END USER LICENSE AGREEMENT
This End User License Agreement (the “Agreement”), effective as of the acceptance date (“Effective Date”), is by and between RiskRecon Inc. and you (the “Subscriber”).
This Agreement sets forth the terms and conditions under which RiskRecon will make its Hosted Service available and under which Subscriber will access the Hosted Service, as more fully described in a Order(s) executed pursuant to this Agreement, all of which will be subject to the terms and conditions of this Agreement.
1 DEFINITIONS. The following definitions shall be used for purposes of this Agreement.
1.1 “Error” means a material failure of the Hosted Services to conform to its functional specifications, excluding failures resulting from Subscriber’s negligence or improper use of the Hosted Services.
1.2 “Government” means a government, whether at supranational, federal, state, provincial or municipal, an agency or instrumentality of a government and includes any entity, including a commercial entity, where any government or combination of governments hold the controlling equity interest or other means of control.
1.3 “Hosted Service” means software, data, and services and updates thereto developed and owned by RiskRecon and made available to Subscriber over a network and further described in a quotation.
1.4 “Report” means output resulting from the Hosted Service data which is available online for viewing via the Hosted Service and downloadable in electronic format such as .pdf.
1.5 “Schedule” means a purchase schedule or purchase order entered into by the parties, which identify the Hosted Services licensed to Subscriber along with any additional terms and conditions that may be applicable to Subscriber’s access thereto or use thereof. Schedules also indicate, as applicable, the pricing offered by RiskRecon to Subscriber for the Hosted Services and contains information related to the Hosted Services, including the documents titled “True-Ups and Renewals” and “Functional Specifications”.
1.6 “User” means individuals who are authorized by Subscriber to use the Hosted Service, for whom subscriptions to the Hosted Service have been purchased, and who have been supplied user identifications and passwords by Subscriber (or by RiskRecon at Subscriber's request). Users may include but are not limited to employees, consultants, contractors and agents of Subscriber.
1.7 “Vendor” means third party technology provider or service provider Subscriber monitors or intends to monitor via the Hosted Service.
2 LICENSE AND ACCESS RIGHTS.
2.1 Hosted Services Subject to the terms of this Agreement and applicable Schedule, RiskRecon grants to Subscriber a non-exclusive, nontransferable, revocable right to access and use the Hosted Services identified in the applicable Schedule for its internal business purposes only. RiskRecon and Subscriber agree and acknowledge that Subscriber may invite a Vendor to be a User of the Hosted Service for the purpose of accessing the Reports, and such use by Vendor will be for Subscriber’s legitimate internal business purposes of understanding Vendor’s risk profile to mitigate Subscriber’s vendor risk management concerns only.
2.2 Reports Subject to Subscriber’s ongoing compliance with the terms of this Agreement, RiskRecon hereby grants to Subscriber a limited, nonexclusive, nontransferable, non-sublicensable, revocable right to use the Reports solely for Subscriber’s internal business purposes, which may include sharing such Reports with Vendors for Subscriber’s legitimate internal business purposes of understanding Vendor’s risk profile to mitigate Subscriber’s vendor risk management concerns only.
2.3 Restrictions Except to the extent such restriction is expressly prohibited by applicable law, and other than as expressly set forth in this Agreement, Subscriber nor its Users shall not, and will not, and will not assist or permit any third party to: (i) disassemble, reverse engineer, decompile or otherwise attempt to derive source code of the Hosted Services or any component thereof; (ii) copy, reproduce, modify, alter or otherwise create any derivative works of, the Hosted Services or any Reports; (iii) sell, lease, or otherwise transfer to any third party, or sublicense access or use of the Hosted Services or any Reports (iv) use the Hosted Services to violate, misappropriate, or infringe the rights of any third party; (v) interfere with or circumvent any feature of the Hosted Services, including any security or access control mechanism; (vi) use the Hosted Services or Reports in any way not specifically licensed pursuant to this Agreement or not in accordance with provided related documentation; or (vii) attempt to do any of the foregoing.
3 HOSTED SERVICES
3.1 Provision of the Hosted Services
RiskRecon shall make the Hosted Service available to Subscriber and its Users pursuant to this Agreement and during the term. Subscriber agrees that its purchase of subscriptions is neither contingent upon the delivery of any future functionality or features nor dependent upon any oral or written public comments made by RiskRecon with respect to future functionality or features.
3.2 Use of the Hosted Services
3.2.1 RiskRecon Responsibilities. RiskRecon shall (i) provide basic support to Users between the hours of 02:00 am and 19:00 Eastern Time; and (ii) use commercially reasonable efforts to make the Hosted Service available 24 hours a day, 7 days a week, except for planned downtime (of which RiskRecon shall use commercially reasonable efforts to provide Subscriber at least 72 hours’ notice via the Hosted Services.
3.2.2 Subscriber Responsibilities. Subscriber is responsible for all activities that occur in User accounts and for Users' compliance with this Agreement. Without limiting the foregoing, Subscriber shall: (i) represent and warrant that Subscriber and its Users shall access and/or use the Hosted Service and Reports only as permitted under this Agreement, as described in Sections 2.1, 2.2 and 2.3 (ii) use commercially reasonable efforts to prevent unauthorized access to, or use of, the Hosted Service, and notify RiskRecon promptly of any such unauthorized access or use; (iii) ensure that Subscriber’s and User’s access and/or use of the Hosted Services complies with all applicable local, state, federal and foreign laws when using the Hosted Service; and (iv) authorize RiskRecon to conduct the Hosted Service on its behalf, including monitor its own domain, if applicable. Subscriber acknowledges that RiskRecon is performing the Hosted Services at the instruction of the Subscriber, as may be set out in a Schedule or otherwise, and such instructions will not cause Risk Recon to violate any applicable laws and regulations. Subscriber authorizes RiskRecon to use the Reports created for specific vendor identified by Subscriber for its own purposes and for other Subscribers. To the extent that the Subscriber becomes aware that the provision by RiskRecon of the Hosted Services, or Subscriber’s instructions or subsequent use of the Hosted Services, do not comply with applicable law, Subscriber shall immediately communicate the same to RiskRecon, and the parties agree to cooperate in good faith to resolve the matter. The foregoing does not relieve RiskRecon of any liability under this Agreement.
4 DELIVERY, INSTALLATION.
4.1 As soon as practicable after each Order Effective Date, RiskRecon shall electronically deliver to Subscriber: (i) login credentials to the Hosted Services and (ii) relevant website links to access the licensed Hosted Services.
4.2 RiskRecon shall provide support services by email or by telephone to Subscriber’s technical personnel to assist Subscriber in using the Hosted Services, as specified on the Order(s), and will provide a telephone number for afterhours emergencies.
5 OWNERSHIP.
RiskRecon is, shall remain the sole owner of, and shall retain all right, title and interest in and to the Hosted Services and any related documentation, and any modifications, or improvements thereto or derivative works thereof, whether or not made by RiskRecon. RiskRecon reserves all rights in and to the foregoing, and Subscriber gains no rights or licenses hereunder, except as expressly granted in this Agreement.
6 CONFIDENTIAL INFORMATION.
Each party will regard any information provided to it by the other party and designated in writing as proprietary or confidential to be confidential (“Confidential Information”). Confidential Information shall also include information which, to a reasonable person is of a confidential or proprietary nature regardless of whether designated as such in writing. A party will not disclose the other party’s Confidential Information to any third party unless permitted in writing by the disclosing party prior to any such disclosure, and provided that such third party shall be informed by the party disclosing information of the confidential nature of such Confidential Information and shall be under a duty of confidentiality to such party that is no less restrictive than the terms hereof. Neither party shall make use of any of the other party’s Confidential Information except in its performance under this Agreement. Each party accepts responsibility for the actions of its agents, subcontractors, consultants, or employees and shall protect the other party’s Confidential Information in the same manner as it protects its own valuable confidential information, but in no event shall less than reasonable care be used. The parties expressly agree that the Hosted Solution, Reports, and the terms and pricing herein are the Confidential Information of RiskRecon. Subscriber will not remove or destroy any proprietary markings or restrictive legends placed upon or contained in the Hosted Solution or in the Reports. A receiving party shall promptly notify the disclosing party upon becoming aware of a breach or threatened breach hereunder, and shall cooperate with any reasonable request of the disclosing party in enforcing its rights. Information will not be deemed Confidential Information hereunder if such information: (i) is known prior to receipt from the disclosing party, without any obligation of confidentiality; (ii) becomes known to the receiving party directly or indirectly from a source other than one having an obligation of confidentiality to the disclosing party; (iii) becomes publicly known or otherwise publicly available, except through a breach of this Agreement; or (iv) is independently developed by the receiving party. The receiving party may disclose Confidential Information pursuant to the requirements of applicable law, legal process or government regulation, provided that it gives the disclosing party reasonable prior written notice to permit the disclosing party to contest such disclosure, and such disclosure is otherwise limited to the required disclosure.
7 INDEMNIFICATION.
7.1 By Subscriber. Subscriber, at its own expense, will defend, indemnify and hold harmless RiskRecon from and against any third-party claim against RiskRecon or its affiliates, or any of their officers, directors, employees or agents arising out of or related to: (i) Subscriber’s or its User’s access to or use of the Hosted Services, or a Report; or (ii) Subscriber’s breach of this Agreement, provided that RiskRecon: (a) promptly notifies Subscriber of such claim, (b) reasonably cooperates with Subscriber in defense of the claim as reasonably requested by Subscriber and at Subscriber’s cost, and (c) gives full control and sole authority over the defense and settlement of such proceeding, provided that Subscriber may not settle any such claim or action without RiskRecon’s prior written consent. RiskRecon may participate in the defense and settlement of such claim or action with legal counsel of its own choosing and at its own cost.
Notwithstanding the foregoing and to the maximum extent permitted by applicable law, if Subscriber’s or Subscriber’s Users breach of this Agreement concerns a breach of Section 3.2.2, Subscriber shall indemnify RiskRecon, its affiliates, and their respective employees, officers, agents, representatives, and contractors against all liability, costs, expenses, losses (including but not limited to any direct, indirect or consequential losses, loss of profit, loss of reputation and all interest, penalties, criminal fines and legal costs (calculated on a full indemnity basis) and all other professional costs and expenses) suffered or incurred by RiskRecon arising out of or in connection with such a breach by Subscriber. This Section shall apply whether or not RiskRecon has been negligent or at fault, and is not subject to the limitations set out in Section 9.4 and 9.5 of this Agreement.
7.2 By RiskRecon. RiskRecon, at its own expense, will defend, indemnify or at its sole option, settle, any claim or action brought by a third party against Subscriber or its officers, directors, employees or agents based on a claim to the extent alleging that the Hosted Services, when used within the scope of this Agreement, infringes any infringe a United States patent, copyright, or trademark of a third party (a “Claim”). RiskRecon’s obligations to indemnification are subject to Subscriber: (a) notifying RiskRecon of any such Claim promptly after it obtains knowledge of such Claim; (b) providing RiskRecon with reasonable assistance, information and cooperation in defending the lawsuit or proceeding; and (c) giving RiskRecon full control and sole authority over the defense and settlement of such claim, provided that such settlement fully releases Subscriber and is solely for monetary damages and does not admit any liability on behalf of Subscriber.
7.3 Exceptions. RiskRecon shall have no obligation to indemnify, defend or hold harmless hereunder to the extent that a Claim arises from or is based on any use of the Hosted Services: (i) not in accordance with this Agreement or any applicable documentation; or (ii) in combination with any other product or service that is not supplied or expressly approved by RiskRecon for use with the Hosted Services.
7.4 Remedies. Following notice of a Claim or upon any facts which in RiskRecon’s sole opinion are likely to give rise to such Claim, RiskRecon shall in its sole discretion and at its sole option, elect to (A) procure for Subscriber the right to continue to use the Hosted Services, at no additional cost to Subscriber, (B) replace or modify the Hosted Services so that it becomes non-infringing, but remains functionally equivalent, (C) terminate this the affected Schedule(s) and provide a refund to Subscriber for the pro-rata amount of any applicable prepaid Fees by Subscriber to RiskRecon for the remainder of Schedule Term, or (D) terminate this Agreement and provide a refund to Subscriber for the pro-rata amount of prepaid Fees by Subscriber to RiskRecon under each applicable Schedule for the remainder of the Schedule Term.
This Section sets forth RiskRecon’s sole and exclusive liability, and Subscriber’s sole and exclusive remedy for the actual or alleged infringement or misappropriation of any third-party intellectual property right by the Hosted Services or use thereof.
8 DATA PROTECTION
8.1 Subscriber and RiskRecon shall comply and shall have any subcontractor comply with all Privacy and Information Security Requirements to the extent applicable to the Hosted Services. As used herein, “Privacy and Information Security Requirements” means all applicable international, federal, state, provincial and local laws, rules, regulations, directives and governmental requirements relating in any way to the privacy, data protection, confidentiality, or security of Personal Data, including, without limitation, the EU General Data Protection Regulation 2016/679 (“GDPR”); the e-Privacy Directive 2002/58/EC (as amended by Directive 2009/136/EC, and as amended and replaced from time to time) and their national implementing legislations; the Gramm-Leach-Bliley Act; laws regulating unsolicited email, telephone, and text message communications; security breach notification laws; laws imposing minimum security requirements; laws requiring the secure disposal of records containing certain Personal Data; laws regulating banking secrecy and outsourcing requirements; laws regulating international data transfers and/or on-soil requirements; laws regulating incident reporting and data breach notification requirements, including guidelines and recommendations from the competent regulators; all other similar international, federal, state, provincial, and local requirements; the Payment Card Industry (“PCI”) Data Security Standards; and all applicable provisions of the parties’ written information security policies, procedures and guidelines. Capitalized terms not defined herein have the meaning set forth in the relevant Privacy and Information Security Requirements.
8.2 8.2 To the extent that Hosted Services under this Agreement involve the Processing of Personal Data, the following provisions will apply.
8.2.1 Notice and Consent. Subscriber shall be solely responsible for ensuring that it provides notice and relies on a valid legal ground, including consent for Processing Personal Data. Subscriber will obtain any consents necessary to enable RiskRecon to provide the Hosted Services, including for data transfers, as required under Privacy and Information Security Requirements. Subscriber shall be solely responsible for handling individuals’ requests in connection with withdrawing their consent or their rights to access, rectify, restrict or erase their Personal Data or exercise their right to data portability, if applicable, with regard to any Personal Data, object to the Processing of any Personal Data, or exercise their rights related to automated decision-making and profiling, if applicable, in connection with the Hosted Services.
8.2.2 Information Security Program. Both parties shall develop, maintain and implement a comprehensive written information security program that complies with all applicable Privacy and Information Security Requirements. Without limitation, each party’s information security program shall include technical, physical, and administrative/organizational safeguards designed to (1) ensure the security and confidentiality of Personal Data; (2) protect against any anticipated threats or hazards to the security and integrity of Personal Data; and (3) protect against any actual or suspected unauthorized Processing, loss, use, disclosure or acquisition of or access to any Personal Data (hereinafter “Information Security Incident”). Each party’s information security program shall, among other things, include regular testing or otherwise monitoring of the effectiveness of each party’s information safeguards.
8.2.3 Duty to inform. To the extent required by applicable legal, regulatory or law enforcement requirements, each party shall inform the other in writing of any Information Security Incident involving a party’s Personal Data. Such notice shall summarize in reasonable detail the effect on the other party, if known, of the Information Security Incident and the corrective action taken or to be taken. The applicable party shall promptly take all necessary corrective actions, and shall cooperate fully with the other in all reasonable and lawful efforts to mitigate the effects such Information Security Incident. Except to the extent prohibited by applicable legal, regulatory or law enforcement requirements, Subscriber must obtain the approval of RiskRecon prior to the publication or communication of any filings, communications, notices, press releases or reports related to any Information Security Incident that expressly mention RiskRecon, Mastercard or its affiliates.
8.2.4 Data Transfers. All data including Personal Data Processed in connection with this Agreement shall be transferred to and stored by RiskRecon and Mastercard in the United States, in accordance with applicable Privacy and Information Security Requirements.
9 LIMITED WARRANTY; DISCLAIMER OF LIABILITY; ANTI-CORRUPTION.
9.1 Limited Warranty. During the Schedule Term, RiskRecon warrants that the applicable Hosted Services will function in material accordance with the specifications for such Hosted Services, as solely determined by RiskRecon and may be updated by RiskRecon from time to time.
9.2 Disclaimer. EXCEPT AS EXPRESSLY PROVIDED IN THIS AGREEMENT, AND TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, RISKRECON AND ITS SUPPLIERS DISCLAIM ALL REPRESENTATIONS, WARRANTIES, TERMS AND CONDITIONS, WHETHER EXPRESS OR IMPLIED, REGARDING THE HOSTED SERVICES, RELATED DOCUMENTATION OR INFORMATION, AND OTHER MATERIALS AND SERVICES, AND SPECIFICALLY DISCLAIM THE IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR PURPOSE, SATISFACTORY QUALITY, MERCHANTABLE QUALITY, NONINFRINGEMENT AND THOSE ARISING FROM COURSE OF PERFORMANCE, DEALING, USAGE OR TRADE. THE HOSTED SERVICES ARE PROVIDED “AS IS” AND ON AN “AS AVAILABLE” BASIS, AND RISKRECON DOES NOT WARRANT THAT THE FUNCTIONS OR INFORMATION CONTAINED IN THE HOSTED SERVICES OR IN ANY UPDATE WILL MEET THE REQUIREMENTS OF SUBSCRIBER OR RESELLER OR THAT THE OPERATION OF THE HOSTED SERVICES WILL BE UNINTERRUPTED OR ERROR FREE OR FREE FROM ERRORS OR OTHER PROGRAM LIMITATIONS. ANY INFORMATION PROVIDED ON OR THROUGH THE HOSTED SERVICES MAY CONTAIN TECHNICAL OR TYPOGRAPHICAL ERRORS. RISKRECON DOES NOT GUARANTEE ITS ACCURACY OR COMPLETENESS AND ANY SUCH INFORMATION IS PROVIDED FOR INFORMATION PURPOSES ONLY, AND SUBSCRIBER ACKNOWLEDGES THAT SUBSCRIBER USES ANY SUCH INFORMATION AT ITS OWN RISK.
9.3 Remedies. To the maximum extent permitted by applicable law, RiskRecon’s sole and exclusive obligation and Subscriber’s sole and exclusive remedy for any failure of the Hosted Services, including the Hosted Service’s failure to meet the warranty in Section 9.1, is limited to the correction, adjustment or replacement of the failed Hosted Services which examination indicates, to RiskRecon’s satisfaction, to be defective or, at RiskRecon’s sole option, termination of the applicable Schedule(s) and, to the extent applicable, any refund of any pro-rata amount of any prepaid Fees paid by Subscriber to RiskRecon for the remainder of the Schedule Term.
9.4 Waiver. EXCEPT FOR EACH PARTY’S INDEMNIFICATION OBLIGATIONS, IN NO EVENT, SHALL EITHER PARTY BE LIABLE FOR INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES, OR ANY PENALTIES, CLAIMS FOR LOST DATA, REVENUE, PROFITS, COSTS OF PROCUREMENT OR SUBSTITUTE GOODS OR SERVICES OR BUSINESS OPPORTUNITIES, ARISING OUT OF OR RELATED TO THE SUBJECT MATTER OF THIS AGREEMENT, UNDER ANY CAUSE OF ACTION OR THEORY OF LIABILITY, WHETHER IN CONTRACT OR IN TORT INCLUDING NEGLIGENCE, EVEN IF A PARTY HAS BEEN ADVISED OF SUCH DAMAGES.
9.5 Limitation on Liability. EXCEPT FOR RISKRECON’S GROSS NEGLIGENCE OR WILLFUL MISCONDUCT, AND TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL RISKRECON’S AGGREGATE LIABILITY HEREUNDER ARISING OUT OF OR RELATED TO THE SUBJECT MATTER OF THIS AGREEMENT, REGARDLESS OF THE FORUM, AND REGARDLESS WHETHER ANY ACTION OR CLAIM IS BASED ON CONTRACT, TORT, OR OTHERWISE, EXCEED THE AMOUNTS PAID OR PAYABLE BY SUBSCRIBER UNDER THE APPLICABLE SCHEDULE UNDER WHICH THE CAUSE OF ACTION AROSE DURING THE TWELVE (12) MONTH PERIOD IMMEDIATELY PRECEDING THE EVENTS GIVING RISE TO THE CLAIM.
9.6 Anti-corruption. Subscriber shall comply with all applicable laws and regulations. Subscriber acknowledges that RiskRecon and any person or entity acting on its behalf must comply with international laws related to anti-bribery and corruption, including the United States Foreign Corrupt Practices Act, the UK Bribery Act, and all other applicable anti-bribery and anti-corruption laws. Subscriber will, and will ensure that its employees, personnel, subcontractors, agents and representatives, complies with all such applicable anti-bribery and corruption laws, including when interacting with Government Body Officials and any implementing regulations. Subscriber warrants, represents and covenants to RiskRecon that Reseller (and each of its employees, personnel, subcontractors, agents and representatives) has not and will not make, promise or offer to make any payment or transfer of anything of value or any other advantage directly or indirectly through a representative, intermediary agent or otherwise: (1) to any Government Body Official; (2) to any political party; or (3) to any other person for the purpose of improperly influencing any act, omission to act or decision or such official, political party or individual, or securing an improper advantage. Subscriber also warrants, represents and covenants to RiskRecon that its suppliers, and each of their employees, personnel, subcontractors, agents and representatives has not and will not accept anything of value from any third party seeking to improperly influence any act or decision of Subscriber or in order to secure an improper advantage to that third party. The term “Government Body Official” shall mean any employee or officer of a government of a country, state or region, including any federal, regional, state, or local government or department, agency, enterprise owned or controlled by such government, any official of a political party, any official or employee of a public international organization or any person acting in an official capacity for, or on behalf of such entities, and any candidate for political office. Failure by Subscriber to comply with the terms of this section will constitute a material breach of this Agreement.
9.7 Local laws. In the event Subscriber is a Government, the parties acknowledge as follows: (1) Risk Recon is providing the Hosted Services as contemplated herein at the request of the Subscriber. (2) Subscriber is a government agency, which is bound to follow mandates of procurement policies or laws in its sourcing of services and the parties acknowledge that (i) procurement of the Hosted Services herein is in compliance with such laws and policies; (ii) provision of the Hosted Services is not a gift and is not intended to personally benefit any individual nor is it transferrable in any way; and (iii) by providing the Hosted Services free of charge, RiskRecon has no expectations of future favorable treatment by the Subscriber. (3) The Subscriber may use the Reports for its internal purposes only, and the same shall not be disseminated to third parties or published in a public domain medium, except with the written permission of Risk Recon. (4) The Hosted Services will be provided during the Term. (5) For the avoidance of doubt, the Subscriber hereby agrees that provision of Hosted Services shall not preclude, hinder, waive, advantage or restrict in any way RiskRecon’s eligibility or fitness to qualify, compete for or be awarded future procurement, investment or grant opportunities.
10 TERM AND TERMINATION.
10.1 Term of the Agreement. The term of this Agreement shall commence on the Effective Date and shall expire on when all of the Schedules have terminated or expired, unless either party provides an earlier notice of termination (“Term”0.
10.2 Term of Schedules. Each Schedule shall have a term as set out in the Schedule, commencing from the effective date of each such Schedule (“Schedule Term”). Fees applicable to the renewed Schedules are calculated based on the True-Ups and Renewals document attached to the applicable Quotation, as may be updated from time to time by RiskRecon. Fees applicable to the renewed Schedules are calculated based on the True-Ups and Renewals, as may be updated from time to time by RiskRecon.
10.3 Termination for Cause. Either party may terminate this Agreement or Schedule in the event the other party materially breaches the terms of this Agreement and fails to cure such breach within thirty (30) days after receiving written notice of such breach. Additionally, RiskRecon may terminate this Agreement immediately if Subscriber terminates its business operations, becomes insolvent, suffers the appointment of a receiver or makes an assignment for the benefit of creditor, or enters into voluntary or involuntary bankruptcy
10.4 Termination for Adverse Change. In the event a change in law or regulation prohibits or impairs RiskRecon’s ability to provide the Hosted Services (“Adverse Change”), RiskRecon may suspend the provision of, and Subscriber’s right access and use the Hosted Services for the duration of the Adverse Change, as may be necessary for RiskRecon to address the Adverse Change. If RiskRecon, in its sole discretion, reasonably determines that it is unable to modify the Hosted Services to address the Adverse Change, RiskRecon may terminate this Agreement or any affected Schedule upon written notice with no further liability to Subscriber.
10.5 Effect of Termination. Each Schedule will terminate along with the expiration or termination of this Agreement. Upon termination of a Schedule, Subscriber’s right to access and use the Hosted Services shall terminate, and, except to the extent agreed to in writing by the parties: (i) Subscriber shall cease all use of the Hosted Services; and (ii) Subscriber shall promptly pay any amounts due or owed under the Schedule as of the date of termination. In the event RiskRecon terminates this Agreement or a Schedule pursuant to Section 10.4 or Subscriber terminates this Agreement or a Schedule pursuant to Section 10.3, RiskRecon shall refund to Subscriber the pro-rata amount of Fees prepaid by Subscriber to RiskRecon under each terminated Schedule for the remainder of each such Schedule Term.
10.6 Survival Sections: 1, 3.2.2, 5, 6, 7, 8, 9, 10.5, 10.6, and 11 shall survive expiration or termination of this Agreement according to their terms.
11 GENERAL PROVISIONS.
11.1 Successors and Assigns. This Agreement shall bind and inure to the benefit of each party’s permitted successors and assigns. RiskRecon may assign any of its rights or obligations without prior written consent of Subscriber to its affiliates and in connection with a merger, acquisition, consolidation, asset or stock sale, or similar transaction. RiskRecon may assign its rights to payments under this Agreement without obtaining Subscriber’s consent. Any attempted assignment of this Agreement in violation of this Section will be null and void. This Agreement will be binding upon and inure to the benefit of each party, their respective successors and permitted assigns. In the event of an assignment by Subscriber, Subscriber shall pay RiskRecon any additional agreed professional services fees, one-time deployment fees, or other reasonable costs incurred by RiskRecon in connection with the migration of the Hosted Services to the assignee. The parties will negotiate in good faith the scope and the payment terms of any such additional fees by entering into a new Schedule to be signed by both parties.
11.2 Governing Law; Arbitration and Venue. This Agreement shall be governed solely by the laws of the State of New York, without regard to its principles of conflicts of law. The application of the United Nations Convention of Contracts for the International Sale of Goods or other international laws is expressly excluded. The parties consent to the personal and exclusive jurisdiction of the federal and state courts located in the State of New York.
11.3 Dispute Resolution and Attorney Fees. Any disputes arising under this Agreement will be resolved as follows: (a) the senior management of both parties will meet (in person or via teleconference) to attempt to resolve the dispute; (b) if senior management cannot resolve the dispute, either party may make a written request for formal resolution of the dispute. The written request will specify the scope of the dispute; (c) within 30 days after such written request, the parties will meet for one day and consider dispute resolution alternatives other than litigation; and (d) if an alternative method of dispute resolution is not agreed upon within thirty (30) days of the meeting, either party may pursue litigation proceedings.
This Section 11.3 will not be deemed to waive, preclude, or otherwise limit either party’s right to: (i) pursue an enforcement action through the applicable federal, state, or local agency if that action is available; (ii) seek injunctive or other equitable relief in a court of law in aid of arbitration; or (iii) to file suit in a court of law to address an intellectual property infringement claim.
11.4 Force Majeure.Except, to the extent applicable, for Subscriber’s payment obligations, neither party shall be liable to the other party for any delay or failure in performance, solely to the extent such delay or failure is due to causes beyond a party’s reasonable control, provided that such party uses commercially reasonable efforts despite such causes to timely perform its obligations hereunder.
11.5 Severability and Waiver. If any provision of this Agreement is found invalid or unenforceable, that provision will be enforced to the maximum extent permissible so as to effect the intent of the parties and the remainder of this Agreement will remain in full force and effect. Neither party will be deemed to have waived any of its rights under this Agreement by lapse of time or by any statement or representation other than by an explicit written waiver. No waiver of a breach of this Agreement will constitute a waiver of any prior or subsequent breach of this Agreement.
11.6 Construction; Integration; and Modification. This Agreement will not be construed in favor of or against either party by reason of authorship. This Agreement, including all attachments, exhibits, constitutes the entire agreement between the parties, and supersedes and replaces all prior or contemporaneous understandings or agreements, written or oral, regarding such subject matter. With respect to the specific Licenses and Access Rights, if there is a conflict between the Schedule and this Agreement, the term of this Agreement shall govern. This Agreement may be modified, amended, or supplemented by RiskRecon at any time.
11.7 Notices. Any notice, request or other communication required or permitted hereunder shall be in writing and shall be deemed to have been duly given if personally delivered, sent by e-mail (with return e-mail acknowledging receipt), sent by facimile transmission, or sent by mail and only if followed by express courier to the addresses as either party may provide in writing.
11.8 Export Control Laws. The parties agree to comply with all applicable export and reexport control laws and regulations and trade and economic sanctions. Subscriber represents and warrants that Subscriber is neither a Prohibited Person nor owned or controlled by a Prohibited Person. “Prohibited Persons” shall mean a person or entity appearing on the lists published by the U.S. government as amended from time to time, that is prohibited from acquiring ownership or control of items under this Agreement, or with which RiskRecon is prohibited from doing business. For reference, a consolidated list is available at http://export.gov/ecr/eg_main_023148.asp (or a successor URL), as may be updated from time to time.
11.9 Publicity. RiskRecon will have the right to mention that Subscriber is a user of the Hosted Service in RiskRecon’s press releases, descriptions and communications, and all related promotional and marketing materials at any time, in each case relating to the Hosted Service. Subscriber hereby grants to RiskRecon a nonexclusive, worldwide, fully paid-up, nontransferable license, without right of sublicense, to copy, distribute, display, and use any marks owned or used by Subscriber for the purposes described in this section. All proprietary rights and goodwill associated with RiskRecon’s use of the Subscriber’s marks will inure to the benefit of Subscriber.