Engaiz

End User License Agreement (EULA) - India

LAST UPDATED : 06 FEBRUARY,  2024

SOFTWARE AS A SERVICE (SAAS)

TERMS AND CONDITIONS – For India Clients and Users

These Software as a Service (SaaS) and Services Terms and Conditions (“Terms” or this “Agreement”) govern the purchase of the license to the Software and access to Services by the Client and its Users (“you”, “your”, and terms of similar meaning) made available by ENGAIZ Inc. and its subsidiary ENGAIZ GRC Solutions Private Limited (“we”, “us”, “Provider” and terms of similar meaning) and its suppliers, made pursuant to an executed Subscription Agreement (defined below).

 

This Agreement is deemed fully executed when the Client electronically agrees to the Terms at the time of sign-up on the Providers website. By executing a Subscription Agreement, or by accessing or using the Services, you agree to be bound by these Terms, and all terms, policies and guidelines incorporated by reference in these Terms. If a Client registers for a Basic Subscription (referred to as “Trial Term”) of the Services, the applicable provisions of these Terms will also govern that Trial Term.

 

The Subscription Agreement is automatically deemed to include all of the terms and conditions of these Terms; provided that whenever the provisions of the Subscription Agreement expressly conflict with these Terms, the conflicting provisions of the Subscription Agreement control and shall take precedence over the conflicting provisions of the Terms.


These Terms apply in their entirety to the Client. However, only specific sections (2, 3, 4, 7, 9.5-9.7, 11, 13, 14.1-14.4, 14.6) apply to Users. Please see definitions of Client and Users in section 1.

1. DEFINITIONS

1.1Administrator” means a person or persons assigned by the Client to have the authority to act as the administrator of the Software on behalf of the Client.

1.2Advisory Services” means professional consulting services as more particularly described in the Subscription Agreement and any additional Schedules.

1.3Applicable Law” means all applicable requirements, laws, statutes, codes, acts, ordinances, orders, decrees, injunctions, by-laws, rules, regulations, permits, licenses, authorizations, directions and agreements with all applicable government authorities, agencies, bodies or departments, having jurisdiction over this Agreement or the supply or use of the Services.

1.4Client” shall mean the organization who is bound by the terms of the Subscription Agreement and these Terms. A Client owns the subscription to the Software.

1.5Client Data” means any data or content inputted into the Software by the Client or any of its Users and hosted on the servers of the Cloud Providers.

1.6Cloud Providers” has the meaning given in Section 5.1.

1.7Fees” means the fees to be paid by the Client pursuant to the Subscription Agreement, these Terms and any applicable Schedules.

1.8Managed Services” means the practice of outsourcing the responsibility of certain functions for the purpose of improved operations and reduced budgetary expenditures by the Client to a Service Provider.

1.9Personal Information” means any information relating to identifiable individuals, the collection, use or disclosure of which is regulated by Privacy Laws of India.

1.10Privacy Laws” means any applicable central, state and local laws, regulations and rules governing the collection, use and disclosure of information relating to identifiable individuals enacted by the country, state / province or territory where the Client resides such as the India Digital Personal Data Protection Act, 2023.

1.11Provider Data” means any data or content made available through the Software by the Provider and/or its licensors.

1.12Schedule” means a schedule, which is attached to this Agreement or Subscription Agreement, or which may be added hereafter by written agreement of the parties.

1.13Services” means the use of the Software, the Advisory Services and other related services to be provided by the Provider to the Client pursuant to the Subscription Agreement.

1.14Software” means the Providers Software as a Service (SaaS) (including the Provider Data) licensed to the Client and the number of User licenses purchased by the Client pursuant to the terms of the Subscription Agreement. The Software provides a) third party vendor risk management solution b) cyber insurance risk solution c) information security certifications and compliance solution.

1.15Subscription Agreement” means (i) the Software as a Service (SaaS) Subscription Agreement; (ii) an online order specifying the Services to be provided hereunder, that is entered into between the Client and the Provider, including any Schedules, addenda and supplements thereto.

1.16Term” shall have the meaning given in Section 12.1.

1.17User” means an individual user who is permitted to use the Software. Users may include

2. PRIVACY AND SECURITY

2.1Privacy. Please refer to the privacy policy by clicking on the Privacy link of the ENGAIZ website (the “Privacy Policy”) for information on how we or our licensors collect, use and disclose your Personal Information. By using the Services, you agree to the use, collection and disclosure of personally identifiable information in accordance with the privacy policy.

2.2Security. The Provider uses Amazon Web Services (AWS) to host its Software. The Provider has successfully completed security and architecture reviews and its cloud architecture is based on the AWS Well-Architected framework. Any Client data is encrypted in transit over public networks using TLS 1.2+ to protect it from unauthorized disclosure or modification. Our implementation of TLS enforces the use of strong ciphers and key-lengths where supported by the browser. Client data is stored securely as Provider leverages Security in Amazon RDS. 

3. USER ACCOUNTS

3.1Provisioning and User Accounts. Upon agreeing to a Subscription Agreement, the initial Administrator of the Client will be permitted to register for a User account. The Initial Administrator may add other Administrators and authorize Users subject to the limitations and additional terms described in the Subscription Agreement. The Initial Administrator and other Administrators shall be deemed to have the authority to manage (including adding and removing) Users. Administrators may deactivate any User if the Administrator wishes to terminate access to the Service for any User. Access to specific features of the Services is only available to specific user types.

3.2Basic Subscription. If a Client agrees to a Basic Subscription pursuant to a Subscription Agreement or registers for a Basic Subscription on the Provider’s website, the Provider will make the applicable Services available to the Client as agreed in Subscription Agreement until the earlier of (a) the end of the Trial Term period for which the Client registered to use the applicable Services, or (b) the start date of the Initial Term under a Subscription Agreement. Additional trial terms and conditions may appear on the Basic Subscription registration web page or Subscription Agreement. Any such additional terms and conditions are incorporated into these Terms by reference. In exchange of the Client enjoying the free Services available under Basic Subscription, Client agrees to provide periodic feedback to improve the features of the Software and other terms as in Section 9.7. Any Client Data accumulated by a User during a Basic Subscription will be permanently lost unless the User, on behalf of a Client, agrees to a Subscription Agreement or exports such Client Data before the end of the Trial Term period. Notwithstanding anything to the contrary in Sections 10 and 11, during the Trial Term, the Services are provided “as-is” without any warranty, support or service levels and the Provider shall have no indemnification obligations nor liability of any type with respect to the Services for the Trial Term unless such exclusion of liability is not enforceable under Applicable Law in which case the Provider’s liability with respect to those Services provided during the Trial Term shall not exceed INR 1,00,000.

3.3Registration. Upon logging into the Software for the first time, the Administrators and Users will be prompted to register for a User account. Administrators and Users agree to: (a) provide accurate, current and complete information as may be prompted by any registration forms on the Software (“Registration Data”); (b) maintain the security of the their password; (c) maintain and promptly update the Registration Data, and any other information the they provide to the Software, and to keep it accurate, current and complete; and (d) accept all risks of unauthorized access to the Registration Data and any other information provided to Provider. The Client shall be responsible for all activity by Users on the Software, including the activity performed on the Software through the User accounts by an agent, representative, employee (including former employees who maintained access to the Services), or any other person acting on behalf of such User. It is the responsibility of the Client to delete User accounts or otherwise remove access to Users who should no longer be active (e.g. a User who is no longer an employee or contractor of the Client or a vendor of the Client).

4. LICENSE TO SOFTWARE AND LICENSE RESTRICTIONS

4.1License to Software. Provider hereby grants to Client and authorized Users a non-exclusive, non-transferable license to use the Software and solely permit the Client and Users to use the functionality contained within the Software for legitimate purposes during the Term.

4.2Compliance. The software, data and other technology that Provider makes available, and derivatives thereof may be subject to export laws and regulations of the United States, Canada, India and other jurisdictions. Each party represents that it is not named on any U.S. , Canada, India government denied-party list. Client shall not permit users to access or use the Provider technology in a U.S.-embargoed country (currently Cuba, Iran, North Korea, Sudan or Syria) or in violation of any U.S. , Canada, India or international export law or regulation.

4.3License Restrictions. Except as set forth in this Agreement, the Subscription Agreement, any Schedule and to the extent contrary by Applicable Law: the Client and User may not (a) make or distribute copies of the Software; (b) alter, copy, merge, adapt, reformat, download, or translate the Software, or decompile, reverse engineer, disassemble, or otherwise reduce the Software through automated or other means to a human-perceivable form, including, without limitation, using the Services in conjunction with, or combining content therefrom with, content obtained through scraping or any other means outside the Services, or any part thereto; (c) sell, rent, share, lease, transfer, distribute, display, host or sublicense the Software (except as is incidental or necessary for the provision of the Software to Users); (d) modify the Software or create derivative works based upon the Software; provided however that the foregoing will not restrict Client’s rights to exploit any Client Data which may be incorporated into, reside in, or form a part of the Software; (e) use the Services in a manner that breaches the rights of any third party, any contract (including this Agreement or Third Party Licenses) or legal duty or violate any Applicable Law; (f) copy the Services or any part, feature, function or user interface thereof; (g) access or use the Services in any way for the purposes of competing with the Services or in order to build a competitive product or service; and/or (h) use the Services other than for its intended purposes, including, without limitation, in a manner that, as determined by the Provider in its sole discretion, constitutes excessive or abusive usage.

5. HOSTING AND SUPPORT

5.1Hosting. The Provider will cause the Software to be hosted on a cloud server maintained by one or more reputable third-party providers (“Cloud Providers”). The Provider will be responsible for contracting with the Cloud Providers, and for paying all fees and charges of the Cloud Providers. All Client Data stored on the Services is located on servers operated by the Amazon Web Services (AWS) Cloud Provider in India. Provider has the capability to provide a different geography or country as required by the Client which will be specifically addressed in the Subscription Agreement.

5.2Support, Training. Support, maintenance and training Services are provided to the Client in accordance with the terms of the Provider’s service level agreement as detailed in Annexure “A” or in the Subscription Agreement in which case the service level agreement in the Subscription Agreement will take precedence. The service level agreement applies only to paid subscription plans.

5.3Backups. The Provider will create a backup or cause its Cloud Providers to create a backup of the Software (including all Client Data) no less frequently than once every twenty-four (24) hours. Upon request from the Client, the Provider will provide the Client with a copy of the most recent backup available. In the event of any loss or damage to Client data, Client’s sole and exclusive remedy shall be for Provider to use reasonable commercial endeavors to restore the lost or damaged Client data from the latest back-up of such Client data maintained by Provider in accordance with its backup process.

5.4Disaster Recovery. All of Providers services run on the cloud (Amazon Web Services). Provider does not host or run own routers, load balancers, DNS servers or physical servers. Provider Software is securely hosted in a AWS Region, that is compliant with SOC 2. Our cloud architecture is based on AWS Well-Architected framework which is built on six pillars – operational excellence, security, reliability, performance efficiency, cost optimization and sustainability. Provider shall maintain and implement disaster recovery procedures in accordance with our Cloud Providers commitment of 99% availability.

6. ADVISORY SERVICES or MANAGED SERVICES

6.1General Procurement Agreement. The Client and the Provider may sign one (1) or more Schedules with respect to Advisory Services or Managed Services to be supplied by the Provider and acquired by the Customer. Each Schedule shall contain a statement of the Advisory Services to be provided pursuant to the Schedule, the applicable Fees, and the expectations of the parties as to the timing of performance of the Advisory Services pursuant to such Schedule.

6.2Order of Interpretation. Each Schedule is automatically deemed to include all the terms and conditions of the Subscription Agreement and these Terms; provided that whenever the provisions of a Schedule expressly conflict with the Subscription Agreement or these Terms, the agreements should be interpreted in the following order: (a) the conflicting provisions of the Schedule control and take precedence over the conflicting provisions of the Subscription Agreement and these Terms, then (b) the conflicting provisions of the Subscription Agreement shall take precedence over the conflicting provisions of these Terms.

6.3Change Request. If the Client wishes at any time to request a change in the Advisory Services or Managed Services under the Subscription Agreement or a particular Schedule, or if the Client requests the Provider to provide Advisory Services or Managed Services outside the scope that are specifically specified in the Subscription Agreement or a Schedule, the parties will work towards the execution of a new Schedule outlining the additional Services.

6.4Services. The Provider shall in all material respects perform the Advisory Services or Managed Services in accordance with the Subscription Agreement, these Terms and the applicable Schedule(s), and in a timely, diligent and professional manner. However, the timely and effective completion of the Advisory Services or Managed Services requires the successful co-operation of the parties and the timely performance by each of them of their obligations hereunder, including delivery by Client to Provider of information and materials and the timely performance by Client of the various activities, in each case either expressly or implicitly described in the Subscription Agreement or a Schedule, as the case may be.

7. CLIENT REPRESENTATIONS AND WARRANTIES; CLIENT RESPONSIBILITIES

7.1Client Representations and Warranties. The Client represents and warrants that the Client’s use of the Services and the use of the Services by the Client’s Users will (a) be consistent with this Agreement and any licenses provided; and (b) comply with Applicable Law. The Client shall be liable for the acts and omissions of any of its Users, directors, officers, employees, contractors, representatives or agents as if such act or omission were an act or omission of the Client.

7.2Responsibilities. The Client agrees (a) that it shall be responsible for providing and maintaining its own Internet access with the necessary bandwidth speeds as recommended by the Provider and all necessary telecommunications equipment, services, software and other materials (collectively, “Client Equipment”) at the Client’s location(s) necessary for accessing the Services; (b) the Client represents and warrants that it has the right to enter into this Agreement and to allow the Provider to perform the Services; and (c) the Client is solely responsible for providing, updating, uploading, modifying and maintaining the Client Data.

7.3Client Indemnity Regarding Use of Services and Client Data. The Client shall be solely responsible for all inputs, selection and use of the Services and all Client Data or other data transmitted, received or created using the Services, even if transmitted, received or created by someone else, and the Client agrees to defend, indemnify and hold the Provider, its directors, officers, employees, agents, contractors and affiliates harmless from any loss, damage or liability which may result therefrom or from any breach by the Client or its Users of this Agreement.

7.4Acceptable Use of the Services. The Client and its Users may not:

(a)use, or encourage, promote, facilitate or instruct others to use the Services for any illegal, harmful, threatening, abusive, harassing, tortious, indecent, obscene, libelous, menacing, offensive or invasive of another person’s privacy use or to transmit, store, display, distribute or otherwise make available content that is illegal, harmful, threatening, abusive, harassing, tortious, indecent, obscene, libelous, menacing, offensive or invasive of another person’s privacy;

(b)use the Services to violate the security or integrity of any network, computer or communications system, software application, or network or computing device;

(c)interfere with or disrupt the Services or servers or networks connected to the Services or disobey any requirements, procedures, policies or regulations of networks connected to the Services or misuse the Software by introducing viruses, defects, trojans, worms, logic bombs or other material or item which is technologically harmful or destructive in nature;

(d)attempt to gain unauthorized access to the Software, the server on which the Software is stored, or any server, computer or database connected to the Cloud Provider;

(e)attack the Software via a denial-of-service attack or a distributed or malicious denial-of service attack;

(f)remove any legal, copyright, trademark or other proprietary rights notices contained in or on materials the Client receives or accesses pursuant to this Agreement;

(g)make network connections to any users, hosts, or networks unless the Client has permission to communicate with them;

(h)distribute, publish, send or facilitate the sending of unsolicited mass e-mail or other messages, promotions, advertising or solicitations (like ‘spam’), including commercial advertising and informational announcements; and/or

(i)use the Services in any way so as to bring the Services, or any part thereof or any third-party related thereto, or the Provider into disrepute.

The Provider reserves the right, but does not assume the obligation, to investigate any violation of this Section or misuse of the Services.

8. FEES, EXPENSES AND PAYMENT

8.1Fees. In consideration for the Services described herein, the Client shall pay to the Provider the Fees more particularly described in the Subscription Agreement or within the Software’s Subscription Management module accessible to the Client Administrator upon logging into the Software. Except as otherwise specified herein or in the Subscription Agreement or within the Software’s Subscription Management module, (i) the Fees are based on the Services purchased and not actual usage, (ii) payment obligations are non-cancelable and Fees paid are non-refundable, and (iii) a subscription type (pertaining to certain User quantities) cannot be decreased during the relevant subscription term.

8.2The Provider may, increase annual Fees by 5% of the then current annual Fees on the commencement of each Renewal Term. Alterations of the charges under this clause require not less than 60 days’ notice to the Client.

8.3Invoices and Payments. In case of a paid subscription plan, Client agrees to pay the Provider, in advance, for the Services in accordance with the terms of the Subscription Agreement. The Client shall have the option to pay using either i) secure online payment using credit or debit cards within the Software or ii) request an invoice which should be paid within thirty (30) calendar days of receipt (or such other time as specified in the Subscription Agreement or any Schedule). Taxes shall be identified and shown as separate items on each invoice. Late payments are subject to interest in the amount of two percent (2%) per month on overdue amounts and interest thereon.

8.4Taxes. The Client shall be responsible for all applicable sales, goods and services, harmonized sales, value added, use, excise, other similar taxes, levies and charges not otherwise included in the Fees imposed by applicable tax authorities on the provision of Services hereunder. The Client shall pay to the Provider such taxes, levies and charges which the Provider is registered to charge and collect.

8.5Suspension of Service and Acceleration. If any charge owing by the Client under these Terms or any other agreement is thirty (30) days or more overdue, the Provider may, without limiting its other rights and remedies, accelerate the Client’s unpaid fee obligations under such agreements, so that all such obligations become immediately due and payable, and suspend the Services until such amounts are paid in full.

9. INTELLECTUAL PROPERTY, CLIENT DATA AND PRIVACY

9.1Ownership of the Software. Except for any grant of licenses in this Agreement or as otherwise expressly provided in this Agreement, the Provider and its licensors, as applicable, shall retain all copyright, patent rights, trade secret rights, trademarks and other proprietary rights or interests (“Intellectual Property Rights”) in the Software. Nothing in this Agreement, the Subscription Agreement, or any Schedules shall be deemed to convey to the Client or any other party, any ownership right, in or to Software.

9.2Ownership of Client Data. The Provider acknowledges and agrees that, as between the Parties, the Client is the sole and exclusive owner of the Client Data, and that no right or interest in the Client Data, other than pursuant to Section 9.3 of this Agreement, and will be collected, handled and used by the Provider only in compliance with the terms of this Agreement. The Provider may aggregate and anonymize Client Data and use it for the purposes of providing value-added analytics for the Clients, to improve software algorithms, measure service usage, publish summaries, benchmarks and develop new features to provide Anonymized Aggregated Data.

9.3License from Client to Provider. The Client hereby grants to the Provider a non-exclusive, royalty-free, non-transferable, limited right to use during the Term, Client Data provided to the Provider solely to perform Services pursuant to this Agreement. The Provider through reseller or license agreements with other third-party data providers may have access to Client data such as business information, services offered, cybersecurity ratings, financial and credit scores, screening data on sanctions, adverse media. Provider will have exclusive ownership of Client data obtained through such legal reseller or license agreements.

9.4All Other Rights Reserved, Further Assurances. Except as expressly set forth herein or in the Subscription Agreement or a Schedule, all Intellectual Property Rights are expressly reserved by the parties. The Client or the Provider, as applicable, shall execute and deliver such instruments and take such other steps as may be requested by the Provider or the Client, as applicable, from time to time in order to give effect to the provisions of this Article.

9.5Privacy Laws. The Client and authorized Users represent that (a) they have complied with all applicable Privacy Laws in connection with the collection, use and disclosure of Personal Information, and the provision of Personal Information to the Provider complies with all applicable Privacy Laws; and (b) all individuals to whom such Personal Information relates have consented to the Provider’s collection, use and disclosure of such Personal Information for the purposes disclosed in this Agreement or our Privacy Policy.

9.6Third Party Data / Open Source Software and Sites. The Software may contain third party data, software and/or open source software, which may be subject to third party licenses or reseller agreements and require notices and/or additional terms and conditions (“Third Party Data Provider or Software Licenses”). By accepting these Terms, the Client and its Users are also accepting the Third Party Data Provider or Software Licenses, if any, set forth therein. These Third Party Data Provider or Software Licenses are made a part of and incorporated into these Terms as Annexure “B”. To view the Third Party Data Provider or Software Licenses, please contact [email protected]. The Software may also contain links to third-party websites (“Third-Party Sites”) and third-party content (“Third-Party Content”). The Client and each User may use such links to Third-Party Sites and any Third-Party Content or service provided there at their own risk. The Provider does not monitor or have any control over, and makes no claim or representation regarding, Third-Party Content or Third-Party Sites. A link to a Third-Party Site or Third-Party Content does not imply the Provider’s endorsement, adoption or sponsorship of, or affiliation with, such Third-Party Site or Third-Party Content. The Provider accepts no responsibility for reviewing changes or updates to, or the quality, content, policies, nature or reliability of, Third-Party Content or Third-Party Sites. When a User leaves the Software, this Agreement no longer governs. The Client and each User are responsible for reviewing the applicable terms and policies, including, without limitation, privacy and data gathering practices of any Third-Party Site, and the Client and User should make whatever investigation he/she/it feels necessary or appropriate before proceeding with any transaction with any third party.

9.7License by Client – Marketing & Feedback. The Client grants the Provider a worldwide, perpetual, irrevocable, royalty-free license to use and incorporate into its services any suggestion, enhancement request, recommendation, correction or other feedback provided by the Client or Users relating to the operation of the Software or the Services. Client also grants Provider permission to use its name in Provider’s marketing materials and to publish its name, trademark and/or logo on the Provider website, solely for the purpose of identifying Client as a Provider’s client. Client retains the ability to request removal of the logo at any time. Client also agrees to collaborate with Provider on developing joint marketing material, such as case-study, testimonials, social mentions or press releases. Any marketing content will be mutually decided and agreed upon.

10. DISCLAIMER AND LIMITATION OF LIABILITY

10.1Disclaimer. Except as set out in the Subscription Agreement or this Agreement, the Services are provided to the Client and authorized Users on an “as is” basis, without warranties from the Provider of any kind, either express or implied. The Provider expressly disclaims all other warranties, express or implied, including, without limitation implied warranties of merchantability, fitness for a particular purpose, title and non-infringement, unless otherwise specified in the applicable Subscription Agreement. The Provider does not warrant that the Services will be error-free or will operate without interruption. The risk assessment and ratings data provided by the Provider including Office of Foreign Assets Control (“OFAC”) matching data should not be used by Clients as a factor in establishing a business relationship. Clients must perform their own investigation before taking any decision to get into a business relationship.

10.2No Indirect, Etc. Damages. Under no circumstances shall either party be liable to the other party for any claim for (i) indirect, incidental, special or consequential damages, (ii) loss or inaccuracy of data or cost of procurement of substitute goods, services or technology, (iii) compensation for loss of profits, anticipated revenue, savings or goodwill, or (iii) exemplary, aggravated or punitive damages howsoever incurred; in each case under any theory of law or equity, arising out of or in any way related to this Agreement or any Services, even if advised of the possibility thereof. The Provider shall not be responsible for any matter beyond its reasonable control.

10.3Limitation of Aggregate Liability. Except as otherwise specifically provided under this Agreement, the liability of either party for any claim, demand or cause of action whether based on contract, tort (including negligence) or otherwise, or for any losses, damages, costs and expense (including but not limited to legal fees) (collectively, “Losses”) arising out of or resulting from this Agreement shall not exceed the Fees paid or payable by the Client to the Provider under this Agreement in the twelve (12) months preceding the Loss.

10.4Reasonableness of Limitations. The Provider, the Client and Users agree that the limitations contained in this Section 10 are reasonable in scope and form an integral part of this Agreement.

11. INDEMNIFICATION

11.1Indemnity by Client. The Client and their Users agree to defend, indemnify and hold the Provider, its directors, officers, employees, agents, contractors and affiliates, harmless from any loss, damage or liability, including all reasonable legal costs, that the Provider may incur as a result of or in connection with any third party claim relating to or resulting from any breach by the Client of the Client’s obligations under this Agreement, including its obligation to comply with all Applicable Law.

11.2Indemnity by Provider. The Provider agrees to defend, indemnify and hold the Client, its directors, officers, employees, agents, contractors and affiliates, harmless from any loss, damage or liability, including all reasonable legal costs, that the Client may incur as a result of or in connection with:

(a) any valid claim that the Software or any portion of it infringes the intellectual property rights of any third party;

(b) any third-party claim relating to or resulting from any breach by the Provider of the Provider’s obligations under this Agreement, including its obligation to comply with all Applicable Law.

12. TERM

12.1Term. The term of this Agreement (“Term”) shall commence on the Effective Date or date of acceptance of these Terms set out in the Subscription Agreement, and will continue for any term identified as a Trial Term, and if not terminated prior to the expiry of the Trial Term, then for the length of time described in the Subscription Agreement as the Initial Term (“Initial Term”). Thereafter, this Agreement will automatically renew for successive terms equal to the length of time of the Initial Term (“Renewal Terms”), unless terminated in accordance with this Agreement.

12.2Termination.

(a)Prior to Renewal. Except in the case of a month-to-month term, either party may terminate this Agreement by providing written notice to the other party at least (60) days prior to the end of the then current term. For month-to-month terms, the Client may provide thirty (30) days prior written notice to terminate this Agreement. For greater certainty, such notice may be given prior to the end of such current term, but will only take effect at the end of the then current term.

(b)Breach. Either party may terminate this Agreement if the other party materially breaches this Agreement, including any failure to make payments when due, and such other party fails to cure such breach in all material respects within thirty (30) days after being given notice of the breach from the non-breaching party.

(c)Insolvency. Either party may terminate this Agreement, upon written notice to the other party, if such other party is subject to proceedings in bankruptcy or insolvency, voluntarily or involuntarily, if a receiver is appointed with or without the other party’s consent, if the other party assigns its property to its creditors or performs any other act of bankruptcy, or if the other party becomes insolvent and cannot pay its debts when they are due.

12.3Early Termination. If this Agreement is terminated pursuant to Section 12.2 prior to the end of such current term, the Client shall pay to the Provider, as liquidated damages and not a penalty, an amount equal to the total monthly Fees (as described in the Subscription Agreement) multiplied by the number of months remaining prior to the end of such current term.

12.4Termination and Suspension of Users. Notwithstanding any provision of these Terms, the Provider reserves the right, in its sole discretion, without any notice or liability to the Client or any User, to (a) terminate a User’s license to use the Software, or any portion thereof; (b) block or prevent a User’s future access to and use of all or any portion of the Software; (c) change, suspend, or discontinue any aspect of the Software; and (d) impose limits on the Software.

12.5Effect of Termination. If this Agreement is terminated in accordance with Section 12.2, then:

(a)Each party shall promptly deliver to the other party, all papers, databases, documents, software programs, and other tangible items (including copies) constituting the other party’s Confidential Information in its possession or under its control, or on request, destroy such materials and certify that it has done so;

(b)upon a request by the Client within thirty (30) days of termination, the Provider will within fifteen (15) days of such request, provide to the Client a copy of the Client Data in a format that is readable using commercially available third party software and or the Software, including .csv, .xls and .xlsx formats; and

(c)upon a request by the Client within thirty (30) days of termination, the Provider will delete and cause to be deleted all Client Data from all computer systems owned and controlled by the Provider.

13. CONFIDENTIALITY

13.1Definition of Confidential Information. “Confidential Information” means all information, documentation, databases, computer software, designs, drawings, pictures or other images (whether still or moving), sounds and content disclosed by a party (“Disclosing Party”) to the other party (“Receiving Party”), whether orally or in writing, that is designated as confidential or that reasonably should be understood to be confidential given the nature of the information and the circumstances of disclosure. Client’s Confidential Information includes Client Data. The Provider’s Confidential Information includes the Software, the Services and the terms and conditions of this Agreement. However, Confidential Information does not include any information that (a) is or becomes generally known to the public without breach of any obligation owed to the Disclosing Party; (b) was in the lawful possession of or was known to the Receiving Party prior to its disclosure by the Disclosing Party without breach of any obligation owed to the Disclosing Party; (c) is received from a third party without breach of any obligation owed to the Disclosing Party; or (d) is independently developed by the Receiving Party, which independent development can be shown by written evidence.

13.2Protection of Confidential Information. The Receiving Party will (a) use the same degree of care that it uses to protect the confidentiality of its own confidential information of like kind (but not less than reasonable care); (b) not use any Confidential Information of the Disclosing Party for any purpose outside the scope of this Agreement; and (c) except as otherwise authorized by the Disclosing Party in writing, limit access to Confidential Information of the Disclosing Party to those of its and its affiliates’ employees and contractors who need that access for purposes consistent with this Agreement and who have signed confidentiality agreements with the Receiving Party containing protections no less stringent than those herein.

13.3Compelled Disclosure. The Receiving Party may disclose Confidential Information of the Disclosing Party to the extent compelled by law, by any court of competent jurisdiction or by any regulatory or administrative body to do so, provided the Receiving Party, if permitted by law, gives the Disclosing Party prior notice of the compelled disclosure.

13.4Destruction. Each party, upon the request of the other party or within thirty (30) days after termination of this Agreement (whichever is earlier), agrees to return and cause its representatives to return, all copies of Confidential Information belonging to or provided by the other party or destroy such copies as directed by that party and certify their destruction.

13.5Indemnity. Each party agrees to indemnify and hold the other party harmless from and against all loss or damage or any kind and nature suffered by the other party as a result of any breach by it or its representatives of its obligations relating to confidentiality contained in this Section 13.

14. GENERAL

14.1Governing Law. This Agreement shall be governed by and construed in accordance with the laws of State of Karnataka, city of Bangalore and the laws of India applicable therein.

14.2Risk and Insurance. The Provider will carry adequate insurance coverage and from time to time will review the risks and add additional coverages as required. Insurance coverages include Professional Liability (Errors & Omissions), Commercial General Liability, Technology & Cyber – Network Security and Privacy Liability, Cyber Incident Response, Cyber Crime, System Damage and Business Interruption.

14.3Survival. Any terms and conditions of this Agreement which by their nature extend beyond termination of this Agreement shall survive such termination. This includes, without limitation Section 9 (Intellectual Property, Client Data and Privacy) (but not section 9.3 (License from Client to Provider)), Section 10 (Disclaimer and Limitation of Liability), Section 11 (Indemnification), Section 12.5 (Effect of Termination), Section 13 (Confidentiality) and applicable provisions of Section 14 (General).

14.4Dispute Resolution.

(a)This Section sets out the process (the “Dispute Resolution Process”) for resolving all disputes, issues, controversies, and/or claims arising out of or in connection with this Agreement, or in respect of any legal relationship associated with or derived from this Agreement (“Disputes”).

(b)Either party may initiate the Dispute Resolution Process by sending a notice of a Dispute (a “Dispute Notice”) to the other party. Upon delivery of a Dispute Notice to either party, each party shall appoint a knowledgeable, responsible, non-lawyer, management representative to meet and negotiate in good faith with the representative of the other party in order to resolve the Dispute.

(c)All Disputes that are not resolved within thirty (30) days following delivery of a Dispute Notice shall be arbitrated. The dispute shall be referred to and finally resolved by arbitration under the LCIA India Arbitration Rules, which Rules are deemed to be incorporated by reference into this clause.

(d)Notwithstanding anything contained in the Agreement to the contrary, either party shall be entitled to seek injunctive or other equitable relief from a court of competent jurisdiction whenever the facts or circumstances would permit a party to seek such relief.

14.5Relationship. The relationship between the Client and the Provider will at all times be one of independent contractor and nothing herein shall be construed as implying an employment, partnership, or joint venture relationship. The Provider is not an employee of the Client and is not entitled to any benefits that the Client may provide to its employees. Nothing herein shall be construed as empowering either party to act as a representative or agent of the other party. Neither party shall have the authority to enter into any contract, nor to assume any liability, on behalf of the other party, nor to bind or commit the other party in any manner, except as expressly provided in this Agreement.

14.6Force Majeure. Except as expressly provided otherwise in this Agreement, dates and times by which the Client or the Provider is required to perform under this Agreement, the Subscription Agreement, or a Schedule (except for any payment obligation) will be postponed automatically to the extent and for the period of time that the Client or the Provider, as the case may be, is prevented by causes outside of its reasonable control from meeting such dates and times by reason of any cause beyond its reasonable control (provided that a lack of financial resources shall not constitute an event beyond the reasonable control of a party). The following events are deemed to be outside of a party’s reasonable control: acts of God, acts of government, acts of war, civil or military unrest, acts of public enemies, shutdowns related to global pandemics such as Covid-19, epidemics, riots, fire, unavailability of communications or electrical power service provided by third parties, governmental regulations superimposed after the fact and earthquakes, explosions, floods or other disasters provided that such causes could not have been reasonably foreseen and the risk and/or consequences of such causes mitigated on a commercially reasonable basis. The parties agree that an event shall not be considered to beyond reasonable control if a reasonable business person applying due diligence in the same or similar circumstances under the same or similar obligations as the provisions of the Subscription Agreement or Schedule would have put in place contingency plans to either materially mitigate or negate the effects of such event. A party seeking to rely on this Section must (i) notify the other party immediately and in detail of the anticipated or actual commencement of and the cause of postponement; (ii) notify the other party promptly of any material changes in the circumstances which resulted in the postponement including when the reason for the postponement is at an end; and (iii) use diligent efforts to avoid or remove such cause of non-performance and to minimize the consequences thereof, including utilizing all resources reasonably required in the circumstances including without limitation obtaining supplies or services from other resources if they are reasonably available.

14.7Non-Solicitation. During the Term and for a period of one (1) year following termination of this Agreement for any reason, neither party may, directly or indirectly, (a) solicit for employment any employee or independent contractor of the other party who was materially involved in the performance of this Agreement; or (b) induce or attempt to induce any employee or independent contractor of the other party who was materially involved in the performance of this Agreement to leave his or her employ or contract, as applicable, with such other party. The foregoing will not prevent either party from hiring any employee or independent contractor who responds to a job posting or advertisement that is not specifically targeted at such employee or independent contractor.

14.8Currency. Unless otherwise specified in the Subscription Agreement or any Schedules, all references to amounts of money in this Agreement refer to Indian (INR) currency.

14.9Notices. Notices that we give to you (other than notice of amendment of this Agreement), may be provided in any of the following ways. First, we may email the Administrator(s) at the contact information provided in the Subscription Agreement or any registration data. Second, we may post a notice on the Provider’s website. It is your responsibility to periodically review the Provider’s website for notices. The Client may provide notice to the Provider by (a) submitting a ticket through the helpdesk; or (b) e-mailing the Provider.

14.10Successors and Assigns. This Agreement shall ensure to the benefit of, and be binding on, the parties and their respective successors and permitted assigns. The Provider may assign this Agreement, in its sole discretion.

14.11Severability. Any provision of this Agreement which is prohibited or unenforceable in any jurisdiction will, as to that jurisdiction, be ineffective to the extent of such prohibition or unenforceability and will be severed from the balance of this Agreement, all without affecting the remaining provisions of this Agreement or affecting the validity or enforceability of such provision in any other jurisdiction.

14.12Entire Agreement. This Agreement, the Subscription Agreement and the Schedules constitute the entire agreement between the parties with respect to the subject matter of this Agreement and supersedes all previous negotiations, proposals, commitments, writings and understandings of any nature whatsoever.

14.13Waiver. No term or provision of this Agreement is deemed waived and no breach excused, unless the waiver or consent is in writing and signed by the party claiming to have waived or consented. Any consent by any party to, or waiver of, a breach by the other, whether expressed or implied, does not constitute a consent to, waiver of, or excuse for, any other different or subsequent breach.

14.14Fully Negotiated Agreement. The Client and the Provider acknowledge and agree that all of the provisions of this Agreement have been fully negotiated, that neither of them shall be deemed the drafter of this Agreement and that, in construing this Agreement in case of any claim that any provision hereof may be ambiguous, no such provision shall be construed in favour of one party on the ground that such provision was drafted by the other party.

14.15Language. The parties have required that this Agreement and all deeds, documents and notices relating to this Agreement be drawn up in the English language. Les parties aux présentes ont exigé que le présent contrat et tous autres contrats, documents ou avis afférents aux présentes soient rédigés en langue anglaise.

14.16Modification of Terms. The Provider may modify this Agreement at any time by (a) posting a notice on the Provider’s website or on the Software; or (b) by e-mailing the Administrator(s) of the Client. The Provider will also update the “Last Updated” date at the top of the Agreement. You are responsible for checking the Agreement whenever you access or use the Services. By continuing to access or use the Services, you are indicating that you agree to be bound by the modified terms. If the modified terms are not acceptable to you, you must stop accessing and using the Services.

14.17Questions. If you have any questions regarding these Terms or your use of the Services, please contact us here:

ENGAIZ GRC Solutions Private Limited

[email protected]

 

20 Bay Street, 11th Floor
Toronto, ON M5J 2N8. Canada.

ANNEXURE - A

SERVICE LEVEL AGREEMENTS

The following sections provide relevant details on service availability, monitoring of in-scope Services and related components.

Service Availability

Coverage parameters specific to the service(s) covered in this Agreement are as follows:

Web based Services – ENGAIZ’s web based Services will be available for a minimum of 99% within each calendar month. Scheduled Maintenance will be excluded from downtime. “Available” means that the Site is operating and all basic functions are accessible.

General Email Support

General Email support is provided during Working Hours (Monday through Friday 9:00AM – 6:00PM IST). Emails received outside of Working Hours will be collected, however no action can be guaranteed until commencement of Working Hours on the next Business Day.

 

Contact details for support are as follows: [email protected]

 

Support will be dealt with on a priority basis as determined by ENGAIZ. Priority is determined through a combination of impact and urgency, as described below. Support requests do not include new feature requests.

Priority Definitions:

Each support request shall be assigned a priority on receipt by ENGAIZ:

Priority 1: The issue or failure is causing immediate critical and significant impact on major business functions for the Client. There is no possible workaround.
Priority 2: The issue or failure is causing critical and significant impact on major business functions, but there is a workaround available; or the issue or failure will imminently cause critical and significant impact on major business functions for the Client. There is no possible workaround; or the issue or failure is causing critical and significant impact on non-core business functions, and there is no possible workaround.
Priority 3: The issue or failure is causing an impact on non-core business activities for the Client, and a workaround is available.
Priority 4: The issue or failure has limited impact or the impact is minimal and a workaround will be provided within the next calendar month.

Target Response and Resolution Targets

ENGAIZ aims to respond and to satisfactorily resolve 90% of issues submitted to it within the targeted time, as specified below.
Priority Target Response Time – confirmation by email that issue received and assigned priority Target Resolution Time
1
1 Working Hour
8 Working Hours
2
1 Working Hour
24 Working Hours
3
3 Working Hour
10 Working Hour
4
5 Working Hours
20 Working Hours
Target response and resolution times referenced above will be measured from when ENGAIZ receives a support request and has confirmed that the fault is with ENGAIZ. When there is ambiguity of where the fault lies (with ENGAIZ or the Client systems or external data providers), then the target response and resolution times will exclude the time it takes to determine and confirm the source of the fault.

Exceptions

When a support request requires information or support from an external vendor or cloud provider or a data provider or more information from the Client, ENGAIZ may take longer than the above periods to resolve such issues. Such additional time will not be counted as part of the target’s resolution times.

14.18Scheduled Maintenance

ENGAIZ will endeavor to provide the following minimum levels of notice in respect of Scheduled Maintenance. ENGAIZ will also endeavor to schedule such maintenances during non-business hours and/or weekends to minimize the impact.
Maximum Outage Period Minimum Notice
60 minutes
24 hours
Upto 4 hours
5 Business Days
Upto 8 hours
10 Business Days
Upto 24 hours
20 Business Days

ANNEXURE - B

USE OF THIRD-PARTY DATA

Provider acknowledges that it has reseller or license agreements with third-party data providers such as Experian Information Solutions, Inc., Qualys Inc, IVXS UK Limited (trading as ComplyAdvantage), SecurityScorecard Inc., ZenLeads Inc. (Apollo) (each individually known as “Third-Party Data Provider”) and that from time-to-time Provider might partner with more data providers to provide value-added services to Provider’s Client.

Client agrees to the following :
A.Restrictions on Use. In consideration for Client’s right to receive and use certain data and services (collectively, the “Services”) from Provider and Third-Party Data Providers, Client understands and certifies to Third-Party Data Providers and Provider that the Services:

(i)will be used solely in connection with a present or prospective credit or financial transaction with the business entity inquired upon or for other legitimate commercial purposes, including business research;

(ii)will not be used as a factor in establishing an individual’s eligibility for (a) credit or insurance to be used primarily for personal, family or household purposes, or (b) employment;

(iii)will be used in compliance with all applicable laws, regulations and ordinances, and all special use restrictions set forth in the Agreement or adopted by Third-Party Data Providers and/or Provider hereafter; and

(iv)will be maintained in confidence and disclosed only to persons whose duties reasonably relate to the business purposes for which the information was requested

(v)In consideration for Client’s right to receive and use the OFAC Data Matching services (collectively, the “OFAC Services”) from Provider and Third-Party Data Providers, Client understands and certifies to Provider and Third-Party Data Provider that regarding the OFAC Services that the United States Treasury Department, Office of Foreign Assets Control (“OFAC”) periodically makes available to Third-Party Data Provider a file of specially designated nationals and blocked persons. Matching of data to the OFAC list is based on very limited identification information. A match does not necessarily indicate that the individual or entity about whom Client inquired is the same individual or entity referenced by OFAC. Accordingly, if Client chooses to use OFAC data, Client acknowledges that any adverse action taken by Client against an individual or entity must be taken based on Client’s complete investigation of the individual or entity and not based solely on the OFAC information.

(B)ata Regulation that applies to International Business Data (IBD) Services provided by Experian and other Third-Party Data Providers.
Experian, through Provider, provides business information on businesses located outside of the United States, available through third party sources as such data is made available to Experian (“IBD” or “IBD Report”). Client hereby, requests access to IBD, and agrees and understands that IBD is subject to (i) foreign law and regulation and (ii) contractual restrictions. Client agrees that it will use IBD in compliance with such laws, regulations and restrictions, including European Data Regulation, use restrictions for Denmark and Norway, and any requirements and updates posted within the Online Product Accessed by Client.

(i)European Data Regulation. Business reports from countries located in the European Economic Area (“EEA”) may contain information about individuals or businesses governed by national and/or European Union legislation or regulation. Client hereby certifies that when requesting IBD on a business located in the EEA that Client has obtained consent from a representative (or where the business is unincorporated from the owner) of that business to the transfer of any personal data contained in the business report into the U.S. Such consent must be made by a clear affirmative action or statement by the individual giving the consent.

(ii)Use Restrictions for Denmark and Norway. Client agrees that IBD on businesses located within Denmark or Norway will only be used for credit decisioning purposes. Other uses such as research, anti-money laundering, know-your-customer, supply-chain management, or other purposes are not permitted.

(iii)Disclosures, Retention. Client agrees that Provider and Experian may disclose Client’s name and address to the business that is the subject of a business report provided to Client upon request of the subject business or to Experian’s data vendors and sub-contractors. Client also agrees that it will provide to Provider and Experian upon request, and that Provider and Experian may disclose to the subject business, the reason why the IBD Report was requested by Client. Client agrees to maintain information as to the reason why Client requested the IBD Report for a period three (3) years from the date it requested the report, and to provide such information to Experian upon request.

(iv)Territory. Client certifies that it will access and use IBD, including when provided in batch services, in the United States only and Client will not use the IBD services outside of the United States without the prior written consent of Provider and Experian.

C.Warranty Disclaimer and Limitation of Liability.  CLIENT FURTHER ACKNOWLEDGES AND AGREES THAT THE DATA AND SERVICES:

(i)ARE PROVIDED ON AN AS IS AND AS AVAILABLE BASIS AND ARE NOT GUARANTEED AND THAT NEITHER PROVIDER, THIRD-PARTY DATA PROVIDERS NOR THEIR SOURCES WILL BE LIABLE TO CLIENT FOR ANY LOSS OR DAMAGE BASED ON THE CONTENT OF THE DATA OR SERVICES OR ANY ERRORS OR OMISSIONS THERE FROM;

(ii)ARE SUBJECT TO THE FOLLOWING EXCLUSION OF WARRANTY. PROVIDER, THIRD-PARTY DATA PROVIDERS AND THEIR SOURCES DO NOT GUARANTEE OR WARRANT THE ACCURACY, COMPLETENESS, CURRENTNESS, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE OF THE SERVICES, DATA OR THE MEDIA ON WHICH THE DATA IS PROVIDED AND SHALL NOT BE LIABLE TO CUSTOMER FOR ANY LOSS OR INJURY ARISING OUT OF OR CAUSED IN WHOLE OR IN PART BY PROVIDER’S, THIRD-PARTY DATA PROVIDER’S OR THEIR SOURCES’ ACTS OR OMISSIONS, WHETHER NEGLIGENT OR OTHERWISE, IN PROCURING, COMPILING, COLLECTING, INTERPRETING, REPORTING, COMMUNICATING OR DELIVERING THE DATA OR SERVICES. IN NO EVENT SHALL PROVIDER, THIRD-PARTY DATA PROVIDERS OR THEIR SOURCES BE LIABLE TO CLIENT OR ANY THIRD PARTY FOR ANY INDIRECT, INCIDENTAL, CONSEQUENTIAL OR SPECIAL DAMAGES (INCLUDING BUT NOT LIMITED TO DAMAGES TO BUSINESS REPUTATION, LOST BUSINESS OR LOST PROFITS), WHETHER FORESEEABLE OR NOT, AND HOWEVER CAUSED, EVEN IF PROVIDER, THIRD-PARTY DATA PROVIDERS OR THEIR SOURCES ARE ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THIS PARAGRAPH STATES PROVIDER’S, THIRD-PARTY DATA PROVIDER’S AND THEIR SOURCES’ ENTIRE LIABILITY AND THE SOLE REMEDY OF CUSTOMER IN CONNECTION WITH THE PROVISION OF THE DATA AND SERVICES.

(iii)IF, NOTWITHSTANDING THE PRIOR PARAGRAPH, LIABILITY CAN BE IMPOSED ON PROVIDER, THIRD-PARTY DATA PROVIDERS OR THEIR SOURCES, THEN CLIENT AGREES THAT THE AGGREGATE LIABILITY FOR ANY OR ALL LOSSES OR INJURIES TO CLIENT CONNECTION WITH ANYTHING TO BE DONE OR FURNISHED UNDER THE AGREEMENT, REGARDLESS OF THE CAUSE OR THE LOSS OR INJURY (INCLUDING NEGLIGENCE) AND REGARDLESS OF THE NATURE OF THE LEGAL OR EQUITABLE RIGHT CLAIMED TO HAVE BEEN VIOLATED, SHALL NEVER EXCEED THE AMOUNT PAID TO PROVIDER FOR THE AFFECTED SERVICES AND CLIENT COVENANTS AND PROMISES THAT IT WILL NOT SUE PROVIDER, THIRD-PARTY DATA PROVIDERS OR THEIR SOURCES FOR AN AMOUNT GREATER THAN SUCH SUM AND THAT IT WILL NOT SEEK PUNITIVE DAMAGES IN ANY SUIT AGAINST PROVIDER, THIRD-PARTY DATA PROVIDERS OR THEIR SOURCES.