SIDECHAIN MANAGED DATA PROTECTION CUSTOMER TERMS

In addition to any other terms and conditions of a Customer’s Agreement with a Reseller, these Product Terms shall apply when Customer purchases Sidechain Managed Data Protection (“Sidechain Data Protection”).

1. DEFINED TERMS.

“Covered Environment” means the set of the devices (virtual or physical) in the Customer Configuration supported by the Sidechain Data Protection Services as documented during the implementation process.

“Reseller” means the partner entitled to purchase, resell, market, and distribute the Services provided by Sidechain Consulting.

“Sidechain” means, Sidechain Consulting, LLC, an Oregon Corporation with its principal office at 525 3rd St. Suite 200, Lake Oswego, Oregon 97034.

2. PROVISION OF SERVICES AND SUPPORT.

Sidechain Services are provided by and supported by Sidechain, pursuant to the Sidechain Terms. Any services or support provided by a Reseller in connection with the Services are provided on an as-is basis and shall be considered Unsupported Services pursuant to the Agreement.

3. CUSTOMER OBLIGATIONS:

The following are the Customer’s general obligations.

1. The Customer is solely responsible for its data and Encrypted Data. Sidechain has no access to and will have no liability for the content of any Customer data or Encrypted Data in connection with providing the Services under this Agreement.
2. Customer must monitor its systems to ensure that the Services are working as expected because Sidechain has no access to Customer systems.
3. Customer will not permit unauthorized users to receive or access the Services.
4. The Customer will not use the Services in any way non-compliant with applicable law or otherwise prohibited by Sidechain.
5. The Customer will not take any action that would have the effect of disrupting the Services, including introducing any software code that could impact the Services.
6. Any breach of these terms by the Customer’s authorized user is a breach by Customer.

 

4 SERVICES, PRICING & INVOICING.

4.1 Services Tiers and Pricing. The following Services are available for purchase:

(A) Sidechain Managed Data Protection – Multi-tenant (includes licensing to CipherTrust Transparent Encryption in addition to the Services)

(B) Sidechain Managed Data Protection – Dedicated (licensing required separately)

(C) Sidechain Managed Data Protection – Single Tenant (licensing required separately)

(D) Sidechain Managed Data Protection for Tokenization (licensing required separately)

(E) Sidechain Managed Data Protection for HSM (multi-tenant bundles license, single tenant requires licensing separately)

4.2 Pricing

(A) Pricing Components.

1. Sidechain Data Protection is priced as indicated in the Service Order with pricing based on, but not exclusive to, the following Services elements:
2. The one-time onboarding Fee will be based upon a one-time fee (per agent).
3. Per Agent Fee. A per agent monthly fee variable based upon the number of agents required. The cost of agent fees may or may not include licensing, depending on customer requirements and configuration.
4. System components within scope (for example, how many Tokenization servers are required).
5. Infrastructure costs (for example, in single-tenant cloud service, Azure costs are bundled into the operating costs for the service).
6. Connectors, or the number of integrated applications to an HSM

(B) Pricing for Additional Agents. Initial pricing will be based on the number of licensed agents identified in the Service Order. If additional agents are added to the Customer configuration, Customer may be charged an additional onboarding (or onboarding and licensing Fee, and Customer will then be subject to the new per agent monthly fee for the remainder of the Service Order term.

(C) Renewal Pricing. If purchased through a Reseller, the Reseller will not increase pricing during the Initial Term. Following the Initial Term (as identified in the Service Order) and/or following any Renewal Term, upon not less than 30 days’ notice, Customer pricing may be increased in alignment with the Reseller’s then-current pricing for the Services. Direct Customer’s will be subject to an annual 6% increase in fees.

4.3 Invoicing. One-time Fees will be invoiced upon commencement of Services onboarding, and monthly recurring Fees, per Customer’s Licensed Usage, will be invoiced monthly in arrears. The Customer agrees that all Fees are non-refundable and are payable in accordance with the terms of the Agreement.

4.4 Errors and Disputes. Notwithstanding anything to the contrary in Customer’s Agreement, if there is an error in Customer’s invoice related to the Services, Customer shall abide by the following, depending on whether they are a Direct Customer or services were purchase through a Reseller (i) notify Reseller/Sidechain of the error within 5 days of invoice receipt or Customer will be deemed to have conclusively waived its right to dispute the Fees, and (ii) pay any such disputed invoice as due. Provided the Customer has given timely notification of a disputed invoice error, Reseller/Sidechain will work with Customer in good faith to correct the error. In the event Customer is owed a refund or credit, Reseller/Sidechain will remit such refund or credit to Customer’s account, in a reasonably timely manner, where appliacbale, after Sidechain has provided such refund or credit to a Reseller. If it is determined that the Customer owes Fees in excess of Customer’s initial invoice, Customer agrees to pay the Reseller/Sidechain accordingly. In addition to any other rights and remedies a Reseller may have under the Agreement, a Reseller may deduct any outstanding debit and any applicable Fees from future transaction proceeds.

 

5. TERM & TERMINATION.

5.1 Initial Term, Renewal Term. The initial term (“Initial Term”) for these Services shall be for a period of no less than 12 months and begins upon the Effective Date identified in the Service Order. Upon expiration of the Initial Term, and except as indicated otherwise in the Service Order, Services shall renew for successive renewal terms (“Renewal Terms”) of no less than 12 months each, per the then-current pricing, unless and until either party provides notice of non-renewal at least 30 days prior to start of the Renewal Term.

5.2 Effect of Termination. Upon termination of these Product Terms, all Customer rights in and to the Services and documentation will immediately terminate, and Customer will immediately return to a Reseller or Sidechain, all material belonging to Reseller or Sidechain, including without limitation all copies of Confidential Information, and Customer will promptly certify to Reseller/Sidechain in writing that it has done so.

5.3 Early Termination Fee. If Services are terminated by a Reseller/Sidechain for cause or by Customer for convenience prior to the expiration of any then-active term, Customer must pay an early termination Fee equal to the monthly recurring Fee times the number of months remaining in the then-active Initial Term or Renewal Term, as applicable.

6. RESTRICTIONS & REQUIREMENTS.

6.1 Compliance with Terms. Customer shall ensure that all its end users comply with the Sidechain Terms and with these Product Terms and it shall be responsible for enforcing all terms to the extent of its reasonable control. In the event Customer becomes aware that Customer or its end user has breached any such terms and conditions, Customer will promptly notify Reseller/Sidechain and will exercise all reasonable efforts to enforce Reseller and/or Sidechain’s rights under such terms.

6.2 Use Restrictions. Sidechain Data Protection is provided for Customer’s internal use only and Customer may not resell, sublicense, rent, lease or otherwise distribute the Services to any third party. Customer is prohibited from acting as a services bureau, ISV, VAR or OEM with respect to Sidechain Data Protection.

6.3 Software Restrictions. If the Sidechain Data Protection includes software, Customer may only use the software as described in the Agreement and for Customer’s internal use only. Except as expressly authorized in these Product Terms, Customer shall not cause or permit any of the following: (i) translating, transmitting, modifying, or copying of the software; (ii) use of the encryption agent(s) on operating systems or platforms other than those designated by Reseller/Sidechain; (iii) making copies of the encryption software; (iv) distributing, sublicensing, renting, or transferring software to any third party; or (v) removing, deleting, or altering any copyright, trademark, or proprietary notices, labels, or marks on the software documentation provided to Customer in connection with the Services.

6.4 Reverse Engineering. Customer shall not, nor shall Customer assist, any third party to reverse engineer, decompile, disassemble, or in any other manner attempt to derive the source code of any component of the software for any purpose. Customer shall notify Reseller/Sidechain if Customer becomes aware of any person or entity attempting to reverse engineer, reverse compile, or disassemble any of the software.

6.5 System Restrictions. Infrastructure and architecture modifications, including OS alterations, may not be made without consulting, and informing Sidechain. Customer will comply with best practices and guidance from Sidechain to access data. The use of admin or root privileges to switch between users must not be used. Customer acknowledges that if Customer modifies the encryption keys/passwords, encrypted data may become permanently inaccessible.

7. INDEMNIFICATION

7.1 Reseller. Customer will indemnify  and defend Reseller,  its  affiliates,  officers, directors, agents, and employees, from and against any claim by a party other than Reseller, including  any resulting loss, costs, liability, damages and reasonable  attorneys’ fees, arising from or relating to: (a) any  Customer  violation  of  the Sidechain Terms, (b)  any  claim  of  infringement or misappropriation of any intellectual property to the extent caused by Customer’s use of the Sidechain Services not in accordance with these Product Terms, (c) Customer’s unauthorized  marketing, sales, or use  of the Sidechain Services or any portion thereof, (d) Customer’s violation or alleged violation of any applicable laws.

7.2 By Customer. Customer will indemnify, defend and hold Sidechain and its affiliates and their respective officers, directors, members, managers, and employees harmless from and against all third-party claims, losses, liabilities, damages, expenses and costs, including attorney’s fees and court costs, arising out of Customer’s (i) gross negligence or willful misconduct.

7.3 Conditions. The Party seeking indemnification will provide the Indemnifying Party with prompt written notice of any claim and give complete control of the defense and settlement of the Indemnifying Party, except that settlement may not be effected without the other Party’s consent, and will cooperate with the Indemnifying Party, its insurance company, and its legal counsel in the defense of such claim(s) at the Indemnifying Party’s expense, except that failure to provide notice will not absolve a Party of its obligations to indemnify so long as a Party is not materially prejudiced by the failure. Section 13 STATES THE ENTIRE OBLIGATION AND THE EXCLUSIVE REMEDIES WITH RESPECT TO THE PARTIES’ INDEMNIFICATION OBLIGATIONS PURSUANT TO THIS AGREEMENT.

8. SERVICES LIMITATIONS

8.1 Transformation Times. Encryption of existing data can take a significant amount of time and varies based on the amount of data to be encrypted. The data may be inaccessible during the encryption process. Customer shall be responsible for engaging Sidechain to identify potential means to preserve the availability of applications reliant on such data where possible.

8.2 SLAs for a Reseller. The Customer agrees that due to the nature of the Services and limitations with logical access, no SLAs are provided by a Reseller and no SLAs are applicable to the Services other than as specified in the Sidechain Terms. The Customer also agrees that in the event of any adverse effect in the Covered Environment, the Customer is not entitled to any remedy under the SLAs applicable for other Reseller services that may be affected.

8.3 SLA’s for a Direct Customer. These SLA’s are covered in the Customer’s Agreement with Sidechain

8.4 Disclaimers. Disclaimers for Direct Customer’s are covered in Customer’s Agreement with Sidechain. A Reseller has no responsibility, liability, or other obligations in connection with failures to Services resulting from or related to:

1. software, infrastructure, and architecture modifications of the Services made by the Customer;
2. used in a manner other than as authorized under this Agreement or as required by the documentation provided by Reseller from time to time;
3. use of Services with other software, hardware, or telecommunication interfaces not meeting or not maintained in accordance with specifications described in the Agreement, including applicable documentation provided by Sidechain or a Reseller from time to time;
4. operation or maintenance in environmental conditions outside of the parameters designated in the documentation provided by Sidechain or a Reseller from time to time or elsewhere; or
5. use of any release of the software other than the current release or the immediately preceding release that is supported by Sidechain.

9. WARRANTIES. Warranty clauses for Direct Customer’s are covered in the Customer Agreement with Sidechain

9.1 Interoperability. A Reseller does not guarantee the interoperability of the Services with software and applications that Customer installs on the hosted system but shall engage in reasonable efforts to assist Customer in validating interoperability with such software and applications at Customer’s request.

9.2 Requirements. A Reseller makes no representations or warranties that the Services shall meet or satisfy Customer’s legal or regulatory compliance requirements, including, without limitation, any compliance with data protection or data privacy laws. Customer acknowledges and agrees that Customer is solely responsible for determining Customer’s compliance with legal and regulatory requirements and the suitability and fitness of the Services.

9.3 Acknowledgements. Customer acknowledges and agrees that: (i) A Reseller does not guarantee the interoperability of the Services with any other elements of the hosted system; (ii) A Reseller is not responsible nor liable for any data loss or data corruption related to the Services; (iii) A Reseller shall not be responsible nor liable for loss of encryption keys or loss of access to data; (iv) Customer must make backups of all data prior to commencement of the Services.