Brightflow Technologies
Master Services Agreement

The following terms and conditions govern the relationship between Brightflow Technologies, LLC, a North Carolina company (“us,”, “our,” “we,” or “Brightflow”) and you, and limits our liability for any services or products that we provide to you. Please read these terms carefully and keep a copy for your records.

SCOPE; SERVICES
a) Scope. This master services agreement (this “Agreement”) governs all services that we perform for you, as well as any licenses, services, or products that we sell or re-sell to you (collectively, the “Services”).
b) Quotes. The Services are not described in this Agreement; instead, from time to time we will provide you with a quote, proposal, service order, or similar electronic document (“Quote”) proposing the Services. The Quote may have one or more additional documents attached to it, such as a statement of work or statement of services (each an “SOW”), that further defines or describes the scope and provision of the Services, as well as terms of payment and (if applicable) auto-renewal of the Services. By accepting the Quote, you also agree to the terms of each SOW and the terms of this Agreement. If you do not agree to the terms of the SOW and this Agreement, then you should not accept the Quote. Only those services expressly listed in a Quote will be provided; all other services, projects, and related matters (collectively, “Out of Scope Services”) are out-of-scope.
c) Versioning. The version of this Agreement can be identified by the “Last Updated” reference located at the bottom of this document. Upon agreeing to a Quote, you should refer back to this document and note the version of this Agreement that applies to that particular Quote.
d) Conflict. If there is a specific, material difference or a direct conflict between the language in a Quote or SOW on the one hand, and the language in this Agreement on the other, then the language of the Quote or SOW (as applicable) will control. If there is a direct conflict between the language in a Quote and an SOW, then the Quote will control.

GENERAL REQUIREMENTS
a) Environment. As used in this Agreement, “Environment” means, collectively, any computer network (cloud-based or otherwise), computer system, peripheral or device (virtual or physical) acquired, installed, maintained, monitored, or operated by us under a Quote. To avoid a delay or negative impact on our provision of the Services, during the term of the Services we strongly advise you to refrain from modifying or moving the Environment or installing software in the Environment, unless we expressly authorize such activity. In all situations (including those in which we are co-managing an Environment with your internal IT department), we will not be responsible for changes to the Environment that are not authorized by us or issues that arise from those changes.
b) Requirements. Everything in the Environment must be genuine and licensed—including all hardware, software, etc. If we ask for proof of authenticity and/or licensing, you must provide us with such proof. If our Services require certain minimum hardware or software requirements as indicated in a Quote or SOW (“Minimum Requirements”), you agree to implement and maintain those Minimum Requirements as an ongoing requirement of us providing the Services to you.
c) Updates. Patches and updates to hardware and software (“Updates”) are created and distributed by third parties—such as equipment or software manufacturers—and may be supplied to us from time to time for installation into the Environment. If Updates are provided to you as part of the Services, we will implement and follow the manufacturers’ recommendations for the installation of Updates; however, (i) we do not warrant or guarantee that any Update will perform properly, (ii) we will not be responsible for any downtime or losses arising from or related to the installation, use, or inability to use any Update, (iii) we will not be responsible for the remediation of any device or software that is rendered inoperable or non-functional due to the Update, and (iv) we reserve the right, but not the obligations, to refrain from installing an Update until we have determined, in our reasonable discretion, that the Updates will be compatible with the configuration of the Environment and materially beneficial to the features or functionality of the affected software or hardware.
d) Third Party Support. If, in our discretion, a hardware or software issue requires vendor or OEM support, we may contact the vendor or OEM (as applicable) on your behalf and invoice you for all fees and costs involved in that process. If the fees or costs are anticipated in advance or exceed $300, we will obtain your permission before incurring such expenses on your behalf unless exigent circumstances require us to act otherwise.
e) Advice; Instructions. From time to time, we may provide you with specific advice and directions related to the Services (“Advice”). For example, our Advice may include increasing server or hard drive capacity, increasing CPU power, replacing obsolete equipment, or requesting that you refrain from engaging in acts that disrupt the Environment or that make the Environment less secure. You are strongly advised to promptly follow our advice which, depending on the situation, may require you to make additional purchases or investments in the Environment at your sole cost. We are not responsible for any problems or issues (such as downtime or security-related issues) caused by your failure to promptly follow our Advice. If, in our discretion, your failure to follow our Advice renders part or all of the Services economically or technically unreasonable to provide, then we may terminate the applicable Services for cause by providing notice of termination to you. Unless specifically and expressly stated in writing by us (such as in a Quote), any services required to remediate issues caused by your failure to follow our Advice, or your unauthorized modification of the Environment, as well as any services required to bring the Environment up to or maintain the Minimum Requirements, are out-of-scope.
f) Prioritization. All Services will be performed on a schedule, and in a prioritized manner, as we deem reasonable and necessary. Exact commencement / start dates may vary or deviate from the dates we state to you depending on the Service being provided and the extent to which prerequisites (if any), such as transition or onboarding activities, must be completed.
g) Authorized Contact(s). We will be entitled to rely on any directions or consent provided by your personnel or representatives who are authorized to provide such directions or consent (“Authorized Contacts”). If no Authorized Contact is identified in an applicable Quote or if a previously identified Authorized Contact is no longer available to us, then your Authorized Contact will be the person (i) who accepted the Quote, and/or (ii) who is generally designated by you during the course of our relationship to provide us with direction or guidance. We will be entitled to rely upon directions and guidance from your Authorized Contact until we are affirmatively made aware of a change of status of the Authorized Contact. If your change is provided to us in writing (physical document or by email), then the change will be implemented within two (2) business days after the first business day on which we receive your change notice. If your change notice is provided to us in person or by telephone (live calls only), the change will be implemented on the same business day in which the conversation takes place. Do not use a ticketing system or help desk request to notify us about the change of an Authorized Contact; similarly, do not leave a recorded message for us informing us of a change to your Authorized Contact. We reserve the right to delay the Services until we can confirm the Authorized Contact’s authority within your organization.
h) Insurance. If you are supplied with hardware or accessories on a rental, license, or temporary basis (“Brightflow Equipment”), then you agree to acquire and maintain, at your sole cost, insurance for the full replacement value of that those items. Brightflow must be listed as an additional insured / loss payee on any policy acquired and maintained by you under this Agreement, and the policy will not be canceled or modified during the term of the applicable Services without prior notification to Brightflow. Upon our request, you agree to provide proof of insurance to us, including proof of payment of any applicable premiums or other amounts due under the insurance policy.

FEES; PAYMENT
a) Fees. You agree to pay the fees, costs, and expenses charged by us for the Services as described in each Quote and SOW. You are responsible for sales tax and any other taxes or governmental fees associated with the Services. If you qualify for a tax exemption, you must provide us with a valid certificate of exemption or other appropriate proof of exemption. You are also responsible for all freight, insurance, and taxes (including but not limited to import or export duties, sales, use, value add, and excise taxes).
b) Schedule. All fees will be due and payable in advance of the provision of the Services unless otherwise indicated in the Quote or SOW. If applicable, recurring payments made by ACH will be deducted from your designated bank account on the first business day of the month in which the Services are to be provided, or if applicable, your designated credit card will be charged on the first business of the month in which the Services are to be provided. Generally, all prices anticipate automatic monthly recurring payment by you. Payments by any other methods may result in increased fees or costs.
c) Nonpayment. Fees that remain unpaid for more than fifteen (15) days after the date on the applicable invoice will be subject to interest on the unpaid amount(s) until and including the date payment is received, at the lower of either 1% per month or the maximum allowable rate of interest permitted by applicable law. We reserve the right, but not the obligation, to suspend part or all of the Services without prior notice to you in the event that any portion of undisputed fees are not timely received by us. Monthly or recurring charges (if applicable) will continue to accrue during any period of suspension. Notice of disputes related to fees must be received by us within sixty (60) days after the applicable Service is rendered or the date on which you pay an invoice, whichever is later; otherwise, you waive your right to dispute the fee thereafter. A re-connect fee of up to five percent (5%) may be charged to you if we suspend the Services due to your nonpayment.

ACCESS
You hereby grant to us and our designated third party vendors the right to monitor, diagnose, manipulate, communicate with, retrieve information from, and otherwise access the Environment solely as necessary to enable us or our vendors, as applicable, to provide the Services. Depending on the Service, we may be required to install one or more software agents into the Environment through which such access may be enabled. It is your responsibility to secure, at your own cost and prior to the commencement of any Services, any necessary rights of entry, licenses (including software licenses), permits or other permissions necessary for Brightflow or its vendors to provide Services to the Environment and, if applicable, at your designated premises, both physically and virtually. Proper and safe environmental conditions must be provided and assured by you at all times. Brightflow shall not be required to engage in any activity or provide any Services under conditions that pose or may pose a safety or health concern to any personnel, or that would require extraordinary or non-industry standard efforts to achieve.

LIMITED WARRANTIES; LIMITATIONS OF LIABILITY
a) Hardware / Software Purchased Through Brightflow. All equipment, machines, hardware, software, peripherals, or accessories purchased through Brightflow (“Third Party Products”) are generally nonrefundable once the item is obtained from Brightflow’s third party provider or reseller. If you desire to return a Third Party Product, then the third party provider’s or reseller’s return policies shall apply. We do not guarantee that purchased Third Party Products will be returnable, exchangeable, or that re-stocking fees can or will be avoided. You will be responsible for the payment of all re-stocking or return-related fees charged by the third party provider or reseller. We will use reasonable efforts to assign, transfer and facilitate all warranties (if any) and service level commitments (if any) for the Third Party Products to you, but will have no liability whatsoever for the quality, functionality or operability of any Third Party Products, and we will not be held liable as an insurer or guarantor of the performance, uptime or usefulness of any Third Party Products. All Third Party Products are provided “as is” and without any warranty whatsoever as between Brightflow and you (including but not limited to implied warranties).
b) Liability Limitations. This paragraph limits the liabilities arising from the Services as well as the liabilities arising under this Agreement and any Quote, and is a bargained-for and material part of our business relationship with you. You acknowledge and agree that Brightflow would not provide any Services, or enter into any Quote or this Agreement, unless Brightflow could rely on the limitations described in this paragraph. In no event shall either party be liable for any indirect, special, exemplary, consequential, or punitive damages, such as lost revenue, loss of profits (except for fees due and owing to Brightflow), savings, or other indirect or contingent event-based economic loss arising out of or in connection with the Services, this Agreement, any Quote, or for any loss or interruption of data, technology or services, or for any breach hereof or for any damages caused by any delay in furnishing Services under this Agreement or any Quote, even if a party has been advised of the possibility of such damages; however, reasonable attorneys’ fees awarded to a prevailing party (as described below), your indemnification obligations, and any amounts due and payable pursuant to the non-solicitation provision of this Agreement shall not be limited by the foregoing limitation. Except for the foregoing exceptions, a responsible party’s (“Responsible Party’s”) aggregate liability to the other party (“Aggrieved Party”) for damages from any and all claims or causes whatsoever, and regardless of the form of any such action(s), that arise from or relate to this Agreement (collectively, “Claims”), whether in contract, tort, indemnification, or negligence, shall be limited solely to the amount of the Aggrieved Party’s actual and direct damages, not to exceed the amount of fees paid by you (excluding hard costs for licenses, hardware, etc.) to Brightflow for the specific Service upon which the applicable claim(s) is/are based during the three (3) month period immediately prior to the date on which the cause of action accrued or $5,000, whichever is greater. The foregoing limitations shall apply even if the remedies listed in this Agreement fail of their essential purpose; however, the limitations shall not apply to the extent that the Claims are caused by a Responsible Party’s willful or intentional misconduct, or gross negligence. Similarly, a Responsible Party’s liability obligation shall be reduced to the extent that a Claim is caused by, or the result of, the Aggrieved Party’s willful or intentional misconduct, gross negligence, or to the extent that the Aggrieved Party failed to reasonably mitigate (or attempt to mitigate, as applicable) the Claims. Under no circumstances shall Brightflow have any liability for any claims or causes of action arising from or related to Out of Scope Services.

INDEMNIFICATION
Each party (an “Indemnifying Party”) agrees to indemnify, defend and hold the other party (an “Indemnified Party”) harmless from and against any and all losses, damages, costs, expenses or liabilities, including reasonable attorneys’ fees, (collectively, “Damages”) that arise from, or are related to, the Indemnifying Party’s breach of this Agreement. The Indemnified Party will have the right, but not the obligation, to control the intake, defense and disposition of any claim or cause of action for which indemnity may be sought under this section. The Indemnifying Party shall be permitted to have counsel of its choosing participate in the defense of the applicable claim(s); however, (i) such counsel shall be retained at the Indemnifying Party’s sole cost, and (ii) the Indemnified Party’s counsel shall be the ultimate determiner of the strategy and defense of the claim(s) for which indemnity is provided. No claim for which indemnity is sought by an Indemnified Party will be settled without the Indemnifying Party’s prior written consent, which shall not be unreasonably delayed or withheld.

TERM; TERMINATION
a) Term. This Agreement begins on the date on which we provide a Service to you or you accept a Quote (whichever is earlier) and continues until terminated as described in this Agreement. Each Quote will have its own term and will be terminated only as provided herein, unless otherwise expressly stated in the Quote. The termination of Services under one Quote shall not, by itself, cause the termination of (or otherwise impact) this Agreement or the status or progress of any other Services between the parties. Be aware that a Quote and/or an SOW may provide for auto-renewal; please review your documents carefully.
b) Termination Without Cause. Unless otherwise agreed by the parties in writing or otherwise permitted under this Agreement, no party will terminate this Agreement without cause if, on the date of termination, Services are in progress. In addition, no party will terminate a Quote without cause prior to the Quote’s natural (i.e., specified) expiration date. Notwithstanding the foregoing, if Brightflow decides to cease providing a service to all of its customers generally, then Brightflow may terminate an applicable Quote (or the applicable portion of the Quote) without cause by providing no less than one hundred and twenty (120) days prior written notice to you. If you terminate the Services under a Quote without cause and without Brightflow’s consent, then you will be responsible for paying the termination fee described in the “Termination for Cause” section, below. If no Services under a Quote are in progress, then either party may terminate this Agreement without cause by providing the other party with five (5) days prior written notice.
c) Termination For Cause. In the event that one party (a “Defaulting Party”) commits a material breach under a Quote, SOW, or under this Agreement, the non-Defaulting Party will have the right, but not the obligation, to terminate immediately the Services under the relevant Quote (a “For Cause” termination) provided that (i) the non-Defaulting Party has notified the Defaulting Party of the specific details of the breach in writing, and (ii) the Defaulting Party has not cured the default within twenty (20) days (ten (10) days for non-payment by Client) following receipt of written notice of breach from the non-Defaulting Party. If Brightflow terminates this Agreement or any Quote For Cause, or if you terminate any Services under a Quote without cause prior to such Quote’s expiration date, then Brightflow shall be entitled to receive, and you hereby agree to pay to us, all amounts that would have been paid to Brightflow had this Agreement or Quote (as applicable) remained in full effect, calculated using the fees and costs in effect as of the date of termination (“Termination Fee”). If you terminate this Agreement or a Quote For Cause, then you will be responsible for paying only for those Services that were delivered properly and accepted by you up to the effective date of termination.
d) Client Activity As A Basis for Termination. In the event that you or any of your staff, personnel, contractors, or representatives engages in any unacceptable act or behavior that renders it impracticable, imprudent, or unreasonable to provide the Services to you, then in addition to BrightFlow’s other rights under this Agreement, Brightflow will have the right upon providing you with ten (10) days prior written notice, to terminate this Agreement or the applicable Quote For Cause or, at our discretion and if applicable, amend the applicable Quote to eliminate from coverage any System Malfunction or any equipment or software causing the System Malfunction.
e) Consent. You and we may mutually consent, in writing, to terminate a Quote or this Agreement at any time.
f) Equipment / Software Removal. Upon termination of this Agreement or applicable Quote for any reason, you will provide us with access, during normal business hours, to your premises or any other locations at which Brightflow Equipment is located to enable us to remove all Brightflow Equipment from the premises. If you fail or refuse to grant Brightflow access as described herein, or if any of the Brightflow Equipment is missing, broken or damaged (normal wear and tear excepted) or any of Brightflow-supplied software is missing, we will have the right to invoice you for, and you hereby agree to pay immediately, the full replacement value of any and all missing or damaged items. Certain services may require the installation of software agents in the Environment (“Software Agents”). You agree not to remove, disable, circumvent, or otherwise disrupt any Software Agents unless we explicitly direct you to do so.
g) Transition; Deletion of Data. In the event that you request our assistance to transition away from our services, we will provide such assistance if (i) all fees due and owing to us are paid to us in full prior to Brightflow providing its assistance to you, and (ii) you agree to pay our then-current hourly rate for such assistance, with up-front amounts to be paid to us as we may require. For the purposes of clarity, it is understood and agreed that the retrieval and provision of passwords, log files, administrative server information, or conversion of data are transition services, and are subject to the preceding requirements. You also understand and agree that any software configurations that we custom create or program for you are our proprietary information and shall not be disclosed to you under any circumstances. Unless otherwise expressly stated in a Quote or SOW, we will have no obligation to store or maintain any Client data in our possession or control beyond ten (10) calendar days following the termination of this Agreement or the applicable Services. We will be held harmless for, and indemnified by you against, any and all claims, costs, fees, or expenses incurred by either party that arise from, or are related to, our deletion of your data beyond the time frames described in this section.

RESPONSE; REPORTING
a) Response. We respond to any notification received by us of any error, outage, alarm, or alert pertaining to the Environment in accordance with the priority table(s) supplied to you by us. In no event will we be responsible for delays in our response or our provision of Services during (i) those periods of time covered under the Transition Exception (defined below), or (ii) periods of delay caused by Scheduled Down Time, Client-Side Downtime, Vendor-Side Downtime (all defined below) or (iii) periods in which we are required to suspend the Services to protect the security or integrity of the Environment or our equipment or network, or (iv) delays caused by a force majeure event.
i) Scheduled Downtime. For the purposes of this Agreement, Scheduled Downtime will mean those hours, as determined by us but which will not occur between the hours of 9:00 AM and 5:00 PM Eastern Time, Monday through Friday without your authorization or unless exigent circumstances exist, during which time we will perform scheduled maintenance or adjustments to the Environment. We will use our best efforts to provide you with at least twenty-four (24) hours of notice prior to scheduling Scheduled Downtime.
ii) Client-Side Downtime. We will not be responsible under any circumstances for any delays or deficiencies in the provision of, or access to, the Services to the extent that such delays or deficiencies are caused by your actions or omissions (“Client-Side Downtime”). Client-Side Downtime includes, but is not limited to, any period of time during which we require your participation or we require information, directions, or authorization from you but cannot reach your Authorized Contact(s).
iii) Vendor-Side Downtime. We will not be responsible under any circumstances for any delays or deficiencies in the provision of, or access to, the Services to the extent that such delays or deficiencies are caused by third party service providers, third party licensors, or “upstream” service or product vendors.
b) Transition Exception. You acknowledge and agree that for the first forty-five (45) days following the commencement date of any Service, as well as any period of time during which we are performing off-boarding-related services (e.g., assisting you in the transition of the Services to another provider, terminating a service, etc.), the response time commitments provided to you will not apply to us, it being understood that there may be unanticipated downtime or delays related to those activities (the “Transition Exception”).

CONFIDENTIALITY
a) Defined. For the purposes of this Agreement, Confidential Information means any and all non-public information provided by one party (a “Discloser”) to the other party (a “Recipient”), including but not limited to customer-related data, customer lists, internal documents, internal communications, proprietary reports and methodologies, and related information. Confidential Information will not include information that: (i) has become part of the public domain through no act or omission of the Recipient, (ii) was developed independently by the Recipient, or (iii) is or was lawfully and independently provided to the Recipient prior to disclosure by the Discloser, from a third party who is not and was not subject to an obligation of confidentiality or otherwise prohibited from transmitting such information.
b) Use. The Recipient will keep the Confidential Information it receives fully confidential and will not use or disclose such information to any third party for any purpose except (i) as expressly authorized by the Discloser in writing, or (ii) as needed to fulfill its obligations under this Agreement, or (iii) as required by any law, rule, or industry-related regulation.
c) Due Care. The Recipient will exercise the same degree of care with respect to the Confidential Information it receives from the Discloser as it normally takes to safeguard and preserve its own confidential and proprietary information, which in all cases will be at least a commercially reasonable level of care.
d) Compelled Disclosure. If a Recipient is legally compelled (whether by deposition, interrogatory, request for documents, subpoena, civil investigation, demand or similar process) to disclose any of the Confidential Information, and provided that it is not prohibited by law from doing so, the Recipient will immediately notify the Discloser in writing of such requirement so that the Recipient may seek a protective order or other appropriate remedy and/or waive the Discloser’s compliance with the provisions of this Section. The Recipient will use its best efforts, as directed by the Discloser and at the Discloser’s expense, to obtain or assist the Recipient in obtaining any such protective order. Failing the entry of a protective order or the receipt of a waiver hereunder, the Recipient may disclose, without liability hereunder, that portion (and only that portion) of the Confidential Information that the Recipient has been advised, by written opinion from its counsel (which shall be shared with the Discloser), that the Recipient is legally compelled to disclose.
e) Additional NDA. In our provision of the Services, you and we may be required to enter into one or more additional nondisclosure agreements (each an “NDA”) for the protection of a third party’s Confidential Information (such as, for example, a business associate agreement). In that event, the terms of the NDA will be read in conjunction with the terms of the confidentiality provisions of this Agreement, and the terms that protect confidentiality most stringently shall govern the use and destruction of the relevant Confidential Information.

ADDITIONAL TERMS; THIRD PARTY SERVICES
a) EULAs. Portions of the Services may require you to accept the terms of one or more third party end user license agreements (“EULAs”). If the acceptance of a EULA is required in order to provide the Services to you, then you hereby grant us permission to accept the EULA on your behalf. EULAs may contain service levels, warranties and/or liability limitations that are different than those contained in this Agreement. You agree to be bound by the terms of such EULAs and will look only to the applicable third party provider for the enforcement of the terms of such EULAs. If, while providing the Services, we are required to comply with a third-party EULA and the third party EULA is modified or amended, we reserve the right to modify or amend any applicable Quote with you to ensure our continued compliance with the terms of the third party EULA.
b) Third Party Services. Portions of the Services may be acquired from, resold from, and/or rely upon the services of, third party vendors, manufacturers, or providers (“Third Party Provider”). Third Party Providers may provide services such as data hosting services, help desk services, malware detection services, domain registration services, and data backup/recovery services (each, a “Third Party Service”). Not all Third Party Services will be expressly identified as being provided by a Third Party Vendor, and at all times we reserve the right to utilize the services of any Third Party Provider or to change Third Party Providers in our sole discretion as long as the change does not materially diminish the Services that we are obligated to provide to you. Please note: You understand and agree that Third Party Providers are not our contractors, subcontractors, or otherwise under our managerial or operational control. While we will endeavor to facilitate a workaround for the failure of a Third Party Service, we will not be responsible, and will be held harmless by you, for any failure of any Third Party Service as well as the failure of any Third Party Provider to provide such services to Brightflow or to you.
c) Data Loss. Under no circumstances will we be responsible for any data lost, corrupted, or rendered unreadable due to (i) communication and/or transmissions errors or related failures, (ii) equipment failures (including but not limited to silent hardware corruption-related issues), or (iii) our failure to backup or secure data from portions of the Environment that were not expressly designated to receive such services in the Quote, nor will we be responsible for the recovery of data due to any of the foregoing. Unless expressly stated in writing by us, we do not warrant or guarantee that any maintained storage device or functionality, data backup device or functionality, or load balancing functionality will operate in an error-free manner.
d) BYOD. You hereby represent and warrant that we are authorized to access all devices, peripherals and/or computer processing units, including mobile devices (such as notebook computers, smart phones and tablet computers) that are connected to the Environment (collectively, “Devices”), regardless of whether such Devices are owned, leased or otherwise controlled by you. Unless otherwise stated in writing by us, Devices will not receive or benefit from the Services while the devices are detached from, or unconnected to, the Environment. Client is strongly advised to refrain from connecting Devices to the Environment where such devices are not previously known to us and are not expressly covered under a managed service plan from us (“Unknown Devices”). We will not be responsible for the diagnosis or remediation of any issues in the Environment caused by the connection or use of Unknown Devices in the Environment, and we will not be obligated to provide the Services to any Unknown Devices.
e) Equipment. All Brightflow Equipment is licensed to you, and is neither owned by you nor leased to you. Upon the termination of applicable Services, your license to use the Brightflow Equipment shall immediately terminate, and thereafter all Brightflow Equipment must be returned to us immediately at your expense. All configurations on the Brightflow Equipment are our proprietary information and will not be circumvented, modified, or removed by you without our prior written consent.

OWNERSHIP
Each party is, and will remain, the owner and/or licensor of all works of authorship, patents, trademarks, copyrights and other intellectual property owned by such party (“Intellectual Property”), and nothing in this Agreement, any Quote or SOW, shall be deemed to convey or grant any ownership rights or goodwill in one party’s Intellectual Property to the other party. For the purposes of clarity, you understand and agree that we own any software, codes, algorithms, or other works of authorship that we create while providing the Services to you. If we provide licenses to you for third party software, then you understand and agree that such software is licensed, and not sold, to you. You are allowed to use such third party software subject to the terms and conditions of (i) this Agreement, (ii) the applicable Quote, (iii) written directions supplied to you by us, and (iv) any applicable EULA; no other uses of such third party software are permitted. To the maximum extent permitted by applicable law, we make no warranty or representation, either expressed or implied with respect to third party software or its quality, performance, merchantability, or fitness for a particular purpose.

ARBITRATION
Except for undisputed collections actions to recover fees due to us (“Collections”), any dispute, claim or controversy arising from or related to this Agreement, including the determination of the scope or applicability of this agreement to arbitrate, shall be settled by arbitration before one arbitrator who is mutually agreed upon by the parties. The arbitration shall be administered and conducted by the American Arbitration Association (the “AAA”) or if there is no AAA-certified arbitrator available within a twenty (20) mile radius of our office, then by any arbitration forum as determined by us, pursuant to the selected forum’s arbitration rules for commercial disputes (the “Rules”). In the event of any inconsistency between the Rules and the procedures set forth in this paragraph, the procedures set forth in this paragraph will control. The arbitrator will be experienced in contract, intellectual property and information technology transactions. If the parties cannot agree on an arbitrator within fifteen (15) days after a demand for arbitration is filed, the arbitration venue shall select the arbitrator. The arbitration shall take place in our office unless we agree to a different venue. The arbitrator will determine the scope of discovery in the matter; however, it is the intent of the parties that any discovery proceedings be limited to the specific issues in the applicable matter, and that discovery be tailored to fulfill that intent. Initially, the cost of the arbitration shall be split evenly between the parties; however, the party prevailing in the arbitration shall be entitled to an award of its reasonable attorneys’ fees and costs.

MISCELLANEOUS
a) Compliance. Unless otherwise expressly stated in a Quote, the Services are not intended, and will not be used, to bring Client into full regulatory compliance with any rule, regulation, or requirement that may be applicable to Client’s business or operations. Depending on the Services provided, the Services may aid Client’s efforts to fulfill regulatory compliance; however, the Services are not (and should not be used as) a compliance solution.
b) Disclosure. You warrant and represent that you know of no law or regulation governing your business that would impede or restrict our provision of the Services, or that would require us to register with, or report our provision of the Services (or the results thereof), to any government or regulatory authority. You agree to promptly notify us if you become subject to any of the foregoing which, in our discretion, may require a modification to the scope or pricing of the Services. Similarly, if you are subject to responsibilities under any applicable privacy law (such as HIPAA), then you agree to identify to us any data or information subject to protection under that law prior to providing such information to us or, as applicable, prior to giving us access to such information.
c) No Fiduciary. The scope of our relationship with you is limited to the specific Services provided to you; no other relationship, fiduciary or otherwise, exists or will exist between us. If, by operation of law, a fiduciary relationship is imposed or presumed for out-of-scope services, you hereby waive that relationship and any fiduciary obligations thereunder.
d) Virtual Security. You understand and agree that no security solution is one hundred percent effective, and any security paradigm may be circumvented and/or rendered ineffective by certain malware, such as certain ransomware or rootkits that were unknown to the malware prevention industry at the time of infection, and/or which are downloaded or installed into the Environment. We do not warrant or guarantee that all malware or malicious activity will be capable of being detected, avoided, quarantined or removed, or that any data deleted, corrupted, or encrypted by such malware (“Impacted Data”) will be recoverable. Unless otherwise expressly stated in a Quote, the recovery of Impacted Data is out-of-scope. Moreover, unless expressly stated in a Quote or SOW, we will not be responsible for activating multifactor authentication in any application in or connected to the Environment. You are strongly advised to (i) educate your employees to properly identify and react to “phishing” activity (i.e., fraudulent attempts to obtain sensitive information or encourage behavior by disguising oneself as a trustworthy entity or person through email), and (ii) obtain insurance against cyberattacks, data loss, malware-related matters, and privacy-related breaches, as such incidents can occur even under a “best practice” scenario. Unless a malware-related incident is caused by our intentionally malicious behavior or our gross negligence, we are held harmless from any costs, expenses, or damages arising from or related to such incidents.
e) Physical Security. You agree to implement and maintain reasonable physical security for all managed hardware and related devices in your physical possession or control. Such security measures must include (i) physical barriers, such as door and cabinet locks, designed to prevent unauthorized physical access to protected equipment, (ii) an alarm system to mitigate and/or prevent unauthorized access to the premises at which the protected equipment is located, (iii) fire detection and retardant systems, and (iv) periodic reviews of personnel access rights to ensure that access policies are being enforced, and to help ensure that all access rights are correct and promptly updated.
f) Non-Solicitation. Each party (a “Restricted Party”) acknowledges and agrees that during the term of this Agreement and for a period of one (1) year following the termination of this Agreement, the Restricted Party will not, individually or in conjunction with others, directly or indirectly solicit, induce or influence any of the other party’s employees with whom the Restricted Party worked to discontinue or reduce the scope of their business relationship with the other party, or recruit, solicit or otherwise influence any employee of the other party with whom the Restricted Party worked to discontinue his/her employment or agency relationship with the other party. In the event of a violation of the terms of the restrictive covenants in this section, the parties acknowledge and agree that the damages to the other party would be difficult or impracticable to determine, and in such event, the Restricted Party will pay the other party as liquidated damages and not as a penalty an amount equal to one hundred thousand dollars ($100,000) or the amount that the other party paid to that employee in the one (1) year period immediately preceding the date on which the Restricted Party violated the foregoing restriction, whichever is greater. In addition to and without limitation of the foregoing, any solicitation or attempted solicitation for employment directed to a party’s employees by the Restricted Party will be deemed to be a material breach of this Agreement, in which event the affected party shall have the right, but not the obligation, to terminate this Agreement or any then-current Quote immediately For Cause.
g) Collections. If we are required to send your account to Collections or to start any Collections-related action to recover undisputed fees, we will be entitled to recover all costs and fees we incur in the Collections process including but not limited to reasonable attorneys’ fees and costs.
h) Assignment. Neither this Agreement nor any Quote may be assigned or transferred by a party without the prior written consent of the other party. This Agreement will be binding upon and inure to the benefit of the parties hereto, their legal representatives, and permitted successors and assigns. Notwithstanding the foregoing, we may assign our rights and obligations hereunder to a successor in ownership in connection with any merger, consolidation, or sale of substantially all of the assets of our business, or any other transaction in which ownership of more than fifty percent (50%) of our voting securities are transferred; provided, however, that such assignee expressly assumes our obligations hereunder.
i) Amendment. Unless otherwise expressly permitted under this Agreement, no amendment or modification of this Agreement or any Quote will be valid or binding upon the parties unless such amendment or modification is originated in writing by Brightflow, specifically refers to this Agreement or the Quote being amended, and is accepted in writing (email or electronic signature is acceptable) by you.
e) Time Limitations. The parties mutually agree that, unless otherwise prohibited by law, any action for any matter arising out of or related to any Service, this Agreement or any Quote (except for issues of nonpayment by Client) must be commenced within six (6) months after the cause of action accrues or the action is forever barred.
f) Severability. If any provision hereof or any Quote is declared invalid by a court of competent jurisdiction, such provision will be ineffective only to the extent of such invalidity, illegibility or unenforceability so that the remainder of that provision and all remaining provisions will be valid and enforceable to the fullest extent permitted by applicable law.
g) Other Terms. We will not be bound by any terms or conditions printed on any purchase order, invoice, memorandum, or other written communication supplied by you unless we have expressly acknowledged the other terms and, thereafter, expressly and specifically accepted such other terms in writing.
h) No Waiver. The failure of either party to enforce or insist upon compliance with any of the terms and conditions of this Agreement, the temporary or recurring waiver of any term or condition of this Agreement, or the granting of an extension of the time for performance, will not constitute an Agreement to waive such terms with respect to any other occurrences.
i) Merger. This Agreement, together with any and all Quotes and each applicable SOW, sets forth the entire understanding of the parties and supersedes any and all prior agreements, arrangements or understandings related to the Services; however, any payment obligations that you have or may have incurred under any prior superseded agreement are not nullified by this Agreement and remain in full force and effect. No representation, promise, inducement or statement of intention has been made by either party which is not embodied herein. We will not be bound by any of our agents’ or employees’ representations, promises or inducements if they are not explicitly set forth in this Agreement or any Quote or SOW. Any document that is not expressly and specifically incorporated into this Agreement or a Quote will act only to provide illustrations or descriptions of Services to be provided and will not modify this Agreement or provide binding contractual language between the parties. The foregoing sentence shall not apply to any business associate agreement required under HIPAA, which the parties may (if required) enter into after the Effective Date of this Agreement.
j) Force Majeure. Neither party will be liable to the other party for delays or failures to perform its obligations because of circumstances beyond such party’s reasonable control. Such circumstances include, but will not be limited to, any intentional or negligent act committed by the other party, or any acts or omissions of any governmental authority, natural disaster, act of a public enemy, acts of terrorism, riot, sabotage, disputes or differences with workmen, power failure, communications delays/outages, delays in transportation or deliveries of supplies or materials, cyberwarfare, cyberterrorism, or hacking, malware or virus-related incidents that circumvent then-current anti-virus or anti-malware software, and acts of God.
k) Survival. The provisions contained in this Agreement that by their context are intended to survive termination or expiration of this Agreement will survive. If any provision in this Agreement is deemed unenforceable by operation of law, then that provision shall be excised from this Agreement and the balance of this Agreement shall be enforced in full.
l) Insurance. Brightflow and you will each maintain, at each party’s own expense, all insurance reasonably required in connection with this Agreement or any Quote, including but not limited to, workers compensation and general liability. We agree to maintain a general liability policy with a limit not less than $1,000,000 per occurrence. All of the insurance policies described herein will not be canceled, materially changed or renewal refused until at least thirty (30) calendar days written notice has been given to the other party by certified mail.
m) Governing Law; Venue. This Agreement and all Services will be governed by, and construed according to, the laws of the state of North Carolina. You hereby irrevocably consent to the exclusive jurisdiction and venue of Mecklenburg County, North Carolina, for all non-arbitrable claims and causes of action arising from or related to this Agreement.
n) No Third Party Beneficiaries. The Parties have entered into this Agreement solely for their own benefit. They intend no third party to be able to rely upon or enforce this Agreement or any part of this Agreement.
o) Usage in Trade. It is understood and agreed that no usage of trade or other regular practice or method of dealing between the Parties to this Agreement will be used to modify, interpret, or supplement in any manner the terms of this Agreement.
p) Business Day. If a time period set forth in this Agreement expires on a day other than a business day in Mecklenburg County, North Carolina, such period will be extended to and through the next succeeding business day in Mecklenburg County, North Carolina.
q) Notices; Writing Requirement. Where notice is required to be provided to a party under this Agreement, such notice may be sent by U.S. mail, overnight courier, fax or email as follows: notice will be deemed delivered three (3) business days after being deposited in the United States Mail, first class mail, certified or return receipt requested, postage prepaid, or one (1) day following delivery when sent by FedEx or other overnight courier, or one (1) day after notice is delivered by email. Notice sent by email will be sufficient only if the message is sent to the last known email address of the recipient or such other email address that is expressly designated by the recipient for the receipt of legal notices. All electronic documents and communications between the parties, including email, will satisfy any “writing” requirement under this Agreement.
r) Independent Contractor. Brightflow is an independent contractor, and is not your employer, employee, partner, or affiliate.
s) Contractors. Generally, we do not utilize contractors to perform onsite services (such as equipment installation, network wiring, etc.); however, should we elect to contract a portion of those services to a third party, we will guarantee that work as if we performed the work ourselves. For the purposes of clarity, you understand and agree that Third Party Services are not considered to be subcontracted services, and providers of Third Party Services are not our contractors or subcontractors.
t) Data & Service Access. Some of the Services may be provided by persons outside of the United States and/or your data may occasionally be accessed, viewed, or stored on secure servers located outside of the United States. You agree to notify us if your company requires us to modify these standard service provisions, in which case additional (and potentially significant) costs will apply.
u) Counterparts. The parties intend to sign, accept and/or deliver any Quote, this Agreement, or any amendment in any number of counterparts, and each of which will be deemed an original and all of which, when taken together, will be deemed to be one agreement. Each party may sign, accept, and/or deliver any Quote, this Agreement, or any amendment electronically (e.g., by digital signature and/or electronic reproduction of a handwritten signature) or by reference (as applicable).

Last Updated: January 29th, 2024

Dropsuite:

Dropsuite is a cloud software platform enabling businesses and organizations globally to easily backup, recover and protect their important business information including emails, contacts, calendars and OneDrive/Sharepoint files. Compliant email backup and archive system with a 10-year retention policy.

Vade Secure:

Vade Secure is an AI-based email security solution to improve security for Office 365 and block advanced phishing, spear phishing, and advanced malware threats. Vade Secure analyzes emails, webpages, attachments, and images with machine learning and deep learning algorithms that are trained to detect behaviors and anomalies common to advanced email threats.

Office Protect:

Office Protect is a service that’s designed to help you secure your Microsoft 365 tenant. Using our powerful in-house security software, our analysts actively monitor for threats, investigate alerts, eliminate false positives, and provide guided response and remediation. Protects against account break-ins, data exfiltration, business email compromise, phishing, internal threats, lateral movement, ransomware, and attacks by nation states.

Dark Cubed:

Dark Cubed focuses on real-time monitoring, threat intelligence, predictive analytics, elegant dashboard, streamlined workflow, executive reporting and active blocking. This is another layer of security that integrates with the firewall.

ThreatLocker:

ThreatLocker is a zero-trust endpoint security tool giving companies control over what software can run, by whom, and what data can be accessed.

It keeps a full detailed audit of what applications are used and data accessed/transferred/deleted and by what users (signature tracking, etc.) If something unusual happens, such as a signature change, or a user opens an application that is out of their normal routine the administrator is alerted. This is a crucial tool in identifying malware threats, as well as helping organizations identify if users are accessing applications and/or data/ files they should not be.

ThreatLocker provides a solution that allows businesses to control the content that runs on their network. Unlike AntiVirus software ThreatLocker is not looking for known viruses or malware. ThreatLocker uses a complex set of rules to determine what can be executed on a network and stops anything that has not been approved before it can even execute.

Huntress:

Huntress is a supplement to SentinelOne. Hackers are becoming more sophisticated, and Huntress actively seeks out these threat actors with a "defend forward" mentality. This software combines both advanced security tools along with human intervention to ensure even the most advanced hackers can't penetrate your network.

SentinelOne:

SentinelOne is a comprehensive enterprise security platform that provides threat detection, hunting, and response features that enable organizations to discover vulnerabilities and protect IT operations. SentinelOne integrates static artificial intelligence (AI) to provide real-time endpoint protection and reduce false positives that derail investigations or make threat detection a capital-intensive process. This will replace Webroot in your current environment.