This SaaS Services Addendum (this “Addendum”), is in addition to the terms and conditions set forth in the Master Subscription and Services Agreement (the “Agreement”) between Unravel Data Systems, Inc. (“Unravel”) and the “Customer” under the Agreement to which this Addendum is attached (“Customer”). This Addendum governs the terms and provisions pursuant to which Unravel shall provide the SaaS Services. Capitalized terms used herein but not defined have the meaning set forth in the Agreement.
1. ADDITIONAL DEFINITIONS. As used in this Addendum:
1.1 “Customer Data” means information, data, and other content, in any form or medium, that is collected, uploaded, downloaded, or otherwise received, directly or indirectly, from Customer by or through the SaaS Services.
1.2 “SaaS Services” means Unravel’s provision of certain portions of the Software as a hosted service under the Agreement.
1.3 “Scheduled Downtime” means planned downtime of SaaS Services availability for periodic and required maintenance, including Updates to the SaaS Services and data center infrastructure, provided that Unravel provides to Customer at least forty eight (48) hours advance notice.
1.4 “Service Level Availability” or “SLA” means the targeted availability levels of the SaaS, as measured by Unravel or its designee.
2. ACCESS LICENSE. Unravel hereby grants to Customer a non-exclusive, non-transferable right, during the applicable Subscription Term, to access and use the features and functions of the applicable SaaS Services consistent with the subscription purchased and paid for by Customer. As applicable, and for the avoidance of doubt, the license set forth in this Section 2 shall be subject to all terms, conditions, restrictions and limitations set forth in the Agreement with respect to the Software, generally. In the event that Customer exceeds any usage limits of the subscription purchased, Customer will incur additional fees for such excess usage. Unless otherwise agreed in writing, Customer may not decrease its subscription to the SaaS Services during any Subscription Term. Customer will use commercially reasonable efforts to prevent unauthorized access to, or use of, the SaaS Services, and notify Unravel promptly of any such unauthorized use becomes known to Customer.
3. CUSTOMER DATA.
3.1 Ownership. As between Customer and Unravel, Customer retains all rights, title and interest in and to the Customer Data. Unravel acknowledges that it neither owns nor acquires any additional rights in and to the Customer Data not expressly granted by the Agreement or this Addendum.
3.2 Responsibility for Customer Data and Security. Customer is responsible for all changes to and/or deletions of Customer Data and the security of all passwords and other access protocols required in order to access the SaaS Services, and is solely responsible for the accuracy, quality, integrity, legality, reliability, and appropriateness of all Customer Data. Customer shall procure all rights and privileges to obtain and transfer Customer Data to Unravel under the terms of the Agreement and this Addendum. Customer’s provision of such Customer Data to Unravel shall be in compliance with all applicable laws and regulations, including but not limited to all privacy laws and regulations. Customer may not, and shall ensure its Authorized Users do not, submit the following types of information to the SaaS Services: (a) government identification numbers or financial account numbers associated with individual persons (e.g. U.S. Social Security numbers, national insurance numbers, driver’s license numbers, or personal credit card or banking account numbers); (b) medical records or health care claim information associated with individuals, including claims for payment or reimbursement for any type of medical care for an individual; (c) information regulated under the International Traffic in Arms Regulations; (d) without the express written consent of Unravel, technical data restricted under applicable laws; and (e) data designated as “sensitive” or “special category” or the like requiring extra protective measures under the applicable data protection laws and regulations. Customer agrees that the use and submission to Unravel of any such Customer Data is at Customer’s discretion, and incidental to the use of the SaaS Services. Customer represents and warrants that Customer owns or otherwise has sufficient rights or consents to grant Unravel access to and use of the Customer Data in accordance with the terms of the Agreement and this Addendum.
3.3 License to Unravel. Customer hereby grants to Unravel a royalty-free, fully-paid, non-exclusive, non-transferable, worldwide right and license to use Customer Data: (a) during the Subscription Term, for the limited purpose of performing Unravel’s obligations under the Agreement and this Addendum, and (b) during and after the Subscription Term, solely as provided in Section 3.4 below.
3.4 Data Analyses. Notwithstanding anything to the contrary, Unravel may use Customer Data to create analyses and information derived from Customer’s use of the SaaS Services (collectively, “Analyses”). Analyses will de-identify and aggregate information and will be owned by Unravel. Analyses may be used for the following purposes: (a) product and service improvement (including product/service features and functionality, workflows and user interfaces) and development of new Unravel products and services; (b) improving resource allocation and support; (c) internal demand planning; (d) improving product performance; (e) verification of security and data integrity; (f) identification of industry trends and developments; (g) developing and recommending insights and providing information for Customer and other customers and prospective customers; and/or (h) creation of indices and anonymous benchmarking.
4. CUSTOMER RESPONSIBILITIES.
4.1 Customer Systems. The operation of the SaaS Services requires access to certain products, systems, software, networks and services subscribed to and/or operated by or on behalf of Customer that Customer utilizes for Customer’s operations (excluding the Software and SaaS Services, collectively, “Customer Systems”). As between the parties, Customer is solely responsible for the Customer Systems, including without limitation, the implementation, configuration, and interconnection between and among the individual components thereof. Additionally, Customer is solely responsible for all costs and expenses, including without limitation subscription fees relating to the availability and maintenance of the Customer Systems.
4.2 Instructions. Customer may enable the SaaS Services to take certain action with respect to the Customer Systems based on the operation and functionality of the SaaS Services and the Software (“Instructions”). Customer represents, warrants and covenants that: (a) Customer has and will have the right to issue the Instructions through the SaaS Services; and (b) Customer is and will be solely responsible for the impact and effect of such Instructions. Unravel will have no liability with respect to or arising from the Instructions.
4.3 Customer Credentials. Customer is responsible for properly configuring the SaaS Services in accordance with the Documentation and securing access passwords, keys, tokens or other credentials used to Customer in connection with the SaaS Services (collectively, “Customer Credentials”). Customer agrees to use reasonable efforts to prevent unauthorized access or use of the SaaS Services and to promptly notify Unravel if Customer believes any Customer Credentials have been lost, stolen or made available to an unauthorized third party.
4.4 Prohibited Uses. Customer shall not use the SaaS Services to: (a) send any form of duplicative and unsolicited messages; (b) harvest, collect, gather or assemble information or data regarding other users; (c) transmit through the SaaS Services unlawful, immoral, libelous, tortious, infringing, defamatory, threatening, vulgar, or obscene material or material harmful to minors; (d) transmit material containing software viruses or other harmful or deleterious computer code, files, scripts, agents, or programs; (e) interfere with or disrupt the integrity or performance of the SaaS Services or the data contained therein; (f) attempt to gain unauthorized access to the SaaS Services, computer systems or networks related to the SaaS Services; or (g) interfere with another customer’s use and enjoyment of the SaaS Services.
5. SERVICE LEVEL OBJECTIVE.
5.1 Objective. Unravel shall: (a) use commercially reasonable efforts to provide at least 99.8% uptime of the SaaS Services, except for Scheduled Downtime; (b) use commercially reasonable methods to limit Scheduled Downtime so that disruption to Customer’s business is minimized; (c) use commercially reasonable methods to protect the security and integrity of Client Data. If Customer is unable to access the SaaS Services during the Subscription Term, Customer should contact Unravel Support.
5.2 Exclusions. The following events shall be excluded from the calculation of Service Level Availability: (a) force majeure events (as described in the Agreement); (b) outages due to Scheduled Downtime; (c) outages based on Customer networks or domain name server issues; (d) Customer’s configuration, scripting, coding drafted by Customer without Unravel’s authorization or knowledge; (e) general internet outages; (f) outages requested by Customer; (g) Customer changes to its environment which disrupt the proper functioning of the SaaS Services; (h) outages to remedy a security vulnerability or as required by law; and (i) inability of Customer to access the SaaS Services due to dependence on non-Unravel provided services or components.
6. SECURITY. With respect to the SaaS Services, Unravel will implement and maintain appropriate technical and organizational measures to protect Customer Data from accidental loss and from unauthorized access, use, alteration, or disclosure.
7. RETURN OF CUSTOMER DATA. After termination or expiration of the Agreement or the Subscription Term for the SaaS Services, following Customer’s written request, Unravel will provide Customer Data stored in the SaaS Services to Customer in Unravel’s standard database export format. Customer must submit such request to Unravel within thirty (30) days after termination or expiration of this Agreement or the Subscription Term for the SaaS Services. Unravel is not obligated to maintain or provide any Customer Data after such 30-day period and will, unless legally prohibited, delete all Customer Data in its systems or otherwise in its possession or under its control, and delete Customer’s instances of the SaaS Services.
8. COMPLIANCE WITH LAWS. Unravel will comply with all laws applicable to its provision of the SaaS Services, including those applicable to privacy and security of personal information (and further including mandatory trans-border data transfers and mandatory data breach notification requirements) (collectively “Applicable Laws”), but excluding laws specifically applicable to Customer and Customer’s industry that are not generally applicable to information technology service providers regardless of industry. Customer will comply with all laws applicable to Customer’s use of the SaaS Services, including those applicable to collection and processing of Customer Data in Unravel systems through the SaaS Services. Customer acknowledges that Unravel may transfer Customer Data to, and process Customer Data within, the United States of America. Customer agrees to provide any required disclosures to and obtain any required consents for the transfer of Customer Data to Unravel.