Saas License Agreement

TERMS AND CONDITIONS

These Terms and Conditions (the “Terms and Conditions”), together with the order form attached as the cover page hereto (the “Initial Order”) and any other order forms executed under these Terms and Conditions (each an “Order,” and collectively, including the Initial Order, the “Orders”), and any other exhibits, schedules and addenda attached hereto or to an Order, are hereby incorporated by reference (collectively, the “Agreement”) and constitute the agreement made and executed by and between H1 Insights, Inc., a Delaware corporation, or any H1 Affiliate (“H1”), and the party identified on the Initial Order (“Customer”). By executing the signature page to the Initial Order, and in consideration of the mutual promises, and upon the terms and conditions set forth in the Agreement and intending to be legally bound, H1 and Customer hereby agree as follows:

1. DEFINITIONS(a) “Affiliates” means any entity directly or indirectly controlled by or under common control with a party where “control” means either: (i) direct or indirect ownership or control of greater than 50% of the voting securities of such entity, or (ii) the ability to control the activities of the entity through contractual rights. H1 Affiliates include, but are not limited to, Carevoyance, Inc.(b) “Authorized Users” means Customer employees or contractors who are authorized by Customer to access and use the Services on Customer’s behalf and who have been supplied user identifications and passwords by Customer (or by H1 at Customer’s request).(c) “Confidential Information” means all information, knowledge, data, or materials of an intellectual, technical, scientific, commercial, or industrial nature relating to technology, inventions, concepts, processes, designs, improvements, trademarks, copyrighted materials, trade secrets, and other information of a similar nature that is marked “confidential” by the disclosing party or that would be reasonably understood to be confidential given the nature of the information or the circumstances surrounding its disclosure. Confidential Information includes, but is not limited to, Customer Data and the H1 Properties but does not include Service Data.(d) “Customer Data” means all data or information submitted by or collected from Customer and Authorized Users in connection with the Services. Customer Data does not include any H1 Properties.(e) “Documentation” means all written materials relating to the Services, including, but not limited to, any online help and user instruction files regarding use of the Services, as generally provided by H1 to licensees of the Services, and shall include any updated versions of Documentation as may be generally provided by H1 to other licensees of the Services during the Term. (f) “Effective Date” means the date on which the Initial Order is executed by both parties.(g) “H1 Properties” means the Services, Product Data, Documentation, and all software, systems, data, information and other technology used by H1 to provide, improve, operate, and maintain the foregoing. H1 Properties does not include Customer Data.(h) “Included Third–Party Software” means Third-Party Software, if any, set forth in an Order.(i) “Product Data” means all data or information collected and compiled by H1 for the therapeutic areas identified in an Order and/or that H1 otherwise makes available to Customer pursuant to the Services, and accessed by Customer and Authorized Users via the Services in accordance with this Agreement. Product Data does not include Customer Data.(j) “Services” means the services provided by H1 to Customer, as further described in an Order.(k) “Term” means the term of the Agreement as set out in the Initial Order and as modified from time to time.(l) “Third–Party Software” means any software created or distributed by a third party other than H1.
2. ‍SERVICES2.1. Orders. H1 and Customer may develop and enter into one or more Orders incorporating a description of any Services requested by Customer, the first of which is attached to these Terms and Conditions as the Initial Order. H1 is not obligated to perform any Services until the applicable Order is executed by an authorized representative of each party. To the extent there are any conflicts or inconsistencies between these Terms and Conditions and any Order, the provisions of these Terms and Conditions will govern and control unless the parties have expressly provided in such Order that a specific provision in these Terms and Conditions is amended, in which case these Terms and Conditions will be so amended, but only with respect to such Order.2.2. Authorized Use of Services and Product Data. Subject to the terms and conditions of this Agreement, including without limitation timely payment of all undisputed amounts due hereunder, H1 grants to Customer a limited, non-exclusive, non-transferable, non-assignable (except as otherwise provided in Section 11.3 below), worldwide right and license during the Term and solely for Customer’s internal business purposes to (a) use and access the Services in accordance with this Agreement; (b) use and reproduce the Documentation as necessary for Customer’s use of the Services in accordance with this Agreement; (c) grant Authorized Users the right to access and use the Services in accordance with this Agreement; and (d) use, reproduce, and download the Product Data for Customer’s use in accordance with Section 9.3 and this Agreement. H1 will collect and compile the Product Data in compliance with all applicable laws.2.3. Customer Support. During the Term, and subject to Customer’s timely payment of undisputed Fees, H1 will provide customer support in accordance with Exhibit A to this Agreement and Customer’s Order. Any problems or errors relating to the Services must be reported by Customer to H1 in accordance with H1’s then-current reporting procedures and forms.2.4. Updates and Enhancements. The Services and its features and functionality are subject to change by H1 from time to time as the Services evolve. Such changes may affect the certain features, functionality, and components offered to the Customer. Services features, functionality, and components may be added, deactivated temporarily, altered, or permanently removed by H1 without notice to Customer; provided that the core features and functionality will not be removed without an equivalent alternative being provided at no additional charge.
   2.5. Maintenance of Software. H1 is responsible for maintenance of the Services on H1’s servers and for testing and installing maintenance fixes, patches and new versions of the Services on H1’s servers. All decisions concerning the correction of errors and the implementation of corrections, fixes, patches, new versions, and/or work-around solutions, including, without limitation, the timing thereof, shall be made by H1 in its reasonable judgment and discretion.2.6. Restrictions. Customer will not, indirectly or directly, nor will it permit any Authorized User or other third party to: (a) sell, offer for sale, distribute, sublicense, disclose, transfer, or otherwise make available any part of the H1 Properties, including the Services and Product Data, to any third party (including in a service bureau or timesharing agreement) other than the Authorized Users and Customer’s service providers in accordance with the terms of this Agreement; (b) interfere with or disrupt the integrity or performance of the H1 Properties or the data contained therein; (c) reverse engineer, disassemble, or decompile any component of the H1 Properties; (d) modify, copy, or make derivative works based on any part of the H1 Properties; (e) use any H1 Properties to store or transmit any virus or other malicious code or any infringing, libelous or otherwise unlawful or tortious material, or to store or transmit material in violation of third-party privacy rights; (f) attempt to gain unauthorized access to the H1 Properties or the related systems or networks; (g) write or develop any derivative works based on the H1 Properties; (h) use the H1 Properties to provide processing services to third parties; (i) employ any automated process implementing a bot or web crawler for copying or extracting data through the H1 Properties (i.e., web scraping or data scraping); (j) use the H1 Properties to create a product or service that competes with, is similar to, or would serve as a substitute for, H1’s products, services and/or offerings; or (k) use the H1 Properties in an unlawful manner or any manner that exceeds the scope of uses permitted under this Agreement.
3. CUSTOMER OBLIGATIONS
   
   3.1. Equipment. Customer is responsible, at its expense, for obtaining and using all Internet access, equipment, software (e.g., compatible web browser), and third-party services needed by Customer for access to and use of Services. It is the responsibility of Customer to meet the then-current specifications and requirements in order to use the Services.3.2. Authorized Users. Customer is responsible for setting up and customizing all user permissions and features of the Services for its individual Authorized Users and for terminating or editing its user permissions when an employee or consultant relationship is terminated or such individual’s responsibilities no longer require access to specific administrative features. H1 is not responsible for any losses to the extent associated with Customer’s failure to effectively maintain user permissions and administrative settings.3.3. Customer’s Responsibilities. Customer shall (i) be responsible for Authorized Users’ compliance with this Agreement; (ii) be responsible for the accuracy, quality, and legality of Customer Data and of the lawful means by which Customer acquired Customer Data; (iii) ensure it has obtained the necessary permissions and authorizations to disclose Customer Data to H1 for the purposes described in this Agreement; (iv) use commercially reasonable efforts to prevent unauthorized access to or use of the Services and Product Data, and notify H1 promptly of any such unauthorized access or use; and (v) use the Services and Product Data only in accordance with the Documentation, this Agreement, and applicable laws and government regulations.
4. PAYMENTS
   
   4.1. Fees. Customer shall timely pay H1 the fees specified in any Order (“Fees”) on or before the due dates specified on such Order. Except as otherwise set forth in an Order, all fees and charges shall be paid in U. S. Dollars. If, and to the extent an Order does not specify the due date for particular Fees or charges hereunder, all such amounts shall be due within thirty (30) days of the date of Customer’s receipt of H1’s invoice. If H1 does not receive payment of an undisputed invoice by the due date and Customer does not cure the non-payment within five (5) business days following receipt of written notice thereof, all such amounts will accrue interest from the applicable due date until paid in full at a rate equal to the lesser of 3% per month or the highest contract interest rate allowed by law, from the date due until paid. H1 may suspend or terminate access to the Services and the Product Data if Customer fails to pay undisputed Fees when due.4.2. Taxes. The Fees and any other amounts payable pursuant to the Agreement exclude any applicable sales and use taxes, transaction privilege tax, excise tax, tangible or intangible personal property taxes, or value added taxes on the sale or measured by the sales price (collectively “Tax” or “Taxes”). Customer is solely responsible for the payment of all Taxes and will pay to H1 or the applicable taxing authorities the amount of any Taxes, including without limitation any applicable interest or penalties in connection therewith, that H1 or Customer is or becomes obligated to pay based on the license or delivery of the Services or Product Data.
5. WARRANTIES; LIMITATION OF LIABILITY; THIRD PARTIES5.1. H1 Warranties. H1 warrants to Customer that (a) the Services shall perform substantially and materially in accordance with the Documentation provided to Customer by H1 from time to time; (b) it will perform its customer support obligations hereunder in a professional and workmanlike manner; and (c) as of the Effective Date, it has all rights, title and interest in the H1 Properties necessary to grant to Customer the rights contained in the Agreement and, to its knowledge, the Services do not infringe upon the intellectual property rights of any third party to give rise to such third party claims that could reasonably be expected to cause a material adverse effect on Customer’s access or use of the Services. H1 does not warrant that the Services shall operate in combination with other software other than Included Third-Party Software or other software noted in an Order or the Documentation, or that the Services shall operate uninterrupted or free of errors. If the Services do not perform as warranted herein and H1 is able to reproduce the error, H1 shall undertake commercially reasonable efforts to correct or re-perform the Services, and if, after undertaking such commercially reasonable efforts, H1 determines that it is unable to correct the Services or re-perform the Services, Customer will have the right, in accordance with the terms hereof, to terminate the Agreement and H1 will refund Customer any prepaid Fees applicable to such Services for the unused portion of such Services, prorated from the effective date of termination. The limited warranties in this Section 5.1 are made to and for the benefit of Customer only and are conditioned upon Customer’s material compliance with the terms and conditions of this Agreement, the Documentation, and other reasonable instructions provided by H1. These limited warranties shall not apply to the extent that the Services fail to perform as warranted because of any use of the Services (a) in connection or in combination with any computer hardware or software not expressly approved or recommended by H1 in writing, or (b) contrary to the specifications and directions contained in the Documentation or other reasonable instructions of H1.5.2. Customer Warranties. Customer represents, warrants and covenants that: (a) it is duly organized, validly existing and in good standing under the laws of its state of organization, and has all power and authority to operate its business and conduct its business as presently conducted, and to execute, deliver and perform its obligations under the Agreement; (b) the Agreement, upon execution by the signatory, will have been duly and validly executed and delivered by it, has been duly and validly authorized by all company action, and constitutes the legal, valid, and binding obligation of Customer; (c) the execution, delivery, and performance of the Agreement and the transactions contemplated hereby will not conflict with any judgment or decree or any agreement or other instrument to which Customer is a party; (d) it is not a government agency and it is not acquiring the license granted by the Agreement pursuant to any government contract or with government funds; (e) as of the Effective Date, it has all rights, title and interest in the Customer Data necessary to grant H1 the rights contained in the Agreement and, to its knowledge, H1’s use of the Customer Data in accordance with the Agreement will not infringe upon the intellectual property rights of any third party or give rise to such third-party claims; and (f) it shall comply with all applicable laws, rules, and regulations.5.3. Disclaimers. THE WARRANTIES SET FORTH IN SECTIONS 5.1 AND 5.2 STATE EACH PARTY’S AND ITS RESPECTIVE AFFILIATES, LICENSORS, OFFICERS, DIRECTORS, EMPLOYEES, AND AGENTS, SOLE AND EXCLUSIVE WARRANTIES AND EACH PARTY HEREBY DISCLAIMS ALL OTHER WARRANTIES, EXPRESS OR IMPLIED. EXCEPT AS EXPRESSLY SET FORTH IN SECTION 5.1 AND TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, THE SERVICES AND DATA PRODUCT ARE PROVIDED STRICTLY “AS IS,” AND H1 AND ITS AFFILIATES, LICENSORS, EMPLOYEES, AND AGENTS MAKE NO ADDITIONAL WARRANTIES, EXPRESS, IMPLIED, ARISING FROM COURSE OF DEALING OR USAGE OF TRADE, OR STATUTORY, AS TO THE SERVICES OR DATA PRODUCT OR ANY MATTER WHATSOEVER. EXCEPT AS EXPRESSLY SET FORTH IN SECTIONS 5.1 OR 5.2 AND TO THE MAXIMUM EXTENT PERMITTED BY LAW, ANY AND ALL WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND ANY WARRANTIES ARISING IN LAW OR FROM COURSE OF DEALING, COURSE OF PERFORMANCE, OR USE OF TRADE ARE EXPRESSLY EXCLUDED. No employee, agent, representative or Affiliate of H1 has authority to bind H1 to any oral representations or warranty concerning the H1 Properties. Any written representation or warranty not expressly contained in the Agreement is not authorized and is unenforceable. Any description of the H1 Properties contained on H1’s website or promotional materials is for the sole purpose of identifying the applicable H1 Property, and any such description is not a part of the basis of the bargain and does not constitute a warranty that the H1 Property shall conform to that description. No affirmation of fact or promise made by H1, on its website or otherwise, shall constitute a warranty that the H1 Properties will conform to the affirmation or promise.5.4. Liability Limitations. NEITHER PARTY SHALL BE LIABLE TO THE OTHER PARTY OR ANY THIRD PARTY FOR: (A) ANY INDIRECT, SPECIAL, INCIDENTAL, EXEMPLARY, PUNITIVE OR CONSEQUENTIAL DAMAGES OF ANY KIND IN CONNECTION WITH OR ARISING OUT OF THE SERVICES, DATA PRODUCT, SUPPORT SERVICES, OR THIS AGREEMENT (INCLUDING LOSS OF PROFITS, LOSS OF USE, BUSINESS INTERRUPTION, LOSS OF DATA, COST OF SUBSTITUTE GOODS OR SERVICES OR COVER), EVEN IF SUCH PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES; OR (B) ANY AMOUNTS THAT IN THE AGGREGATE HOWSOEVER ARISING OR CAUSED (WHETHER IN CONTRACT OR IN TORT OR UNDER ANY OTHER FORM OF LIABILITY) THAT EXCEEDS THE FEES PAID/PAYABLE TO H1 BY CUSTOMER UNDER THIS AGREEMENT DURING THE TWELVE (12) MONTHS PRIOR TO THE DATE OF THE EVENT GIVING RISE TO SUCH LIABILITY. THESE LIMITATIONS SHALL APPLY NOTWITHSTANDING ANY FAILURE OF ESSENTIAL PURPOSE OF ANY LIMITED REMEDY. NOTWITHSTANDING THE FOREGOING, THE FOREGOING LIMITATIONS SHALL NOT APPLY TO EACH PARTY’S (I) BREACH OF SECTION 7 (CONFIDENTIAL INFORMATION); (II) INDEMNIFICATION OBLIGATIONS; OR (III) GROSS NEGLIGENCE OR WILLFUL MISCONDUCT.5.5. Third Parties. Customer is solely responsible for third parties who use or access the Services on Customer’s behalf. Customer is solely responsible for any contract entered into with such third parties and for any obligations, warranties or representations made to such third parties by Customer. H1 has no obligation to provide any telephone, email or other type of support to any third parties. Any contacts, inquiries or questions from third parties to H1 will be referred to Customer. All disputes between Customer and third parties, whether or not relating to any information, data or forms available on or through the Services, will be settled by and between Customer and such third party. H1 bears no responsibility for resolving such disputes and has no obligation to be involved in any way in any such dispute. Customer will indemnify, defend, and hold H1 harmless from any claims to the extent related to any contracts or other relationships with any third parties.
6. INDEMNIFICATION
   
   6.1. Indemnification by H1. H1 shall defend, indemnify and hold harmless Customer and its officers, directors, employees and representatives from and against any losses and reasonably incurred costs and expenses suffered or incurred by Customer to the extent arising from a third-party claim that Customer’s use of the H1 Properties or Product Data, when used in accordance with this Agreement, infringes any intellectual property rights of such third party. H1’s obligations under this indemnification provision are expressly conditioned on the following: (i) Customer must promptly notify H1 of any such claim (except that failure to timely provide such notice will relieve H1 of its indemnification obligations only to the extent H1 is materially prejudiced as a direct result of such delay); (ii) H1 shall have sole control of the defense of any such claim and of all negotiations for its settlement or compromise (provided that Customer may participate in such defense with its own counsel at its own expense so long as such representation must not prejudice H1’s right to control the defense of the claim and negotiate its settlement or compromise); (iii) Customer must reasonably cooperate with H1 to facilitate the settlement or defense of the claim. If any portion of the H1 Properties or H1’s systems are, or in H1’s opinion are likely to become, the subject of an infringement claim, then H1, at its sole option and expense, will either: (A) obtain for Customer the right to continue using the H1 Properties under the terms of this Agreement; (B) replace the H1 Properties with products that are substantially equivalent in function, or modify the H1 Properties so that they become non-infringing and substantially equivalent in function; or (C) terminate this Agreement and refund to Customer the portion of the Fees paid to H1 for the portion of the Term during which Customer may no longer use the H1 Properties. Notwithstanding the foregoing, H1 shall have no obligation under this Section 6.1 or otherwise with respect to any infringement claim to the extent based upon (v) any Customer Data; (w) any use of the H1 Properties not in accordance with this Agreement or as specified in the Documentation; (x) any use of the H1 Properties in combination with other products, equipment, software or data not supplied or approved by H1; (y) any modification of the Services or the H1 Properties by any person other than H1 or its authorized agents, or (z) any claim for which Customer has an indemnification obligation to H1 (collectively, “Exclusions”). Notwithstanding anything to the contrary herein, to the extent that a third-party claim of copyright infringement concerns Third Party Software that is subject to a more limited indemnification protection under a third-party agreement than specified herein, H1’s obligations hereunder will be further limited accordingly.. THE FOREGOING SETS FORTH H1’S EXCLUSIVE OBLIGATION AND LIABILITY FOR INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS BY THE H1 PROPERTIES.6.2. Indemnification by Customer. Customer shall defend, indemnify and hold harmless H1 and its officers, directors, employees and representatives from and against any losses, costs and expenses to the extent arising from or relating to (a) a third-party claim that H1’s use of Customer Data in accordance with this Agreement infringes the intellectual property rights of any third party; or (b) an Exclusion. or (c) Customer’s or an Authorized User’s breach of this Agreement.
7. CONFIDENTIAL INFORMATION7.1. Mutual Covenants. Each party acknowledges that the other party’s Confidential Information is valuable and agrees that it shall use the other party’s Confidential Information solely to perform its obligations or exercise its rights expressly set forth in the Agreement and shall not disclose, or permit to be disclosed, the same, directly or indirectly, except as required by law, to any third party without the disclosing party’s prior written consent, and shall safeguard the disclosing party’s Confidential Information from unauthorized use and disclosure using measures that are equal to the standard of performance used by the receiving party to safeguard its own confidential information of comparable value, but in no event less than reasonable care. However, Confidential Information of a party does not include information that (a) is in the receiving party’s possession without restriction prior to disclosure by the disclosing party; (b) is or becomes publicly known through no wrongful act or omission by receiving party; (c) has been rightfully obtained by the receiving party from a third party without restrictions on disclosure; or (d) was independently developed by the receiving party without reference to or use of the disclosing party’s Confidential Information. Both parties agree that neither party shall disclose the terms of the Agreement, except as required by law. For the avoidance of doubt, the H1 Properties shall be H1’s, and not Customer’s, Confidential Information. Notwithstanding the foregoing, the receiving party may make disclosures as required by law or regulation, or pursuant to a valid order of a court or other governmental body having jurisdiction; provided, that the receiving party provides the disclosing party with reasonable prior written notice of such disclosure and reasonable assistance in obtaining a protective order or confidential treatment preventing or limiting the disclosure and/or requiring that the Confidential Information so disclosed be used only for the purposes for which the law or regulation required, or for which the order was issued.7.2. Injunctive Relief. In the event of actual or threatened breach of the provisions of Section 7.1, which the parties hereby agree may cause irreparable harm, the non-breaching party shall be entitled to seek immediate injunctive and other equitable relief, without bond and without the necessity of showing actual damage.7.3 Confidentiality Period. The receiving party’s confidentiality obligations as set forth above shall continue in full force and effect for the term of the Agreement and for five (5) years from the expiration or termination thereof.
8. PROPRIETARY RIGHTS
   8.1. Customer Data. As between parties, Customer owns all right, title, and interest in and to the Customer Data. Subject to the terms and conditions of this Agreement, Customer grants to H1 a limited, non-exclusive, worldwide right and license (without the right to grant sublicenses) to use the Customer Data for the purposes described in this Agreement. All rights of Customer not expressly granted to H1 in the Agreement shall be, and hereby are, reserved to Customer.8.2. H1 Properties. As between the parties, H1 owns all right, title, and interest in and to the H1 Properties, and may freely commercialize and license it to other customers. All rights of H1 not expressly granted to Customer in the Agreement shall be, and hereby are, reserved to H1. Customer shall include in all copies made by it notices of copyright and other proprietary rights included by H1 in the Documentation. Customer agrees that any and all modifications and derivative works of the H1 Properties shall be deemed part of the H1 Properties.8.3 Publicity. Customer grants to H1 the right to use Customer name, trademark, and/or logo in any H1 publication, press release, website, advertising, sales promotional material, or other form or publicity.
9. PRIVACY AND SECURITY9.1. Personal Data. To the extent that either party transmits or receives data under this Agreement that is protected as personal data, personal information, or personally identifiable information under applicable privacy and data protection laws, such party shall comply with applicable laws, rules and regulations regarding privacy and the lawful processing of such data. Where applicable, each party shall comply with the terms of the Data Processing Addendum attached at Exhibit B, which are incorporated into and form an integral part of this Agreement.9.2. Customer Data. Customer instructs H1 to process Customer Data on its behalf to provide the H1 Properties and perform its obligations under and in accordance with this Agreement. Customer acknowledges and agrees that H1 may also use the Customer Data to improve the H1 database for the benefit of the Services, including to ensure the H1 database remains complete, accurate, and up-to-date, and to create aggregate statistical information or data insights that do not identify the Customer as a source. Customer represents and warrants that (a) it is legally allowed to engage H1 to process Customer Data on its behalf pursuant to this Agreement; and (b) it has provided all necessary notices and obtained all required consents or other permissions under applicable privacy and data protection laws to enable H1 to process Customer Data for the purposes described in this Agreement.9.3. Product Data. Customer acknowledges that the Product Data includes professional contact information of third-party individuals (“Contacts“) that are collected by H1 from a variety of sources, as further described in the H1 Privacy Policy (https://www.h1.co/privacy-policy). Subject to Customer’s compliance with all applicable laws, rules and regulations, Customer may use the Services to (i) view the Product Data and use it for Customer’s internal business purposes; and (ii) communicate with a Contact, including for the purposes of selling or marketing goods and/or services to the Contact on a business-to-business basis, in a manner that relates to the Contact’s profession, business or employment and in accordance with the Contact’s expectations in their business or professional role and communication preferences (collectively, the “Permitted Purpose”). Customer shall not process Product Data for purposes outside the scope of the Permitted Purpose unless it has obtained the prior explicit consent of the relevant Contact. Customer shall (a) refrain from using Product Data to send communications to Contacts who have unsubscribed or opted-out from receiving communications for any purpose, including direct marketing; (b) maintain appropriate suppression lists of Contacts who unsubscribe from or opt-out from receiving communications; (c) promptly notify H1 of Contacts’ communication preferences, including where Contacts unsubscribe or opt-out from receiving communications, to enable H1 to update its own records; (d) regularly review Contacts’ preferences and any suppression lists or notices (including those maintained by Customer and H1) before sending any communications; and (e) adopt and implement policies, procedures and systems to enable Contacts to unsubscribe or opt-out from receiving communications. At H1’s written request, Customer shall furnish H1 with a certification signed by an officer of Customer verifying that Product Data is being used in compliance with the terms of this Agreement.9.4. Service Data. Notwithstanding anything to the contrary in this Agreement, H1 may collect, use, store, adapt, analyze, create derivative works from and disclose data relating to Customer’s or Authorized Users’ use of the Services (Service Data”), in an aggregate and anonymized manner, for its own legitimate business purposes (including for the compilation of statistical and performance information). To the extent Service Data is considered personal data, personal information or personally identifiable information under applicable privacy and data protection laws, H1 shall process such data in accordance with applicable laws and only share such data with other H1 customers and users provided that it does not identify Customer or any Authorized User. For the avoidance of doubt, H1 owns all right, title, and interest in and to Service Data and any improvements to H1 Properties resulting therefrom.9.5. Changes in Law. If H1 determines, in its reasonable discretion, that an amendment or supplement to this Agreement is necessary to ensure compliance by Customer and H1 with applicable privacy and data protection laws, Customer will negotiate in good faith to enter into such an amendment or supplement. If the parties fail to reach an agreement to amend or supplement this Agreement within 30 days after H1’s written request, and without prejudice to any other rights or remedies H1 has under this Agreement, H1 may terminate the Agreement by written notice to Customer, such termination to take effect twenty-one (21) days after H1’s notice of termination.
10. TERM AND TERMINATION10.1. Term. This Agreement shall commence on the Subscription Start Date set forth in the Initial Order and shall remain in force until there are no outstanding Orders pursuant to this Agreement.10.2. Termination for Cause. Either party may terminate this Agreement or any Order immediately upon notice to the other party if the other party materially breaches this Agreement or the applicable Order, and such breach remains uncured more than thirty (30) days (ten (10) days for a payment default, or three (3) business days for a breach of Section 2.6 or 9 hereof) after receipt of written notice of such breach. H1 also may terminate this agreement or any Order immediately where Customer acquires, merges with, or is acquired by an entity that offers a product or service that competes with, is similar to, or would serve as a substitute for H1’s products, services and/or offerings.10.3. Termination Due to Insolvency. Either party will have the right to terminate the Agreement by providing prior written notice to the other party (“Insolvent Party”) upon occurrence of any of the following circumstances with respect to the Insolvent Party: (a) the filing by or against the Insolvent Party of a petition for reorganization or liquidation under the U.S. Bankruptcy Code or corresponding laws or procedures of any applicable jurisdiction; (b) the filing by or against the Insolvent Party of any other proceeding concerning bankruptcy, insolvency, dissolution, cessation of operations, reorganization of indebtedness, or the like by the Insolvent Party (if such proceeding is involuntary and is contested in good faith, the Agreement will terminate only after the passage of one hundred twenty (120) days without the dismissal of such proceedings); (c) the voluntary or involuntary execution upon the assignment or conveyance to a liquidating agent, trustee, mortgages or assignee of whatever description; or the making of any judicial levy against a substantial percentage of the Insolvent Party’s assets, for the benefit of its creditors; (d) the appointment of a receiver, keeper, liquidator or custodian of whatever sort or description, for all or a substantial portion of the Insolvent Party’s assets; or (e) the termination, dissolution, insolvency, or its cessation to continue all or substantially all of the Insolvent Party’s business affairs.10.4. Effect of Termination. Termination of this Agreement in accordance with the terms herein will terminate all outstanding Orders unless expressly agreed to in writing by the parties. In the event the Agreement is terminated, Customer shall pay all Fees and other undisputed fees accrued through the date of such termination and Customer shall immediately discontinue use of the Services and return to H1 or destroy all Documentation and any other Confidential Information of H1. Upon expiration or termination of this Agreement, Customer agrees that its access to the Services and any other H1 Properties will be automatically terminated and Customer agrees to promptly destroy any and all information in electronic form it has obtained from the Services. Retention or use of any additional profiles shall require payment of $100 per profile (the “Retention Fee”). Notwithstanding the foregoing, the parties agree that Customer (a) shall not be required to delete or pay the Retention Fee for profiles of individual with whom Customer commences an active engagement during the Term and (b) may retain analyses and reports derived from profiles that are created during the Term, as long as the profiles are not the primary content of such analyses or reports. Sections 1, 2.6, 3.2, 5-9, 10.4, and 11 shall survive any termination or expiration of the Agreement. Termination is not an exclusive remedy and all other remedies will be available whether or not termination occurs.
11. GENERAL
    11.1. Remedies for Breach. In the event that Customer breaches any of the following restrictions (whether or not the breach is subsequently remedied, and regardless of whether H1 exercises its termination right), Customer agrees to the following liquidated damages: (a) if Customer downloads in excess of 10,000 names, Customer agrees to pay H1 $100 per name that was downloaded without permission; (b) if any employee or authorized agent of Customer makes the Services available to anyone other than Authorized Users, Customer agrees to pay H1 $1,000 per unauthorized person receiving access; and (c) if Customer scrapes data made available through H1’s systems, in addition to liquidated damages for downloading names in excess of the authorized amount, Customer will reimburse H1, at H1’s standard time-and-materials rates, for H1’s costs of repairing any harm or vulnerabilities caused to H1’s systems.11.2. Third–Party Software. Customer hereby agrees to abide by, and execute and deliver, all applicable end user license agreements for the Included Third-Party Software. Included Third-Party Software is and shall remain the exclusive property of such third-party licensors, and Customer shall have no rights or interests in Third-Party Software, except as provided in the applicable end user license agreements.11.3. Assignment/Binding Nature. Neither the Agreement nor any rights or obligations under the Agreement may be assigned or otherwise transferred by either party for any reason. Notwithstanding the foregoing, either party may freely assign this Agreement and the rights and obligations of under the Agreement to: (a) any Affiliate; (b) an assignee or successor in interest (by merger, operation of law or otherwise); or (c) a purchaser of all or substantially all of its business to which this Agreement relates. Subject to the foregoing, the Agreement shall be binding upon and shall inure to the benefit of the parties and their respective permitted successors and assigns.11.4. Notices. Any notice required or permitted under the terms of the Agreement or required by law must be in writing and must be (a) delivered in person, (b) sent by registered mail return receipt requested, (c) sent by overnight air courier, (d) sent via electronic mail to the recipient(s) named herein at the email addresses set forth herein. If to H1, a notice shall be forwarded to H1 at: H1 Insights, Inc., 386 Park Avenue South, 5th Fl., New York, New York, 10016. If to Customer, a notice shall be forwarded to Customer at the address set forth in the Initial Order. Notice will be effective upon receipt or refusal of delivery. If delivered by certified or registered mail, any such notice will be considered to have been given five (5) business days after it was mailed, as evidenced by the postmark. If delivered by courier or express mail service, any such notice shall be considered to have been given on the delivery date reflected by the courier or express mail service receipt. Each party may change its address for receipt of notice by giving notice of such change to the other party.11.5. Force Majeure. Except for payment obligations herein, no party shall be liable or responsible to the other party, nor be deemed in default of this Agreement, for any failure or delay to fulfil any obligation hereunder so long as and only to the extent such party is unable to perform its obligations hereunder in accordance with the terms hereof as a result of causes beyond such party’s reasonable control, including but not limited to fire, explosion, strikes or labor disputes, flooding, sewer backup, acts of God, epidemics, pandemics, war, civil disturbances, acts of civil or military authorities or the public enemy, inability to secure raw materials, transportation, facilities, labor, or fuel or energy or internet shortages; provided, however, that a party shall not be excused from any non-performance resulting from strikes or labor disputes affecting such party’s own workforce and/or failures by such party’s subcontractors to perform (other than where such failures are themselves caused by any of the facts or circumstances set forth in this paragraph).11.6. Waiver. The failure of either party to enforce at any time any of the provisions hereof or exercise any right or option hereunder shall not be construed to be a waiver of the right of such party thereafter to enforce any such provisions or exercise such right or option. Any consent by any party to, or waiver of, a breach by the other, shall not constitute consent to, waiver of, or excuse of any other, different or subsequent breach.11.7. Severability. If any term, condition, or provision in this Agreement is found to be invalid, unlawful or unenforceable to any extent, then the meaning of said provision shall be construed, to the extent feasible, so as to render the provision enforceable, such term, condition or provision shall be severed from the remaining terms, conditions and provisions, which remaining terms shall continue to be valid and enforceable to the fullest extent permitted by law.11.8. Entire Agreement; Modification and Amendment; Headings. These Terms and Conditions together with the Orders and any exhibits, schedules or addenda attached hereto or to the Orders, contain the entire agreement of the parties with respect to the subject matter of the Agreement and supersede all previous or contemporaneous communications, representations, understandings and agreements, either oral or written, between the parties. This Agreement may not be altered, modified, amended, changed, rescinded or discharged in whole or in part, except by written agreement executed by authorized officers of both Customer and H1.11.9. No Third-Party Beneficiaries. The parties agree and acknowledge that the Agreement is not made for the benefit of any third-party. Nothing in the Agreement, whether expressed or implied, is intended to confer upon any person other than the parties hereto and their respective heirs, representatives, successors and permitted assigns, any rights or remedies under or by reason of the Agreement, nor is anything in the Agreement intended to relieve or discharge the liability of either party hereto.11.10. Relationship of Parties. The parties are independent contractors and not the franchisee, partner, or agent of each other. Neither party shall have the right to make any representations on behalf of the other.11.11. Standard Terms of Customer. No terms, provisions or conditions of any purchase order, acknowledgement or other business form that Customer or H1 may use in connection with the acquisition or licensing of the Services and/or Product Data shall have any effect on the rights, duties or obligations of the parties hereunder, or otherwise modify, the Agreement, regardless of any failure of Customer or H1 to object to such terms, provisions or conditions. Customer shall, and hereby does, waive, and agree to indemnify H1 from and against, any claim, demand or cause of action that is inconsistent with the foregoing.11.12. Counterparts. The Agreement may be executed in counterparts, each of which so executed shall be deemed to be an original and such counterparts together shall constitute one and the same agreement. Facsimile signatures on counterparts of the Agreement will be deemed original signatures.11.13. Governing Law and Venue. This Agreement and any action related thereto shall be governed and interpreted by and under the laws of the State of New York, without regard to the application of conflicts of law principles that require the application of the law of a different jurisdiction. Each party hereby expressly consents to the personal jurisdiction and venue in the state and federal courts located in New York, New York for any lawsuit filed there against such party by the other party arising from or related to this Agreement. The United Nations Convention on Contracts for the International Sale of Goods does not apply to this Agreement.11.14. Recruitment of Personnel. During the Term of the Agreement and for a period of one (1) year thereafter, neither H1 nor Customer will solicit, recruit, hire, employ or contract with directly or indirectly any employee(s) of the other party, and will not hire, employ or contract with directly or indirectly any former employee(s) of the other party for a period of one hundred twenty (120) days following termination of such employee’s employment without the other party’s prior written consent, not to be unreasonably withheld. The preceding sentence does not, however, prohibit either party from (a) making general solicitations for employment by means of advertisements, public notices, or internal or external websites, job search engines or other means that are customarily used for such purpose that are not directed at the other party’s employees, or (b) hiring individuals who respond thereto or contact such party of their own initiative, in each case without encouragement by such party, or on its behalf.

    11.15 Export Control. Customer may not use or otherwise export or re-export the H1 Properties except as authorized by United States law and the laws of the jurisdiction(s) in which the H1 Properties were obtained. In particular, but without limitation, the H1 Properties may not be exported or re-exported (a) into any U.S. embargoed countries or (b) to anyone on the U.S. Treasury Department’s list of Specially Designated Nationals or the U.S. Department of Commerce Denied Persons List or Entity List or any other restricted party lists. By using the H1 Properties, Customer represents and warrants that it is not located in any such country or on any such list, and will not use H1 Properties for any purposes prohibited by U.S. or other applicable law.

EXHIBIT A

‍UPTIME AND SUPPORT RESPONSE COMMITMENTS

Uptime Commitment

H1 will use commercially reasonable efforts to provide 99.99% uptime with respect to the Customer’s Services during each calendar quarter of the Term, excluding Permitted Downtime (the “Uptime Commitment”). “Permitted Downtime” shall mean any: (i) regularly scheduled maintenance times, (ii) delays or outages caused by (a) any acts or omissions by Customer that are not in accordance with this Agreement, including without limitation, any negligence, willful misconduct or use of the Services in breach of this Agreement or (b) third party platforms, (iii) holidays and weekends, (iv) maintenance or revisions requested by Customer, and (iv) force majeure events (as described in Section 11.5) Maintenance is regularly scheduled if it is communicated in accordance with the notice section set forth below at least two (2) full business days in advance of such Maintenance. Regularly scheduled maintenance typically is communicated at least a week in advance, scheduled to occur at night on the weekend, and takes less than sixty (60) hours each quarter. H1 hereby provides notice that every Saturday night 11:30pm – 3:00am Eastern Time is reserved for routine scheduled maintenance, as needed.

If in any calendar quarter this Uptime Commitment is not met by H1 and Customer was negatively impacted (i.e., attempted to log into or access the Services and failed due to downtime, other than the Permitted Downtime), H1 shall provide, as the sole and exclusive remedy, a service credit equal to 1/30th of the subscription fee for the month in which the Uptime Commitment is not met for each day or portion thereof of unavailability.‍

Credit Request‍

In order to receive a credit under this Uptime Commitment, Customer must request it simply by emailing H1 at [email protected], within five (5) days of the end of the applicable quarter. If Customer submits a credit request and does not receive a prompt automated response indicating that the request was received, Customer must resubmit the request because the submission was not properly received and will not result in a credit. Customers who are past due or in default with respect to any payment or any material contractual obligations to H1 are not eligible for any credit under this Exhibit A. Service credits are applicable only to future invoices and are not refundable or retroactively applicable. The service credit is valid for up to two (2) years from the quarter for which the credit was issued. H1 shall calculate any service level downtime using H1’s system logs and other records.

Customer Support Packages and Response Time

H1 provides customer support as listed below. The applicable Support Package is indicated in each Order.

‍

Processing Time for Client-Provided Lists: (i) Forty-five (45) days from receipt by H1 in U.S. and EU5 where list contains 2,500+ entries; (ii) Sixty (60) days from receipt by H1 in China, Japan, and Taiwan where list contains 500+ entries; (iii) Sixty (60) days from receipt by H1 for all other countries or regions where list contains 2,500+ entries.
‍

Exhibit B‍

Data Processing Addendum

‍This Data Processing Addendum (“DPA“) forms part of and is incorporated into the terms and conditions of the H1 Software Subscription Services Agreement (“Agreement“) between H1 and the party identified as “Customer” in the Agreement. All capitalized terms not defined in this DPA shall have the meanings set forth in the Agreement. This DPA sets forth the parties’ obligations with respect to the processing of Personal Data (as defined below) by the parties in connection with the Agreement.

Customer enters into this DPA on behalf of itself and, to the extent required under Applicable Data Protection Laws, in the name and on behalf of its Affiliates permitted to use the Services pursuant to the Agreement and provided that such Affiliates have not entered into their own separate “Agreement” with H1. For the purposes of this DPA only, and except where indicated otherwise, the term “Customer” shall include Customer and such Affiliates.

The parties agree as follows:

1. Definitions“Applicable Data Protection Laws” means any laws, regulations and other legal requirements enacted in Europe and the United States applicable to the processing of the Personal Data in question, including where applicable: (i) European Data Protection Laws; and (ii) the California Consumer Privacy Act of 2018, Cal. Civ. Code 1798.100 et seq, and its implementing regulations (“CCPA‘”); in each case as may be amended from time to time.”Europe” means the member states of the European Economic Area, Switzerland and the United Kingdom.”European Data Protection Laws” means: (i) the EU General Data Protection Regulation 2016/679 (“GDPR“); (ii) any applicable national implementations of the GDPR; (iii) the UK General Data Protection Regulation, Data Protection Act 2018 and any other laws relating to data and privacy as a consequence of the United Kingdom leaving the European Union (“UK Data Protection Laws“); and (iv) the Swiss Federal Data Protection Act of 19 June 1992 and its corresponding ordinances (“Swiss DPA“).‍”Personal Data” means any Customer Data or Product Data that is protected as “personal data”, “personal information” or “personally identifiable information” under Applicable Data Protection Laws.‍‍‍”Security Incident” means any breach of security that leads to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or access to Customer Personal Data transmitted, stored or otherwise processed by H1 and/or its Sub-processor’s in connection with the provision of the Services. “Security Incident” shall not include unsuccessful attempts or activities that do not compromise the security of Customer Personal Data, including unsuccessful log-in attempts, pings, port scans, denial of service attacks, and other network attacks on firewalls or networked systems.”Standard Contractual Clauses” means the standard contractual clauses annexed to the European Commission’s Implementing Decision 2021/914 of 4 June 2021, a copy of which is available at: https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32021D0914&from=EN”Sub–processor” means any processor engaged by H1 or its Affiliates that processes Customer Data and which assists H1 in fulfilling its obligations with respect to providing the Services pursuant to the Agreement and this DPA. Sub-processors may include third parties or H1 Affiliates but shall exclude any H1 employee, contractor or consultant.The terms “controller”, “processor” and “processing” shall have the meanings given to them in European Data Protection Laws, and “process”, “processes” and “processed” shall be interpreted accordingly, and the terms “business” and “service provider” shall have the meanings given to them in the CCPA.
2. Scope and Applicability of this DPA
   2.1 Scope. This DPA applies only where and to the extent that either party processes Customer Data or Product Data that is Personal Data in connection with the Agreement.2.2 Role of the parties. The parties acknowledge and agree that (i) except as otherwise agreed in the Agreement, Customer is a controller or business (as applicable) of Customer Data and H1 shall process Customer Data as a processor or service provider (as applicable) on behalf of Customer; and (ii) each party is a business or controller (as applicable) of Product Data that it processes in connection with the Agreement. The details of such processing activities are further described in Annex A of this DPA. Any processing of Personal Data by either party under or in connection with the Agreement shall be performed in accordance with the Agreement (including this DPA) and Applicable Data Protection Laws. 
3. Processor Terms
   3.1 Applicability. The terms in this Section 3 (including the Standard Contractual Clauses, where applicable) shall apply only to the extent that H1 processes Customer Data in connection with the Agreement as a processor or service provider (as applicable).3.2 Customer Responsibilities. Customer is responsible for the lawfulness of Customer Data processing under or in connection with the Agreement. Customer represents and warrants that (i) it has provided, and will continue to provide, all notice and it has obtained, and will continue to obtain, all consents, permissions and rights necessary under applicable laws, including Applicable Data Protection Laws, for H1 to lawfully process Customer Data for the purposes contemplated by the Agreement (including this DPA); (ii) it has complied with all Applicable Data Protection Laws in the collection and provision to H1 and its Sub-processors of Customer Data; and (iii) it shall ensure its processing instructions to H1 comply with applicable laws, including Applicable Data Protection Laws, and that the processing of Customer Data by H1 in accordance with Customer’s instructions will not cause H1 to be in breach of applicable laws.3.3 Processing Instructions. As a processor or service provider (as applicable) of Customer Data, H1 shall only process Customer Data in accordance with Customer’s documented lawful instructions and shall not (i) process, collect, retain, use or disclose Customer Data for any purposes, including its own commercial purposes, other than for the purposes described in this DPA; or (ii) sell Customer Data without Customer’s prior written consent. The parties agree that the Agreement (including this DPA) sets out the Customer’s complete and final instructions to H1 in relation to the processing of Customer Data and processing outside the scope of these instructions (if any) shall require prior written agreement between Customer and H1. Without prejudice to Section 3.1 (Customer Responsibilities), H1 shall notify Customer in writing, unless prohibited from doing so under applicable laws, if it becomes aware or believes that any processing instruction from Customer violates applicable laws. H1 shall not sell Customer Data or otherwise disclose Customer Data for monetary or other valuable consideration. Notwithstanding anything to the contrary in the Agreement, the parties acknowledge and agree that H1’s access to Customer Data does not constitute part of the consideration exchanged by the parties in respect of the Agreement.3.4 Sub–processors. Customer agrees that H1 may engage Sub-processors to process Customer Data on Customer’s behalf. H1 shall (i) enter into a written agreement with each Sub-processor imposing data protection terms that require the Sub-processor to protect Customer Data to the standard required by Applicable Data Protection Laws; (ii) remain responsible for its compliance with the obligations under this DPA and for any acts or omissions of its Sub-processors that cause H1 to breach its obligations under the DPA; notify Customer of the engagement of any new Sub-processors at least 15 days prior to such engagement. Where applicable, Customer acknowledges that H1 may be prevented from disclosing Sub-processor agreements to Customer under the Standard Contractual Clauses due to confidentiality reasons, but H1 shall make reasonable efforts to make available all relevant information about such agreements that Customer reasonably requests.3.5 Objection to Sub–processors. To the extent Customer Data is protected by European Data Protection Laws, Customer may object in writing to H1’s appointment of a new Sub-processor on reasonable grounds relating to data protection by notifying H1 promptly in writing within five (5) calendar days of receiving notice from H1, such notice to explain the reasonable grounds for the objection. The parties shall discuss such concerns in good faith with a view to achieving commercially reasonable resolution and, if no such resolution can be reached, H1 will, at its sole discretion, either not appoint Sub-processor, or permit Customer to suspend or terminate the affected Services in accordance with the termination provisions in the Agreement without liability to either party (but without prejudice to any fees incurred by Customer prior to suspension or termination).3.6 Security Measures. H1 shall implement and maintain appropriate technical and organizational security measures designed to protect Customer Data from Security Incidents and to preserve the security and confidentiality of the Customer Data as set out in Annex B (“Security Measures“). H1 shall ensure that any person who is authorized by H1 to process Customer Data shall be under an appropriate obligation of confidentiality (whether a contractual or statutory duty). Notwithstanding the foregoing, Customer agrees that except as provided by this DPA, Customer is responsible for its secure use of the Services, including securing its account authentication credentials, protecting the security of Customer Data when in transit to and from the Services and taking any appropriate steps to securely encrypt or backup any Customer Data processed in connection with the Services. Customer acknowledges that the Security Measures are subject to technical progress and development and that H1 may update or modify the Security Measures from time to time provided that such updates and modifications do not result in the degradation of the overall security of the Services purchased by the Customer.3.7 Security Incidents. Upon becoming aware of a Security Incident involving Customer Data, H1 shall notify Customer without undue delay and shall provide timely information relating to the Security Incident as it becomes known or as is reasonably requested by Customer.3.8 Security Audits. On written request from Customer, H1 shall provide written responses (on a confidential basis) to all reasonable requests for information made by Customer related to its processing of Customer Data, including responses to information security and audit questionnaires that are necessary to confirm H1 compliance with this DPA, provided that Customer shall not exercise this right more than once in any twelve (12) month rolling period. Notwithstanding the foregoing, Customer may also exercise such audit right in the event Customer is expressly requested or required to provide this information to a data protection authority, or H1 has experienced a Security Incident, or another reasonably similar basis. Where applicable, Customer agrees that it shall exercise its audit rights under the Standard Contractual Clauses in accordance with this Section 3.8.3.9 Deletion. Upon termination or expiry of the Agreement, H1 shall delete all Customer Data (including copies) in its possession or control in accordance with the Agreement, save that this requirement shall not apply to the extent H1 is required by applicable law to retain some or all of the Customer Data, or to Customer Data that it has archived on back-up systems, which data H1 shall securely isolate and protect from any further processing and delete in accordance with its deletion practices, except to the extent required by applicable law.3.10 Subpoenas and Court Orders. If a law enforcement agency sends H1 a demand for Customer Data (for example, through a subpoena or court order), H1 shall give Customer reasonable notice of the demand to allow Customer to seek a protective order or other appropriate remedy unless H1 is legally prohibited from doing so.
4. Controller Terms
   4.1 Applicability. The terms in this Section 4 (including the Standard Contractual Clauses, where applicable) shall apply only to the extent that H1 processes Personal Data in connection with the Agreement as a controller or business (as applicable).4.2 Compliance with Law. Each party shall be individually and separately responsible for complying with the obligations that apply to it as a controller or a business (as applicable) of Personal Data processed under the Agreement and except as otherwise expressly agreed in writing, neither party shall be responsible for the other party’s compliance with Applicable Data Protection Laws with respect to the processing of Personal Data as a controller or a business. In particular, each party shall be individually responsible for ensuring that its processing of Personal Data is lawful, fair and transparent, and shall make available to individuals a privacy statement that fulfills the requirements of Applicable Data Protection Laws.4.3 Purpose Limitation. Each party shall process Personal Data it receives from the other party in connection with the Agreement only for the purposes described in the Agreement or as otherwise expressly agreed between the parties in writing and in accordance with Agreement (including this DPA). Each party may only process such Personal Data for new or different purposes with the disclosing party’s prior written consent or with the consent of the individuals that are subject of the Personal Data.
   ‍
5. International Transfers5.1 Transfers of Customer Data. Where H1 is a recipient of Customer Data protected by the GDPR in a country not recognized as providing adequate protection for Personal Data by the European Commission, the Standard Contractual Clauses shall be incorporated in full by reference and form an integral part of this DPA as follows:
   ‍
   a) Customer is the ‘data exporter’ and H1 is the ‘data importer’;
   b) the Module Two (controller to processor) terms are selected;
   c) in Clause 7, the optional docking clause applies;
   d) in Clause 9, Option 2 applies and the time period for notice of changes to Sub-processors is as agreed under Section 3.4 of this DPA;
   e) in Clause 11, the optional language is deleted;
   f) in Clause 13 and for the purposes of Annex I(c), the ‘competent supervisory authority’ is the authority of the EU member state where Customer is established or, if Customer is not established in the EU, the authority in the EU member state where Customer’s EU representative has been appointed or where the data subjects relevant to the transfer are located;
   g) in Clause 17, Option 1 applies and the Standard Contractual Clauses are governed by Irish law;
   h) in Clause 18(b), disputes shall be resolved before the courts of the Republic of Ireland; and
   i) Annex I(b) and Annex II shall be deemed completed with the information set out in Annex A and Annex B of this DPA respectively.
   ‍
   5.2 Transfers of Product Data. Where Customer is a recipient of Product Data protected by the GDPR in a country not recognized as providing adequate protection for Personal Data by the European Commission, the Standard Contractual
   ‍
   a) H1 is the ‘data exporter’ and Customer is the ‘data importer’;
   b) the Module One (controller to controller) terms are selected;
   c) in Clause 7, the optional docking clause applies;
   d) in Clause 11, the optional language is deleted;
   e) in Clause 13 and for the purposes of Annex I(c), the ‘competent supervisory authority’ is Lionheart Squared Ltd.;
   f) in Clause 17, Option 1 applies and the Standard Contractual Clauses are governed by [Irish] law;
   g) in Clause 18(b), disputes shall be resolved before the courts of [the Republic of Ireland]; and
   h) Annex I(b) shall be deemed completed with the information set out in Annex A of this DPA and Annex II shall be deemed completed with relevant information from Customer’s security policies.
   ‍
   5.3 UK and Swiss Transfers. Where either party is a recipient of Personal Data protected by UK Data Protection Laws or the Swiss DPA in a country not recognized as providing adequate protection for Personal Data by the UK or Swiss authorities (as applicable), the Standard Contractual Clauses shall be incorporated in full by reference and form an integral part of this DPA in accordance with Sections 5.1 and 5.2 above and the following modifications (i) references to ‘Regulation (EU) 2016/679’ are interpreted as references to UK Data Protection Laws or the Swiss DPA (as applicable); (ii) references to specific articles of ‘Regulation (EU) 2016/679’ are replaced with the equivalent article or section of UK Data Protection Laws or the Swiss DPA (as applicable); (iii) references to ‘EU’, ‘Union’ and ‘Member State’ are replaced with ‘United Kingdom’ or ‘Switzerland’ (as applicable); (iv) Clause 13(a) and Part C of Annex 2 are not used and the ‘competent supervisory authority’ is the United Kingdom Information Commissioner or Swiss Federal Data Protection Information Commissioner (as applicable); (v) references to the ‘competent supervisory authority’ and ‘competent courts’ are replaced with the ‘United Kingdom Information Commissioner’ and ‘courts of England and Wales’ or the ‘Swiss Federal Data Protection Information Commissioner’ and ‘applicable courts of Switzerland’ (as applicable); (vi) in Clause 17, the Standard Contractual Clauses are governed by the laws of England and Wales or Switzerland (as applicable); and (vii) in Clause 18(b), disputes shall be resolved before the courts of England and Wales or Switzerland (as applicable).5.4 Alternate Transfer Mechanisms. To extent that and for so long as the Standard Contractual Clauses as implemented in accordance with Section 5.2 cannot be relied on to lawfully process Personal Data in compliance with UK Data Protection Laws and/or the Swiss DPA, the applicable standard data protection clauses issued, adopted or permitted under UK Data Protection Laws and/or the Swiss DPA (as applicable) shall be incorporated by reference, and the annexes, appendices or tables of such clauses shall be deemed populated with the relevant information set out in Annex A and Annex B of this DPA. Additionally, to the extent H1 adopts an alternative data export mechanism (including any new version of or successor to the Standard Contractual Clauses adopted pursuant to European Data Protection Laws) for the transfer of Personal Data (“Alternative Transfer Mechanism”), the Alternative Transfer Mechanism shall, upon notice to Customer, automatically apply instead of any applicable transfer mechanism described in this DPA (but only to the extent such Alternative Transfer Mechanism complies with applicable European Data Protection Laws and extends to territories to which the Personal Data is transferred).
6. Cooperation6.1 Requests and Correspondence. The parties shall, on request, provide each other with all reasonable and timely assistance and cooperation (at their own expense) to enable the other party to comply with its respective obligations under Applicable Data Protection Laws, including to respond to: (i) a request from an individual seeking to exercise their rights under Applicable Data Protection Laws in respect of Personal Data processed by the other party (a “Request“); and (ii) any other correspondence, inquiry or complaint received from an individual, regulator or other third party in connection with the processing of Personal Data by the other party (“Correspondence“). Each party shall promptly inform the other if it receives a Request or Correspondence relating to the processing of Personal Data conducted by the other party. Where H1 is acting as a processor or service provider (as applicable) under this DPA and it receives a Request or Correspondence directly, it shall not respond to such Request or Correspondence without Customer’s prior authorization except to direct the requestor (where appropriate) to H1, unless legally compelled to do so.
   ‍
   
7. Limitation of Liability
   7.1 Each party’s and all of its Affiliates’ liability, taken together in the aggregate, arising out of or related to this DPA (including the Standard Contractual Clauses) whether in contract, tort (including negligence) or under any other theory of liability, shall be subject to the limitations and exclusions of liability in the Agreement, and any reference in provisions to the liability of a party means the aggregate liability of that party and all of its Affiliates under and in connection with the Agreement and this DPA together. In no event shall either party exclude or limit their liability to data subjects under Applicable Data Protection Laws or, where applicable, the Standard Contractual Clauses.7.2 Except where Applicable Data Protection Laws require a Customer Affiliate to exercise a right or seek any remedy under this DPA against H1 directly by itself, the parties agree that (i) solely the Customer entity that is the contracting party to the Agreement shall exercise any right or seek any remedy any Customer Affiliate may have under this DPA on behalf of its Affiliates, and (ii) the Customer that is the contracting party to the Agreement shall exercise any such rights under this DPA not separately for each Affiliate individually but in a combined manner for all of its Affiliates together.
8.  Miscellaneous8.1 Except for the changes made by this DPA, the Agreement remains unchanged and in full force and effect. If there is any conflict between this DPA and the Agreement, this DPA shall prevail to the extent of that conflict.8.2 It is not the intention of either party, nor the effect of this DPA, to contradict or restrict any of the provisions set forth in the Standard Contractual Clauses. Accordingly, if and to the extent the Standard Contractual Clauses conflict with any provision of this DPA, the relevant clauses of the Standard Contractual Clauses (as applicable) shall prevail to the extent of such conflict.8.3 This DPA shall be governed by and construed in accordance with the law and jurisdiction provisions in the Agreement, unless required otherwise by Data Protection Laws or the Standard Contractual Clauses.

Annex A – Details of Processing

Customer Data

‍(a) List of Parties:

(i.) Data Exporter: Customer, Address and Contact details: As specified in the relevant Order; Activities relevant to the transfer: Receiving the Services pursuant to the Agreement; Role: Controller.

(ii.) Data Importer: H1 Insights, Inc.; Address and Contact details: 386 Park Avenue South, 5th Fl., New York, NY 10016, United States Attn: Chief Information Security Officer, [email protected]; Activities relevant to the transfer: Provision of the Services pursuant to the Agreement; Role: Processor.‍

(b) Categories of data subjects. Data subjects include individuals about whom data is provided to H1 via the Services (by or at the direction of) Customer, which may include personal data relating to contacts, collaborators, partners, leaders and prospects of Customer (each a “Contact“).

(c) Categories of personal data: Customer may submit Customer Data to H1, the extent of which is determined and controlled by the Customer in its sole discretion, and which may include, but is not limited to personal data relating to the following categories:

(i.) Contact information (such as a Contact’s name, business email address, postal address, phone number, fax number);

(ii.) Professional details (such as a Contact’s position, title, education, degree, specialties, studies the Contact has participated in, grant details);

(iii.) Content the Contact has published.

(d) Sensitive data and applied restrictions or safeguards: N/A

(e) Frequency: Continuous.

(f) Nature and purposes: Customer Data will be processed in accordance with the Agreement (including this DPA) and for the following purposes: (i) processing to provide the Services in accordance with the Agreement; (ii) processing to perform any steps necessary for the performance of the Agreement; (iii) processing initiated by Customer in its use of the Services; and (iv) processing to comply with other reasonable instructions provided by Customer (e.g. via email or support tickets) that are consistent with the terms of the Agreement. Customer Data will be processed in accordance with the Agreement (including this DPA) and may be subject to the following processing activities: (i) storage and other processing necessary to provide, maintain and improve the Services (as applicable) provided to Customer; and/or (ii) disclosures in accordance with the Agreement and/or as compelled by applicable laws.

(g) Subject matter: Customer Data that is submitted by Customer to H1.

(h) Duration and retention period: The Term plus the period from the expiry of the Term until deletion of the Customer Data by H1 in accordance with the Agreement.

‍Product Data

‍(a) List of Parties:‍

i.) Data Exporter: H1 Insights, Inc.; Address and Contact details: 386 Park Avenue South, 5th Fl., New York, NY 10016, United States Attn: Chief Information Security Officer, [email protected]; Activities relevant to the transfer: Provision of the Services pursuant to the Agreement; Role: Processor.

(ii.) Data Importer: Customer, Address and Contact details: As specified in the relevant Order; Activities relevant to the transfer: Receiving the Services pursuant to the Agreement; Role: Controller.

(b) Categories of data subjects. Data subjects include individuals about whom data is provided to Customer via the Services, which may include personal data relating to potential contacts, collaborators, partners, leaders and prospects of Customer (each an “Expert“).

(c) Categories of personal data: Product Data may include, but is not limited to, personal data relating to the following categories of personal data:

(i.) Professional contact information (such as an Expert’s name, business email address, postal address, phone number, fax number);

(ii.) Professional details (such as a Prospect’s position, title, education, degree, specialties, studies the Expert has participated in, grant details);

(iii.) Content the Expert has published.

(d) Sensitive data and applied restrictions or safeguards: N/A

(e) Nature and Purposes: Product Data will be processed in accordance with the Agreement (including this DPA) and for the following purposes: (i) processing to provide the Services in accordance with the Agreement; (ii) processing to perform any steps necessary for the performance of the Agreement; (iii) processing initiated by Customer in its use of the Services; (iv) processing for the parties’ respective legitimate business purposes; and (v) processing by H1 to operate, maintain and improve its products and services. Product Data will be processed in accordance with the Agreement (including this DPA) and may be subject to the following processing activities: (i) storage and other processing necessary to provide, maintain and improve the Services (as applicable) provided to Customer and H1’s broader produce and services; and/or (ii) disclosures in accordance with the Agreement and/or as compelled by applicable laws.

(f) Frequency: Continuous.

(g) Duration and retention period: Product Data will be processed and retained by the parties in accordance with the parties’ respective data retention policies and procedures.
‍

Annex B – Technical and Organizational Measures

‍H1 uses reasonable and appropriate technical and organizational measures as set forth in the Agreement and described in further detail below:

‍

EXHIBIT C

DATA USAGE ADDENDUM

This Data Usage Addendum (“DUA”) forms part of and is incorporated into the terms and conditions of the H1 Software Subscription Services Agreement (“Agreement”) between H1 and the party identified as “Customer” in the Agreement.

1. LICENSE TO CUSTOMER. H1 grants to Customer a nonexclusive, royalty-free, non-transferable, non-sublicensable, revocable right and license to use the data specified in the Agreement (“Data Feed”) for the sole purpose of [identifying and profiling healthcare professional opinion leaders (“HCPs” and each, individually, an “HCP”)], subject to the use restrictions set forth in the Agreement and this DUA. In the course of HCP identification, Customer may download or otherwise retain any work product it creates that combines electronic data or information provided by Customer (“Customer Data”) with the Data Feed (“Customer Derived Work”). To the extent Customer Derived Work incorporates or embodies the Data Feed or other Supplier intellectual property, Supplier grants to Customer a perpetual, nonexclusive, royalty-free, non-transferable, non-sublicensable right.

2. LICENSE TO SUPPLIER. Customer grants to Supplier a non-exclusive, royalty-free, non-transferable, perpetual license to access and incorporate into the H1 database Customer Data shared pursuant to this DUA. Supplier may collect, use, store, adapt, analyze, and create derivative works from Customer Data (“Supplier Derived Work”) in an aggregate or anonymized manner for its own legitimate business purposes. Supplier shall own all right, title, and interest in and to Supplier Derived Work.

3. RESTRICTIONS. Customer shall not, and shall not permit any employee or third party, to: (a) sell, offer for sale, distribute, sublicense, disclose, transfer, or otherwise make available the Data Feed to any third party (including in a service-bureau or timesharing agreement); (b) interfere with or disrupt the integrity or performance of the Data Feed; (c) reverse engineer, disassemble, or decompile the Data Feed; (d) modify, copy, or make derivative works based on the Data Feed other than as provided for in this DUA; (e) use Supplier’s Data Feed to store or transmit any virus or other malicious code or any infringing, libelous or otherwise unlawful or tortious material, or to store or transmit material in violation of third-party privacy rights; (f) attempt to gain unauthorized access to Supplier computer systems or networks; (g) use the Data Feed to create a product or service that competes with, is similar to, or would serve as a substitute for, Supplier’s products, services, and/or offerings; or (h) use the Data Feed in any manner that would identify or re-identify individuals in violation of any applicable law; or (i) use the Data Feed in any other unlawful manner or any manner that exceeds the scope of uses permitted under this DUA. Without prejudice to any other Supplier rights provided for in the Agreement, in the event Customer violates any terms herein, Customer shall defend, indemnify and hold harmless H1 and its officers, directors, employees and representatives from and against any claims, losses, costs, and expenses arising therefrom.

4. TERM AND TERMINATION. (a) Unless sooner terminated pursuant to any other agreement between the parties, the Agreement and this DUA shall remain in full force and effect through the Term. (b) Upon termination or expiration of the Agreement, (i) all rights and licenses granted to Customer will immediately cease unless otherwise provided for herein, and (ii) Customer will make no further use of the Data Feed and will immediately either destroy or permanently erase data from the Data Feed under Customer’s control. Within seven (7) days of the Agreement’s termination, Customer shall submit to H1 a certification, signed by its general counsel or another appropriate company executive, that it has complied with its post-termination obligations.

5. DATA FEED DISCLAIMER. THE DATA FEED IS PROVIDED ON AN “AS IS,” “AS AVAILABLE” BASIS. TO THE FULLEST EXTENT PERMISSIBLE PURSUANT TO APPLICABLE LAW, SUPPLIER MAKES NO WARRANTY OR GUARANTEE, EXPRESS OR IMPLIED, RELATING TO THE DATA FEED, INCLUDING, BUT NOT LIMITED TO, ANY IMPLIED WARRANTIES OF MERCHANTABILITY, SATISFACTORY QUALITY, NON-INFRINGEMENT, AND/OR FITNESS FOR A PARTICULAR PURPOSE.

6. NO MEDICAL ADVICE. H1 makes the Services available solely for the business and informational purposes stated herein. H1 Services are not intended to be substituted for professional medical advice, treatment, or services, and H1 is not authorized or licensed to provide, and does not engage in providing, medical advice. Nothing contained in or proved through the Services shall be construed as the provision by H1 of medical advice.

Exhibit D

ADDITIONAL TERMS AND SCOPE LIMITATIONS APPLICABLE TO MCH DATA

‍1.1. “MCH Data” means the following datasets which are provided to Customer via the Service pursuant to the Order Form: MCH Hospitals and MCH Medical Practices

1.2. “Internal Marketing Use” means the use of the MCH Data is restricted to the sole benefit of Customer’s own direct marketing purposes or internal marketing analysis work. The marketing of Customer products by direct mail use, email campaign use, telemarketing use, social media use, e-commerce use and other valid marketing endeavors are understood to be included as part of this definition and therefore allowable activities, as long as they are for the sole benefit of Customer. The resale, rental or allowing free public access to the MCH Data by Customer is not permitted under this meaning.

Customer may only use the MCH Data solely for Customer’s Internal Marketing Use. Customer agrees that the MCH Data is proprietary, copyrighted work of MCH and contains compilations of original authorship containing confidential information that does derive independent economic value, actual or potential, from not being generally known. Customer agrees that it will not commit or permit any act or omission by its agents, employees, or a third party that would impair MCH’s copyright or other proprietary rights in the MCH Data.

MCH Data can be used in an unlimited number of campaigns for the Order Term as long as all the uses are for Internal Marketing Use only.

Customer Compliance with Laws

MCH Data may only be used for lawful purposes and Customer is expressly prohibited from using the MCH Data in any unlawful manner. Customer acknowledges that (a) it is a violation of Federal and state law to send unsolicited advertisements to a fax machine or an opted-out e-mail address, and (b) anyone violating those laws may be subject to civil and criminal penalties. Customer further acknowledges that MCH Data has not processed any content or information contained in or provided in connection with the MCH Data against Federal or State “Do Not Call Lists” or Customer’s internal do-not-call list, and Customer is responsible for all such processing. Customer represents, warrants and covenants that it complies with, and will continue to comply with, all applicable Federal and State laws and when using the MCH Data, including but not limited to any laws relating to the transmission of unsolicited advertisements, do-not-call lists, telemarketing, sweepstakes, direct mail commerce, copyright or privacy.‍

MCH Warrants

MCH warrants to Customer that: (1) MCH owns, or has a valid license from any third party(s) to provide the MCH Data as stated herein; (2) MCH possesses a valid compilation copyright therein, and has the right to license the MCH Data therein; (3) the MCH Data and all components and elements thereof including, but not limited to, the methods, processes and documentation relating to compiling and storing the MCH Data such as scripts, programs, data dictionaries, directories, data base building instructions and other documentation related to the MCH Data does not infringe any other party’s copyright, patent, trade mark, trade secret or other proprietary right; (4) the information included in the MCH Data has been acquired legally, does not infringe any other party’s copyright, patent, trade mark, trade secret or other proprietary right and does not violate any law of the United States, or any state, municipal or local government, or violate any of the European Union GDPR regulations (5) the MCH Data have been adequately compiled and formatted, and the license conveyed herein does not violate any law of the United States or any state, municipal or local government or the European Union GDPR regulations.

EXCEPT AS OTHERWISE AGREED TO IN A WRITING SIGNED BY MCH, MCH DOES NOT MAKE ANY WARRANTY, EITHER EXPRESS OR IMPLIED (IN LAW OR IN FACT), AND HEREBY DISCLAIMS ANY AND ALL IMPLIED WARRANTIES, AS TO THE QUALITY, PERFORMANCE, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE OF ANY MCH DATA. IN ADDITION, MCH DOES NOT REPRESENT OR WARRANT (A) THE ACCURACY OR TIMELINESS OF THE MCH DATA, (B) THAT THE MCH DATA WILL ACHIEVE ANY PARTICULAR RESULTS, OR (C) THAT ANY DEFECTS IN THE MCH DATA WILL BE CORRECTABLE OR CORRECTED. THE MCH DATA IS FURNISHED “AS IS” AND “WITH ALL FAULTS” AND THE ENTIRE RISK AS TO SATISFACTORY QUALITY AND ACCURACY REGARDING THE SAME IS WITH CUSTOMER.
‍

Use of Email Addresses

Customer will comply with the CAN-SPAM Act of 2003 (“CAN-SPAM Act”), including, but not limited to, the provisions for commercial email messages. These provisions require the Customer to include a clear and conspicuous notice that the message is an advertisement or solicitation, provide the recipient with the ability to opt-out of receiving future solicitation emails from the Customer, and provide a valid physical postal address. Customer will process such opt-out requests as provided by the CAN-SPAM Act or applicable state law, whichever is stricter.MCH will warrant, protect, and hold harmless any actions against Customer based on complaints that provided emails were in violation of trademark, patent, copyright materials, or gathered in a non CAN-SPAM compliant manner. Customer will hold MCH harmless if they have withheld any opt-out information that resulted in actions against the Customer by an email recipient or government agency. Customer acknowledges and agrees that MCH, Inc. is a third party beneficiary of this Exhibit C.