under the terms of this Agreement only in accordance with the following provisions. Any more extensive liability of Market Logic is excluded on the merits.

14.2 Market Logic shall be liable; a) unrestricted for damages caused intentionally or with gross negligence by Market Logic, its legal representatives or senior executives and for losses caused intentionally by other assistants in performance; in respect of gross negligence of other assistants in performance Market Logic’ liability shall be as set forth in the provisions for simple negligence in lit. e) below; and b) unrestricted for death, personal injury or damage to health caused by the intent or negligence of Market Logic, its legal representatives or assistants in performance; and c) for damages arising from the lack of any warranted characteristics up to the amount which is covered by the purpose of the warranty and which was foreseeable for Market Logic at the time the warranty was given, which amount shall not exceed 110% of the monetary value contained in the applicable Statement of Work; and d) in accordance with the German Product Liability Act in the event of product liability. However, the strict liability for initial defects in Section 536a para. 1, alt. 1 of the German Civil Code (BGB) is hereby excluded for the Software Services; and e) for damages caused by the breach of its primary obligations by Market Logic, its legal representatives or assistants in performance. Primary obligations are such basic duties which form the essence of the Agreement, which were decisive for the conclusion of the Agreement and on the performance of which the Subscriber may rely. If Market Logic breaches its primary obligations through simple negligence, then its ensuing liability shall be limited to the amount which was foreseeable by Market Logic at the time the respective service was performed, however Market Logic’ liability in this instance shall not exceed 110% of the monetary value contained in the applicable Statement of Work.

14.3 Market Logic shall not be liable for damages which are a result of a breach of the obligations of the Subscriber under this Agreement, especially under Section 6.2 of this Agreement; or if the Subscriber did not follow Market Logic`s Instructions; or if results of the Software Services or the Knowledge Building Services have been altered or modified by the Subscriber; or if the damage caused by any of Subscriber’s equipment. Furthermore, Market Logic shall not in any manner be liable with regards to any of the Subscriber Data. For avoidance of doubt, Market Logic shall not be liable for any loss and/or damages suffered by the Subscriber and/or its Affiliates in relation to the content of the Software which is created and/or derived from any of the Subscriber Data.

14.4 Consequential Damages. In no event shall either Party be liable to the other for consequential damages resulting from default in the performance of its obligations under this Agreement, provided, however, that this Section 14.4 shall not limit Market Logic’ obligations pursuant to Section 14.2 above.

15. INSURANCE

During the Term, Market Logic shall maintain at its own expense insurance policies appropriate to its obligations under this Agreement, including as applicable general commercial liability, errors and omissions, employer liability and worker’s compensation insurance as required by applicable law.

16. TERM AND TERMINATION

16.1 Term. Subject to earlier termination in accordance with this Section 16, the Agreement shall take effect on the Effective Date and shall continue until the Services have been terminated or expired.

16.2 Term of Software Service Subscriptions. Subscriptions of the Software Services purchased by the Subscriber commence on the start date specified in the applicable Statement of Work and continue for the Subscription Term specified therein.

16.3 Termination for Cause. A party may terminate this Agreement or any Statement of Work for any of the reasons contained in this Section 16:

16.3.1 Material Breach. Either Party may terminate this Agreement or a specific Statement of Work if the other party is in Material Breach of this Agreement or the specific Statement of Work and the breaching party fails to cure such Material Breach within a cure period of thirty (30) days from receipt of notice of Material Breach from the non-breaching Party. Such notice of Material Breach must describe the breach as comprehensively and in as much detail as possible in order to give the other party the opportunity to respond adequately during the thirty (30) day period. A “Material Breach”, for the purposes of this Section 3.1 is a severe enough failure of a core obligation by one party to undermine the entire Agreement for the other party, for example a failure to make payment when due, breach of confidentiality obligations, infringement of IP Rights and a failure by the breaching party to remedy such breach in accordance with this Agreement, breach of applicable laws, repeated non-material breaches cumulatively amounting to a Material Breach, and failure to keep current all billing information to the extent that it interferes with invoicing.

16.3.2 Bankruptcy. Either party may terminate this Agreement or any Statement of Work effective immediately upon: a) receipt of written notice of insolvency or bankruptcy of the other party; b) the commencement by or against that party of any case or proceeding under any bankruptcy, reorganization, or insolvency law, or any other law for the relief of debtors, provided the affected party is unable to fulfill its obligations under the Agreement because of such proceedings;

16.4 Effect of Termination. Upon termination or expiry of this Agreement or the applicable Statement of Work, Market Logic shall immediately cease providing the related Services to the Subscriber and any subscriptions or licenses granted hereunder shall terminate.

16.4.1 If this Agreement is terminated by Subscriber in accordance with Section 3.1, Subscriber shall be entitled to a refund of the pro-rata amount of any pre-paid sums starting from the effective date of the termination.

16.4.2 If this Agreement is terminated by Market Logic in accordance with Section 3, Subscriber will not receive any refund of sums paid under this Agreement and Market Logic shall be entitled to all of fees due or payable under this Agreement, including the applicable SOW.

16.4.3 Upon request by the Subscriber made within 30 days from the effective date of termination of the Software Services, Market Logic will make available to the Subscriber for download a file of the Subscriber Data in an industry-standard documented file format and/or original format and inform the Subscriber accordingly in writing with explicit reference to the availability of the Subscriber Data. After a 60-day period, Market Logic shall have no obligation to maintain or provide the Subscriber Data and shall thereafter, unless legally prohibited, delete all the Subscriber Data in Market Logic systems or otherwise in Market Logic possession or under Market Logic control. In the event the 60-day period is not sufficient to download all Subscriber Data, the data return period may be extended by a further maximum of two more 60-day periods, provided that the Subscriber notifies Market Logic accordingly in due time before the expiry of the data return period and agrees to compensate Market Logic for all related costs and expenses in connection with the extension of the 60-day period. The Subscriber may instruct Market Logic at any time during the Term or within the data return period following it to immediately and permanently erase all copies of Subscriber Data from all its Market Logic systems. Market Logic will execute such request within five (5) days of receiving written notice by the Subscriber to do so.

16.4.4 Termination of this Agreement or any Statement of Work for any reason shall not affect the accrued rights of the parties arising under this Agreement, including the right to recover damages against the other party in accordance with the Agreement. In no circumstances shall any termination relieve the Subscriber of the obligation to pay any fees payable to Market Logic for the period prior to the effective date of termination nor shall Market Logic be obliged to refund of any fees referred to such period.

17. NOTICES

17.1 Manner of Giving Notice. All notices, permissions and approvals hereunder shall be in writing, email shall be considered to be sufficient when in accordance with the provisions in Section 17.2 and shall be deemed to have been given upon a) personal delivery, b) the second business day after mailing, c) the second business day after sending by confirmed facsimile, or d) the first business day after sending by email. All notices will be effective upon receipt.

To Market Logic:

Market Logic Software, AG.

Attention:

Legal Department

Franklinstraße 28-29

10587 Berlin

E-Mail: legal@marketlogicsoftware.com

 

Billing-related notices to the Subscriber shall be addressed to the relevant billing contact designated by the Subscriber. All other notices to the Subscriber shall be addressed to the relevant Services system administrator designated by the Subscriber.

17.2 E-Mail Notice. An emailed notice shall not be sufficient for notices of termination or an indemnifiable claim. An emailed notice will not be effective unless the notice is acknowledged in writing (including for example by email) by the party to which the notice was directed. If a notice is delivered by email to a specific email address; but the notice as delivered to that address is not acknowledged in writing by an individual who is an agent of the notified party for purposes of receiving notices of the type in question, then the notice is not effective as to that address, unless the party being notified has expressly designated the specific address, in writing, as one to which notices under the Agreement may be sent.

18. GENERAL PROVISIONS

18.1 Export Compliance. Both parties shall comply with all applicable UK, EU and/or US sanctions and export regulations including any restrictions or prohibitions on trade or financial transactions with certain countries or entities.

18.2 Anti-Corruption. In performing their obligations under this Agreement, the parties shall: a) comply with all applicable laws and regulations relating to anti-bribery and anti-corruption and maintain its own policies and procedures in this respect; (b) as soon as reasonably practicable report to each other any offer, request or demand for any undue financial or other advantage of any kind received by the other party in connection with the performance of this Agreement.

18.3 Relationship of the Parties. The parties are independent contractors. This Agreement does not create a partnership, franchise, joint venture, agency, fiduciary or employment relationship between the parties.

18.4 Subcontractors. Market Logic may not subcontract any part of its obligations under this Agreement except to its Affiliates or as agreed in writing by Subscriber. Notwithstanding the above, Market Logic may use subcontractors without having to obtain written consent from Subscriber where such subcontractors are used in the day-to-day business of Market Logic and where such subcontractors shall have no access to Subscriber Data. Market Logic will obligate its subcontractors (if any) to adhere to and uphold IT-security and confidentiality obligations that are at least as protective as those rights of Subscriber provided for in this Agreement.

Notwithstanding the permitted subcontracting of Services hereunder Market Logic will remain liable for all of its obligations under this Agreement, and for the acts and omissions of all Market Logic employees in connection with the performance of Services or provision of Software Services.

18.5 No Third-Party Beneficiaries. There are no third-party beneficiaries to this Agreement.

18.6 Waiver. No failure or delay by either party in exercising any right under this Agreement shall constitute a waiver of that right.

18.7 Information Security. Market Logic shall be responsible for implementing and maintaining information security controls in line with standard industry practices as set out in Annex A that are designed to: a) ensure the security, confidentiality and integrity of Services and Subscriber Data; b) protect against any anticipated threats or hazards to the security or integrity of the Services and Subscriber Data; c) protect against unauthorized physical or logical access to or use of Services and Subscriber Data; d) ensure the secure disposal of Subscriber Data as per reasonable instructions of the Subscriber; e) ensure the security and integrity of the operational environment, including the network connectivity, supporting the Services; f) ensure that changes to the Services and operational environment supporting the Services are managed following formal processes; g) segregate Subscriber Data from those of other Market Logic customers; and h) ensure appropriate measures to protect against loss of Subscriber Data.

18.8 Data Protection. The Parties agree to fully comply with applicable data protection laws.

18.9 Governing Law. In all respects this Agreement will be governed by, and construed in accordance with, the substantive laws Germany and the Place of Jurisdiction shall be Berlin.

18.10 Severability. If any provision of this Agreement is held by a court of competent jurisdiction to be contrary to law, the provision shall be modified by the court and interpreted so as best to accomplish the objectives of the original provision to the fullest extent permitted by law, and the remaining provisions of this Agreement shall remain in effect.

18.11 Surviving Provisions. Section 7 (Fees and Payment), Section 10 (Ownership), Section 11 (Confidentiality), Section 12 (Warranties and Disclaimers), Section 14 (Limitation of Liability), Section 16.4 (Effect of Termination), Section 17 (Notices) and Section 18 (General Provisions) shall survive any termination or expiration of this Agreement.

18.12 Assignment. Neither party may assign any of its rights or obligations hereunder, whether by operation of law or otherwise, without the prior written consent of the other party, except that either party may assign all of its rights and delegate all of its obligations under this Agreement without needing the other party’s consent to an entity: (i) which such party owns or controls; or (ii) by which such party is owned or controlled. In addition, either party may, without needing the other party’s consent assign any of its rights or obligations under this Agreement in connection with a merger, acquisition, corporate reorganization, or sale of all or substantially all of its assets not involving a direct competitor of the other party. Any consent required by this paragraph will not be unreasonably withheld, conditioned, or delayed. Subject to the foregoing, this Agreement shall bind and inure to the benefit of the parties, their respective successors and permitted assigns.

18.13 Entire Agreement. This Agreement, including all exhibits and addenda hereto and all Statement of Works, constitute the entire agreement between the Parties and supersedes all prior and contemporaneous agreements, proposals or representations, written or oral, concerning its subject matter. Market Logic may update or revise these Terms and Conditions from time to time at its sole discretion without notice to Subscriber, and Market Logic recommends that Subscriber reviews these Terms and Conditions on a regular basis to stay abreast of the most current version. The most current version will be posted on Market Logic Website. Subscriber´s continued use of the Services after any update or revision to these Terms and Conditions constitutes Subscriber´s acceptance of the updates or revisions. To the extent of any conflict or inconsistency between the provisions in the body of this Agreement and any exhibit or addendum hereto or any Statement of Work, the terms of the applicable Statement of Work shall prevail. Notwithstanding any language to the contrary therein, no terms or conditions stated in the Subscriber’s purchase orders or other order documentation shall be incorporated into or form any part of this Agreement, and all such terms or conditions shall be null and void.

18.14 Force Majeure. Neither party shall be liable to the other for any delay or failure to perform hereunder (excluding payment obligations) due to circumstances beyond such party’s reasonable control, including but not limited to acts of God, acts of government, flood, fire, earthquakes, civil unrest, acts of terror, strikes or other labor problems (excluding those involving such party’s employees), service disruptions involving hardware, software or power systems not within such party’s reasonable control, and denial of service attacks.

18.15 Counterparts. This Agreement any Statement of Work issued hereunder may be executed in any number of counterparts, each of which when executed and delivered shall constitute and original of this Agreement, but all the counterparts shall together constitute the same agreement. Transmission of an executed counterpart of this Agreement by email (in PDF, JPEG or other agreed format) shall take effect as delivery of an executed counterpart of this Agreement. If either method of delivery is adopted, without prejudice to the validity of the Agreement made, if requested each party shall provide the others with the original of such counterpart as soon as reasonably possible after. No counterpart shall be effective until each party has executed and delivered at least one counterpart.

ANNEX A

INFORMATION SECURITY REQUIREMENTS

 

1 . Scope

Subject to the terms and conditions of the Agreement, all Services performed by Market Logic under this Agreement, shall comply with the requirements set forth in this Annex A, as applicable in the context of the Services.

This Annex A sets out the security requirements for the IT environments, facilities, equipment and personnel used by Market Logic to store and/or process Subscriber Data in relation to the Services. This Annex and the requirements set forth herein are in addition to, and not in lieu of, other requirements incorporated into the Agreement. Notwithstanding any security requirements agreed between Subscriber and Market Logic, any proprietary data of Third Party Service Providers shall be solely subject to separate security and confidentiality obligations between Market Logic and the respective provider.

Before processing Subscriber Data under this Agreement, Market Logic and its subcontractors shall bring into effect and maintain throughout the term of this Agreement the technical and organisational measures as set out hereunder in order to meet the requirements according to this Agreement, to secure at any time the confidentiality and integrity of the Subscriber Data, to prevent unauthorised or unlawful processing of Data and to protect against accidental or unlawful destruction, damage, accidental loss, alterations or unauthorised disclose or access.

The technical and organisational measures are subject to technical progress and development. In that regard, Market Logic and its Subcontractors are allowed to implement adequate alternative measures, provided, however, that the security level shall not be undercut at any time.

Significant changes to the technical and organisational measures as set out hereunder will be documented and notified to Subscriber prior to their implementation.

2. Certification

Market Logic warrants that the third-party Data Centre it utilizing to provide the Services is ISO27001 and SOC2 certified.

Market Logic warrants that it has designed its information security management according to ISO27001.

3. Logical Security

3.1 General

The logical security processes in this Section 3 apply to all systems used to provide the Services on which Subscriber Data is accessed, processed, stored, transferred or maintained.

3.2 Systems Access Control and Network Access Control

3.2.1 Access Controls. Market Logic warrants that it employs access control mechanisms that:

a. prevent unauthorized access to Subscriber data;

b. limit access to Market Logic personnel with a business need to know;

c. follow principle of least privilege allowing access to only the information and resources that are necessary under the terms of the Agreement; and

d. have the capability of detecting, logging, and reporting access to the system or network or attempts to breach security of the system or network.

3.2.2 Authentication. All Market Logic personnel must have an individual account that authenticates that individual’s access to Subscriber Data. Market Logic will not allow sharing of accounts. Access controls and passwords must be configured in accordance with industry standards and best practices. Passwords must be (i) at least eight characters long, (ii) cannot contain the user’s account name or more than two characters that occur in the full name or the user sequentially and (iii) must contain three of the following categories: Uppercase letters, Lowercase letters, Numbers, Symbols.

3.2.3 Regular Review of Access Controls. Market Logic will maintain a process to review access controls on a minimum annual basis for all Market Logic systems that contain Subscriber Data, including any system that, via any form of communication interface, can connect to the system on which Subscriber Data is stored. These access processes and the process to establish and delete individual accounts will be documented in, and will be in compliance with, Market Logic’s security policies and procedures.

3.2.4 Revocation of Access. Market Logic will revoke its Personnel’s access to physical locations, systems, and applications that contain or process Subscriber Data within a reasonable time of the cessation of such Market Logic Personnel’s need to access the system(s) or application(s).

3.3 Telecommunication and Network Security

3.3.1 Firewalls. Market Logic will deploy reasonably appropriate firewall technology. Traffic between Subscriber and Market Logic will be protected and authenticated by industry standard cryptographic technologies.

3.3.2 Intrusion Detection and Prevention. Market Logic will deploy intrusion detection or preferably prevention systems (NIDS/NIPS) in order to generate, monitor, and respond to alerts which could indicate potential compromise of the network and/or host.

3.3.3 Log Management. Market Logic shall ensure that all systems, incl. firewalls, routers, network switches and operating systems, log information to their respective system log facility or a centralized server for a minimum period of 3 months.

3.3.4 Network Segmentation.  Market Logic shall establish and maintain appropriate network segmentation, including the use of virtual local area networks (VLANS) where appropriate, to restrict network access to systems storing Subscriber Data.

3.3.5 Wireless Security. If Market Logic deploys a wireless network, Market Logic will configure and maintain the use, configuration and management of wireless networks to meet the following:

a. Physical Access – All wireless devices shall be protected using appropriate physical controls to minimize the risk of theft, unauthorized use, or damage;

b. Network Access – Network access to wireless networks should be restricted only to those authorized;

c. Access points shall be segmented from an internal, wired LAN;

d. The service set identifier (SSID), administrator user ID, password and encryption keys shall be changed from the default value;

e. Encryption of all wireless connections will be enabled using Industry Standard Encryption Algorithms (i.e., WPA2/WPA with 802.1X authentication and AES encryption). WEP should never be used;

f. If supported, auditing features on wireless devices shall be enabled and resulting logs shall be reviewed periodically by designated staff or a wireless intrusion prevention system. Logs should be retained for ninety (90) days or longer; and

g. SNMP shall be disabled if not required for network management purposes. If SNMP is required for network management purposes, SNMP will be read-only with appropriate access controls that prohibit wireless devices from requesting and retrieving information and all default community strings will be changed.

3.3.6 Rogue Access Point Detection. Market Logic will maintain a program to detect rogue access points to ensure that only authorized wireless access points are in place.

4 Malicious Code Protection

4.1 All workstations and servers will run the current version of industry standard anti-virus software with the most recent updates available on each workstation or server. Market Logic will configure this equipment and have supporting policies to prohibit users from disabling anti-virus software, altering security configurations, or disabling other protective measures put in place to ensure the safety of the computing environment.

4.2 Market Logic will have current anti-virus software configured to run real-time scanning of machines and a full system scan on a regularly scheduled interval.

4.3 Market Logic will scan incoming and outgoing content for malicious code on all gateways to public networks, including, but not limited to, email and proxy servers.

4.4 Market Logic will quarantine or remove files that have been identified as infected and will log the event.

5 Vulnerability Management and Application Security Assessments

5.1 Market Logic shall run internal and external network vulnerability scans at least quarterly and after any material change in the network configuration (e.g., new system component installations, changes in network topology, firewall rule modifications, or product upgrades). Vulnerabilities identified and rated as high risk by the Market Logic will be remediated within (15) days s maximum.

5.2 For all Internet-facing applications that collect, transmit or display Subscriber Data, Market Logic agrees to conduct Penetration Test assessment to identify common security vulnerabilities as identified by industry-recognized organizations (e.g., OWASP Top 10 Vulnerabilities; CWE/SANS Top 25 vulnerabilities) annually or for all major releases, whichever occurs first.

5.3 For all mobile applications (i.e., running on Android, Blackberry, iOS, Windows Phone) that collect, transmit or display Subscriber Data, Subscriber agrees to conduct penetration test assessment to identify and remediate industry-recognized vulnerabilities specific to mobile applications.

5.4 Patch Management. Market Logic will patch all workstations and servers with all current operating system, database and application patches deployed in Market Logic’s computing environment according to a schedule predicated on the criticality of the patch. Market Logic must perform appropriate steps to help ensure patches do not compromise the security of the information resources being patched. All emergency or critical rated patches must be applied as soon as possible but at no time will exceed thirty (30) days from the date of release.

6. Storage, Handling and Disposal of Subscriber Data

6.1 Data Segregation. Market Logic will physically or logically separate and segregate Subscriber Data from its other customer’s data.

6.2 Electronic Form Data. Market Logic will utilize Industry Standard Encryption Algorithms and Key Strengths to encrypt the following:

a. all Subscriber Data that is in electronic form while in transit over all public wired networks (e.g., Internet) and all wireless networks.

b. all Subscriber Data while In Storage. “In Storage” means information stored in databases, in file systems, and on various forms of online is also commonly referred to as “at rest.”

c. passwords will be hashed with irreversible industry standard algorithms with randomly generated “salt” added to the input string prior to encoding to ensure that the same password text chosen by different users will yield different encodings. The randomly generated salt should be at least as long as the output of the hash function.

d. any mobile devices (e.g., laptop, cell phone, tablet) used outside of a Data Center to perform any part of the Services.

6.3 Data Retention. Upon Subscriber’s request, or, upon termination or expiration of this Agreement, all Subscriber Data, including copies of such information, must be promptly returned to Subscriber or destroyed. Notwithstanding the foregoing obligations, Market Logic shall be permitted to retain back-up copies of Subscriber Data in accordance with applicable laws; applicable regulations and the Agreement.

6.4 Destruction of Data. Market Logic will dispose of Subscriber Data when information is deemed no longer necessary to preserve as outlined above in “Data Retention” Section 6.3. Subscriber Data shall be disposed of in a method that renders it unreadable, effectively decommissioned. Market Logic will destroy any equipment containing Subscriber Data that is damaged or non-functional. All Subscriber Data must be rendered unreadable and unrecoverable regardless of the form (physical or electronic).

7. Physical Security and Personnel Security

7.1 Physical security of Market Logic’s offices. Market Logic shall have adequate physical security perimeters to safeguard Subscriber Data. Market Logic shall have a premises access control system that requires:

a. every individual to have a unique access card and or key to access the premises;

b. access to sensitive areas, e.g., server rooms to be granted only to those who need access to the area to perform their work-related duties;

c. all visitors to be identified, registered, logged and accompanied by an employee of Market Logic at all times and;

d. Market Logic employees to adhere to a Clean Desk Policy.

7.2 Market Logic Personnel. Market Logic warrants that its personnel will:

a. be provided with a clear understanding of procedures and controls reasonably necessary to comply with the Information Security requirements set out in the Agreement prior to their being granted access to Subscriber Data;

b. upon hiring, and at least annually thereafter, participate in security awareness trainings. This training will cover, at a minimum, Market Logic’s security policies, including acceptable use, password protection, data classification, incident reporting, the repercussions of violations, and;

c. also receive training regarding data privacy and protection if Market Logic or its personnel accesses Personal Data.

8. Incident Reporting and Action

In case that Market Logic detects any event that poses a risk to the security of any Subscriber Data, Market Logic shall a) immediately report the incident to the Subscriber in writing; b) promptly provide a full investigative report along with the corrective action(s) reasonably necessary to prevent a future recurrence of such violation, security incident or infraction; c) execute such corrective actions; and d) take such other investigative actions and measures to ensure that such corrective actions are and will remain effective.

Your browser is out-of-date!

Update your browser to view this website correctly. Update my browser now

×