VIKINGCLOUD MASTER AGREEMENT
This Master Agreement (“Agreement”) is entered into by the applicable contracting party set forth in Section 13.4.1 (“VikingCloud”, “Provider”, “We”, “Our”, or “Us”), and the client set forth in the Order (“Client”) (each of the foregoing a “Party” and together, the “Parties”) as of the Effective Date. By agreeing to an Order that references this Agreement, VikingCloud and Client hereby agree to the following terms and conditions:
1. Orders & Services.
1.1. During the term of this Agreement, VikingCloud agrees to provide Client the services, and, if necessary, equipment or device(s) to enable VikingCloud to provide the services, which is either owned by VikingCloud, or owned by VikingCloud’s agents, suppliers, or subcontractors (“Viking Cloud Device”), as described in the applicable Order (collectively the “Services”).
1.2. The Services will be more fully described in a purchase order, subscription services agreement (SSA), statement of work, order form (via an online ordering process or otherwise), or other ordering document, that references this Agreement and is accepted by VikingCloud and identifies the Services, price, term length and other transactional information (“Order”). Such Orders are subject to the terms and conditions herein and any additional terms and conditions set forth in the applicable Order (“Additional Terms and Conditions”). Client understands and agrees that some of the Services or components thereof may be provided by a VikingCloud affiliate.
1.3. Annualized Services must be used each year during the term and cannot be used or credited in subsequent years. VikingCloud’s obligation to provide any annualized Services shall expire at the end of each relevant year of the term and any payment made by Client in relation to any such Services shall not be reimbursed. For the avoidance of doubt, Client is required and shall remain liable to pay the total fees in the applicable Order for any annualized Services not fully paid for in advance.
2. Client Obligations
2.1. Client acknowledges that VikingCloud depends on Client for certain information and access to deliver the Services and agrees to the following: (a) Client shall obtain any or all permissions, consents, licenses, authorizations, and/or access on a timely basis that are required by VikingCloud to perform the Services; (b) Client shall be responsible for use of the Services by each individual employee, agent, subcontractor, Client affiliate, or Client affiliate employee that is authorized by Client and VikingCloud to receive and use the Services under this Agreement (“User”) , including adherence to any applicable Acceptable Use Policies (AUPs) or other such similar or related polices; (c) Client will respond promptly to any VikingCloud request to provide direction, information, approvals, authorizations, or decisions that are reasonably necessary for VikingCloud to perform the Services, and VikingCloud shall be entitled to rely on all written decisions, instructions and approvals of Client; (d) Client shall provide VikingCloud with all error-free information and materials on a timely basis that are required by VikingCloud to perform the Services, including, but not necessarily limited to the Merchant Identification Number (“MID”) for each of Client’s locations that will receive the Services identified by a unique MID (“Site”); (e) Unless otherwise agreed to in an Order, Client is responsible for installing any equipment purchased from VikingCloud; (f) Client shall provide safe and hazard-free access to its qualified and trained personnel, equipment, hardware, information, data, network, software interfaces and facilities, including but not limited to modems, hardware, server, software, operating systems, network, Internet access, long distance and local telephone service, in order for VikingCloud to safely deliver the Services and Client shall maintain the compatibility of the foregoing with the Services; (g) Client shall provide reasonable remote access to the appropriate portions of Client’s computing environment, if necessary, for the purposes of providing the Services (the Services may be adversely affected if remote access is not provided, and the Parties will mutually agree upon and coordinate all security protocols involving remote access and in the event Client desires VikingCloud to adhere to or use a specific security protocol and doing so will require VikingCloud to incur a material cost, Client shall reimburse VikingCloud for such cost); (h) Client will provide adequate personnel to staff and manage projects to enable VikingCloud to deliver and complete the Services. VikingCloud is not responsible for project delays or issues related to nonperformance by Client of this obligation and (i) VikingCloud shall not be liable for breaches of this Agreement or any damages or loss incurred by any Party to the extent such breach or loss is caused by Client’s breach or failure to comply with the provisions of this Section 2.
2.2. In the event Client requests any moves, additions or other changes (collectively called “MAC(s)”) to the Services (examples: a change of the location(s) of the Site(s) where the Services are delivered; adding new Site(s) to receive the Services), Client shall provide VikingCloud at least thirty (30) days prior written notice of the requested MACs, and VikingCloud will provide Client a quote of the applicable fees and charges per VikingCloud’s change order process, if applicable to Client’s selected Services. No MACs will be implemented until a written change order is signed by the Parties.
3. Term, Termination & Survival
3.1. This Agreement shall commence on the last date an applicable Order is signed (“Effective Date”) and shall remain in effect until termination in accordance with the provisions of this Agreement. Unless otherwise stated in the Order, the term for an applicable Order shall commence on the date executed by the Parties and continue for the period as set forth in such Order. For the avoidance of doubt, in the event that any Services are delivered outside the term length of the applicable Order or such Order does not reference any governing terms and conditions, the terms and conditions of this Agreement shall apply to that Order and until the Services have been fully performed or otherwise terminated.
3.2. Either Party shall have the right to terminate this Agreement, Order, or any applicable Service for cause if the other Party materially breaches this Agreement, and the breaching Party does not cure such breach within thirty (30) days after receipt of written notice of such breach.
3.3. VikingCloud may terminate this Agreement, any Service, or any Order for cause if: (a) Client fails to pay VikingCloud when fees are due within thirty (30) days of VikingCloud providing Client notice of nonpayment; (b) the Services require third-party products or services which either: (i) substantially change in scope and/or price or (ii) VikingCloud no longer has access to such third-party product or services; (c) Client (i) becomes insolvent, makes an assignment for the benefit of creditors, becomes subject to direct control of a trustee, receiver or similar authority (ii) becomes subject to any bankruptcy or insolvency proceeding, or (iii) terminates or suspends its business; or (d) VikingCloud determines in its sole and exclusive judgment that Client, Client’s affiliates, or any of its or their directors, officers, employees, or agents, is in breach of, or is engaged in an activity that may cause it to be in breach of, Section 13.2.1.
3.4. End of life. If, during the term of the applicable Order, VikingCloud discontinues any of the Services or an Order is assigned to an affiliate of VikingCloud or to any successor in interest that cannot provide the same Services, VikingCloud (or such successor in interest) may, in its sole discretion, either: (i) replace the discontinued Services with services that are materially similar; or (ii) terminate the discontinued Services or Order.
3.5. Within seven (7) business days of termination of this Agreement, an applicable Order, or the Services, Client shall at Client’s sole expense return any Viking Cloud Device to VikingCloud at the address listed in this Agreement or a different address indicated by VikingCloud in writing. Risk of loss or damage to the Viking Cloud Device shall pass on delivery to VikingCloud and Client shall be required to reimburse VikingCloud for any damage to Viking Cloud Device(s) sustained in transit. If the Viking Cloud Device is not returned by Client within the seven (7) business day period or is not in the same condition in which received by Client, unless otherwise specified in an Order, Client will be responsible for the then-current replacement costs of such Viking Cloud Device and agrees to pay such replacement costs within thirty (30) days of the termination of this Agreement or Services.
3.6. If Client terminates this Agreement, Service or Order for any reason, Client shall pay VikingCloud for all Services performed by VikingCloud through the date of termination that have not been previously paid. If Client terminates this Agreement, any Service or Order other than for cause, then Client shall pay VikingCloud, as an early termination fee and not as a penalty, an amount equal to the sum of the fees for the remainder of the term of the applicable Order.
3.7. Any right or obligation of the Parties in this Agreement which, by its nature, should survive termination or expiration of this Agreement or an Order, will survive any such termination or expiration of this Agreement or Order.
4. Payment
4.1. Client shall pay the fees as set forth in an applicable Order. Unless otherwise specified in an Order, travel and expenses are not included in the fees and Client shall reimburse VikingCloud for all reasonable travel and out-of-pocket expenses incurred by VikingCloud in connection with the performance of the Services. Such expenses will be invoiced separately unless otherwise stated in the applicable Order. VikingCloud shall have the right to increase the fees upon each anniversary of the effective date of an Order to increase the fees therein by the greater of: (a) five percent (5%); and (b) the increase in the Consumer Price Index as published by the U.S. Bureau of Labor Statistics.
4.2. Client shall pay VikingCloud’s invoices within thirty (30) days of the date of the invoice. Invoices will be sent by email unless Client requests hard copy invoices. Any amounts not paid within thirty (30) days of the date of the invoice shall accrue interest at a rate equal to the lesser of: (a) one and one-half percent (1.5%) per month; and (b) the highest rate allowed by law; commencing upon the date a payment becomes overdue until the outstanding amount is paid in full. VikingCloud shall have the right, upon prior written notice to Client, to suspend the Services for nonpayment.
4.3. Fees are exclusive of any applicable sales, use, value added, withholding and similar taxes, duties or charges of any kind imposed by any governmental entity and Client shall pay all such amounts imposed or assessed on the Services provided, except for taxes based on VikingCloud’s income.
4.4. Unless stated otherwise in an Order Client shall pay: (a) a fee of $29 for standard shipping of any Viking Cloud Device to a Client location in the contiguous United States (not including Puerto Rico); or (b) all shipping, export, import and any other related fees incurred by VikingCloud for each shipment of a Viking Cloud Device to a Client location outside the contiguous United States (including to Puerto Rico). If expedited shipping is required, Client shall pay actual shipping and associated costs incurred by VikingCloud. In addition, unless otherwise agreed to by VikingCloud, Client shall pay for all shipping costs related to the return of any products or Viking Cloud Devices to VikingCloud.
4.5. Any purchase order issued by Client will be effective only to confirm mutually agreed upon Services and fees as set forth in the applicable Order, and all legal terms and conditions or other terms and conditions included in a purchase order or submitted with a purchase order shall be null and void for all purposes.
4.6. Client shall inform VikingCloud if it needs to reschedule or change a scheduled on-site visit by VikingCloud no less than five (5) business days in advance of the scheduled time for such visit. If Client cancels or reschedules an on-site visit by VikingCloud less than five (5) business days before it is scheduled to begin or if Client is unprepared or unavailable and VikingCloud cannot, at its sole discretion, adequately perform its obligations, it shall pay VikingCloud a cancellation fee equal to two thousand US dollars ($2,000) multiplied by the number of onsite days relating to the rescheduled, cancelled, unprepared, or unavailable on-site visit for each affected VikingCloud personnel. In addition, Client shall reimburse VikingCloud for (a) any non-refundable travel expenses VikingCloud incurs as a result of the cancellation, unpreparedness, unavailability, or rescheduling and (b) any amounts a third-party vendor charges VikingCloud for rescheduling or cancelling the on-site visit.
5. Confidentiality
5.1. “Confidential Information” means any and all technical and non-technical information, trade secrets or documents, disclosed by a Party (the “Disclosing Party”) to the other Party (the “Recipient”) including, but not limited to, this Agreement, Statements of Work, documents, research, product plans, know-how, products, current and proposed services, current clients, suppliers, potential clients, processes, designs, hardware, software, technology, intellectual property, pricing, marketing plans, finances, inventions, drawings, prototypes, object code and machine-readable copies, including VikingCloud’s service portals, including all copies and derivatives thereof, regardless of format. Confidential Information shall not include information that: (a) is or becomes generally available to the public other than as a result of disclosure by Recipient in breach of this Agreement; (b) was available to Recipient on a non-confidential basis as shown in contemporaneous written records prior to its disclosure to Recipient by Disclosing Party; (c) becomes available to Recipient on a non-confidential basis from a source other than Disclosing Party, provided that such source is not, to the knowledge of the Recipient, after reasonable inquiry, bound by a confidentiality agreement with Disclosing Party or is otherwise prohibited from transferring the information to Recipient by a contractual, legal or fiduciary obligation; (d) is independently developed by Recipient without any use of or benefit from the Confidential Information and such independent development can be documented by Recipient with contemporaneous written records.
5.2. If Recipient is required by law to disclose any Confidential Information, except to the extent prohibited by law or applicable order, it shall provide the Disclosing Party with prompt notice of such request(s) so that the Disclosing Party may seek confidential treatment for such information. In the event that such protective order or other remedy is not obtained, or that the Disclosing Party grants a waiver hereunder, Recipient may furnish only that portion of the Confidential Information that Recipient is legally required to disclose and Recipient shall seek confidential treatment for such disclosed information unless otherwise agreed by the Disclosing Party.
5.3. Recipient agrees not to use or disclose the Confidential Information of the Disclosing Party for any purpose other than to deliver or receive the Services, respectively, as contemplated by this Agreement or the applicable Order.
5.4. Recipient agrees it shall hold Disclosing Party’s Confidential Information in strict confidence and it shall treat all Confidential Information with the same degree of care, but no less than a reasonable degree of care, that Recipient uses to protect its own confidential information of a similar nature.
5.5. Recipient agrees not to disclose any Confidential Information of the Disclosing Party to any third-parties except to its affiliates and its and their personnel or authorized representatives (e.g., employees, directors, and officers) (“Representatives”) and/or to any service providers used in relation to the Services: (a) that must have the information in order to deliver or receive the Services; (b) have been informed of the confidential nature of such information; and (c) who have agreed, either as a condition to employment or prior to obtaining the Confidential Information, to be bound by terms and conditions substantially similar to those of this Agreement. Each Party shall be responsible for any breach of this Agreement by its Representatives. Recipient agrees that it will not reverse engineer, decompile, create other works from, modify or disassemble any software programs, prototypes or other tangible objects which contain Confidential Information of the Disclosing Party without the express prior written consent of the Disclosing Party.
5.6. Each Party’s breach of its obligations of confidentiality herein may cause the other Party irreparable injury for which it may not have an adequate remedy at law. Accordingly, in the event of a breach, the non-breaching Party shall be entitled to seek injunctive relief in addition to any other remedies it may have at law or in equity.
5.7. Client agrees that under the following conditions Confidential Information can be disclosed by VikingCloud without notice or additional acceptance being required:
5.7.1. Any regulatory, statutory or commercial compliance audit information that pertains to a regulated process for which VikingCloud is licensed to conduct that Is subject to external audit. Where possible redacted information will be sent to meet external audit requirements, where this is not possible or specific mandates exist then full information may be disclosed.
6. Warranties
6.1. VikingCloud Warranties
6.1.1. VikingCloud warrants that it will perform the Services in a professional and workmanlike manner consistent with generally accepted industry standards. Client must notify VikingCloud in writing of any alleged breach of warranty during the provision of Services or within thirty (30) days after delivery of the applicable Services. Client’s sole and exclusive remedy for breach of this warranty shall be that VikingCloud, at its own expense, re-perform the Services to conform to the foregoing standard.
6.1.2. VikingCloud warrants to Client that any Viking Cloud Device shall be free from material defects in material and workmanship for ninety (90) days from the date of shipment of the Viking Cloud Device. The sole and exclusive remedy and entire liability of VikingCloud for breach of this warranty will be for VikingCloud, at its own expense and election, to repair or replace such defective equipment. Client will be solely responsible for repairing or replacing any Viking Cloud Device and this express warranty shall not apply if the Viking Cloud Device: (a) has been damaged by accident, neglected or misused; (b) has not been installed, used or maintained in accordance with this Agreement and any applicable documentation; or (c) has been modified, except by VikingCloud. Title to any Viking Cloud Device or software provided by VikingCloud to Client shall remain with VikingCloud or its licensors.
6.1.3. Except as otherwise set forth in this Agreement, the Services are provided ‘AS IS’ without warranty of any kind, express or implied, including but not limited to, warranties of performance, non-infringement, merchantability or fitness for a particular purpose.
6.2 Client Warranties
6.2.1. Client represents and warrants that it has the consent and right to provide to VikingCloud any IP address, URL, web application, domain name, and other assets (“Assets”) in order for VikingCloud to conduct penetration tests on, scan, or target such Assets. If applicable, Client shall obtain all consents, access, and authorizations from any third-parties in order for VikingCloud to perform the Services and/or target such Assets. VikingCloud will not be required to enter into any agreements with any such third parties. Client understands and agrees that accessing, scanning or conducting penetration tests on such Assets are subject to inherent risks, including, but not limited to, corruption or loss of data, disruption or reduced performance of service, networks, or systems, and disruption of business processes or functions.
6.2.2. Client represents and warrants: (a) it will only use VikingCloud’s technology used by VikingCloud in connection with performing the Services, including but not limited to, report templates, software, technology, Viking Cloud Device(s), Asgard Platform™, scanning solution or portals (the “Viking Cloud Tools”) for its internal business use in accordance with applicable laws; (b) it shall not employ or authorize a VikingCloud competitor to view any Viking Cloud Tools; (c) it shall not re-sell, rent, or distribute any of the Services or Viking Cloud Tools, or allow any third-parties to access any of the Services or Viking Cloud Tools, except contractors or other authorized agents who have an obligation of confidentiality to Client and need to know such information to perform their respective duties for Client; (d) it shall not reverse engineer, decompile, disassemble or otherwise derive the source code from any component of any Viking Cloud Tool; (e) it shall not remove or alter any notice of proprietary right appearing on any Viking Cloud Tool; (f) it shall not license to manufacture, duplicate or reproduce any Viking Cloud Tool or Viking Cloud Device; (g) it shall not attempt, (c),(d),(e) or (f) above; (h) it shall not cause or assist any third-party to do (c), (d), (e) or (f) above; (i) that any Viking Cloud Device is protected from unauthorized access, misuse, damage or destruction by any person; (j) it shall disable portal accounts for employees who no longer require access; and (k) that any use or reliance on information provided by Client to VikingCloud will not infringe upon or misappropriate any proprietary rights of any third-party.
6.2.3. Client shall not tamper with, alter, modify or otherwise rearrange the Services, nor shall Client permit or assist others to abuse or fraudulently use the Services including, but not limited to, using the Services in any manner which interferes unreasonably with the Services or VikingCloud’s provision of similar services to other parties; for any purpose or in any manner directly or indirectly in violation of applicable laws, or in violation of any third-party rights.
6.2.4. Without limiting any other remedy that VikingCloud may have, Client agrees to indemnify and hold VikingCloud and its affiliates harmless from and against all claims, suits, damages, liabilities, costs and expenses (including reasonable attorneys’ fees) arising out of Client’s breach of Section 6.2.
7. Data Protection
7.1 There are certain situations where VikingCloud may act as a data controller in respect of personal data processed in connection with this Agreement or an Order. Examples of this include, but are not limited to, where VikingCloud requests personal data from the Client for administration or billing purposes, for other purposes incidental to the provision of VikingCloud’s services, for VikingCloud’s internal administrative support services or for registering for mailing lists. In such situations, the Client shall ensure that it is legally entitled to pass such personal data to VikingCloud (or to give VikingCloud access to same). Further information in relation to how VikingCloud handles personal data when it acts as a data controller can be found in VikingCloud’s privacy policy at https://VikingCloudgs.com/privacy-notice/.
7.2 To the extent that VikingCloud processes any personal data received by VikingCloud from or on behalf of the Client in connection with the performance of the Services or when performing its obligations under the Agreement (the “Customer Personal Data”), the Parties acknowledge that the Client shall be the data controller and VikingCloud shall be a data processor of the Customer Personal Data. Each Party shall comply with its obligations under applicable data protection laws. The Client acknowledges and agrees that it has all rights and authorizations necessary for VikingCloud to process the Customer Personal Data pursuant to the Agreement. The type of Customer Personal Data, the purpose of the processing and the categories of individuals whose personal data VikingCloud may process will be determined by the Client’s instructions and the nature of the Services. To the extent that VikingCloud processes such Customer Personal Data pursuant to the Agreement: (i) VikingCloud will process such personal data only on the instructions of the Client and as necessary to provide the Services; (ii) VikingCloud will ensure that all personnel authorized to process such personal data are party to appropriate confidentiality obligations; (iii) to the extent required by applicable law, VikingCloud will provide reasonable assistance to the Client to carry out a data protection impact assessment (including consultations with relevant data protection authorities) or comply with statutory data protection requests from individuals; (iv) VikingCloud will implement appropriate technical and organisational measures to ensure the security of any such personal data; (v) VikingCloud will notify the Client without undue delay of becoming aware of any data security incident which may have an adverse effect on any such personal data; (vi) the Client authorizes VikingCloud to use third-parties (each a “sub-processor”) to assist VikingCloud in providing the Services. On request, VikingCloud will provide the Client with a list of any such sub-processors. VikingCloud will inform the Client of any intended change to the list of sub-processors and will provide the Client with an opportunity to reasonably object to such changes. VikingCloud will enter into contractual arrangements with such sub-processor requiring it to comply with data protection obligations materially equivalent to those set out herein; (vii) VikingCloud may transfer and process such personal data to and in other locations around the world where VikingCloud or its sub-processors maintain data processing operations as necessary to provide the Services. If VikingCloud processes Customer Personal Data pursuant to the Agreement then it may transfer such personal data outside of the EEA provided that in effecting any such transfer it shall ensure that it has provided appropriate safeguards in relation to the transfer (or the transfer is subject to a relevant derogation) and, if applicable, VikingCloud may enter into EU standard contractual clauses for and on behalf of the Client in the context of providing the Services; (vii) on request, and subject to obligations of confidentiality, VikingCloud will provide the Client with a report detailing the processing activities carried out on the Client’s behalf; (vii) on request, and subject to VikingCloud’s legal, regulatory, governing or accrediting body obligations, VikingCloud will delete or return all Customer Personal Data provided by the Client when VikingCloud no longer provides services to the Client.
8. Proprietary Rights
8.1. VikingCloud and/or its licensors own and retain all right, title and interest (including all intellectual property rights) in all inventions, know-how, ideas, source code, writings, copyrights, patents, trademarks, business methods, illustrations, object code, tools, methodologies, procedures, portals, manuals, software, and any other intellectual property VikingCloud has used, developed, created, or acquired prior to or during the performance of the Services or preparation of any deliverable (“VikingCloud Intellectual Property”) and of all Viking Cloud Tools and Client shall not acquire any rights in any VikingCloud Intellectual Property or any Viking Cloud Tool or derivative works, enhancements, or modifications thereof, as a result of receiving the Services.
8.2. VikingCloud reserves the right to collect, compile, synthesize, and analyze information and data on how the Services are used by Client and reserves the right to disclose to and share such information and data with third-parties in an anonymous or aggregated form (“Aggregate Data”) at its discretion. All Aggregate Data will be owned exclusively by VikingCloud and may be used by VikingCloud for any lawful purpose.
8.3. Client hereby grants VikingCloud a non-exclusive, royalty-free, worldwide, transferable, sub-licensable, irrevocable, perpetual right and license to use, modify, adapt, create derivatives of and otherwise exploit and incorporate into any VikingCloud products and services, any ideas, suggestions, enhancement requests, recommendations or other feedback (and all intellectual property rights therein) provided by Client relating to VikingCloud’s products or services.
8.4. Client shall indemnify and hold harmless VikingCloud, its affiliates, and its and their directors, officers, employees and agents from and against all costs, claims, demands, expenses and liabilities of whatever nature arising out of or in connection with any claim that the use by VikingCloud of any information or material supplied by the Client for the purposes of this Agreement infringes the intellectual property rights of any third-party.
9. Additional Terms and Conditions.
9.1. For purposes of this Agreement, any applicable Order, or any Additional Terms and Conditions, the Parties agree that where the Services are provided by a VikingCloud affiliate, any reference to “VikingCloud” shall be deemed to include any and all of VikingCloud’s affiliates providing the Services and references to “VikingCloud” shall be interpreted as such. Client acknowledges that the Services provided by VikingCloud affiliates may be subject to such Additional Terms and Conditions and Client agrees to comply with all such applicable Additional Terms and Conditions. For the avoidance of doubt and notwithstanding anything to the contrary in this Agreement, any Additional Terms and Conditions that are product and/or service-specific, shall control in the event of any conflict or inconsistency with the terms herein.
9.2. Client acknowledges that the Services may come bundled or otherwise distributed with, work in conjunction with, or be supplied by, third-party products that are subject to additional terms and conditions. Client agrees to comply with all such applicable terms and conditions. If there are any conflicts between this Agreement and the additional terms or conditions governing such third-party products, those additional terms and conditions will control with respect to such third-party products and Client agrees to indemnify and hold VikingCloud harmless from all claims, damages and related expenses (including attorneys’ fees) incurred by VikingCloud that result from or are in connection with Client’s violation of such additional terms and conditions.
10. PCI Compliance Services
10.1. The Services may include services related to compliance with the Payment Card Industry Data Security Standard (PCI-DSS) (“PCI Compliance Services”) and notwithstanding the provision of any PCI Compliance Services or any provisions to the contrary in this Agreement, Client is solely responsible for (a) its compliance with all applicable PCI requirements; (b) any fees or fines payable to the Payment Card Industry Security Standards Council (“PCI SSC”) or card brands related to its operations or to the Services; and (c) notification of any suspected breach of its systems or unauthorized access to any personal information. Notwithstanding anything to the contrary, Client agrees VikingCloud may submit a redacted PCI Report on Compliance and, without limitation, any other materials and information generated in connection with the PCI Compliance Services, including a copy of this Agreement, to the PCI SSC, the credit card brands, or client’s acquiring bank upon written request or to a regulatory authority as required by law. If VikingCloud discovers any breaches of cardholder data in Client’s environment, Client authorizes VikingCloud to release a copy of its Report on Compliance to the credit card brands upon the credit card brands’ written request or to a regulatory authority as required by law. Client agrees that VikingCloud shall retain all records and information relating to a PCI DSS Assessment for at least the minimum time period as specified by the PCI SSC. Further, Client agrees and consents to VikingCloud’s usage of individual Qualified Security Assessor(s) (“QSA”) from VikingCloud’s affiliate(s) in the provision of the Services.
11. Non-solicitation.
11.1. During the term of this Agreement and for a period of two (2) years after the termination of this Agreement, Client agrees to not solicit, hire, nor attempt to solicit or hire, any person who is an employee of VikingCloud or its affiliates. Client will pay VikingCloud two times the then-current annual salary of each VikingCloud personnel hired by Client in breach of this Section.
12. Limitation of Liability & Disclaimer of Warranties.
12.1. VIKINGCLOUD’S AGGREGATE LIABILITY TO CLIENT, REGARDLESS OF THEORY OF LIABILITY, FOR ALL CLAIMS, DAMAGES, COSTS, LOSSES, EXPENSES AND OTHER AMOUNTS ARISING OUT OF OR RELATING TO THIS AGREEMENT OR THE SERVICES SHALL NOT EXCEED THE FEES PAID TO VIKINGCLOUD BY CLIENT IN THE TWELVE MONTHS PRECEDING THE DATE OF THE EVENT GIVING RISE TO SUCH CLAIM. NOTWITHSTANDING THE FORGOING, ANY LIABILITY IN RESPECT OF FRAUD, FRAUDULENT MISREPRESENTATION, PERSONAL INJURY OR DEATH CAUSED BY VIKINGCLOUD’S GROSS NEGLIGENCE, RECKLESSNESS OR WILLFUL MISCONDUCT SHALL NOT BE LIMITED OR EXCLUDED. NO ACTION ARISING OUT OF THIS AGREEMENT, REGARDLESS OF FORM, MAY BE BROUGHT BY EITHER PARTY MORE THAN ONE (1) YEAR AFTER THE CAUSE OF ACTION HAS ACCRUED.
12.2. IN NO EVENT WILL VIKINGCLOUD BE LIABLE FOR ANY INDIRECT, SPECIAL, INCIDENTAL, CONSEQUENTIAL OR PUNITIVE DAMAGES, WHETHER FORESEEABLE OR UNFORESEEABLE, OF ANY KIND WHATSOEVER, ARISING OUT OF OR IN CONNECTION WITH FURNISHING, PERFORMANCE OR USE OF THE SERVICES PERFORMED HEREUNDER, INCLUDING BUT NOT LIMITED TO, LOST PROFITS, LOSS OF REVENUE, LOSS OF BUSINESS OPPORTUNITIES, LOSS OR DAMAGE TO GOODWILL, LOSS OF DATA, LOSS OF USE OF SYSTEM(S) OR NETWORK OR THE RECOVERY OF SUCH, BUSINESS INTERRUPTION OR DOWNTIME, EVEN IF VIKINGCLOUD HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES OR LOSSES, WHETHER BASED ON WARRANTY, CONTRACT, TORT (INCLUDING NEGLIGENCE), PRODUCT LIABILITY OR OTHERWISE. FURTHER, VIKINGCLOUD SHALL NOT BE LIABLE FOR ANY DAMAGES DUE TO THE DELAY IN PERFORMING THE SERVICES.
12.3. EXCEPT AS EXPRESSLY PROVIDED IN SECTION 6.1, VIKINGCLOUD DISCLAIMS ALL REPRESENTATIONS OR WARRANTIES, WHETHER EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES REGARDING QUALITY, MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT, OF ANY SERVICES OR GOODS PROVIDED UNDER THIS AGREEMENT. THERE IS NO WARRANTY THAT THE SERVICES OR TECHNOLOGY EMPLOYED TO FURNISH THE SERVICES ARE ERROR OR DEFECT FREE, TIMELY, OR THAT THEY WILL OPERATE UNINTERRUPTED. CLIENT UNDERSTANDS AND AGREES THAT (1) RECEIVING THE SERVICES DOES NOT GUARANTEE THAT CLIENT’S SYSTEMS WILL BE PROTECTED, SECURE OR INVULNERABLE AND (2) VIKINGCLOUD DOES NOT GUARANTEE OR WARRANT THAT IT WILL UNCOVER OR FIND ALL OF CLIENT’S SYSTEM EXPOSURES INCLUDING BUT NOT LIMITED TO, VULNERABILITIES, UNAUTHORIZED ACCESS, OR MALWARE.
13. General
13.1. Notice. All notices or other communications under this Agreement must be in writing, and (a) delivered by hand; (b) sent by registered or certified mail; or (c) sent by email with receipt confirmed to:
VikingCloud: Client: as listed on the Order
VikingCloud, Attention: Legal Department
70 West Madison Street, 4th Floor,
Chicago, IL 60602, USA
Email: legal@vikingcloud.com
In the case of notices to VikingCloud delivered or sent under Section 13.1(a) or Section 13.1 (b), a copy of the notice must always be sent by email to legal@vikingcloud.com.
13.2. Compliance with Laws.
13.2.1. Both Parties shall comply with all federal, state, and local laws and regulations that directly apply to a Party and its performance of this Agreement, including but not limited to, anti-bribery and corruption laws. Client represents and warrants that it is not: (a) named on any U.S. government, European Union, UK, and/or other international denied-party list or any similar list; (b) located in, or under the control of, or a national or resident of regions that the United States, the European Union, the UK, and/or other government maintains an embargo or comprehensive sanctions (collectively, “Embargoed Countries”); and (c) a national or resident thereof, or any person or entity subject to individual prohibitions (e.g., parties listed on the U.S. Department of Treasury’s List of Specially Designated Nationals, the U.S. Department of Commerce’s Table of Denial Orders, and/or the European Union’s sanctions list (collectively, “Designated Nationals”). VikingCloud represents and warrants that VikingCloud is not located in, or is under the control of, or a national or resident of, an Embargoed Country or Designated National. Client shall indemnify and hold VikingCloud harmless from all claims, damages and related expenses (including attorneys’ fees) incurred by VikingCloud that result from or are in connection with Client’s breach of this Section 13.2.1.
13.2.2. In the event VikingCloud is required to comply with or respond to an order, subpoena or requirement of a court, administrative agency, governmental body or dispute resolution organization in a legal action involving Client, Client will promptly reimburse VikingCloud for all reasonable expenses incurred by VikingCloud in complying with such request, including, but not limited to: (a) outside counsel fees for representation and advice; and (b) professional time incurred in responding to the request at a rate of $250 per hour.
13.3. Publicity. Except for VikingCloud using Client’s name and logo in VikingCloud’s marketing activities, neither Party will use the other Party’s name, trademarks, logos, or trade name or disclose to any third-party that VikingCloud is Client’s service provider without the prior written consent of the other Party.
13.4. VikingCloud Contracting Party, Subcontractors and Affiliates.
13.4.1. VikingCloud Contracting Party
Subject to Section 13.4.2, “VikingCloud” (as may be used in this Agreement, an applicable Order, or otherwise) means the party identified in the table below, based on the Services the Client is receiving and the location of the Client:
13.4.2. Notwithstanding anything to the contrary herein, if an applicable Order defines “VikingCloud” as being a particular VikingCloud party that differs from the party identified in the table above then such party listed in the Order shall control and is “VikingCloud” for the purposes of this Agreement.
13.4.3. Client expressly consents to VikingCloud’s use of subcontractors or VikingCloud affiliates in connection with the performance of the Services, provided VikingCloud agrees to remain responsible for such delivery and performance.
13.5. Waiver. Any waiver of the provisions of this Agreement or of a Party’s rights or remedies under this Agreement must be in writing to be effective. A failure or delay in exercising a right or enforcing a provision of this Agreement shall not constitute a waiver of any other right, provision, or subsequent breach.
13.6. Export Regulation. The deliverables provided hereunder, including any software, documentation, and any related technical data included with, or contained in, such deliverables, and any products utilizing any such deliverables, software, documentation, or technical data, including equipment purchased from VikingCloud (collectively, "Regulated Products") may be subject to US and foreign export control laws and regulations. Client shall not, and shall not permit any third-parties to, directly or indirectly, export, reexport, or release any Regulated Products to any jurisdiction or country to which, or any party to whom, the export, reexport, or release of any Regulated Products is prohibited by applicable federal or foreign law, regulation, or rule. Client shall comply with all applicable federal and foreign laws, regulations, and rules, and complete all required undertakings (including obtaining any necessary export license or other governmental approval), prior to exporting, reexporting, or releasing any Regulated Products. VikingCloud shall not be liable for Client’s violation of any export or import laws, whether under United States or foreign law. Client shall indemnify and hold VikingCloud harmless from all damages, claims and related expenses (including reasonable legal fees) incurred by VikingCloud that result from Client’s breach of this Section 13.6. VikingCloud shall not be liable for Client’s violation of any export or import laws, whether under United States or foreign law.
13.7. Governing Law & Venue. This Agreement (including any Orders) and any non-contractual obligations arising out of or in connection with it shall be governed by and construed in accordance with the laws of Ireland, without reference to its conflict of laws and choice of laws rules or principles. The Parties agree that any legal action or proceeding relating to this Agreement (including any Orders) and any non-contractual obligations arising out of or in connection with it shall be exclusively instituted and adjudicated in the courts of Ireland and agree to submit to the personal jurisdiction of, and agree that venue is proper in, these courts in any such action or proceeding. The Parties agree to waive any and all objections to the exercise of jurisdiction over the parties by such courts and to venue in such courts. Each of the Parties irrevocably agrees that a judgment or order of such courts arising out of or in connection with this Agreement is conclusive and binding on it and may be enforced against it in the courts of any other jurisdiction.
13.8. WAIVER OF JURY TRIAL. EACH PARTY ACKNOWLEDGES THAT ANY CONTROVERSY THAT MAY ARISE UNDER THIS AGREEMENT, INCLUDING ORDERS, EXHIBITS, SCHEDULES, ATTACHMENTS, AND APPENDICES ATTACHED TO THIS AGREEMENT, IS LIKELY TO INVOLVE COMPLICATED AND DIFFICULT ISSUES AND, THEREFORE, EACH SUCH PARTY IRREVOCABLY AND UNCONDITIONALLY WAIVES ANY RIGHT IT MAY HAVE TO A TRIAL BY JURY IN RESPECT OF ANY LEGAL ACTION ARISING OUT OF OR RELATING TO THIS AGREEMENT, INCLUDING ANY EXHIBITS, SCHEDULES, ATTACHMENTS OR APPENDICES ATTACHED TO THIS AGREEMENT, OR THE TRANSACTIONS CONTEMPLATED HEREBY.
13.9. Assignment. This Agreement or an Order may not be assigned by either Party by operation of law or otherwise without the written consent of the other Party; provided however, that either Party may assign this Agreement or an Order to any parent or the wholly owned subsidiary of such Party without consent. Notwithstanding the foregoing, VikingCloud may assign this Agreement or an Order to: (1) any affiliate or (2) any successor as a result of a merger, acquisition, sale, transfer or other disposition of all or substantially all its equity, assets or business to which this Agreement or an Order relates. Any assignment in violation of any of the foregoing shall be null and void. Subject to the foregoing, this Agreement and/or an Order will bind and inure to the benefit of the Parties, their respective successors and permitted assigns.
13.10. Counterparts, Electronic Delivery. This Agreement may be executed in several counterparts, each of which will be deemed an original, and all of which taken together will constitute one single Agreement between the Parties with the same effect as if all the signatures were upon the same instrument. Any such counterpart may be delivered by facsimile, “pdf” e-mail or by another customary form of electronic transmission and any such electronic transmission shall constitute the delivery of a manually executed, original document for all purposes.
13.11. Amendment & Severability. This Agreement may only be modified by mutual written agreement signed by authorized persons on behalf of each Party. If any term or provision of this Agreement is found to be invalid, illegal or unenforceable, such invalidity, illegality or unenforceability shall not affect any other term or provision of this Agreement or invalidate or render unenforceable any other such term or provision. Upon a determination that any term or provision is invalid, illegal or unenforceable, the Parties shall negotiate in good faith to modify this Agreement to effect and preserve the original intent of this Agreement. If the Parties fail to agree, the unenforceable provision will be severed from this Agreement, which will otherwise continue in full force and effect.
13.12. Relationship & No Third-Party Beneficiaries. The Parties to this Agreement are independent contractors and this Agreement does not and will not establish any relationship of partnership, joint venture, employment, or agency between the Parties. Except for VikingCloud affiliates, there are no third-party beneficiaries under this Agreement and nothing in this Agreement will be construed to confer any rights to any third-party.
13.13. Force Majeure. Neither Party shall be liable for non-performance or the delay of performance of its obligations hereunder (other than its payment obligations) to the extent to which such non-performance or delay is caused by events or conditions beyond that Party's reasonable control, including but not limited to, pandemic, epidemic, acts of God, wars, riots or civil unrest, change in any applicable law or regulation, government acts, accidents, fires, storms or weather events, earthquakes, or any other cause beyond the reasonable control of such Party.
13.14. Entire Agreement. This Agreement and any incorporated Order and any Additional Terms and Conditions contain the entire agreement and understanding between the Parties relating to the subject matter and all other prior or contemporaneous agreements, communications, proposals and understandings, both written and oral, between the Parties with respect to the subject matter hereof, are superseded by and merged into this Agreement. Client agrees and confirms that except as expressly set forth in this Agreement, it is not relying on any representations or warranties by VikingCloud, express or implied, in entering into this Agreement. The Parties acknowledge that from time to time there may be changes to VikingCloud’s agreements with third parties, the PCI DSS, Client’s cardholder environment, scope, or project requirements (whether due to Client’s unresponsiveness or delays, inaccurate information provided by Client or otherwise), applicable laws, regulations, rules, standards, or other guidelines, and notwithstanding anything to the contrary, VikingCloud may, upon notice to Client, make appropriate revisions to the scope, service methodology, and pricing for any Services that are affected by such changes.