This Master Services Agreement (“MSA”) is entered into as of the date of last signature (the “Effective Date”) by and between NAVEX Global, Inc., a Delaware corporation, having its principal place of business at 5500 Meadows Road, Suite 500, Lake Oswego, Oregon 97035 (“NAVEX Global”), and the entity signing the Order Form (as defined in Section 1.2) into which this MSA is incorporated (“Customer”). In consideration of the mutual covenants and conditions contained in this MSA and intending to be legally bound, the parties agree as follows:
1.0 Purpose and Scope.
1.1. Master Services Agreement. This MSA establishes the general terms and conditions with respect to NAVEX Global’s provision of Services to Customer. “Service” or “Services” means, collectively, the SaaS Offering (as defined in Section 2.1) and any other services provided to Customer by NAVEX Global, as set forth in an Order Form. This MSA and all Order Forms and other documents incorporated into the MSA by reference are, collectively, the “Agreement.”
1.2. Order Forms and Change Orders. The Services to be provided, and any Service-specific terms and conditions, will be set forth in a separate document or documents, as applicable, governed by this MSA (“Order Form”). Certain Services which are not recurring and for which only one-time fees apply may be added pursuant to a simplified ordering document (“Change Order”). As used herein “Order Form” includes “Change Order.” Customer’s execution of an Order Form constitutes a binding commitment to purchase the Services and items specified in such Order Form.
1.3. Affiliates. “Affiliate” means an entity controlling, controlled by, or under common control with a party to this MSA. Customer may authorize its Affiliates’ use of the Services provided that (i) the combined use of the Services by Customer and its Affiliates shall not exceed the applicable Subscription Metrics (as defined in Section 2.1); (ii) Customer guarantees any such Affiliate’s performance of all terms and obligations of the Agreement; (iii) Customer agrees to comply with any injunction arising out of any Affiliate’s breach of the Agreement; and (iv) Customer shall be responsible for all use of and access to the Services by any Affiliate.
1.4. Order of Precedence. To the extent any terms and conditions of this MSA conflict with the terms and conditions of an Order Form, the terms and conditions of the Order Form shall control.
1.5. Applicable Law. “Applicable Law” means any law, rule, or regulation applicable to a party.
2.1. Grant of Use. During the applicable Services Term (as defined in Section 6.2), and subject to payment of applicable fees per the Agreement and Customer’s compliance with the Agreement, NAVEX Global grants Customer a non-transferable, non-assignable, worldwide right to access and use the proprietary governance, risk, and compliance software-as-a-service offering identified in the applicable Order Form(s) that NAVEX Global makes available to Customer online via a Uniform Resource Locator (URL) (“SaaS Offering”) for Customer’s internal use for purposes of managing and coordinating information. Customer’s use is restricted to the limitations on usage of Services as designated and/or defined in the applicable Order Form, or the financial metric used to calculate applicable fees (“Subscription Metrics”). Subscription Metrics are designated by a term such as the number of “licenses,” “employees,” “reports,” and the like. On Customer’s request, which may be rejected by NAVEX Global in its sole discretion, NAVEX Global may assist Customer, at Customer’s cost, with implementing interactions between the SaaS Offering and application programming interfaces, applications, services, products, or software provided by a third party (“Integrations”). NAVEX Global will make commercially reasonable efforts to ensure the features and functionality of Integrations; however, NAVEX Global accepts no liability for a failure of an Integration, errors, or for the unauthorized use, access, or processing of any Customer Data (as defined in Section 3.1) that occurs as a result of an Integration.
2.2. Online Access; Environment; Hosting Infrastructure. NAVEX Global will provide Customer online access to and use of the SaaS Offering in accordance with the applicable Order Form and the user instructions, release notes, manuals, and online help files that describe the operation of the Services in the form generally made available to NAVEX Global customers, as may be updated from time to time (collectively, the “Technical Documentation”). Customer will access the SaaS Offering by use of a supported Customer-provided browser. NAVEX Global is responsible for the hosting and management of the SaaS Offering, including obtaining and maintaining all computer hardware, software, communications systems, network, and other infrastructure necessary to permit Customer to access and use the SaaS Offering (“Hosting Infrastructure”), either directly or through its designated third-party supplier or data center. NAVEX Global will manage and install within the Hosting Infrastructure all updates and upgrades that NAVEX Global makes generally available to its customers for the SaaS Offering. Customer is solely responsible for obtaining and maintaining, at its own expense, all equipment and technology needed to access the SaaS Offering, including, without limitation, internet access and adequate bandwidth.
2.3. Updates. Access is limited to the version of the Services in NAVEX Global’s production environment. NAVEX Global regularly updates the Services and reserves the right to make updates to the Services in the event of Service unavailability, end of life, or changes to software requirements, provided that any such modification shall not result in a material reduction in the functionality of the Services.
2.4. Acceptable Use. Customer acknowledges and agrees that NAVEX Global does not monitor or evaluate Customer Data transmitted through the Services, and NAVEX Global shall not be responsible for the content of any Customer Data. Customer shall use the Services exclusively for authorized and legal purposes and consistently with Applicable Law. Customer is solely responsible and liable for ensuring the appropriate use of any reports and other materials prepared by NAVEX Global in a manner that will not violate Applicable Law or infringe upon the rights of any third party.
2.5. Security. NAVEX Global will implement commercially reasonable and appropriate measures designed to secure Customer Data against accidental or unlawful loss, access, or disclosure. NAVEX Global will be responsible for ensuring the security and confidentiality of account names and passwords residing within its systems and while being received and processed by the SaaS Offering for the purpose of permitting access thereto. Customer is responsible for instructing any individual who Customer authorizes to use the Services (“Licensed User”) to keep their respective account names and passwords strictly confidential. Customer agrees to promptly notify NAVEX Global if account names or passwords are lost, stolen, or otherwise compromised. Customer will not (i) breach or attempt to breach the security of the Services or of any network, servers, data, computers, or other hardware relating to or used in connection with the SaaS Offering, or of any third party that is hosting or interfacing with any part of the SaaS Offering; or (ii) use or distribute through the SaaS Offering any software, files, or other tools or devices designed to interfere with or compromise the privacy, security, or use of the SaaS Offering or the operations or assets of any other customer of NAVEX Global or any third party. Customer will comply with the user authentication requirements for use of the SaaS Offering. Customer is solely responsible for monitoring the administration of access to and use of the SaaS Offering by its Licensed Users. Any failure by a Licensed User to comply with the Agreement shall be deemed to be a material breach by Customer, and NAVEX Global shall not be liable for any damages that Customer or any third party incurs resulting from such breach. Customer must immediately take all necessary steps, including providing Notice (as defined in Section 12.5) to NAVEX Global, to effect the termination of an access identification for any Licensed User if there is any compromise in the security of that access identification or if unauthorized use of such access identification is suspected or has occurred.
2.6. Support. During the applicable Services Term (as defined in Section 6.2), NAVEX Global will provide support for the SaaS Offering in accordance with the schedule detailed at: http://www.navexglobal.com/CustomerSupportGuide, subject to reasonable updates in NAVEX Global’s sole discretion (“Support”). However, NAVEX Global is not under any obligation to provide Support with respect to (i) SaaS Offering(s) that have been altered or modified by anyone other than NAVEX Global or its licensors; (ii) SaaS Offering(s) used other than in accordance with the Technical Documentation and the Agreement; (iii) discrepancies that do not significantly impair or affect the operation of the Services; or (iv) errors and/or malfunctions caused by any systems or programs not supplied by NAVEX Global.
2.7. Cooperation. Customer shall provide NAVEX Global with good faith cooperation as NAVEX Global may reasonably require from time to time in order to provide the Services, including, without limitation, providing security access, information, and software interfaces to Customer’s applications and personnel. Customer acknowledges and agrees that NAVEX Global’s performance is dependent upon Customer’s timely and effective satisfaction of its responsibilities hereunder and Customer’s timely decisions and approvals in connection with the Services.
3.0 Proprietary Rights.
3.1. Ownership. Each party shall retain all right, title, and interest in any copyrights, trademarks, patent rights, and other intellectual property or proprietary rights it has acquired or developed prior to or outside the scope of the Agreement. Customer shall retain all right, title, and interest, including copyrights, trademarks and patent rights, in any and all Customer content provided under the Agreement and any and all derivative works thereof (collectively, “Customer Intellectual Property”). Any data collected, received, or processed by NAVEX Global as required by the Services, including Personal Data (as defined in Section 4.1) but excluding Use Data (as defined in Section 3.4) (collectively, “Customer Data”), will remain the exclusive property of Customer. NAVEX Global shall own and retain all right, title, and interest, including copyrights, trademarks, and patent rights in any and all Services provided under the Agreement and any and all derivative works thereof (collectively, “NAVEX Global Intellectual Property”). Neither party will acquire any right, title, or interest in the intellectual property rights of the other party by virtue of its performance under the Agreement. All rights not expressly granted are reserved exclusively by the respective owner; there are no implied rights.
3.2. License Rights.
(i) Customer grants NAVEX Global, for the Term, a limited, non-exclusive, worldwide, non-transferable, royalty-free license to reproduce, transmit, perform, copy, display, distribute, create derivative works for the sole purpose of formatting, and otherwise use any Customer Intellectual Property for the sole and limited purpose of delivering the Services to Customer per the terms of this Agreement. NAVEX Global agrees that any use of any of Customer’s trademarks or service marks will inure solely to the benefit of Customer and that NAVEX Global will not at any time acquire any rights in Customer’s trademarks or service marks. NAVEX Global shall not take any action that jeopardizes any of Customer’s rights in any Customer Intellectual Property. NAVEX Global may not obscure, alter, or remove any copyright, patent, trademark, service mark, or proprietary rights notices on any Customer materials.
(ii) NAVEX Global grants Customer, for the Term, a limited, non-exclusive, worldwide, non-transferable, royalty-free license to reproduce, transmit, perform, copy, display, distribute, and otherwise use any and all NAVEX Global Intellectual Property for the sole and limited purpose of furthering Customer’s business operations that use NAVEX Global Intellectual Property per the terms of this Agreement. Customer agrees that any use of NAVEX Global’s trademarks or service marks will inure solely to the benefit of NAVEX Global and that Customer will not at any time acquire any rights in NAVEX Global’s trademarks or service marks. Customer shall not take any action that jeopardizes NAVEX Global’s rights in any NAVEX Global Intellectual Property. Customer may not obscure, alter, add, or remove any copyright, patent, trademark, service mark, or proprietary rights notices on any NAVEX Global materials.
3.3. Restrictions. Customer shall not:
(i) sell, resell, distribute, host, lease, rent, license, or sublicense the Services or any portion thereof, including, without limitation, to provide processing services to third parties, or otherwise use the Services on a service bureau basis;
(ii) reverse engineer or otherwise attempt to discover the source code of or trade secrets embodied in the Services or any portion thereof;
(iii) allow access to, provide, divulge, or make available the Services to anyone other than Licensed Users;
(iv) write or develop any derivative works based upon the Services;
(v) modify, adapt, tamper with, or otherwise make any changes to the Services or any part thereof;
(vi) create internet links to or from the Services;
(vii) frame or mirror any materials that NAVEX Global provides or posts in connection with the Services, including, without limitation, training courses, text, images, graphics, sound recordings, and videos and modifications, enhancements, or new versions thereof;
(viii) use the Services in a manner not authorized under the Technical Documentation or the Agreement, or in violation of Applicable Law; or
(ix) use the Services, or permit them to be used, for purposes of evaluation, benchmarking, or other comparative analysis intended for external publication without NAVEX Global’s prior written consent, which may be withheld in NAVEX Global’s sole discretion. Despite the foregoing section (ix), pursuant to Applicable Law, Customer may use NAVEX Global’s name in internal or regulatory communications pertaining to Customer’s agreement to use NAVEX Global’s Services.
3.4. Data Aggregation, Statistical Information, and Use Data. Customer authorizes NAVEX Global, as part of the Services, to access and compile certain Customer Data (excluding Personal Data), for the purpose of analysis and reporting on the effectiveness and trends in corporate ethics and compliance programs. The Customer Data that NAVEX Global accesses and compiles shall be aggregated with other similar data across all NAVEX Global customers according to industry, company size, country, geographic region, or other relevant classification and shall not be used in any manner that would identify Customer. Customer understands that NAVEX Global employs certain third-party software within its Services to enable NAVEX Global to better understand Licensed User behavior and provide Licensed Users with improved functionality and other relevant enhancements to the software application(s). The data gathered from such use (“Use Data”) may include information such as browser type, pages visited, features used, and operating system version, but shall not contain Personal Data.
3.5. Commercial Item. The SaaS Offering and any accompanying Technical Documentation and related software were developed by NAVEX Global and its suppliers at private expense and are deemed to be a “commercial item,” as that term is defined in 48 C.F.R. 2.101, consisting of “commercial computer software” and “commercial computer software documentation,” as such terms are used in 48 C.F.R. 12.212. Use, duplication, and disclosure by civilian agencies of the U.S. Government will be in accordance with FAR 52.227-19(c) or other agency data rights provisions, as may be applicable.
4.0 Data Privacy.
4.1. Definition of Personal Data. “Personal Data” means any information relating to an identified or identifiable natural person. An “Identifiable Natural Person” is one who can be identified directly or indirectly, in particular by reference to one or more identifiers, such as a name, an identification number, location data, online identifier, or any other factor specific to the individual.
4.2. Processing of Personal Data. Customer acknowledges and agrees that NAVEX Global will collect, process, use, and/or store certain Personal Data in delivering the Services. NAVEX Global shall comply with the NAVEX Global Privacy Statement (available at: http://www.navexglobal.com/privacy-statement), as may be amended from time to time. NAVEX Global (i) has established and shall maintain appropriate technological security measures to protect against unauthorized access to any Personal Data that is stored within the Hosting Infrastructure; (ii) shall not utilize Personal Data for any purpose other than to provide Services; (iii) shall not disclose any Personal Data to any person not authorized by Customer, except as necessary to comply with Applicable Law; (iv) will act solely on the instructions of Customer in respect of all Personal Data, unless otherwise prohibited by Applicable Law; and (v) will promptly inform Customer of any confirmed Security Incident regarding disclosure of Personal Data, complaint concerning disclosure, or other unauthorized use of Personal Data. “Security Incident” means any actual or reasonably suspected accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access to Customer Data, including Personal Data, by NAVEX Global or its Sub-processors of which NAVEX Global becomes aware. All NAVEX Global subcontractors with access to Personal Data (“Sub-processors”) will be contractually required to comply with Applicable Law and, where applicable, Frameworks (as defined in Section 4.3), and will be bound to strict obligations of confidentiality, privacy, and security. Customer expressly consents to NAVEX Global engaging Sub-processors as disclosed in an applicable Order Form. NAVEX Global shall be responsible for all acts and omissions by such Sub-Processors. Where Customer instructs NAVEX Global to engage with any third parties on behalf of Customer (for example, to implement an Integration), NAVEX Global shall have no liability or responsibility for the transfer of Personal Data to any such third party.
4.3. Certification. NAVEX Global is certified by the U.S. Department of Commerce under the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework (collectively, the “Frameworks”) so as to ensure that adequate safeguards are adduced with respect to the protection of privacy and fundamental rights and freedoms of individuals located in the European Economic Area and Switzerland for the transfer of any Personal Data by Customer or its Licensed Users to NAVEX Global. Accordingly, NAVEX Global agrees to process any such Personal Data in compliance with the Frameworks. The parties agree that they will work together in good faith to enter into any additional agreements that may be legally required by either party to ensure compliance with Applicable Law, particularly with regard to applicable data privacy laws.
5.0 Fees and Payment.
5.1. Fees. Fees are set forth in the applicable Order Form and are based on the applicable Subscription Metrics. All fees are in United States Dollars unless otherwise agreed in an applicable Order Form. Fees are not refundable or cancellable. NAVEX Global shall send all invoices and fee increase notices via email to the Customer email address indicated in the applicable Order Form, unless otherwise specified herein.
5.2. Payment. Unless otherwise specified in the applicable Order Form, all payment obligations start from the execution of the Order Form, with payment of all of the Order Form’s first-year fees due within thirty (30) calendar days following the invoice date. Except as otherwise expressly specified in the Order Form, Customer shall send such payment to the address included on the invoice, and such payments shall be made in United States Dollars. Interest accrues on past due balances until paid at the lesser of (i) one and one-half percent (1.5%) per month; and (ii) the highest rate allowed by law. Customer shall reimburse NAVEX Global for expenses incurred, including interest, court costs, and reasonable attorneys’ fees, in collecting amounts due to NAVEX Global hereunder that are not under good faith dispute by Customer.
5.3. Taxes. Unless otherwise specified in the applicable Order Form, all fees for the Services exclude any direct or indirect taxes, levies, duties, or similar governmental assessments, including without limitation, any sales, use, value-added, withholding, or similar taxes (“Taxes”). Customer is responsible for paying all Taxes associated with Customer’s purchases hereunder directly to the taxing authority. As an exception to the foregoing, if NAVEX Global has the legal obligation to pay or collect Taxes for which Customer is responsible under this paragraph, the appropriate amount shall be invoiced to and paid by Customer to NAVEX Global, unless Customer provides NAVEX Global with a valid tax exemption certificate authorized by the appropriate taxing authority. NAVEX Global is solely responsible for taxes based upon NAVEX Global’s net income, assets, payroll, property, and employees.
5.4. Subscription Metrics. Customer may increase its Subscription Metrics at any time during the Services Term at then-prevailing prices. Customer may decrease Subscription Metrics at any time, but NAVEX Global shall not issue any refunds or reduce fees payable through the end of the then-current Services Term. At all times during the Services Term, Customer shall be responsible for ensuring sufficient Subscription Metrics to accommodate one hundred percent (100%) of its usage of the Services. If Customer’s usage of the Services exceeds the current Subscription Metrics, Customer must promptly purchase additional Subscription Metrics or NAVEX Global may charge then-prevailing prices for the level of usage above Customer’s current Subscription Metrics.
6.0 Term and Termination.
6.1. MSA Term. This MSA shall remain in effect until terminated as set forth herein (“Term”).
6.2. Services Term. The initial term for each Service purchased, and any renewal rights or extensions, will be as set forth in the applicable Order Form (“Services Term”).
6.3. Suspension of Services for Non-Payment. If any fees which are not disputed by Customer in good faith are more than thirty (30) calendar days past due, NAVEX Global will have the right, in addition to all other rights and remedies available to it, to suspend delivery of or access to the Services.
6.4. Disputed Fees. Customer shall set forth in writing and in reasonable detail any amount(s) disputed in good faith and the basis or reason for the dispute. Upon receipt of a Notice (as defined in Section 12.5) of dispute, the parties will make reasonable, diligent, good faith efforts to quickly resolve the dispute, and NAVEX Global shall provide such information as Customer reasonably requests in order to audit or confirm the charges. Neither party shall be required to pay or refund, as applicable, any amounts disputed in good faith until such dispute is fully resolved. Once the dispute is fully resolved, the agreed-upon amounts shall be paid or refunded, as applicable, within ten (10) calendar days following such resolution.
6.5. Termination. The Agreement may be terminated (i) by either party if the other party materially breaches the Agreement and does not cure the breach within thirty (30) calendar days after receiving Notice thereof from the non-breaching party; (ii) as set forth in Section 7.5 (Infringement Remedies); (iii) as set forth in Section 12.8 (Compliance with Law); (iv) if the other party becomes insolvent (generally unable to pay its debts as they become due) or the subject of a bankruptcy, conservatorship, receivership, or similar proceeding, or makes a general assignment for the benefit of creditors; (v) by either party at any time that no Order Form is outstanding; or (vi) by NAVEX Global upon the expiration of ten (10) calendar days’ Notice if any fees which are not disputed by Customer in good faith are more than thirty (30) calendar days past due.
6.6. Partial Termination. Where a party has rights to terminate the Agreement pursuant to Section 6.5 (Termination), the non-breaching party may, at its discretion, either terminate the entire Agreement or the applicable Order Form. Order Forms that are not terminated shall continue in full force and effect under the terms of this MSA.
6.7. Effects of Termination or Partial Termination. Upon any termination, without prejudice to any other rights or remedies that the parties may have, all rights licensed and obligations required hereunder shall immediately cease, except as otherwise provided. Each party may retain, subject to this MSA, copies of Confidential Information required for internal record keeping purposes and for compliance with Applicable Law. Unless otherwise documented by the parties, all Customer Data within the Hosting Infrastructure shall be deleted within forty-five (45) days of expiration or termination of this MSA or Order Form, as applicable. Customer Data stored in backups shall be overwritten in accordance with NAVEX Global’s backup and retention cycle. If NAVEX Global terminates the Agreement or an Order Form per Section 6.5(vi), Customer agrees that it shall remain responsible for all outstanding fees payable to NAVEX Global for the Services Term and NAVEX Global may declare all such fees immediately due and payable. Customer acknowledges that such amounts are liquidated damages reflecting a reasonable measure of actual damages and not a penalty.
7.0 Warranties and Disclaimers.
7.1. NAVEX Global Services Warranty. NAVEX Global warrants that:
(i) the SaaS Offering, as updated in accordance with Section 2.3 and when used in accordance with the current Technical Documentation, will perform in all material respects, as specified in such Technical Documentation, during the applicable Services Term;
(ii) all Services will be performed in a professional manner, in accordance with industry standards; and
(iii) NAVEX Global will not design its systems to include any “back door,” “time bomb,” “Trojan horse,” “worm,” “drop dead device,” “virus,” “preventative routines,” or other similar computer software routines.
7.2. Breach of Services Warranty Remedies. In the event of any breach of Section 7.1(i), NAVEX Global shall diligently endeavor to remedy any material failures of a Service to conform to its functional specifications, as described in the Technical Documentation, that Customer reports to NAVEX Global and that NAVEX Global is able to replicate during the applicable Services Term (“Errors”). The foregoing shall be Customer’s sole remedy, and shall be NAVEX Global’s sole liability, for any uncured breach of Section 7.1(i). NAVEX Global shall not be obligated to correct Errors resulting from any (i) components or content that NAVEX Global does not provide, or from any Integration; (ii) unauthorized use or use of the Services other than in accordance with the Technical Documentation and the Agreement; or (iii) viruses, malicious software, or other disruptive programs or applications that Customer, its agents, or its Licensed Users introduce into the Services or which are introduced into the Services as a result of Customer’s use of the Services.
7.3. Customer Warranties. Customer represents and warrants that:
(i) Customer and Licensed Users are authorized to provide all Customer Data and any other data and information submitted to the Services and that all Integrations requested by Customer are authorized;
(ii) Customer’s and Licensed Users’ use of the Services and provision of Customer Data will comply with Applicable Law;
(iii) NAVEX Global’s use of Customer Data in providing the Services will not infringe the intellectual property or other proprietary rights of any third party;
(iv) Customer will be responsible for promptly obtaining and providing to NAVEX Global all consents required for Customer to use the Services; and
(v) Customer will not modify or create derivative works based on the SaaS Offering or any other Services, or attempt to decode, decipher, decompile, disassemble, or reverse engineer the SaaS Offering or any other Services or deliverables.
7.4. Mutual Warranties. Each party represents and warrants that:
(i) the execution, delivery, and performance of this MSA has been and shall be duly authorized by the executing party;
(ii) the executing party’s performance of its obligations will not conflict with, result in a breach of, or constitute a default under any other agreement to which that party is bound; and
(iii) the executing party is in material compliance with all Applicable Laws with regard to its obligations under the Agreement.
7.5. Infringement Remedies. If the SaaS Offering infringes, or if NAVEX Global believes that the SaaS Offering infringes, on the intellectual property or other proprietary rights of any third party, NAVEX Global may, in its sole discretion, (i) modify the SaaS Offering to be non-infringing, (ii) obtain for Customer a license to continue using the affected SaaS Offering, or (iii) if neither (i) nor (ii) are practical in NAVEX Global’s sole judgment, terminate the affected SaaS Offering and return to Customer the unused portion of any fees paid for the affected SaaS Offering. Subject to the parties also meeting their express indemnification obligations under this MSA, NAVEX Global’s satisfactory performance of any one or all of the remedies set forth in the preceding sentence shall be Customer’s sole and exclusive remedy for NAVEX Global’s breach of the infringement warranty or for any damages incurred from early termination of the applicable Order Form due to a third-party infringement claim.
7.6. Disclaimer of Warranties. EXCEPT FOR THE WARRANTIES SET FORTH HEREIN AND THOSE EXPRESSLY SET FORTH IN AN ORDER FORM, ALL SERVICES ARE PROVIDED ON AN “AS IS,” “AS AVAILABLE” BASIS, AND NAVEX GLOBAL DISCLAIMS, TO THE MAXIMUM EXTENT PERMITTED BY LAW, ALL OTHER WARRANTIES, WHETHER EXPRESS, IMPLIED, OR STATUTORY WITH RESPECT TO THE SERVICES, DELIVERABLES, MARKS, OR NAVEX GLOBAL’S PERFORMANCE UNDER THE AGREEMENT, INCLUDING, WITHOUT LIMITATION, ANY IMPLIED WARRANTY OF MERCHANTABILITY, ACCURACY, QUIET ENJOYMENT, TITLE, NON-INFRINGEMENT, FITNESS FOR A PARTICULAR PURPOSE, AND THOSE THAT ARISE FROM ANY COURSE OF DEALING OR COURSE OF PERFORMANCE. NAVEX GLOBAL EXPRESSLY DOES NOT WARRANT THAT THE SERVICES MEET THE SPECIFIC REQUIREMENTS OF ANY FEDERAL, PROVINCIAL, STATE, OR LOCAL LAWS, REGULATIONS, OR GUIDELINES.
7.7. Additional Disclaimers and Agreements.
(i) LEGAL SERVICES. NAVEX GLOBAL is not engaged in the practice of law. In the provision of Services, certain issues may arise that are quasi-legal in nature. Any statements or assistance NAVEX GLOBAL PROVIDES in these matters should be interpreted as opinions or advice concerning business issues to be considered in connection with the Services. Customer represents and warrants it is not relying upon NAVEX GLOBAL to provide legal services.
(ii) USE. Customer agrees and acknowledges that it is fully responsible for its use of the Services. NAVEX GLOBAL expressly disclaims any liability as a result of Customer’s use of the Services or Customer’s actions or inactions with respect to any information derived therefrom, except where such liability first arose as a direct result of NAVEX GLOBAL’s (a) material breach of this MSA, or (b) grossly negligent act or omission in delivering the Services. NAVEX GLOBAL WILL NOT BE RESPONSIBLE FOR PAYMENT OF ANY FINES ASSESSED AGAINST CUSTOMER OR ITS LICENSED USERS BY ANY REGULATORY AUTHORITY FOR CUSTOMER’S FAILURE TO COMPLY WITH STATUTORY OR REGULATORY REQUIREMENTS OF ANY KIND.
8.1. By NAVEX Global. NAVEX Global will indemnify and defend Customer and its officers, directors, employees, and agents against any costs and expenses (including reasonable attorneys’ fees and disbursements), liability, and costs from suits, actions, or proceedings threatened, made, or brought by any third party in connection with any and all allegations, claims, or demands (“Losses”) to the extent such Losses relate to or arise from (i) NAVEX Global’s violation of Applicable Law; or (ii) a claim that the SaaS Offering infringes or misappropriates any third-party intellectual property rights. NAVEX Global’s obligations in this Section 8.1 do not apply (A) to the extent that the allegedly infringing SaaS Offering, portions or components thereof, or modifications thereto result from any change made by Customer or any third party for Customer; (B) if the infringement claim could have been avoided by using an unaltered current version of a SaaS Offering that NAVEX Global provided; (C) to the extent that an infringement claim is based upon any information, design, specification, instruction, software, data, or material not furnished by NAVEX Global, or any material from a third-party portal or other external source that is accessible to Customer within or from the SaaS Offering (e.g., a third-party web page accessed via a hyperlink) or a third-party product; (D) to the extent that an infringement claim is based upon the combination of any material with any products or services not provided by NAVEX Global; or (E) to the extent that an infringement claim is caused by Customer providing to NAVEX Global materials, designs, know-how, software, or other intellectual property with instructions to NAVEX Global to use the same in connection with the SaaS Offering.
8.2. By Customer. Customer will indemnify and defend NAVEX Global and its officers, directors, employees, and agents against any and all Losses to the extent such Losses relate to or arise from:
(i) a claim that any Customer Intellectual Property infringes or misappropriates any third-party intellectual property rights;
(ii) from all Taxes for which Customer is liable;
(iii) Customer’s and Customer’s Affiliates’ use of the Services, provided that such use is the sole and proximate cause of the request for indemnification under this subsection; or
(iv) Customer’s violation of Applicable Law.
8.3. Mutual Obligations. The party from whom indemnification is being sought pursuant to this Section 8.3 (“Indemnifying Party”) shall indemnify the party seeking indemnification from the Indemnifying Party (“Indemnified Party”) only on the following conditions: (i) the Indemnified Party has a valid claim for indemnification pursuant to Section 8.0; (ii) the Indemnified Party promptly provides the Indemnifying Party with Notice of any Losses; and (iii) the Indemnified Party promptly tenders control of the defense and settlement of any such Losses to the Indemnifying Party (at the Indemnifying Party’s expense and with the Indemnifying Party’s choice of counsel); with the exception that failure to give such Notice shall not relieve the Indemnifying Party of its obligations hereunder except to the extent that the Indemnifying Party is materially prejudiced by such failure. The Indemnified Party shall cooperate fully with the Indemnifying Party at the Indemnifying Party’s request and expense in defending or settling such claim, including, without limitation, providing any information or materials necessary for the Indemnifying Party to perform the foregoing. The Indemnifying Party will not enter into any settlement or compromise of any such claim without the Indemnified Party’s prior written consent if the settlement would require admission of fault or payment by the Indemnified Party.
9.0 Confidential Information.
9.1. Definition of Confidential Information. “Confidential Information” means any information disclosed at any time by either party, its Affiliates, directors, officers, employees, and agents (collectively, “Representatives”), to the other party or its Representatives in anticipation of or during the parties' relationship, either directly or indirectly, in writing, orally, or by inspection of tangible objects that pertain to such party’s business, including, without limitation, information concerning technology, marketing, planned functionality, market strategies, finances, employees, planning, product roadmaps, service or product purchases, performance agreements and documentation, performance results, pricing, and other confidential or proprietary information, including information a reasonable person would understand to be confidential or proprietary. Confidential Information of either party will not, however, include any information that:
(i) was publicly known and that the disclosing party made generally available in the public domain prior to the time of disclosure;
(ii) becomes publicly known and that the disclosing party made generally available after disclosure to the receiving party through no action or inaction of the receiving party;
(iii) is already in the possession of the receiving party without a breach of any third party’s obligations of confidentiality at the time of disclosure by the disclosing party, the burden of proof of prior possession being on the party asserting such prior possession;
(iv) the receiving party obtains from a third party without a breach of such third party’s confidentiality obligations; or
(v) the receiving party independently develops without use of or reference to the disclosing party’s Confidential Information, the burden of proof of independent development being on the party asserting such independent development.
9.2. Disclosure of Confidential Information. Each party shall (i) hold all Confidential Information of the other party in confidence and use it only as permitted in connection with the Services provided under the Agreement; (ii) use the same care to prevent unauthorized disclosure of the disclosing party’s Confidential Information as the receiving party uses with respect to its own Confidential Information of a similar nature, which shall not, in any case, be less than the care a reasonable business person would use under similar circumstances; (iii) disclose only the Confidential Information required to comply with a court order or Applicable Law in conjunction with fulfilling obligations under Section 9.4; and (iv) only disclose the Confidential Information to its Representatives who have a need to know such information in order to perform their job, have been informed of its confidential nature, and have agreed to and are bound by no less restrictive confidentiality obligations than those in this MSA. Each party shall be liable for their respective Representative’s breach of this MSA. Confidential Information shall not be disclosed to third parties without the other party's prior written consent unless required by Applicable Law.
9.3. Injunctive Relief. Each party acknowledges that a party’s actual or threatened breach of its confidentiality obligations under Section 9.0 would likely cause irreparable harm to the non-breaching party that could not be fully remedied by monetary damages. Each party, therefore, agrees that the non-breaching party may seek such injunctive relief or other equitable relief as may be necessary or appropriate to prevent such actual or threatened breach without the necessity of proving actual damages. Each party waives the requirement to post a bond in the event of such actual or threatened breach.
9.4. Legal Process. If either party receives notice of a subpoena, request for production of documents, court order, or requirement of a governmental agency to disclose any information or respond to an official inquiry (“Legal Process”), the recipient thereof shall, if permitted by law, give prompt Notice to the other party so the other party may move for a protective order or other relief. If either party is required to respond to or support such Legal Process involving the other party (but not where the parties are adverse to one another), the responding party shall be entitled to recover from the other party all reasonable costs, fees, and expenses that the responding party incurs, including reasonable fees for time expended by internal resources and reasonable attorneys’ fees. Each party agrees to cooperate fully with the other party to respond to any notice or inquiry from a third party related to the Agreement.
10.0 Liability Exclusions and Limitations.
10.1. Liability Limitations. THE FOLLOWING LIMITATIONS SHALL NOT APPLY TO (i) BREACHES OF CONFIDENTIALITY OBLIGATIONS; (ii) VIOLATIONS OF EITHER PARTY’S INTELLECTUAL PROPERTY RIGHTS; (iii) EITHER PARTY’S INDEMNIFICATION OBLIGATIONS; OR (iv) PAYMENT OF FEES:
(a) TO THE MAXIMUM EXTENT PERMITTED BY LAW, IN NO EVENT SHALL EITHER PARTY BE LIABLE TO THE OTHER, WHETHER UNDER THEORY OF CONTRACT, TORT, OR OTHERWISE, FOR ANY INDIRECT, INCIDENTAL, PUNITIVE, CONSEQUENTIAL, OR SPECIAL DAMAGES (INCLUDING ANY DAMAGE TO BUSINESS REPUTATION, LOST PROFITS, OR LOST DATA), WHETHER FORESEEABLE OR NOT, AND WHETHER OR NOT SUCH PARTY IS ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
(b) TO THE MAXIMUM EXTENT PERMITTED BY LAW, EACH PARTY’S AGGREGATE CUMULATIVE LIABILITY TO THE OTHER IN CONNECTION WITH THE AGREEMENT SHALL NOT EXCEED THE AGGREGATE CONTRACT VALUE FOR THE ONE- (1) YEAR PERIOD PRIOR TO THE DATE THAT SUCH LIABILITY FIRST ARISES.
10.2. Time Limit for Bringing Action. No claim or action, regardless of form, arising out of the Agreement, other than a claim or action relating to a breach of confidentiality or infringement, may be brought by either party more than two (2) years after the cause of action has arisen.
11.0 Governing Law. Any dispute between the parties related to the Agreement will be governed by the substantive and procedural rules of Delaware, without regard to conflict of law principles. The parties agree to submit to the exclusive jurisdiction of and venue in the state and federal courts of Multnomah County, Oregon, and each party waives any claims it may have for forum non conveniens. The parties agree that the Uniform Computer Information Transactions Act shall not apply to the Agreement.
12.0 General Provisions.
12.1. Publicity. With prior written approval (which may occur via email), NAVEX Global may use Customer’s name and trademarks (including use of logos) (i) in NAVEX Global’s customer lists for marketing or promotional purposes; (ii) in press releases and other communications pertaining to Customer’s agreement to use NAVEX Global’s services; and (iii) on NAVEX Global’s website and other sales and marketing media, including collateral, emails, tradeshow displays, and signs.
12.2. Insurance. NAVEX Global shall, at its own cost and expense, acquire and continuously maintain the insurance coverages detailed at the following website during the Term: http://www.navexglobal.com/Insurance.
12.3. Third-Party Beneficiaries. Unless otherwise prohibited by Applicable Law, nothing in the Agreement shall be construed to give any person or entity other than the parties hereto any legal or equitable claim, right, or remedy; rather, the Agreement is intended to be for the sole and exclusive benefit of the parties.
12.4. Assignment. The terms of the Agreement shall be binding on the parties and their respective successors. Neither party may assign, transfer, or delegate its rights or obligations under the Agreement (in whole or in part) without the other party’s prior written consent, except (i) to an Affiliate; or (ii) pursuant to a transfer of all or substantially all of such party’s business and assets, whether by merger, sale of assets, sale of stock, or otherwise. Any attempted assignment, transfer, or delegation in violation of the foregoing shall be null and void.
12.5. Notice, Generally. “Notice” means written notification to a party that shall be sent via email only, unless otherwise indicated herein. Any Notice to NAVEX Global shall be sent to: firstname.lastname@example.org.
12.6. Consents and Approvals. Unless the parties have agreed otherwise herein, all consents and approvals required under the Agreement must be delivered in writing by courier or certified or registered mail (postage prepaid and return receipt requested) to the other party at the address set forth on the most recent Order Form. Such consent or approval shall be deemed delivered when received. Customer shall send a copy of such consent or approval to email@example.com on the same date the consent or approval is sent.
12.7. No Agency. The Agreement shall not be construed to create a joint venture or partnership between the parties. Neither party shall be deemed to be an employee, agent, partner, or legal representative of the other for any purpose, nor shall either party have any right, power, or authority to create any obligation or responsibility on behalf of the other.
12.8. Compliance with Law.
(i) Each party shall be responsible for compliance with Applicable Law related to the performance of its obligations under the Agreement.
(ii) NAVEX Global’s Services are subject to U.S. sanctions laws and may not be sold or licensed to any party listed on the Specially Designated Nationals List maintained by the U.S. Department of the Treasury ("Restricted Party") or in U.S.-sanctioned countries (the most up-to-date lists can be found at http://www.treasury.gov/resource-center/sanctions/Programs/Pages/Programs.aspx). Customer represents and warrants that neither Customer, its Representatives, nor, to Customer’s knowledge, its Affiliate’s Representatives are currently the subject of any investigation by the Office of Foreign Assets Control (OFAC), Department of the Treasury, or any other Governmental Authority pursuant to any laws that OFAC or any other Governmental Authority administers (“Sanctions Investigation”). Customer shall promptly notify NAVEX Global if it or any of its Representatives or its Affiliates’ Representatives become the subject of any Sanctions Investigation. Customer agrees not to transfer or provide access to the Services (a) to any Restricted Party; or (b) in or for the benefit of individuals or entities from such U.S.-sanctioned countries. Further, Customer agrees not to use the Services for the benefit of a Restricted Party or individuals or entities from such U.S.-sanctioned countries. Customer represents and warrants that it is not directly or indirectly owned by, controlled by, owning, controlling, or named as a Restricted Party. NAVEX Global and its Affiliates may not do business with a Restricted Party under U.S. law (the most up-to-date lists can be found at http://www.treasury.gov/resource-center/sanctions/SDN-List/Pages/default.aspx and http://www.bis.doc.gov/index.php/the-denied-persons-list).
(iii) Customer represents and warrants that its use of NAVEX Global’s Services will in all respects comply with current U.S. export controls regulations and requirements, including, without limitation, those promulgated by U.S. Departments of State, Commerce, Homeland Security, Treasury, and Defense. Any breach of this Section 12.8 is a material breach of the Agreement for which no cure period shall apply.
12.9. Force Majeure. Except for payment of fees, neither party shall be liable for failure to perform, or the delay in performance of, any of its obligations under the Agreement if and to the extent that such failure or delay is caused by events beyond its reasonable control, including, without limitation, acts of the public enemy or a governmental body in its sovereign or contractual capacity, war, fire, flood, unusually severe weather, outside electrical failure, the limitations or failures of third-party internet service providers and/or telecommunication providers, the performance or failures of internet service providers, or acts of terrorism, including cyberattacks on NAVEX Global’s computer systems or those of third parties, including, without limitation, internet service providers and telecommunication providers. If so affected, the affected party shall use commercially reasonable efforts to avoid or remove such causes of non-performance or delay and shall continue performance hereunder with reasonable dispatch whenever such causes are removed or otherwise resolved.
12.10. Waiver. No waiver or delay in enforcement of any breach of any provision of the Agreement shall constitute a waiver of any prior, concurrent, or subsequent breach of the same or any other provision hereof, and a waiver shall not be effective unless made in writing and signed by an authorized representative of the waiving party.
12.11. Survival. The terms and conditions of the Agreement that by their nature require performance by either party after the termination of this MSA, including, without limitation, confidentiality obligations, limitations of liability, exclusions of damages, indemnification obligations, governing law, fees owed prior to the date of termination, and any other provision or partial provision that by its nature would reasonably extend beyond the termination of this MSA shall be and remain enforceable after such termination of this MSA for any reason whatsoever.
12.12. Severability. If any provision of the Agreement conflicts with governing law or if any provision is held to be null, void, or otherwise ineffective or invalid by a court of competent jurisdiction, (i) such provision shall be deemed to be restated to reflect as nearly as possible the original intentions of the parties in accordance with Applicable Law; and (ii) the remaining terms, provisions, covenants, and restrictions of this MSA shall remain in full force and effect.
12.13. Audit. During NAVEX Global’s regular business hours, but not more frequently than once a year, Customer may, at its sole expense, perform a confidential audit of NAVEX Global’s compliance with Section 4.0 of this MSA as it pertains to the SaaS Offering provided under the Agreement. Any onsite audit shall be conducted on a mutually agreed date, which shall not be sooner than thirty (30) calendar days after NAVEX Global’s receipt of Customer’s written request for such audit. Such audits shall be limited to security systems as they pertain to the SaaS Offering, and the onsite portion of the audit shall not exceed a cumulative four (4) hours at NAVEX Global’s facilities. If the audit exceeds such four- (4) hour period, Customer shall be responsible for payment of professional services fees to NAVEX Global at the current hourly rate for professional services. If the audit is to be performed by a third party on Customer’s behalf, such third party shall (i) not be a direct or indirect competitor of NAVEX Global, and (ii) execute prior to commencement of the audit a confidentiality and non-disclosure agreement, as presented by and for the benefit of NAVEX Global. Upon completion of the audit, Customer shall promptly provide NAVEX Global a summary of the findings from each report prepared in connection with any such audit and discuss results, including any remediation plans. If audit results find NAVEX Global is not in substantial compliance with the requirements of Section 4.0 of this MSA, then Customer shall be entitled, at NAVEX Global’s expense, to perform up to one (1) additional such audit in that year in accordance with the procedure set forth in this Section. NAVEX Global agrees to work with Customer to identify reasonable remediation actions and to promptly take action at NAVEX Global’s expense to correct those matters.
12.14. Entire Agreement. The Agreement constitutes the complete agreement between the parties and supersedes all prior or contemporaneous agreements, proposals, responses to requests for proposals, representations, and warranties, written or oral, concerning the subject matter of the Agreement, including any prior non-disclosure or confidentiality agreement(s), which shall be replaced by those terms and conditions set forth in Section 9.0 unless otherwise expressly agreed to in writing by the parties. The Agreement may be modified or amended only in writing signed by a duly authorized representative of each party; any other act, usage, or custom shall not be deemed to amend or modify the Agreement. It is expressly agreed that the terms of the Agreement shall supersede the terms in any Customer purchase order, and the terms included in any such purchase order or other Customer policy shall not (i) apply to the Services ordered; or (ii) in any way modify, revise, supplement, or otherwise affect the terms and conditions of the Agreement. If Customer requires processing of payments through a third-party payment vendor, it is understood and agreed that use of such third-party payment vendor is solely for the convenience of Customer and documentation associated with payment submission shall not in any way modify, add to, or delete any of the terms and conditions of the Agreement. Any costs associated with the use of such third-party payment vendor shall be borne exclusively by Customer.
12.15. Section Headings. The Section headings are for reference purposes only and shall not in any way affect the meaning or interpretation of this MSA.
12.16. Counterparts. The parties may execute this MSA and any Order Form in counterparts. An exchange of scanned and emailed executed copies or electronic signatures is acceptable. In the event of such an exchange, this MSA and any Order Form shall become binding, and any scanned and emailed signed copies or electronic signatures shall constitute admissible evidence of the existence of this MSA or Order Form.
12.17. Updates. NAVEX Global may from time to time make updates to the terms incorporated into and contained in this MSA; provided, however, any existing MSA shall remain subject to the terms that have been incorporated into or contained in this MSA as of the Effective Date of this MSA until the expiration of the Term.
NAVEX GLOBAL MASTER SERVICES AGREEMENT V.56