TERMS AND CONDITIONS
These CyberVista Terms & Conditions (“Terms & Conditions”) together with an Order Form referencing these terms (each an “Order Form”), are hereby entered into by CyberVista, Inc a/k/a N2K Networks (“CyberVista”) and the customer specified on the Order Form (“Customer”) and are collectively referred to herein as the “Agreement”.
As used herein, the following terms shall carry the following meanings:
1.1 “Awareness Programs” refers to CyberVista’s web based training services through a proprietary cybersecurity awareness platform.
1.2 “Courses” refers to any CyberVista Online Certification Training Course (also referred to as the “Course”) featuring instruction delivered online in a proprietary technology environment
1.3 “End User” means a person or entity employed by Customer that desires to use the Courses, Cyber Resolve, or Cybersecurity Awareness programs for its own use and shall be marked by a unique login identity and an enrollment into at least one (1) active at any time during the Term.
1.4 “Executive Risk Programs” refers to any in person or online CyberVista standard or customized cyber risk seminar, table top exercise, or executive awareness training geared towards boards, their directors, corporate executives, or other business leaders.
1.5 “Intellectual Property Right” or “IP Right” means any patent, trademark, trade name, trade secret, copyright, or other intellectual property or proprietary right.
1.6 “Portal” an online portal which shall be the access point to the LMS platform.
1.7 “Programs” refers collectively to any CyberVista Course, Awareness Program, Executive Risk Program, or Workforce Development Services (individually also referred to as a “Program”). “Licensed Program” means a Program purchased for license hereunder or pursuant to a separate Order Form.
1.8 “Workforce Development Services” refers to any CyberVista service relating to cybersecurity workforce analysis, job-based training Courses, or related assessments or skills training delivered through a proprietary technology environment.
2.0 OWNERSHIP AND RESERVATION OF RIGHTS
2.1 Licensed Products. During the Term, CyberVista shall make the Portal and Licensed Programs purchased for license available to Customer and its End Users as set forth herein.
2.2 Ownership. Customer acknowledges that in utilizing the Licensed Programs, the Customer utilizes CyberVista technology and Intellectual Property. As between Customer and CyberVista, CyberVista owns all right, title and interest in and to all Programs, CyberVista technology and CyberVista IP Rights. Other than as expressly set forth in this Agreement, no license or other rights in or to the Programs, CyberVista technology and CyberVista IP Rights are granted to Customer, and all such licenses and rights are hereby expressly reserved. CyberVista alone (and its licensors, where applicable) will retain all intellectual property rights relating to the Programs or any suggestions, ideas, enhancement requests, feedback, recommendations or other information provided by Customer or any third party relating to the Programs which are hereby assigned to CyberVista. This Agreement is not a sale and does not convey to Customer any rights of ownership in or related to the Programs, or any IP Rights.
2.3 Modifications, Substitutions; Enhancements: CyberVista reserves the right, in its sole discretion, at any time and from time to time, to select or substitute instructors for any Programs, modify the Programs it offers, or to discontinue a Program, distribution, sale or licensing of any or all of the Programs without liability of any kind. In the event CyberVista does discontinue a Program or change a previously identified instructor, CyberVista will work with Customer to identify any impact and CyberVista will use commercially reasonable efforts to identify alternative Programs and/or Courses that meet Customer’s needs, provided such efforts will not require CyberVista to incur costs or expenses not expressly contemplated herein which in CyberVista’s reasonable judgment may negatively impact its business operations and operating results. From time to time CyberVista’ may release enhancements to the Portal or the Programs, which may include modifications to the user interface and the underlying architecture. CyberVista will use reasonable efforts to notify Customer of any modifications that will have a significant impact on user experience.
2.4 Service Levels: CyberVista shall use commercially reasonable efforts to offer the Portal at the corresponding service performance levels set forth at Schedule
3.0 APPOINTMENT; LICENSES
3.1 Portal and Program License: Customer will access all Licensed Programs through a Portal that will be configured to launch the Licensed Programs purchased by Customer. Subject to the terms of this Agreement, CyberVista hereby provides Customer and each End User with access to the Portal. CyberVista hereby grants to Customer and each End User a limited, revocable, non-exclusive and non-transferable license during the Term to access and view such Licensed Programs solely through the Portal for the limited purposes set forth herein. The access rights granted to Customer herein are limited to Customer’s internal training uses, which includes the training of its authorized agents and/or End Users. Access to the Portal and Licensed Programs may not be distributed to unauthorized individuals not participating in said training program. Except as otherwise permitted above, Customer’s internal use of the Licensed Programs pursuant to this license shall be subject to the CyberVista’s terms and conditions, which will be posted time to time at https://www.cybervista.net/terms-and-conditions/.
3.2 Restrictions on Use: Neither Customer nor any End User shall (a) create or attempt to create by reverse engineering, disassembly, decompilation or otherwise, the source code, (or the underlying ideas, algorithms, structure or organization) from the Programs, or any part thereof, or aid or permit others to do so, except and only to the extent expressly permitted by applicable law; (b) remove or alter any trademark, logo, copyright or other proprietary notices or markings in the Programs; (c) copy, modify or create any derivative work of, the Programs or any portion thereof; or (d) re-package, modify, reproduce, sell, or otherwise take any unpermitted action with respect to the Portal or any Programs or any other CyberVista property. Customer will not include any intellectual property related to the Portal or the Programs on any internal or external advertising or promotional materials without CyberVista’s prior written consent. Further, Customer will not make any representation or claim regarding any of CyberVista’s products and services.
3.3 Limited Use of Customer Name: Customer authorizes CyberVista to identify Customer in its marketing and promotional materials (including case studies) for purposes of marketing, promoting or improving the use of the Programs during and after the Term, and Customer authorizes CyberVista to use its name, trademarks, services marks and logos, and any content and information (including screenshots and video captures from any use of a Program) for such purposes.
3.4 Reseller License: CyberVista may in its sole discretion permit Customer to resell the Licensed Programs to certain third party customers. In such event, any such third party user shall be deemed an End User for all purposes of this Agreement; and CyberVista grants Customer a non-exclusive, non-transferable, limited and revocable license during the Term of this Agreement with the right to distribute the Licensed Programs to Customer’s End Users for personal, non-commercial use and not for further resale or redistribution.
3.5 Partner Gateway: Partner Gateway is an optional API system for integration between CyberVista and the Partner Gateway client in order to provide seamless access for client students to CyberVista Licensed Programs and student reporting through the LMS and Portal system. A one-time implementation fee equal to 5% of annual fee will be required for new Customers requiring this additional functionality.
3.6 Customer Acknowledgements: Customer acknowledges that Customer is solely responsible for: (a) misuse, modifications or other actions taken (or failure to act) by individuals identified by Customer as administrators of the Portal or any End Users of the Portal authorized or permitted by Customer; (b) any wrongful, improper or unauthorized actions taken by any End User, employee or other persons connected with the Customer with respect to the Portal and Programs; (c) any Customer (including its End Users) data included on the Portal or any other similar matters beyond the reasonable control of CyberVista; (d) any connectivity and other technical problems; (e) failure by any End User to pass any applicable licensing or other examination or to otherwise satisfy any of Customer’s or End Users’ regulatory or other requirements or obligations except with respect to the specific matters provided under this Agreement unless specifically stated herein and only to the extent under the reasonable control of CyberVista; and (f) any actions by any third party outside the reasonable control of CyberVista.
Customer further acknowledges that during the Term of this Agreement, and continuing for a period of twelve (12) months after its expiry or termination, Customer shall not directly or indirectly, solicit or attempt to solicit for employment, hire, employ, contract, or recruit for the purposes of engagement, any person who is or was within the previous twelve (12) month period: (i) a CyberVista employee; or (ii) a contractor or subcontractor devoting substantially all of his or her time to CyberVista, in each case who are or were engaged or involved in the activities contemplated by this Agreement.
4.0 FEES AND PAYMENTS
4.1 Licensed Program Fees: The fees for the Licensed Programs and/or services shall be the price shown on the Order Form. Once ordered, Licensed Program fees are non-refundable.
4.2 Invoices: CyberVista shall invoice Customer for all Licensed Programs purchased by Customer in accordance herewith. Payment with respect to Licensed Programs delivered shall be due net thirty (30) days from the date of invoice. In the event any inconsistency between an invoice and this Agreement, the terms of the Agreement shall control. Payment of invoices shall be made by PCH/wire transfer, check, or credit card to Customer in United States Dollars.
4.3 Audits: Customer agrees to permit CyberVista (or at its option a certified public accountant paid by CyberVista) to inspect such records pertaining to this Agreement or to inspect Customer’s facilities during normal business hours to endure the proper use of the Programs.
5.0 TERM; TERMINATION
5.1 Term: The term of an Order Form shall be as specified in the Order Form.
5.2 Termination for Cause: This Agreement may be terminated by either party in the event of a material breach of the terms of this Agreement by the other party, including, but not limited to, prompt Monthly Statements, payment of invoices, and misrepresentations with respect to any Program. If a material breach occurs, the breaching party will first be given written notice of the breach and the opportunity to cure the breach within 30 days after the date of the notice. If the breaching party fails to cure the breach within the applicable period, the non-breaching party may immediately terminate this Agreement upon written notice to the breaching party.
5.3 Effects of Termination: Upon the termination or expiration of this Agreement, (i) all licenses granted under this Agreement shall terminate; (ii) upon request each party will promptly return or destroy all Confidential Information of the other party; (iii) all Program services shall immediately cease; (iv) all unpaid fees shall immediately become due and payable. All sections of this Agreement which by their nature should survive termination will survive termination, including, without limitation, accrued rights to payment, confidentiality obligations, warranty disclaimers, and limitations of liability.
Each party may from time to time provide to the other non-public materials marked “Confidential” or “Proprietary,” including without limitation, information regarding this Agreement, or such party’s student pool, pricing, business plans, strategies, personnel, or products (“Confidential Information”). The receiving party shall not disclose any Confidential Information to any third party, or use any such Confidential Information for purposes other than its own internal business purposes in connection with this Agreement, provided that the receiving party may disclose certain Confidential Information or the existence and terms of this Agreement to actual or potential counterparties in capital-raising or corporate transactions if the disclosing party has indicated in writing that such Confidential Information may be disclosed for such purposes. This confidentiality requirement shall not apply to information which (i) the receiving party can evidence was known to it prior to its disclosure by the disclosing party, (ii) which is, or later becomes public knowledge, other than by breach of this Agreement, (iii) which was received from a third party without obligation of confidentiality or secrecy, (iv) is independently developed by the receiving party at any time, as shown by the receiving party’s records or other competent evidence and without reference to the disclosing party’s Confidential Information, or (v) the disclosing party agrees in advance in writing does not constitute Confidential Information.
7.0 CUSTOMER DATA
7.1 Customer and End User Data Ownership and License: Customer retains sole and exclusive ownership to the personally identifiable data regarding Customer or its End Users (“Customer Data”) and is responsible therefore, and for the means by which Customer acquires the Customer Data, and for enrolling End Users into the appropriate CyberVista Courses and/or Licensed Programs. Customer grants to CyberVista and its affiliates and subcontractors a nonexclusive right to process Customer Data solely to provide and support the delivery of Courses and/or Licensed Programs.
7.2 Compliance with Data Protection Laws: CyberVista will collect and maintain all personal data that comprises Customer Data in compliance with applicable data privacy laws and protections; and will retain reasonable security standards for its users’ use of its Courses and/or Licensed Programs.
7.3 Data Protections: CyberVista will (i) process and secure Customer Data in accordance with applicable data privacy laws and protections and in accordance with documented, reasonable instructions provided by Customer, where such instructions are consistent with the terms of this Agreement, and (ii) maintain reasonable administrative, technical, and physical measures designed for the protection of the security, confidentiality and integrity of the Customer Data processed by it. CyberVista may not use or disclose Customer Information other than for purposes of meeting its obligations under this Agreement or as required by law or a governmental authority. CyberVista shall require that any subcontractor which processes Customer Data on its behalf agrees to abide by the information security measures in this Agreement (or other applicable measures that are at least as protective of Customer Information). CyberVista shall promptly, and in no event more than 10 business days after its discovery, notify Customer of any actual or reasonably suspected compromise to the security of Customer Data (“Incident”). CyberVista shall reasonably investigate such Incident and cooperate with Customer’s efforts to determine the nature and extent of the Incident. The obligations in this section shall remain in effect for so long as Customer Data remains in the possession, custody, or control of CyberVista.
7.4 European General Data Protection Regulation (GDPR): If and to the extent CyberVista processes Customer Data that is considered “Personal Data” under the EU General Data Protection Regulation, CyberVista agrees to comply with the applicable requirements in the GDPR. In the event of any conflict between this Agreement and the GDPR, the provision most protective of the Customer Data shall apply.
7.5 Government Access Requests: If CyberVista or its subcontractor receives a request for Customer Data either directly from a law enforcement agency then Company will redirect the law enforcement agency to request that data directly from Customer. If compelled to disclose Customer Data to law enforcement, CyberVista will promptly notify the Customer and provide a copy of the demand, unless legally prohibited from doing so. If required by law, Customer will notify individual End Users of the Courses and/or Licensed Programs that their data may be processed for the purpose of disclosing it to law enforcement or other governmental authorities and obtain the users’ consent to the same.
8.0 WARRANTIES AND LIABILITY DISCLAIMERS
8.1 Warranty: Subject to the terms and conditions hereof, CyberVista warrants that it shall use commercially reasonable efforts to assure that any online Programs are accessible on the Internet twenty-four (24) hours a day, seven (7) days a week. The foregoing notwithstanding, Customer acknowledges that from time to time a Program may not be available to display the content as scheduled or may be inaccessible or inoperable for any reason including: (a) hardware and software malfunctions; (b) periodic maintenance procedures or repairs which the CyberVista or its hosting company may undertake from time to time; or (c) causes beyond the control of CyberVista and which are not reasonably foreseeable by CyberVista, including interruption or failure of telecommunication or digital transmission links, hostile network attacks and network congestion or other failures. In the event of a breach of warranty under this Section, CyberVista’s sole responsibility, and Customer’s sole and exclusive remedy, is, at CyberVista’s option, (i) to repair and restore access to such Program via the Internet as soon as practicable or (ii) correct any error or omission to the Program content.
8.2 Disclaimer: EXCEPT FOR THE EXPRESS WARRANTY SET FORTH IN SECTION 8.1 HEREOF, CYBERVISTA PROVIDES THE SERVICE “AS IS” AND DOES NOT WARRANT ITS EFFECTIVENESS, USEFULNESS OR RELIABILITY. THE WARRANTY IN SECTION 8.1 IS EXCLUSIVE AND IN LIEU OF ALL OTHER WARRANTIES, WHETHER ORAL, WRITTEN, EXPRESS, IMPLIED OR STATUTORY, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NONINFRINGEMENT; PROVIDED, HOWEVER, THAT CYBERVISTA DOES NOT WARRANT THAT THE SERVICE WILL PERFORM UNINTERRUPTED OR ERROR FREE. IN NO EVENT SHALL CYBERVISTA OR ITS AGENTS OR AFFILIATES BE LIABLE TO BUYER OR OTHER THIRD PARTIES FOR ANY CONSEQUENTIAL, INDIRECT, SPECIAL, MULTIPLE OR INCIDENTAL DAMAGES, INCLUDING LOST PROFITS, BUSINESS INTERRUPTION AND LOST DATA, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH POTENTIAL LOSS OR DAMAGE.
8.3 Limitation of Liability: NOTWITHSTANDING ANYTHING TO THE CONTRARY IN THIS AGREEMENT OR ELSEWHERE, IN NO EVENT WHATSOEVER SHALL THE CUMULATIVE LIABILITY OF CYBERVISTA AND ITS AFFILIATES OR AGENTS HEREUNDER EXCEED THE TOTAL AMOUNT OF ALL FEES PAID TO THE CYBERVISTA HEREUNDER DURING THE 12-MONTH PERIOD IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO SUCH LIABILITY.
9.1 By CyberVista: Subject to Section 9.3 CyberVista will (a) defend and/or settle at its own expense any action brought against Customer by a third party, to the extent that such action is based on a claim that the Programs or services infringe such third party’s U.S. patents or Berne Convention copyrights existing as of the Effective Date, and (b) indemnify Customer for those costs and damages finally awarded against Customer in any such action that are specifically attributable to such claim, or those costs and damages agreed to in a monetary settlement of such claim. If the Programs become, or in CyberVista’s opinion are likely to become, the subject of an infringement claim that CyberVista is required to defend pursuant to this Section 9.1, then CyberVista may (at its option and expense) either (i) procure for Customer the right to continue using the affected Programs, or (ii) replace or modify the affected Programs so that they become non-infringing. Notwithstanding the foregoing, in no event shall CyberVista have any obligations or liability under this section arising from: (1) use of the Programs in a modified form or in combination with materials not furnished by CyberVista; (2) any content, information, or data provided by Customer, Users, or other third parties; (3) any use of the Programs not in accordance with this Agreement or the documentation provided therewith; (4) any use of the Programs in combination with other products, equipment, software or data not provided by CyberVista; (5) any use of any release of the Programs other than the most current versions made available to Customer; (6) any modification of the Programs by any person or entity other than CyberVista; (7) any use of the Programs after CyberVista has either made available to Customer a release that would have overcome the infringement or has terminated CyberVista’s right to use the Programs; or (8) open source software. Section 9.1 states CyberVista’s entire liability and Customer’s sole and exclusive remedy for claims and actions related to infringement, misappropriation or violation of any intellectual property or other proprietary rights.
9.2 By Customer: Subject to Section 9.3 Customer will (a) defend and/or settle at its own expense any action brought against CyberVista by a third party, to the extent that such action is based on a claim that any data or other materials provided by Customer infringe or misappropriate any intellectual property rights of a third party, or involving actions by End Users and other individuals associated with Customer in violation of this Agreement; and (b) indemnify CyberVista for those costs and damages finally awarded against CyberVista in any such action that are specifically attributable to such claim, or those costs and damages agreed to in a monetary settlement of such claim.
9.3 General Requirements: The indemnified party will provide the indemnifying party prompt written notification of the claim and cooperate with the indemnifying party in defending the claim. The indemnified party shall have full control and authority over the defense or any settlement. The indemnified party may join in the defense with its own counsel at its own expense.
10.0 ANTI-CORRUPTION AND SANCTIONS COMPLIANCE
CyberVista is committed to holding itself and all of its subsidiaries, divisions, and business units to the highest ethical standards in all of its operations. It is the policy and a high priority of CyberVista to comply fully with the letter and the spirit of all applicable U.S. and U.K. laws and regulations, including all applicable economic sanctions and anti-corruption laws and regulations. We also comply with the laws and regulations of each country in which we do business.
CyberVista values its relationships with Customer, which includes Customer’s agents, distributors, resellers, Customers, and customers, and is committed to working with Customer to ensure that the partnership is conducted in line with the standards, policies, and procedures of CyberVista. CyberVista expects Customer to strictly comply with all applicable laws and regulations. This Code of Conduct focuses on CyberVista’s expectations with regard to the basic concepts of compliance with anti-corruption laws and regulations and economic sanctions. This Code of Conduct is not a replacement for the laws and regulations themselves nor should it be considered a complete summary of what is required to comply with the relevant laws and regulations; it is the responsibility of each of CyberVista’s customers to educate themselves regarding all applicable economic sanctions and anti-corruption laws and regulations. Failure to abide by this Code of Conduct and applicable sanctions and anti-corruption laws and regulations can result in termination of the agreement between CyberVista and Customer.
10.1 Anti-Corruption Laws and Regulations: It is CyberVista’s policy to comply strictly with the anti-corruption laws of the United States and United Kingdom, including, but not limited to, the Foreign Corrupt Practices Act of 1977, as amended (“FCPA”), the U.K. Bribery Act 2010 (“UKBA”), as well as the laws of every other country in which CyberVista does business. Bribery of any kind, both as to giving a bribe and as to receiving a bribe, regardless of foreign custom or practice, is strictly prohibited. Adhering to these standards may at times place CyberVista and Customer in a less competitive position relative to companies willing to engage in improper tactics; however, strict compliance with these standards and the law is of a greater value to us than any business that may be lost as a result of compliance.
Bribery is prohibited as to all individuals and entities, and a bribe includes the payment of cash or giving of other things of value. Things of value can include, without limitation, meals, entertainment, event tickets, promotional expenses, an interest in a business venture, political or charitable donations, services, employment, or recommendations.
Relevant anti-corruption laws expressly prohibit corrupt payments made through third parties or intermediaries, as well. These prohibitions apply to payments made to any person while knowing that at least a portion of the money or thing of value would be offered or promised in exchange for a business advantage, even if done so indirectly. Knowledge includes: (i) having actual knowledge; (ii) being aware that a third party is engaging in prohibited conduct, that such circumstance exists, or that such a result is substantially certain to occur; or (iii) having a firm belief that circumstances indicating a violation exist or that a violation is substantially certain to occur.
Under CyberVista’s policy, Customer must comply with the following guidelines:
- All transactions engaged in by Customer (or any other parties working with Customer) on behalf of CyberVista or relating to its agreement with CyberVista must comply with anti-corruption laws including the FCPA and UKBA. Further, Customer, and any other parties working with Customer on CyberVista’s behalf, must not engage in any activities that could cause CyberVista to violate the FCPA, UKBA, or any other anti-corruption laws and regulations.
- If any person approaches Customer to request a bribe, in any amount, Customer must immediately report that bribe to CyberVista and not take any further actions with that individual or any entity that the individual represents without additional guidance from CyberVista.
- If any person approaches Customer to request a bribe on behalf of another person or entity, Customer must immediately report that request to CyberVista and not take any further actions with that person, or any entity that the person represents without additional guidance from CyberVista.
- Customer is advised that if any CyberVista employee or agent becomes aware that a customer has received a bribe (or believes this to be the case), the employee or agent must immediately report the matter to CyberVista.
- Customer must not authorize or facilitate any other party (such as an agent, sub-agent, consultant, or local representative) to make a bribe.
- All records and business documents provided by Customer to CyberVista must be current, accurate, and complete.
- Customer must have in place appropriate policies and procedures to implement this Code of Conduct and to comply with the FCPA, the UKBA and any other applicable anti-bribery laws.
10.2 Sanctions Laws and Regulations: It is CyberVista’s policy to comply fully with the economic sanctions administered by the U.S. Government, including those administered by the U.S. Department of the Treasury’s Office of Foreign Assets Control (“OFAC”), as well as those administered by the U.K. Government, (administered by Her Majesty’s Treasury’s Office for Financial Sanctions Implementation), the Australian Government, the Singaporean Government, the European Union (“EU”), and the United Nations (“UN”). Customer is expected to comply with the U.S. sanctions, U.K. sanctions, Australia sanctions, Singapore sanctions, EU sanctions, and UN sanctions.
Under the U.S. sanctions, which are the broadest of the sanctions programs administered by the relevant government authorities, U.S. persons, which include any U.S. citizen, permanent resident alien, entity organized under the laws of the United States or any jurisdiction within the United States (including foreign branches), or any person in the United States, generally are prohibited from engaging in transactions with or involving sanctioned territories or sanctioned persons. These prohibitions include importation, exportation, and re-exportation of goods and services, whether direct or indirect, as well as “facilitation” by a U.S. person of transactions between foreign parties and a sanctioned person, entity, or country. Sanctions programs often involve very broad prohibitions, and these prohibitions can vary depending on the country, person, or entity.
Under CyberVista’s policy, Customer must comply with the following guidelines:
- All transactions engaged in by Customer (or any other parties working with Customer) on behalf of CyberVista or relating to its agreement with CyberVista must comply with the U.S. sanctions, U.K. sanctions, Australia sanctions, Singapore sanctions, EU sanctions and UN sanctions. Further, Customer must not engage in any activities that could cause CyberVista to violate the U.S., U.K., Australia, Singapore, EU, or UN sanctions or become a sanctioned person.
- Transactions with or involving any comprehensively sanctioned country or territory (including Cuba, Iran, North Korea, Syria, and the Crimea, DNR and LNR regions of Ukraine) must be approved in writing in advance by CyberVista before Customer (or any other parties working with Customer) engages in activities on behalf of CyberVista or relating to its agreement with CyberVista. While these territories are subject to comprehensive sanctions, and thus transactions with or involving them generally are prohibited if U.S. persons are involved in the transaction, there are certain general licenses and exemptions that may be applicable to CyberVista’s dealings.
- Transactions with or involving persons on OFAC’s Specially Designated Nationals and Blocked Persons (“SDN”) List, as well as with or involving persons 50% or more owned, directly or indirectly, individually or in the aggregate, by persons on the SDN List, are prohibited. The U.K., EU, Australia, and Singapore also maintain lists of blocked persons, and transactions with them and their direct and indirect owners have similar prohibitions. The UN sanctions also include a list of sanctioned persons that are subject to restrictions (the UN Security Council Consolidated List). Such blocked persons can be located anywhere in the world. Customer shall undertake any and all obligations included in its agreement(s) with CyberVista to ensure that no blocked persons are involved in any transactions undertaken by Customer on behalf of CyberVista or relating to its agreement with CyberVista. Transactions with or involving persons on other restricted parties lists administered by the U.S. government, such as OFAC’s Sectoral Sanctions Identifications (“SSI”) List or the U.S. Department of Commerce, Bureau of Industry and Security’s Entity List, the U.K. government, the Australian Government, the Singaporean Government, the EU, or the UN must be approved in writing in advance by CyberVista before Customer engages in activities on behalf of CyberVista or relating to its agreement with CyberVista with such persons.
Customer must have in place appropriate onboarding procedures to ensure that any other parties with whom it works on CyberVista’s behalf have in place appropriate policies and procedures to implement this Code of Conduct and to comply with the FCPA, the UKBA and any other applicable anti-bribery laws, as well as U.S. sanctions, U.K. sanctions, Australia sanctions, Singapore sanctions, EU sanctions and UN sanctions.
Customer hereby certifies that it has such procedures in place and will require any other parties with whom it works on CyberVista’s behalf to so certify, as well. Customer further certifies that an authorized representative has read and understood this Code of Conduct and that Customer and its personnel are committed to complying with its standards.
11.1 Compliance with Laws: Customer acknowledges that all Programs supplied hereunder are subject to all pertinent import and export laws and regulations of the United States, specifically including U.S. Export Administration Regulations. In the performance of its obligations, the parties agree to comply with any and all applicable U.S. laws and regulations on exportation and importation and all applicable laws and regulations in the Territory relating in any way to performance under this Agreement including, without limitation, obtaining all necessary import license or permits and any other government approval necessary for the importation of the Programs into the Territory. If any laws or regulations require that the Programs, any portion thereof, this Agreement, or any agreement with Users be registered with or approved by a governmental entity, CyberVista shall comply with such requirements after prior written notice to Customer specifying the required registration or approval. Customer will defend, indemnify, and hold CyberVista, its subsidiaries and associated companies, and their respective officers, directors and agents, harmless from and against any and all damages and expenses, including legal fees, incurred directly or indirectly as a consequence of Customer’s failure to comply with the aforementioned.
11.2 Applicable Taxes: If any government body imposes one or more applicable taxes as a consequence of services and/or deliverables provided under an Order Form, Customer shall pay CyberVista the applicable taxes after receiving an accurate tax invoice, and Customer is solely responsible for collecting, reporting, and timely remitting the applicable taxes to the applicable government body. Except as prohibited by law, Customer shall separately indicate on its invoices all applicable taxes and the jurisdiction to which the applicable taxes will be remitted, and Customer shall ensure that each such invoice complies with applicable GST/VAT Laws. Upon CyberVista request, Customer shall provide written evidence that Customer is properly licensed to collect the applicable taxes paid by CyberVista. Customer is solely liable for all penalties and interest resulting from Customer’s improper collection or remittance of applicable taxes.
11.3 Entire Agreement: This Agreement, including all exhibits hereto, shall constitute the entire agreement between the parties concerning the subject matter hereof. All prior and contemporaneous agreements, understandings, negotiations or representations, whether oral or in writing, relating to the subject matter of this Agreement are superseded. This Agreement may not be modified or amended except in a writing signed by a duly authorized representative of each party.
11.4 Notice: Any notice under this Agreement shall be given in writing to the address specified above and shall be deemed effective to the party one (1) business day following deposit for delivery with any national overnight courier or three (3) business days after deposit with U.S. certified mail.
11.5 Governing Law and Forum: This Agreement will be governed by and construed under the laws of the State of Delaware without regard to its choice of law and/or conflict of law provisions, and is subject to all United States laws and regulations relating to administrative acts of the U.S. Government pursuant to such laws and regulations. The parties hereby agree that the United Nations Convention on Contracts for the International Sale of Goods will not apply to this contract.
11.6 Assignment: Neither party may assign its obligations under this Agreement, either in whole or in part, without the prior written consent of the other party. Each party will respond to any written request for consent from the other party within thirty (30) days of receipt of such request. In the event a party to this agreement does not consent to the assignment of the obligations under this Agreement, the Agreement can be terminated by either party upon providing thirty (30) days written notice. Upon a party’s receipt of a written consent to assign its obligations from the other party, this Agreement will be binding upon the parties hereto and upon their respective administrators, executors, legal representatives, successors and permitted assignees, which will include without limitation any successor to all or substantially all of a party’s assets or any acquirer of a majority of the voting power of such party.
11.7 Force Majeure: Neither party will be liable for inadequate performance to the extent caused by a condition (for example, natural disaster, act of war or terrorism, riot, labor condition, governmental action, and Internet disturbance) that was beyond the party’s reasonable control.
11.8 Severability: If any provision of this Agreement is found invalid, void or unenforceable by a court of competent jurisdiction, the remaining provisions of this Agreement shall not be affected therefore, and such provision may be replaced by the lawful provision that most nearly embodies the original intention of the parties, and this Agreement shall in any event otherwise remain valid and enforceable.
11.9 Relationship of Parties: Notwithstanding anything to the contrary herein, the parties to this Agreement are independent contractors. There is no relationship of agency, partnership, joint venture, employment or franchise between the parties, and Customer’s employees and agents are not and shall not be deemed to be agents or employees of CyberVista. Neither party nor its employees has the authority to bind or commit the other party in any way or to incur any obligation on its behalf.
11.10 Order of Precedence: In the event of any inconsistency between the terms of an Order Form and these Terms & Conditions, these Terms & Conditions will prevail unless otherwise expressly amended or overridden in such Order Form with specific reference to the conflicting Terms that are intended to be amended or overridden.
Schedule 1: Service Level Agreement
CyberVista shall pass through the uptime commitments of its current SLA with its hosting provider as follows. For purposes of clarity, CyberVista, and not Customer, shall at all times communicate with Hosted Services Provider.
SERVICE LEVELS DEFINED.
Hosted Services Provider shall achieve or maintain the Service Levels set forth in the following Service Level Matrix:
|Category||Description||Measurement Details||Target Performance|
|Software||Online Availability||Availability = Uptime / (Total Time – Excused Downtime) x 100||The Software will meet or exceed 98% of required availability (e.g., continuous availability requires 99%)] availability each calendar month.|
|Application Performance||Software response time. Round trip response time to perform a transaction within the Software.||98% of all transactions shall process at no more than one second; no single transaction shall take no longer than five seconds to process.||Response times fall below the measurement details for two or more consecutive weeks.|
|Response Time||Response time during standard business hours||Hosted Services Provider will respond to Customer’s initial request for assistance within 2 hours.||[target 90%], measured on a monthly basis|
|Response time outside of business hours||Hosted Services Provider will respond to Customer’s initial request for assistance within 12-18 hours||[target 90%], measured on a monthly basis|
|Problem Resolution||Resolution of Severity 1 Error||Hosted Services Provider will resolve Severity 1 Errors within 12-18 hours following Hosted Services Provider’s response to Customer’s initial request for assistance||[target 99%], measured on a monthly basis|
|Resolution of Severity 2 Error||Hosted Services Provider will resolve Severity 2 Errors within 3-14 days following Hosted Services Provider’s response to Customer’s initial request for assistance||[target 99%], measured on a monthly basis|
|Resolution of Severity 3 Error||Hosted Services Provider will resolve Severity 3 Errors within 30 days following Hosted Services Provider’s response to Customer’s initial request for assistance||[target 99%], measured on a monthly basis|
2.1 “Emergency Support” means Hosted Services Provider’s prompt assistance outside of Hosted Services Provider’s normal business hours for 24-hours a day and 365-days of the year to resolve or provide a Work-around for Severity 1 Errors and Severity 2 Errors.
2.2 “Excused Downtime” means the time (measured in minutes) in any given calendar month during which the Software is not available as a direct result of scheduled maintenance activities.
2.3 “Measurement Details” means how Customer measures Hosted Services Provider’s performance as described in the Service Level Matrix.
2.4 “Resolution” means the correction or elimination of an Error, as reasonably determined by Hosted Services Provider.
2.5 “Remedy” means the calculation to obtain the Service Credits as described in Section 4.1 above.
2.6 “Service Credit” means the amount Hosted Services Provider will credit Customer for Measurement Details that fall below the Target Performance.
2.7 “Target Performance” means Hosted Services Provider’s performance obligation according to the calculation described in the Service Level Matrix.
2.8 “Total Time” means the time (measured in minutes) in any given calendar month.
2.9 “Uptime” means the time (measured in minutes) that the Educational Products are available through the Portal in any given calendar month.
2.10 “Work-around” means a temporary solution to an Error that results in the return of the software to functional or operational status and that permits Hosted Services Provider to perform their business functions until Hosted Services Provider provides a permanent solution.
3. SEVERITY LEVELS
3.1 Hosted Services Provider shall correct, address, and resolve all Severity 1 Errors and Severity 2 Errors (“Errors”) that Customer reports to Hosted Services Provider, and errors of a similar nature reported by Hosted Services Provider’s other customers or by Hosted Services Provider itself that affect Customer. Hosted Services Provider shall provide the following services in connection with Error resolution obligations: (a) problem reporting, tracking and monitoring by electronic mail and phone; (b) Emergency Support for Severity 1 Errors and Severity 2 Errors; (c) verification and Resolution (or instruction as to Work-around) as defined below; (d) response to Customer’s initial requests for assistance in accordance with the Service Level Matrix at which time diagnosis of the situation will begin and the Error categorized by Hosted Services Provider in accordance with the Severity Level in this Attachment; (e) diagnosis and resolution of Errors in accordance with the Severity Level definitions below; and (f) provision of the corrected Software.
3.2 Hosted Services Provider will have the right to declare the applicable Severity Level of an Error condition based upon its reasonable determination of the severity to Hosted Services Provider’s business. The Severity Level of an Error means the following:
3.3 “Severity 1 Error” means the Software is non-operational, resulting in a critical system condition, a critical Severity impacting Customer’s business and requiring immediate Resolution, identification of a bug or Error (either by Customer or at another of Hosted Services Provider’s customers) that results in a Severity 1 Error, or Customer is experiencing as a system bug or Error and believes that Hosted Services Provider’s software may be the contributing factor to bug or Error condition and requires Hosted Services Provider’s assistance in determining the root cause. Upon Customer’s request, Hosted Services Provider’s support Personnel will sustain a 24 hour per day effort to determine the root cause of the bug or Error until it provides a Work-around or Resolution. Support Personnel will continuously work to resolve the problem, escalating as necessary, and will apprise Customer of the status at the time and frequency specified by Hosted Services Provider. Hosted Services Provider shall assign a Crisis Manager who will be responsible for and manage the Resolution of the problem to its completion.
3.4 “Severity 2 Error” means the software is operational but a significant feature or function is not operating properly and there is an immediate impact on Customer’s business. Support personnel will continuously work to resolve the problems and will appraise Customer, at Customer’s request, of progress toward a Resolution. Customer will have the right to escalate the problem to a Severity 1 Error if, in the opinion of Hosted Services Provider management, Hosted Services Provider’s progress is insufficient towards Error Resolution.
3.5 “Severity 3 Error” means the software is operational with functional limitations or restrictions that are not critical to the overall operation of the software or the operation of Customer’s business. Hosted Services Provider will resolve Severity 3 Errors promptly as possible within the constraints of other technical support priorities.
3.6 “Severity 4 Error” means the Software is operational with problems or Errors that have little or no impact on system operations, the overall operation of the software, or the operation of Customer’s business. The parties will revisit Severity 4 Errors for resolution in a future Update of the Software.
4. SERVICE LEVEL REMEDIES
If Target Performance is not achieved for three or more consecutive months, Customer shall have the right, as its sole and exclusive remedy to terminate the applicable Program SOW upon notice to be delivered within thirty (30) days of such failure, and CyberVista shall offer a pro-rata refund of amounts paid but unused due to such failure during such period.