NOTICE TO ALL CUSTOMERS: THIS MASTER SUBSCRIPTION AGREEMENT (“MSA”) GOVERNS THE SERVICES (AS DEFINED BELOW) TO BE PROVIDED BY DEEPWATCH, INC. (HEREINAFTER REFERRED TO AS “deepwatch”), ITS AFFILIATES, AND/OR ITS OR THEIR SUPPLIERS, RESELLERS, DISTRIBUTORS, SERVICE PROVIDERS, AND/OR LICENSORS (COLLECTIVELY REFERRED TO AS” SUPPLIERS”) TO CUSTOMER (“CUSTOMER”) PURSUANT TO AN ORDER FORM (AS DEFINED BELOW). BY EXECUTING AN ORDER FORM, CUSTOMER IS ACCEPTING AND AGREEING TO THIS MSA AND THE TERMS OF SUCH ORDER FORM WHICH, UPON EXECUTION BY CUSTOMER, BECOMES PART OF AND SUBJECT TO THIS MSA. EACH ORDER FORM EXECUTED BY CUSTOMER SHALL BE EFFECTIVE AS OF THE EFFECTIVE DATE SPECIFIED THEREIN OR, IF NO EFFECTIVE DATE IS SPECIFIED, THE DATE CUSTOMER EXECUTES THE ORDER FORM. DEEPWATCH AND CUSTOMER MAY BE REFERRED TO INDIVIDUALLY AS A “PARTY” AND, COLLECTIVELY, AS THE “PARTIES”.
“Affiliate” of a Party means any other entity that, directly or indirectly, controls, is controlled by, or is under common control with, such Party. “Control”, for purposes of this definition, means direct or indirect ownership or control of more than 50% of the voting interests of the subject entity or the power to direct or cause the direction of the management and policies of such entity.
“Customer” may also include any Customer Affiliate: (i) receiving the benefit of the Services through Customer’s purchase of the Services, or (ii) whose data is included, accessed, or received by deepwatch in connection with the performance and/or provision of the Services for Customer. With respect to such Customer Affiliate(s), Customer hereby represents and warrants that: (a) Customer has obtained the necessary consent from each Customer Affiliate for deepwatch to access such Customer Affiliate’s networks and data in connection with providing the Services; and (b) each Customer Affiliate agrees to, and is hereby legally bound by, the terms of this MSA. The parties acknowledge and agree that Customer Affiliates are not intended to be third party beneficiaries to this MSA. Customer shall be fully liable for any breach of the terms of this MSA by any Customer Affiliate receiving, using, or having access to the Services.
“Deficiency” means a material failure to meet a SLA (as described below) or a material error in a Deliverable.” Deliverable(s)” means any reports or custom dashboards created for Customer by deepwatch.
“Documentation” means deepwatch’s electronic and/or hard copy Service Descriptions, user guides, help and training materials, and other documentation for the Services, which may be updated, amended, or replaced by deepwatch from time to time in its sole discretion.
“EULA” means a third party vendor’s end user license agreement, subscription agreement, services agreement, or similar document for use of or access to any Third Party Software.
“Law” means any local, state, federal, administrative, and/or foreign laws, statutes, treaties, regulations, and/or court or regulatory agency orders applicable to a Party.
“Log File” means a file that records security events that occur in software used by Customer. In the case of any Customer Log Files provided to or accessed or processed by deepwatch, Customer shall ensure that Log Files do not contain any Personal Data. Notwithstanding the foregoing sentence, for purposes of this MSA, it is permissible for Customer’s Log Files to contain IP and MAC addresses, computer hostnames, a User's name and location, email addresses, badge information, and employee ID numbers.
“Order Form” means any ordering document and all attachments thereto, for the purchase of the Services set forth therein, that is executed by deepwatch or a reseller or distributor of the deepwatch Services and Customer. Each executed Order Form is incorporated herein and subject to the terms of this MSA.
“Personal Data” means any non-public information and/or data that can be used, alone or in combination with other data, to identify any individual person. Personal Data includes, without limitation, a person’s name, home address, date of birth, social security number, email address, home or personal telephone numbers, credit card information, driver’s license number or unique number contained in any other government-issued identification document, personal bank account numbers, mother’s maiden name and any other information used to authenticate identity, biometric records, Personal Health Information (PHI) (as that term is defined and/or used in the Health Insurance Portability and Accountability Act of 1996 (“HIPAA” ), as amended by the Health Information Technology for Economic and Clinical Health Act (“HITECH Act”) or any other medical information, educational information, any passport and/or visa numbers, passwords, financial information, and/or any employment information.
“Services” means deepwatch’s proprietary managed security subscription services and associated modules, components, and updates thereto and any related services provided by deepwatch under an Order Form.
“Services Description” means a detailed outline of the managed services that deepwatch or a reseller or distributor of the deepwatch Services will provide per the Order Form.
“Third Party Software” means any third party (e.g., Splunk Inc.) software (including components subject to the terms and conditions of” open source” software licenses) and/or other third party copyrighted and/or proprietary products, documentation, materials, and services (including any features, functionality, and updates), extensions (including any separate downloadable suite, add-on, command, function, or application, including any module, which extends a software program) as well as any modifications to any such software and any derivatives of any of them provided with the Services, certain components of which are or may be licensed or contracted from one or more of deepwatch’s Suppliers.
2.1 Provision of the Services.
(a) deepwatch will make the Services available pursuant to terms of this MSA and each Order Form during the applicable Subscription Term as set forth in the Order Form to (a) Customer; and (b) each individual employee, consultant, contractor, and agent who is authorized by Customer to access and/or use the Services during the Subscription Term (each, a “User”) and subject to the usage restrictions, limits, and/or conditions set forth in this MSA as well as the applicable Services Description and/or Order Form. If the Services will be made available to any Customer Affiliate pursuant to this MSA, then the term “Customer” shall also include any such Customer Affiliate. Customer understands and acknowledges that deepwatch may use Third Party Software in its performance and provision of the Services including components subject to the terms and conditions of open source software licenses. In the event of a security incident and, if Customer requests incident response support from deepwatch, Customer will determine and specify the nature and scope of the incident response support it is requesting from deepwatch.
(b) Customer understands and agrees that Customer data may be hosted on public cloud service providers. Any data stored by deepwatch on a public cloud service provider will be protected by industry standard security best practices in accordance with deepwatch’s regulatory obligations. The Services made available under this MSA do not include any implementation, professional, advisory, or technical services which Customer may purchase separately from deepwatch or a reseller or distributor of the deepwatch Services pursuant to the terms set forth in a Statement of Work or Services Description describing such services (the “Professional Services”). Customer may also incur additional Fees for exceeding limits applicable to any of the Services.
2.2 Updates; Future Features and Functionality. deepwatch will make available to Customer and Users all updates and enhancements to the Services that deepwatch generally makes commercially available to its customers. Customer agrees that the development, release, and timing of any features or functionality for the Services remains at deepwatch’s sole discretion and Customer’s purchase of the Services is not contingent or dependent on the delivery of any future functionality, feature, or other services or products regardless of any communications about deepwatch’s plans, including any information on deepwatch’s website or in any presentation, proposal, press release, or public statement. From time to time, deepwatch may provide Customer with a maintenance update to any of the Services. All warranties, indemnification obligations, and duties of deepwatch are conditioned upon Customer’s acceptance and reasonably prompt installation of all maintenance updates supplied or made accessible by deepwatch.
2.3 Controls, Policies, and Procedures.
(a) deepwatch maintains internal controls, policies, and procedures at least as effective as those described in deepwatch’s most recent SOC 2 Type 2 report (“SOC Report” ). Additionally, deepwatch meets or exceeds the Payment Card Industry (“PCI” ) Security Standards Council (“SSC”) requirements for Level 1 Service Providers, as attested to in deepwatch’s most recent PCI Data Security Standard Attestation of Compliance (“AoC”) for Onsite Assessments – Service Providers report (“PCI Report”).
(b) While deepwatch is a PCI Compliant Service Provider, it is incumbent upon Customer to ensure that it does not share any cardholder data (“CHD”) with any deepwatch Services and/or uploads any CHD into the deepwatch software platform. In the unlikely event Customer inadvertently discloses CHD to deepwatch or upload any CHD into the deepwatch software platform, Customer is required to notify deepwatch in writing, as soon as practicable, and assist deepwatch in identifying, anonymizing, or removing the disclosed and/or uploaded CHD.
(c) Upon Customer's written request, deepwatch will provide Customer with a copy of either the SOC Report, PCI Report, or both reports. These reports, and any analyses, reports, summaries, and/or information related to or derived from such reports, are deepwatch's Confidential Information (as defined below).
(d) deepwatch defers all responses to Customer cybersecurity questionnaires until Customer has reviewed the above reports and completed Customer's questionnaire utilizing the information contained within the reports.
(e) Customer Personal Data. Except for the limited type of permitted personal information as described in the definition of Log Files, Customer agrees and acknowledges that deepwatch has no interest in receiving, processing, storing, and/or having access to any Personal Data. Accordingly, except for the limited type of permitted personal information as described in the definition of Log Files, Customer shall neither disclose to deepwatch nor upload into, process, and/or store in the deepwatch software platform or make accessible to any deepwatch Service, personnel, or contractor any Personal Data of any nature and/or any other personally identifiable information that could be legally considered private or sensitive. The only exception to this restriction and prohibition would be a limited situation where access to or processing of any Personal Data is required and needed for a specific project assigned by Customer to deepwatch and specifically agreed to in writing by deepwatch. In any such situation, Customer shall only send, provide, or make accessible to deepwatch the specific Personal Data which deepwatch needs to access and/or use in order to provide the specific services requested by Customer pursuant to this MSA and an Order Form agreed to in writing between Customer and deepwatch. Subject to the foregoing restrictions, if Customer uploads to the deepwatch software platform any Personal Data and/or any other personally identifiable information that could be legally considered private or sensitive or makes any Personal Data accessible in any deepwatch service offering in violation of this MSA, Customer shall remove such Personal Data immediately or, at its reasonable discretion, deepwatch may purge such data from the software platform and all deepwatch services.
(f) Collection of Customer Data. Customer is responsible for all activities that occur in the Customer account and for each User’s compliance with all terms and conditions of this MSA. Customer shall comply with all local, state, federal and foreign laws, treaties, regulations, and conventions applicable to Customer in connection with the use of the deepwatch services, including, without limitation, the General Data Protection Regulation (GDPR), CAN-SPAM Act of 2003 (U.S.A.), the Personal Information Protection and Electronic Documents Act (PIPEDA) (Canada), California Consumer Privacy Act and all other state privacy laws (to the extent applicable), the EU Data Protection Directive, and all other laws and regulations applicable to Customer related to privacy, publicity, data protection, electronic communications, and anti-spamming laws. Customer is responsible for the collection, legal protection, and use of all Customer data that is loaded, stored, accessible, or used in connection with Customer’s use of any deepwatch services.
2.4 Service Level Agreement. deepwatch will provide Customer with the Service Level Agreement (“SLA”) including the system uptime availability commitment for the Services as described in the Service Level Agreements, as may be amended from time to time by deepwatch in its sole discretion. Customer’s sole and exclusive remedy, and deepwatch’s sole and exclusive liability, for failure to satisfy the applicable availability commitment is set forth in the SLA.
3.1 Invoice and Payment. All fees for the Services ordered by Customer pursuant to an Order Form or an agreement entered into between Customer and a reseller or distributor of the Services and other amounts due (collectively, the “Fees” or “Subscription Fees”) are quoted and payable in United States dollars. Unless otherwise stated in the applicable Order Form, all invoiced Fees, applicable taxes, and reasonable out of pocket expenses related to the provision of the Services shall be due and payable to the reseller or distributor of the deepwatch Services within thirty (30) days of the invoice date. Customer shall provide deepwatch as well as the reseller or distributor of the deepwatch Services with complete and accurate billing and contact information including a valid email address for receipt of invoices. Except as expressly set forth herein, all Fees are based on the Services ordered by Customer in any Order Form and not actual usage. Except as otherwise set forth in this MSA, all payment obligations are non-cancelable, Fees paid are non-refundable, and quantities ordered cannot be decreased during the relevant Subscription Term.
3.2 Suspension of Services for Non-Payment. If Customer’s account is more than thirty (30) days past due (except with respect to any disputed Fees then subject to a Billing Dispute under Section 3.5), in addition to any other rights or remedies it may have under this MSA or by Law, deepwatch reserves the right to suspend Customer’s access to the Services, without any liability to deepwatch for such suspension, and such Services shall only be resumed if Customer pays the full amount of such invoiced Fees (except for any disputed Fees then subject to a Billing Dispute under Section 3.5). The Subscription Term will remain unchanged notwithstanding any suspension of Services hereunder.
3.3 Billing Disputes. Any dispute involving invoiced Fees (a ”Billing Dispute”) must be in writing and submitted in good faith to the reseller or distributor of the deepwatch Services within thirty (30) days of the invoice date and include a reasonably detailed statement describing the nature and amount of the disputed Fees as well as the reasonable and good faith bases for why a credit or refund is being requested (a ”Billing Dispute Notice”). Customer shall cooperate with the reseller or distributor of the deepwatch Services to promptly address and attempt to resolve any Billing Dispute submitted by Customer. Customer acknowledges and agrees that, if Customer does not submit a Billing Dispute Notice in compliance with this Section 3.5, Customer waives all rights to dispute such invoice and all Fees set forth in such invoice will be considered correct and binding on Customer. Notwithstanding any dispute of invoiced Fees commenced in accordance with this Section 3.5, Customer shall remain obligated to pay all undisputed Fees within thirty (30) days of the invoice date.
4. Proprietary Rights.
4.1 Ownership. deepwatch and/or its Suppliers own all worldwide right, title, and interest in and to the Services (including the Documentation), and Third Party Software, including all worldwide patent rights (including patent applications and disclosures); copyright rights (including copyrights, copyright registrations, and copyrights with respect to computer software, software design, software code, software architecture, firmware, programming tools, graphic user interfaces, documentation, reports (except reports specifically prepared by deepwatch for Customer), dashboards, business rules, use cases, screens, alerts, notifications, drawings, specifications and databases); moral rights; trade secrets and other rights with respect to confidential or proprietary information; know-how; other rights with respect to inventions, discoveries, ideas, improvements, techniques, formulae, algorithms, processes, schematics, testing procedures, technical information and other technology; and any other intellectual and industrial property rights, whether or not subject to registration or protection; and all rights under any license or other arrangement with respect to any of the foregoing. deepwatch does not grant Customer any intellectual property rights in or to the Services, Documentation, or any Third Party Software, and all right, title, and interest in and to all copies of the Services, Documentation, and Third Party Software will remain with deepwatch and/or its Suppliers. deepwatch owns and shall continue to own all right, title, and interest in and to the Services and Documentation (except for any Third Party Software incorporated therein, which shall remain the sole property of the Supplier, as applicable). deepwatch and/or its Suppliers may modify and/or improve the Services, Third Party Software, and/or any Documentation at any time and deepwatch’s and its Suppliers’ ownership rights (including all intellectual property rights) will include all enhancements, modifications, adaptations, and/or derivative works therein and thereto (whether made by deepwatch, any third party, or jointly). Notwithstanding the foregoing, Customer shall have the right for continued use after termination or expiration of this MSA of any Deliverables provided during the Term, provided however, any Deliverables provided through or by Third Party Software shall be licensed per the applicable EULA.
4.2 Grant of Rights. This is an agreement for use of deepwatch services and not an agreement for the sale or license of any software or Third Party Software. deepwatch hereby grants Customer a limited, worldwide (subject to export Laws), non-exclusive, non-transferable, revocable right to use the Services (including the Documentation), solely for the internal business purposes of Customer and solely during the Subscription Term, subject to the terms and conditions of this MSA and scope of use described in the relevant Order Form. No rights are granted to Customer hereunder other than as expressly set forth herein and deepwatch, and/or its Supplier if applicable, reserves all rights not specifically granted under this MSA.
4.3 Customer Obligations; Grant Restrictions.
(a) Customer shall not (or allow any person, Affiliate, and/or entity to): (i) modify, copy, or create any derivative works based on the Services; (ii) license, sublicense, sell, resell, rent, lease, transfer, assign, distribute, time share, offer in a service bureau, or otherwise make the Services available to any third party, other than to Users as permitted herein; (iii) reverse engineer, disassemble, or decompile any portion of the Services, including any software utilized by deepwatch in the provision of the Services, except to the extent required by Law; (iv) access the Services if it (or any Affiliate) is a direct competitor of deepwatch or in order to build any competitive or commercially available product or service or for purposes of monitoring the availability, performance, or functionality of the Services, or for any other benchmarking or competitive purposes; (v) copy any features, functions, integrations, interfaces, or graphics of the Services; (vi) use the Services in violation of any Laws or outside the scope of the rights granted in Section 4.2; (vii) in connection with the Services, send or store any material that (a) infringes or misappropriates any intellectual property right of deepwatch, any Supplier, or any other third party, or (b) is obscene, threatening, or otherwise unlawful or tortious or violates any Laws or other party’s rights, including any privacy, publicity, import and export control, data protection, electronic communications, or anti-spamming Laws or rights; (viii) send or store any viruses, worms, time bombs, Trojan horses, and other harmful or malicious code, files, scripts, agents, or programs (“Malicious Code”) in connection with the Services; (ix) interfere with or disrupt performance of the Services or the data contained therein; or (x) attempt to gain access to the Services or its related systems or networks in a manner not set forth in the Documentation related to such Services. Customer shall also not (1) cause or permit the disclosure, copying, renting, licensing, sublicensing, leasing, dissemination or other distribution of any Third Party Software by any means or in any form, (2) use any Third Party Software to conduct a service bureau or similar business for the benefit of any third party, or (3) modify, enhance, supplement, create derivative work from, adapt, translate, reverse engineer, decompile, disassemble or otherwise reduce the Third Party Software to human readable form. Customer shall have sole responsibility for the collection, accuracy, quality, integrity, legality, reliability, appropriateness, legal protection, and use rights of all Customer Data (as defined below). Customer will cause its Affiliates (and each Affiliate’s Users) who have access to and/or use the Services to comply with the provisions of this MSA and shall be responsible and liable for the acts, errors, negligence, and/or omissions of all Users and each Affiliate’s Users relating to this MSA and/or the use of any Services. Customer will not access any raw threat intelligence data streamed into Customer’s infrastructure from deepwatch's Threat Intelligence Platform as a part of the Services.
(b) Customer acknowledges that deepwatch’s performance and delivery of the Services are contingent upon: (i) Customer providing safe and hazard-free access to its personnel, facilities, equipment, network, and information, and (ii) Customer’s timely decision-making and provision of timely, accurate and complete information and reasonable assistance, including, granting of approvals or permissions, as subsections (i) and (ii) are deemed reasonably necessary and reasonably requested for deepwatch to perform, provide, and/or implement the Services. Customer will promptly obtain and provide to deepwatch any required licenses, approvals, and/or consents necessary for deepwatch’s performance or provision of the Services. deepwatch will be excused from its failure to perform its obligations under this MSA to the extent such failure is caused by Customer’s delay in performing or failure to perform its responsibilities under this MSA and/or any Services Description.
4.4 Ownership and Use of Customer Data; Data Processing. Customer owns all right, title and interest in and to all of its data, information, and material uploaded by Customer in or transmitted by Customer through the Services (collectively, “Customer Data” ). Subject to the terms of this MSA, Customer grants deepwatch and its Affiliates a worldwide, limited, royalty-free, non-exclusive, non-transferable (except as set forth in Section 10.6) license and right to (a) access, use, copy, transmit, and display Customer Data in order to provide the Services and any Professional Services to Customer; (b) prevent or address service or technical problems and/or maintain the Services and provide deepwatch the ability to monitor usage of the Services (the “Critical Control Software”); (c) de-identify and aggregate Customer Data with data of other customers or third parties such that it does not reveal the identity of any individual or include personally identifiable information (“Aggregated Data”) to perform analytics and reporting for system metrics, benchmarking, product development, and marketing for industry, financial, and other business purposes; and (d) enforce the rights of the Parties under this MSA. Customer reserves all rights in Customer Data not expressly granted to deepwatch.
4.5 Active Maintenance. All Customer owned and/or provided products embedded in, supported by, or essential to use of and/or access to the Services must have active maintenance agreements. Customer is responsible for all maintenance, support, and licensing agreements with third party vendors for all non-deepwatch provided in-scope devices for the term of the applicable Order Form. Customer shall also be responsible for the application, operation, maintenance, and support of its systems including all hardware and software and all components thereof including, without limitation, the implementation of appropriate procedures, training, and safeguards and performing routine backup and for keeping backup information in a safe and separate location. deepwatch shall not be required to support altered, damaged, or modified software, or software that is running a vendor-supported version (including any firmware).
4.6 Use of Customer Input. Customer grants deepwatch a worldwide, perpetual, irrevocable, royalty-free license to use and incorporate into deepwatch’s products and services any suggestion, enhancement request, recommendation, correction, or any other feedback provided by Customer or any User relating to the Services.
5.1 Confidential Information; Exceptions. “Confidential Information” means all non-public information disclosed by a Party (“Disclosing Party”) to the other Party (“Receiving Party”), whether verbally or in writing, that is designated as confidential or that reasonably should be understood to be confidential given the nature of the information and/or the circumstances of disclosure. Customer Confidential Information includes Customer Data; deepwatch Confidential Information includes the Services (including all Documentation); and Confidential Information of each Party includes the terms and conditions of any Order Form (including pricing), as well as business and marketing plans, technology and technical information, product plans and designs, and business processes disclosed or made accessible by such Party. Confidential Information does not include any information that (i) is or becomes generally known to the public without breach of any obligation owed to the Disclosing Party; (iii) was known to the Receiving Party prior to its disclosure by the Disclosing Party without breach of any obligation owed to the Disclosing Party; (iii) is received from a third party without breach of any obligation owed to the Disclosing Party; or (iv) was independently developed by the Receiving Party without access to or reliance on the Disclosing Party’s information.
5.2 Protection. The Receiving Party will use the same degree of care that it uses to protect the confidentiality of its own Confidential Information of like kind (but not less than reasonable care) to (i) not use any Confidential Information of the Disclosing Party for any purpose outside the scope of this MSA or any Order Form; and (ii) except as otherwise authorized by the Disclosing Party in writing, limit access to Confidential Information of the Disclosing Party to those of its and any of its Affiliate’s employees, officers, advisors, contractors, and third parties (collectively, “Representatives”) who need access for purposes consistent with this MSA and who have signed confidentiality agreements with the Receiving Party containing protections, or have ethical duties to the Receiving Party, not materially less protective of the Disclosing Party’s Confidential Information than those set forth in this MSA. Each Party shall be and remain fully liable and responsible for its any of its Representative’s unauthorized disclosure, access to, and/or use of the other Party’s Confidential Information. Each Party may confidentially disclose the terms of this MSA (including any Order Form) to any actual or potential financing source or acquirer. Notwithstanding the foregoing, deepwatch may disclose the terms of this MSA and any applicable Order Form to a subcontractor to the extent necessary to perform or satisfy deepwatch’s obligations to Customer under this MSA and/or any Order Form, under terms of confidentiality materially as protective as set forth in this MSA. deepwatch shall not be liable nor responsible for any breach of this Section 5 (“Confidentiality”) or any other provision or obligation of this MSA resulting from (i) Customer’s violation of Section 2.3(e) above and/or to the extent Customer uploads into or processes in the deepwatch software platform or makes accessible to any deepwatch service, personnel, or contractor any Personal Data; or (ii) any hack or intrusion by a third party (except any deepwatch third party subcontractor) into Customer’s network or systems unless the hack or intrusion was through endpoints or devices monitored by deepwatch and was caused directly by deepwatch’s gross negligence or willful misconduct.
5.3 Misuse of Confidential Information. Customer acknowledges and agrees that the Services contain proprietary information and trade secrets of deepwatch and its Suppliers. Customer will not use any Confidential Information or know how that it gains through use or study of the Services to facilitate Customer’s or any third party’s development of any services or products that would compete with the Services provided by deepwatch. Subject to deepwatch’s confidentiality obligations, deepwatch reserves the right to develop and market any technology, products, and/or services or pursue business opportunities that compete with and/or are similar to those of Customer.
5.4 Compelled Disclosure; Retention. The Receiving Party may disclose Confidential Information of the Disclosing Party to the extent compelled by Law to do so, provided that, to the extent legally permissible, the Receiving Party gives the Disclosing Party prior written notice of the compelled disclosure and, at the Disclosing Party’s cost, reasonable assistance if the Disclosing Party wishes to contest the disclosure or limit the extent of the disclosure through a protective order or other legal measure. If the Receiving Party is compelled by Law to disclose the Disclosing Party’s Confidential Information as part of a legal proceeding to which the Disclosing Party is a party, and the Disclosing Party is not contesting the disclosure, the Disclosing Party will reimburse the Receiving Party for its reasonable cost of compiling and providing secure access to that Confidential Information. Notwithstanding anything to the contrary contained herein, (i) the Receiving Party may retain such copies of the Disclosing Party’s Confidential Information as are reasonably necessary: (1) to comply with any Laws or regulations applicable to Receiving Party or to comply with the Receiving Party’s document retention policies; and/or (2) for the purposes of defending or maintaining litigation; and (ii) in no event shall this MSA require the alteration, modification, deletion, or destruction of back-up tapes, archived data storage, or other media made in the ordinary course of business provided that the terms and conditions of this MSA shall apply to the Receiving Party’s retention of any of Disclosing Party’s Confidential Information and survive the termination or expiration of this MSA for any reason.
5.5 General Data Protection Regulation. To the extent applicable to deepwatch and taking into account Customer’s obligations under Section 2.3(e) above, deepwatch agrees to comply with General Data Protection Regulation 2016/679 per the internal guidelines located here.
6. Representations, Warranties, Exclusive Remedies, and Disclaimers.
6.1 Warranties. Each Party represents and warrants that it has the authority to enter into this MSA and, in connection with its performance of this MSA, shall comply with all Laws, including those related to data privacy and, subject to Section 2.3(e) above, the transmission of technical and/or Personal Data to the extent permissible for Customer to transmit to deepwatch, upload and/or store any Personal Data under this MSA.
6.2 deepwatch Warranties. deepwatch also represents and warrants during the applicable Subscription Term: (a) the Services will perform materially in accordance with the applicable Services description related to such Services; and (b) it will use commercially reasonable efforts to prevent the introduction by deepwatch of Malicious Code into Customer’s systems (excluding any Malicious Code introduced by Customer or any of its Users to the Services). All deepwatch warranties are solely to and for the benefit of Customer and for no other entity or third party. deepwatch shall not be responsible for any breach of any the foregoing warranties resulting from Customer’s abuse or misuse of any Service, breach of this MSA, or failure to use any Service as described in this MSA, including failure to use any Service in accordance with the applicable Services description and operational requirements.
6.3 Customer Warranties. Customer also represents and warrants that all information pertaining to scanning Services such as Customer- provided IP addresses and devices functioning at those IP addresses are owned or controlled by Customer and Customer is legally entitled to authorize that scanning Services be performed upon such IP addresses. Should deepwatch’s performance of the Services upon such IP addresses result in liability for any party, Customer, at its expense, shall indemnify, hold harmless, and defend deepwatch, its Affiliates, business partners, Suppliers, and any of its and/or their employees, directors, officers, contractors, and/or agents against any and all liability, including reasonable attorney’s fees and costs, arising from or related to the performance or provision of scanning Services. Customer (if a Covered Entity as defined under the HIPAA, as amended) shall (i) implement the administrative, physical, and technical safeguards required by 45 C.F.R. 164.314, and (ii) implement appropriate safeguards in accordance with §13401 of HITECH and any regulations or guidance promulgated thereunder to prevent disclosure and/or transmission to deepwatch of (1) any data not specifically required to be provided as set forth in an Order Form, and/or (2) any other data unless deepwatch otherwise agrees in writing to accept, consistent with the standards for privacy and security of individually identifiable health information as set forth at 45 C.F.R. Parts 160 and 164, or to fully encrypt the data to meet requirements in 45 C.F.R. Part 164.312.
6.4 Ultrahazardous Activities. Customer acknowledges and agrees that the Services and any Third Party Software are not designed, manufactured, or intended for use in any environment in which the failure of the Services and/or Third Party Software could lead to death, personal injury, and/or physical or environmental damage, which uses and environments may include, but are not limited to, the design or operation of nuclear facilities, aircraft navigation, or communication systems, air traffic control, direct life support machines, or weapons systems or the on-line control of equipment in any hazardous environment requiring fail-safe performance. Customer represents and warrants that Customer will not install or use the Services and/or any Third Party Software for any such purposes.
6.5 Exclusive Remedies. As Customer’s sole and exclusive remedy and deepwatch’s sole and exclusive liability for breach of the warranties set forth in Section 6.2(a) above, (i) deepwatch shall correct the material deficiency of the affected Service at no additional charge to Customer; and (ii) if deepwatch is unable to correct the material deficiency of the affected Service after its good faith efforts, deepwatch or the reseller or distributor of the deepwatch Services shall, in its discretion, either refund to Customer a pro-rata portion of the amounts of any prepaid Fees attributable to the materially deficient Service from the date deepwatch received such written notice from Customer or extend the Initial Subscription Term or Renewal Subscription Term then in effect for a period of time equal to the time period that the materially deficient Services were provided by deepwatch. To receive any warranty remedies, Customer must promptly report any Deficiency in writing to deepwatch, but no later than thirty (30) days after the Deficiency has first occurred.
6.6 DISCLAIMERS. EXCEPT AS EXPRESSLY PROVIDED IN THIS SECTION 6, NEITHER PARTY MAKES ANY WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE, AND EACH PARTY SPECIFICALLY DISCLAIMS ALL IMPLIED WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE (INCLUDING NON-INFRINGEMENT), AND ANY IMPLIED WARRANTY ARISING FROM STATUTE, COURSE OF DEALING, COURSE OF PERFORMANCE OR USAGE OF TRADE, TO THE MAXIMUM EXTENT PERMITTED BY LAW. EXCEPT FOR THE ACT, ERROR, NEGLIGENCE, OR OMISSION OF A USER, EACH PARTY DISCLAIMS ALL LIABILITY AND INDEMNIFICATION OBLIGATIONS FOR ANY HARM OR DAMAGES CAUSED BY ANY THIRD PARTY. DEEPWATCH DOES NOT WARRANT THAT THE SERVICES WILL BE ERROR FREE OR UNINTERRUPTED AND DEEPWATCH SHALL NOT BE RESPONSIBLE FOR ANY LIMITATIONS, DISRUPTIONS, DELAYS, AND/OR OTHER PROBLEMS INHERENT IN THE USE OF THE INTERNET AND/OR ANY ELECTRONIC COMMUNICATION. Notwithstanding anything herein to the contrary, deepwatch and its Suppliers make no warranties with respect to any portion of any deliverable or any third party software, products, or services.
7.1 Indemnification by deepwatch. deepwatch shall, at its expense, defend, indemnify, and hold Customer, its officers, directors, employees, and contractors (collectively, Customer Indemnitees) harmless from and against any and all third party claims, demands, suits, or proceedings (“Claims”) against Customer, and/or any Customer Indemnitee, alleging that the use of the Services (excluding any Third Party Software) in accordance with this MSA and all Order Forms infringes any U.S. patent issued as of the Effective Date, copyright, or trademark of a third party, and shall pay all costs and damages finally awarded against Customer by a court of competent jurisdiction as a result of any such Claim; provided, however, that Customer: (i) promptly gives written notice of the Claim to deepwatch; (ii) gives deepwatch sole control of the defense and settlement of the Claim (provided that deepwatch may not settle any Claim or enter into any stipulated order or judgment that purports to bind Customer unless it unconditionally releases Customer of all liability); and (iii) provides to deepwatch, at deepwatch’s cost, all reasonable assistance requested by deepwatch. deepwatch shall not be required to indemnify Customer in the event of: (1) modification of any Services in any manner by Customer, its employee, agent, contractor, or any User in conflict with or violation of any Customer obligation or as a result of any prohibited activity as set forth herein; (2) use of the Services in violation of this MSA, in any unauthorized manner, and/or in any manner inconsistent with the Documentation; (3) use of any Services in combination with any other product, service, and/or software not provided by deepwatch or approved, and/or specified by deepwatch in writing prior to such combined use; or (4) any infringement or misappropriation of any intellectual property right arising from or related to the use of any Third Party Software contained within any of the Services and/or Documentation. If (a) Customer is enjoined from using any Services for any reason; or (b) any of the Services becomes, or deepwatch believes the Services are likely to become, the subject of an infringement Claim, then deepwatch shall have the right, in its sole discretion, to (y) obtain for Customer the right to continue use of the affected Services; or (z) replace or modify the affected Services so that they are no longer infringing. If neither of the foregoing options is reasonably available to or commercially feasible for deepwatch, then deepwatch and/or the reseller or distributor of the deepwatch Services, in its sole discretion, may terminate the affected Services and deepwatch’s as well as the reseller’s and/or distributor’s of the deepwatch Services sole liability shall be to provide Customer a pro-rata refund of any prepaid Fees attributable to the affected Services that were to be provided after the effective date of termination. THIS SECTION 7.1 SETS FORTH DEEPWATCH’S AS WELL AS ANY SUPPLIER’S SOLE LIABILITY AND CUSTOMER’S SOLE AND EXCLUSIVE REMEDY WITH RESPECT TO ANY CLAIM OF INTELLECTUAL PROPERTY INFRINGEMENT BY DEEPWATCH OR ANY OF ITS AFFILIATES.
7.2 Indemnification by Customer. Customer shall, at its expense, defend, indemnify, and hold deepwatch, its officers, directors, employees, Suppliers, and contractors (collectively,” deepwatch Indemnitees” ) harmless from and against any and all Claims against deepwatch, and/or any deepwatch Indemnitee arising from or related to: (i) deepwatch’s access to and/or authorized use of any Customer Data; (ii) any Claim alleging that any Customer Data infringes and/or misappropriates the rights of, or has caused harm to, any third party or violates any Law; and (iii) any breach or violation of Section 2.3(e) and/or Section 2.3(f) by Customer, its employee, agent, or contractor or any User. Customer shall pay all costs and damages finally awarded against deepwatch by a court of competent jurisdiction as a result of any such Claim; provided, however, that deepwatch: (a) promptly gives written notice of the Claim to Customer; (b) gives Customer sole control of the defense and settlement of the Claim (provided that Customer may not settle any Claim or enter into any stipulated order or judgment that purports to bind deepwatch unless it unconditionally releases deepwatch of all liability); and (c) provides to Customer, at Customer’s cost, all reasonable assistance requested by Customer.
8. Damages Exclusions; Limitation of Liability; Mitigation of Damages.
8.1 Exclusion of Consequential and Related Damages; Limitation of Liability. TO THE MAXIMUM EXTENT PERMITTED BY LAW AND EXCEPT WITH RESPECT TO (A) A PARTY’S INDEMNIFICATION OBLIGATIONS; (B) A PARTY’S GROSS NEGLIGENCE OR WILLFUL MISCONDUCT; (C) CUSTOMER’S BREACH OF SECTION 2.3(E), SECTION 2.3(F), AND SECTION 4.3 HEREIN; AND (D) CUSTOMER’S PAYMENT OBLIGATIONS UNDER THIS MSA AND ALL ORDER FORMS, IN NO EVENT SHALL (I) EITHER PARTY OR ITS SUPPLIERS, AFFILIATES, DIRECTORS, OFFICERS, EMPLOYEES, AGENTS, AND/OR CONTRACTORS HAVE ANY LIABILITY TO THE OTHER PARTY OR ANY THIRD PARTY FOR ANY INDIRECT, SPECIAL, INCIDENTAL, COVER, RELIANCE, PUNITIVE, EXEMPLARY, OR CONSEQUENTIAL DAMAGES OF ANY KIND, HOWEVER CAUSED, AND/OR FOR ANY LOSS OF ANY BUSINESS, REVENUE, ANTICIPATED SAVINGS AND/OR PROFITS, USE, AND/OR LOSS OR CORRUPTION OF ANY DATA AND/OR COST OF DATA RECONSTRUCTION OR PROCUREMENT OF SUBSTITUTE OR REPLACEMENT GOODS, SERVICES, INVENTORY, OR EQUIPMENT, WHETHER IN CONTRACT, TORT, NEGLIGENCE, STRICT LIABILITY, OR UNDER ANY OTHER THEORY OF LIABILITY, ARISING OUT OF, OR IN ANY WAY CONNECTED WITH THIS MSA, ANY ORDER FORM, AND/OR THE PROVISION OF ANY SERVICES, EVEN IF SUCH PARTY HAS BEEN PREVIOUSLY ADVISED OF THE POSSIBILITY OF ANY SUCH LOSS AND/OR DAMAGE; AND (II) EITHER PARTY’S ENTIRE AND MAXIMUM LIABILITY ARISING OUT OF OR RELATED TO THIS MSA AND ALL ORDER FORMS, WHETHER IN CONTRACT, TORT, NEGLIGENCE, STRICT LIABILITY, OR UNDER ANY OTHER THEORY OF LIABILITY, EXCEED IN THE AGGREGATE THE TOTAL FEES ACTUALLY PAID TO DEEPWATCH BY CUSTOMER UNDER THE APPLICABLE ORDER FORM DURING THE TWELVE (12) MONTH PERIOD IMMEDIATELY PRECEDING THE BREACH OR EVENT GIVING RISE TO THE CLAIM FOR DAMAGES. THE FOREGOING LIMITATION OF LIABILITY IS CUMULATIVE FOR ALL CLAIMS IN ANY MATTER RELATED TO THIS MSA AND ALL ORDER FORMS AND IS NOT ON A PER INCIDENT BASIS. EACH PARTY’S AGGREGATE LIABILITY UNDER THIS MSA INCLUDING, WITHOUT LIMITATION, ALL ORDER FORMS FOR (A) ITS INDEMNIFICATION OBLIGATIONS AND (B) SUBJECT TO APPLICABLE LAW, ITS GROSS NEGLIGENCE AND/OR WILLFUL MISCONDUCT SHALL NOT EXCEED THE FEES ACTUALLY PAID BY CUSTOMER UNDER THIS MSA AND THE APPLICABLE ORDER FORM, FROM WHICH THE CLAIM AROSE, FOR THE DEEPWATCH SERVICES DURING THE IMMEDIATELY PRECEDING TWENTY-FOUR (24) MONTH PERIOD.
8.2 Commencement of Actions; Mitigation of Damages. No Party may commence any action under this MSA or any Order Form more than one (1) year after the occurrence of the breach or event giving rise to the claim for damages and/or indemnification. The claiming Party shall promptly use commercially reasonable efforts to mitigate and avoid any damages.
9. Subscription Term; Termination.
9.1 Subscription Term. The term of this MSA commences on the Effective Date of the first Order Form executed by Customer and remains in effect until all Order Forms have expired or been terminated. The initial term for any Order Form shall commence on the effective date set forth in such Order Form and, unless terminated earlier pursuant to the terms of this MSA, shall remain in effect for the initial term set forth therein (the “Initial Subscription Term”) and, except if otherwise specified in the Order Form, will automatically renew for a renewal term equal to the length of the Initial Subscription Term for such Order Form (each, a “Renewal Subscription Term” and, together with the Initial Subscription Term, the “Subscription Term” ) unless either Party gives the other Party written notice of non-renewal of the Order Form at least sixty (60) days prior to the expiration of the Initial Subscription Term or Renewal Subscription Term then in effect. At the discretion of deepwatch or the reseller or distributor of the deepwatch Services, any Renewal Subscription Terms may have an increase in fees.
9.2 Termination. Either Party may terminate the Services covered an Order Form or, at the election of the terminating Party, this MSA: (i) upon thirty (30) days prior written notice to the other Party of a material breach by the other Party if such breach remains uncured at the expiration of such written notice period; or (ii) immediately in the event the other Party becomes the subject of a petition in bankruptcy or any other proceeding relating to insolvency, receivership, liquidation, or assignment for the benefit of creditors. In the event this MSA is terminated, this MSA and the Services covered under Order Forms are simultaneously terminated. Notwithstanding any term to the contrary in this MSA, if any amount owed by Customer to deepwatch or the reseller or distributor of the deepwatch Services (except for any disputed Fee subject to a good faith billing dispute submitted in a timely manner to deepwatch or the reseller or distributor of the deepwatch Services in accordance with Section 3.5 above) is not fully-paid when due in accordance with Section 3 herein, Customer shall be in material breach of this MSA and, in addition to its other rights and remedies at law or in equity, deepwatch may terminate this MSA and cease providing any and/or all Services, effective immediately upon delivery of written notice to Customer.
9.3 Effect of Termination. Upon any termination of this MSA or any Order Form for any reason, Customer shall, as of the date of such termination, immediately cease accessing and otherwise utilizing the Services (except as permitted under Section 9.4) and any deepwatch Confidential Information. If Customer terminates this MSA or any Order Form prior to the expiration of the Initial Subscription Term or Renewal Subscription Term then in effect due to deepwatch’s uncured breach, Customer shall be entitled to a pro-rata refund from deepwatch or the reseller or distributor of the deepwatch Services of all pre-paid Fees for the Services paid for by Customer but not provided by deepwatch beyond the effective date of termination. If, prior to the expiration of the Initial Subscription Term or Renewal Subscription Term then in effect for any Order Form, (i) Customer terminates this MSA or any Order Form and such termination is not due to deepwatch’s uncured breach; or (ii) deepwatch terminates this MSA or any Order Form due to Customer’s uncured breach (collectively, an “Early Termination” ) and Customer has not already paid in advance the full amount of all Fees due for the entire Initial Subscription Term or Renewal Subscription Term then in effect under the Order Form(s) being terminated, Customer shall promptly pay to deepwatch or the reseller or distributor of the deepwatch Services an early termination charge equal to all Fees, including all applicable taxes, set forth in each Order Form being terminated which would otherwise be due through the end of the entire Initial Subscription Term or Renewal Subscription Term then in effect under such Order Form(s) (the “Early Termination Fee”). The Parties agree that the precise damages resulting from an Early Termination are difficult to ascertain and the Early Termination Fee is a reasonable estimate of anticipated actual direct damages and not a penalty. Customer agrees and acknowledges that the Early Termination Fee shall apply even if Customer terminates this MSA and/or any Order Form prior to commencement of Customer’s access to or use of the Services. The Early Termination Fee shall be due and payable to deepwatch or the reseller or distributor of the deepwatch Services within ten (10) days of the effective date of termination and any applicable prepaid Fees will be applied towards the amount of the Early Termination Fee to be paid by Customer.
9.4 Retrieval of Customer Data. If deepwatch receives a written request from Customer within thirty (30) days after any expiration or termination of this MSA or applicable Order Form, then for a period of up to thirty (30) days after such written request is received, deepwatch will make the Customer Data available to Customer through the Services on a limited basis for the sole purpose of allowing Customer to retrieve such Customer Data. After such thirty (30) day period for retrieval of Customer Data has elapsed, deepwatch will have no obligation to maintain or provide any Customer Data and may thereafter, unless prohibited by Law, delete all Customer Data without further obligation or any liability to Customer or any third party for such deletion. If Customer requires deepwatch’s assistance, Customer may purchase Professional Services from deepwatch or the reseller or distributor of the deepwatch Services at such entity’s then-current billing rate pursuant to a written Statement of Work entered into in accordance with such terms. With respect to each Party’s Confidential Information (subject to Section 5.3 and other than Customer Data covered by the terms in this Section 9.4), upon receipt of a written request from the other Party within thirty (30) days after any expiration or termination of this MSA, each Party will promptly return the other Party’s Confidential Information or destroy such Confidential Information in all forms and types of media and provide written confirmation of such destruction; provided, however, that deepwatch will not be obligated to destroy or erase Customer’s Confidential Information that is contained in any archived data storage.
10. General Provisions.
10.1 Export and OFAC Compliance. The Services and other technology made available by deepwatch, and all derivatives thereof, may be subject to export laws and regulations of the United States and other jurisdictions. Each Party represents that neither it nor any of its employees is (a) a person or entity with whom U.S. entities are restricted from doing business under regulations of the Office of Foreign Asset Control (“OFAC”) of the Department of the Treasury (including those named on OFAC’s Specially Designated and Blocked Persons List) or under any statute, executive order, or other governmental action; or (b) named on any U.S. government denied-party list. Customer shall not permit any Users to access or use any of the Services in a U.S. embargoed country or in violation of any U.S. export law or regulation.
10.2 Employee Solicitation. While this MSA is in effect and for one (1) year thereafter, Customer shall not, directly or indirectly, solicit for employment or engage (whether as an employee, independent contractor, or consultant) any deepwatch employee or subcontractor who was involved in providing any of the Services or Professional Services. An employee’s or subcontractor’s response to a general, non-targeted advertisement for employment shall not be deemed a solicitation for the purposes of this MSA.
10.3 Survival. The first paragraph of this MSA and Sections 1, 2.1, 2.3(e), 2.3(f), and 3 through 10 as well as all provisions of this MSA (including each Order Form) relating to disclaimers of warranties, remedies, damages, liability, confidentiality, payment obligations, restrictions on use, and any other terms that either expressly or by their nature should survive, shall survive any expiration or termination of this MSA for any reason, and shall continue in full force and effect.
10.4 Publicity. Neither Party may issue any press release regarding this MSA without the other Party’s prior written consent. Either Party may include the other Party’s name and logo in customer or vendor lists, subject to and in accordance with the other Party’s standard guidelines.
10.5 Entire Agreement; Interpretation; Order of Precedence. This MSA is the entire agreement between Customer and deepwatch regarding Customer’s use of Services and supersedes and merges all prior and contemporaneous, agreements (including, without limitation, any confidentiality or non-disclosure agreement entered into between the Parties), understandings, proposals, marketing materials, and representations, whether written or verbal, concerning its subject matter and the Services and there are no representations, understandings, or agreements that are not fully expressed in this MSA. Except as otherwise provided herein, no provision of this MSA (including any Order Form) may be amended, modified, superseded, or terminated, or any term or condition waived, unless the Parties (or, with respect to an Order Form, the reseller or distributor of the deepwatch Services) agree in writing, signed by a duly authorized representative of each Party (or, with respect to an Order Form, the reseller or distributor of the deepwatch Services). The Parties agree that any term or condition stated in any Customer purchase order or any other Customer ordering documentation is inapplicable and void. This MSA (including each Order Form) will be construed and interpreted fairly, in accordance with the plain meaning of its terms, and there will be no presumption or inference against the party drafting this MSA or any Order Form in construing or interpreting any of the provisions. Headings contained in this MSA are inserted for convenience of reference only and shall not in any way define or affect the meaning or interpretation of any provision of this MSA. Terms for which meanings are defined in this MSA shall apply equally to the singular and plural forms of the terms defined. Unless otherwise indicated, in this MSA, (a)” including” (i) shall mean” including, without limitation” or words of similar effect; and (ii) when used in one instance to specify the inclusion of a particular term or meaning within another term or meaning shall not operate to exclude such specified term or meaning from the other term or meaning in instances where similar inclusive language does not appear; and (b)” or” connotes any combination of all or any of the items listed. In the event of any conflict or inconsistency between or among the documents, the following order of precedence shall be: (a) the applicable Order Form; (b) this MSA; and (c) the Documentation.
10.6 Assignment. Neither Party may assign any of its rights or obligations hereunder, whether by operation of law or otherwise, without the other Party’s prior written consent (not to be unreasonably delayed or withheld); provided, however, either Party (or, with respect to an Order Form, the reseller or distributor of the deepwatch Services) may assign this MSA in its entirety (or, with respect to an Order Form, the reseller or distributor of the deepwatch Services) without the other Party’s consent to its Affiliate or in connection with a merger, acquisition, corporate reorganization, or sale of all or substantially all of its assets provided that the assignee agrees in writing to be bound by all the terms of this MSA (including this MSA and all Order Forms) and, in the case of an assignment by Customer, all past due Fees (except for any disputed Fee subject to a good faith billing dispute submitted in a timely manner to the reseller or distributor of the deepwatch Services as described in Section 3.5 above) are paid in full.
10.7 Relationship of the Parties; Third Party Beneficiaries. The Parties are independent contractors. This MSA does not create any partnership, franchise, joint venture, agency, fiduciary, or employment relationship between the Parties. Customer acknowledges and agrees that any deepwatch supplier, service provider, licensor, and/or licensor’s subsidiaries are third party beneficiaries to this MSA with the full power and authority to enforce the terms and conditions of this MSA and any Order Form. Customer further acknowledges and agrees that, in order to provide certain types of service(s) to Customer, from time to time deepwatch will, on Customer’s behalf and in Customer’s name, enter into third party contracts and/or accept the terms and conditions of third party supplier end user license agreements and/or subscription agreements. Customer acknowledges and agrees that, upon deepwatch’s acceptance of the terms and conditions of any EULA on Customer’s behalf for the use of any software or service, the third party licensor and/or service provider will have the right (and will be deemed to have accepted the right) to enforce the EULA against Customer as a third party beneficiary. Nothing else in this MSA, express or implied, is intended to confer on any person or entity any rights or remedies in or by reason of this MSA.
10.8 Force Majeure. Neither Party shall be liable to the other Party for any delay or failure to perform hereunder (excluding payment obligations) due to circumstances beyond such Party’s reasonable control including, without limitation, acts of God, acts of government, flood, fire, earthquakes, civil unrest, acts of terror, strikes or other labor problems (excluding those involving such Party’s employees or contractors), service disruptions involving hardware, software, or power systems not within such Party’s possession or reasonable control, and denial of service attacks. A force majeure event does not include economic hardship.
10.9 Waiver. No failure or delay by either Party in exercising any right or remedy under this MSA will constitute a waiver of that right or any other right. Any waiver of any right or remedy under this MSA must be in writing and signed by a duly authorized representative of each Party. A waiver on one occasion shall not be construed as a waiver of any right or remedy on any future occasion. Except as otherwise expressly stated in this MSA, the remedies provided in this MSA are in addition to, and not exclusive of, any other rights and remedies of a Party at law or in equity.
10.10 Governing Law; Venue. This MSA and any claim, controversy, right, obligation or dispute arising under or related to this MSA shall be governed by and construed in accordance with the laws of the Commonwealth of Virginia, USA, without regard to conflicts of laws principles. The Parties agree that the provisions of the United Nations Convention on Contracts for the International Sale of Goods do not apply to this MSA. The Parties irrevocably consent to the exclusive jurisdiction and venue of the state courts in Fairfax County, Virginia, USA or the U.S. District Court for the Eastern District of Virginia located in Alexandria, Virginia, USA. THE PARTIES HEREBY WAIVE ANY RIGHT TO TRIAL BY JURY IN CONNECTION WITH ANY ACTION, PROCEEDING, OR COUNTERCLAIM BROUGHT BY EITHER PARTY AGAINST THE OTHER PARTY ON ANY MATTER WHATSOEVER ARISING OUT OF OR IN ANY WAY RELATED TO THIS MSA OR ANY ORDER FORM.
10.11 Notices. All notices (except for routine business communications, e.g., maintenance windows, scheduling of meetings) shall be in writing and sent via certified or registered mail, return receipt requested, or by overnight courier service. All notices to deepwatch shall be addressed to the Chief Financial Officer, with a copy to the Legal Department, and sent to deepwatch, Inc., 8116 Arlington Blvd., Suite 252, Falls Church, Virginia 22042. Notices to Customer shall be addressed to Customer’s signatory in the Order Form and sent to Customer’s principal place of business.
10.12 Severability. If any provision of this MSA is held by a court of competent jurisdiction to be unenforceable and/or contrary to Law, the provision will be deemed null and void, and the remaining provisions of this MSA will remain in full force and effect.
10.13 Customer Reference. Customer agrees to act as a reference by providing a case study that may be shared on the deepwatch website available to the public. deepwatch may also list Customer’s name on a customer list, which is provided to prospective customers.