Master SAAS & Service Level Agreement

This MASTER SAAS AND SERVICE LEVEL AGREEMENT (“Agreement”) is entered into by and between Overwatch Technologies LLC. (“Overwatch Technologies ”), a Colorado Company headquartered at 2210 E LaSalle, Ste 206 Colorado Springs Co 80909, and the individual or legal entity (“Customer”). In this Agreement, Overwatch Technologies  and Customers are referred to individually as a “Party” and collectively as the “Parties”.  Capitalized terms used in this Agreement are defined in Section 12 of this Agreement or otherwise within the relevant Sections of this Agreement.

PLEASE READ THE FOLLOWING Overwatch Technologies  AGREEMENT CAREFULLY. BY ACCEPTANCE OF THIS AGREEMENT, CUSTOMER AGREES THAT IT HAS READ THIS AGREEMENT AND, AFTER DUE CONSIDERATION, HEREBY AGREES TO BE BOUND BY ALL THE TERMS OF THE AGREEMENT. CUSTOMER REPRESENTS AND WARRANTS: THAT IT IS NOT A LEGAL MINOR; THAT IT IS COMPETENT TO ENTER INTO BINDING CONTRACTS; AND THAT IT IS NOT DEPENDING ON ANY PROMISES OR STATEMENTS OTHER THAN THOSE EXPRESSLY SET FORTH IN THIS AGREEMENT.  IF CUSTOMER IS A COMPANY OR OTHER LEGAL ENTITY, THE PERSON AGREEING TO THIS AGREEMENT HEREBY REPRESENTS AND WARRANTS THAT HE OR SHE HAS THE AUTHORITY TO BIND THE COMPANY OR OTHER LEGAL ENTITY TO THE TERMS OF THIS AGREEMENT.

1.    SYSTEM AND SAAS SOLUTION

1.1  System.  This Agreement contains the terms and conditions that govern and are applicable to Customer’s and its Users access to and use of the SaaS Solution, Hardware, Software, Services, Documentation, and other components of the System. Upon execution of this Agreement and an applicable Schedule by both Parties, Overwatch Technologies  hereby grants to Customer and its Users the right to access and use the SaaS Solution, Hardware, Software, Services, Documentation, and other components of the System strictly in accordance with the terms and conditions of this Agreement and the applicable Schedule. Customer’s right to access and use of the SaaS Solution Hardware, Software, Services, Documentation, and other components of the System is granted by Overwatch Technologies  to Customer under this Agreement strictly on a non-exclusive, non-transferable, non-sublicensable, and restricted basis only for Customer’s lawful internal business purposes during the applicable Schedule Term (as defined below), and is conditioned upon and subject to Customer’s timely payment to Overwatch Technologies  of all Fees due or payable as required under this Agreement and all Schedules and Customer’s and its Users’ full compliance with all terms and conditions of this Agreement and all Schedules. 

1.2 SaaS Solution.  Pursuant to the applicable Schedule, Overwatch Technologies will provide to Customer and its Users access to and use of the SaaS Solution. Customer acknowledges and agrees that the SaaS Solution is currently operated and performed from and through Amazon Web Services (“Service Center”) and that Customer Data will be stored on and processed by equipment and systems at such Service Center; provided however, that the foregoing shall not prohibit Overwatch Technologies ’s operation and performance of the SaaS Solution from a different service center or location in the United States, including if Overwatch Technologies  determines that such different service center or location is necessary pursuant to Overwatch Technologies ’s then-current disaster recovery plan or back up plan. Under the applicable Schedule, Overwatch Technologies  shall provide to Customer and its Users access to and use of the SaaS Services via the Internet by use of unique User ID’s and passwords. Overwatch Technologies  will provide all such User ID’s and passwords to one or more Customer administrators designated by Customer (“Administrators”) who will distribute such information to the Users. Overwatch Technologies  will provide all such User ID’s and passwords to the Administrators following Overwatch Technologies ‘ receipt from Customer of written notice from the applicable Administrator of the name and e-mail address of each such User requiring a User ID and password. Following Customer’s written request to Overwatch Technologies , Overwatch Technologies  will terminate the access and use rights associated with the requested User ID and password.

1.3 Term.  This Agreement shall be effective as of the Effective Date above and shall remain in effect for a period of twelve (12) months, and thereafter this Agreement shall automatically renew and continue for subsequent 12 month periods, unless written notice of non-renewal of this Agreement is provided by one Party to the other Party at least thirty (30) days prior to the expiration of the then-current twelve (12) month period of this Agreement. The initial twelve (12) month period and each subsequent twelve (12) month period of this Agreement is referred to in this Agreement as the “Term” of this Agreement. The Term of this Agreement is subject to earlier termination of this Agreement as provided for in this Agreement.

1.4  Schedules. Overwatch Technologies ‘s provision of the SaaS Solution, Hardware, Software, Services, Documentation, and/or other components of the System to Customer under a Schedule shall commence on the start date specified in such Schedule (or if not specified therein, the date of Overwatch Technologies set up of the Hardware and/or initiation of Services for Customer under such Schedule) and shall continue until the end date specified in such Schedule (“Schedule Term”). Except as otherwise specified in the applicable Schedule, each Schedule shall automatically renew for additional Schedule Terms equal to the applicable expiring Schedule Term or one (1) year (whichever is shorter), unless either Party gives the other Party written notice of non-renewal of such Schedule at least thirty (30) days prior to the expiration of the then-current Schedule Term of such Schedule. If the Schedule Term of any Schedule extends past the Term of this Agreement, then such Schedule shall remain in effect and subject to the terms and conditions of this Agreement until the end of the Schedule Term of such Schedule or until it is earlier terminated pursuant to the terms of such Schedule or this Agreement. If any term or condition of any Schedule conflicts or is inconsistent with any of the terms or conditions of this Agreement, then the provisions of this Agreement shall be controlling and shall govern to the extent of such conflict or inconsistency, except to the extent such provisions of this Agreement are expressly stated in such Schedule to be superseded by the provisions of such Schedule and then in that case such provisions of such Schedule shall prevail solely with respect to the subject matter of such Schedule.

1.5  Customer Network. Customer acknowledges and agrees that it and its Users shall access and use the SaaS Services and Software provided or made available to Customer by Overwatch Technologies  under this Agreement strictly in connection with the Hardware within the designated System for which it was provided by Overwatch Technologies  to Customer under this Agreement. Set up of any Software by Overwatch Technologies  for or on behalf of the Customer shall not include any modifications to the Customer’s network, systems, security, or firewall settings without Customer’s prior approval. Overwatch Technologies shall not be responsible or liable for any setup, operation, maintenance, performance, or compatibility issues for or in connection with Customer’s network or systems, all of which remain the sole responsibility and liability of Customer. Overwatch Technologies may charge Customer additional fees or amounts for services required to be performed by Overwatch Technologies  due to any inability to connect the Hardware to Customer’s network or systems, or if any additional Hardware is required to facilitate connectivity between Customer’s network or systems and the Hardware. 

1.6   Third-Party Products and Services. Overwatch Technologies or third parties may from time-to-time make available to Customer third-party products or services, including but not limited to third-party applications and implementation, alert response services, customizations, and other consulting services (“Third-Party Products and Services”). Any purchase or acquisition by Customer of any such Third-Party Products and Services, and any exchange of data, information, or materials between Customer or its Users and any such third party providing any such Third-Party Products and Services, is solely between Customer or the applicable User and such third party, and not Overwatch Technologies. Overwatch Technologies does not make any representations, warranties, or guarantees for or in connection with any such Third-Party Products and Services or provide any maintenance, support, or assistance for any Third-Party Products and Services, whether or not they are designated by Overwatch Technologies  as “certified” or otherwise, except as expressly specified in a Schedule regarding such Third-Party Products and Services entered into between Customer and Overwatch Technologies . Customer and Overwatch Technologies (i) will determine the appropriate terms and configuration of any Third-Party Products and Services and (ii) may modify and change the terms and configuration of Third-Party Products and Services by mutual agreement and by giving notice to the third-party service provider. Regarding third-party provided alert response services, the parties agree that Customer will receive alert response communications directly from the third-party alert response service provider; however, Customer should contact Overwatch Technologies for all other communication related to the third-party alert response services.

‍1.7  Suspension. Overwatch Technologies has and reserves the right to suspend Customer’s and/or any User’s access to or use of the SaaS Solution, Hardware, Software, Services, and/or any other components of the System: (i) for scheduled or emergency maintenance; (ii) immediately if Customer or any User breaches any provision of this Agreement or any Schedule; (iii) as Overwatch Technologies  deems reasonably necessary to respond to any actual or potential security threat, breach, or concern, including those that may affect Customer, its Users, or any other Overwatch Technologies  customer or users; or (iv) immediately if Customer or any User access to or use of the SaaS Solution, Hardware, Software, Services, or any other components of the System is interfering with or otherwise negatively impacting access to or use of any Overwatch Technologies  product or service by any other Overwatch Technologies  customers or users or is violating any applicable laws, rules, regulations, or third-party rights.

1.8  Customer Portal. Under this Agreement, Overwatch Technologies may provide Customer with access to an online customer interface portal (“Customer Portal”) for use by Customer in connection with its access to and use of the SaaS Solution, Hardware, Software, Services, and/or other components of the System. Customer’s use of the Customer Portal is subject to Overwatch Technologies policies and terms and conditions of use that Overwatch Technologies  may establish from time-to-time and make available at the Customer Portal. Through such Customer Portal, Customer will provide to Overwatch Technologies  the information requested by Overwatch Technologies , including Customer contact and payment information, and Customer will at all times keep all such Customer information accurate and up to date through the Customer Portal. Customer hereby consents to and grants Overwatch Technologies  the right and authority to access and use the contact and other information Customer provides to Overwatch Technologies  through the Customer Portal, including any and all e-mail addresses, to contact Customer from time-to-time. Customer will maintain the confidentiality and security of its Customer Portal login credentials provided by Overwatch Technologies  to Customer. Customer will promptly notify Overwatch Technologies  in writing of any known or reasonably suspected unauthorized access to its Customer Portal account, login credentials, or any other actual or potential breach of security of which Customer has knowledge involving the Customer Portal, SaaS Solution, Hardware, Software, Services, and/or any other component of the System. 

1.9 Data Limits.  Under this Agreement, Overwatch Technologies will make the SaaS Solution available to Customer and its Users through the use of a cellular data connection selected by Overwatch Technologies . For the SaaS Solution, Customer will have access to five (5) gigabytes of cellular data per calendar month for a standard Overwatch Technologies  Omni unit. For the SaaS Solution, Customer will have access to fifteen (15) gigabytes of cellular data per calendar month for an Overwatch Technologies security unit. Customer’s data usage allotment will be reset to zero (0) on the first day of each calendar month. If Customer exceeds the allotted data usage granted by Overwatch Technologies  to Customer in any given calendar month, then such overage will be charged by Overwatch Technologies to Customer at a rate of $10.00 USD per gigabyte (or the then-current rate charged by Overwatch Technologies for such overages), and Customer agrees that it shall pay to Overwatch Technologies  any and all such overage Fees invoiced by Overwatch Technologies to Customer as provided for in this Agreement. Overwatch Technologies shall use reasonable efforts to provide Customer notice when Customer’s monthly data usage is between 70%-80% of Customer’s applicable data usage allotment.

2.   CUSTOMER RESPONSIBILITIES      

2.1  Cooperation.  Customer will reasonably cooperate with Overwatch Technologies  in connection with the performance of this Agreement as may be deemed necessary by Overwatch Technologies , which may include Customer making available to Overwatch Technologies  such Customer personnel and information as may be reasonably required by Overwatch Technologies  to provide the SaaS Solution, Hardware, Software, Services, and/or any other component of the System to Customer. Customer is solely responsible and liable for determining whether the SaaS Solution, Hardware, Software, Services, and/or any other components of the System are sufficient for Customer’s purposes, including but not limited to, whether the SaaS Solution, Hardware, Software, Services, and/or any other components of the System meet or satisfy Customer’s legal and/or regulatory requirements.  

2.2  Software.  Customer’s and its Users’ access to or use of the SaaS Solution, Hardware, Software, Services, and/or other components of the System may require Customer and Users to install certain Integration Software on Customer’s and Users computers, network, or systems, or may require Customer and Users to install certain Overwatch Technologies Mobile Software on Customers and Users mobile devices, which access and use shall be subject to the terms and conditions of this Agreement and applicable Schedule, including the access and use restrictions set forth in this Agreement and applicable Schedule. 

2.3  Customer Information. Customer acknowledges and agrees that Customer and Users shall be required to provide to and share with Overwatch Technologies  certain information for the purposes of Overwatch Technologies  providing the SaaS Solution and/or other components of the System under this Agreement or any Schedule, such as usernames, Overwatch Technologies  Admin Panel passwords, and other login information. This information may include personal information (such as email addresses and/or telephone numbers) regarding Customer and Users, and Overwatch Technologies will use such information for the purposes of providing the SaaS Solution and/or other components of the System to Customer and Users. Prior to authorizing an individual to become a User, Customer is fully responsible and liable for obtaining the consent and authorization of that individual, in accordance with all applicable laws, to the use of his/her information by Overwatch Technologies  for purposes of providing the SaaS Solution and/or other components of the System under this Agreement or any Schedule.

3.   FEES AND PAYMENT

‍3.1  Fees. Fees payable by Customer to Overwatch Technologies  shall be specified in the applicable Schedule. Except as otherwise expressly stated in the applicable Schedule, Customers will pay to Overwatch Technologies the Fees set forth in each Schedule in full.  Such Fees in any Schedule may be increased by Overwatch Technologies by the lesser of the then-current Consumer Price Index for All Urban Consumers (CPI-U) or 3% for any subsequent renewal period of such Schedule. Overwatch Technologies  shall send invoices to Customer for Fees due under a Schedule at the Customer address set forth on or in the Overwatch Technologies  onboarding documents provided by Customer or at the Customer address set forth in the first paragraph of this Agreement above. 

3.2 Payment.  Unless otherwise expressly stated in the applicable Schedule, all Fees due from or payable by Customer to Overwatch Technologies under each Schedule shall be paid by Customer to Overwatch Technologies  in full within thirty (30) days after the date of the Overwatch Technologies  invoice therefore. All such Fees are payable by Customer to Overwatch Technologies  in United States Dollars. Any such Fees not paid by Customer to Overwatch Technologies  when due shall accrue interest at the lesser of 1.5% per month or the maximum interest rate allowed by applicable law until the overdue amount has been paid in full by Customer to Overwatch Technologies . In the event of any expiration or termination of this Agreement by Overwatch Technologies as provided for in this Agreement, no refund or return of any Fees paid by Customer to Overwatch Technologies  under this Agreement shall be due or payable in any amount on account of such expiration or termination. In the event of termination of this Agreement by Customer as provided for in this Agreement, Customer shall be entitled as its sole and exclusive remedy, to receive a refund of any prepaid subscription Fees paid by Customer to Overwatch Technologies for the SaaS Solution or Services not rendered by Overwatch Technologies  under this Agreement as of the effective date of such termination. If any Overwatch Technologies  invoice due date falls on a weekend, statutory holiday, or banking holiday, then that due date will automatically be deemed to be next business day. Customers shall not withhold or off-set any Fees payment due under any Schedule. Customer shall immediately notify Overwatch Technologies  in writing of any disputed Fees amounts in any invoice received by Customer from Overwatch Technologies , and thereafter Overwatch Technologies  and Customer shall use reasonable commercial efforts to resolve such disputed Fees amounts in such invoice; provided however, that if the Parties fail to resolve such dispute within sixty (60) days of the date of the disputed invoice, then Customer shall pay to Overwatch Technologies  all Fees amounts in such invoice within ninety (90) days of the date of such invoice. Customer shall have no right, and hereby waives all right, to dispute any Fees amounts in any invoice more than ninety (90) days after the date of such invoice. Customer shall not be entitled to, and Overwatch Technologies shall not grant to Customer, any applicable credits (as determined by Overwatch Technologies ) toward any Fees that are claimed or requested by Customer from Overwatch Technologies  more than ninety (90) days after the date such credits first became creditable to Customer. Subject in all cases to Customer’ obligations to pay Fees to Overwatch Technologies  as provided for in this Agreement and any Schedule, Customer may modify the payment method by which it processes or pays Overwatch Technologies  invoices from time-to-time upon prior written notice to Overwatch Technologies . If a third-party payment processing service is utilized by Customer, whether online payment portal or vendor payment portal or otherwise, then Customer shall be solely responsible and liable for all use of such payment processing service, including Customer’s payment of any and all fees and amounts due or payable for use of such payment processing service.

‍3.3  Taxes. The Fees due from or payable by Customer to Overwatch Technologies  under each Schedule do not include any applicable taxes, levies, duties, or similar governmental assessments or charges of any nature, including but not limited to value-added, goods and services, harmonized, sales, use or withholding taxes, assessable by any local, state, provincial, federal, or foreign government or jurisdiction (collectively, “Tax(es)”). Customer is solely responsible and liable for paying any and all Taxes, excluding only taxes payable by Overwatch Technologies based on Overwatch Technologies ’s net income. If Overwatch Technologies  has the legal obligation to pay or collect any Taxes for which Customer is responsible under this Section, then the appropriate Taxes amount shall be paid in full by Customer within thirty (30) days of the date of Overwatch Technologies ’s invoice therefor. Overwatch Technologies  shall specify in each invoice the Taxes due or payable by Customer to Overwatch Technologies  under or in connection with the applicable Schedule. If requested by Overwatch Technologies , Customer shall cooperate with Overwatch Technologies  to properly calculate any applicable Taxes under or in connection with the applicable Schedule.  Overwatch Technologies  will invoice Customer for such Taxes based on Customer’s locations accessing or using the SaaS Solution, Hardware, Software, Services, and/or other components of the System under this Agreement or any Schedule. Overwatch Technologies  invoices to Customer shall include and separately state each applicable Tax and will associate such Tax with the invoice line-item cost to which the Tax applies. If Customer asserts in writing in advance to Overwatch Technologies  that any Fees under any Schedule are not subject to or are exempt from Taxes and Customer provides to Overwatch Technologies  a valid written tax exemption certificate from the relevant governmental taxing authority(ies) indicating that Customer is in fact not subject to pay or is exempt from paying such Taxes, then Overwatch Technologies  will refrain from collecting and remitting such Taxes.  If, however, any Tax(es) assessment results from Overwatch Technologies ’s failure to timely collect or remit any Tax(es) due to Overwatch Technologies ’s reliance on Customer’s assertion to Overwatch Technologies  that no Tax is due or a valid Tax exemption certificate applies to Customer, then Customer shall be solely responsible and liable for payment of any and all such Tax(es), including any interest, penalties, expenses, and costs related to such Tax(es) assessment, and Customer shall defend, indemnify, and hold harmless Overwatch Technologies  and its Affiliates from and against any and all such Tax(es) assessment, and from and against any and all costs and expenses incurred by Overwatch Technologies  related to any such Tax(es) assessment.

3.4 Credit Card.  If the method of Customer payment of an invoice for Fees from Overwatch Technologies under this Agreement is by Customer credit card, then Customer agrees it shall: (i) keep Customer’s credit card information updated with Overwatch Technologies  and (ii) authorize Overwatch Technologies  to charge Customer’s credit card for all Fees and other amounts due from or payable by Customer to Overwatch Technologies under the applicable Schedule in advance monthly plus Taxes when due.

3.5  ACH.  If the method of Customer payment of an invoice for Fees from Overwatch Technologies under this Agreement is by ACH, then Customer agrees it shall: (i) complete and sign an ACH authorization form in favor of Overwatch Technologies ; and (ii) keep Customer’s bank information for such ACH payment updated with Overwatch Technologies .  

3.6  Carrier Fees.  Customer acknowledges and agrees that: (i) Customers and Users’ third-party carriers or service providers may charge fees or amounts for data usage, messaging, telephone calls, or other services that are required for them to access or use the SaaS Solution, Services, and/or other components of the System; and (ii) Customer and Users are solely responsible and liable for any and all such fees, amounts, access, and usage in connection with any such third-party carriers or service providers.

3.7 Insufficient Funds. If any payment of Fees by Customer to Overwatch Technologies  under this Agreement is returned based upon insufficient or unavailable funds in the Customer account upon which such payment was drawn, a minimum insufficient funds (“NSF”) charge of thirty-five ($35.00) dollars will be charged by Overwatch Technologies  to Customer and will be paid by Customer to Overwatch Technologies  as an additional payment to Overwatch Technologies . Any such NSF charge or payment shall not reduce or otherwise affect any of the Fees payment obligations of Customer to Overwatch Technologies  under this Agreement or any Schedule. 

3.8  Collections.  Customer acknowledges and agrees that it shall be responsible and liable for and shall reimburse Overwatch Technologies  for any and all costs, expenses, fees, and other amounts (including collection expenses, courts costs, and reasonable attorneys’ fees) incurred by Overwatch Technologies  to enforce any of Customer’s Fees payment obligations to Overwatch Technologies  under this Agreement and any Schedule.

4.   RESTRICTIONS

Customer shall not, and shall not permit any Users nor any third party or individual to: (i) reverse engineer, decompile, disassemble, or otherwise attempt to discover or discern the source code, object code or underlying structure, ideas, or algorithms of the SaaS Solution, Hardware, Software, Services, or any other component of the System, and/or any data related to the SaaS Solution, Hardware, Software, Services, or any other component of the System (except to the extent such prohibition is contrary to applicable law that cannot be excluded by agreement of the Parties); (ii) modify, change, revise, translate, or create any derivative works of or based on the SaaS Solution, Hardware, Software, Services, and/or any other component of the System; (iii) share, rent, lease, loan, resell, transfer, license, sublicense, distribute, or otherwise provide access to or use of the SaaS Solution, Hardware, Software, Services, or any other component of the System to or with any third party or individual, or use or otherwise provide the SaaS Solution, Hardware, Software, Services, or any other component of the System for or in any timesharing or service bureau purposes or arrangements; or (iv) access or use the SaaS Solution, Hardware, Software, Services, or any other component of the System other than by Customer and its Users in accordance with this Agreement, the applicable Schedule, and in compliance with all applicable laws, rules, and regulations.

5.   DELIVERY, SET UP, AND USE OF HARDWARE

‍5.1 Shipping and Set up.  Customer shall pay to Overwatch Technologies  any and all shipping and set up Fees, charges, and other amounts for the Hardware under the applicable Schedule which shall be payable by Customer to Overwatch Technologies  in accordance with such Schedule. Overwatch Technologies  may invoice Customer for, and Customer shall pay to Overwatch Technologies , any and all Fees, charges, and other amounts for additional or add-on Hardware and/or other System components agreed to by Customer and Overwatch Technologies in the applicable Schedule which are delivered or stored by Overwatch Technologies  for Customer, and/or for any and all Services performed by Overwatch Technologies  for Customer before completion of the Hardware and/or other System components set up, relocation of existing Hardware, activation of the System, or any other Service(s). All unpaid and outstanding Fees, charges, and other amounts payable by Customer to Overwatch Technologies  under this Agreement and the applicable Schedule shall be due and payable by Customer to Overwatch Technologies  prior to completion of the set up of the Hardware and/or other System components under such Schedule and as a precondition to activation of the SaaS Solution, Services, and/or any other System components under such Schedule.  

5.2 Maintenance and Repair. Overwatch Technologies  will provide the Services to Customer as set forth in this Agreement and the applicable Schedule. Overwatch Technologies  and its personnel shall use reasonable efforts when at Customer’s location to perform Services in compliance with Customer’s reasonable policies and guidelines regarding site safety and security that have been provided in writing by Customer to Overwatch Technologies  reasonably in advance of Overwatch Technologies ‘ personnel arrival at the relevant Customer location. As part of the Services, upon Customer’s request to Overwatch Technologies , Overwatch Technologies  will provide to Customer maintenance and repair of the covered Hardware as determined by Overwatch Technologies  to be necessary due to Customer’s normal use, wear, and tear of such Hardware. Additional charges shall be applicable and payable by Customer to Overwatch Technologies  for any Services for maintenance and repair of such Hardware which are determined by Overwatch Technologies  to be necessary due to changes or alterations in the Customer’s locations or premises, changes or alterations of or to the Hardware or other components of the System (or any part thereof) made at the request of the Customer, or damage to the Customer’s locations or premises or to the Customer’s alarm system, or any other causes or events beyond the reasonable control of Overwatch Technologies . Any Services for set up, maintenance, or repairs of the Hardware or other components of the System shall be performed by Overwatch Technologies  during Overwatch Technologies ’s normal working hours of 8:00 A.M. to 4:30 P.M., Monday through Friday, except holidays observed by Overwatch Technologies. Customer acknowledges and agrees that any such Services for set up, maintenance, or repairs are strictly for the specific Hardware or other components of the System covered under this Agreement, and that Overwatch Technologies  has no obligation or liability to install, maintain, support, repair, service, replace, operate, or assure the operation of any device or devices of Customer, Users, or any third party or individual.

5.3  Representations and Warranties. Under this Agreement, Overwatch Technologies  represents and warrants to Customer that:(i) Overwatch Technologies  shall perform the Services in a professional and workman-like manner in accordance with industry practices and standards for similar services using competent Overwatch Technologies  personnel having expertise suitable to perform their respective assignments from Overwatch Technologies  to provide the Services to Customer under this Agreement;(ii) the SaaS Solution, Hardware, and Software as provided by Overwatch Technologies  to Customer under this Agreement and the applicable Schedule shall materially conform to the descriptions and specifications therefor as set forth in the applicable Documentation provided by Overwatch Technologies  to Customer in writing under this Agreement; and (iii) Overwatch Technologies  will use reasonable efforts through employment of Virus scanning technology to endeavor that no Viruses are contained in the SaaS Solution or Software. 

5.4 Risk of Loss or Damage. Overwatch Technologies  hereby acknowledges and agrees that it assumes and shall bear all risk and liability for any and all loss, theft, damage, and/or destruction of any Hardware while such Hardware is in Customer’s possession or control, except for any loss, theft, damage, and/or destruction due to Customer’s gross negligence or willful or intentional harm. In the event of any such loss, theft, damage, or destruction of such Hardware, Customer shall immediately notify Overwatch Technologies  in writing thereof and follow Overwatch Technologies ’s instructions regarding such Hardware.

5.5 Indemnification by Overwatch Technologies. Overwatch Technologies shall defend, indemnify, and hold harmless Customer from and against any and all claims and demands, and all related losses, damages, liabilities, judgments, awards, suits, costs, and expenses (including reasonable attorneys’ fees and court costs) (collectively, “Customer Claim”) to the extent arising from bodily injury, death, or damage to real or tangible property directly caused by the gross negligence or willful misconduct of Overwatch Technologies or its employees or agents occurring while performing the Services for Customer under this Agreement while present at Customer’s location(s) where such Services are provided by Overwatch Technologies  to Customer under this Agreement. Notwithstanding the foregoing, Overwatch Technologies ’s obligations and liabilities provided for in this Section shall not apply to any Customer Claim arising from or in connection with any negligence or misconduct of Customer, its employees, or agents, or of any other individuals who are not Overwatch Technologies  employees or agents providing the Services to Customer under this Agreement. Overwatch Technologies ’s obligations and liabilities provided for in this Section are conditioned upon and subject to Customer: (i) promptly notifying Overwatch Technologies of the relevant Customer Claim in writing; (ii) tendering to Overwatch Technologies  the sole and exclusive right to defend or settle such Customer Claim; and (iii) fully cooperating with Overwatch Technologies  in Overwatch Technologies ’s defense or settlement of such Customer Claim at Overwatch Technologies ’s sole cost and expense. Customer shall not enter into any settlement of any Customer Claim without Overwatch Technologies ’s express prior written approval.

5.6 DISCLAIMER. CUSTOMER ACKNOWLEDGES AND AGREES THAT THE FEES AND OTHER AMOUNTS Overwatch Technologies CHARGES CUSTOMER UNDER THIS AGREEMENT ARE BASED UPON THE VALUE OF THE SYSTEM Overwatch Technologies  PROVIDES TO CUSTOMER UNDER THIS AGREEMENT AND ARE UNRELATED TO THE VALUE OF ANY OF CUSTOMER’S LOCATIONS, PROPERTY, OR PREMISES, ANY PROPERTY OF ANY THIRD PARTY LOCATED IN OR ON CUSTOMER’S LOCATIONS, PROPERTY, OR PREMISES, OR ANY RISK OF LOSS AT ANY OF CUSTOMER’S LOCATIONS, PROPERTY, OR PREMISES. OTHER THAN THE EXPRESS REPRESENTATIONS AND WARRANTIES SET FORTH IN THIS SECTION ABOVE, Overwatch Technologies  MAKES NO AND HEREBY EXPRESSLY DISCLAIMS ANY AND ALL REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY IMPLIED REPRESENTATIONS OR WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND TITLE. WITHOUT LIMITING THE GENERALITY OF THE FOREGOING, Overwatch Technologies  DOES NOT REPRESENT OR WARRANT THAT (a) THE SAAS SERVICES, HARDWARE, SOFTWARE, SERVICES, OR ANY OTHER COMPONENTS OF THE SYSTEM OR ANY THIRD-PARTY PRODUCTS AND SERVICES WILL NOT BE COMPROMISED AND/OR CIRCUMVENTED, (b) USING THE SAAS SERVICES, HARDWARE, SOFTWARE, SERVICES, OR ANY OTHER COMPONENTS OF THE SYSTEM OR ANY THIRD-PARTY PRODUCTS OR SERVICES WILL PREVENT ANY LOSS, DAMAGE, EXPENSE, OR INJURY DUE TO ANY CAUSES, INCLUDING WITHOUT LIMITATION ANY BURGLARY, HOLD-UP, ROBBERY, THEFT, CRIME, FIRE, OR OTHERWISE, OR (c) THE SAAS SERVICES, HARDWARE, SOFTWARE, SERVICES, OR ANY OTHER COMPONENTS OF THE SYSTEM OR ANY THIRD-PARTY PRODUCTS AND SERVICES WILL PROVIDE THE PROTECTION REQUIRED OR INTENDED BY CUSTOMER. UNDER THIS AGREEMENT, THE RISK OF ANY AND ALL SUCH LOSS, DAMAGE, EXPENSE, OR INJURY REMAINS SOLELY WITH CUSTOMER, AND NOT Overwatch Technologies. INSURANCE, IF ANY, COVERING ANY SUCH RISK, LOSS, DAMAGE, EXPENSE, OR INJURY SHALL BE THE SOLE RESPONSIBILITY OF CUSTOMER, AND NOT OF Overwatch Technologies . Overwatch Technologies  SHALL HAVE NO RESPONSIBILITY OR LIABILITY FOR ANY LOSS, DAMAGE, EXPENSE, OR INJURY DUE DIRECTLY OR INDIRECTLY TO ANY OF THE EVENTS DESCRIBED ABOVE IN THIS SECTION, OR THE CONSEQUENCES FLOWING THEREFROM. CUSTOMER HEREBY RELEASES AND WAIVES TO THE FULLEST EXTENT PERMITTED UNDER APPLICABLE LAW FOR ITSELF AND ITS INSURERS ALL SUBROGATION AND OTHER RIGHTS TO RECOVER FROM Overwatch Technologies  ARISING AS A RESULT OF PAYING ANY CLAIM FOR LOSS, DAMAGE OR INJURY OF CUSTOMER, USERS, OR ANY THIRD PARTY OR INDIVIDUAL. THE DISCLAIMERS, PROTECTIONS, LIMITATIONS, AND WAIVERS IN THIS SECTION SHALL ALSO BE APPLICABLE TO Overwatch Technologies ’s AFFILIATES, SUPPLIERS, LICENSORS, AND THIRD-PARTY SERVICE PROVIDERS.

6. LIMITATION OF LIABILITY. NOTWITHSTANDING ANYTHING IN THIS AGREEMENT OR ANY SCHEDULE OR EXHIBIT TO THE CONTRARY, IN NO EVENT SHALL Overwatch Technologies  BE LIABLE UNDER OR IN CONNECTION WITH THIS AGREEMENT OR ANY SCHEDULE FOR ANY INDIRECT, INCIDENTAL, CONSEQUENTIAL, PUNITIVE, EXEMPLARY, OR SPECIAL DAMAGES OF ANY NATURE WHATSOEVER, OR FOR ANY LOST PROFITS, HOWEVER CAUSED. NOTWITHSTANDING ANYTHING IN THIS AGREEMENT OR ANY SCHEDULE OR EXHIBIT TO THE CONTRARY, ANY AND ALL LIABILITY OF Overwatch Technologies  UNDER OR IN CONNECTION WITH THIS AGREEMENT OR ANY SCHEDULE SHALL BE LIMITED IN ALL CASES TO DIRECT DAMAGES ONLY WHICH IN THE AGGREGATE SHALL NOT EXCEED THE FEES PAID BY CUSTOMER TO Overwatch Technologies  UNDER THIS AGREEMENT IN THE ONE (1) YEAR PERIOD IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO CUSTOMER’S CLAIM FOR DAMAGES OR Overwatch Technologies  LIABILITY. THE DISCLAIMERS AND LIMITATIONS OF LIABILITY IN THIS SECTION SHALL APPLY NO MATTER HOW THE LOSS, DAMAGE, EXPENSE, INJURY, OR OTHER CONSEQUENCE OCCURS, EVEN IF DUE TO Overwatch Technologies ’S PERFORMANCE, NONPERFORMANCE, OR BREACH OF ITS OBLIGATIONS UNDER THIS AGREEMENT OR FROM NEGLIGENCE (INCLUDING TORT), ACTIVE OR OTHERWISE, STRICT LIABILITY, VIOLATION OF ANY APPLICABLE LAWS, OR ANY OTHER ALLEGED FAULT ON THE PART OF Overwatch Technologies , ITS EMPLOYEES OR AGENTS. THE DISCLAIMERS AND LIMITATIONS OF LIABILITY IN THIS SECTION SHALL APPLY EVEN IF Overwatch Technologies  WAS ADVISED OF THE POSSIBILITY OR LIKELIHOOD OF ANY SUCH LOSS, DAMAGE, EXPENSE, INJURY, OR OTHER CONSEQUENCE. THE DISCLAIMERS AND LIMITATIONS OF LIABILITY IN THIS SECTION SHALL ALSO BE APPLICABLE TO Overwatch Technologies ’s AFFILIATES, SUPPLIERS, LICENSORS, AND THIRD-PARTY SERVICE PROVIDERS.

7.  TERMINATION

‍7.1  Breach.  Either Party may terminate this Agreement upon written notice of such termination to the other Party if the other Party has committed a material breach of the terms or conditions of this Agreement or any Schedule and such Party fails to cure such breach within thirty (30) days of such Party’s receipt of written notice of such breach from the non-breaching Party.

7.2  Bankruptcy.  Either Party may terminate this Agreement upon written notice of such termination to the other Party: (i) upon the institution or if a petition is filed, notice is given, a resolution is passed, or an order is made, in each case by or against the other Party under any applicable laws relating to insolvency, administration, liquidation, receivership, bankruptcy, or any other winding up proceedings; (ii) upon the other Party’s making an assignment for the benefit of creditors or making a voluntary arrangement with its creditors; (iii) upon the other Party’s dissolution or ceasing, or threatening to cease to do business; or (iv) if any event occurs, or proceeding is instituted, with respect to the other Party that has the equivalent or similar effect to any of the events provided for in this Section above.

7.3  Other Termination.  In addition to Overwatch Technologies ’s termination rights provided for in this Agreement or the applicable Schedule, Overwatch Technologies shall have the right to terminate this Agreement and/or any Schedule and/or to discontinue any SaaS Solution, Hardware, Software, Service(s), and/or any other components of the System under this Agreement or any Schedule at any time upon written notice of such termination or discontinuance to Customer if: (i) Overwatch Technologies ’s connections or connectability to provide the SaaS Solution, Hardware, Software, Services, and/or other components of the System to Customer under this Agreement or any Schedule are/is damaged or destroyed by fire, weather, catastrophe, or any other cause beyond Overwatch Technologies ’s reasonable control, or if Overwatch Technologies  is unable or if it is impractical for Overwatch Technologies  to obtain or maintain any connections, rights, or privileges required for the SaaS Solution, Hardware, Software, Services, and/or other components of the System to transmit signals between the Customer’s locations or premises and Overwatch Technologies ’s designated locations or premises; (ii) Customer fails to follow and implement Overwatch Technologies ’s requirements or recommendations for the repair or replacement of any defective parts of the Hardware and/or other components of the System; (iii) Customer fails to comply with the Documentation or other written operating instructions for the Hardware and/or other components of the System provided by Overwatch Technologies  to Customer which Overwatch Technologies  in its sole discretion determines results in an undue number of false alarms or malfunctions for or in connection with the Hardware and/or other components of the System; (iv) in Overwatch Technologies ’s sole opinion, the Customer locations or premises where the Hardware and/or other components of the System are or are to be installed are unsafe, unsecure, unsuitable, or so modified or altered after set up so as to render continuation of SaaS Solution, Hardware, Software, Service(s), and/or other components of the System unsafe, unsecure, unsuitable, impractical or impossible; or (v) delivery or provision of the SaaS Solution, Hardware, Software, Services, and/or other components of the System, or continued delivery or provision of the SaaS Solution, Hardware, Software, Services, and/or other components of the System, violates of any applicable laws, rules, regulations, or rights of any third party or individual. Overwatch Technologies  shall not be responsible or liable for any damages, losses, costs, and/or expenses of Customer or Users which result from or are in connection with any such termination of this Agreement and/or any Schedule and/or any discontinuance of any SaaS Solution, Hardware, Software, Service(s), and/or other components of the System by Overwatch Technologies  in accordance with the foregoing in this Section above.

7.4  Post-Termination.  Upon any expiration or termination of this Agreement, in addition to any and all other rights and remedies of Overwatch Technologies  under this Agreement, at law, or in equity: (i) Customer shall immediately cease all access to and use of the SaaS Solution, Hardware, Software, Services, Documentation, and other components of the System; (ii) Overwatch Technologies  shall at its option have the right to take immediate possession of the Hardware and charge Customer for Overwatch Technologies ’s costs and expenses to collect the Hardware plus a 1.0% service charge on all such amounts, or declare immediately due and payable, without additional notice presentment or demand, an amount equal to the total of (a) all unpaid Fees and other amounts due from Customer to Overwatch Technologies  hereunder, whether accrued or due for the balance of the applicable Schedule Term not yet due, plus (b) as determined by Overwatch Technologies  the anticipated fair market value of the Hardware at the end of the Schedule Term if such Hardware is not returned by Customer to Overwatch Technologies  within ten (10) days of the end of such Schedule Term; and (iii) Customer shall ensure that all collected or returned Hardware shall be in good working condition and repair (ordinary wear and tear excepted). Customer acknowledges and agrees that Customer has no and shall have no right of purchase and no equity in the Hardware or any other component of the System under this Agreement or any Schedule, or by operation of law or otherwise.

8.   CONFIDENTIALITY

8.1  Confidential Information. Under this Agreement, the term “Confidential Information” means any information or data disclosed, provided, or made available by one Party (“Disclosing Party”) to the other Party (“Receiving Party”) under or in connection with this Agreement or any Schedule in any form (whether written, electronic, oral, or otherwise) that is marked or labeled as confidential or proprietary to the Disclosing Party, that at the time of disclosure is declared by the Disclosing Party to be confidential or proprietary to the Disclosing Party, or that reasonably should be understood to be confidential or proprietary to the Disclosing Party given the nature of the information or data and the circumstances of its disclosure, including without limitation, any trade secrets, technology, technical information, inventions, know-how, ideas, methods, business, financial and customer information, pricing, forecasts, strategies, and product and service development plans.  Customer Data and Customer Personal Data are hereby deemed to be Customer Confidential Information. The SaaS Solution, Hardware, Software, Services, Documentation, and other components of the System are hereby deemed to be Overwatch Technologies  Confidential Information. This Agreement and the Schedules are hereby deemed to be Overwatch Technologies  Confidential Information, including the terms and conditions of this Agreement and all Schedules. The Receiving Party acknowledges and agrees that any and all Confidential Information of the Disclosing Party is and shall remain owned by and be the exclusive property of the Disclosing Party and that nothing in the Agreement shall be construed or deemed to grant or convey to the Receiving Party any rights or licenses in or to the Confidential Information of the Disclosing Party except as expressly set forth in this Agreement.

8.2  Non-Disclosure and Non-Use.  The Receiving Party agrees it shall: (i) not disclose or provide any Confidential Information of the Disclosing Party to any third party or individual other than Receiving Party’s employees, agents, and contractors (“Representatives”) with a need to know such Confidential Information of the Disclosing Party and who have entered into written non-disclosure and non-use agreements with the Receiving Party providing for protection of the Disclosing Party’s Confidential Information on terms no less protective and restrictive than those contained in this Section, and (ii) not use Confidential Information of the Disclosing Party except solely as reasonably required for Receiving Party to exercise its rights or fulfill its obligations under or in connection this Agreement and each Schedule. The Receiving Party agrees that it is and shall be responsible and liable for any breach of this Agreement or any Schedule by any of its Representatives. The Receiving Party further agrees that it shall use the same degree of care to protect against unauthorized disclosure and unauthorized use of such Confidential Information of the Disclosing Party that the Receiving Party uses with respect to its own confidential or proprietary information of similar nature, but in no event will the Receiving Party use less than a reasonable degree of care to protect such Confidential Information of the Disclosing Party against unauthorized disclosure and unauthorized use.  For the avoidance of doubt, Customer acknowledges and agrees that Overwatch Technologies  uses the services of certain third parties for or in connection with the provision of the SaaS Solution, Hardware, Software, Services, and other components of the System to Customer and Users and that such third parties will have access to Customer’s Confidential Information, subject to Overwatch Technologies ’s compliance with this Section.

‍8.3 Exceptions.  Confidential Information of the Disclosing Party will not include any information or data to the extent the Receiving Party can demonstrate through competent documented evidence that such information or data: (i) is or becomes generally available to the public without any breach of this Agreement by the Receiving Party, or otherwise without any wrongful act of the Receiving Party; (ii) was already in the Receiving Party’s possession or already known by the Receiving Party prior to initial receipt from the Disclosing Party; (iii) was rightfully disclosed to the Receiving Party without restriction by a third party who had no confidentiality or non-disclosure obligations or duties owed to the Disclosing Party; or (iv) was independently developed by the Receiving Party without any use of or reference to any Confidential Information of the Disclosing Party. 

8.4  Legally Required Disclosure. Nothing in this Agreement will prevent the Receiving Party from disclosing Confidential Information of the Disclosing Party to the extent required by judicial or governmental order, provided that, to the extent permitted by applicable law, the Receiving Party shall give the Disclosing Party reasonable prior written notice of such required disclosure and the Confidential Information of Disclosing Party required to be disclosed pursuant to such judicial or governmental order so as to permit the Disclosing Party to contest such disclosure or seek an appropriate remedy for or in connection with such disclosure. If such remedy is not secured by the Disclosing Party, the Receiving Party agrees that it shall furnish only that portion of the Confidential Information of the Disclosing Party which the Receiving Party is legally required to furnish and, in conjunction with the Disclosing Party, to use all reasonable efforts to assure that the information is maintained in confidence by the party to whom it is so furnished.

8.5  Injunctive Relief.  The Receiving Party acknowledges and agrees that any breach of its non-disclosure and non-use obligations provided for in this Section may result in serious and irreparable harm to the Disclosing Party for which the Disclosing Party may not be adequately compensated and for which damages are difficult to accurately measure. Therefore, the Receiving Party acknowledges and agrees that, in addition to all other rights and remedies that the Disclosing Party may have available to it under this Agreement, at law, or in equity, the Disclosing Party shall be entitled to seek the specific performance of such obligations of the Receiving Party and to both temporary and permanent injunctive relief without the necessity of posting any bond or other security.

8.6  Return or Destruction.  The Receiving Party shall, upon any expiration or termination of this Agreement or otherwise upon the written request of the Disclosing Party to the Receiving Party, promptly return to the Disclosing Party, or destroy if so instructed by the Disclosing Party, and provide written certification to the Disclosing Party of such return or destruction, all Confidential Information of the Disclosing Party, without retaining any copy, extract or summary of any part thereof. Notwithstanding the foregoing, the Receiving Party may retain copies of Confidential Information of the Disclosing Party to the extent necessary for purposes of the Receiving Party’s compliance with its ordinary course internal document retention and backup requirements and procedures, provided that such Confidential Information of the Disclosing Party shall remain subject to the Receiving Party’s non-disclosure and non-use obligations provided for in this Section for so long as such Confidential Information of the Disclosing Party is so retained by the Receiving Party.

8.7  Data Protection Addendum. During the term of this Agreement, Overwatch Technologies  and Customer shall comply with their respective obligations set forth in the Data Protection Addendum attached to this Agreement as Exhibit A.

9.   INTELLECTUAL PROPERTY RIGHTS; FEEDBACK

‍9.1  Intellectual Property Rights.  Customer acknowledges and agrees that Overwatch Technologies, its Affiliates, suppliers, or licensors exclusively own and retain any and all Intellectual Property Rights in, to, or relating to the SaaS Solution, Hardware, Software, Services, Documentation, and any and all other components of the System, including any and all Updates, modifications, changes, revisions, improvements, and derivative works thereof. This Agreement does not sell, convey, transfer, or assign to Customer or any User any rights of ownership in or to the SaaS Solution, Hardware, Software, Services, Documentation, or any other components of the System, or in or to any Intellectual Property Rights of Overwatch Technologies , its Affiliates, suppliers, or licensors. Overwatch Technologies , its Affiliates, suppliers, and licensors reserve all rights not expressly granted.

9.2  Performance Data.  As between the Parties, Overwatch Technologies  shall exclusively own any and all Performance Data. Notwithstanding anything in this Agreement or any Schedule to the contrary, Customer acknowledges and agrees that Overwatch Technologies  has the right to: (i) use and modify Customer Data for the purposes of (a) Overwatch Technologies  providing the SaaS Solution, Hardware, Software, Services, and/or other components of the System to Customer and Users under this Agreement and the Schedules, and (b) Overwatch Technologies  generating, developing, or creating Performance Data; and (ii) freely use, make available, distribute, market, sell, and otherwise exploit Performance Data for any Overwatch Technologies  business purposes, including without limitation, for improving, developing, testing, operating, promoting, and marketing the SaaS Solution, Hardware, Software, Services, and other components of the System and any other Overwatch Technologies  products and services.

9.3  Feedback.  Although not obligated to do so, Customer and/or Users may choose to provide to Overwatch Technologies or any of Overwatch Technologies ’s personnel feedback, suggestions, ideas, comments, improvements, or other information or data regarding or in connection with the SaaS Solution, Hardware, Software, Services, and/or other components of the System or any other Overwatch Technologies  products or services (“Feedback”).  If Customer and/or Users provide any such Feedback to Overwatch Technologies , then Customer and/or Users hereby assign to Overwatch Technologies  any and all Intellectual Property Rights of Customer and Users in and to any such Feedback, and Customer and Users hereby waive any and all claims they may have now or may hereafter have in the future in any country or jurisdiction to so-called “rental rights,” “moral rights,” and all rights of “droit moral” in such Feedback (even if such Feedback is altered or changed in a manner not agreeable to Customer or Users). Customer and Users represent and warrant to Overwatch Technologies  that Customer and Users have all rights and authorizations necessary or required to make the assignments and waivers provided for in this Section. Customer and Users will at Overwatch Technologies ’s cost and expense reasonably assist Overwatch Technologies in its efforts to formalize, register, protect, and/or otherwise perfect Overwatch Technologies ’s rights in any such Feedback, including through the execution and delivery of documentation Overwatch Technologies  determines is necessary or expedient for Overwatch Technologies  to formalize, register, protect, and/or otherwise perfect Overwatch Technologies ’s rights in any such Feedback.

10.  GOVERNMENT MATTERS

10.1  Export. Notwithstanding anything in this Agreement or any Schedule to the contrary, Customer shall not use, export, or re-export, or allow the export or re-export of, the SaaS Solution, Hardware, Services, Documentation, and/or any other components of the System, or anything related thereto or any direct product thereof, in violation of any restrictions, laws, or regulations of the United States Department of Commerce, the United States Department of Treasury Office of Foreign Assets Control, or any other United States or foreign agency or authority. Customer represents and warrants to Overwatch Technologies  that Customer and Users are not named on any U.S. government denied-party list. Customer and Users shall not access or use the SaaS Solution, Hardware, Software, Services, Documentation, or any other components of the System in or for any U.S. embargoed country.

‍10.2  Anti-Corruption. Customer acknowledges and agrees that it has not received or been offered any illegal or improper bribe, kickback, payment, gift, or thing of value from Overwatch Technologies  or any Overwatch Technologies  employee or agent in connection with this Agreement or any Schedule. If Customer learns of any violation of the above restriction in this Section, then Customer will promptly notify Overwatch Technologies  in writing thereof.

11.  MISCELLANEOUS

11.1  Severability.  If any provision of this Agreement or Schedule is found to be unenforceable or invalid by an arbitration panel or court of competent jurisdiction as provided for in this Agreement, then such provision will be limited or eliminated to the minimum extent necessary to comply with such finding and the other provisions of this Agreement and Schedules will otherwise remain in full force and effect in accordance with the remaining terms and conditions of this Agreement and Schedules.  

11.2  Assignment. Neither this Agreement, nor any of the rights or obligations under this Agreement, shall be assigned or transferred by Customer to any third party without Overwatch Technologies ‘ express prior written consent.  Overwatch Technologies may transfer or assign this Agreement, or any of its rights or obligations under this Agreement, to any Affiliate or third party. This Agreement and the Schedules shall be binding upon and shall inure to the benefit of the Parties hereto and their respective permitted successors and permitted assigns.

11.3  Survival. The Sections of this Agreement which by their nature should survive termination or expiration of this Agreement will survive termination or expiration of this Agreement, including Sections 3, 4, 5.4, 5.6, 6, 7, 8, 9, and 11.

11.4 Entire Agreement; Amendment. This Agreement including all Schedules and Exhibits attached hereto is the complete and exclusive statement of the mutual understanding of the Parties relating to the subject matter of this Agreement, and supersedes and replaces any and all previous written and oral agreements, communications, and other understandings between the Parties relating to the subject matter of this Agreement. This Agreement and each Schedule in order to be effective shall have been signed by an authorized representative of each of the Parties.  Any amendments or modifications to this Agreement or any Schedule shall be effective only to the extent they are made expressly in writing signed by each of the Parties.  Any waiver of any of the terms or conditions of this Agreement or any Schedule by a Party shall be effective only to the extent they are made expressly in writing signed by such Party.  No force or effect shall be given to any terms or conditions contained on or in any Customer purchase order or any other Customer form document issued by Customer to Overwatch Technologies  under or in connection with this Agreement, even if accepted or not rejected by Overwatch Technologies . No agency, partnership, joint venture, franchise, or employment relationship of any kind is created or entered into between the Parties under or as a result of this Agreement or any Schedule. Customer does not and shall not have any authority or right of any kind to bind Overwatch Technologies , its Affiliates, suppliers, or licensors in any respect whatsoever. 

11.5  Notices. All notices required or permitted to be given between the Parties under this Agreement shall be in writing and shall be deemed to have been duly given to the other Party at its address first listed above in this Agreement: (i) when received, if personally delivered; (ii) when received, if delivered by courier service; and (iii) upon receipt, if sent by certified or registered mail (return receipt requested), postage prepaid.

11.6  Force Majeure. Neither Party shall be liable or responsible to the other Party under this Agreement or any Schedule for any failure or delay in fulfilling or performing any of its obligations under this Agreement or any Schedule (except for obligations of Customer to make payments of Fees to Overwatch Technologies  hereunder) if and to the extent such failure or delay is caused by or results from events or acts beyond the affected Party’s reasonable control, including without limitation: acts of God; flood, fire or explosion; war, invasion, riot or other civil unrest; pandemics; actions, embargoes or blockades in effect on or after the Effective Date of this Agreement; or national or regional emergency (each of the foregoing, a “Force Majeure Event”). The Party whose performance of its obligations under this Agreement or any Schedule is prevented or delayed by a Force Majeure Event shall give written notice thereof to the other Party, stating the period of time the occurrence of the Force Majeure Event is expected to continue and the affected Party shall use diligent efforts to end the failure or delay and minimize the effects of such Force Majeure Event on the performance of its obligations under this Agreement and applicable Schedule(s).  Without limiting the foregoing, Customer acknowledges and agrees that Overwatch Technologies  assumes no and shall have no responsibility or liability for any interruptions, delays, or failures in set up of the Hardware or for the consequences therefrom, however caused, or for any interruptions, delays, or failures of the SaaS Solution, Hardware, Software, Services, and/or any other components of the System or for the consequences therefrom, due to any Force Majeure Event, and Overwatch Technologies  shall not be required to provide the SaaS Solution, Hardware, Software, Services, and/or any other components of the System to Customer or Users while such interruption, delay, or failure of the SaaS Solution, Hardware, Software, Services, and/or any other components of the System is due to any such Force Majeure Event.

11.7 Governing Law; Venue. This Agreement and the Schedules shall be governed by the laws of the State of Delaware, and the applicable Federal laws of the U.S.A., without regard to conflict or choice of laws rules or principles. The Parties agree that any dispute between the Parties arising from or relating to this Agreement or any Schedule shall be brought in a court of competent jurisdiction in the State of Utah. Each party waives and agrees not to plead or claim that a dispute brought in such court has been brought in an inconvenient forum. Notwithstanding the foregoing, Overwatch Technologies  shall have the right at any time to institute or bring any action or proceeding in any court of competent jurisdiction for collecting past due Fees or seeking injunctive or other equitable relief for or in connection with any Intellectual Property Rights of Overwatch Technologies  or any Confidential Information of Overwatch Technologies .

11.8 Prevailing Party.  In any arbitration, or legal action or proceeding between the Parties in connection with this Agreement or any Schedule, the prevailing Party in such arbitration, or legal action or proceeding will be entitled to recover and be awarded its costs and attorneys’ fees incurred by such Party in such arbitration, or legal action or proceeding.

‍11.9  Remedies.  The rights and remedies of Overwatch Technologies  under this Agreement, the Schedules, or otherwise available to Overwatch Technologies  at law or in equity, are not exclusive, but rather shall be cumulative and the exercise of any particular right or remedy by Overwatch Technologies  shall not preclude the exercise of any other rights or remedies by Overwatch Technologies  in addition to, or as an alternative of, such right or remedy.

11.10  Counterparts.  This Agreement and each Schedule may be executed by the Parties in any number of counterpart originals, each of which shall be deemed an original instrument for all purposes, but all of which together shall comprise one and the same instrument. Signed copies of this Agreement and each Schedule may be delivered by a Party to the other Party by facsimile or email, and a facsimile or scanned copy of this Agreement and each Schedule so delivered shall be binding as an original.

12.  DEFINITIONS

12.1 “Affiliate” means an entity that owns or controls, is owned or controlled by or is or under common control or ownership with another entity, where control is defined as the possession, directly or indirectly, of the power to direct or cause the direction of the management and policies of an entity, whether through ownership of voting securities, by contract or otherwise.

12.2 “Customer” means the entity identified at the top of this Agreement as the Customer.

12.3 “Customer Data” means any information or data about Customer or Users that is supplied to Overwatch Technologies  by Customer or any User in connection with their access to or use of the SaaS Solution or Services, or which Overwatch Technologies  is required to access, use, generate, process, store, or transmit pursuant to this Agreement, including information about Customer’s and Users’ respective devices, computers, and use of the SaaS Solution or Services.

12.4 “Customer Personal Data” means any Customer Data that is personal data as defined under applicable Data Protection Laws.

12.5 “Data Protection Laws” means any applicable data protection laws, regulations, and legally binding codes of practice from time-to-time in force applicable to the performance of a Party’s obligations under this Agreement and any implementing legislation in the jurisdiction in which the Customer is located and any legislation which is analogous to and has the same object as the foregoing, namely the control and protection of data which is personal to individuals.

12.6 “Documentation” means all Overwatch Technologies  documentation and/or other materials (including manuals, instructions, training materials, user guides, specifications, flow charts, technical and functional specifications, logic diagrams, and other support materials) for the access, use, operation, and/or functionality of the SaaS Services, Hardware, Software, Services, and/or other components of System provided or made available by Overwatch Technologies  to Customer pursuant to this Agreement.  

12.7 “Fees” means any and all fees and other amounts due from or payable by Customer to Overwatch Technologies  as set forth on the Payment Schedule in a Schedule or as otherwise provided for in this Agreement or any Schedule.

12.8 “Hardware” means the Overwatch Technologies  hardware and/or equipment listed or described in  a Schedule and made available to Customer and Users by Overwatch Technologies  under such Schedule and this Agreement, including any and all Updates of the preceding. 

12.9 “Integration Software” means all (i) Overwatch Technologies  proprietary software and (ii) open source software used in providing the SaaS Solution or Services which integrates with Customer’s network or application, including SSL or other VPN, Unix operating system, Microsoft application, or web application, as provided in the Documentation and any Updates, upgrades, fixes, or patches of the preceding developed and provided or made available to Customer by Overwatch Technologies  under this Agreement from time-to-time.

12.10 “Intellectual Property Rights” means any and all patents, copyrights, trademarks, trade secrets, (including applications and registrations for any of the preceding rights), and any and all other intellectual, proprietary, and industrial property rights of whatever nature in each case in any part of the world and whether or not registered or registerable, for the full period of the applicable afforded rights and any and all extensions and renewals of any of the preceding where applicable.

12.11 “Law(s)” means any and all laws, ordinances, statutes, rules, and regulations of any U.S. federal, state, or local governmental body or unit.

12.12 “Overwatch Technologies  Admin Panel” means the Overwatch Technologies  web portal currently accessible at https://overwatch.live which allows Customer’s appointed Administrator(s) to, among other options, enroll and activate Users, issue and manage passwords and bypass codes, and manage Customer’s and each User’s applicable mobile devices.  

12.13 “Overwatch Technologies  Mobile Software” means all Overwatch Technologies  proprietary mobile software applications used in providing the SaaS Solution and Services to Customer, and any Updates, upgrades, fixes, or patches of the preceding developed and provided or made available to Customer by Overwatch Technologies  under this Agreement from time-to-time.

12.14 “Payment Schedule” means the payment schedule for the Fees due from or payable by Customer to Overwatch Technologies  as detailed in the applicable Schedule entered into between the Parties.  The terms of the Payment  Schedule in a Schedule may require Customer payment of such Fees to be paid to Overwatch Technologies  either monthly on the first day of the calendar month, by ACH or credit card, annually, or multi-year and invoiced in advance, with payment due and payable in full from Customer to Overwatch Technologies  within thirty (30) days of Customer receipt of Overwatch Technologies ’s invoice therefor. Such Payment Schedule in a Schedule may also specify, among other things, a description of the SaaS Solution, Hardware, Software, Services, and/or other components of the System, maximum number of Users, initial Schedule Term, Fees, and such other charges and terms as agreed between the Parties in such Schedule.

12.15 “Performance Data” means any and all aggregate de-identified data and information from or relating to Customers and Users’ access to and/or use of the SaaS Solution, Hardware, Software, Services, and/or any other components of the System, including any performance, analytics, or statistical data, that Overwatch Technologies  may collect, develop, or generate from time-to-time from or relating to Customers and Users’ access to and/or use of the SaaS Solution, Hardware, Software, Services, and/or any other components of the System.

12.16 “Personal Information” means any information relating to an identified or identifiable individual, including, but not limited to, name, postal or email address (or other online contact information such as an online user ID), telephone number, Social Security number (or its equivalent), driver’s license number (or other government-issued identification number), date of birth, demographic information, health or medical information, health insurance information, biometric data, account information (including checking, credit card, or other financial account information), personal identification number, access code, password, security questions and answers, next of kin contact information, Internet Protocol (IP) address, or any other unique identifier or one of more factors specific to the individual’s physical, physiological, mental, economic or social identity, in whatever format, including that contained in communications, documents, databases, records, or materials of any kind whether such data is in individual or aggregate form, and regardless of the media in which it is contained, including any of the foregoing that may be (i) disclosed to Overwatch Technologies  by Customer or Users under this Agreement; (ii) processed by Overwatch Technologies under this Agreement; or (iii) derived by Overwatch Technologies from the information described in (i) or (ii) above in this Section.  Personal Information includes cardholder data from Customer, including transaction authorization information, primary account numbers, service codes, expiration dates, full magnetic stripe data or equivalent on a chip, CAV2/CVC2/CVV2/CID, PIN number and other information within the scope of the Payment Card Industry Data Security Standard of the PCI Security Standards Council.

12.17 “SaaS Solution” means the Overwatch Technologies software-as-a-service solution listed or described in the applicable Schedule and made available to Customer and Users by Overwatch Technologies under such Schedule and this Agreement, including any and all Updates of the preceding.

12.18 “Services” means the set up, maintenance, support, Overwatch Technologies Amin Panel services, and other services provided, supplied, or made available to Customer and Users by Overwatch Technologies  under this Agreement or any Schedule, including any and all Updates of the preceding.

12.19 “Schedule” means a written Schedule entered into between Customer and Overwatch Technologies that lists or describes the SaaS Solution, Hardware, Software, Services, Documentation, and/or any other components of the System, and/or any other products and/or services, that are ordered by Customer from Overwatch Technologies  pursuant to such Schedule that shall be provided or made available to Customer and Users by Overwatch Technologies  under such Schedule and this Agreement.

12.20 “Software” means the Integration Software and Overwatch Technologies  Mobile Software, including any and all Updates of the preceding, that Overwatch Technologies  provides or makes available to Customer or Users under this Agreement or any Schedule.

12.21 “System” means the SaaS Solution, Hardware, Software, Services, and Documentation provided or made available to Customer and Users by Overwatch Technologies  under this Agreement or any Schedule.  

12.22 “Updates” means any and all bug fixes, patches, corrections, enhancements, updates, or upgrades (including new versions) of or for the SaaS Solution, Software, or Services, as the case may be, which are provided or made available to Customer and Users by Overwatch Technologies under this Agreement or any Schedule.

12.23 “User” means any Customer user of the SaaS Solution, Hardware, Software, Services, and/or other components of the System whom Customer has authorized to enroll to access and use the SaaS Solution, Hardware, Software, Services, and/or other components of the System provided or made available to Customer and Users by Overwatch Technologies under this Agreement.

12.24 “Virus” means software computer instructions that: (i) adversely affect or disable the operation, security or integrity of a computing, telecommunications, or other digital operating or processing system or environment, including, without limitation, software, programs, data, databases, computer libraries, and computer and communications equipment, by altering, destroying, disrupting or inhibiting such operation, security or integrity; (ii) without functional purpose, self-replicate without written manual intervention; or (iii) purport to perform a useful function but which actually perform either a destructive or harmful function, or perform no useful function and utilize substantial computer, telecommunications or memory resources.‍

‍

Exhibit A

Data Protection Addendum

This Data Protection Addendum (“DPA“) is entered into under and forms part of the Master SaaS and Service Level Agreement (“Master Agreement“) entered into by and between the Customer named in the Master Agreement and Overwatch Technologies LLC. (“Overwatch Technologies “). This DPA shall be effective as of the earlier of the Effective Date of the Master Agreement or the date that Customer Data is first processed (as defined below) by Overwatch Technologies . This DPA is incorporated into the Master Agreement by this reference. Except as modified below, the terms of the Master Agreement shall remain in full force and effect in accordance with the terms of the Master Agreement.

In consideration of the mutual obligations in this DPA, the parties hereto agree as follows:

1. Definitions. The following definitions apply in this DPA. Capitalized terms not otherwise defined herein shall have the meaning given to them in the Master Agreement.

1.1 “CCPA” means the California Consumer Privacy Act of 2018, as may be amended, or superseded from time-to-time, as well as any implementing regulations. This includes the California Privacy Rights Act of 2020 (“CPRA”), which amends the CCPA.

1.2 “Data Subject” means an individual who is the subject of Customer Data.

1.3 “Customer Affiliate” means an entity that owns or controls, is owned or controlled by or is or under common control or ownership with Customer, where control is defined as the possession, directly or indirectly, of the power to direct or cause the direction of the management and policies of an entity, whether through ownership of voting securities, by contract or otherwise. 

1.4 “Customer Data” means any information or data processed by Overwatch Technologies  or any Subprocessor on behalf of a Customer Group Member pursuant to or in connection with the Master Agreement. Without limitation, Customer Data includes Personal Information. 

1.5 “Customer Group Member” means Customer or any Customer Affiliate.

1.6 “Personal Information” means any information that (a) identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual or household; or (b) the applicable Data Protection Laws otherwise define as protected personal information, personal data, or the like.

1.7 “Data Protection Laws” means all applicable federal, state, provincial, municipal, and foreign laws and regulations relating to the processing, protection, or privacy of Personal Information that are applicable to a particular Party’s performance under the Master Agreement, including where applicable, the guidance and codes of practice issued by regulatory bodies (including industry self-regulation) in any relevant jurisdiction. This includes, but is not limited to, the CCPA, as well as any law or regulation that comes into effect after the date of execution of this DPA, including applicable data protection laws such as the California Consumer Privacy Act, the California Privacy Rights Act, the Virginia Consumer Data Protection Act, the Colorado Privacy Act, the Utah Consumer Privacy Act, section 5 of the FTC Act, state data breach notification laws, the Controlling the Assault of Non-Solicited Pornography and Marketing (“CAN-SPAM” Act), the Telephone Consumer Protection Act (“TCPA”), and any other similar privacy, cybersecurity data protection laws applicable to the protection and processing of Personal Information that may be enacted during the term of this DPA.

1.7 “Security Incident” means any (a) unauthorized, acquisition, loss, access, or use of any Customer Data; or (b) breach of security leading to the accidental or unlawful destruction, loss, alteration, unavailability, unauthorized disclosure of or access to Customer Data. To clarify, the loss, theft, or unavailability of, or unauthorized access, disclosure, acquisition or other processing of Customer Data is a Security Incident whether or not the incident rises to the level of a security breach or incident requiring notification under the Data Protection Laws.

1.8 “Subprocessor” means any person or entity (including any third party and any Overwatch Technologies Affiliate but excluding Overwatch Technologies  employees) appointed by or on behalf of Overwatch Technologies  to process Customer Data on behalf of any Customer Group Member or that Overwatch Technologies  otherwise makes Customer Data available for a business purpose.  

1.9 “Overwatch Technologies  Affiliate” means an entity that owns or controls, is owned or controlled by or is or under common control or ownership with Overwatch Technologies, where control is defined as the possession, directly or indirectly, of the power to direct or cause the direction of the management and policies of an entity, whether through ownership of voting securities, by contract or otherwise.

1.10 “collect,” “contractor,” “controller,” “process,” “processor,” “sell,” “share,” “sensitive personal information,” and “service provider” shall be interpreted as defined by that term or the similar and reasonably equivalent terms under applicable Data Protection Laws. Their cognate terms shall be construed accordingly.

Personal Information Types and Processing Purposes

1.11 As between the parties hereto, Customer is the controller of the Customer Data and Overwatch Technologies  is the processor or service provider, as applicable. As such, Customer retains control of the Customer Data and remains responsible for its compliance obligations under the applicable Data Protection Laws, including providing any required notices and obtaining any required consents, and for the processing instructions it gives to Overwatch Technologies . 

1.12 Each party hereto shall comply with all applicable Data Protection Laws in the processing of Customer Data and provide the same level of privacy protection as may be required by the applicable Data Protection Laws. 

Overwatch Technologies ‘s Obligations

1.13 Customer Data is disclosed to Overwatch Technologies (or collected by Overwatch Technologies  on behalf of a Customer Group Member) only for the limited purpose of providing the SaaS Solution, Services, or as otherwise set forth in the Master Agreement. Overwatch Technologies  will only process Customer Data as a processor or service provider, as applicable, and only to the extent, and in such a manner, as is necessary for Overwatch Technologies  to provide the SaaS Solution, Services, or as otherwise set forth in the Master Agreement in accordance with Customer’s written instructions. Customer and Overwatch Technologies  acknowledge and agree that the Master Agreement (including any Schedules, orders made, and statements of work executed thereunder) and this DPA constitute Customer’s instructions to Overwatch Technologies  at the time of signing of this DPA.

1.14 Overwatch Technologies is prohibited from (a) selling or sharing the Customer Data; (b) retaining, using, or disclosing the Customer Data for any purpose other than for providing the SaaS Solution, Services, or as otherwise set forth in the Master Agreement as directed by Customer or as otherwise required by Data Protection Laws; (c) retaining, using, or disclosing the information outside of the direct business relationship between Overwatch Technologies  and Customer; (d) combining Customer Data with Personal Information that the Overwatch Technologies  receives on behalf of another person or entity, or collects from its own interactions with a Data Subject unrelated to the SaaS Solution, Services, or as otherwise set forth in the Master Agreement; and (e) knowingly collecting Customer Data that qualifies as sensitive personal information unless expressly instructed to do so by Customer.

1.15 Overwatch Technologies  must promptly notify Customer if Overwatch Technologies  determines that it can no longer meet its obligations under applicable Data Protection Laws.  

1.16 Overwatch Technologies  will maintain the confidentiality of all Customer Data, will not disclose it to anyone unless Customer, the terms of the Master Agreement or any Schedule, or this DPA specifically authorizes the disclosure, or the disclosure is required by law. If a law requires Overwatch Technologies  to process or disclose Customer Data, Overwatch Technologies  must first inform Customer of the legal requirement and give Customer an opportunity to object or challenge the requirement, unless the law prohibits such notice.

1.17 Overwatch Technologies  will reasonably assist Customer to meet its compliance obligations under the Data Protection Laws, taking into account the nature of Overwatch Technologies ‘s processing and the information available to Overwatch Technologies .

1.18 Any notice or method used by Overwatch Technologies  in connection with the collection of Customer Data by Overwatch Technologies  must be consistent with Overwatch Technologies ’s obligations in the Master Agreement, this DPA, and the applicable Data Protection Laws. Without limitation, any such notice or method must be consistent with Overwatch Technologies  being a “service provider” or “processor” to Customer, as those terms are defined under the applicable Data Protection Laws.

1.19 Overwatch Technologies  grants to Customer the right, upon notice, to take reasonable and appropriate steps to (a) help ensure that Overwatch Technologies  uses Customer Data in a manner consistent with Customer’s obligations under the Data Privacy and Protection Laws; and (b) stop and remediate unauthorized use of Customer Data.

1.20 If the Master Agreement permits Overwatch Technologies  to deidentify or anonymize Customer Data or create or use aggregate Data Subject information (collectively, “Deidentified Data”), Overwatch Technologies  must do so in a way so that it no longer meets the applicable Data Protection Laws’ definition of Personal Information, and in a manner that cannot be reconstructed to identify any Customer Group Member. Overwatch Technologies  will (a) take reasonable measures to ensure that the Deidentified Data cannot be associated with a natural person or Customer Group Member; (b) publicly commit to maintaining and using the Deidentified Data without attempting to re-identify the data; and (c) contractually obligate recipients of Deidentified Data to comply with all provisions of this Section.

1.21 If the Services use or incorporate technology that uses machine learning, artificial intelligence, or other similar technologies (together, “AI Technology”), Overwatch Technologies  represents and warrants that it will use reasonable and appropriate safeguards in its design and operation of AI Technology including, without limitation, to identify and mitigate the risk of bias, prevent discrimination, and otherwise meet reasonable industry practices and evolving legal and regulatory obligations applicable to the development and use of AI Technologies.

1.22 Overwatch Technologies  shall cooperate with and assist Customer in its response to (and fulfillment of) Data Subject requests. If Overwatch Technologies  receives a request directly from a Data Subject to exercise their rights under to applicable Data Protection Laws with respect to their Customer Data, then Overwatch Technologies  shall promptly inform the Data Subject that the request cannot be acted upon because it has been sent to a service provider or processor, as applicable. 

2. Complaints and Third-Party Requests

2.1 Overwatch Technologies must promptly notify Customer (but in no event later than three (3) business days) if it receives any complaint, notice, or communication that directly or indirectly relates to (i) Customer’s compliance with the Data Protection Laws; or (ii) Overwatch Technologies ’s compliance with the Data Protection Laws related to its processing of Customer Data.  

2.2 Overwatch Technologies will not disclose Customer Data to any third party unless authorized by Customer or required by law. If government or regulatory authority demands access to Customer Data, Overwatch Technologies  will notify Customer prior to disclosure, unless such notification is prohibited under applicable law.

2.3 Overwatch Technologies  shall implement reasonable safeguards designed to ensure that access to Customer Data is restricted to only those Overwatch Technologies  personnel who have a need to know such information to enable Overwatch Technologies  to perform its obligations under the Master Agreement and this DPA. Overwatch Technologies ’s personnel engaged in the processing of Customer Data shall be informed of the confidential nature of the Customer Data, have received training regarding their responsibilities with respect to Customer Data comprising Personal Information, and are aware of their obligations of confidentiality with respect to Personal Information. Further, Overwatch Technologies  will take reasonable steps to ensure the reliability, integrity, and trustworthiness of all of Overwatch Technologies ‘s personnel with access to the Customer Data.

3. Security Practices. Overwatch Technologies must at all times implement reasonable and appropriate technical and organizational measures designed to safeguard Customer Data against unauthorized or illegal access, destruction, use, modification, processing, copying, or disclosure and against accidental loss, destruction, or damage including, but not limited to, the security compliance requirements set forth in Appendix A (“Security Compliance Requirements”) attached to this DPA. Overwatch Technologies  must document those measures in writing and periodically review them, at least annually, to ensure they remain current and complete. Further, Overwatch Technologies must take reasonable precautions to preserve the integrity of any Personal Information it processes and to prevent any corruption or loss of the Personal Information, including but not limited to establishing effective back-up and data restoration procedures. 

4. Security Incidents. Overwatch Technologies will within 72 hours notify Customer if it becomes aware of any Security Incident. Upon becoming aware of any Security Incident, Overwatch Technologies will take prompt action to reasonably contain, mitigate risks and further harm, and recover from the Security Incident in a manner that preserves relevant evidence and can support an appropriate subsequent investigation. Overwatch Technologies will also reasonably cooperate with and provide assistance to Customer to support Customer’s review, investigation and response to the Security Incident. This coordination may include: (a) assisting with any forensic investigation or review of the incident; (b) providing Customer with physical access to any facilities and operations affected; (c) facilitating interviews with Overwatch Technologies ’s and its Subprocessors’ personnel, former employees and others involved in the matter as may be appropriate; and (d) making available all relevant and non-privileged records, logs, files, data reporting, forensic reports, and other materials required to comply with all Data Protection Laws or as otherwise reasonably required by Customer. Overwatch Technologies  will cover all reasonable expenses associated with the performance of the obligations under this Section, unless the matter arose from the Customer’s specific instructions, negligence, willful default, or breach of this DPA, in which case Customer will cover all such reasonable expenses. Overwatch Technologies  will also reimburse Customer for actual reasonable expenses incurred by Customer when responding and mitigating damages, to the extent that the Security Incident was caused by Overwatch Technologies .

5. Cross-Border Transfers. Overwatch Technologies shall store Customer Data on servers or equipment located in the United States. However, Overwatch Technologies  may authorize Subprocessors located outside of the United States to process Customer Data.

6. Subprocessors

6.1 Overwatch Technologies may authorize a Subprocessor to process the Customer Data only if: (a) the Customer is given an opportunity either to opt out or to object within 30 days after the Overwatch Technologies supplies the Customer with details regarding such Subprocessor; (b) Overwatch Technologies enters into a written contract with the Subprocessor that contains terms substantially the same as those set out in this DPA; and (c) the Overwatch Technologies  maintains control over all Customer Data it entrusts to the Subprocessor.

6.2 In the event Customer exercises its right to object to a new Subprocessor as described above in this Section, Overwatch Technologies will use reasonable efforts to make available to Customer a change in the SaaS Solution or Services or recommend a commercially reasonable change to Customer’s configuration or use of the SaaS Solution or Services to avoid processing of Customer Data by the objected-to new Subprocessor without unreasonably burdening the Customer. If Overwatch Technologies is unable to make available such change within a reasonable time period, which shall not exceed thirty (30) days, Customer may terminate the applicable Schedule, order form, or agreement that relates to such SasS Solution or Services which cannot be provided by Overwatch Technologies  without the use of the objected-to new Subprocessor by providing written notice of such termination to Overwatch Technologies . Overwatch Technologies  will refund to Customer any prepaid fees covering the remainder of the term of such Schedule, order forms, or agreement, as applicable, following the effective date of such Customer termination with respect to such terminated service. 

6.3 Subject to the terms and conditions of sections 6.1 and 6.2, a Subprocessor located outside of the United States may view, monitor, and otherwise process Customer Data. However, no Subprocessor will download Customer Data to any system, service, or other equipment physically located outside of the United States.

7. Term. This DPA will remain in full force and effect so long as: (a) the Master Agreement remains in effect; or (b) Overwatch Technologies  retains any Customer Data related to the Master Agreement in its possession or control (the “Term“).

8. Data Return and Destruction. Upon written request from Customer to Overwatch Technologies  and/or on expiration or termination of the Master Agreement for any reason, within thirty (30) calendar days of receipt of the request or expiration or termination of the Master Agreement, Overwatch Technologies  will securely destroy or, if directed in writing by Customer, return and not retain, all or any Customer Data in its possession or control, except that Overwatch Technologies  may temporarily retain one copy made for backup purposes in the ordinary course; provided that such archive copy will be subject to the ongoing obligations contained herein and shall be destroyed upon the normal expiration of backup files. Overwatch Technologies  shall provide any such returned Customer Data in the format and media reasonably specified by Customer, together with information sufficient for Customer to interpret such information. If any law, regulation, or government or regulatory body requires Overwatch Technologies  to retain any documents or materials that Overwatch Technologies  would otherwise be required to return or destroy, it will notify Customer in writing of that retention requirement, giving details of the documents or materials that it must retain, the legal basis for retention, and establishing a specific timeline for destruction once the retention requirement ends. Overwatch Technologies  may only use this retained Customer Data for the required retention reason or audit purposes. Upon request, Overwatch Technologies  will certify in writing that it has destroyed the Customer Data.

9. Assessments; Privacy and Security Reports

9.1 During the Term and for two (2) years after this DPA terminates, upon reasonable written request of Customer, upon at least 30 days’ notice, Overwatch Technologies  shall allow, and cooperate with, reasonable assessments by Customer or Customer’s third-party representatives to evaluate Overwatch Technologies ’s compliance with the terms of this DPA. The notice requirements herein will not apply if Customer reasonably believes that a Security Incident has occurred or is occurring, or Overwatch Technologies  is in breach of any of its obligations under this DPA. Customer’s will limit its right to conduct assessments of Overwatch Technologies  to no more than once per calendar year, unless Customer reasonably believes that a Security Incident has occurred or is occurring. 

9.2 At least once per year during the Term, Overwatch Technologies  will conduct site audits of its Personal Information processing practices and the information technology and information security controls for all facilities and systems used in complying with its obligations under this DPA, including, but not limited to, obtaining a network-level vulnerability assessment performed by a recognized third-party audit firm based on recognized industry practices. Upon Customer’s written request to Overwatch Technologies , Overwatch Technologies  will make all of the relevant security audit reports available to Customer for review, which may include as applicable: Statement on Standards for Attestation Engagements (SSAE) No. 18 audit reports for Reporting on Controls at a Service Organization, reports relating to its ISO/IEC 27001 certification and other similar reports. Customer will treat such audit reports as Overwatch Technologies ‘s confidential information under the Master Agreement.

9.3 Overwatch Technologies will promptly address any material issues, concerns, or exceptions noted in assessments or reports or with the development and implementation of a corrective action plan, that addresses any such issues, concerns, or exceptions.

‍

APPENDIX A

Security Compliance Requirements

1. Application of Security Compliance Requirements. These Security Compliance Requirements apply to all Customer Data which is: (A) processed by Overwatch Technologies ; (B) provided by or on behalf of Customer to Overwatch Technologies ; (C) learned or otherwise used by Overwatch Technologies  in connection with the performance of Services; or (D) otherwise collected or gathered from Customer in connection with the Services. Notwithstanding any contrary terms or conditions in the Master Agreement or any agreements between Overwatch Technologies  and Customer, any exclusion in the Master Agreement or such agreements to the definition of Confidential Information shall not apply to Customer Data.

2. Generally Applicable Security Compliance Requirements: In all events, with respect to Customer Data, Overwatch Technologies  shall:

a. follow the industry practice of ISO 27002:2005, Information Technology – Security Techniques – code of Practice for Information Security Management (“ISO Security Standard”), NIST 800-53, SSAE 18, or a similar industry framework.

b. logically and/or physically segregate Customer Data from the data of any third party (excluding, for the avoidance of doubt, data of Customer and its Affiliates necessary for Overwatch Technologies  to fulfill its obligations or exercise its rights in or under the Master Agreement) and implement the rule of least privilege and reasonable industry standard access controls.

c. encrypt (utilizing AES-GSM 256-bit encryption or better) Customer Data if it is stored on network infrastructure owned and/or managed by Overwatch Technologies  or on any approved cloud hosted infrastructure, or where Personal Information is transmitted over the internet or on a portable device.

d. when deleting Customer Data, Overwatch Technologies  shall comply with “NIST Guidelines for Media Sanitization (Draft SP 800-88)”.

e. implement Multi-Factor Authentication (“MFA”) for any external access to an internal network where Customer Data is accessible.

f. notify the Customer Information Security organization promptly of any Security Incident by sending email to a designated email provided by Customer to Overwatch Technologies  in writing, in addition to notifying the primary business contact at Customer. Such notification must be made in conformance with the timing requirements set forth in the DPA. The notification requirements and recipients in this Section 2(F) are in addition to the notification requirements and obligations in the main body of the DPA.

g. take prompt corrective action(s) to remedy a violation of (and to prevent any future violation of) any Security Compliance Requirement.

h. regularly monitor for and take prompt corrective action(s) to remediate any vulnerabilities or security concerns (i) identified by Customer; or (ii) identified by Overwatch Technologies  and which present a high or critical risk to the systems that support the Services to Customer and/or Process Customer Data.

i. implement corrective action(s) for each of the above provisions (G) through (H) in a timeframe reasonably appropriate in light of the risk or as otherwise agreed upon with Customer.

j. maintain cybersecurity liability insurance reasonable and appropriate to the nature of Overwatch Technologies ’s business and Services provided to Customer.

3. Certification Requirements:  Company shall:

a. comply with both the general certification requirements set forth in this Section and any other applicable certification requirement(s) set forth elsewhere in these Security Compliance Requirements or Overwatch Technologies ’s agreement(s) with Customer.

b. provide certification of compliance with the applicable Security Compliance Requirements by either obtaining such certification from an independent information security service company or through an annual self-assessment and certification, as approved by Customer.

c. provide written certification to Customer that Customer Data has been destroyed in accordance with the requirements of this Appendix A