Cazena End User License Agreement THIS CAZENA END USER LICENSE AGREEMENT ("AGREEMENT") APPLIES TO THE PROVISION BY CAZENA, INC., A DELAWARE CORPORATION, WITH OFFICES AT 1601 TRAPELO ROAD, WALTHAM, MA 02451 ("CAZENA"), OF THE CAZENA DATA LAKE AS-A-SERVICE AND RELATED PRODUCTS OR TECHNICAL SUPPORT SERVICES TO THE PERSON OR ENTITY ("CUSTOMER" OR "CLIENT") IDENTIFIED ON AN APPLICABLE ORDERING DOCUMENT ("ORDER FORM") WHEN THIS AGREEMENT IS EXPRESSLY INCORPORATED BY REFERENCE. A VALID ORDER FORM WILL DESCRIBE THE PURCHASED SUBSCRIPTIONS, INCLUDING RELEVANT LIMITATIONS AND DETAILS ("SUBSCRIPTION"), AND IS ENTERED INTO BETWEEN CUSTOMER AND CAZENA OR A THIRD-PARTY AUTHORIZED BY CAZENA TO RESELL THE SUBSCRIPTIONS FOR THE SERVICES ("AUTHORIZED RESELLER"). This Cazena End User License Agreement was last updated on December 1, 2020. It is effective between Cazena and the Customer as of the date the Customer accepts this Agreement via submission of an Order Form to Cazena or an Authorized Reseller. The parties agree as follows: 1. DEFINITIONS "Affiliate" means any entity that directly or indirectly controls, is controlled by, or is under common control with the subject entity. "Control," for purposes of this definition, means direct or indirect ownership or control of more than 50% of the voting interests of the subject entity. "Customer Data" means electronic data and information submitted or made available by Customer to the Services or collected and processed by Cazena for Customer in connection with Customer's use of the Services. "Documentation" means Cazena's online user guides, documentation, and help materials relating to the Services. "Order Form" means an ordering document specifying the Services to be provided that is entered into by Cazena or an Authorized Reseller and Customer or an Affiliate of Customer, including any addenda and supplements thereto. "Services" means the products and services that are ordered under an Order Form, as described in the Documentation. "User" means an (i) employee of Customer or (ii) an individual consultant or contractor of Customer that is performing services related to the Services, who is authorized by Customer to use the Services, and to whom Customer (or Cazena at Customer's request) has supplied a user identification and password or similar unique authentication token. 2. OUR RESPONSIBILITIES 2.1. Provision of Services. Cazena and its Authorized Reseller (when so purchased), will (a) make the Services available to Customer pursuant to this Agreement and the applicable Order Forms, (b) provide Cazena's standard support for the Services to the Customer directly (if the subscription was purchased directly from Cazena) or to the Authorized Reseller in accordance with the then current Cazena Services and Support Policy, and (c) use commercially reasonable efforts to make the Services available 24 hours a day, 7 days a week, except for: (i) planned downtime (of which Cazena shall give at least 8 hours' notice to Customer via email, and which Cazena will schedule to the extent practicable between 6:00 p.m. Friday and 3:00 a.m. Monday Eastern Standard Time), and (ii) any unavailability caused by circumstances beyond Cazena's reasonable control, including, for example, an act of God, act of government, flood, fire, earthquake, civil unrest, epidemic, pandemic, act of terror, war, embargo, strike or other labor problem (other than one involving Cazena's employees), Internet or hosting service provider downtime, failure or delay, or denial of service attack, and (iii) downtime caused by Customer or Customer's (including any third-party vendor or provider of Customer's) hardware, software, systems or network. If Customer purchases Service subscriptions from an Authorized Reseller, Customer acknowledges that such reseller may be responsible for providing the support services, and not Cazena. 2.2 Customer Cloud Option. (a) Unless otherwise indicated on the applicable Order Form, Cazena will deploy the Services in a cloud environment controlled by Cazena. Customer acknowledges that the Service may be hosted by third party hosting providers (the "Hosting Providers"). Customer's access to and use of the Services is subject to any applicable restrictions imposed by the Hosting Providers. Notwithstanding any other provision of this Agreement, Cazena shall not be liable for any problems, failures, defects, or errors with the Services to the extent caused by the Hosting Providers. Cazena acknowledges that the fees payable for the Services reflect the fact that Cazena is not responsible for the acts and omissions of the Hosting Providers. (b) Customer may elect to have the Services deployed in a cloud environment controlled by Customer (the "Customer Cloud Option"). In this deployment, Cazena only takes responsibility for network and service access available via authorizations that Customer grants to Cazena's operations environment and Cazena shall (i) keep all such access authentications and authorizations provided by Customer to Cazena safe and secure and (ii) be responsible for all use of the Services using such access authentications and authorizations. Securing all other access to the Cazena Services and Customer Data within the Cazena Services remain the responsibility of Customer. Notwithstanding any other provisions of this Agreement to the contrary, if Customer elects the Customer Cloud Option, Cazena's provision of the Services and performance of its other obligations set forth in this Agreement are all conditioned on, subject to, and only applicable to the extent that Customer has granted Cazena all necessary and appropriate authentication and authorization to the cloud environment established by Customer (either under Customer's ownership and control or a Hosting Provider) and Customer Data residing therein and keeps that authentication and authorization consistent, current, and valid in accordance with Cazena's requirements for Cazena to perform its obligations throughout the term of this Agreement. 2.2 Data Security. During the term of this Agreement, Cazena shall maintain a formal security program materially in accordance with applicable data security and privacy laws and industry standards that is designed to: (a) implement measures to protect the security and integrity of Customer Data; (b) protect against threats or hazards to the security or integrity of Customer Data; and (c) prevent unauthorized access to Customer Data. Such security program will conform to the Cazena Security Exhibit attached hereto as Exhibit A ("Security Exhibit"). As Customer's sole and exclusive remedy for a breach of this Agreement based solely upon Cazena's failure to maintain conformity to the Security Exhibit, Customer may terminate this Agreement. 3. USE OF SERVICES 3.1 Subscriptions. Unless otherwise provided in the applicable Order Form, (a) Services are purchased as subscriptions, and (b) subscriptions may be added during a subscription term. If an Affiliate of Customer enters into an Order Form, such Affiliate will be bound by the terms of this Agreement as if it were an original party hereto and all references to "Customer" herein shall apply equally to such Affiliate. Notwithstanding the foregoing, Customer and its Affiliates shall be jointly and severally responsible for any breach of this Agreement or any Order Form (including payment obligations) by any of its Affiliates. 3.2 Usage Limits. Services are subject to usage limits as specified in the applicable Order Forms. If Customer exceeds a contractual usage limit, Cazena may work with Customer to reduce usage so that Customer's actual usage conforms to the agreed limit. If Customer is unable or unwilling to abide by the agreed limit, Customer will execute an Order Form for sufficient additional quantities of the applicable Services to accommodate Customer's usage promptly upon Cazena's or Authorized Reseller's request, and/or pay any invoice for excess usage in accordance with Section 4.1. 3.3 Customer's Responsibilities. Customer will (a) ensure Users' compliance with this Agreement and will obtain from any consultant or contractor that is a User a written agreement requiring that such User to (1) protect Cazena's Confidential Information (as defined in Section 6.1) under confidentiality obligations substantially similar to those set out in this Agreement, and (2) use the Services in accordance with this Agreement in all respects, (b) be responsible and liable for any breach of this Agreement by any of its Affiliates or by its and their respective Users, employees, consultants, contractors, agents, or any third party to whom Customer or an Affiliate of Customer has issued user identification and password (or similar unique authentication token) or granted access to the Services, (c) be responsible for the accuracy, quality and legality of Customer Data and the means by which Customer acquired Customer Data, (d) use commercially reasonable efforts to prevent unauthorized access to or use of Services, and notify Cazena promptly of any such unauthorized access or use, (e) use Services only in accordance with the Documentation and applicable laws and government regulations, (f) keep all passwords and other access authentications and authorizations and methods provided by Cazena to Customer relating to the Services safe and secure and be responsible for all use of the Services using such passwords and access authentications and authorizations, and (g) at its own expense obtain and maintain Internet access and any hardware or software required for Customer and its Users to access the Service. Customer may not use the Services to violate the security or integrity of any network, computer or communications system, software application, or network or computing device (each, a "System"). Such prohibited activities include, but are not limited to, (i) accessing or using any System without permission, including attempting to probe, scan, or test the vulnerability of a System or to breach any security or authentication measures used by a System, or (ii) monitoring of data or traffic on a System without permission. 3.4 Usage Restrictions. Customer will not (a) make the Services available to, or use the Services for the benefit of, anyone other than Customer or its Users, (b) sell, resell, license, sublicense, distribute, rent or lease the Services, or include the Services in a service bureau or outsourcing offering, (c) use the Services to store or transmit infringing, libelous, or otherwise unlawful or tortious material, or to store or transmit material in violation of third-party privacy and/or intellectual property rights, (d) use the Services to store or transmit a virus, worm, time bomb, Trojan horse, or other such malicious, harmful, or destructive computer code, files, scripts, agents, programs or similar forms, or use the Services to otherwise maliciously disrupt or impede the operation of third party Systems, (e) interfere with or disrupt the integrity or performance of the Services or third-party data contained therein, (f) attempt to gain access to the Services or its related systems or networks or underlying software (except as specifically permitted by this Agreement), (g) permit direct or indirect access to or use of the Services in a way that circumvents a contractual usage limit, (h) copy or use the Services or any part, feature, function or user interface thereof or any underlying software (except as specifically permitted by this Agreement), or (i) reverse engineer the Services or any underlying software code (to the extent such restriction is permitted by law). In addition to any other remedy available to Cazena, Cazena may immediately suspend Customer's use of the Service in the event that Cazena reasonably believes that Customer is in violation of this Section 3.4. 4. FEES AND PAYMENT FOR SERVICES 4.1. Fees and Payment. Customer will pay all fees specified in Order Forms. Except as otherwise specified herein or in an Order Form, (a) fees are based on subscriptions purchased and not actual usage, (b) payment obligations are non-cancelable and fees paid are non-refundable, and (c) quantities purchased cannot be decreased during the relevant subscription term. 4.2. Suspension of Services and Acceleration. If any amount owing by Customer under this Agreement or any other agreement for the Services is thirty (30) or more days overdue, Cazena may, without limiting Cazena's other rights and remedies, accelerate Customer's unpaid fee obligations under such agreements so that all such obligations become immediately due and payable, and suspend the Services to Customer until such amounts are paid in full. Cazena will give Customer and the Authorized Reseller at least ten (10) days' prior notice that Customer's account is overdue, in accordance with the terms and conditions of this Agreement, before suspending services to Customer. 4.3. Payment Disputes. Cazena will not exercise Cazena's rights under Section 4.2 above if Customer or Authorized Reseller is disputing the applicable charges reasonably and in good faith and is cooperating diligently to resolve the dispute. 4.4. Future Functionality. Customer agrees that Customer's purchases are not contingent on the delivery of any future functionality or features, or dependent on any oral or written public comments made by Cazena regarding future functionality or features. 5. PROPRIETARY RIGHTS AND LICENSES 5.1. Reservation of Rights. Subject to the limited rights expressly granted hereunder, Cazena and Cazena's licensors reserve all of Cazena's and/or its licensors right, title and interest in and to the Services, including all software, hardware, content, data and information (other than the Customer Data) related thereto or provided in connection therewith and all intellectual property rights therein and related thereto. No rights are granted to Customer hereunder other than as expressly set forth herein. 5.2. License to Customer Data. Customer grants Cazena and its Affiliates a non-exclusive, worldwide, royalty-free license (with the right to sublicense to Cazena's third party hosting service provider) to host, copy, transmit and display the Customer Data, solely as necessary for Cazena to provide the Services in accordance with this Agreement. Subject to the limited licenses granted herein, Cazena acquires no right, title or interest from Customer or Customer's licensors under this Agreement in or to Customer Data. 6. CONFIDENTIALITY 6.1. Definition of Confidential Information. "Confidential Information" means all information disclosed by a party ("Disclosing Party") to the other party ("Receiving Party"), whether orally or in writing, that is designated as confidential or that reasonably should be understood to be confidential given the nature of the information and the circumstances of disclosure. Customer's Confidential Information includes Customer Data. Cazena's Confidential Information includes all information relating to the Services. Confidential Information of each party includes the terms and conditions of this Agreement and all Order Forms (including pricing), as well as business and marketing plans, technology and technical information, product plans and designs, and business processes disclosed by such party. However, Confidential Information does not include any information that the Receiving Party can demonstrate (a) is or becomes generally known to the public through no fault, act or omission of the Receiving Party, (b) was known to the Receiving Party prior to its disclosure by the Disclosing Party without any obligation to hold it in confidence, (c) is received from a third party without breach of any obligation owed to the Disclosing Party, or (d) was independently developed by the Receiving Party without use of the Confidential Information. 6.2. Protection of Confidential Information. The Receiving Party will use the same degree of care that it uses to protect the confidentiality of its own confidential information of like kind (but not less than reasonable care) (a) not to use any Confidential Information of the Disclosing Party for any purpose outside the scope of this Agreement, and (b) except as otherwise authorized by the Disclosing Party in writing, to limit access to Confidential Information of the Disclosing Party to those of its and its Affiliates' employees and contractors who need that access for purposes of this Agreement and who have signed confidentiality agreements with the Receiving Party containing confidentiality obligations no less stringent than those set forth herein. Neither party will disclose the terms of this Agreement or any Order Form to any third party other than its Affiliates, legal counsel and accountants and potential and actual investors and acquirers of such party that are under a similar obligation of confidentiality without the other party's prior written consent, provided that a party that makes any such disclosure to any of the foregoing third parties will remain responsible for such third party's compliance with this Section 6.2. The Receiving Party acknowledges that disclosure of Confidential Information could cause substantial harm for which damages alone would not be a sufficient remedy, and therefore upon any such disclosure by the Receiving Party the Disclosing Party shall be entitled to seek appropriate equitable relief in addition to whatever other remedies it might have at law. 6.3. Compelled Disclosure. The Receiving Party may disclose Confidential Information of the Disclosing Party to the extent compelled by law or legal process to do so, provided the Receiving Party gives the Disclosing Party prior notice of the compelled disclosure (to the extent legally permitted) and reasonable assistance, at the Disclosing Party's cost, if the Disclosing Party wishes to contest the disclosure. If the Receiving Party is compelled by law or legal process to disclose the Disclosing Party's Confidential Information as part of a civil proceeding to which the Disclosing Party is a party, and the Disclosing Party is not contesting the disclosure, the Disclosing Party will reimburse the Receiving Party for its reasonable cost of compiling and providing secure access to that Confidential Information. 7. REPRESENTATIONS, WARRANTIES, EXCLUSIVE REMEDIES AND DISCLAIMERS 7.1. Mutual Representations. Each party represents that it has validly entered into this Agreement and has the legal power to do so. 7.2. Warranties. Cazena warrants that the Services will perform materially in accordance with the applicable Documentation. For any breach of the foregoing warranty, Customer's exclusive remedies, and Cazena's sole liabilities, are those described in Sections 10.3 and 10.4. The foregoing warranty shall be void and of no effect if: (a) Customer uses the Services not in accordance with the Documentation or otherwise in breach of this Agreement; (b) Customer combines the Services with Customer or third-party software, products, computing infrastructure or services not provided or authorized in writing by Cazena; (c) Customer allows the Services to be modified by any party except Cazena; or (d) the failure of the Services to conform to the warranty is caused, in whole or in part, by Customer's or a third-party's hardware, software, services, acts or omissions, including any portion of Customer's or a Hosting Provider's cloud environment if Customer has elected the Customer Cloud Option. 7.3. Disclaimers. EXCEPT AS EXPRESSLY PROVIDED HEREIN, NEITHER PARTY MAKES ANY WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY OR OTHERWISE AND, EXCEPT AS EXPRESSLY PROVIDED HEREIN, EACH PARTY SPECIFICALLY DISCLAIMS ALL WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW. EACH PARTY DISCLAIMS ALL LIABILITY AND INDEMNIFICATION OBLIGATIONS FOR ANY HARM OR DAMAGES CAUSED BY ANY THIRD-PARTY HOSTING PROVIDERS. 8. MUTUAL INDEMNIFICATION 8.1. Indemnification by Cazena. Cazena will defend Customer against any claim, demand, suit or proceeding made or brought against Customer by a third party alleging that the use of the Services in accordance with this Agreement infringes or misappropriates such third party's intellectual property rights (a "Claim Against Customer"), and will indemnify Customer from any damages, reasonable attorney fees and costs finally awarded against Customer by a court of competent jurisdiction as a result of, or for amounts paid by Customer under a court-approved settlement of, a Claim Against Customer, provided Customer (a) promptly gives Cazena written notice of the Claim Against Customer, (b) gives Cazena sole control of the defense and settlement of the Claim Against Customer (except that Cazena may not settle any Claim Against Customer unless it unconditionally releases Customer of all liability), and (c) gives Cazena all reasonable assistance, at Cazena's expense. If Cazena receives information about an infringement or misappropriation claim related to the Services, Cazena may, in Cazena's discretion, and, at no cost to Customer, (i) modify the Services so that they no longer infringe or misappropriate third party rights, (ii) obtain a license for Customer's continued use of the Services in accordance with this Agreement, or (iii) terminate Customer's subscriptions for the Services upon thirty (30) days' written notice and refund Customer any prepaid fees covering the remainder of the term of the terminated subscriptions. The above defense and indemnification obligations do not apply to the extent a Claim Against Customer arises from (A) the Customer Data, (B) modification of the Services other than by Cazena, (C) Customer's or a third party's software, hardware or services (including any portion of Customer's or a Hosting Provider's cloud environment if Customer has elected the Customer Cloud Option), or (D) Customer's negligence, willful misconduct or breach of this Agreement. 8.2. Indemnification by Customer. Customer will defend Cazena against any claim, demand, suit or proceeding made or brought against Cazena by a third party alleging that the Customer Data, any portion of Customer's or a Hosting Provider's cloud environment (if Customer has elected the Customer Cloud Option) or Customer's use of the Services specific to that cloud environment, or Customer's use of the Services in breach of this Agreement, infringes or misappropriates such third party's intellectual property or other proprietary or privacy rights or violates applicable law (a "Claim Against Cazena"), and will indemnify Cazena from any damages, reasonable attorney fees and costs finally awarded against Cazena by a court of competent jurisdiction as a result of, or for any amounts paid by Cazena under a court-approved settlement of, a Claim Against Cazena, provided Cazena (a) promptly gives Customer written notice of the Claim Against Cazena, (b) gives Customer sole control of the defense and settlement of the Claim Against Cazena (except that Customer may not settle any Claim Against Cazena unless it unconditionally releases Cazena of all liability), and (c) gives Customer all reasonable assistance, at Customer's expense. 8.3. Exclusive Remedy. This Section 8 states the indemnifying party's sole liability to, and the indemnified party's exclusive remedy against, the other party for any type of claim described in this Section 8. 9. LIMITATION OF LIABILITY 9.1 Limitation of Liability. NEITHER PARTY'S AGGREGATE LIABILITY WITH RESPECT TO, ARISING OUT OF OR RELATED TO THIS AGREEMENT, EXCEPT AS SET FORTH IN THE NEXT SENTENCE, WILL EXCEED THE AMOUNT PAID TO CAZENA HEREUNDER IN THE 12 MONTHS PRECEDING THE CLAIM. CAZENA'S AGGREGATE LIABILITY SPECIFICALLY WITH RESPECT TO, ARISING OUT OF OR RELATED TO AN UNAUTHORIZED DISCLOSURE OF OR ACCESS TO CUSTOMER DATA STORED ON THE SERVICE SHALL NOT EXCEED $1,000,000; PROVIDED, THAT If Customer has elected the Customer Cloud Option, THIS SENTENCE SHALL ONLY APPLY IF THE UNAUTHORIZED DISCLOSURE OF OR ACCESS TO CUSTOMER DATA resulted from a breach of Cazena's obligations set forth in this Agreement relating to the specific access authorizations that Customer has granted to Cazena's operations environment. THE ABOVE LIMITATIONS WILL APPLY WHETHER AN ACTION IS IN CONTRACT OR TORT AND REGARDLESS OF THE THEORY OF LIABILITY. 9.2 Exclusion of Consequential and Related Damages. IN NO EVENT WILL EITHER PARTY HAVE ANY LIABILITY TO THE OTHER PARTY FOR ANY LOST PROFITS, REVENUES OR INDIRECT, SPECIAL, INCIDENTAL, CONSEQUENTIAL, COVER OR PUNITIVE DAMAGES, WHETHER AN ACTION IS IN CONTRACT OR TORT AND REGARDLESS OF THE THEORY OF LIABILITY, EVEN IF A PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 9.3 Exclusions from Limitations. THE LIMITATIONS IN SECTION 9.1 AND 9.2 WILL NOT APPLY TO 1) EITHER PARTY'S OBLIGATIONS ARISING FROM SECTION 8 (MUTUAL INDEMNIFICATION); 2) A BREACH OF CONFIDENTIALITY DESCRIBED IN SECTION 6; 3) A BREACH OF THE USE LIMITATIONS OR CUSTOMER RESPONSIBILITIES DESCRIBED IN SECTION 3; 4) FOR FRAUD, INTENTIONAL ACTS, WILLFUL MISCONDUCT OR GROSS NEGLIGENCE; 5) LIABILITY FOR FEES AND SERVICES IN SECTION 4; AND 6) THE EXTENT PROHIBITED BY LAW. 10. TERM AND TERMINATION 10.1 Term of Agreement. This Agreement commences on the Effective Date of this Agreement and continues until all subscriptions and Order Forms hereunder have expired or have been terminated. 10.2. Term of Purchased Subscriptions. The "Initial Term" of a subscription starts on the date set forth in the Order Form and lasts for the period stated in the Order Form. After the Initial Term, unless the Order Form states otherwise, there will be automatic "Renewal Terms" of the same length. Each such Renewal Term will automatically begin unless Customer notifies either Cazena or the Authorized Reseller, as appropriate, in writing at least thirty (30) days before the end of the Initial or then current Renewal Term that Customer does not want to renew the subscriptions. Cazena or the Authorized Reseller will notify Customer at least sixty (60) days in advance of the renewal date if the fees will change for the upcoming Renewal Term. 10.3. Termination. A party may terminate this Agreement for cause (a) upon thirty (30) days' written notice to the other party of a material breach if such breach remains uncured at the expiration of such period, or (b) if the other party becomes the subject of a petition in bankruptcy or any other proceeding relating to insolvency, receivership, liquidation or assignment for the benefit of creditors. 10.4. Refund or Payment upon Termination. If this Agreement is terminated by Customer in accordance with Section 10.3(a) for a breach of the warranty set forth in Section 7.2, Cazena will refund any prepaid fees for Services covering the remainder of the subscription term of all Order Forms after the effective date of termination, less any penalties or unrecoverable prepaid fees paid to Cazena's third party hosting and licensed software providers for the Services, and the foregoing constitutes Customer's sole and exclusive remedy and Cazena's sole and exclusive liability and obligation in respect of any such breach or termination. If this Agreement is terminated by Cazena in accordance with Section 10.3, Customer will, in addition to any other remedies available to Cazena under this Agreement or at law, pay any unpaid fees covering the remainder of the subscription term of all Order Forms. Termination will not relieve Customer's obligation to pay any fees payable for the period prior to the effective date of termination. 10.5. Data Portability and Deletion. Upon request by Customer or Authorized Reseller made within thirty (30) days after the termination of this Agreement in accordance with Section 10.3 hereof, or thirty (30) days prior to the expiration of a subscription that will not be renewed per Section 10.2 hereof, Cazena will make the Customer Data that results from the processing by Cazena available to Customer for export or download as provided in the Documentation. After such thirty (30) day period, Cazena will have no obligation to maintain or provide such information or data and will thereafter delete or destroy all copies of Customer Data, or information or data resulting from the processing of the Customer Data in Cazena's systems or otherwise in Cazena's possession or control as provided in the Documentation, unless legally prohibited. This Section 10.5 does not apply if Customer has elected the Customer Cloud Option. 10.6. Surviving Provisions. This Section 10.6 and Sections 1 ("Definitions"), 4 ("Fees and Payment for Services"), 5 ("Proprietary Rights and Licenses"), 6 ("Confidentiality"), 7.3 ("Disclaimers"), 8 ("Mutual Indemnification"), 9 ("Limitation of Liability"), 10.4 ("Refund or Payment upon Termination"), 10.5 ("Data Portability and Deletion"), 11 ("Notices, Governing Law and Jurisdiction"), and 12 ("General Provisions") will survive any termination or expiration of this Agreement. 11. NOTICES, GOVERNING LAW AND JURISDICTION 11.1. Notices. All notices permitted or required to be given under this Agreement shall be in writing and shall be deemed to have been duly given when delivered in person, or upon receipt, if deposited in the United States mail, postage prepaid, certified mail, return receipt requested or sent via Federal Express or other similar nationally recognized courier, to the following addresses, or to such address as the parties may provide to each other in writing from time to time: Notices to Customer: Notices to Authorized Reseller: Notices to Cazena: Attn: party signing the Order Form Attn: as set forth in the reseller agreement Attn: CFO Address: the address set forth in the Order Form Address: as set forth in the reseller agreement Address: 1601 Trapelo Road Waltham, MA 02451 11.2. Governing Law and Jurisdiction. * For Customers with their principal place of business in the United States, this Agreement shall be governed by the laws of the Commonwealth of Massachusetts, excluding conflict of law provisions. The application of the United Nations Convention of Contracts for the International Sale of Goods is expressly excluded. Customer hereby irrevocably and unconditionally consents to submit to the sole and exclusive jurisdiction of the courts of the Commonwealth of Massachusetts and of the United States of America located in the Commonwealth of Massachusetts (the "Massachusetts Courts") for any litigation arising out of or relating to this Agreement, or the negotiation, validity or performance of this Agreement. Customer hereby waives any objection to the laying of venue of any such litigation in the Massachusetts Courts and agrees not to plead or claim in any Massachusetts Court that such litigation brought therein has been brought in any inconvenient forum or that there are indispensable parties to such litigation that are not subject to the jurisdiction of the Massachusetts Courts. * For Customers with their principal place of business outside the United States, this Agreement and any dispute or claim arising out of or in connection with it or its subject matter or formation (including non-contractual disputes or claims) will be governed by and construed in accordance with the laws of England, without regard to conflicts of law provisions. Neither the U.N. Convention of Contracts for the International Sale of Goods nor UCITA will apply. Each party hereby agrees that any dispute arising out of or in connection with this Agreement, including any question regarding its existence, validity or termination, shall be referred to and finally resolved by arbitration under the London Court of International Arbitration (LCIA) Rules, which Rules are deemed to be incorporated by reference into this clause. The number of arbitrators shall be three. The seat, or legal place, of arbitration shall be London, England. The language to be used in the arbitral proceedings shall be English. * Notwithstanding the foregoing, any temporary or preliminary equitable action related to intellectual property or proprietary information rights under this Agreement may be initiated in the Massachusetts Courts or in any court of competent jurisdiction. 12. GENERAL PROVISIONS 12.1. Export Compliance. The Services or other technology Cazena makes available, and derivatives thereof may be subject to export laws and regulations of the United States and other jurisdictions. Each party represents that it is not named on any U.S. government denied-party list. Customer shall not permit Users to access or use the Services in a U.S.-embargoed country (currently Cuba, Iran, North Korea, Sudan or Syria) or in violation of any U.S. export law or regulation. 12.2 Commercial Computer Software. If the Services or Documentation are acquired by or on behalf of an agency or instrumentality of the United States government, Customer acknowledges and agrees that such Services or Documentation are "commercial computer software" or "commercial computer software documentation" developed at private expense and that, absent a written agreement to the contrary, the government's rights with respect to such Services or Documentation shall be as set forth in this Agreement, pursuant to FAR ? 12.212(a) and/or DFARS ? 227.7202-1(a), as amended and as applicable. 12.3 Entire Agreement and Order of Precedence. This Agreement including the Order Form and the exhibits attached hereto is the entire agreement between Customer and Cazena regarding the subject matter of this Agreement and Customer's use of the Services and supersedes all prior and contemporaneous agreements, proposals or representations, written or oral, concerning its subject matter. No modification, amendment, or waiver of any provision of this Agreement will be effective unless in writing and signed by the party against whom the modification, amendment or waiver is to be asserted. The parties agree that any term or condition stated in Customer's purchase order or in any other of Customer's order documentation (excluding specific information in Order Forms describing the Services to be provided) is void. In the event of any conflict or inconsistency among the following documents, the order of precedence shall be: (1) this Agreement, (2) the applicable Order Form, and (3) the Documentation. 12.4. Assignment. Neither party may assign any of its rights or obligations hereunder, whether by operation of law or otherwise, without the other party's prior written consent (not to be unreasonably withheld); provided, however, either party may assign this Agreement in its entirety (including all Order Forms), without the other party's consent to its Affiliate or in connection with a merger, acquisition, corporate reorganization, or sale of all or substantially all of its assets. This Agreement will be binding on and will inure to the benefit of the successors and permitted assigns of the respective parties. 12.5. Marketing Activities. Upon mutual agreement, Customer agrees to assist Cazena in developing a case study of their experience with the service that is to be used by both parties. Customer further agrees to provide occasional references to existing or prospective Cazena investors, other Cazena customers or sales prospects, press and media, and industry analysts. Customer agrees that Cazena may disclose Customer as a customer of Cazena and use Customer's name and logo on Cazena's web site and in Cazena's promotional materials. 12.6. Relationship of the Parties. The parties are independent contractors. This Agreement does not create a partnership, franchise, joint venture, agency, and fiduciary or employment relationship between the parties. 12.7. Waiver. No failure or delay by either party in exercising any right under this Agreement will constitute a waiver of that right. A waiver of any breach of this Agreement must be in writing in order to be effective. 12.8. Severability. If any provision of this Agreement is held by a court of competent jurisdiction to be contrary to law, the provision will be deemed null and void, and the remaining provisions of this Agreement will remain in effect. 12.9 Force Majeure. Except for a party's payment obligations, neither party shall be liable to the other for its failure to perform any of its obligations hereunder during any period in which such performance is delayed by circumstances beyond its reasonable control including, but not limited to, an act of God, earthquake, fire, flood, civil unrest, epidemic, pandemic, act of terror, war, embargo, strike or other labor problem (other than involving such party's own employees), inability to secure materials and transportation facilities, Internet service provider failure or delay, denial of service attack, or the intervention of any governmental authority. 12.10 Counterparts. This Agreement may be executed in any number of counterparts, each of which shall be deemed to be an original, and all of which together shall be deemed to be one and the same instrument. Exhibit A SECURITY SCHEDULE 1. Ownership of Customer Data. As between Customer and Cazena (or its Authorized Reseller), all Customer Data will remain the property of Customer. Customer Data will not be used by Cazena other than in connection with the provision of the Services to Customer or as otherwise permitted in this Agreement. 2. Protection of Customer Data. Cazena employs security controls designed to protect Customers against unauthorized access to Customer Data residing in the Cazena environment. If Customer elects the Customer Cloud Option, Customer maintains control over and responsibility for security and access relating to their environment (and Customer Data residing therein), and as such, Cazena is only responsible for control over and security controls relating to the specific access authorizations that Customer has granted to Cazena's operations environment. 3. Security Controls. (a) All Customer Data is stored by Cazena in a logically secure environment that protects it from unauthorized access, modification, theft, misuse and destruction. Cazena maintains and enforces logical security procedures with respect to its access and maintenance of the Customer Data that are at least (a) equal to industry standards for such types of data and locations, (b) in accordance with Customer's reasonable security requirements, and (c) sufficient to provide reasonably appropriate technical and organizational safeguards against accidental or unlawful destruction, loss, alteration or disclosure. This Section 3(a) does not apply if Customer has elected the Customer Cloud Option. (b) Cazena will take measures consistent with applicable industry standards to secure and defend its locations, systems, applications, and equipment against unauthorized access to modify or access Cazena systems or the information found therein. Cazena will regularly test its systems for potential areas where security could be breached. (c) Cazena has a formal information security policy and/or program, that includes annual employee security awareness training, and reasonable information security policies and/or procedures that are designed to protect Customer Data from loss, misuse and unauthorized access or disclosure and comply with any applicable law; provided that, notwithstanding the foregoing, Customer will ensure that all Customer Data provided to Cazena complies with all applicable laws and reasonable information security practices. (d) This Security Policy is subject to reasonable changes by Cazena from time to time without Customer's prior approval. 4. Disaster Recovery. Cazena maintains disaster recovery procedures designed to safeguard Customer Data and the operation of the equipment and software. This Section 4 does not apply if Customer has elected the Customer Cloud Option. 5. Security Incident Response and Notification Procedures. (a) If either party believes that there has been an unauthorized disclosure of or access to Customer Data stored on the Service (a "Security Incident"), such party must promptly notify the other party. Additionally, each party will reasonably assist the other party in remediating or mitigating any potential damage from the Security Incident. Each party shall bear the costs of such remediation or mitigation, including notification of affected individuals, to the extent the Security Incident was caused by such party. Cazena shall use commercially reasonable efforts to mitigate any harmful effect that is known to Cazena of a use or disclosure of Customer Data in violation of this Agreement or in connection with a Security Incident. Each party will comply with all laws and regulations applicable to it that require notification or impose other requirements upon the party as a custodian or owner of the data in the event of a Security Incident. Each party will reasonably assist the other in remediating or mitigating any potential damage from a Security Incident. If Customer has elected the Customer Cloud Option, Cazena's obligations set forth in this Section 5(a) are limited to only apply if and to the extent the Security Incident resulted from a breach of Cazena's obligations set forth in this Agreement relating to the specific access authorizations that Customer has granted to Cazena's operations environment. (b) If Cazena becomes aware of any Security Incident (defined above) involving its personnel, systems, applications, or network, Cazena shall promptly investigate such incident, conduct a root cause analysis, and implement a commercially reasonable corrective action plan. Cazena shall share the results of such root cause analysis and action plan with Customer within 72 hours following such incident unless prohibited by law. (c) Unless otherwise required by applicable law and subject to the exceptions that follow, Cazena shall not disclose to third parties any information about a Security Incident involving Customer Data without prior written and express permission from Customer for such disclosure; provided, however, nothing herein should be construed as preventing Cazena from publicly acknowledging or disclosing the occurrence of a Security Incident, provided Cazena does not identify Customer in the applicable communication to third parties. If Cazena is required to disclose pursuant to applicable law, unless Cazena is prohibited from doing so by applicable law, Cazena shall promptly notify Customer. Notwithstanding the foregoing, Cazena may disclose to the following parties without obtaining such permission: (i) Cazena's agents who are working on the issue, have a need-to-know, and have a confidentiality agreement in place that is no less restrictive than that between Parties; (ii) others who are similarly affected and with whom Cazena has an obligation to notify. In such cases, Cazena shall not disclose any information about Customer or Customer's involvement without Customer's prior written permission, unless otherwise required under applicable law.