CUSTOMER TERMS AND CONDITIONS

(Single Tenant)

Last Updated: September 07, 2022

Below are the Terms and Conditions for use of the Corvid Cyberdefense Haven™ Security Solution and the related Services.  Reseller desires to provide the Services identified below to Customer, and Customer wishes to receive such Services pursuant to these terms and conditions.

For good and valuable consideration, the receipt and sufficiency of which are hereby acknowledged, the parties hereby agree as follows.

A. Definitions

a.      “Proposal” is a Reseller document provided to Customer that describes the Solution and Services being offered to the Customer and pricing for the Solution and Services. A Reseller Proposal, and/or Customer Agreement, must include Corvid Cyberdefense terms and conditions herein (“Corvid Terms and Conditions – Single Tenant” at www.corvidcyberdefense/terms-and-conditions-single-tenant). Such terms may be modified from time to time at Corvid Cyberdefense's sole discretion.

b.      “Effective Date” means the date set forth for Corvid Product and Services, outlined in these terms and conditions, and upon Reseller signature for such Corvid product and Services.  Unless earlier terminated pursuant to Section 6, these Terms and Conditions are effective beginning on the Effective Date for an initial term of the service and automatically renews for additional terms with the same duration as the initial term.

B.  Getting Started with Managed Services

As a Customer to the Reseller, Customer is enrolling in Corvid Cyberdefense’s Haven™ Security Solution (“Corvid Cyberdefense Haven™”).  As such, The Reseller will be the primary party leading the sales, onboarding/offboarding, as well as certain operational support aspects of support for the solution.

Reseller, via consult with Corvid Cyberdefense, may provide Customer a Corvid Cyberdefense security posture. Corvid Cyberdefense shall grant Reseller access to the Corvid Cyberdefense Haven™ dashboard which provides Reseller with visibility into the security posture and security events. Corvid Cyberdefense Haven™ dashboard is also the platform in which Reseller will be able to view Customer’s security event data and submit support requests for Services. A Reseller engineer will assist Customer with the rollout of Customer’s managed services technology by analyzing information about Customer’s environment and assisting Customer in the installation and configuration of each of Customer’s managed service technologies. Reseller will work with Customer to gather all the relevant information about Customer’s environment, ensure Customer of the proper placement and proper configuration of each technology, and confirm to Customer each such technology is properly working after installation. As each technology is provisioned, it is transitioned to ongoing support elements comprised of Reseller resources as well as the Corvid Cyberdefense Security Operations Center (“SOC”). The Corvid Cyberdefense SOC is dedicated to monitoring device health alerts for Customer, responding to Reseller’s support and configuration change requests, and performing analysis of Customer’s security events for the managed services that Customer has purchased.

C.  Services Description

Corvid Cyberdefense Haven™ includes the following Services for the service plan level selected by Customer in the Proposal.

D.  Responsibilities

  1. Reseller Shall:

a)     implement and fully configure the Corvid Cyberdefense Haven™ platform in all defined Customer environments; and

b)     provide “First Level Support” to the customer which means singular, isolated, or individual customer service or technical support for End User issues not related to the Corvid infrastructure or networking environment. The End User will contact the Reseller directly for these issues for appropriate isolation and triage. Reseller will provide coverage Monday through Friday, 8am – 5pm eastern time.

2. Corvid Cyberdefense shall:

a.      provide “Second Level Support” to the Reseller which means repeatable, widespread, or systemic customer service or technical support issues related to the Corvid infrastructure or networking environment. The Reseller contacts Corvid directly for these issues, and the Reseller is responsible for communication back to the End User. Corvid provides this coverage Monday-Friday, 9am - 5pm eastern time. If after hours support is requested, by either the Reseller or Customer, it may be a billable offering subject to a change order;

b.     monitor security log data from the components of the Customer’s supported environment;

c.      review security events and promptly identify for Customer potential security alerts;

d.     make all security alerts related to security events available to Reseller;

e.      generate notifications of security alerts related to security events;

f.      respond to security events; Corvid Cyberdefense will provide up to 4 hours of response effort per event. In situations where the level of effort requires more than 4 hours of time, or remediation effort itself, Corvid Cyberdefense will consult with the Reseller about a suggested path to resolution. In the event that it is determined that Corvid Cyberdefense continues to provide response efforts, such efforts will be billed to the Reseller at a current market rate;

g.     provide best efforts, using its expertise in the information security field to provide the skills of its staff to respond to security issues as well as consult with Reseller staff and/or customer teams as applicable;

h.     provide Reseller with support and maintenance of Corvid Cyberdefense Haven™ and related technologies; and

i.      functionally manage the technology components that compose Corvid Cyberdefense Haven™ as listed in the Customer Proposal.

E.  Customer Authorization for Reseller and Corvid Cyberdefense to Act

Corvid Cyberdefense shall notify Customer of each security event and shall promptly respond to such security events using best efforts within the capabilities of Corvid Cyberdefense Haven™ and the Corvid Cyberdefense staff.  If Corvid Cyberdefense recommends actions to respond to a security event that are beyond the capabilities of Corvid Cyberdefense Haven™, Corvid Cyberdefense shall inform Reseller of such recommended actions (with adequate information and detail for Reseller to determine whether to pursue such actions), and Corvid Cyberdefense shall promptly perform only such actions as expressly authorized by Reseller.  Corvid Cyberdefense shall ensure that any Corvid Cyberdefense’s SOC resources authorized to perform such expressly authorized actions shall (a) have substantial computer systems and network and project management experience, (b) be sufficiently trained, and (c) be proficient in the use and provision of Services provided to Reseller and/or Customer under these Terms and Conditions. 

F.  Service Level Agreement

  1. Corvid Cyberdefense shall perform the Services (including promptly responding to security incidents, monitoring for outages, and performing configuration changes) in accordance with the Service Level Agreement (“SLA”) guidelines included herein. Such SLA’s includes commitments with respect to certain availability of the security and compliance monitoring service.

2. Descriptions and Definitions of Service Level Agreements (SLAs) are as follows:

a.      High Security Incident Notification – For services in which Corvid Cyberdefense is providing real-time threat analysis, Corvid Cyberdefense will provide a notification to Reseller and/or Customer of a potential security compromise within 20 minutes of Corvid Cyberdefense’s determination of such potential security compromise. If Reseller and/or Customer provided a notification policy to Corvid Cyberdefense prior to such potential security compromise, Corvid Cyberdefense will provide such notification according to that notification policy.

b.      Other Changes – Corvid Cyberdefense, through consult with Reseller, may implement other managed device and/or network configuration changes within three (3) days, provided that at the time of the request Corvid Cyberdefense has received all information necessary to make such change. This only applies to maintenance for managed devic­­e and/or network configuration changes and does not apply to complex or time-intensive changes (such as new architectures or new systems).

c.      Definitions – Suspicious activity is defined as any activity that cannot be confirmed with a high confidence due to lack of domain knowledge, or visibility on the part of Corvid. Malicious activity is defined as any confirmed unauthorized activity that impacts data Confidentiality, Integrity, or Availability.

G.  Dependencies and Assumptions

  1. Corvid Cyberdefense shall not begin to provide the Services as described herein until Reseller, and respective Customer, has executed and exchanged a signed Customer Agreement, that includes these terms and conditions herein.

  2. Each party’s primary contact as identified in the Proposal, or another designee of such party, must be available to the other party during the entire engagement under these Terms and Conditions. Such primary contacts must have sufficient authority to schedule testing and address any issues that may arise.

  3. Client acknowledges and agrees that Corvid Cyberdefense’s use of any Original Equipment Manufacturers’ (“OEM’s”) products provided in these Terms and Conditions are subject to and governed by that OEM’s end user license.

  4. Any change in services and fees, other than standard licensing quantities, will be mutually agreed to in writing by the respective parties.

H.  Managed Services Customer Obligations

  1. Customer agrees to cooperate with the Reseller and/or Corvid Cyberdefense in its efforts to gather initial technical and policy information required to establish the Service within 30 (thirty) days of Effective Date. This level of effort will be documented and agreed upon in a Reseller-documented project plan as the work commences.

  2. Customer will designate authorized person(s) (“Authorized Person(s)”) to:

a.      consult with Reseller and/or Corvid Cyberdefense on a regular basis in connection with the Services;

b.      reasonably cooperate with requests for information made by Corvid Cyberdefense related to the hardware, software, version, patch level, and configuration of devices connected to Customer’s environment (if applicable);

c.      assist Corvid Cyberdefense in upgrading and troubleshooting the environment; and

d.      grant Corvid Cyberdefense access to the Customer’s environment as identified.

3. Customer will promptly notify Reseller of any change in the authorization, contact information, or employment status of any Authorized Persons. It is the obligation of the Reseller to promptly inform Corvid Cyberdefense.

4. Customer will be solely responsible for any unauthorized acts or omissions by Customer that occur as the result of Customer’s access to or use of the Services. Customer agrees to indemnify and hold Corvid Cyberdefense harmless from such acts or omissions.

5. Customer shall provide Reseller with at least five (5) business days’ notice prior to taking any action that may affect Corvid’s ability to provide services herein. It is the obligation of the Reseller to promptly inform Corvid Cyberdefense.

6. Customer shall not modify, reverse engineer, disassemble or decompile any Corvid solution provided for the Services herein.

I.  Additional Terms and Conditions

1.       Shipping, Title, & Risk of Loss

Any products shipped by Corvid Cyberdefense will be FOB Shipping Point. Title to any hardware or software delivered in connection with the Services shall remain with Corvid Cyberdefense.  If applicable, title and risk of loss to any purchased hardware shall pass to Customer upon delivery; title to software shall remain with Corvid Cyberdefense.

2.       Proprietary Rights

a.      Technology and IP. All technology owned by Corvid Cyberdefense or its licensors in connection with performing the Services, including software, portals, data processing systems (each of the foregoing, in object code and source code form), report templates, and hardware, and any Corvid Cyberdefense intellectual property, remains the sole and exclusive property of, and is valuable, confidential and proprietary to, Corvid Cyberdefense or its licensors. Except as otherwise expressly provided herein, Customer shall not acquire any rights in any Corvid Cyberdefense Technology or Corvid Cyberdefense IP as a result of receiving the Services. The sale of any equipment conveys no right or license to manufacture, duplicate, reverse engineer or otherwise copy or reproduce any of the equipment. Customer shall not remove any proprietary notices on equipment delivered hereunder and may not co-brand or otherwise add any branding or marking to such equipment or its packaging. All technology and intellectual property owned by Customer or its licensors remains the sole and exclusive property of, and is valuable, confidential and proprietary to, Customer or its licensors.

b.      Data. Corvid Cyberdefense acknowledges that, as between Corvid Cyberdefense and Customer, Customer owns all right, title and interest, including intellectual property rights, in and to all data on Customer’s network and all data otherwise owned or controlled by Customer (collectively “Data”). Corvid Cyberdefense further acknowledges that: (i) the Data is an original compilation protected by intellectual property laws, including U.S. copyright laws; (ii) Customer has dedicated substantial resources to collect, manage and compile the Data; and (iii) the Data constitutes trade secrets of Customer. The Reseller as well as Corvid Cyberdefense shall not use, access, disclose, release, distribute, or deliver the Data, or any portion thereof, other than to provide Services to Customer.

c.      Publicity, Trademarks and Logo. Each party shall not, directly or indirectly, without the prior written approval signed by an authorized representative of the other party: (i) use the other party’s name or any of the other party’s trademarks, service marks or logos, or (ii) make any public announcement related to these Terms and Conditions or the Services

3.       Confidentiality

a.      “Confidential Information” means any confidential information (including, documents, data, trade secrets, third-party confidential information, business affairs information, product information, data centers, prototypes, samples, equipment, all software, benchmark tests, specifications, trade secrets, object code and machine-readable copies, and other sensitive or proprietary information) disclosed or made available or accessible by either party (“Disclosing Party”) to the other party (“Receiving Party”). Confidential Information shall not, however, include any information which (i) is in the public domain through no action or inaction of or on behalf of Receiving Party; (ii) is already in the possession of Receiving Party at the time of disclosure or access without having been obtained from Disclosing Party or a third party under a duty of confidentiality; or (iii) is obtained by Receiving Party from a third party without a breach of such third party’s obligations of confidentiality.

b.      Receiving Party agrees not to use any Confidential Information of Disclosing Party for any purpose other than as contemplated by these Terms and Conditions. Receiving Party agrees not to disclose any Confidential Information of Disclosing Party to third parties or to Receiving Party’s employees or contractors, except to those employees or contractors of Receiving Party who are required to have such Confidential Information for the provision, receipt, or coordination of Services under these Terms and Conditions. Receiving Party shall not reverse engineer, disassemble, or decompile any prototypes, software or other tangible objects which embody Disclosing Party’s Confidential Information and which are provided to or access by Receiving Party hereunder. Receiving Party agrees that it shall take reasonable measures to protect the secrecy of and avoid disclosure and unauthorized use of the Confidential Information of Disclosing Party. Receiving Party may disclose Disclosing Party’s Confidential Information to the limited extent required by law to comply with the order of a court or other governmental body, provided that Receiving Party gives Disclosing Party prompt written notice of such requirement prior to such disclosure and assistance in obtaining a protective order.

c.      In accordance to agreement herein, Corvid Cyberdefense shall use all legal, organizational, physical, administrative and technical measures and security procedures necessary to safeguard and ensure the security of the Data and to protect the Data from unauthorized access, disclosure, duplication, use, modification, or loss.

d.      Receiving Party acknowledges that Receiving Party’s breach of its obligations of confidentiality to Disclosing Party may cause Disclosing Party irreparable injury for which Disclosing Party would not have an adequate remedy at law, and in the event of such breach by Receiving Party, Disclosing Party will be entitled to seek injunctive relief in addition to any other remedies Disclosing Party may have at law or in equity.

4.        Termination

Corvid Termination for Cause. Services may, by written notice, be terminated by Corvid for cause if any of the following events occur:

a.      Corvid Cyberdefense may terminate for cause if the Reseller and/or Customer is in material breach of any term, condition or provision of these Terms and Conditions, which breach, if capable of being cured, is not cured within thirty (30) days after such party gives the breaching party written notice of such breach.

b.      Corvid Cyberdefense may terminate for cause if Reseller fails to pay any amount due Corvid Cyberdefense within ten (10) days after Corvid Cyberdefense gives Reseller written notice of such nonpayment; or

c.      Corvid Cyberdefense may terminate for cause if the Reseller and/or Customer party (a) terminates or suspends its business, (b) becomes insolvent, admits in writing its inability to pay its debts as they mature, makes an assignment for the benefit of creditors, or becomes subject to direct control of a trustee, receiver or similar authority, or (c) becomes subject to any bankruptcy or insolvency proceeding under federal or state statutes.

5.       Warranties

a. By Customer. Customer represents and warrants to Corvid Cyberdefense that possession and use of information, specifications, and data provided by Customer to both the Reseller and Corvid Cyberdefense, under these Terms and Conditions, will not constitute an infringement upon any patent, copyright, trade secret, or other intellectual property right of any third party.

6.       Indemnity; Limitation of Liability; and Disclaimer of Warranties

a.      While Corvid Cyberdefense and the Haven™ solution provide services that help secure the Customer’s environment, Corvid Cyberdefense does not provide a guarantee that malware, a hack or a data breach will not occur. In addition, Customer is not responsible for acting on Security Events and Security Alerts to properly secure and harden their environment. Corvid Cyberdefense is not responsible for any post-breach remediation services unless engaged under separate agreement. Corvid Cyberdefense is not responsible for any notifications or disclosures that may be required as the result of a data breach or other Security Event. Corvid Cyberdefense is not responsible for any preexisting conditions or weaknesses within the Customer’s environment. If there is an incident that takes place during the term of the Contract, but the root cause of the issue is related to a preexisting condition, then Corvid Cyberdefense is not liable. Corvid Cyberdefense is not liable if Customer discontinues services or does not take proper action on Security Events and Security Alerts.

b.      EXCEPT FOR CORVID CYBERDEFENSE’S INDEMNIFICATION OBLIGATIONS AND EACH PARTY’S CONFIDENTIALITY OBLIGATIONS, IN NO EVENT WILL EACH PARTY BE LIABLE TO THE OTHER FOR ANY LOSS OF PROFITS, LOSS OF USE, BUSINESS INTERRUPTION, COST OF COVER OR INDIRECT, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES OF ANY KIND IN CONNECTION WITH OR ARISING OUT OF OR RELATED TO THESE TERMS AND CONDITIONS OR THE FURNISHING, PERFORMANCE OR USE OF THE SERVICES PERFORMED HEREUNDER, WHETHER ALLEGED AS A BREACH OF CONTRACT OR TORTIOUS CONDUCT, INCLUDING NEGLIGENCE, EVEN IF A PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

c.      EXCEPT AS EXPRESSLY PROVIDED IN THESE TERMS AND CONDITIONS, EACH PARTY DISCLAIMS ALL REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, INCLUDING ANY WARRANTIES REGARDING QUALITY, SUITABILITY, MERCHANTABILITY, OR FITNESS FOR A PARTICULAR PURPOSE (IRRESPECTIVE OF ANY COURSE OF DEALING, CUSTOM OR USAGE OF TRADE).

7.       Terms Applicable to Certain Service

a.      In the event Corvid Cyberdefense performs direct Payment Card Industry-related services for the Customer, the following shall apply:

i.      Customer is responsible for PCI compliance and notification of any suspected breach of its systems and any fines, penalties or registration fee imposed by any payment card association or its acquiring bank. Customer hereby authorizes Corvid Cyberdefense to release a redacted copy of Customer’s PCI DSS Report on Compliance (“ROC”) to the PCI SSC upon the PCI SSC’s written request with notice of such request from the PCI SSC. In the event Customer suffers a credit card compromise, Customer authorizes Corvid Cyberdefense to release a copy of its ROC to the credit card associations upon the credit card associations’ written request. Corvid Cyberdefense shall provide Customer with notice of such request from the credit card association. Finally, Customer authorizes Corvid Cyberdefense to release a copy of Customer’s ROC to Customer’s acquiring bank. Corvid Cyberdefense shall have the right to retain a copy of Customer’s information solely as necessary for Corvid Cyberdefense to comply with the PCI SSC data retention requirements for Qualified Security Assessors.

b.      In the event Customer purchases portal-based services, such as Corvid Cyberdefense Haven™ services, and/or security testing services, the following shall apply:

i.      Customer represents and warrants that Customer has full right, power, and authority to consent to have the service scan for vulnerabilities the IP address and/or URL and/or domain names identified to Corvid Cyberdefense by Customer for scanning, whether electronically or by any other means, whether during initial enrollment or thereafter. Without limiting any other remedy that Corvid Cyberdefense may have, Customer agrees to indemnify and hold Corvid Cyberdefense and its affiliates harmless from and against all liabilities, losses, damages, costs and expenses, including without limitation reasonable attorney’s fees and costs incurred by Corvid Cyberdefense resulting from Customer’s breach of this provision. If applicable, Customer shall obtain all consents and authorizations from any third parties necessary for Corvid Cyberdefense to perform the Services, including without limitation, third party data centers, co-locations and hosts. Corvid Cyberdefense will not be required to execute agreements with any such third parties. Customer agrees that Corvid Cyberdefense Haven™, including without limitation its functionality and contents, is confidential information, and Customer’s use and/or access to Corvid Cyberdefense Haven™ is subject to the terms of applicable mutual non-disclosure agreements executed by the parties. Customer acknowledges and understands that accessing and scanning IP addresses and penetration testing involves inherent risks, including, without limitation, risks related to system or network performance and availability, and data corruption or loss.

ii.      Both the Reseller and/or Customer’s use of Corvid Cyberdefense portals, reports, and scanning solution is subject to the following restrictions: (i) Reseller and/or Customer may use the services and portals only to scan IP addresses, URLs and domain names owned by and registered to Customer; (ii) portals, services, and reports may only be used for the stated purposes in these Terms and Conditions for Reseller and Customer’s internal business purposes in accordance with all applicable laws (including any export control laws); and, (iii) Reseller and Customer shall limit access to portals to only those employees and/or contractors who have an obligation of confidentiality with Customer and only to those who have a requirement for such access on a “need to know” basis and Reseller and Customer shall be responsible for disabling portals accounts for those employees and/or contractors who no longer require access. Customer shall not (i) decompile, reverse engineer, disassemble, or otherwise derive the source code from any component of the portals including the software embedded therein; (ii) modify, enhance, translate, alter, tamper with, upgrade or create derivatives works of the portals, software or documentation; or (iii) strip out or alter any trademark, service mark, copyright, patent, trade secret, ownership or any other proprietary or Intellectual Property notices, legends, warnings, markings or indications on or within any component of the portals, software or documentation, or attempt (i), (ii), and/or (iii) above.

c.      If Customer purchases a digital certificate, Customer’s use of such certificate is subject to and governed by the terms and conditions in the applicable Certification Practice Statement(s), Certificate Policy(ies), Subscriber Agreement and other related documentation.

8.       General

a.      Assignment. Neither party may assign or otherwise transfer rights and obligations of Services, in whole or in part, without the prior written consent of the other party; provided, however, that no written consent shall be required to assign these Terms and Conditions to any affiliate of a party, and further provided that either party may assign this Agreement without the other party’s prior written consent to a successor by way of a merger, acquisition, sale, transfer or other disposition of all or substantially all of its assets. Subject to the foregoing, this Agreement will bind and inure to the benefit of the parties, their respective successors and permitted assigns. Such assignment shall not be unreasonably withheld.

b.      Force Majeure. Neither party shall be liable for any default or delay in the performance of its obligations hereunder (except for payments) if and to the extent such default or delay is caused, directly or indirectly, by acts of God, governmental acts, accidents, wars, terrorism, riots or civil unrest, fires, storms, earthquakes, floods or elements of nature, or any other similar cause beyond the reasonable control of such party, provided such default or delay could not have been prevented by reasonable precautions and cannot reasonably be circumvented by the non-performing party through the use of commercially reasonable alternative sources, workaround plans or other means.

c.      Notice. Except as otherwise provided in these Terms and Conditions, all notices, consents, or approvals required by these Terms and Conditions shall be in writing.

d.      Relationship. The relationship between Corvid Cyberdefense, and the Reseller as well as Customer, shall be that of independent contractors. Nothing in these Terms and Conditions shall be construed to create or imply a partnership, joint venture, agency relationship or contract of employment.

e.      No Third-Party Beneficiaries. Nothing herein expressed or implied is intended to or shall be construed to confer upon or give any person or entity, other than the parties hereto and their respective successors and permitted assigns, any rights or remedies under or by reason of these Terms and Conditions.

f.      No Solicitation. During the term of Contract, neither party shall, directly or indirectly, hire or solicit to be hired any employee of the other party without the prior written consent of the other party; provided that general solicitations will not constitute a breach of this obligation.

g.      Waiver. Any waiver of the provisions of these Terms and Conditions or of a party’s rights or remedies under these Terms and Conditions must be submitted in writing and approved by Corvid Cyberdefense to be effective.

h.      Severability. If any provision in these Terms and Conditions is found to be invalid, unlawful or unenforceable, the parties shall agree in good faith to such amendments as will preserve the intent of these Terms and Conditions. If the parties fail to so agree, such invalid provision will be severed from these Terms and Conditions, which will continue in full force and effect.

i.      Governing Law. These Terms and Conditions shall be governed by and construed in accordance with the laws of the State of North Carolina, without giving effect to conflict of law principles. The parties agree that any legal action or proceeding relating to these Terms and Conditions may be instituted in a state or federal court in Iredell County, NC, and agree to submit to the jurisdiction of, and agree that venue is proper in, these courts in any such action or proceeding.

j.      Directives. The respective party, either the Reseller or Customer, shall immediately notify Corvid Cyberdefense, if Customer knows or has reason to believe that Corvid Cyberdefense has been or will be required, as a result of activity arising out of or related to these Terms and Conditions or the Services contemplated hereunder, by any court or administrative agency of the United States or any state, by the Payment Card Industry Security Standards Council, or by any legal process to respond to any subpoena, search warrant, discovery or other directive under the authority of such court, administrative agency, governmental inquiry or process in connection with any proceeding or investigation in which either the Reseller or Customer or any of its affiliates, officers, directors, agents, employees, or subcontractors is involved. Whether or not such notice is given by Reseller or Customer, the respective party shall directly assist Corvid Cyberdefense in Corvid Cyberdefense’s attempt to reduce the burdens of compliance with any such directive, and Customer shall reimburse any and all reasonable expenses incurred by Corvid Cyberdefense and its affiliates in complying with any such directive, including, but not limited to, attorneys’ fees and Corvid Cyberdefense’s outside counsel attorneys’ fees for representation and advice, travel and lodging expenses and an hourly labor rate of USD $275 per hour for all time spent by Corvid Cyberdefense in responding to such matters.

k.      Export Control. Reseller and Customer agree to comply with all applicable U.S. and foreign export laws, restrictions, and regulations and not to export or re-export or allow the export or re-export of any product, technology or information it obtains or learns pursuant to its relationship with Corvid Cyberdefense in violation of any such laws, restrictions or regulations. Customer shall bear all expenses relating to any necessary licenses and/or exemptions with respect to the export from the U.S. of the equipment purchased from Corvid Cyberdefense to any location in compliance with all applicable laws and regulations prior to the delivery thereof by Customer. The Reseller, as well as Customer, shall indemnify and hold Corvid Cyberdefense harmless from all claims, damages and related expenses (including reasonable attorneys’ fees) incurred by Corvid Cyberdefense that result from either party’s breach of this provision. CORVID CYBERDEFENSE SHALL NOT BE LIABLE FOR EITHER THE RESELLER OR CUSTOMER’S VIOLATION OF ANY EXPORT OR IMPORT LAWS, WHETHER UNDER THE UNITED STATES OR FOREIGN LAW.

l.      Entire Terms and Conditions; Amendment. These Terms and Conditions, together with any software end-user license agreement and any non-disclosure agreement executed between the parties, constitutes the entire agreement between Corvid Cyberdefense and the Reseller, as well as Customer, regarding the subject matter hereof. These Terms and Conditions may not be modified or amended except by a written instrument executed by Corvid Cyberdefense or the Reseller, for which final approval is required by Corvid Cyberdefense. Notwithstanding anything else in these Terms and Conditions or otherwise, in the event of any changes or updates to applicable laws, regulations, rules, standards, interpretations or other external guidelines (including without limitation the PCI Data Security Standard or the Payment Application Data Security Standard), Corvid Cyberdefense may, upon notice to Reseller, make appropriate revisions to the scope and pricing for any Services that are affected by such changes or updates. The Reseller is responsible for like consideration with the Customer. The terms of any Reseller or Customer purchase order are accepted for accounting convenience only. No terms or conditions contained in any purchase order shall amend these Terms or Conditions or shall otherwise constitute an agreement between the parties.

m.      Dependencies. Customer acknowledges that the provision of Services is dependent upon the performance of Customer, and its affiliates, and that Corvid Cyberdefense shall not be liable for its failure to perform to the extent such failure is due to (i) a failure by Customer or any third party retained by, or under the control of, Customer to provide data or materials that Customer or such third party is required to provide to Corvid Cyberdefense or required by Corvid Cyberdefense to perform the services under this these Terms and Conditions, (ii) a failure by Customer to timely and accurately perform its responsibilities as set forth in these Terms and Conditions, or (iii) a failure by Customer to obtain consents, approvals or access for Corvid Cyberdefense.