Master Service Agreement
Master Service Agreement
This Master Services Agreement (this “Agreement”) is made between EyeR Security (the “Company”), and the client identified in the applicable Order Form (the “Customer”). This Agreement, together with any Order Forms (defined below) executed by the parties, governs the provision of certain cybersecurity services and access to Company’s platform by Company to Customer. By executing an Order Form or using the Services, Customer agrees to the terms of this Agreement.
1. Definitions
1.1 "Affiliate": Any entity that directly or indirectly controls, is controlled by, or is under common control with a party, where "control" means ownership of more than 50% of the voting equity or other controlling interest of the entity.
1.2 "Confidential Information": All non-public information, in any form, that a party (“Disclosing Party”) provides to the other (“Receiving Party”) and which is identified as confidential or proprietary, or that reasonably should be understood to be confidential given the nature of the information and the circumstances of disclosure. Confidential Information includes, without limitation, business plans, financial data, pricing, customer lists, trade secrets, know-how, software, inventions, and any security information or reports. Confidential Information of the Company specifically includes the terms of this Agreement, the Services and platform (including any documentation or source code), and any deliverables provided to Customer. Confidential Information of the Customer includes Customer Data (defined below). Information is not Confidential Information if it: (a) is or becomes publicly available without breach of this Agreement; (b) was known to the Receiving Party without confidentiality obligation before disclosure; (c) is received from a third party not bound by confidentiality; or (d) is independently developed by the Receiving Party without use of or reference to the Disclosing Party’s Confidential Information.
1.3 "Customer Data": All data or information (including any personal data) that Customer or its agents provides to Company, or that Company processes on Customer’s behalf, in connection with the Services or use of the EyeR Platform. Customer Data does not include any data that is anonymized or aggregated such that it does not identify Customer or any individual.
1.4 "EyeR Platform" or "Platform": The proprietary cloud-based cybersecurity platform and related software and tools provided by Company for Customer’s use as part of the Services. This includes any dashboards, portals, applications, and algorithms made available to Customer, and any updates or modifications thereto.
1.5 "Order Form": An ordering document (including any order, statement of work, proposal, or quote) executed (including via electronic acceptance) by Customer and Company that describes the specific Services, quantities, fees, and other details of an order. Each Order Form is incorporated into and governed by this Agreement. In the event of any conflict between this Agreement and an Order Form, the terms of this Agreement shall govern unless the Order Form expressly overrides specific provisions of this Agreement.
1.6 "Services": The cybersecurity services and deliverables provided by Company under this Agreement, as specified in an Order Form. Services include, without limitation: Incident Response services, Penetration Testing, Managed Detection and Response (MDR), cybersecurity training and simulation exercises, onboarding and support services, and access to and use of the EyeR Platform. Services may also include any other professional or managed security services mutually agreed in an Order Form. The scope of Services for a particular engagement will be as set forth in the applicable Order Form.
1.7 "Intellectual Property Rights": All forms of intellectual property rights worldwide, whether registered or unregistered, including without limitation patents, copyrights, trademarks, trade secrets, database rights, moral rights, and any similar rights, including all applications and registrations for the foregoing.
1.8 "Effective Date": The date on which this Agreement (or an Order Form incorporating it) is effective, which shall be the date of last signature on the initial Order Form between the parties, or the date Customer otherwise accepts this Agreement (for example, by clicking acceptance or by using the Services, if applicable).
1.9 "Party" or "Parties": Refers to Company and/or Customer, as the context requires, each a party to this Agreement.
(Any other capitalized terms used in this Agreement shall have the meanings given in the context of their use or in an Order Form.)
2. Services and Orders
2.1 Provision of Services: Company shall provide the Services to Customer as described in each applicable Order Form. Company will use commercially reasonable efforts and professional skill and care in performing the Services. For managed or ongoing Services (such as MDR or platform access), Company will make the EyeR Platform available to Customer in accordance with this Agreement and any service levels or specifications included in an Order Form or Service Level Agreement (SLA) (if applicable). Customer’s use of the Services and Platform is limited to the scope, term, and number of users or assets specified in the Order Form. Customer may use the Services and Platform solely for its internal business purposes (or, if Customer is a managed service provider (MSP) as permitted under Section 2.4, for the benefit of its own end-customers) and in accordance with the terms of this Agreement.
2.2 Order Forms and Incorporation: Each Order Form will detail the specific Services, fees, duration (e.g. subscription term or project period), and any special terms for that order. Upon execution by both parties, an Order Form shall be deemed incorporated into this Agreement. An Order Form may be executed in counterparts (including electronically), and such counterparts together will constitute one instrument. Order of Precedence: In the event of a conflict, the provisions of this Master Services Agreement shall prevail over any conflicting term in an Order Form, unless the Order Form expressly states an intent to override the Agreement on a specific matter. No purchase order or other purchasing documents issued by Customer shall modify or supplement this Agreement, and any pre-printed or standard terms on any Customer purchase order are rejected and have no effect.
2.3 Changes to Services: Any changes to the scope of Services (including any additional services or deliverables) must be mutually agreed in writing (which may be via an amended Order Form or change order). If Company agrees to perform services or provide deliverables not expressly detailed in an Order Form, the parties shall negotiate in good faith any additional fees or terms applicable to such changes.
2.4 MSP/Reseller Use: If Customer is purchasing the Services as a managed service provider (MSP) or reseller, authorized by Company, then Customer is permitted to use the Services and Platform to provide services to its own clients (the “End Clients”) under the following conditions: (a) Customer remains the sole contracting party to Company and shall be fully responsible for compliance with this Agreement by anyone it allows to access or use the Services (including End Clients); (b) Customer shall ensure that each End Client is bound by terms at least as protective of Company’s rights (including confidentiality, intellectual property, and data protection) as this Agreement, and in no event shall Company have any direct liability or obligations to any End Client; (c) Customer shall not resell, sublicense, or permit access to the Services to any third party except in the regular course of providing managed services to End Clients as permitted herein; and (d) in the event an End Client’s actions or omissions would constitute a breach of this Agreement if done by Customer, Customer will be liable for such breach and will indemnify Company for any claims or damages arising from such End Client’s use of the Services. No Third-Party Beneficiary: For clarity, nothing in this Agreement gives any End Client or other third party any rights or remedies against Company; Company’s obligations are to Customer only.
3. Fees and Payment Terms
3.1 Fees: Customer shall pay all fees for the Services as set forth in each Order Form. Fees may include one-time fees (for example, for a specific incident response project or training) and/or recurring subscription fees (for example, annual fees for MDR services or platform access). All fees are stated in the Order Form and are exclusive of any applicable taxes (unless expressly stated otherwise).
3.2 Invoicing and Payment: Except as otherwise specified in an Order Form, Company will invoice Customer for fees as follows: (a) for recurring or subscription Services (such as platform access or ongoing MDR services), fees will be invoiced annually in advance (or on the schedule stated in the Order Form) and (b) for one-time or project-based Services (such as a penetration test or training), fees may be invoiced upfront or as milestones as stated in the Order Form. Unless otherwise agreed in the Order Form, payment for each invoice is due within 30 days from the invoice date (Net 30). All payments shall be made in the currency specified in the Order Form (if not specified, invoices will be in U.S. Dollars) and by the payment method designated (e.g. bank transfer, check, credit card) without setoff or deduction. Customer is responsible for providing complete and accurate billing and contact information to Company and notifying Company of any changes to such information.
3.3 Taxes: All fees are exclusive of any sales, use, value-added, withholding, or similar taxes or duties (“Taxes”). Customer is responsible for all Taxes associated with its purchases hereunder (excluding taxes on Company’s net income). If Company is required to collect or pay Taxes, such Taxes will be added to Customer’s invoice and paid by Customer unless Customer provides a valid tax exemption certificate. Company will not invoice Customer for taxes if Customer has provided appropriate documentation of tax-exempt status or direct payment permit.
3.4 Late Payments: If Customer fails to pay any invoice when due, Company reserves the right to charge interest on the overdue amount at the rate of 1.5% per month or the maximum rate permitted by law (whichever is lower), from the payment due date until the date of payment. In addition, if Customer’s payment is more than 30 days late, Company may, after providing written notice and an opportunity to cure of at least 7 days, suspend the provision of Services (including disabling access to the Platform) until overdue amounts are paid in full. Customer shall reimburse Company for all reasonable costs of collection of past due amounts, including attorneys’ fees.
3.5 Discounts and Pricing: Any discounts applied or special pricing provided in an Order Form are conditional on Customer’s timely payment and fulfillment of the agreed term. If an Order Form specifies a multi-year term with annual payments, pricing for each year is as set in the Order Form. Company will not increase pricing during the committed term of an Order Form except as expressly permitted in that Order Form. For any renewal term, pricing may be subject to adjustment as agreed by the parties in a renewal Order Form.
4. Confidentiality
4.1 Obligations: Each Receiving Party shall: (a) use the Disclosing Party’s Confidential Information solely for the purpose of performing its obligations or exercising its rights under this Agreement; (b) not disclose or make available the Disclosing Party’s Confidential Information to any third party except to its own affiliates, and to its or its affiliates’ employees, contractors, advisors, or agents who need to know such information for the Receiving Party to perform this Agreement, and who are bound by confidentiality obligations at least as restrictive as those in this Section; and (c) protect and safeguard the confidentiality of the Disclosing Party’s Confidential Information with at least the same degree of care as the Receiving Party uses to protect its own similar confidential information, and in no event less than a reasonable standard of care. The Receiving Party shall be responsible for any breach of confidentiality by any person to whom it discloses the Disclosing Party’s Confidential Information.
4.2 Permitted Disclosure: If the Receiving Party is required by law, regulation, or court order to disclose any of the Disclosing Party’s Confidential Information, the Receiving Party shall (to the extent legally permitted) promptly notify the Disclosing Party in writing to allow the Disclosing Party an opportunity to seek a protective order or otherwise contest the disclosure. The Receiving Party may then disclose only the portion of Confidential Information legally required to be disclosed, and must use commercially reasonable efforts to ensure that such information is treated confidentially by the receiving authority.
4.3 Return or Destruction: Except as otherwise provided in this Agreement, upon termination of this Agreement (or sooner, upon request of the Disclosing Party), the Receiving Party shall return or, at the Disclosing Party’s election, destroy the Disclosing Party’s Confidential Information in its possession or control, and certify in writing that it has done so, except that the Receiving Party may retain one archival copy of Confidential Information solely for the purpose of compliance with legal, regulatory, or internal backup requirements, subject to continued confidentiality obligations.
4.4 Duration: The obligations in this Section 4 (Confidentiality) begin on disclosure of Confidential Information and remain in effect for the term of the Agreement and for five (5) years after termination. However, with respect to any trade secrets (as defined by applicable law) of the Disclosing Party, the confidentiality obligations survive indefinitely for as long as such information remains a trade secret.
5. Data Protection and Security
5.1 Data Protection: Each Party shall comply with all applicable data protection and privacy laws in connection with its respective activities under this Agreement. Customer represents that it has the lawful right to provide any personal data or other Customer Data to Company in connection with the Services. To the extent that Company processes any personal data on Customer’s behalf as part of the Services (for example, security logs or employee information in the course of MDR services), Company will do so as a “processor” or “service provider” under applicable law and solely for the purpose of providing the Services in accordance with Customer’s instructions. Company will not use or disclose Customer Data except as necessary to provide the Services, as permitted by this Agreement, or as required by law. The Parties agree to enter into any additional data processing agreement or addendum reasonably necessary to comply with applicable privacy laws (such as the EU General Data Protection Regulation (GDPR) or Israeli Privacy Protection Law), if such laws apply to the Services.
5.2 Security Measures: Company acknowledges that Customer Data may include sensitive information and agrees to implement and maintain appropriate technical and organizational security measures to protect Customer Data against unauthorized access, loss, or alteration. Without limiting the foregoing, Company shall: (a) maintain an information security program that adheres to ISO/IEC 27001 standards for information security management (the Company is certified under ISO 27001 and shall maintain such certification, reflecting its adherence to ISO 27001 principles); (b) use industry-standard practices such as encryption, access controls, network security monitoring, and vulnerability management to safeguard Customer Data; (c) ensure that its personnel who have access to Customer Data are subject to confidentiality obligations and receive appropriate training on data protection; and (d) promptly investigate and notify Customer of any confirmed Data Breach involving unauthorized access to Customer Data, and provide cooperation and information reasonably required by Customer to satisfy any legal obligations regarding such breach.
5.3 Security Audits and Compliance: Upon Customer’s reasonable request (not more than once annually, and subject to appropriate confidentiality safeguards), Company can provide Customer with a summary of Company’s most recent ISO 27001 certification or audit report or other documentation reasonably sufficient to demonstrate Company’s compliance with the security requirements of this Agreement. Customer agrees that Company’s ISO 27001 certification and related audit reports shall be considered Confidential Information of Company.
5.4 Customer Data Ownership and Return: As between the parties, Customer retains all rights, title, and interest in and to Customer Data. Company claims no ownership of Customer Data. Upon termination or expiration of the Agreement, and upon written request of Customer, Company will return to Customer, or securely destroy, all Customer Data in Company’s possession or control, except to the extent that Company is legally required to retain copies or has archived data on back-up systems (in which case Company will protect such retained data in accordance with its continuing obligations under this Agreement). Company’s obligations to delete or return data are subject to Customer’s account being in good standing (e.g., all undisputed fees paid). Company may delete Customer Data from its active systems in the normal course of operations following termination, without liability, provided it has complied with this Section.
5.5 Customer Responsibilities for Data: Customer is responsible for obtaining any consents from, or providing notices to, individuals as required under applicable law for Company’s processing of personal data as described in this Agreement. Customer shall not upload or provide any personal data to Company beyond what is necessary for Company to perform the Services. If any Customer Data is subject to specific data protection requirements (for example, healthcare, financial, or other regulated data), Customer must notify Company in advance and the parties will document any additional requirements or safeguards in an addendum. Company is not responsible for compliance with any law or regulation that applies to Customer or Customer Data specifically, beyond the general obligations set forth in this Agreement.
6. Customer Responsibilities
6.1 Cooperation and Access: Customer shall provide reasonable cooperation, resources, and access as necessary for Company to perform the Services. This includes, as applicable: providing access to Customer’s systems, facilities, and networks for testing or monitoring; providing accurate and complete information about Customer’s IT environment and security policies; designating knowledgeable personnel to liaise with Company’s team; and making timely decisions and approvals to facilitate the Services. Customer acknowledges that the success and timing of the Services depend on such cooperation. Company will follow Customer’s reasonable security and facility guidelines when on-site or accessing Customer systems, provided those guidelines are provided to Company in advance.
6.2 Use of Services and Accounts: Customer shall use the Services and the EyeR Platform only for lawful purposes and in accordance with this Agreement and any applicable user documentation. Customer is responsible for maintaining the confidentiality and security of any account credentials (e.g., usernames, passwords, API keys) used by Customer to access the Platform or Services. Customer shall be responsible for all activities that occur under its accounts (including accounts of its authorized users and, if applicable, End Clients). Customer agrees not to: (a) permit any unauthorized third party to access or use the Services or Platform; (b) sell, rent, license, or lease the Services or Platform to any third party (except as expressly permitted for MSP use under Section 2.4); (c) attempt to reverse engineer, decompile, or disassemble any software or platform component (except to the extent such restriction is prohibited by law); (d) use the Services or Platform to store or transmit any malicious code, or in a manner that violates applicable law (including data privacy and export control laws) or infringes any third-party rights; or (e) perform any security penetration or vulnerability testing of the EyeR Platform except with Company’s prior written consent (this does not restrict Customer from performing such tests on its own systems outside of the Platform). Company reserves the right to suspend Services temporarily if Customer’s use poses a security risk to the Platform or violates the restrictions above, after giving notice and opportunity to cure if practicable.
6.3 Customer Systems and Backups: Customer is responsible for the legality and performance of its own information systems that are being monitored, tested, or otherwise interfaced with the Services. Except to the extent Company specifically undertakes a task as part of the Services (such as deploying security tools or patches), Customer remains responsible for the general maintenance, operation, and backup of its own systems and data. Customer should maintain appropriate backup copies of any critical data on its systems; Company’s Services (other than any explicit data backup service if provided) are not intended as a data backup or storage service for Customer’s production data.
6.4 Compliance with Laws: Customer shall use the Services in compliance with all laws and regulations applicable to Customer’s business, including data protection laws, intellectual property and export control laws. If a Service involves simulated attacks or other security testing that could inadvertently impact third parties or networks, Customer must ensure that proper permissions or notices are in place to allow such testing. Customer will not use the Platform or Services to attempt to gain unauthorized access to any system or data of any third party.
6.5 Customer’s Clients and Users: In cases where Customer provides the Services to End Clients (under Section 2.4) or allows its affiliates or contractors to use the Services, Customer is responsible for ensuring that such persons comply with the applicable terms of this Agreement. Any action or omission by any person who obtains access to the Services through Customer (including any End Client or affiliate) that would be a breach of this Agreement if committed by Customer shall be deemed a breach by Customer.
7. Intellectual Property Rights
7.1 Company IP: Company (and/or its licensors) retains all rights, title, and interest in and to the EyeR Platform, the Services, and all materials, technology, software, tools, know-how, processes, and any deliverables or work product provided by Company under this Agreement, including all associated Intellectual Property Rights (collectively, “Company Materials”). No rights are granted to Customer under this Agreement to use or access the Company Materials except as expressly set forth herein. Customer acknowledges that the Company Materials are proprietary to Company, and contain or constitute trade secrets, confidential information, and/or copyrighted material of Company or its licensors.
7.2 License to Customer: Subject to Customer’s compliance with this Agreement and payment of all applicable fees, Company grants to Customer a limited, non-exclusive, non-transferable, non-sublicensable license during the term of the applicable Order Form to access and use the EyeR Platform and any software or deliverables included in the Services solely for Customer’s internal business purposes (or for providing services to End Clients as permitted in Section 2.4), and solely in accordance with any usage parameters set forth in the Order Form or documentation. Any software provided may be in object code form and, if installed on Customer’s premises, may be subject to additional license terms in an exhibit or addendum. Customer’s rights in any deliverables that are specifically created by Company for Customer (e.g., a penetration test report or incident response report) shall be co-owned by Customer, provided that Company retains a perpetual, royalty-free right to use and reuse any generic knowledge, experience, and know-how (including templates, methodologies, and anonymized results) gained through providing such deliverable, for the benefit of Company’s overall services and other clients, as long as no Confidential Information of Customer is disclosed.
7.3 Restrictions: Except as expressly permitted in this Agreement, Customer shall not, and shall not permit any third party to:
(a) copy, modify, adapt, or create derivative works of the EyeR Platform, any software provided by Company, or any other Company Materials;
(b) reverse engineer, decompile, decrypt, or otherwise attempt to derive the source code or underlying ideas or algorithms of the EyeR Platform or any software, except to the limited extent such actions are permitted by law notwithstanding a contractual prohibition;
(c) distribute, sell, sublicense, lease, rent, or otherwise transfer the EyeR Platform or any portion of the Services to any third party (except to End Clients as expressly allowed under Section 2.4 and with the conditions stated therein);
(d) remove, obscure, or alter any copyright, trademark, or other proprietary notices affixed to or contained in any Company Materials;
(e) use the Services or Platform in any manner or for any purpose that infringes, misappropriates, or otherwise violates any Intellectual Property Rights or other rights of any person, or that violates any law or regulation;
(f) use or access the Services for the purpose of building a competitive product or service, or copying its features or user interface;
(g) introduce into the Platform any software, virus, worm, malware, or other code that could harm the Platform or any systems.
Any unauthorized use of the Company Materials or Services by Customer is a material breach of this Agreement and may result in termination of this Agreement or the relevant licenses, in addition to any other remedies available to Company under law.
7.4 Customer IP: As between the parties, Customer retains all Intellectual Property Rights in Customer Data and in any of Customer’s pre-existing materials or systems. Company’s use of any Customer-provided materials is solely for the purpose of delivering the Services to Customer. Customer grants to Company a limited, royalty-free, worldwide license to use, copy, modify, and create derivative works of any materials or data provided by Customer, solely as necessary for Company to perform the Services and for Company’s internal business purposes (such as improving its tools and algorithms), and subject to the confidentiality and data protection obligations herein. Company will not use Customer’s name, logos, or trademarks in any marketing or publicity materials without Customer’s prior written consent, except that Company may identify Customer as a client in its client lists or marketing presentations, unless Customer instructs otherwise in writing.
7.5 Feedback: Customer may provide suggestions, feedback, or ideas to Company regarding the Services or Platform (collectively, “Feedback”). While Customer is not required to provide Feedback, any such Feedback is given entirely voluntarily. Company may use, disclose, and incorporate any Feedback into its products and services without obligation or compensation to Customer. Customer hereby grants Company a perpetual, irrevocable, worldwide, sublicensable, royalty-free license to use and incorporate any Feedback provided by Customer or its users into Company’s products and services.
7.6 Third-Party Components: If the Platform or any software provided as part of the Services contains third-party open source or commercial components, Company will provide notices or licensing terms for those components in the documentation or upon request. Customer’s use of any third-party components as part of the Services will be subject to those third-party terms; however, the warranty, support, and liability obligations of Company with respect to such components are as set forth in this Agreement (unless the Order Form or documentation specifies otherwise for a particular component).
8. Representations and Warranties
8.1 Corporate Authority: Each party represents and warrants that it is a business entity duly organized, validly existing and in good standing under the laws of its jurisdiction of organization, and that it has full right, power, and authority to enter into and perform this Agreement. The individuals signing any Order Form or engaging the Services on behalf of each party are duly authorized to bind that party to the terms of this Agreement.
8.2 Company Warranties: Company warrants that: (a) the Services will be performed in a professional and workmanlike manner by appropriately skilled personnel, consistent with generally accepted industry standards for similar services, and (b) to Company’s knowledge, the Services and Company Materials provided to Customer do not infringe upon any third party’s Intellectual Property Rights. In the event of a breach of the warranty in subsection (a) (services standard), Customer’s exclusive remedy and Company’s sole obligation will be for Company to re-perform the non-conforming Services at no additional charge, or if re-performance is impracticable or fails to cure the breach, to credit or refund to Customer the fees paid for the deficient portion of the Services. Any claim for breach of the warranty in subsection (a) must be made by Customer in writing within 30 days after performance of the alleged non-conforming Services, otherwise Customer is deemed to accept the Services as-is.
8.3 Customer Warranties: Customer represents and warrants that: (a) Customer has the necessary rights, licenses, and consents in any materials or data (including Customer Data) that it provides to Company for use in connection with the Services, and that Company’s use of such materials in accordance with this Agreement will not violate any intellectual property, privacy, or other rights of any third party or any law; (b) Customer’s use of the Services and Platform will comply with all applicable laws and regulations; and (c) Customer will not provide to Company any data that is subject to special government security requirements (such as classified information) or that is regulated under laws requiring specific handling (such as health or credit card data) unless specifically agreed in writing.
8.4 Disclaimer of Warranties: Except for the express warranties set forth in this Agreement, Company hereby disclaims all other warranties of any kind, whether express, implied, statutory, or otherwise, to the maximum extent permitted by law. Without limiting the foregoing, Company specifically disclaims any implied warranties of merchantability, fitness for a particular purpose, title, and non-infringement. Company does not warrant that the Services or the EyeR Platform will be uninterrupted, error-free, or completely secure. Customer acknowledges that cybersecurity services, by their nature, cannot guarantee that all vulnerabilities, threats, or attacks will be detected or prevented, or that all incidents will be responded to and resolved. No advice or information obtained from Company or through the Services shall create any warranty not expressly stated in this Agreement.
8.5 High-Risk Activities: The Services and Platform are not designed or intended for use in hazardous environments requiring fail-safe performance (such as in operation of nuclear facilities, air traffic control, life support machines, or any other application where failure of the Services could lead to death, personal injury, or severe physical or environmental damage). Company expressly disclaims any warranty or liability for use of the Services in any such high-risk scenarios.
9. Limitation of Liability
9.1 Indirect Damages: To the fullest extent permitted by law, neither party shall be liable to the other for any indirect, special, incidental, consequential, exemplary, or punitive damages of any kind, or for any loss of profits, loss of revenue, loss of data, loss of business opportunities, business interruption, or cost of substitute services, arising out of or related to this Agreement or the Services, whether in contract, tort (including negligence), strict liability or any other legal theory, even if the party has been advised of the possibility of such damages. This disclaimer of liability shall not apply to the extent prohibited by applicable law.
9.2 Cap on Direct Damages: Except for the specific excluded liabilities set forth in Section 9.3 below, the total aggregate liability of either party to the other for all claims, damages, and losses arising out of or relating to this Agreement or any Order Form, regardless of the theory of liability (whether in contract, tort, indemnity or otherwise), shall not exceed the total amount of fees actually paid (or payable) by Customer to Company under this Agreement in the twelve (12) months immediately preceding the event giving rise to the claim (or, if the claim arises during the first twelve months of the Agreement, the amount of fees paid for such initial period). If no fees were paid (for example, if only evaluation services were provided), Company’s liability shall be limited to $100 USD. The existence of multiple claims will not enlarge this cap. The Parties acknowledge that the fees reflect the allocation of risk set forth in this Agreement and that Company would not enter into this Agreement without these limitations on its liability.
9.3 Exclusions: Nothing in this Agreement shall limit or exclude either party’s liability for: (a) death or personal injury caused by its negligence or willful misconduct; (b) fraud or fraudulent misrepresentation; (c) any liability that cannot be limited or excluded by law; and (d) gross negligence or willful misconduct of that party. In addition, the limitations in Sections 9.1 and 9.2 (indirect damages and cap) shall not apply to: (i) Customer’s obligation to pay fees due; (ii) either party’s obligations under Section 4 (Confidentiality) or any breach thereof; and (iii) Customer’s liability for unauthorized use or misuse of Company’s Intellectual Property or Services (including violation of license restrictions). However, the cap shall apply to liabilities arising from indemnification (Section 10) except to the extent such indemnified claim falls under an uncapped category above (such as willful misconduct).**
9.4 Application of Limitations: The parties agree that the limitations of liability in this Section 9 shall apply regardless of whether any limited or exclusive remedy fails of its essential purpose. The limitations of liability are an essential basis of the bargain between the parties and shall apply to the maximum extent permitted by law. Each provision of this Agreement that provides for a limitation of liability, disclaimer of warranties, or exclusion of damages is intended to be severable and independent of any other provision and to be enforced as such.
10. Indemnification
10.1 Indemnification by Company: Company shall defend Customer, its Affiliates and their officers, directors, and employees (collectively, “Customer Indemnitees”) from and against any third-party claims, demands, lawsuits or proceedings (“Claims”) alleging that the Services or EyeR Platform, as provided by Company and used by Customer in accordance with this Agreement, directly infringe a third party’s patent, copyright, or trademark, or misappropriate a third party’s trade secrets. Company will indemnify and hold harmless Customer Indemnitees from any damages, losses, and reasonable costs and expenses (including reasonable attorneys’ fees) finally awarded by a court of competent jurisdiction or agreed in settlement for such Claims. If any portion of the Services or Platform becomes, or in Company’s opinion is likely to become, the subject of an infringement claim, Company may, at its option: (a) procure for Customer the right to continue using the affected item; (b) modify or replace the affected item to make it non-infringing while preserving substantially equivalent functionality; or (c) if options (a) and (b) are not commercially reasonable, terminate the affected Services or license and refund to Customer any pre-paid fees for the terminated portion of Services on a pro-rata basis for the remaining unused period. Company’s obligations under this Section 10.1 will not apply to the extent that the alleged infringement arises from: (i) Customer Data or other materials provided by Customer; (ii) modifications to the Platform or Services by anyone other than Company; (iii) combination or use of the Services with other products, software, or systems not provided by Company, if the infringement would not have occurred but for such combination or use; or (iv) Customer’s breach of this Agreement. This Section 10.1 states Customer’s exclusive remedy and Company’s sole liability for any third-party intellectual property infringement claims arising from or related to the Services or Platform.
10.2 Indemnification by Customer: Customer shall defend Company, its Affiliates and their officers, directors, and employees (collectively, “Company Indemnitees”) from and against any third-party Claims arising out of or related to: (a) Customer’s or an End Client’s use of the Services or Platform in violation of this Agreement or applicable law (including any data or content transmitted or processed by Customer through the Services); (b) any breach by Customer of Section 7.3 (License/Use Restrictions) or of Customer’s warranties in Section 8.3 (including any claim that Company’s possession or use of Customer Data in accordance with this Agreement violates a third party’s rights or any law); or (c) Customer’s provision of the Services (or failure to provide services) to any End Client (including any representations made by Customer to the End Client about the Services beyond those set forth in Company’s official materials). Customer will indemnify and hold harmless Company Indemnitees from any damages, losses, and reasonable costs and expenses (including reasonable attorneys’ fees) finally awarded or agreed in settlement for such Claims.
10.3 Indemnification Procedure: The party seeking indemnification under this Section 10 (the “Indemnified Party”) shall: (a) promptly notify the other party (the “Indemnifying Party”) in writing of the Claim (provided that a failure to promptly notify will not relieve the Indemnifying Party of its obligations except to the extent materially prejudiced by the delay); (b) give the Indemnifying Party sole control of the defense and settlement of the Claim (however, the Indemnifying Party shall not settle any Claim in a manner that imposes liability or admission of fault on the Indemnified Party without the Indemnified Party’s prior written consent, not to be unreasonably withheld); and (c) provide, at the Indemnifying Party’s expense, all reasonable cooperation and assistance in defense of the Claim. The Indemnified Party may participate in the defense at its own cost with counsel of its choosing.
11. Term and Termination
11.1 Term of Agreement: This Agreement commences on the Effective Date and will remain in effect until terminated as provided herein. The term of each individual Order Form shall be as specified in that Order Form (e.g., a subscription term or project duration). This Agreement shall continue to govern each Order Form for its duration. If no Order Forms are in effect and no Services are being provided, either party may terminate this Agreement for convenience by providing 30 days’ written notice to the other party. Notwithstanding termination of this Agreement, any Order Form already in effect will continue to be governed by this Agreement until the expiration or termination of such Order Form, unless the Agreement itself is terminated for cause as set forth below.
11.2 Termination for Cause: Either party may terminate this Agreement (and any or all Order Forms) immediately upon written notice to the other party if the other party commits a material breach of this Agreement and fails to cure such breach within thirty (30) days after receiving written notice describing the breach in reasonable detail (or within 10 days in the case of non-payment by Customer). Without limiting the foregoing, any breach by Customer of the payment terms or of Section 4 (Confidentiality), Section 5 (Data Protection), or Section 7.3 (IP/Use Restrictions) shall be considered a material breach. Additionally, either party may terminate this Agreement immediately by written notice if the other party (a) becomes insolvent, makes an assignment for the benefit of creditors, or is the subject of any bankruptcy or equivalent proceeding that is not dismissed within sixty (60) days, or (b) ceases to do business in the ordinary course.
11.3 Effect of Termination: Upon termination or expiration of this Agreement or any Order Form for any reason: (a) Company shall cease providing the terminated Services, and all licenses and rights granted to Customer for the terminated Services or Platform access shall immediately end; (b) Customer shall immediately cease all use of the EyeR Platform and any other Company Materials provided in connection with the terminated Services, and shall return or (at Company’s request) destroy any Company Materials in its possession, certifying such destruction if requested; (c) Customer shall pay any outstanding unpaid fees and charges for Services rendered up to the termination date (and, if the termination is by Company for Customer’s breach, Customer will also be liable for any unpaid fees that would have been payable for the remainder of the committed term of any Order Form, absent such termination – provided that this will not limit Company’s duty to mitigate actual costs in such scenario); and (d) Company will return or delete Customer Data as described in Section 5.4 above. In no event will termination relieve Customer of its obligation to pay any fees for Services provided prior to the effective date of termination.
11.4 Survival: Any provision of this Agreement that by its nature should survive termination or expiration shall survive, including but not limited to: Sections 1 (Definitions), 4 (Confidentiality), 5 (Data Protection and Security) (with respect to ongoing duties or post-termination data handling), 7 (Intellectual Property Rights), 8.4 (Disclaimers), 9 (Limitation of Liability), 10 (Indemnification), 11.3-11.4 (Effect of Termination and Survival), 13 (Governing Law and Dispute Resolution), and 14 (Miscellaneous), as well as any accrued payment obligations.
12. Force Majeure
Neither party shall be liable for any failure or delay in performing its obligations (except for payment obligations) under this Agreement if such failure or delay is due to circumstances beyond its reasonable control (“Force Majeure”). Force Majeure events include, but are not limited to, natural disasters (e.g., earthquakes, floods, hurricanes), acts of government, war, terrorism, civil unrest, labor strikes or lockouts, widespread Internet or electrical outages, epidemics or pandemics, and other events of similar magnitude beyond the party’s control. The party affected by a Force Majeure event shall promptly notify the other party of the event, describing its impact on performance. The affected party’s obligations (other than payment) shall be suspended for the duration of the Force Majeure condition, and the time for performance shall be extended by a period equivalent to the period of delay. If a Force Majeure event continues for an extended period (e.g., more than 60 days), either party may terminate any affected Order Form upon written notice, without further liability (except that Customer will pay for Services actually delivered prior to termination). Each party shall use reasonable efforts to mitigate the impact of any Force Majeure event.
13. Governing Law and Dispute Resolution
13.1 Governing Law: This Agreement and any disputes arising out of or related to this Agreement or the Services shall be governed in all respects by the laws of the State of Israel, without regard to its conflict of laws principles. The United Nations Convention on Contracts for the International Sale of Goods (1980) and any local enactment of the Uniform Computer Information Transactions Act (UCITA) shall not apply to this Agreement.
13.2 Jurisdiction and Venue: The parties hereby agree that all legal actions or proceedings arising out of or relating to this Agreement shall be brought exclusively in the competent courts located in Tel Aviv, Israel. Each party irrevocably submits to the exclusive jurisdiction of such courts and waives any objection based on forum non conveniens or any other objection to venue in such courts. The parties agree that a judgment of any such court may be enforced in any other jurisdiction as needed.
13.3 Equitable Relief: Notwithstanding the above, each party acknowledges that a breach of confidentiality or intellectual property obligations may cause irreparable harm to the other party for which monetary damages would be inadequate. In addition to any other remedies, either party may seek injunctive or other equitable relief in any court of competent jurisdiction to prevent or restrain any such breach or threatened breach.
13.4 Dispute Resolution Good Faith: Before initiating any legal action, the parties shall first attempt in good faith to resolve their dispute by negotiation between senior executives. If such efforts do not resolve the dispute within a reasonable time, either party may proceed to court as provided above. (This section does not prevent either party from seeking interim injunctive relief at any time if necessary to prevent serious and immediate harm.)
14. Miscellaneous
14.1 Entire Agreement: This Agreement, together with all Order Forms and any appendices or addenda referenced herein, constitutes the entire agreement between the parties with respect to the subject matter hereof, and supersedes all prior or contemporaneous agreements, proposals, negotiations, representations, and communications, whether written or oral, between the parties regarding the same subject matter. Each party acknowledges that in entering into this Agreement it has not relied on any statement or representation not expressly set out in this Agreement. In the event of any inconsistency between the main body of this Agreement and an Order Form or addendum, the order of precedence shall be as set forth in Section 2.2 above.
14.2 Amendments and Waivers: No modification or amendment of this Agreement or any Order Form shall be effective unless in writing and signed by authorized representatives of both parties (email or electronic acceptance through a Company-provided process may constitute “writing” if expressly so stated as acceptable). No failure or delay by either party in exercising any right or remedy under this Agreement shall operate as a waiver of that right or remedy. Any waiver of any provision of this Agreement must be in writing and signed by the waiving party, and shall not imply a waiver of any other provision or future breach.
14.3 Assignment: Customer may not assign or transfer this Agreement or any Order Form, in whole or in part, nor delegate any of its rights or obligations, without the prior written consent of Company (such consent not to be unreasonably withheld). Any attempted assignment in violation of this section shall be null and void. Company may assign this Agreement and any Order Forms (a) to any Affiliate or subsidiary, or (b) in connection with a merger, acquisition, corporate reorganization, or sale of all or substantially all of its assets related to this Agreement, upon written notice to Customer. Subject to the foregoing, this Agreement will bind and inure to the benefit of the parties’ respective successors and permitted assigns.
14.4 Notices: All legal notices or communications under this Agreement shall be in writing and shall be deemed given: (a) when delivered by hand or courier, or (b) when sent by registered or certified mail (return receipt requested), postage prepaid, and addressed to the respective addresses of the parties set forth in the Order Form (or to such other address as a party may designate by written notice to the other). Additionally, Company may provide routine notices related to the Services (such as service updates or alerts) to Customer by email or through the EyeR Platform; such routine communications do not constitute legal notices modifying the terms of the Agreement. Notices shall be deemed received upon actual delivery or refusal of delivery, except that email notices shall be deemed received only upon acknowledgment of receipt by an actual response (automated read-receipts not being sufficient). The Effective Date of an Order Form (as defined in that Order Form) for the start of Services shall be documented in the Order Form itself.
14.5 Relationship of the Parties: The relationship of Company and Customer is that of independent contractors. Nothing in this Agreement shall be construed to establish a partnership, joint venture, employment, franchise, or agency relationship between the parties. Neither party has the authority to bind or act on behalf of the other in any manner unless expressly provided otherwise in this Agreement.
14.6 No Third-Party Beneficiaries: Except as expressly provided in this Agreement (for example, indemnification of Affiliates or others as stated in Section 10), there are no third-party beneficiaries to this Agreement. This Agreement is intended solely for the benefit of the parties and their permitted assigns, and nothing in this Agreement, express or implied, shall confer upon any other person or entity any legal or equitable right, benefit, or remedy of any nature.
14.7 Severability: If any provision of this Agreement is held by a court of competent jurisdiction to be invalid, illegal, or unenforceable, that provision shall be enforced to the maximum extent permissible so as to effect the parties’ intent, and the remaining provisions of this Agreement shall remain in full force and effect. The parties will negotiate in good faith a valid, legal, and enforceable substitute provision that most nearly reflects the original intent and economic effect of the invalid provision.
14.8 Counterparts and Signatures: This Agreement and any Order Form may be executed in counterparts, each of which will be deemed an original, and all of which together constitute one and the same agreement. Signatures delivered by electronic means (such as PDF or via an e-signature service) shall be deemed effective and binding to the same extent as original signatures. The parties agree that this Agreement may be stored and presented in electronic form and that electronic records of signatures are admissible as means of proving execution.
14.9 Compliance with Laws; Export: Each party shall comply with all laws and regulations applicable to its performance under this Agreement. Customer acknowledges that the EyeR Platform and certain Services may be subject to export control and sanctions laws, and Customer agrees not to export, re-export or provide access to the Platform or Services in violation of any such laws, including to any sanctioned countries or parties. Company may suspend its performance of Services to the extent required to comply with applicable sanctions or export laws, upon written notice to Customer.
14.10 Headings and Interpretation: The section headings in this Agreement are for convenience of reference only and shall not affect the meaning or interpretation of the Agreement’s provisions. Terms such as “including” or “for example” are deemed to be followed by “without limitation” whether or not so stated. In the event of ambiguity or if a question of intent or interpretation arises, this Agreement shall be construed as if drafted jointly by both parties and no presumptions or burdens of proof shall arise favoring or disfavoring any party by virtue of authorship of any provisions of this Agreement.
14.11 Publicity and Logo Use:
EyeR Security may include Customer’s name and logo in its internal customer lists and private investor or sales materials. Any public-facing reference to Customer (including use of Customer’s logo on EyeR’s website or any press release) shall require Customer’s prior written consent. Customer may revoke any such consent at any time upon written notice.
IN WITNESS WHEREOF, the parties hereto have caused this Master Services Agreement to be executed by their duly authorized representatives as of the Effective Date set forth in the first Order Form.
This Master Services Agreement (this “Agreement”) is made between EyeR Security (the “Company”), and the client identified in the applicable Order Form (the “Customer”). This Agreement, together with any Order Forms (defined below) executed by the parties, governs the provision of certain cybersecurity services and access to Company’s platform by Company to Customer. By executing an Order Form or using the Services, Customer agrees to the terms of this Agreement.
1. Definitions
1.1 "Affiliate": Any entity that directly or indirectly controls, is controlled by, or is under common control with a party, where "control" means ownership of more than 50% of the voting equity or other controlling interest of the entity.
1.2 "Confidential Information": All non-public information, in any form, that a party (“Disclosing Party”) provides to the other (“Receiving Party”) and which is identified as confidential or proprietary, or that reasonably should be understood to be confidential given the nature of the information and the circumstances of disclosure. Confidential Information includes, without limitation, business plans, financial data, pricing, customer lists, trade secrets, know-how, software, inventions, and any security information or reports. Confidential Information of the Company specifically includes the terms of this Agreement, the Services and platform (including any documentation or source code), and any deliverables provided to Customer. Confidential Information of the Customer includes Customer Data (defined below). Information is not Confidential Information if it: (a) is or becomes publicly available without breach of this Agreement; (b) was known to the Receiving Party without confidentiality obligation before disclosure; (c) is received from a third party not bound by confidentiality; or (d) is independently developed by the Receiving Party without use of or reference to the Disclosing Party’s Confidential Information.
1.3 "Customer Data": All data or information (including any personal data) that Customer or its agents provides to Company, or that Company processes on Customer’s behalf, in connection with the Services or use of the EyeR Platform. Customer Data does not include any data that is anonymized or aggregated such that it does not identify Customer or any individual.
1.4 "EyeR Platform" or "Platform": The proprietary cloud-based cybersecurity platform and related software and tools provided by Company for Customer’s use as part of the Services. This includes any dashboards, portals, applications, and algorithms made available to Customer, and any updates or modifications thereto.
1.5 "Order Form": An ordering document (including any order, statement of work, proposal, or quote) executed (including via electronic acceptance) by Customer and Company that describes the specific Services, quantities, fees, and other details of an order. Each Order Form is incorporated into and governed by this Agreement. In the event of any conflict between this Agreement and an Order Form, the terms of this Agreement shall govern unless the Order Form expressly overrides specific provisions of this Agreement.
1.6 "Services": The cybersecurity services and deliverables provided by Company under this Agreement, as specified in an Order Form. Services include, without limitation: Incident Response services, Penetration Testing, Managed Detection and Response (MDR), cybersecurity training and simulation exercises, onboarding and support services, and access to and use of the EyeR Platform. Services may also include any other professional or managed security services mutually agreed in an Order Form. The scope of Services for a particular engagement will be as set forth in the applicable Order Form.
1.7 "Intellectual Property Rights": All forms of intellectual property rights worldwide, whether registered or unregistered, including without limitation patents, copyrights, trademarks, trade secrets, database rights, moral rights, and any similar rights, including all applications and registrations for the foregoing.
1.8 "Effective Date": The date on which this Agreement (or an Order Form incorporating it) is effective, which shall be the date of last signature on the initial Order Form between the parties, or the date Customer otherwise accepts this Agreement (for example, by clicking acceptance or by using the Services, if applicable).
1.9 "Party" or "Parties": Refers to Company and/or Customer, as the context requires, each a party to this Agreement.
(Any other capitalized terms used in this Agreement shall have the meanings given in the context of their use or in an Order Form.)
2. Services and Orders
2.1 Provision of Services: Company shall provide the Services to Customer as described in each applicable Order Form. Company will use commercially reasonable efforts and professional skill and care in performing the Services. For managed or ongoing Services (such as MDR or platform access), Company will make the EyeR Platform available to Customer in accordance with this Agreement and any service levels or specifications included in an Order Form or Service Level Agreement (SLA) (if applicable). Customer’s use of the Services and Platform is limited to the scope, term, and number of users or assets specified in the Order Form. Customer may use the Services and Platform solely for its internal business purposes (or, if Customer is a managed service provider (MSP) as permitted under Section 2.4, for the benefit of its own end-customers) and in accordance with the terms of this Agreement.
2.2 Order Forms and Incorporation: Each Order Form will detail the specific Services, fees, duration (e.g. subscription term or project period), and any special terms for that order. Upon execution by both parties, an Order Form shall be deemed incorporated into this Agreement. An Order Form may be executed in counterparts (including electronically), and such counterparts together will constitute one instrument. Order of Precedence: In the event of a conflict, the provisions of this Master Services Agreement shall prevail over any conflicting term in an Order Form, unless the Order Form expressly states an intent to override the Agreement on a specific matter. No purchase order or other purchasing documents issued by Customer shall modify or supplement this Agreement, and any pre-printed or standard terms on any Customer purchase order are rejected and have no effect.
2.3 Changes to Services: Any changes to the scope of Services (including any additional services or deliverables) must be mutually agreed in writing (which may be via an amended Order Form or change order). If Company agrees to perform services or provide deliverables not expressly detailed in an Order Form, the parties shall negotiate in good faith any additional fees or terms applicable to such changes.
2.4 MSP/Reseller Use: If Customer is purchasing the Services as a managed service provider (MSP) or reseller, authorized by Company, then Customer is permitted to use the Services and Platform to provide services to its own clients (the “End Clients”) under the following conditions: (a) Customer remains the sole contracting party to Company and shall be fully responsible for compliance with this Agreement by anyone it allows to access or use the Services (including End Clients); (b) Customer shall ensure that each End Client is bound by terms at least as protective of Company’s rights (including confidentiality, intellectual property, and data protection) as this Agreement, and in no event shall Company have any direct liability or obligations to any End Client; (c) Customer shall not resell, sublicense, or permit access to the Services to any third party except in the regular course of providing managed services to End Clients as permitted herein; and (d) in the event an End Client’s actions or omissions would constitute a breach of this Agreement if done by Customer, Customer will be liable for such breach and will indemnify Company for any claims or damages arising from such End Client’s use of the Services. No Third-Party Beneficiary: For clarity, nothing in this Agreement gives any End Client or other third party any rights or remedies against Company; Company’s obligations are to Customer only.
3. Fees and Payment Terms
3.1 Fees: Customer shall pay all fees for the Services as set forth in each Order Form. Fees may include one-time fees (for example, for a specific incident response project or training) and/or recurring subscription fees (for example, annual fees for MDR services or platform access). All fees are stated in the Order Form and are exclusive of any applicable taxes (unless expressly stated otherwise).
3.2 Invoicing and Payment: Except as otherwise specified in an Order Form, Company will invoice Customer for fees as follows: (a) for recurring or subscription Services (such as platform access or ongoing MDR services), fees will be invoiced annually in advance (or on the schedule stated in the Order Form) and (b) for one-time or project-based Services (such as a penetration test or training), fees may be invoiced upfront or as milestones as stated in the Order Form. Unless otherwise agreed in the Order Form, payment for each invoice is due within 30 days from the invoice date (Net 30). All payments shall be made in the currency specified in the Order Form (if not specified, invoices will be in U.S. Dollars) and by the payment method designated (e.g. bank transfer, check, credit card) without setoff or deduction. Customer is responsible for providing complete and accurate billing and contact information to Company and notifying Company of any changes to such information.
3.3 Taxes: All fees are exclusive of any sales, use, value-added, withholding, or similar taxes or duties (“Taxes”). Customer is responsible for all Taxes associated with its purchases hereunder (excluding taxes on Company’s net income). If Company is required to collect or pay Taxes, such Taxes will be added to Customer’s invoice and paid by Customer unless Customer provides a valid tax exemption certificate. Company will not invoice Customer for taxes if Customer has provided appropriate documentation of tax-exempt status or direct payment permit.
3.4 Late Payments: If Customer fails to pay any invoice when due, Company reserves the right to charge interest on the overdue amount at the rate of 1.5% per month or the maximum rate permitted by law (whichever is lower), from the payment due date until the date of payment. In addition, if Customer’s payment is more than 30 days late, Company may, after providing written notice and an opportunity to cure of at least 7 days, suspend the provision of Services (including disabling access to the Platform) until overdue amounts are paid in full. Customer shall reimburse Company for all reasonable costs of collection of past due amounts, including attorneys’ fees.
3.5 Discounts and Pricing: Any discounts applied or special pricing provided in an Order Form are conditional on Customer’s timely payment and fulfillment of the agreed term. If an Order Form specifies a multi-year term with annual payments, pricing for each year is as set in the Order Form. Company will not increase pricing during the committed term of an Order Form except as expressly permitted in that Order Form. For any renewal term, pricing may be subject to adjustment as agreed by the parties in a renewal Order Form.
4. Confidentiality
4.1 Obligations: Each Receiving Party shall: (a) use the Disclosing Party’s Confidential Information solely for the purpose of performing its obligations or exercising its rights under this Agreement; (b) not disclose or make available the Disclosing Party’s Confidential Information to any third party except to its own affiliates, and to its or its affiliates’ employees, contractors, advisors, or agents who need to know such information for the Receiving Party to perform this Agreement, and who are bound by confidentiality obligations at least as restrictive as those in this Section; and (c) protect and safeguard the confidentiality of the Disclosing Party’s Confidential Information with at least the same degree of care as the Receiving Party uses to protect its own similar confidential information, and in no event less than a reasonable standard of care. The Receiving Party shall be responsible for any breach of confidentiality by any person to whom it discloses the Disclosing Party’s Confidential Information.
4.2 Permitted Disclosure: If the Receiving Party is required by law, regulation, or court order to disclose any of the Disclosing Party’s Confidential Information, the Receiving Party shall (to the extent legally permitted) promptly notify the Disclosing Party in writing to allow the Disclosing Party an opportunity to seek a protective order or otherwise contest the disclosure. The Receiving Party may then disclose only the portion of Confidential Information legally required to be disclosed, and must use commercially reasonable efforts to ensure that such information is treated confidentially by the receiving authority.
4.3 Return or Destruction: Except as otherwise provided in this Agreement, upon termination of this Agreement (or sooner, upon request of the Disclosing Party), the Receiving Party shall return or, at the Disclosing Party’s election, destroy the Disclosing Party’s Confidential Information in its possession or control, and certify in writing that it has done so, except that the Receiving Party may retain one archival copy of Confidential Information solely for the purpose of compliance with legal, regulatory, or internal backup requirements, subject to continued confidentiality obligations.
4.4 Duration: The obligations in this Section 4 (Confidentiality) begin on disclosure of Confidential Information and remain in effect for the term of the Agreement and for five (5) years after termination. However, with respect to any trade secrets (as defined by applicable law) of the Disclosing Party, the confidentiality obligations survive indefinitely for as long as such information remains a trade secret.
5. Data Protection and Security
5.1 Data Protection: Each Party shall comply with all applicable data protection and privacy laws in connection with its respective activities under this Agreement. Customer represents that it has the lawful right to provide any personal data or other Customer Data to Company in connection with the Services. To the extent that Company processes any personal data on Customer’s behalf as part of the Services (for example, security logs or employee information in the course of MDR services), Company will do so as a “processor” or “service provider” under applicable law and solely for the purpose of providing the Services in accordance with Customer’s instructions. Company will not use or disclose Customer Data except as necessary to provide the Services, as permitted by this Agreement, or as required by law. The Parties agree to enter into any additional data processing agreement or addendum reasonably necessary to comply with applicable privacy laws (such as the EU General Data Protection Regulation (GDPR) or Israeli Privacy Protection Law), if such laws apply to the Services.
5.2 Security Measures: Company acknowledges that Customer Data may include sensitive information and agrees to implement and maintain appropriate technical and organizational security measures to protect Customer Data against unauthorized access, loss, or alteration. Without limiting the foregoing, Company shall: (a) maintain an information security program that adheres to ISO/IEC 27001 standards for information security management (the Company is certified under ISO 27001 and shall maintain such certification, reflecting its adherence to ISO 27001 principles); (b) use industry-standard practices such as encryption, access controls, network security monitoring, and vulnerability management to safeguard Customer Data; (c) ensure that its personnel who have access to Customer Data are subject to confidentiality obligations and receive appropriate training on data protection; and (d) promptly investigate and notify Customer of any confirmed Data Breach involving unauthorized access to Customer Data, and provide cooperation and information reasonably required by Customer to satisfy any legal obligations regarding such breach.
5.3 Security Audits and Compliance: Upon Customer’s reasonable request (not more than once annually, and subject to appropriate confidentiality safeguards), Company can provide Customer with a summary of Company’s most recent ISO 27001 certification or audit report or other documentation reasonably sufficient to demonstrate Company’s compliance with the security requirements of this Agreement. Customer agrees that Company’s ISO 27001 certification and related audit reports shall be considered Confidential Information of Company.
5.4 Customer Data Ownership and Return: As between the parties, Customer retains all rights, title, and interest in and to Customer Data. Company claims no ownership of Customer Data. Upon termination or expiration of the Agreement, and upon written request of Customer, Company will return to Customer, or securely destroy, all Customer Data in Company’s possession or control, except to the extent that Company is legally required to retain copies or has archived data on back-up systems (in which case Company will protect such retained data in accordance with its continuing obligations under this Agreement). Company’s obligations to delete or return data are subject to Customer’s account being in good standing (e.g., all undisputed fees paid). Company may delete Customer Data from its active systems in the normal course of operations following termination, without liability, provided it has complied with this Section.
5.5 Customer Responsibilities for Data: Customer is responsible for obtaining any consents from, or providing notices to, individuals as required under applicable law for Company’s processing of personal data as described in this Agreement. Customer shall not upload or provide any personal data to Company beyond what is necessary for Company to perform the Services. If any Customer Data is subject to specific data protection requirements (for example, healthcare, financial, or other regulated data), Customer must notify Company in advance and the parties will document any additional requirements or safeguards in an addendum. Company is not responsible for compliance with any law or regulation that applies to Customer or Customer Data specifically, beyond the general obligations set forth in this Agreement.
6. Customer Responsibilities
6.1 Cooperation and Access: Customer shall provide reasonable cooperation, resources, and access as necessary for Company to perform the Services. This includes, as applicable: providing access to Customer’s systems, facilities, and networks for testing or monitoring; providing accurate and complete information about Customer’s IT environment and security policies; designating knowledgeable personnel to liaise with Company’s team; and making timely decisions and approvals to facilitate the Services. Customer acknowledges that the success and timing of the Services depend on such cooperation. Company will follow Customer’s reasonable security and facility guidelines when on-site or accessing Customer systems, provided those guidelines are provided to Company in advance.
6.2 Use of Services and Accounts: Customer shall use the Services and the EyeR Platform only for lawful purposes and in accordance with this Agreement and any applicable user documentation. Customer is responsible for maintaining the confidentiality and security of any account credentials (e.g., usernames, passwords, API keys) used by Customer to access the Platform or Services. Customer shall be responsible for all activities that occur under its accounts (including accounts of its authorized users and, if applicable, End Clients). Customer agrees not to: (a) permit any unauthorized third party to access or use the Services or Platform; (b) sell, rent, license, or lease the Services or Platform to any third party (except as expressly permitted for MSP use under Section 2.4); (c) attempt to reverse engineer, decompile, or disassemble any software or platform component (except to the extent such restriction is prohibited by law); (d) use the Services or Platform to store or transmit any malicious code, or in a manner that violates applicable law (including data privacy and export control laws) or infringes any third-party rights; or (e) perform any security penetration or vulnerability testing of the EyeR Platform except with Company’s prior written consent (this does not restrict Customer from performing such tests on its own systems outside of the Platform). Company reserves the right to suspend Services temporarily if Customer’s use poses a security risk to the Platform or violates the restrictions above, after giving notice and opportunity to cure if practicable.
6.3 Customer Systems and Backups: Customer is responsible for the legality and performance of its own information systems that are being monitored, tested, or otherwise interfaced with the Services. Except to the extent Company specifically undertakes a task as part of the Services (such as deploying security tools or patches), Customer remains responsible for the general maintenance, operation, and backup of its own systems and data. Customer should maintain appropriate backup copies of any critical data on its systems; Company’s Services (other than any explicit data backup service if provided) are not intended as a data backup or storage service for Customer’s production data.
6.4 Compliance with Laws: Customer shall use the Services in compliance with all laws and regulations applicable to Customer’s business, including data protection laws, intellectual property and export control laws. If a Service involves simulated attacks or other security testing that could inadvertently impact third parties or networks, Customer must ensure that proper permissions or notices are in place to allow such testing. Customer will not use the Platform or Services to attempt to gain unauthorized access to any system or data of any third party.
6.5 Customer’s Clients and Users: In cases where Customer provides the Services to End Clients (under Section 2.4) or allows its affiliates or contractors to use the Services, Customer is responsible for ensuring that such persons comply with the applicable terms of this Agreement. Any action or omission by any person who obtains access to the Services through Customer (including any End Client or affiliate) that would be a breach of this Agreement if committed by Customer shall be deemed a breach by Customer.
7. Intellectual Property Rights
7.1 Company IP: Company (and/or its licensors) retains all rights, title, and interest in and to the EyeR Platform, the Services, and all materials, technology, software, tools, know-how, processes, and any deliverables or work product provided by Company under this Agreement, including all associated Intellectual Property Rights (collectively, “Company Materials”). No rights are granted to Customer under this Agreement to use or access the Company Materials except as expressly set forth herein. Customer acknowledges that the Company Materials are proprietary to Company, and contain or constitute trade secrets, confidential information, and/or copyrighted material of Company or its licensors.
7.2 License to Customer: Subject to Customer’s compliance with this Agreement and payment of all applicable fees, Company grants to Customer a limited, non-exclusive, non-transferable, non-sublicensable license during the term of the applicable Order Form to access and use the EyeR Platform and any software or deliverables included in the Services solely for Customer’s internal business purposes (or for providing services to End Clients as permitted in Section 2.4), and solely in accordance with any usage parameters set forth in the Order Form or documentation. Any software provided may be in object code form and, if installed on Customer’s premises, may be subject to additional license terms in an exhibit or addendum. Customer’s rights in any deliverables that are specifically created by Company for Customer (e.g., a penetration test report or incident response report) shall be co-owned by Customer, provided that Company retains a perpetual, royalty-free right to use and reuse any generic knowledge, experience, and know-how (including templates, methodologies, and anonymized results) gained through providing such deliverable, for the benefit of Company’s overall services and other clients, as long as no Confidential Information of Customer is disclosed.
7.3 Restrictions: Except as expressly permitted in this Agreement, Customer shall not, and shall not permit any third party to:
(a) copy, modify, adapt, or create derivative works of the EyeR Platform, any software provided by Company, or any other Company Materials;
(b) reverse engineer, decompile, decrypt, or otherwise attempt to derive the source code or underlying ideas or algorithms of the EyeR Platform or any software, except to the limited extent such actions are permitted by law notwithstanding a contractual prohibition;
(c) distribute, sell, sublicense, lease, rent, or otherwise transfer the EyeR Platform or any portion of the Services to any third party (except to End Clients as expressly allowed under Section 2.4 and with the conditions stated therein);
(d) remove, obscure, or alter any copyright, trademark, or other proprietary notices affixed to or contained in any Company Materials;
(e) use the Services or Platform in any manner or for any purpose that infringes, misappropriates, or otherwise violates any Intellectual Property Rights or other rights of any person, or that violates any law or regulation;
(f) use or access the Services for the purpose of building a competitive product or service, or copying its features or user interface;
(g) introduce into the Platform any software, virus, worm, malware, or other code that could harm the Platform or any systems.
Any unauthorized use of the Company Materials or Services by Customer is a material breach of this Agreement and may result in termination of this Agreement or the relevant licenses, in addition to any other remedies available to Company under law.
7.4 Customer IP: As between the parties, Customer retains all Intellectual Property Rights in Customer Data and in any of Customer’s pre-existing materials or systems. Company’s use of any Customer-provided materials is solely for the purpose of delivering the Services to Customer. Customer grants to Company a limited, royalty-free, worldwide license to use, copy, modify, and create derivative works of any materials or data provided by Customer, solely as necessary for Company to perform the Services and for Company’s internal business purposes (such as improving its tools and algorithms), and subject to the confidentiality and data protection obligations herein. Company will not use Customer’s name, logos, or trademarks in any marketing or publicity materials without Customer’s prior written consent, except that Company may identify Customer as a client in its client lists or marketing presentations, unless Customer instructs otherwise in writing.
7.5 Feedback: Customer may provide suggestions, feedback, or ideas to Company regarding the Services or Platform (collectively, “Feedback”). While Customer is not required to provide Feedback, any such Feedback is given entirely voluntarily. Company may use, disclose, and incorporate any Feedback into its products and services without obligation or compensation to Customer. Customer hereby grants Company a perpetual, irrevocable, worldwide, sublicensable, royalty-free license to use and incorporate any Feedback provided by Customer or its users into Company’s products and services.
7.6 Third-Party Components: If the Platform or any software provided as part of the Services contains third-party open source or commercial components, Company will provide notices or licensing terms for those components in the documentation or upon request. Customer’s use of any third-party components as part of the Services will be subject to those third-party terms; however, the warranty, support, and liability obligations of Company with respect to such components are as set forth in this Agreement (unless the Order Form or documentation specifies otherwise for a particular component).
8. Representations and Warranties
8.1 Corporate Authority: Each party represents and warrants that it is a business entity duly organized, validly existing and in good standing under the laws of its jurisdiction of organization, and that it has full right, power, and authority to enter into and perform this Agreement. The individuals signing any Order Form or engaging the Services on behalf of each party are duly authorized to bind that party to the terms of this Agreement.
8.2 Company Warranties: Company warrants that: (a) the Services will be performed in a professional and workmanlike manner by appropriately skilled personnel, consistent with generally accepted industry standards for similar services, and (b) to Company’s knowledge, the Services and Company Materials provided to Customer do not infringe upon any third party’s Intellectual Property Rights. In the event of a breach of the warranty in subsection (a) (services standard), Customer’s exclusive remedy and Company’s sole obligation will be for Company to re-perform the non-conforming Services at no additional charge, or if re-performance is impracticable or fails to cure the breach, to credit or refund to Customer the fees paid for the deficient portion of the Services. Any claim for breach of the warranty in subsection (a) must be made by Customer in writing within 30 days after performance of the alleged non-conforming Services, otherwise Customer is deemed to accept the Services as-is.
8.3 Customer Warranties: Customer represents and warrants that: (a) Customer has the necessary rights, licenses, and consents in any materials or data (including Customer Data) that it provides to Company for use in connection with the Services, and that Company’s use of such materials in accordance with this Agreement will not violate any intellectual property, privacy, or other rights of any third party or any law; (b) Customer’s use of the Services and Platform will comply with all applicable laws and regulations; and (c) Customer will not provide to Company any data that is subject to special government security requirements (such as classified information) or that is regulated under laws requiring specific handling (such as health or credit card data) unless specifically agreed in writing.
8.4 Disclaimer of Warranties: Except for the express warranties set forth in this Agreement, Company hereby disclaims all other warranties of any kind, whether express, implied, statutory, or otherwise, to the maximum extent permitted by law. Without limiting the foregoing, Company specifically disclaims any implied warranties of merchantability, fitness for a particular purpose, title, and non-infringement. Company does not warrant that the Services or the EyeR Platform will be uninterrupted, error-free, or completely secure. Customer acknowledges that cybersecurity services, by their nature, cannot guarantee that all vulnerabilities, threats, or attacks will be detected or prevented, or that all incidents will be responded to and resolved. No advice or information obtained from Company or through the Services shall create any warranty not expressly stated in this Agreement.
8.5 High-Risk Activities: The Services and Platform are not designed or intended for use in hazardous environments requiring fail-safe performance (such as in operation of nuclear facilities, air traffic control, life support machines, or any other application where failure of the Services could lead to death, personal injury, or severe physical or environmental damage). Company expressly disclaims any warranty or liability for use of the Services in any such high-risk scenarios.
9. Limitation of Liability
9.1 Indirect Damages: To the fullest extent permitted by law, neither party shall be liable to the other for any indirect, special, incidental, consequential, exemplary, or punitive damages of any kind, or for any loss of profits, loss of revenue, loss of data, loss of business opportunities, business interruption, or cost of substitute services, arising out of or related to this Agreement or the Services, whether in contract, tort (including negligence), strict liability or any other legal theory, even if the party has been advised of the possibility of such damages. This disclaimer of liability shall not apply to the extent prohibited by applicable law.
9.2 Cap on Direct Damages: Except for the specific excluded liabilities set forth in Section 9.3 below, the total aggregate liability of either party to the other for all claims, damages, and losses arising out of or relating to this Agreement or any Order Form, regardless of the theory of liability (whether in contract, tort, indemnity or otherwise), shall not exceed the total amount of fees actually paid (or payable) by Customer to Company under this Agreement in the twelve (12) months immediately preceding the event giving rise to the claim (or, if the claim arises during the first twelve months of the Agreement, the amount of fees paid for such initial period). If no fees were paid (for example, if only evaluation services were provided), Company’s liability shall be limited to $100 USD. The existence of multiple claims will not enlarge this cap. The Parties acknowledge that the fees reflect the allocation of risk set forth in this Agreement and that Company would not enter into this Agreement without these limitations on its liability.
9.3 Exclusions: Nothing in this Agreement shall limit or exclude either party’s liability for: (a) death or personal injury caused by its negligence or willful misconduct; (b) fraud or fraudulent misrepresentation; (c) any liability that cannot be limited or excluded by law; and (d) gross negligence or willful misconduct of that party. In addition, the limitations in Sections 9.1 and 9.2 (indirect damages and cap) shall not apply to: (i) Customer’s obligation to pay fees due; (ii) either party’s obligations under Section 4 (Confidentiality) or any breach thereof; and (iii) Customer’s liability for unauthorized use or misuse of Company’s Intellectual Property or Services (including violation of license restrictions). However, the cap shall apply to liabilities arising from indemnification (Section 10) except to the extent such indemnified claim falls under an uncapped category above (such as willful misconduct).**
9.4 Application of Limitations: The parties agree that the limitations of liability in this Section 9 shall apply regardless of whether any limited or exclusive remedy fails of its essential purpose. The limitations of liability are an essential basis of the bargain between the parties and shall apply to the maximum extent permitted by law. Each provision of this Agreement that provides for a limitation of liability, disclaimer of warranties, or exclusion of damages is intended to be severable and independent of any other provision and to be enforced as such.
10. Indemnification
10.1 Indemnification by Company: Company shall defend Customer, its Affiliates and their officers, directors, and employees (collectively, “Customer Indemnitees”) from and against any third-party claims, demands, lawsuits or proceedings (“Claims”) alleging that the Services or EyeR Platform, as provided by Company and used by Customer in accordance with this Agreement, directly infringe a third party’s patent, copyright, or trademark, or misappropriate a third party’s trade secrets. Company will indemnify and hold harmless Customer Indemnitees from any damages, losses, and reasonable costs and expenses (including reasonable attorneys’ fees) finally awarded by a court of competent jurisdiction or agreed in settlement for such Claims. If any portion of the Services or Platform becomes, or in Company’s opinion is likely to become, the subject of an infringement claim, Company may, at its option: (a) procure for Customer the right to continue using the affected item; (b) modify or replace the affected item to make it non-infringing while preserving substantially equivalent functionality; or (c) if options (a) and (b) are not commercially reasonable, terminate the affected Services or license and refund to Customer any pre-paid fees for the terminated portion of Services on a pro-rata basis for the remaining unused period. Company’s obligations under this Section 10.1 will not apply to the extent that the alleged infringement arises from: (i) Customer Data or other materials provided by Customer; (ii) modifications to the Platform or Services by anyone other than Company; (iii) combination or use of the Services with other products, software, or systems not provided by Company, if the infringement would not have occurred but for such combination or use; or (iv) Customer’s breach of this Agreement. This Section 10.1 states Customer’s exclusive remedy and Company’s sole liability for any third-party intellectual property infringement claims arising from or related to the Services or Platform.
10.2 Indemnification by Customer: Customer shall defend Company, its Affiliates and their officers, directors, and employees (collectively, “Company Indemnitees”) from and against any third-party Claims arising out of or related to: (a) Customer’s or an End Client’s use of the Services or Platform in violation of this Agreement or applicable law (including any data or content transmitted or processed by Customer through the Services); (b) any breach by Customer of Section 7.3 (License/Use Restrictions) or of Customer’s warranties in Section 8.3 (including any claim that Company’s possession or use of Customer Data in accordance with this Agreement violates a third party’s rights or any law); or (c) Customer’s provision of the Services (or failure to provide services) to any End Client (including any representations made by Customer to the End Client about the Services beyond those set forth in Company’s official materials). Customer will indemnify and hold harmless Company Indemnitees from any damages, losses, and reasonable costs and expenses (including reasonable attorneys’ fees) finally awarded or agreed in settlement for such Claims.
10.3 Indemnification Procedure: The party seeking indemnification under this Section 10 (the “Indemnified Party”) shall: (a) promptly notify the other party (the “Indemnifying Party”) in writing of the Claim (provided that a failure to promptly notify will not relieve the Indemnifying Party of its obligations except to the extent materially prejudiced by the delay); (b) give the Indemnifying Party sole control of the defense and settlement of the Claim (however, the Indemnifying Party shall not settle any Claim in a manner that imposes liability or admission of fault on the Indemnified Party without the Indemnified Party’s prior written consent, not to be unreasonably withheld); and (c) provide, at the Indemnifying Party’s expense, all reasonable cooperation and assistance in defense of the Claim. The Indemnified Party may participate in the defense at its own cost with counsel of its choosing.
11. Term and Termination
11.1 Term of Agreement: This Agreement commences on the Effective Date and will remain in effect until terminated as provided herein. The term of each individual Order Form shall be as specified in that Order Form (e.g., a subscription term or project duration). This Agreement shall continue to govern each Order Form for its duration. If no Order Forms are in effect and no Services are being provided, either party may terminate this Agreement for convenience by providing 30 days’ written notice to the other party. Notwithstanding termination of this Agreement, any Order Form already in effect will continue to be governed by this Agreement until the expiration or termination of such Order Form, unless the Agreement itself is terminated for cause as set forth below.
11.2 Termination for Cause: Either party may terminate this Agreement (and any or all Order Forms) immediately upon written notice to the other party if the other party commits a material breach of this Agreement and fails to cure such breach within thirty (30) days after receiving written notice describing the breach in reasonable detail (or within 10 days in the case of non-payment by Customer). Without limiting the foregoing, any breach by Customer of the payment terms or of Section 4 (Confidentiality), Section 5 (Data Protection), or Section 7.3 (IP/Use Restrictions) shall be considered a material breach. Additionally, either party may terminate this Agreement immediately by written notice if the other party (a) becomes insolvent, makes an assignment for the benefit of creditors, or is the subject of any bankruptcy or equivalent proceeding that is not dismissed within sixty (60) days, or (b) ceases to do business in the ordinary course.
11.3 Effect of Termination: Upon termination or expiration of this Agreement or any Order Form for any reason: (a) Company shall cease providing the terminated Services, and all licenses and rights granted to Customer for the terminated Services or Platform access shall immediately end; (b) Customer shall immediately cease all use of the EyeR Platform and any other Company Materials provided in connection with the terminated Services, and shall return or (at Company’s request) destroy any Company Materials in its possession, certifying such destruction if requested; (c) Customer shall pay any outstanding unpaid fees and charges for Services rendered up to the termination date (and, if the termination is by Company for Customer’s breach, Customer will also be liable for any unpaid fees that would have been payable for the remainder of the committed term of any Order Form, absent such termination – provided that this will not limit Company’s duty to mitigate actual costs in such scenario); and (d) Company will return or delete Customer Data as described in Section 5.4 above. In no event will termination relieve Customer of its obligation to pay any fees for Services provided prior to the effective date of termination.
11.4 Survival: Any provision of this Agreement that by its nature should survive termination or expiration shall survive, including but not limited to: Sections 1 (Definitions), 4 (Confidentiality), 5 (Data Protection and Security) (with respect to ongoing duties or post-termination data handling), 7 (Intellectual Property Rights), 8.4 (Disclaimers), 9 (Limitation of Liability), 10 (Indemnification), 11.3-11.4 (Effect of Termination and Survival), 13 (Governing Law and Dispute Resolution), and 14 (Miscellaneous), as well as any accrued payment obligations.
12. Force Majeure
Neither party shall be liable for any failure or delay in performing its obligations (except for payment obligations) under this Agreement if such failure or delay is due to circumstances beyond its reasonable control (“Force Majeure”). Force Majeure events include, but are not limited to, natural disasters (e.g., earthquakes, floods, hurricanes), acts of government, war, terrorism, civil unrest, labor strikes or lockouts, widespread Internet or electrical outages, epidemics or pandemics, and other events of similar magnitude beyond the party’s control. The party affected by a Force Majeure event shall promptly notify the other party of the event, describing its impact on performance. The affected party’s obligations (other than payment) shall be suspended for the duration of the Force Majeure condition, and the time for performance shall be extended by a period equivalent to the period of delay. If a Force Majeure event continues for an extended period (e.g., more than 60 days), either party may terminate any affected Order Form upon written notice, without further liability (except that Customer will pay for Services actually delivered prior to termination). Each party shall use reasonable efforts to mitigate the impact of any Force Majeure event.
13. Governing Law and Dispute Resolution
13.1 Governing Law: This Agreement and any disputes arising out of or related to this Agreement or the Services shall be governed in all respects by the laws of the State of Israel, without regard to its conflict of laws principles. The United Nations Convention on Contracts for the International Sale of Goods (1980) and any local enactment of the Uniform Computer Information Transactions Act (UCITA) shall not apply to this Agreement.
13.2 Jurisdiction and Venue: The parties hereby agree that all legal actions or proceedings arising out of or relating to this Agreement shall be brought exclusively in the competent courts located in Tel Aviv, Israel. Each party irrevocably submits to the exclusive jurisdiction of such courts and waives any objection based on forum non conveniens or any other objection to venue in such courts. The parties agree that a judgment of any such court may be enforced in any other jurisdiction as needed.
13.3 Equitable Relief: Notwithstanding the above, each party acknowledges that a breach of confidentiality or intellectual property obligations may cause irreparable harm to the other party for which monetary damages would be inadequate. In addition to any other remedies, either party may seek injunctive or other equitable relief in any court of competent jurisdiction to prevent or restrain any such breach or threatened breach.
13.4 Dispute Resolution Good Faith: Before initiating any legal action, the parties shall first attempt in good faith to resolve their dispute by negotiation between senior executives. If such efforts do not resolve the dispute within a reasonable time, either party may proceed to court as provided above. (This section does not prevent either party from seeking interim injunctive relief at any time if necessary to prevent serious and immediate harm.)
14. Miscellaneous
14.1 Entire Agreement: This Agreement, together with all Order Forms and any appendices or addenda referenced herein, constitutes the entire agreement between the parties with respect to the subject matter hereof, and supersedes all prior or contemporaneous agreements, proposals, negotiations, representations, and communications, whether written or oral, between the parties regarding the same subject matter. Each party acknowledges that in entering into this Agreement it has not relied on any statement or representation not expressly set out in this Agreement. In the event of any inconsistency between the main body of this Agreement and an Order Form or addendum, the order of precedence shall be as set forth in Section 2.2 above.
14.2 Amendments and Waivers: No modification or amendment of this Agreement or any Order Form shall be effective unless in writing and signed by authorized representatives of both parties (email or electronic acceptance through a Company-provided process may constitute “writing” if expressly so stated as acceptable). No failure or delay by either party in exercising any right or remedy under this Agreement shall operate as a waiver of that right or remedy. Any waiver of any provision of this Agreement must be in writing and signed by the waiving party, and shall not imply a waiver of any other provision or future breach.
14.3 Assignment: Customer may not assign or transfer this Agreement or any Order Form, in whole or in part, nor delegate any of its rights or obligations, without the prior written consent of Company (such consent not to be unreasonably withheld). Any attempted assignment in violation of this section shall be null and void. Company may assign this Agreement and any Order Forms (a) to any Affiliate or subsidiary, or (b) in connection with a merger, acquisition, corporate reorganization, or sale of all or substantially all of its assets related to this Agreement, upon written notice to Customer. Subject to the foregoing, this Agreement will bind and inure to the benefit of the parties’ respective successors and permitted assigns.
14.4 Notices: All legal notices or communications under this Agreement shall be in writing and shall be deemed given: (a) when delivered by hand or courier, or (b) when sent by registered or certified mail (return receipt requested), postage prepaid, and addressed to the respective addresses of the parties set forth in the Order Form (or to such other address as a party may designate by written notice to the other). Additionally, Company may provide routine notices related to the Services (such as service updates or alerts) to Customer by email or through the EyeR Platform; such routine communications do not constitute legal notices modifying the terms of the Agreement. Notices shall be deemed received upon actual delivery or refusal of delivery, except that email notices shall be deemed received only upon acknowledgment of receipt by an actual response (automated read-receipts not being sufficient). The Effective Date of an Order Form (as defined in that Order Form) for the start of Services shall be documented in the Order Form itself.
14.5 Relationship of the Parties: The relationship of Company and Customer is that of independent contractors. Nothing in this Agreement shall be construed to establish a partnership, joint venture, employment, franchise, or agency relationship between the parties. Neither party has the authority to bind or act on behalf of the other in any manner unless expressly provided otherwise in this Agreement.
14.6 No Third-Party Beneficiaries: Except as expressly provided in this Agreement (for example, indemnification of Affiliates or others as stated in Section 10), there are no third-party beneficiaries to this Agreement. This Agreement is intended solely for the benefit of the parties and their permitted assigns, and nothing in this Agreement, express or implied, shall confer upon any other person or entity any legal or equitable right, benefit, or remedy of any nature.
14.7 Severability: If any provision of this Agreement is held by a court of competent jurisdiction to be invalid, illegal, or unenforceable, that provision shall be enforced to the maximum extent permissible so as to effect the parties’ intent, and the remaining provisions of this Agreement shall remain in full force and effect. The parties will negotiate in good faith a valid, legal, and enforceable substitute provision that most nearly reflects the original intent and economic effect of the invalid provision.
14.8 Counterparts and Signatures: This Agreement and any Order Form may be executed in counterparts, each of which will be deemed an original, and all of which together constitute one and the same agreement. Signatures delivered by electronic means (such as PDF or via an e-signature service) shall be deemed effective and binding to the same extent as original signatures. The parties agree that this Agreement may be stored and presented in electronic form and that electronic records of signatures are admissible as means of proving execution.
14.9 Compliance with Laws; Export: Each party shall comply with all laws and regulations applicable to its performance under this Agreement. Customer acknowledges that the EyeR Platform and certain Services may be subject to export control and sanctions laws, and Customer agrees not to export, re-export or provide access to the Platform or Services in violation of any such laws, including to any sanctioned countries or parties. Company may suspend its performance of Services to the extent required to comply with applicable sanctions or export laws, upon written notice to Customer.
14.10 Headings and Interpretation: The section headings in this Agreement are for convenience of reference only and shall not affect the meaning or interpretation of the Agreement’s provisions. Terms such as “including” or “for example” are deemed to be followed by “without limitation” whether or not so stated. In the event of ambiguity or if a question of intent or interpretation arises, this Agreement shall be construed as if drafted jointly by both parties and no presumptions or burdens of proof shall arise favoring or disfavoring any party by virtue of authorship of any provisions of this Agreement.
14.11 Publicity and Logo Use:
EyeR Security may include Customer’s name and logo in its internal customer lists and private investor or sales materials. Any public-facing reference to Customer (including use of Customer’s logo on EyeR’s website or any press release) shall require Customer’s prior written consent. Customer may revoke any such consent at any time upon written notice.
IN WITNESS WHEREOF, the parties hereto have caused this Master Services Agreement to be executed by their duly authorized representatives as of the Effective Date set forth in the first Order Form.