DRP SEC LLC
Master services agreement

general terms and conditions

Last Updated: July 14, 2024

This Master Services Agreement (“MSA”) is made and entered into as of the date signed below, by and between DRPSEC, LLC. (also known as DRPSEC) and the client identified on the signature page below (sometimes referred to as “you,” “your,” or “Client”) and sets forth the general terms and conditions pursuant to which Client may obtain services from DRPSEC, LLC.

1. SCOPE OF SERVICES

    1.1 Service Contracts

In addition to services of the types listed above (our “Primary Services”), we may provide you with products or services (e.g. computer hardware or cloud software) that are sold or provided by third-party vendors or service providers (“Third-Party Products and Services”). The term “Services” is used in this MSA to refer to the services ordered by you and encompasses both Primary Services and/or Third-Party Products and Services, as applicable.

Services may be ordered and shall be provided pursuant to an Estimate, Proposal, Sales Order, Scope of Work, Pricing Addendum, Order Form or similar document (an “Order”) that describes the Services to be provided and the fees for those Services. Each Order (together with this MSA and any applicable Service Attachments) creates an agreement for the provision of Services (a “Service Contract”) between the Client and the affiliate or subsidiary of DRPSEC, LLC that signs the Order (referred to as “we,” “us,” “our” or “DRPSEC”). A Service Contract shall not be binding on, nor impose any obligations upon, DRPSEC, LLC. or any affiliate or subsidiary that is not a signatory to the Order.

Except for Supplemental Services or Project Services (described below), and unless otherwise agreed in writing, the services we will deliver to you are limited to those Services specifically identified in the Order and described in the Service Attachments.

    1.2 Supplemental Services

“Supplemental Services” are limited, additional services that you may request on a “one-off” or emergency basis that are not included within the scope of a Service Contract. You agree to pay for any Supplemental Services that you request on a time-and-materials basis at DRPSEC regular hourly rates, as reflected on the then-current rate sheet applicable to DRPSEC's customers generally.

    1.3 Project Services

In some cases, you may ask us to deliver services outside the scope of any Order that are greater in scope than Supplemental Services. Examples of such services include major system upgrades, new computer, machine or device setup, network changes, datacenter moves or setups, or installations. In those cases, we will prepare a separate Order for Project Services describing the proposed scope of those services and our fees to deliver them. Installation dates are estimates only. Client shall be responsible for preparation and maintenance of the site for such Project Services or installations, including, but not limited to, providing necessary electrical power and communication lines and proper air conditioning and humidity control.

    1.4 Estimates

The following terms and conditions apply to all estimates, proposals and scopes of work (whether specifically denominated as such or contained in some other form of Order):

  1. Unless specifically stated, installation, set-up and/or other labor or services are not included and will be separately billed for. Service Contracts for Managed IT Support Services do not cover labor or services unless specifically stated to be within the scope thereof.
  1. All references to time are estimates of the approximate number of hours that will be required to complete tasks as planned. The actual time and cost involved may vary. A reference to an amount of time is not a guarantee that the work can be completed in the stated time, nor is it an agreement to perform the work for a fixed fee.
  1. The time and cost involved are subject to change in light of unforeseen circumstances, including without limitation:  

          a.  Issues with existing infrastructure, cabling, etc.;  

          b.  Issues with internet service providers or other third parties;

          c.  Issues with hardware, software or other items not provided by DRPSEC;  

          d.  Issues with data transfer via LAN, WAN or otherwise, including system speeds, interruptions, corruption, etc.;  

          e.  Work beyond the anticipated scope of work that is required or requested;

f.   Pre-existing conditions or complications with any network or environment that was not designed, configured and installed by DRPSEC;

          g.  Manufacturer support, warranty or similar issues;  

          h.  Scheduling issues of Client or third parties; and  

          i.   Issues with Client- supplied hardware or software.

  1. A scope of work is provided as a summary outline for the project; it does not necessarily detail every item that is included or excluded. Unless a paid project is commissioned to research and develop a scope of work, all time is provided as an estimate.
  1. The actual time required to be spent on a project will be itemized and billed for. We will, upon request, do our best to inform Client of the progress and costs of a project to date, but cannot always predict or report in real-time. At any time, you may halt work on a project provided that you pay for any work already performed.
  1. Different hourly rates may apply to the same project – for example, for overtime, for work performed on weekends or holidays, for different levels of personnel, for different types of work, etc. Travel charges may also affect final pricing. We will, upon request, provide all applicable rate information.
  1. Charges for products and services provided by third parties, such as shipping and handling, wiring, etc., are estimated and subject to change; Client agrees to pay the actual costs. Client agrees to pay also for incidental costs, such as overnight delivery, document or data reproduction, digital media, etc., that are reasonably incurred.

2. FEES FOR SERVICES AND PAYMENT TERMS

    2.1 Service Fees

In consideration of the Services, you agree to pay to DRPSEC the fees set forth in the applicable Order. In the absence of a written agreement with respect to fees, Services will be performed on a time- and-materials basis at DRPSEC then-current rates. Ongoing Services may be canceled or terminated (when permitted by the terms of a Service Contract) only as of the end of a monthly billing cycle and DRPSEC shall not be obligated to pro-rate its fees if any Services are canceled or terminated mid-billing cycle.

    2.2 Out-of-Pocket Expenses

Client shall pay the reasonable out-of-pocket expenses, including travel expenses, lodging, meals, and other similar expenses, incurred by DRPSEC in performing the Services. Any such expenses will be billed at cost and invoiced monthly.

   2.3 Payment Terms

You agree to accept invoices sent to you by means of e-mail. You shall pay the full amount reflected on any invoice as owed to us within thirty (30) days following your receipt of that invoice. You shall pay interest of one and one- half percent (1.5%) per month or the maximum lawful rate, whichever is less, for all invoiced amounts not paid within thirty (30) days following your receipt of that invoice (the “Payment Deadline”).

If you dispute in good faith all or any portion of the amount shown on an invoice, or if you otherwise believe you are entitled to an adjustment of an invoiced amount, you must notify us in writing, prior to the Payment Deadline, of the nature and basis of the dispute and/or adjustment. If we are unable to resolve the issue prior to the Payment Deadline, you shall nevertheless pay the entire invoiced amount by the Payment Deadline. If we ultimately determine that such amount should not have been paid, we shall apply a credit equal to such amount against any fees owed for the following month.

    2.4 Suspension of Services for Non-Payment

If you fail to pay all amounts owed under a Service Contract when due, then we may suspend the Services for which payment has not been made until full payment is made. Following any suspension of service under this provision, and after you make full payment to us, we shall restore the Services after confirming that all aspects of your network, systems and environment remain in compliance with the Service Contract and our requirements with respect to security, updates and best practices. As a condition of such restoration you agree to pay us a “Reactivation Fee” equal to $450.00 or, if greater, the actual costs reasonably incurred by us in effecting such restoration. Our right to suspend Services under this section is in addition to any right to terminate the Service Contract or other remedy that might be available to us. DRPSEC SHALL NOT HAVE ANY RESPONSIBILITY OR LIABILITY FOR ANY INTERRUPTION OF BUSINESS OR OTHER CLAIMS, DAMAGES OR COSTS OF ANY KIND IN CONNECTION WITH A SUSPENSION OF SERVICES BASED ON CLIENT’S NON- PAYMENT OF FEES.

   2.5 Taxes, Regulatory Fees, Etc.

All charges and fees owed pursuant to any Service Contract are exclusive of any applicable sales, use, excise or services taxes that may be assessed on the provision of the Services. In the event that any such taxes are assessed on the provision of any of the Services, you shall pay the taxes directly to the taxing authority or shall reimburse us for their payment. DRPSEC shall have the right to pass through to you the amounts of any regulatory fees,

surcharges and/or similar charges imposed by law or otherwise required to be paid in connection with the provision of the Services.

   2.6 Means of Payment

DRPSEC may require that valid credit card account information be provided and maintained for purposes of paying the fees and charges associated with Service Contracts for Data Backup Services and Cloud PBX Hosting Services. Except in instances in which payment by credit card is required, payment shall be made by (a) check; (b) wire transfer, ACH or similar electronic funds transfer; or (c) at Client’s option, by means of credit card, provided that DRPSEC shall, to the extent permitted by law, have the right to collect from Client a convenience fee in an amount equal to the amount of any credit card processing fee(s) actually incurred by DRPSEC. All payments shall be in U.S. Dollars.

3. TERM

   3.1 MSA

This MSA is effective as of the date of execution and will remain in effect until terminated by one of the parties. Either party may terminate this MSA for any reason or no reason upon at least thirty (30) days’ advance written notice, provided, however, that termination of this MSA will not, by itself, result in the termination of any Service Contract, and this MSA will remain in effect notwithstanding any notice of termination unless and until all Service Contracts are terminated or expire according to their terms.

    3.2 Individual Service Contracts

Service Contracts are entered into for either a fixed term (for example, one year) or for a recurring term (as described in the following Section 4). The term of each Service Contract shall be as set forth in the applicable Order. If no term for the provision of Primary Services is specified in an Order, then the term of the Service Contract shall be the standard term for the type of Primary Services being provided, as set forth in the applicable Service Attachment. If Services are provided on an ongoing basis in the absence of an Order or Service Attachment specifying the applicable term, or if Services continue to be provided after a Service Contract has expired or been terminated, then the Services will be deemed to be provided on the basis of a recurring term (for purposes of clarity, this sentence shall not apply to a Service Contract that includes a renewal provision unless Services continue to be provided despite a party’s having given notice of intention not to renew).

4. RENEWAL AND TERMINATION OF CONTRACTS FOR A RECURRING TERM

    4.1 Renewal

A Service Contract with a recurring term shall remain in effect, and the Services shall continue to be provided and paid for each month, until the Service Contract is terminated by one of the parties.

   4.2 Termination

A Service Contract with a recurring term may be terminated by either party, for any reason or no reason, upon sixty (60) days’ advance written notice. The effective date of any termination must be the last day of a monthly billing cycle.

5. RENEWAL AND TERMINATION OF CONTACTS FOR A FIXED TERM

   5.1 Renewal

A Service Contract with a fixed term shall be automatically renewed for successive renewal terms unless a party gives written notice of its intention not to renew at least sixty (60) days prior to the expiration of the initial term or the then-current renewal term. If the initial term of the Service Contract is shorter than twelve (12) months, then the length of each renewal term shall be equal to the length of the initial term. If the initial term is twelve (12) months or longer, then the length of each renewal term shall be twelve (12) months.

    5.2 Termination – Primary Services

A Service Contract for the provision of Primary Services over a fixed term may be terminated:

           ◦ by either party, in such other circumstances, if any, as might be provided for in the applicable Service Attachment; or  

◦ by either party, if it becomes apparent that the other party has become or threatens to become insolvent, has filed for bankruptcy protection, has had a receiver appointed, has called a meeting of creditors, or is otherwise affected by similar circumstances

    5.3 Termination – Third-Party Products and Services

A Service Contract for the provision of Third-Party Products and Services over a fixed term may be terminated prior to the expiration of the initial term or any renewal term only to the extent that there is an entitlement to terminate (whether by virtue of a failure to meet performance standards, the payment of an early termination fee by Client, or otherwise) under the terms of the agreement (“Third-Party Agreement”) pursuant to which the product or service in question is made available by the third-party vendor or service provider.

6. TERMINATION FOR VIOLATION OF ACCEPTABLE USE POLICY

Client shall comply with DRPSEC Acceptable Use Policy (“AUP”), and with any AUP’s applicable to Third-Party Products and Services that are contained in or referred to in the applicable Third-Party Agreements. DRPSEC may terminate any Service Contract if there is a violation by Client of an applicable AUP and a failure by Client to cure such violation within ten (10) days after written notice. In addition to its right to terminate a Service Contract,

DRPSEC shall have the right to suspend the affected Services, immediately and without notice, if required to do so by law, court order or other legal requirement, of if the Services are used for purposes that are illegal; involve the distribution of viruses or other damaging computer code; involve the sending of “spam” e-mail messages; violate the intellectual property or privacy rights of others; impair the use of the Services by others; threaten to impose liability on DRPSEC or a third-party vendor or service provider; or otherwise involve conduct of a similarly serious nature.

7. EFFECT OF TERMINATION

    7.1 Cessation of Use; Return of Materials

Upon the termination of a Service Contract, the Client shall cease its use of the affected Services. The Client shall promptly return to DRPSEC all Equipment (as defined in Section 14 below), Software (as defined in Section 15 below), documentation and other tangible items provided to Client in connection with the Services; and shall delete from its computer systems all electronic copies of the Software and any documents, data or other information that was provided. Upon request, Client shall provide written certification of its compliance with the obligations set forth in the preceding sentence, which certification shall be by an officer (or other representitive having similar authority).

    7.2 Transition Services  

DRPSEC shall cooperate with the Client in the orderly termination of the Services. If the Client wishes to obtain off-boarding services and/or assistance in transitioning to a new service provider, then Client shall compensate DRPSEC for such services on a time-and-materials basis at DRPSEC then-current rates or in accordance with such fee arrangement as might be agreed upon in writing. DRPSEC may require that any such fees, or a reasonable estimate thereof, be paid in advance.

    7.3 Portability and Retention of Client’s Data

Upon request by the Client, DRPSEC will make available to Client a copy of all data used or stored by the Client in connection with the Services (“Client Data”) that remains on servers, storage devices or otherwise in the possession or under the control of DRPSEC, in consideration of which DRPSEC shall be entitled to be compensated at DRPSEC’ then-current rates for the time reasonably required to assemble and copy such data, as well as for the cost of any media used to transfer the data.

AFTER THE EXPIRATION OF THIRTY (30) DAYS FOLLOWING THE TERMINATION OF A SERVICE CONTRACT BY EITHER PARTY FOR ANY REASON, DRPSEC SHALL HAVE NO FURTHER OBLIGATION TO MAINTAIN OR PROVIDE ANY CLIENT DATA AND SHALL THEREAFTER, UNLESS LEGALLY PROHIBITED, DELETE ALL CLIENT DATA ON ITS SYSTEMS OR OTHERWISE IN ITS POSSESSION OR UNDER ITS CONTROL.

    7.4 Payment of Fees

Notwithstanding the termination of a Service Contract, the Client shall remain responsible for the payment of all fees for Services properly provided prior to the date of termination by DRPSEC and/or any third-party vendor or service provider and any early termination or similar fees that might be payable under the Service Contract or any Third-Party Agreement in connection with the circumstances of the termination.

    7.5 Domain Names

Upon termination of a Service Contract it shall be Client’s responsibility to arrange for the transfer to Client or Client’s new hosting provider of any domain name(s) that were used in connection with the Services and that Client wishes to maintain control of. DRPSEC shall cooperate with Client in effecting such transfer, but unless otherwise required by law, Client shall bear all costs associated with any such transfer and DRPSEC shall not, following the termination of a Service Contract, have any ongoing obligation to maintain or renew any domain name registration on behalf of Client.

8. ADJUSTMENT OF FEES BASED ON LEVEL OF USAGE

    8.1 Usage Parameters

An Order for Services may set forth counts or other parameters (e.g. number of servers or other devices to be supported, number of users or software licenses, amount of storage space to be made available for backup, etc.) upon which the pricing for the Services is based. These are referred to as “Usage Parameters.”

  8.2 Increases in Usage

If there is an increase in the level of Client’s usage of the Services, growth in the size of Client’s business or network, and/or the Client otherwise exceeds the Usage Parameters set forth in a Service Contract, then the fee for the Services will be increased by an amount equal to the difference between the then-current fee for the agreed-upon level of usage and the then-current fee for the Client’s actual, higher level of usage. In this regard:

  1. The Client shall pay the increased fee for the Services retroactive to the monthly billing cycle during which Client’s usage first exceeded the Usage Parameters.
  1. There will be no proration of monthly fees (i.e. regardless of the day during a monthly billing cycle when the increased usage first occurred, billing for the entire month will be based on the higher level of usage).
  1. Once a Usage Parameter has been exceeded, billing for the remaining term of the Service Contract will be based on the higher level of usage.
  1. With respect to Third-Party Products and Services, any count or other measurement of the level of Client’s usage by the third-party vendor or service provider will be binding on the Client.

    8.3 Decreases in Usage

If Client has committed to a Service Contract for a fixed term, then there will be no reductions in the fees payable by Client based upon a reduction in usage below the agreed-upon Usage Parameters. If the Service in question is being provided pursuant to a Service Contract with a recurring term, then fees will be adjusted subject to the following:

  1. A request for a reduction in fees on the basis of decreased usage must be made in writing by means of an e-mail message to DRPSEC’ HelpDesk.
  1. A request must be received at least sixty (60) days in advance.
  1. Reductions will be made only as of the beginning of a monthly billing cycle (i.e. there will be no prorating or partial months).
  1. No retroactive reductions will be made.

9. ADJUSTMENT OF FEES BASED ON COMPLEXITY

If there is an increase in the scale or complexity of Client’s business or network (e.g. the addition of new office locations, the inter-operation of different products, services or technologies, the use of specialized or uncommon hardware or software, etc.) that results in a material increase in the efforts or costs required to be incurred by DRPSEC in order to provide the Services, then DRPSEC shall have the right to increase, in a commercially reasonable manner, the amounts of any relevant fixed, per-unit or other fees that don’t adequately reflect the increased scale or complexity. DRPSEC shall provide at least ninety (90) days’ written notice of the beginning of the monthly billing cycle with respect to which any such fee increases will take effect and, if the Client is unwilling to accept such fee increases, then DRPSEC shall have the right to terminate any affected Service Contracts as of the end of the prior monthly billing cycle.

10. PRICE INCREASES

    10.1 Annual Increases with Respect to Primary Services

Except as set forth in the applicable Order or otherwise agreed by the parties in writing, the fees for Primary Services provided pursuant to a Service Contract with a fixed term shall be subject to an annual increase of not more than five (5%) percent with respect to each year of the initial term after the first and each renewal year. The foregoing shall not be construed to limit the right of a party not to renew or to propose a different pricing arrangement as a condition of renewal.

    10.2 Increases in the Prices of Third-Party Products and Services  

DRPSEC shall have the right to pass through to the Client any increases in the prices of Third-Party Products and Services, provided that DRPSEC shall provide at least thirty (30) days’ written notice of the beginning of the monthly billing cycle with respect to which any such price increases will take effect (or the maximum amount of notice reasonably possible in light of the timing of the notice from the third-party vendor or service provider) and, if the Client is unwilling to accept such price increases, then the Client shall have the right to terminate any affected Service Contracts as of the end of the prior monthly billing cycle.

11. HELPDESK

    11.1 Support Requests

All support requests must be instituted by contacting the HelpDesk through one of the means described in Section 11.3, which will result in the creation of a support ticket. It is the sole responsibility of the Client to create a support ticket through the HelpDesk. Calls, emails, or other types of communication that are directed anywhere else may not be responded to in a timely fashion.

    11.2 Support Response Process

DRPSEC will respond to support requests in accordance with its problem prioritization, management and escalation processes. A support ticket in DRPSEC system will be used to track and document each support request.

    11.3 Contacting the HelpDesk

For support requests, Clients shall contact the HelpDesk using the methods below

    11.4 Hours of Operation

          ◦ New Year’s Day (January 1st)

          ◦ Martin Luther King Jr. Day (3rd Monday in January)

          ◦ President’s Day (3rd Monday in February)

          ◦ Good Friday (Friday before Easter)

          ◦ Memorial Day (last Monday in May)

          ◦ Independence Day (July 4th)

          ◦ Labor Day (1st Monday in September)

          ◦ Thanksgiving Day (4th Thursday in November)

          ◦ Christmas Eve** (December 24th)

          ◦ Christmas Day (December 25th)

** Early close at 1:00 p.m. PST.

12. SERVICE LEVEL MATTERS

    12.1 Service Levels and Service Level Credits

Except as otherwise agreed in writing, if a Service Attachment contains an agreement concerning Service Levels and a required Service Level is not met, then, as the Client’s sole and exclusive remedy, and DRPSEC sole and exclusive liability, for the failure of the Services to meet the required Service Level, DRPSEC shall provide the Client with a partial credit against the monthly fees payable for the Services in question (a “Service Level Credit”), calculated in the manner specified in the Service Attachment.

    12.2 Service Level Policies  

DRPSEC will process Service Level Credits for failures to meet the required Service Levels (“Events”). If an Event has occurred that qualifies for a Service Level Credit, Client must open a ticket with DRPSEC’s HelpDesk providing the details pertaining to the Event within 30 days of the occurrence (unless it is specifically stated that a Service Level will be monitored proactively, i.e. that performance will be self-monitored by DRPSEC, in which case no ticket need be submitted). If Client does not open such ticket within the required time period, Client forfeits any right to claim that a Service Level Credit is due. For the purpose of calculating whether a Service Level Credit may be due, and the duration of an Event, and unless otherwise set forth in a Service Attachment, DRPSEC will calculate time periods as beginning from the earlier of (a) the time stamp of the alert in DRPSEC’s monitoring systems; or (b) the time stamp of the Client-submitted ticket, and continuing until the time DRPSEC has resolved the Event.

The maximum total amount of Service Level Credits that may be earned for Events occurring during a single calendar month shall not exceed one hundred (100%) percent of one month’s worth of the monthly fees for the affected Services. Any excess Service Level Credits are forfeited and shall not be carried over to future months.

Client must bring any disputes relating to DRPSEC’s determination of Service Levels or Service Level Credits to DRPSEC’s attention in writing within thirty (30) days after the determination or the determination will be final and binding

    12.3 Service Level Exclusions

Service Levels and Service Level Credits apply only to Client and not to any customers of Client or to any other party. Client is not entitled to any Service Level Credit if (a) Client has not paid all fees when due, (b) Client is otherwise in breach of the Service Contract, (c) Client has failed to provide DRPSEC with appropriate access or otherwise interfered with DRPSEC’s ability to provide the Services, or (d) a failure to meet Service Levels is attributable to one of the following

  1. Maintenance.

a. DRPSEC Scheduled Maintenance. Repairs, upgrades or modifications to DRPSEC’s systems or infrastructure that are scheduled in advance.

b. Client Maintenance. Repairs, upgrades, scheduled or Client- requested service interruptions or modifications to the Services provided to Client, that are scheduled in advance or in connection with a previously agreed-upon routine or schedule.

c. Emergency Maintenance. If necessary to avoid imminent harm, prevent further or repeated interruptions of the Services or in other emergency circumstances, DRPSEC may interrupt the Services on such limited notice, including no notice, as is reasonably feasible under the circumstances.

  1. Extraordinary Events. Service interruptions resulting from denial of service attacks, virus attacks, hacking attempts or any other similar attacks.
  1. False Failures. Erroneously reported failures, failures reported as the result of an error in a DRPSEC measurement system, or failures resulting from testing of the Services to simulate a failure.
  1. Client-Provided Equipment. Matters caused by or related to the failure, malfunction or configuration changes in hardware or other equipment provided by the Client.
  1. Non-Standard Configuration. Matters caused by a Client- requested non- standard or unsupported configuration.
  1. External Network Conditions. Matters caused by general internet or network conditions outside the reasonable control of DRPSEC, including but not limited to DNS issues.
  1. Non-Impacting Failure. Nominal failures that do not actually affect Client’s use of the Services (e.g. a failure during hours when Client’s business is closed or that affects a non-production computer system).
  1. Unexpected Usage. Matters caused by usage patterns or traffic that exceeds the Usage Parameters.
  1. Client Acts. Matters caused by Client acts (or the acts of others engaged or authorized by Client), including without limitation, any negligence or willful misconduct.

13. INTELLECTUAL PROPERTY RIGHTS

    13.1 Ownership

All patent, copyright, trademark, trade secret, know-how and other proprietary or intellectual property rights (“IP Rights”) with respect to the Services shall remain the property of DRPSEC and/or the respective providers of the Third-Party Products and Services. Client shall not acquire any interest in any IP Rights associated with the Services, except that Client is hereby granted a limited license to the extent necessary to allow the Client to use the Services for its own internal business purposes and in accordance with the terms of the applicable Service Contracts.

    13.2 License Restrictions Client shall not:

  1. copy, translate, modify, adapt, decompile, disassemble, create derivative works from, merge the Services with any other products or services or reverse engineer the Services; or
  1. use any of the ideas, features, functions, graphics or other aspects of the Services for purposes of creating any similar products or services.

    13.3 Works of Authorship

Unless otherwise agreed in writing, any software program, application, computer code, writing or other work of authorship (“Work”), regardless of medium, which is created or developed by DRPSEC in the course of performance under a Service Contract and which is related to the Services or to other products or services offered by DRPSEC shall not to be deemed a “work made for hire” and shall remain the sole and exclusive property of DRPSEC. To the extent a Work is for any reason determined not to be owned by DRPSEC, Client hereby irrevocably assigns and conveys to DRPSEC all of its copyright in such Work.

Without limiting the foregoing, DRPSEC shall own all network diagrams and other documents concerning Client’s network, systems or environment that might be created by DRPSEC for DRPSEC’s use in performing the Services. DRPSEC will provide Client with copies of any such documents upon reimbursement, at DRPSEC’s then- current rates, for the time that was required to create such documents.

    13.4 Improvements

Client hereby assigns to DRPSEC any and all suggestions, ideas, enhancement requests, feedback, recommendations or other information provided by Client or its users relating to any proposed improvements of or modifications to the Services.

DRPSEC shall solely and exclusively own all IP Rights with respect to any invention, addition or other improvement (“Improvement”) to the Services, or to any other products or services offered by DRPSEC, that might be created by DRPSEC, regardless of whether based in whole or in part on any such suggestion, idea, etc. or whether created during or in connection with the provision of the Services to Client.

    13.5 Confirmation

Client hereby irrevocably assigns to DRPSEC all of its IP Rights, if any, with respect to all Works and Improvements pertaining to the Services or any other products or services offered by DRPSEC and hereby agrees to execute such assignments and/or take such other actions as might reasonable be required to confirm DRPSEC’s ownership of such IP Rights, provided that Client is reimbursed by DRPSEC for any time or expenses reasonably incurred in so doing.

14. DRSPEC SUPPLIED EQUIPMENT  

“Equipment” means any computer, networking or telephony equipment, racking, or associated hardware or other equipment (if any) that we install on your premises or that we ship to your location to facilitate the delivery of Services. Equipment does not include any hardware or devices that we may sell to you or that we may procure on your behalf.

We retain sole discretion to determine the appropriate Equipment and associated software and/or technology, if any, to be used at your location in order to best provide the Services. We also retain sole discretion to determine

You shall take reasonable care of the Equipment and shall not damage it, tamper with it, remove it, attempt to repair it, or attempt to install any software on it. You are financially responsible, up to the full replacement value of all Equipment, for all damage to or loss of the Equipment used at your location, other than loss or damage caused by DRPSEC. In addition, you shall obtain and maintain insurance with a reputable insurer for the full replacement value of the Equipment. Such policy or policies of insurance must cover the Equipment against loss or damage (including, without limitation, accidental loss or damage) and must name DRPSEC as an additional insured with respect to the Equipment. Upon request, you will produce evidence that such insurance is in effect.

You are responsible for providing the necessary power, network connection and appropriate environment to support the Equipment.

DRPSEC is and will remain the sole owner of any Equipment, which is provided on a rental or temporary basis only. You shall not remove any sign, label or other marking on the Equipment identifying DRPSEC as the owner of the Equipment. You do not acquire and will not acquire any rights of ownership in the Equipment by virtue of a Service Contract, and you do not have and will not have, by operation of law or otherwise, any lien or other similar right over or in relation to the Equipment.

On termination of any Service Contract pursuant to which we deliver Equipment, you shall provide DRPSEC or its contractors with reasonable access to your premises to remove the Equipment. Alternatively, upon our request, you shall return the Equipment to us via the carrier of our choice, for which Client will pay all applicable shipping charges.

15. DRPSEC SUPPLIED SOFTWARE

“Software” means any and all software programs, applications or other computer code installed on the Equipment, provided to you for installation on your computer equipment, provided to you on a “cloud” basis, or otherwise furnished as a part of the Services or in order to facilitate the delivery of the Services.

A Service Contract does not transfer any right, title, or interest in the Software to you. Your use of the Software is subject to all applicable terms of any Third- Party Agreements, including without limitation end-user license agreements, pertaining to the Software.

You shall not:

  1. distribute or allow others to distribute copies of the Software or any part thereof to any third party,
  1. tamper with, remove, reproduce, modify or copy the Software or any part thereof,
  1. provide, rent, sell, lease or otherwise transfer the Software or any copy or part thereof or use it for the benefit of a third party, or
  1. reverse assemble, reverse compile or reverse engineer the Software or any part thereof, or otherwise attempt to discover any Software source code or underlying proprietary information except as may be permitted by law.

16. NON-DISCLOSURE AND CONFIDENTIALITY

    16.1 Confidential Information

During the course of performance under a Service Contract, a party may become privy to the other’s proprietary or confidential information. Each of us shall hold all such “Confidential Information” of the other in strict confidence and shall not disclose such information to any third party.

Confidential Information includes but is not limited to: (a) with respect to DRPSEC, DRPSEC’s unpublished prices for Services, audit and security reports, server/network configuration designs, passwords, business plans, technical information or data, product ideas or other research and development, methodologies, calculation algorithms and analytical routines, and other proprietary technology; (b) with respect to Client, content or information transmitted to or from, or stored by Client on, DRPSEC’s servers or that is otherwise created or used by Client in connection with the Services (“Client Data”); and (c) with respect to both parties, other information that is either marked or designated as “Confidential” or could reasonably be understood to be confidential or proprietary under the circumstances.

    16.2 Exceptions

Notwithstanding the preceding Section 16.1, Confidential Information does not include:

  1. Information that at the time of disclosure is, without fault of the recipient, available to the public;
  1. Information that the recipient can show was independently in its possession at the time of disclosure;
  1. Information received from a third party who had the right to disclose the information without violation of any confidentiality agreement with the other party; or
  1. Information required to be disclosed pursuant to court order or by law, provided that the disclosing party is, to the extent possible, provided with advance notice of any such disclosure, and that any disclosure is limited to the minimum amount of information required.

    16.3 Agreement Terms to be Kept Confidential

No copies of this MSA, the Service Attachments, Orders or other agreements between the parties, or any information concerning the same, shall be disclosed to any third party, except by reason of legal, accounting or regulatory requirements, without the prior written consent of the other party.

17. CLIENT COVENANTS AND OBLIGATIONS

    17.1 Assistance

Client shall provide in a timely and professional manner, and at no cost to DRPSEC, assistance, cooperation, complete and accurate information and data, such equipment as is agreed to be the responsibility of Client, access to applicable computer and telecommunications facilities and related resources (including, without limitation, networks, firewalls, servers, programs, files, documentation and any passwords required for the provision of the Services), a suitable work environment, and such other resources as are reasonably requested by DRPSEC to enable it to perform the Services. In addition, Client may be required to conduct preliminary diagnostic steps or to provide additional information related to a support request, prior to a technician being dispatched to Client’s facility. The foregoing is collectively referred to as “Assistance.” DRPSEC shall not be liable for any deficiency in performing the Services if such deficiency results from Client’s failure to provide full Assistance as required hereunder. Assistance includes, but is not limited to, designating a project manager or contact person to interface with DRPSEC during the course of the performance of the Services.

    17.2 Software Licensing

Client represents and warrants that Client has proper licenses for (or otherwise has the right to use) any software or other technology that is in use by Client, or that is to be furnished by Client, and that Client has requested DRPSEC to use, access or modify as part of the Services.

It is the Client’s responsibility to independently ensure that ALL such software and technology is properly licensed, and Client agrees to provide DRPSEC with proof of such licensing upon request. DRPSEC will not promote the use of, or knowingly support, software or other technology that is not properly licensed by Client. Assistance with software audits or licensing compliance matters may be obtained from DRPSEC as Project Services.

    17.3 Remote Access; Client Facilities

Broadband Internet access must be provided and DRPSEC must be provided with remote access (via VPN or other reasonable means) to covered equipment. Client acknowledges that DRPSEC may require unattended remote access to Client systems. Appropriate cabling to all covered computers and devices must be provided. Appropriate air conditioning and ventilation for all covered computers and devices must be provided in order to maintain temperature and air quality as specified by the applicable hardware manufacturers. Power surge protection must be provided for all covered computers and devices.

    17.4 Existing Service Providers; Disposal of Old Equipment and Packaging  

Unless otherwise agreed in writing, Client is responsible for arranging for the disconnection or termination of any existing services, for arranging for any migration, porting or other transition services required, and for the payment of any charges related to the foregoing to Client’s existing service provider(s).

DRPSEC is not responsible for the acts or omissions of any other service utility companies or other third parties. Client is responsible for the disposition or disposal of any old or unused hardware, racking, cabling or other items and for the disposal of any shipping or packaging materials associated with new items.

    17.5 Network Security and Malicious Events

In performing the Services, DRPSEC shall utilize cyber-security practices and technology that are in accordance with industry standards as of the date of performance. Unless specifically agreed in a Service Contract for the provision of cyber-security services, DRPSEC is not undertaking a duty to update the Client’s existing network, systems or environment or any previously-performed Services or to provide any advice, monitoring or other cyber-security services, and DRPSEC shall not be responsible for the security of your computer network, voice circuits or other systems, or any other aspect of your environment nor shall DRPSEC be liable for any damages resulting from a Cyber-Attack, as defined below (except to the extent, if any, that the Cyber-Attack is attributable to a breach of the obligation set forth in the first sentence of this section, in which case DRPSEC’s liability shall be limited in accordance with the general limitation of liability set forth in Section 23.1).

Except to the extent provided in a Service Contract, it is Client’s sole responsibility to determine what actions are necessary to make Client’s network, systems and environment secure and to take those actions. Without limiting the foregoing, Client has the responsibility to protect its network, systems and environment from, and to train its employees with respect to, viruses, spam, malware, ransomware, the acts of third parties such as hackers and phishers, and other types of malicious code, unauthorized access or similar threats (collectively “Cyber-Attacks”).

If a Service Contract for the provision of cyber-security Services is entered into, then DRPSEC will use commercially reasonable efforts to protect those aspects of Client’s network, systems and/or environment that are identified in the Service Contract from Cyber-Attacks, however Client understands that no cyber-security software, devices or procedures can guaranty complete protection against Cyber-Attacks as such attacks are constantly evolving and often involve the intentional action of third parties endeavoring to invade and damage computer systems. IF DRPSEC SHALL HAVE AGREED IN WRITING TO PROVIDE CYBER-SECURITY SERVICES, THEN LISS’S LIABILITY WITH RESPECT TO ANY CYBER-ATTACK SHALL BE LIMITED TO ANY ACTUAL, DIRECT DAMAGES INCURRED BY CLIENT AND SHALL NOT EXCEED THE GREATER OF (1) $5,000, OR (2) SIX (6) TIMES THE MONTHLY FEES PAID BY CLIENT FOR CYBER-SECURITY SERVICES.

    17.6 Theft of Services

Client shall notify DRPSEC immediately, by e-mail to LISS’s HelpDesk, if Client becomes aware at any time that the Services are being stolen or used fraudulently. If Client fails to notify DRPSEC within one (1) business day after becoming aware of any such theft or fraudulent use of the Services, or if such theft or fraudulent use is attributable to a failure by Client to maintain reasonable physical, electronic or other security measures, then Client shall reimburse DRPSEC for any fees or costs incurred as the result of such theft or fraudulent use, including, without limitation, the usage or service fees that would normally be charged by DRPSEC or an affected third-party vendor or service provider and/or the replacement cost of any Equipment, products or other items owned by DRPSEC or a third-party vendor or service provider that have been lost.

    17.7 Limitations on Scope of Support

Support for the products and services of third-party vendors and service providers will be provided by DRPSEC only with respect to products and

  1. are Third-Party Products and Services within the meaning of this MSA (i.e. services that: the products or services were obtained by the Client through DRPSEC); and
  1. are currently-supported models or versions (i.e. hardware must still be under the manufacturer’s warranty, software must be a recent version that has not reached the publisher’s end-of-support, etc.)

If Client wishes to obtain support for products or services of a third-party vendor or service provider that do not satisfy these criteria, then such support must be requested as either Supplemental Services or Project Services.

    17.8 Data Backup

Except in instances in which the Services are agreed in writing to include backup Services, Client shall be solely responsible for backing up Client’s data and DRPSEC shall have no liability with respect to the loss or unavailability of data. A backup solution must be in place, with backup copies stored off-site. It is the Client’s responsibility to ensure that backups are made regularly and to verify the integrity of the backups. IF DRPSEC SHALL HAVE AGREED IN WRITING TO PROVIDE BACKUP SERVICES, THEN DRPSEC’S LIABILITY WITH RESPECT TO ANY LOSS OR UNAVAILABILITY OF DATA SHALL BE LIMITED TO ANY ACTUAL, DIRECT DAMAGES INCURRED BY CLIENT AND SHALL NOT EXCEED THE GREATER OF (1) $5,000, OR (2) SIX (6) TIMES THE MONTHLY FEES PAID BY CLIENT FOR SUCH BACKUP SERVICES.

    17.9 Recovery Services

Any services to rebuild or recover Client’s network, systems or environment following a natural disaster, Cyber-Attack or similar event shall be provided by DRPSEC as Project Services.

    17.10 Anti-Virus Software

Client must have anti-virus software, including a valid update subscription, in place. If Client requests, DRPSEC may provide Client with commercially- available anti-virus software, however DRPSEC shall not be deemed to make any warranty with respect to the effectiveness of any such software nor shall DRPSEC have any liability in connection with any defect in or failure of such software.

    17.11 Ownership of Client Data

As between DRPSEC and Client, all Client Data is owned exclusively by Client. DRPSEC may access the Client Data to the limited extent necessary to provide the Services or respond to support requests, but shall not otherwise access the Client Data except upon Client’s instructions.

18. COMPLIANCE MATTERS

DRPSEC shall not in any instance be deemed to be providing the Client with advice concerning the meaning, interpretation of, or compliance with any laws, regulations or other legal requirements, including, without limitation, Payment Card Industry (PCI) standards, the Sarbanes-Oxley Act (SOX), the Health Insurance Portability and Accountability Act (HIPAA), the European Union General Data Protection Regulation (GDPR) or the New York Department of Financial Security Cybersecurity Requirements for Financial Services Companies. Client agrees that it will not rely upon DRPSEC for any such advice and that it will obtain any required advice from its attorneys or other appropriate advisors. Any involvement by DRPSEC shall be deemed to be limited to the provision of technological advice with respect to the implementation of solutions or protocols developed by the Client, its attorneys and/or advisors.

19. WARRANTIES AND LIMITATIONS

    19.1 Warranties

Primary Services are warranted to the extent set forth in the applicable Service Attachment.

With respect to Supplemental Services and Project Services, DRPSEC warrants that the Services will be performed in a professional and workmanlike manner and in accordance with any written agreement between the parties. All such Services will be deemed to have been accepted by the Client and to be conforming unless Client notifies DRPSEC in writing within ten (10) business days following completion that the Services do not conform to this warranty.

DRPSEC does not independently warrant any Third-Party Products and Services, however DRPSEC will, as set forth in Section 24.2, assist the Client in obtaining the benefit of any warranties and remedies that might be available from the third- party vendor or service provider.

    19.2 Limitation of Remedies

FOR ANY BREACH OF THE WARRANTIES MADE BY DRPSEC OR CLAIM OF DEFECT IN THE SERVICES (OTHER THAN THE THIRD-PARTY PRODUCTS AND SERVICES), CLIENT’S EXCLUSIVE REMEDY AND DRPSEC’S ENTIRE LIABILITY SHALL BE THE CORRECTION BY DRPSEC OF THE DEFICIENT SERVICES, OR, IF DRPSEC CANNOT

SUBSTANTIALLY CORRECT THE DEFICIENCY WITHIN A REASONABLE TIME, THEN CLIENT MAY TERMINATE THE APPLICABLE SERVICE CONTRACT AND DRPSEC WILL REFUND TO CLIENT THE FEES FOR THE AFFECTED SERVICES, OR PORTION THEREOF, THAT WERE NOT PROPERLY PERFORMED, TOGETHER WITH ANY FEES PRE-PAID ON ACCOUNT OF ANY PORTION OF THE AFFECTED SERVICES NOT YET PERFORMED.

DRPSEC SHALL HAVE NO LIABILITY WITH RESPECT TO ANY BREACH OF WARRANTY OR CLAIM OF DEFECT IN ANY THIRD-PARTY PRODUCTS OR SERVICES AND CLIENT SHALL LOOK EXCLUSIVELY TO SUCH REMEDIES AS MIGHT BE MADE AVAILABLE BY THE THIRD-PARTY VENDOR OR SERVICE PROVIDER.

    19.3 Disclaimers

EXCEPT AS SET FORTH IN SECTION 19.1 OR OTHERWISE EXPRESSLY AGREED IN WRITING, THE SERVICES, INCLUDING ANY THIRD-PARTY PRODUCTS AND SERVICES, ARE PROVIDED ON AN “AS IS” BASIS AND ALL REPRESENTATIONS AND WARRANTIES WITH RESPECT TO THE SAME, WHETHER EXPRESS OR IMPLIED, ARISING BY LAW, CUSTOM AND USAGE, PRIOR PRACTICE, PRIOR ORAL OR WRITTEN STATEMENTS, OR OTHERWISE, INCLUDING, BUT NOT LIMITED TO, ANY WARRANTIES OF MERCHANTABILITY OR OF FITNESS FOR A PARTICULAR PURPOSE, ARE HEREBY OVERRIDDEN, EXCLUDED, AND DISCLAIMED. WITHOUT LIMITING THE FOREGOING, IT IS NOT REPRESENTED OR WARRANTED THAT THE SERVICES WILL BE ERROR-FREE OR UNINTERRUPTED, THAT THE SERVICES WILL MEET ANY CLIENT’S PARTICULAR REQUIREMENTS OR EXPECTATIONS, OR THAT THE SERVICES WILL BE COMPLETELY SECURE. THERE ARE RISKS INHERENT IN INTERNET CONNECTIVITY THAT COULD RESULT IN LAPSES IN THE AVAILABILITY OR SECURITY OF THE SERVICES.

    19.4 Interpretation

If any of the limitations or disclaimers set forth above, or elsewhere in this MSA or a Service Contract, are found to be void or unenforceable under applicable law, then the provision in question shall, if possible, be deemed to be modified to the minimum extent necessary to make it compliant, or, if such a modification is not possible, then the provision in question shall be stricken without prejudice to any similar provisions, all of which shall remain in full force and effect.

20. NO HIRING

You shall not solicit any DRPSEC employee with whom you have had contact in connection with the Services for employment by you or any other person either during the term of this MSA or during the twelve (12) month period following the last date on which Services were provided to you by DRPSEC. Notwithstanding the foregoing, you shall not be precluded from conducting general recruiting activities, such as participating in job fairs or publishing help wanted advertisements for general circulation.

You acknowledge that the injury resulting from a breach of this provision would be significant and that it would be extremely difficult to ascertain the precise amount of damages resulting from such breach. Therefore, you agree that in the event of a breach you will pay to DRPSEC liquidated damages in the amount of one hundred and fifty percent (150%) of the affected employee's base salary for one year. Such amount is not intended as a penalty but as a reasonable estimate of damages based upon the projected costs DRPSEC would incur to identify, recruit, hire and train a suitable replacement for the affected employee.

21. DISPUTE RESOLUTION

    21.1 Mediation Procedures

Each of us shall attempt to settle amicably any disputes related to this MSA or a Service Contract by means of mediation in accordance with the Commercial Mediation Procedures of the American Arbitration Association. Mediation proceedings shall take place in Orange County, California and the costs of such proceedings shall be shared equally by the parties. No action or proceeding concerning a dispute shall be commenced prior to the expiration of sixty (60) days following the date of the first mediation session. Failing such amicable settlement, any such dispute, including without limitation claims related to the existence, validity, interpretation, performance, termination or breach of this MSA or a Service Contract, shall be resolved by means of an action brought in a state court in Orange County, California or in federal court in the Western District of California.

    21.2 Period for Bringing Claim Concerning a Defect in the Services    

No action or other proceeding based on a breach of warranty or other claim concerning a defect in the Services may be commenced by Client more than one (1) year after the date of the breach or event giving rise to the claim; failure to make such a claim within such one (1) year period shall forever bar the claim.

    21.3 Attorneys’ Fees

If, in the event of a failure by Client to pay fees or other sums due to DRPSEC under the terms of this MSA or a Service Contract, DRPSEC commences litigation or other proceedings to collect such sums and is the prevailing party in such proceedings, then DRPSEC shall be entitled to an award of reasonable attorneys’ fees incurred in pursuing the collection of such sums.

    21.4 Liquidated Damages

If there is a breach of the terms of, or attempt to cancel prior to its expiration, a Service Contract that includes a commitment for a specific term, then Client shall pay as liquidated damages on account of DRPSEC’ lost profits for the remaining portion of the contract term an early termination fee equal to seventy-five percent (75%) of the recurring monthly (or other periodic) fees remaining to be paid from the date of the breach or attempted cancellation through the end of the initial term or then-current renewal term, based on the prices then in effect. The right to collect such damages shall be without prejudice to DRPSEC’ right to recover in addition damages for any other type of loss, injury or harm that might be suffered by DRPSEC as a result of Client’s conduct.

22. INDEMNIFICATION

Client shall indemnify and hold DRPSEC harmless against and from any and all causes of action, damages and other liabilities and expenses of any kind whatsoever (including, without limitation, reasonable attorney’s fees) that might be incurred by DRPSEC in connection with a claim by a third party related to any of the following:

23. LIMITATIONS OF LIABILITY

    23.1 General Limitation

EXCEPT AS OTHERWISE SPECIFICALLY AGREED IN WRITING, DRPSEC’S LIABILITY IN CONNECTION WITH ANY CLAIM RELATED TO A SERVICE CONTRACT, WHETHER IN CONTRACT, TORT OR OTHERWISE, SHALL BE LIMITED TO ANY ACTUAL, DIRECT DAMAGES INCURRED BY CLIENT AND WILL NOT EXCEED THE GREATER OF (1) $5,000, OR (2) THE FEES ACTUALLY PAID BY CLIENT TO DRPSEC IN CONNECTION WITH THE SERVICE CONTRACT DURING THE SIX (6) MONTH PERIOD IMMEDIATELY PRECEDING THE EVENT OR CIRCUMSTANCE GIVING RISE TO THE CLAIM. THE SAME LIMITATION SHALL APPLY TO ANY CLAIM RELATED TO SUPPLEMENTAL SERVICES OR ANY OTHER PROVISION OF SERVICES BY DRPSEC OUTSIDE THE CONTEXT OF A SERVICE CONTRACT (IN WHICH CASE THE LIMITATION IN CLAUSE (2) SHALL BE TO THE FEES ACTUALLY PAID BY THE CLIENT TO DRPSEC IN CONNECTION WITH THE WORK OR PROJECT IN QUESTION DURING THE PRECEDING SIX (6) MONTHS).

    23.2 No Incidental of Consequential Damages

IN NO EVENT SHALL EITHER PARTY BE HELD LIABLE TO THE OTHER PARTY FOR ANY INCIDENTAL, CONSEQUENTIAL, SPECIAL, INDIRECT OR PUNITIVE DAMAGES, INCLUDING BUT NOT LIMITED TO DAMAGES FOR LOST PROFITS, LOSS OF GOODWILL, LOST PRODUCTIVITY, LOSS OF DATA, INTERRUPTION OF BUSINESS, OR LOSS OF PROGRAMS OR INFORMATION, THAT RESULT FROM ANY BREACH OR CLAIM OF ANY KIND, REGARDLESS OF WHETHER IN CONTRACT, TORT OR OTHERWISE, AND REGARDLESS OF WHETHER THE DAMAGES WERE FORESEEABLE OR UNFORESEEABLE.

    23.3 Products and Services from Other Sources

DRPSEC SHALL NOT BE LIABLE FOR ANY ISSUES RELATED TO THE PERFORMANCE, OPERATION OR SECURITY OF THE SERVICES THAT ARISE FROM CONTENT, MODIFICATIONS, OR PRODUCTS AND SERVICES OBTAINED BY THE CLIENT OTHER THAN THROUGH DRPSEC. WITHOUT LIMITING THE FOREGOING, DRPSEC SHALL NOT BE LIABLE FOR ANY KIND OF UNAUTHORIZED ACCESS OR OTHER HARM THAT MAY BE CAUSED BY CLIENT’S ACCESS TO WEBSITES OR USE OF APPLICATION PROGRAMMING INTERFACES OR OTHER COMPUTER CODE AVAILABLE FROM OUTSIDE SOURCES, INCLUDING WITHOUT LIMITATION HARM RESULTING FROM THE EXECUTION OR TRANSMISSION OF MALICIOUS CODE OR SIMILAR OCCURRENCES, SUCH AS DISABLING DEVICES, DROP DEAD DEVICES, TIME BOMBS, LOGIC BOMBS, TRAP DOORS, TROJAN HORSES, WORMS, VIRUSES, HACKERS, PHISHERS, CRYPTO-LOCKERS, RANSOMWARE, AND SIMILIAR MECHANISMS.

24. THIRD-PARTY PRODUCTS AND SERVICES

    24.1 Terms and Conditions of Use

Client acknowledges that the Third-Party Products and Services are made available on the terms and conditions set forth in the Third-Party Agreements Including without limitation any applicable end user license agreement, retail customer terms and/or AUP, and Client agrees to use the Third-Party Products and Services in accordance with such terms and conditions.

    24.2 Third-Party Warranty and Remedies

DRPSEC does not warrant the quality, performance or any other aspect of the Third-Party Products and Services. In the event of a defect or difficulty in the use of the Third-Party Products and Services, Client shall look solely to the warranty or remedies (if any) provided for in the applicable Third- Party Agreements and in this regard DRPSEC agrees to act as a liaison, provide relevant information and documentation, and otherwise provide the Client with commercially reasonable assistance in obtaining the benefit of any warranty or remedies offered by the third-party vendor or service provider. If DRPSEC is party to a wholesale, reseller or other agreement with the third-party vendor or service provider, then DRPSEC will similarly make commercially reasonable efforts to obtain for Client the benefit of any warranty or remedies provided for thereunder. The provisions of this section shall not be interpreted to require DRPSEC to bring a lawsuit, commence arbitration proceedings or take any similar action against a third- party vendor or service provider; nor to require DRPSEC to provide Client with any remedy greater in amount or extent than any remedy actually provided to DRPSEC by the third-party vendor or service provider.

    24.3 Rights of Third-Party Vendors and Service Providers

Use of the Third-Party Products and Services shall at all times be in accordance with the rights of the third-party vendors and service providers and in this regard Client represents and warrants that it will not:

  1. engage in unauthorized use, copying or distribution of the Third- Party Products and Services in violation of licensing restrictions; disable or seek to disable any security, copy protection or similar features; or damage or fail to return hardware, equipment or other tangible items upon the completion of a Service Contract;
  1. translate, modify, adapt, decompile, disassemble, create derivative works from, merge with other products or services, or reverse engineer the Third-Party Products and Services; or
  1. use any confidential or proprietary information provided with or as a part of the Third-Party Products and Services for any purpose other than facilitating Client’s use of the Third-Party Products and Services in accordance with the terms of a Service Contract; or fail to cooperate in the return, deletion and/or destruction of any such information upon the completion of a Service Contract.

25. INSURANCE

    25.1 Client Coverage

Client shall maintain during the term of this MSA commercial general liability and first party cyber liability insurance with limits of at least One Million Dollars ($1,000,000) per occurrence and One Million Dollars ($1,000,000) in the aggregate.

    25.2 DRPSEC Coverage

DRPSEC agrees to maintain during the term of this MSA, professional liability insurance, including technology errors and omissions and cyber incident response coverages, with limits of at least One Million Dollars ($1,000,000) per occurrence and One Million Dollars ($1,000,000) in the aggregate.

    25.3 Additional Provisions

Client’s insurance shall be primary over DRPSEC’s insurance. Client agrees to waive, and to require its insurers to waive, any rights of subrogation or recovery they might have against DRPSEC, its agents, officers, directors and employees.

26. DATA PRIVACY

    26.1 Client Data & Processing

Insofar as the Client Data includes personally identifiable information (“PII”), DRPSEC agrees that it will comply with applicable United States data privacy laws and will only use such data for the purpose of providing Services under this Agreement.

    26.2 Data Concerning Individuals in the EU and Other Jurisdictions

If Client will require the processing of PII pertaining to individuals in the European Union that is subject to regulation under the GDPR, or PII pertaining to individuals located in another jurisdiction that is subject to similar data protection requirements, then Client must notify DRPSEC in writing and obtain DRPSEC’s written agreement to the processing of such PII prior to transmitting any such data to any DRPSEC system or otherwise using the Services to process such data in any way. Any such written agreement shall set forth the policies and procedures that will be followed in order to facilitate compliance with the GDPR or other applicable data protection requirements.

27. GENERAL

    27.1 Notices

Except as set forth in Section 27.15 (pertaining to electronic communications), all notices, demands or requests to be given by one party to the other shall be in writing and shall be deemed to have been duly given on the date delivered in person, on the next business day if sent via overnight delivery service, or on the third business day after deposit, postage prepaid, in the United States Mail for delivery via Certified Mail, return receipt requested, and addressed as specified on the signature page.

DRPSEC may also deliver notice electronically to the email address noted on the signature page. Notices are effective the same day if delivered electronically.

A party may change its address by means of a written notice given in accordance with the requirements of this section.

    27.2 Independent Contractor

DRPSEC will perform all Services solely as an independent contractor and not as an employee, agent or representative of Client.

    27.3 Force Majeure

A party will not be liable for any failure of performance due to causes beyond its reasonable control, including, but not limited to, fire, flood, electric power interruptions, national emergencies, civil disorder, acts of terrorism, riots, strikes, Acts of God, or any law, regulation, directive, or order of the United States government, or any other governmental agency, including state and local governments having jurisdiction over a party or the Services provided hereunder (a “Force Majeure Event”).

A party whose performance is so affected shall give written notice to the other party describing the performance that has been prevented (the “Affected upon action to minimize the impact on both parties of the Force Majeure Event. If the delay caused by the Force Majeure Event lasts for a period of more than thirty (30) days, the parties shall attempt to negotiate an equitable modification to any affected Service Contracts. If the parties are unable to agree upon such a modification, then either party may serve thirty (30) days’ written notice of termination on the other party with respect only to any affected Service Contracts. Client shall pay DRPSEC for that portion of the Affected Performance that was completed or that was in the process of being completed through the effective termination date of the applicable Service Contract.

    27.4 No High-Risk Use

You acknowledge that the Services are not fault-tolerant, are not guaranteed to be error-free or to operate uninterrupted, and are not intended to be used in any application or situation where the failure of the Services could lead to the death or serious bodily injury of any person, or to significant property or environmental damage (“High-Risk Use”). Accordingly, you agree not to use the Services for any High-Risk Use.

    27.5 Export Control; Government Use

You represent and warrant that your use of the Services will comply with all export laws, restrictions, national security controls, and regulations of the United States or other applicable authority. You will not export or re-export or allow the export or re-export of the Services in violation of any such export laws, restrictions, controls or regulations.

If the Services are to be used in the performance of a government contract or subcontract, no government requirements or regulations will be binding upon us unless specifically agreed to by us in writing. If Client is a U.S. Government entity or person, then the Services are being provided as "Commercial Items" as that term is defined in the U.S. Code of Federal Regulations (see 48 C.F.R. § 2.101), and the rights granted in the Services to such a government user are the same as the rights granted to all other users.

    27.6 Waiver

No delay in exercising, no course of dealing with respect to, and no partial exercise of, any right or remedy hereunder will constitute a waiver of any right or remedy, or future exercise thereof.

    27.7 Assignment

Neither party may assign this MSA or a Service Contract, in whole or in part, or any of its rights or obligations, without the prior written consent of the other party, and any purported assignment made without such consent shall be void and of no effect. However, DRPSEC may assign or otherwise transfer its rights, interests and obligations under this MSA and the Service Contracts, and a DRPSEC company may assign or otherwise transfer its rights, interests and obligations under the Service Contracts to which it is a party, without your consent in the event of a change in control of 50% or more of its equity, the sale of all or substantially all of its assets, or to an affiliated company. In addition, unless otherwise agreed, we may contract with third parties to deliver some or all of the Services, and no such third-party contract shall be interpreted as an assignment. However, we will use commercially reasonable efforts to ensure that any and all such third parties abide by all of the terms of this MSA and any affected Service Contracts, and, except as otherwise agreed, we will remain solely responsible for the fulfillment of all of our obligations. This MSA and the Service Contracts shall be binding upon the parties, their successors and permitted assigns.

    27.8 Marketing

Client hereby grants DRPSEC the right to reference Client’s name, industry, logo, and URLs in its marketing literature, website, and/or correspondence to potential new customers, so as to identify Client as a customer of DRPSEC for marketing purposes.

    27.9 Notifications and Alerts

Client hereby grants DRPSEC the right to utilize Client information to send alerts, notifications, news, and general correspondence to Client in connection with the provision of the Services.

   27.10 Survival

Our respective duties and obligations with respect to proprietary rights, intellectual property rights, and non-disclosure and confidentiality will survive and remain in effect, notwithstanding the termination or expiration of this MSA or any Service Contract.

    27.11 Amendment

This MSA may be modified or amended only by a writing signed by both parties.

    27.12 Governing Law

This agreement is to be governed by and construed in accordance with the law of the State of California without giving effect to principles of conflict of laws.

   27.13 Severability

If any term or provision of this MSA or a Service Contract is declared invalid by a court of competent jurisdiction, the remaining terms and provisions will remain unimpaired, and the invalid terms or provisions are to be replaced by such valid terms and provisions that most nearly fulfill the parties’ intention underlying the invalid term or provision.

    27.14 Third-Party Beneficiaries

This MSA is for the sole benefit of the parties hereto and their respective successors and permitted assigns, and nothing herein is to be construed to give any person or entity, other than the parties hereto and their respective successors and permitted assigns, any legal or equitable rights hereunder.

    27.15 Counterparts, Electronic Signatures

This MSA or any Service Contract may be executed in separate counterparts, each of which will be deemed an original, but all of which together will constitute one and the same instrument. The parties agree that execution of any document may be by digital signature, PDF copy of a signature or other electronic means. Unless you provide DRPSEC with written notice to the contrary, you agree that all notices and other communications concerning this Agreement or any Service Contract may take place by electronic means and that documents may be executed via the electronic signature system. An executed copy of this Agreement will be retained by DRPSEC in electronic record form and can be reproduced for Client upon request.

    27.16. Recording of Conversations / Telephone Calls

DRPSEC and Client (i) consent to the recording of telephone conversations between personnel of the parties in connection with the Services, and (ii) agree, to the extent permitted by applicable law, that recordings may be submitted in evidence in any lawsuit, arbitration or similar proceedings.

    27.17. Entire Agreement

This MSA sets forth our entire understanding with respect to the subject matter hereof and is binding upon the parties, their successors, and their permitted assigns. There are no understandings, representations or agreements other than those set forth herein. Each party, along with its respective legal counsel, has had the opportunity to review this MSA, and accordingly, in the event of any ambiguity, such ambiguity will not be construed in favor of, or against, either party.

DRPSEC LLC

2372 Morse Ave. #419 

Irvine CA 92614

P: (949) 444-2233

E: info@drpsec.com

CONNECT WITH US