These MSA terms and conditions (“Agreement”) between Mitiga Security Inc., a Delaware corporation, having its principal place of business at 131 7th Ave. Suite 253 New York, NY 10011 USA including any subsidiary or affiliated company (“Mitiga”), and the customer (“Customer”) who accepts this Agreement, and/or accesses and/or uses the Services, govern Customer’s subscription to the Platform and the Additional Services, and constitute a binding agreement between the parties.
This is a legal, enforceable Agreement between Customer and Mitiga, and by executing this Agreement, and where no signature box is available, by clicking through to access the Platform or otherwise indicating Customer’s acceptance of this Agreement in an Order Form, or through Customer’s access to or use of the Services (such time, “Effective Date”), Customer expressly agrees to be bound by this Agreement. If the person signing or accepting or clicking through to the Services is entering this Agreement on behalf of another entity or person, such person hereby represents to Mitiga that they an Authorized User with authority to bind Customer to this Agreement through such consent or use the Platform. If such person does not have such authority or if Customer does not agree to this Agreement, Customer may not subscribe to or use the Services.
1. Subscription.
1.1. Mitiga hereby grants Customer during the Term, a limited, revocable, non-exclusive, non-sublicensable, non-transferable right to access and use Mitiga proprietary cloud-based platform, including underlying SaaS software identified under the applicable Order Form (“Platform”). In addition, as a Customer subscribing to the Platform under the terms of this Agreement, Customer may receive and/or subscribe to additional Mitiga services as detailed in a relevant Order Form ("Additional Services"). Customer’s subscription to such Additional Services and receipt thereof is subject in each case to the terms of this Agreement. The access and use of the Platform and the Additional Services, shall be also referred to as the “Services”.
1.2. Mitiga shall use commercially reasonable efforts to make the Platform available as set forth in the SLA attached hereto as Exhibit A.
1.3. The Services shall be provided solely for Customer’s internal business purposes, subject to Customer’s compliance with the terms and conditions set forth in this Agreement (including payment obligations) and under the terms set forth in an applicable order form mutually approved by the Parties ("Order Form") which is hereby incorporated into this Agreement. In any case of any conflict or inconsistency between the terms and conditions of this Agreement and an Order Form, the former shall prevail (unless the Order Form specifically states otherwise).
1.4. The Services shall be performed in accordance with their applicable documentation provided by Mitiga from time to time ("Documentation"), and subject to any use limitations indicated in an applicable Order Form, and any applicable laws and regulations. The term “Services” shall also include all changes, revisions, improvements, updates and restrictions, provided or otherwise made available to Customer from time to time by Mitiga (including as provided in the applicable Documentation).
1.5. Restrictions on Use. Customer shall not use the Services in any manner or for any purpose other than as expressly permitted in the Agreement. Customer may not, directly or indirectly, and may not authorize any third party to attempt to: (i) copy, modify, alter, tamper with, repair, or otherwise create derivative works of or distribute any part of the Platform or Additional Services; (ii) sell, license (or sub-license), lease, assign, transfer, pledge, or share Customer's rights under this Agreement, with any third party; (iii) reverse engineer, disassemble, or decompile the Platform or the Additional Services, or attempt to discover the Platform's source code or underlying algorithms; (iv) use, remove or alter any Mitiga's or any third party's logos, trademarks or any other or other proprietary rights affixed to or provided as part of the Platform or the Additional Services; (v) disturb or disrupt the Platform or the Additional Services, directly or indirectly, or transmit or activate viruses or any other unlawful material in connection with the Platform or the Additional Services; or (vii) use the Platform or the Additional Services in a manner that would violate applicable laws, or is outside the scope of the rights granted in this Agreement. Customer must promptly notify Mitiga in writing if it becomes aware of, or has reason to believe, that any of the prohibitions listed in this Section has been breached by Customer or any Authorized User.
1.6. Authorized Users. The Platform may only be used by or for Customer through an account that is specific to Customer (the “Account”). Customer is solely responsible for: (a) identifying and authenticating all "Authorized Users" (which means any individual who accesses the Platform on Customer’s behalf); (b) approving access by such Authorized Users to the Platform; (c) ensuring the Authorized Users comply with the terms of this Agreement as if they were a party to it, and that none of Customer’s personnel, agents, or advisors who are not Authorized Users access or attempt to access the Platform; (d) ensuring that the Authorized Users keep their Account login details secure at all times and will treat such Account login details with at least the same degree of care as Customer’s most sensitive confidential information; and (e) all activities that occur under its and its Authorized Users’ usernames, passwords or accounts. Mitiga is not responsible for any losses arising due to any breach of this Agreement by any Authorized User or any other personnel, agent or advisor of Customer. Customer will notify Mitiga immediately of any unauthorized access or use of the Platform.
2. Rights and Title.
2.1. All title, ownership rights, and intellectual property rights (including all copyrights, patents, trade secret rights and trademarks) evidenced by or embodied in, attached, extracted from, connected, and/or related to the Services and the various practices, materials, methodologies, tools, and templates used with respect thereto (and all improvements enhancements, corrections, modifications, alterations, revisions, extensions and updates and derivative works thereof) are and shall remain solely in Mitiga, and/or its licensors, if any. Mitiga expressly reserves all rights to the foregoing, and except for the limited grant of rights expressly set forth herein, Mitiga does not grant Customer any right, title, or interest in any intellectual property owned or licensed by Mitiga. If Customer provides any feedback (such as suggested improvements or a like regarding the Services) (collectively, “Feedback”) Customer hereby grants to Mitiga a non-exclusive, perpetual, irrevocable, transferable, royalty-free and worldwide right, with the right to grant and authorize sublicenses, to use and benefit from such Feedback to provide and improve the Platform and/or the Additional Services and Mitiga’ business without any compensation or credit due to Customer.
3.Customer Data, Privacy and Security, Third parties.
3.1. Customer warrants that as between the Parties, Customer solely owns and retains all rights, title and interest in and to Customer Data including all Intellectual Property Rights embodied in Customer Data. "Customer Data" means any data or information associated with the Customer that the Platform automatically accesses, collects, processes and/or hosts when monitoring, and communicating with Customer’s information technology systems or in accessing Services. Customer hereby grants to Mitiga, during the Term, a non-exclusive, worldwide license, royalty-free right to use and disclose, store, and otherwise process the Customer Data solely to the extent necessary to perform its obligations under this Agreement.
3.2. In providing the Services, Mitiga will (i) store, process and access Customer Data only to the extent reasonably necessary to provide Customer the Services; and (ii) implement and maintain commercially reasonable technical, physical and organizational measures to protect the security, confidentiality and integrity of Customer Data hosted by Mitiga or Mitiga’s authorized third party service providers from unauthorized access, use, alteration or disclosure.
3.3. To the extent Customer Data contains any personal data as defined under the applicable data protection law ("Personal Data"), Mitiga will process such Personal Data in accordance with the terms and conditions set forth in Mitiga’ Data Processing Addendum (“DPA”) a copy of which may be found at https://www.mitiga.io/dpa.
3.4. Customer acknowledges and agrees that Mitiga may retain, disclose and use general information about the types of services Mitiga provides to Customer for research and thought leadership purposes, provided that such information does not include Customer information that is subject to Mitiga's confidentiality obligations hereunder and that Mitiga identifies Customer only in general terms in connection with such information (e.g., “a large financial institution”).
3.5. Customer acknowledges that in order to support Mitiga’s on prem IR (incident response) services (which are part of the Services) Mitiga may be required to use third party subcontractors (each a “Sub-Contractor”). Mitiga shall not employ such Sub-Contractor without Customer's prior written consent (email suffice). Mitiga shall remain responsible for the acts and omissions of such Sub-Contractor, and for the proper performance of Services under this MSA, in accordance with terms set forth herein.
4.Confidential Information.
4.1. Each party (the “Receiving Party”) may have access to certain non-public and/or proprietary information of the other party (the “Disclosing Party”), in any form or media, including confidential trade secrets and other information related to the products, software, technology, data, know-how, or business of the Disclosing Party, whether written or oral, and any such other information that, regardless of the manner in which it is furnished and given the totality of the circumstances, a reasonable person or entity should have reason to believe is proprietary, confidential, or competitively sensitive (the “Confidential Information”). The Receiving Party shall take reasonable measures, at least as protective as those taken to protect its own confidential information, but in no event less than reasonable care, to protect the Disclosing Party's Confidential Information from disclosure to a third party. The Receiving Party shall not use or disclose the Confidential Information of the Disclosing Party except as expressly permitted under this Agreement. All right, title and interest in and to Confidential Information are and shall remain the sole and exclusive property of the Disclosing Party.
4.2. Not withstanding the foregoing, the parties agree that Confidential Information will not include any information that the Receiving Party has documentation to demonstrate such information: (i) is or becomes publicly known or is or becomes part of the public domain through no fault of the Disclosing Party; (ii) the Disclosing Party authorizes in writing to be disclosed; (iii) is rightfully received by the Receiving Party from a third party without restriction on disclosure and without breach of this Agreement; (iv) is known to the Receiving Party on the Effective Date from a source other than the Disclosing Party, and not subject to a confidentiality obligation. Notwithstanding anything to the contrary in this Agreement, if vulnerabilities are detected in Customer systems by Mitiga in its performance of the Services, Mitiga may use such information solely for its own internal purposes, including the development the Platform or any other products and services, and to inform the performance of services for other customers, provided that such information is only utilized and disclosed once it is irreversibly aggregated and anonymized in a manner such that it cannot be used to identify or re-identify Customer.
5. Consideration.
5.1. Fees. The Services are conditioned on Customer's payment in full of the applicable fees set forth in each Order Form. 5.2. Payment Terms. Unless otherwise expressly stated in an Order Form, all payments are quoted and shall be paid in United States Dollars. Payments shall be made without any right of set-off or deduction and are irrevocable and (except as expressly set forth herein) nonrefundable. All Mitiga invoices are payable within thirty (30) days of the date of invoice.
5.3. Taxes. All amounts payable under each Order are exclusive of all sales, use, value-added, withholding, and other direct or indirect taxes, charges, levies and duties. Customer shall bear all value added, state, local, withholding, and other taxes or other charges applicable to the Services.
5.4. If the Customer's use of the Services exceeds the maximum number of resources included in the Order Form by 20%, Mitiga reserves the right to increase the fees on a pro-rata basis for the remainder of the Term.
6. Term and Termination.
6.1. Term. This Agreement shall be in effect as of the Effective Date and shall remain in effect as long as there is an Order Form which is in effect, unless terminated earlier in accordance with the terms hereof (the "Term").
6.2. Termination
6.2.1. Material Breach. Either party may terminate this Agreement with immediate effect upon written notice to the other party if the other party materially breaches this Agreement and such breach remains uncured (to the extent that the breach can be cured) thirty (30) days after having received written notice thereof. In the event Customer terminates this Agreement due to Mitiga’s uncured material breach, Mitiga will promptly refund the pro-rata portion of any fees paid by Customer attributable to the date of the breach through the end of the Term.
6.2.2. Distress Event. In the event that either party becomes liquidated, dissolved, bankrupt or insolvent, whether voluntarily or involuntarily, or shall take any action to be so declared, the other party shall have the right to immediately terminate this Agreement.
7. Effect of Termination.
7.1. General. Upon termination of this Agreement, (1) Customer shall immediately discontinue all access and use of the Platform and Additional Services and shall promptly delete all copies of the Documentation in Customer’s or any of its representatives’ possession or control; (2) Mitiga will delete Customer Data and Platform account access.
7.2. Survival. This Section 7 and Sections 1.5 (Restrictions on Use), 2 (Rights and Title),4 (Confidential Information) 5 (Consideration), (Warranty Disclaimer), 9 (Limitation of Liability), 10 (Indemnification), and 12 (Miscellaneous) shall survive termination of this Agreement.
8. Representations of the Parties.
8.1. Each Party represents and warrants that it is duly organized, validly existing and in good standing under the laws of its jurisdiction of incorporation or organization; and that the execution and performance of this Agreement will not conflict with other agreements to which it is bound or violate applicable law.
8.2. Mitiga represents and warrants that (1) it and its personnel shall have, and shall maintain throughout the Term, the capability, skills, experience, licenses, and means required (in accordance with applicable law) to perform the Services; (2) Mitiga will perform the Services in accordance with the cloud resilience professional standards, know-how, processes, procedures and work methods of Mitiga, as maybe updated by Mitiga from time to time.
8.3. Customer represents and warrants that: (1) Customer grants Mitiga access to Customer's facilities, Customer's computer systems, websites, web related assets, including but not limited to Customer's digital assets whether on premise, or as part of any cloud environment (collectively, "Customer Systems"), to the extent required by Mitiga from time to time for the sole purpose of the performance of the Services. Customer further confirms that the provision of the Services are not in violation of any agreement to which the Customer is a party, with any third party, or any regulation or law applicable to the Customer; (2) Customer acknowledges that Mitiga will not detect, identify, address or correct any errors or defects in Customer's Systems, whether or not due to imprecise or ambiguous entry, storage, interpretation or processing or reporting of data. Mitiga will not be responsible for any defect or problem arising out of or related to data processing in any systems (including Customer Systems). Moreover, Mitiga will not conduct a review to detect fraud or illegal acts. The Services are advisory in nature. None of the Services or any reports will constitute any legal opinion or advice; (3) In the event Mitiga proposes recommendations for Customer's consideration and implementation in connection with the Services, Customer acknowledges that Customer has final approval over recommendations made by Mitiga and is responsible for all management decisions relating to the implementation of Services, and decisions resulting from the use or implementation of the output of the Services; (4) Mitiga shall base any comments or recommendations as to the functional or technical capabilities of any products in use or being considered by Customer solely on information provided by Customer's vendors, through Customer, or which is generally made available by such vendors. Mitiga does not assume any responsibility for any third-party products, programs or services, their performance or compliance with Customer's specifications or otherwise.
Warranty Disclaimer. TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, EXCEPT FOR THE EXPRESS WARRANTIES SET FORTH ABOVE IN THIS SECTION, EACH PARTY HEREBY EXPRESSLY DISCLAIMS ALL WARRANTIES, WHETHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY, TITLE, NON-INFRINGEMENT, NON-INTERFERENCE, ACCURACY, CONDITION, AND FITNESS FOR A PARTICULAR PURPOSE (WHETHER OR NOT SUCH PARTY KNOWS, HAS REASON TO KNOW, HAS BEEN ADVISED, OR IS OTHERWISE AWARE OF ANY SUCH PURPOSE). WITHOUT LIMITING THE FOREGOING, MITIGA DOES NOT WARRANT THAT (A) THE USE OF THE SERVICES WILL BE UNINTERRUPTED OR ERROR-FREE, OR (B) THE SERVICES WILL DETECT, PREVENT, OR PROTECT AGAINST ALL POSSIBLE THREATS WHETHER KNOWN OR UNKNOWN. WITHOUT DEROGATING FROM THE GENERALITY OF THE FOREGOING, IT SHALL BE CLARIFIED THAT CUSTOMER IS AWARE OF THE ON-GOING CHANGES AND DEVELOPMENTS IN THE SECURITY FIELD AND UNDERSTANDS THAT THE PERFORMANCE OF THE SERVICES BY MITIGA DOES NOT GUARANTEE IN ANY WAY THAT FOLLOWING THE PERFORMANCE OF THE SERVICES, CUSTOMER’S SYSTEMS WILL BE SECURE FROM ANY FORM OF ANY ATTACK OR OTHERWISE PROTECTED.
9.Limitation of Liability.
9.1. NEITHER PARTY SHALL BE LIABLE, IN CONTRACT OR TORT, UNDER STATUTE OR OTHERWISE, ANY CONSEQUENTIAL, INCIDENTAL, INDIRECT, PUNITIVE OR SPECIAL DAMAGES IN CONNECTION WITH CLAIMS ARISING OUT OF THIS AGREEMENT OR ANY ORDER FORM, OR OTHERWISE RELATING TO THE SERVICES, INCLUDING ANY AMOUNT FOR LOSS OF PROFIT, DATA OR GOODWILL, WHETHER OR NOT THE LIKELIHOOD OF SUCH LOSS OR DAMAGE WAS CONTEMPLATED. IN NO EVENT SHALL EITHER PARTY BE LIABLE TO THE OTHER PARTY OR TO ANY THIRD PARTY FOR AGGREGATED DAMAGES IN EXCESS OF THE FEES ACTUALLY PAID OR PAYABLE TO MITIGA BY CUSTOMER (DIRECTLY OR THOUGH A PARTNER) IN THE TWELVE (12) MONTHS IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO LIABILITY.
9.2. NOT WITHSTANDING THE FOREGOING, NOTHING HEREIN SHALL LIMIT THE LIABILITY OF EITHER PARTY IN ANYWAY FOR LIABILITY OR DAMAGES ARISING FROM (A) GROSS NEGLIGENCE OR INTENTIONAL MISCONDUCT, (B) FRAUD OR FRAUDULENT MISREPRESENTATION. NOTWITHSTANDING ANYTHING TO THE CONTRARY HEREIN, WITH RESPECT TO EITHER PARTY’S INDEMNIFICATION OBLIGATIONS HEREUNDER, NEITHER PARTY’S LIABILITY SHALL EXCEED TWICE (2) THE TOTAL FEES PAID OR PAYABLE TO MITIGA BY THE CUSTOMER (DIRECTLY OR THOUGH A PARTNER) UNDER THE APPLICABLE ORDER FORM IN THE TWELVE (12) MONTHS IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO LIABILITY. NO CLAIM RELATING TO THE SERVICES OR OTHERWISE UNDER THIS AGREEMENT SHALL BE MADE AFTER THE LAPSE OF 12 MONTHS FOLLOWING THE COMPLETION OF A PARTICULAR SERVICE.
10. Indemnification.
10.1. By Mitiga. Mitiga hereby agrees to defend and indemnify Customer against any damages awarded against Customer by a court of competent jurisdiction, or paid in settlement, in connection with a third party claim, suit or proceeding that Customer’s use of the Platform or the Additional Services within the scope of this Agreement infringes any intellectual property rights of a third party. Mitiga shall have no obligations or liability hereunder to the extent that the alleged infringement is based on the Customer data. Without derogating from the foregoing defense and indemnification obligation, if Mitiga believes that the Platform or the Additional Services, or any part thereof, may infringe, then Mitiga may in its sole discretion: (i) obtain (at no additional cost to Customer) the right to continue to use the Platform or the Additional Services; (ii) replace or modify the allegedly infringing part of the Platform or the Additional Services so that it becomes non-infringing while giving substantially equivalent performance; or (iii) if the foregoing clauses (i) and (ii) are not reasonably commercially feasible, terminate this Agreement immediately, and in such event Customer shall receive a prorated refund of any fees paid by Customer attributable to the unused portion of the Term. This Section 10.1 states Mitiga's entire liability and Customer's exclusive remedy for any claims of infringement.
10.2. General. The defense and indemnification obligations of the indemnifying party under this section are subject to: (i) the indemnifying party being given prompt written notice of the claim; (ii) the indemnifying party being given immediate and complete control over the defense and/or settlement of the claim (however no compromise or settlement of any claim imposing financial liability upon the indemnified party may be effected without the prior written consent of indemnified party); and (iii) the indemnified party providing cooperation and assistance, at the indemnifying party’s expense, in the defense and/or settlement of such claim and not taking any action that prejudices the indemnifying party's defense of or response to such claim; except if there is any conflict of interest between the parties or the indemnifying party has failed to defend such claims, in such event the indemnified party shall have the right to appoint their own legal counsel, at the indemnifying party’s expense.
11. Partner.
If Customer has purchased the Services granted hereunder from a partner, reseller or distributor authorized by Mitiga (“Partner”), the terms of Section 5 (Consideration) shall not apply. To the extent there is any conflict between this Agreement and the agreement entered between Customer and the respective Partner, including any purchase order (“Partner Order Form”), then, as between Customer and Mitiga, this Agreement shall prevail. Any rights granted to Customer in such Partner Order Form which are not contained in this Agreement, apply only in connection with such Partner. In that case, Customer must seek redress or realization or enforcement of such rights solely with such Partner and not Mitiga.
12. Miscellaneous.
This Agreement shall constitute the full Agreement between the Parties with respect to its subject matter and shall supersede any and all prior agreements and understandings relating thereto. No change, modification, alteration or addition of or to any provision of this Agreement shall be binding unless in writing and executed by or on behalf of both Parties by a duly authorized representative. This Agreement and any rights or obligations hereunder may not be transferred or assigned by either party without the prior written consent of the other party, except that either party may assign this Agreement as a whole to a successor to all or substantially all of its assets or business related to this Agreement, without such consent. Subject to the foregoing, this Agreement shall be binding upon and inure to the benefit of the parties and their successors and assigns. If any of the terms contained in this Agreement shall, for any reason, be held to be void or unenforceable, it shall not affect the validity or enforceability of any other term in this Agreement. The failure of either party to enforce at any time any of the provisions of this Agreement will in no way be construed to be a present or future waiver of such provisions, nor in any way affect the right of either Party to enforce each such provision thereafter. This Agreement does not, and shall not be construed to create any relationship, partnership, joint venture, employer-employee, agency, or franchisor-franchisee relationship between the Parties. Mitiga will not be liable for any delay or failure to provide the Services resulting from circumstances or causes beyond the reasonable control of Mitiga including, but not limited to on account of strikes, shortages, riots, insurrection, fires, flood, storms, explosions, acts of God, war, government or quasi-governmental authorities actions, acts of terrorism, earthquakes, power outages, pandemic or epidemic (or similar regional health crisis), or any other cause that is beyond the reasonable control of Mitiga. This Agreement shall be governed by and construed under the laws of the State of New-York without reference to principles and laws relating to the conflict of laws. New York shall have the exclusive jurisdiction with respect to any dispute and action arising under or in relation to this Agreement. Not withstanding the foregoing, Mitiga may seek injunctive or other equitable relief in any court of competent jurisdiction worldwide. Each party may seek injunctive or other equitable relief in any jurisdiction in order to protect its intellectual property rights. All notices relating to this Agreement shall be in writing, signed by the party giving or making such notice or communication, and shall be delivered by: (a) personal delivery; or (b) electronic transmission; or (c) certified or registered mail, return receipt requested by electronic mail; or (d) recognized overnight courier service. Notices shall be sent to the address of the other party set forth in the Order Form and shall be deemed given upon personal delivery, three (3) business days after deposit in the mail, one (1) business day if delivered by overnight courier, or upon acknowledgment of electronic transmission.
********
Exhibit A
MITIGA Service Level Agreement
1. Maintenance Services.
a. Mitiga will provide Customer with remedial and preventive maintenance and support services to the Platform (as defined in the Mitiga Master Subscription Agreement – "Agreement"), as provided in and subject to the terms set forth in Mitiga's service level agreement (the “SLA”) as detailed herein (“Maintenance Services”) to keep the most current release of the Platform in good operating condition.
b. Mitiga’s obligation to provide Maintenance Services is dependent upon: (i) the Agreement being in effect; and (ii) the performance by Customer of all its obligations set forth in the Agreement and the obligations set forth herein.
c. Mitiga shall not be obligated to provide Maintenance Services in accordance herewith, that are required as a result of any of the following: (i) Customer’s abuse, misuse, accident or neglect of the Platform; or (ii) repairs, alterations, customization and/or modifications to the Platform performed by a party other than Mitiga or Customer at Mitiga’s direction; or (iii) use of hardware, software or services by the Customer which do not comply with Mitiga’s requirements; or (iv) use of the Platform for other than the intended purpose for which it was licensed; or (v) alternations, modifications or integration of the Platform with third party software not provided by or recommended by Mitiga or otherwise contemplated by Mitiga’s documentation; or (vi) any use of the Platform in breach of the Agreement.
2. Updates and New Versions.
a. During the term of the Agreement, Mitiga shall update the Platform as it determines is required to achieve the specifications established by Mitiga for the Platform (the "Updates"). The Updates will be made available to Customer at no additional cost.
3. Service Level Agreement (“SLA”)
a. Mitiga will support Customer with problems generated directly by and as part of the use of Platform, as defined herein, including support for technical problems, implementation and documentation errors. For the purpose of this SLA, the terms technical problems or installation problems shall be defined herein as defects (“Defects”).
4. Initiating Support Requests
a. Support calls shall Initiated by a designated individual nominated by Customer (the “Representative”) by an email to support@mitiga.io or via mutual Slack or Microsoft Teams as defined and agreed by both parties during onboarding.
5. Handling of Support Requests
a. Customer Support Team (CST) shall recreate the Defect reported.
b. Mitiga will make reasonable commercial efforts to resolve Defects in accordance with such Defects’ severity.
c. Mitiga may request from the Representatives:
i. To provide additional information (e.g., screen shots, log information etc.).
ii. To perform troubleshooting activities to enable identification of the source of the reported problem.
iii. To perform certain changes in Customer’s SaaS and cloud environments, including but not limited to configuration changes.
d. Mitiga will not support or provide solutions to problems (i) that were not generated directly by or on the Platform, including but not limited to, problems generated by Customer’s cloud providers, database, network components, operating systems, applications or integration with other systems; or (ii) in a part of the Platform that has been customized or otherwise modified by someone other than Mitiga or Customer at Mitiga’s direction; or (iii) If Customer did not implement any required step or procedure directed by Mitiga.
e. Customer Support for the Platform covers (i) development and production issues for the Platform and its components, (ii) Informational and implementation questions about the Platform and features; and (iii) troubleshooting operational problems with the Platform.
6. Termination Right
a. If the Platform fails to meet the Availability commitment set forth in Section 7.a. of this Exhibit for any three (3) consecutive months or for four (4) months during any twelve-month period, Customer may terminate the Platform without further liability and receive a refund of any unused prepaid fees paid to Mitiga.
7. Availability
a. Mitiga shall make the Platform available 99.9% of the time, excluding only the time the Platform is not available solely as a result of one or more Exceptions.
b. Exceptions. The following cases of downtime will not be included in any calculation of the above availability (“Exceptions”):
i. problems at third party cloud providers or SaaS applications;
ii. defects that Mitiga provided it is not able to reconstruct;
iii. by-design functionality which is reported as defect;
iv. unsupported data source;
v. Customer has failed to provide Mitiga with required access or means to fix the Defect;
vi. internet or other network traffic problems at Customer’s location; or
vii. scheduled downtime.
8. Priority Levels of Defects
a. Initial response for Defects will be provided based on the severity of the Defect as follows:
i. Triage Times and Availability
ii. Mitiga makes reasonable efforts to triage every Defect as soon as possible. Mitiga does not guarantee resolution times or delivery dates as these times are subject to change depending on the nature of a case and complexity of the reported case.
b. Customer acknowledges that not all Level 3 problems will require a workaround. Mitiga may, in its reasonable discretion, respond to a Level 3 problem by making correction of the error a feature request or an enhancement request.
c. Triage time is defined as the time between the creation of the case and the first attempt of a Mitiga support engineer from CST to contact the Customer who initiated a case.
d. The severities set forth in the table above apply to systems in production, whereas errors in non-production systems (test, development, sandbox) will be automatically downgraded one level.
e. Problems with Platform onboarding have Priority 2 at a maximum.
f. The CST’s standard business hours are Monday through Friday, 8:00 AM - 4:00 PM EST. When Customer initiates a case outside standard business hours, then the case will be handled as if it was initiated at 8:00 AM the next business day.
g. The response times set forth in the table above apply only if Customer has provided Mitiga with detailed e-mail communication via support@mitiga.io.
