Sonatype Unveils Full-Spectrum Software Supply Chain Management | Press Release

END USER LICENSE AGREEMENT

PLEASE READ THIS AGREEMENT CAREFULLY

This End User License Agreement (this “Agreement”) is entered into by and between Sonatype, Inc. ("Sonatype") and the entity licensing Products and/or receiving Services from Sonatype pursuant to this Agreement (“Company”) and governs Company's use of and access to all such Products and Services to which Company has requested access and/or for which Company has purchased a subscription as well as the provision of related Services. Sonatype and Company may be referred to individually in this agreement as a “Party” or collectively as the “Parties.”

1. DEFINITIONS

“Affiliate” means any entity that is controlled by, under the control of, or under common control with a Party where “control” means ownership of, or the right to control, greater than 50% of the voting securities of such entity.

“Application” means any computer software application.

"Company Data" means information, data, software, text, audio files, graphic files and other content, in any form or medium, that is submitted, posted, or otherwise transmitted by or on behalf of Company through a Product.

"Contractor” means any third party, which is not a competitor of Sonatype, engaged (directly or indirectly) by Company to perform services for the benefit of Company.

“Data Feed” means any and all data maintained and/or curated by Sonatype that is made available by Sonatype to Company, whether via one or more Product(s), the Reports, or otherwise, including data and metadata related to open source projects, software components, software, documentation, reports, text, images, sounds, video, and content.

“Documentation” means the user guide and technical specifications for the Products delivered or otherwise made available by Sonatype along with the Products as may be updated by Sonatype from time to time.

“Effective Date” means the date on which Company accepts the terms and conditions of this Agreement by entering into an Ordering Document and/or otherwise accepting the applicable Ordering Document.

“Non-Sonatype Applications” means a web-based or offline software application (including GitHub) that is provided by Company or a third party and interoperates with a Service.

“Open Source Software” means any third-party open source software or other similar community or free software (including software code licensed under any open source license agreement).

"Order Form" means a document governing purchases made by Company hereunder of Product Subscriptions and/or related Training Services.

“Ordering Document” means an Order Form and/or Renewal Quote that is accepted by each Party pursuant to the terms set forth therein, including by signing a written Ordering Document, submitting a purchase order, and/or submitting an order electronically through Sonatype’s website or an online marketplace.

“Person” means an individual, including all employees and Contractors of Company and its Affiliates (subject to Section 2(h)).

"Product" means Sonatype’s software application(s): (a) identified in one or more Ordering Document(s) (including any and all related Data Feed(s)) and for which Company purchases a Subscription pursuant to the terms of this Agreement; or (b) to which Sonatype grants Company access for the sole purposes of evaluating such software application in accordance with Section 2 (Free Trial) below.

“Renewal Quote” means a document governing renewal purchases of Product Subscriptions and/or related Training Services made by Company hereunder.

“Reports” means any reports or other data generated by the Products by, for, and/or on behalf of Company.

“Scan ID” means the unique identifier that is assigned to each Scan Unit for purposes of being scanned by a Product.

“Scan Unit” means an Application, or any part thereof (including microservices), that is assigned a unique Scan ID for purposes of being scanned by a Product.

"Service" means the Sonatype software-as-a-service offering(s) (including any and all related websites and/or Data Feed(s)) contemplated by one or more Ordering Document(s) and for which Company purchases a Subscription pursuant to the terms of this Agreement. In the event Company is purchasing a Service in this Agreement all references to “Product” will be deemed to include “Service”.

“Software Asset” means a software artifact or any portion thereof (including code, configuration files and/or container images) that is stored in or scanned, analyzed or otherwise evaluated by a Product (including via a website or by submitting the code in a pull-request on a repository where a Product is enabled).

“Software Component Identifiers” means certain software binaries, header files, hashed data and/or other metadata that serve to identify a software component.

“Subscription” means the right and license granted to Company by Sonatype to use the Products in accordance with the terms of this Agreement during the specified Subscription Term.

“Subscription Term” has the meaning set forth in Section 11(b) of this Agreement.

"User" means a Person who is authorized to use one or more Product(s) on Company’s behalf, including as set forth in Section 3(c).

2. FREE TRIAL

With regard to any permitted access to and use of the Products by Company related to a free trial, evaluation, license key extension or other non-production use authorized by Sonatype (the “Free Use”), Sonatype agrees, subject to the terms set forth in this Section and this Agreement, to make such Products available to Company for a term to expire on the earlier of: (a) the end of the free trial period for which you registered to use the Product; or (b) the start date of any Subscriptions for such Product purchased by Company from Sonatype (the “Free Use Period”); provided, that Sonatype may terminate the Free Use Period at its sole discretion by providing notice to Company. In the event of a conflict between this Section and any other portion of this Agreement, this Section shall control. Additional terms and conditions governing such Free Use may be imposed by Sonatype, and any such additional terms and conditions are incorporated into this Agreement by reference and are legally binding. ANY DATA THAT COMPANY ENTERS INTO THE PRODUCTS, AND ANY PERMITTED CUSTOMIZATIONS MADE TO THE PRODUCTS BY OR FOR COMPANY, DURING THE FREE USE PERIOD WILL BE PERMANENTLY LOST UNLESS (a) COMPANY PURCHASES A SUBSCRIPTION TO THE SAME PRODUCTS AS THOSE COVERED BY THE FREE USE OR (b) EXPORTS SUCH DATA BEFORE THE END OF THE FREE USE PERIOD. COMPANY CANNOT TRANSFER DATA ENTERED OR CUSTOMIZATIONS MADE DURING THE FREE USE PERIOD TO A PRODUCT THAT WOULD BE A DOWNGRADE FROM THAT USED DURING THE FREE USE PERIOD AND, THEREFORE, IF COMPANY PURCHASES A PRODUCT THAT WOULD BE A DOWNGRADE COMPANY MUST EXPORT ITS DATA BEFORE THE END OF THE FREE USE PERIOD OR IT WILL BE PERMANENTLY LOST. NOTWITHSTANDING SECTION 8 (WARRANTIES AND DISCLAIMERS), SECTION 9 (INDEMNIFICATION), AND SECTION 10 (LIMITATION OF LIABILITY), DURING THE FREE USE PERIOD THE PRODUCTS ARE PROVIDED “AS-IS” WITHOUT ANY WARRANTY AND SONATYPE SHALL HAVE NO INDEMNIFICATION OBLIGATIONS NOR LIABILITY OF ANY TYPE WITH RESPECT TO THE PRODUCTS UNLESS SUCH EXCLUSION OF LIABILITY IS NOT ENFORCEABLE UNDER APPLICABLE LAW IN WHICH CASE SONATYPE’S AGGREGATE LIABILITY WITH RESPECT TO THE PRODUCTS PROVIDED TO COMPANY DURING THE FREE USE PERIOD SHALL NOT EXCEED $1,000.00.

3. PRODUCTS

a. Ordering Documents; Delivery. Each Ordering Document shall form a part of this Agreement and be subject to the terms and conditions set forth herein. Sonatype will provide access to the Products and Documentation by electronic means (“Delivery”). Company agrees that Company’s purchases hereunder are neither contingent on the delivery of any future functionality or features nor dependent on any oral or written comments made by Sonatype regarding future functionality or features.

b. License; Subscriptions. Sonatype grants to Company a non-transferable, non-assignable (except as otherwise stated in Section 13(h)), non-sublicensable, non-exclusive, limited license and right to access and use the Products solely for Company’s internal business purposes during the Subscription Term, subject to the terms of this Agreement and the applicable Ordering Document. Company agrees that the Products will only be used in accordance with the Documentation and this Agreement and that it will be responsible for all use of the Products on Company’s behalf by its employees and Contractors.

c. User-Based Subscriptions. With regard to Subscriptions that are purchased by Company on a per-User basis as specified in the applicable Ordering Document, unless otherwise specified in the Ordering Document, a separate Subscription must be purchased for each Person who: (i) produces, consumes, or evaluates one or more Software Asset(s); and/or (ii) evaluates or in any way uses any Reports generated by the Products. For the avoidance of doubt, the Subscriptions may not be accessed by more than the licensed number of Users, and Subscriptions are restricted for use by designated Users only and cannot be shared or used by more than one User; provided that Company may reassign a Subscription to a new User replacing a former User who no longer requires ongoing use of or access to the Products.

d. Scan ID-Based Subscriptions. With regard to Subscriptions that are purchased by Company on a per-Scan ID basis as specified in the applicable Ordering Document, unless otherwise specified in the Ordering Document, (i) a separate Subscription must be purchased for each Scan Unit that will be scanned, analyzed or otherwise evaluated by the Product; (ii) each Scan ID can be used to scan one Scan Unit and cannot be used to scan, analyze or otherwise evaluate more than one Scan Unit; and (iii) once a Scan ID is assigned to a Scan Unit, it may not be reassigned to scan a different Scan Unit. The right to use any Scan ID will terminate upon expiration of the Subscription regardless of whether it was utilized by Company.

e. Restrictions. Company shall not, or permit any third party (i) to access the Products and/or Training Materials except as permitted herein or in an Ordering Document, (ii) modify, translate, reverse engineer, decompile, disassemble, create derivative works of or copy the Products or otherwise seek to obtain or use the source code, underlying ideas, algorithms or non-public APIs of the Product, except to the extent that applicable law expressly grants Company the right to do the same (and then only upon advance written notice to Sonatype), (iii) remove, alter or obscure any proprietary notices, labels or marks on any component or portion of the Products, (iv) use the Products in a manner that breaches Section 13(a) below; (v) market, sell, resell, rent, sublicense, distribute or lease the Products, (vi) interfere with or disrupt the integrity or performance of the Products and/or third-party data contained therein, (vii) use the Products for the benefit of any third party including use of the Products to operate as a service bureau, ASP, or hosting service, (viii) attempt to gain unauthorized access to the Products, or their related systems or networks, (ix) circumvent any measures present in the Products that regulate or in any other way limit access to or use or distribution of the Data Feed; (x) obtain access to the Data Feed via the use of non-public APIs or by replicating calls to the source of the Data Feed, (xi) access the Products, or permit access to the Products, for purposes of monitoring their availability, performance or functionality, or for any other benchmarking or competitive purposes, and/or (xii) access the Products in order to (A) build a competitive product or service, or (B) copy any features, functions or graphics of, or data or information in, the Products and/or Training Materials.

f. Reports If a Product allows Company to generate Reports or to access any Data Feed(s), then Company may use and copy such Reports and/or Data Feed solely for its internal business purposes; provided that use of such Reports and/or Data Feed(s) is subject to the restrictions set forth in Section 3(e) and the disclaimer set forth in Section 8(c).

g. Training Services. From time to time, Sonatype may perform certain training courses, workshops, and other professional services that are related to the Products (collectively, the “Training Services”) but only to the extent that any such Training Services are identified in an Ordering Document. All rights, title and interest in and to the documentation, training materials, work product, guides and presentations developed by Sonatype for use during the performance of the Training Services (“Training Materials”) shall be retained by Sonatype.

h. Use by Affiliates and Contractors Subject to the terms and conditions of this Agreement, Company’s Affiliates and Contractors may use the Products licensed to Company hereunder, provided that (i) such use is strictly limited to use for the benefit of Company’s internal business purposes; (ii) Company remains liable for the acts and omissions of, and responsible for compliance with the terms and conditions of this Agreement by, each Affiliate and Contractor; and (iii) such use by Company, its Affiliates and its Contractors, in the aggregate, does not exceed the scope of the Subscription purchased by Company pursuant to the applicable Ordering Document.

i. Service Offerings In the event Company purchases a Subscription to any Sonatype Service offering, the following additional provisions will apply solely with respect to Company’s use and access to such Service offerings:

i. Company Service Responsibilities. Company shall ensure that all Users comply with Company’s obligations under this Agreement and will be responsible for the acts and omissions of all Users and for the contents of their transmissions through the Services. Company will (A) use the Services only in accordance with this Agreement, Documentation, the Acceptable Use Policy posted at https://www.sonatype.com/usage/lift-terms (which may be modified by Sonatype from time to time), Ordering Documents, and applicable laws and government regulations, (B) prevent unauthorized access to or use of the Services, and notify Sonatype promptly of any attempted or actual unauthorized access or use, (C) be responsible for the accuracy, quality, backing up, maintenance and legality of Company Data, the means by which Company acquired Company Data, and Company’s use of Company Data with the Services, and (D) comply with terms of service of Non-Sonatype Applications with which Company uses a Service. In the event that Sonatype reasonably determines that any User’s use of any of the Services (I) breaches the terms of this Agreement, (II) threatens the security, integrity or availability of such Service, or (III) may adversely impact such Service, systems or content of any other Sonatype customer, Sonatype may, with immediate effect, suspend Company’s and/or any User’s access to the Services. Sonatype will use commercially reasonable efforts under the circumstances to provide Company with notice and an opportunity to remedy such violation or threat prior to any such suspension. Upon any suspension of Company’s or any User’s right to access or use the Services (or any portion thereof), Company will (y) remain responsible for payment of all fees and charges set forth in the applicable Ordering Document; and (z) remain responsible for any applicable fees and charges for any Services to which Company or any User continue to have access. Sonatype’s right to suspend Company’s or any User’s right to access or use the Services is in addition to Sonatype’s right to terminate this Agreement pursuant to Section 12.

ii. Sonatype Service Responsibilities Subject to Company’s use of the Service in accordance with this Agreement and the applicable Ordering Document, Sonatype will use commercially reasonable efforts to: (A) make a Service available to Company pursuant to this Agreement and the applicable Ordering Document and Documentation; (B) subject to Section 8(c), make a Service available 24 hours a day, 7 days a week, except for planned downtime; and (C) maintain the security and integrity of a Service. Sonatype reserves the right, in its sole discretion, to add, disable or remove features and functionalities, increase or decrease limits and system resources related to a Service, and make any other changes, updates, or improvements to such Service; provided, that such changes do not materially degrade the essential functionality of such Service purchased by Company pursuant to the applicable Ordering Document.

iii. Non-Sonatype Applications. Company and its Users may, register an account and/or log in to and/or enable a Service via various Non-Sonatype Applications. Company is responsible for ensuring that each User maintains the confidentiality of their login, password and account and for all activities that occur under any such logins or the account. The manner in which Non-Sonatype Applications use, store and disclose Company and User information is governed solely by the policies of the third parties operating the Non-Sonatype Applications, and Sonatype will have no liability or responsibility for the privacy practices or other actions of any third-party site, offering or service that may be enabled within a Service.

iv. Registration; Passwords; Company Security. Users may be required to register in order to gain access to a Service. Company is responsible for maintaining control over, and the confidentiality of, all User IDs, usernames, passwords, and other access credentials for each Service provided by Sonatype. Company is solely responsible for (i) all use of the Services by those who have access to such Services through Company (directly or indirectly, (ii) taking steps to maintain appropriate security, protection, and back-up of the Company Data and login credentials. In the event Company becomes aware of a suspected breach, Company will notify Sonatype immediately and cooperate with Sonatype to remedy the security incident.

4. PRODUCT MAINTENANCE. Sonatype will provide support and maintenance for the Products (“Product Maintenance”) pursuant to the terms of the support policy set forth at http://www.sonatype.com/Usage/Software-Support-Policy. Company hereby grants to Sonatype a non-exclusive, limited-term, royalty-free license to use, host, transmit and display the Company Data as reasonably necessary for Sonatype to provide and ensure the proper operation of the Products, Training Service and/or Product Maintenance to Company under this Agreement. Company hereby acknowledges and agrees that Sonatype reserves the right to compile, maintain and use technical, statistical, metric and performance information regarding Company’s use of the Products, including information that may identify Company’s computer (such as the Internet Protocol Address), browser type, operating system, and application usage ("Usage Information"), and Company further acknowledges and agrees that the Products may contain a feature that sends Usage Information along with other information regarding the operation of the Products on Company's computer systems to Sonatype. For the avoidance of doubt: (i) other than information used to authenticate Users, Usage Information does not include any personally identifiable information; (ii) all non-anonymized Usage Information received by Sonatype from Company is hereby deemed to be Company’s Confidential Information; and (iii) Sonatype will only (A) use the Usage Information to provide Product Maintenance and otherwise support Company, and (B) use anonymized and aggregated extracts from the Usage Information to improve and enhance its Product offerings.

5. FEES AND PAYMENT

a. Fees. Company will pay all fees specified in each Ordering Document, and shall reimburse Sonatype, at Sonatype’s actual cost and without mark-up, for Sonatype’s reasonable travel expenses that are incurred as a result of Sonatype’s performance of Training Services. Except as otherwise specified herein or in an Ordering Document, (i) fees are based on Product Subscriptions purchased and not actual usage, and (ii) all fees owed hereunder are non-cancelable, non-refundable, and shall be paid without recoupment or set-off.

b. Payment. Sonatype will submit an invoice for all Product Subscriptions and Training Services purchased by Company pursuant to an Ordering Document, and Company shall pay all amounts set forth in each invoice in accordance with the instructions set forth therein no later than thirty (30) days from the date of the invoice.

c. Overdue Charges; Suspension of Service. If any fees are not received from Company when due, then at Sonatype’s discretion, such unpaid fees may, at Sonatype’s discretion, accrue interest at the rate of 1.5% of the outstanding balance per month, or the maximum rate permitted by law, whichever is lower, from the date such payment was due until the date paid. If any amount owing by Company pursuant to this Agreement is thirty (30) or more days overdue, Sonatype may, without limiting Sonatype’s other rights and remedies, suspend Company’s access to the Products and/or provision of the Product Maintenance, and/or Training Services until such amounts are paid in full. For the avoidance of doubt, Sonatype will not exercise its rights under this Section 5(c) if the applicable charges are under reasonable and good-faith dispute and Company is cooperating diligently to resolve the dispute.

d. Taxes Unless otherwise stated, Sonatype’s fees do not include any taxes, levies, duties or similar governmental assessments of any nature, including value-added, sales, use or withholding taxes, assessable by any local, state, provincial, federal or foreign jurisdiction (collectively, "Taxes"). Except for Taxes assessable against Sonatype based on Sonatype’s income, Company is responsible for paying all Taxes associated with Company’s purchases hereunder. If Sonatype has the legal obligation to pay or collect Taxes for which Company is responsible under this paragraph, the appropriate amount shall be invoiced to and paid by Company in accordance with Section 5(b) above, unless Company provides Sonatype with a valid tax exemption certificate authorized by the appropriate taxing authority.

e. Audit. Company agrees to maintain complete and accurate records with respect to matters necessary to ensure Company’s compliance with this Agreement. Sonatype will have the right, at its own expense and upon reasonable prior notice, to inspect and audit Company’s records related to matters covered by this Agreement (the “Audit”). If such Audit reveals that Company has underpaid Sonatype with respect to any amounts due and payable during the period to which the Audit relates, Company shall promptly pay such amounts as are necessary to rectify such underpayment, together with interest in accordance with Section 5(c). Such inspection and audit rights shall extend throughout the term of this Agreement and for a period of one year thereafter.

6. PROPRIETARY RIGHTS

a. Reservation of Rights. Subject to the limited rights expressly granted herein, Sonatype, for itself and on behalf of its licensors, reserves, and Company acknowledges and agrees that Sonatype owns, all rights, title, and interest in and to the Products and Training Materials that are not expressly granted to Company in this Agreement. All rights, title and interest in and to any and all improvements, modifications, derivative works and innovations of, to and/or involving the Products and Training Materials will be retained in full and owned by Sonatype, even if such improvements, modifications, derivative works or innovations result from suggestions, enhancement requests, recommendations or other feedback provided to Sonatype by or on behalf of Company. Company agrees not to (i) challenge, directly or indirectly, Sonatype’s right, title, and interest in and to the Products or Training Materials, and/or (ii) attempt to secure any legal protection or intellectual property rights in or to any of the Products and Training Materials.

b. Open Source Software. The Products may be provided together with, or otherwise contain, certain Open Source Software, each licensed to Company under the respective open source license agreement (the “Open Source License”). Company hereby acknowledges and agrees to the terms and conditions in each such Open Source License. Any fees charged by Sonatype in connection with the Products do not apply to any Open Source Software for which fees may not be charged under the applicable Open Source License. In the event of a conflict between the terms of an applicable Open Source License and the terms of this Agreement, the terms of the Open Source License shall control solely with respect to the applicable Open Source Software. If the terms of any specific Open Source License entitle Company to the source code of the respective Open Source Software (if any), that source code may be available from Sonatype upon request (a nominal fee may be charged by Sonatype for processing such request).

c. Company Data. Sonatype acknowledges that, as between Sonatype and Company, Company owns all right, title, and interest in and to the Company Data (including all intellectual property rights therein). Company represents and warrants to Sonatype that Company has sufficient rights in and to the Company Data to grant the rights granted to Sonatype under this Agreement and that the rights granted to Sonatype for the Company Data do not infringe the rights of any third party.

7. CONFIDENTIALITY

a. Definition of Confidential Information. As used herein, "Confidential Information" means all confidential information disclosed by a Party ("Disclosing Party") to the other Party ("Receiving Party"), whether orally or in writing, that is designated as confidential or that reasonably should be understood to be confidential given the nature of the information and the circumstances of disclosure. Confidential Information of each Party shall include the terms and conditions of this Agreement and all Ordering Documents, as well as business and marketing plans, research, development, services, customers, customer lists, designs, drawings, technology and technical information, products, product plans, software, inventions, processes, formulas and finances of such Party; and Sonatype’s Confidential Information shall include the Products, the Training Materials and the Documentation. However, Confidential Information shall not include any information that (i) is or becomes generally known to the public without breach of any obligation owed to the Disclosing Party, (ii) was known to the Receiving Party prior to its disclosure by the Disclosing Party without breach of any obligation owed to the Disclosing Party, (iii) is received by the Receiving Party from a third party without breach of any obligation owed to the Disclosing Party, or (iv) was independently developed by the Receiving Party without use of or access to the Disclosing Party’s Confidential Information.

b. Protection of Confidential Information. Except as otherwise permitted in writing by the Disclosing Party or as otherwise set out in this Agreement, the Receiving Party shall (i) use the same degree of care that it uses to protect its own confidential information of like kind (but in no event less than reasonable care) not to disclose any Confidential Information of the Disclosing Party or use it for any purpose beyond the scope of this Agreement, and (ii) limit access to Confidential Information of the Disclosing Party to those of its employees, contractors and agents who need such access for purposes consistent with this Agreement, who have signed confidentiality agreements with the Receiving Party containing terms that are no less protective of the Confidential Information than those herein, and for whom the Receiving Party remains fully liable.

c. Compelled Disclosure. The Receiving Party may disclose Confidential Information of the Disclosing Party if it is compelled by law to do so, provided the Receiving Party gives the Disclosing Party prior written notice of such compelled disclosure (to the extent not legally prohibited) and, in the event that the Disclosing Party wishes to contest the disclosure, reasonable assistance, at the Disclosing Party's cost.

d. Injunctive Relief. Each Party acknowledges that the extent of damages in the event of any threatened or actual breach of this Section 7 would be difficult or impossible to ascertain and that there would be available no adequate remedy at law in the event of any such breach. Each Party therefore agrees that, in the event it breaches this Section 7, the other Party will be entitled to specific performance and injunctive or other equitable relief, in addition to any other relief to which it may be entitled at law or in equity. Any such relief shall be in addition to and not in lieu of any relief in the form of monetary damages.

8. WARRANTIES AND DISCLAIMERS

a. Sonatype’s Warranties. Sonatype warrants that: (i) all Training Services will be performed by Sonatype in a professional and workmanlike manner; provided that Company’s exclusive remedy in the event of a breach of this warranty will be re-performance of the Training Services by Sonatype; and (ii) the Products shall perform materially in accordance with the Documentation; provided that Sonatype’s sole liability and Company’s sole and exclusive remedy for any breach of this warranty shall be, in Sonatype’s sole discretion and at no charge to Company, to use commercially reasonable efforts to provide Company with an error correction or work-around that corrects the reported non-conformity or, if Sonatype determines such remedy to be impracticable, to terminate the Subscription Term and, provided Company complies with its post-termination obligations hereunder, refund to Company a pro-rata portion of the Subscription fees paid by Company to Sonatype for the applicable Products equal to the unused portion of the Subscription Term; provided further that the limited warranty set forth in this Section 7(a)(ii) will not apply if: (A) the Product is used with hardware or software not specified in the Documentation, (B) the error was caused by misuse, unauthorized modifications or third-party hardware, software or services, or by Company’s use of the Product in a manner that does not comply with this Agreement, or (C) a disruption to the Product is caused by the Company Data.

b. Mutual Warranties. Each Party represents and warrants that (i) it has the full right, power and authority to enter into this Agreement and perform its obligations hereunder; (ii) its execution, delivery and performance of this Agreement will not conflict with or result in a breach or other violation of any agreement or other third party obligation by which it is bound; (iii) when executed and delivered, this Agreement will constitute a legal, valid and binding obligation enforceable against it in accordance with its terms; and (iv) it will comply with all applicable laws in its performance of this Agreement.

c. General Disclaimers. EXCEPT AS OTHERWISE PROVIDED IN THIS AGREEMENT, SONATYPE MAKES NO AND HEREBY DISCLAIMS, AND COMPANY HEREBY WAIVES, ANY AND ALL, REPRESENTATIONS AND WARRANTIES REGARDING THIS AGREEMENT OR THE PRODUCTS, TRAINING SERVICES, PRODUCT MAINTENANCE, REPORTS AND/OR TRAINING MATERIALS CONTEMPLATED HEREBY, INCLUDING ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT AND ERROR-FREE OR UNINTERRUPTED SERVICE. FURTHERMORE, THE PRODUCTS, TRAINING SERVICES, PRODUCT MAINTENANCE REPORTS AND TRAINING MATERIALS MAY BE SUBJECT TO LIMITATIONS, DELAYS, AND OTHER PROBLEMS INHERENT IN THE USE OF THE INTERNET AND ELECTRONIC COMMUNICATIONS, AND SONATYPE IS NOT RESPONSIBLE FOR ANY DELAYS, DELIVERY FAILURES, OR OTHER DAMAGE RESULTING FROM SUCH PROBLEMS. MOREOVER, REPORTS GENERATED BY THE PRODUCTS INCLUDE PUBLICLY AVAILABLE LICENSE AND SECURITY INFORMATION RELEVANT TO CERTAIN SOFTWARE COMPONENT IDENTIFIERS AND, ALTHOUGH SONATYPE WILL MAKE COMMERCIALLY REASONABLE EFFORTS TO ENSURE THAT SUCH REPORTS ARE CURRENT AND ACCURATE, THERE ARE NATURAL LATENCIES ASSOCIATED WITH OBTAINING AND MAKING AVAILABLE INFORMATION AND DATA ASSOCIATED WITH SOFTWARE COMPONENT IDENTIFIERS. AS SUCH, COMPANY ACKNOWLEDGES AND AGREES THAT THE INFORMATION AND DATA INCLUDED IN SUCH REPORTS MAY NOT BE ACCURATE OR COMPLETE. FURTHERMORE, REFERENCES TO AND ANY CATEGORIZATION OF OPEN SOURCE SOFTWARE LICENSE AGREEMENTS (OR TERMS THEREOF) INCLUDED IN A REPORT DO NOT CONSTITUTE LEGAL ADVICE OR GUIDANCE, AND COMPANY ACKNOWLEDGES AND AGREES THAT IT IS RESPONSIBLE FOR SEEKING APPROPRIATE LEGAL ADVICE REGARDING COMPANY’S RIGHTS AND OBLIGATIONS SET FORTH IN ANY SUCH OPEN SOURCE SOFTWARE LICENSE AGREEMENT.

d. Open Source Software Disclaimer. Company may use the Products to access and use certain Open Source Software as artifacts that Company may retrieve from certain Open Source Software code repositories or any other public places or sites. Any such Open Source Software is not licensed by or through Sonatype and Company is solely responsible for determining its right to copy, modify or otherwise use such Open Source Software and for complying with the terms and conditions of the applicable license that governs such Open Source Software. SONATYPE MAKES NO WARRANTIES OR REPRESENTATIONS AND WILL HAVE NO LIABILITY OR RESPONSIBILITY REGARDING SUCH OPEN SOURCE SOFTWARE AND/OR COMPANY’S ACCESS TO AND/OR USE THEREOF.

9. INDEMNIFICATION.

a. Sonatype Indemnification.Sonatype shall defend Company against any claim, demand, suit, or proceeding ("Claim") made or brought against Company by a third party alleging that Company’s use of the Products as permitted in accordance with this Agreement infringes or misappropriates the intellectual property rights of a third party, and shall indemnify Company for any damages finally awarded against, and for reasonable attorney’s fees incurred by, Company in connection with any such Claim; provided that Company (i) promptly gives Sonatype written notice of the Claim; (ii) gives Sonatype sole control of the defense and settlement of the Claim; and (iii) provides to Sonatype all reasonable assistance, at Sonatype’s expense. Sonatype shall have no liability under this Agreement with respect to any Claim based upon: (A) combination or use of the Products with equipment, products, systems, software, materials or processes not furnished by Sonatype if, absent such combination, no infringement would exist; (B) use of the Products in a manner inconsistent with the Documentation; (C) use of the Products which use breaches this Agreement; or (D) use of any version of the Products other than the most current version or failure to timely implement any new release, modification, update, or replacement of the Products made available to Company by Sonatype. If Company’s use of a Product is, or in Sonatype’s opinion is likely to be, enjoined due to a Claim, then Sonatype may: (I) procure for Company the right to continue using such Product per the terms of this Agreement; (II) replace or modify the applicable Product so that it is non-infringing and substantially equivalent in function to the enjoined Product; or (III) terminate Company’s Subscription to access and use the Product and, provided Company complies with its post-termination obligations hereunder, refund any unused, prepaid fees covering the remainder of the Subscription Term after the effective date of such termination. This Section 9 states Sonatype’s sole liability to Company, and Company’s exclusive remedy against Sonatype, for any and all Claim(s).

b. Company Indemnification. Company will defend Sonatype and its Affiliates against any Claim made or brought against Sonatype by a third party alleging that any Company Data or Company’s use of Company Data with a Product infringes or misappropriates such third party’s intellectual property rights, or Claim arising from Company’s use of a Product in an unlawful manner or in violation of the Agreement, Documentation, or Ordering Document (each a “Claim Against Sonatype”), and shall indemnify Sonatype for any damages finally awarded against, and for reasonable attorney’s fees incurred by, Sonatype in connection with any such Claim Against Sonatype provided Sonatype (a) promptly gives Company written notice of the Claim Against Sonatype, (b) gives Company sole control of the defense and settlement of the Claim Against Sonatype (except that Company may not settle any Claim Against Sonatype unless it unconditionally releases Sonatype of all liability), and (c) gives Company all reasonable assistance, at Company’s expense.

10. LIMITATION OF LIABILITY. NEITHER PARTY WILL BE LIABLE (WHETHER IN CONTRACT, WARRANTY, TORT (INCLUDING NEGLIGENCE), PRODUCT LIABILITY OR OTHER THEORY), TO THE OTHER PARTY OR ANY OTHER PERSON OR ENTITY FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES (INCLUDING DAMAGES FOR LOSS OF PROFIT, BUSINESS OR DATA) ARISING OUT OF THIS AGREEMENT. EXCEPT FOR AMOUNTS TO BE PAID PURSUANT TO SECTION 9 OR DAMAGES ARISING FROM A BREACH OF SECTION 7, THE AGGREGATE LIABILITY OF SONATYPE ARISING OUT OF OR RELATING TO THIS AGREEMENT, WHETHER IN CONTRACT, WARRANTY, TORT (INCLUDING NEGLIGENCE) OR OTHERWISE, WILL NOT EXCEED THE AGGREGATE AMOUNT PAID AND PAYABLE BY COMPANY TO SONATYPE DURING THE TWELVE (12) MONTH PERIOD IMMEDIATELY PRECEDING THE DATE ON WHICH A CLAIM ARISES.

11. TERM AND TERMINATION

a. Term of Agreement. This Agreement commences on the Effective Date and shall govern all Ordering Documents that are agreed by the Parties until this Agreement is terminated pursuant to this Section 11.

b. Subscription Term. Each Subscription purchased by Company commences on the start date specified in the applicable Ordering Document and continues for the Subscription Term specified therein (the “Initial Term”). Except as otherwise specified in an Ordering Document, each Subscription Term shall commence upon Delivery. Except as otherwise specified in an Ordering Document or as terminated pursuant to this Agreement, all Subscriptions shall automatically renew for additional periods equal to twelve (12) months for the same quantity as of the end of the prior Subscription (each a “Renewal Term” and, together with the Initial Term, collectively referred to as the “Subscription Term”), unless either Party gives the other written notice of non-renewal at least 60 days prior to the end of the Subscription Term. The fees charged by Sonatype to Company for any Renewal Term shall be Sonatype’s then-current fees for the Products licensed as part of the Subscription. Notwithstanding anything to contrary in this Agreement or an Ordering Document, in the event Company elects to decrease the number of licensed Products, quantities or length of Subscription from the prior Subscription Term, this decrease will result in re-pricing of the Product Subscriptions for such Renewal Term without regard to any agreed per-unit pricing previously agreed by the Parties.

c. Termination. A Party may terminate any Ordering Document and/or this Agreement for cause: (i) upon 30 days written notice to the other Party of a material breach if such breach remains uncured at the expiration of such period; or (ii) if the other Party becomes the subject of a petition in bankruptcy or any other proceeding relating to insolvency, receivership, liquidation or assignment for the benefit of creditors.

d. Effect of Termination. Termination or expiration of this Agreement (for purposes of this Section, “Termination”) shall not release the Parties from any liability that, at the time of Termination, has already accrued or that thereafter may accrue with respect to any act or omission before Termination, or from any obligation that is expressly stated in this Agreement to survive Termination. Upon any Termination of this Agreement, each Party shall (i) immediately discontinue all access to and use of the other Party’s Confidential Information, including, for purposes of Company, all access to and use of the Products; (ii) delete the other Party’s Confidential Information from its computer storage or any other media, including online and off-line libraries; (iii) return to the other Party or, at the other Party’s option, destroy, all copies of such other Party’s Confidential Information then in its possession; and (iv) promptly pay all amounts due and remaining payable hereunder. Sonatype shall have no obligation to maintain or provide any Company Data and shall, unless legally prohibited, be entitled to delete all Company Data in its systems or otherwise in its possession or under its control. Termination of this Agreement, regardless of cause or nature, shall be without prejudice to any other rights or remedies of the Parties and shall be without liability for any loss or damage occasioned thereby.

e. Surviving Provisions. Any provision which by its very nature is intended to survive, including Sections 5, 6, 7, 10, 11(d) and (e), 12, and 13 shall survive any termination or expiration of this Agreement.

12. NOTICES, GOVERNING LAW AND JURISDICTION

a. Notices. Notices required or permitted by this Agreement shall be in writing and delivered as follows, with notice deemed given as indicated: (a) by personal delivery, when delivered personally; (b) by overnight courier, upon written verification of receipt; or (c) by certified or registered mail, return receipt requested, upon verification of receipt. Notices shall be sent as follows: (i) by Sonatype to Company’s last known address on file with Sonatype; and (ii) by Company to: Sonatype, Inc., 8161 Maple Lawn Boulevard, Suite 250, Fulton, MD 20759, Attention: Legal Department. Either Party may designate a different address by providing written notice to the other Party.

b. Governing Law; Jurisdiction; Jury Trial. The validity, construction and performance of this Agreement shall be governed by and construed in accordance with the laws of the State of Maryland, without regard to any conflicts of laws or choice of law rules, and each Party agrees to submit to the exclusive jurisdiction of the State courts located in Howard County, Maryland and Federal courts located in the State of Maryland. The Parties expressly disclaim the applicability of, and waive any rights based upon, the Uniform Computer Information Transactions Act or the United Nations Convention on Contracts for the International Sale of Goods. Each Party hereby waives any right to jury trial in connection with any action or litigation in any way arising out of or related to this Agreement.

13. GENERAL

a. Export and Sanctions Compliance. Each Party shall comply with the export and sanctions laws and regulations of the United States and other applicable jurisdictions when performing its obligations and/or exercising its rights hereunder. Without limiting the foregoing, (i) Company represents and warrants that neither it nor any of its officers or directors is identified on any U.S. government list of persons or entities prohibited from receiving exports from the United States or otherwise subject to sanctions, and no such sanctioned party has an interest in Company, and (ii) Company shall not permit the Products to be accessed or used in violation of any U.S. export and sanctions prohibition or restriction. Without limiting the generality of the foregoing, Company will not, directly or indirectly, remove or export from the United States or allow the export, re-export, or transfer (in country) of any part of the Product and/or Documentation: (A) to any jurisdiction that is subject to comprehensive U.S. sanctions or any party ordinarily resident in such jurisdiction; (B) to any party identified on (or controlled by one or more parties identified on) any U.S. government restricted party list, including without limitation the U.S. Commerce Department’s Bureau of Industry and Security Denied Persons List, Entity List, and Unverified List or U.S. Treasury Department Office of Foreign Assets Control’s list of Specially Designated Nationals; (C) to any country to which such export or re-export is restricted or prohibited, or as to which the United States government or any agency thereof requires an export license or other governmental approval at the time of export or re-export without first obtaining such license or approval; or (D) otherwise in violation of any export, sanctions import, or other trade restrictions, laws or regulations of any United States or applicable foreign governmental authority. In the event Company violates the terms of this Section 13(a), Sonatype may upon written notice to Company terminate this Agreement immediately along with any outstanding Ordering Documents.

b. Anti-Corruption. Company hereby agrees that neither it nor any of its Affiliates (including all of their respective employees, Contractors, agents and representatives) have received or been offered any illegal or improper bribe, kickback, payment, gift, or thing of value from any Sonatype’s employees or agents in connection with this Agreement. Reasonable gifts and entertainment provided in the ordinary course of business do not violate the above restriction. If Company learns of any violation of the above restriction, Company will use reasonable efforts to promptly notify Sonatype’s Legal Department at legal@sonatype.com.

c. Relationship of the Parties. The Parties will perform hereunder as independent contractors. Nothing contained in this Agreement shall be deemed to create any association, partnership, joint venture, or relationship of principal and agent between the Parties.

d. Government End Users. The Products are commercial computer software that were developed fully at private expense. If Company, a User, or any licensee of the Products is or becomes an agency, department, or other entity of the United States Government, the use, duplication, reproduction, release, modification, disclosure, or transfer of the Products, or any related Documentation of any kind, including technical data and manuals, is restricted by a license agreement or by the terms of this Agreement in accordance with Federal Acquisition Regulation 12.212 for civilian purposes and Defense Federal Acquisition Regulation Supplement 227.7202 for military purposes. All other use is prohibited.

e. No Third-Party Beneficiaries. There are no third-party beneficiaries to this Agreement, and the Parties acknowledge that this Agreement is intended solely for the benefit of the Parties, their successors and permitted assigns, and nothing herein, whether express or implied, shall confer upon any person or entity, other than the Parties, their permitted successors and assigns, any legal or equitable right whatsoever to enforce any provision of this Agreement .

f. Force Majeure. Sonatype shall be excused from performance of its obligations under this Agreement if such a failure to perform results from compliance with any requirement of applicable law or government order, acts of God, pandemic, epidemic, disease, fire, strike, embargo, terrorist attack, war, insurrection or riot, national or regional emergency, internet service provider failure or delay, denial of service or other causes beyond the reasonable control of Sonatype. Any delay resulting from any such cause shall extend performance accordingly or excuse performance, in whole or in part, as may be reasonable under the circumstances.

g. Waiver and Cumulative Remedies; Severability. No failure or delay by either Party in exercising any right under this Agreement shall constitute a waiver of that right. Other than as expressly stated herein, the remedies provided herein are in addition to, and not exclusive of, any other remedies of a Party at law or in equity. If any provision of this Agreement is held by a court of competent jurisdiction to be contrary to law, the provision shall be modified by the court and interpreted so as best to accomplish the objectives of the original provision to the fullest extent permitted by law, and the remaining provisions of this Agreement shall remain in effect.

h. Assignment. Neither Party will have the right to assign this Agreement without the written consent of the other Party; provided, however, that Sonatype will have the right to assign this Agreement to an Affiliate of Sonatype or pursuant to a merger, consolidation, reorganization or sale of all or substantially all of the assets of the business to which this Agreement relates. Any assignment in violation of the foregoing provision shall be void and of no effect. Subject to the foregoing, this Agreement shall bind and inure to the benefit of the Parties, their respective successors and permitted assigns.

i. Headings; Contract Interpretation. The captions to the Sections of this Agreement are not a part of this Agreement but are merely guides or labels to assist in locating and reading the Sections hereof. The terms “this Agreement,” “herein,” “hereof,” “hereunder” and similar expressions refer to this Agreement and not to any particular section or other portion hereof. Except as expressly provided otherwise, references herein to “days” are to calendar days. Any use of the term “including” in this Agreement shall be construed as if followed by the phrase “without limitation.”

j. Entire Agreement; Counterparts. This Agreement, including all Ordering Documents, constitutes the entire agreement between the Parties and supersedes all prior and contemporaneous agreements, proposals and representations, written or oral, concerning its subject matter. No modification, amendment, or waiver of any provision of this Agreement shall be effective unless in writing and signed by an authorized representative of each Party; provided that Sonatype reserves the right to modify the terms and conditions of this Agreement or its policies relating to the Products at any time, effective upon posting of an updated version of this Agreement at the same url. Company is responsible for regularly reviewing this Agreement, and continued use of the Products after any such changes shall constitute Company’s consent to such changes. Notwithstanding any language to the contrary therein, no terms or conditions stated in Company’s purchase order or other order documentation (excluding Ordering Documents) shall be incorporated into or form any part of this Agreement, and all such terms or conditions shall be null and void.