END USER SOFTWARE LICENSE AGREEMENT

END USER SOFTWARE LICENSE AGREEMENT

THIS END USER SOFTWARE LICENSE AGREEMENT (THE “AGREEMENT IS MADE BY AND BETWEEN BIGID INC., A DELAWARE CORPORATION HAVING ITS PRINCIPAL PLACE OF BUSINESS AT 641 AVENUE OF THE AMERICAS, 5TH FLOOR, NEW YORK, NY 10011 (“BIGID”) AND THE CUSTOMER INDICATED IN AN ORDER  OR THE ONLINE REGISTRATION FORM  RELATING TO THE BIGID SOFTWARE AND SERVICES (“CUSTOMER”). BY CLICKING ITS ACCEPTANCE ELECTRONICALLY OF THIS AGREEMENT, OR OF ANY OTHER AGREEMENT THAT INCORPORATES BY REFERENCE THESE TERMS AND CONDITIONS, OR BY EXECUTING AN ORDER THAT REFERENCES THIS AGREEMENT, CUSTOMER AGREES TO BE BOUND BY THE TERMS AND CONDITIONS HEREOF. IF CUSTOMER PURCHASES THE SOFTWARE THROUGH A BIGID AUTHORIZED PARTNER, THE  TERM “ORDER” AS USED HEREIN SHALL MEAN THE ORDER ENTERED INTO BETWEEN BIGID AND THE AUTHORIZED PARTNER FOR CUSTOMER’S USE (EACH AN “ORDER”).  Each Order shall specify, as applicable, the Software and/or Services (including a description thereof), the quantity or licensing metrics applicable to the subscription license, the Licensed Entity, and the subscription term.  A Customer Affiliate may enter into an Order pursuant to this Agreement and, in such case, by entering into the Order, the Affiliate agrees to be bound by the terms and conditions of this Agreement with respect to such Order and such Affiliate shall be considered to be the Customer with respect to such Order.  Customer or its Affiliate who signs each Order shall be responsible for the compliance of its Affiliates with the terms and conditions of this Agreement.

1. Definitions.  Capitalized terms have the meanings set forth as follows: “Affiliate” of an entity means any other entity that directly or indirectly, controls, is controlled by, or is under common control with such entity, for so long as such control exists.  The term “control” means ownership of more than fifty percent (50%) of the voting securities of an entity. “Applicable Law” means any statute, law, ordinance, regulation, rule, code, order, constitution, treaty, common law, judgment, decree or other requirement or rule of any federal, state, local or foreign government or political subdivision thereof, or any arbitrator, court or tribunal of competent jurisdiction applicable to a party’s performance under this Agreement including without limitation Data Protection Laws. “BigID Systems” means the information technology infrastructure, including all computers, software, databases, electronic systems and networks that are owned or controlled by BigID used to provide the Software and/or other Services. “BigID Property” means any technical information, technology, content, dashboards, screens, document or report templates, techniques, ideas, methods, processes, data, software, algorithms interfaces, utilities, documents, designs, user interfaces, trade secrets, know-how, intellectual property, information or materials of any kind (regardless of form) which has been or is acquired, created, developed or licensed by BigID prior to or outside the scope of this Agreement and any improvement, modification or other derivative works thereof whenever created; and all Intellectual Property Rights to the foregoing; and expressly includes, without limitation, the Software and Documentation and any related technical information. “Customer Data” means any data, software, documents, content, Intellectual Property or information of any kind (regardless of form) (i) acquired, developed, created or licensed by the Licensed Entity prior to or outside the scope of this Agreement, and/or (ii) input or output in connection with Customer’s authorized use of the Software, but excluding BigID Property. “Customer Systems” means any information technology infrastructure, including all computers, software, databases, electronic systems and networks within Customer’s custody or control or which are managed by a third party contractor or cloud services provider on Customer’s behalf for Customer’s use. “Data Protection Laws” means any data privacy or data protection laws under any Applicable Law which are applicable to a party’s performance under this Agreement, including without limitation as applicable the California Consumer Protection Act (“CCPA”),  Directive 95/46/EC and Directive 2002/58/EC and in each case as amended, replaced or superseded from time to time, including without limitation by the EU General Data Protection Regulation 2016/679 of the European Parliament and of the Council (the “GDPR“, and collectively with the foregoing “EU Data Protection Laws“) and any data protection laws substantially amending, replacing or superseding the GDPR following any exit by the United Kingdom from the European Union. “Documentation” means the applicable specifications and user documentation relating to the use of the Software and any training materials that BigID makes available to Customer. “Freemium Model” means software that is licensed on a limited basis and for which BigID does not charge a fee.  Where specified, certain terms in this Agreement are excluded for Freemium customers.  “Intellectual Property Rights” means any and all registered and unregistered rights granted, applied for or otherwise now or hereafter in existence under or related to any patent, copyright, trademark, trade secret, database protection or other intellectual property rights laws, and all similar or equivalent rights or forms of protection, in any part of the world.  “Licensed Entity” means the Customer and/or Affiliate entit(ies) authorized to use the Software pursuant to a particular Order. “Loss” means any and all losses, damages, liabilities, claims, actions, judgments, interest, awards, penalties, fines, costs or expenses of whatever kind, including reasonable attorneys’ fees.  “Minimum System Requirements” means those system requirements of Customer’s computer systems as specified by BigID in writing. “Personal Information” is information that identifies or could be used to identify an individual or relates to an identifiable person and expressly includes “Personal Information” or “Personal Data” as such terms are defined in any of the Data Protection Laws. “Representatives” means, with respect to a party, that party and its Affiliates’ respective employees, officers and directors, consultants, agents, independent contractors, subcontractors and legal advisors. “Professional Services” means configuration, training, consulting and/or other professional services as described in an Order. “Services” means Professional Services and Support and unless otherwise stated in an Order, Services shall exclude all Third Party Services. “Software” means an executable version of BigID’s proprietary data software and applications as more fully described in an Order, together with any Updates made available to Customer by BigID pursuant to this Agreement; and shall be specified in an Order as either “On-Premise Software” or “SaaS Software.”   Unless otherwise stated in an Order, Software shall exclude all Third Party Software which is not embedded in the Software.  “Support” means the support services  described in Section 5.1 (Support) hereof.  ‘Support Policy” means the BigID Support Policy which can be found at https://support.bigid.com/.  “Third Party Products” means (i) software products (including on-premise software and SaaS offerings) for which the Intellectual Property Rights are owned by a third party or which are supplied by a third party, which software licenses are resold or distributed by BigID either pursuant to an Order or as part of a BigID app marketplace, together with any support updates thereto (“Third Party Software”); (ii) any support and/or professional services provided by a third party for such software offerings (“Third Party Services”); and (ii) any related Documentation. “Update(s)” has the meaning set forth in the Support Policy. “Users” mean individual users of the Software who have been provided with access credentials, identification codes and/or passwords to use the Software.
2. Delivery.  BigID will make the Software and Updates available electronically to Customer. Customer may make a reasonable number of copies of the On-Premise Software solely for testing, disaster recovery or archival purposes.
3. Software.

3.1    Software Subscription License.  BigID hereby grants Customer a non-exclusive, non-sublicensable and non-transferable, limited subscription license, during the Subscription Term, for the Customer Licensed Entity to use the Software and Documentation in accordance with the Documentation and the Order during the Order Term.  The subscription license is subject to the licensing metrics (as to volume, devices, Licensed Entity and other licensing metrics) and other terms set forth in the Order and the payment of the applicable fees (if any).  .  Notwithstanding anything to the contrary herein, the subscription license shall be used solely by and/or for the benefit of the Licensed Entities specified in the Order and Customer shall be responsible for the Licensed Entities’ and their Representatives acts and omissions to the same extent as it is responsible for its own acts and omissions under this this Agreement.  Unless otherwise set forth in the Order, the Licensed Entity shall use the Software solely for the Licensed Entity’s internal business purpose. The Software includes certain open source components. BigID represents and warrants that such open source software components will not contain any license or other terms that require that other software or documentation incorporating or used with such software, be disclosed or distributed in source code form, be licensed for the purpose of making derivative works, or be redistributable at no charge.

3.2    SaaS Access and Requirements.  BigID will make SaaS Software available on a Software Platform for access and use by the Customer Licensed Entity remotely through the internet. BigID shall supply Customer with user or administrator IDs and passwords as may be necessary for Customer to provide its Representatives authorization to access and use the SaaS Software (the “Authorized Users”). Customer agrees to keep confidential any such identification codes and/or passwords and to restrict access to such identification codes and passwords to its Authorized Users. Customer agrees to notify BigID immediately if Customer becomes aware that unauthorized persons have obtained access to such identification codes or passwords, or any instance of unauthorized use of Customer’s accounts or if Customer becomes aware of any other breach of security related to the SaaS Software. BigID reserves the right to temporarily suspend the account and/or passwords in the event of an actual or probable suspected security breach that poses a security threat to BigID’s SaaS platform. Customer agrees to the following, as applicable, in connection with its use of the SaaS Software: (i)  Customer is responsible for providing the systems, servers, software, network and communications necessary to connect to and utilize the SaaS Software consistent with any specifications or System Requirements set forth in the Order or Documentation; (ii) Customer shall be responsible for the accuracy and integrity of the Customer Data made available to BigID; (iii) Customer shall be responsible for backing up the Customer Data which is used in connection with the SaaS Software; and (iv) Customer shall be responsible for obtaining any necessary licenses, consents and/or permissions to grant BigID the right to use the Customer Data in combination with the SaaS Software to the extent necessary to enable BigID to perform its obligations hereunder.

3.3    Use Restrictions & Safeguards.  The Software (and any copies thereof) will remain the exclusive property of BigID. Customer shall not, and shall not permit any other party, to: (i) except as expressly stated herein with respect to On-Premise Software, copy the Software, in whole or in part; (ii) modify, translate, or otherwise prepare derivative works of or improvements to the Software or Documentation; (iii) rent, lease, loan, sell, sublicense, distribute, publish, transfer or otherwise make the Software available to any third party, or use the Software on behalf of or for the benefit of any third party, including on or in connection any time-sharing, service bureau, software as a service, or other similar service; (iv) reverse engineer, disassemble, decompile or attempt to re-create the Software or otherwise attempt to derive or gain access to the source code of the Software; (v) bypass or breach any security device or protection relating to the Software; (vi) remove, modify or supplement any proprietary notices or symbols or serial numbers on or relating to the Software or Documentation; or (vii) publish or disclose to a third party the results of any  benchmarking or competitive analysis of the Software or use the Software to develop a competing software product or service. Customer shall restrict access to the Software to the Licensed Entity’s Representatives whose duties require such access or use in connection with the licensed use. Customer shall take commercially reasonable measures to safeguard the Software and Documentation from unauthorized access.

3.4    Evaluation Software and Pre-Release Software.  In the event that the parties mutually agree that BigID will provide any software identified as evaluation software, Freemium, pre-release, “alpha”, “beta” or similar, then notwithstanding anything to the contrary contained herein, such software is provided “as is” and without any warranty, support or service commitment of any kind, but are otherwise provided in accordance with and subject to the terms of this Agreement.

4.     Fees and Tracking.

4.1    Fees.  The fees, invoicing and payment terms, as applicable, shall be set forth in the Order provided that if Customer purchases through an authorized BigID partner, the fees, invoicing schedule and payment terms shall be separately agreed between Customer and the partner.  All fees are exclusive of taxes and similar assessments.  Customer is responsible for all sales, service, use and excise taxes, and any other similar taxes, duties and charges of any kind, other than any taxes imposed on BigID’s income and employees.

4.2    Tracking and Reporting.  Customer’s use of the Software shall conform to the license metrics specified in the applicable Order. Customer shall use the tracking and monitoring feature in the Software to verify Customer’s usage complies with the authorized subscription volume set forth in the Order.  If Customer has exceeded the authorized subscription volume, Customer shall promptly report such overage to BigID or the authorized partner.  In addition, upon request, but no more than twice per year, Customer shall provide a report via electronic means with confirmation of the applicable licensing metrics being used by Customer over such reporting period.  This section shall not apply to evaluation licenses.

5.     Updates, Support and Professional Services.

5.1    Updates & Support.  During the Term, provided that Customer has subscribed and paid the applicable Fees to receive Support, BigID will make available to Customer all Updates to the subscribed Software.  Customer will install all Updates promptly as soon as practicable upon their release.  If the Order requires BigID is to provide Support, such Support will be provided in accordance with the terms of BigID’s Support Policy. B

5.2    Professional Services.  The parties may mutually agree upon Professional Services to be provided by BigID to Customer on such terms and fees as set forth in an Order.  BigID Support and warranty obligations do not cover modifications made to the Software as a result of Professional Services unless such modifications are made a part of the generally available Software.

6. Performance and Support Data.

6.1 Performance Data.  In connection with the Software, Support and/or Services activities provided under this Agreement, Customer authorizes BigID to collect, as applicable, certain operational, usage and performance data relating to the Software and Support activities including (i) diagnostic, usage, performance and related technical data relating to Customer’s installation of the Software; (ii) data regarding Customer’s containers (Disk, IO, RAM, CPU, Network) servicing and hosting the Software; (iii) Customer support logs; and (iv) other information related to the Software, Support and/or Services (collectively as “Customer Usage Information”).  Customer authorizes BigID to collect such Customer Usage Information (a) via telemetry; and (b) as may be manually provided by Customer. Customer shall not include Personal Information in the Support logs, except for Customer’s Representatives’ business contact details (e.g. name, business email, business phone, professional title). To the extent Customer Data is made available to BigID, Customer hereby grants BigID a limited, non-exclusive, non-transferable, royalty-free, license to use, copy, process, store and transmit such Customer Data solely as necessary to perform BigID’s Software, Services and Support obligations under this Agreement and to improve the Software and as expressly permitted in Section 6.2 hereof. Customer shall be responsible for obtaining any consents, approvals, permissions and/or licenses necessary to grant BigID the rights to the Customer Data made available hereunder.

6.2 Support Data.  In a continuous effort to enhance and improve the performance, quality and support of the Software, BigID collects and uses certain metadata derived from the Customer usage of the Software to create (i) high level, generic, anonymous, statistical and/or benchmarking data (“Statistical Data”) and aggregates with other customer information (the “Aggregated Data”). Such Aggregated Data does not identify and cannot be used to identify, reveal or be traced back to Customer, a User, any Customer System or any specific Customer Data. Customer grants BigID a perpetual, irrevocable, fully paid-up, royalty-free, worldwide right to use, copy, modify, create derivative works of, publish, and exploit the Statistical Data as incorporated into the Aggregated Data solely for BigID’s internal business purpose of improving, optimizing, and monitoring the performance of the Software and Services and for the purpose of creating benchmarking data.  BigID does not and will  not sell or transfer the Statistical Data or Aggregated Data to any third party.  Representatives utilized by BigID in connection with the provision of Software and/or Services may have access to such Statistical Data and Aggregated Data.

6.3 Customer Data Back-Ups.  Customer shall be responsible for maintaining regular back-ups of all Customer Data stored on Customer Systems.  BigID shall be responsible for maintaining regular back-ups of all Customer Data stored on BigID Systems while in BigID’s custody or control.

7. Confidentiality.

7.1    Confidential Information.  In connection with this Agreement each party (as the “Disclosing Party”) may disclose or make available to the other party (as the “Receiving Party”) Confidential Information. “Confidential Information” means information in any form or medium (whether oral, written, electronic, visual or other) which is identified as confidential at the time of disclosure or should reasonably be understood to be confidential given the nature of the information and the circumstances surrounding the disclosure, including without limitation information relating to the business, operations, finances, technologies, products and services, software, data, pricing, personnel, customers and suppliers of a party and expressly includes without limitation (i) with regard to Customer, the Customer Data; and (ii) with regard to BigID, the BigID Property.  Confidential Information does not include information to the extent that such information: (a) was known to the Receiving Party without restriction on use or disclosure prior to such information being disclosed by the Disclosing Party in connection with this Agreement; (b) was or becomes generally known by the public other than by the Receiving Party’s or any of its Representatives’ noncompliance with this Agreement; (c) was or is received by the Receiving Party on a non-confidential basis from a third party who did not receive such information directly or indirectly from the Disclosing Party; or (d) was or is independently developed by the Receiving Party without use of the Disclosing Party’s Confidential Information.

7.2    Protection of Confidential Information.  The Receiving Party shall retain in confidence and use the same degree of care and discretion (but not less than reasonable care) designed to prevent the unauthorized access to or disclosure of the Disclosing Party’s Confidential Information as it uses with its own Confidential Information of a similar nature. The Receiving Party will use the Disclosing Party’s Confidential Information solely for the purpose of performing its obligations and exercising its rights under this Agreement.  Except as authorized in this Agreement or an Order, the Receiving Party will not disclose the Disclosing Party’s Confidential Information to a third party other than to its Representatives having a need to know in connection with the performance of this Agreement and then only subject to an obligation of confidentiality at least as protective as the terms herein.  The Receiving Party shall be liable to the Disclosing Party for any violation of this Agreement by its Representatives. The Receiving Party may disclose Confidential Information to the extent required to comply with orders of governmental entities as required by law, provided that the Receiving Party (i) to the extent legally permissible, gives the Disclosing Party reasonable advance written notice to allow the Disclosing Party to seek a protective order or other appropriate remedy, and (ii) uses commercially reasonable efforts to obtain confidential treatment for any Confidential Information so disclosed.

7.3    Security Certifications and Independent Attestation.  At Customer’s request BigID will, on an annual basis, furnish to Customer (i) its then current Information Security Policy and (ii) its then current independent SSAE16 SOC 2 or successor attestation report.  Such reports and policies shall be BigID’s Confidential Information. These reports are not available to Customers of any software identified as evaluation software, Freemium, pre-release, “alpha”, “beta” or similar.

7.4 Security Obligations. In addition to the confidentiality obligations set forth herein, BigID shall maintain, use and process any Customer Data in compliance with Data Protection Laws.  BigID shall maintain commercially reasonable administrative, physical and technical safeguards designed to guard against the destruction, loss, or alteration of Customer Data while within BigID’s custody or control in accordance with BigID’s information Security Policy, which is available at https://bigid.com/bigid-security-standards/. Without limiting the foregoing, BigID shall at all times in connection with this Agreement: (i) maintain and enforce an information security program including administrative, physical and technical security policies and procedures with respect to its processing of Customer Data and Customer Personal Information that meet or exceed no less than commercially reasonable industry practices; (ii) provide technical and organizational safeguards for the BigID Systems processing Customer data designed to protect against accidental, unlawful or unauthorized access to or use, or destruction of such information and ensure a level of security appropriate to the risks presented by the processing of such information and the nature of such information, consistent with not less than commercially reasonable industry practices; (iii) take commercially reasonable measures to secure the BigID Systems against “hackers” and others who may seek, without authorization, to disrupt, damage, modify, or otherwise access the BigID Systems. Additionally, BigID shall periodically test and continuously monitor the BigID Systems for potential areas where security could be breached and shall also periodically conduct security testing, including penetration testing.  BigID is not responsible for internet connections outside the BigID Systems.

7.5 Data Processing .   Where BigID processes Customer Data, the terms of the Data Processing Addendum available at https://bigid.com/dpa/ shall apply to such processing, and are hereby incorporated by reference.  BigID may use, and reserves the right to engage, other third party companies to provide hosting and other Services on its behalf in connection with the SaaS Software. Customer Data may be processed in the US and other countries in connection with provision of the SaaS Software. Customer is responsible for ensuring that provision of Customer Data in connection with the SaaS Software complies with Applicable Law. BigID does not control the jurisdiction where the Customer Data originates, and neither BigID nor any third party hosting provider shall be deemed a “data controller” under Applicable Law with respect to Customer Data. As between Customer and BigID, Customer is the sole “data controller. BigID follows the privacy practices available at https://bigid.com/privacy-notice/ with respect to Customer Data.

7.6   Feedback.  Any ideas, suggestions, guidance or other information shared by Customer with BigID solely to the extent derived from or relating to the Software shall be collectively deemed “Feedback.”  BIGID shall own all Feedback, including all intellectual property rights therein.

8. Intellectual Property Rights.

8.1    Ownership of BigID Property and Work Product.  Customer acknowledges and agrees that as between BigID and Customer, BigID owns and retains all right, title and interest in the BigID Property.  Except as otherwise expressly provided for in an Order, BigID shall own all right, title and interest to any Work Product created as part of the Professional Services.  Work Product shall not be considered to be a work made for hire (as that term is used in the U.S. Copyright laws).  BigID hereby grants a nonexclusive, nontransferable, limited right to use any deliverables provided as part of the Work Product for Customer’s internal business purposes solely in connection with the Customer Licensed Entity’s authorized use of the Software.  “Work Product” shall mean any deliverables, documents, materials, software, information, reports, data or other work product of any kind, regardless of form, which are created by BigID for Customer as part of the Professional Services.

8.2             Ownership of Customer Data.  BigID acknowledges and agrees that as between BigID and Customer, Customer shall own all right, title and interest in any Customer Data, including, all related Intellectual Property Rights. BigID shall not use or copy Customer Data except as expressly permitted hereunder.

9. Representations & Warranties.

9.1    Mutual Representations and Warranties.  Each party represents and warrants to the other party that (i) it has the corporate authority to enter into this Agreement and to perform its obligations under the Agreement; and (ii) it will comply with all Applicable Laws as they apply to the performance of its obligations or the exercise of its rights under the Agreement.

9.2        Disabling Software.  BigID represents and warrants that it shall use generally accepted industry best practices including the use of a leading virus detection product designed to prevent the Software, as delivered and/or provided, from containing any program routine, device, or other undisclosed feature, including, without limitation, a time bomb, virus, software lock, drop-dead device, malicious logic, worm, trojan horse, or trap door, that is intentionally designed to delete, disable, deactivate, interfere with or otherwise prevent Customer’s use or access to the Software during the Subscription Term or which is intended to cause harm to Customer’s systems.

9.3    Limited Software Warranty.  Subject to the warranty and Support exclusions set forth in the Support Policy, BigID represents and warrants to Customer during the Subscription Term (the “warranty period”) that the Software will substantially conform to the specifications set forth in the Documentation, when installed, operated and used in accordance with the Documentation, the Order and the terms and conditions of this Agreement. To state a valid warranty claim under this Section 9.3, Customer must provide BigID with notice in writing of the nonconformity during the warranty period and within thirty (30) days of the date on which the nonconformity occurred.  If Customer notifies BigID within the applicable warranty and notice period of a nonconformity, BigID will, at its expense, as Customer’s sole and exclusive remedy for such nonconformity, use reasonable efforts to correct the nonconformity, and if BigID fails to remedy the nonconformity within 30 days of its receipt of notice of the nonconformity, Customer shall have the option to extend the period for cure and repeat the cure process or terminate the affected Order and in the event of such a termination, obtain a pro-rata refund of any prepaid Software Fees representing the period of the Order Term post-termination.

9.4    Limited Professional Services Warranty.  BigID represents and warrants to Customer for a warranty period of thirty (30) days from the performance of the applicable Professional Services that the Professional Services will be performed in a diligent and professional manner, by appropriately qualified personnel, with the skills, knowledge, and training necessary to perform the Professional Services and that such personnel will perform such Professional Services in compliance with Applicable Law.  If Customer notifies BigID within the applicable warranty period of a nonconformity of such Professional Services, BigID will, at its expense, as Customer’s sole and exclusive remedy, use reasonable efforts to correct the nonconformity within thirty (30) days of its receipt of notice.

9.5     Third Party Services Use and Disclaimer.  Customer acknowledges and agrees that certain SaaS offerings may operate in combination with one or more cloud hosting and/or software services platforms operated by third parties to which Customer subscribes directly (such for example as Salesforce.com) (“Customer Sourced Services”).  To the extent that the Software operates in combination with such Customer Sourced Services, Customer is responsible for

providing BigID with credentials to access such Customer Sourced Services and for obtaining any approvals required to permit such use.  BigID shall not be responsible for the operation of any such Customer Sourced Services or the platforms from which they operate, nor the availability or operation of SaaS to the extent such availability and operation is dependent upon the availability and operation of such Customer Sourced Services.  Customer shall be solely responsible for procuring any rights necessary to access such Customer Sourced Services and for complying with any applicable terms or conditions applicable to such Customer Sourced Services.  BigID does not make any representations or warranties with respect to the Customer Sourced Services or any of their products, software, systems or services.  Any exchange of data or other interaction between Customer and a Customer Sourced Services provider, and Customer’s purchase of any product, software or service offered by such Customer Sourced Services provider, is solely between Customer and such Customer Sourced Services provider and is governed by such Customer Sourced Services provider’s applicable license terms and conditions

9.6    Third Party Products.  Unless otherwise expressly stated in this Agreement or an Order, Third Party Products shall be governed exclusively by the applicable third-party provider’s agreement and BigID makes no representations or warranties and assumes no obligations or liability with respect to such Third Party Products.

9.7  DISCLAIMER OF WARRANTIES.  EXCEPT FOR THE EXPRESS WARRANTIES SET FORTH IN THIS AGREEMENT, BIGID HEREBY DISCLAIMS ALL REPRESENTATIONS AND WARRANTIES  OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY OR OTHERWISE INCLUDING WITHOUT LIMITATION COURSE OF DEALING, USAGE OR TRADE PRACTICE, ACCURACY OR COMPLETENESS OF DATA OR INFORMATIONAL CONTENT, MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT.  BIGID DOES NOT WARRANT OR GUARANTEE THAT THE OPERATION OR USE OF THE SOFTWARE WILL BE UNINTERRUPTED OR ERROR-FREE OR THAT ALL ERRORS IN THE SOFTWARE WILL BE CORRECTED OR THAT THE SOFTWARE WILL MEET CUSTOMER’S REQUIREMENTS. THE DISCLAIMERS SET FORTH IN SECTION 3.4 ABOVE SHALL APPLY TO AND LIMIT THE WARRANTIES SET FORTH IN THIS SECTION 9.

10. Indemnification.

10.1    BigID Indemnification.  BigID will indemnify, defend and hold harmless Customer and its Representatives (each, including Customer, a “Customer Indemnitee”) from and against any and all Losses incurred by the Customer Indemnitee arising out of any claim or action by a third party (other than an Affiliate of a Customer Indemnitee) to the extent that such Losses arise from any allegation that the Software infringes any third party Intellectual Property Right.  The foregoing duty to defend and indemnify does not apply to the extent arising out of or  relating to any: (i) open source components; (ii) modification of the Software by Customer or a third party; (iii) failure to implement any Update or replacement of the Software made available to Customer by BigID; (iv) use of the Software other than in compliance with the Documentation, Order, and/or Agreement; or (v) use of the Software in combination with any Customer or third party software, system, hardware or data.  If the Software is, or in BigID’s opinion is likely to be or is claimed to infringe, misappropriate or otherwise violate any third-party Intellectual Property Right, BigID may, at its option and sole cost and expense(i) obtain the right for Customer to continue to use the Software as contemplated by this Agreement; (ii) modify or replace the Software, in whole or in part, while providing materially equivalent functionality; or (iii) if the remedies set forth above are not available on commercially reasonable terms, terminate the affected Order(s), in their entirety, effective immediately on written notice to Customer, and provide Customer with a pro-rata refund of the prepaid Software Fees representing the period of the Order Term post-termination.

10.2  Customer Indemnification.  Customer will indemnify, defend and hold harmless BigID and its Affiliates, and each of its and their Representatives (each, including BigID, a “BigID Indemnitee”) from and against any and all Losses incurred by the BigID Indemnitee in connection with any claim or action by a third party (other than an Affiliate of a BigID Indemnitee) to the extent that such Losses arise out of any third party claim that the Customer Data infringes or violates of any Intellectual Property Right of a third party or violates any Applicable Laws including without limit any data protection or privacy laws.

10.3  Indemnification Procedure.  Each party will promptly notify the other party in writing of any action for which such party seeks indemnification.  The party seeking indemnification (the “Indemnitee”) will cooperate with the other party (the “Indemnitor”) at the Indemnitor’s sole cost and expense.  The Indemnitor will have sole authority and control over the defense and settlement of such action, at the Indemnitor’s sole cost and expense.  The Indemnitee may participate in and observe the proceedings, at its own cost and expense, with counsel of its own choosing.

10.4  Sole Remedy and Limitations.  .  THIS SECTION 10 SETS FORTH CUSTOMER’S SOLE AND EXCLUSIVE REMEDIES AND BIGID’S SOLE LIABILITY FOR ANY CLAIMS THAT THE SOFTWARE AND/OR DOCUMENTATION INFRINGE, MISAPPROPRIATE OR OTHERWISE VIOLATE ANY THIRD PARTY INTELLECTUAL PROPERTY RIGHTS. NOTWITHSTANDING ANYTHING IN THIS AGREEMENT TO THE CONTRARY, THE INDEMNIFICATION OBLIGATIONS IN SECTION 10.1 SHALL NOT APPLY OR BE AVAILABLE TO ANY CUSTOMER WHO HAS LICENSED SOFTWARE IDENTIFIED AS EVALUATION SOFTWARE, FREEMIUM, PRE-RELEASE, “ALPHA”, “BETA” OR SIMILAR.

11. Limitations of Liability.

11.1          EXCLUSION OF DAMAGES.  EXCEPT AS OTHERWISE EXPRESSLY PROVIDED IN SECTION 11.3, TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT WILL EITHER PARTY BE LIABLE FOR CONSEQUENTIAL, INCIDENTAL, INDIRECT, LOSS OF OR DAMAGE TO DATA OR SOFTWARE, LOSS OF PROFITS OR REVENUE, LOSS OF GOODWILL OR REPUTATION, EXEMPLARY, SPECIAL, ENHANCED OR PUNITIVE DAMAGES, IN EACH CASE REGARDLESS OF THE THEORY OF LIABILIITY, INCLUDING BREACH OF CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY AND OTHERWISE.  WITHOUT LIMITING THE FOREGOING, IN NO EVENT WILL BIGID BE LIABLE FOR THE COST OF REPLACEMENT GOODS OR SERVICES.

11.2   CAP ON MONETARY LIABILITY.  EXCEPT AS OTHERWISE EXPRESSLY PROVIDED IN SECTION 11.3, TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT WILL THE TOTAL AGGREGATE LIABILITY OF EITHER PARTY ARISING OUT OF OR RELATED TO THIS AGREEMENT, IN EACH CASE REGARDLESS OF THE THEORY OF LIABILIITY INCLUDING BREACH OF CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY AND OTHERWISE, EXCEED THE TOTAL OF THE ANNUALIZED FEES PAID UNDER THE APPLICABLE ORDER DURING THE MOST CURRENT ANNUAL SUBSCRIPTION TERM THEN IN EFFECT.  THE FOREGOING LIMITATIONS APPLY EVEN IF ANY REMEDY FAILS OF ITS ESSENTIAL PURPOSE.

11.3  Exceptions to Limitations of Liability.  The exclusions and limitations in this Section 11 shall not apply to liability arising out of (i) either party’s breach of Confidentiality (Section 7); (ii) either party’s obligations under Section 10 (Indemnification); (iii) either party’s gross negligence or willful misconduct; (iv) a party’s rights for violation or infringement of its Intellectual Property Rights; or (v) Customer’s obligation to pay fees. Nothing contained herein shall limit a party’s rights or remedies under statutory law for violation of its intellectual property rights. Notwithstanding the foregoing, regardless of the theory of liability, BigID’s total aggregate liability for its security, data privacy, data protection, personal information obligations under this Agreement, any related data protection agreement, Data Protection Laws, privacy, and/or security terms, agreements and/or requirements, including without limitation any confidentiality, indemnification obligations and/or any claims for violation of law relating thereto, shall not exceed the greater of $400,000 or two (2) times the total of the annualized fees paid under the Applicable Order during the most current annual Subscription Term then in effect. THE PROVISIONS SET FORTH IN THIS SECTION 11.3, SOLELY AS THEY APPLY TO OR PROFESS TO EXPAND, BIGID’s LIABILITY TO CUSTOMER UNDER SECTIONS 11.1 OR 11.2, SHALL NOT APPLY OR BE AVAILABLE TO ANY CUSTOMER WHO HAS LICENSED SOFTWARE IDENTIFIED AS EVALUATION SOFTWARE, FREEMIUM, PRE-RELEASE, “ALPHA”, “BETA” OR SIMILAR.  THE EXCEPTIONS SET FORTH IN SECTION 11.3 SHALL CONTINUE TO BE IN FULL FORCE AND EFFECT FOR FREEMIUM, PRE-RELEASE, “ALPHA”, “BETA” OR SIMILAR CUSTOMERS, WITH REGARD TO THEIR LIABILITY TOWARD BIGID.

12. Term and Termination.

12.1 Agreement Term & Termination.  This Agreement will continue in effect unless and until terminated in accordance with the terms hereof.   Either party may terminate this Agreement immediately upon prior written notice if there is no Order then in effect.

12.2  Order Term & Termination.  Each Order shall remain in effect for the term as specified in the Order unless earlier terminated as provided for in this Section 12.   Except as otherwise set forth in this Agreement, an Order may be terminated (in whole but not in part) by a party solely if the other party fails to cure a material breach of such Order, or of this Agreement as it relates to such Order, within thirty (30) days after receiving written notice of the breach from the non-breaching party.

12.3  Effect of Termination or Expiration.  Upon  expiration or earlier termination of an Order: (i) all Software subscription rights granted to Customer under such Order will immediately terminate and Customer shall immediately cease all use of the Software; (ii) upon request, BigID will destroy any Customer Data within the time periods specified in the Order provided that BigID shall be permitted to hold any Customer Data to the extent required by Applicable Law and/or in accordance with BigID’s record keeping in the ordinary course consistent with normal industry practices and BigID shall confirm such destruction upon request (iii) within fifteen (15) days, Customer shall deliver to BigID, or at BigID’s written request destroy, and permanently erase from all devices and systems, the Software, the Documentation and BigID’s Confidential Information and, upon request, certify to BigID in writing that it has complied with the requirements of this Section; and (iv) except where the Order is terminated by Customer due to an unremedied material breach by BigID and unless otherwise expressly provided herein, all amounts payable pursuant to the terminated Order shall be immediately due and payable.  Any right, obligation or provision under this Agreement arising prior to termination or that, by its nature should survive termination or expiration of this Agreement, will survive any such expiration or termination.

13.   Miscellaneous.

13.1          Force Majeure.  In no event will either party be liable or responsible to the other party, or be deemed to have breached this Agreement, for any failure or delay in performing under this Agreement (except for any payment obligation), when and to the extent such failure or delay is caused by any circumstances beyond such party’s reasonable control (a “Force Majeure Event”), including acts of God, pandemic, epidemic, flood, fire, earthquake or explosion, war, terrorism, civil unrest, embargoes or blockades in effect on or after the date of this Agreement, passage of Applicable Law, export or import restriction, power or telecommunications failure.  Either party may terminate this Agreement if a Force Majeure Event continues substantially uninterrupted for a period of thirty (30) days or more.

13.2    Trademarks & Public Announcements.  Neither party will issue any announcement, statement, press release or other publicity relating to this Agreement or use the other party’s trademarks, service marks, trade names, logos, or domain names, without the prior written consent of the other party.

13.3     Assignment and Subcontractors.  Except as otherwise expressly provided herein, neither party may assign, transfer or delegate this Agreement or an Order, or any of its rights or obligations hereunder (in whole or in part) except with the prior written consent of the other party; provided, however that either party may assign this Agreement, without the other party’s consent, in whole (but not in part) to a successor in interest to the business of such party in connection with a merger, sale of substantially all of its assets, change of control or by operation of law, or to an Affiliate, provided that (i) the assignee agrees to assume the obligations under this Agreement; (ii) the assignment shall not change the scope of work to be performed under any Order then in effect and the use of the Software shall be limited to the business of the Customer Licensed Entity (as specified in the Order) as such businesses  existed prior to the assignment; and (iii) if customer is the assignor, the assignee is not a competitor of BigID. The terms of this Agreement shall be binding upon the permitted successors and assigns of each party.  BigID may use its affiliates and/or subcontractors in connection with the performance of the Services provided that BigID shall be responsible for the acts and omissions of its affiliates and/or subcontractors to the same extent as it would be responsible hereunder for its own acts and omissions.  BigID shall maintain a current list of its subcontractors at posted at the following BigID weblink:  https://bigid.com/sub-processors/. BigID shall provide an automated electronic notification of updates to the list.  Customer shall have the right to object to any change to the list by providing written notice to BigID within 15 days of the date notice is issued regarding such change on the grounds that the subcontractor is not reasonably capable of meeting the applicable obligations under this Agreement.  If the parties cannot resolve Customer’s objection through good faith efforts, Customer shall have the right to terminate the affected Order upon written notice.  Any purported assignment, delegation or transfer in violation of this Section is void.

13.4          Relationship of the parties.  The relationship between the parties is that of independent contractors.  Nothing contained in this Agreement will be construed as creating any agency, partnership, joint venture or other form of joint enterprise, employment or fiduciary relationship between the parties, and neither party will have authority to contract for or bind the other party in any manner whatsoever.

13.5          No Third-party Beneficiaries.  This Agreement is for the sole benefit of the parties hereto and their respective permitted successors and permitted assigns and nothing herein, express or implied, confers on any other party any legal or equitable right, benefit or remedy of any nature whatsoever under or by reason of this Agreement.

13.6          Export Regulation.  Customer will not itself, or permit any other party to, export, re-export or release, directly or indirectly the Software to any country, jurisdiction or party which: (a) is prohibited by Applicable Law; or (b) without first completing all required undertakings (including obtaining any necessary export license or other governmental approval).

13.7          Governing Applicable Law; Jurisdiction; Attorneys’ Fees.  This Agreement is governed by and construed in accordance with the l laws of the State of New York without regard to its conflict of laws principles.  Any legal action or proceeding arising out of or related to this Agreement will be instituted exclusively in the federal or State courts having jurisdiction over New York County, New York, and each party irrevocably submits to the exclusive jurisdiction of such courts in any such action or proceeding.  The prevailing party in a final judgement resulting from any legal proceedings to enforce a party’s rights under this Agreement shall be awarded its reasonable attorney’s fees incurred in such proceeding. The United Nations Convention on Contracts for the International Sale of Goods does not apply to the transactions contemplated by this Agreement.  The Uniform Computer Information Transactions Act (“UCITA”) will not apply to this Agreement regardless of when and howsoever adopted, enacted and further amended under the governing state laws.

13.8 Equitable Remedies.  Each party acknowledges and agrees that a breach or threatened breach by such party of any of its licensing, confidentiality or intellectual property obligations would cause the other party irreparable harm for which monetary damages would not be an adequate remedy and that, in the event of such breach or threatened breach, the other party will be entitled to seek equitable relief, including in an injunction, specific performance and any other relief that may be available from any court of competent jurisdiction, without any requirement to post a bond or other security, or to prove actual damages or that monetary damages are not an adequate remedy.  Such equitable remedies are not exclusive.

13.9   Notices.  All legal notices related to notice of breach, termination or legal claim, shall be in writing and delivered by personal delivery, or by internationally recognized overnight delivery service and will be deemed given on the date of delivery when delivered personally or one (1) business day after deposit for next day delivery with overnight delivery service.  All other notices may be delivered by the same means as legal notices or via electronic mail, and if sent via email, will be deemed given upon transmittal.  Legal notices will be sent to the addresses set forth at the outset of the Agreement.

13.10        Severability.  If any provision of this Agreement is found to be invalid or otherwise unenforceable, the Agreement will remain fully effective and the parties will be bound by obligations which approximate, as closely as possible, the effect of the provision found invalid or unenforceable, without being themselves invalid or unenforceable.

13.11        Entire Agreement; Waiver & Amendment and Other.  This Agreement, together with all attached exhibits and any other documents incorporated herein by reference, constitutes the sole and entire agreement of the parties with respect to the subject matter of this Agreement and supersedes all prior and contemporaneous agreements, proposals, representations and warranties, both written and oral, with respect to such subject matter. This Agreement shall govern with respect to Customer’s use of the Software and Services and any transactions relating thereto, whether such subscription rights are purchased from BigID directly or indirectly through an authorized partner (including without limitation any follow-on purchases or renewals) and shall apply to all Orders and forms of purchases, whether submitted through electronic transmissions or otherwise, unless otherwise agreed by both parties in writing. Unless the Order expressly amends this Agreement and except as otherwise expressly provided herein, the terms and conditions of this Agreement shall take precedence over any conflicting terms in the Order. Any waiver, amendment, or modification of any right or remedy, in whole or in part under this Agreement, or any additional or different terms in purchase orders, acknowledgments or other documents other than the Order, will not be effective unless expressly agreed to by both parties in writing or electronic form.