Details on our Master Services Agreement for the Directus Enterprise Cloud offering.
Revised January 26, 2024
Proprietary & Confidential: The enclosed material is proprietary to Monospace Inc. The material presented in this document may not be disclosed in any manner to anyone other than the addressee(s) and employees or authorized representatives of the Client.
This Enterprise Cloud Master Services Agreement (“Agreement”) is by and between the client identified on the signature page hereto or the Service Order to which this Agreement constitutes an attachment (“Client” or “you”), and Monospace, Inc. /DBA/ Directus (“Directus” or “Provider”). This Agreement is comprised of the Recitals, the General Terms and Conditions set forth herein and any and all Exhibits that the Parties (as defined below) may agree upon in writing that make reference to this Agreement. When used herein the term “Agreement” is meant to include any and all of the foregoing. If a conflict arises between the General Terms and Conditions set forth below and any Order, attachment, exhibit, or schedule hereto, except with regard to an express amendment to these General Terms and Conditions, the General Terms and Conditions shall take precedence over such other document.
Provider has developed and makes available certain services and other technology for access and use over the internet (the “Cloud Services”), including the following: (i) Directus software-as-a-service products (“Directus Software”), as identified on the Order and which are made available on a hosted basis, (ii) a Server is provisioned on the Host (as defined in Exhibit B) to support the various Cloud Services, (iii) Directus project instances are made available via dedicated URLs, and (iv) a Cloud Service dashboard is made available for organizing client projects, accessing invoices/receipts, monitoring usage, and managing Client’s team members.
In connection with the Cloud Services, Client desires to obtain enterprise level support services as described in Section 6 hereof (“Support Services”). Additionally, Client may desire to obtain certain professional services (the “Professional Services”) from Provider, including, but not limited to, customization, implementation, and training services, all as more particularly described herein and in such written Statements of Work (as defined in Section 3(c)) as the Parties may mutually agree upon. The Cloud Services, Support Services and Professional Services may be referred to herein, collectively, as the “Services.”
During the Term (as defined below), Provider shall provide Client with the Cloud Services identified in one or more service orders in the form set forth in Exhibit A (“Service Orders”). During the Term, Client and Directus may execute one or more statements of work that make reference to this Agreement and shall be incorporated herein (each a “Statement of Work”). The Services Orders and any Statements of Work executed in connection with this Agreement are referred to herein collectively as the “Orders.”
In consideration of the foregoing Recitals (which are incorporated herein) and the mutual covenants and agreements contained herein, the Parties hereto agree as follows:
Term. The term of this Agreement shall commence as of the effective date specified in the first Service Order issued by Client (the “Effective Date”) and shall remain in effect thereafter until terminated as provided herein (the “Term”). The subscription term for any Cloud Service or Support Services shall be as specified in the Service Order, with such renewal provisions as may be specified therein.
Provider; Subcontracting. Provider may, in its discretion, have the Services performed by subcontractors or consultants who are not employees of Provider. Provider shall i) remain responsible for any and all performance required under this Agreement, including, but not limited to, the obligation to properly supervise, coordinate, and perform, all work required hereunder, and no subcontract shall bind or purport to bind Client; (ii) ensure any subcontractors comply with all relevant requirements of this Agreement, including, but not limited to, Sections 12 (Confidentiality) and 13 (Security).
Outsourcing and Other Service Providers of Client. For the avoidance of doubt, the rights granted to Client under this Agreement shall be deemed to include any other Client service provider, contractor, consultant and/or subcontractor working on Client’s behalf (“Client Representatives”), and in no event shall Client be required to obtain any consent from Provider in order for any existing or future Client Representative to exercise the rights granted Client under this Agreement provided that Client shall be responsible for compliance with the terms of this Agreement by all such Representatives.
Parties. Provider and Client may be referred to in this Agreement individually as a “Party” and together as the “Parties.”
Cloud Services. Service Orders that make reference to this Agreement, whether attached at the time of execution hereof, or subsequent thereto, shall become valid and enforceable when executed by the Parties. Client has the non-exclusive, worldwide, limited right to use the Services during the period defined in the Service Order, unless earlier terminated in accordance with this Agreement or the Service Order. Client may allow its Users (as defined below) to use the Services for this purpose, and Client is responsible for their compliance with this Agreement and the Service Order. For purposes of this Agreement, the term “Users” shall mean, with respect to the Services, those employees, contractors, and end users, as applicable, authorized by Client or on Client’s behalf to use the Services in accordance with this Agreement and the Service Order. For Services that are specifically designed to allow Client’s agents, customers, suppliers or other third parties to access the Services to interact with Client, such third parties will be considered “Users” subject to the terms of this Agreement and the Service Order.
Directus Software. Subject to the terms and conditions of this Agreement and payment of the fees set forth in your Service Order, Provider grants Client a non-exclusive, non-sublicensable and non-transferable license to use the Directus Software identified on the Service Order during the applicable License Term in accordance with this Agreement. Except as otherwise expressly permitted in this Agreement, Client shall not: (a) reproduce, modify, adapt or create derivative works of any part of the Directus Software; (b) rent, lease, distribute, sell, sublicense, transfer, or provide access to the Directus Software to a third party (except as contemplated in the Service Order); (c) use the Directus Software for the benefit of any third party (except as contemplated in the Service Order); (d) incorporate the Directus Software into a product or service Client provides to a third party; (e) interfere with or otherwise circumvent mechanisms in the Directus Software intended to ensure adherence to the terms of this Agreement; (f) reverse engineer, disassemble, decompile, translate, or otherwise seek to obtain or derive the source code, underlying ideas, algorithms, file formats or non-public APIs to the Directus Software, except to the extent expressly permitted by applicable law (and then only upon advance notice to us); (g) remove or obscure any proprietary or other notices contained in the Directus Software; (h) use the Directus Software for competitive analysis or to build competitive products; or (i) encourage or assist any third party to do any of the foregoing.
Client Modifications. Subject to the terms and conditions of this Agreement, for any elements of the Directus Software provided in source code form (which election shall be made in Directus’ sole and absolute discretion) and to the extent permitted in the Documentation, Client may modify such source code solely for purposes of developing bug fixes, customizations and additional features for Client’s Project(s). Any modified source code or Documentation constitutes “Client Modifications.” Client may use Client Modifications solely in support of Client’s permitted use of the Cloud Services, but Client may not distribute the code to Client Modifications to any third party. Notwithstanding anything in this Agreement to the contrary, Directus has no support, warranty, indemnification or other obligation or liability with respect to Client Modifications or their combination, interaction or use with Directus Software.
Ownership and Feedback. The Services and Directus Software are made available on a limited license or access basis, and no ownership right is conveyed to Client, irrespective of the use of terms such as “purchase” or “sale.” Directus and its licensors have and retain all right, title and interest, including all intellectual property rights, in and to the Services and the Directus Software. From time to time, Client may choose to submit comments, questions, ideas, suggestions or other feedback relating to the Services or Directus Software to Directus (“Feedback”). Directus may in connection with any of its products or services freely use, copy, disclose, license, distribute and exploit any Feedback in any manner without any obligation, royalty or restriction based on intellectual property rights or otherwise. No Feedback will be considered Client Confidential Information or Client Data, and nothing in this Agreement limits Directus' right to independently use, develop, evaluate, or market products or services, whether incorporating Feedback or otherwise.
System Requirements. Client is solely responsible for ensuring that its systems meet the hardware, software and any other applicable system requirements for the Cloud Services as specified in the Documentation. Directus will have no obligations or responsibility under this Agreement for issues caused by Client’s use of any third-party hardware or software not provided by Directus.
Locally Installed Software. To the extent Provider delivers any software to Client in connection with this Agreement for installation on Client servers, Client will have a non-exclusive license to use such software solely in connection with the Services as contemplated herein and subject to the limitations set forth in this Agreement.
Statements of Work. In addition to the Cloud Services described in the Service Orders, if a Statement of Work is executed between Client and Directus, Provider shall perform those Professional Services, have the obligations to Client, produce and deliver the “Deliverables,” exert commercially reasonable efforts to achieve the “Milestones,” and retain the responsibilities described in such Statement of Work. The terms “Deliverables” and “Milestones” have the meanings set forth in the respective Statement of Work. Statements of Work that make reference to this Agreement, whether attached at the time of execution hereof, or subsequent thereto, shall become valid and enforceable only when mutually executed by the Parties.
Service Levels. In providing the Services, Provider shall use commercially reasonable efforts to achieve the service levels and performance standards (collectively, the “Service Levels”) set forth in Exhibit B (Service Levels and Performance Standards) and the relevant Orders.
Service Monitoring. Provider continuously monitors the Services to facilitate its operation of the Services, to help resolve Client’s service requests, to detect and address threats to the functionality, security, integrity, and availability of the Services as well as any content, data, or applications in the Services, and to detect and address illegal acts or Prohibited Uses. Provider’s monitoring tools do not collect or store any Client Content residing in the Services, except as needed for such purposes. Provider does not monitor, and does not address issues with, non-Directus software provided by Client or any of Client’s Users that is stored in, or run on or through, the Services. Information collected by Provider’s monitoring tools (excluding Client Content) may also be used to assist in managing Provider’s product and service portfolio, to help Provider address deficiencies in Provider’s product and service offerings, and for license management purposes. Provider may (i) compile statistical and other information related to the performance, operation and use of the Services, and (ii) use data from the Services in aggregated and anonymized form for security and operations management, to create statistical analyses, and for research and development purposes (clauses i and ii are collectively referred to as “Service Analyses”). Provider may make Service Analyses publicly available; however, Service Analyses will not incorporate Client Content, Personal Data or Confidential Information in a form that could serve to identify Client or any individual. Provider retains all intellectual property rights in Service Analyses.
Acceptance Criteria. If specified in a Statement of Work, some or all of the Professional Services and Deliverables may be subject to acceptance testing by Client to verify that they satisfy the acceptance criteria mutually agreed to by the Parties in such Statement of Work (the “Acceptance Criteria”). Such Acceptance Criteria shall be based, at a minimum, on conformance of the Professional Services and Deliverables to the specifications set forth in this Agreement, attached Exhibits, relevant Order(s), and, solely to the extent not inconsistent with the foregoing, the Documentation. If a Statement or Work does not provide for Acceptance Criteria, acceptance of Professional Services or a Deliverable will be deemed to have occurred upon the delivery thereof.
Documentation. For purposes of this Agreement, the term “Documentation” shall mean all of Provider’s training course materials, specifications and technical manuals, and all other user instructions regarding the capabilities, operation, and use of the Services, including, but not limited to, online help screens within the Services. Provider shall make available to Client all Documentation relating to the Services. If the Documentation for the Services is revised or supplemented at any time, Provider shall promptly make available or deliver a copy of such revised or supplemental Documentation to Client. Client may, at any time, reproduce copies of all Documentation and other materials provided by Provider, distribute such copies to Client Representatives, and incorporate such copies into its own technical manuals, provided that such reproduction relates solely to Client’s and Client Representatives’ use of the Services as permitted in this Agreement, and all copyright and trademark notices, if any, are reproduced thereon. To the maximum extent available, Provider shall deliver the Documentation in electronic form to Client.
Support Services. Provider shall provide the support services described in this Section, any applicable Orders or any Statement of Work incorporated herein.
Support Responsibilities. In addition to any warranty obligations of Provider hereunder, Provider shall respond to priority levels and use commercially reasonable efforts to achieve the required Service Levels as set forth in Exhibit B (Service Levels and Performance Standards) and Exhibit C (Enterprise Support Agreement).
Provider’s Changes and Upgrades. Provider may from time to time make material enhancements and changes to the Directus Software and the Cloud Services. In the event of such enhancements or changes, (i) the new version of the Directus Software and the Cloud Services will include at least the functionality, level or quality of services that Client previously received and shall continue to comply with all of the requirements of this Agreement, and (ii) Client shall be provided, at least thirty (30) days in advance of any such changes, written notice and a demonstration of such changes. If such advanced demonstration reveals material adverse effects on functionality or operation of the Cloud Services, including, but not limited to, a failure to comply with the requirements of this Agreement, or compatibility with Client’s business or regulatory requirements, including without limitation hardware, software or browser configurations, then Client may in its sole discretion reject such changes and remain on the current version of the Cloud Services for the remainder of the Term and continue to receive Support Services as required hereunder. During the Term, Client shall receive access to all new versions, releases, updates, enhancements of the Directus Software and the Cloud Services at no additional charge. Provider reserves the right to discontinue the sale of, or otherwise “end of life” or render or treat as obsolete, any or all of the Cloud Services covered by this Agreement upon one hundred eighty (180) days prior written notice to Client.
Support Not to Be Withheld. Support under this Agreement will not be withheld due to any unrelated dispute arising under this Agreement, another agreement between the parties, or any other unrelated dispute between the parties.
Training. Provider provides training videos that can be found on its YouTube® channel linked here: https://www.youtube.com/c/DirectusVideos. In addition, Client may use its allotted advisory consulting hours procured through a Service Order, if applicable, towards training at the discretion of Provider.
Cloud Services. The fees for the Cloud Services and Support Services are set forth in the relevant Service Orders. Client’s subscription tier might come with monthly or cumulative limitations, specifying the amount/extent of units covered by the fees that Client has agreed to pay for the Cloud Services. The limitations may be based on the number of projects or certain other metrics (such as bandwidth or number of requests) as listed in the Service Order. If Client use of the Cloud Services exceeds the limits associated with the subscription tier specified in the Service Order, Client should consider upgrading to a higher subscription tier, which might come with higher limits or with the possibility to purchase custom limits for the Cloud Services. If Client’s usage exceeds the limits for the subscription tier ordered, Provider may contact Client about upgrading the subscription tier.
Professional Services. Provider’s hourly rates for Professional Services are as set forth in the relevant Statement of Work, if any. Except as provided in a Service Order or a Statement of Work or in the event of a written amendment signed by both Parties, (i) there are no other fees or charges to be paid by Client for the Services and/or Deliverables to be provided in connection with this Agreement; and (ii) any work performed by Provider and not specifically authorized by Client in writing with prior cost approval shall be considered gratuitous and Provider shall have no right or claim whatsoever to any form of compensation.
Responsibility for Costs. Except for any reimbursable expenses specified in an Order, Provider shall be responsible for all costs and expenses incidental to the performance of Services and the provision of access to the Services, including but not limited to, all costs of equipment provided by Provider, all fees, fines, licenses, or bonds required of or imposed against Provider, and all other of Provider’s costs of doing business. No payments will be made for services rendered or expenses incurred by Provider other than the Services or Deliverables unless such services (and the costs associated with such services) are approved in advance in writing by Client, and Provider supplies such documentation as Client may require in substantiation of such costs.
Taxes. Provider shall invoice Client the amount of any federal excise, state, and local transaction taxes imposed upon the provision of Services and the sale/license of any Deliverables under this Agreement. All such taxes must be stated as separate items on a timely invoice listing the taxing jurisdiction imposing the tax. Client shall pay all applicable taxes to Provider that are stated on and at the time the Deliverable or Services invoice is submitted by Provider. Provider shall remit taxes to the appropriate taxing authorities. Provider shall honor tax exemption certificates, and other appropriate documents, which Client may submit, pursuant to relevant tax provisions of the taxing jurisdiction providing the exemption. If any taxing authority advises Provider that it intends to audit Provider with respect to any taxes for which Client is obligated to reimburse Provider under this Agreement, Provider shall (i) promptly so notify Client, (ii) afford Client an opportunity to participate on an equal basis with Provider in such audit with respect to such taxes and (iii) keep Client fully informed as to the progress of such audit. Each Party shall bear its own expenses with respect to any such audit, and the responsibility for any additional tax, interest or penalty resulting from such audit is to be determined in accordance with the applicable provisions of this Section. Provider’s failure to comply with the notification requirements of this Section will relieve Client of its responsibility to reimburse Provider for taxes only if Provider’s failure materially prejudiced Client’s ability to contest imposition or assessment of those taxes. If either Party is audited by a taxing authority or other governmental entity in connection with taxes under this Section, the other Party shall reasonably cooperate with the Party being audited in order to respond to any audit inquiries in an appropriate and timely manner, so that the audit and any resulting controversy may be resolved expeditiously. The Parties shall reasonably cooperate to more accurately determine each Party’s tax liability and to minimize such liability to the extent legally permissible, including through the electronic delivery of software and other deliverables. Unless expressly agreed otherwise by the Parties in a Statement of Work, Client shall have no liability for any taxes imposed by a taxing authority outside the United States relating to Provider’s use of personnel in or from those jurisdictions.
Invoices. Invoices must be submitted to the person designated by Client as the “Client Designated Party” on the Service Order, or such other person as may be designated by Client in writing.
Payment Terms: All fees shall be payable in US Dollars and shall be payable net 30.
Payment Options. Personal or business checks are accepted for payment. Wire transfers and credit cards are acceptable but all bank processing fees will be paid by the Client.
NSF Fees. There is a $40 NSF (insufficient funds) fee for returned checks.
Late Payments. Payments not received by due date may result in work cessation. Provider reserves the right to refuse completion or delivery of work until past due balances are paid. Monthly late charges of $25.00 or 1.75% per month (APR of 21%), whichever is greater, will be assessed on unpaid balances every 30 (thirty) days.
Corrections. All billings (including invoices, statements and estimates), reports and time accounting are provided as a convenience to Client at the discretion of Provider and remain the property of Provider. Periodic audits may reveal previous billing discrepancies or errors, and Provider is entitled to void or recall incorrect invoices and statements and bill for any monies due on Client’s account.
Independent Contractor. Provider acknowledges that it is at all times acting as an independent contractor under this Agreement and not as an agent, employee, or partner of Client.
Authority. Provider has the full power, capacity and authority to enter into and perform this Agreement and to make the grant of rights contained herein;
Conformance to Specifications. All Services and Deliverables, shall materially conform to the Specifications during the Term;
Viruses and Destructive Code. Provider shall use best efforts to ensure the Services and Deliverables do not include or transmit any viruses, Trojan Horses, worms, spyware, or other similarly destructive or malicious code; and
Legal Compliance. Provider shall use best efforts to at all times comply with all applicable laws and regulations in its performance of this Agreement, including, but not limited to, all local, state, federal, and international privacy, confidentiality, consumer protection, advertising, electronic mail, data security, data destruction, and other similar laws, rules, and regulations, whether in effect now or in the future.
Provider’s Warranties. Provider represents and warrants as follows:
Client’s Warranty. Client represents and warrants that Client shall have the full power to enter into and perform this Agreement.
Disclaimer of Other Warranties. EXCEPT AS EXPRESSLY STATED IN THIS AGREEMENT, NEITHER PARTY MAKES ANY OTHER WARRANTIES, EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR PURPOSE, QUALITY OF INFORMATION, QUIET ENJOYMENT, MERCHANTABILITY, OR TITLE/NONINFRINGEMENT AND ALL SUCH WARRANTIES ARE HEREBY SPECIFICALLY DISCLAIMED.
WITHOUT LIMITING THE FOREGOING, PROVIDER DOES NOT WARRANT THAT THE SERVICES WILL BE PERFORMED ERROR-FREE OR UNINTERRUPTED, THAT PROVIDER WILL CORRECT ALL SERVICES ERRORS, OR THAT THE SERVICES WILL MEET CLIENT’S REQUIREMENTS OR EXPECTATIONS. PROVIDER IS NOT RESPONSIBLE FOR ANY ISSUES RELATED TO THE PERFORMANCE, OPERATION OR SECURITY OF THE SERVICES THAT ARISE FROM CLIENT CONTENT OR THIRD PARTY CONTENT OR SERVICES PROVIDED BY THIRD PARTIES.
Client Property; Permissive Rights. “Client Property” means any property or intellectual property provided by Client or its agents to Provider for use in connection with the Services, including, but not limited to, any data, images, programming, computer code, photographs, illustrations, graphics, audio clips, video clips, or text. Client grants Provider a non-exclusive, non-transferable, non-sub-licensable, revocable license to use the Client Property solely for Client’s benefit in performing the Services. Upon Client’s written request or upon expiration of this Agreement or termination of this Agreement for any reason, the foregoing license shall immediately terminate. All Client Property shall be deemed Client Confidential Information. Unless otherwise specified as prohibited in the Service Order, Provider shall have the right to display Client’s logo on the Directus website, and to otherwise refer to Client in print or electronic form for marketing, promotional or reference purposes.
Limitation on Use; Prohibited Usage and Activities.
Client’s use of the Services shall be subject to the technical limits associated with the subscription tier as set forth in the Service Order.
Client may not, and may not cause or permit others to: (a) use the Services to harass any person; cause damage or injury to any person or property; publish any material that is false, defamatory, harassing or obscene; violate privacy rights; promote bigotry, racism, hatred or harm; send unsolicited bulk e-mail, junk mail, spam or chain letters; infringe property rights; or otherwise violate applicable laws, ordinances or regulations; (b) perform or disclose any benchmarking or availability testing of the Services; (c) perform or disclose any performance or vulnerability testing of the Services without Provider’s prior written approval, or perform or disclose network discovery, port and service identification, vulnerability scanning, password cracking or remote access testing of the Services; or (d) use the Services to perform cyber currency or crypto currency mining ((a) through (d) collectively, the “Prohibited Uses”). In addition to other rights that Provider has in this Agreement and the Service Order, Provider has the right to take remedial action if Client or its authorized users engage in any Prohibited Uses, and such remedial action may include removing or disabling access to material that violates the policy.
Client may not, and may not cause or permit its Users to: (a) modify, make derivative works of, disassemble, decompile, reverse engineer, reproduce, republish download or copy any part of the Services (including data structures or similar materials produced by the Services); (b) access or use the Services to build or support, directly or indirectly, products or services competitive to Directus; or (c) license, sell, transfer, assign, distribute, outsource, permit timesharing or service bureau use of, commercially exploit, or make available the Services to any third party except as permitted by this Agreement or the Service Order.
Confidential Information. Except as provided in Section 13(b), each Party agrees that all information supplied by one Party and its affiliates and agents (collectively, the “Disclosing Party”) to the other (“Receiving Party”) including, without limitation, (i) source code, prices, trade secrets, databases, designs and techniques, engine protocols, models, displays and manuals, and the selection, coordination, and arrangement of the contents of such materials; and (ii) any unpublished information concerning research activities and plans, customers, marketing or sales plans, sales forecasts or results of marketing efforts, pricing or pricing strategies, costs, operational techniques, strategic plans, information relating to Client’s customers, business partners, and personnel, Personal Data (as defined below), and unpublished financial information, including information concerning revenues, profits and profit margins will be deemed confidential and proprietary to the Disclosing Party, regardless of whether such information was disclosed intentionally or unintentionally or marked as “confidential” or “proprietary” (“Confidential Information”).
Exclusions. Confidential Information will not include any information or material, or any element thereof, whether or not such information or material is Confidential Information for the purposes of this Agreement, to the extent any such information or material, or any element thereof: (a) has previously become or is generally known, unless it has become generally known through a breach of this Agreement or a similar confidentiality or non-disclosure agreement, obligation or duty; (b) was already rightfully known to the Receiving Party prior to being disclosed by or obtained from the Disclosing Party as evidenced by written records kept in the ordinary course of business or by proof of actual use by the Receiving Party; (c) has been or is hereafter rightfully received by the Receiving Party from a third person (other than the Disclosing Party) without restriction or disclosure and without breach of a duty of confidentiality to the Disclosing Party; or (d) has been independently developed by the Receiving Party without access to Confidential Information of the Disclosing Party. It will be presumed that any Confidential Information in a Receiving Party’s possession is not within exceptions (b), (c) or (d) above, and the burden will be upon the Receiving Party to prove otherwise by records and documentation.
Treatment of Confidential Information. Each Party recognizes the importance of the other’s Confidential Information. In particular, each Party recognizes and agrees that the Confidential Information of the other is critical to their respective businesses and that neither Party would enter into this Agreement without assurance that such information and the value thereof will be protected as provided in this Section 13 and elsewhere in this Agreement. Accordingly, each Party agrees as follows: (a) the Receiving Party will hold any and all Confidential Information it obtains in confidence and will use and permit use of Confidential Information solely for the purposes of this Agreement. Without limiting the foregoing, the Receiving Party shall use at least the same degree of care to avoid disclosure or use of this Confidential Information as the Receiving Party employs with respect to its own Confidential Information of a like importance, which shall not be less than the standard of care imposed by applicable laws and regulations relating to the protection of such information and, in the absence of any legally imposed standard of care, the standard shall be that of a reasonable person under the circumstances; (b) the Receiving Party may disclose or provide access to its employees who have a need to know and may make copies of Confidential Information only to the extent reasonably necessary to carry out its obligations hereunder; and (c) the Receiving Party currently has, and for so long as it possesses Confidential Information of the Disclosing Party, it will maintain in effect and enforce, rules and policies to protect against access to or use or disclosure of Confidential Information other than in accordance with this Agreement, including without limitation written instruction to and agreements with employees and agents who are bound by an obligation of confidentiality no less restrictive than set forth in this Agreement to ensure that such employees and agents protect the confidentiality of Confidential Information. The Receiving Party will instruct and require its employees and agents not to disclose Confidential Information to third parties, including without limitation customers, subcontractors or consultants, without the Disclosing Party’s prior written consent; and will notify the Disclosing Party immediately of any unauthorized disclosure or use, and will cooperate with the Disclosing Party to protect all proprietary rights in and ownership of its Confidential Information.
Personal Data. In connection with this Agreement and performance of the Services, Provider (i) may be provided or obtain, from Client or otherwise, Personal Data, as defined below, pertaining to Client’s personnel, directors and officers, agents, subcontractors, investors, and customers and (ii) may need to Process such Personal Data and/or transfer it, all subject to the restrictions set forth in this Agreement and otherwise in compliance with all applicable foreign and domestic laws and regulations for the sole purpose of performing the Services. For purposes of this Agreement, “Personal Data” shall mean any information relating to an identified or identifiable individual. For the avoidance of doubt, Personal Data shall include, but not be limited to, all “nonpublic personal information,” as defined under the Gramm-Leach-Bliley Act (15 United States Code (“U.S.C.”) § 6801 et seq.), “protected health information” as defined under the Health and Insurance Portability and Accountability Act of 1996 (42 U.S.C. § 1320d), “cardholder information” under the Payment Card Industry (“PCI”) Data Security Standard, and “Personal Data” as that term is defined in General Data Protection Regulation 2016/679 on the protection of individuals with regard to processing of personal data and the free movement of such data. “Process” or “Processing” shall mean any operation or set of operations performed upon the Personal Data, whether or not by automatic means, including collection, recording, organization, use, transfer, disclosure, storage, manipulation, combination and deletion of Personal Data.
Treatment of Personal Data. Without limiting any other warranty or obligation specified in this Agreement, and in particular the confidentiality provisions of this Section 13, during the Term and thereafter in perpetuity, Provider will not gather, store, log, archive, use or otherwise retain any Personal Data in any manner and will not disclose, distribute, sell, share, rent or otherwise transfer any Personal Data to any third party, except as expressly required to perform its obligations under this Agreement or as Provider may be expressly directed in advance in writing by Client. Provider represents, covenants, and warrants that Provider will use Personal Data only in compliance with (i) this Agreement, (ii) Provider’s then current privacy policy available at https://directus.io/privacy, and (iii) all applicable local, state, federal, and international laws and regulations (including but not limited to all current and future laws and regulations relating to privacy, confidentiality, consumer protection, advertising, electronic mail, data security, data destruction, and other similar laws, rules, and regulations). Provider will immediately notify Client of any actual or suspected breach of confidentiality or security with regard to Personal Data. At no additional charge or cost to Client, Provider will fully cooperate with Client in investigating the breach, including, but not limited to, the provision of system, application, and access logs, conducting forensics reviews of relevant systems, imaging relevant media, and making personnel available for interview. On notice of any actual or suspected breach, Provider will immediately institute appropriate controls to maintain and preserve all electronic evidence relating to the breach in accordance with industry best practices. In the event any breach of security or confidentiality with regard to Personal Data by Provider or its agents requires notification to an individual under any law, rule, or regulation, Client will have sole control over the timing, content, and method of notification. At no charge to Client, Provider will cooperate with Client and any regulator or other governmental entity having jurisdiction over Client or the Personal Data relating to Provider’s performance of this Agreement and possession and use of the Personal Data.
Client Content. Notwithstanding anything contained herein to the contrary, Client is responsible for (a) any required notices, consents and/or authorizations related to Client’s provision of, and our processing of, Client Content as part of the Services, (b) any security vulnerabilities, and the consequences of such vulnerabilities, arising from Client Content, including any viruses, Trojan horses, worms or other harmful programming routines contained in Client Content, and (c) any use by Client or Client’s Users of the Services in a manner that is inconsistent with the terms of this Agreement. To the extent Client discloses or transmits Client Content to a third party, Provider is no longer responsible for the security, integrity or confidentiality of such content outside of Provider’s control. “Client Content” means all software, data (including Personal Data), text, images, audio, video, photographs, non-Directus or third party applications, and other content and material, in any format, provided by Client or any of Client’s Users that is stored in, or run on or through, the Services. Client Content also includes any Third Party Content that is brought by Client into the Services by Client’s use of the Services.
Retention of Personal Data. Provider will not retain any Personal Data for any period longer than necessary for Provider to fulfill its obligations under this Agreement. As soon as Provider no longer needs to retain such Personal Data in order to perform its duties under this Agreement, Provider will promptly return or destroy or erase all originals and copies of such Personal Data.
Compelled Disclosures. To the extent required by applicable law or by lawful order or requirement of a court or governmental authority having competent jurisdiction over the Receiving Party, the Receiving Party may disclose Confidential Information in accordance with such law or order or requirement, subject to the following conditions: as soon as possible after becoming aware of such law, order or requirement and prior to disclosing Confidential Information pursuant thereto, the Receiving Party will so notify the Disclosing Party in writing and, if possible, the Receiving Party will provide the Disclosing Party notice not less than five (5) business days prior to the required disclosure. The Receiving Party will use reasonable efforts not to release Confidential Information pending the outcome of any measures taken by the Disclosing Party to contest, otherwise oppose or seek to limit such disclosure by the Receiving Party and any subsequent disclosure or use of Confidential Information that may result from such disclosure. The Receiving Party will cooperate with and provide assistance to the Disclosing Party regarding such measures. Notwithstanding any such compelled disclosure by the Receiving Party, such compelled disclosure will not otherwise affect the Receiving Party’s obligations hereunder with respect to Confidential Information so disclosed.
Return of Confidential Information. On Client’s written request or upon expiration or termination of this Agreement for any reason, the Provider will promptly: (a) return or destroy, at Client’s option, all originals and copies of all documents and materials it has received containing Client’s Confidential Information; and (b) deliver or destroy, at Client’s option, all originals and copies of all summaries, records, descriptions, modifications, negatives, drawings, adoptions and other documents or materials, whether in writing or in machine-readable form, prepared by Provider, prepared under its direction, or at its request from the documents and materials referred to in subparagraph (a). On termination or expiration of this Agreement, Client shall return or destroy all Provider Confidential Information (excluding items licensed to Client hereunder or that are required for use of the Deliverables), at Provider’s option.
Non-Exclusive Equitable Remedy. Each Party acknowledges and agrees that due to the unique nature of Confidential Information there may be no adequate remedy at law for any breach of its obligations hereunder, that any such breach or threatened breach may allow a Party or third parties to unfairly compete with the other Party resulting in irreparable harm to such Party, and therefore, that upon any such breach or any threat thereof, each Party will be entitled to appropriate equitable remedies and may seek and obtain injunctive relief from a court of competent jurisdiction without the necessity of proving actual loss or posting of a bond or other security, in addition to whatever remedies either of them might have at law or equity. Any breach of this Section 13 will constitute a material breach of this Agreement and be grounds for immediate termination of this Agreement in the exclusive discretion of the non-breaching Party.
Security. Provider will maintain and enforce safety and physical security procedures with respect to its access, use, and possession of Client’s Confidential Information, including Personal Data, that are (a) at least equal to industry standards for such types of locations, and (b) which provide reasonably appropriate technical and organizational safeguards against accidental or unlawful destruction, loss, alteration or unauthorized disclosure or access of such information. Without limiting the generality of the foregoing, Provider will take all reasonable measures to secure and defend its location and equipment against “hackers” and others who may seek, without authorization, to modify or access Provider systems or the information found therein. Provider will periodically test its systems for potential areas where security could be breached. Provider will promptly report to Client any breaches of security or unauthorized access to Client’s Confidential Information, including Personal Data that Provider detects or becomes aware of. Provider will use diligent efforts to remedy such breach of security or unauthorized access in a timely manner and deliver to Client a root cause assessment and future incident mitigation plan with regard to any breach of security or unauthorized access affecting the Confidential Information, including Personal Data. Unless required by applicable or advised by advisors or counsel that such action is prudent, consistent with applicable law and industry standard conduct, Provider agrees not to notify any regulatory authority nor any customer or consumer, on behalf of Client unless Client specifically requests in writing that Provider do so. Provider and Client will work together to formulate a plan to rectify all security breaches.
Disaster Recovery and Business Continuity. Provider shall maintain a Business Continuity and Disaster Recovery Plan for the Services (the “Plan”) and implement such plan in the event of any unplanned interruption of the Services. Upon request of Client, Provider shall provide Client with a copy of Provider’s current Plan, revision history, and any reports or summaries relating to past testing of the Plan. Provider shall actively test, review, and update the Plan on at least an annual basis using American Institute of Certified Public Accountants standards and other industry best practices as guidance. Provider shall promptly provide Client with copies of all such updates to the Plan. All updates shall be subject to the requirements of this Section. In any event, any future updates or revisions to the Plan shall be no less protective than the plan in effect as of the Effective Date. Upon request of Client, Provider shall notify Client of the completion of any audit (e.g., ISO 9000) of the Plan. If Provider fails to reinstate the Services within the periods of time set forth in the Plan, Client may in addition to any other remedies available hereunder, in its sole discretion, immediately terminate this Agreement as a non-curable breach. Provider shall maintain disaster avoidance procedures designed to safeguard Client’s data and the data processing capability, and availability of the Services, throughout the Term. Additional disaster recovery/business continuity requirements may be set forth in the individual Statement(s) of Work. Provider shall immediately notify Client of any disaster or other event in which the Plan is activated. Without limiting Provider’s obligations under this Agreement, whenever a disaster causes Provider to allocate limited resources between or among Provider’s customers, Client shall receive at least the same treatment as comparable Provider customers with respect to such limited resources. The provisions of Section 21(a) relating to events of force majeure shall not relieve Provider of its obligations under this Section 15.
Provider’s Indemnity. At Provider’s expense as provided herein, Provider agrees to defend, indemnify, and hold harmless Client and its directors, officers, agents, employees, members, subsidiaries, franchisees, and successors in interest from and against any third party claim, action, proceeding, liability, loss, damage, cost, or expense, including, without limitation, attorneys’ fees, experts’ fees and court costs as provided herein arising out of or relating to (a) any act or failure to act by Provider or its directors, officers, agents, or employees, including, without limitation, negligent or willful misconduct, alleged to (1) infringe the intellectual property rights of a third person, including infringement claims relating to Client’s authorized use of the Services or Deliverables, or (2) cause any injury to any person or persons or damage to tangible or intangible property (collectively referred to for purposes of this Section 16(a) as “Claim(s)”), including the payment of all amounts that a court or arbitrator awards or that Provider agrees to in settlement of any Claim(s) as well as any and all reasonable expenses or charges as they are incurred by Client or any other party indemnified under this Section 16(a) in cooperating in the defense of any Claim(s). Client shall: (i) give Provider prompt written notice of such Claim; and (ii) allow Provider to control, and fully cooperate with Provider in, the defense and all related negotiations. Notwithstanding the foregoing, Provider shall have no indemnity obligation for intellectual property infringement claims arising from (i) specifications provided by Client; (ii) use of the Services in combination with software and/or hardware that is not approved or provided by Provider; (iii) use of Client Content or Client Property; or (iv) Client’s failure to implement an update or enhancement to the Directus Software or the Services, provided Provider provides Client with notice that implementing the update or enhancement would avoid the infringement.
Client’s Indemnity. If a third party makes a claim against Provider that any Client Content or Client Property (collectively, “Client Material”) furnished by Client or Client’s Users and imported into the Services infringes the third party’s intellectual property rights, Client, at Client’s sole cost and expense, will defend Provider against the claim and indemnify Provider from the damages, liabilities, costs and expenses awarded by the court to the third party claiming infringement or the settlement agreed to by Client, if Provider does the following: (i) notifies Client promptly in writing, not later than 30 days after Provider receives notice of the claim (or sooner if required by applicable law); (ii) gives Client sole control of the defense and any settlement negotiations; and (iii) gives Client the information, authority and assistance Client needs, as the sole expense of Client, to defend against or settle the claim.
Additional Remedy. If Services or Deliverables become the subject of an infringement claim under Section 16(a) (Provider’s Indemnity), or is likely to become the subject of such a claim, then, in addition to defending the claim and paying any damages and attorneys’ fees as required above in Section 16(a), Provider shall, at its option and in its sole discretion, use its best efforts to either (a) replace or modify the Services and/or Deliverables or otherwise perform the Services, providing not less than the functionalities specified in this Agreement and the applicable Orders to make them non-infringing or cure any claimed misuse of another’s intellectual property, (b) procure for Client the right to continue using the Services and Deliverables pursuant to this Agreement, or (c) terminate the portion of the Services that are alleged to be infringing the rights of third parties. Any costs associated with implementing (a) or (b) above will be borne by Provider. If Provider fails to provide the remedies described in (a) or (b) above within forty-five (45) days of notice of the claim (and such time has not been extended by Client in writing), Provider shall refund to Client (i) all sums paid by Client under this Agreement or the applicable Order for the infringing Services or Deliverable, prorated over two years from date of initial use of the Services or delivery of the infringing Deliverable, and (ii) any prepaid fees for the Cloud Services prorated to the date of suspension of such Services. The remedies set forth in this Section 16 shall be the exclusive remedy of Client in the event of assertion by third parties of infringement claims relating to the Services.
Dispute Resolution.
In the event of any controversy or claim arising out of or relating to this Agreement, the parties will consult and negotiate with each other and, recognizing their mutual interests, attempt to reach a solution satisfactory to both parties. If the parties do not reach settlement within a period of sixty (60) days, either party may pursue relief as may be available under this Agreement pursuant to Section 18(b). All negotiations pursuant to this Section 18(a) will be confidential and treated as compromise and settlement negotiations for purposes of all rules and codes of evidence of applicable legislation and jurisdictions.
The interpretation and enforcement of this Agreement shall be governed by the laws of the State of New York without reference to its choice of law rules. Except as provided below, Client and Provider agree that any cause of action, legal claim, or dispute between Client and Provider arising out of or related to this Agreement or Client’s use of the Services must be resolved by arbitration on an individual basis. Class actions and class arbitrations are not permitted; Client may bring a claim only on its own behalf and cannot seek relief that would affect other users of the Services. If there is a final judicial determination that any particular claim (or a request for particular relief) cannot be arbitrated in accordance with this provision's limitations, then only that claim (or only that request for relief) may be brought in court. All other claims (or requests for relief) remain subject to this provision. Instead of using arbitration, Client or Provider can bring claims in Client’s local "small claims" court, if the rules of that court will allow it. If Client does not bring its claims in small claims court (or if Client or Provider appeal a small claims court judgment to a court of general jurisdiction), then the claims must be resolved by binding, individual arbitration. The American Arbitration Association will administer all arbitrations under its Commercial Arbitration Rules. Client and Provider expressly waive a trial by jury. The following claims don't have to be arbitrated and may be brought in court: disputes related to intellectual property (like copyrights and trademarks), violations by Client of Provider’s rules, policies and procedures. In addition, issues relating to the scope and enforceability of the arbitration provision are for a court to decide. The costs and fees of arbitration shall be allocated in accordance with the arbitration provider's rules, including rules regarding frivolous or improper claims. For any claim that is not arbitrated or resolved in small claims court, Client agrees that it will be resolved exclusively in the courts of the State of New York or the U.S. District Court for the Southern District of New York. Client also agrees to submit to the personal jurisdiction of either of these courts for the purpose of litigating any such claim. Each Party waives any right it may have to assert the doctrine of forum non conveniens or similar doctrine or theory or to object to venue with respect to any proceeding brought in accordance with this Section. This arbitration provision is governed by the Federal Arbitration Act. Client can opt out of this provision within 30 days of the date that Client agreed to this Agreement. To opt out, Client must send its name, principal address, username, email address or phone number that Client uses for its account, and a clear statement that Client wants to opt out of this arbitration agreement, and Client must send them here: Monospace, Inc. ATTN: Arbitration Opt-out, 223 Bedford Ave STE A #855, Brooklyn, NY 11211. CLIENT CONFIRMS THAT IT HAS READ AND UNDERSTANDS THIS SECTION 18, AND VOLUNTARILY AGREES TO BINDING ARBITRATION. IN DOING SO, CLIENT VOLUNTARILY GIVES UP IMPORTANT CONSTITUTIONAL RIGHTS TO TRIAL BY JUDGE OR JURY, AS WELL AS RIGHTS TO APPEAL.
Provider shall cease to perform the Services under the applicable Order, and Client will pay to Provider all sums due to Provider for Services performed and accepted (as provided in Section 4 above) and authorized expenses incurred through the effective date of such expiration or termination (prorated as appropriate).
Expiration or termination of this Agreement for any reason will not release either Party from any liabilities or obligations set forth in this Agreement which (i) the Parties have expressly agreed in writing will survive any such expiration or termination or (ii) remain to be performed or by their nature would be intended to be applicable following any such expiration or termination.
In the case of termination of the Agreement, all Orders that have not been completed shall be deemed canceled as of the effective date of such termination. At the end of the Services period or upon cancelation or termination of your Service Order, all project data will be deleted. All data will only be available to Client Users BEFORE Client’s account is terminated.
Except in the case of termination by Provider pursuant to Section 19(c) on account of an uncured material default by Client, Provider will cooperate with Client and take all reasonably requested steps to assist Client in making an orderly transition of the Services, as provided in Section 19(f), back to Client or its designees and will cooperate in the return of all Confidential Information, Personal Data and other related documents. In particular, for a period of thirty (30) days following termination or expiration of this Agreement, Provider shall make available, without charge, to Client the ability to download a complete copy of all Client Property stored in the Services.
No Outstanding Orders. Either Party, in its sole discretion, terminate this Agreement by written notice if there are no Service Orders or Statements of Work in effect for a period of thirty (30) days at any time during the Term of this Agreement.
Bankruptcy. Either Party may, in its sole discretion, terminate this Agreement in the event of the Provider commencing voluntary or involuntary winding up, or upon the filing of any petition seeking the winding up of the Provider or upon the Provider making a general assignment for the benefit of its creditors, or the sale or change of control of the business of Provider.
Material Breach. If either Party materially defaults in the performance of any of its obligations under this Agreement, which default (a) if of a non-monetary nature, is not substantially cured within thirty (30) days after written notice is given to the defaulting Party specifying the default, or (b) if of a monetary nature and there is no dispute about the invoice or the work or the expense with respect to which an invoice has been issued, is not cured within twenty (20) days after notice is given to the defaulting Party specifying the default, the Party not in default may, by giving written notice thereof to the defaulting Party, terminate the Order with respect to which there is a default or this Agreement in its entirety, as of a date specified in such notice of termination.
Suspension of Services. Provider may suspend Client’s or Client’s Users’ access to, or use of, the Services if Provider believes that (a) there is a significant threat to the functionality, security, integrity, or availability of the Services or any content, data, or applications in the Services; (b) Client or Client’s Users are accessing or using the Services to commit an illegal act; or (c) Client or Client’s Users engage in any activity which constitutes a Prohibited Use. When reasonably practicable and lawfully permitted, Provider will provide Client with advance notice of any such suspension. Provider will use reasonable efforts to re-establish the Services promptly after Provider determines that the issue causing the suspension has been resolved. During any suspension period, Provider will make Client Content (as it existed on the suspension date) available to Client. Any suspension under this section shall not excuse Client from its obligation to make payments under this Agreement or the applicable Service Order.
Effect of Termination. Upon termination of this Agreement or of any Order, unless otherwise specified by Client in writing:
Termination Assistance Services. Upon the expiration of this Agreement or its termination by either Party for any reason other than a material uncured breach of this Agreement by Client pursuant to Section 19(c), the rights of Client shall in any and all events be provided as set forth in this Section (“Termination Assistance Services”) unless the Parties have specifically agreed upon an alternative termination transition plan prior to the time of termination (the “Termination Transition Plan”). If a Termination Transition Plan has been agreed to, then the rights of Client upon any expiration or termination of this Agreement shall be as set forth in the most recent approved Termination Transition Plan. The duty of Provider to provide such services shall be conditioned on Client continuing to comply with its obligations under the Agreement, including payment of all fees. Compliance with this Section by either Party shall not constitute a waiver or estoppel with regard to any rights or remedies available to the Parties. Provider will (i) meet with Client as soon as practicable after a notice of termination or notice of a decision to not extend this Agreement has been given, to discuss any potential modifications to the then most current Termination Transition Plan, if any, (ii) use all commercially reasonable efforts to assist Client in effecting a transition of the services provided by Provider hereunder, in accordance with industry best practices, to Client or another vendor chosen by Client, and (iii) be compensated for all transition related services and costs by payment by Client in accordance with the rates set forth in this Agreement. Provider will provide transition services for a period defined in the Termination Transition Plan, if any, but in no event less than six (6) months following the expiration or termination of this Agreement.
Survival. Sections 9 (Independent Contractor), 10(a) (Provider’s Warranties), 11 (Client Property), 13 (Confidentiality), 16 (Indemnification), 17 (Limitation of Liability), 19(e) (Effect of Termination), 19(f) (Termination Assistance Services), 19(g) (Survival), and 20 (Miscellaneous) shall survive any termination or expiration of this Agreement.
Force Majeure. If either Party cannot perform any of its obligations because of any act of God (including pandemic), court order, acts of government, quarantine restrictions or other public health restrictions or advisories, war, or any other cause not within the Party’s reasonable control and could not be avoided through the exercise of reasonable care and diligence, whether or not foreseeable (a “Force Majeure Event”), then the non-performing Party will: (i) immediately notify the other Party; (ii) take reasonable steps to resume performance as soon as possible; and (iii) not be considered in breach during the duration of the Force Majeure Event. In the event a Force Majeure Event continues for a period of thirty (30) days, Client may terminate this Agreement by providing written notice to Provider. For the avoidance of doubt, in the event Provider’s performance hereunder is the subject of a Force Majeure Event, the fees to be paid by Client hereunder shall be equitably adjusted to reflect the period in which Provider’s performance was affected.
Notices. All notices under this Agreement will be in writing and will be deemed to have been duly given if delivered personally, by electronic mail (email) provided that the sender receives delivery confirmation (including auto-generated confirmation) of the email within seventy-two (72) hours of it being sent, or by an internationally recognized courier service or, if between Parties located in the United States, mailed by U.S. registered or certified mail, return receipt requested, postage prepaid, to the Parties at the addresses set forth below. All notices under this Agreement that are addressed as provided in this Section, (a) if delivered personally or by a nationally recognized courier service, will be deemed given upon delivery, (b) if delivered by email, will be deemed given upon receipt of delivery confirmation, or (c) if delivered by mail in the manner described above, will be deemed given on the fifth business day after the day it is deposited in a regular depository of the United States mail. Either Party may change its address or designee for notification purposes by giving notice to the other of the new address or designee and the date upon which such change will become effective.
If to Provider:
Monospace Inc. /DBA/ Directus 223 Bedford Ave STE A #855
Brooklyn, NY 11211
United States
EMAIL: info@directus.io
If to Client, at the address specified on the signature page of this Agreement or the Service Order.
Exhibits, Orders and Addenda. All Exhibits, Orders, and Addenda that are referenced herein and appended hereto, or are signed by the Parties on or after the date of this Agreement, are hereby incorporated by reference. The following Exhibits are attached hereto and incorporated herein.
Exhibit A |
Form of Service Order |
Exhibit B |
Enterprise Cloud Service Levels and Availability Standards |
Exhibit C |
Enterprise Support Agreement |
Entire Agreement. This Agreement contains all of the covenants and agreements between the Parties with respect to the rendering of the Services and any other matter hereunder, and supersedes any and all prior negotiations, representations and agreements, whether written or oral, between the Parties with respect to the rendering of such Services and any other matter hereunder. Each Party acknowledges that no representations, inducements, promises or agreements, orally or otherwise have been made by any Party. No other agreement, statement or promise that is not contained in this Agreement, nor changes or modifications to this Agreement, shall be effective unless it is in writing and signed by both Parties.
Waivers. All waivers hereunder must be made in writing by a duly authorized representative of the Party against whom the waiver is to operate, and failure at any time to require the other Party’s performance of any obligation under this Agreement shall not affect the right subsequently to require performance of that obligation.
Severability. If any provision of this Agreement or the application thereof to any persons or circumstances is, to any extent, held invalid or unenforceable by a court of competent jurisdiction, the remainder of this Agreement or the application of such provision to persons or circumstances other than those as to which it is invalid or unenforceable will not be affected thereby to the extent the benefits conferred upon the Parties by this Agreement remain substantially unimpaired, and each provision of this Agreement will be valid and enforceable to the extent permitted by law. If severability of the provision(s) would materially change the benefits of this Agreement to either Party, the Parties shall modify such provision(s) to obtain legal, enforceable and valid provision and provide benefits to the Parties that most nearly affects the Parties’ intent in entering into this Agreement.
Agreement Drafted by All Parties. This Agreement is the result of arm’s length negotiations between the Parties and shall be construed to have been drafted by all Parties such that any ambiguities in this Agreement shall not be construed against either Party.
Counterparts. This Agreement may be executed in one or more counterparts, each of which shall be deemed an original, and will become effective and binding upon the Parties as of the Effective Date at such time as all the signatories hereto have signed a counterpart of this Agreement.
Electronic Signatures and Facsimiles - Binding. This Agreement and associated Orders and related documents may be accepted in electronic form (e.g., by an electronic or digital signature or other means of demonstrating assent) and Provider’s acceptance will be deemed binding between the parties. Provider acknowledges and agrees it will not contest the validity or enforceability of this Agreement and associated Orders and related documents, including under any applicable statute of frauds, because they were accepted and/or signed in electronic form. Provider further acknowledges and agrees that it will not contest the validity or enforceability of a signed facsimile copy of this Agreement and associated Orders and related documents on the basis that it lacks an original handwritten signature. Facsimile signatures shall be considered valid signatures as of the date hereof. Computer maintained records of a party when produced in hard copy form shall constitute business records and shall have the same validity as any other generally recognized business records.
Form of Service Order available upon request.
This Exhibit describes the performance standards and service levels to be achieved by Provider during the Term in providing the Cloud Services pursuant to the Enterprise Cloud Master Services Agreement:
Definitions. Except as provided in this Exhibit, capitalized terms shall have the meanings set forth in the body of the Agreement. The following terms, when used in this Exhibit, shall have the following meanings:
“Available” means the Cloud Services shall: (i) be available for access and use over the Internet; and (ii) provide the functionality and content required under the Agreement and applicable Work Orders.
“Host” shall be AWS
“Server” shall mean the infrastructure on which the Cloud Services will be hosted.
General Hosting Obligations. In addition to the other obligations set forth in the Agreement and this Exhibit, Provider shall do the following:
Operate the Cloud Services on a Server owned and maintained by Provider or the Host.
Allow access to the Cloud Services over the Internet and provide secure and confidential storage of all information transmitted to and from the Cloud Services.
Supply hardware, security protocols, software and communications support structure to facilitate connection to the Internet in accordance with the requirements set forth herein.
Maintain a back-up server, at a geographically different site from where the Server is located, to ensure continuous service in the event of disaster.
Review security notifications and alerts relevant to the hosting platform (e.g., Provider notifications of bugs, attacks, patches), and apply as appropriate to maintain the highest level of defense.
Provider shall provide adequate firewall protection in order to secure Customer and Employee Information and other Confidential Information of Client and users of the Cloud Services from unauthorized access by third parties.
Change of Host. In the event that during the Term Provider desires to transition to a new Host, Provider shall provide Client with at least thirty (30) days prior notice of the transition.
Service Monitoring & Management. Provider will perform continuous monitoring and management of the Cloud Services to optimize availability of Cloud Services. Included within the scope of this section is the proactive monitoring of the Server and all service components of Provider’s firewall for trouble on a 7 day by 24 hour basis and the expedient restoration of components when failures occur within the time period set forth below in Service Outages. Provider shall maintain redundancy in all key components such that service outages are less likely to occur due to individual component failures.
Provider will monitor “heartbeat” signals of all servers, routers and leased lines, and HTTP availability of the Server, by proactive probing at 15-minute intervals 24 hours a day using an automated tool. If a facility does not respond to a ping-like stimulus, it shall be immediately checked again. When Provider receives a “down” signal, or otherwise has knowledge of a failure in the Server or the application software and/or hardware, Provider personnel will:
Confirm (or disconfirm) the outage by a direct check of the facility;
If confirmed, take such action as may restore the service in one hour or less, or, if determined to be a Host company problem, open a trouble ticket with the Host company;
Notify Client by telephone or email according to mutually agreed upon procedures that an outage has occurred, providing such details as may be available, including the Provider trouble ticket number, if appropriate, and time of outage;
Work the problems until resolution, escalating to management or to engineering as required;
Notify Client of final resolution, along with any pertinent findings or action taken, and requests concurrence to close the trouble ticket.
Backups. Provider shall provide for both the regular back-up of standard file systems relating to the Server and Cloud Services, and the timely restoral of such data on request by Client due to a service failure. In particular, Provider shall:
Perform daily full database back-ups;
Retain rotating 30 days of back-ups;
Fulfill restoral requests as directed by Client due to Service failures. Restoral will be performed within the interval of two (2) to twelve (12) hours dependent on the urgency of the request, and the agreed upon location of the desired backup media; and
If the hosting server or location is expected to be down for more than twenty-four (24) hours, Provider shall immediately transfer appropriate back-up data and re-establish all hosting operations in an appropriately functioning secondary server or location.
Service Availability. The Cloud Services shall be Available for at least the “Specified Availability Percentage” set forth on the Service Order during each month of the Term.
API Response Time. During each month of the Term, provided that your Users are in the same geographic territory where your cloud project is provisioned, the average response time for the Cloud Service Project's /server/ping API endpoint request shall be less than 500 milliseconds.
Simultaneous Users. The Cloud Services shall be capable of supporting one-hundred (100) simultaneous project users while still achieving the Service Levels set forth above.
Service Level Reporting. Provider shall be responsible for monitoring Service Level performance and shall provide Client with monthly reports showing Service Level performance during the reporting period. Current and 30-day uptime history will be available via the status monitoring tool at: https://status.directus.cloud/
Failure to Achieve Service Levels. Failure to achieve any of the Service Levels set forth in Section 6 of this Exhibit shall constitute a “Service Level Failure.” Provider shall not be responsible for any Service Level Failure caused by Client or its agents or Host. Client shall promptly notify Provider of any known Service Level Failure. Any reported lost time from Service Level Failures will be credited back to Client on a pro rata basis at the hourly rate incurred based on the ratio of lost time and total time during the billing cycle. In the event that Client reports more than one Service Level Failure in any ten day period, Client may, in its sole discretion, terminate the applicable Order without further obligation provided that Client exercises such termination right with five business days after submission of such second Service Level Failure report. The credits and termination right provided in this Exhibit shall be Client’s exclusive remedy in the event of a Service Level Failure.
Corrective Action Plan. Notwithstanding Provider’s obligation to continue to perform as required under the Agreement and this Exhibit and Client’s remedies set forth herein, in the event of a Service Level Failure, Provider shall promptly investigate the root causes of such Service Level Failure and shall provide to Client (within five (5) days after knowledge of such Service Level Failure) an analysis of such root causes and a proposed corrective action plan for Client’s review, comment and approval (the “Corrective Action Plan”). The Corrective Action Plan shall include, at a minimum: (i) a commitment by Provider to Client to devote the appropriate time, skilled personnel, systems support and equipment, and/or resources to remedy, and prevent any further occurrences of, the Service Level Failure; (ii) a strategy for developing any programming/software updates, fixes, patches, etc. necessary to remedy, and prevent any further occurrences of, the Service Level Failure; and (ii) time frames for implementation of the Corrective Action Plan. There shall be no additional charge (other than those fees set forth in the Agreement) for Provider’s implementation of such Corrective Action Plan in the time frames and manner set forth in the Corrective Action Plan.
Scheduled. Provider shall notify Client of scheduled outages at least twenty-four (24) hours in advance, and such outages shall last no longer than one hour. Provider may request extensions of scheduled down time above one (1) hour and such approval by Client, which may not be unreasonably withheld or delayed. Scheduled and approved unscheduled outages (as described below) are excluded from the Availability service levels set forth above.
Unscheduled. Unscheduled outages are caused by loss of connectivity to the Internet, or by failure of a Provider service. In cases where a destination is not available, or unacceptable service is reported, Provider will attempt to determine the source of the problem and report its findings to Client.
Corrective Action. Immediately upon notice that the Cloud Services are not Available, Provider personnel shall:
Confirm (or disconfirm) the outage by a direct check of the facility;
If confirmed, take such action as may restore the service in one hour or less, or, if determined to be a telecommunications company problem, open a trouble ticket with the telecommunications company carrier;
Notify the person designated by Client by telephone, email or other notice delivery method approved by Client according to predefined procedures that an outage has occurred, providing such details as may be available, including the trouble ticket number if appropriate and time of outage;
Work the problems until resolution, escalating to management or to engineering as required;
Promptly notify Client of final resolution, along with any pertinent findings or action taken.
Security Breaches. In the event of an attack or threatened or suspected breach of security against the Cloud Services and/or Server, Provider will take whatever reasonable steps that are necessary to halt such action, including taking the Cloud Services down. Down time due to external attacks shall not count against Availability requirement set forth above. Provider will immediately contact the person designated by Client to discuss what measure to take. However, if time is critical, action may be required before the contact can be reached. Provider’s actions will include, as appropriate:
Confirm the threat;
Deny access from the source of the attack;
Investigate the extent of the damage, if any;
Back-up the affected systems and those suspected to be affected;
Strengthen defenses everywhere, not just the suspected path that the attacker used;
Contact the ISP where the threat or attack originated and/or law enforcement to work with Provider’s security team;
Produce an Incident Report within 24 hours detailing Provider’s findings; and
Reinstate the denial of access after a set time period, but continue to monitor traffic from that source until risk of further attacks is deemed to be minimized.
This Directus Enterprise Software Support Agreement (“Support Agreement”) is provided to you (“Client”) in connection with your use of the Directus Enterprise Cloud pursuant to the Enterprise Cloud Master Services Agreement (”MSA”) to which this Support Agreement is an Exhibit. Capitalized terms used in this Support Agreement shall have the meanings ascribed to them in the MSA.
Definitions. In this Support Agreement, the following definitions shall apply:
“Authorized Contact(s)” shall mean the two (2) representative(s) of Client, who will be the exclusive point of contact with Directus with respect to technical support of the Software. Client will have the right to change the Authorized Contacts by providing written notice to Directus.
“Documentation” shall mean the documentation that Directus provides to its licensees for the Software. Client will have the right to make multiple copies of such documentation and training materials onto agreed upon media for internal use, training, and reference purposes.
“Error” shall mean any verifiable and reproducible failure of the Software to substantially conform to the Specifications for such Software. Notwithstanding the foregoing, “Error” shall not include any such failure that is caused by: (i) the use or operation of the Software with any other software or programming languages, or in an environment other than that intended or recommended by Directus, (ii) modifications to the Software not made by Directus, (iii) any bug, defect or error in other software used with the Software or any other failure of such software to conform to its published specifications; or (iv) any failure, inoperability, loss of data, corruption or system downtime caused by the utilization of custom extensions developed by Client, use of Directus CLI utilities that results in inadvertent upgrades to the Directus application, or Client’s direct access to and edit of the database.
“Error Correction(s)” shall mean either a modification, addition to, or deletion from the Software that substantially conforms such Software to the Specifications or a procedure or routine that, when observed in the regular operation of the Software, eliminates any material adverse effect on Client of such Error.
“Specifications” shall mean the published specifications for the Software, as set forth in the Documentation for the Software.
“Updates” shall mean a “patch release” or “minor release” incorporating standard backward compatible bug fixes and backward compatible new features that are provided by Directus to its Enterprise clients. Updates are designated by the digit to the right of the first decimal point (e.g., 1.0.1 or 1.1.0).
“Upgrades” shall mean “major releases” that are changes to the software that break backward compatibility. Upgrades are designated by the digit to the left of the first decimal point (e.g., 2.0.0).
“Workaround” shall mean a technically feasible change in the operating procedure of the Software whereby the effects of the Error on the normal operation of the Software are reasonably minimized.
Client Responsibilities. Client agrees to notify Directus in writing (including by email), via Directus’ web-based support portal promptly following the discovery of any Error. Further, upon discovery of such an Error, Client agrees, if requested by Directus, to submit to Directus data that Directus may reasonably require to reproduce the Error and the operating conditions under which the Error occurred or was discovered.
Error Corrections. During the term of this Agreement, Directus shall use commercially reasonable efforts to provide Error Corrections for Errors in the Software reported by Client to Directus.
Updates and Upgrades. During the term of this Agreement, Directus shall make available to Client any Updates or Upgrades of the Software or Documentation at no extra charge, subject to limitations explicitly set forth in section 2(d) below. Directus will make such Updates or Upgrades available to Client when Directus makes such Updates or Upgrades generally available to its other licensees then subscribing for support services.
Current Release. Directus’ obligations under this Agreement shall apply only to those Updates/Upgrades of the applicable Software that are within 20 Updates or one (1) Upgrade of the then-current version, and within a one (1) year time frame of the current Update or Upgrade, whichever is greater, provided Client is under then-current support. Directus shall give Client not less than ninety (90) days prior notice that support will be terminated for a particular version of the Software.
Limitations. Client acknowledges that Directus is under no obligation to perform services with respect to any hardware, configuration issues, or any software which is not directly licensed from Directus. If Directus agrees to remedy any errors or problems not covered by the terms of this Agreement, Directus shall be entitled to bill, and Client shall pay Directus, for all such work performed at Directus’ then-current standard professional services rates. For purposes of clarification and without limiting the foregoing, notwithstanding anything to the contrary in this Support Agreement or the MSA, Directus is not obligated to continue work on a Support Request when Directus determines that:
The reported issue has been caused by Client’s negligence, hardware malfunction, network latency or causes beyond the reasonable control of Directus;
The reported issue has been caused by third party software not managed by Directus as part of the Cloud Services, unless the Documentation requires the third party software for proper use of the Cloud Services;
The reported issue has been caused by Client’s use of the Cloud Services other than in accordance with the configuration and operation guidelines described in the Documentation, the MSA or the Service Order;
Client has not paid Directus all subscription and support fees when due.
Proprietary Rights. Any corrections, additions or modifications to the Software or Documentation effected or delivered under this Agreement and any Updates or Upgrades supplied under this Agreement shall be deemed part of the applicable Software and governed by the terms of the MSA.
Priority |
Definition |
Estimated Response Time |
Resolution Target |
4-LOW Information or enhancements requests |
Information needed or other request |
48 hours |
10 business days |
3 - MEDIUM Problem where acceptable workaround is available |
Ability to use Application Services with faults that cause minor disruption to service |
8 hours or next business day |
As promptly as possible but within 5 business days |
2 – HIGH System is operational, but functionality is seriously affected |
Ability to use the Cloud Services, but Client operation is severely restricted, and no workaround exists |
4 hours |
1 business day |
1 – CRITICAL System is down |
Production System is down, impacting all Directus applications |
1 hour |
4 hours |
Directus shall use commercially reasonable efforts to respond to support tickets within the timeframes set forth above and to provide Workarounds and/or Error Corrections in a timely manner based on the assigned severity level of the Error. The failure of Directus to respond within the timeframes set forth above or to provide Error Corrections or workarounds within the time parameters requested by Client shall not constitute an event of default pursuant to this Support Agreement or the MSA or constitute a basis for termination of any Order, the granting of any credits or the exercise of any other remedies by Client on account of such failure.
The following additional support services are available for purchase either at the time an Order is placed or during the term of the MSA, at the election of Client. These offerings require additional fees are not included in the scope of the Enterprise Software Support Services unless specifically provisioned and paid for by Client.
Premium Enterprise Support Subscription. Directus offers off-hours support for “Level 1 - Critical issues” on a subscription basis if Client has ordered and paid for Premium Enterprise Support. In the event that Client has ordered Premium Enterprise Support, the Support described in Section 4(b) above shall be available 7 days a week/24 hours a day for Level 1-Critical Errors only. If Client’s Authorized Contacts initiate a support request outside of the standard hours and Directus does not confirm the priority classification as Level 1- Critical, Directus will respond to the support request in accordance with the table above during normal business hours.
On-Demand Critical Off Hours Support: Directus offers off-hours support for “Level 1 - Critical issues” on an as-needed basis. If Client has not paid for Premium Enterprise Support, initiating a support ticket to Critical Off-Hours Support is billable at a rate of $250 per hour for a 4-hour minimum. Any request for Critical Off Hours Support by an Authorized Contact shall be deemed to be authorized by Client, and Client agrees to assume financial responsibility for any such requests.
Scheduled Off-Hours Maintenance: Software Upgrades may be provided during Client’s normal business hours. If Client desires to have Upgrades delivered off hours, Client can schedule a mutually agreeable date and time to have Directus support perform the Upgrade during Client’s off hours. This time is billable at a rate of $250 per hour, with a 2 hour minimum.