Terms

CIPHERTRACE TERMS AND CONDITIONS

Last Updated: September 1, 2022

Purchase or use of the CipherTrace Service (defined below) is subject to these CipherTrace Subscription Terms and Conditions (“Terms”).  Please read these Terms carefully before using the CipherTrace Service.  By executing a Purchase Order and/or accessing the CipherTrace Service, Customer and Customer End Users accept these Terms and the Agreement (capitalized terms defined below).

1. DEFINITIONS

“Agreement” means these Terms, the applicable Purchase Order, the DPA and, if applicable, the written master service agreement or other written agreement between Customer and CT that incorporates these Terms by reference.

“Affiliate” means, in relation to a party, any other entity which directly or indirectly Controls, is Controlled by, or is under direct or indirect common Control with that party from time to time.

“Communication Data” means any and all information transmitted, shared, or exchanged between Customer and any Customer End User, or between Customer End User and any third party (including any third-party network or website), using the CipherTrace Service, with respect to any transaction or other communication enabled by the CipherTrace Service, but excluding Security Data.

“Control” means, in relation to a corporate entity, the power, by operation of law or as a matter of fact, to exercise, whether directly or indirectly, a decisive influence on the orientation of such entity’s management or the appointment of the majority of its directors; “Controls” and “Controlled” will be interpreted accordingly.

“Customer” means the entity that purchases a subscription to the CipherTrace Service, directly from CT or through an authorized reseller, distributor, or other channel partner of CT (each, a “Reseller”).  The individual purchasing the subscription on behalf of a company represents that such individual is duly authorized to represent the entity and accept the Terms on behalf of the entity.

“Customer End Users” means individuals who are authorized by Customer to use the CipherTrace Service and for whom Customer has purchased a subscription to the CipherTrace Service. Customer End Users may include but are not limited to Customer’s employees, partners, retail customers, contractors and agents. Each Customer End User will and is required to be associated with a single, unique email addressIn a cryptocurrency context, an address is a cryptographic k... More for purposes of accessing (and being identified within) the CipherTrace Service.

“DPA” means the data processing agreement (as defined in clause 4.6 of these terms).

“Intellectual Property Rights” means patent rights (including, without limitation, patent applications and disclosures), copyrights, trade secrets, know-how, and any other intellectual property rights recognized in any country or jurisdiction in the world.

“CT” means CipherTrace, Inc., a Delaware corporation or such other Mastercard Affiliate as shall be noted as the Mastercard Contracting Party.

“CipherTrace Service” means the web-based Crypto Search or Exchange Monitoring “SCEM” tool, as updated by CT from time-to-time at its discretion, for which Customer has obtained a subscription, whether paid, a free trial or otherwise , either directly from CT or through a Reseller, as more particularly described or identified in the applicable master service agreement, Purchase Order, or other document under which the subscription was obtained, including, without limitation, the following servicesGeneral services, including non-profits, forums and news sit... More: Inspector, Sentry, Traveler, and Armada.

“Mastercard” means Mastercard Inc.

“Mastercard Contracting Party” has the meaning given to it in clause 10.2 of these Terms.

“Purchase Order” means written orders to purchase Customer End User subscriptions to use the CipherTrace Service.

“Representative” means, with respect to a party, any client of such party or any affiliate, director, officer, manager, shareholder, co-investor, member, advisor, agent, employee, financial advisor, consultant, attorney, accountant, financing source or other authorized representative of such party.

“Security Data” means any and all information provided by Customer or any Customer End User to establish secure transmissions through the use of the CipherTrace Service, including but not limited to personal information, information used to identify account names or account numbers, routing information, usernames, passwords, access codes and prompts.

“Software” means any software (particularly including any client software for Customer End Users’ devices) that CT makes available for download or otherwise provides for use in connection with the CipherTrace Service.

2. SUBSCRIPTION; AUTHORIZED USERS.

2.1.  Subscription Fees.  Customer shall pay CT the amount set forth in the Purchase Order (the “Subscription Fees”).  Unless otherwise set forth on a Purchase Order, Subscription Fees are due upfront on an annual basis within thirty (30) days from the Purchase Order date or Customer’s receipt of the relevant invoice.  In the event a Purchase Order sets forth payment terms different than “annual” and Customer is delinquent in fulfilling its payment obligations during the corresponding term, Customer agrees that CT may, without limiting any of its rights hereunder, in its sole discretion, require Customer to fulfill its payment obligations on an annual basis for any subsequent terms, unless otherwise agreed to in writing by the parties. CT reserves the right to defer the issuing of any invoice for Subscription Fees for a period of up to twelve (12) months and/ or, at its discretion, to designate any Affiliate of Mastercard as billing agent for purposes of invoicing.

2.2. Late Payments.  In the event of overdue Subscription Fees, CT will issue an overdue payment notice, and Customer shall pay such overdue amounts, plus interest as described below, within five (5) days.  If Customer fails to timely remit such overdue amounts, CT shall have the right to suspend Customer’s access to and use of the CipherTrace Services until all overdue fees and late payments are received.  Overdue Subscription Fees shall accrue interest in the amount of 0.03% per day or the maximum rate permitted by applicable law, whichever is less.

 2.3. Authorized Users. Only Customer End Users may access or use the CipherTrace Service under Customer’s account. Each Customer End User may use any reasonable number of compatible devices for purposes of accessing the CipherTrace Service, provided that CT reserves the right to determine whether a number of devices is reasonable and, in its sole discretion, to place a corresponding cap on the number of devices. CT does not allow access to the CipherTrace Service from anonymous browser services such as TOR.  Customer End User subscriptions cannot be shared or used by more than one individual but may be permanently reassigned to new Customer End Users by contacting [email protected]. The number of Customer End User subscriptions purchased may be increased at any time (under a new Purchase Order) but cannot be decreased during any subscription period.

No more than once per year, CT may reasonably request Customer to certify that it is in conformance with the terms and conditions of this Agreement, including but not limited to, the number of Customer End Users that are using the CipherTrace Services. Customer will use commercially reasonable efforts to provide such certification to CT within thirty (30) days of its receipt of any such request.

3. USE OF THE CIPHERTRACE SERVICE

3.1. CT’s Responsibilities. CT will: (i) provide to Customer support related to the CipherTrace Service with commercially reasonable effort and (ii) provide the CipherTrace Service only in accordance with applicable laws and government regulations and subject to the restrictions, terms and warranties provided herein.

3.2. Customer’s Responsibilities. Customer will (i) be responsible for meeting CT’s applicable minimum system requirements for use of the CipherTrace Service; (ii) be responsible for Customer End Users’ compliance with this Agreement and for any other activity (whether or not authorized by Customer) occurring under Customer’s account, (iii) be solely responsible for the accuracy, quality, integrity and legality of Communication Data, (iv) use commercially reasonable efforts to prevent unauthorized access to or use of the CipherTrace Service under its account, and notify CT promptly of any such unauthorized access or use, (v) be responsible for any network or internet connectivity required to access the CipherTrace Services over the internet and (vi) use the CipherTrace Service only in accordance with this Agreement, any applicable documentation, laws and government regulations, and any reasonable written instructions provided by CT to Customer.

3.3. Prohibitions. Customer will not (i) make the CipherTrace Service available to anyone other than Customer End Users, (ii) sell, resell, rent or lease the CipherTrace Service, (iii) use the CipherTrace Service to store or transmit infringing, libelous, or otherwise unlawful or tortious material, or to store or transmit material in violation of third-party privacy or intellectual property rights, (iv) use the CipherTrace Service to store or transmit malware, viruses, worms, time bombs, Trojan horses and other harmful or malicious code, files, scripts, agents or programs, (v) interfere with or disrupt the integrity or performance of the CipherTrace Service or third-party data contained therein, or (vi) cache and transfer to any other device, computing system or repository any data, information or materials that are part of, embedded in or provided by CT or any third party in connection with the CipherTrace Service (a “Cached Transfer”).   If a Customer or Customer End User makes any Cached Transfer not specifically authorized by CT, whether for the purpose of circumventing payment of license or subscription fees to CT or otherwise, then the offending Customer or Customer End User will pay damages to CT. CT, at its sole discretion, may blockBlocks hold batches of valid transactions that are hashed an... More or cancel access to the CipherTrace Service for any users that are connected in any way to U.S. or U.N. sanctioned entities or countries. Additionally, CT, at its sole discretion, may block or cancel access to the CipherTrace Service for any customer that shares login credentials or any customer that exceeds its  licensed usage query volume without agreeing to an increase in license fees.

3.4. Software.  Customer End Users may need to download and install client Software (as made available by CT either directly or through applicable third-party app stores or other distribution channels) on each device through which they intend to use the CipherTrace Service.  All use of such Software will be governed by the terms of the applicable CT license agreement that accompanies or is made available in connection with the Software. Customer acknowledges that each Customer End User must accept such license agreement, and must have a CipherTrace Service-compatible device, in order to download, install, and/or use the Software.  Nothing in this Agreement shall be deemed to grant to Customer rights of any kind in, to or with respect to the Software.

3.5. Security Data.  Customer understands that failure to protect Security Data may allow an unauthorized person or entity to access the CipherTrace Service.  In addition, Customer acknowledges that CT generally does not have access to and cannot retrieve lost Security Data.  In the event that Customer loses the Security Data, Customer will no longer have access to the CipherTrace Service.  Customer agrees that: (i) Customer is solely responsible for collecting, inputting and updating all Security Data; (ii) CT assumes no responsibility for the supervision, management or control of Customer’s and Customer End User’ Security Data; and (iii) CT assumes no responsibility for any fraudulent or unauthorized use of the Software or any other portion of the CipherTrace Service.  To the extent that CT has access to any personal information, such personal information shall be governed by the provisions of the CT Privacy Policy, a copy of which is available on the CT website at www.ciphertrace.com, which CT may update from time to time.  Customer and Customer End Users agree not to share sensitive personal information with CT.

3.6.  Resellers.  If Customer orders CipherTrace Services via a Reseller, such Reseller may have access to Customer End Users credentials.  As between CT and Customer, Customer is solely responsible for: (i) any access by Reseller to Customer End User credentials and account and (ii) defining in the agreement and/or order between Customer and Reseller (the “Reseller Agreement”) any rights or obligations with respect to such relationship (notwithstanding the foregoing, any rights or obligations with respect to the CipherTrace Services shall be governed by this Agreement).  Customer’s sole and exclusive recourse with respect to any rights or obligations set forth in the Reseller Agreement will be against the Reseller (unless CT has also directly granted such rights to Customer in this Agreement).  Additionally: (i) any Fees will be set between Customer and Reseller and any payments will be made directly to Reseller under the terms of the Reseller Agreement unless the relationship between CT and Reseller is terminated in which case the subscription fees shall be paid directly to CT, (ii) the duration of the CipherTrace Services will be set forth in the order between Reseller and Customer, subject at all times to CT’s right to suspend and/or terminate the CipherTrace Services in accordance with this Agreement, and (iii) CT may share Customer’s Confidential Information with Reseller as a Representative subject to Section 5 or as necessary to provide any support services.  If there is any conflict between the provisions of this Agreement and the Reseller Agreement, then the provisions of this Agreement prevail.

4. PROPRIETARY RIGHTS

4.1. Reservation of Rights. Subject to the limited rights expressly granted hereunder, CT reserves all rights, title and interest in and to the CipherTrace Service, the original data provided and made available on the CiperTrace Service and any associated Software and documentation, including all related Intellectual Property Rights.  No rights are granted to Customer hereunder other than as expressly set forth herein.

4.2. Restrictions. In addition to the other prohibitions set forth in this Agreement, Customer will not (i) create derivate works based on the CipherTrace Service, (ii) copy, frame or mirror any part or content of the CipherTrace Service, other than copying or framing on Customer’s own intranets or otherwise for Customer’s own internal business purposes in accordance with CT’s applicable documentation, (iii) reverse engineer, decompile, disassemble or otherwise attempt to obtain or perceive the source code from which any component of the CipherTrace Service is compiled or interpreted, or (iv) access the CipherTrace Service in order to build a competitive product or Service or to copy any features, functions or graphics of the CipherTrace Service, or (v) copy, store, possess or use in part or in whole the original data provided and made available on the CiperTrace Service except as explicitly allowed and provided in this Agreement and solely during the term hereof.

4.3. Ownership of Communication Data. Customer reserves all of its rights, title and interest in and to the Communication Data. Customer grants CT a non-exclusive, worldwide, royalty-free license to use any Communication Data to provide, improve, enhance, develop and offer services or products. Customer represents and warrants that: (i) it owns or has the right to make Communication Data available to CT; (ii) the posting and use of Communication Data on or through the CipherTrace Services will not (A) violate the intellectual property, privacy, publicity, or other rights of any person or entity, or (B) breach any contract between Customer and a third party; and (iii) except to the extent the Communication Data is based on public blockchainA blockchain is a shared digital ledger, or a continually up... More technology.

4.4. Ownership of Performance Data. CT owns all metadata in connection with installation, registration, use, and performance of the CipherTrace Services, including response times, load averages, usage statistics, and activity logs.

4.5. Suggestions. Customer grants CT a royalty-free, worldwide, transferable, sublicensable, irrevocable, perpetual license to use or incorporate into the CipherTrace Service (or CT’s other products or services) any suggestions, enhancement requests, recommendations or other feedback provided by Customer, including Customer End Users, relating to the operation or features of the CipherTrace Service.

4.6. Data Protection. Each party shall be individually and separately responsible for complying with the obligations that apply to it under Privacy and Data Protection Law as defined in the Data Processing Agreement (“DPA”) available at https://ciphertrace.com/data-processing-agreement/ is hereby incorporated by reference in the Agreement. The DPA will prevail over any contradictory term otherwise contained in this Agreement solely with respect to the Processing of Personal Data (as these terms are defined in the DPA).

5. CONFIDENTIALITY

5.1. Definition of Confidential Information. As used herein, “Confidential Information” means all confidential information disclosed by a party or its Representatives (“Disclosing Party“) to the other party or its Representatives (“Receiving Party“), whether orally or in writing, that is designated as confidential or that reasonably should be understood to be confidential given the nature of the information and the circumstances of disclosure. However, Confidential Information will not include any information that (i) is or becomes generally known to the public without breach of any obligation owed to the Disclosing Party, (ii) was known to the Receiving Party prior to its disclosure by the Disclosing Party without breach of any obligation owed to the Disclosing Party, (iii) is received from a third party without breach of any obligation owed to the Disclosing Party, or (iv) was independently developed by the Receiving Party.

5.2. Protection of Confidential Information. Except as otherwise permitted in writing by the Disclosing Party, (i) the Receiving Party will use the same degree of care that it uses to protect the confidentiality of its own confidential information of like kind (but in no event less than reasonable care) not to disclose or use any Confidential Information of the Disclosing Party for any purpose outside the scope of this Agreement, and (ii) the Receiving Party will limit access to Confidential Information of the Disclosing Party to those of its Representatives who need such access for purposes consistent with this Agreement and who are legally bound to protect such Confidential Information consistent with the requirements of this Agreement.

5.3. Compelled Disclosure. The Receiving Party may disclose Confidential Information of the Disclosing Party if it is required or requested to be disclosed in response to a valid order by a court or in response to a request by a regulatory authorityThe name of the regulatory agency to which a VASP is registe... More having jurisdiction over the Receiving Party and will provide 10 days advance notice and reasonable assistance, at the Disclosing Party’s cost, if the Disclosing Party wishes to contest, limit, or protect the disclosure. Receiving Party agrees to only disclose such portion of Confidential Information as is required.

5.4. Termination. Upon termination and/or expiration of all subscriptions, the Receiving Party shall promptly destroy all data, documents and other tangible materials (including notes, writings and other material developed therefrom by the Receiving Party or any its Representatives but excluding email and other written records legally required to be maintained) containing Confidential Information and all copies thereof, except that the Receiving Party may retain one complete copy of all the Confidential Information in its legal and/or compliance department for archival purposes only, and the Receiving Party may retain electronic copies of the Confidential Information that exist on their computer system and backups thereof in the ordinary course. Disclosing Party may request from the Receiving Party, and the Receiving Party shall promptly provide upon receipt of such request, a written certification of compliance with this Section 5.4.

5.5. Notification of Unauthorized Disclosure. If the Receiving Party becomes aware of disclosure or use of Confidential Information other than as authorized in this Agreement, the Receiving Party will promptly notify the Disclosing Party of that disclosure or use and shall cooperate with the Disclosing Party in mitigating any adverse consequences to the Disclosing Party of that disclosure or use.

5.6. No License or Conveyance.  Except as expressly permitted in these Terms, nothing in these Terms shall convey to the Receiving Party any right, title or interest in any Confidential Information, or any license to use, sell, exploit, copy or further develop any such Confidential Information or any trademark, trade name, or any other intellectual property rights of the Disclosing Party.

5.7. Survival of Confidentiality. The confidentiality obligations in this Section 5 shall apply during the term of this Agreement and for a period of three (3) years after the expiration and/or termination of this Agreement.

6. WARRANTIES AND DISCLAIMERS

6.1. Mutual Representations and Warranties. Each party represents and warrants that it has the right to enter into and perform its obligations under this Agreement, and that such performance does not and will not conflict with any other agreement of such party or any judgment, order, or decree by which it is bound. Each party will comply with all laws applicable to its performance under this Agreement.

6.2. Disclaimer. THE CIPHERTRACE SERVICE IS PROVIDED ON AN “AS IS” AND “AS AVAILABLE” BASIS without any warranties, express, implied, statutory or otherwise, including without limitation WARRANTIES OF MERCHANTABILITY, ACCURACY, COMPLETENESS, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.  CT does not warrant that the CipherTrace Service will perform as documented in cases of hardware malfunction, misuse of the Software or CipherTrace Service, modification of the Software by any party other than by CT or as otherwise authorized, or bugs in other software, such as the Customer End User’s software or server, with which the Software interacts.  CT disclaims any and all liability if any Customer or Customer End User data is corrupted by or from malware, viruses, or other bugs hosted and launched by Customer End User’s browser and/or computer.

7. MUTUAL INDEMNIFICATION

7.1. Indemnification by Customer. Customer shall defend (or settle), indemnify and hold harmless CT, its officers, directors and employees, from and against any liabilities, losses, damages and expenses, including court costs and reasonable attorneys’ fees, arising out of or in connection with any third-party claim that: (i) a third party has suffered injury, damage or loss resulting from Customer’s or any Customer End User’s use of the CipherTrace Service (other than any claim for which CT is responsible under Section 7.2); or (ii) Customer or any  Customer End User has used the CipherTrace Service in a manner that violates this Agreement.  Customer’s obligations under this Section 7.1 are contingent upon: (a) CT providing Customer with prompt written notice of such claim; (b) CT providing reasonable cooperation to Customer, at Customer’s expense, in the defense and settlement of such claim; and (c) Customer having sole authority to defend or settle such claim.

7.2. Indemnification by CT.  CT shall defend (or settle) any suit or action brought against Customer to the extent that it is based upon a claim that the CipherTrace Service, as furnished by CT hereunder, infringes or misappropriates the Intellectual Property Rights of any third party, and CT will pay any costs, damages and reasonable attorneys’ fees attributable to such claim that are awarded against Customer.  CT’s obligations under this Section 7.2 are contingent upon: (a) Customer providing CT with prompt written notice of such claim; (b) Customer providing reasonable cooperation to CT, at CT’s expense, in the defense and settlement of such claim; and (c) CT having sole authority to defend or settle such claim.  In the event that CT’s right to provide the CipherTrace Service is enjoined or in CT’s reasonable opinion is likely to be enjoined, CT may, in its sole discretion, obtain the right to continue providing the CipherTrace Service, replace or modify the CipherTrace Service so that it becomes non-infringing, or, if such remedies are not reasonably available, terminate this Agreement without liability to Customer and with a refund to Customer pro rata for any remaining term(s) of any subscription for the CipherTrace Service.  THE FOREGOING STATES THE ENTIRE OBLIGATION OF CT AND ITS LICENSORS WITH RESPECT TO ANY ALLEGED OR ACTUAL INFRINGEMENT OR MISAPPROPRIATION OF INTELLECTUAL PROPERTY RIGHTS BY THE CIPHERTRACE SERVICE.  CT shall have no liability under this Section 7.2 to the extent that any third-party claims described herein are based on any combination of the CipherTrace Service with products, services, methods, or other elements not furnished by CT, or any use of the CipherTrace Service in a manner that violates this Agreement, or the instructions given to Customer by CT.

7.3 Mitigation Measures. In the event of any claim or potential claim covered by Section 7.2, CT may, in its discretion, seek to mitigate the impact of such claim by modifying the CipherTrace Service to make it non-infringing, and/or by suspending or terminating Customer’s use of the CipherTrace Service upon reasonable notice to Customer (provided, in the case of such suspension or termination, that CT will refund to Customer a portion of fees prepaid by Customer for the then-current subscription period, prorated to the portion of that subscription period that is affected by the suspension or termination).

8. LIMITATION OF LIABILITY

8.1. Security and Other Risks. Customer acknowledges that, notwithstanding the security features of the CipherTrace Service, no product, hardware, software or service can provide a completely secure mechanism of electronic transmission or communication and that there are persons and entities, including enterprises, governments and quasi-governmental actors, as well as technologies, that may attempt to breach any electronic security measure.  Subject only to its limited warranty obligations set forth in Section 6.1, CT will have no liability on account of any security breach caused by any such persons, entities, or technologies. Customer further acknowledges that the CipherTrace Service is not guaranteed to operate without interruptions, failures, or errors. If Customer or Customer End Users use the CipherTrace Service in any application or environment where failure could cause personal injury, loss of life, or other substantial harm, Customer assumes any associated risks and shall indemnify CT and hold it harmless against those risks.

8.2. Limitation of Liability. IN NO EVENT WILL CT’S AGGREGATE LIABILITY TO CUSTOMER OR ANY THIRD PARTY ARISING OUT OF OR IN CONNECTION WITH THIS AGREEMENT OR FROM THE USE OF OR INABILITY TO USE THE CIPHERTRACE SERVICE, WHETHER IN CONTRACT, TORT OR UNDER ANY OTHER THEORY OF LIABILITY, EXCEED THE TOTAL AMOUNT PAID BY CUSTOMER HEREUNDER OR, WITH RESPECT TO ANY SINGLE INCIDENT, THE AMOUNT PAID BY CUSTOMER HEREUNDER IN THE THREE (3) MONTH PERIOD PRECEDING THE INCIDENT.

8.3. Exclusion of Consequential and Related Damages. NEITHER CT NOR ANY OTHER person or entity involved in creating, producing, or delivering the CIPHERTRACE SERVICE will be liable for any incidental, special, exemplary or consequential damages, INCLUDING LOST PROFITS, LOSS OF DATA OR LOSS OF GOODWILL, SERVICE INTERRUPTION, COMPUTER DAMAGE OR SYSTEM FAILURE OR THE COST OF SUBSTITUTE PRODUCTS OR SERVICES, arising ouT of or in connection with this agreement or from the use OF or inability to use the CipherTrace Service, whether based on warranty, contract, tort (including negligence), PRODUCT LIABILITY or any other legal theory, and whether or not CT has been informed of the possibility of such damage, EVEN IF A limited REMEDY SET FORTH HEREIN IS FOUND TO HAVE FAILED OF ITS ESSENTIAL PUrPOSE.

8.4. Basis of Bargain. THE LIMITATIONS OF LIABLITY AND EXCLUSIONS OF DAMAGES SET FORTH IN THIS SECTION 8 ARE FUNDAMENTAL ELEMENTS OF THE BASIS OF THE BARGAIN BETWEEN CT AND CUSTOMER AND WILL APPLY TO THE MAXIMUM EXTENT ALLOWED UNDER APPLICABLE LAW.

9. SUBSCRIPTION TERM AND TERMINATION

9.1. Term of Customer End User Subscriptions. Customer End User subscriptions purchased by Customer commence on the start date specified in the applicable Purchase Order and, unless terminated earlier in accordance with this Agreement, continue for the subscription term specified therein (subject to prorating where CT deems it appropriate to cause newly purchased subscriptions to expire or renew simultaneously with Customer’s pre-existing subscription(s)). Except as otherwise specified in the applicable Purchase Order, all subscriptions will automatically renew for additional periods equal to the expiring subscription term or one-year (whichever is shorter), unless either party gives the other at least thirty (30) days’ notice of non-renewal before the end of the relevant subscription term.  The per-unit pricing during any such renewal term will be the same as that during the prior term unless CT has given Customer notice of a pricing increase before the end of such prior term, in which case the pricing increase will be effective upon renewal and thereafter.  If either party provides notice of non-renewal as set forth above, Customer’s right to use the CipherTrace Service will terminate at the end of the relevant subscription term.  Prior to termination, Customer should delete and/or export any Customer specific data that has been stored in the Case Manager feature.  Customer will not have access to any such data once Customer’s right to use the CipherTrace Service terminates. Customer also agrees to discontinue the use of any data that may have been provided to customer by CipherTrace via any delivery method in addition to customers access through an API or the CipherTrace Console.

9.2. Termination or Suspension for Cause. A party may terminate any subscription for cause upon thirty (30) days written notice to the other party of a material breach if such breach remains uncured at the expiration of such period. In addition, CT may, at is sole option, suspend or terminate Customer’s or any Customer End User’s access to the CipherTrace Service, or any portion thereof, immediately: (i) if CT suspects that any person other than Customer or a Customer End User is using or attempting to use Security Data, (ii) if CT reasonably suspects that Customer or a Customer End User is using the CipherTrace Service in a way that violates this Agreement and could expose CT or any other entity to harm or legal liability, or (iii) if CT in its sole discretion believes it is required to do so by law.

9.3. Termination for Adverse Change.  In the event a change in law or regulation prohibits or impairs CT’s ability to provide the CipherTrace Services, or any portion thereof (“Adverse Change”), CT may suspend the provision of, and Customer’s right to access and use, the CipherTrace Services, or such affected portion thereof, for the duration of the Adverse Change, as may be necessary for CT to address the Adverse Change. If CT, in its sole discretion, reasonably determines that it is unable to modify the CipherTrace Services to address the Adverse Change, CT may terminate such CipherTrace Services or this Agreement upon written notice to Customer with no further liability to Customer.

9.4.  Termination for Additional Events.  At any time, CT may terminate any CipherTrace Service or this Agreement: (a) upon ninety (90) days’ notice, if the CT discontinues such CipherTrace Service in one or more of the jurisdictions in which such CipherTrace Service is provided under this Agreement; (b) upon thirty (30) days’ notice or earlier, if required by applicable law or the relevant authority, if CT is required by such law or governing authority to cease providing such CipherTrace Service in one or more of the countries in which such CipherTrace Service is provided under this Agreement; or (c) immediately, if CT receives a claim or notice alleging that such Hosted Service infringes or violates a third party’s intellectual property rights.

9.5.  Compliance Review; Termination.  Customer acknowledges that (i) CT has entered into this Agreement pending an initial compliance review of Customer and its ownership (the “Initial Compliance Review”); and (ii) from time to time, CT will conduct compliance reviews of Customer and its ownership (together with the Initial Compliance Review, the “Compliance Reviews”), in each case to determine whether Customer and its ownership satisfies the compliance requirements established by CT for its customers.  Customer agrees to provide any documentation and information reasonably requested by CT in connection with a Compliance Review.  CT may terminate this Agreement by written notice to Customer should it determine, in its sole discretion, that Customer or its ownership fails to satisfy the compliance requirements established by CT for its customers.

9.6.  Surviving Provisions. Section 2.3 (Late Payment), Sections 4 (Proprietary Rights), 5 (Confidentiality), 6.2 (Disclaimer), 7 (Mutual Indemnification), 8 (Limitation of Liability), 9.6 (Surviving Provisions) and 10 (General Provisions) will survive any termination or expiration of this Agreement.

9.7. Effect of Termination. Upon the expiration or termination (for any reason) of this Agreement, whether for a  paid subscription, a free trial, or otherwise: (i) Customer’s right to use the CipherTrace Service will automatically terminate, (ii) Customer will not have  any right nor access to any Customer specific data that has been stored in the Case Manager feature, (iii) Customer will discontinue the use and delete any data that may have been provided to Customer by CT via any delivery method in addition to customers access through an API or the CipherTrace Console,  and upon written request from CT, Customer will confirm the deletion of such data, and (iv) all of Customer’s rights to any deliverables pursuant to this Agreement shall be revoked. Notwithstanding the foregoing, termination or expiration of this Agreement shall not relieve either party of any obligation accrued through the date of termination or expiration of this Agreement.

10. GENERAL

10.1. Manner of Giving Notice. Except as otherwise specified in this Agreement, all notices, permissions and approvals hereunder will be in writing and will be deemed to have been given upon: (i) personal delivery, (ii) the second business day after mailing via United States Postal Service, (iii) the next business day after mailing via nationally recognized courier for overnight delivery, or (iv) sending by confirmed facsimile or confirmed email if sent during the recipient’s normal business hours (or, if not, then on the next business day). Notices will be sent to the address specified by the recipient in writing when entering into this Agreement or establishing Customer’s account for the CipherTrace Service (or such other address as the recipient may thereafter specify by notice given in accordance with this Section 10.1).

10.2. Governing Law and Jurisdiction.  This Agreement shall be governed solely by the governing law listed in the chart below for the Mastercard Affiliate that is a party to the Agreement (in the absence of any listed Mastercard Affiliate this shall be assumed to be Cipher Trace Inc) (the “Mastercard Contracting Party”) without regard to such jurisdiction’s principles of conflicts of law.  The application of the United Nations Convention of Contracts for the International Sale of Goods or other international laws is expressly excluded. Each party consents to the personal and exclusive jurisdiction of the courts located in the jurisdiction listed in the chart below for the Mastercard Contracting Party, in connection with all proceedings related to this Agreement.

10.3. Compliance with Laws.  Customer acknowledges that the CipherTrace Services and all related technical information, documents and materials, including the Documentation, may, either now or through subsequent developments, be subject to export controls under the U.S. Export Administration Regulations and/or economic sanctions restrictions under the U.S. Treasury’s Office of Foreign Assets Control regulations that could require a license for delivery to certain entities.  Customer will (a) comply strictly with all legal requirements established under these controls, (b) cooperate fully with CT in any official or unofficial audit or inspection that relates to these controls and (c) not export, re-export, divert or transfer, directly or indirectly, any such item or direct products thereof to any country or national thereof that is embargoed by Executive Order or other applicable law, rule or regulation, unless Customer has obtained the prior written authorization of CT and the applicable governmental  agency.

10.4. Relationship of the Parties. The parties are independent contractors. This Agreement does not create a partnership, franchise, joint venture, agency, fiduciary or similar relationship between the parties.

10.5. Waiver and Cumulative Remedies. No failure or delay by either party in exercising any right under this Agreement will constitute a waiver of that right. Other than as expressly stated herein, the remedies provided herein are in addition to, and not exclusive of, any other remedies of a party at law or in equity.

10.6. Severability. If any provision of this Agreement is held by a court of competent jurisdiction to be contrary to law, the provision will be modified by the court and interpreted so as best to accomplish the objectives of the original provision to the fullest extent permitted by law, and the remaining provisions of this Agreement will remain in effect.

10.7. Assignment. This Agreement and any rights or obligations hereunder may not be assigned or delegated by either Party without the prior written consent of the other Party, which consent shall not be unreasonably withheld or delayed, and any attempted assignment or delegation without such consent will be void; provided, however, that either Party may assign this Agreement in whole without the consent of the other to any Affiliate or to any person or entity which acquires all or substantially all of its assets or stock, whether by sale, merger or otherwise.

10.8. Publicity. Without the prior written consent of the other party, neither party shall (i) use the name of the other party, or the name of any of the other party’s affiliates, or any trade name, trademark, trade device, service mark, symbol or any abbreviation, contraction or simulation of the other party or its affiliates in advertising, publicity, or otherwise; or (ii) represent (directly or indirectly) that any product or any service provided by the party has been approved or endorsed by the other.

10.9. Force Majeure. CT will not be liable for any delay or failure to perform under this Agreement to the extent such delay or failure results from circumstances or causes beyond the reasonable control of CT.

10.10. Modification to Terms and the CipherTrace Service; CT reserves the right to modify these Terms, including the DPA referenced in Section 4.6, from time to time.  Any such change will become effective upon the earlier of thirty (30) calendar days following the delivery of an email notice to Customer (if applicable) or thirty (30) calendar days following CT’s posting of notice of the changes on CT’s website.  Such changes will be effective immediately for new Customers.  CT also reserves the right to modify the CipherTrace Service and/or these Terms at any time without notice.  If Customer objects to any changes, Customer’s sole recourse will be to cease using the CipherTrace Service, terminate the subscription for a pro-rata refund of any amounts Customer may have pre-paid for the subscription (if any), or not renew the subscription.  Continued use of the CipherTrace Service following posting of any such changes on CT’s website will indicate Customer’s acknowledgement of such changes and satisfaction with the CipherTrace Service as so modified.  CT also reserves the right to discontinue the CipherTrace Service at any time without notice.  CT will not be liable to Customer or any third-party should CT exercise its right to modify or discontinue the CipherTrace Service, except and if otherwise expressly set forth in Section 9. Notwithstanding any language to the contrary therein, no additional or conflicting terms or conditions stated in Customer’s Purchase Order or other order documentation will be incorporated into or form any part of this Agreement, and all such terms or conditions will be null. In the event that this Agreement are incorporated by reference to any other documentation, and there is a conflict between this Agreement and any Purchase Order or this Agreement, the terms of www.ciphertrace.com/terms shall prevail with regard to the conflicting language.

10.11.   Third Party Beneficiary. Notwithstanding anything to the contrary in this Agreement, this Agreement is entered into, and the CipherTrace Services are provided, for the sole and exclusive benefit of the Parties, and are not intended to, and do not, confer any third-party beneficiary rights or remedies upon any other person or entity.  Nothing expressed or referred to herein may be construed to give any person or entity other than the Parties any legal or equitable right, remedy or claim under or with respect hereto or any provision hereof.

10.12.  Taxes.  All fees and other charges payable by Customer to CT under this Agreement are stated exclusive of all federal, state, local and foreign taxes, levies and assessments.  Customer agrees to bear and be responsible for the payment of all such taxes, levies, and assessments imposed on Customer or CT arising out of this Agreement, excluding any tax based on CT’s net income.  If Customer is required by any applicable law to deduct or withhold amounts otherwise payable to CT hereunder, Customer will pay the required amount to the relevant governmental authority and provide CT with an official receipt or certified copy or other documentation acceptable to CT evidencing the payment and pay to CT, and in addition to the payment to which CT is otherwise entitled under this Agreement, such additional amount as is necessary to ensure that the net amount actually received by CT free and clear of all taxes equals the full amount CT would have received had no such deduction or withholding been required.

10.13. Inconsistent Terms. If any language, provision, clause, term and/or condition of any other agreement between CT and the Customer  conflicts, is inconsistent or in addition to any language, provision, clause, term and/or condition of this Agreement, then, the language, provision, clause, term and/or condition in this Agreement will prevail and control, and such conflicting, inconsistent and/or additional language, provision, clause, term and/or condition shall be deemed stricken from such other agreement between CT and the Customer.

11. Federal Government End Use Terms. If the Customer is a U.S. federal government department or agency or otherwise becomes subject to the Federal Acquisition Regulations (FAR) (the “Government”), the terms of this Section 11 (these “Federal Government End Use Terms”) shall apply.

11.1.   End user. This Agreement will bind the Government ordering activity as the end user but will not operate to bind an individual Government employee or person acting on behalf of the Government in his or her personal capacity.

11.2.  Law and disputes. This Agreement is governed by Federal law, and any language in this Agreement on the following subjects that is different from that prescribed by applicable Federal law is hereby deleted:

1. 1. Any language purporting to subject the Government to the laws of a U.S. state, U.S. territory, district, or municipality, or a foreign nation, except where Federal law expressly provides for the application of such laws.
   2. Any language requiring dispute resolution in a specific forum or venue.
   3. Any language prescribing a different time period for bringing an action in relation to a dispute.

11.3. Continued performance. Subject to FAR 52.212-4(f) (Excusable delays), CT will not unilaterally revoke, terminate, or suspend any rights granted to the Government except as allowed by this Agreement. If CT believes the ordering activity to be in breach of this Agreement, it will pursue its rights under the Contract Disputes Act or other applicable Federal statute while continuing performance as set forth in FAR 52.212-4(d) (Disputes).

11.4.  Arbitration; equitable or injunctive relief. In the event of a claim or dispute arising under or relating to this Agreement, binding arbitration will not be used unless specifically authorized by agency guidance; and equitable or injunctive relief, including the award of attorney fees, costs, or interest, may be awarded against the Government only when explicitly provided by statute.

11.5.   Updating terms.  After award, CT may unilaterally revise the Agreement terms if such revisions are not material.  A material revision is defined as terms that:

1. 1. change the Government’s rights or obligations;
   2. increase Government prices;
   3. decrease overall level of service; or
   4. limit other Government rights addressed elsewhere in this Agreement.

For revisions that will materially change the terms of this Agreement, the revised Agreement must be incorporated into the contract using a bilateral modification.  Any Agreement terms revised unilaterally subsequent to award that are inconsistent with any material term or provision will not be enforceable against the Government, and the Government will not be deemed to have consented to them.

11.6. No automatic renewals. If any license or service tied to periodic payment is provided in this Agreement (e.g., annual software maintenance or annual lease term), such license or service will not renew automatically upon expiration of its current term without prior express consent by an authorized Government representative.

11.7. Indemnification by CipherTrace. Any clause of this Agreement requiring CT to defend or indemnify the Customer End User is hereby amended to provide that the U.S. Department of Justice has the sole right to represent the United States in any such action, in accordance with 28 U.S.C. § 516. Notwithstanding the above, the Government (a) agrees that any litigation or settlement negotiation will not bind CT in any way to the final outcome of any such litigation or settlement; (b) will not impair CT’s own rights, defenses, or claims against claimant; (c) will not have the right to settle any claim, make any admissions, or waive any defenses on behalf of CT; (d) will in good faith reasonably cooperate and consult with CT during the course of litigation and settlement negotiations and will, in good faith, reasonably provide CT with access to all communications and documents associated with such claim.

11.8.   Audits. Any clause of this Agreement permitting CT to audit a Government Customer End User’s compliance with this Agreement is hereby amended as follows:

1. 1. Discrepancies found in an audit may result in a charge to the ordering activity. Any resulting invoice must comply with the proper invoicing requirements specified in the underlying Government contract or order.
   2. This charge, if disputed by the ordering activity, will be resolved in accordance with FAR 52.212-4(d) (Disputes); no payment obligation will arise on the part of the ordering activity until the conclusion of the disputes process.
   3. Any audit requested by CT will be performed at CT’s expense, without reimbursement by the Government.

11.9.  Taxes or surcharges. Any taxes or surcharges that CT seeks to pass along to the Government as a Customer End User will be governed by the terms of the underlying Government contract or order and, in any event, must be submitted to the Contracting Officer for a determination of applicability prior to invoicing unless specifically agreed to otherwise in the Government contract.

11.10.  Non-assignment. This Agreement may not be assigned, nor may any rights or obligations thereunder be delegated, without the Government’s prior approval, except as expressly permitted by FAR 52.212-4(b) (Assignment).

11.11.  Confidential information. Notwithstanding anything in this Agreement to the contrary, the Government may retain any confidential information as required by law, regulation, or its internal document retention procedures for legal, regulatory, or compliance purposes; provided, however, that all such retained confidential information will continue to be subject to the confidentiality obligations of this Agreement.

11.12.  Unilateral Termination. Termination of this Agreement will be governed by the FAR and the Contracts Disputes Act, 41 U.S.C. §§ 7101-7109. CT will not unilaterally revoke, terminate, or suspend any rights granted to the Government except as allowed by this Agreement. Any provisions of this Agreement relating to termination that are inconsistent with these Federal Government End Use Terms are hereby deleted. CT may cancel or terminate this Agreement if such remedy is granted to it after conclusion of the Contract Disputes Act resolution process or if such remedy is otherwise available to CT under Federal law.

11.13.  Customer Indemnities.  Any clause in this Agreement that includes language requiring the Government to indemnify CT or any person or entity for damages, costs, fees, or any other loss or liability that would create an Anti-Deficiency Act violation (31 U.S.C. § 1341) is unenforceable against the Government and is hereby deleted. This clause does not apply to indemnification or any other payment by the Government that is expressly authorized by statute and specifically authorized under applicable agency regulations and procedures.

11.14.  Intellectual Property. The technical data and software rights related to the CipherTrace Services include only those rights customarily provided to the public as defined in this Agreement. The CipherTrace Services are provided in accordance with FAR 12.211 (Technical Data) and FAR 12.212 (Software) and, for Department of Defense transactions, DFAR 252.227-7015 (Technical Data – Commercial Items) and DFAR 227.7202-3 (Rights in Commercial Computer Software or Computer Software Documentation). Use, duplication, or disclosure by the United States Government is subject to the restrictions set forth in this Agreement and (where applicable) CT’s end-user license agreement(s) furnished with the Software. Customer/Customer End User or Reseller may not agree to grant any rights in CT’s technical data inconsistent with this paragraph or CT’s Agreement or Terms of Service.  If Customer/Customer End User needs rights not granted under these terms, it must negotiate with CT to determine if there are acceptable terms for granting those rights, and a mutually acceptable written addendum specifically granting those rights must be included in any resulting agreement. This provision applies in lieu of and supersedes and Federal Acquisition Regulation, Defense Federal Acquisition Regulation Supplement, or other clause or provision pertaining to the Customer End User’s rights in technical data, computer software, and computer software documentation.

11.15. Future Fees or Penalties. Any language in this Agreement requiring the Government to pay any future fees, penalties, interests, or legal costs that would create an Anti-Deficiency Act violation (31 U.S.C. § 1341) is unenforceable against the Government and is hereby deleted.

11.16.  Limitation of Liability. In addition to the Limitation of Liability included in this Agreement, neither CT nor an ordering activity will be liable for punitive damages except to the extent this limitation is prohibited by applicable law.  This clause will not impair the Government’s right to recover for fraud or crimes arising out of or related to this Agreement under any federal fraud statute, including the False Claims Act, 31 U.S.C. §§ 3729-3733.

11.17.  Advertisements and Endorsements. Any provision allowing CT to use the name or logo of an ordering activity to advertise or to imply an endorsement of CT’s products or services is hereby deleted. Unless specifically authorized by an ordering activity in writing, the use of the name or logo of any Government entity in advertisements and endorsements will not be used.

11.18. Inconsistent Terms. If any language, provision, or clause of this Agreement conflicts or is inconsistent with these Federal Government End Use Terms, the language, provisions or clause of these Federal Government End Use Terms will prevail to the extent of such inconsistency.