Secureframe Managed Service Provider Agreement

Last Updated: May 25, 2023

This Managed Service Provider Agreement (“Agreement”) constitutes a contract between Secureframe, Inc. with offices at 548 Market St., Suite 30287, San Francisco, CA 94104 (“Secureframe”), and you (“Partner”). Partner agrees to be bound by the terms of this Agreement upon the earlier of: (a) its download, installation, access to or use of any of Secureframe’s software or services in relation to activities as a Managed Service Provider (including the Services); or (b) its express consent to this Agreement (“Effective Date”).

This Agreement includes and incorporates any Order Form under which Partner purchased any of Secureframe’s software or services. If you are entering into this Agreement on behalf of a company, organization or other entity, you represent that you have proper authority to bind such entity and are agreeing to this Agreement on behalf of such entity. If you do not have such authority to enter into this Agreement or do not agree with these terms and conditions, you may not use or act as a Managed Service Provider of any Secureframe software or services. In the event of any inconsistency or conflict between this Agreement and any Order Form, the Order Form will control.

1. Definitions

Any terms not defined in this Section shall have the meaning ascribed to them in their relevant Section.

“Applicable Law” means all laws, statutes, ordinances, regulations and other types of government directives applicable to the access, use or provision of the Services, including the California Consumer Privacy Act of 2018 and the General Data Protection Act of 2016 (Regulation (EU) 2016/679).

“Authorized User” means a Customer’s authorized employees, contractors, vendors and consultants (including Partner’s employees and contractors where so authorized).

“Confidential Information” means any information or data disclosed by either party that is marked or otherwise designated as confidential or proprietary or that should otherwise be reasonably understood to be confidential considering the nature of the information and the circumstances surrounding disclosure, including all Order Forms, Customer Data, and all non-public business, technology, product, roadmap, financial, pricing, and marketing information. Notwithstanding the foregoing, Confidential Information will not include any information which: (a) is or becomes generally available to the public without breach of any obligation owed to the disclosing party; (b) was properly known to receiving party, without restriction, prior to disclosure by the disclosing party; (c) was properly disclosed to receiving party, without restriction, by another person with the legal authority to do so; or (d) is independently developed by the receiving party without use of or reference to the disclosing party’s Confidential Information.

“Customer” means an end-user customer of Partner that has signed up for Secureframe’s Services through Partner and with whom Partner has entered into a Customer Agreement for the management and provision of Secureframe’s Services.

“Customer Agreement” means a binding agreement between Partner and each Customer that: (a) includes the Secureframe Terms of Service; (b) completely disclaims Secureframe’s liability for all matters arising out of or related to this Agreement and the Customer Agreement, to the fullest extent permissible by law, and requires the Customer, and any third parties using the Services through Customer, to seek redress solely against Partner for any matters covered thereunder; and (c) ensures that Secureframe has the right to enforce the Secureframe Terms of Service against Customer, including via a third party beneficiary clause where appropriate.

“Documentation” means the written instructions, technical documentation, manuals and other materials made available by Secureframe related to the Services, which Secureframe may modify from time to time.

“Installed Software” means any software provided by Secureframe to be installed by Partner, Customer or its Authorized Users solely for use with the Services.

“Intellectual Property Rights” means any and all registered and unregistered rights granted, applied for, or otherwise now or hereafter in existence under or related to any patent, copyright, trademark, service mark, trade secret, database protection, or other intellectual property rights laws, and all similar or equivalent rights or forms of protection, in any part of the world.

“Managed Services” means the services, software, hardware, goods and support offered by Partner to its Customers (including the delivery, management, support and use of the Secureframe Services on behalf of any Customer).

“Order Form” means a quote, ordering document or other writing prepared by Secureframe, executed by Partner, and accepted by Secureframe that sets forth the specific Services that Partner is authorized to access and manage on behalf of each applicable Customer and the applicable fees, volumes, payment schedule and initial subscription term.

“Secureframe Terms of Service” means the then-current terms and conditions located at https://secureframe.com/terms, governing the use of and access to the Services.

“Services” means any Secureframe products and services made available to Partner and Customers hereunder, including: (a) the Secureframe proprietary software, including any software code, utility, application interface, tools, or services related thereto; (b) the Installed Software; (c) any open-source software used by Secureframe in support of the products and services; (d) the Documentation; and (e) any updates, upgrades, enhancements, improvements, derivative works, and modifications of the foregoing, including the general know-how, performance metrics, analytics and machine learning developed over time.

“Term” means the period of time during which Secureframe has authorized Partner to access and manage the Services on behalf of Customers as set forth in any applicable Order Form and subsequent Renewal Term(s).

2. Services and Responsibilities

2.1 Provision of Secureframe Platform. Secureframe hereby grants Partner a limited non-exclusive, non-sublicensable, non-transferable: (a) right to resell, offer access to, use and manage the Services; and (b) if applicable, license to install and use the Installed Software solely in object code form, in each case solely to and on behalf of Customers for such Customers’ internal business purposes and subject to the terms and conditions of this Agreement. Such right and license may be restricted to Customers located in a specific geographic region where, if applicable, such restriction is included as part of this Agreement by exhibit or other writing. Partner shall provide any information and assistance reasonably requested by Secureframe with respect to any Customers. The Services are subject to modification from time to time at Secureframe’s sole discretion, provided the modifications do not materially diminish the functionality of the Services.

2.2 Partner’s Use of the Services. Partner acknowledges and agrees that the Services are being made available to Partner pursuant to both the terms of this Agreement and the Secureframe Terms of Service, and any use of the Services by Partner or any Customer is subject to the use rights and restrictions in the Secureframe Terms of Service. When using the Services for its own purposes, Partner shall be considered a “Customer” under the Secureframe Terms of Service. Secureframe shall be responsible solely to Partner for providing the Services, including all related support, in accordance with the Secureframe Terms of Service.

2.3 End-Customer Agreement. Partner shall not make the Services available to any Customer except pursuant to a Customer Agreement.

2.4 No Additional Representations or Warranties. Partner shall make no representations or warranties concerning the Services other than the limited warranties included in the Secureframe Terms of Service. Partner shall be solely responsible for providing, at its own cost, sales, sales support, technical support, training, account management, billing and collection services, solicitation of orders and distribution of marketing materials to Customers and prospects. Partner shall not in any way misrepresent, or in any way cause to be ambiguous: (i) Partner’s relationship with Secureframe; (ii) Partner’s duties as specified in the Agreement; (iii) the features of the Services (including any technical specifications and expected benefits of use); or, (iv) the origin of the Services. Partner shall not represent itself as Secureframe or as the manufacturer, exclusive agent, or exclusive vendor of the Services.

2.5 Partner Managed Services Responsibilities. Partner is solely responsible for the delivery and results of all of its Managed Services, including all of its agreements, commitments, acts, omissions, obligations, warranties, representations or misrepresentations in connection therewith, and agrees to: defend Secureframe against all claims and lawsuits in any form brought by Customers or any other third party against Secureframe arising out of, or in connection with, such Managed Services or the failure to enter into a Customer Agreement; and, indemnify and hold harmless Secureframe against all resulting liabilities, losses, damages, costs and expenses (including reasonable attorney and expert witness fees) incurred by Secureframe. 

2.6 Limited Marketing Rights. Subject to and conditioned on Partner’s compliance with all terms and conditions of this Agreement, Secureframe hereby grants Partner a limited non-exclusive, non-sublicensable, non-transferable, and fully revocable license to use Secureframe’s name and logo solely during the Term and solely in connection with the marketing and resale of the Services to existing and potential Customers, provided that any press releases by Partner are expressly approved by Secureframe in writing in advance. Partner shall comply with any and all Secureframe branding, name and/or logo usage guidelines communicated to Partner from time to time. Partner agrees to, and hereby does, assign any and all goodwill arising from use of Secureframe’s name and logo to Secureframe.

2.7 Data Protection. Secureframe maintains a commercially reasonable security program that is designed to: (a) ensure the security and integrity of Customer data provided by or on behalf of Partner or a Customer to Secureframe in connection with the Services (collectively, “Customer Data”); (b) protect against threats or hazards to the security or integrity of Customer Data; and (c) prevent unauthorized access to Customer Data. Solely if and to the extent Secureframe processes Partner or Customer personal data that is subject to applicable data protection laws (as defined in the DPA), the Data Processing Addendum provided at https://secureframe.com/dpa (“DPA”) is hereby incorporated into, and shall be fully governed by, this Agreement.

2.8 Restrictions. Partner will not, and shall ensure that its Customers and their Authorized Users will not, directly or indirectly: (a) reverse engineer, decompile, disassemble, modify, copy, create derivative works of or otherwise create, attempt to create or derive the source code, object code or underlying structures, ideas or algorithms of the Services or any data related thereto; (b) attempt to probe, scan or test the vulnerability of the Services, breach the security or authentication measures of the Services without proper authorization, or render any part of the Services unusable; (c) use or access the Services to develop a product or service that is competitive with Secureframe’s products or services or engage in competitive benchmarking; (d) share, transfer, distribute, resell, lease, license, sublicense, make available or otherwise offer the Services on a standalone basis; (e) remove any proprietary notices from the Services or related Documentation; (f) provide any infringing, offensive, fraudulent or unlawful content in connection with the Services (any such content may be reported using Secureframe’s content dispute policy located at https://secureframe.com/websiteterms); (g) use the Services or related Documentation in any manner or for any purpose that violates this Agreement or Applicable Law, or infringes, misappropriates, or otherwise violates any Intellectual Property Right or other right of any person (collectively, the “Restrictions”).

2.9 Privacy and Data Rights. All Customer Data collected through the Services is subject to the privacy policy located at https://secureframe.com/privacy. Partner acknowledges and agrees that the Services will require Partner, Customers and their Authorized Users to share with Secureframe certain information which may include personal data regarding Authorized Users (such as names, usernames, hashed passwords, email address and/or online identifiers) solely for the purposes of providing and improving the Services. Prior to providing any personal information to the Services, Partner is fully responsible for ensuring that each Customer (or Partner itself) has obtained the consent of the associated individual, in accordance with Applicable Law, to the use of his/her information by Secureframe in accordance with this Agreement. Partner represents and warrants that it has all rights necessary, including any consents required hereunder or by Applicable Law, to provide or make available the Customer Data (including personal data) or other materials in connection with its use of the Services, and to permit Secureframe to use the same as contemplated hereunder. Partner will not use the Services to transmit or provide to Secureframe any financial or medical information of any nature, or any sensitive personal data (such as social security numbers, driver’s license numbers, birth dates, personal bank account numbers, passport or visa numbers, or credit card numbers).

2.10 Suspension. Secureframe reserves the right to suspend Partner’s, Customer’s (or any Authorized User’s) access to the Services, or delete or disable any content submitted thereto, immediately: (a) if Partner or Customer breaches Section 2 or Section 4 of this Agreement, or breaches any other provision and fails to correct that breach within the applicable cure period; or (b) as it deems reasonably necessary to respond to any actual or potential security or availability concern that may affect Secureframe or its partners, customers or users.

2.11 Partner Responsibilities. Partner is solely responsible for: (a) all uses of the Services under its account (whether or not authorized); (b) all acts and omissions of its Authorized Users, including ensuring that it and its Authorized Users only provide, use and manage access to the Services in compliance with this Agreement and all Applicable Law (any breach of this Agreement by an Authorized User shall be deemed a breach by Partner); (c) the entry, accuracy, integrity and legality of Customer Data and the means by which it acquires and uses such Customer Data; (d) using commercially reasonable efforts to prevent unauthorized access to or use of the Services, including keeping login credentials secure (and promptly notifying Secureframe in the event of any such unauthorized access or use); and (e) determining whether the Services are suitable or sufficient for it and its Customers’ business purposes.

2.12 Third-Party Services. Partner’s use of third-party products or services that are not licensed to Partner directly by Secureframe (“Third-Party Services”) shall be governed solely by the terms and conditions applicable to such Third-Party Services, as agreed to between Partner and the third party. Secureframe does not endorse or support, is not responsible for, and disclaims all liability with respect to Third-Party Services, including the privacy practices, data security processes and other policies related to Third-Party Services. Partner agrees to waive any claim against Secureframe with respect to any Third-Party Services. Partner may enable integrations between the Services and Third-Party Services (each, an “Integration”). By enabling an Integration between the Services and its or its Customers’ Third-Party Services, Partner is instructing Secureframe to share the Customer Data necessary to facilitate the Integration. Partner is responsible for providing all instructions to any Third-Party Service provider relating to Customer Data. Secureframe and Third-Party Service providers are not sub-processors of each other.

3. Fees

3.1 Fees. Partner shall pay all amounts invoiced by Secureframe relating to any applicable Order Form, according to the payment schedule set forth therein. Except as otherwise specified herein or in any applicable Order Form: (a) fees are quoted and payable in United States dollars; and (b) payment obligations are non-cancelable and non-pro-ratable for partial months, and fees paid are non-refundable. Secureframe reserves the right to change the fees or applicable charges and to institute new charges and fees at the end of each Customer’s initial term, or then current renewal term, upon forty-five (45) days prior notice to Partner (which may be sent by email).

3.2 Late Payment. Secureframe may suspend access to the Services immediately upon notice if Partner fails to pay any amounts hereunder at least fifteen (15) days past the applicable due date.

3.3 Taxes. All amounts payable hereunder are exclusive of any taxes, including any direct or indirect local, state, federal or foreign taxes, levies, duties or similar government assessments of any nature (such as VAT, GST, excise, sales, use or withholding taxes) (collectively “Taxes”). Partner will be solely responsible for payment and reimbursement of all Taxes associated with its purchases hereunder, except for taxes based on Secureframe’s net income. Partner will not withhold any Taxes from any amounts due hereunder.

4. Confidential Information and Proprietary Rights

4.1 Proprietary Rights. Except as expressly set forth herein, Secureframe (and its licensors, where applicable) exclusively retains all right, title and interest (including all Intellectual Property Rights) relating to the Services and Secureframe Confidential Information.

4.2 Feedback. Partner may from time to time provide Secureframe suggestions or comments for enhancements or improvements, new features or functionality or other feedback (“Feedback”) with respect to the Services. Secureframe will have full discretion to determine whether to proceed with the development of any requested enhancements, new features or functionality. Secureframe will have the full, unencumbered right, without any obligation to compensate or reimburse Partner, to use, incorporate and otherwise fully exploit any such Feedback in connection with its products and services.

4.3 Confidential Information. Each party agrees that it will use the Confidential Information of the other party solely in accordance with the provisions of this Agreement and it will not disclose, or permit to be disclosed, the same directly or indirectly, to any third party without the other party’s prior written consent, except as otherwise permitted hereunder. Notwithstanding the foregoing, either party may disclose Confidential Information: (a) to its employees, officers, directors, attorneys, auditors, financial advisors, contractors, and other representatives who have a need to know and are legally bound to keep such information confidential by confidentiality obligations consistent with those of this Agreement (and for whom each party is responsible for any breach of this Agreement); and (b) as required by law (in which case, to the extent legally permitted, the receiving party will limit the disclosure to that required by law and provide the disclosing party with prior written notification thereof in order to allow disclosing party the opportunity to contest such disclosure). Neither party will disclose the terms of this Agreement to any third party, except that Secureframe may confidentially disclose such terms to actual or potential lenders, investors or acquirers. Receiving party agrees to use the same degree of care that it uses to protect its own confidential and proprietary information to prevent the unauthorized use or disclosure of disclosing party’s Confidential Information, but in no event less than a reasonable degree of care. Promptly after disclosing party’s request, receiving party agrees to return or destroy disclosing party’s Confidential Information; provided, however, that receiving party shall be entitled to retain copies of Confidential Information solely to the extent necessary for purposes of such party’s ordinary course records retention and backup policies and procedures, or to comply with Applicable Law, provided that such Confidential Information is treated as such for so long as it is retained. Each party acknowledges the irreparable harm that improper disclosure of Confidential Information may cause; therefore, the injured party will be entitled to seek immediate injunctive and other equitable relief, in addition to all other remedies, for any violation or threatened violation of this Section or Section 2.8 “Restrictions.”

4.4 Performance Metrics and Machine Learning. Partner acknowledges that a fundamental component of the Services is the use of machine learning and performance metrics for the purpose of providing and improving Secureframe’s products and services. Notwithstanding anything to the contrary, Secureframe may collect, use, aggregate, de-identify and/or anonymize (during and after the Term) information related to Partner’s use of the Services to train its algorithms through machine learning techniques, monitor performance, create analytics and statistical data, or for any other purpose permitted by Applicable Law.

5. Warranties and Disclaimers

5.1 Secureframe Warranties. Secureframe represents and warrants that: (a) the Services will, under normal and authorized use in full compliance with this Agreement, perform materially in accordance with the Documentation; and (b) it will not knowingly include, in the Services provided to Partner hereunder, any computer code or other computer instructions, devices or techniques, including those known as viruses, disabling devices, trojans, or time bombs, designed to intentionally disrupt, disable, harm, or infect the operation of a network, computer program or computer system or any component thereof, including Customer Data. If, at any time, the Services do not conform to the warranty set forth in this Section 5.1, Partner may promptly notify Secureframe in writing of any such noncompliance and Secureframe will, within 30 days of receipt of such notification, either correct the noncompliance or provide Partner with a plan for correcting the noncompliance. If the noncompliance is not corrected or if a reasonably acceptable correction plan is not established during such period, Partner may terminate this Agreement and receive a pro-rata refund of any pre-paid subscription fees related to the terminated portion of the applicable Order Form(s) as its sole and exclusive remedy for such noncompliance.

5.2 Reciprocal Warranties. Each party represents and warrants to the other party that it has the legal power and authority to enter into this Agreement.

5.3 DISCLAIMERS. EXCEPT AS EXPRESSLY STATED IN THIS SECTION 5, THE SERVICES AND ANYTHING ELSE PROVIDED IN CONNECTION WITH THIS AGREEMENT IS PROVIDED TO PARTNER STRICTLY “AS IS” AND “AS AVAILABLE,” WITHOUT WARRANTIES OF ANY KIND, INCLUDING ANY WARRANTIES THAT THE SERVICES WILL OPERATE ERROR-FREE OR WITHOUT INTERRUPTION, OR BE FREE OF SECURITY DEFECTS. ALL CONDITIONS, REPRESENTATIONS AND WARRANTIES, WHETHER EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, TITLE, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE HEREBY DISCLAIMED BY SECUREFRAME TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW. THE PARTIES AGREE THAT THE SERVICES DO NOT CONSTITUTE LEGAL ADVICE AND ARE ONLY INTENDED AS TOOLS FOR ASSISTING PARTNER IN ASSISTING WITH ITS CUSTOMERS’ COMPLIANCE EFFORTS, FOR WHICH PARTNER AND CUSTOMER ARE SOLELY RESPONSIBLE, AND SECUREFRAME WILL HAVE NO LIABILITY OR RESPONSIBILITY WHATSOEVER FOR ANY PARTNER OR CUSTOMER COMPLIANCE PROGRAMS.

5.4 BETA PRODUCTS. FROM TIME TO TIME, PARTNER MAY HAVE THE OPTION TO UTILIZE FREE OR BETA PRODUCTS, FEATURES OR DOCUMENTATION (COLLECTIVELY, “BETA PRODUCTS”) OFFERED BY SECUREFRAME. BETA PRODUCTS MAY NOT BE GENERALLY AVAILABLE, ARE PROVIDED STRICTLY “AS IS,” AND SHALL NOT BE SUBJECT TO ANY REPRESENTATIONS, WARRANTIES, INDEMNIFICATION OBLIGATIONS OR SUPPORT OBLIGATIONS, AND UNLESS PROHIBITED BY LAW, SECUREFRAME WILL HAVE NO LIABILITY RELATED TO SUCH BETA PRODUCTS IN EXCESS OF $1,000.00. PARTNER OR SECUREFRAME MAY TERMINATE ACCESS TO BETA PRODUCTS AT ANY TIME FOR ANY OR NO REASON.

6. Indemnification

6.1 Indemnification by Secureframe. Secureframe will defend Partner against any claims, actions, demands or proceedings (“Claim”) made or brought against Partner (except any Claim brought by a Customer) by an unaffiliated third party alleging that the use of the Services as permitted hereunder infringes or misappropriates any third party copyright, trademark, US patent, or trade secret, and will indemnify Partner for any damages (including reasonable attorney’s fees) finally awarded by a court of competent jurisdiction against Partner, or agreed upon in settlement by Secureframe, in connection with any such Claim.  Notwithstanding the foregoing, Secureframe shall have no obligation or liability for any Claim of infringement or misappropriation to the extent that it arises out of or relates to: (a) Third-Party Services, Customer Data, or Partner or Customer designs, guidelines or specifications; (b) modifications made other than by Secureframe; (c) combination of the Services with a non-Secureframe application, product, data or business process, where the Services would not be infringing alone; (d) continued use of the Services after Partner or Customer has been notified of modifications or substitutes, to the extent use of such modifications or substitutes would have prevented the Claim; or (e) use of the Services in a manner not strictly in accordance with this Agreement and all related Documentation (clauses (a) through (e), “Excluded Claims”). If the use of the Services has become, or in Secureframe’s opinion is likely to become, the subject of any Claim of infringement, Secureframe may at its sole option and expense: (i) procure for Partner and each applicable Customer the right to continue using and receiving the Services as set forth hereunder; (ii) replace or modify the Services to make them non-infringing (with comparable functionality); or (iii) if the options in clauses (i) or (ii) are not commercially practicable, terminate this Agreement solely with respect to the infringing portion of the Services and provide a pro-rata refund of any pre-paid subscription fees related to the terminated portion of the applicable Order Form(s). This Section states Secureframe’s sole and exclusive liability and obligation, and Partner’s exclusive remedy, for any Claim of any nature related to infringement or misappropriation of Intellectual Property Rights. 

6.2 Indemnification by Partner. Partner will defend Secureframe and its officers, directors, employees and agents against any Claim made or brought against Secureframe by a third party relating to the Excluded Claims or Partner’s breach of Section 2 “Services and Responsibilities,” and Partner will indemnify Secureframe and its officers, directors, employees and agents for any damages finally awarded against Secureframe (or any settlement approved by Partner) in connection with any such Claim.

6.3 Indemnification Procedures. The party entitled to seek coverage pursuant to this Section 6 (the “Indemnified Party”) shall: (a) promptly notify the other party obligated to provide such indemnification (the “Indemnifying Party”) in writing of any such claim; (b) give sole control of the defense and settlement of any such claim to the Indemnifying Party (provided that Indemnifying Party may not settle any claim in a manner that adversely affects Indemnified Party’s rights, imposes any obligation or liability on the Indemnified Party or admits liability or wrongdoing on the part of Indemnified Party, in each case, without Indemnified Party’s prior written consent); and (c) provide all information and assistance reasonably requested by the Indemnifying Party, at the Indemnifying Party’s expense, in defending or settling such claim. The Indemnified Party may join in defense with counsel of its choice at its own expense.

7. Limitation of Liability

EXCEPT FOR EACH PARTY’S INDEMNIFICATION OBLIGATIONS OR PARTNER’S BREACH OF SECTION 2 “SERVICES AND RESPONSIBILITIES” OR SECTION 3 “FEES,” IN NO EVENT SHALL EITHER PARTY BE LIABLE FOR: (A) ANY LOST PROFITS OR REVENUE, LOSS OR CORRUPTION OF DATA, OR FOR ANY INDIRECT, SPECIAL, COVER, PUNITIVE, INCIDENTAL OR CONSEQUENTIAL DAMAGES, ARISING UNDER THIS AGREEMENT, IRRESPECTIVE OF WHETHER THE PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES OR SUCH DAMAGES WERE OTHERWISE FORESEEABLE; OR (B) ANY AGGREGATE LIABILITY ARISING OUT OF OR RELATED TO THIS AGREEMENT IN EXCESS OF THE TOTAL AMOUNTS PAID OR PAYABLE TO SECUREFRAME UNDER THE ORDER FORM GIVING RISE TO LIABILITY IN THE TWELVE (12) MONTH PERIOD IMMEDIATELY PRECEDING THE EVENT FIRST GIVING RISE TO THE LIABILITY. THE FOREGOING DISCLAIMERS SHALL NOT APPLY TO THE EXTENT PROHIBITED BY APPLICABLE LAW. THE LIMITATIONS SET FORTH IN THIS SECTION 7 SHALL APPLY NOTWITHSTANDING THE FAILURE OF THE ESSENTIAL PURPOSE OF ANY LIMITED REMEDY AND REGARDLESS OF THE LEGAL OR EQUITABLE THEORY ON WHICH CLAIMS ARE BROUGHT (WHETHER IN CONTRACT, TORT (INCLUDING NEGLIGENCE) OR OTHERWISE).

8. Termination

8.1 Term. The Term of this Agreement begins on the Effective Date and continues until all Order Forms have expired or been terminated. Except as set forth in an applicable Order Form, the subscription term of such Order Form will automatically renew for successive renewal terms equal to the length of the subscription term on the initial Order Form (“Renewal Term”), unless either party provides the other party with written notice of non-renewal at least thirty (30) days prior to the end of the then-current term.

8.2 Termination. Each party may terminate this Agreement or an applicable Order Form upon written notice to the other party in the event: (a) the other party commits any material breach of this Agreement or the applicable Order Form and fails to cure such breach within thirty (30) days after receipt of notice of such breach; or (b) subject to Applicable Law, upon the other party’s liquidation, commencement of dissolution proceedings or assignment of substantially all its assets for the benefit of creditors, or if such party become the subject of bankruptcy or similar proceeding that is not dismissed within sixty (60) days.

8.3 Effect of Termination. Immediately when this Agreement expires or terminates for any reason, all rights and licenses provided to Partner under this Agreement shall terminate, Partner shall cease signing up new Customers to use the Services or renewing any Customer Agreements with existing Customers, and Secureframe will cease providing the Services to Partner and its Customers. In the event that Secureframe terminates this Agreement under Section 8.2, Partner shall provide Secureframe with the contact information for each Customer and reasonably assist Secureframe in transitioning any Customers desiring to continue using the Services to Secureframe. Upon termination of this Agreement all rights and obligations will immediately terminate except that any terms or conditions that by their nature should survive such termination will survive, including the Restrictions and terms and conditions relating to confidential information and proprietary rights, disclaimers, indemnification, limitations of liability, termination and the general provisions below.

9. General

9.1 Export Compliance. Each party will comply with the export laws and regulations of the United States, European Union and other applicable jurisdictions in providing and using the Services. Partner may not, and may not allow Customers to, export, re-export, resell or otherwise access or provide access to the Services in violation of Applicable Law, including access or use in any embargoed country or other jurisdiction where such access or use is prohibited. Each party represents that it is not named on any U.S. government denied-party list.

9.2 Publicity. Partner agrees that Secureframe may refer to Partner’s name and trademarks in Secureframe’s marketing materials and website to identify Partner as a partner of Secureframe; however, Secureframe will not use Partner’s name or trademarks in any other publicity (e.g., press releases and case studies) without Partner’s prior written consent (which may be by email).

9.3 Assignment. This Agreement is not assignable, transferable or sublicensable by Partner except with Secureframe’s prior written consent, which shall not be unreasonably withheld. Secureframe may transfer and assign any of its rights and obligations under this Agreement. Any attempted assignment, delegation, or transfer in violation hereof will be null and void. Subject to the foregoing, this Agreement will be binding on the parties and their permitted successors and assigns.

9.4 Relationship. The parties are independent contractors, and nothing contained herein will in any way constitute any association, partnership, agency, employment or joint venture between the parties hereto, or be construed to evidence the intention of the parties to establish any such relationship. Neither party will have the authority to obligate or bind the other in any manner outside the scope of this Agreement. This is a non-exclusive relationship, and the parties acknowledge and agree that Secureframe is free to enter into the same or similar relationships on the same or different terms with other third parties, and to market, promote, license and sell products and services, including the Services, to any other third parties in its sole discretion.

9.5 Severability. If a court of competent jurisdiction determines that any provision of this Agreement is invalid, illegal, or otherwise unenforceable, such provision will be enforced as nearly as possible in accordance with the stated intention of the parties, while the remainder of this Agreement will remain in full force and effect and bind the parties according to its terms.

9.6 Governing Law. Compliance. This Agreement is governed by and construed in accordance with the laws of the State of California and the federal U.S. laws applicable therein, excluding its conflicts of law provisions. For purposes of any dispute or claim related to this Agreement, Partner and Secureframe agree to submit to the personal and exclusive jurisdiction of the courts located in San Francisco County, California. The parties agree that the United Nations Convention on Contracts for the International Sale of Goods will not apply to this Agreement. Each party will comply with all Applicable Law.

9.7 Notices. Any notice required or permitted to be given hereunder will be given in writing by personal delivery, certified mail, return receipt requested, or by overnight delivery. Secureframe may provide notice using the information provided in the most recent Order Form and Partner may provide notice using the contact information provided on https://secureframe.com/contact. Notices regarding the Services in general may be given by electronic mail to Partner’s email address on record with Secureframe.

9.8 Entire Agreement. This Agreement and any Order Form(s) constitutes the entire agreement of the parties concerning its subject matter and is intended to be the final expression of their Agreement, and supersede all prior and contemporaneous agreements, proposals, or representations, whether written or oral. No failure or delay in exercising any right hereunder shall constitute a waiver of such right. No amendment or waiver of any provision of this Agreement or any Order Form shall be effective unless in writing and signed by an authorized representative of Partner and Secureframe and will only be given effect as to the specific provision and circumstances for which it was given. Notwithstanding the foregoing, no force or effect shall be given to any different or additional terms contained in any purchase order, partner form or other vendor form issued by Partner or any Customer, even if signed by Secureframe after the date hereof. In the event of any conflict between this Agreement and any applicable DPA or CCPA Addendum, the DPA and/or CCPA Addendum will govern.

9.10 U.S. Government Use.  The Services are commercial computer software as defined in FAR 2.101. Any related documentation, technical data, or services are also commercial. In accordance with FAR 12.212 and DFARS 227.7202, all rights conferred in the Services, related documentation, technical data, or any deliverable to the United States Government are specified solely in this Agreement. All other uses are prohibited and no ownership rights are conferred.

9.11 Force Majeure. Any delay or failure in the performance of any duties or obligations of either party (except the payment of money owed) will not be considered a breach of this Agreement if such delay or failure is due to a labor dispute, fire, earthquake, flood, cyber-attack, war, or any other event beyond the reasonable control of a party, provided that such party promptly notifies the other party thereof and uses commercially reasonable efforts to resume performance as soon as possible.

9.12 Anti-Corruption. Partner agrees that it has not received or been offered any illegal or improper bribe, kickback, payment, gift, or thing of value from any Customer or Secureframe employee or agent in connection with this Agreement. If Partner learns of any violation of the above restriction, Partner will promptly notify Secureframe.

9.13 Interpretation. For purposes hereof, “including” or “such as” means “including without limitation”.