These SaaS General Terms and Conditions (“SaaS Terms and Conditions”) shall govern the provision of the SaaS Services by QuesTek Innovations LLC, a Delaware limited liability company (“QuesTek”) to the entity or person identified on the Order Form as the purchaser (“Customer”). QuesTek and Customer may be referred herein individually as a “Party” and collectively as the “Parties”. All capitalized terms used but not defined herein shall have the respective meanings ascribed to them under the Order Form. The Order Form and these SaaS Terms and Conditions are collectively referred to as the “Agreement”. 

1. Definitions.

"Access Credentials" means any user name, identification number, password, license or security key, security token, PIN or other security code, method, technology or device used, alone or in combination, to verify an individual's identity and authorization to access and use the SaaS Services.
"Action" has the meaning set forth in Section 12.1.
"Agreement" has the meaning set forth in the preamble.
"Authorized User" means each of the individuals authorized to use the SaaS Services pursuant to Section 3.1 and the other terms and conditions of this Agreement.
"Confidential Information" has the meaning set forth in Section 9.1.
"Customer" has the meaning set forth in the preamble.
"Customer Data" means, other than Resultant Data, information, data and other content, in any form or medium, that is collected, downloaded or otherwise received, directly or indirectly from Customer or an Authorized User by or through the SaaS Services or that incorporates or is derived from the Processing of such information, data or content by or through the SaaS Services. For the avoidance of doubt, Customer Data includes information reflecting the access or use of the SaaS Services by or on behalf of Customer or any Authorized User other than Resultant Data.
"Customer Failure" has the meaning set forth in Section 4.2.
"Customer Indemnitee" has the meaning set forth in Section 12.1.
"Customer Systems" means the Customer's information technology infrastructure, including computers, software, hardware, databases, electronic systems (including database management systems) and networks, whether operated directly by Customer or through the use of third-party services.
“Data Security Breach” means any actual or reasonably suspected (i) unauthorized access to, acquisition of, or use of Customer Confidential Information; (ii) unauthorized or accidental loss, alteration, disclosure, or destruction of Customer Confidential Information; (iii) compromise, intrusion, interference with, or unauthorized access to networks, systems, databases, servers, or electronic or other media on which Customer Confidential Information is Processed or from which Customer Confidential Informational may be accessed, including those of QuesTek Subcontractors; and/or (iv) other circumstance that actually or is reasonably suspected of compromising, or could compromise, the privacy, security, confidentiality, availability, or integrity of any Customer Confidential Information or the proper functioning of the network resources of Customer.
"Disclosing Party" has the meaning set forth in Section 9.1.
"Documentation" means any manuals, instructions or other documents or materials that the QuesTek provides or makes available to Customer in any form or medium and which describe the functionality, components, features or requirements of the SaaS Services or QuesTek Materials, including any aspect of the installation, configuration, integration, operation, use, support or maintenance thereof.
"Effective Date" has the meaning set forth in the preamble.
"Fees" has the meaning set forth in the Order Form.
"Force Majeure Event" has the meaning set forth in Section 14.1.
“Government Authority” means a legislature, executive, administrative or regulatory entity, judicial body, or other public agency or authority of any country, state, territory, or international governmental entity (e.g., the European Union), or of any political subdivision of a country, state, territory, or international governmental entity, or a person or entity acting under a grant of authority from or under contract with such public agency or authority.
"Harmful Code" means any software, hardware or other technology, device or means, including any virus, worm, malware or other malicious computer code, the purpose or effect of which is to (a) permit unauthorized access to, or to destroy, disrupt, disable, distort, or otherwise harm or impede in any manner any (i) computer, software, firmware, hardware, system or network or (ii) any application or function of any of the foregoing or the security, integrity, confidentiality or use of any data Processed thereby, or (b) prevent Customer or any Authorized User from accessing or using the SaaS Services or QuesTek Systems as intended by this Agreement. Harmful Code does not include any QuesTek Disabling Device.
"Indemnitee" has the meaning set forth in Section 12.3.
"Indemnitor" has the meaning set forth in Section 12.3.
"Intellectual Property Rights" means any and all registered and unregistered rights granted, applied for or otherwise now or hereafter in existence under or related to any patent, copyright, trademark, trade secret, database protection or other intellectual property rights laws, and all similar or equivalent rights or forms of protection, in any part of the world.
"Law" means any statute, law, ordinance, regulation, rule, code, order, constitution, treaty, common law, judgment, decree or other requirement of any federal, state, local or foreign government or political subdivision thereof, or any arbitrator, court or tribunal of competent jurisdiction.
"Losses" means any and all losses, damages, liabilities, deficiencies, claims, actions, judgments, settlements, interest, awards, penalties, fines, costs or expenses of whatever kind, including reasonable attorneys' fees and the costs of enforcing any right to indemnification hereunder and the cost of pursuing any insurance providers.
"Permitted Use" means any use of the SaaS Services by an Authorized User for the benefit of Customer solely in or for Customer's business operations.
"Person" means an individual, corporation, partnership, joint venture, limited liability entity, governmental authority, unincorporated organization, trust, association or other entity.
"Personal Information" means any information that does or can identify a specific individual or by or from which a specific individual may be identified, contacted or located.
"Process" means to take any action or perform any operation or set of operations that the SaaS Services are capable of taking or performing on any data, information or other content, including to collect, receive, input, upload, download, record, reproduce, store, organize, compile, combine, log, catalog, cross-reference, manage, maintain, copy, adapt, alter, translate or make other derivative works or improvements, process, retrieve, output, consult, use, perform, display, disseminate, transmit, submit, post, transfer, disclose or otherwise provide or make available, or block, erase or destroy. "Processing" and "Processed" have correlative meanings.
"QuesTek" has the meaning set forth in the preamble.
"QuesTek Disabling Device" means any software, hardware or other technology, device or means (including any back door, time bomb, time out, drop dead device, software routine or other disabling device) used by QuesTek or its designee to disable Customer's or any Authorized User's access to or use of the SaaS Services automatically with the passage of time or under the positive control of QuesTek or its designee.
"QuesTek Indemnitee" has the meaning set forth in Section 12.2.
"QuesTek Materials" means the Service Software, Specifications, Documentation and QuesTek Systems and any and all other information, data, documents, materials, works and other content, devices, methods, processes, hardware, software and other technologies and inventions, including any deliverables, technical or functional descriptions, requirements, plans or reports, that are provided or used by QuesTek or any Subcontractor in connection with the SaaS Services or otherwise comprise or relate to the SaaS Services or QuesTek Systems. For the avoidance of doubt, QuesTek Materials include Resultant Data and any information, data or other content derived from QuesTek's monitoring of Customer's access to or use of the SaaS Services, but do not include Customer Data.
"QuesTek Personnel" means all individuals involved in the performance of SaaS Services as employees, agents or independent contractors of QuesTek or any Subcontractor.
"QuesTek Systems" means the information technology infrastructure used by or on behalf of QuesTek in performing the SaaS Services, including all computers, software, hardware, databases, electronic systems (including database management systems) and networks, whether operated directly by QuesTek or through the use of third-party services.
"Receiving Party" has the meaning set forth in Section 9.1.
"Representatives" means, with respect to a party, that party's and its Affiliates' employees, officers, directors, consultants, agents, independent contractors, service providers, sublicensees, subcontractors and legal advisors.
"Resultant Data" means information, data and other content that is derived by or through the SaaS Services from Processing Customer Data and is sufficiently different from such Customer Data that such Customer Data cannot be reverse engineered or otherwise identified from the inspection, analysis or further Processing of such information, data or content.
"SaaS Services" has the meaning set forth in Section 2.1.
“Security Practices” has the meaning set forth in Section 7.1
"Service Software" means the QuesTek software application or applications and any third-party or other software, and all new versions, updates, revisions, improvements and modifications of the foregoing, that QuesTek provides remote access to and use of as part of the SaaS Services.
"Subcontractor" has the meaning set forth in Section 2.4.
"Term" has the meaning set forth in Section 10.1.
"Territory" means the territory indicated in the Order Form.
"Third Party Materials" means materials and information, in any form or medium, including any open-source or other software, documents, data, content, specifications, products, equipment or components of or relating to the SaaS Services that are not proprietary to QuesTek. 

1. Services.
   1. Services. Subject to and conditioned on Customer's and its Authorized Users' compliance with the terms and conditions of this Agreement, during the Term, QuesTek shall use commercially reasonable efforts to provide to Customer and its Authorized Users the SaaS services described in the Order Form and these SaaS Terms and Conditions ("SaaS Services") in accordance with the Service Level Agreement.  
   2. Service and System Control. Except as otherwise expressly provided in this Agreement, as between the parties:
      1. QuesTek has and will retain sole control over the operation, provision, maintenance and management of the SaaS Services and QuesTek Materials, and the QuesTek Systems; and
      2. Customer has and will retain sole control over the operation, maintenance and management of, and all access to and use of, the Customer Systems, and sole responsibility for all access to and use of the SaaS Services and QuesTek Materials by any Person by or through the Customer Systems or any other means controlled by Customer or any Authorized User, including any: (i) information, instructions or materials provided by any of them to the SaaS Services or QuesTek; (ii) results obtained from any use of the SaaS Services or QuesTek Materials; and (iii) conclusions, decisions or actions based on such use.

Notwithstanding anything to the contrary in this Agreement, all SaaS Services, including all Processing of Customer Data by or on behalf of QuesTek shall be provided solely from within, and on computers, systems, networks and other infrastructure located in, the United States.

1. Changes. QuesTek reserves the right, in its sole discretion, to make any changes to the SaaS Services and QuesTek Materials that it deems necessary or useful to: (a) maintain or enhance (i) the quality or delivery of QuesTek's services to its customers, (ii) the competitive strength of or market for QuesTek's services or (iii) the SaaS Services' cost efficiency or performance; or (b) to comply with applicable Law. 
2. Subcontractors. QuesTek may from time to time in its discretion engage third parties to perform SaaS Services (each, a "Subcontractor"). 
3. Suspension or Termination of Services. QuesTek may suspend, restrict, or otherwise deny Customer's, any Authorized User's or any other Person's access to or use of all or any part of the SaaS Services or QuesTek Materials, without incurring any resulting obligation or liability, if: (a) QuesTek receives a judicial or other governmental demand or order, subpoena or law enforcement request that expressly or by reasonable implication requires QuesTek to do so; or (b) QuesTek believes, in its good faith and reasonable discretion, that: (i) Customer or any Authorized User has failed to comply with, any term of this Agreement, or accessed or used the SaaS Services beyond the scope of the rights granted or for a purpose not authorized under this Agreement; or (ii) Customer or any Authorized User is, has been, or is likely to be involved in any fraudulent, misleading or unlawful activities; or (iii) this Agreement expires or is terminated. This Section 2.5 does not limit any of QuesTek's other rights or remedies, whether at law, in equity or under this Agreement.

1. Authorization and Customer Restrictions.
   1. Authorization. Subject to and conditioned on Customer's payment of the Fees and compliance and performance in accordance with all other terms and conditions of this Agreement, QuesTek hereby authorizes Customer to access and use, solely in the Territory and during the Term, the SaaS Services and such QuesTek Materials as QuesTek may supply or make available to Customer solely for the Permitted Use by and through Authorized Users in accordance with the conditions and limitations set forth in this Agreement. This authorization is non-exclusive and other than as may be expressly set forth in Section 15.7, non-transferable.
   2. Reservation of Rights. Nothing in this Agreement grants any right, title or interest in or to (including any license under) any Intellectual Property Rights in or relating to, the SaaS Services, QuesTek Materials or Third Party Materials, whether expressly, by implication, estoppel or otherwise. All right, title and interest in and to the SaaS Services, the QuesTek Materials and the Third Party Materials are and will remain with QuesTek and the respective rights holders in the Third Party Materials.
   3. Authorization Limitations and Restrictions. Customer shall not, and shall not permit any other Person to, access or use the SaaS Services or QuesTek Materials except as expressly permitted by this Agreement and, in the case of Third-Party Materials, the applicable third-party license agreement. For purposes of clarity and without limiting the generality of the foregoing, Customer shall not, except as this Agreement expressly permits:
      1. copy, modify or create derivative works or improvements of the SaaS Services or QuesTek Materials;
      2. rent, lease, lend, sell, sublicense, assign, distribute, publish, transfer or otherwise make available any SaaS Services or QuesTek Materials to any Person, including on or in connection with the internet or any time-sharing, service bureau, software as a service, cloud or other technology or service;
      3. reverse engineer, disassemble, decompile, decode, adapt or otherwise attempt to derive or gain access to the source code of the SaaS Services or QuesTek Materials, in whole or in part;
      4. bypass or breach any security device or protection used by the SaaS Services or QuesTek Materials or access or use the SaaS Services or QuesTek Materials other than by an Authorized User through the use of his or her own then valid Access Credentials;
      5. input, upload, transmit or otherwise provide to or through the SaaS Services or QuesTek Systems, any information or materials that are unlawful or injurious, or contain, transmit or activate any Harmful Code;
      6. damage, destroy, disrupt, disable, impair, interfere with or otherwise impede or harm in any manner the SaaS Services, QuesTek Systems or QuesTek's provision of services to any third party, in whole or in part;
      7. remove, delete, alter or obscure any trademarks, Documentation, warranties or disclaimers, or any copyright, trademark, patent or other intellectual property or proprietary rights notices from any SaaS Services or QuesTek Materials, including any copy thereof;
      8. access or use the SaaS Services or QuesTek Materials in any manner or for any purpose that infringes, misappropriates or otherwise violates any Intellectual Property Right or other right of any third party (including by any unauthorized access to, misappropriation, use, alteration, destruction or disclosure of the data of any other QuesTek customer), or that violates any applicable Law;
      9. access or use the SaaS Services or QuesTek Materials for purposes of competitive analysis of the SaaS Services or QuesTek Materials, the development, provision or use of a competing software service or product or any other purpose that is to the QuesTek's detriment or commercial disadvantage; or
      10. otherwise access or use the SaaS Services or QuesTek Materials beyond the scope of the authorization granted under Section 3.1. 
2. Customer Obligations.
   1. Customer Systems and Cooperation.  Customer shall at all times during the Term: (a) set up, maintain and operate in good repair and in accordance with all Customer Systems on or through which the SaaS Services are accessed or used; and (b) provide all cooperation and assistance as QuesTek may reasonably request to enable QuesTek to exercise its rights and perform its obligations under and in connection with this Agreement.
   2. Effect of Customer Failure or Delay. QuesTek is not responsible or liable for any delay or failure of performance caused in whole or in part by Customer's delay in performing, or failure to perform, any of its obligations under this Agreement (each, a "Customer Failure"). 
   3. Corrective Action and Notice. If Customer becomes aware of any actual or threatened activity prohibited by Section 3.3, Customer shall, and shall cause its Authorized Users to, promptly: (a) take all reasonable and lawful measures within their respective control that are necessary to stop the activity or threatened activity and to mitigate its effects (including, where applicable, by discontinuing and preventing any unauthorized access to the SaaS Services and QuesTek Materials and permanently erasing from their systems and destroying any data to which any of them have gained unauthorized access); and (b) notify QuesTek of any such actual or threatened activity. 
   4. Non-Solicitation. During the Term and for two (2) years after, Customer shall not, and shall not assist any other Person to, directly or indirectly recruit or solicit for employment or engagement as an independent contractor any Person then or within the prior twelve (12) months employed or engaged by QuesTek or any Subcontractor. In the event of a violation of this Section 4.4, QuesTek will be entitled to liquidated damages equal to the compensation paid by QuesTek to the applicable employee or contractor during the prior twelve (12) months.
3. Service Levels.
   1. Service Levels. Subject to the terms and conditions of this Agreement, QuesTek will use commercially reasonable efforts to provide availability to the SaaS Services, in accordance with the QuesTek Materials and terms and conditions hereof,  at least ninety nine percent (99%) of the time (“Service Level”) as measured over the course of each calendar month (each such calendar month, a “Service Period”), excluding unavailability as a result of any of the Exceptions described below in this Section 5.2 (the "Availability Requirement"). "Service Level Failure" means a material failure of the SaaS Services to meet the Availability Requirement. "Available" means the SaaS Services is available for access and use by Customer and its Authorized Users over the Internet and operating in material accordance with the QuesTek Materials.
   2. Service Availability Exceptions.  For purposes of calculating the Availability Requirement, the following are "Exceptions" to the Availability Requirement, and neither the SaaS Services will be considered un-Available nor any Service Level Failure be deemed to occur in connection with any failure to meet the Availability Requirement or impaired ability of Customer or its Authorized Users to access or use the SaaS Services that is due, in whole or in part, to any:   
      1.   Scheduled Downtime;
      2.   SaaS Services downtime or degradation due to a Force Majeure Event;
      3.   an act or omission by Customer to use of the SaaS Services, or using Customer’s Access Credentials, that does not strictly comply with this Agreement and the QuesTek Materials; 
      4.   Customer’s internet connectivity; 
      5.   failure, interruption, outage or other problem with any software, hardware, system, network, facility or other matter not supplied by QuesTek pursuant to this Agreement, including failed calculations using Third Party Materials; 
      6.   any other circumstances beyond QuesTek’s reasonable control, including the Authorized User’s use of Third Party Materials, misuse of the SaaS Services, or use of the SaaS Services other than in compliance with the express terms of this Agreement and the QuesTek Materials; and
   3.   any suspension or termination of the Authorized User’s access to or use of the SaaS Services as permitted by this Agreement.
4. Data Backup. All Customer Data is stored in the cloud with a mirrored standby database physically located in a different availability zone from that of the main database. In addition, all Customer Data is backed up in the cloud for up to thirty (30) days for 24 hours per day, from which the Customer Data may be retrieved at any point of time of the day during this range. In the event of any loss, destruction, damage or corruption of Customer Data caused by the QuesTek Systems or SaaS Services, QuesTek will, as its sole obligation and liability and as Customer's sole remedy, use commercially reasonable efforts to restore the Customer Data from QuesTek's then most current backup of such Customer Data
5. Security.
   1. QuesTek shall implement and maintain reasonable administrative, technical, and physical safeguards and other security measures commensurate with the type of data being Processed by QuesTek for or on behalf of Customer to prevent any unauthorized access or Processing of Customer Data and ensure the ongoing confidentiality, integrity, and resilience of QuesTek’s Systems and Processing services. Such safeguards and security measures shall include, without limitation, security procedures that are consistent with International Standards Organization (ISO) 27001, and any successor standards or updated version thereof, as appropriate (“Security Practices”) to safeguard the confidentiality, integrity, and availability of Customer Data and to protect against unauthorized access, acquisition, and/or interference by third parties, intrusion, theft, destruction, loss or alteration, including the implementation of industry-standard virus protection systems and intrusion detection systems.  QuesTek may revise its security procedures from time to time without notice to Customer, so long as the changes do not lessen the security achieved by such practices and are not reasonably likely to impact any Customer Data or the quality or availability of the SaaS Services or the performance of the SaaS Services under this Agreement.  
   2. In addition, QuesTek shall implement and maintain security measures including, without limitation: 
      1. standard operating procedures or work guidelines that govern QuesTek’s Processing of Customer Data and a program to monitor compliance with and to enforce such procedures or guidelines;
         1. transmission controls that enable QuesTek to determine which parties have received Customer Data and to prevent Customer Data from being accessed, read, copied, altered, removed, or otherwise Processed by unauthorized persons during electronic transmission or transportation or storage on data carriers;  
         2. input controls, data loss prevention tools, audit trails, logging, and robust monitoring of networks, systems, devices, and databases to enable QuesTek to detect any access, use, disclosure, or other Processing by unauthorized persons or for unauthorized purposes and to record and analyze whether, how, and by whom Customer Data has been entered, accessed, altered, removed, or otherwise Processed; 
         3. availability controls and business continuity measures, including effective back-up procedures and emergency action plans and redundancy measures to ensure service availability to Customer consistent with this Agreement;
         4. effective and up-to-date network security measures, including: 
            1. firewall protection, including firewalls that restrict access to QuesTek’s Local Area Network and production environments on the cloud; 
            2. commercially reasonable, reputable, and up-to-date virus protection within QuesTek organization on all employees’ endpoint clients; and 
            3. perimeter security controls reasonably designed to maintain the security and integrity of all Customer Data, including two-factor authentication for remote login access for any QuesTek employee with access to Customer Data;
         5. regular tests, assessments and evaluations of risks to the security, privacy, and confidentiality of Customer Data and the effectiveness of the safeguards as needed to protect the security, privacy, and confidentiality of Customer Data.  Such tests, assessments and evaluations shall include regular audits, vulnerability threat assessments, and penetration tests from reputable third-party vendors;
         6. industry-standard best practices and any measures required by Law(s) for secure disposal of any Customer Data and any paper documents, electronic equipment, or other electronic media that contain Customer Data; including secure removal or overwriting of data before equipment or electronic media is reused; 
         7. technical, physical, organizational and other measures to (a) ensure the protection of the rights of any data subject and (b) protect Customer Data against a Data Security Breach and against all other unauthorized, unlawful, or accidental forms of Processing of Customer Data; and
         8. technical and physical access controls that implement the security principles of “segregation of duties” and “least privilege,” to prevent unauthorized persons from Processing Customer Data, as appropriate, and ensuring that Customer Data is accessible to and Processed only by specific individuals and permitted Subcontractors who reasonably need to undertake such Processing in order for QuesTek to provide the SaaS Services.   Such controls shall include (a) mechanisms, including periodic review of access rights, that revoke access when an individual’s employment is terminated or the individual transitions to a role that does not require access to Customer Data, and (b) appropriate restrictions on physical access to premises, facilities, equipment, and records containing Customer Data and/or Personal Data, including intrusion detection systems, monitoring of entry and exit points, requirements for visitors to sign in and be accompanied, the use of identification cards by QuesTek employees, and storage of records and data in locked facilities, storage areas, or containers, as appropriate.
   3. .Data Breach Procedures. 
      1. QuesTek shall promptly, and in no less than twenty (24) hours notify Customer if QuesTek becomes aware of any actual or reasonably suspected (i) Data Security Breach that may involve Customer Confidential Information; or (ii) violation or potential future violation of Law(s) or the terms of this Agreement with respect to Customer Confidential Information; in all cases whether occurring at QuesTek, a Subcontractor, or elsewhere.  In addition, QuesTek shall (a) promptly furnish to Customer full details of the incident at issue and assist Customer in investigating the incident and identifying actions designed to or prevent recurrence, (b) cooperate with Customer in any litigation or investigation deemed necessary by Customer to protect its rights or defend against claims, and (c) use reasonable steps to prevent recurrence.  QuesTek shall bear any costs it incurs as a result of compliance with this Section.
      2. The following additional obligations shall apply in the event of an actual or reasonably suspected Data Security Breach that may involve Customer Confidential Information Processed by QuesTek or a Subcontractor:
         1. QuesTek shall provide written notice to Customer of any actual or reasonably suspected Data Security Breach that may involve Customer Confidential Information as soon as QuesTek becomes aware of facts suggesting that such an incident may have occurred, but in any event, no later than twenty four (24) hours (or such shorter period as may be imposed by Law).   Such notice shall explain the nature, scope, and impact of such Data Security Breach upon Customer Confidential Information.  Such notice will describe the remediation measures implemented by QuesTek to resolve the Data Security Breach, and identify a point of contact at QuesTek for any Customer inquiry regarding the Data Security Breach.  QuesTek will provide Customer with the name and contact information for its data protection officer, if QuesTek is required by Law(s) to have a data protection officer.  In no case shall QuesTek delay notification because of insufficient information. Instead, notifications shall be provided and supplemented as information becomes available to QuesTek.
         2. In the event of any Data Security Breach, QuesTek shall also: promptly investigate, and fully cooperate with Customer in connection with the investigation of, the Data Security Breach, understanding that time is of the essence; cooperate with Customer to the extent Customer determines it is necessary to conduct its own investigation; not make any public announcements or notifications to any Government Authority, potentially affected data subject or entity, or other third party without Customer’s prior written approval; cooperate fully with Customer regarding any such notification; take all necessary and appropriate corrective action.
   4. Prohibited Data. Customer acknowledges that the SaaS Services are not designed with security and access management for Processing the following categories of information: (a) Personal Information; (b) data that is classified and or used on the U.S. Munitions list, including software and technical data; (c) articles, services and related technical data designated as defense articles or defense services; and (d) ITAR (International Traffic in Arms Regulations) related data, (each of the foregoing, "Prohibited Data"). Customer shall not, and shall not permit any Authorized User or other Person to, provide any Prohibited Data to, or Process any Prohibited Data through, the SaaS Services, the QuesTek Systems or any QuesTek Personnel. Customer is solely responsible for reviewing all Customer Data and shall ensure that no Customer Data constitutes or contains any Prohibited Data.
   5. Customer Control and Responsibility. Customer has and will retain sole responsibility for: (a) all Customer Data, including its content and use; (b) all information, instructions and materials provided by or on behalf of Customer or any Authorized User in connection with the SaaS Services; (c) Customer Systems; (d) the security and use of Customer's and its Authorized Users' Access Credentials; and (e) all access to and use of the SaaS Services and QuesTek Materials directly or indirectly by or through the Customer Systems or its or its Authorized Users' Access Credentials, with or without Customer’s knowledge or consent, including all results obtained from, and all conclusions, decisions and actions based on, such access or use.
   6. Access and Security. Customer shall employ all physical, administrative and technical controls, screening and security procedures and other safeguards necessary to: (a) securely administer the distribution and use of all Access Credentials and protect against any unauthorized access to or use of the SaaS Services; and (b) control the content and use of Customer Data, including the uploading or other provision of Customer Data for Processing by the SaaS Services.
6. Intellectual Property Rights.
   1. Services and QuesTek Materials. All right, title and interest in and to the SaaS Services and QuesTek Materials, including all Intellectual Property Rights therein, are and will remain with QuesTek and the respective rights holders in the Third-Party Materials. Customer has no right, license or authorization with respect to any of the SaaS Services or QuesTek Materials (including Third-Party Materials) except as expressly set forth in Section 3.1 or the applicable third-party license, in each case subject to Section 3.3 All other rights in and to the SaaS Services and QuesTek Materials (including Third-Party Materials) are expressly reserved by QuesTek and the respective third-party licensors. In furtherance of the foregoing, Customer hereby unconditionally and irrevocably grants to QuesTek an assignment of all right, title and interest in and to the Resultant Data, including all Intellectual Property Rights relating thereto.
   2. Customer Data. As between Customer and QuesTek, Customer is and will remain the sole and exclusive owner of all right, title and interest in and to all Customer Data, including all Intellectual Property Rights relating thereto, subject to the rights and permissions granted in Section 8.3. 
   3. Consent to Use Customer Data. Customer hereby irrevocably grants all such rights and permissions in or relating to Customer Data: (a) to QuesTek, its Subcontractors and the QuesTek Personnel as are necessary or useful to perform the SaaS Services; and (b) to QuesTek as are necessary or useful to enforce this Agreement and exercise its rights and perform its duties hereunder.
7. Confidentiality.
   1. Confidential Information. In connection with this Agreement each party (as the "Disclosing Party") may disclose or make available Confidential Information to the other party (as the "Receiving Party"). Subject to Section 9.2, "Confidential Information" means information in any form or medium (whether oral, written, electronic or other) that the Disclosing Party considers confidential or proprietary, including information consisting of or relating to the Disclosing Party’s technology, trade secrets, know-how, business operations, plans, strategies, customers, and pricing, and information with respect to which the Disclosing Party has contractual or other confidentiality obligations, in each case whether or not marked, designated or otherwise identified as "confidential".  Without limiting the foregoing all QuesTek Materials are the Confidential Information of QuesTek. 
   2. Exclusions. Confidential Information does not include information that: (a) was rightfully known to the Receiving Party without restriction on use or disclosure prior to such information's being disclosed or made available to the Receiving Party in connection with this Agreement; (b) was or becomes generally known by the public other than by the Receiving Party's or any of its Representatives' noncompliance with this Agreement; (c) was or is received by the Receiving Party on a non-confidential basis from a third party that was not or is not, at the time of such receipt, under any obligation to maintain its confidentiality; or (d) was or is independently developed by the Receiving Party without reference to or use of any Confidential Information.
   3. Protection of Confidential Information. As a condition to being provided with any disclosure of or access to Confidential Information, the Receiving Party shall during the Term and for five (5) yeas thereafter: 
      1. not access or use Confidential Information other than as necessary to exercise its rights or perform its obligations under and in accordance with this Agreement; 
      2. except as may be permitted by and subject to its compliance with Section 9.4, not disclose or permit access to Confidential Information other than to its Representatives who: (i) need to know such Confidential Information for purposes of the Receiving Party's exercise of its rights or performance of its obligations under and in accordance with this Agreement; (ii) have been informed of the confidential nature of the Confidential Information and the Receiving Party's obligations under this Section 9.3; and (iii) are bound by confidentiality and restricted use obligations at least as protective of the Confidential Information as the terms set forth in this Section 9.3;
      3. safeguard the Confidential Information from unauthorized use, access or disclosure using at least the degree of care it uses to protect its similarly sensitive information and in no event less than a reasonable degree of care; and
      4. ensure its Representatives' compliance with, and be responsible and liable for any of its Representatives' non-compliance with, the terms of this Section 9.
   4. Compelled Disclosures. If the Receiving Party or any of its Representatives is compelled by applicable Law to disclose any Confidential Information then, to the extent permitted by applicable Law, the Receiving Party shall: (a) promptly, and prior to such disclosure, notify the Disclosing Party in writing of such requirement so that the Disclosing Party can seek a protective order or other remedy or waive its rights under Section 9.3; and (b) provide reasonable assistance to the Disclosing Party, at the Disclosing Party's sole cost and expense, in opposing such disclosure or seeking a protective order or other limitations on disclosure. If the Disclosing Party waives compliance or, after providing the notice and assistance required under this Section 9.4, the Receiving Party remains required by Law to disclose any Confidential Information, the Receiving Party shall disclose only that portion of the Confidential Information that, on the advice of the Receiving Party's legal counsel, the Receiving Party is legally required to disclose and, on the Disclosing Party's request, shall use commercially reasonable efforts to obtain assurances from the applicable court or other presiding authority that such Confidential Information will be afforded confidential treatment.
8. Term and Termination .
   1. Term. The Term (including the Initial Term and Renewal Terms) will be as set forth in the Order Form. 
   2. Termination. In addition to any other express termination right set forth elsewhere in this Agreement:
      1. QuesTek may terminate this Agreement, effective on written notice to Customer, if Customer: (i) fails to pay any amount when due hereunder, and such failure continues more than fifteen (15) days after QuesTek's delivery of written notice thereof; or (ii) breaches any of its obligations under Section 3.3 (Use Limitations and Restrictions), Section 7.5 (Prohibited Data) or Section 9 (Confidentiality).
      2. either party may terminate this Agreement, effective on written notice to the other party, if the other party materially breaches this Agreement, and such breach: (i) is incapable of cure; or (ii) being capable of cure, remains uncured thirty (30) days after the non-breaching party provides the breaching party with written notice of such breach; and
      3. either party may terminate this Agreement, effective immediately upon written notice to the other party, if the other party: (i) becomes insolvent or is generally unable to pay, or fails to pay, its debts as they become due; (ii) files or has filed against it, a petition for voluntary or involuntary bankruptcy or otherwise becomes subject, voluntarily or involuntarily, to any proceeding under any domestic or foreign bankruptcy or insolvency Law; (iii) makes or seeks to make a general assignment for the benefit of its creditors; or (iv) applies for or has appointed a receiver, trustee, custodian or similar agent appointed by order of any court of competent jurisdiction to take charge of or sell any material portion of its property or business.
   3. Effect of Expiration or Termination. Upon any expiration or termination of this Agreement, except as expressly otherwise provided in this Agreement:
      1. all rights, licenses, consents and authorizations granted by either party to the other hereunder will immediately terminate;
      2. QuesTek shall immediately cease all use of any Customer Data or Customer's Confidential Information and (i) within thirty (30) return to Customer, or at Customer's written request destroy, all documents and tangible materials containing, reflecting, incorporating or based on Customer Data or Customer's Confidential Information; and (ii) permanently erase all Customer Data and Customer's Confidential Information from all systems QuesTek directly or indirectly controls, provided that, for clarity, QuesTek's obligations under this Section 10.3(b) do not apply to any Resultant Data;
      3. Customer shall immediately cease all use of any SaaS Services or QuesTek Materials and (i) within thirty (30)  days return to QuesTek, or at QuesTek's written request destroy, all documents and tangible materials containing, reflecting, incorporating or based on any QuesTek Materials or QuesTek's Confidential Information; and (ii) permanently erase all QuesTek Materials and QuesTek's Confidential Information from all systems Customer directly or indirectly controls; and (iii) certify to QuesTek in a signed written instrument that it has complied with the requirements of this Section 10.3(c);
      4. notwithstanding anything to the contrary in this Agreement, with respect to information and materials then in its possession or control: (i) the Receiving Party may retain the Disclosing Party's Confidential Information (ii) QuesTek may retain Customer Data; and (iii) Customer may retain QuesTek Materials, in the case of each of subclause (i), (ii) and (iii) in its then current state and solely to the extent and for so long as required by applicable Law; (iv) QuesTek may also retain Customer Data in its backups, archives and disaster recovery systems until such Customer Data is deleted in the ordinary course; and (v) all information and materials described in this Section 10.3(d) will remain subject to all confidentiality, security and other applicable requirements of this Agreement;
      5. QuesTek may disable all Customer and Authorized User access to the SaaS Services and QuesTek Materials;
      6. if Customer terminates this Agreement pursuant to Section 10.2(b), Customer will be relieved of any obligation to pay any Fees attributable to the period after the effective date of such termination and QuesTek will: (i) refund to Customer Fees paid in advance for SaaS Services that QuesTek has not performed as of the effective date of termination; and (ii) pay to Customer any unpaid Service Credits to which Customer is entitled under the Service Level Agreement;
      7. if QuesTek terminates this Agreement pursuant to Section 10.2(a) or Section 10.2(b), all Fees that would have become payable had the Agreement remained in effect until expiration of the Term will become immediately due and payable, and Customer shall pay such Fees, together with all previously-accrued but not yet paid Fees, on receipt of QuesTek's invoice therefor.
      8. subject to Section 10.3(d), QuesTek shall, within thirty (30) days following such expiration or termination, deliver to Customer the then most recent version of Customer Data maintained by QuesTek, provided that Customer has at that time paid all Fees then outstanding and any amounts payable after or as a result of such expiration or termination, including  in transferring such Customer Data.
   4. Surviving Terms. The provisions set forth in the following sections, and any other right or obligation of the parties in this Agreement that, by its nature, should survive termination or expiration of this Agreement, will survive any expiration or termination of this Agreement: Section 3.3, Section 9, Section 10.3, this Section 10.4, Section 11, Section 12, Section 13 and Section 15.
9. Representations and Warranties.
   1. Mutual Representations and Warranties. Each party represents and warrants to the other party that: 
      1. it is duly organized, validly existing and in good standing as a corporation or other entity under the Laws of the jurisdiction of its incorporation or other organization;
      2. it has the full right, power and authority to enter into and perform its obligations and grant the rights, licenses, consents and authorizations it grants or is required to grant under this Agreement;
      3. the execution of this Agreement by its representative whose signature is set forth at the end of this Agreement has been duly authorized by all necessary corporate or organizational action of such party; and
      4. when executed and delivered by both parties, this Agreement will constitute the legal, valid and binding obligation of such party, enforceable against such party in accordance with its terms.
   2. Additional QuesTek Representations, Warranties and Covenants. QuesTek represents, warrants and covenants to Customer that QuesTek will perform the SaaS Services using personnel of required skill, experience and qualifications and in a professional and workmanlike manner in accordance with generally recognized industry standards for similar services and will devote adequate resources to meet its obligations under this Agreement.
   3. Additional Customer Representations, Warranties and Covenants. Customer represents, warrants and covenants to QuesTek that Customer owns or otherwise has and will have the necessary rights and consents in and relating to the Customer Data so that, as received by QuesTek and Processed in accordance with this Agreement, they do not and will not infringe, misappropriate or otherwise violate any Intellectual Property Rights of any third party or violate any applicable Law.
   4. DISCLAIMER OF WARRANTIES. EXCEPT FOR THE EXPRESS WARRANTIES SET FORTH IN SECTION 11.1, SECTION 11.2 AND SECTION 11.3, ALL SAAS SERVICES AND QUESTEK MATERIALS ARE PROVIDED "AS IS" AND QUESTEK HEREBY DISCLAIMS ALL WARRANTIES, WHETHER EXPRESS, IMPLIED, STATUTORY OR OTHER, AND QUESTEK SPECIFICALLY DISCLAIMS ALL IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT, AND ALL WARRANTIES ARISING FROM COURSE OF DEALING, USAGE OR TRADE PRACTICE. WITHOUT LIMITING THE FOREGOING, QUESTEK MAKES NO WARRANTY OF ANY KIND THAT THE SAAS SERVICES OR QUESTEK MATERIALS, OR ANY PRODUCTS OR RESULTS OF THE USE THEREOF, WILL MEET CUSTOMER'S OR ANY OTHER PERSON'S REQUIREMENTS, OPERATE WITHOUT INTERRUPTION, ACHIEVE ANY INTENDED RESULT, BE COMPATIBLE OR WORK WITH ANY SOFTWARE, SYSTEM OR OTHER SERVICES, OR BE SECURE, ACCURATE, COMPLETE, FREE OF HARMFUL CODE OR ERROR FREE. ALL THIRD-PARTY MATERIALS ARE PROVIDED "AS IS" AND ANY REPRESENTATION OR WARRANTY OF OR CONCERNING ANY THIRD PARTY MATERIALS IS STRICTLY BETWEEN CUSTOMER AND THE THIRD-PARTY OWNER OR DISTRIBUTOR OF THE THIRD-PARTY MATERIALS.
10. Indemnification.
    1. QuesTek Indemnification. QuesTek shall indemnify, defend and hold harmless Customer and Customer's officers, directors, employees, agents, successors and assigns (each, a "Customer Indemnitee") from and against any and all Losses incurred by such Customer Indemnitee arising out of or relating to any claim, suit, action or proceeding (each, an "Action") by a third party (other than an Affiliate of a Customer Indemnitee) to the extent that such Losses arise from any allegation in such Action that Customer's or an Authorized User's use of the SaaS Services (excluding Customer Data and Third Party Materials) in compliance with this Agreement infringes a Intellectual Property Right. The foregoing obligation does not apply to any Action or Losses arising out of or relating to any: 
       1. access to or use of the SaaS Services or QuesTek Materials in combination with any hardware, system, software, network or other materials or service not provided or authorized in writing by QuesTek;
       2. modification of the SaaS Services or QuesTek Materials other than: (i) by or on behalf of QuesTek; or (ii) with QuesTek's written approval in accordance with QuesTek's written specification;
       3. failure to timely implement any modifications, upgrades, replacements or enhancements made available to Customer by or on behalf of QuesTek; or
       4. act, omission or other matter described in Section 12.2(a), Section 12.2(b), Section 12.2(c) or Section 12.2(d), whether or not the same results in any Action against or Losses by any QuesTek Indemnitee.
    2. Customer Indemnification. Customer shall indemnify, defend and hold harmless QuesTek and its Subcontractors and Affiliates, and each of its and their respective officers, directors, employees, agents, successors and assigns (each, a "QuesTek Indemnitee") from and against any and all Losses incurred by such QuesTek Indemnitee in connection with any Action by a third party (other than an Affiliate of a QuesTek Indemnitee) to the extent that such Losses arise from any: 
       1. Customer Data, including any Processing of Customer Data by or on behalf of QuesTek in accordance with this Agreement;
       2. any other materials or information (including any documents, data, specifications, software, content or technology) provided by or on behalf of Customer or any Authorized User, including QuesTek's compliance with any specifications or directions provided by or on behalf of Customer or any Authorized User to the extent prepared without any contribution by QuesTek; 
       3. allegation of facts that, if true, would constitute Customer's breach of any of its representations, warranties, covenants or obligations under this Agreement; or
       4. negligence or more culpable act or omission (including recklessness or willful misconduct) by Customer or any Authorized User, or any third party on behalf of Customer or any Authorized User, in connection with this Agreement. 
    3. Indemnification Procedure. Each party shall promptly notify the other party in writing of any Action for which such party believes it is entitled to be indemnified pursuant to Section 12.1 or Section 12.2, as the case may be. The party seeking indemnification (the "Indemnitee") shall cooperate with the other party (the "Indemnitor") at the Indemnitor's sole cost and expense. The Indemnitor shall immediately take control of the defense and investigation of such Action and shall employ counsel reasonably acceptable to the Indemnitee to handle and defend the same, at the Indemnitor's sole cost and expense. The Indemnitee's failure to perform any obligations under this Section 12.3 will not relieve the Indemnitor of its obligations under this Section 12 except to the extent that the Indemnitor can demonstrate that it has been materially prejudiced as a result of such failure. The Indemnitee may participate in and observe the proceedings at its own cost and expense with counsel of its own choosing.
    4. Mitigation. If any of the SaaS Services or QuesTek Materials are, or in QuesTek's opinion are likely to be, claimed to infringe, misappropriate or otherwise violate any third-party Intellectual Property Right, or if Customer's or any Authorized User's use of the SaaS Services or QuesTek Materials is enjoined or threatened to be enjoined, QuesTek may, at its option and sole cost and expense: 
       1. obtain the right for Customer to continue to use the SaaS Services and QuesTek Materials materially as contemplated by this Agreement; 
       2. modify or replace the SaaS Services and QuesTek Materials, in whole or in part, to seek to make the SaaS Services and QuesTek Materials (as so modified or replaced) non-infringing, while providing materially equivalent features and functionality, in which case such modifications or replacements will constitute SaaS Services and QuesTek Materials, as applicable, under this Agreement; or 
       3. by written notice to Customer, terminate this Agreement with respect to all or part of the SaaS Services and QuesTek Materials, and require Customer to immediately cease any use of the SaaS Services and QuesTek Materials or any specified part or feature thereof, provided that, subject to Customer's compliance with its post-termination obligations set forth in Section 10.3, QuesTek will: (i) refund to Customer Fees paid in advance for SaaS Services that QuesTek has not performed as of the effective date of termination; and (ii) pay to Customer any unpaid Service Credits to which Customer is entitled under the Service Level Agreement.

THIS SECTION 12 SETS FORTH CUSTOMER'S SOLE REMEDIES AND PROVIDER'S SOLE LIABILITY AND OBLIGATION FOR ANY ACTUAL, THREATENED OR ALLEGED CLAIMS THAT THIS AGREEMENT OR ANY SUBJECT MATTER HEREOF (INCLUDING THE SAAS SERVICES AND QUESTEK MATERIALS) INFRINGES, MISAPPROPRIATES OR OTHERWISE VIOLATES ANY THIRD PARTY INTELLECTUAL PROPERTY RIGHT. 

1. Limitations of Liability.
   1. EXCLUSION OF DAMAGES. EXCEPT AS OTHERWISE PROVIDED IN SECTION 13.3, IN NO EVENT WILL QUESTEK OR ANY OF ITS LICENSORS, SERVICE PROVIDERS OR SUPPLIERS BE LIABLE UNDER OR IN CONNECTION WITH THIS AGREEMENT OR ITS SUBJECT MATTER UNDER ANY LEGAL OR EQUITABLE THEORY, INCLUDING BREACH OF CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY AND OTHERWISE, FOR ANY: (a) LOSS OF PRODUCTION, USE, BUSINESS, REVENUE OR PROFIT OR DIMINUTION IN VALUE; (b) IMPAIRMENT, INABILITY TO USE OR LOSS, INTERRUPTION OR DELAY OF THE SAAS SERVICES, OTHER THAN FOR THE ISSUANCE OF ANY APPLICABLE SERVICE CREDITS, (c) LOSS, DAMAGE, CORRUPTION OR RECOVERY OF DATA, OR BREACH OF DATA OR SYSTEM SECURITY, OR (d) CONSEQUENTIAL, INCIDENTAL, INDIRECT, EXEMPLARY, SPECIAL, ENHANCED OR PUNITIVE DAMAGES, REGARDLESS OF WHETHER SUCH PERSONS WERE ADVISED OF THE POSSIBILITY OF SUCH LOSSES OR DAMAGES OR SUCH LOSSES OR DAMAGES WERE OTHERWISE FORESEEABLE, AND NOTWITHSTANDING THE FAILURE OF ANY AGREED OR OTHER REMEDY OF ITS ESSENTIAL PURPOSE.
   2. CAP ON MONETARY LIABILITY. EXCEPT AS OTHERWISE PROVIDED IN SECTION 13.3, IN NO EVENT WILL THE COLLECTIVE AGGREGATE LIABILITY OF QUESTEK AND ITS LICENSORS, SERVICE PROVIDERS AND SUPPLIERS UNDER OR IN CONNECTION WITH THIS AGREEMENT OR ITS SUBJECT MATTER, UNDER ANY LEGAL OR EQUITABLE THEORY, INCLUDING BREACH OF CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY AND OTHERWISE, EXCEED THE FEES RECEIVED BY QUESTEK FROM CUSTOMER IN THE TWELVE (12) MONTHS PRECEDING THE CAUSE OF LIABILITY. THE FOREGOING LIMITATION APPLIES NOTWITHSTANDING THE FAILURE OF ANY AGREED OR OTHER REMEDY OF ITS ESSENTIAL PURPOSE. 
   3. Exceptions. The exclusions and limitations in Section 13.1 and Section 13.2 do not apply to QuesTek's obligations under Section 12 (Indemnification) or liability for QuesTek's gross negligence or willful misconduct.
2. Force Majeure.
   1. No Breach or Default. In no event will either party be liable or responsible to the other party, or be deemed to have defaulted under or breached this   Agreement, for any failure or delay in fulfilling or performing any term of this Agreement, (except for any payment obligation), when and to the extent such failure or delay is caused by any circumstances beyond such party's reasonable control (a "Force Majeure Event"), including acts of God, flood, fire, earthquake or explosion, war, terrorism, invasion, riot or other civil unrest, pandemics, epidemics, embargoes or blockades in effect on or after the date of this Agreement, national or regional emergency, strikes, labor stoppages or slowdowns or other industrial disturbances, passage of Law or any action taken by a governmental or public authority, including imposing an embargo, export or import restriction, quota or other restriction or prohibition or any complete or partial government shutdown, or national or regional shortage of adequate power or telecommunications or transportation. Either party may terminate this Agreement if a Force Majeure Event affecting the other party continues substantially uninterrupted for a period of thirty (30) days or more.
   2. Affected Party Obligations. In the event of any failure or delay caused by a Force Majeure Event, the affected party shall give prompt written notice to the other party stating the period of time the occurrence is expected to continue and use commercially reasonable efforts to end the failure or delay and minimize the effects of such Force Majeure Event.
3. Miscellaneous.
   1. Further Assurances. Upon a party's reasonable request, the other party shall, at the requesting party's sole cost and expense, execute and deliver all such documents and instruments, and take all such further actions, necessary to give full effect to this Agreement.
   2. Relationship of the Parties. The relationship between the parties is that of independent contractors. Nothing contained in this Agreement shall be construed as creating any agency, partnership, joint venture or other form of joint enterprise, employment or fiduciary relationship between the parties, and neither party shall have authority to contract for or bind the other party in any manner whatsoever.
   3. Public Announcements. QuesTek may include Customer’s name and logo in its customer lists and on its website and its promotional and marketing materials. Upon signing, QuesTek may issue a high-level press release announcing the relationship and the manner in which Customer will use the QuesTek Services. QuesTek shall coordinate its efforts with appropriate communications personnel in Customer’s organization to secure approval of the press release if necessary.
   4. Interpretation. For purposes of this Agreement: (a) the words "include," "includes" and "including" are deemed to be followed by the words "without limitation"; (b) the word "or" is not exclusive; (c) the words "herein," "hereof," "hereby," "hereto" and "hereunder" refer to this Agreement as a whole; (d) words denoting the singular have a comparable meaning when used in the plural, and vice-versa; and (e) words denoting any gender include all genders. Unless the context otherwise requires, references in this Agreement: (x) to sections, exhibits, schedules, attachments and appendices mean the sections of, and exhibits, schedules, attachments and appendices attached to, this Agreement; (y) to an agreement, instrument or other document means such agreement, instrument or other document as amended, supplemented and modified from time to time to the extent permitted by the provisions thereof; and (z) to a statute means such statute as amended from time to time and includes any successor legis