General Terms and Conditions for EJBCA SaaS Delivery

 
These EJBCA SaaS Terms set forth the terms and conditions under which PrimeKey AB, or any of its subsidiaries (“PrimeKey”) will provide EJBCA SaaS to customers. These terms and conditions shall apply to all offers and agreements under which PrimeKey supplies EJBCA SaaS (as defined below) to the Customer. No deviations from these terms and conditions shall be valid unless expressly agreed in writing. In no event shall any other terms or conditions set forth on a purchase order submitted by Customer be binding on PrimeKey.
Definitions
Unless the context or circumstances clearly indicate otherwise, the following words and phrases shall have the meanings specified below:
Agreement: These EJBCA SaaS Terms and any order accepted in writing by PrimeKey.
Customer: The entity or person placing an order for, or accessing the EJBCA SaaS.
EJBCA SaaS: A cloud-based Software as a Service offering which a Customer purchases a subscription for a defined term from PrimeKey, or through a PrimeKey Cloud Provider. EJBCA SaaS is delivered to Customer via a virtual server stack, deployed in a public cloud service operator, and includes the software programs necessary to use the software and its functions.
EJBCA SaaS Subscription: The specified period of continuous time during which Customer is entitled to access and use the EJBCA SaaS. Customer Data: Data in an electronic form that is uploaded by or on behalf of Customer to the EJBCA SaaS.
Documentation: The technical documentation describing the features and functions of the EJBCA SaaS.
PrimeKey Cloud Provider: A third party authorized by PrimeKey to offer or enable the use of the EJBCA SaaS as part of such provider's cloud-based service.
Security Incident: A breach of security of the EJBCA SaaS leading to accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Customer Data in the possession or control of PrimeKey.
Service Data: Data and data elements (excluding Customer Data) collected by an EJBCA cloud service systems configuration which, as applicable, pertains to the EJBCA cloud service environment, the usage and performance of the EJBCA SaaS, and the components managed by the EJBCA SaaS.

1.	EJBCA SAAS
A.	Scope of EJBCA SaaS. Subject to the Customer’s compliance with any and all license conditions applicable to the EJBCA SaaS, PrimeKey agrees to provide the EJBCA SaaS purchased by Customer as set forth in the Documentation during the EJBCA SaaS Subscription and to grant the Customer a non-exclusive, non-transferable right to use the EJBCA SaaS for its internal purposes for as long as this Agreement is valid and all relevant fees are fully paid in time. PrimeKey retains all right, title, and interest in and to the EJBCA SaaS, including without limitation all software used to provide the EJBCA SaaS and logos and trademarks reproduced through the Cloud Service(s), and this Agreement does not grant or transfer to the Customer any intellectual property rights in the EJBCA SaaS or any of its components. The Customer is authorized to use the EJBCA SaaS for its own internal use, including in support of service offerings Customer may provide its end customers (but, for clarity, not as a stand-alone product or service of Customer).
B.	Restrictions. Customer will not, nor will Customer allow any third party to, (a) modify the EJBCA SaaS; (b) publish or provide any benchmark or comparison test results that pertain to the EJBCA SaaS;
(c) reverse engineer, decompile, disassemble or otherwise translate the EJBCA SaaS or otherwise reduce it to human-readable form except to the extent required for interoperability purposes under applicable laws or as expressly permitted in open-source licenses; (d) modify, adapt, or create a derivative work of the EJBCA SaaS or Documentation; (e) use the EJBCA SaaS in excess of any limitations (e.g. user limits, time limits, free trials) prescribed by PrimeKey; and
(f) remove, conceal, or modify any product identification, proprietary, intellectual property, or other notices in the EJBCA SaaS and Documentation. Customer may not make any copies of the EJBCA SaaS or the Documentation except for back-up purposes or sublicense, assign or transfer its rights to use the EJBCA SaaS.

C.	Service Data. As between the parties, PrimeKey retains all right, title and interest in and to Service Data. Without limiting the foregoing, PrimeKey may collect and use Service Data to provide and improve the EJBCA SaaS and PrimeKey's other products and services.
2.	ACCEPTANCE
A.	If Customer electronically accepts this Agreement, Customer agrees that this Agreement exclusively govern PrimeKey's delivery of the EJBCA SaaS, unless Customer has a separate applicable written agreement with PrimeKey which specifically pertains to EJBCA SaaS. If an individual is accepting the terms and conditions of this Agreement on behalf of another person, company or other legal entity, whether as an employee, contractor, distributor, reseller, partner, agent or otherwise, that individual represents and warrants that it has the full authority to bind them. If Customer does not agree to this Agreement. the Customer shall not be entitled to subscribe or access the EJBCA SaaS.
3.	FEES and PAYMENT TERMS
A.	Fees. The fee for the EJBCA SaaS delivered to the Customer are fixed for a certain term ("Fixed Pricing"). All fees are set out in the proposal or quote received by Customer via the Microsoft Azure Marketplace and will be invoiced in full by Azure for the contract duration chosen at the time the contract is started via the Customer clicking the “Create contract” button. Customer shall be responsible for any taxes (including income, stamp and turnover or value added taxes, withholding taxes), duties, fees, charges or assessments of any nature appropriately levied by any governmental authority against the EJBCA SaaS used by the Customer in connection with the sale or use of the EJBCA SaaS. If PrimeKey is required to pay any such taxes levies and/or fines, penalties or assessments as a result of Customer's failure to comply with any applicable laws or regulations governing payment of such levies, or as a result of Customer's failure to comply with any term herein, the amount of any payments so made, plus the expense of currency conversion, shall be promptly reimbursed to PrimeKey by Customer. If Customer is required to pay any withholding tax on the use of the EJBCA SaaS, any payments due to PrimeKey hereunder, Customer agrees to gross up payments actually made such that PrimeKey shall receive sums due hereunder in full and free of any deduction for any such withholding tax.
PrimeKey reserves the right to renegotiate the contract with 30- days’ notice in the event that the international intercompany agreement needs to be revised per tax regulation change.
Furthermore, PrimeKey reserves the right to adjust the fee for the EJBCA Cloud Service(s), at their sole discretion, and may increase the fees 4.5% annually for the EJBCA SaaS.
B.	Payment Terms. Payment terms are directly between the Customer and Azure. If the agreement is made directly with PrimeKey then the following terms apply. Payment terms for all invoiced amounts shall be thirty (30) days from the date of invoice(s), unless PrimeKey requested advance payment in the Agreement. Customer shall make all payments due to PrimeKey WITHOUT ANY OFFSET OR DEDUCTION WHATSOEVER. Any invoiced amount which is not paid when due shall bear a late fee at the rate of twelve percent (12%) per annum, or the maximum rate permitted by applicable law, whichever is less. Should Customer fail to pay any invoice when due, or the creditworthiness of Customer is questioned by PrimeKey, then PrimeKey reserves the right, after a written notice to the Customer, to withhold further delivery of the service until Customer’s due invoices are paid and/or their creditworthiness is re- established to PrimeKey’s satisfaction.
4.	DATA
A.	Ownership of Customer Data. As between Customer and PrimeKey, Customer retains all right, title and interest in and to Customer Data. PrimeKey acquires no rights in Customer Data, other than the rights Customer grants to PrimeKey hereunder to provide the EJBCA SaaS to the Customer.
B.	Use of Customer Data. PrimeKey will use Customer Data solely to provide the EJBCA SaaS and, if applicable, related support or as otherwise provided by written agreement of the parties.
C.	Disclosure of Customer Data. PrimeKey will not disclose Customer Data outside of PrimeKey or its controlled subsidiaries and affiliates except to deliver the EJBCA SaaS or to the extent such disclosure is required by applicable law. PrimeKey will give Customer reasonable notice of a request of a governmental or regulatory body for
Customer Data to allow Customer to seek a protective order or other legal remedies (except to the extent PrimeKey's compliance with this Section would cause it to violate a court order or other legal requirement).
5.	DATA SECURITY
A.	Security. PrimeKey will implement reasonable technical and organizational safeguards designed to protect Customer Data against unauthorized loss, destruction, alteration, access, or disclosure. PrimeKey may modify such safeguards from time to time, provided that such modifications will not materially reduce the overall level of protection for Customer Data.
B.	Security Incident. If PrimeKey discovers a Security Incident has occurred, PrimeKey will notify Customer promptly and without delay, unless otherwise prohibited by law or otherwise instructed by a law enforcement or supervisory authority. In addition to providing such notification, PrimeKey will promptly take reasonable steps to mitigate the effects of the Security Incident and to minimize any damage resulting from the Security Incident. Customer must notify PrimeKey promptly about any possible misuse of its accounts or authentication credentials or any security incident related to the EJBCA SaaS.
6.	ACCEPTABLE USE POLICY
A.	The Customer will not use the EJBCA SaaS:
-In violation of laws or regulations;
-to violate the rights of others;
-to try to gain unauthorized access to or interrupt any service, device, data, account or network;
-in a manner that could negatively impact the EJBCA SaaS or impair anyone else's use of it; or
-to license, sublicense, sell, resell, loan, rent, lease, transfer, assign, or distribute to any third party.
-to modify, adapt, copy, translate, disassemble, decompile, or reverse engineer the EJBCA SaaS (or any of its components or parts thereof), or otherwise attempt to derive the source code of, decrypt, modify, or create derivative works of EJBCA SaaS.
Customers which violate this Section 7 or otherwise is in material breach of the Agreement and has not remedied the breach within seven (7) days may be subject to having their EJBCA SaaS Subscription suspended or terminated at PrimeKey's discretion without any right for the Customer to receive repayment of fees or any other remedy. PrimeKey will provide reasonable notice before suspending or terminating an EJBCA Cloud Service unless PrimeKey believes an immediate suspension or termination is required.
7.	SERVICE LEVEL AGREEMENT
A.	Specific Service Level Agreements (“SLA”) delineate PrimeKey's commitment around uptime and connectivity for the EJBCA Cloud Services. SLA for service availability is a minimum of 99.9% annually. For the XS instance size there is not an SLA percentage requirement. For instance sizes S and M, the SLA percentage is set to 99.95%. For instance sizes L and XL, the SLA percentage is set to 99.99%.
B.	Availability is defined as the ability for new certificates to be issued and or OCSP to provide certificate validation services. Availability excludes any down time outside of the direct control of PrimeKey, including, but not limited to:
-Maintenance Time
-Customer’s own Internet service provider
-Force Majeure event
-Any systemic Internet failures
-Enhanced Services
-Any failure in the Customer’s own hardware, software or network connection
-Customer’s bandwidth restrictions
-Customer’s acts or omissions
8.	SLA VIOLATIONS
A.	In the event that PrimeKey fails to meet to the SLA objective in a given month Customer will be entitled to a 5% service credit. The credit will be assessed against the following months bill. In any given month the Customer shall in no event be entitled to receive a credit that exceeds 5% of the monthly fees. Service credits shall constitute the sole remedy in the event of PrimeKey’s failure to meet the SLA requirement.
9.	WARRANTY
A.	CUSTOMER ACCEPTS THE EJBCA SAAS "AS IS" AND AS AVAILABLE. UNLESS EXPLICITLY STATED IN THIS AGREEMENT. PRIMEKEY PROVIDES NO REPRESENTATION OR WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, OR ANY IMPLIED WARRANTY ARISING FROM STATUTE, COURSE OF DEALING, COURSE OF PERFORMANCE, OR USAGE OF TRADE. WITHOUT LIMITING THE GENERALITY OF THE FOREGOING: (a) PRIMEKEY DOES NOT REPRESENT OR WARRANT THAT THE EJBCA SAAS WILL PERFORM WITHOUT INTERRUPTION OR ERROR; AND (b) PRIMEKEY DOES NOT REPRESENT OR WARRANT THAT THE EJBCA SAAS IS SECURE FROM HACKING OR OTHER UNAUTHORIZED INTRUSION OR THAT CUSTOMER DATA WILL REMAIN PRIVATE OR SECURE.
10.	INTELLECTUAL PROPERTY PROTECTION
A.	IP Claims. Subject to the terms and conditions of this Section, PrimeKey will defend and settle any claim brought by a third party against Customer that the EJBCA SaaS sold and delivered by or for PrimeKey to Customer under this Agreement infringe any patent, trademark, or copyright ("IP Claim"). PrimeKey will pay settlement amounts or, if applicable, damages and costs finally awarded by a court of competent jurisdiction (collectively, "Damages") against Customer to the extent such damages are specifically attributable to the IP Claim, provided that Customer: (a) promptly notifies PrimeKey in writing of the IP Claim; (b) provides information and assistance to PrimeKey to defend such IP Claim; and (c) provides PrimeKey with sole control of the defense and settlement negotiations.
B.	Remedies. PrimeKey may, at its option and to the extent it is commercially reasonable, substitute or modify the applicable EJBCA SaaS, or the relevant portion thereof, so that it becomes non- infringing; procure any necessary license; or replace the EJBCA SaaS. If it is not commercially reasonable for PrimeKey to fulfil its obligations pursuant to the above within a reasonable time, then Customer shall be entitled to a reduction of the price corresponding to the reduced value of the EJBCA SaaS resulting from the infringement but for no longer than a period of five years from its delivery date.
C.	Exclusions. Notwithstanding anything to the contrary in this Agreement, PrimeKey has no obligation or liability to Customer or to any third party claiming through Customer for any claim of infringement that arises from or relates to: (a) PrimeKey's compliance with or use of designs, specifications, inventions, instructions, or technical information furnished by or on behalf of Customer; (b) modifications made by or on behalf of Customer without PrimeKey's prior written authorization; (c) Customer's failure to upgrade or use a new version of the EJBCA SaaS, to make a change or modification requested by PrimeKey, or to cease using the EJBCA SaaS if requested by PrimeKey; (d) the EJBCA SaaS, or any portion thereof, in combination with any other product or service (including PrimeKey Cloud Providers services); (e) services offered by Customer or revenue earned by Customer for such services; (f) any third-party software or infringements caused by Customer; or (g) any content or information stored on or used by Customer or a third party in connection with the EJBCA SaaS.
D.	Entire Liability. Notwithstanding any Term to the contrary in this Agreement, this Section 11 states PrimeKey’s entire liability and Customer's sole and exclusive remedies for IP Claims.
E.	Rights. All rights, title, ownership and interest in and to the EJBCA SaaS and derivative works thereof but not limited to, all intellectual property rights therein, are and shall remain the property of PrimeKey except the rights expressly contained herein. The same shall apply to any updates to the EJBCA SaaS.
F.	Trademarks. Customer shall not alter or remove from the EJBCA SaaS (or Documentation), or alter, any of PrimeKey's or its suppliers' trademarks, trade names, logos, patent or copyright notices, or other notices or markings, or add any other notices or markings to the EJBCA SaaS (or Documentation).
11.	LIMITATION OF LIABILITY
A.	Limitation of Liability. Regardless of the basis of the claim (e.g. contract, tort or statute), the total liability of PrimeKey under or in connection with this Agreement, will not exceed 10% of the price for the applicable EJBCA SaaS paid, by customer to PrimeKey, in the month preceding the event that gave rise to the claim or the minimum amounts permitted by applicable laws, if greater. PrimeKey will not liable for:
-any indirect, consequential, incidental, exemplary or special damages;
-loss or corruption of data;
-loss of revenues, profits, goodwill or anticipated savings;
-procurement of substitute goods and/or services; or
-interruption to business.
IN NO EVENT SHALL PRIMEKEY BE LIABLE FOR SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR TORT DAMAGES, INCLUDING, WITHOUT LIMITATION, ANY DAMAGES RESULTING FROM LOSS OF USE, LOSS OF DATA, LOSS OF PROFITS, LOSS OF ANTICIPATED PROFITS, OR LOSS OF BUSINESS ARISING OUT OF OR IN CONNECTION WITH THIS AGREEMENT, THE PERFORMANCE OF THE EJBCA SAAS OR OF ANY OTHER OBLIGATIONS RELATING TO THIS AGREEMENT OR THE EJBCA SAAS.
Any failures to perform any obligation under this Agreement or any applicable purchase order except payment of monies due, shall be excused if such failure is caused by acts of God, acts of public authorities, wars or war measures, fires, casualties, labor difficulties or strikes, shortages of material or fuel, failure or delays of suppliers or carriers, shortages of transportation, problem with any network (including telecommunications) other than that under PrimeKey's control, denial of service attack, or any causes beyond PrimeKey's control. PrimeKey shall not be liable for any claims of third-parties relating to the EJBCA SaaS.

B.	EJBCA SaaS “As-Is”. The EJBCA SaaS is provided "as-is" without any warranties, implied or expressed, of any kind. Customers sole right and PrimeKey's sole remedy in the event of actual or perceived errors or defects in the EJBCA SaaS shall be redelivery of the EJBCA SaaS in a new virtual server instance. In such case, PrimeKey will make available scripts and functions for the export and the import of data to the new virtual server instance.
Other than the SLA in Section 8 above, PrimeKey makes no particular warranty with regards to availability and uptime. Customer acknowledges and accepts that there may be disruptions of service or periods of unavailability which will be outside of the control of PrimeKey and totally dependable on the uptime and availability of the Cloud Provider.
PrimeKey makes no warranty regarding the EJBCA SaaS, expressed or implied, including but not limited to any implied warranties of merchantability and fitness for particular purpose. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW IN NO CASE WILL PRIMEKEY BE OBLIGED TO COMPENSATE THE CUSTOMER FOR DAMAGE, BE IT DIRECT OR INDIRECT, CAUSED BY MALFUNCTIONS OF THE EJBCA SAAS OR THE CUSTOMERS USE OF IT, NOR IS PRIMEKEY RESPONSIBLE FOR DAMAGE WHICH MAY OCCUR AS A CONSEQUENCE OF THE CUSTOMER'S USE OF THE EJBCA SAAS SUCH AS LOSS OF DATA, SALES, PRODUCTION OR PROFITS OR ANY DAMAGE TO A THIRD PARTY.
12.	EJBCA SAAS EXPORT OR RE-EXPORT
A.	Customer acknowledge that the EJBCA SaaS and Documentation supplied by PrimeKey under this Agreement are subject to export controls under the laws and regulations of the United States, the European Union and other countries (as applicable), and the EJBCA SaaS may include technology controlled under export and import regulation, including encryption technology. Customer agree to comply with such laws and regulations and represent and warrant that Customer:
-will not, unless authorized by U.S. export licenses or other government authorizations, directly or indirectly export or reexport the EJBCA SaaS and Documentation to or use the EJBCA SaaS and Documentation in countries subject to U.S. embargoes or trade sanctions programs;
-are not a party, nor will Customer export or re-export to a party, identified on any applicable government export exclusion lists, including but not limited to the U.S. Denied Persons, Entity, and Specially Designated Nationals Lists;
-will not use the EJBCA SaaS and Documentation for any purposes prohibited by U.S. law, including the development, design, manufacture or production of nuclear, missile, chemical, or biological weaponry or other weapons of mass destruction; and
-are responsible for compliance with all local encryption laws and
regulations, where applicable, and for obtaining any permits and licenses required under those laws and regulations for Customer’s use of the EJBCA SaaS.
Customer agree to provide PrimeKey destination end use and end user information upon PrimeKey's request. Customer will obtain all required authorizations, permits, or licenses to export, re-export or import, as required. Customer agree to obligate, by contract or other similar assurances, the parties to whom Customer re-export or otherwise transfer the EJBCA SaaS to comply with all obligations set forth in this Section 12.
13.	TERMINATION AND RETENTION
A.	Customer may terminate the EJBCA SaaS contract at any time. PrimeKey, also, reserves the right to suspend or end the EJBCA SaaS service at any time and at our own discretion without notice.
B.	If Customer cancels their subscription to EJBCA SaaS or fails to pay their Azure bills for the EJBCA SaaS service, their data and infrastructure will be deleted within 90 days during which the terms of this Agreement will continue to be in force.
C.	Active customers’ data is backed up on a daily basis. The data is archived for a maximum of one year after which it is deleted.
14.	U.S. FEDERAL GOVERNMENT CUSTOMERS
A.	This Section applies only to U.S. Federal Government Customers. The EJBCA SaaS is provided to the U.S. Government as “commercial items,” “commercial computer software,” “commercial computer software documentation,” and “technical data” with the same rights and restrictions generally applicable to the Service. If Customer or any authorized user is using the EJBCA SaaS on behalf of the U.S. Government and these terms fail to meet the U.S. Government’s needs or are inconsistent in any respect with federal law, Customer and Customer’s Authorized Users must immediately discontinue use of the Service. The terms listed above are defined in the Federal Acquisition Regulation and the Defense Federal Acquisition Regulation Supplement.
15.	GOVERNING LAW AND ENFORCEMENT RIGHTS
A.	This Agreement will be governed by and construed pursuant to the laws of Sweden, without regard to its conflict of law principles. Disputes arising out of or relating to this Agreement shall be finally settled by arbitration in accordance with the Rules of Arbitration Institute of the Stockholm Chamber of Commerce. The arbitration proceedings shall be held in Stockholm, Sweden. Unless both parties are domiciled in Sweden, the arbitration proceedings shall be conducted in English. PrimeKey reserves the right to control all aspects of any lawsuit or claim that arises from Customer's use of the EJBCA SaaS or Documentation.
16.	GENERAL PROVISIONS
A.	The Agreement, including the schedules and exhibits hereto, sets forth the entire agreement and understanding of the parties with respect to the subject matter hereof, and supersedes all prior oral and written agreements and understandings relating thereto. Any terms and conditions of any other instrument issued by Customer which are in addition to, inconsistent with or different from the terms and conditions of this Agreement shall be of no force or effect. Additionally, this Agreement supersedes any confidentiality or non- disclosure agreement previously entered into by the parties with respect to Customer’s or an affiliate’s evaluation of the EJBCA SaaS or otherwise with respect to the EJBCA SaaS.
B.	For purposes of the Agreement, the term "written" means anything reduced to a tangible form by a party, including a printed or hand written document, e-mail, or other electronic format.
C.	No waiver, alteration, modification, or cancellation of any of the provisions of this Agreement shall be binding unless made in writing and signed by both PrimeKey and Customer. The failure of either PrimeKey or Customer at any time or times to require performance of any provision hereof shall in no manner affect the right at a later time to enforce such provision.
D.	This Agreement shall be binding upon, and inure to the benefit of, PrimeKey and Customer and their respective legal representatives, successors and permitted assignees. The parties shall not assign, sublicense or otherwise transfer any of its duties, hereunder, in whole or in part, without the prior written consent of the other Party. Any purported assignment in violation of this Section 17.4 is void.
E.	In the event that any provisions contained in this Agreement or any part thereof shall for any reason be held invalid, illegal or unenforceable in any respect by a court of competent jurisdiction, to such extent such provision shall be deemed null and void and severed from this Agreement, the remainder of this Agreement shall remain in full force and effect, and the invalid provision shall be replaced with a valid provision which most closely approximates the intent and economic effect of the invalid provision.
F.	Notices. Customer acknowledges and agrees that PrimeKey shall provide notices to Customer by email at the address associated with the Customer’s order. Customer shall provide notices to PrimeKey by email to support@primekey.com, with a duplicate copy sent via registered mail, return receipt requested, to the following address: C2 Company, a PrimeKey company, Attn: Legal, 951 Mariners Island Blvd, Suite 210, San Mateo, CA 94404 or such other address as PrimeKey may direct from time to time on the Site. Customer must specify in all such notices that the notice is being given under this Agreement. Emailed notices will be deemed given and received one business day after the email is sent.
G.	The headings appearing at the beginning of the sections contained in this Agreement have been inserted for identification and reference purposes only and shall not be used in the construction and interpretation of this Agreement.
H.	In the ordinary course of its business, PrimeKey uses third-party service providers (collectively, “Providers”) to support the provision of the Service. For instance, PrimeKey currently uses Microsoft Azure (Azure) to host the EJBCA SaaS. In addition, PrimeKey may provide the EJBCA SaaS through one or more affiliates. PrimeKey reserves the right to engage and substitute Providers and affiliates as it deems appropriate, but shall remain responsible to Customer for (a) provision of the EJBCA SaaS and (b) the actions and omissions of its Providers and affiliates undertaken in connection with this Agreement.
I.	This Agreement may be modified only by a written instrument duly executed by authorized representatives of the parties, in accordance with Section 17.6 (Notices).
J.	If Customer chooses to end their EJBCA SaaS service and take their PKI keys with them, they must have no outstanding debts to PrimeKey or Azure for the EJBCA SaaS service. PrimeKey reserves the right to deny a customer taking their keys if they have outstanding debt with PrimeKey or Azure.
17.	TERM
A.	This Agreement is based on the use of Azure contracts. When Customer chooses to purchase the EJBCA SaaS service they choose a term of the contract such as one month, one year, two years, or three years. Payment for the contract is due after accepting the terms of the EJBCA SaaS service. Once the agreed term has finished, if auto renewal was selected upon contract creation, the term is extended based on original selected term.
B.	Customer agrees that if the contract renews, the pricing terms and end user license agreement (EULA) might have changed. Customer will be billed based on the price and EULA applicable on the renewal date.
18.	SUPPORT AND MAINTENANCE
A.	EJBCA SaaS is provided with Premium Support SLA (24x7). The specifications for the support packages are set forth and described in the SDSM (Service Description Support and Maintenance). The Support SLA package will determine availability of other support services, including but not limited to helpdesk etc.
B.	From time to time, PrimeKey may apply upgrades, patches, bug fixes, or other maintenance to EJBCA SaaS. PrimeKey agrees to use reasonable efforts to provide Customer with prior notice of any scheduled Maintenance (except for emergency Maintenance), and Customer agrees to use reasonable efforts to comply with any Maintenance requirements that PrimeKey notifies Customer about.