The URL can be used to link to this page

CONTRACT 6387 Vender AgreementAgreement No. 6387 bacon An RSA Business END USER LICENSE AGREEMENT *** IMPORTANT INFORMATION — PLEASE READ CAREFULLY *** THIS SOFTWARE CONTAINS COMPUTER PROGRAMS AND OTHER PROPRIETARY MATERIAL AND INFORMATION, THE USE OF WHICH IS SUBJECT TO AND EXPRESSLY CONDITIONED UPON ACCEPTANCE OF THIS END USER LICENSE AGREEMENT (THE "AGREEMENT"). THIS AGREEMENT IS A LEGALLY BINDING DOCUMENT BETWEEN YOU (MEANING THE INDIVIDUAL PERSON OR THE ENTITY THAT THE INDIVIDUAL REPRESENTS THAT HAS OBTAINED THE SOFTWARE AND HARDWARE FOR ITS INTERNAL PRODUCTIVE USE AND NOT FOR OUTRIGHT RESALE) (THE "CUSTOMER") AND SECURID (WHICH MEANS (I) RSA SECURITY LLC, IF CUSTOMER IS LOCATED IN THE UNITED STATES, MEXICO OR SOUTH AMERICA; (II) THE LOCAL SECURID SALES AFFILIATE, IF CUSTOMER IS LOCATED OUTSIDE THE UNITED STATES, MEXICO OR SOUTH AMERICA AND IN A COUNTRY IN WHICH SECURID HAS A LOCAL SALES AFFILIATE; OR (III) RSA SECURITY & RISK IRELAND LIMITED OR OTHER AUTHORIZED SECURID ENTITY AS IDENTIFIED ON THE SECURID QUOTE OR OTHER SECURID ORDERING DOCUMENT, IF CUSTOMER IS LOCATED OUTSIDE THE UNITED STATES, MEXICO OR SOUTH AMERICA AND IN A COUNTRY IN WHICH SECURID DOES NOT HAVE A LOCAL SALES AFFILIATE). Unless SecurID agrees otherwise in writing, this Agreement governs Customer's use of the Software and Hardware, except to the extent all or any portion of the Software or Hardware is: (a) the subject of a separate written agreement set forth in a quotation issued by SecurID; or (b) governed by a third party licensor's terms and conditions. Capitalized terms have meaning stated in the Agreement. By clicking on the "Agree" or "Accept" or similar button at the end of this Agreement, or proceeding with the installation, downloading, use or reproduction of this Software, or authorizing any other person to do so, you are representing to SecurID that you are (i) authorized to bind the Customer; and (ii) agreeing on behalf of the Customer that the terms of this Agreement shall govern the relationship of the parties with regard to the subject matter in this Agreement and are waiving any rights, to the maximum extent permitted by applicable law, to any claim anywhere in the world concerning the enforceability or validity of this Agreement. If you do not have authority to agree to the terms of this Agreement on behalf of the Customer, or do not accept the terms of this Agreement on behalf of the Customer, click on the "Cancel" or "Decline" or other similar button at the end of this Agreement and/or immediately cease any further attempt to install, download or use this Software for any purpose, and remove any partial or full copies made from this Software. 1. DEFINITIONS. Capitalized terms shall have the meaning as set forth in this Section 1 or as otherwise defined in this Agreement. A. "Affiliate" means a legal entity that is, directly or indirectly, controlled by, controls, or is under common control with Customer or SecurID, respectively. "Control" means more than 50% of the voting power or ownership interests. "Customer Affiliate" shall mean any Affiliate of Customer. B. "Customer Support Tools" means any software or other tools made available by SecurID to Customer to enable Customer to perfonn various self -maintenance activities. C. "Documentation" means the then -current, generally available, written user manuals and online help and guides provided by SecurID for Products. D. "Installation Site" means the ship -to address or other location identified on the SecurID quote or other document prepared by SecurID as the site of installation and/or use of a Product, or a subsequent location approved by SecurID. E. "Maintenance Aids" mean any hardware, software or other tools, other than Customer Support Tools, used by SecurID to perform diagnostic or remedial activities on Products. F. "Products" mean "Equipment" (which is the hardware delivered by SecurID to Customer) and/or "Software" (which means a series of instructions or statements in machine-readable, object code form only, including without limitation firmware incorporated in any Equipment.). G. "Product Notice" means the notice by which SecurID informs Customer of product -specific use rights and restrictions, warranty periods, warranty upgrades and maintenance (support) terms. Product Notices may be delivered in a SecurID quote, otherwise in writing and/or a posting on the applicable SecurID website, currently located at https://www.rsa.com/enus/company/standard-form-agreements. The terms of the Product Notice in effect as of the date of the 02 012022 Agreement No. 6387 SecurID quote shall be deemed to be incorporated into and made a part of the relevant Customer purchase order. Each Product Notice is dated and is archived when it is superseded by a newer version. SecurID shall not change any Product Notice retroactively with regard to any Products listed on a SecurID quote issued prior to the date of the applicable Product Notice. Upon request, SecurID shall without undue delay provide a copy of the applicable Product Notice and/or attach it to the relevant SecurID quote. H. "Services" mean (i) services for the support and maintenance of Products ("Maintenance Services" or "Support Services") governed by the terms currently located at: https://www.rsa.com/enus/company/standard-form-agreements; or (ii) consulting, installation, implementation, or other services that are not Maintenance Services ("Professional Services") governed by the terms currently located at: https://www.rsa.com/enus/company/standard-form-agreements. I. "Software Release" means any subsequent generally available version of Software provided by SecurID after initial Delivery of Software but does not mean a new Product. J. "Statement of Work" or "SOW" means a document agreed between Customer and SecurID containing specifications and other transaction -specific details of the Professional Services to be provided by SecurID. SOWs may, among other things, consist of (i) a separately executed, long form services specification; or (ii) a short form service description (called a "Service Brief') with an accompanying SecurID model number identified on a quote. K. "Supplier(s)" means an entity (other than Customer) whose components, subassemblies, software and/or services have been incorporated into Products and/or Services. L. "Training" means SecurID's generally available training course offerings, whether online, via CD, instructor -led, or any other method of delivery. M. "Training Materials" means the materials provided to Customer during Training. 2. QUOTING, PURCHASING AND PAYMENT. A. Quoting and Purchasing. This Section 2.A shall only apply to purchases which are placed by Customer directly with SecurID. The description of the Products, Maintenance Services, Services identified in a Service Brief, and related pricing are as stated in a quote to Customer from SecurID. Each quote is valid for the time period specified thereon. Customer may order the items on such quote by (i) issuing a purchase order to RSA that references such quote; or (ii) with the prior approval of SecurID (a) signing such quote and returning it to SecurID; or (b) sending an email or other writing to SecurID referencing and ordering the items on such quote. Customer's order is accepted by SecurID (1) issuing an e-mail or other written communication to Customer accepting such order; or (2) shipping the applicable Products to or commencing performance of the applicable Services. Each SOW (excluding the Service Brief) becomes binding on both parties when it is signed by SecurID and Customer countersigns and returns the SOW to SecurID (along with a purchase order if so required in the SOW). B. Payment. This Section 2.13 shall only apply to purchases which are placed by Customer directly with SecurID. Customer shall pay SecurID's invoices in full and in the same currency as the SecurID invoice within thirty (30) days after the date of SecurID's invoice, with interest accruing thereafter at the lesser of 1.5% per month or the highest lawful rate. The charges due hereunder for Products and Services and any other items provided by SecurID are exclusive of and Customer shall pay or reimburse SecurID for all value added (VAT), sales, use, excise, withholding, personal property, goods and services and other taxes, levies, customs and duties resulting from a Customer purchase order, except for taxes based on SecurID's net income. If Customer is required to withhold taxes, then Customer will forward any withholding receipts to SecurID. C. Transactions with Customer Affiliates. This Section 2.0 shall only apply to purchases which are placed by Customer directly with SecurID or SecurID Affiliate. Customer Affiliates domiciled in the same country as Customer are entitled to order Products and Services under this Agreement, if the Products and Services are ordered for installation/delivery or performance in such country. Before ordering Products and Services for installation/delivery in any other country, the Customer Affiliate operating in such other country and the local SecurID Affiliate, if any, that engages in direct sales/licensing activities of Products and Services in the ordinary course of its business for such country, must first execute a local participation agreement that (i) incorporates by reference the terms of this Agreement; and (ii) addresses such issues as are necessary to conform to local country laws and business requirements and practices. Thereafter, a SecurID quote, referencing the local participation agreement may be issued by such local SecurID Affiliate to the local Customer Affiliate and a purchase order may be placed pursuant to such SecurID quote. If there is no such local SecurID Affiliate, then SecurID shall advise Customer on any available alternative methods of procurement. 3. DELIVERY AND INSTALLATION. A. Product Delivery. This Section 3.A shall only apply to purchases which are placed by Customer directly with SecurID. Delivery of SecurID Product shall be completed in the following manner: (i) Title and risk of loss for sold Equipment and physical media containing Software shall transfer to Customer upon SecurID's delivery to a carrier at SecurID's designated point of shipment; and (ii) Software may be provided by (1) delivery of physical media to a carrier at SecurID's designated point of shipment; or (2) electronic download (when so offered by SecurID) ("Delivery"). Unless otherwise agreed, a common carrier shall be specified by SecurID. Software, Documentation, Evaluation Products and Training Materials are licensed only. No title to, or ownership of, Software, Documentation, Evaluation Products, Training Materials, or other materials provided to Customer in the course of performing Services is transferred to Customer. B. Product Installation and Acceptance. SecurID's obligation, if any, to install a Product as part of the Product's purchase price or licensing fee, is set forth in the Product Notice. Acceptance that a Product operates in substantial conformity to the Product's Documentation occurs upon Delivery or notice of availability for electronic download, as applicable. Notwithstanding such acceptance, Customer retains all rights and remedies set forth in the Section entitled "Product Warranty." 02 01 2022 Agreement No. 6387 4. LICENSE TERMS. A. General License Grant. SecurID grants to Customer a nonexclusive and nontransferable (except as otherwise permitted herein) license (with no right to sublicense) to use (i) Software solely for Customer's internal business purposes; (ii) Documentation related to Software solely for the purpose of supporting Customer's use of Software. Licenses granted to Customer shall continue for the duration as indicated on the SecurID quote, and commence on Delivery of the physical media or the date Customer is notified of availability for electronic download, as applicable; and (iii) with respect to Software that was Delivered to Customer on Equipment, use such Software only on the Equipment with which it was provided. Use of Software may require Customer to complete SecurID's then current product registration process, if any, to obtain and input an authorization key or license file. B. Licensing Models. Software is licensed for use only in accordance with the commercial terms and restrictions of the Software's relevant licensing model, which are stated in the Product Notice and/or SecurID quote. For example, the licensing model may provide that Software is licensed for use solely (i) for a certain number of licensing units; (ii) on or in connection with a certain piece of equipment, CPU, network or other hardware environment; and/or (iii) for a specified amount of storage capacity. Microcode, firmware or operating system software needed by the Equipment with which it is shipped to perform its basic functions, is licensed for use solely on such Equipment. SecurID may require Customer's purchase order, Quote, Schedule, invoice, or user license certificate for some or all of the Products to contain limitations with respect to the number of users, servers, application -specific usage, hosts, asserting and relying parties, functionality options and/or other restrictions. In such a case, such limitations and restrictions are incorporated herein by reference with respect to the applicable Products. C. Licensed Copies. All Software licenses granted herein are for use of object code only. Customer is permitted to copy Software, in accordance with the license, the quote, and the Product Notice. Unless otherwise agreed to by the parties, or unless such additional rights are granted in the Product Notice, Customer may only use one production copy of the SecurID Software. Customer may copy Documentation insofar as reasonably necessary for Customer's authorized internal use of Software. With respect to any and all copies of the Software and Documentation, Customer shall ensure that each copy contains all titles, trademarks, and copyright and restricted rights notices, and that all such copies shall be subject to the terms and conditions of this Agreement. D. License Restrictions. Customer shall not, without SecurID 's prior written consent (i) sublicense, or use Software in a service bureau, application service provider or similar capacity; or (ii) disclose to any third party the results of any comparative or competitive analyses, benchmark testing or analyses of SecurID Products performed by or on behalf of Customer; (iii) make available Software in any form to anyone other than Customer's employees, or contractors that are reasonably acceptable to SecurID, and require access to use Software on behalf of Customer in a manner permitted by this Agreement; or (iv) transfer Software to an Affiliate or a third party. If the Software contains or is bundled with third party products, then Customer may use such third party products solely for use with the particular Software that Customer has licensed from SecurID as set forth in the applicable Documentation, and/or the Product Notice. Customer shall not use any third -party product embedded in or bundled with the SecurID Software as a standalone program or in any way independently from the Software. Customer shall not, and shall not authorize any third party to, modify, enhance, supplement, create derivative works from, reverse assemble, reverse engineer, decompile or otherwise reduce to human readable form Software without SecurID's prior written consent. E. Software Releases. Software Releases shall be subject to the license terms applicable to Software. F. No Combination with Open Source Software. Some third party license terms require that computer code be generally (a) disclosed in source code form to third parties, (b) licensed to third parties for the purpose of making derivative works, or (c) redistributable to third parties at no charge (collectively, "Excluded License Terms"). If SecurID grants Customer the right to incorporate, modify, combine or distribute any of the SecurID Software licensed hereunder, then Customer shall not incorporate, modify, combine or distribute the SecurID Software with any other computer code in a manner that would subject the SecurID Software to Excluded License Terms. G. Reservation of Rights. RSA reserves all rights not expressly granted to Customer in this Agreement. Nothing in this Agreement shall limit in any way SecurID's right to develop, use, license, create derivative works of, or otherwise exploit the Software, or to permit third parties to do so. H. Audit. SecurID (including its independent auditors) shall have the right to audit Customer's usage of the Products no more than once annually to confirm compliance with the terms of the Agreement and the Schedule or Quote at SecurID's expense. SecurID shall schedule any audit at least thirty (30) days in advance. Any such audit shall be performed during regular business hours and shall not unreasonably interfere with Customer's business activities. Should such audit indicate usage of Products in excess of that for which Customer has paid, in addition to any other rights SecurID may have for breach of this Agreement and the Schedule or Quote, Customer shall promptly reconcile its account with SecurID and pay the SecurID invoice, if any, that results from such reconciliation. 1. Termination. SecurID may terminate licenses for cause if Customer breaches the terms governing use of Software and fails to cure within thirty (30) days after receipt of SecurID's written notice thereof. Upon termination of a license, Customer shall cease all use and return or certify destruction of applicable Software (including copies) to SecurID. J. Other License Terms. If a particular Product or component is covered by its own license terms ("Separate License Terms"), typically in the form of a (i) "click -to -accept" agreement included as part of the installation and/or download process, or (ii) "shrink-wrap" agreement included in the packaging for the Product, or (iii) notice indicating that by installation and/or use thereof 02 01 2022 Agreement No. 6387 the related license terms apply, then, in case of conflict with the terms of this Agreement, such Separate License Terms shall (a) prevail with regard to Products or components for which SecurID is not the licensor; and (b) not prevail with regard to a Product or component for which SecurID is the licensor. 5. PRODUCT WARRANTY. A. Equipment. SecurID warrants that Equipment, and Equipment upgrades installed into Equipment, when purchased from SecurID and operated with normal usage and regular recommended service, shall be free from material defects in materials and workmanship, and perform substantially in accordance with Documentation provided for Equipment until the expiration of the warranty period. Unless otherwise noted on the Product Notice or SecurID quote, the warranty coverage for the microcode, firmware or operating system software that enables Equipment to perform as described in its Documentation shall be no less than that which applies to such Equipment. To the extent specified in the Product Notice, Support Services in the form of the Support Option noted on the Product Notice are included free of charge during the Equipment warranty period. In some cases, a Support Option upgrade during the Equipment warranty period may be available separate purchase. B. Software. SecurID warrants that Software will substantially conform to the applicable Documentation for such Software and that any physical media provided by SecurID will be free from manufacturing defects in materials and workmanship until the expiration of the warranty period. SecurID does not warrant that the operation of Software shall be uninterrupted or error free, that all defects can be corrected, or that Software meets Customer's requirements, except if expressly warranted by SecurID in its quote. Support Services for Software are available for separate purchase and the Support Options are identified at the Product Notice. C. Duration. Unless otherwise stated on the SecurID quote, the warranty period from SecurID for Products shall be as set forth at the Product Notice. Equipment warranty commences upon Delivery. Software warranty commences upon Delivery of the media or the date Customer is notified of electronic availability, as applicable. Equipment upgrades are warranted from Delivery until the end of the warranty period for the Equipment into which such upgrades are installed. D. Customer Remedies. i. Equipment. SecurID's entire liability and Customer's exclusive remedies under the warranties described in this Section shall be for SecurID, at its option, to remedy the non-compliance or to replace the affected Equipment, and if SecurID is unable to effect such within a reasonable time, then SecurID shall refund the amount paid by Customer for the affected Equipment as depreciated on a straight line basis over a five (5) year period, upon return of such Equipment to SecurID. All replaced Equipment or portions thereof shall be returned to and become the property of SecurID. If such replacement is not so returned, Customer shall pay SecurID's then current spare parts price therefore. SecurID shall have no liability hereunder after expiration of the applicable warranty period. ii. Software. If Customer discovers a non -conformity in the Software during the Warranty Period, then SecudD's entire liability and Customer's exclusive remedy shall be as follows: Customer shall submit to SecurID a written report describing the nonconformity in sufficient detail to permit SecurID to reproduce such non -conformity. If SecurID successfully reproduces the reported non -conformity and confirms that it is a non -conformity, then SecurID shall use commercially reasonable efforts, at its option, to (1) correct the non -conformity, (2) provide a work around or software patch (a "Fix"), or (3) replace the SecurID Software. If SecurID determines that none of these alternatives is reasonably available, then, upon Customer's request, SecurID shall refund any payments that Customer has made for the affected SecurID Software and accept its return. This warranty applies only to the initial delivery of the SecurID Software. E. Exclusions. Warranty does not cover problems that arise from (i) accident or neglect of the Equipment by Customer or any third party; (ii) any third party items or services with which the Product is used or other causes beyond SecurID's control; (iii) installation, operation or use not in accordance with SecurID's instructions or the applicable Documentation; (iv) use in an environment, in a manner or for a purpose for which the Product was not designed; or (v) modification, alteration or repair by anyone other than SecurID or its authorized representatives; or (vi) in case of Equipment only, causes not attributable to normal wear and tear (collectively, the "Excluded Claims"). SecurID has no obligation whatsoever for Software installed or used beyond the licensed use, for Equipment which was moved from the Installation Site without SecurID's consent or whose original identification marks have been altered or removed. F. No Further Warranties. EXCEPT AS EXPRESSLY STATED HEREIN, AND TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, WITH REGARD TO PRODUCTS, SERVICES OR ANY OTHER ITEMS OR MATTERS ARISING HEREUNDER, SECURID (INCLUDING ITS SUPPLIERS) MAKES NO OTHER EXPRESS WARRANTIES, WRITTEN OR ORAL, AND DISCLAIMS ALL IMPLIED WARRANTIES. INSOFAR AS PERMITTED UNDER APPLICABLE LAW, ALL OTHER WARRANTIES ARE SPECIFICALLY EXCLUDED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON - INFRINGEMENT, AND ANY WARRANTY ARISING BY STATUTE, OPERATION OF LAW, COURSE OF DEALING OR PERFORMANCE, OR USAGE OF TRADE. 6. SERVICES. A. Maintenance Services. SecurID shall provide Maintenance Services for Software licensed to Customer and the Equipment for the period specified on the applicable Schedule or Quote. 02 012022 Agreement No. 6387 B. Other Services. SecurID will provide other pre -packaged Services including Training Services (other than Maintenance Services which shall be provided pursuant to Section 6.A above), subject to availability, in accordance with SecurID's price list in effect at the time such Services are ordered. UAAIDJ0 WIt" A. Customer Indemnity. Customer will defend and indemnify SecurID and its Affiliates against any third party claim resulting or arising from: (i) Customer's failure to obtain any appropriate license, intellectual property rights, or other permissions, regulatory certifications, or approvals associated with technology or data that Customer provides to SecurID or its Affiliates, or with non- SecurID software or other components that Customer directs or requests that SecurID or its Affiliates use with, install, or integrate as part of the Products or Services; (ii) Customer's violation of SecurID's or its Affiliates' proprietary rights; (iii)Customer's misrepresentation of facts regarding an export license or any allegation made against SecurID or its Affiliates due to Customer's violation or alleged violation of applicable export laws; (iv) Customer's transfer or provision of access to Excluded Data to any Supplier or its Affiliates. "Excluded Data" means: (i) data that is classified, used on the U.S. Munitions list (including software and technical data) or both; (ii) articles, services, and related technical data designated as defense articles and defense services; and (iii) ITAR (International Traffic in Arms Regulations) related data; and (iv) other personally identifiable information that is subject to heightened security requirements as a result of Customer's internal policies or practices or by law. Customer acknowledges that products and services provided under the Agreement are not designed to process, store, or be used in connection with Excluded Data. Customer is solely responsible for reviewing data that will be provided to or accessed by Suppliers to ensure that it does not contain Excluded Data. B. Indemnification Process. A party's duty to defend and indemnify under this section is contingent upon the party seeking indemnity: (i) sending prompt written notice of the matter to the party providing indemnity and taking reasonable steps to mitigate damages; (ii) granting to the party providing indemnity the sole right to control the defense and resolution of the matter; and (iii) cooperating with the party providing indemnity in the defense and resolution of the matter and in mitigating any damages. 8. LIMITATION OF LIABILITY. Limitations on Damages. The limitations, exclusions and disclaimers stated below apply to any and all disputes, claims, or controversies (whether in contract, tort, or otherwise) related to or arising out of the Agreement or any quote or Order ("Dispute"). The terms of this Section are agreed allocations of risk constituting part of the consideration for SecurID's sale of products and services to Customer and will apply even if there is a failure of the essential purpose of any limited remedy, and regardless whether a party has been advised of the possibility of the liabilities. A. (1). Limitation on Direct Damages. Except for Customer's obligations to pay for products and services, Customer's violation of the restrictions on use of products and services or SecurID's or its Affiliates' intellectual property rights, or a party's indemnity obligation stated in the Section above titled "Indemnity", each parry's total liability arising out of any Dispute or any matter under this Agreement, is limited to the amount Customer paid to SecurID during the twelve months before the date that the matter or Dispute arose for the product, services, or both that are the subject of the Dispute, but excluding amounts received as reimbursement of expenses or payment of taxes. A. (2). No Indirect Damages. Except for Customer's payment obligations and violation of SecurID's or its Affiliates' intellectual property rights, neither SecurID nor Customer has liability to the other for special, consequential, exemplary, punitive, incidental, or indirect damages, or for lost profits, loss of revenue, loss or corruption of data, or loss of use, or procurement of substitute products or services. B. Regular Back-ups. Customer is solely responsible for its data. Customer must back up its data before SecurID performs any remedial, upgrade, or other work on Customer's production systems. If applicable law prohibits exclusion of liability for lost data, then SecurID will only be liable for the cost of the typical effort to recover the lost data from Customer's last available back-up. C. Limitation Period. Except as stated in this Section, all claims must be made within the period specified by applicable law. If the law allows the parties to specify a shorter period for bringing claims, or the law does not provide a time at all, then claims must be made within twelve months after the cause of action accrues. D. Suppliers and Affiliates. The foregoing limitations shall also apply in favor of SecurID's Suppliers and Affiliates. 9. TRADE COMPLIANCE. Customer's purchase of licenses for Software and access to related technology ("Materials") are for its own use, not for resale, export, re-export, or transfer. Customer is subject to and responsible for compliance with the export control and economic sanctions laws of the United States and other applicable jurisdictions. Materials may not be used, sold, leased, exported, imported, re-exported, or transferred except with prior written authorization by SecurID or its Affiliates and in compliance with such laws, including, without limitation, export licensing requirements, end -user, end -use, and end -destination restrictions, and prohibitions on dealings with sanctioned individuals and entities, including but not limited to persons on the Office of Foreign Assets Control's Specially Designated Nationals and Blocked Persons List or the U.S. Department of Commerce Denied Persons List. Customer represents and warrants that it is not the subject or target of, and that Customer is not located in a country or territory (including without limitation, North Korea, Cuba, Iran, Syria, and Crimea) that is the subject or target of, economic sanctions of the United States or other applicable jurisdictions. Customer understands and will comply with all applicable provisions of the U.S. Arms Export Control Act (AECA) and the U.S. International Traffic in Arms Regulations (ITAR) 02 012022 Agreement No. 6387 in Customer's receipt, use, transfer, modification, or disposal of Software. Customer acknowledges that any use, modification, or integration of the Software in or with defense articles or in the provision of defense services is not authorized by SecurID, and that SecurID will not provide warranty, repair, customer support, or other services in connection with such end uses. Customer certifies that any software, disk images, or other data provided to SecurID in connection with the purchase of the Software will not contain technical data, software, or technology controlled by the ITAR or AECA, and that if Customer later returns the Software to SecurID or grants SecurID access to the Software, Customer will not include or otherwise make available to SecurID any such technical data, software, or technology. Customer agrees to indemnify and hold SecurID harmless for any liability, loss, damage, cost, expense, or penalty arising from Customer's non-compliance with the AECA, ITAR, or the provisions of this Section. 10. CONFIDENTIALITY. "Confidential Information" means any information that is marked "confidential" or "proprietary" or any other similar term or in relation to which its confidentiality should by its nature be inferred or, if disclosed orally, is identified as being confidential at the time of disclosure and, within two (2) weeks thereafter, is summarized, appropriately labeled and provided in tangible form. Confidential Information does not include information that is (i) rightfully in the receiving party's possession without prior obligation of confidentiality from the disclosing party; (ii) a matter of public knowledge; (iii) rightfully furnished to the receiving party by a third party without confidentiality restriction; or (iv) independently developed by the receiving party without reference to the disclosing party's Confidential Information. Each party shall (a) use Confidential Information of the other party only for the purposes of exercising rights or performing obligations in connection with this Agreement or any purchase order hereunder; and (b) protect from disclosure to any third parties, by use of a standard of care equivalent to that as used by recipient to protect its own information of a similar nature and importance, and, no less than the use of reasonable care, any Confidential Information disclosed by the other party for a period commencing upon the date of disclosure until three (3) years thereafter, except with respect to (1) Customer data to which SecurID may have access in connection with the provision of Services, which shall remain Confidential Information until one of the exceptions stated in the above definition of Confidential Information applies; and (2) Confidential Information that constitutes, contains or reveals, in whole or in part, SecurID proprietary rights, which shall not be disclosed by the receiving party at any time, and (3) Products, Software Releases, Evaluation Products, Training Materials and Documentation, which shall remain Confidential Information until one of the exceptions stated above applies. Customer may not disclose the results of any performance tests of the Software to any third party without SecurID's prior written approval. Notwithstanding the foregoing, the receiving party may disclose Confidential Information (A) to its Affiliate for the purpose of fulfilling its obligations or exercising its rights hereunder as long as such Affiliate complies with the foregoing; and (B) to the extent required by law (provided the receiving party has given the disclosing party prompt notice). Each party acknowledges that any breach of the provisions of this Section 10 would result in serious and irreparable injury to the non- breaching party for which the non -breaching party cannot be adequately compensated. Each party agrees, therefore, that, in addition to any other remedy that the non -breaching party may have, the non -breaching party is entitled to seek both temporary and permanent injunctive relief without the necessity of proving actual damages. The parties do not intend to disclose to one another hereunder information that would be covered by the Gramm -Leach -Bliley Act, the Health Insurance Portability and Accountability Act of 1996 or similar privacy legislation within or outside of the United States. Accordingly, neither party shall disclose to the other hereunder any of the following information regarding either party's employees, customers, suppliers or other business partners: protected health information (as defined at 45 CFR 164.501), social security numbers, driver's license numbers, credit card numbers or similar government identity numbers or personal financial account numbers. 11. TERM AND TERMINATION. This Agreement takes effect on the Effective Date and continues until (i) terminated for cause; or (ii) terminated by either party for convenience by giving sixty (60) days' prior written notice. Any provision that by its nature or context is intended to survive any termination or expiration, including but not limited to provisions relating to payment of outstanding fees, confidentiality and liability, shall so survive. Upon any termination of this Agreement or Customer's license to use the Software, upon SecurID's request, Customer shall promptly return to SecurID, or destroy and certify in writing to SecurID, that it has destroyed the original and all copies, in whole or in part, in any form, of the Software, Documentation, and any other Confidential Information disclosed by SecurID under this Agreement. The termination of this Agreement shall not (a) discharge any payment obligations accrued as of the effective date of such termination, even if such obligations are payable after the termination date, or (b) entitle Customer to a refund of any amounts previously paid to SecurID. 12. MISCELLANEOUS. A. References. Each party shall not, and shall not authorize or assist another to, originate, produce, issue or release any written publicity, news release, marketing collateral or other publication or public announcement, relating in any way to this Agreement, without the prior written approval of the other, which approval shall not be unreasonably withheld; provided, however, that SecurID may identify Customer for reference purposes and use Customer's logo in its marketing material unless and until Customer expressly objects in writing. B. Notices. Any notices hereunder shall be in writing, and shall be deemed given when delivered (i) in person, (ii) by overnight courier, upon written confirmation of receipt, (iii) by certified or registered mail, with proof of delivery, or (iv) by email, with 02 01 2022 Agreement No. 6387 confirmation of receipt. Notices shall be sent to the address or email address set forth above, or at such other address or email address as provided to the other party in writing. C. Entire Agreement. This Agreement and if Customer is purchasing directly from SecurID, each quote, schedule and purchase order (i) comprise the complete statement of the agreement of the parties with regard to the subject matter thereof; and (ii) may be modified only in a writing with evidence of acceptance by both parties. All terms of any purchase order or similar document provided by Customer, including but not limited to any pre-printed terms thereon and any terms that are inconsistent or conflict with this Agreement and/or SecurID quote or schedule, shall be null and void and of no legal force or effect, even if SecurID does not expressly object to such terms when accepting a purchase order or similar document provided by Customer. In case of any conflict between a schedule or quote and this Agreement, the schedule or quote shall control. D. Force Majeure. Except for payment of fees, if a party's performance of its obligations is prevented or interfered with due to any force majeure event, including strikes, riots, insurrection, terrorism, fires, natural disasters, acts of God, war, governmental action, or any other cause which is beyond the reasonable control of such party ("Non -Performance Cause"), such Party shall (i) promptly notify the other; and (ii) be excused from the performance of the affected obligations on a day -for -day basis, during the force majeure Event; (iii) use reasonable efforts to avoid or remove the Non -Performance Cause; and (iv) move to resume performance as soon as possible after the Non -Performance Cause is removed or ceases. E. Assignment. Customer shall not assign this Agreement or a purchase order or any right herein or delegate any performance without SecurID's prior written consent, which consent shall not be unreasonably withheld. SecurID may use SecurID Affiliates or other sufficiently qualified subcontractors to provide Services to Customer, provided that SecurID shall remain responsible to Customer for the performance thereof. F. Governing Law. This Agreement is governed by: (i) the laws of the Commonwealth of Massachusetts when SecurID means RSA Security LLC; (ii) the laws of the applicable country in which the applicable SecurID affiliate is registered to do business when SecurID means the local SecurID affiliate (as applicable), and (iii) the laws of Ireland when SecurID means RSA Security & Risk Ireland Limited. In each case, the applicability of laws shall exclude any conflict of law rules. The U.N. Convention on Contracts for the International Sale of Goods shall not apply. In the event of a dispute concerning this Agreement, Customer consents to the sole and exclusive personal jurisdiction of the courts of competency in the location where SecurID is domiciled. G. Waiver. No waiver shall be deemed a waiver of any prior or subsequent default hereunder. H. Independent Contractors. The parties shall act as independent contractors for all purposes under this Agreement. Nothing contained herein shall be deemed to constitute either party as an agent or representative of the other party, or both parties as joint venturers or partners for any purpose. Neither party shall be responsible for the acts or omissions of the other party, and neither party shall have authority to speak for, represent or obligate the other party in any way without the prior written approval of the other party. I. Partial Invalidity. If any part of this Agreement, a purchase order, SOW or a SecurID quote is held unenforceable, the validity of the remaining provisions shall not be affected. 13. COUNTRY SPECIFIC TERMS. A. United Kingdom. The terms in this subsection A apply only when SecurID means the SecurID sales affiliate located in the United Kingdom (currently RSA Security UK Limited): 1. Section 5E (Warranty Exclusions). The entire section is deleted and replaced with: E. Warranty Exclusions. Except as expressly stated in the applicable warranty set forth in this Agreement, SecurID (including its suppliers) provides Hardware and Software "AS IS" and makes no other express or implied warranties, written or oral, and ALL OTHER WARRANTIES AND CONDITIONS (SAVE FOR THE WARRANTIES AND CONDITIONS IMPLIED BY SECTION 12 OF THE SALE OF GOODS ACT 1979) ARE SPECIFICALLY EXCLUDED TO THE FULLEST EXTENT PERMITTED BY LAW, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND ANY WARRANTY ARISING BY STATUTE, OPERATION OF LAW, COURSE OF DEALING OR PERFORMANCE, OR USAGE OF TRADE. 2. Section 8 (LIMITATION OF LIABILITY). This Section is deleted in its entirety and replaced with: 8. LIMITATION OF LIABILITY AND PRESERVATION OF DATA. A. The entire aggregate liability of SecurID (including its suppliers) under or in connection with the supply of the Hardware or Software, whether in tort (including negligence), for breach of contract, misrepresentation or otherwise, is limited in respect of each event or a series of events: (i) to the amounts actually paid by Customer for the Software or Hardware which give rise to such liability during the twelve (12) month period immediately preceding the date of the cause of action giving rise to such claim; or (ii) Great British Pounds Sterling one million (£1,000,000), whichever is the greater amount. In no event shall SecurID (including its suppliers) or Customer be liable to the other or any other person or entity for loss of profits, loss of revenue, loss of use or any indirect, special, incidental, consequential or exemplary damages arising out of or in connection with this Agreement, the license of the Software, and the use, performance, receipt or disposition of such Software or Hardware, even if such party has been advised of the possibility of such damages or losses. Nothing in this Agreement shall operate to exclude or restrict SecurID's liability for: (a) death or personal injury resulting from negligence; (b) breach of obligations arising from section 12 of the Sale of Goods Act 1979; or (c) fraud. 02 012022 Agreement No. 6387 B. CUSTOMER OBLIGATIONS IN RESPECT OF PRESERVATION OF DATA. During the Term of the Agreement, the Customer shall: 1) from a point in time prior to the point of failure, (i) make full and/or incremental backups of data which allow recovery in an application consistent form, and (ii) store such back-ups at an off -site location sufficiently distant to avoid being impacted by the event(s) (e.g. including but not limited to flood, fire, power loss, denial of access or air crash) and affect the availability of data at the impacted site; 2) have adequate processes and procedures in place to restore data back to a point in time and prior to point of failure, and in the event of real or perceived data loss, provide the skills/backup and outage windows to restore the data in question; 3) use anti -virus software, regularly install updates across all data which is accessible across the network, and protect all storage arrays against power surges and unplanned power outages with Uninterruptible Power Supplies; and 4) ensure that all operating system, firmware, system utility (e.g. but not limited to, volume management, cluster management and backup) and patch levels are kept to SecurID recommended versions and that any proposed changes thereto shall be communicated to SecurID in a timely fashion. 3. Section 12 (MISCELLANEOUS). Add the following as new subsection J: J. Each of the parties acknowledges and agrees that in entering into this Agreement, it does not rely on, and shall have no remedy in respect of, any statement, representation, warranty or understanding (whether negligently or innocently made) of any person (whether party to this Agreement or not) other than as expressly set out in this Agreement as a warranty. The only remedy available to Customer for a breach of the warranties shall be for breach of contract under the terms of this Agreement. Nothing in Section 8 shall however operate to limit or exclude any liability for fraud. No term of this Agreement shall be enforceable under the Contracts (Rights of Third Parties) Act 1999 by a person that is not a party to this Agreement. If any part of this Agreement is held unenforceable, the validity of the remaining provisions shall not be affected. B. Ireland. The terms in this subsection B apply only when SecurID means the SecurID sales affiliate located in Ireland (currently RSA Security & Risk Ireland Limited): 1. Section 5E (Warranty Exclusions). The entire section is deleted and replaced with: E. Warranty Exclusions. Except as expressly stated in the applicable warranty set forth in this Agreement and the applicable exhibits, SecurID (including its suppliers) and makes no warranties, and ALL WARRANTIES, TERMS AND CONDITIONS, WHETHER ORAL OR WRITTEN, EXPRESS OR IMPLIED BY LAW, CUSTOMER OR OTHERWISE, INCLUDING, BUT NOT LIMITED TO, ANY WARRANTIES, TERMS AND CONDITIONS, OF FITNESS FOR PURPOSE, DESCRIPTION, AND QUALITY ARE HEREBY EXCLUDED TO THE MAXIMUM EXTENT PERMITTED UNDER APPLICABLE LAW. 2. Section 8 (LIMITATION OF LIABILITY). This section is deleted in its entirety and replaced with the following: LIMITATION OF LIABILITY. A. SecurID does not exclude or limit its liability to the Customer for death or personal injury, or, breach of obligations implied by Section 12 of the Sale of Goods Act, 1893, as amended by the Sale of Goods and Supply of Services Act, 1980, or, due to the fraud or fraudulent misrepresentation of SecurID, its employees or agents. B. Subject always to subsection 8.A, the liability of SecurID (including its suppliers) to the Customer under or in connection with an order, whether arising from negligent error or omission, breach of contract, or otherwise ("Defaults") shall be: (i) the aggregate liability of SecurID for all Defaults resulting in direct loss of or damage to the tangible property of the Customer shall be limited to damages which shall not exceed the greater of two hundred per cent (200%) of the applicable price paid and/or payable for the Software or Hardware, or one million euros (€1,000,000); or (ii) the aggregate liability of SecurID for all Defaults, other than those governed by subsection 8.13(i) shall be limited to damages which shall not exceed the greater of one hundred and fifty per cent (150%) of the applicable price paid and/or payable or five hundred thousand euro (€500,000). C. In no event shall SecurID (including its suppliers) be liable to Customer for (i) loss of profits, loss of business, loss of revenue, loss of use, wasted management time, cost of substitute services or facilities, loss of goodwill or anticipated savings, loss of or loss of use of any software or data; and/or (ii) indirect, consequential or special loss or damage; and/or (iii) damages, costs and/or expenses due to third party claims; and/or (iv) loss or damage due to the Customer's failure to comply with obligations under this Agreement, failure to do back-ups of data or any other matter under the control of the Customer. For the purposes of this Section 8, the term "loss" shall include a partial loss, as well as a complete or total loss. D. The parties expressly agree that should any limitation or provision contained in this Section 8 be held to be invalid under any applicable statute or rule of law, it shall to that extent be deemed omitted, but if any party thereby becomes liable for loss or damage which would otherwise have been excluded such liability shall be subject to the other limitations and provisions set out in this Section 8. E. The parties expressly agree that any order for specific performance made in connection with this Agreement in respect of SecurID shall be subject to the financial limitations set out in sub -section 8.B. 02 01 2022 Agreement No. 6387 F. CUSTOMER OBLIGATIONS IN RESPECT OF PRESERVATION OF DATA. During the Term of the Agreement the Customer shall: 1) from a point in time prior to the point of failure, (i) make full and/or incremental backups of data which allow recovery in an application consistent form, and (ii) store such back-ups at an off -site location sufficiently distant to avoid being impacted by the event(s) (e.g. including but not limited to flood, fire, power loss, denial of access or air crash) and affect the availability of data at the impacted site; 2) have adequate processes and procedures in place to restore data back to a point in time and prior to point of failure, and in the event of real or perceived data loss, provide the skillsibackup and outage windows to restore the data in question; 3) use anti -virus software and regularly install updates across all data which is accessible across the network; and 4) ensure that all operating system, firmware, system utility (e.g. but not limited to, volume management, cluster management and backup) and patch levels are kept to SecurID recommended versions and that any proposed changes thereto shall be communicated to SecurID in a timely fashion. 3. Section 8.13 (Limitation Period). This Section is deleted in its entirety and replaced with the following as a totally separate section: (D) WAIVER OF RIGHT TO BRING ACTIONS: The Customer waives the right to bring any claim arising out of or in connection with this Agreement more than twenty-four (24) months after the date of the cause of action giving rise to such claim. C. European Union. The terms in this subsection C apply only when SecurID means a SecurID sales affiliate located in the European Union: 1. Section 4.A (General License Grant). The following is added at the end of this section: Customer shall not, and Customer shall not permit any third party to, modify, enhance, supplement, create derivative works from, reverse assemble, reverse engineer, reverse compile or otherwise reduce to human readable form the Software without SecurID's prior written consent, except to the extent that local, mandatory law grants Customer the right to decompile such Software in order to obtain information necessary to render such interoperable with other software. In such event, Customer shall first inform SecurID of its intention and request SecurID to provide Customer with the necessary information. SecurID may impose reasonable conditions on the provision of the requested information, including the payment of a reasonable fee. D. Australia. The terms in this subsection D apply only when SecurID means the SecurID sales affiliate located in Australia (currently RSA Security Australia Pty. Ltd.): 1. Section 8 (LMTATION OF LIABILITY). This section is amended by the insertion of the new section 8.A(3), as follows: 8.A.(3). Fair Trading Legislation. Trade Practices Legislation: SecurID's liability under any statutory right or any condition or warranty, including any implied by any State Fair Trading Act or the Competition and Consumer Act 2010 is, to the maximum extent permitted by law, excluded. To the extent that such liability cannot be excluded, SecurID's liability is limited at the option of SecurID to any one or more of the following: (i) the replacement thereof or the supply of its equivalent; (ii) the repair thereof, (iii) the payment of the cost of replacement thereof or of acquiring its equivalent; or (iv) the payment of the cost of having such repaired. E. New Zealand - The terms in this subsection E apply only when SecurID means the SecurID sales affiliate located in Ireland (currently RSA Security & Risk Ireland Limited): 1. Section 8 (LIMITATION OF LIABILITY). This section is amended by the insertion of the new section 8.A(3), as follows: 8.A.(3). Fair Trading Legislation. SecurID's liability under any statutory right or any condition or warranty, including any implied by the Fair Trading Act 1986 or Consumer Guarantees Act 1993 ("FTA") or any similar law is, to the maximum extent permitted by law, excluded. To the extent that such liability cannot be excluded, SecurID's liability is limited at the option of SecurID to any one or more of the following: (i) the replacement thereof or the supply of its equivalent; (ii) the repair thereof; (iii) the payment of the cost of replacement thereof or of acquiring its equivalent; or (iv) the payment of the cost of having such repaired. F. France - The terms in this subsection F apply only when SecurID means a sales affiliate located in France (currently RSA Security France SAS): 1. Section 2B: The following is added at the end of this section: A forty (40) euro penalty will also be charged in accordance with article L441-3 of the French Commercial Code. 2. Section 8 (Limitation of Liability). This section is deleted in its entirety and replaced with the following: 8. LIMITATION OF LIABILITY. Limitations on Damages. The limitations, exclusions and disclaimers stated below apply to any and all disputes, claims, or controversies (whether in contract, tort, or otherwise) related to or arising out of the Agreement or any quote or Order ("Dispute"). The terms of this Section are agreed allocations of risk constituting part of the consideration for SecurID's sale of products and services to Customer and will apply regardless whether a party has been advised of the possibility of the liabilities. 02 012022 Agreement No. 6387 A. (1). Limitation on Direct Damages. Except for Customer's obligations to pay for products and services, Customer's violation of the restrictions on use of products and services or SecurID's or its Affiliates' intellectual property rights, or a party's indemnity obligation stated in the Section above titled "Indemnity", and any other liability that cannot be excluded or limited by the applicable law, each party's total liability arising out of any Dispute or any matter under this Agreement, is limited to the amount Customer paid to SecurID during the twelve months before the date that the matter or Dispute arose for the product, services, or both that are the subject of the Dispute, but excluding amounts received as reimbursement of expenses or payment of taxes. A. (2). No Indirect Damages. Except for Customer's payment obligations and violation of SecurID's or its Affiliates' intellectual property rights, neither SecurlD nor Customer has liability to the other for special, consequential, exemplary, punitive, incidental, or indirect damages, or for lost profits, loss of revenue, loss or corruption of data, or loss of use, or procurement of substitute products or services. B. Regular Back-ups. Customer is solely responsible for its data. Customer must back up its data before SecurID performs any remedial, upgrade, or other work on Customer's production systems. If applicable law prohibits exclusion of liability for lost data, then SecurID will only be liable for the cost of the typical effort to recover the lost data from Customer's last available back-up. C. Limitation Period. Except as stated in this Section, all claims must be made within the period specified by applicable law. If the law allows the parties to specify a shorter period for bringing claims, or the law does not provide a time at all, then claims must be made within twelve months after the cause of action accrues. D. Suppliers and Affiliates. The foregoing limitations shall also apply in favor of SecurID's Suppliers and Affiliates. G. Germany — The terms in this subsection G apply only when SecurID means RSA Security Germany GmbH: 1. Preamble: The waiver of rights to any claim concerning enforceability shall not apply. 2. Section 4.C, Licensed Copies: the following sentence shall be added: The Customer has the right to make a backup copy of the Software. 3. Section 5.C, Duration: Except for cases of gross negligence and willful misconduct, in which statutory provisions apply, and unless a different warranty period has been agreed in a particular case, claims for defects in Products shall become timebarred upon expiration of the warranty period set forth in the Product Notice. To the extent the foregoing does not lead to a different period, warranty period shall be one (1) year. Equipment warranty commences upon Delivery. Equipment upgrades are warranted in the same manner as the Equipment in which the upgrades are installed from Delivery of the upgrade until the end of the warranty period for the Equipment into which the upgrades are installed. 4. Section 5.13, Customer Remedies shall be replaced in its entirety with: (i) Equipment and Software Media Warranty Remedies. In case of a defect notified to SecurID, SecurID shall, at its option, either remedy the defect or replace the affected Product. If SecurID is unable to effect such within a reasonable time and Customer has notified SecurlD in writing of the breach with the request to remedy the defect within a reasonable time period to no avail (whereby Customer shall grant to SecurID a reasonable number of attempts (but no less than three) to cure the defect), then Customer has the right to reduce the remuneration or to rescind the purchase order for the Product concerned. Customer is entitled to the foregoing rights also without setting a grace period if SecurID has seriously and definitely refused to cure a defect. If Customer rescinds the purchase order, SecurlD shall refund the amount paid by Customer for the Product concerned as depreciated on a straight-line basis over a five (5) year period, upon return of such Product to SecurID. All replaced Products or portions thereof shall be returned to and be -come the property of SecurID. If such replacement is not so returned, Customer shall pay SecurID's then current spare parts price therefore. SecurID shall have no liability hereunder after expiration of the applicable warranty period. (ii) Software Warranty, Duration and Remedy. SecurID warrants to Customer that the Software will, substantially conform to the applicable Documentation, provided that the Software: (a) has been properly installed and used at all times in accordance with the applicable Documentation; and (b) has not been modified or added to by persons other than SecurID or its authorized representative. Except for cases of gross negligence and willful misconduct, in which statutory provisions apply, and unless a different warranty period has been agreed in a particular case, claims for defects in Products shall become time -barred upon expiration of the warranty period set forth in the Product Notice. To the extent the foregoing does not lead to a different period, warranty period shall be one (1) year. Software warranty commences upon Delivery or notice of availability for electronic download. In case of a defect notified to SecurID, SecurID shall, at its option, either remedy the defect or replace the affected Product. If SecurID is unable to effect such within a reasonable time and Customer has notified SecurID in writing of the breach with the request to remedy the defect within a reasonable time period to no avail (whereby Customer shall grant to SecurlD a reasonable number of attempts (but no less than three) to cure the defect), then Customer has the right to reduce the remuneration or to rescind the purchase order for the Product concerned. Customer is entitled to the foregoing rights also without setting a grace period if SecurID has seriously and definitely refused to cure a defect. If Customer rescinds the purchase order, SecurID shall refund the amount paid by Customer for the Product concerned as depreciated on a straight line basis over a five (5) year period, upon return of such Product to SecurID. 10 02 012022 Agreement No. 6387 (iii) Lease Contracts. The provisions on statutory warranty for lease contracts (sec. 536 et seq German Civil Code (BGB)) shall not apply. 5. Section 5.F, No Further Warranties: shall be deleted. 6. Section 8 Limitation of liability: shall be replaced in its entirety with: 8. LIMITATION OF LIABILITY. For all claims of Customer for damages under or in connection with this Agreement or any quote or order, whatever the legal basis (including liability for defects, other breaches of contract and tort) may be, the following shall apply: A. Unrestricted liability. In case of death or personal injury, in case of SecurID's gross negligence or willful misconduct, and in case of claims under the German Product Liability Act (Produkthaftungsgesetz), SecurID shall be liable to Customer according to statutory law. B. Restricted Liability. In all other cases, the following shall apply: (i) SecurID's liability shall be limited to typical, foreseeable damages. (ii) Unless a differing liability cap is expressly agreed otherwise, the typical foreseeable damages shall, for each damaging event, not exceed the total price paid by Customer to SecurID for the Products and Services (calculated on an annual basis in case of ongoing Services to be provided for a period of more than one year) in relation to which such claim arises, but in any event not less than 100.000,00 EUR and not more than 1.000.000,00 EUR. (iii) SecurID shall be liable to Customer only if SecurID has breached a material contractual obligation (i. e. an obligation the performance of which is essential to allow the implementation of the agreement, and the compliance with which Customer usually may rely on). (iv) SecurID shall not be liable for any consequential or indirect damages to the extent such damages are untypical or unforeseeable. C. Guarantees. SecurID does not give a guarantee in relation to Products or Services (Beschaffenheitsgarantie) that would entail an unlimited liability of SecurID or a liability regardless of negligence or fault pursuant to the German Civil Code, except if an unlimited liability and/or liability regardless of negligence or fault has been expressly agreed in writing. The mere use of terms like "to guarantee", "to ensure" or similar wording shall not be considered sufficient to establish such liability, but a binding contractual commitment of SecurID that is subject to the agreed limitation of liability. D. Regular Back-ups. As part of its obligation to mitigate damages, Customer shall take reasonable data back-up measures. In particular, Customer shall provide for a daily back-up process and back-up the relevant data before SecurID performs any remedial, upgrade or other works on Customer's production systems. To the extent SecurID's liability for loss of data is not anyway excluded under this Agreement, SecurID shall in case of data losses only be liable for the typical effort to recover the data which would have accrued if Customer had appropriately backed up its data. E. Limitation Period. Except for claims relating to cases of unrestricted liability set forth in section A above ("Restricted Liability") the following applies: All claims for damages based on defects of Products or Services shall be time -barred 12 months after delivery, except if the parties have agreed on a shorter warranty period. The limitation period for all other claims for damages shall be eighteen (18) months after the cause of action accrues, unless statutory law provides for a shorter limitation period. F. Suppliers. The foregoing limitations shall also apply in favor of SecurID's employees and Suppliers. 7. Section 12.F Governing Law: the following sentence shall be added: To the extent permitted by law, the courts of the city of Frankfurt am Main shall be exclusively competent to rule on disputes arising out of or in connection with this Agreement. 14. CUSTOMER OBLIGATIONS A. Customer may not engage any third parties to conduct security audits of SecurID Products without the prior written consent of SecurID. B. Customer agrees to comply with the SecurID Security Vulnerability Reporting Policy. 15. CLOUD AND HOSTING SERVICES A. In the event Customer purchases cloud or hosting services from SecurID with respect to a SecurID Product, SecurID shall provide such services, subject to the applicable cloud or hosting services terms, available at: late )s://www.rsa.com/era- us/cony an standard-fcarrn a r•eements. 16. EVALUATION AND LOAN PRODUCTS A. General. This Agreement shall also apply to "Evaluation Products" (meaning Products made available by SecurID directly to Customer for a limited period of time at no charge to enable Customer to evaluate such Products prior to making a final decision on licensing or purchasing such from SecurID), and "Loaned Products" (meaning Products made available by SecurID directly to Customer for a limited period of time at no charge), subject to the following provisions. B. Schedule Content. The Products, period of use, Installation Site and other transaction -specific conditions shall be mutually agreed between SecurID and Customer in the form of an evaluation or loan schedule referencing this Agreement, and the signed schedule shall be considered the equivalent of a Customer purchase order under this Agreement. C. Title. No title shall pass to Customer, but shall remain with SecurID. Notwithstanding any deviating terms in a "click -to - accept" or "shrink-wrap" license, all licenses to use Software expire at the end of the evaluation or loan period. D. Return. Customer shall promptly return Evaluation and Loaned Products upon expiration of the agreed period or when terminated by SecurID for convenience by giving thirty (30) days' written notice, whichever occurs first. 11 02 012022 Agreement No. 6387 E. Data Security Options. Customer is fully responsible for the permanent erasure of all of its information, including without limitation, all personally identifiable and other protected information placed on, and by use of a method that does not cause damage to, Evaluation or Loaned Products before such are returned to SecurlD, and for all costs associated with such erasure (descriptions and charges associated with SecurID'S then currently offered data erasure services are available on request). SecurID is not responsible for any information contained on such items notwithstanding anything to the contrary contained herein. F. Risk of Loss. The risk of less or damage to any Evaluation or Loaned Product passes to Customer upon arrival at the Installation Site and remains with Customer until such Product arrives at the return location specified by SecurlD. Customer is also fully responsible for the de -installation, and any costs associated with such de -installation, of any data storage devices placed into existing Products. SecurlD is not responsible for any information contained on any Evaluation or Loaned Products notwithstanding anything to the contrary herein. Customer shall provide reasonable insurance coverage for Evaluation or Loaned Products during the period in which Customer bears the risk of loss. G. Use. Customer may use Evaluation Products and Loaned Products free of charge, but, in the case of Evaluation Products, solely for the purpose of evaluating the Products and not in a production environment. H. Limitation of Liability. Without prejudice to any further limitations on SecurID's liability (which shall also apply to Evaluation and Loaned Products), Evaluation and Loaned Products are provided "AS IS" and any warranty ordamage claims against SecurID in connection therewith are hereby excluded, except in the event of fraud or willful misconduct of SecurID. IN WITNESS WHEREOF the parties hereto have executed this contract the day and year first hereinabove written. CITY OF EL SEGUNDO, a eeral law city Charles Mallory E►irector ITSD ATTEST:. Trac W aver, City Clerk APPROVED AS TO FORM: Mark D. Hensley, City Attorney Joa u�in Vazquez, Cie ,lty City Attorney Hank Lu,ki:Management 12 02 012022