Terms of Service

This MASTER SUBSCRIPTION AGREEMENT (“Agreement) is entered into between AppViewX, Inc., New York Corporation having its office at 222 Broadway, FL19, New York NY 10038 (hereinafter called “AppViewX” or “Company” including its successors and assigns) and you as the customer (hereinafter called “you” or the “Customer” including their successors and assigns) on behalf of itself and its affiliates. This Agreement governs the terms on which AppViewX licenses to Customer SaaS Services (as defined below), whether in connection with a paid or free trial. If you are entering into this Agreement on behalf of an entity, this Agreement shall be expressly binding on all employees, directors and officers, agents, and assigns who access or use the SaaS Services.

By accepting this Agreement, either by executing an Order Form, accessing or using the Services, or authorizing or permitting any agent or representative to access or use the Services, Customer agrees to be bound by this Agreement as of (i) the date of purchase of the Services, or (ii) the start date of trial Services, as the case may be (the “Effective Date”). If you are agreeing to this Agreement on behalf of an organization or entity, you are representing to AppViewX that you have the authority to bind such organization or entity and its affiliates to this Agreement. If you do not have such authority, or if the Customer does not agree with this Agreement, the Customer must not use or authorize any use of the Services and contact [email protected] to request any changes.

If Customer has entered into a separate written agreement with AppViewX regarding the use of the Services, then the terms of that agreement will prevail and will govern Customer’s use of the applicable Services. If purchasing through an Authorized Reseller (as defined herein), the Authorized Reseller is responsible for the accuracy of any such order entered into between the Authorized Reseller and the Customer, and the terms in any order or agreement between the Authorized Reseller and the Customer shall not vary or modify the terms of this Agreement.

1. DEFINITIONS: As used in this Agreement:

1.1. “Account-Related Information” means contact information, payment information, and biographical information about Customer’s representatives and contacts used for marketing, opening new user accounts to use the SaaS Services, and to maintain existing accounts.

1.2. “Certificates” shall mean the digital certificates or electronic credentials used to certify the Customer or Customer’s network.

1.3. “ADC” means application delivery controller and related network services such as ADC (Load Balancers, DDI (DNS, DHCP, IPAM), Web application Firewalls (WAF)), ITSM and DevOps tools, where the Services are measured by the number of Nodes as applicable.

1.4. “Cloud Connectors” means the software provided by AppViewX which enables secured network connectivity with the SaaS Services.

1.5. “Customer Content” means (i) the data provided by the Customer for use in connection with the Services including infrastructure assets such as Certificates, ADCs, PKIs, and other similar data and materials (ii) any other data Customer submits to AppViewX in connection with the use of the Services (not including Account-Related Information).

1.6. “Customer System” or “Application” shall mean any computer systems or servers used by the Customer for its business purposes.

1.7. “Device Certificates” means all certificates not falling under server certificate category (e.g. device, user, code signing, OT/IoT certs) fall under this category. These certificates may be deployed on laptops or any other mobile devices, IoT/OT Devices.

1.8. “IoT Devices” means devices at a Customer-owned location or a Customer premises, but excludes any of Customer’s consumer locations or other end customer locations to which Customer may resell goods or services.

1.9. “Managed Certificates” means Certificates in the inventory with ‘managed’ flag and are eligible for at least one lifecycle action (enroll, renew, revoke, install, push, bind) in addition to monitoring and analytics. Managed Certificates may be of the type Server Certificates or Device Certificates.

1.10. “Monitored Certificates” means Certificates in the inventory with ‘monitored’ flag are eligible for lifecycle monitoring and analytics. Typical action for these certificates is to get alerted for certificate expiry. Monitored certificates may be of type Server Certificates or Device Certificates.

1.11. “Nodes” means the connected network devices such as Application Delivery Controllers (ADC), Web App Firewalls (WAF), Network Firewalls, DDI, routers, servers, proxy, switches, or DevOps tools that can receive and send data from one endpoint to the other. A Node can also be a unique web application that is addressable via URI or URL such as - Service Now, JIRA, BMC Remedy, Source Control Management (GITLab, GitHub, BitBucket). Example of Nodes - ADC Devices/Controllers/Service Engines/Virtual Instances (VE’s) , DDI, ITSM tool.

1.12. “Order Form” means the order form agreed to between AppViewX and the Customer or between AppViewX and AppViewX authorized reseller (“Authorized Reseller”) in case the order is placed through the Authorized Reseller, with details the Services being licensed, along with the Subscription Fees, and other commercial terms for access and use of the Services.

1.13. “PKI” means public key infrastructure.

1.14. “Professional Fees” means consulting, implementation or other services that may be provided by AppViewX to Customer hereunder and that may involve analysis, development, technical support, integration, and training, as set forth in more detail in the SOW or Order Form.

1.15. “Server Certificates” means Certificates having ‘serverauth’ as one of the key usage (KU) or extended key usage (EKU) configured are counted in this category. These Certificates are typically deployed on application delivery infrastructure like web server, app server, load balancer, and firewall.

1.16. “SaaS Services” or “Services” means the provision of the cloud based Software together with the Software Agents and Cloud Connectors as a platform to the Customer in a hosted, software-as-a-service format, and including all upgrades, updates and patches to the SaaS Services that AppViewX makes available for general release.

1.17. “Software” means the computer programs in object code and procedure statements in machine executable form together with the Software Agents and Cloud Connectors and Company’s Standard Documentation including user manuals for use therewith that is provided independently or together with Services including any updates or new versions.

1.18. “Software Agents” means the software provided by AppViewX which enables automation.

1.19. “Standard Documentation” means operation manual, user guide and other reference documentation related to the Services made available to the Customer by AppViewX.

1.20. “Subscription Fee” means the applicable Fee paid or payable annually in advance by the Customer for the right to use the Services, as mentioned in the applicable Order Form.

1.21. “Subscription Term” shall mean that period specified in the applicable Order Form, beginning on the start date set forth in the Order Form, during which Customer will have on-line access and use of the Software. Except as set forth otherwise in the Order Form, the Subscription Term shall renew for a successive time period equivalent to the initial Subscription Term (each a “Subscription Renewal Term”), unless a different time period is specified for renewal in the Order Form or the Agreement is terminated in accordance with Section 6 herein.

1.22. “Third Party Software” means any software developed by a third party the rights to which was obtained by AppViewX and incorporated into the development and construction of the Platform.

1.23. “User” means any individual authorized by the Customer to use the Services.

2. APPVIEWX SERVICES:

2.1. Customer will purchase and AppViewX will provide the SaaS Services as specified in the applicable Order Form. Customer may access and use these Services during the Subscription Term solely for its own business purposes and in accordance with the terms and conditions of this Agreement, the Documentation and any scope of use restrictions designated in the applicable Order Form (including any limits on number of Certificates, or for ADC any limits on the number or capacity of Nodes, as applicable).

2.2. During the Subscription Term, Customer will receive a non-exclusive, non-assignable, non-sublicensable, royalty free, worldwide right to access and use the SaaS Services solely for its internal business operations for use in production or evaluation testing, subject to the terms of this Agreement.

2.3. Customer has the option to avail the Software Agents and Cloud Connector in connection with the Software and the SaaS Services, if applicable.

2.4. Customer acknowledges that this Agreement is a services agreement and AppViewX will not be delivering copies of the Software to Customer as part of the SaaS Services.

2.5. Customer acknowledges that AppViewX may acquire the rights to Third Party Software which has been or may be implemented within the products and services offered by AppViewX, and AppViewX may rely on third party suppliers for the provision of web hosting services or other cloud environment or infrastructure services.

2.6. The Professional Services, if applicable, shall be provided upon payment of applicable additional fees as agreed in accordance with the Statement of Work (SOW) and the Order Form.

2.7. In the event that the Customer receives a free trial of the Services, Customer is granted a limited, revocable license to use the Services solely for testing and evaluation purposes only and not for commercial use solely for the license term provided by AppViewX. AppViewX provides the evaluation Services “as-is” without warranties or indemnities of any kind and AppViewX disclaims liability for the Customer’s use of the evaluation Services. Any feedback on the Services received by AppViewX from the Customer during the evaluation shall constitute Confidential Information and trade secrets of AppViewX. In addition, notwithstanding anything to the contrary in this Agreement, AppViewX shall not retain any Customer Content during a free trial of the Services and Customer shall not be entitled to retrieve any Customer Content upon expiration or termination of the free trial of Services.

3. RESTRICTIONS:

Customer shall not, and shall not permit anyone to: (i) copy or republish the SaaS Services or Software, (ii) make the SaaS Services available to any person other than authorized User, (iii) use or access the SaaS Services to provide service bureau, time-sharing or other computer hosting services to third parties, (iv) modify or create derivative works based upon the SaaS Services or Documentation, (v) remove, modify or obscure any copyright, trademark or other proprietary notices contained in the software used to provide the SaaS Services or in the Documentation, (vi) reverse engineer, decompile, disassemble, or otherwise attempt to derive the source code of the Software used to provide the SaaS Services, except and only to the extent such activity is expressly permitted by applicable law, or (vii) access the SaaS Services or use the Documentation in order to build a similar product or competitive product. In the case of a free trial of the SaaS Services, the Customer understands and agrees that certain additional limitations shall apply for use of the Software or Services, including but not limited to the number of Certificates for discovery in a time period or the number of ADC Device backups to be performed during a specified time period.

4. CUSTOMER OBLIGATIONS:

4.1 Assistance: Customer shall be responsible for providing AppViewX with commercially reasonable information and assistance necessary to complete all onboarding tasks required to enable Customer to use the Services. Upon request from AppViewX, Customer shall promptly deliver Customer Content to AppViewX in an electronic file format accessible by AppViewX. Customer acknowledges that AppViewX’s ability to deliver the SaaS Services in the manner provided in this Agreement may depend upon the accuracy and timeliness of such information and assistance. AppViewX shall from time to time track and monitor the Software’s performance and availability for troubleshooting any technical issues faced by the Customer

4.2 Administrator Access: Customer shall be solely responsible for the acts and omissions of its authorised Users. AppViewX shall not be liable for any loss of data or functionality caused directly or indirectly by the Users.

4.3 Customer Content: Customer is solely responsible for collecting and updating all Customer Content, and for ensuring that the Customer Content does not (i) include anything that actually or potentially infringes or misappropriates the copyright, trade secret, trademark or other intellectual property right of any third party, or (ii) contain anything that is obscene, defamatory, harassing, offensive or malicious. Customer shall: (i) notify AppViewX immediately of any unauthorized use of any password or user id or any other known or suspected breach of security, (ii) report to AppViewX immediately and use reasonable efforts to stop any unauthorized use of the Service that is known or suspected by Customer or any User , and (iii) not provide false identity information to gain access to or use the Service. Customer owns and shall retain all right title and interest in and to the Customer Content which is (i) provided by Customer to AppViewX for the purpose of the provision of the Service and/or the Professional Services; (ii) created by Customer using the Service; and/or (iii) to the extent applicable, created by AppViewX specifically for Customer under the provision of Professional Services except anywork related to AppViewX proprietary software, and which incorporates or is based on Customer’s copyrighted work and/or Customer’s Confidential Information.

5. OWNERSHIP AND INTELLECTUAL PROPERTY RIGHTS:

5.1 AppViewX Intellectual Property Rights: All rights, title and interest in and to the Software and SaaS Services (including without limitation all intellectual property rights therein and all modifications, extensions, customizations, scripts or other derivative works of the Services provided or developed by AppViewX) and anything developed or delivered by or on behalf of AppViewX under this Agreement (including without limitation deliverables and tools as such terms are defined in the Professional Services SOW) are owned exclusively by AppViewX or its licensors. Except as provided in this Agreement, the rights granted to Customer do not convey any rights in the Services, express or implied, or ownership in the Services or any intellectual property rights thereto. Customer grants AppViewX a royalty free, worldwide, perpetual, irrevocable, transferable right to use, modify, distribute and incorporate into the Services (without attribution of any kind) any suggestions, enhancement request, recommendations, proposals, correction or other feedback or information provided by Customer or any Users related to the operation or functionality of the Services. Any rights in the Services or AppViewX’s intellectual property not expressly granted herein by AppViewX are reserved by AppViewX. AppViewX trademarks, service marks, logos and product and service names are marks of AppViewX (the "AppViewX Marks"). Customer agrees not to display or use the AppViewX Marks in any manner without AppViewX’s express prior written permission. The trademarks, logos and service marks of AppViewX Online Master Subscription Agreement for SaaS 042022 Page 4 of 9 Third Party Application providers ("Marks") are the property of such third parties. Customer is not permitted to use these Marks without the prior written consent of such third party which may own the Mark.

5.2 Feedback: Customer, from time to time, may submit comments, questions, suggestions or other feedback relating to any AppViewX product or service to AppViewX (“Feedback”). AppViewX may freely use or exploit Feedback in connection with any of its products or services without the need to pay compensation for any use of such Feedback

5.3 Usage Data: AppViewX may compile statistical information related to the performance of the Services for purposes of improving the products and services offered by AppViewX, provided that such information does not identify Customer’s data or include Customer’s name.

5.4 License from Customer: Subject to the terms and conditions of this Agreement, Customer shall grant to AppViewX a limited, non-exclusive and non-transferable license, to copy, store, configure, perform, display and transmit Customer Content solely as necessary to provide the SaaS Services to Customer pursuant to this Agreement.

5.5 Authorized Licenses: Authorized Licenses: The Customer shall ensure that usage of the Services complies with the authorized quantity of licenses procured under this Agreement, where applicable. In the event Customer desires to purchase extra licenses Customer shall procure additional licenses under a separate Order Form, which shall be subject to the terms and conditions of this Agreement. Upon providing Customer with notice of the scope and information to be collected and reviewed, AppViewX shall have the right to audit the number of licenses used by the Customer. If the usage is found to be in excess of licensed quantity, AppViewX shall present an invoice to Customer for any overage, payable as per Section 7 of this Agreement, and the Customer shall be required to pay the overage or reduce the number of licenses accordingly.

6. TERM AND TERMINATION:

6.1 Term: Subject to payment of the applicable Subscription Fee, this Agreement shall be valid for the entirety of the Subscription Term as purchased by the Customer. Subject to payment of the applicable Subscription Fee and any other fees applicable for such extended period, and unless specified otherwise in the applicable Order Form, this Agreement shall automatically renew for the Subscription Renewal Term unless either party gives written notice of non-renewal to the other party at least thirty (30) days’ prior to expiration of the Agreement.

6.2 Termination for Cause: Either Party may terminate this Agreement, if the other party materially breaches any provision of this Agreement and does not cure such breach within 30 (thirty) days after receiving written notice thereof from the other party. In the event of such termination of the Agreement by the Customer, for the cause attributed to AppViewX, Customer shall be entitled to a pro-rata refund of the prepaid Subscription Fee for the unused Subsription Term.

6.3 Effect of Termination: Upon any expiration or termination of this Agreement, Customer will immediately cease any and all use of and access to all Services (including any and all related AppViewX Confidential Information) and delete any and all copies of the Software and Documentation, any passwords or access codes and any other AppViewX Confidential Information in its possession. AppViewX shall be entitled to recover possession from the Customer of all copies of the Software (however amended) supplied to the Customer and/or in existence at the time of expiration or termination or require the Customer to destroy the same and certify on oath that it has done so and cease to use any Software Agents and clients provided as part of this Agreement. For clarity, in the event of termination, Customer shall have thirty (30) days to retrieve Customer Content or it may be deleted by AppViewX. AppViewX shall not be liable for Customer Content that is deleted in accordance with this provision.

6.4 Suspension for Ongoing Harm: AppViewX may suspend Customer’s or Users’ access to, or use of, the Services if AppViewX believes that (a) there is a significant threat to the functionality, security, integrity, or availability of the Services or any content, data, or applications in the Services; or (b) Customer or Users are accessing or using the Services to commit an illegal act. When reasonably practicable and lawfully permitted, AppViewX will provide Customer with advance notice of any such suspension. AppViewX will use reasonable efforts to re-establish the Services promptly after AppViewX determines that the issue causing the suspension has been resolved. During any suspension period, AppViewX will make Customer Content (as it existed on the suspension date) available to Customer. Any suspension under this Section shall not excuse Customer from Customer’s obligation to make payments under this Agreement.

6.5 Survival: Sections 3, 6, 7, 11, 13 and 14 of this Agreement shall survive the expiration or termination of this Agreement for any reason.

7. FEES & PAYMENT:

The following provisions shall apply where the Customer purchases from AppViewX directly. When purchasing the Services from an Authorized Reseller, the payment terms and conditions negotiated independently between the Customer and the Authorized Reseller shall control

7.1. The Subscription Fee is payable in advance annually unless otherwise specified in the Order Form. All fees are as set forth in the applicable Order Form and are due within thirty (30) days from the date of invoice. AppViewX shall deliver the invoice for the Subscription Fee, fees for professional services, if applicable, and other applicable fees as prescribed in the final quote of AppViewX duly approved Order Form or purchase order from Customer and the invoice shall be payable within 30 days from the date of invoice. Late payments are subject to interest of one (1%) per month or the highest rate permitted by law, whichever is lower. The Subscripton Fee will be subject to increase by 8% per annum over the previous year’s Fee.

7.2. In addition to the fees described above, the Customer shall pay directly all taxes, including value added tax, withholding tax, and duties (present and future) whatsoever nature with respect to this transaction, howsoever levied.

7.3. AppViewX reserves the right to suspend delivery of the SaaS Services and Customer’s access to and/or use of the Services if Customer fails to timely pay any undisputed amounts due to AppViewX under this Agreement, but only after AppViewX has provided Customer two (2) notices, and at least thirty (30) days have passed since the transmission of the first notice. Suspension of the SaaS Services shall not release Customer of its payment obligations under this Agreement. Customer agrees that AppViewX shall not be liable to Customer or to any third party for any liabilities, claims or expenses arising from or relating to suspension of the SaaS Services resulting from Customer’s non-payment.

8. WARRANTIES:

8.1 Limited Warranty: AppViewX warrants that during the Term, the Software and the Services, when used in accordance with the standard documentation and as permitted under this Agreement, will operate in substantial conformance with the functions specified in the Standard Documentation and AppViewX will use commercially reasonable efforts to provide corrections to any aspect of the Services which does not so perform as long as the subscription is renewed and the Customer is current on all payments due. Except as expressly provided herein, AppViewX makes no warranties of any kind, whether express, implied, statutory or otherwise, and AppViewX specifically disclaims all implied warranties including any implied warranties of merchantability, noninfringement, or fitness for a particular purpose.

8.2 Warranty Disclaimer: APPVIEWX DOES NOT GUARANTEE THAT THE SAAS SERVICES WILL BE PERFORMED ERROR-FREE OR UNINTERRUPTED, OR THAT APPVIEWX WILL CORRECT ALL SAAS SERVICES ERRORS. CUSTOMER ACKNOWLEDGES THAT APPVIEWX DOES NOT CONTROL THE TRANSFER OF DATA OVER COMMUNICATIONS FACILITIES, INCLUDING THE INTERNET, AND THAT THE SAAS SERVICE MAY BE SUBJECT TO LIMITATIONS, DELAYS, AND OTHER PROBLEMS INHERENT IN THE USE OF SUCH COMMUNICATIONS FACILITIES.THIS SECTION SETS FORTH THE SOLE AND EXCLUSIVE WARRANTY GIVEN BY APPVIEWX (EXPRESS OR IMPLIED) WITH RESPECT TO THE SUBJECT MATTER OF THIS AGREEMENT. NEITHER APPVIEWX NOR ANY OF ITS LICENSORS OR OTHER SUPPLIERS WARRANT OR GUARANTEE THAT THE OPERATION OF THE SUBSCRIPTION SERVICE WILL BE UNINTERRUPTED, VIRUS-FREE OR ERROR-FREE, NOR SHALL APPVIEWX OR ANY OF ITS SERVICE PROVIDERS BE LIABLE FOR UNAUTHORIZED ALTERATION, THEFT OR DESTRUCTION OF CUSTOMER’S OR ANY USER’S DATA, FILES, OR PROGRAMS.

9. AVAILABILITY, SERVICE LEVELS AND SUPPORT:

AppViewX shall provide standard support as per the Service Level Agreement as long as Subscription Fee is paid and not in arrears. The Service Level Agreement (“SLA”) for the SaaS Services is set forth under the Support Terms. The SLA sets forth AppViewX Online Master Subscription Agreement for SaaS 042022 Page 6 of 9 Customer’s sole remedies for availability or quality of the SaaS Services including any failure to meet any guarantee set forth in the SLA.

10. INDEMNIFICATION:

10.1 Indemnification by AppViewX: AppViewX shall indemnify, defend, and hold harmless Customer and Customer’s officers, directors, employees, agents, permitted successors and permitted assigns (each, an "Indemnitee") from and against any and all losses incurred by Customer resulting from any claim by a third party that the Services, or any use of the Services in accordance with this Agreement, infringes or misappropriates such third party's patent, trademark, copyright, or trade secret rights (“Intellectual Property Claim”). This Section does not apply to the extent that the alleged Intellectual Property Claim arises from: (a) combination, operation, or use of the Services in or with, any technology (including any software, hardware, firmware, system, or network) or service not provided by AppViewX or specified for use in the Standard Documentation; (b) modification of the Services other than: (i) by AppViewX in connection with this Agreement; or (ii) with AppViewX’s express written authorization and in strict accordance with AppViewX’s written directions and specifications; (c) use of any version of the Services other than the most current version or failure to timely implement any modification, update, or replacement of the Services made available to Customer by AppViewX; (d) use of the Services after AppViewX’s notice to Customer of such activity's alleged or actual infringement, misappropriation, or other violation of a third party's rights; (e) negligence, abuse, misapplication, or misuse of the Services or Standard Documentation by or on behalf of Customer or a third party; (f) use of the Software, Services or Standard Documentation by or on behalf of Customer that is outside the purpose, scope, or manner of use authorized by this Agreement; (g) events or circumstances outside of AppViewX’s commercially reasonable control (including any third-party hardware, software, or system bugs, defects, or malfunctions); or (h) claims or losses based on Customer’s gross negligence or willful misconduct.
In the event of an Intellectual Property Claim, AppViewX may, at its option and cost: (a) obtain the right for Customer to continue to use the Services as contemplated by this Agreement; (b) modify or replace the Services, in whole or in part, to seek to make the Services non-infringing, while providing equivalent features and functionality; or (c) terminate this Agreement, in its entirety or with respect to the affected part or feature of the Services, effective immediately on written notice to Customer, in which event: (i) Customer shall cease all use of the Services immediately on receipt of notice; and (ii) provided that Customer fully complies with its post-termination obligations set, Customer shall be entitled for prorata refund of the prepaid Subscription Fee for the affected Services for the unused Subscription Term after termination.

10.2 Indemnification Procedure: Indemnitee shall promptly notify AppViewX (“Indemnitor”) in writing of any claim for which Customer believes it is entitled to be indemnified pursuant to Section 10. Indemnitee shall cooperate with Indemnitor at the Indemnitor's sole cost and expense. The Indemnitor shall promptly assume control of the defense and investigation of such claim and shall employ counsel reasonably acceptable to the Indemnitee to handle and defend the same, at the Indemnitor's sole cost and expense. The Indemnitee may participate in and observe the proceedings at its own cost and expense with counsel of its own choosing. The Indemnitor shall not settle any claim on any terms or in any manner that adversely affects the rights of any Indemnitee without the Indemnitee's prior written consent, which shall not be unreasonably withheld or delayed. The Indemnitee's failure to perform any obligations under this Section 10 will not relieve the Indemnitor of its obligations under this Section 10, except to the extent that the Indemnitor can demonstrate that it has been prejudiced as a result of such failure.

11. LIMITATION OF LIABILITY:

11.1. In no event shall either Party be liable for special, exemplary, incidental, consequential, punitive or tort damages resulting from loss of use, data, profits or business arising out of or in connection with this Agreement, including without limitation AppViewX Online Master Subscription Agreement for SaaS 042022 Page 7 of 9 any such damages arising out of or in connection with this Agreement, whether or not a Party has been advised of the possibility of such damages.

11.2. EXCEPT FOR INTELLECTUAL PROPERTY INDEMNIFICATION CLAIMS, DEATH, PERSONAL INJURY, OR CLAIMS WHICH CANNOT BE LIMITED BY LAW, IN NO EVENT WILL THE AGGREGATE LIABILITY OF EITHER PARTY ARISING OUT OF OR RELATED TO THIS AGREEMENT, WHETHER ARISING UNDER OR RELATED TO BREACH OF CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY OR ANY OTHER LEGAL OR EQUITABLE THEORY, EXCEED THE TOTAL AMOUNT PAID TO APPVIEWX UNDER THE APPLICABLE PURCHASE ORDER OR ORDER FORM IN THE TWELVE (12) MONTH PERIOD PRECEDING THE EVENT GIVING RISE TO THE CLAIM.

12. Data Protection.

12.1. Applicable Definitions:

12.1.1. "Applicable Privacy Law(s)" means all worldwide data protection and privacy laws applicable to the Personal Data in question, including all applicable US federal and state laws and, in respect of Personal Data originating from the European Economic Area, EU Directive 95/46/EC (as superseded, amended or replaced); and

12.1.2. "Personal Data", "processing", "Controller" and "Processor" shall have the meanings given to them in Applicable Privacy Law(s). If and to the extent that Applicable Privacy Law(s) do not define such terms, then the definitions given in EU Directive 95/46/EC (as amended, superseded or replaced) will apply.

12.2. In the course of its use of the Services, Customer may transfer, send or otherwise disclose files or other information containing Personal Data to Company in connection with a support request or submission of threats. In such cases, Customer isthe Controller of the Personal Data and Company shall process the Personal Data as a Processor on Customer’s behalf. Further, the parties agree that:

12.2.1. Customer shall be responsible for compliance with Applicable Privacy Law(s) and ensuring Customer hasthe right to transfer, or provide access, to Company for these purposes;

12.2.2. Customer shall be responsible for taking any and all steps Customer considers necessary to protect any Personal Data, such as by removing, obfuscating or encrypting, prior to sending it to Company;

12.2.3. Company will process such Personal Data only for the purpose of providing the Services and in accordance with Customer’s lawful instructions;

12.2.4. Company shall have in place appropriate technical and organizational measures designed to protect the Personal Data it processes from any unauthorized or unlawful processing and against accidental loss, destruction or damage; and

12.2.5. If Customer is sending Personal Data originating from the European Economic Area and wish to execute the standard contractual clauses for the transfer of Personal Data to Processors (as approved by the European Commission) and Company’s data processing addendum (“DPA”), Company will, upon Customer’s request, provide and execute such standard contractual clauses and DPA.

12.3.AppViewX shall have in place, maintain and periodically test, such business continuity and disaster recovery plans as are required to ensure continuity of Services in the event of a disaster or other event which, in the absence of appropriate business continuity and disaster recovery plans, would cause an interruption to the Services.

12.4. Customer further understands and agrees and consents to AppViewX’s collection and use of the Customer’s information, if and to the extent applicable, as set forth in AppViewX’s Privacy Policy.

13. CONFIDENTIAL INFORMATION.

Each party (as “Receiving Party”) agrees that all code, inventions, know-how, business, technical and financial information, trade secrets, and other information it obtains from the disclosing party (“Disclosing Party”) constitute the confidential property of the Disclosing Party (“Confidential Information”), provided that it is identified as confidential at the time of disclosure or should be reasonably known by the Receiving Party to be confidential or proprietary due to the nature of the information disclosed and the circumstances surrounding the disclosure. All pricing information is AppViewX’s Confidential Information. Any AppViewX intellectual property, performance information relating to any Service, and the terms and conditions of this Agreement will be deemed Confidential Information of AppViewX without any marking or further AppViewX Online Master Subscription Agreement for SaaS 042022 Page 8 of 9 designation. Customer Content will be deemed Confidential Information of Customer without the need for any marking or further designation. Except as expressly authorized herein, the Receiving Party will (1) hold in confidence and not disclose any Confidential Information to third parties and (2) not use Confidential Information for any purpose other than fulfilling its obligations and exercising its rights under this Agreement. The Receiving Party may disclose Confidential Information to its employees, agents, contractors and other representatives having a legitimate need to know (including, for AppViewX, its subcontractors), provided that such representatives are bound to confidentiality obligations no less protective of the Disclosing Party than this Section and that the Receiving Party remains responsible for compliance by any such representative with the terms of this Section. The Receiving Party’s confidentiality obligations will not apply to information that the Receiving Party can document: (i) was rightfully in its possession or known to it prior to receipt of the Confidential Information; (ii) is or has become public knowledge through no fault of the Receiving Party; (iii) is rightfully obtained by the Receiving Party from a third party without breach of any confidentiality obligation; or (iv) is independently developed by employees of the Receiving Party who had no access to such information. The Receiving Party may make disclosures to the extent required by administrative or judicial process, applicable law, or court order, provided the Receiving Party notifies the Disclosing Party in advance and reasonably cooperates in any effort to obtain confidential treatment. The Receiving Party acknowledges that disclosure of Confidential Information would cause substantial harm for which damages alone would not be a sufficient remedy, and therefore that upon any such disclosure by the Receiving Party the Disclosing Party will be entitled to seek appropriate equitable relief in addition to whatever other remedies the Disclosing Party might have at law.

14. MISCELLANEOUS PROVISIONS:

14.1 NON-EXCLUSIVE: This Agreement does not limit or restrain the right of AppViewX to execute agreements for the provision of similar services to those described in this Agreement to other customers or end-users.

14.2 PUBLICITY: AppViewX may use Customer's name and logo on AppViewX's Company website, general list of customers, and other marketing materials solely to identify Customer as an AppViewX customer (without revealing any Customer Confidential Information or the terms of this Agreement). With Customer's consent, AppViewX may issue a press release, obtain a Customer testimonial, or use Customer as a reference.

14.3 COMPLIANCE WITH LAWS: Each party shall comply with all applicable laws, including the export laws and regulations of the United States and other applicable jurisdictions in providing and using the Services. Without limiting the foregoing, (i) each party represents that it is not named on any U.S. government list of persons or entities prohibited from receiving exports, and (ii) Customer shall not permit Users to access or use Services in violation of any U. S. export embargo, prohibition or restriction.

14.4 FORCE MAJEURE: If the whole or any part of the performance by either party of their respective obligations hereunder is prevented or delayed by causes, circumstances or events beyond the control of such party, including delays of third parties in transportation, strikes, labor troubles, electrical failures, floods, fires, accidents, earthquakes, riots, explosions, wars, hostilities, acts of government, custom barriers, or other causes of like character beyond the control of such party, then to the extent such party shall be prevented or delayed from performing all or any part of its obligations hereunder by reason thereof despite due diligence and reasonable efforts to do so notwithstanding such causes, circumstances or events, then such party shall be excused from performance hereunder for so long as such causes, circumstances or events shall continue to prevent or delay such performance.

14.5 NON-ASSIGNMENT: Neither party may assign this Agreement or any right under this Agreement, without the consent of the other party, which consent shall not be unreasonably withheld or delayed; provided however, that either party may assign this Agreement without the other party’s consent in connection with a merger, acquisition, corporate reorganization, or sale of all or substantially all of its assets. This Agreement shall be binding upon and inure to the benefit of the parties’ successors and permitted assigns. Either party may employ subcontractors in performing its duties under this Agreement, provided, however, that such party shall not be relieved of any obligation under this Agreement.

14.6 GOVERNING LAW: This Agreement, and any dispute relating to or arising out of this Agreement, will be governed by and in accordance with the laws of New York, without giving effect to the conflict of laws provisions. For all disputes arising out of this Agreement, the parties consent to the exclusive jurisdiction of the federal and state courts located in New York.

14.7 NOTICES: Any notice required to be given hereunder shall be given in writing, either by overnight courier or by registered mail with postage prepaid, return receipt requested, in each case addressed (a) to AppViewX, by sending to the addresses as first set out above to the attention of the Legal Department, or (b) to Customer at the address as listed in the Order Form or as provided upon registration of the Services. Either party may designate a subsequent address for the purpose of receiving notices pursuant to this Agreement. Any notice so sent shall be deemed to have been given ten (10) business days after the same was mailed if sent by registered mail and five (5) business days if sent by overnight courier.

14.8 UPDATES ON THE WEBSITE: This Agreement may be updated from time to time and posted on the Company’s website. Customer’s use of the Services after such revision has been posted is acceptance of its terms. Except as updated by AppViewX on the Company website, no modification, amendment, or waiver shall be effective unless in writing and signed by authorized representatives of both parties. No indulgence or forbearance by either party under this Agreement shall be deemed to constitute a waiver of its rights to insist on performance in full and in a timely manner of all covenants under the Agreement and any such waiver in order to be binding upon a party must be expressed in writing and signed by such party and then such waiver shall be effective only in the specific instance and for the purpose for which it is given.

14.9 ENTIRE AGREEMENT: This Agreement, including any Order Form, constitutes the entire agreement between the parties as to the subject matter hereof and supersedes all previous and contemporaneous agreements, whether written or oral, with respect thereto. No terms or conditions set forth on any purchase order, preprinted Customer order form, or other document from the Customer shall add to or vary the terms and conditions of this Agreement and such terms are of no force or effect on AppViewX. In the event of any inconsistency or conflict between the terms of the Agreement and the terms of any Statement of Work or Order Form entered into between AppViewX and the Customer, the terms of the Order Form or Statement of Work shall control. This Agreement applies to purchases made through an Authorized Reseller and this Agreement shall control in the event of any inconsistency with the Customer’s agreement with the Authorized Reseller.