This Master Services Agreement (the “MSA”) is between Haxxess Enterprise Corporation (“Provider”) and Client found on the applicable quotation, proposal or order, proposal or quote (the “Order”) and, together with the Order and relevant Service Attachments forms the Agreement between the parties (the “Terms”). Client accepts these Terms by signing an Order, using the services, or continuing to use the services after being notified of change these Terms.
The parties agree as follows:
STATEMENT OF SERVICES
Service Attachments
The services to be delivered by Provider (the “Services”) and the fees for those Services, and the specific terms applicable to those Services are described in the Order or in one or more Service Attachments referencing this Agreement.
Except for Supplemental Services or Project Services (described below), and unless otherwise agreed in writing, the services Provider will deliver to Client are limited to those Services specifically identified in the Order and described in the Service Attachments or Descriptions. In the event of any conflict between the terms of a Service Attachment or Description and this Agreement, the terms in the Service Attachment or Description control. In the event of any conflict between the terms this Agreement and of an Order and any Service Attachment or Description, the terms of the Order control.
Provider may decline to perform any services requested by Client that are in violation of any applicable law or that are not typically associated with the Services provided by Provider.
Supplemental Services
“Supplemental Services” include additional services and equipment Client may need on a “one-off” or emergency basis that are not included within the scope of the Services described in an Order or the applicable Service Attachments. You will incur additional Service Fees for Supplemental Services. We will notify Client of any such additional Service Fees and will obtain Client’s approval prior to providing them. However, Provider has no obligation to determine the need for or to provide any Supplemental Services. All Supplemental Services are provided on an “as-is” basis and include no warranties of any kind, whether express or implied. In addition, if Provider determines that any additional services Client requests would be inappropriate for treatment as Supplemental Services under this paragraph, Provider may deliver to Client a proposed Service Attachment for Project Services or a Proposal prior to providing Supplemental Services.
Project Services
In some cases, Client may ask Provider to deliver services outside the scope of any Order or Service Attachment and inappropriate for treatment as Supplemental Services. Examples of such services include major system upgrades, new computer, machine or device setup, network changes, datacenter moves or setups, or installations. In those cases, Provider will prepare a separate Service Attachment for Project Services describing the proposed scope of those services and Provider’s fee to deliver them. Installation dates are estimates only. Customer shall be responsible for preparation and maintenance of the site for such Project Services or installations, including, but not limited to, providing necessary electrical power and communication lines and proper air conditioning and humidity control.
FEES FOR SERVICES | PAYMENT TERMS
Service Fees
Fees for Services are set forth in Order or Statement of Work. Unless otherwise indicated in writing, all Services will be performed on a time-and-materials basis at Provider’s then-current rates.
Adjustments to Service Fees
Except as may be specified in an Order, Provider may adjust the Service Fees charged under this Agreement as follows:
“User” means Client’s employees, consultants, contractors or agents who are authorized to use the Service and have been supplied user identifications and passwords by Client (or by Provider upon Client’s request). Users do not include any customers of Client or other third parties.
“Device” means any equipment included in the Services, whether owned by Client or provided by Provider for Client’s use, including, but not limited to computers, printers, servers, routers, and mobile or handheld microcomputers as well as the software necessary to operate such equipment.
Pass-Through Expenses
Client shall pay Provider’s reasonable out-of-pocket expenses, including travel expenses, lodging, meals, or other similar expenses, which may be incurred by Provider in performing Services. Any such “Pass-Through Expenses” will be billed at cost and invoiced monthly.
Payment Terms
Client shall pay the full amount reflected on any invoice as owed to Provider on the first (1st) day of each month. Without waiving any of its other remedies, Provider reserves the right to suspend services if payment is not received within thirty (30) days following Client’s receipt of that invoice. Client shall pay a late charge of one- and one-half percent (1.5%) per month or the maximum lawful rate, whichever is less, for all invoiced amounts not paid within ten (10) days following Client’s receipt of that invoice (the “Payment Deadline”).
If Client disputes in good faith all or any portion of the amount owed to us, or if Client otherwise require any adjustment to an invoiced amount, Client must notify Provider in writing, prior to the Payment Deadline, of the nature and basis of the dispute and/or adjustment. If Provider is unable to resolve the dispute prior to the Payment Deadline, Client nevertheless shall pay the entire invoiced amount by the Payment Deadline. If Provider ultimately determines that such amount should not have been paid, Provider shall apply a credit equal to such amount on against any Service Fees owed for the following month.
Special rates may apply for services requested outside of normal business hours (Eastern time) or on holidays. Special rates are one-and-one-half (1.5) times normal hourly rates, with a two-hour minimum. Holiday hour rates are two (2) times normal hourly rates, with a two-hour minimum.
Suspension of Service
If Client fails to pay all amounts owed under this Agreement when due, then upon at least ten (10) business days prior written notice, and in addition to any other remedies available to Provider, Provider may suspend Services and withhold Confidential Information (defined below) under this Agreement until full payment is made. Following any suspension of service under this provision, and after Client makes full payment to Provider, Provider shall restore the Services after validating that all components to be monitored and/or managed under any applicable Order or Service Attachment comply with Provider’s level of security, updates and best practices. Client shall pay a “Reactivation Fee” for such restoration equal to one month of the Service Fees. Provider’s right to suspend Services under this section is in addition to Provider’s right to terminate this Agreement.
Taxes
All charges and fees owed under this Agreement are exclusive of any applicable sales, use, excise or services taxes that may be assessed on the provision of the Services.
TERM AND TERMINATION
Term
This Agreement commences on the Order Effective Date, and it will remain in effect until either party terminates it as permitted below.
Month-to-Month Services
If the Order specifies no Initial Term with respect to any or all Services, then Provider will deliver those Services on a month-to-month basis until one party provides written notice to the other party of its intent to terminate those Services, in which case Provider will cease delivering those Services at the end of the next calendar month in which following receipt such written notice is received by the other party.
Termination
Either party may terminate this MSA for any reason or no reason upon at least thirty (30) days advance, written notice given to the other party. However, termination of this MSA will not, by itself, result in the termination of any Order or Service Attachments, and this MSA will remain in effect notwithstanding any notice of termination unless and until all Orders and/or Service Attachments are terminated or expire according to their terms.
INDEPENDENT CONTRACTOR
Unless otherwise agreed, Provider will perform all Services solely as an independent contractor and not as an employee, agent or representative of Client.
INTELLECTUAL PROPERTY RIGHTS
Provider Works
Unless specifically identified in a separate Statement of Work, any writing or work of authorship, regardless of medium, created or developed by Provider or Client in the course of performance under this Agreement and related to existing works owned by Provider is a “Provider Work,” is not to be deemed a “work made for hire,” and is and will remain the sole, exclusive property of Provider. To the extent any Provider Work for any reason is determined not to be owned by Provider, Client hereby irrevocably assigns and conveys to Provider all of its copyright in such Provider Work. Client further hereby irrevocably assigns to Provider all of its patent, copyright, trade secret, know-how and other proprietary and associated rights in any Provider Work.
License to Provider Works
If any Provider Work is located on hardware or equipment owned by Client, Provider hereby grants Client a perpetual, non-exclusive, revocable, royalty-free license to use any Provider Work during the term of this Agreement (“Limited License”). The Limited License will be immediately and automatically revoked without the need for notice in the event that either party terminates the Services or this Agreement.
License Restrictions
You shall not:
Additional license restrictions may be set forth in the Service Attachments.
Improvements to Services
Client hereby assigns to Provider any and all suggestions, ideas, enhancement requests, feedback, recommendations or other information provided by Client or Client’s users relating to any proposed improvements of or modifications to the Services.
PROVIDER-SUPPLIED EQUIPMENT
“Equipment” means any computer, networking or telephony equipment, racking, or associated hardware or other equipment (if any) that Provider installs on Client’s premises or that Provider ships to Client’s location to facilitate the delivery of Services. Equipment does not include any hardware or devices that Provider may sell to Client or that Provider procures on Client’s behalf.
Provider is and will remain the sole owner of any Equipment, which is provided on a rental or temporary basis only. This agreement transfers to Client no Equipment ownership rights of any kind.
Provider retains sole discretion to determine the appropriate Equipment and associated software and/or technology, if any, to be used at Client’s location, provided that Provider’s determination does not materially impair the availability or delivery of services under this Agreement. Provider also retains sole discretion to determine the necessity of maintenance, repairs and/or improvement of the Equipment.
Except as otherwise may be specified in an applicable Service Attachment, Provider makes no independent representations or warranties with respect to the Equipment. Any third-party warranties are Client’s exclusive remedies with respect to such Equipment. In the event of an Equipment malfunction, Provider will take commercially reasonable steps to ensure that Client receives the benefit of any manufacturer warranties applicable to the Equipment in use at Client’s location.
Client shall take reasonable care of the Equipment and shall not damage it, tamper with it, move or remove it, attempt to repair it, or attempt to install any software on it. Client is financially responsible, up to the full replacement value of all Equipment, for all damage to or loss of the Equipment used at Client’s location, other than loss or damage caused by Provider. In addition, Client shall obtain and maintain insurance with a reputable insurer for the full replacement value of the Equipment. Such policy or policies of insurance must cover the Equipment against loss or damage (including, without limitation, accidental loss or damage) and must name Provider as an insured beneficiary with respect to the Equipment. Upon demand, Client must produce evidence that such insurance is being maintained and is valid.
Client is responsible for providing the necessary power, network connection and appropriate environment to support the Equipment.
Client shall not remove any sign, label or other marking on the Equipment identifying Provider as the owner of the Equipment. Client does not acquire and will not acquire any rights of ownership in the Equipment by virtue of this Agreement, and Client does not have and will not have, by operation of law or otherwise, any lien or other similar right over or in relation to the Equipment.
On termination of any Agreement pursuant to which Client obtained any Provider-owned Equipment, Client shall allow Provider and its employees and contractors reasonable access to its premises to remove the Equipment. Alternatively, upon Provider’s request, Client shall return the Equipment to Provider via the carrier of Provider’s choice, for which Provider will pay all applicable shipping charges.
PROVIDER-SUPPLIED SOFTWARE
“Software” means all and any software installed on the Equipment or provided by Provider for installation on Client’s computer equipment to facilitate the delivery of the Services.
This Agreement does not transfer any right, title, or interest in the Software to Client. Client’s use of the Software is subject to all applicable terms of any end-user license agreement pertaining to the Software, a copy of which will be made available to Client, upon request.
You shall not, and shall not permit any third party, to:
NON-DISCLOSURE AND CONFIDENTIALITY
Confidential Information
During the course of performance under this Agreement, either party may be exposed to or may acquire the other’s proprietary or confidential information. Each party shall hold all such “Confidential Information” in strict confidence and shall not disclose any such information to any third party.
Confidential Information includes but is not limited to: (a) with respect to Provider, Provider’s unpublished prices for Services, audit and security reports, server/network configuration designs, firewall and other hardware configurations, passwords, all business plans, technical information or data, product ideas, methodologies, calculation algorithms and analytical routines, and other proprietary technology, (b) with respect to Client, content transmitted to or from, or stored by Client on, Provider’ servers, and (c) with respect to both parties, other information that is conspicuously marked as “confidential” or if disclosed in non-tangible form, is verbally designated as “confidential” at the time of disclosure and confirmed as confidential in a written notice given within one (1) day of disclosure.
Non-Confidential Information
Notwithstanding the preceding provision, Confidential Information does not include:
Agreement Confidentiality
No copy of the Order, this MSA, any Service Attachment or description, discussions, negotiations, terms or conditions relating to the Order, the MSA, Service Attachment, or any other information relating to the Order, this MSA, or any Service Attachment may be disclosed to any third party, except by reason of legal, accounting or regulatory requirements, without the prior written consent of the parties hereto.
Information Releases
Notwithstanding the preceding provisions, Provider may publicly refer to Client, orally and in writing, as a Client of Provider. Any other reference to Client by Provider may be made only pursuant to a written agreement between the parties.
CLIENT COVENANTS AND OBLIGATIONS
Assistance
Client shall provide in a timely and professional manner, and at no cost to Provider, assistance, cooperation, complete and accurate information and data, equipment, access to applicable computer and telecommunications facilities, networks, firewalls, servers, programs, files, documentation, passwords, a suitable work environment, and other resources requested by Provider to enable it to perform the Services (collectively, “Assistance”). Provider shall not be liable for any deficiency in performing the Services if such deficiency results from Client’s failure to provide full Assistance as required hereunder. Assistance includes, but is not limited to, designating a project manager or contact person to interface with Provider during the course of Services.
Software Licensing
Unless specifically otherwise agreed to in an applicable Order, Client represents and warrants that Client has title to or has a license or the right to use or modify the Software and has a license or right to permit Provider to use, access or modify any software that Client has requested Provider to use, access or modify as part of the Services.
It is the Client’s responsibility to independently ensure that ALL software in use by Client is properly licensed, and Client agrees to maintain records of applicable licenses. Provider will not promote the use of, or knowingly support software which is not properly licensed by Client. Assistance with software audits or licensing compliance matters are billable at Provider’s then current hourly rates.
Unsupported Software
Provider shall not be responsible or liable to Client for any consequences from the use of software no longer under manufacturer product support or no longer supported by the software publisher (“Unsupported Software”). THEREFORE, CLIENT AGREES TO HOLD PROVIDER HARMLESS FROM ANY LOSS, INJURY OR DAMAGE TO CLIENT OR ANY HARDWARE, SOFTWARE, AND/OR COMPUTER DATA OF CLIENT CAUSED BY ANY USE OF UNSUPPORTED SOFTWARE.
Provider Access
Client shall supply Provider necessary access to its personnel, appropriate documentation and records and facilities in order for Provider to timely perform the Services.
Broadband Internet access must be provided. Provider must be provided with remote access (via VPN or other reasonable remote access) to covered equipment. Appropriate cabling to all covered computers and devices must be provided. Appropriate air conditioning and ventilation for all covered computers and devices must be provided, in order to maintain temperature and air quality as specified by the applicable hardware manufacturers. Power surge protection must be provided for all covered computers and devices. Provider must be provided with convenient and timely access to the Equipment covered under this Agreement, adequate working space and facilities within a reasonable distance of the equipment, and access to and use of all information, internal resources, and facilities determined necessary to service the equipment. Customer may be required to conduct preliminary diagnostic steps or provide additional information related to a support request, prior to a technician being dispatched to Customer’s facility. Customer must agree to assign one employee to be liaison or contact person to Provider in order to make communications between both parties effective.
Third-Party Service Providers
Unless expressly undertaken by Provider in writing, Client is responsible for any third-party vendor or service provider (the “Third-Party Service Providers”) charges and to arrange for disconnection or termination and payment of charges related to the disconnection or termination of any related services with Client’s current carrier(s) or service provider(s). Provider is not responsible for any acts or omissions of Third-Party Service Providers. Provider does not warrant beyond any warranty offered by Third-Party Service Providers. In the event that a claim arises from any act or omission of a third-party provider, Client agrees that Client’s sole remedy will be against that third-party. The terms and conditions applicable to claims against Third-Party Service Providers are listed in Exhibit A.
Network Security and Malicious Events
Unless specifically otherwise agreed to in an applicable Order, it is Client’s sole responsibility to determine whatever actions deemed necessary to make Client’s data and voice networks and circuits secure from unauthorized access. Hardware firewall must be in place. Wireless data traffic in the environment must be securely encrypted. Provider is not responsible for the security of Client’s network and circuits from third parties, or for any damages that may result from any unauthorized access to Client’s network.
Client has an affirmative obligation to protect Client’s network environment, and to train its employees for spam, malware, phishing, virus protection, and prevention from criminal acts of third parties. Provider is not responsible for criminal acts of third parties, including but not limited to hackers, phishers, crypto-locker, and any network environment subject to ransom.
If a security system for Client’s network is included within the Services to be provided by Provider, Provider agrees to use commercially reasonable efforts to protect Client’s network from malicious attack by computer viruses, computer worms and/or computer hackers (collectively, “malicious activities”). However, Client understands that no security system can guaranty complete protection against malicious activities as such attacks often involve the intentional action by third parties to invade and injure computer systems. THEREFORE, CLIENT AGREES TO HOLD PROVIDER HARMLESS FROM ANY LOSS, INJURY OR DAMAGE TO CLIENT OR ANY HARDWARE, SOFTWARE, AND/OR COMPUTER DATA OF CLIENT CAUSED BY SUCH MALICIOUS ACTIVITIES.
Theft of Service
Client shall notify Provider immediately, in writing, by electronic mail or by calling the Provider customer support line, if Client becomes aware at any time that the Services are being stolen or used fraudulently. Failure to do so in a timely manner may result in the immediate termination of the Services and additional charges to billed to Client. Client will be liable for all use of the Service using Equipment stolen from Client and any and all stolen Service or fraudulent use of the Services. Credits will not be issued for charges resulting from fraud that arises out of third parties hacking into any Equipment. This includes, but is not limited to, modem hijacking, wireless hijacking or other fraud arising out of a failure of Client’s internal/corporate procedures. Provider will not issue credit for invoiced charges for fraudulent use resulting from Client’s negligent or willful acts or those of an authorized user of Client’s service. THEREFORE, CLIENT AGREES TO HOLD PROVIDER HARMLESS FROM ANY LOSS, INJURY OR DAMAGE TO CLIENT OR ANY THEFT OF SERVICE AND OR CLIENT CAUSE BY SUCH THEFT OF SERVICE.
Hardware Equipment
Client Equipment must be maintained under a manufacturer’s warranty or maintenance contract or is in working order. Provider is not responsible for client equipment that is not maintained under manufacturer’s warranty or maintenance contract or that is otherwise out of order. All fees, warranties, and liabilities against Provider assumes equipment is under manufactures warranty or maintenance contract or is in working order.
Provider in its reasonable opinion and supported by manufacturer information, may designate certain equipment as obsolete or defective, and therefore exclude it from coverage under this Agreement.
Independent Backup
Unless specifically otherwise agreed in to an applicable Order or Service Attachment or Description, Client must maintain an independent backup of all files that are sent to either the cloud or a data backup service. A backup solution must be in place, with backup copies stored off-site. It is the Client’s responsibility to verify that backups are made regularly, as well as the integrity of the backups. Provider shall not be held liable in the event of data loss, backup software failure, backup selection, backup hardware failure, backup media failure, or backup system failure even in the event that Provider was tasked to perform the backups. Client will be solely responsible for all lost data.
Third-Party Criminal Activity
Provider is not responsible for criminal acts of third parties, including but not limited to intrusions or unauthorized access of any kind, hackers, phishers, crypto-locker, and any network environment subject to ransom. CLIENT AGREES TO PAY RANSOM OR HOLD PROVIDER HARMLESS FOR ANY ACTIVITY AFFECTING NETWORK SECURITY ON CLIENT’S ENVIRONMENT RELATED TO THIRD-PARTY CRIMINAL ACTIVITY, NETWORK SECURITY OR PRIVACY. Any costs or fees to rebuild or service machines will be billed at provider’s then prevailing hourly rates.
Viruses
Anti-virus solution must be in place, updated, with valid update subscription. Provider is not responsible for any harm that may be cause by Client’s access to third party application programming interfaces or the execution or transmission of malicious code or similar occurrences, including without limitation, disabling devices, drop dead devices, time bombs, trap doors, Trojan horses, worms, viruses and similar mechanisms. Any costs or fees to rebuild or service machines are provided and sold separately by Provider.
Hardware and Software Configurations
All Hardware and Software Configurations implemented by Provider shall belong to Provider, and shall constitute Provider’s Confidential Information.
Client Data Security & Privacy
In addition to its other confidentiality obligations under an applicable Service Attachment, Provider shall not use, edit or disclose to any party other than Client any Client Data (defined below), except as otherwise requested by Client, or required by court order or applicable law. For purposes of this provision, all data stored on the virtualized machines assigned to Client, including locally stored personal data of individual employees, will be considered Client Data by Provider.
As between Provider and Client, all Client Data is owned exclusively by Client. Client Data constitutes Confidential Information subject to the terms of the Agreement. Provider may access Client’s User accounts, including Client Data, solely to respond to service or technical problems or otherwise at Client’s request.
Security and Regulatory Recommendations
Although it is under no obligation to do so, from time to time, Provider may make recommendations regarding regulatory compliance, safety and security related to Client’s network and practices (e.g., multi-factored authentication). If Client fails to adopt or implement the recommended protocols, Client is responsible for any and all damages related to regulatory, security, privacy, or data protection, including but not limited to fines, data breach notification, malware or ransomware costs, restoration, forensic investigation, restoring backups, or any other costs or damages related to Client’s refusal to implement the recommended protocols.
Password Management Services
If Provider provides password management services to Client, Client shall be responsible and liable for any unauthorized use of passwords. THEREFORE, CLIENT AGREES TO HOLD PROVIDER HARMLESS FROM ANY LOSS, INJURY OR DAMAGE TO CLIENT OR ANY THEFT OF PASSWORDS CAUSED BY SUCH USE OF THE PASSWORD SERVICES BY CLIENT.
PROVIDER REPRESENTATIONS AND WARRANTY
Internal Network Security Compromise Policy
Provider monitors the availability and performance of its internal firewall and network security. This process involves monitoring for intrusion attempts and potential security breaches. In order to minimize a possible compromise of security, all services and applications exposed to the Internet on Provider’s servers are updated with all commonly available security hotfixes and best practices. As appropriate, Provider proactively evaluates, investigates and reports security-related incidents to the appropriate authorities. Provider also monitors and proactively manages the anti-virus protection of its servers and applications using industry-recognized anti-virus software systems.
Service Warranty
We warrant that the Services will be performed in a professional and workmanlike manner and as described in an applicable Service Attachment or Description. All Services will be deemed to be accepted unless Client notifies Provider in writing within ten (10) working days after performance that the Services did not conform to this warranty. Provider promptly will correct any non-conformities and will notify Client in writing that the non-conformities have been corrected.
DISCLAIMER OF WARRANTY
PROVIDER DOES NOT WARRANT THAT THE SERVICES WILL BE PERFORMED ERROR-FREE OR UNINTERRUPTED, THAT PROVIDER WILL CORRECT ALL SERVICES ERRORS, OR THAT THE SERVICES WILL MEET CLIENT’S REQUIREMENTS OR EXPECTATIONS, OR THAT THE SERVICE WILL BE COMPLETELY SECURE. THERE ARE RISKS INHERENT IN INTERNET CONNECTIVITY THAT COULD RESULT IN THE TEMPORARY LOSS OF SERVICE AVAILABILITY. PROVIDER IS NOT RESPONSIBLE FOR ANY ISSUES RELATED TO THE PERFORMANCE, OPERATION OR SECURITY OF THE SERVICES THAT ARISE FROM CLIENT’S CONTENT OR THIRD-PARTY CONTENT OR SERVICES PROVIDED BY THIRD PARTIES. PROVIDER SHALL HAVE NO OBLIGATION WITH RESPECT TO A WARRANTY CLAIM (i) IF NOTIFIED OF SUCH A CLAIM AFTER THE WARRANTY PERIOD OR (ii) IF THE CLAIM IS THE RESULT OF THIRD-PARTY HARDWARE OR SOFTWARE FAILURES, OR THE ACTIONS OF CLIENT OR A THIRD PARTY.
FOR ANY BREACH OF THE SERVICES WARRANTY, CLIENT’S EXCLUSIVE REMEDY AND PROVIDER’S ENTIRE LIABILITY SHALL BE THE CORRECTION OF THE DEFICIENT SERVICES THAT CAUSED THE BREACH OF WARRANTY, OR, IF PROVIDER CANNOT SUBSTANTIALLY CORRECT THE DEFICIENCY IN A COMMERCIALLY REASONABLE MANNER, CLIENT MAY END THE DEFICIENT SERVICES AND PROVIDER WILL REFUND TO CLIENT THE FEES FOR THE TERMINATED SERVICES THAT CLIENT PRE-PAID TO PROVIDER FOR THE PERIOD FOLLOWING THE EFFECTIVE DATE OF TERMINATION.
TO THE EXTENT NOT PROHIBITED BY LAW, CLIENT ACKNOWLEDGES THESE WARRANTIES ARE EXCLUSIVE AND THERE ARE NO OTHER EXPRESS OR IMPLIED WARRANTIES OR CONDITIONS BY THE PROVIDER OR ANY THIRD-PARTY VENDORS’ INCLUDING FOR SOFTWARE, HARDWARE, SYSTEMS, NETWORKS OR ENVIRONMENTS OR FOR MERCHANTABILITY, SATISFACTORY QUALITY AND FITNESS FOR A PARTICULAR PURPOSE, AND THAT THOSE THIRD-PARTY VENDORS DISCLAIM ANY AND ALL LIABILITY, WHETHER DIRECT, INDIRECT OR CONSEQUENTIAL, ARISING FROM THE SERVICES.
PROVIDER MAY LINK TO OR OFFER THIRD-PARTY SERVICES FOR RESALE. ANY PURCHASE, ENABLING, OR ENGAGEMENT OF THIRD-PARTY SERVICES, INCLUDING BUT NOT LIMITED TO IMPLEMENTATION, CUSTOMIZATION, CONSULTING SERVICES, E-MAIL, WEB HOSTING, SERVER HOSTING, PHONE SERVICE, AND ANY EXCHANGE OF DATA BETWEEN CLIENT AND ANY THIRD-PARTY SERVICE, IS SOLELY BETWEEN CLIENT AND THE APPLICABLE THIRD-PARTY SERVICE PROVIDER AND IS SUBJECT TO THE TERMS AND CONDITIONS OF SUCH THIRD-PARTY PROVIDER. PROVIDER DOES NOT WARRANT THIRD-PARTY SERVICES AND IS NOT RESPONSIBLE OR LIABLE FOR SUCH SERVICES OR ANY LOSSES OR ISSUES THAT RESULT FROM CLIENT’S USE OF SUCH SERVICES. IF CLIENT PURCHASES, ENABLES OR ENGAGES ANY THIRD-PARTY SERVICE FOR USE IN CONNECTION WITH THE SERVICES, CLIENT ACKNOWLEDGES THAT PROVIDER MAY ALLOW THIRD-PARTY SERVICES PROVIDERS TO ACCESS CLIENT DATA USED IN CONNECTION WITH THE SERVICES AS REQUIRED FOR THE INTEROPERATION OF SUCH THIRD-PARTY SERVICES WITH THE SERVICES. CLIENT REPRESENTS AND WARRANTS THAT CLIENT’S USE OF ANY THIRD-PARTY SERVICE SIGNIFIES CLIENT’S INDEPENDENT CONSENT TO THE ACCESS AND USE OF CLIENT’S DATA BY THE THIRD-PARTY SERVICE PROVIDER, AND THAT SUCH CONSENT, USE, AND ACCESS IS OUTSIDE OF PROVIDERS’S CONTROL. PROVIDER WILL NOT BE RESPONSIBLE OR LIABLE FOR ANY DISCLOSURE, MODIFICATION OR DELETION OF DATA RESULTING FROM ANY SUCH ACCESS BY THIRD-PARTY SERVICE PROVIDERS.
COMPLIANCE WITH LAWS
Provider shall comply with all laws applicable to Provider in its role as a Managed IT Provider. For the avoidance of doubt, unless otherwise provided in a separate Data Processing Agreement (“DPA”), Provider is not responsible for complying with the laws applicable to Customer or Customer’s industry. Customer shall comply with all laws applicable to Customer or in Customer’s industry.
Although it is under no obligation to do so, from time to time, Provider may make recommendations regarding legal requirements and regulatory compliance protocols related to Client’s network and practices. If Client fails to adopt or implement the recommended legal requirements or regulatory compliance protocols, Client is responsible for any and all damages related to legal and regulatory compliance. Even if Client does take Provider’s advice regarding legal requirements and regulatory compliance protocols, Provider does not take responsibility for any legal requirements and regulatory compliance protocols or audits.
NO HIRING
Client shall not solicit for employment with Client any Provider employee with whom Client has had direct contact in connection with the Services during the Term of this Agreement and for twelve (12) months following termination of this Agreement.
Client acknowledges that injury resulting from any breach of this provision would be significant and irreparable and that it would be extremely difficult to ascertain the actual amount of damages resulting from such breach. Therefore, in the event of a violation of this provision, in addition to any other right Provider may have at law or in equity, Client shall make a one-time payment to Provider in the amount of one hundred percent (100%) of the affected employee’s base salary for one year, which accurately reflects the reasonable value of the employees time and costs. We agree that such amount is not intended as a penalty and is reasonably calculated based upon the projected costs the injured party would incur to identify, recruit, hire and train suitable replacements for such personnel.
DISPUTE RESOLUTION
Arbitration Procedures
Each party shall attempt to settle amicably by mutual discussions any disputes, differences, or claims related to this Agreement within sixty (60) days of the date any such dispute arises. Failing such amicable settlement, any such dispute, including claim related to the existence, validity, interpretation, performance, termination or breach of this Agreement, is to be settled by arbitration in accordance with the Arbitration Rules of the American Arbitration Association (“AAA”). The arbitration will be conducted in English and will have one (1) arbitrator. The Arbitrator will not have the authority to award punitive damages to either party. Each party will bear its own expenses, but shall share equally the expenses of the Arbitration Tribunal and the AAA. Any arbitration award will be final, and judgment thereon may be entered in any court of competent jurisdiction. The arbitration will be held in the city where Provider’s headquarters are located, or at another location upon which the parties may agree. Notwithstanding the foregoing, claims for preliminary injunctive relief, other pre-judgment remedies, and claims for Client’s failure to pay for Services may be brought in a state or federal court in the United States with jurisdiction over the subject matter and parties.
Period for Bringing Claim
No claims may be made more than six (6) months after the date by which the fault or failure should reasonably have been discovered; failure to make such a claim within the six (6) month period shall forever bar the claim.
Continued Service
Unless Provider is bringing an action for Client’s failure to make payments for Services not otherwise in dispute, Provider will continue to provide Services under this Agreement, and Client shall continue to make payments to us, in accordance with this Agreement, during the period in which the parties seek resolution of the dispute.
Attorneys’ Fees
In the event that there is any dispute, difference, or claim related to this Agreement that is resolved either through arbitration or through litigation, the prevailing party will be entitled to an award of reasonable attorneys’ fees incurred while defending or prosecuting such dispute, difference, or claim.
INDEMNIFICATION
By Client
Client shall defend, indemnify and hold Provider harmless against all costs and expenses, including reasonable attorney’s fees, associated with the defense or settlement of any claim that:
Client shall pay any judgments or settlements based on any such claims.
By Provider
Subject to the limitation of liability set forth in the section titled LIMITATION OF LIABILITY, Provider agrees to indemnify and hold Customer harmless from and against all loss, liability, and expense including reasonable attorney’s fees caused by Provider’s:
LIMITATION OF LIABILITY
EXCEPT AS MAY BE DESCRIBED IN AN APPLICABLE SERVICE DESCRIPTION OR IN A SERVICE AGREEMENT FOR PROJECT SERVICES, PROVIDER’ LIABILITY UNDER THIS AGREEMENT IS LIMITED TO ANY ACTUAL, DIRECT DAMAGES INCURRED BY CUSTOMER AND WILL NOT EXCEED THE GREATER OF (1) THE PROCEEDS OF ANY PROVIDER’S PROFESSIONAL LIABILITY INSURANCE MAINTAINED BY PROVIDER UNDER ITS APPLICABLE INSURANCE POLICIES, OR (2) THE AMOUNTS PAID BY CUSTOMER TO PROVIDER UNDER THIS AGREEMENT AND ALL SERVICE DESCRIPTIONS DURING THE SIX (6) MONTH PERIOD IMMEDIATELY PRECEDING THE ACCRUAL OF ANY SUCH CLAIM. IN THE EVENT OF AN INSURANCE COVERAGE DISPUTE, PROVIDER IS NOT REQUIRED TO DISPUTE THE COVERAGE DETERMINATION AND IS NOT REQUIRED TO FILE A DECLARATORY JUDGMENT ACTION.
IN NO EVENT IS EITHER PARTY TO BE HELD LIABLE TO THE OTHER PARTY FOR ANY INCIDENTAL, CONSEQUENTIAL, SPECIAL, INDIRECT OR PUNITIVE DAMAGES OR CLAIMS, INCLUDING BUT NOT LIMITED TO LOST PROFITS, LOST SAVINGS, LOST PRODUCTIVITY, LOSS OF DATA, LOSS FROM INTERRUPTION OF BUSINESS, LOSS OF PROGRAMS OR INFORMATION, AND THE LIKE THAT RESULT FROM THE USE OR INABILITY TO USE THE SERVICES OR FROM MISTAKES, THE SERVICES NOT MEETING CLIENT’S REQUIREMENTS OR EXPECTATIONS, OMISSIONS, TRANSLATIONS AND SYSTEM WORDINGS, FUNCTIONALITY OF FILTERS, MIGRATION ISSUES, INTERRUPTIONS, DELETION OF FILES OR DIRECTORIES, HARDWARE FAILURES, UNAVAILABILITY OF BACKUPS, ERRORS, DEFECTS, DELAYS IN OPERATION, TRANSMISSION, SECURITY BREACH, OR THIRD-PARTY SEVICE FAILURES, EVEN IF PREVIOUSLY ADVISED OF THEIR POSSIBILITY AND REGARDLESS OF WHETHER THE FORM OF ACTION IS IN CONTRACT, TORT OR OTHERWISE. PROVIDER WILL NOT BE LIABLE FOR ANY KIND OF AUTHORIZED ACCESS OR ANY HARM THAT MAY BE CAUSED BY CLIENT’S ACCESS TO THIRD PARTY APPLICATION PROGRAMMING INTERFACES OR THE EXECUTION OR TRANSMISSION OF MALICIOUS CODE OR SIMILAR OCCURRENCES, INCLUDING WITHOUT LIMITATION, DISABLING DEVICES, DROP DEAD DEVICES, TIME BOMBS, LOGIC BOMBS, TRAP DOORS, TROJAN HORSES, WORMS, VIRUSES, HACKERS, PHISHERS, CRYPTO-LOCKERS, RANSOMWARE, AND SIMILAR MECHANISMS. CLIENT AGREES THAT THE TOTAL LIABILITY OF PROVIDER AND CLIENT’S SOLE REMEDY FOR ANY CLAIMS REGARDING THE SERVICES UNDER THIS AGREEMENT, INCLUDING ANY SCHEDULE, OR OTHERWISE IS LIMITED TO PROCEEDS IN SECTION APPLICABLE INSURANCE COVERAGE.
CLIENT ACKNOWLEDGES AND AGREES THAT PROVIDER WOULD NOT ENTER INTO THIS AGREEMENT FOR THE CONSIDERATION GIVEN BY CLIENT BUT FOR THE LIMITATIONS OF LIABILITY AND DAMAGES CONTAINED IN THIS AGREEMENT. CLIENT ACKNOWLEDGES AND AGREES THAT THE RIGHT TO RECEIVE THE SERVICES IN EXCHANGE FOR THE LIMITATIONS IN THIS AGREEMENT AND THE OTHER CONSIDERATION GIVEN BY CLIENT FOR THE SERVICES CONSTITUTES A BARGAIN THAT IS FAIR AND REASONABLE.
INSURANCE
Client Obligations: Client shall maintain a minimum of One Million Dollars (US $1,000,000) in insurance coverage through its respective carriers. Such insurance must include, at a minimum, commercial general liability, workers compensation coverage, and first party cyber liability.
Provider Obligations: Provider agrees to maintain during the Term, professional liability insurance including errors and omissions with aggregate limits of at least One Million Dollars (US $1,000,000). Client’s insurance shall be primary over Provider’s insurance. Client agrees to waive and to require its insurers to waive any rights of subrogation or recovery they may have against Provider, its agents, officers, directors and employees.
DATA PRIVACY & PROTECTION
Client Data
Provider agrees that any electronic data or personal information submitted by Client to Provider as a part of the Service (“Client Data”) remains the property of Client and/or its end user or other third party. Provider agrees that it will comply with all applicable United States data privacy and data security laws that the Services are subject to and as stated herein.
California Consumer Privacy Act (“CCPA”)
The California Consumer Privacy Act (“CCPA”) became effective on January 1, 2020. Once effective, Provider shall comply with all aspects of CCPA by implementing and maintaining reasonable security procedures and practices to protect Personal Information as defined under CCPA, including encrypting Personal Information from unauthorized access, exfiltration, theft or disclosure. Provider shall be prohibited from selling, retaining, using or disclosing the Personal Information outside of the direct business relationship with Client’s regulated under CCPA. Provider acknowledges and agrees to certify that it understands the restrictions of CCPA and will comply with them when CCPA becomes effective, and that Client’s regulated under CCPA will execute an applicable Data Processing Addendum (defined below) required by CCPA for compliance.
Gramm-Leach-Bliley Act (“GLBA”) & Health Insurance Portability and Accountability Act (“HIPAA”) Data Processing
Client agrees not to provide any data to Provider subject to the Gramm-Leach-Bliley Act (“GLBA”) or Health Insurance Portability and Accountability Act (“HIPAA”). Client shall indemnify and hold Provider harmless for any claims related to Client Data that is regulated under GLBA and/or HIPAA, unless the parties enter an applicable Data Processing Addendum (defined below).
General Data Protection Regulation (“GDPR”) & United Kingdom Data Processing
Client agrees not to provide any data to Provider from any data subject of the European Union or the United Kingdom that is regulated under the General Data Protection Regulation (“GDPR”) or similar data protection regulation. Client shall indemnify and hold Provider harmless for any claims related to Client Data that is from a data subject from the European Union or the United Kingdom, or from claims from any data protection regulatory authority enforcing GDPR compliance or similar data protection regulation. If the United Kingdom departs from the European Union and decides to withdraw from or supersede GDPR with a similar data protection regulation, then the subsequent United Kingdom data protection regulation will be the governing regulation for United Kingdom’s data subjects.
New York SHIELD ACT (“SHIELD”)
Client agrees not to provide any data to Provider subject to the New York SHIELD Act (“SHIELD”). Client shall indemnify and hold Provider harmless for any claims related to Client Data that is regulated under SHIELD, unless the parties enter an applicable Data Processing Addendum (defined below).
Data Processing Agreement
For Clients who require the processing of CCPA, GLBA, HIPAA, GDPR, or United Kingdom data processing or similar data privacy and/or data protection regulation, Client must enter into an applicable agreement with Provider in the form of a data processing agreement (the “Data Processing Addendum”). Each data privacy or data protection regulation may contain its own separate addendum (or combined addendum) depending on Provider or Client’s regulated activities.
GENERAL
Observed Holidays
Provider reserves the right to identify observed holidays and adjust its holiday schedules from time to time. When a holiday falls on a weekend, Provider may close on the closest business day in observance of that holiday. After-hours emergency support is still available during these times, and Client will be charged for Services at Provider’s then prevailing Holiday support rates.
Notices
Except as otherwise provided under this Agreement, all notices, demands or requests to be given by any party to the other party shall be in writing and shall be deemed to have been duly given on the date delivered in person, or sent via fax, courier service, electronic mail, or on the date of the third business day after deposit, postage prepaid, in the United States Mail via Certified Mail, return receipt requested, and addressed as set forth on the applicable Order.
The address to which such notices, demands, requests, elections or other communications are to be given by either party may be changed by written notice given by such party to the other party pursuant to this Section.
Force Majeure
Provider will not be liable for any failure of performance of the Services due to causes beyond its reasonable control, including, but not limited to, fire, flood, electric power interruptions, national or regional emergencies, epidemics, pandemics, public health emergencies, stay-at-home orders, furloughs, quarantines, or other restriction or prohibition, civil disorder, acts of terrorism, riots, strikes, Acts of God, or any law, regulation, directive, or order of the United States government, or any other governmental agency, including state and local governments having jurisdiction over Provider or the Services provided hereunder (the “Affected Performance”).
Any party whose performance is so affected shall give written notice to the other party describing the Affected Performance. The parties promptly shall confer, in good faith, to agree upon equitable, reasonable action to minimize the impact on both parties of such condition. If the delay caused by the force majeure event lasts for a period of more than thirty (30) days, the parties shall attempt to negotiate an equitable modification to the Agreement pertaining to the Affected Performance. If the parties are unable to agree upon an equitable modification, then either party may serve thirty (30) days’ written notice of termination on the other party with respect only to the portion of the Agreement relating to the Affected Performance. Client shall pay Provider for that portion of the Affected Performance that was completed or that was in the process of being completed through the effective termination date of the Affected Performance.
Waiver
No delay in exercising, no course of dealing with respect to, and no partial exercise of, any right or remedy hereunder will constitute a waiver of any right or remedy, or future exercise thereof.
Assignment
Neither party may assign this Agreement, in whole or in part, or any of its rights or obligations hereunder without the prior written consent of the other party. However, Provider may assign or otherwise transfer its rights, interests and obligations under this Agreement without Client’s consent in the event of a change in control of 50% or more of the equity of Provider, the sale of substantially all the assets of Provider, or the restructuring or reorganization of Provider or its affiliate entities. If Client transfer its rights, interests and obligations under this Agreement without Provider consent then such assignment will not be valid, and Client shall remain responsible for all Fees under this Agreement and any Attachment regardless of whether Client continues to derive any benefit from the Services. In addition, unless otherwise agreed, Provider may contract with third parties to deliver some or all of the Services, and no such third-party contract is to be interpreted as an assignment of this Agreement. However, Provider will use commercially reasonable efforts to ensure that any and all such third parties abide by all of the terms of this Agreement, and, except as otherwise agreed, Provider will remain solely responsible for the fulfillment of all of Provider’s obligations under this Agreement. This Agreement is binding upon the parties, their successors and permitted assigns.
Marketing
Client hereby grants Provider the right to reference Client’s name, industry, logo, and URLs in its marketing literature, website, and/or correspondence to potential new Clients, so as to identify Client as a customer of Provider for marketing purposes and for Provider’s benefit. Such information is not considered Confidential Information subject to non-disclosure.
Notifications and Alerts
Client hereby grants Provider the right to utilize Client information to send alerts, notifications, news, and general correspondence to Client to provide the Services.
Survival
The parties’ respective duties and obligations with respect to proprietary rights, intellectual property rights, and non-disclosure and confidentiality will survive and remain in effect, notwithstanding the termination or expiration of this Agreement.
Amendment
Provider may, from time to time, in its sole discretion, and for any reason, amend the Order, the Master Services Agreement and any Service Attachments other Descriptions posted on Provider’s web page. However, the Master Services Agreement and Service Attachments in effect as of the date that Client signed the Order are the agreements that will govern the relationship until this Agreement expires or one of the parties terminates it. This Agreement may be modified or amended only by a writing signed by both parties.
Governing Law
This MSA is to be governed by and construed in accordance with the laws of the state in which the Provider resides.
Severability
If any term or provision of this agreement is declared invalid by a court of competent jurisdiction, the remaining terms and provisions will remain unimpaired, and the invalid terms or provisions are to be replaced by such valid terms and provisions that most nearly fulfill the parties’ intention underlying the invalid term or provision.
Third-Party Beneficiaries
This Agreement is for the sole benefit of the parties hereto and their respective successors and permitted assigns, and nothing herein is to be construed to give any person or entity, other than the parties hereto and their respective successors and permitted assigns, any legal or equitable rights hereunder.
No Disparagement
Neither Party, nor any of its respective partners, principals, shareholders, members, officers, directors, employees, affiliates, subsidiaries, agents, or representatives, shall initiate or participate in any action or conduct tending to injure, bring into disrepute, ridicule, damage, or destroy the goodwill of Provider or Client, or the others affiliates. The foregoing shall not be construed to prevent or prohibit a Provider or Client, or any of its respective partners, principals, shareholders, members, officers, directors, employees, affiliates, subsidiaries, agents, or representatives, from: (i) exercising its rights under this Agreement; (ii) complying with a legal obligation or a professional responsibility; or, (iii) reporting, providing, or disclosing information to federal, state, municipal, or local government agencies, authorities, or officials in the ordinary course of business or as required by law. Further, in the event Provider or Client or any of its respective partners, principals, shareholders, members, officers, directors, employees, affiliates, subsidiaries, agents, or representatives breach this Section, the non-breaching party and its respective partners, principals, shareholders, members, officers, directors, employees, affiliates, subsidiaries, agents, and representatives shall no longer be bound by the obligations set forth under this Section.
Entire Agreement
This Master Services Agreement, the Order, the Service Attachments or Descriptions, and any other attachments thereto (collectively, the “Agreement”) set forth Provider’s entire understanding with respect to the subject matter hereof and are binding upon both parties, their successors, and their permitted assigns, in accordance with the terms of the Agreement. There are no understandings, representations or agreements other than those set forth herein. Each party, along with its respective legal counsel, has had the opportunity to review this agreement. Accordingly, in the event of any ambiguity, such ambiguity will not be construed in favor of, or against either party.