TERMS OF SERVICE (SAAS)

CYBERARK SOFTWARE LTD. AND/OR ITS AFFILIATES (“CYBERARK”) IS WILLING TO GRANT ACCESS TO THE SAAS PRODUCTS TO YOU AS THE COMPANY OR THE LEGAL ENTITY THAT WILL BE UTILIZING THE SAAS PRODUCTS (REFERENCED BELOW AS “CUSTOMER”) ON THE CONDITION THAT YOU ACCEPT ALL OF THE TERMS OF THIS AGREEMENT (AS DEFINED BELOW). BY ENTERING INTO THIS AGREEMENT ON BEHALF OF AN ENTITY OR ORGANIZATION, YOU REPRESENT THAT YOU HAVE THE LEGAL AUTHORITY TO BIND THAT ENTITY OR ORGANIZATION TO THIS AGREEMENT. CUSTOMER AND CYBERARK MAY EACH ALSO BE REFERRED TO AS A “PARTY” AND TOGETHER, THE “PARTIES”.

PLEASE READ THIS AGREEMENT CAREFULLY BEFORE USING THE SAAS PRODUCTS. THIS SAAS TERMS OF SERVICE (“AGREEMENT”) CONSTITUTES A LEGAL AND ENFORCEABLE CONTRACT BETWEEN CUSTOMER AND CYBERARK. BY INDICATING CONSENT ELECTRONICALLY, OR ACCESSING OR OTHERWISE USING THE SAAS PRODUCTS, CUSTOMER AGREES TO THE TERMS AND CONDITIONS OF THIS AGREEMENT. IF CUSTOMER DOES NOT AGREE TO THIS AGREEMENT, DO NOT INDICATE CONSENT ELECTRONICALLY AND MAKE NO FURTHER USE OF THE SAAS PRODUCTS.

1.  Access and Use

1.1. Access and Use. Subject to payment of all applicable fees set forth in the Order or payment in accordance with an Indirect Order through CyberArk’s Authorized Channel Partners (as appropriate) and the terms and conditions of this Agreement, CyberArk grants Customer, during the Subscription Term, a non-exclusive, non-transferable right to access and use (and permit Authorized Users to access and use) the SaaS Products and applicable Documentation solely for Customer’s and its Affiliates’ internal business purposes in accordance with the Documentation and in the quantity specified in the applicable Order. Customer will operate the SaaS Products in accordance with the Documentation and be responsible for the acts and omissions of its Authorized Users.

1.2. Access and Use Restrictions. Customer shall not (directly or indirectly): (i) remove any notice of proprietary rights from the SaaS Products; (ii) modify or reverse engineer any part of the SaaS Products; (iii) except to the limited extent applicable laws specifically prohibit such restriction, decompile, attempt to derive the source code or underlying ideas or algorithms of any part of the SaaS Products, attempt to recreate the SaaS Products or use the SaaS Products for any competitive purpose; (iv) copy, modify, translate or otherwise create derivative works of any part of the SaaS Products; (v) sell, resell, encumber, rent, lease, time-share, distribute, transfer or otherwise use or exploit or make available any of the SaaS Products to or for the benefit of any third party; (vi) use the SaaS Products to infringe on the Intellectual Property rights, publicity rights, or privacy rights of any third party, or to store defamatory, trade libelous, or otherwise unlawful data; or (vii) send, store or process in the SaaS Products any personal health data, credit card data, personal financial data or other such sensitive data which may be, without limitation, subject to the Health Insurance Portability and Accountability Act, Gramm-Leach-Bliley Act, or the Payment Card Industry Data Security Standards, or any data that is subject to the International Traffic in Arms Regulations maintained by the United States Department of State. Customer’s authorized use of the SaaS Products is subject to the purchased quantities and features set forth in the applicable Order for the SaaS Products. Fees for the SaaS Products are based on use of the SaaS Products in a manner consistent with the Documentation. If Customer’s usage is in a manner outside of the Documentation, then Customer will cooperate with CyberArk to address any applicable burden on the SaaS Products or pay an additional mutually agreed upon fee.

1.3. Login Access to the SaaS Products. Customer is solely responsible for ensuring: (i) that only appropriate Authorized Users have access to the SaaS Products, (ii) that such Authorized Users have been trained in proper use of the SaaS Products, and (iii) proper usage of passwords, tokens and access procedures with respect to logging into the SaaS Products. CyberArk reserves the right to refuse registration of, or to cancel, login IDs that it reasonably believes to violate the terms and conditions set forth in this Agreement, in which case CyberArk will promptly inform Customer in writing of such refusal or cancellation.

1.4. Trial Services. If Customer is using a free trial, a proof of concept version of the SaaS Products, a beta version of the SaaS Products, or using the SaaS Products on any other free-of-charge basis as specified in an Order including any related support services to the extent provided by CyberArk in its sole discretion (collectively, “Trial Services”), CyberArk makes such Trial Services available to Customer until the earlier of (i) the end of the free trial or proof of concept period or beta testing period as communicated by CyberArk or specified in an Order, (ii) the start date of any purchased version of such SaaS Products, or (iii) written notice of termination from CyberArk (“Trial Services Period”). CyberArk grants Customer, during the Trial Services Period, a non-exclusive, non-transferable right to access and use the Trial Services for Customer’s internal evaluation purposes in accordance with the Documentation and subject to the access and use restrictions set forth in this Agreement. Customer is authorized to use Trial Services only for evaluation and not for any business or productive purposes, unless otherwise authorized by CyberArk in writing. Any data Customer enters into the Trial Services and any configurations made to the Trial Services by or for Customer during the term of such Trial Services will be permanently lost unless Customer (a) has purchased a subscription to the same SaaS Products as covered by the Trial Services or (b) exports such data or configurations before the end of such free period. There is no guarantee that features or functions of the Trial Services will be available, or if available will be the same, in the general release version of the SaaS Products, and Customer should review the SaaS Products features and functions before making a purchase. CyberArk will be under no obligation to provide Customer any maintenance or support services with respect to the Trial Services. Notwithstanding anything to the contrary, CyberArk provides the Trial Services “as is” and “as available” without any warranties or representations of any kind. To the extent permitted by law, CyberArk disclaims all implied warranties and representations, including, without limitation, any implied warranty of merchantability, fitness for a particular purpose and non-infringement. Customer assumes all risks and all costs associated with its use of the Trial Services. Customer’s sole and exclusive remedy in case of any dissatisfaction or CyberArk’s breach of the Agreement with respect to such Trial Services is termination of the Trial Services. Any obligations on behalf of CyberArk to indemnify, defend, or hold harmless under this Agreement are not applicable to Customers using Trial Services.

1.5. Third Party Materials. The SaaS Products include open source software programs that are made available by third parties under their respective open source licenses as indicated in the Documentation (“Third Party Materials” and “OSS Licenses”, respectively). CyberArk warrants that such Third Party Materials will not diminish the rights provided to Customer herein, or limit Customer’s ability to use the SaaS Products in accordance with the Documentation, or create any obligation on the part of Customer to license Customer’s software or products under any open source or similar license. Nothing herein shall derogate from mandatory rights Customer may have under any OSS Licenses, if any.

1.6.  Support. As part of its provision of the SaaS Products, CyberArk shall make available technical support to Customer in accordance with CyberArk’s then applicable SaaS support terms. Upon notification from CyberArk, Customer shall promptly update any locally-installed software agents on Customer systems that interact with the SaaS Products. Customer acknowledges and agrees that its failure to timely install such an update may result in disruptions to or failures of the SaaS Products, or suspension of Customer’s access to the SaaS Products, without any liability on the part of CyberArk to Customer.

1.7.  Mobile Applications. With regard to SaaS Products that require the use of mobile applications by an Authorized User, Customer shall ensure that all Authorized Users promptly download and install all available updates for the mobile applications. Customer further acknowledges and agrees that the SaaS Products may not properly operate should any Authorized User fail to do so.

2. Payment and Taxes

2.1. Payment Terms. Customer shall pay all invoices within thirty (30) days of date of invoice, without any deduction or set-off (except for any amount disputed promptly and in writing by Customer in good faith), and payment will be sent to the address specified by CyberArk. Any amounts arising in relation to this Agreement not paid when due will be subject to a late charge of one and one-half percent (1 1/2 %) per month on the unpaid balance or the maximum rate allowed by law, whichever is less. Without prejudice to Customer’s rights set out elsewhere in this Agreement, all SaaS Products fees are non-refundable and payable in advance. CyberArk may invoice for purchases of SaaS Products upon delivery.

2.2. Taxes. The fees and charges covered by this Agreement are exclusive of any excise, sales, use, gross-turnover, value added, goods and services tax or other similar types of indirect taxes, duties or tariffs (however designated, levied or based and whether foreign or domestic) (“Indirect Taxes”) imposed or levied, currently or in the future based on applicable legislation, on the SaaS Products provided under this Agreement. Unless otherwise agreed between the Parties, Customer will be liable for compliance with and payment of such Indirect Taxes. CyberArk shall include the Indirect Taxes on its invoice to Customer and remit such Indirect Taxes to the relevant authority if required by applicable law. For the avoidance of doubt, CyberArk will be responsible for direct taxes imposed on CyberArk’s net income or gross receipts.

2.3. Indirect Orders. If Customer places an order for the SaaS Products from CyberArk’s Authorized Channel Partner of Customer’s choosing pursuant to an independent commercial agreement (“Indirect Order”), then CyberArk grants the rights described in this Agreement in consideration for and subject to (a) Customer’s agreement to comply with the pricing and payment terms of the Indirect Order, to be separately agreed between Customer and CyberArk’s Authorized Channel Partner, and (b) Customer’s agreement to comply with its obligations set forth in this Agreement (including the restrictions on use of the SaaS Products). Notwithstanding the foregoing, the final sales price or rate shall be freely and independently determined between that channel partner and Customer. For the avoidance of doubt, in the case of such an Indirect Order, any indication in this Agreement of an agreement between Customer and CyberArk for the price payable by Customer for such Indirect Order shall be null and void and not form a binding part of this Agreement and the provisions of this Agreement related to payment terms, pricing, and/or order procedures shall not apply.

3. Rights in Intellectual Property

3.1. Intellectual Property. Except for the rights granted in this Agreement, all rights, title, and interest in and to the SaaS Products, Documentation, and CyberArk Intellectual Property are hereby reserved by CyberArk, its Affiliates or licensors. Except as provided for herein, all rights, title, and interest in and to Customer Intellectual Property are hereby reserved by Customer, its Affiliates or licensors. Nothing in this Agreement shall (a) transfer ownership of any Intellectual Property rights from one Party to the other, or (b) provide either Party a right to use the other Party’s trade names, logos, or trademarks.

3.2. Customer Data. Customer owns all right, title and interest in all Customer Data. Nothing in this Agreement shall be construed to grant CyberArk any rights in Customer Data beyond those expressly provided herein. Customer grants CyberArk and its Affiliates the limited, non-exclusive right to view and use the Customer Data solely for the purpose of providing and improving the SaaS Products.

3.3. Usage Data and Suggestions. Customer hereby unconditionally grants to CyberArk and its Affiliates a non-exclusive, irrevocable, perpetual, world-wide, paid-up, royalty-free license to use the Usage Data, including all Intellectual Property rights relating thereto. All Usage Data will be in aggregate form only and will not identify Customer or its Authorized Users. To the extent that Customer provides CyberArk with Suggestions, such Suggestions shall be free from any confidentiality restrictions that might otherwise be imposed upon CyberArk pursuant to this Agreement, and may be implemented by CyberArk in its sole discretion. Customer acknowledges that any CyberArk products or materials incorporating any such Suggestions shall be the sole and exclusive property of CyberArk.

4. Confidentiality

4.1.  Confidential Information. The Parties acknowledge that each may disclose certain valuable confidential and proprietary information to the other. “Confidential Information” means all information provided by the disclosing Party to the receiving Party concerning the disclosing Party or its Affiliates’ business, products or services that is not generally known to the public, including information relating to customers, vendors, trade secrets, prices, products, services, computer programs and other Intellectual Property, and any other information which a Party should reasonably understand to be considered Confidential Information whether or not such information is marked “Confidential” or contains such similar legend by the disclosing Party at the time of disclosure. The receiving Party may only use the disclosing Party’s Confidential Information to fulfil the purposes of this Agreement. The receiving Party will protect the disclosing Party’s Confidential Information by using at least the same degree of care as the receiving Party uses to protect its own Confidential Information of a like nature (but no less than a reasonable degree of care) to prevent the unauthorized use, dissemination, disclosure or publication of such Confidential Information. Notwithstanding the foregoing, the receiving Party may disclose Confidential Information to its (and its Affiliates) employees, advisors, consultants, and agents on a need-to-know basis and provided that such party is bound by obligations of confidentiality substantially similar to those contained herein. This Section 4 supersedes any and all prior or contemporaneous understandings and agreements, whether written or oral, between the Parties with respect to Confidential Information and is a complete and exclusive statement thereof. Additionally, the obligations set forth in Section 5.3 and not Section 4 herein apply to Customer Data.

4.2.  Exceptions. Information will not be deemed Confidential Information if it (i) is known to the receiving Party prior to receipt from the disclosing Party directly or indirectly from a source other than one having an obligation of confidentiality to the disclosing Party, (ii) becomes known (independently of disclosure by the disclosing Party) to the receiving Party directly or indirectly from a source other than one having an obligation of confidentiality to the disclosing Party, (iii) becomes publicly known or otherwise ceases to be secret or confidential, except through a breach of this Agreement by the receiving Party, or (iv) is independently developed by the receiving Party without use of or reliance upon the disclosing Party’s Confidential Information, and the receiving Party can provide documentary evidence to that effect. The receiving Party may disclose Confidential Information pursuant to the requirements of a court, governmental agency or by operation of law but shall (to the extent permissible by law) limit such disclosure to only the information requested and give the disclosing Party prior written notice sufficient to permit the disclosing Party to contest such disclosure.

4.3. Advertising and Publicity. Neither Party shall make or permit to be made any public announcement concerning the relationship between the Parties without the prior written consent of the other Party.

5. Security and Processing of Personal Data

5.1. Customer Data Content. As between CyberArk and Customer, Customer is solely responsible for (i) the content, quality and accuracy of Customer Data as made available by Customer and by Authorized Users, (ii) providing notice to Authorized Users with regards to how Customer Data will be collected and used for the purpose of the SaaS Products (including, for certain SaaS Products, with regard to biometric data), (iii) ensuring Customer has a valid legal basis for processing Customer Data and for sharing Customer Data with CyberArk (to the extent applicable), and (iv) ensuring that the Customer Data as made available by Customer complies with applicable laws and regulations including (where applicable) the EU General Data Protection Regulation (2016/679) (“GDPR”), any applicable laws of EU member states implementing the GDPR (including the UK Data Protection Act 2018), and the California Consumer Privacy Act, in each case as amended, consolidated, re-enacted or replaced from time to time and only if and insofar as they apply (collectively, “Applicable Data Protection Laws”).

5.2. Data Protection Laws. The Parties shall comply with their respective obligations under the Applicable Data Protection Laws. In particular, if Customer is established in the European Economic Area (“EEA”), in the United Kingdom (“UK”) or in California, or will, in connection with the SaaS Products, provide CyberArk with personal data relating to an individual located within the EEA, the UK or California, the Parties shall comply with the Data Processing Addendum found at https://www.cyberark.com/CyberArk-Data-Processing-Addendum.pdf which in such case is hereby incorporated into this Agreement.

5.3. Security of Customer Data. CyberArk shall (i) ensure that is has in place appropriate administrative, physical and technical measures designed to protect the security and confidentiality of Customer Data against any accidental or illicit destruction, alteration or unauthorized access or disclosure to third parties; (ii) have measures in place designed to protect the security and confidentiality of Customer Data; and (iii) access and use the Customer Data solely to perform its obligations in accordance with the terms of this Agreement, and as otherwise expressly permitted in this Agreement. CyberArk shall not materially diminish its security controls with respect to Customer Data during a particular SaaS Products term.

6. Warranties

6.1. SaaS Products Warranty. During the applicable Subscription Term, CyberArk warrants that the SaaS Products will perform in substantial conformity with the Documentation, and that the SaaS Products are not designed to contain viruses, worms, Trojan horses or other unintended malicious or destructive code, ]. The foregoing warranties are void if the failure of the SaaS Products has resulted from negligence, error, or misuse of the SaaS Products by Customer, the Authorized User or by anyone other than CyberArk. Customer shall be required to report any breach of warranty to CyberArk within a period of thirty (30) days of the date on which the incident giving rise to the claim occurred. CyberArk’s sole and exclusive liability, and Customer’s sole and exclusive remedy, for breach of these warranties will be for CyberArk, at its expense, to use reasonable commercial efforts to correct such nonconformity within thirty (30) days of the date that notice of the breach was provided; and, if CyberArk fails to correct the breach within such cure period, Customer may terminate the affected Order and, in such event, CyberArk shall provide Customer with a pro-rata refund of any unused pre-paid fees paid for the period following termination as calculated on a monthly basis for the affected SaaS Products.

6.2. Compliance with Law. Each Party shall comply with all applicable, laws and regulations in connection with the performance of its obligations and the exercise of its rights under this Agreement.

6.3. Disclaimer. Any and all warranties, expressed, incorporated or implied, are limited to the extent and period mentioned above. To the maximum extent allowed by applicable law, CyberArk disclaims all other warranties, conditions and other terms, whether implied or incorporated into this Agreement by statute, common law or otherwise, including the implied conditions and warranties of merchantability and fitness for a particular purpose. CyberArk will have no liability for delays, failures or losses attributable or related in any way to the use or implementation of third-party software or services not provided by CyberArk.

7. Indemnification

7.1. Infringement Indemnity. CyberArk shall defend and indemnify Customer and/or its Affiliates or their officers, directors and employees against all third-party claims, suits and proceedings resulting from the violation, misappropriation, or infringement of such third party’s patent, copyright, trademark or trade secret caused by Customer’s use of the SaaS Products in accordance with this Agreement and Documentation, and all directly related losses, liabilities, damages, costs and expenses (including reasonable attorneys’ fees).

7.2. Customer Data and Use Indemnity. Customer shall defend and indemnify CyberArk and/or its Affiliates or their officers, directors and employees against any third-party claims, suits and proceedings resulting from an alleged infringement or violation by the Customer Data of such third party’s patent, copyright, trademark, trade secret, or CyberArk’s use of the Customer Data in accordance with the terms of this Agreement and (where applicable) with the terms of the DPA, and all directly related losses, liabilities, damages, costs and expenses (including reasonable attorneys’ fees).

7.3. Process. Each Party’s defense and indemnification obligations herein will become effective upon, and are subject to, (a) the indemnified Party’s prompt notification to the indemnifying Party of any claims in writing, and (b) the indemnified Party providing the indemnifying Party with full and complete control, authority and information for the defense of the claim, provided that the indemnifying Party will have no authority to enter into any settlement or admission of the indemnified Party’s wrongdoing on behalf of the indemnified Party without the indemnified Party’s prior written consent (not to be unreasonably withheld). At the indemnifying Party’s request, the indemnified Party shall reasonably cooperate with the indemnifying Party in defending or settling any Claim.

7.4. Exclusions. The above CyberArk obligations to defend and indemnify will not apply in the event that a claim arises from or relates to (a) use of the SaaS Products not in accordance with the Documentation and this Agreement (b) Customer’s use of the SaaS Products in violation of Applicable Data Protection Laws; (c) any modification, alteration or conversion of the SaaS Products not created or approved in writing by CyberArk, (d) any combination or use of the SaaS Products with any computer, hardware, software, data or service not required by the Documentation, (e) CyberArk’s compliance with specifications, requirements or requests of Customer, or (f) Customer’s gross negligence or willful misconduct.

7.5. Remedies. If the SaaS Products becomes, or CyberArk reasonably determines that the SaaS Products is likely to become, subject to a claim of infringement for which CyberArk must indemnify Customer as described above, CyberArk may at its option and expense: (a) procure for Customer the right to continue to access and use the SaaS Products, (b) replace or modify the SaaS Products so that it becomes non-infringing without causing a material adverse effect on the functionality provided by the infringing SaaS Products, or (c) if neither of the foregoing options are available in a timely manner on commercially reasonable terms, terminate the affected Order and provide Customer with a pro-rata refund of any unused pre-paid fees paid for the period following termination as calculated on a monthly basis for the affected SaaS Product. This Section states the sole liability of CyberArk and the exclusive remedy of Customer with respect to any claims arising out of or related to Section 7.1 of this Agreement.

8. Limitation of Liability

8.1. Maximum Liability. Except for liability caused by CyberArk’s intellectual property infringement indemnification obligations in Section 7.1, Customer’s data infringement indemnity in Section 7.2, and Customer’s payment obligations herein, in no event will either Party’s maximum aggregate liability arising out of or related to this Agreement, regardless of the cause of action and whether in contract, tort (including negligence), warranty, indemnity or any other legal theory, exceed the total amount paid or payable to CyberArk under this Agreement during the twelve (12) month period preceding the date of initial claim.

8.2. No Consequential Damages. Neither Party will have any liability to the other Party for any loss of profits or revenues, loss of goodwill, or for any indirect, special, incidental, consequential or punitive damages arising out of, or in connection with this Agreement, however caused, whether in contract, tort (including negligence), warranty, indemnity or any other legal theory, and whether or not the Party has been advised of the possibility of such damages.

8.3. Construction. This Agreement is not intended to and will not be construed as excluding or limiting any liability which cannot be limited or excluded by applicable law, including liability for (a) death or bodily injury caused by a Party’s negligence, or (b) gross negligence, willful misconduct, or fraud.

9. Assignment. Neither Party may assign any of its rights or obligations under this Agreement without the other Party’s prior written consent, which will not be unreasonably withheld. Notwithstanding the foregoing, either Party may assign any and all of its rights and obligations under this Agreement to a successor in interest in the event of a merger or acquisition or to an Affiliate, upon written notice to the other Party.

10. Restricted Rights and Export Control

10.1. Commercial Computer Software. If Customer is an agency or contractor of the United States Government, Customer acknowledges and agrees that (i) the SaaS Products (including any software forming a part thereof) were developed entirely at private expense, (ii) the SaaS Products (including any software forming a part thereof) in all respects constitute proprietary data belonging solely to CyberArk, (iii) the SaaS Products (including any software forming a part thereof) are not in the public domain, and (iv) the software forming a part of the SaaS Products is “Commercial Computer Software” as defined in sub-paragraph (a)(1) of DFAR Section 252.227-7014 or FAR Part 12.212.
10.2. Export Control. The exportation of the SaaS Products and Documentation, and all related technology and information thereof are subject to U.S. laws and regulations pertaining to export controls and trade and economic sanctions, including the U.S. Export Administration Act, Export Administration Regulations, the Export Control Reform Act, and the Office of Foreign Assets Control’s sanctions programs, the laws of the State of Israel, and the laws of any country or organization of nations within whose jurisdiction Customer (or its Authorized Users who may use or otherwise receive the SaaS Products as expressly authorized by this Agreement) operates or does business, as amended, and the rules and regulations promulgated from time to time thereunder. Specifically, Customer hereby undertakes not to export, re-export or grant access to the SaaS Products and all related technology, information, materials and any upgrades thereto to: (a) anyone on the U.S. Commerce Department’s Denied Persons, Entity, or Unverified Lists or the U.S. Treasury Department’s list of Specially Designated Nationals and Consolidated Sanctions list (collectively, “Prohibited Persons”); (b) any country to which such export, re-export or grant of access is restricted or prohibited per the foregoing applicable laws; or (c) otherwise in violation of any applicable export or import restrictions, laws or regulations. Customer also certifies that it is not a Prohibited Person nor owned, controlled by, or acting on behalf of a Prohibited Person.

11. Professional Services. Customer may separately purchase from CyberArk professional services in relation to the SaaS Products as may be generally available by CyberArk to its customers, pursuant to CyberArk’s then applicable professional services terms.

12. Term and Termination

12.1. Term. This Agreement will be effective upon the Effective Date and shall remain in force during the applicable Subscription Term of the SaaS Products or unless or until terminated by either Party pursuant to this Section. Prior to the end of the Subscription Term, Customer may contact CyberArk to extend the term of their Subscription Term for the period stated in any such agreed upon renewal Order.

12.2. Termination for Convenience. Either Party may terminate this Agreement, upon sixty (60) days prior written notice, for any reason, provided however that: (i) if CyberArk terminates the Agreement, it will refund the fees paid to it for the unused Subscription Term to the Customer, pro-rated, and (ii) if Customer terminates the Agreement, it shall not be entitled to any refund.

12.3. Termination for Cause. Either Party may terminate this Agreement immediately upon notice to the other Party if the other Party: (i) materially breaches this Agreement and fails to remedy such breach within thirty (30) days after receiving written notice of the breach from the other Party, or (ii) commences bankruptcy or dissolution proceedings, has a receiver appointed for a substantial part of its assets, or ceases to operate in the ordinary course of business. In addition, a Party may terminate this Agreement, in whole or in part, or cease provision of SaaS Products if required to comply with applicable law or regulation, and such termination will not constitute a breach of this Agreement by the terminating Party.

12.4. Effects of Termination/Expiration. Upon termination or expiration of this Agreement: (i) Customer will have no further right to access or use the SaaS Products; and (ii) each Party shall within thirty (30) days after written request return or destroy any tangible Confidential Information of the other Party within its possession or control that is not contained on the SaaS Products. Any Customer Data contained on the SaaS Products will be deleted within sixty (60) days of termination/expiration of Customer’s Subscription Term. Customer acknowledges that it is responsible for exporting any Customer Data to which Customer desires continued access after termination/expiration, and CyberArk shall have no liability for any failure of Customer to retrieve such Customer Data and no obligation to store or retain any such Customer Data after such sixty (60) day period. Following termination of the SaaS Products, CyberArk may immediately deactivate Customer’s account. Any accrued rights and obligations will survive termination.

13. Miscellaneous

13.1. Independent Contractors. Nothing in this Agreement will be construed to imply a joint venture, partnership or principal-agent relationship between CyberArk and Customer, and neither Party will have the right, power or authority to obligate or bind the other in any manner whatsoever.

13.2. Notices. All notices and other communications required or permitted under this Agreement will be in writing and will be deemed to have been duly given: (a) when delivered by hand; (b) three (3) days after being sent by Registered or Certified Mail, return receipt requested and postage prepaid; (c) one (1) day after deposit with a nationally recognized overnight delivery or express courier service; or (d) when provided via email, when the sender has received a delivery/read receipt.

13.3. Force Majeure. Neither Party will be liable to the other Party for any delay or failure to perform which is due to fire, pandemic, virus, epidemic, travel advisories as to health, security and/or terrorism, flood, lockout, transportation delay, war, acts of God, governmental rule or order, strikes or other labor difficulties, or other causes beyond its reasonable control. However, in such event, both Parties will resume performance promptly after the cause of such delay or failure has been removed.

13.4. Governing Law and Jurisdiction. Each Party agrees to the applicable governing law below without regard to choice or conflicts of law rules, and to the exclusive jurisdiction of the applicable courts below with respect to any dispute, claim, action, suit or proceeding (including non-contractual disputes or claims) arising out of or in connection with this Agreement, or its subject matter or formation. To the extent not prohibited by law, each of the Parties hereby irrevocably waives any and all right to trial by jury in any legal proceeding arising out of or related to this Agreement.

 

CyberArk entity entering into Agreement: With Principal Office at: Choice of Law: Exclusive Jurisdiction:
CyberArk Software, Inc. 60 Wells Avenue,
Newton, MA 02459, U.S.A.
Laws of Commonwealth of Massachusetts, U.S.A. Courts of Boston, Massachusetts, U.S.A.
Cyber-Ark Software (UK) Ltd. One Pear Place, 152-158 Waterloo Road, Waterloo, London, SE1 8SB, U.K. Laws of England and Wales Courts of London, England
CyberArk Software Ltd. 9 Hapsagot St. Park Ofer 2, P.O. Box 3143, Petach-Tikva 4951040, Israel Laws of Israel Courts of Tel Aviv Jaffa, Israel
CyberArk Software Canada Inc. 1200 Waterfront Centre 200 Burrard Street PO Box 48600, Vancouver BC V7X 1T2, Canada Laws of Ontario and the federal laws of Canada applicable therein Courts of Toronto, Canada
CyberArk Software (Singapore) Pte. Ltd. 3 Anson Road #24-02, Springleaf Tower, Singapore 079909 Laws of Singapore Courts of Singapore
CyberArk Software (Japan) K.K. Marunouchi Kitaguchi Building 9F, 1-6-5, Marunouchi, Chiyoda-ku, Tokyo 100-0005, Japan Laws of Singapore Courts of Singapore

 

13.5. Entire Agreement, Execution, and Modification. This Agreement supersedes all prior agreements and representations between the Parties regarding the subject matter of this Agreement. The terms and conditions contained in any purchase order issued by Customer will be of no force or effect, even if the order is accepted by CyberArk. CyberArk may make changes to these Terms of Service from time to time. If CyberArk makes a material change to any of the foregoing, CyberArk will inform Customer by e-mail to the e-mail address(es) noted on the Order (or subsequently designated by Customer in writing as a contact for notifications from CyberArk), or through a banner or other prominent notice within the SaaS Products, or through the CyberArk support platform. If Customer does not agree to the change, Customer must so notify CyberArk by e-mail to [email protected] within thirty (30) days after CyberArk’s notice. If Customer so notifies CyberArk, then Customer will remain governed by the most recent terms of service applicable to Customer until the end of the then-current year of the Subscription Term and the updated terms shall apply upon the commencement of the subsequent Subscription Term.

13.6. Severability and Waiver. This Agreement shall be deemed severable, and the invalidity or unenforceability of any term or provision hereof shall not affect the validity or enforceability of this Agreement or of any other term or provision hereof. Should any term or provision of this Agreement be declared void or unenforceable by any court of competent jurisdiction, the Parties intend that a substitute provision will be added to this Agreement that, to the greatest extent possible, achieves the intended commercial result of the original provision. The failure of either Party to enforce any rights granted to it hereunder or to take action against the other Party in the event of any breach hereunder will not be deemed a waiver by that Party as to subsequent enforcement of rights or subsequent actions in the event of future breaches.

13.7. Definitions and Interpretation. The following definitions and rules of interpretation apply in this Agreement:

“Affiliate” means a company controlling, controlled by, or under common control with a Party (an entity will be deemed to have control if it owns over 50% of another entity).

“Authorized Channel Partner” means a company that CyberArk has appointed as an approved partner to market and sell its SaaS Products.

“Authorized Users” means employees, agents, consultants, contractors, or vendors authorized by Customer to use the SaaS Products solely for the internal use of Customer and its Affiliates, subject to the terms and conditions of this Agreement.

“Customer Data” means all data and/or content uploaded to the SaaS Products by Customer (including where applicable Authorized Users), and in all data derived from it, including personal data. For the avoidance of doubt, Customer Data does not include Usage Data.

“CyberArk” means the CyberArk legal entity specified on the signature line below, at the address specified in Section 13.4 “Governing Law and Jurisdiction.”

“Documentation” means the user guides, installation documents, security fundamentals documentation, and specifications for the SaaS Products that are made available from time to time by CyberArk in electronic or tangible form, but excluding any sales or marketing materials.

“Intellectual Property” means a Party’s proprietary material, technology, or processes (excluding the SaaS Products and Documentation), including services, software tools, proprietary framework and methodology, hardware designs, algorithms, objects and documentation (both printed and electronic), network designs, know-how, trade secrets and any related intellectual property rights throughout the world (whether owned or licensed by a third party) and any derivatives, improvements, enhancements or extensions of such Intellectual Property conceived, reduced to practice, or developed.

“Order” means CyberArk’s quote accepted by Customer via Customer’s purchase order or other ordering document submitted to CyberArk (directly or indirectly through CyberArk’s Authorized Channel Partner) to order CyberArk’s SaaS Products, which references the SaaS Products, pricing, payment terms, quantities and other applicable terms set forth in an applicable CyberArk quote or ordering document

“SaaS Products” means the software-as-a-service products specified in the Order as further described in the Documentation (including any updates and upgrades to the SaaS Products provided by CyberArk in its sole discretion, and any software, systems and locally-installed software agents and connectors that interact with the SaaS Products as may be provided by CyberArk in connection with the SaaS Products).

“Subscription Term” means the period of time during which Customer is subscribed to the SaaS Products, as specified in an Order and which shall begin upon delivery of the SaaS Products.

“Suggestions” means, any ideas or suggestions for improvements, new features, functionalities, corrections, enhancements or changes to the SaaS Products suggested by Customer to CyberArk, which constitute Intellectual Property rights under applicable law.

“Usage Data” means statistical data related to Customer’s access to and use of the SaaS Products and data derived from it, that is used by CyberArk in an aggregate and anonymized manner, including to compile statistical and performance information related to the provision and operation of the SaaS Products.

Any words following the terms including or include shall be regarded as examples only and not construed as an exhaustive list.

Should Customer have any questions concerning this Agreement, or if Customer desires to contact CyberArk for any reason, please e-mail us at: [email protected].

Last updated: May 11th, 2020

STAY IN TOUCH

STAY IN TOUCH!

Keep up-to-date on security best practices, events and webinars.