MASTER SUBSCRIPTION AGREEMENT
Last Modified August 23, 2022
THIS DOCUMENT IS A LEGAL CONTRACT. PLEASE READ IT CAREFULLY. This Master Subscription Agreement (“Agreement”) is an agreement between you as our customer (“Customer”, or “you”) and governs your access to and use of the iNebula software services (the “Service”) provided by Voxeleron, LLC, Inc. (“Voxeleron”, or “we”). Use of and access to the Service is conditioned upon compliance with this Agreement and all applicable local, state, national, and international laws, rules and regulations. Your use of the Service indicates your acceptance of this Agreement, and that you understand and agree to be bound by this Agreement. We may modify this Agreement (including any policies we reference) at any time by posting a revised version on the Voxeleron, LLC website or by otherwise notifying you by email or otherwise. The modified Agreement will become effective upon posting or, if we notify you by email, as stated in the email message. By continuing to use the Service after the effective date of any modifications to this Agreement, you agree to be bound by the modified Agreement. We last modified this Agreement on the date listed at the beginning of this Agreement.
If you do not accept all of the terms of this Agreement, you may not access or use the Service.
- inebula service
- The Service is a cloud-based ophthalmic data storage and analysis platform, allowing Customer to provide Customer Data from its selected sources (“Sources”), such as Customer’s databases or third-party services or properties, and view and analyze such data via the Service for Customer’s further use. As further described below and in the Documentation, Customer maintains control over which Customer Data it uses or shares with the Service.
“Customer Data” means any data (including images) that Customer submits to the Service, including data that it collects from Customer properties or retrieves from other Sources through the Service.
“Documentation” means the end user technical documentation provided with the Service, as may be modified from time to time.
“Laws” means all applicable local, state, federal and international laws, regulations and conventions, including, without limitation, those related to data privacy and data transfer, international communications, and the exportation of technical or personal data.
“Sensitive Personal Information” means any of the following: (i) credit, debit or other payment card data subject to the Payment Card Industry Data Security Standards (“PCI DSS”); (ii) patient, medical or other protected health information regulated by the Health Insurance Portability and Accountability Act (“HIPAA”); (iii) any information deemed to be “special categories of data” of an EU citizen (as such term is defined in EU Data Protection Directive 95/46/EC) or (iv) any other personal or sensitive information subject to regulation or protection under the Gramm-Leach-Bliley Act, Children’s Online Privacy Protection Act or other Laws.
“Service” means the Voxeleron proprietary hosted service solution(s), including the iNebula dashboard and any related Voxeleron Code and API(s), specific to the applicable subscription plan selected online by the Customer.
- Provision of the Service. The Service is provided on a subscription basis for a set term (each, a “Subscription Term”).
- Access to the Service. During the Subscription Term, Customer may access and use the Service for its internal business operations, subject to this Agreement and the Documentation. This includes the right to implement Voxeleron, LLC Code on Customer Properties in order to collect Customer Data for use with the Service. Access to the Service is limited to Customer’s employees and contractors acting for the sole benefit of Customer (“Permitted Users”). Customer is responsible for any use of the Service by its Permitted Users and their compliance with this Agreement. Customer shall keep confidential its user IDs and passwords for the Service and remain responsible for any actions taken through its accounts.
- Use Restrictions. Customer shall not (and shall not permit any third party to): (a) rent, lease, provide access to or sublicense the Service to a third party; (b) use the Service to provide, or incorporate the Service into, any product or service provided to a third party; (c) use or attempt to use the Service for competitive analysis or benchmarking; (d) reverse engineer, decompile, disassemble, or otherwise seek to obtain the source code or non-public APIs to the Service, except to the extent expressly permitted by applicable law (and then only upon advance notice to Voxeleron); (e) copy, modify or create any derivative work of the Service or any Documentation; (f) remove or obscure any proprietary or other notices contained in the Service (including any reports or data printed from the Service); or (g) publicly disseminate information regarding the performance of the Service.
- Storage and Processing of Customer Data. During each Subscription Term, Voxeleron, LLC may store certain Customer Data submitted from Sources to enable various features and functionality of the Service, including for “replay” and re-sending of Customer Data to Destinations at Customer’s direction. Customer acknowledges that Customer Data transmitted through the Service may be stored and processed by Voxeleron in the United States or in other countries in which Voxeleron, LLC or its subcontractors maintain facilities.
- Beta Releases. From time to time, Voxeleron may grant Customer access to “alpha”, “beta”, or other early-stage products (“Beta Releases”). While Voxeleron may provide assistance with Beta Releases in its discretion, notwithstanding anything to the contrary in this Agreement, CUSTOMER AGREES THAT ANY BETA RELEASE IS PROVIDED ON AN “AS IS” AND “AS AVAILABLE” BASIS WITHOUT ANY WARRANTY, SUPPORT, MAINTENANCE, STORAGE, SERVICE LEVEL, OR INDEMNITY OBLIGATIONS OF ANY KIND. CUSTOMER FURTHER ACKNOWLEDGES AND AGREES THAT BETA RELEASES MAY NOT BE COMPLETE OR FULLY FUNCTIONAL AND MAY CONTAIN BUGS, ERRORS, OMISSIONS, AND OTHER PROBLEMS FOR WHICH VOXELERON WILL NOT BE RESPONSIBLE. ACCORDINGLY, ANY USE OF A BETA RELEASE IS AT CUSTOMER’S SOLE RISK. Voxeleron makes no promises that future versions of a Beta Release will be released. Voxeleron may terminate Customer’s right to use any Beta Release at any time for any reason or no reason in Voxeleron’s sole discretion, without liability.
- Customer OBLIGATIONS
- Data Collection. Subject to this Agreement and as further described in the Documentation, Customer may configure the Customer Data elements to be collected from Sources and shared with different Destinations. In some instances, as referenced in the Service dashboard and Documentation, enabling a third-party Source involves implementing the third-party provider’s own SDK or code on Customer properties. As a result, in these cases, certain default data designated by that Source’s provider may be sent directly to Customer’s accounts with that Source, rather than passing through the Service.
- Rights in Customer Data. Customer is solely responsible for the accuracy, content and legality of all Customer Data and agrees to comply with all applicable Laws in its use of the Service. Customer represents and warrants to Voxeleron that Customer has all necessary rights, consents and permissions to collect, share and use Customer Data as contemplated in this Agreement (including granting Voxeleron the rights in Section 4.1), without violation or infringement of (i) any third party intellectual property, publicity, privacy or other rights, (ii) any Laws, or (iii) any terms of service, privacy policies or other agreement governing the Customer properties or Customer’s accounts with third-party Sources or Destinations. By enabling use of the Service with any Source or Destination, Customer authorizes Voxeleron to access Customer’s accounts with such Source or Destination for the purposes described in this Agreement. Voxeleron may also disclose that Customer is a customer of Voxeleron and related technical Service data to providers of third-party Sources and Destinations used by Customer with the Service.
- No Sensitive Personal Information. Customer specifically agrees not to use the Service to collect, store, process or transmit any Sensitive Personal Information. Customer acknowledges that Voxeleron is not a Business Associate or subcontractor (as those terms are defined in HIPAA) or a payment card processor and that the Service is neither HIPAA nor PCI DSS compliant. Voxeleron shall have no liability under this Agreement for Sensitive Personal Information, notwithstanding anything to the contrary herein.
- Indemnification by Customer. Customer shall indemnify, defend and hold harmless Voxeleron from and against any and all claims, costs, damages, losses, liabilities and expenses (including reasonable attorneys’ fees and costs) arising out of or in connection with any claim arising from or relating to any Customer Data or breach or alleged breach by Customer of Sections 2.2 (Rights in Customer Data) or 2.3 (No Sensitive Personal Information). This indemnification obligation is subject to Customer receiving (i) prompt written notice of such claim (but in any event notice in sufficient time for Customer to respond without prejudice); (ii) the exclusive right to control and direct the investigation, defense, or settlement of such claim; and (iii) all necessary cooperation of Voxeleron at Customer’s expense.
- Voxeleron agrees to use commercially reasonable technical and organizational measures designed to prevent unauthorized access, use, alteration or disclosure of the Service or Customer Data, as further described in Voxeleron’s Customer Data & Security Policy attached as Exhibit B. However, Voxeleron shall have no responsibility for errors in transmission, unauthorized third-party access or other causes beyond Voxeleron’s control.
- Customer Data. As between the parties, Customer shall retain all right, title and interest (including any and all intellectual property rights) in and to the Customer Data as provided to Voxeleron. Subject to the terms of this Agreement, Customer hereby grants to Voxeleron a non-exclusive, worldwide, royalty-free right to use, copy, store, transmit, modify, create derivative works of and display the Customer Data solely to the extent necessary to provide the Service to Customer.
- Voxeleron Technology. This is a subscription agreement for access to and use of the Service. Customer agrees that Voxeleron or its suppliers retain all right, title and interest (including all patent, copyright, trademark, trade secret and other intellectual property rights) in and to the Service, all Documentation, and any and all related and underlying technology and documentation and any derivative works, modifications or improvements of any of the foregoing, including as may incorporate Feedback (as defined below). Except as expressly set forth in this Agreement, no rights in the Service or any Voxeleron technology are granted to Customer.
- Feedback. Customer, from time to time, may submit comments, questions, suggestions or other feedback relating to any Voxeleron product or service to Voxeleron (“Feedback”). Voxeleron may freely use or exploit Feedback in connection with any of its products or services.
- Aggregated Anonymous Data. Notwithstanding anything to the contrary herein, Customer agrees that Voxeleron may obtain and aggregate technical and other data about Customer’s use of the Service that is non-personally identifiable with respect to Customer (“Aggregated Anonymous Data”), and Voxeleron may use the Aggregated Anonymous Data to analyze, improve, develop, support and operate the Service and for distribution in general benchmarking data and industry reports. For clarity, this Section 4.4 does not give Voxeleron the right to identify Customer as the source of any Aggregated Anonymous Data.
- Subscription Term, FEES & PAYMENT
- Subscription Term and Renewals. Unless otherwise specified, each Subscription Term shall automatically renew for additional twelve (12) month periods unless either party gives the other written notice of termination at least thirty (30) days prior to expiration of the then-current Subscription Term.
- Fees and Payment. By subscribing to the Service, you agree to pay Voxeleron upfront all fees are as set forth on the Voxeleron fee schedule for the applicable subscription plan selected. Except as expressly set forth in Section 7 (Limited Warranty), Section 10 (Indemnification) and Exhibit A (Service Levels and Support), all payment obligation are non-cancelable and fees paid are non-refundable.
- Taxes. Voxeleron’s fees are exclusive of all taxes, levies, or duties imposed by taxing authorities, including for example, value-added, sales, use or withholding taxes, assessable by any jurisdiction whatsoever (collectively, “Taxes”) and Customer shall be responsible for payment of all Taxes associated with this Agreement, except that Voxeleron is solely responsible for taxes assessable against Voxeleron based on Voxeleron’s net income, property, and employees.
- Payment by Payment Card. If you provide credit card or debit card (“Payment Card”) information to us, you authorize Voxeleron (i) to charge your Payment Card for verification, pre-authorization and payment purposes at the beginning of each subscription term and any renewal subscription term(s), and (ii) to bear any additional charges that your bank or other financial service provider may levy on you. Such charges shall be made in advance. We reserve the right to suspend the Service or cancel your subscription plan if we are not able to charge your Payment Card for any payment period. If you have any concerns or objections regarding charges, you agree to raise them with Voxeleron first and you agree not to cancel or reject any Payment Card charges unless you have made a reasonable attempt at resolving the matter directly with Voxeleron.
- Changes to Fee Schedule. We reserve the right to change our fee schedule at any time. Changes to the fee schedule will not apply retroactively and will only apply at the conclusion of your subscription term for your subscription renewal. If you do not agree with the changes to the Voxeleron fee schedule then your only recourse is give notice of non-renewal and to stop using the Service.
- TERM AND TERMINATION
- Term. This Agreement is effective as of the Effective Date and expires on the date of expiration or termination of all Subscription Terms.
- Termination for Cause. Either party may terminate this Agreement if the other party (a) fails to cure any material breach of this Agreement (including a failure to pay fees) within thirty (30) days after written notice; (b) ceases operation without a successor; or (c) seeks protection under any bankruptcy, receivership, trust deed, creditors’ arrangement, composition, or comparable proceeding, or if any such proceeding is instituted against that party (and not dismissed within sixty (60) days thereafter).
- Suspension of Service. Without limiting Voxeleron’s termination or other rights hereunder, Voxeleron reserves the right to suspend Customer’s access to the Service (and any related services) in whole or in part, without liability to Customer: (i) if Customer’s account is thirty (30) days or more overdue; (ii) for Customer’s breach of Sections 1.6 (Use Restrictions) or 2 (Customer Data); or (iii) to prevent harm to other customers or third parties or to preserve the security, availability or integrity of the Service. When practicable, Voxeleron will use reasonable efforts to provide Customer with advance notice of the suspension (email sufficing). Unless this Agreement has been terminated, Voxeleron will cooperate to restore Customer’s access to the Service promptly after Voxeleron verifies that Customer has resolved the issue requiring suspension.
- Effect of Termination. Upon any expiration or termination of this Agreement, Customer shall immediately cease any and all use of and access to the Service (including any and all related Voxeleron technology), cease distributing any Voxeleron Code installed on Customer Properties, and delete (or, at Voxeleron’s request, return) any and all copies of the Documentation, any Voxeleron passwords or access codes and any other Voxeleron Confidential Information in its possession. Customer acknowledges that following termination it shall have no further access to any Customer Data in the Service, and that Voxeleron may delete any such data as may have been stored by Voxeleron at any time. Except where an exclusive remedy is specified, the exercise of either party of any remedy under this Agreement, including termination, will be without prejudice to any other remedies it may have under this Agreement, by law or otherwise.
- Survival. The following Sections shall survive any expiration or termination of this Agreement: 1.6 (Use Restrictions), the disclaimers in Section 1.8 (Beta Releases), 2.4 (Indemnification by Customer), 4 (Ownership), 5.2 (Fees and Payment), 6 (Term and Termination), 7.2 (Warranty Disclaimer), 9 (Limitation of Remedies and Damages), 10 (Indemnification), 11 (Confidential Information) and 13 (General Terms).
- LIMITED WARRANTY
- Limited Warranty. Voxeleron warrants, for Customer’s benefit only, that the Service will operate in substantial conformity with the applicable Documentation. Voxeleron’s sole liability (and Customer’s sole and exclusive remedy) for any breach of this warranty shall be, at no charge to Customer, for Voxeleron to use commercially reasonable efforts to correct the reported non-conformity, or if Voxeleron determines such remedy to be impracticable, either party may terminate the applicable Subscription Term and Customer will receive as its sole remedy a refund of any fees Customer has pre-paid for use of the Service for the terminated portion of the applicable Subscription Term. The limited warranty set forth in this Section 7.1 shall not apply: (i) unless Customer makes a claim within thirty (30) days of the date on which Customer first noticed the non-conformity, (ii) if the error was caused by misuse, unauthorized modifications or third-party hardware, software or services, or (iii) to Beta Releases or any use provided on a no-charge or evaluation basis.
- Warranty Disclaimer. EXCEPT FOR THE LIMITED WARRANTY IN SECTION 1, THE SERVICE and ALL RELATED SERVICES ARE PROVIDED “AS IS”. NEITHER VOXELERON NOR ITS SUPPLIERS MAKES ANY OTHER WARRANTIES, EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, INCLUDING BUT NOT LIMITED TO WARRANTIES OF MERCHANTABILITY, TITLE, FITNESS FOR A PARTICULAR PURPOSE OR NONINFRINGEMENT. Voxeleron does not warrant that Customer’s use of THE SERVICE will be uninterrupted or error-free, nor does Voxeleron warrant that it will review the Customer Data for accuracy or that it will preserve or maintain the Customer Data without loss. CUSTOMER UNDERSTANDS THAT CUSTOMER DATA IS SHARED WITH DESTINATIONS AT CUSTOMER’S ELECTION AND VOXELERON TAKES NO RESPONSIBILITY FOR ANY DESTINATION’S USE OR PROTECTION OF CUSTOMER DATA ONCE IT HAS BEEN SHARED. CUSTOMER UNDERSTANDS THAT IT IS RESPONSIBLE FOR PUTTING IN PLACE ANY CONTRACTUAL ARRANGEMENTS WITH DESTINATIONS REQUIRED BY LAWS. Voxeleron SHALL NOT BE LIABLE FOR DELAYS, INTERRUPTIONS, SERVICE FAILURES OR OTHER PROBLEMS INHERENT IN USE OF THE INTERNET AND ELECTRONIC COMMUNICATIONS OR OTHER SYSTEMS OUTSIDE THE REASONABLE CONTROL OF Voxeleron. CUSTOMER MAY HAVE OTHER STATUTORY RIGHTS, BUT THE DURATION OF STATUTORILY REQUIRED WARRANTIES, IF ANY, SHALL BE LIMITED TO THE SHORTEST PERIOD PERMITTED BY LAW.
- Service Levels and support. During the Subscription Term, the Service will be subject to the service level and support terms in Exhibit A.
- Limitation of Remedies and Damages
- Consequential Damages Waiver. EXCEPT FOR EXCLUDED CLAIMS (DEFINED BELOW), NEITHER PARTY (NOR ITS SUPPLIERS) SHALL HAVE ANY LIABILITY ARISING OUT OF OR RELATED TO THIS AGREEMENT FOR ANY LOSS OF USE, LOST DATA, LOST PROFITS, FAILURE OF SECURITY MECHANISMS, INTERRUPTION OF BUSINESS, OR ANY INDIRECT, SPECIAL, INCIDENTAL, RELIANCE, OR CONSEQUENTIAL DAMAGES OF ANY KIND, EVEN IF INFORMED OF THE POSSIBILITY OF SUCH DAMAGES IN ADVANCE.
- Liability Cap. EXCEPT FOR EXCLUDED CLAIMS, EACH PARTY’S (AND ITS SUPPLIERS’) ENTIRE LIABILITY TO THE OTHER ARISING OUT OF OR RELATED TO THIS AGREEMENT SHALL NOT EXCEED THE AMOUNT ACTUALLY PAID OR PAYABLE BY CUSTOMER TO VOXELERON DURING THE PRIOR TWELVE (12) MONTHS UNDER THIS AGREEMENT.
- Excluded Claims. “Excluded Claims” means (a) any claim arising from Customer’s breach of Section 1.6 (Use Restrictions); (b) any claim arising under Sections 2.2 (Rights in Customer Data) – 2.4 (Indemnification by Customer); or (c) any amounts payable to third parties pursuant to Voxeleron’s indemnification obligations under Section 10 (Indemnification).
- Nature of Claims and Failure of Essential Purpose. The parties agree that the waivers and limitations specified in this Section 9 apply regardless of the form of action, whether in contract, tort (including negligence), strict liability or otherwise and will survive and apply even if any limited remedy specified in this Agreement is found to have failed of its essential purpose.
- INDEMNIFICATION. Voxeleron shall defend Customer from and against any claim by a third party alleging that the Service when used as authorized under this Agreement infringes a U.S. patent or any copyright or trademark and shall indemnify and hold harmless Customer from and against any damages and costs awarded against Customer or agreed in settlement by Voxeleron (including reasonable attorneys’ fees) resulting from such claim, provided that Voxeleron has received from Customer: (i) prompt written notice of such claim (but in any event notice in sufficient time for Voxeleron to respond without prejudice); (ii) the exclusive right to control and direct the investigation, defense and settlement (if applicable) of such claim; and (iii) all reasonable necessary cooperation of Customer. If Customer’s use of the Service is (or in Voxeleron’s opinion is likely to be) enjoined, if required by settlement or if Voxeleron determines such actions are reasonably necessary to avoid material liability, Voxeleron may, in its sole discretion: (a) substitute substantially functionally similar products or services; (b) procure for Customer the right to continue using the Service; or if (a) and (b) are not commercially reasonable, (c) terminate the Agreement and refund to Customer the fees paid by Customer for the portion of the Subscription Term that was paid by Customer but not rendered by Voxeleron. The foregoing indemnification obligation of Voxeleron shall not apply: (1) if the Service is modified by any party other than Voxeleron, but solely to the extent the alleged infringement is caused by such modification; (2) if the Service is combined with products or processes not provided by Voxeleron, but solely to the extent the alleged infringement is caused by such combination; (3) to any unauthorized use of the Service; (4) to any action arising as a result of Customer Data or any third-party deliverables or components contained within the Service; (5) if Customer settles or makes any admissions with respect to a claim without Voxeleron’s prior written consent; or (6) to Beta Releases or any use provided on a no-charge or evaluation basis. THIS SECTION 10 SETS FORTH Voxeleron’s AND ITS SUPPLIERS’ SOLE LIABILITY AND CUSTOMER’S SOLE AND EXCLUSIVE REMEDY WITH RESPECT TO ANY CLAIM OF INTELLECTUAL PROPERTY INFRINGEMENT.
- CONFIDENTIAL INFORMATION. Each party (as “Receiving Party”) agrees that all code, inventions, know-how, business, technical and financial information it obtains from the disclosing party (“Disclosing Party”) constitute the confidential property of the Disclosing Party (“Confidential Information”), provided that it is identified as confidential at the time of disclosure or should be reasonably known by the Receiving Party to be confidential or proprietary due to the nature of the information disclosed and the circumstances surrounding the disclosure. Any Voxeleron technology, performance information relating to the Service, and the terms and conditions of this Agreement shall be deemed Confidential Information of Voxeleron without any marking or further designation. Except as expressly authorized herein, the Receiving Party shall (1) hold in confidence and not disclose any Confidential Information to third parties and (2) not use Confidential Information for any purpose other than fulfilling its obligations and exercising its rights under this Agreement. The Receiving Party may disclose Confidential Information to its employees, agents, contractors and other representatives having a legitimate need to know (including, for Voxeleron, the subcontractors referenced in Section 13.9), provided that such representatives are bound to confidentiality obligations no less protective of the Disclosing Party than this Section 11 and that the Receiving Party remains responsible for compliance by any such representative with the terms of this Section 11. The Receiving Party’s confidentiality obligations shall not apply to information that the Receiving Party can document: (i) was rightfully in its possession or known to it prior to receipt of the Confidential Information; (ii) is or has become public knowledge through no fault of the Receiving Party; (iii) is rightfully obtained by the Receiving Party from a third party without breach of any confidentiality obligation; or (iv) is independently developed by employees of the Receiving Party who had no access to such information. The Receiving Party may make disclosures to the extent required by law or court order, provided the Receiving Party notifies the Disclosing Party in advance and cooperates in any effort to obtain confidential treatment. The Receiving Party acknowledges that disclosure of Confidential Information would cause substantial harm for which damages alone would not be a sufficient remedy, and therefore that upon any such disclosure by the Receiving Party the Disclosing Party shall be entitled to seek appropriate equitable relief in addition to whatever other remedies it might have at law.
- CO-MARKETING. Customer agrees to participate in reasonable marketing activities that promote the benefits of the Service to other potential customers and to use of Customer’s name and logo on Voxeleron’s web site and in Voxeleron promotional materials. Customer agrees that Voxeleron may disclose Customer as a customer of Voxeleron.
- GENERAL TERMS
- Assignment. This Agreement will bind and inure to the benefit of each party’s permitted successors and assigns. Neither party may assign this Agreement without the advance written consent of the other party, except that either party may assign this Agreement in connection with a merger, reorganization, acquisition or other transfer of all or substantially all of such party’s assets or voting securities. Any attempt to transfer or assign this Agreement except as expressly authorized under this Section 13.1 will be null and void.
- Severability. If any provision of this Agreement shall be adjudged by any court of competent jurisdiction to be unenforceable or invalid, that provision shall be limited to the minimum extent necessary so that this Agreement shall otherwise remain in effect.
- Governing Law; Jurisdiction and Venue. This Agreement shall be governed by the laws of the State of California and the United States without regard to conflicts of laws provisions thereof, and without regard to the United Nations Convention on the International Sale of Goods. The jurisdiction and venue for actions related to the subject matter hereof shall be the state and United States federal courts located in San Francisco, California and both parties hereby submit to the personal jurisdiction of such courts.
- Attorneys’ Fees and Costs. The prevailing party in any action to enforce this Agreement will be entitled to recover its attorneys’ fees and costs in connection with such action.
- Notice. We may provide any notice to you under this Agreement by: (i) posting a notice on the Voxeleron website; or (ii) sending a message to the administrative email address(es) then associated with your account. Notices we provide by posting on the Voxeleron website will be effective upon posting and notices we provide by email will be effective when we send the email. It is your responsibility to keep your email address(es) current. You will be deemed to have received any email sent to the email address then associated with your account when we send the email, whether or not you actually receive the email. If you have any questions regarding this Agreement please contact us via email at iNebula@voxeleron.com.
- Amendments; Waivers. No supplement, modification, or amendment of this Agreement shall be binding, unless executed in writing by a duly authorized representative of each party to this Agreement. No waiver will be implied from conduct or failure to enforce or exercise rights under this Agreement, nor will any waiver be effective unless in a writing signed by a duly authorized representative on behalf of the party claimed to have waived. No provision of any purchase order or other business form employed by Customer will supersede the terms and conditions of this Agreement, and any such document relating to this Agreement shall be for administrative purposes only and shall have no legal effect.
- Entire Agreement. This Agreement is the complete and exclusive statement of the mutual understanding of the parties and supersedes and cancels all previous written and oral agreements and communications relating to the subject matter of this Agreement. Customer acknowledges that the Service is an on-line, subscription-based product, and that in order to provide improved customer experience Voxeleron may make changes to the Service, and Voxeleron will update the applicable Documentation accordingly. The support, service level and security terms described in Exhibit A (Service Levels and Support) and Exhibit B (Customer Data & Security Policy) may be updated from time to time upon reasonable notice to Customer to reflect process improvements or changing practices (but the modifications will not materially decrease Voxeleron’s obligations as compared to those reflected in such terms as of the Effective Date).
- Force Majeure. Neither party shall be liable to the other for any delay or failure to perform any obligation under this Agreement (except for a failure to pay fees) if the delay or failure is due to unforeseen events that occur after the signing of this Agreement and that are beyond the reasonable control of such party, such as a strike, blockade, war, act of terrorism, riot, natural disaster, failure or diminishment of power or telecommunications or data networks or services, or refusal of a license by a government agency.
- Subcontractors. Voxeleron may use the services of subcontractors and permit them to exercise the rights granted to Voxeleron in order to provide the Service under this Agreement. These subcontractors may include, for example, Voxeleron’s hosting, infrastructure and CDN providers. Voxeleron remains responsible for compliance of any such subcontractor with the terms of this Agreement and the overall performance of the Service as required under this Agreement.
- Subpoenas. Nothing in this Agreement prevents Voxeleron from disclosing Customer Data to the extent required by law, subpoenas, or court orders, but Voxeleron shall use commercially reasonable efforts to notify Customer where permitted to do so.
- Independent Contractors. The parties to this Agreement are independent contractors. There is no relationship of partnership, joint venture, employment, franchise or agency created hereby between the parties. Neither party will have the power to bind the other or incur obligations on the other party’s behalf without the other party’s prior written consent.
- Export Control. In its use of the Service, Customer agrees to comply with all export and import laws and regulations of the United States and other applicable jurisdictions. Without limiting the foregoing, (i) Customer represents and warrants that it is not listed on any U.S. government list of prohibited or restricted parties or located in (or a national of) a country that is subject to a U.S. government embargo or that has been designated by the U.S. government as a “terrorist supporting” country, (ii) Customer shall not (and shall not permit any of its users to) access or use the Service in violation of any U.S. export embargo, prohibition or restriction, and (iii) Customer shall not submit to the Service any information that is controlled under the U.S. International Traffic in Arms Regulations.
- Government End-Users. Elements of the Service are commercial computer software. If the user or licensee of the Service is an agency, department, or other entity of the United States Government, the use, duplication, reproduction, release, modification, disclosure, or transfer of the Service, or any related documentation of any kind, including technical data and manuals, is restricted by a license agreement or by the terms of this Agreement in accordance with Federal Acquisition Regulation 12.212 for civilian purposes and Defense Federal Acquisition Regulation Supplement 227.7202 for military purposes. The Service was developed fully at private expense. All other use is prohibited.
- This Agreement may be executed in counterparts, each of which will be deemed an original and all of which together will be considered one and the same agreement.
SERVICE LEVELS AND SUPPORT
- Up-Time and Reliability. Voxeleron uses commercially reasonable efforts to make the Service available and operational to Customer for 99.99% of all Scheduled Availability Time (“Target Up-Time”), calculated on a monthly, per-minute basis. “Scheduled Availability Time” means twenty-four (24) hours a day, seven (7) days a week, excluding: (i) scheduled maintenance downtime not exceeding five (5) hours per month in the aggregate; (ii) maintenance downtime for specific critical Service issues; and (iii) any downtime due to defects caused by Customer, one of its vendors, third party connections, utilities, or equipment, or caused by other forces beyond the reasonable control of Voxeleron (such as denial of service attacks, internet or third-party service outages or outages with respect to Customer’s network or internet access). Voxeleron uses commercially reasonable efforts to provide at least eight (8) hours advance notice via email or text of any scheduled maintenance downtime and, to the extent practicable, such downtime shall be scheduled during the weekend hours between 18:00 Friday and 9:00 Monday Pacific Time. In the event of any outages described above, Voxeleron will use commercially reasonable efforts to minimize any disruption, inaccessibility and/or inoperability of the Service in connection with outages, whether scheduled or not.
- Maintenance. Voxeleron will make available to Customer as part of the Service all generally available updates and bug fixes to the Service.
- Customer Responsibility. In addition to other responsibilities contained herein, Customer will be responsible for ongoing maintenance, management and accuracy of the Customer’s account profile data maintained within the Service.
- Support. Voxeleron is available to receive product support inquiries via Slack, email, or Voxeleron’s website 24 hours per day. Voxeleron’s standard support hours are 09:00 to 17:00 Pacific Time Monday through Friday for technical information, technical advice and technical consultation regarding Customer’s use of the Service.
- Customer Support List. Customer shall provide to Voxeleron, and keep current, a list of designated contacts, emails and/or phone numbers (the “Support List”) to interact with Voxeleron in connection with support requests. Such Support List shall include (i) the first person to contact for the answer or assistance desired, and (ii) the persons in successively more responsible or qualified positions to provide the answer or assistance desired.
- Support Response Times.
Voxeleron shall classify each problem encountered by Customer according to the following definitions and shall use commercially reasonable efforts to address the problem in accordance with such classification according to the table below.
|Priority||Priority Description||Guaranteed Response||Target Resolution Times|
|P1||High. Data catalog services and data ingestion services are down, causing critical impact to business operations; no workaround available.||Voxeleron shall provide a status update by telephone, SMS, Voxeleron status page and/or e-mail within four (4) hour of the initial occurrence of the P1 issue and status updates every four (4) hours thereafter. Voxeleron shall assign engineering resources to work on a continuous basis until the problem is resolved or the problem is determined to be beyond Voxeleron’s reasonable control.||Voxeleron’s goal for resolution of P1 issues is within eight (8) hours of Customer’s receipt of issue notification.|
|P2||High. Data catalog services and data ingestion services are significantly degraded and/or impacting significant aspects of business operations; no commercially reasonable work around available.||Voxeleron shall provide a status update by telephone, SMS, Voxeleron status page, and/or e-mail within eight (8) hours of the initial occurrence of the P2 issue and status updates every six (6) hours thereafter. Voxeleron shall assign engineering resources to work on a continuous basis until (i) the problem is resolved, (ii) an acceptable workaround is found or (iii) the problem is determined to be beyond Voxeleron’s reasonable control.||Voxeleron’s goal for resolution of P2 issues is within one (1) calendar day of Customer’s receipt of issue notification.|
|P3||Medium. Slow response or delays; Service performance is impaired but still materially functional.||Voxeleron shall provide a status update by Voxeleron status page, and/or e-mail within twenty-four (24) hours of the initial occurrence of the P3 issue and status updates every twenty-four (24) hours thereafter. Voxeleron shall use commercially reasonable efforts to resolve the problem as soon as is reasonably practicable.||Voxeleron’s goal for resolution of P3 issues is within three (3) calendar day of Customer’s receipt of issue notification.|
|P4||Low. No material Customer impact; Documentation errors or exclusions; Cosmetic or other non-substantive Service user interface issues. Data collection and data reporting services are unaffected.||Voxeleron shall use commercially reasonable efforts to provide a status update by Voxeleron status page, and/or e-mail.||On a case-by-case basis.|
CUSTOMER DATA & SECURITY POLICY
Voxeleron considers protection of Customer Data a top priority. As further described in this policy, Voxeleron uses commercially reasonable organizational and technical measures designed to prevent unauthorized access, use, alteration or disclosure of Customer Data stored on systems under Voxeleron’s control.
- Access to Customer Data. Voxeleron limits its personnel’s access to Customer Data as follows:
- Requires unique user access authorization through secure logins and passwords, including multi-factor authentication for Cloud Hosting administrator access and individually-assigned Secure Socket Shell (SSH) keys for external engineer access;
- Limits the Customer Data available to Voxeleron personnel on a “need to know” basis;
- Restricts access to Voxeleron’s production environment by Voxeleron personnel on the basis of business need; and
- Encrypts user security credentials for production access.
- Data Encryption. Voxeleron provides industry-standard encryption for Customer Data both in flight and at rest as follows:
- Implements End-to-End Transport Layer Security (TLS) across the platform;
- Uses strong encryption methodologies to protect Customer Data, including AES 256-bit encryption for Customer Data stored in Voxeleron’s production environment; and
- Encrypts all Customer Data stored on cloud or electronic portable storage devices such as computer laptops, portable drives and other similar devices while at rest.
- Data Management
- Voxeleron creates an audit trail for key verification with each integration, with user-specific integration key generation alert controls.
- Voxeleron logically separates each of its customers’ data and maintains measures designed to prevent Customer Data from being exposed to or accessed by other customers.
- Network Security, Physical Security and Environmental Controls
- Voxeleron uses a variety of techniques designed to detect and/or prevent unauthorized access to systems processing Customer Data, including firewalls, network access controls, and intrusion detection systems.
- Voxeleron maintains measures designed to assess, test and apply security patches to all relevant systems and applications used to provide the Service.
- Voxeleron monitors privileged access to applications that process Customer Data, including cloud services.
- The Service operates on Amazon Web Services (“AWS”) and is protected by Amazon’s security and environmental controls. Detailed information about AWS security is available at https://aws.amazon.com/security/ and http://aws.amazon.com/security/sharing-the-security-responsibility/. For AWS SOC Reports, please see https://aws.amazon.com/compliance/soc-faqs/.
- Independent Security Assessments. Voxeleron periodically assesses the security of its systems and the Service as follows:
- Annual detailed security and vulnerability assessments of the Service conducted by independent third-party security experts that include a thorough code analysis and a comprehensive security audit. Voxeleron shall attest to Customer the date of the most recent security and vulnerability assessment at Customer’s reasonable request.
- Annual penetration testing of Voxeleron systems and applications to test for exploits including, but not limited to, XSS, SQL injection, access controls, and CSRF.
- Continuous vulnerability scanning, including review of any new code added to the Service.
- Incident Response. If Voxeleron becomes aware of unauthorized access or disclosure of Customer Data under its control (a “Breach”), Voxeleron will:
- Take reasonable measures to mitigate the harmful effects of the Breach and prevent further unauthorized access or disclosure.
- Upon confirmation of the Breach, notify Customer in writing of the Breach without undue delay. Notwithstanding the foregoing, Voxeleron is not required to make such notice to the extent prohibited by Laws, and Voxeleron may delay such notice as requested by law enforcement and/or in light of Voxeleron’s legitimate needs to investigate or remediate the matter before providing notice.
- Each notice of a Breach will include:
- The extent to which Customer Data has been, or is reasonably believed to have been, used, accessed, acquired or disclosed during the Breach;
- A description of what happened, including the date of the Breach and the date of discovery of the Breach, if known;
- The scope of the Breach, to the extent known; and
- A description of Voxeleron’s response to the Breach, including steps Voxeleron has taken to mitigate the harm caused by the Breach.
- Business Continuity Management
- Voxeleron maintains an appropriate business continuity and disaster recovery plan.
- Voxeleron maintains processes to ensure failover redundancy with its systems, networks and data storage.
- Personnel Management
- Voxeleron performs employment verification, including proof of identity validation and criminal background checks for all new hires, including contract employees.
- Voxeleron provides training for its personnel who are involved in the processing of the Customer Data to ensure they do not collect, process or use Customer Data without authorization and that they keep Customer Data confidential, including following the termination of any role involving the Customer Data.
- Voxeleron conducts routine and random monitoring of employee systems activity.
- Upon employee termination, whether voluntary or involuntary, Voxeleron immediately disables all access to critical and noncritical systems.