END USER AGREEMENT | Stellar Cyber | END USER AGREEMENT (EUA)

This End User Agreement (“EUA”) is entered into by and between Stellar Cyber Inc., a Delaware corporation having a principal place of business at 2590 North 1st Street, Suite 360, San Jose, California 95131, (“Stellar Cyber”), and you (“Client”). This EUA constitutes the agreement (the “Agreement”) between Stellar Cyber and Client. The effective date (“Effective Date”) of the Agreement shall be the date of acceptance of the Order by Client (if applicable), or the date of Client’s acknowledgement as may be applicable for trial or evaluation access.

By downloading, installing, registering, accessing, evaluating or otherwise using the Deliverables, Client acknowledges and agrees that it is bound to the Agreement. The Agreement governs Client’s use of the Deliverables however acquired including without limitation acquisition through an authorized distributor, reseller, online app store, or marketplace.

1. Definitions

“Affiliate(s)” means a corporation, partnership or other entity controlling, controlled by or under common control with such party, but only so long as such control continues to exist. For purposes of this definition, control means ownership, directly or indirectly, of greater than fifty percent (50%) of the voting rights in such entity (or, in the case of a noncorporate entity, equivalent rights).

“Client Content” means any data that is ingested by or on behalf of Client into a Deliverable from Client’s data sources.

“Client Data” means data that may be accessed or collected by the Deliverables in the form of logs, session data, telemetry, user data, usage data, threat intelligence data, threat detection information, copies of potentially malicious files detected, system stability data, user experience data, user interface data, and network traffic metadata. Client Data may include confidential data and personal data, such as source and destination IP addresses, active directory information, file applications, URLs, file names, and file content.

“Confidential Information” means all nonpublic information disclosed by a party to the other party , whether orally or in writing, that is designated as confidential or that, given the nature of the information or circumstances surrounding its disclosure, should reasonably be understood to be confidential. The terms of the Agreement are confidential to Stellar Cyber and shall not be disclosed by Client to any third party. Notwithstanding the foregoing, Confidential Information does not include any information that: (i) is or becomes generally known to the public without breach of any obligation owed to the Disclosing Party, (ii) was known to the Receiving Party prior to its disclosure by the Disclosing Party without breach of any obligation owed to the Disclosing Party, (iii) is received from a third party without breach of any obligation owed to the Disclosing Party, or (iv) was independently developed by the Receiving Party.

“Deliverable(s)” means Software, Subscription Services and other goods or services specified in an Order.

“Deliverable Term” means each period of time specified in an Order　whereby Stellar Cyber agrees to provide a Deliverable to Client, unless access has been authorized for trial or evaluation purposes, such period will be in accordance with Section 2.2 or Section 2.4 below. This Agreement shall renew upon receipt of Client’s applicable Order, which may be issued through an authorized Stellar Cyber reseller.

“Limits” means the maximum number of users, assets or data ingestion amounts specified in an Order.

“Order(s)” means a Stellar Cyber quote or ordering document (including online order form) accepted by Client via execution by Client or Client’s purchase order or other ordering document received and acknowledged by Stellar Cyber (directly or indirectly through an authorized reseller) which references the Deliverables, capacity, pricing, Deliverable Term, and other applicable terms set forth in an applicable Stellar Cyber quote or ordering document. Orders shall not include the terms of any preprinted terms on Client’s purchase order or other terms on a purchase order that are additional or inconsistent with the terms of this EUA.

“Software” means the executable code version of Stellar Cyber software, and any updates thereto, specified in an Order.

“Subscription Services” means software-as-a-service and cloud-delivered security services provided by Stellar Cyber specified in an Order.

2. Software Licenses and Subscription Services

2.1 Software License. Stellar Cyber grants to Client a nonexclusive, nontransferable, limited license to use the Software specified in an Order: (i) for the internal use by Client or Client’s Affiliates at Client’s or Client Affiliate’s facility specified in the Order or on Client’s or Client Affiliate’s internal computer or cloud-based systems, unless explicitly authorized in an Order as may be the case for the purpose of managed service provision during the Deliverable Term specified in the Order, and (ii) up to the Limits specified in the Order.

2.2 Evaluation License. Software provided for evaluation at no charge may only be used for evaluation during the evaluation period not to exceed sixty (60) days, unless otherwise specified and agreed by Stellar Cyber in writing, solely for the purpose of consideration whether to enter into an Agreement and not for any other purpose or any productive use. Notwithstanding anything to the contrary in the Agreement, Stellar Cyber shall have no obligation to provide maintenance, support, installation services, training services, warranties, or indemnification for evaluation licenses. Stellar Cyber may, in its sole discretion, terminate an evaluation license at any time.

2.3 Subscription Services. Subject to the terms of the service level agreement, Stellar Cyber shall provide Client access to the Subscription Services specified in an Order: (i) for the internal use by Client or Client’s Affiliates, unless expressly authorized otherwise in an Order (ii) during the Deliverable Term specified in the Order, and (iii) up to the Limits specified in the Order.

2.4 Trial Subscription Services. Stellar Cyber may provide Client trial access to the Subscription Services for evaluation or at no charge or for a nominal charge. Said trial access is for the evaluation period set forth in the Order, not to exceed thirty (30) days, unless otherwise specified and agreed by Stellar Cyber in writing, solely for the purpose of consideration whether to enter into an Agreement and not for any other purpose or any productive use. Notwithstanding anything to the contrary in the Agreement, Stellar Cyber shall have no obligation to provide maintenance, support, installation services, training services, warranties, or indemnification for Clients granted trial access. Stellar Cyber may, in its sole discretion, discontinue trial access at any time.

3. Privacy Policy

Stellar Cyber uses and protects Client Data, including information transmitted via the Deliverables, in accordance with Stellar Cyber’s Privacy Policy, located at https://stellarcyber.ai/privacy-policy/ (the “Privacy Policy”) and the Data Processing Addendum located at https://stellarcyber.ai/dpa/ (the “DPA”). In addition to the permissions granted in the Privacy Policy and DPA, Client allows Stellar Cyber to use and share non-personal data with third parties to build anonymous data profiles, provide segmented marketing information, create aggregate statistical reports, and improve current and new products and services.

4. Support / Service Level Agreement

Stellar Cyber shall provide Client maintenance, support and training for the Software as specified in an Order and maintenance, support and training for the Subscription Services as specified in the Service Level Agreement found at stellarcyber.ai/sla, if applicable. If Client has ordered the Software from an authorized reseller, support shall be provided in accordance with such authorized reseller’s applicable support policy.

5. Data Protection Addendum

Stellar Cyber shall process and secure Client Data for the Subscription Services found at stellarcyber.ai/dpa

6. Fees and Payments

6.1 Fees. Client agrees to pay fees and charges specified in the Order, or if not specified in the Order, the fees and charges at Stellar Cyber’s then-current list price for the respective Deliverables. Fees may be modified by Stellar Cyber for each Deliverable Term after the initial Deliverable Term by written notice to Client at least thirty (30) days prior to the end of the then current Deliverable Term.

6.2 Invoicing. All fees and charges shall be invoiced by Stellar Cyber or its authorized reseller and payable by Client prior to receipt or use of the Deliverables at the start of the Deliverable Term specified in the Order or as otherwise specified in the Order.

6.3 Payments. All payments shall be due and payable within thirty (30) days after the date specified in Stellar Cyber’s invoice (if applicable) to Client unless otherwise specified on an Order. Without limiting other remedies, undisputed past due amounts shall be subject to a monthly charge of one percent (1%) per month of the unpaid balance or the maximum rate allowable by law, whichever is less.

6.4 Taxes. Taxes. All fees and charges quoted are exclusive of applicable taxes and duties, including any applicable sales and use tax. Client is responsible to pay any taxes or similar government assessments (including, without limitation, value-added, sales, use or withholding taxes) or custom duties. For avoidance of doubt, Stellar Cyber is responsible to pay taxes assessable based on Stellar Cyber’s net income, property and employees.

6.5 Audits. Client shall maintain records regarding Client’s use of the Deliverables and shall make such information available to Stellar Cyber upon written request with sixty (60) days advanced notice. Stellar Cyber may monitor Client’s use of the Deliverables and reserves the right to audit, at its expense, Client’s deployment and use of the Deliverables for compliance with the terms of the Agreement. If Client’s use of the Deliverables is found to be greater than the Limits specified in an Order or for purposes beyond the license granted for the Deliverables, Client will be invoiced for excess use at the greater of the fees specified in the Order or Stellar Cyber’s then-current list price for the respective Deliverables. If an audit by Stellar Cyber, results in an adjustment to the fees owed by Client greater than ten percent (10%) of the fees paid by the Client under the Agreement, Client will pay the expenses associated with such audit.

6.6 Suspension. Stellar Cyber reserves the right to suspend the Deliverables for failure to pay fees then due ten (10) days after delivery of written notice which may be by email.

7. Term and Termination

7.1 Term. The Agreement shall commence as of the Effective Date and shall continue for the Deliverable Term specified in each respective Order unless earlier terminated. Termination of a specified Order will not affect a termination of any other Order.

7.2 Termination. Either party may terminate the Agreement, or an Order, in the event of breach by the other party which is not cured within thirty (30) days after delivery of written notice or within ten (10) days after delivery of written notice for breach of payment or use restrictions. Either party may terminate the Agreement, or any Order, immediately upon a party becoming insolvent or generally failing to pay its debts as they become due, or commencing or becoming subject to reorganization, insolvency or liquidation proceedings or ceasing to conduct business in the ordinary course. Upon termination, all licenses and rights shall terminate and Client shall return and cease all use of the Deliverables. Notwithstanding any early termination above, except for Client’s termination for Stellar Cyber’s uncured material breach, Client shall continue to be required to pay all fees payable under an Order.

8. Use Restrictions

Client shall not, and shall not permit any third party, to: (i) copy, modify, translate, reverse engineer, decompile, disassemble or otherwise reduce the Deliverables to human perceivable form or attempt to discover underlying source code, algorithms, or techniques, except to the extent that such activities may not be prohibited under applicable law, (ii) disclose any benchmarking, competitive analysis or other results obtained from the Deliverables to develop any similar item or any competitive products or services, (iii) attempt to disable or circumvent any license key, encryption or other security device or mechanism used in connection with the Deliverables, (iv) remove or otherwise interfere with any portion of the Deliverables designed to monitor Client’s compliance with the Agreement (v) exceed the Limits specified in an Order, or (vi) use any Deliverable in violation of applicable laws and regulations. Client acknowledges the Deliverables may include license keys and other features that disable use at the end of the applicable license or once the Limits specified in the Order are met.

8. Ownership

8.1 Deliverables. Client acknowledges and agrees the Deliverables, including but not limited to the Software and Subscription Services, are licensed or provided, not sold. Subject to the rights granted in the Agreement, Stellar Cyber shall retain all rights, title and interest in and to the Deliverables, including but not limited to the Software, the Subscription Services, and all intellectual property rights relating thereto.

8.2 Input. Any error reports, suggestions, recommendations, comments and other information provided by Client to Stellar Cyber with respect to the Deliverables (collectively “Input”) shall be owned by Client, however, Client grants to Stellar Cyber a non-exclusive, transferable, irrevocable, worldwide, royalty-free license (with rights to sublicense) to make, use, sell, offer to sell, reproduce, modify, distribute, make available, publicly display and perform, disclose and otherwise commercially exploit the Input.

8.3 Client Data. Subject to the limited rights expressly granted hereunder, Client reserves all rights, title and interest in and to all Client Data, including all related intellectual property rights relating thereto. As between Client and Stellar Cyber, Client shall retain ownership of all Client Data. No rights are granted to Stellar Cyber under the Agreement other than the limited rights licenses expressly set forth in the Agreement. Client hereby grants to Stellar Cyber and its authorized third party service providers the worldwide, nonexclusive, fully paid-up, royalty-free license to access, use, copy, distribute, perform, display and process Client Data to provide, maintain, and improve the Deliverables and perform its obligations under the Agreement. Client further authorizes Stellar Cyber to make necessary adjustments and modifications to sensors in Client’s systems to optimize the effectiveness of the Deliverables.

8.4 Use of Open Source Software. The Software may contain certain software, feeds, or portions provided under terms and conditions different from the Agreement (such as open source or community source), which may be identified in a text file or about box or in a file or files referenced thereby, or in a list provided to Client upon Client’s written request. Any open source software that is delivered to Client as part of the Software, and which may not be taken out of the Software, or used separately from the Software, is covered by the warranty, support, and indemnification provisions applicable to the Software. Client acknowledges that specific terms required by the respective licensors of open source software may apply to its use, however, these terms will not: (a) impose any additional restrictions on Client’s use of the Software, or (b) negate or amend Stellar Cyber’s responsibilities with respect to the Software.

9. Data Protection

9.1 Data Protection by Client. Client represents and warrants that Client’s use of the Deliverables complies with all applicable laws, including those related to data protection and that Client has obtained any and all consents necessary for Stellar Cyber to engage in data processing under the Agreement.

10. Confidentiality

10.1 Confidential Information. Each party will protect the Confidential Information of the other. Accordingly, a party receiving Confidential Information (a “Receiving Party”) agrees to: (i) protect the Confidential Information of a party disclosing Confidential Information (a “Disclosing Party”) using the same degree of care (but in no event less than reasonable care) that it uses to protect its own Confidential Information of a similar nature; (ii) limit use of Disclosing Party’s Confidential Information for purposes consistent with the Agreement, and (iii) use commercially reasonable efforts to limit access to Disclosing Party’s Confidential Information to its employees, contractors and agents or those of its Affiliates who have a bona fide need to access such Confidential Information for purposes consistent with the Agreement and who are subject to confidentiality obligations no less stringent than those herein.

10.2 Compelled Disclosure of Confidential Information. Notwithstanding the foregoing terms, the Receiving Party may disclose Confidential Information of the Disclosing Party if it is compelled by law enforcement agencies or regulators to do so, provided the Receiving Party gives the Disclosing Party prior notice of such compelled disclosure (to the extent legally permitted) and reasonable assistance, at the Disclosing Party’s cost, if the Disclosing Party wishes to contest the disclosure. If the Receiving Party is compelled to disclose the Disclosing Party’s Confidential Information as part of a civil proceeding to which the Disclosing Party is a Party, the Disclosing Party will reimburse the Receiving Party for its reasonable cost of compiling and providing secure access to such Confidential Information.

11. Indemnity

11.1 Indemnity by Stellar Cyber. Stellar Cyber will defend and indemnify Client, to the extent a claim, demand, suit or proceeding is made or brought against Client by a third party alleging the Deliverables infringes or misappropriates such third party’s patent, copyright, trademark or trade secret. Notwithstanding the foregoing, in no event shall Stellar Cyber have any obligations or liability under this Section arising from: (i) use of any of the Deliverables in a manner not anticipated by the Agreement or in combination with materials not furnished by Stellar Cyber; or (ii) any content, information or data provided by Client or other third parties. If the Deliverables may become subject to a claim of infringement or misappropriation, Stellar Cyber will, at its sole option and expense, either: (i) obtain for the Client the right to continue using the Deliverables; (ii) replace or modify the Deliverables to be non-infringing and substantially equivalent to the infringing Deliverables; or (iii) if options (i) and (ii) above cannot be accomplished despite the reasonable efforts of Stellar Cyber, then Stellar Cyber may terminate Client’s rights to use the infringing Deliverables and will refund pro-rata any prepaid fees for the infringing portion of the Deliverables. THE RIGHTS GRANTED TO CLIENT UNDER THIS SECTION SHALL BE CLIENT’S SOLE AND EXCLUSIVE REMEDY FOR ANY ALLEGED INFRINGEMENT BY THE DELIVERABLES OF ANY PATENT, COPYRIGHT, TRADEMARK OR TRADE SECRET.

11.2 Indemnity by Client. Client will defend and indemnify Stellar Cyber to the extent a claim, demand, suit or proceeding is made or brought against Stellar Cyber by a third party alleges any Client Content infringes or misappropriates such third party’s patent, copyright, trademark or trade secret, or violates another right of a third party.

11.3 Process for Indemnification. The indemnification obligations above are subject to the party seeking indemnification to: (i) provide the other party with prompt written notice of the specific claim; (ii) give the indemnifying party sole control of the defense and settlement of the claim (except that the indemnifying party may not settle any claim that requires any action or forbearance on the indemnified party’s part without their prior consent, which will not unreasonably withhold or delay); and (iii) gives the indemnifying party all reasonable assistance, at such party’s expense.

12. Limited Warranty

Stellar Cyber warrants that any Deliverables will substantially perform the material functions described in the applicable documentation. Stellar Cyber does not warrant the Deliverables will meet Client’s requirements or function uninterrupted or error free. EXCEPT AS EXPRESSLY SET FORTH ABOVE IN THIS SECTION, THE DELIVERABLES ARE PROVIDED AS IS AND WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS OR IMPLIED, AND STELLAR CYBER SPECIFICALLY DISCLAIMS ANY IMPLIED WARRANTIES, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. STELLAR CYBER DOES NOT WARRANT THAT USE OF DELIVERABLES WILL BE UNINTERRUPTED, ERROR FREE OR SECURE, OR THAT ALL DEFECTS WILL BE CORRECTED.

13. Limitation of Liability

13.1 Limitation on Types of Damages. IN NO EVENT SHALL EITHER PARTY BE LIABLE FOR PUNITIVE, EXEMPLAR, INDIRECT, INCIDENTAL, SPECIAL OR CONSEQUENTIAL DAMAGES (INCLUDING COSTS OF PROCUREMENT OF SUBSTITUTE GOODS) ARISING OUT OF OR RELATING TO THE AGREEMENT OR ANY DELIVERABLE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

13.2 Limitation on Amount of Liability. IN NO EVENT SHALL A PARTY’S TOTAL LIABILITY ARISING OUT OR RELATING TO THE AGREEMENT OR THE DELIVERABLES EXCEED THE AMOUNT DUE FROM OR PAID FOR THE DELIVERABLES IN THE TWELVE (12) MONTHS PRECEDING THE FIRST INCIDENT OUT OF WHICH THE LIABILITY AROSE, REGARDLESS OF WHETHER ANY REMEDY SET FORTH HEREIN FAILS OF ITS ESSENTIAL PURPOSE OR OTHERWISE.

13.3 Exclusions. The limitation of liability herein will not apply to a breach of a party’s confidentiality obligations, indemnification obligations, or the fraud, gross negligence or willful misconduct of a party. The foregoing limitations will also not apply to the extent prohibited by law.

14. Miscellaneous

14.1. Governing Law, Jurisdiction and Venue. The Agreement is governed by California law, excluding its choice of laws rule. The United Nations Convention on Contracts for the International Sale of Goods (1980) is specifically excluded and shall not apply. Any dispute or claim arising out of or related to the Agreement, or breach or termination thereof, shall be subject to exclusive jurisdiction and venue of the state and federal courts in Santa Clara County, California, and the parties agree and submit to the personal and exclusive jurisdiction of these courts.

14.2 Different Terms. Stellar Cyber expressly rejects terms or conditions in any Client purchase order or other similar document which are different from or additional to the terms and conditions set forth in the Order or this EUA. Such different or additional terms and conditions will not become a part of an agreement between the parties notwithstanding any subsequent acknowledgement by Stellar Cyber.

14.3 Export. The Deliverables may not be exported without prior written consent of Stellar Cyber. Client warrants and hereby gives written assurance to Stellar Cyber that Client will comply with all U.S. and foreign export and re-export restrictions applicable to the Deliverables. Client warrants that it shall comply with the Foreign Corrupt Practices Act (FCPA) in all dealings with, by, for or on behalf of Stellar Cyber, and shall not offer, promise, give, demand, seek or accept, directly or indirectly, any gift or payment, consideration or benefit in kind that would or could be construed as an illegal or corrupt practice.

14.4 Assignment. Neither party may assign its rights under the Agreement without the prior written consent of other party.

14.5 Force Majeure. Neither party will be liable for any delay or failure to perform any obligation under the Agreement (except for the obligation to make any payments) where the delay or failure results from any cause beyond their reasonable control, including, without limitation, acts of God, labor disputes or other industrial disturbances, electrical, telecommunications, or other utility failures, earthquake, storms or other elements of nature, blockades, embargoes, riots, acts or orders of government, acts of terrorism, or war.

14.6 Independent Contractors; No Third-Party Beneficiaries. The parties to the Agreement are independent contractors. The Agreement does not create a partnership, franchise, joint venture, agency, fiduciary or employment relationship between the parties. There are no third-party beneficiaries of the Agreement. Neither party has the authority to bind or act on behalf of the other party in any capacity or circumstance whether by contract or otherwise.

14.7. Survival. The termination or expiration of the Agreement will not affect any provisions herein which by their nature survive termination or expiration, including the provisions that deal with ownership of intellectual property, confidentiality, payment obligations, effect of termination, limitation of liability, privacy, and the Miscellaneous section in this EUA.

14.8 Integration; Entire Agreement. The Agreement along with any additional terms incorporated herein by reference, constitute the complete and exclusive understanding and agreement between the parties and supersedes any and all prior or contemporaneous agreements, communications and understandings, written or oral, relating to their subject matter. Except as otherwise expressly set forth herein, any waiver, modification or amendment of any provision of the Agreement will be effective only if in writing and signed by duly authorized representatives of both parties.

14.9 Modifications to the EUA. Changes to the EUA shall only apply to any entitlements acquired or renewed after the date of modification or update, unless such modifications are (i) required by law or (ii) otherwise necessary to respond to critical events that require modifications to the EUA to take immediate effect in order to avoid disruption of products and services provided hereunder.