Sonatype, Inc. ("Sonatype") shall provide to its customers (each a "Company") Support for the Products and Documentation in accordance with this Software Support Policy (the "Policy"), provided that such Support is limited to those Products for which Company currently has an active Subscription.


    All defined terms that are not defined herein will have the meaning ascribed to them in the Master Agreement.

    1. Authorized Support Contact: means an individual designated by Company to be responsible for contacting Sonatype's Support organization. All e-mail addresses associated with Authorized Support Contacts must be (i) tied to an individual (i.e., no shared e-mail or distribution lists) and (ii) a Company e-mail address that matches (or is substantially similar to) the Company name, unless otherwise mutually agreed upon by Sonatype and Company.  Company may change its Authorized Support Contact(s) at any time by utilizing or by contacting Sonatype Support.
    2. Error: means any verifiable and reproducible failure of a Product to substantially conform to the Specifications for such Product. Notwithstanding the foregoing, "Error" shall not include any such failure that is caused by: (i) the use or operation of the Product with any other software or programming languages or in an environment other than that intended or recommended by Sonatype in the Documentation, (ii) modifications to the Product not made by Sonatype, or (iii) any bug, defect, or error in third-party software used with the Product.
    3. Error Correction(s): means either (i) a modification or addition to or deletion from a Product that substantially conforms such Product to the then-current Specifications, or (ii) a procedure or routine that, when exercised in the regular operation of the Product, eliminates any material adverse effect on Company caused by such Error. An Error Correction may be a correction, workaround, fix, or service pack.
    4. Master Agreement: means the license or subscription agreement pursuant to which Product Subscriptions are purchased by Company.
    5. Software Releases: means the Major and Minor Releases made generally available from time to time by Sonatype. Software Releases do not include Options, new products being added to a product line, or new functionality that is sold as a separate product.
      1. Major Release: means any additional or replacement code for a Product that is made generally available from time to time by Sonatype that adds major new capabilities or functionality and that is designated by Sonatype, in its sole discretion, as a new Major Release of the Software, and generally designated by a change in version number to the left of the decimal.
      2. Minor Release: means any additional or replacement code for a Product that is made generally available from time to time by Sonatype that adds incremental capabilities or functionality to the Product and that is designated by Sonatype, in its sole discretion, as a Minor Release of the Software, and generally designated by a change in version number to the right of the decimal.
    6. Option: means any additional or replacement code that can be added to a Product to provide optional capability or functionality. Optional capabilities are those that some licensees may require and others may not.
    7. Specifications: means the published description of the Products, as set forth in the each Product's Documentation.
    8. Update: means additional or replacement code or Documentation for a Product that is provided by Sonatype to remedy an Error. An Update is a newSoftware Release and includes both Major and Minor Releases.
    1. Standard Support

      During the term of this Policy, Sonatype will provide technical consultation and advice related to the Products to Company's Authorized Support Contacts between the hours of 8:00 a.m. and 8:00 p.m. Eastern Time, Monday through Friday but excluding Sonatype's holidays, regardless of Severity Level. Standard Support is provided in accordance with Section 4 of this Policy. Company will also receive:

      1. Two (2) Authorized Support Contacts.
      2. Twenty-four (24) hour access to Sonatype's online support portal, including access for Authorized Support Contacts to Sonatype's eService for submitting and browsing trouble tickets.
      3. Product Maintenance as more fully described under Section 3 of this Policy.
    2. Extended Support

      In addition to Standard Support, Company has the option to purchase the Extended Support plan for Sonatype’s Product offerings.

      Except as otherwise agreed between Sonatype and Company, Extended support is included with Sonatype’s hosted Service offerings: Nexus IQ Cloud, Nexus Lifecycle Cloud and Nexus Firewall Cloud.

      Extended support includes:

      1. One (1) additional Authorized Support Contact for a total of three (3) Authorized Support Contacts.
      2. 24x7 Support for Severity 1 issues only.
    1. Product Releases.
      1. During the term of the applicable support plan, and provided that Company is not in breach of the Master Agreement, Sonatype will make available new, generally available, Software Releases to Company. All such Software Releases shall be delivered electronically over the Internet.
      2. Sonatype's support obligations shall apply only to the then-current generally available Software Release and the immediately preceding Software Release; provided that each Software Release shall be supported for a minimum of twelve (12) months from the date it is made generally available. In order to correct Errors in the Products reported by Company, Sonatype may require that Company update the applicable Products to the then-current Software Release.
    2. Error Corrections.
      1. During the term of the applicable support plan, Sonatype shall use commercially reasonable efforts to provide Error Corrections for Errors in the Products reported by Company to Sonatype.
      2. Sonatype shall have no obligation under this Policy to correct Errors that result from the breach by Company of this Policy or the Master Agreement, or which cannot be remedied due to any modifications of the Products made by Company or any third party. If Sonatype agrees to remedy any errors or problems not covered by the terms of this Policy, Company shall pay Sonatype for all such work performed at Sonatype's then-current standard professional services rates. Company acknowledges that Sonatype is under no obligation to perform services with respect to any hardware or any software other than the Products.
    1. Severity Classifications. The following support severities are used for classifying Company's issues. These classifications ensure consistent treatment of problems handled by Sonatype Support. Sonatype Support will decide on the appropriate severity level after consulting with Company.
      1. Severity 1: The Product is not functioning in accordance with the Specifications, production business operations cannot be performed, and no work-around is available. Sonatype and Company are willing to commit resources around the clock to resolve the situation (provided that Company's support plan includes after-hours coverage).
      2. Severity 2: The Product is not functioning in accordance with the Specifications, (i) affecting significant aspects of production business operations and no workaround is available, or (ii) Sonatype and Company have agreed to escalate an issue that would otherwise be Severity 3, but is delaying a production go-live that is scheduled to commence within seven days.
      3. Severity 3: The Product is not functioning in accordance with the Specifications, (i) affecting development, test, staging, or quality assurance (but not production) environments, or (ii) production business operations are impacted, but a known work-around exists. Company is able to implement the workaround without a severe interruption of production processing.
      4. Severity 4: Company requires information or assistance regarding a Product, Product capabilities, installation, or configuration; Company reports a cosmetic or Documentation issue that has no material impact on current productivity, or Company reports a problem or makes a suggestion that would result in a product enhancement.
  5. Response Expectations.
    1. For all supported Products (except for Lift Pro), Table 1 below specifies the level of response that will be given to an issue raised by Company based upon the assigned severity of the issue.

    TABLE 1

    Severity Level

    Acknowledgment Time*

    Response Expectation

    Severity 1

    Within 3 hours

    Provide a fix or workaround within 2 business days of trouble ticket submission

    Severity 2

    Within 5 hours

    Provide a fix or workaround within 1 week of trouble ticket submission

    Severity 3

    Within 6 hours

    Provide a fix or workaround by the release of the next Major Release

    Severity 4

    Within 8 hours

    Address the query in a commercially reasonable and timely manner

    *All times calculated based on business hours except that Severity 1 issues will be based on 24x7 response times only for customers with an Extended Support Subscription.

    If an issue is solvable, depending on the nature of the issue, the resolution may take the form of an explanation, recommendation, usage instructions, workaround instructions, or advising Company of an available software fix.

    1. ii. For Lift Pro, where Company raises an issue, Sonatype will aim to respond within one (1) business day.

    Any Error Corrections to the Products or Documentation effected or delivered under this Policy and any Updates, Error Corrections, or Software Releases delivered under this Policy shall be deemed part of the applicable Product and subject to all of the confidentiality and proprietary provisions set forth in the Master Agreement along with the terms governing it use.


    Sonatype hereby agrees to provide Product Maintenance for certain free, open source software applications listed at, which list may be updated by Sonatype from time to time at its discretion (“Open Source Offerings”) in accordance with the terms of this Policy and the Support plan applicable to Company. Company hereby acknowledges and agrees that: (a) the Open Source Offerings are not licensed to Company by Sonatype under the Master Agreement and that Sonatype is not liable for the performance of the Open Source Offerings; (b) Company’s use of each Open Source Offering is governed by the open source license applicable to such Open Source Offering; (c) Sonatype hereby disclaims all liability related to the Open Source Offerings and, as it relates to Sonatype, the Open Source Offerings are provided “AS-IS” without any express or implied warranties; and (d) any Product Maintenance related to the Open Source Offerings provided by Sonatype hereunder is provided “AS-IS” without any express or implied warranties.  For the avoidance of doubt and notwithstanding the above, Open Source Offerings are expressly excluded from the term Product as used in the Master Agreement including, without limitation, any and all use of such term in provisions pertaining to representations, warranties, covenants, and indemnities.


* Support Plans are subject to change at Sonatype's sole discretion.