General Terms & Conditions Your company-specific Software License & Services Agreement shall override these standard terms Export Customer will not export or re-export the Software in violation of United States export laws and regulations. Confidentiality, privacy and data protection. Confidentiality At all times during the Term, and for a period of three (3) years thereafter, both Parties will hold in the strictest confidence and will not disclose to any third party any Confidential Information received from the other party. Confidential Information means all non-public information including documents, data, reports, Software and other materials the receiving Party knows or has reason to know (either because such information is marked or otherwise identified by the disclosing Party as confidential or proprietary, has commercial value, or because it is not generally known in the relevant trade or industry) is confidential information of the disclosing Party and shall remain the sole property of the disclosing Party. The prohibitions contained in this Section shall not apply to information (a) already lawfully known to or independently developed by the receiving Party, (b) disclosed in published materials, (c) generally known to the public, or (d) lawfully obtained from any third party free of any restriction and without breach of this Agreement. Neither Party shall disclose to third Parties, other than its agents and representatives on a need-to-know basis, the terms of this Agreement nor any schedules or exhibits hereto without the prior written consent of the other Party, with the exception of either Party being entitled to disclose such terms to the extent required by a court order or other compulsory process, provided that disclosing Party has been given notice thereof an opportunity to waive its rights or to seek a protective order or other appropriate remedy. All confidential information shall be destroyed or returned within thirty (30) days upon the request of the disclosing Party and in the event of termination of this Agreement. In the event of a breach or threatened or attempted breach of the provisions of this Section, the disclosing Party may have no adequate remedy in money and damages and, accordingly, may seek an injunction against such breach. b. Privacy and Personal Data Collection All data collected from Customer, or collected by the Software as a result of Customer’s use (“Customer Data”) is Customer’s property and remains Customer’s property upon termination of this Agreement. PoliteMail shall not access or use Customer Data except to fulfill the obligations of this Agreement or as required by law. Personal Identifying Information (PII) means any information or data provided by Customer or collected from Customer in connection with this Agreement which identifies, may be used to identify, contact or locate a person to whom such information pertains, or from which identification of an individual person can be derived. PII includes but is not limited to: name, email address, IP address, or unique identifier. Any PII collected by the Software or accessed as part of performing the Services is limited to what is necessary to perform the Services or to fulfill any legal requirements. Features of the Software enable collection of PII about Customer’s email recipients through the use of standard tracking devices such as cookies, web beacons, and the collection of name, email address and related IP address information used to access such email. Providing notice of the collection and use of such data, including personally identifying information, is an important privacy disclosure. If not already existing, PoliteMail recommends Customer incorporate notice of such data collection within Customer’s own privacy statement or internal internet use policy. Please refer to the PoliteMail privacy policy at www.PoliteMail.com/privacy for information regarding how PoliteMail uses and collects information. Certain Data Protection Laws, meaning data protection and privacy laws, regulations, regulatory requirements and codes of practice in connection with data processing under this Agreement may apply to the use of the Software, including laws applicable in the country or countries where data is collected, held or processed, including the European Data Protection Directive 95/46/EC and the Privacy and Electronic Communications Directive 2002/58/EC. The Software provides tools and methods which collect and process data, and it is the solely the Customer’s responsibility to ensure the Software is used in compliance with any such Data Protection Laws in any jurisdiction. Customer is liable for and shall defend, indemnify and hold PoliteMail and their respective directors, officers, employees and contractors harmless from and against any and all claims and damages which result to the extent such claims arise out of or relate to Customer use or misuse of the Software with respect to a breach of any applicable Data Protection Law in any jurisdiction. c. Data Protection and Security PoliteMail shall implement commercially reasonable security procedures to protect PII and Customer Data from unauthorized use, access, disclosure, alteration, or destruction. Security measures include access controls, encryption, or other means, where appropriate. Only duly authorized PoliteMail personnel or contractors are permitted to access such Customer Data, and only to fulfill the obligations of this Agreement. Within 30 days upon termination of this Agreement, PoliteMail will permanently destroy all Customer Data, and/or permanently destroy all keys to encrypted Customer Data. PoliteMail shall immediately notify Customer of any known security breach that may result in the unauthorized use, access, disclosure, alteration, or destruction of Customer Data, or any legally binding request for disclosure of Customer Data by a law enforcement authority (and shall provide Customer an opportunity to waive its rights or to seek a protective order) unless otherwise prohibited to do so. To the extent credit card information, including cardholder’s name, full account number, expiration date or security number, will be collected/handled as part of the Services, PoliteMail shall comply with the Payment Card Industry Data Security Standard (PCI DSS) requirements for cardholder data as prescribed by the PCI Security Standards Council “Cardholder Data” means any information imprinted on the front or back of a payment card. Warranties PoliteMail represents and warrants that (a) it has the right and power to grant the rights and licenses granted to Customer under this Agreement, (b) the Software, to the best of PoliteMail’s knowledge, does not infringe upon or violate any copyright, patent, trademark, trade secret or any other proprietary right of any third party, (c) the Software and each component thereof does not contain any viruses, Trojan horses or other harmful or disabling code, (d) the Software will conform to the specifications and Documentation (e) the Services will be performed in a professional and work man like manner solely by employees or agents of PoliteMail with the training and experience necessary to perform such Services, (f) the Services will be performed according to the Documentation, the SLAs attached hereto, and the professional standards of skill and care generally exercised by similar companies and applicable to the provision and performance of like services, and (g) PoliteMail will not participate in any bribes or kickbacks, and will comply with the U.S. Foreign Corruption Practices Act, all applicable anti-corruption and anti-money laundering laws, and all applicable federal, state, and local laws, regulations, and ordinances as they relate to this Agreement and the Software and Services provided hereunder, and (h) PoliteMail will not, in providing the Software or Services, violate the rights of any third party, including but not limited to the copying or disclosing of the intellectual property of any such third party. PoliteMail warrants that the Software and any updates, upgrades or new versions will perform substantially in accordance with the accompanying Documentation which Customer receives or is otherwise provided with the Software. The limited warranty covers the Software for one year from the Effective Date of this Agreement and for so long as Support and Maintenance Services are provided under this Agreement (the “Warranty Period”). Customer’s sole remedy for a breach of this warranty will be for Customer to notify PoliteMail within the applicable Warranty Period describing the basis for the claimed warranty breach in reasonable detail. PoliteMail will have a reasonable period (“Software Warranty Cure Period”), not to exceed forty-five (45) days, to correct the breach, provided that PoliteMail begins taking steps to cure the breach within 10 days of receipt of notice and also notifies Customer of the steps taken. Customer agrees to cooperate in PoliteMail’s efforts to correct the breach. If PoliteMail is unable to correct the breach or does not correct the breach within such Software Warranty Cure Period, PoliteMail, at its option, will either provide Customer with Software that performs substantially in accordance with the Documentation or provide a prorated refund of the fees Customer has paid to PoliteMail for the Software. Upon payment of such refund, Customer will destroy the Software, this Agreement shall terminate, and Customer shall have no further obligation to make any payments. The preceding warranty will not apply if: (i) the Customer has not installed or is running the more recently available publically released version of their licensed software, (ii) the Software is not used in accordance with the Documentation; (iii) the Software or any part thereof has been modified without the prior written consent of PoliteMail; or (iv) any breach regarding a problem with the Software cannot be recreated by