CHECKLIGHT Software Subscription and Services Agreement

Last Update: May 24, 2024

Section A

CISO GLOBAL INC (“CISO GLOBAL”) PROVIDES THE PRODUCTS SOLELY ON THE TERMS AND CONDITIONS SET FORTH IN THIS SOFTWARE SUBSCRIPTION AND SERVICES AGREEMENT (“AGREEMENT”) AND ON THE CONDITION THAT CUSTOMER ACCEPTS AND COMPLIES WITH THEM. BY CHECKING THE BOX TO ACCEPT THIS AGREEMENT, EXECUTING AN ORDER FORM INCORPORATING THIS AGREEMENT, OR USING THE SERVICES, CUSTOMER (A) ACCEPTS THIS AGREEMENT AND AGREES THAT CUSTOMER IS LEGALLY BOUND BY ITS TERMS; AND (B) REPRESENTS AND WARRANTS THAT: (I) CUSTOMER HAS THE RIGHT, POWER, AND AUTHORITY TO ENTER INTO THIS AGREEMENT ON BEHALF OF CUSTOMER AND BIND CUSTOMER TO ITS TERMS. IF CUSTOMER DOES NOT AGREE TO THE TERMS OF THIS AGREEMENT, CISO GLOBAL WILL NOT AND DOES NOT LICENSE THE PRODUCTS TO CUSTOMER AND CUSTOMER MUST NOT DOWNLOAD OR INSTALL THE PRODUCTS OR DOCUMENTATION.

CISO GLOBAL OFFERS THE WARRANTY IN SECTION 15 TO CUSTOMERS LOCATED WITHIN THE UNITED STATES OF AMERICA OR CANADA ONLY. IF CUSTOMER IS A RESIDENT OF, OR LOCATED OR ORGANIZED IN, A JURISDICTION OTHER THAN THE UNITED STATES OF AMERICA OR CANADA, THE PARTIES HEREBY AGREE THAT THE WARRANTY SET FORTH IN SECTION 15 OF THIS AGREEMENT IS NOT PROVIDED TO SUCH CUSTOMER AND SECTION 15 SHALL HAVE NO EFFECT FOR SUCH CUSTOMER.

This Agreement shall govern Customer’s initial purchase on the Effective Date as well as any future purchases made by Customer which reference this Agreement. CISO GLOBAL provides the Products on a subscription basis (each, a “Subscription”) beginning on the date of Customer’s purchase, enrollment, registration, sign up or order (collectively, “Order”) for the duration of the term purchased by Customer (“Subscription Term”). As part of each Subscription, CISO GLOBAL provides the support services described herein.

1. Definitions. Capitalized and/or bolded terms shall have the meaning defined herein.
   • Agent is software that functions as an agent for another software program and that performs tasks in the background of a computer environment.
     Confidential Information means any and all non-public, confidential and proprietary information, furnished by the Disclosing Party or any of its Representatives to the Receiving Party or any of its Representatives, that is either directly or indirectly, in writing, orally or by inspection of tangible objects (including without limitation documents, prototypes, and samples), or designated as being confidential or which, under the circumstances surrounding disclosure ought to be treated as confidential by the Receiving Party.  Confidential Information may include, without limitation, such marked disclosures that relate to patents, patent applications, trade secrets, research, product plans, products, developments, know-how, ideas, inventions, processes, design details, drawings, sketches, models, engineering, software (including source and object code), algorithms, business plans, sales and marketing plans.  Notwithstanding the foregoing, Confidential Information shall expressly include the terms of this Agreement (and any Agreement of which it is a part), the Products, Customer Data, the Documentation, and all know-how, techniques, ideas, principles and concepts which underlie any element of the Products or the Documentation and which may be apparent by use, testing or examination.
     Customer means the entity purchasing the Products.
     Customer Data means all information, data, and other content, in any form or medium, that is submitted, posted, or otherwise transmitted by or on behalf of Customer through the Products.
     Documentation means the product documentation made available by CISO GLOBAL on the CISO GLOBAL website at https://www.ciso.inc/capabilities/platforms/checklight-security-monitoring/ .
   • Enrolled Computer means a computer (a) that is authorized by Customer to install the Products pursuant to (i) this Agreement, (ii) the Subscription Term purchased by Customer, and (iii) applicable limitations in the Order, including the number of Enrolled Computers; (b) on which the Products have been installed; and (c) that has been connected to the Internet for a minimum of 48 hours following Customer’s installation of the Products.
   • Intellectual Property Rights means any patents, patent rights, design rights, copyrights, database rights, trade secrets, know-how, trademarks, trade names, service marks and other intellectual property embodied therein and all applications and rights to apply for registration or protection rights pertaining thereto, in existence at the date hereof or created in the future.
   • Malicious Software is any software that takes the form of worms, viruses, trojans, spyware, malware, adware, rootkits or other harmful software programs that bring harm to a computer system.
   • Named Contact means the individual, whose name and contact information is provided to CISO GLOBAL by Customer, who will receive notifications from the Products. Customer is solely responsible for updating and maintaining the accuracy of contact and related information for the Named Contacts.
   • Online means when a computer is turned on, connected to the Internet, and ready to be used.
   • Product(s) means the software product(s) described at https://www.ciso.inc/capabilities/platforms/checklight-security-monitoring/ that are purchased by Customer.
   • Report means any Report provided to Customer by CISO GLOBAL in connection with the Products.
   • Representative(s) means as to any person, such person’s affiliates and its or their directors, officers, employees, agents, and advisors (including, without limitation, financial advisors, counsel and accountants) bound by a written agreement or other legal obligation to maintain the confidentiality of the Confidential Information disclosed to them as required by the terms of this Agreement.
   • Security Breach means an incident that results in unauthorized electronic access to data, applications, networks, or devices through the use of Malicious Software.
   • Use means to download, install, and execute the Products.
2. Grant of License. Subject to all of the terms and conditions of this Agreement, during the Subscription Term, CISO GLOBAL grants to Customer a non-transferable, non-sublicensable, non-exclusive, limited license to Use the Products and for Customer’s employees and independent contractors working on behalf of Customer (“Users”) to Use the Products solely for Customer’s own internal use, but only on Enrolled Computers in accordance with (i) the Documentation, (ii) this Agreement, and (iii) the Subscription Term and other restrictions set forth in the applicable Order. Customer acknowledges and agrees that this Agreement does not transfer to Customer any CISO GLOBAL or third party Intellectual Property Rights. Customer acknowledges and agrees that, as between CISO GLOBAL and Customer, CISO GLOBAL owns all right, title, and interest in and to the Products and Documentation, and CISO GLOBAL shall, notwithstanding any other term of this Agreement, remain the owner of the Products and Documentation. Unless otherwise expressly provided in this Agreement, Customer shall not acquire any proprietary right, title or interest in or to any Intellectual Property Rights in the Products or Documentation. All rights not expressly granted by CISO GLOBAL herein are reserved.
3. License Restrictions. Customer shall not, on its own or through any parent, subsidiary, affiliate, agent or other third party: (a) sell, lease, license, distribute, sublicense or otherwise transfer in whole or in part, any of the Products or the Documentation to a third party; (b) decompile, disassemble, translate, reverse engineer or otherwise attempt to derive source code from the Products, in whole or in part, nor will Customer use any mechanical, electronic or other method to trace, decompile, disassemble, or identify the source code of the Products or encourage others to do so; (c) allow access to or permit use of the Products by any users other than Users, or any use which violates the technical restrictions of the Products, any additional licensing terms provided by CISO GLOBAL via Documentation, notification, and/or policy change posted at https://www.ciso.inc/capabilities/platforms/checklight-security-monitoring/, or the terms of this Agreement; (d) use the Products to develop, test, host or run and operate applications on behalf of third-parties, without CISO GLOBAL’s written consent; (e) use, post, transmit or introduce any device, software or routine which interferes or attempts to interfere with the operation of the Products; (f) use the Products to provide third-party training; or (g) modify or create derivative works based upon the Products. If CISO GLOBAL receives information that Customer is in violation of any of the foregoing restrictions, CISO GLOBAL will notify Customer, and Customer will promptly take remedial action to resolve such violation. If Customer does not take required action in accordance with the above, CISO GLOBAL reserves the right, but has no obligation, to take remedial action if any material violates the foregoing restrictions, including suspension or termination of this Agreement or an applicable Order. CISO GLOBAL shall have no liability to Customer in the event CISO GLOBAL takes such action. Customer acknowledges and agrees that CISO GLOBAL may use a license manager, keys or similar method to either locally or remotely monitor and manage Customer’s Use of the Products.
4. Customer Account, Password and Security. To register for the Products, Customer must complete the registration process by providing CISO GLOBAL with current, complete, and accurate information as prompted by the registration form. Customer will protect its passwords and license files and take full responsibility for its own use, and third-party use, of Customer’s accounts. Customer is solely responsible for any and all activities that occur under Customer’s accounts. Customer will notify CISO GLOBAL immediately upon learning of any unauthorized use of Customer’s accounts or any other breach of security.
5. Subscription Term and Renewals. Unless otherwise agreed in an Order, the length of the Subscription Term shall be one (1) year and shall automatically renew for subsequent one-year terms, unless either party provides 30 days written notice of its intent not to renew the Subscription Term.
6. Payment Terms. All fees are as set forth in the applicable Order and shall be paid by Customer in advance of the applicable Subscription Term. All payments are non-refundable. Any outstanding balance becomes immediately due and payable upon termination of this Agreement and any collection expenses (including attorneys’ fees) incurred by CISO GLOBAL (or other related entities) will be included in the amount owed by Customer. If Customer is required to pay any withholding tax, charge or levy in respect of any payments due to CISO GLOBAL hereunder, Customer agrees to gross up payments actually made such that CISO GLOBAL shall receive sums due hereunder in full and free of any deduction for any such withholding tax, charge or levy. Payments will be made without right of set-off or chargeback. If payment of any fee is overdue, CISO GLOBAL may suspend Customer’s Use of the Products and any support until such delinquency is corrected.
7. Confidentiality Obligations. Unless otherwise agreed to in writing by the party to this Agreement that furnished the Confidential Information (“Disclosing Party”), the party to this Agreement receiving the Confidential Information (“Receiving Party”) agrees (a) to keep all Confidential Information in strict confidence and not to disclose or reveal any Confidential Information to any person (other than such Receiving Party’s Representatives who (i) are actively and directly involved in providing or receiving products under this Agreement (or the Agreement of which it is a part), and (ii) have a need to know the Confidential Information, and (b) not to use Confidential Information for any purpose other than in connection with fulfilling obligations or exercising rights under this Agreement (or the Agreement of which it is a part). The Receiving Party shall treat all Confidential Information of the Disclosing Party by using the same degree of care, but no less than a reasonable degree of care, as it accords its own Confidential Information. The parties agree to cause their Representatives who receive Confidential Information to observe the requirements applicable to the Receiving Party pursuant to this Agreement with respect to such information, including, but not limited to, the restrictions on use and disclosure of such information contained in this Section 7.
8. Non-Confidential Information and Permitted Disclosures. Notwithstanding Section 7, the obligations of the parties set forth herein shall not apply to any information that: (i) was in the public domain at the time it was disclosed or has entered the public domain through no fault of the Receiving Party or any of its Representatives; (ii) was known to the Receiving Party free of any obligation of confidentiality before or after the time it was communicated to the Receiving Party by the Disclosing Party; (iii) is independently developed by the Receiving Party without use of or reference to the Disclosing Party’s Confidential Information; (iv) is disclosed with the prior written approval of the Disclosing Party; or (v) is disclosed pursuant to an order or requirement of a court, administrative agency or other governmental body; provided however, the Receiving Party shall provide prompt written notice of such court order or requirement to the Disclosing Party to enable the Disclosing Party the possibility to seek a protective order or otherwise prevent or restrict such disclosure, and shall use reasonable efforts to cooperate with the Disclosing Party (at the Disclosing Party’s expense) to obtain such protective order or other appropriate remedy. In the event that such protective order or other remedy is not obtained, or the Disclosing Party waives compliance in whole or in part, with the terms of this Agreement, the Receiving Party and its Representatives shall use reasonable efforts to disclose only that portion of the Confidential Information that is legally required to be disclosed or is the subject of such waiver, and to ensure that all Confidential Information that is so disclosed shall be accorded confidential treatment. The terms and obligations pertaining to confidentiality in this Agreement shall survive and remain in full force and effect for a period of three (3) years from the termination or expiration of this Agreement, unless the Disclosing Party expressly agrees in writing to release all or part of its Confidential Information from the restrictions imposed by this Agreement before such period has elapsed.
9. Services. If Customer purchases professional Services pursuant to an Order or separate Statement of Work (“SOW”), the following terms shall apply. Customer will cooperate reasonably and in good faith with CISO GLOBAL in the execution of Services by, without limitation: (i) allocating sufficient resources and timely performing any tasks reasonably necessary to enable CISO GLOBAL to perform its obligations under each Order; (ii) timely delivering any materials and other obligations specifically required under each Order; (iii) timely responding to CISO GLOBAL’s reasonable inquiries related to the Services; (iv) actively participating in relevant scheduled meetings; (v) providing information, data and feedback that is complete, accurate and timely in all material respects. Customer acknowledges that in the course of performing any Services, CISO GLOBAL may create software or other works of authorship (collectively “Work Product”). Subject to Customer’s rights in Customer Confidential Information, CISO GLOBAL shall own all right title and interest in such Work Product, including all intellectual property rights therein and thereto. If any Work Product is delivered to Customer pursuant to or in connection with the performance of Services (a “Deliverable”), except for any products made available under a separate license, CISO GLOBAL grants to Customer an irrevocable, perpetual, nonexclusive, worldwide, royalty-free right and license to use, execute, reproduce, display, perform, distribute (internally and externally), transfer, exploit and make derivative works of any such Deliverables. Subject to Customer’s rights in the Customer Confidential Information, CISO GLOBAL and/or its successors and assigns shall be considered, forever and for all purposes throughout the universe, the author of the Work Product and the sole copyright owner thereof, and the owner of any rights therein, whether or not copyrightable, all proceeds derived therefrom.
10. Customer Data. CISO GLOBAL acknowledges that, as between CISO GLOBAL and Customer, Customer owns all right, title, and interest, including all Intellectual Property Rights, in and to Customer Data. Customer hereby grants to CISO GLOBAL a non-exclusive, royalty-free, worldwide license to reproduce, distribute, and otherwise use and display the Customer Data as may be necessary for CISO GLOBAL to provide the Products to Customer. All rights not expressly granted by Customer herein are reserved.
11. Information Rights. CISO GLOBAL and its wholly owned subsidiaries and other related entities may retain and use, subject to the terms of its privacy policy (https://www.ciso.inc/privacy-policy/), information collected in Customer’s Use of the Products. CISO GLOBAL shall have the right to aggregate, anonymize, and use Customer Data, to create benchmarks or analytics, or otherwise. Customer hereby expressly consents to such use, provided that CISO GLOBAL maintains the confidentiality of Customer Data in accordance with this Agreement. CISO GLOBAL will not share Customer Data with any third parties unless CISO GLOBAL (i) has Customer consent for Customer Data; (ii) concludes that it is required by law or has a good faith belief that access, preservation or disclosure of Customer Data is reasonably necessary to protect the rights, property or safety of CISO GLOBAL, its users or the public; or (iii) provides Customer Data in certain limited circumstances to third parties to carry out tasks on CISO GLOBAL’s behalf with strict restrictions that prevent the data from being used or shared except as directed by CISO GLOBAL. When this is done, it is subject to agreements that oblige those parties to process Customer Data only on CISO GLOBAL’s instructions and in compliance with this Agreement and appropriate confidentiality and security measures.
12. Indemnification. To the extent permitted by applicable law, Customer will indemnify, hold harmless and defend CISO GLOBAL and its affiliates and wholly owned subsidiaries, at Customer’s expense, from any and all third-party claims, actions, proceedings, and suits brought against CISO GLOBAL or any of its officers, directors, employees, agents or affiliates, and all related liabilities, damages, settlements, penalties, fines, costs or expenses (including, reasonable attorneys’ fees and other litigation expenses) incurred by CISO GLOBAL or any of its officers, directors, employees, agents or affiliates, arising out of or relating to (i) Customer’s use of the Products, (ii) Customer’s violations of applicable laws, rules or regulations in connection with the Products, (iii) any representations and warranties made by Customer concerning any aspect of the Products; (iv) any claims made by or on behalf of any third party pertaining directly or indirectly to Customer’s Use of the Products in violation of this Agreement, the Documentation or any applicable Order; (v) violations of Customer’s obligations of privacy to any third party; and (vi) any claims with respect to acts or omissions of any third party in connection with the Products. CISO GLOBAL will provide Customer with written notice of any claim, suit or action for which Customer must indemnify CISO GLOBAL. Customer will cooperate as fully as reasonably required in the defense of any claim. CISO GLOBAL reserves the right, at its own expense, to assume the exclusive defense and control of any matter subject to indemnification by Customer.
13. Termination. This Agreement (and any applicable Order) and the licenses granted hereunder may be terminated by either party upon written notice if the other party has materially breached this Agreement (or any Order) and failed to cure such breach within thirty (30) days written notice from the non-breaching party.
14. Effect of Termination. All licenses will terminate immediately upon termination of this Agreement. Upon expiration or termination of a Subscription Term, the license to the applicable Product granted in Section 2 of this Agreement shall terminate immediately, and Customer shall immediately cease use of all such Products and Documentation, including its access to any Products. During the thirty (30) days following termination and subject to the payment of all fees owed under this Agreement, upon written request by Customer, CISO GLOBAL will make Customer’s Data available to Customer. In no event will termination relieve Customer of the obligation to pay any fees due to CISO GLOBAL under this Agreement.
15. Limited Warranty and Limitation of Liability. THE WARRANTY SET FORTH IN THIS SECTION 15 IS PROVIDED TO CUSTOMERS LOCATED WITHIN THE UNITED STATES OR CANADA ONLY. CISO GLOBAL WARRANTS THAT THE PRODUCTS WILL NOTIFY CUSTOMERS, BY ELECTRONIC NOTIFICATION TO THE NAMED CONTACT PROVIDED BY CUSTOMER, IF ANY ENROLLED COMPUTER EXPERIENCES A SECURITY BREACH FROM MALICIOUS SOFTWARE IDENTIFIED IN KNOWN THREAT INTELLIGENCE FEEDS AND RECOGNIZED BY COMMERCIALLY AVAILABLE TECHNOLOGY. CUSTOMER AGREES THAT IN ORDER FOR THE PRODUCTS TO PROVIDE NOTIFICATION IN ACCORDANCE WITH THIS SECTION 15, THE ENROLLED COMPUTERS MUST BE ONLINE. CUSTOMER AGREES THAT THE PRODUCTS WILL NOT FUNCTION PROPERLY AND THE LIMITED WARRANTY IN THIS SECTION 15 SHALL NOT BE PROVIDED TO CUSTOMER (A) IF CUSTOMER (I) FAILS TO INSTALL AGENTS REQUIRED BY CISO GLOBAL OR TO MAINTAIN A PATCHED OR UPDATED SYSTEM AS REQUIRED BY CISO GLOBAL, (II) FAILS TO MAINTAIN UPDATED ANTIVIRUS SOFTWARE ON THE ENROLLED COMPUTER(S), (III) FAILS TO ENABLE AND MAINTAIN AN UPDATED FIREWALL ON THE ENROLLED COMPUTER(S), (IV) FAILS TO REMEDIATE ANY APPLICATION OR NETWORK THREATS INDENTIFIED BY CHECKLIGHT DURING INITIAL SCAN OR THEREAFER, OR (V) FAILS TO MAINTAIN THE OPERATING SYSTEM ON ENROLLED COMPUTER(S) AS REQUIRED BY THE LICENSOR OF SUCH OPERATING SYSTEMS THROUGH AUTOMATIC, PERIODIC UPDATES OR OTHERWISE; OR (B) IF MALICIOUS SOFTWARE IS INTRODUCED TO AN ENROLLED COMPUTER LOCALLY OR WHILE THE ENROLLED COMPUTER IS NOT CONNECTED TO THE INTERNET. IN THE EVENT OF A BREACH BY CISO GLOBAL OF THE LIMITED WARRANTY SET FORTH IN THIS SECTION 15, AND SUBJECT TO CUSTOMER’S COMPLIANCE WITH THIS AGREEMENT, CUSTOMER’S SOLE AND EXCLUSIVE REMEDY SHALL BE REIMBURSEMENT OF EXPENSES ACTUALLY INCURRED BY CUSTOMER AS THE RESULT OF THE SECURITY BREACH (“CLAIM”), AS ESTABLISHED BY DOCUMENTATION ACCEPTABLE TO CISO GLOBAL IN ITS REASONABLE DISCRETION. CISO GLOBAL’S AGGREGATE LIABILITY FOR ANY CLAIM SHALL NOT EXCEED TWO HUNDRED FIFTY THOUSAND DOLLARS ($250,000 USD). CISO GLOBAL’S TOTAL LIFETIME AGGREGATE LIABILITY FOR ALL CLAIMS TO CUSTOMER SHALL NOT EXCEED FIVE HUNDRED THOUSAND DOLLARS ($500,000 USD). THE PROVISIONS OF THIS SECTION ALLOCATE RISKS UNDER THIS AGREEMENT BETWEEN CUSTOMER AND CISO GLOBAL, AND THIS SECTION SETS FORTH CUSTOMER’S SOLE AND EXCLUSIVE REMEDY FOR SUCH CLAIMS. CISO GLOBAL’S FEES FOR THE SUBSCRIPTIONS AND APPLICABLE ORDERS REFLECT THIS ALLOCATION OF RISKS AND LIMITATION OF LIABILITY.
16. WARRANTY DISCLAIMER. EXCEPT AS SET FORTH IN SECTION 15, THE PRODUCTS, SERVICES AND SUPPORT ARE PROVIDED “AS IS.” CISO GLOBAL DOES NOT WARRANT THAT THE PRODUCTS, SERVICES AND SUPPORT PROVIDED TO CUSTOMER UNDER THIS AGREEMENT WILL OPERATE UNINTERRUPTED, THAT THEY WILL BE FREE FROM DEFECTS, OR THAT THE PRODUCTS ARE DESIGNED TO MEET CUSTOMER’S BUSINESS REQUIREMENTS. NEITHER CISO GLOBAL NOR ITS SUPPLIERS MAKE ANY OTHER WARRANTIES, EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, TITLE, FITNESS FOR A PARTICULAR PURPOSE, OR NONINFRINGEMENT. CUSTOMER ACKNOWLEDGES AND AGREES THAT THE PRODUCTS ARE NOT INTENDED TO AND WILL NOT REMOVE ANY MALICIOUS SOFTWARE FROM ANY ENROLLED COMPUTER OR PROVIDE ANY REMEDIATION OF ANY KIND WHATSOEVER.
17. LIMITATION OF REMEDIES. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL EITHER PARTY BE LIABLE TO THE OTHER FOR ANY LOSS OF USE, LOST DATA, FAILURE OF SECURITY MECHANISMS, INTERRUPTION OF BUSINESS, OR ANY INCIDENTAL, INDIRECT, SPECIAL, PUNITIVE OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOSS OF PROFITS, GOODWILL, DATA OR DATA USE) ARISING FROM THIS AGREEMENT, WHETHER UNDER THEORY OF CONTRACT, TORT, INCLUDING NEGLIGENCE, OR OTHERWISE, EVEN IF A PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES IN ADVANCE, WITH THE EXCEPTION OF THE LIMITED WARRANTY DESCRIBED ABOVE IN SECTION 15. CISO GLOBAL WILL NOT BE LIABLE FOR: (A) CUSTOMER’S INABILITY TO USE THE PRODUCTS OR SUPPORT, INCLUDING AS A RESULT OF ANY (I) TERMINATION OR SUSPENSION OF SUBSCRIPTION OR, (II) ANY UNANTICIPATED OR UNSCHEDULED DOWNTIME OF ALL OR A PORTION OF THE PRODUCTS AND/OR THE SUPPORT AS A RESULT OF POWER OUTAGES, SYSTEM FAILURES OR OTHER INTERRUPTIONS, INCLUDING AS THE RESULT OF ACTIONS BY THIRD PARTIES; OR (B) THE COST OF PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; OR (C) ANY INVESTMENTS, EXPENDITURES, OR COMMITMENTS BY CUSTOMER IN CONNECTION WITH THIS AGREEMENT; OR (D) ANY UNAUTHORIZED ACCESS TO, ALTERATION OF, OR THE DELETION, DESTRUCTION, DAMAGE, LOSS OR FAILURE TO STORE ANY OF CUSTOMER’S DATA DUE TO CUSTOMER’S NEGLIGENCE AND OR MISCONDUCT; OR (E) ANY INCIDENTAL, INDIRECT, SPECIAL, PUNITIVE OR CONSEQUENTIAL DAMAGES WHICH MAY ARISE OUT OF ANY THIRD PARTY OR RESELLER PRODUCTS LICENSE AND / OR RELATED SERVICES.
18. LIMITATION OF LIABILITY. EXCEPT AS SET FORTH IN SECTION 15, CISO GLOBAL’S AGGREGATE LIABILITY FOR CLAIMS ARISING HEREUNDER SHALL BE LIMITED TO PROVEN DIRECT DAMAGES CAUSED BY CISO GLOBAL IN AN AMOUNT NOT TO EXCEED THE AMOUNT PAID BY CUSTOMER TO CISO GLOBAL DURING THE TWELVE (12) MONTH PERIOD IMMEDIATELY PRECEDING THE DATE OF THE CLAIM GIVING RISE TO THE CAUSE OF ACTION. THE PROVISIONS OF THIS SECTION ALLOCATE RISKS UNDER THIS AGREEMENT BETWEEN CUSTOMER AND CISO GLOBAL. CISO GLOBAL’S FEES FOR THE SUBSCRIPTIONS REFLECT THIS ALLOCATION OF RISKS AND LIMITATION OF LIABILITY.
19. STATUTE OF LIMITATIONS; JURY WAIVER. NEITHER PARTY SHALL BRING ANY CLAIM BASED ON THE SUBSCRIPTIONS, SERVICES, OR SUPPORT PROVIDED HEREUNDER AFTER THE SUBSCRIPTION EXPIRES OR IS TERMINATED. BOTH PARTIES HEREBY IRREVOCABLY WAIVE ANY AND ALL RIGHT TO TRIAL BY JURY IN ANY LEGAL PROCEEDING ARISING OUT OF OR RELATED TO THIS AGREEMENT.
20. Compliance with Laws. Customer agrees that Customer’s use of the Products will comply with all applicable laws, including without limitation all applicable anti-corruption laws, anti-money laundering laws, antitrust laws, economic sanctions laws, export control laws, data protection and data privacy laws, and modern slavery and human trafficking laws. CISO GLOBAL shall have the right to terminate this Agreement, without notice and without liability, for any perceived or actual breach of this clause.
21. Export Laws. Customer agrees that Customer’s use of the Products (including related documentation), and Services will comply with applicable export control and trade sanctions laws, rules and regulations, including without limitation the regulations promulgated by the U.S. Department of Commerce’s Bureau of Industry and Security (“BIS”) and the U.S. Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) (collectively, “Export Laws”). Customer represents and warrants that Customer is not (i) located or resident in a country or territory that is subject to comprehensive U.S. trade sanctions or other significant trade restrictions (including, without limitation, Crimea, Cuba, Iran, North Korea, and Syria) (collectively, the “Sanctioned Countries”); or (ii) identified on any U.S. government restricted party lists (including without limitation the Specially Designated Nationals and Blocked Persons List, Foreign Sanctions Evaders List, and Sectoral Sanctions Identifications List, administered by OFAC, and the Denied Party List, Entity List and Unverified List, administered by BIS) (collectively, the “Restricted Party Lists”). Customer further certifies that Customer will not, directly or indirectly, export, re-export, transfer or otherwise use the Products (nor any direct product thereof) and/or the Services in violation of the Export Laws, or with any purpose prohibited by the same Export Laws, in any Sanctioned Country, to any person or entity on a Restricted Party List, or for any nuclear, chemical, missile or biological weapons related end uses. Customer acknowledges that the Products and/or Services, or any feature or part thereof, may not be available for use in all jurisdictions and that Customer is responsible for complying with applicable Export Laws wherever Customer uses the Products and/or Services. CISO GLOBAL shall have the right to terminate this Agreement, without notice and without liability, for any perceived or actual breach of this clause.
22. Modifications to Products Terms and Other Policies. CISO GLOBAL may modify the terms that apply to the Products to, for example, reflect changes to the law or changes to the Products. CISO GLOBAL will post notice of modifications to these terms at https://www.ciso.inc/ capabilities/platforms/checklight-security-monitoring/. Changes will not apply retroactively and will become effective no sooner than 14 days after they are posted.
23. Amendments; Waivers. Subject to Section 22 of this Agreement, no supplement, modification, or amendment of the terms of this Agreement shall be binding, unless executed in writing by a duly authorized representative of each party to this Agreement. No waiver will be implied from conduct or failure to enforce or exercise rights under this Agreement, nor will any waiver be effective unless in a writing signed by a duly authorized representative on behalf of the party claimed to have waived. No provision of any purchase order or other form employed or provided by Customer will supersede the terms and conditions of this Agreement, and any such document relating to this Agreement shall be for administrative purposes only and shall have no legal effect.
24. Entire Agreement. This Agreement is the complete and exclusive statement of the mutual understanding of the parties and supersedes and cancels all previous written and oral agreements and communications relating to the Products subscription, unless such terms and conditions are expressly stated as an amendment to this Agreement and duly signed on behalf of both parties.
25. Force Majeure. Neither party shall be liable to the other for any delay or failure to perform any obligation under this Agreement (except for a failure to pay fees) if the delay or failure is due to events which are beyond the reasonable control of such party, including but not limited to any strike, blockade, war, act of terrorism, riot, natural disaster, failure or diminishment of power or of telecommunications or data networks or services, or refusal of approval of a license by a government agency.
26. Assignment. Neither party may assign this Agreement or any of its rights or obligations hereunder without the prior written consent of the other party, which shall not be unreasonably withheld, and any such assignment in violation of this Section shall be void, except that the transfer of this Agreement or rights granted hereunder to a successor entity in the event of a merger, corporate reorganization, or acquisition shall not constitute an assignment for purposes of this Section. This Agreement shall inure to the benefit of and be binding upon the parties hereto, and their successors and permitted assigns.
27. Governing Law and Jurisdiction. This Agreement shall be governed by the laws of the State of Arizona and the United States without regard to conflicts of laws provisions thereof, and without regard to the United Nations Convention on the International Sale of Goods or the Uniform Computer Information Transactions Act (UCITA).
28. Arbitration. Any controversy or claim arising out of or relating to this Agreement shall be determined by final and binding arbitration administered by JAMS under its Comprehensive Arbitration Rules and Procedures or its Streamlined Arbitration Rules & Procedures (“Rules”). The award rendered by the arbitrator shall be final, non-reviewable, non-appealable, and binding on the parties and may be entered and enforced in any court having jurisdiction. There shall be one arbitrator agreed to by the parties within twenty (20) days of receipt by respondent of the request for arbitration or in default thereof appointed by the JAMS in accordance with its Rules. The seat or place of arbitration shall be Phoenix, Arizona. The arbitration shall be conducted, and the award shall be rendered, in the English language. Except as may be required by law, neither a party nor the arbitrator may disclose the existence, content or results of any arbitration without the prior written consent of both parties, unless to protect or pursue a legal right. The arbitrator will have no authority to award damages exceeding the amounts identified in Sections 15 and 18 of this Agreement, as applicable.
29. No Third-Party Beneficiaries. This Agreement benefits solely CISO GLOBAL and Customer, and their respective permitted successors and assigns, and nothing in this Agreement, express or implied, confers on any other person or party any legal or equitable right, benefit, or remedy of any nature whatsoever under or by reason of this Agreement.
30. Survival. Sections 14 (Effect of Termination), 16 (Warranty Disclaimer), 17 (Limitation of Remedies), 18 (Limitation of Liability), and 19 (Statute of Limitations), shall survive any termination or expiration of this Agreement.

Section B

ADDITIONAL TERMS AND CONDITIONS FOR CHECKLIGHT® ONLINE SERVICES

Your use of the Services provided by CISO GLOBAL are subject to the Software Subscription and Services Agreement (“Agreement”) above including these Additional Terms and Conditions which govern your use of the Services indicated below. These Additional Terms and Conditions shall prevail over any conflict or inconsistency with the Agreement above.

1. Services. The term “Services” includes any version of CHECKLIGHT® software made available by CISO GLOBAL. The Services to be provided to Customer by CISO GLOBAL are described as follows:
   • 1.1. Implementation. CISO GLOBAL will (i) provide Customer with agents for installation across Customer network and provide installation and configuration support; and (ii) begin monitoring the environment to ensure successful connection.
   • 1.2. Threat Event Monitoring and Notification. As of the effective date of these terms, the Services include the following key features:
     • (i) Threat Event Monitoring. CISO GLOBAL will provide Customer with threat event monitoring of each Enrolled Computer;
     • (ii) Notification. CISO GLOBAL will provide Customer notifications of identified threats. Customer will be notified by text, email, and/or dashboard alert of identified threats.
   • 1.3. Deliverables: Reports. Customers will receive a weekly status email and may log in and run reports at any time.
2. Other Activities. Other services, such as incident response and reporting, forensic investigation, and compliance consulting can be quoted on a per project basis and issued under a separate Statement of Work.
3. Pricing. Prices for the Services is determined at time of ordering the service; prices are subject to change without notice.
4. Help and Support. CISO GLOBAL may use a variety of methods (e.g., in-product, widgets, Internet, remote access, online community, chat, e-mail, video, and phone) to provide technical support and customer service in connection with the Services. The terms and conditions governing the offering of this support, which may require the payment of an additional fee, are subject to change as announced by CISO GLOBAL from time to time. Consult the CHECKLIGHT® website for the most up-to-date information relating to this support.
5. Service Commitment. CISO GLOBAL will use commercially reasonable efforts to make CHECKLIGHT available with a Monthly Uptime Percentage during any monthly billing cycle, of at least 99.9%.
   Services Commitment Exclusions. The service commitment does not apply to any unavailability, suspension or termination of CHECKLIGHT®: (i) caused by factors outside of our reasonable control, including any force majeure event or Internet access or related problems beyond the demarcation point of CHECKLIGHT®; (ii) that result from any actions or inactions from you or any third party; (iii) that result from your equipment, software or other technology and/or third party equipment, software or other technology (other than third party equipment within our direct control); and/or (iv) arising from our suspension or termination of your right to use CHECKLIGHT® in accordance with the Agreement.
6. Registration, User ID and Password Security. By registering or using the Services, Customer certifies that (i) All end users are 18 years of age or older; (ii) Any information provided to CISO GLOBAL will be true, accurate, current, and complete; (iii) Passwords must be kept confidential and may not be shared or assigned. Customer is responsible for all activities that occur under the member account.
7. Additional Third-Party Content. Services or communications to Customer may contain third party content, third party software components, or links to third party sites, applications, or services (collectively, “Third Party Content”). Some Third-Party Content may be governed by and subject to its own commercial terms and licenses. Customer must comply with any such commercial terms and licenses with regard to this Third-Party Content.
8. Miscellaneous Matters. You can contact CISO GLOBAL by mail at CISO Global Inc., 6900 E. Camelback Road, Suite 900, Scottsdale, AZ 85251; or by calling +1-480-389-3444; or by emailing [email protected].