Welcome!

Our Terms and Conditions are structured in distinct chapters, each one covering a specific aspect our services. You can navigate to the topic of interest by clicking the appropriate title in the menu to the left. If you require additional information, please contact us using the contact form below.

Acceptable Use Policy

Effective starting: January 10, 2017

Security Portal provides its customers with knowledge, tools and support to carry their security projects and day-to-day activities. In this respect, we created a series of apps to boost your productivity and give you meaningful data which will help you to become more efficient.

To do this, we need to keep our products and services running smoothly, quickly, and without distraction. For this to happen, we need help from you, our users. We need you not to misuse or abuse our products and services.

This Acceptable Use Policy was created to deal with “misuse” or “abuse” cases. Under this policy, we reserve the right to remove content that is inconsistent with the spirit of the guidelines, even if it’s something that is not forbidden by the letter of the policy. In other words, if you do something that isn’t listed here verbatim, but it looks or smells like something listed here, we may still remove it.

You’ll see the word “services” a lot throughout this page. That refers to all websites owned or operated by Security Portal (and any related websites, sub-domains and pages) as well as any apps and other hosted services operated by Security Portal.

Here’s what we won’t allow:
Disruption

• Compromising the integrity of our systems. This could include probing, scanning, or testing the vulnerability of any system or network that hosts our services.

• Tampering with, reverse-engineering, or hacking our services, circumventing any security or authentication measures, or attempting to gain unauthorized access to the services, related systems, networks, or data

• Modifying, disabling, or compromising the integrity or performance of the services or related systems, network or data

•  
• Deciphering any transmissions to or from the servers running the services

• Overwhelming or attempting to overwhelm our infrastructure by imposing an unreasonably large load on our systems that consume extraordinary resources (CPUs, memory, disk space, bandwidth, etc.), such as:
  • • Using “robots,” “spiders,” “offline readers,” or other automated systems to send more request messages to our servers than a human could reasonably send in the same period of time by using a normal browser

• Going far beyond the use parameters for any given service as described in its corresponding documentation

Consuming an unreasonable amount of storage in a way that’s unrelated to the purposes for which the services were designed

Wrongful activities

• Misrepresentation of yourself, or disguising the origin of any content (including by “spoofing”, “phishing”, manipulating headers or other identifiers, impersonating anyone else, or falsely implying any sponsorship or association with Security Portal or any third party)

• Using the services to violate the privacy of others, including publishing or posting other companies’ / people's private and confidential information without their express permission, or collecting or gathering other companies’ / people’s personal Information (including account names or information) from our services

• Using the Services for any illegal purpose, or in violation of any laws (including without limitation data, privacy, and export control laws)

• Accessing or searching any part of the services by any means other than our publicly supported interfaces (for example, “scraping”)

• Using meta tags or any other “hidden text” including Security Portal’s or our suppliers’ product names or trademarks

Inappropriate communications

• Using the services to generate or send unsolicited communications, advertising, chain letters, or spam

• Soliciting our users for commercial purposes, unless expressly permitted by Security Portal

• Disparaging Security Portal or our partners, vendors, or affiliates

• Promoting or advertising products or services other than your own without appropriate authorization

Inappropriate content

• Posting, uploading, sharing, submitting, or otherwise providing content that:
  • • Infringes Security Portal’s or a third party’s intellectual property or other rights, including any copyright, trademark, patent, trade secret, moral rights, privacy rights of publicity, or any other intellectual property right or proprietary or contractual right

• You don’t have the right to submit

• Is deceptive, fraudulent, illegal, obscene, defamatory, libelous, threatening, harmful to minors, pornographic (including child pornography, which we will remove and report to law enforcement, including the National Center for Missing and Exploited Children), indecent, harassing, hateful

• Encourages illegal or tortious conduct or that is otherwise inappropriate

• Attacks others based on their race, ethnicity, national origin, religion, sex, gender, sexual orientation, disability, or medical condition

• Contains viruses, bots, worms, scripting exploits, or other similar materials

• Is intended to be inflammatory

• Could otherwise cause damage to Security Portal or any third party

In this Acceptable Use Policy, the term “content” means: (1) any information, data, text, software, code, scripts, music, sound, photos, graphics, videos, messages, tags, interactive features, or other materials that you post, upload, share, submit, or otherwise provide in any manner to the services and (2) any other materials, content, or data you provide to Security Portal or use with the Services.

Without affecting any other remedies available to us, Security Portal may permanently or temporarily terminate or suspend a user’s account or access to the services without notice or liability if Security Portal (in its sole discretion) determines that a user has violated this Acceptable Use Policy.

Reporting Copyright and Trademark Violations

Effective starting: January 10, 2017

Security Portal respects the rights of copyright and trademark holders, as described in this policy. This policy is incorporated by reference into the Security Portal Customer Agreement  (the “Agreement”). Terms used in this policy shall have the same definitions as in the Agreement or our Acceptable Use Policy, as applicable, except where otherwise noted.

Copyright

Security Portal does not allow copyright infringing activities on Security Portal’s apps, Hosted Services or websites (our “Services”). We will remove a party’s data or content from our Services if properly notified that such data or content infringes on another's copyright rights. Security Portal has a policy of terminating, in appropriate circumstances, the accounts of parties who repeatedly infringe copyright holders’ copyrights. You are a “repeat infringer” if, on more than two occasions, you have been notified of infringing activity or have had Your Data or Content removed from our Services. Security Portal also reserves the right to terminate Your accounts suspected of infringing copyrights upon the first incident without further notice, at our sole discretion.

If you believe that any content in our Services violates your copyright, you should notify Security Portal's copyright agent in writing. The contact information for Security Portal's copyright agent is at the bottom of this section.

In order for Security Portal to take action, you must do the following in your notice:

(1) provide your physical or electronic signature;

(2) identify the copyrighted work that you believe is being infringed, or, if multiple copyrighted works are covered by the notice, a representative list of such works;

(3) identify the item that you think is infringing and which is to be removed or access to which is to be disabled, and include sufficient information about where the material is located (including which website) so that Security Portal can find it (such as the item’s URL);

(4) provide Security Portal with a way to contact you (such as address, telephone number, or email);

(5) provide a statement that you believe in good faith that the item identified as infringing is not authorized by the copyright owner, its agent, or the law to be used by Security Portal; and

(6) provide a statement that the information you provide in your notice is

• • accurate, and that

• • under penalty of perjury, you are the copyright owner or are authorized to act on behalf of the copyright owner whose work is allegedly being infringed (in which case, you should also provide proof of authorization by the copyright owner).

We will promptly notify the alleged infringer that you have claimed ownership of the rights in this content and that we have complied with your takedown notice for the content.

Here is the contact information for Security Portal's copyright agent:

Security Portal SRL
5^th Faget Street, Bl. 12H, 4^th Floor, Room 35
Ploiesti, Prahova, 100271
Attn: Copyright Agent
E-Mail: support@securityportal.ro

Trademark

If you are a trademark owner and you believe in good faith that any content on our Services or infringes on your trademark rights, please inform us in writing support@securityportal.ro or at the notice address for Security Portal indicated in the Agreement. Your notice must include:

(1) Identification of the trademark(s) claimed to have been infringed, and, if registered with the United States Patent and Trademark Office or similar foreign entity, the registration number of the mark(s);

(2) Identification of the material claimed to be infringing and information sufficient to permit Security Portal to locate the material, such as the specific URL where the trademark appears on the Services;

(3) A statement that the complaining party has a good faith belief that use of the trademark in the manner complained of is an infringement of the rights granted under United States and/or foreign trademark law;

(4) A statement that the information in the letter is:

• • accurate, and

• • under penalty of perjury, that the complaining party is authorized to act on behalf of the owner of the allegedly infringed trademark; and

(5) A physical or electronic signature of a person authorized to act on behalf of the owner of the trademark that is allegedly infringed (and proof of authorization).

Upon receipt of a notice containing the above information, Security Portal will promptly notify the party who provided the allegedly infringing content and will promptly remove or cause to be removed the allegedly infringing content.

We reserve the right to reclaim usernames on behalf of businesses or individuals that hold legal claim or trademark on those usernames. Accounts using business names and/or logos to mislead others may be permanently suspended.

Security Portal Customer Agreement

Effective starting: January 10, 2017

This Security Portal Customer Agreement (the “Agreement”) is between you and Security Portal SRL (RO27471689) (“Security Portal”). If you are agreeing to this Agreement not as an individual but on behalf of your company, then “Customer” or “you” means your company, and you are binding your company to this Agreement. Security Portal may modify this Agreement from time to time, subject to the terms in Section 26 (Changes to this Agreement) below.

By clicking on the “I agree” (or similar button) that is presented to you at the time of your Order, or by using or accessing Security Portal products, you indicate your assent to be bound by this Agreement.

1 Scope of the Agreement. This Agreement governs your initial purchase as well as any future purchases made by you that reference this Agreement. This Agreement includes our Privacy Policy, our Acceptable Use Policy, any Orders, and any other referenced policies and attachments. This Agreement applies to Security Portal add-ons or plugins that you purchase from the Security Portal Marketplace. However, it does not apply to add-ons or plugins from other vendors on the Security Portal Marketplace, which are covered under the Security Portal Marketplace Terms of Use.

2 Types of Security Portal Products. This Agreement governs (a) Security Portal’s commercially available downloadable software products (currently designated as "Server" or "Data Center" deployments) (“Software”), (b) Security Portal’s hosted or cloud-based solutions (currently designated as "Cloud" deployments) (“Hosted Services”), and (c) any related support or maintenance services provided by Security Portal. Software and Hosted Services, together with related Documentation, are referred to as “Products”. The Products and their permitted use are further described in Security Portal’s standard documentation (“Documentation”). Section 6 (Software Terms) applies specifically to Software, and Section 7 (Hosted Services Terms) applies specifically to Hosted Services, but unless otherwise specified, other provisions of this Agreement apply to all Products.

3 Account Registration. You may need to register for a Security Portal account in order to place orders or access or receive any Products. Any registration information that you provide to us must be accurate, current and complete. You must also update your information so that we may send notices, statements and other information to you by email or through your account. You are responsible for all actions taken through your accounts.

4 Orders.

4.1 Directly with Security Portal. Security Portal’s Product ordering documentation or purchase flow (“Order”) will specify your authorized scope of use for the Products, which may include: (a) number and type of Authorized Users (as defined below), (b) storage or capacity (for Hosted Services), (c) numbers of licenses, copies or instances (for Software), or (d) other restrictions or billable units (as applicable, the “Scope of Use”). The term “Order” also includes any applicable Product or Support and Maintenance renewal, or purchases you make to increase or upgrade your Scope of Use.

4.2 Reseller Orders. This Agreement applies whether you purchase our Products directly from Security Portal or through Security Portal “Experts” or other authorized resellers (each, a “Reseller”). If you purchase through a Reseller, your Scope of Use shall be as stated in the Order placed by Reseller for you, and Reseller is responsible for the accuracy of any such Order. Resellers are not authorized to make any promises or commitments on Security Portal’s behalf, and we are not bound by any obligations to you other than what we specify in this Agreement.

5 Authorized Users. Only the specific individuals for whom you have paid the required fees and whom you designate through the applicable Product (“Authorized Users”) may access and use the Products. Some Products may allow you to designate different types of Authorized Users, in which case pricing and functionality may vary according to the type of Authorized User. Authorized Users may be you or your Affiliates’ employees, representatives, consultants, contractors, agents, or other third parties who are acting for your benefit or on your behalf. You may also permit your customers to have limited access to certain Products as Authorized Users, subject to the terms of our Customer Use Addendum. You may increase the number of Authorized Users permitted to access your instance of the Product by placing a new Order or, in some cases, directly through the Product. In all cases, you must pay the applicable fee for the increased number of Authorized Users. You are responsible for compliance with this Agreement by all Authorized Users. All use of Products by you and your Authorized Users must be within the Scope of Use and solely for the benefit of you or your Affiliates. “Affiliate” means an entity which, directly or indirectly, owns or controls, is owned or is controlled by or is under common ownership or control with a party, where “control” means the power to direct the management or affairs of an entity, and “ownership” means the beneficial ownership of 50% (or, if the applicable jurisdiction does not allow majority ownership, the maximum amount permitted under such law) or more of the voting equity securities or other equivalent voting interests of the entity.

6 Software Terms.

6.1 Your License Rights. Subject to the terms and conditions of this Agreement, Security Portal grants you a non-exclusive, non-sublicenseable and non-transferable license to install and use the Software during the applicable License Term in accordance with this Agreement, your applicable Scope of Use, and the Documentation. The term of each Software license (“License Term”) will be specified in your Order. Your License Term will end upon any termination of this Agreement, even if it is identified as “perpetual” or if no expiration date is specified in your Order. The Software requires a license key in order to operate, which will be delivered as described in Section 10.2 (Delivery).

6.2 Number of Instances. Unless otherwise specified in your Order, for each Software license that you purchase, you may install one production instance of the Software on systems owned or operated by you (or your third party service providers so long as you remain responsible for their compliance with the terms and conditions of this Agreement). We also make available “developer” licenses free of charge for certain of our Software offerings to allow you to deploy non-production instances, such as for staging or QA purposes. Details for how to request non-production licenses are available on our website.

6.3 Your Modifications. Subject to the terms and conditions of this Agreement (including without limitation Section 2 (Combining the Products with Open Source Software) of Third Party Code in Security Portal Products): (1) for any elements of the Software provided by Security Portal in source code form, and to the extent permitted in the Documentation, you may modify such source code solely for purposes of developing bug fixes, customizations and additional features for the Software and (2) you may also modify the Documentation to reflect your permitted modifications of the Software source code or the particular use of the Products within your organization. Any modified source code or Documentation constitutes “Your Modifications”. You may use Your Modifications solely with respect to your own instances in support of your permitted use of the Software but you may not distribute the code to Your Modifications to any third party. Notwithstanding anything in this Agreement to the contrary, Security Portal has no support, warranty, indemnification or other obligation or liability with respect to Your Modifications or their combination, interaction or use with our Products. You shall indemnify, defend and hold us harmless from and against any and all claims, costs, damages, losses, liabilities and expenses (including reasonable attorneys’ fees and costs) arising out of or in connection with any claim brought against us by a third party relating to Your Modifications (including but not limited to any representations or warranties you make about Your Modifications or the Software) or your breach of this Section 6.3. This indemnification obligation is subject to your receiving (i) prompt written notice of such claim (but in any event notice in sufficient time for you to respond without prejudice); (ii) the exclusive right to control and direct the investigation, defense, or settlement of such claim; and (iii) all reasonably necessary cooperation of Security Portal at your expense.

6.4 Attribution. In any use of the Software, you must include the following attribution to Security Portal on all user interfaces in the following format: “Powered by Security Portal,” which must in every case include a hyperlink to http://www.securityportal.ro, and which must be in the same format as delivered in the Software.

6.5 Third Party Code. The Software includes code and libraries licensed to us by third parties, including open source software. See Third Party Code in Security Portal Products for additional provisions regarding our use of third party code.

7 Hosted Services Terms.

7.1 Access to Hosted Services. Subject to the terms and conditions of this Agreement, Security Portal grants you a non-exclusive right to access and use the Hosted Services during the applicable Subscription Term (as defined below) in accordance with this Agreement, your applicable Scope of Use and the Documentation. If Security Portal offers client software (e.g., a desktop or mobile application) for any Hosted Service, you may use such software solely with the Hosted Service, subject to the terms and conditions of this Agreement. You acknowledge that our Hosted Services are on-line, subscription-based products and that we may make changes to the Hosted Services from time to time.

7.2 Subscription Terms and Renewals. Hosted Services are provided on a subscription basis for a set term specified in your Order (“Subscription Term”). Except as otherwise specified in your Order, all subscriptions will automatically renew for periods equal to your initial Subscription Term (and you will be charged at the then-current rates) unless you cancel your subscription through your account. If you cancel, your subscription will terminate at the end of then-current billing cycle, but you will not be entitled to any credits or refunds for amounts accrued or paid prior to such termination.

7.3 Credentials. You must ensure that all Authorized Users keep their user IDs and passwords for the Hosted Services strictly confidential and not share such information with any unauthorized person. User IDs are granted to individual, named persons and may not be shared. You are responsible for any and all actions taken using your accounts and passwords, and you agree to immediately notify Security Portal of any unauthorized use of which you become aware.

7.4 Your Data. “Your Data” means any data, content, code, video, images or other materials of any type that you upload, submit or otherwise transmit to or through Hosted Services. You will retain all right, title and interest in and to Your Data in the form provided to Security Portal. Subject to the terms of this Agreement, you hereby grant to Security Portal a non-exclusive, worldwide, royalty-free right to (a) collect, use, copy, store, transmit, modify and create derivative works of Your Data, in each case solely to the extent necessary to provide the applicable Hosted Service to you and (b) for Hosted Services that enable you to share Your Data or interact with other people, to distribute and publicly perform and display Your Data as you (or your Authorized Users) direct or enable through the Hosted Service. Security Portal may also access your account or instance in order to respond to your support requests.

7.5 Security. Security Portal implements security procedures to help protect Your Data from security attacks. However, you understand that use of the Hosted Services necessarily involves transmission of Your Data over networks that are not owned, operated or controlled by us, and we are not responsible for any of Your Data lost, altered, intercepted or stored across such networks. We cannot guarantee that our security procedures will be error-free, that transmissions of Your Data will always be secure or that unauthorized third parties will never be able to defeat our security measures or those of our third party service providers.

7.6 Storage Limits. There may be storage limits associated with a particular Hosted Service. These limits are described in the services descriptions on our websites or in the Documentation for the particular Hosted Service. Security Portal reserves the right to charge for additional storage or overage fees at the rates specified on our website. We may impose new, or may modify existing, storage limits for the Hosted Services at any time in our discretion, with or without notice to you.

7.7 Responsibility for Your Data.

7.7.1 General. You must ensure that your use of Hosted Services and all Your Data is at all times compliant with our Acceptable Use Policy and all applicable local, state, federal and international laws and regulations (“Laws”). You represent and warrant that: (i) you have obtained all necessary rights, releases and permissions to provide all Your Data to Security Portal and to grant the rights granted to Security Portal in this Agreement and (ii) Your Data and its transfer to and use by Security Portal as authorized by you under this Agreement do not violate any Laws (including without limitation those relating to export control and electronic communications) or rights of any third party, including without limitation any intellectual property rights, rights of privacy, or rights of publicity, and any use, collection and disclosure authorized herein is not inconsistent with the terms of any applicable privacy policies. Other than its security obligations under Section 7.5 (Security), Security Portal assumes no responsibility or liability for Your Data, and you shall be solely responsible for Your Data and the consequences of using, disclosing, storing, or transmitting it.

7.7.2 Sensitive Data. You will not submit to the Hosted Services (or use the Hosted Services to collect): (i) any personally identifiable information, except as necessary for the establishment of your Security Portal account; (ii) any patient, medical or other protected health information regulated by HIPAA or any similar federal or state laws, rules or regulations; or (iii) any other information subject to regulation or protection under specific laws such as the Gramm-Leach-Bliley Act (or related rules or regulations) ((i) through (iii), collectively, “Sensitive Data”). You also acknowledge that Security Portal is not acting as your Business Associate or subcontractor (as such terms are defined and used in HIPAA) and that the Hosted Services are not HIPAA compliant. “HIPAA” means the Health Insurance Portability and Accountability Act, as amended and supplemented. Notwithstanding any other provision to the contrary, Security Portal has no liability under this Agreement for Sensitive Data.

7.7.3 Indemnity for Your Data. You will defend, indemnify and hold harmless Security Portal from and against any loss, cost, liability or damage, including attorneys’ fees, for which Security Portal becomes liable arising from or relating to any claim relating to Your Data, including but not limited to any claim brought by a third party alleging that Your Data, or your use of the Hosted Services in breach of this Agreement, infringes or misappropriates the intellectual property rights of a third party or violates applicable law. This indemnification obligation is subject to your receiving (i) prompt written notice of such claim (but in any event notice in sufficient time for you to respond without prejudice); (ii) the exclusive right to control and direct the investigation, defense, or settlement of such claim; and (iii) all reasonable necessary cooperation of Security Portal at your expense.

7.8 Removals and Suspension. Security Portal has no obligation to monitor any content uploaded to the Hosted Services. Nonetheless, if we deem such action necessary based on your violation of this Agreement or in response to takedown requests that we receive following our guidelines for Reporting Copyright and Trademark Violations, we may (1) remove Your Data from the Hosted Services or (2) suspend your access to the Hosted Services. We will generally alert you when we take such action and give you a reasonable opportunity to cure your breach, but if we determine that your actions endanger the operation of the Hosted Service or other users, we may suspend your access immediately without notice. You will continue to be charged for the Hosted Service during any suspension period. We have no liability to you for removing or deleting Your Data from or suspending your access to any Hosted Services as described in this section.

7.9 Deletion at End of Subscription Term. We may remove or delete Your Data within a reasonable period of time after the termination of your Subscription Term.

7.10 Service-Specific Terms. Some of our Hosted Services may be subject to additional terms specific to that service as set forth in our Service-Specific Terms.

8 Support and Maintenance. Security Portal will provide the support and maintenance services for the Products described in the Security Portal Support Policy (“Support and Maintenance”) during the period for which you have paid the applicable fee. Support and Maintenance is subject to the terms of the Security Portal Support Policy and will be provided at the support level and during the support term specified in your Order. The Security Portal Support Policy may be modified by Security Portal from time to time to reflect process improvements or changing practices. Support and Maintenance for Software includes access to New Releases, if and when available. You may use any New Releases that we provide to you during a valid support term in the same way that you use Software, and New Releases are included in the definition of Software in that case. “New Releases” are bug fixes, patches, major or minor releases, or any other changes, enhancements, or modifications to the Software that we make generally commercially available.

9 TAM and Training Services. We will provide Technical Account Manager (TAM) and training services purchased in an Order in accordance with the descriptions and conditions for those services set forth in the Order and the accompanying service descriptions or datasheets (“Ancillary Services”). Security Portal shall retain all right, title and interest in and to any materials, deliverables, modifications, derivative works or developments related to any training services we provide (“Training Materials”). Any Training Materials provided to you may be used only in connection with the Products subject to the same use restrictions for the Products. If applicable, you will reimburse Security Portal for reasonable travel and lodging expenses as incurred. TAM services are subject to the terms of the Security Portal Professional Services Agreement.

10 Cancellations and Financial Terms.

10.1 Cancellation Policy. As part of our commitment to customer satisfaction, it is our customary business practice to allow customers to try a Product within a specific period of time (usually between 7 and 30 days) before purchasing the Product. In this context cancellation means that we will disable the license key that allowed the Software to operate or, for Hosted Services, cancellation means that we will disable access to the Hosted Service. We will accept cancellation after the trial period but it will occur at the end of your subscription or paid period and without any refund obligation on Security Portal part. You understand that Security Portal may change this practice in the future in accordance with Section 26 (Changes to this Agreement).

10.2 Delivery. We will deliver the applicable license keys (in the case of Software) or login instructions (in the case of Hosted Services) to the email addresses specified in your Order when we have received payment of the applicable fees. All deliveries under this Agreement will be electronic. For the avoidance of doubt, you are responsible for installation of any Software, and you acknowledge that Security Portal has no further delivery obligation with respect to the Software after delivery of the license keys.

10.3 Payment. You agree to pay all fees in accordance with each Order. Unless otherwise specified in your Order, you will pay all amounts in U.S. dollars at the time you place your Order. Other than as expressly set forth in Section 10.1 (Cancellation Policy) and Section 20 (IP Indemnification by Security Portal), all amounts are non-refundable, non-cancelable and non-creditable. In making payments, you acknowledge that you are not relying on future availability of any Products beyond the current License Term or Subscription Term or any Product upgrades or feature enhancements. If you add Authorized Users during your License Term or Subscription Term, we will charge you for the increased number of Authorized Users pursuant to the then-currently applicable rates in your next billing cycle. You agree that we may bill your credit card for renewals, additional users, and unpaid fees, as applicable. If you purchase any Products through a Reseller, you owe payment to the Reseller as agreed between you and the Reseller, but you acknowledge that we may terminate your rights to use Products if we do not receive our corresponding payment from the Reseller.

10.4 Taxes. Your payments under this Agreement exclude any taxes or duties payable in respect of the Products in the jurisdiction where the payment is either made or received. To the extent that any such taxes or duties are payable by Security Portal, you must pay to Security Portal the amount of such taxes or duties in addition to any fees owed under this Agreement. Notwithstanding the foregoing, you may have obtained an exemption from relevant taxes or duties as of the time such taxes or duties are levied or assessed. In that case, you will have the right to provide to Security Portal any such exemption information, and Security Portal will use reasonable efforts to provide such invoicing documents as may enable you to obtain a refund or credit for the amount so paid from any relevant revenue authority if such a refund or credit is available.

11 No-Charge Products. We may offer certain Products to you at no charge, including free accounts, trial use, and access to Beta Versions as defined below (“No-Charge Products”). Your use of No-Charge Products is subject to any additional terms that we specify and is only permitted for the period designated by us. You may not use No-Charge Products for competitive analysis or similar purposes. We may terminate your right to use No-Charge Products at any time and for any reason in our sole discretion, without liability to you. You understand that any pre-release and beta products we make available (“Beta Versions”) are still under development, may be inoperable or incomplete and are likely to contain more errors and bugs than generally available Products. We make no promises that any Beta Versions will ever be made generally available. In some circumstances, we may charge a fee in order to allow you to access Beta Versions, but the Beta Versions will still remain subject to this Section 11 (No-Charge Products). All information regarding the characteristics, features or performance of Beta Versions constitutes Security Portal’s Confidential Information. To the maximum extent permitted by applicable law, we disclaim all obligations or liabilities with respect to No-Charge Products, including any Support and Maintenance, warranty, and indemnity obligations.

12 Restrictions. Except as otherwise expressly permitted in this Agreement, you will not: (a) rent, lease, reproduce, modify, adapt, create derivative works of, distribute, sell, sublicense, transfer, or provide access to the Products to a third party, (b) use the Products for the benefit of any third party, (c) incorporate any Products into a product or service you provide to a third party, (d) interfere with any license key mechanism in the Products or otherwise circumvent mechanisms in the Products intended to limit your use, (e) reverse engineer, disassemble, decompile, translate, or otherwise seek to obtain or derive the source code, underlying ideas, algorithms, file formats or non-public APIs to any Products, except as permitted by law, (f) remove or obscure any proprietary or other notices contained in any Product, or (g) publicly disseminate information regarding the performance of the Products.

13 Your Development of Add-Ons.

13.1 License to Developer Guides. From time to time, Security Portal may publish SDK’s or API’s and associated guidelines (“Developer Guides”) to allow you to develop plugins, extensions, add-ons or other software products or services that interoperate or are integrated with the Products (“Add-Ons”). You may distribute your Add-Ons to third parties, but only for those Products permitted by Security Portal, and only in accordance with the Developer Guides.

13.2 Conditions to Development of Add-Ons. Notwithstanding anything in this Agreement to the contrary, Security Portal has no support, warranty, indemnification or other obligation or liability with respect to your Add-Ons or their combination, interaction or use with the Products. You shall indemnify, defend and hold us harmless from and against any and all claims, costs, damages, losses, liabilities and expenses (including reasonable attorneys’ fees and costs) arising out of or in connection with any claim brought against us by a third party relating to your Add-Ons (including but not limited to any representations or warranties you make about your Add-Ons) or your breach of this Section.

14 License Certifications and Audits. At our request, you agree to provide a signed certification that you are using all Products pursuant to the terms of this Agreement, including the Scope of Use. You agree to allow us, or our authorized agent, to audit your use of the Products. We will provide you with at least 10 days advance notice prior to the audit, and the audit will be conducted during normal business hours. We will bear all out-of-pocket costs that we incur for the audit, unless the audit reveals that you have exceeded the Scope of Use. You will provide reasonable assistance, cooperation, and access to relevant information in the course of any audit at your own cost. If you exceed your Scope of Use, we may invoice you for any past or ongoing excessive use, and you will pay the invoice promptly after receipt. This remedy is without prejudice to any other remedies available to Security Portal at law or equity or under this Agreement. To the extent we are obligated to do so, we may share audit results with certain of our third party licensors or assign the audit rights specified in this Section to such licensors.

15 Ownership and Feedback. Products are made available on a limited license or access basis, and no ownership right is conveyed to you, irrespective of the use of terms such as “purchase” or “sale”. Security Portal and its licensors have and retain all right, title and interest, including all intellectual property rights, in and to the Products (including all No-Charge Products), their “look and feel”, any and all related or underlying technology, and any modifications or derivative works of the foregoing created by or for Security Portal, including without limitation as they may incorporate Feedback (“Security Portal Technology”). From time to time, you may choose to submit comments, information, questions, data, ideas, description of processes, or other information to Security Portal, including sharing Your Modifications or in the course of receiving Support and Maintenance (“Feedback”). Security Portal may in connection with any of its products or services freely use, copy, disclose, license, distribute and exploit any Feedback in any manner without any obligation, royalty or restriction based on intellectual property rights or otherwise. No Feedback will be considered your Confidential Information, and nothing in this Agreement limits Security Portal's right to independently use, develop, evaluate, or market products, whether incorporating Feedback or otherwise.

16 Confidentiality. Except as otherwise set forth in this Agreement, each party agrees that all code, inventions, know-how, business, technical and financial information disclosed to such party (“Receiving Party”) by the disclosing party ("Disclosing Party") constitute the confidential property of the Disclosing Party ("Confidential Information"), provided that it is identified as confidential at the time of disclosure. Any Security Portal Technology and any performance information relating to the Products shall be deemed Confidential Information of Security Portal without any marking or further designation. Except as expressly authorized herein, the Receiving Party will hold in confidence and not use or disclose any Confidential Information. The Receiving Party's nondisclosure obligation shall not apply to information which the Receiving Party can document: (i) was rightfully in its possession or known to it prior to receipt of the Confidential Information; (ii) is or has become public knowledge through no fault of the Receiving Party; (iii) is rightfully obtained by the Receiving Party from a third party without breach of any confidentiality obligation; or (iv) is independently developed by employees of the Receiving Party who had no access to such information. The Receiving Party may also disclose Confidential Information if so required pursuant to a regulation, law or court order (but only to the minimum extent required to comply with such regulation or order and with advance notice to the Disclosing Party). The Receiving Party acknowledges that disclosure of Confidential Information would cause substantial harm for which damages alone would not be a sufficient remedy, and therefore that upon any such disclosure by the Receiving Party the Disclosing Party shall be entitled to appropriate equitable relief in addition to whatever other remedies it might have at law. For the avoidance of doubt, this Section shall not operate as a separate warranty with respect to the operation of any Product.

17 Term and Termination. This Agreement is in effect for as long as you have a valid License Term or Subscription Term (the “Term”), unless sooner terminated as permitted in this Agreement. Either party may terminate this Agreement before the expiration of the Term if the other party materially breaches any of the terms of this Agreement and does not cure the breach within thirty (30) days after written notice of the breach. Either party may also terminate the Agreement before the expiration of the Term if the other party ceases to operate, declares bankruptcy, or becomes insolvent or otherwise unable to meet its financial obligations. You may terminate this Agreement at any time with notice to Security Portal, but you will not be entitled to any credits or refunds as a result of convenience termination for prepaid but unused Software, Hosted Services subscriptions, or Support and Maintenance. Except where an exclusive remedy may be specified in this Agreement, the exercise by either party of any remedy, including termination, will be without prejudice to any other remedies it may have under this Agreement, by law, or otherwise. Once the Agreement terminates, you (and your Authorized Users) will no longer have any right to use or access any Products, or any information or materials that we make available to you under this Agreement, including Security Portal Confidential Information. You are required to delete any of the foregoing from your systems as applicable (including any third party systems operated on your behalf) and provide written certification to us that you have done so at our request. The following provisions will survive any termination or expiration of this Agreement: Sections 7.7.3 (Indemnity for Your Data), 10.3 (Payment), 10.4 (Taxes), 11 (No-Charge Products) (disclaimers and use restrictions only), 12 (Restrictions), 13.2 (Conditions to Development of Add-Ons), 14 (License Certifications and Audits), 15 (Ownership and Feedback), 16 (Confidentiality), 17 (Term and Termination), 18.2 (Warranty Disclaimer), 19 (Limitation of Liability), 21 (Third Party Vendor Products), 24 (Dispute Resolution), 25 (Export Restrictions), and 27 (General Provisions).

18 Warranty and Disclaimer.

18.1 Due Authority. Each party represents and warrants that it has the legal power and authority to enter into this Agreement, and that, if you are an entity, this Agreement and each Order is entered into by an employee or agent of such party with all necessary authority to bind such party to the terms and conditions of this Agreement.

18.2 WARRANTY DISCLAIMER. ALL PRODUCTS ARE PROVIDED “AS IS,” AND SECURITY PORTAL AND ITS SUPPLIERS EXPRESSLY DISCLAIM ANY AND ALL WARRANTIES AND REPRESENTATIONS OF ANY KIND, INCLUDING ANY WARRANTY OF NON-INFRINGEMENT, TITLE, FITNESS FOR A PARTICULAR PURPOSE, FUNCTIONALITY, OR MERCHANTABILITY, WHETHER EXPRESS, IMPLIED, OR STATUTORY. YOU MAY HAVE OTHER STATUTORY RIGHTS, BUT THE DURATION OF STATUTORILY REQUIRED WARRANTIES, IF ANY, SHALL BE LIMITED TO THE SHORTEST PERIOD PERMITTED BY LAW. SECURITY PORTAL SHALL NOT BE LIABLE FOR DELAYS, INTERRUPTIONS, SERVICE FAILURES AND OTHER PROBLEMS INHERENT IN USE OF THE INTERNET AND ELECTRONIC COMMUNICATIONS OR OTHER SYSTEMS OUTSIDE THE REASONABLE CONTROL OF SECURITY PORTAL. TO THE MAXIMUM EXTENT PERMITTED BY LAW, NEITHER SECURITY PORTAL NOR ANY OF ITS THIRD PARTY SUPPLIERS MAKES ANY REPRESENTATION, WARRANTY OR GUARANTEE AS TO THE RELIABILITY, TIMELINESS, QUALITY, SUITABILITY, TRUTH, AVAILABILITY, ACCURACY OR COMPLETENESS OF ANY PRODUCTS OR ANY CONTENT THEREIN OR GENERATED THEREWITH, OR THAT: (A) THE USE OF ANY PRODUCTS WILL BE SECURE, TIMELY, UNINTERRUPTED OR ERROR-FREE; (B) THE PRODUCTS WILL OPERATE IN COMBINATION WITH ANY OTHER HARDWARE, SOFTWARE, SYSTEM, OR DATA; (C) THE PRODUCTS (OR ANY PRODUCTS, SERVICES, INFORMATION, OR OTHER MATERIAL PURCHASED OR OBTAINED BY YOU THROUGH THE PRODUCTS) WILL MEET YOUR REQUIREMENTS OR EXPECTATIONS); (D) ANY STORED DATA WILL BE ACCURATE OR RELIABLE OR THAT ANY STORED DATA WILL NOT BE LOST OR CORRUPTED; (E) ERRORS OR DEFECTS WILL BE CORRECTED; OR (F) THE PRODUCTS (OR ANY SERVER(S) THAT MAKE A HOSTED SERVICE AVAILABLE) ARE FREE OF VIRUSES OR OTHER HARMFUL COMPONENTS.

19 Limitation of Liability. NEITHER PARTY (NOR ITS SUPPLIERS) SHALL BE LIABLE FOR ANY LOSS OF USE, LOST OR INACCURATE DATA, FAILURE OF SECURITY MECHANISMS, INTERRUPTION OF BUSINESS, COSTS OF DELAY OR ANY INDIRECT, SPECIAL, INCIDENTAL, RELIANCE OR CONSEQUENTIAL DAMAGES OF ANY KIND (INCLUDING LOST PROFITS), REGARDLESS OF THE FORM OF ACTION, WHETHER IN CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY OR OTHERWISE, EVEN IF INFORMED OF THE POSSIBILITY OF SUCH DAMAGES IN ADVANCE. NEITHER PARTY’S AGGREGATE LIABILITY TO THE OTHER SHALL EXCEED THE AMOUNT ACTUALLY PAID BY YOU TO US FOR PRODUCTS AND SUPPORT AND MAINTENANCE IN THE 12 MONTHS IMMEDIATELY PRECEDING THE CLAIM. NOTWITHSTANDING ANYTHING ELSE IN THIS AGREEMENT, OUR AGGREGATE LIABILITY TO YOU IN RESPECT OF NO-CHARGE PRODUCTS SHALL BE US$20. THIS SECTION 19 (LIMITATION OF LIABILITY) SHALL NOT APPLY TO (1) AMOUNTS OWED BY YOU UNDER ANY ORDERS, (2) EITHER PARTY’S EXPRESS INDEMNIFICATION OBLIGATIONS IN THIS AGREEMENT, OR (3) YOUR BREACH OF SECTION 12 (RESTRICTIONS) OR SECTION 2 (COMBINING THE PRODUCTS WITH OPEN SOURCE SOFTWARE) OF THIRD PARTY CODE IN SECURITY PORTAL PRODUCTS). TO THE MAXIMUM EXTENT PERMITTED BY LAW, NO SUPPLIERS OF ANY THIRD PARTY COMPONENTS INCLUDED IN THE PRODUCTS WILL BE LIABLE TO YOU FOR ANY DAMAGES WHATSOEVER. The parties agree that the limitations specified in this Section 19 (Limitation of Liability) will survive and apply even if any limited remedy specified in this Agreement is found to have failed of its essential purpose.

20 IP Indemnification by Security Portal. We will defend you against any claim brought against you by a third party alleging that a Product, when used as authorized under this Agreement, infringes a United States or European Union patent or registered copyright (a “Claim”), and we will indemnify you and hold you harmless against any damages and costs finally awarded by a court of competent jurisdiction or agreed to settlement by Security Portal (including reasonable attorneys’ fees) arising out of a Claim, provided that we have received from you: (a) prompt written notice of the claim (but in any event notice in sufficient time for us to respond without prejudice); (b) reasonable assistance in the defense and investigation of the claim, including providing us a copy of the claim and all relevant evidence in your possession, custody or control; and (c) the exclusive right to control and direct the investigation, defense, and settlement (if applicable) of the claim. If your use of a Product is (or in our opinion is likely to be) enjoined, if required by settlement, or if we determine such actions are reasonably necessary to avoid material liability, we may, at our option and in our discretion: (i) procure a license for your continued use of the Product in accordance with this Agreement; (ii) substitute a substantially functionally similar Product; or (iii) terminate your right to continue using the Product and refund, in the case of Software, the license fee paid by you as reduced to reflect a three year straight-line depreciation from the license purchase date, and in the case of a Hosted Service, any prepaid amounts for the terminated portion of the Subscription Term. Security Portal’s indemnification obligations above do not apply: (1) if the total aggregate fees received by Security Portal with respect to your license to Software or subscription to Hosted Services in the 12 month period immediately preceding the claim is less than US$10,000; (2) if the Product is modified by any party other than Security Portal, but solely to the extent the alleged infringement is caused by such modification; (3) if the Product is used in combination with any non-Security Portal product, software or equipment, but solely to the extent the alleged infringement is caused by such combination; (4) to unauthorized use of Products; (5) to any Claim arising as a result of (y) Your Data (or circumstances covered by your indemnification obligations in Section 7.7.3 (Indemnity for Your Data)) or (z) any third-party deliverables or components contained with the Products; (6) to any unsupported release of the Software; or (7) if you settle or make any admissions with respect to a claim without Security Portal’s prior written consent. THIS SECTION 20 (IP INDEMNIFICATION BY SECURITY PORTAL) STATES OUR SOLE LIABILITY AND YOUR EXCLUSIVE REMEDY FOR ANY INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS IN CONNECTION WITH ANY PRODUCT OR OTHER ITEMS PROVIDED BY SECURITY PORTAL UNDER THIS AGREEMENT.

21 Third Party Vendor Products. Security Portal or third parties may from time to time make available to you (e.g., through the Security Portal Marketplace) third-party products or services, including but not limited to add-ons and plugins as well as implementation, customization, training, and other consulting services. If you procure any of these third party products or services, you do so under a separate agreement (and exchange of data) solely between you and the third party vendor. Security Portal does not warrant or support non-Security Portal products or services, whether or not they are designated by Security Portal as “verified” or otherwise, and disclaims all liability for such products or services. If you install or enable any third party products or services for use with Security Portal products, you acknowledge that Security Portal may allow the vendors of those products and services to access Your Data as required for the interoperation and support of such add-ons with the Security Portal products. Security Portal shall not be responsible for any disclosure, modification or deletion of Your Data resulting from any such access by third party add-on vendors.

22 Publicity Rights. We may identify you as a Security Portal customer in our promotional materials. You may request that we stop doing so by submitting an email to support@securityportal.ro at any time. Please note that it may take us up to 30 days to process your request.

23 Improving Our Products. We are always striving to improve our Products. In order to do so, we need to measure, analyze, and aggregate how users interact with our Products, such as usage patterns and characteristics of our user base. We collect and use analytics data regarding the use of our Products as described in our Privacy Policy.

24 Dispute Resolution

24.1 Dispute Resolution; Arbitration. In the event of any controversy or claim arising out of or relating to this Agreement, the parties hereto shall consult and negotiate with each other and, recognizing their mutual interests, attempt to reach a solution satisfactory to both parties. If the parties do not reach settlement within a period of 60 days, any unresolved controversy or claim arising out of or relating to this Agreement shall proceed to binding arbitration under the Rules of Arbitration of the International Chamber of Commerce. The parties shall seek to mutually appoint an arbitrator. If the parties cannot agree on a single arbitrator, then there shall be three (3) arbitrators: one selected by each party, and a third selected by the first two. Arbitration will take place in Bucharest (Romania). All negotiations and arbitration proceedings pursuant to this Section will be confidential and treated as compromise and settlement negotiations for purposes of all similar rules and codes of evidence of applicable legislation and jurisdictions. The language of the arbitration shall be English.

24.2 Governing Law; Jurisdiction. This Agreement will be governed by and construed in accordance with the applicable laws of Romania. Each party irrevocably agrees that any legal action, suit or proceeding that is not otherwise subject to the arbitration provisions of Section 24.1 (Dispute Resolution; Arbitration) must be brought solely and exclusively in, and will be subject to the service of process and other applicable procedural rules of Romanian authorities, and each party irrevocably submits to the sole and exclusive personal jurisdiction of the courts in Romania, generally and unconditionally, with respect to any action, suit or proceeding brought by it or against it by the other party. Notwithstanding the foregoing, Security Portal may bring a claim for equitable relief in any court with proper jurisdiction.

24.3 Injunctive Relief; Enforcement. Notwithstanding the provisions of Section 24.1 (Dispute Resolution; Arbitration), nothing in this Agreement shall prevent either party from seeking injunctive relief with respect to a violation of intellectual property rights, confidentiality obligations or enforcement or recognition of any award or order in any appropriate jurisdiction.

24.4 Exclusion of UN Convention and UCITA. The terms of the United Nations Convention on Contracts for the Sale of Goods do not apply to this Agreement. The Uniform Computer Information Transactions Act (UCITA) shall not apply to this Agreement regardless of when or where adopted.

25 Export Restrictions. The Products may be subject to export restrictions and import restrictions by certain governments, and you agree to comply with all applicable export and import laws and regulations in your use of the Products. You shall not (and shall not allow any third-party to) remove or export or allow the export or re-export of any part of the Products or any direct product thereof: (a) into (or to a national or resident of) any embargoed or terrorist-supporting country; (b) to any country to which such export or re-export is restricted or prohibited, or as to which an export license or other governmental approval is required at the time of export or re-export without first obtaining such license or approval; or (c) otherwise in violation of any export or import restrictions, laws or regulations of any agency or authority. You represent and warrant that (i) you are not located in, under the control of, or a national or resident of any such prohibited country or on any such prohibited party list and (ii) that none of Your Data is controlled under the US International Traffic in Arms Regulations.

26 Changes to this Agreement. We may update or modify this Agreement from time to time, including any referenced policies and other documents. If a revision meaningfully reduces your rights, we will use reasonable efforts to notify you (by, for example, sending an email to the billing or technical contact you designate in the applicable Order, posting on our blog, through your Security Portal account, or in the Product itself). If we modify the Agreement during your License Term or Subscription Term, the modified version will be effective upon your next renewal of a License Term, Support and Maintenance term, or Subscription Term, as applicable. In this case, if you object to the updated Agreement, as your exclusive remedy, you may choose not to renew, including cancelling any terms set to auto-renew. With respect to No-Charge Products, accepting the updated Agreement is required for you to continue using the No-Charge Products. You may be required to click through the updated Agreement to show your acceptance. If you do not agree to the updated Agreement after it becomes effective, you will no longer have a right to use No-Charge Products. For the avoidance of doubt, any Order is subject to the version of the Agreement in effect at the time of the Order.

27 General Provisions. Any notice under this Agreement must be given in writing. We may provide notice to you via email or through your account. Our notices to you will be deemed given upon the first business day after we send it. You may provide notice to us by post to Security Portal SRL using the address specified in the contact section of the website. Your notices to us will be deemed given upon our receipt. Neither party shall be liable to the other for any delay or failure to perform any obligation under this Agreement (except for a failure to pay fees) if the delay or failure is due to unforeseen events which are beyond the reasonable control of such party, such as a strike, blockade, war, act of terrorism, riot, natural disaster, failure or diminishment of power or telecommunications or data networks or services, or refusal of a license by a government agency. You may not assign this Agreement without our prior written consent. We will not unreasonably withhold our consent if the assignee agrees to be bound by the terms and conditions of this Agreement. We may assign our rights and obligations under this Agreement (in whole or in part) without your consent. The Products are commercial computer software. If you are an agency, department, or other entity of the United States Government, the use, duplication, reproduction, release, modification, disclosure, or transfer of the Products, or any related documentation of any kind, including technical data and manuals, is restricted by the terms of this Agreement in accordance with Federal Acquisition Regulation 12.212 for civilian purposes and Defense Federal Acquisition Regulation Supplement 227.7202 for military purposes. The Products were developed fully at private expense. All other use is prohibited. This Agreement is the entire agreement between you and Security Portal relating to the Products and supersedes all prior or contemporaneous oral or written communications, proposals and representations with respect to the Products or any other subject matter covered by this Agreement. If any provision of this Agreement is held to be void, invalid, unenforceable or illegal, the other provisions shall continue in full force and effect. This Agreement may not be modified or amended by you without our written agreement (which may be withheld in our complete discretion without any requirement to provide any explanation). As used herein, “including” (and its variants) means “including without limitation” (and its variants). No failure or delay by the injured party to this Agreement in exercising any right, power or privilege hereunder shall operate as a waiver thereof, nor shall any single or partial exercise thereof preclude any other or further exercise thereof or the exercise of any right, power or privilege hereunder at law or equity. The parties are independent contractors. This Agreement shall not be construed as constituting either party as a partner of the other or to create any other form of legal association that would give on party the express or implied right, power or authority to create any duty or obligation of the other party.

Designating Customers as Authorized Users

Effective starting: January 10, 2017

This is a supplement to the Security Portal Customer Agreement (the “Agreement”) and is included in the Agreement. Any capitalized terms used but not defined below have the meanings in the Agreement. The purpose of this supplement is to allow your customers to be Authorized Users, subject to the terms below.

1.If you designate any of your customers as Authorized Users, you will be responsible for their use of the Software or Hosted Services as you would be for any other Authorized User. Accordingly, you must enter into valid, binding agreements with your customers that require them to comply with the applicable terms of the Agreement (including this supplement), including any conditions or restrictions with respect to use of, or access to, the Software or Hosted Services.

2. For the avoidance of doubt, allowing your customers to be Authorized Users does not mean that you may distribute, resell, or OEM any Software or Hosted Services, or make the products available to your customers on a standalone basis. Rather, it means only that your customers may access your instance of the Software or Hosted Services in order to support their use of your own products and services that are unrelated to the Software or Hosted Services (“Your Products”).

3. Examples include:

3.1 Your customer being provided with a user for operating SPAccess (for instance in the reception or lobby area);

3.2 Your customer being provided with a user for events generation, data input, customer feedback etc.;

4. You may not charge your customers for any use of the Software or Hosted Service itself, but you may include the cost of the Software or Hosted Services into your fee to that customer. An example would be charging your customers for Your Product or Service, where Your Product or Service uses Security Portal’s Products which may include your customer access to that Product.

5. As an Authorized User, your customers may interact with the Software or Hosted Service but may not receive any administrator, configuration or similar access to the Product.

6. Security Portal will not have any direct or indirect liability or obligation to any of your customers. For the avoidance of doubt, your customers are not parties to, or third party beneficiaries under, the Agreement.

7. You will defend, indemnify and hold harmless Security Portal from and against any loss, cost, liability or damage, including attorneys’ fees, for which Security Portal becomes liable arising from or relating to any claim brought against us by your customers arising out of their use of the Software or Hosted Services through you.

Security Portal Guidelines for Law Enforcement Requests

Effective starting: January 10, 2017

These operational guidelines are a reference for law enforcement officials seeking customer account records and customer content (“Customer Information”) from Security Portal.

These guidelines are created as a courtesy and do not create obligations concerning how Security Portal will respond in any particular case.

Security Portal’s policy on responding to law enforcement requests

Security Portal respects the rules and laws of the jurisdiction in which it operates as well as the privacy and rights of its customers. Consequently, Security Portal provides Customer Information in response to law enforcement requests only when we reasonably believe that we are legally required to do so. To protect our customers’ rights, we scrutinize all requests to ensure that they comply with the law.

To obtain Customer Information from Security Portal, law enforcement officials must provide legal process sufficient to compel production of the type of information sought, such as a subpoena, court order, or a warrant.

For example, Security Portal will not provide non-public customer content unless served with a valid search warrant, issued on a showing of probable cause by a federal or state court authorized to issue search warrants, which requires Security Portal to disclose the content.

What Security Portal customer information may be available in response to a lawful request?

Security Portal may have the following information available in response to a valid, enforceable government demand:

Customer Account Records

• • Email address; other optional fields may be available if voluntarily supplied by the customer, including: name, phone number, screen name, department, position, homepage URL, location, country of origin, about me, avatar type, avatar URL, and instant messenger ID.

• • IP addresses associated with log-ins to a specific customer instance or user account

• • URLs accessed and time/date of that access

• • Billing contact information (name and billing address) in connection with paid accounts

SPAccess

• • User ID, name, email, other contact details

• • Time and date that a user account was created and last accessed

• • IP addresses associated with log-ins to a user account

• • Types of devices associated with an account

• • User access information for each customer instance

• • Customer content and attachments

• • Uploaded files

Will Security Portal preserve customer information?

Yes. Security Portal will preserve customer information for 90 days upon receipt of a valid request. Security Portal will preserve information for an additional 90-day period upon receipt of a valid request to extend the preservation. If Security Portal does not receive formal legal process for the preserved information before the end of the preservation period, the preserved information may be deleted when the preservation period expires.

Preservation requests must be sent on official law enforcement letterhead, signed by a law enforcement official, and must include:

• • The relevant account information identified below (“What Security Portal customer information must I include in my request?”) for the customer whose information is requested to be preserved

• • A valid return email address

• • A statement that steps are being taken to obtain a court order or other legal process for the data sought to be preserved

Preservation requests may be sent via the service methods described below (“How do I serve a data request on Security Portal?”).

How do I serve a data request on Security Portal?

A preservation request or request for production of documents may be sent via email, certified mail or express courier, or delivered in-person to our U.S. corporate headquarters:

Security Portal SRL
Attn: Legal Department
5^th Faget Street, Bl. 12H, Ap. 35
Ploiesti, PH, 100271
Romania
lawenforcement@securityportal.ro

Requests seeking testimony must be personally served on our registered agent for service of process. We do not accept those requests in person or via email.

While we agree to accept service of law enforcement requests by these methods, neither Security Portal nor our customers waive any legal rights based on this accommodation.

Each request must include contact information for the authorized law enforcement agency official submitting the request, including:

• • Requesting agency name

• • Requesting agent name and badge/identification number

• • Requesting agent employer-issued email address

• • Requesting agent phone contact, including any extension

• • Requesting agent mailing address (P.O. Box will not be accepted)

• • Requested response date (see details below for emergency requests)

What Security Portal customer information must I include in my request?

When requesting customer information, please provide as much of the following information that is available at the time of the request. Failure to provide the following information may hinder Security Portal’s ability to respond in a timely manner or to provide responsive records.

• • User details:  username / email address / account ID

• • Customer details: Client name / client email / account ID

Will Security Portal notify customers of requests for account data?

Yes.

Security Portal’s policy is to notify customers of requests for their data and give them the opportunity to object to the disclosure 7-10 days prior to production unless such notification is prohibited by law.  Security Portal may shorten the notice period in its discretion, but generally only does so in emergency situations. Law enforcement officials who believe that notification would jeopardize an investigation should obtain an appropriate court order or other process that specifically prohibits customer notification, such as an order issued under 18 U.S.C. Section 2705(b).

Further, if your request places Security Portal on notice of an ongoing or prior violation of our terms of use, we will take action to prevent further violation, including account termination and other actions that may notify the user that we are aware of their misconduct. If you believe in good faith that taking such actions will jeopardize your ongoing investigation, you may request that Security Portal defer such action in your request and Security Portal will take your request for deferment under advisement. It is the responsibility of the requesting law enforcement official to make this request, as it is Security Portal’s policy to enforce its terms of use.

Are there additional requirements for international requests?

Yes.  Security Portal will respond to requests for Customer Information from foreign law enforcement agencies that are issued for their citizens or via a court order either by way of a Mutual Legal Assistance Treaty request or letter rogatory.  It is our policy to respond to such court ordered requests when properly served.

Costs

Security Portal reserves the right to seek reimbursement for the costs associated with responding to law enforcement data requests, where appropriate.

What should I do if I have an emergency request for data?

Security Portal evaluates emergency requests on a case-by-case basis. If you provide information that gives us a good faith belief that there is an emergency involving imminent harm to a child or the risk of death or serious physical injury to a person, we may provide information necessary to prevent that harm if we are in a position to do so.

You may submit an emergency request via email to lawenforcement@securityportal.ro with the subject line: Emergency Disclosure Request.

Please include all of the following information:

• • Identify the person who is in danger of death or serious physical injury, or the child who is at risk of imminent harm or otherwise provide information sufficient to support a claim that a person is in danger of death or serious physical injury;

• • The nature of the emergency;

• • The relevant account information identified above (“What Security Portal customer information must I include in my request?”) for the customer whose information is necessary to prevent an emergency;

• • The specific information requested and why that information is necessary to prevent the emergency; and

• • All other available details or context regarding the particular circumstances.

Privacy Policy

Effective starting: December 14, 2016

Introduction

This Privacy Policy explains what information Security Portal Pty Ltd and its related entities ("Security Portal") collect about you and why, what we do with that information, how we share it, and how we handle the content you place in our products and services. It also explains the choices available to you regarding our use of your personal information and how you can access and update this information.

Scope of Privacy Policy

This Privacy Policy applies to the information that we obtain through your use of "Security Portal Services" via a "Device" or when you otherwise interact with Security Portal.

"Security Portal Services" include our:

• • Websites

• • SaaS Products

• • Downloadable Products

but does not include:

• • Security Portal products or services for which a separate privacy policy is provided.

• • Third Party Products. These are third party products or services that you may choose to integrate with Security Portal product or services, such as third party Add-Ons. You should always review the policies of third party products and services to make sure you are comfortable with the ways in which they collect and use your information.

A "Device" is any computer used to access the Security Portal Services, including without limitation a desktop, laptop, mobile phone, tablet, or other consumer electronic device.

Unless otherwise stated, our SaaS Products and our Downloadable Products are treated the same for the purposes of this document.

By registering for or using Security Portal Services you consent to the collection, transfer, processing, storage, disclosure and other uses described in this Privacy Policy.

Definitions

Add-On: a bundle of code, resources and configuration files that can be used with a Security Portal product to add new functionality or to change the behavior of that product's existing features.

Content: any information or data that you upload, submit, post, create, transmit, store or display in a Security Portal Service.

Downloadable Products: Security Portal's downloadable software products and mobile applications, including Add-Ons created by Security Portal, which are installed by customers on an infrastructure of their choice. Downloadable Products do not include Add-Ons created by third parties.

Information: all of the different forms of data, content, and information collected by us as described in this Privacy Policy.

Personal Information: information that may be used to readily identify or contact you as an individual person, such as: name, address, email address, or phone number. Personal Information does not include information that has been anonymized such that it does not allow for the ready identification of specific individuals.

SaaS Products: Security Portal's "Cloud" hosted solutions, as well as other Security Portal hosted solutions that display a link to this Privacy Policy. For the avoidance of doubt, if a Security Portal hosted solution displays a link to a different privacy policy, then that other privacy policy shall apply.

Websites: Security Portal's websites, sub-domains and pages.

Changes to our Privacy Policy

We may change this Privacy Policy from time to time. If we make any changes, we will notify you by revising the "Effective Starting" date at the top of this Privacy Policy. If we make any material changes, we will provide you with additional notice (such as by adding a notice on the Security Portal Services homepages, login screens, or by sending you an email notification). We encourage you to review our Privacy Policy whenever you use Security Portal Services to stay informed about our information practices and the ways you can help protect your privacy.

If you disagree with any changes to this Privacy Policy, you will need to stop using Security Portal Services and deactivate your account(s), as outlined below.

Information you provide to us

We collect the following information:

Account and Profile Information: We collect information about you and your company as you register for an account, create or modify your profile, make purchases through, use, access, or interact with the Security Portal Services (including but not limited to when you upload, download, collaborate on or share Content). Information we collect includes:

• • Contact information such as name, email address, mailing address, and phone number

• • Billing information such as credit card details and billing address

• • Profile information such as a username, profile photo, and job title

• • Preferences information such as notification and marketing preferences

You may provide this information directly when you enter it in Security Portal Services.

In some cases another user (such as a system administrator) may create an account on your behalf and may provide your information, including Personal Information (most commonly when your company requests that you use our products). We collect Information under the direction of our customers and often have no direct relationship with the individuals whose personal data we process. If you are an employee of one of our customers and would no longer like us to process your information, please contact your employer. If you are providing information (including Personal Information) about someone else, you must have the authority to act for them and to consent to the collection and use of their Personal Information as described in this Privacy Policy.

Content: We collect and store Content that you create, input, submit, post, upload, transmit, store or display in the process of using our SaaS Products or Websites. Such Content includes any Personal Information or other sensitive information that you choose to include ("incidentally-collected Personal Information").

Other submissions: We collect other data that you submit to our Websites or as you participate in any interactive features of the Security Portal Services, participate in a survey, contest, promotion, sweepstakes, activity or event, apply for a job, request customer support, communicate with us via third party social media sites or otherwise communicate with us. For example, information regarding a problem you are experiencing with a Security Portal product could be submitted to our Support Services or posted in our public forums.

Information we collect from your use of Security Portal Services

Web Logs: As is true with most websites and services delivered over the Internet, we gather certain information and store it in log files when you interact with our Websites and SaaS Products. This information includes internet protocol (IP) addresses as well as browser type, internet service provider, URLs of referring/exit pages, operating system, date/time stamp, information you search for, locale and language preferences, identification numbers associated with your Devices, your mobile carrier, and system configuration information. In the case of our SaaS Product, the URLs you accessed (which may therefore be included in our log files) include usernames as well as elements of Content as necessary for the SaaS Product to perform the requested operations. Occasionally, we connect Personal Information to information gathered in our log files as necessary to improve Security Portal Services for individual customers. In such a case, we would treat the combined Information in accordance with this privacy policy.

Analytics Information from Website and SaaS Products: We collect analytics information when you use our Websites and SaaS Products to help us improve our products and services. In the SaaS Products, this analytics information consists of the feature and function of the Security Portal Service being used, the associated license identifier and domain name, the username and IP address of the individual who is using the feature or function (which will include Personal Information if the Personal Information was incorporated into the username), the sizes and original filenames of attachments, and additional information required to detail the operation of the function and which parts of the Security Portal Services are being affected.

The analytics information we collect includes elements of Content related to the function the user is performing. As such, the analytics information we collect may include Personal Information or sensitive business information that the user has included in Content that the user chose to upload, submit, post, create, transmit, store or display in a Security Portal Service.

As of the date this policy went into effect, we use Google Analytics as an analytics provider. To learn more about the privacy policy of Google Analytics, refer to Google's Policies and Principles. Use the Google Analytics Opt-out Browser Add-on to prevent analytics information from being sent to Google Analytics.

Analytics Information Derived from Content. Analytics information also consists of data we collect as a result of running queries against Content across our user base for the purposes of generating Usage Data. "Usage Data" is aggregated data about a group or category of services, features or users that does not contain Personal Information.

Though we may happen upon sensitive or Personal Information as we compile Usage Data from Content across user instances, this is a byproduct of our efforts to understand broader patterns and trends. It is not a concerted effort by us to examine the Content of any particular customer.

Analytics Information from Downloadable Products: We collect analytics information when you use our Downloadable Products to help us improve our products and services. Our Downloadable Products contain a feature that sends information about the technical operation of the Downloadable Products on your systems ("System Information") to us. System Information includes information about (a) the server environment in which the Downloadable Product is operating: OS type and version, JVM version, Java environment properties, CPU type, RAM allocation, language and locale settings, database type and version, and disk utilization, as well as (b) user client information, for example: browser type and version, native client type and version, and client device specifications (e.g. screen resolution, OS version, device type, etc.). In addition, we collect analytics information from Downloadable Products that is a subset of the analytics information described above for Websites and SaaS Products. As with Websites and SaaS Products, the analytics information we collect includes elements of Content related to the function the user is performing, but with an important caveat. With the Downloadable Products, before sending the information to Security Portal's servers, we filter the analytics information to remove elements that we believe may contain sensitive or Personal Information. For example: (1) we conduct a one-way hash of usernames and hostnames before collecting them and (2) we filter any Content elements we collect to discard all words except those on a list of common business and IT terminology.

Installer Analytics, Software Updates & License Information from Downloadable Products: During the installation of our Downloadable Products, the installer sends analytics information to Security Portal to allow us to understand where in the installation process users are experiencing trouble or dropping out. Our Downloadable Products also communicate with Security Portal servers for licensing purposes, as well as to check for updates, patches, and compatibility with Add-Ons. Examples of information we collect for these purposes include the name and version of the Downloadable Product and the server ID, and IP address of the customer instance.

Cookies and Other Tracking Technologies: Security Portal and our third party partners, such as our advertising and analytics partners, use various technologies to collect information, such as cookies and web beacons. Cookies are small data files stored on your hard drive or in device memory. We use cookies to improve and customize Security Portal Services and your experience; to allow you to access and use the Websites or SaaS Products without re-entering your username or password; and to count visits and understand which areas and features of the Websites and SaaS Products are most popular. You can instruct your browser, by changing its options, to stop accepting cookies or to prompt you before accepting a cookie from websites you visit. If you do not accept cookies, however, you may not be able to use all aspects of our Websites or SaaS Products. Security Portal and our third party partners also collect information using web beacons (also known as "tracking pixels"). Web beacons are electronic images that may be used in our Websites or SaaS Products or in emails that help us to deliver cookies, count visits, understand usage and campaign effectiveness and determine whether an email has been opened and acted upon.

Security Portal and our third party partners also use javascript, e-tags, "flash cookies", and HTML5 local storage to collect information about your online activities over time and across different websites or online services. Many browsers include their own management tools for removing HTML5 local storage objects. To manage "flash cookies" please click here.

You may be able to opt out of receiving personalized advertisements as described below under "Your Choices."

Information we collect from other sources

Information from third party services: We also obtain information from third parties and combine that with Information we collect through Security Portal Services. For example, we may have access to certain information from a third party social media or authentication service if you log into Security Portal Services through the service or otherwise provide us with access to Information from the service. Any access that we may have to such Information from a third party social or authentication service is in accordance with the authorization procedures determined by that service. By authorizing us to connect with a third party service, you authorize us to access and store your name, email address(es), current city, profile picture URL, and other information that the third party service makes available to us, and to use and disclose it in accordance with this Privacy Policy. You should check your privacy settings on these third party services to understand and change the information sent to us through these services.

How we use Information we collect

General Uses: We use the Information we collect about you (including Personal Information to the extent applicable) for a variety of purposes, including to:

• • Provide, operate, maintain, improve, and promote Security Portal Services;

• • Enable you to access and use Security Portal Services, including uploading, downloading, collaborating on and sharing Content;

• • Process and complete transactions, and send you related information, including purchase confirmations and invoices;

• • Send transactional messages, including responding to your comments, questions, and requests; providing customer service and support; and sending you technical notices, updates, security alerts, and support and administrative messages;

• • Send promotional communications, such as providing you with information about services, features, surveys, newsletters, offers, promotions, contests, events and sending updates about your team and chat rooms; and providing other news or information about us and our select partners. You have the ability to opt out of receiving any of these communications as described below under "Your Choices";

• • Process and deliver contest or sweepstakes entries and rewards;

• • Monitor and analyze trends, usage, and activities in connection with Security Portal Services and for marketing or advertising purposes;

• • Investigate and prevent fraudulent transactions, unauthorized access to Security Portal Services, and other illegal activities;

• • Personalize Security Portal Services, including by providing content, features, or advertisements that match your interests and preferences;

• • Enable you to communicate, collaborate, and share Content with users you designate; and

• • For other purposes about which we obtain your consent.

Notwithstanding the foregoing, we will not use Personal Information appearing in our Analytics Logs or Web Logs for any purpose. The use of Information collected through our Security Portal Services shall be limited to the purposes disclosed in this policy.

Compiling aggregate analytics information: Because our SaaS Products and Downloadable Products are some of the most configurable in the market, we make extensive use of analytics information (including log and configuration data) to understand how our products are being configured and used, how they can be improved for the benefit of all of our users, and to develop new products and services. As such we generate Usage Data (as defined above) from the web logs and analytics logs described above, including the Content elements captured in such logs, as well as from the Content stored in the Websites and SaaS Products.

Information sharing and disclosure

We will not share or disclose any of your Personal Information or Content with third parties except as described in this policy. We do not sell your Personal Information or Content.

Your Use: When you use Security Portal Services, Content you provide will be displayed back to you. Certain features of Security Portal Services allow you or your administrator to make some of your Content public, in which case it will become readily accessible to anyone. We urge you to consider the sensitivity of any data you input into Security Portal Services.

Collaboration: As a natural result of using Security Portal Services, you may create Content and grant permission to other Security Portal users to access it for the purposes of collaboration. Some of the collaboration features of Security Portal Services display your profile information, including Personal Information included in your profile, to users with whom you have shared your Content. Where this information is sensitive, we urge you to use the various security and privacy features of the Security Portal Services to limit those who can access such information. Your sharing settings may make any Information, including some Personal Information, which you submit to the Security Portal Services visible to the public, unless submitted to a restricted area.

Access by your system administrator: You should be aware that the administrator of your instance of Security Portal Services may be able to:

• • access information in and about your Security Portal Services account;

• • access communications history, including file attachments, for your Security Portal Services account;

• • disclose, restrict, or access information that you have provided or that is made available to you when using your Security Portal Services account, including your Content; and

• • control how your Security Portal Services account may be accessed or deleted.

Security Portal Community: Our Websites offer publicly accessible community services such as blogs, forums, bug trackers, and wikis. You should be aware that any Content you provide in these areas may be read, collected, and used by others who access them. Your posts may remain even after you cancel your account. To request removal of your Personal Information from the Security Portal Community, please contact us using the information listed below. In some cases, we may not be able to remove your Personal Information, in which case we will let you know if we are unable to and why.

Service Providers, Business Partners and Others: We work with third party service providers to provide website, application development, hosting, maintenance, back-up, storage, virtual infrastructure, payment processing, analysis and other services for us. These service providers may have access to or process your Information for the purpose of providing those services for us. Some of our pages may utilize white-labeling techniques to serve content from our service providers while providing the look and feel of our site. Please be aware that you are providing your Information to these third parties acting on behalf of Security Portal.

Third Party Add-Ons: You may choose to make use of third party Add-Ons in conjunction with Security Portal Services. Third party Add-Ons are software written by third parties to which you grant access privileges to your Content (which may include your Personal Information). When access is granted, your Content is shared with the third party. Third party Add-On policies and procedures are not controlled by Security Portal even though the third party Add-On may be available through Security Portal Services. Third parties who have been granted access to your Content through Add-Ons could use this data to contact you and market services to you, and could share your data with other third parties. This Privacy Policy does not cover the collection or use of your data by third party Add-Ons, and we urge you to consider the privacy policies governing third party Add-Ons. If you object to your Personal Information being shared with these third parties, please uninstall the Add-On (in the event installed from the Security Portal Marketplace) or terminate your agreement with the third party Add-On provider (in the event you have purchased a direct integration).

Links to Third Party Sites: The Security Portal Services may include links to other websites whose privacy practices may differ from ours. If you submit Personal Information to any of those sites, your information is governed by their privacy policies. We encourage you to carefully read the privacy policy of any website you visit.

Social Media Widgets: The Security Portal Services may contain social media features, such as the Twitter "tweet" button. These features may collect your IP address, which page you are visiting on the Security Portal Services, and may set a cookie to enable the feature to function properly. Social media features and Widgets are either hosted by a third party or hosted directly on our Security Portal Services. Your interactions with these features are governed by the privacy policy of the company providing it.

Testimonials: We may display personal testimonials of satisfied customers on the Security Portal Services. With your consent, we may post your testimonial along with your name. If you wish to update or delete your testimonial, you can contact us using the information below.

Compliance with Laws and Law Enforcement Requests; Protection of Our Rights: We may disclose your Information (including your Personal Information) to a third party if (a) we believe that disclosure is reasonably necessary to comply with any applicable law, regulation, legal process or governmental request, (b) to enforce our agreements, policies and terms of service, (c) to protect the security or integrity of Security Portal's products and services, (d) to protect Security Portal, our customers or the public from harm or illegal activities, or (e) to respond to an emergency which we believe in the good faith requires us to disclose information to assist in preventing the death or serious bodily injury of any person.

Business Transfers: We may share or transfer your Information (including your Personal Information) in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company. You will be notified via email and/or a prominent notice on the Security Portal Services of any change in ownership or uses of your Personal Information, as well as any choices you may have regarding your Personal Information.

Aggregated or Anonymized Data: We may also share aggregated or anonymized information that does not directly identify you with the third parties described above.

With Your Consent. We will share your Personal Information with third parties when we have your consent to do so.

Information we do not share

We do not share Personal Information about you with third parties for their marketing purposes (including direct marketing purposes) without your permission.

Data storage, transfer and security

Security Portal hosts data with hosting service providers in different countries including Romania. The servers on which Personal Information is stored are kept in a controlled environment. While we take reasonable efforts to guard your Personal Information, no security system is impenetrable and due to the inherent nature of the Internet as an open global communications vehicle, we cannot guarantee that information, during transmission through the Internet or while stored on our systems or otherwise in our care, will be absolutely safe from intrusion by others, such as hackers. In addition, we cannot guarantee that any incidentally-collected Personal Information you choose to store in Websites or SaaS Products are maintained at levels of protection to meet specific needs or obligations you may have relating to that information.

Where data is transferred over the Internet as part of a Website or SaaS Product, the data is encrypted using industry standard SSL (HTTPS).

Where Downloadable Products are used, responsibility of securing access to the data you store in the Downloadable Products rests with you and not Security Portal. We strongly recommend that administrators of Downloadable Products configure SSL to prevent interception of data transmitted over networks and to restrict access to the databases and other storage used to hold data.

Your Choices

You may opt out of receiving promotional communications from Security Portal by using the unsubscribe link within each email, updating your email preferences or within your Security Portal Service account settings menu, or emailing us to have your contact information removed from our promotional email list or registration database. Although opt-out requests are usually processed immediately, please allow ten (10) business days for a removal request to be processed. Even after you opt out from receiving promotional messages from us, you will continue to receive transactional messages from us regarding Security Portal's Services. You can opt-out of some notification messages in your account settings.

Accessing and updating your information

You may often correct, update, amend, or remove your Personal Information in your account settings or by directing your query to your account administrator. You may also contact Support Services, or contact us by postal mail using the address listed below. We will respond to your request for access within 30 days.

You can often remove Content using editing tools associated with that Content. In some cases, you may need to contact your administrator to request they remove the Content. You can contact us to request removal of Personal Information from Security Portal Community services.

You or your administrator may be able to deactivate your Security Portal Services account. If you can deactivate your own account, you can most often do so in your account settings. Otherwise, please contact your administrator. To deactivate an organization account, please contact Support Services. To deactivate an account made for you without authorization, please contact us at the contact information below.

We will retain your account information for as long as your account is active, or as reasonably useful for commercial purposes or as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. If your account is managed by an administrator, that account administrator may have control with regards to how your account information is retained and deleted.

Our policy towards children

Security Portal Services are not directed to individuals under 18. We do not knowingly collect Personal Information from children under 18. If we become aware that a child under 18 has provided us with Personal Information, we will take steps to delete such information. If you become aware that a child has provided us with Personal Information, please contact our Support Services.

International users

If you are visiting from the European Union or other regions with laws governing data collection and use, please note that you are agreeing to the transfer of your Personal Information to Romania and the countries that servers we use may be located in. By providing your Personal Information, you consent to any transfer and processing in accordance with this Policy.

Security Portal Reseller Agreement

This Security Portal Reseller Agreement (the "Reseller Agreement") is between the applicable reseller ("you" or "Reseller"), and Security Portal SRL. If you are agreeing to this Reseller Agreement not as an individual but on behalf of your company, then "Reseller" or "you" means your company, and you are binding your company to this Reseller Agreement.

This Reseller Agreement is a separate agreement from the agreement that Security Portal has with its end users at https://spaccess.net/en/legal/customer-agreement/ (as may be modified by Security Portal from time to time, "Security Portal Customer Agreement"). For convenience and consistency, however, the definitions of certain terms related to our products and services (namely Software, Hosted Services, Products, and Authorized Users) will be the same as those in the Security Portal Customer Agreement.

This Reseller Agreement does not have to be signed in order to be binding. You indicate your assent to the terms by clicking on the "I agree" (or similar button) that is presented to you at the time of your order.

1. Order Requirements.

To the extent that we make Products available for resale, You may order such Products for resale by following the directions set forth on our website. You must provide all of the requested information including, without limitation, the identity of the end user, the end user’s business and email addresses, and the specific Software licenses, Hosted Services subscriptions, or other Products to be resold in your order ("Reseller Order"). All such information must be accurate and complete and must reflect bona fide orders you have received from end users.

2. Limited Right to Resell.

Subject to this Reseller Agreement, we grant you a one-time, non-exclusive, non-transferable right to resell the Products specified in your Reseller Order to the end user specified in the Reseller Order, solely for use by such end user in accordance with the Security Portal Customer Agreement. This right to resell does not apply to any other end user or Products (including without limitation any sale to any related party, organization or affiliate, or to any subsequent, additional or renewal sale to the same party).

3. Enforcement of Security Portal Customer Agreement.

3.1. End User Terms. All use of the Products by end users is subject to the Security Portal Customer Agreement, and you may not purport to impose any other terms pertaining to their use of the Products. You are responsible for ensuring that each end user enters into the Security Portal Customer Agreement (which includes all limitations on Authorized Users and other quantity restrictions applicable to the end user’s order) in a manner that is legally binding upon the end user. This may require you to (a) notify each end user that Security Portal products are subject to the Security Portal Customer Agreement and that by placing an order with Reseller the end user agrees to the Security Portal Customer Agreement, (b) include either a copy of or link to the Security Portal Customer Agreement in each quotation and order form you issue to the end user, and (c) obtain from each end user written confirmation of acceptance of the Security Portal Customer Agreement prior to the earlier to occur of acceptance of the order by Reseller or delivery of the Product. You must provide evidence of such acceptance by the end user to Security Portal upon request.

3.2. Enforcement Cooperation. You agree to immediately notify us of any known or suspected breach of the Security Portal Customer Agreement or other unauthorized use of the Products and to assist us in the enforcement of the terms of the Security Portal Customer Agreement.

4. Identification as Reseller.

Subject to this Reseller Agreement, you are permitted to identify yourself as a Security Portal "Reseller" solely in connection with your resales of Products. You may not use any Security Portal trademark, logo or service mark ("Security Portal Marks") except as permitted by Security Portal’s Trademark Guidelines. All goodwill arising from your use of Security Portal Marks inures to the benefit of Security Portal.

5. Payment and Delivery.

5.1. Fees. Your non-refundable, non-cancelable payment to Security Portal is due when you submit your Reseller Order.

5.2. Delivery. Upon receipt of payment, we will deliver the applicable Software license key, Hosted Services login information, or other information necessary for end users to use or access the applicable Products directly to the delivery contact specified in the Reseller Order in accordance with our standard delivery procedures. If we deliver the license keys or logins to you, you agree that you will, in turn, deliver them directly to the end user specified in the Reseller Order, and not to use or access the Software, Hosted Services, or other Products in any way. You must either delete all license keys promptly thereafter or maintain them in confidence.

5.3. Taxes. Payments made by you under this Reseller Agreement exclude any taxes or duties payable in respect of the Products in the jurisdiction where the payment is either made or received. To the extent that any such taxes or duties are payable by Security Portal, you must pay to Security Portal the amount of such taxes or duties in addition to any fees owed under this Reseller Agreement. Notwithstanding the foregoing, you may have obtained an exemption from relevant taxes or duties as of the time such taxes or duties are levied or assessed. In that case, you will have the right to provide to Security Portal any such exemption information, and Security Portal will use reasonable efforts to provide such invoicing documents as may enable you to obtain a refund or credit for the amount so paid from any relevant revenue authority if such a refund or credit is available.

5.4. End User Pricing and Payment; Refunds. You will independently set your own pricing to each end user. You bear all risk of non-payment by end users, and you are solely responsible for all of your costs and expenses. You may not terminate a Reseller Order or receive any refunds due to non-payment by an end user. If Security Portal provides any refund to an end user under our standard return policy, Security Portal, at its option, will refund the applicable amounts either directly to the end user or to you for distribution to the end user. You agree to cooperate with Security Portal in connection with any such refund.

6. Feedback.

If you provide any feedback, comments, suggestions, ideas, description of processes, or other information to us about or in connection with the Products or our Reseller program, including without limitation any ideas, concepts, know-how or techniques contained therein ("Feedback"), then you grant us a worldwide, royalty-free, non-exclusive, perpetual and irrevocable license to use, copy, modify and otherwise exploit the Feedback for any purpose, without any compensation to you or any restriction or obligation on account of intellectual property rights or otherwise. For clarity, no Feedback will be deemed your Confidential Information, and nothing in this Reseller Agreement (including without limitation Section 12 (Confidentiality)) limits Security Portal's right to independently use, develop, evaluate, or market products, whether incorporating Feedback or otherwise.

7. Separate Security Portal Expert Program.

Entering into this Reseller Agreement does not qualify you as a Security Portal Expert or grant you any related rights. If you are interested in our separate Security Portal Expert program, please contact us at experts@securityportal.ro.

8. No Use Rights; Security Portal Reserved Rights.

Only the end user customer of the Products (and its Authorized Users) may use the Products. You are not permitted to use any Products resold under this Reseller Agreement for your own benefit. To the extent that you nevertheless gain any access to the Products, all license restrictions in the Security Portal Customer Agreement apply to you. Notwithstanding anything to the contrary contained in this Reseller Agreement, except for the limited resale right in Section 2 above, Security Portal and its suppliers have and will retain all rights, title and interest (including without limitation all patent, copyright, trademark, trade secret and other intellectual property rights) in and to all Products, service descriptions, documentation, and underlying technology ("Security Portal Technology"), and all copies, modifications and derivative works thereof, including without limitation as may incorporate Feedback. You acknowledge that you are obtaining only a limited right to resell the Products and that irrespective of any use of the words "purchase", "sale" or like terms hereunder no ownership rights are being conveyed to you under this Reseller Agreement or otherwise.

9. Reseller Obligations and Liability.

9.1. End User Relationships; Business Practices. You agree not to represent yourself as an agent or employee of Security Portal and agree that we will have primary control over any end user communication regarding the Products once you submit a Reseller Order. You will not make any representations regarding Security Portal, on Security Portal’s behalf, or about any Products. You agree not to engage in any deceptive, misleading, illegal, or unethical practices that may be detrimental to Security Portal or its products and agree to comply with all applicable federal, state and local laws and regulations while operating under this Reseller Agreement, including without limitation the U.S. Foreign Corrupt Practices Act and any similar laws or regulations in any applicable jurisdiction. You further agree to comply with all applicable export and import laws and regulations, including U.S. embargo and sanctions regulations and prohibitions on export for certain end uses or to certain users.

9.2. Indemnity. You are fully responsible for all liabilities and expenses of any type whatsoever that may arise on account of your resale of Products. You will indemnify, hold harmless and (at Security Portal’s option) defend Security Portal from and against any claim, loss, cost, liability or damage, including attorneys’ fees, for which Security Portal becomes liable arising from or relating to: (a) any breach or alleged by you of any term of this Reseller Agreement, (b) the issuance by you of any warranty or representation regarding Security Portal or its products or services not specified in the Security Portal Customer Agreement, or (c) any of your other acts or omissions in connection with the marketing or resale of the Products under this Reseller Agreement.

10. Termination.

10.1. Termination. We may terminate this Reseller Agreement if you materially breach any provision in this Reseller Agreement and fail to cure such breach within five (5) days of written notice of such breach. In addition, either party may terminate this Reseller Agreement for any reason or no reason upon thirty (30) days’ written notice to the other party. Security Portal may also terminate this Reseller Agreement immediately upon notice to you if (a) it ceases to offer the current Reseller program or (b) it reasonably believes that continuing hereunder could result in business or legal liability for Security Portal or otherwise harm Security Portal or its end users.

10.2. Effect of Termination. You expressly agree that Security Portal will have no obligation or liability to you resulting from termination or expiration of this Reseller Agreement in accordance with its terms. Upon termination or expiration of this Reseller Agreement: (a) you must immediately cease identifying yourself as a Security Portal Reseller and using Security Portal Marks in connection with your resale activities hereunder, (b) you must destroy all Confidential Information in your possession and certify destruction (unless we request that you return such materials to us) and (c) Sections 5 (Payment and Delivery) (but only with respect to Reseller Orders completed during the Term), 6 (Feedback) and 8 (No Use Rights; Security Portal Reserved Rights) through 15 (General) will survive.

11. Changes to Agreement.

From time to time, we may modify this Reseller Agreement. The version of this Reseller Agreement in place at the time you submit each Reseller Order is the version that will govern such order. We will use reasonable efforts to notify you of these changes through communications through our website or other forms of communication, but we also suggest that you bookmark this Reseller Agreement and read it periodically.

12. Confidentiality.

Except as otherwise set forth in this Reseller Agreement, each party agrees that all code, inventions, know-how, business, technical and financial information it obtains (as "Receiving Party") from the disclosing party ("Disclosing Party") constitute the confidential property of the Disclosing Party ("Confidential Information"), provided that it is identified as confidential at the time of disclosure or should be reasonably known by the Receiving Party to be Confidential Information due to the nature of the information disclosed and the circumstances surrounding the disclosure. Any Security Portal Technology and any performance information relating to the Products shall be deemed Confidential Information of Security Portal without any marking or further designation. Except as expressly authorized herein, the Receiving Party will hold in confidence and not use or disclose any Confidential Information. The Receiving Party’s nondisclosure obligation shall not apply to information which the Receiving Party can document: (i) was rightfully in its possession or known to it prior to receipt of the Confidential Information; (ii) is or has become public knowledge through no fault of the Receiving Party; (iii) is rightfully obtained by the Receiving Party from a third party without breach of any confidentiality obligation; (iv) is independently developed by employees of the Receiving Party who had no access to such information; or (v) is required to be disclosed pursuant to a regulation, law or court order (but only to the minimum extent required to comply with such regulation or order and with advance notice to the Disclosing Party). The Receiving Party acknowledges that disclosure of Confidential Information would cause substantial harm for which damages alone would not be a sufficient remedy, and therefore that upon any such disclosure by the Receiving Party the Disclosing Party shall be entitled to appropriate equitable relief in addition to whatever other remedies it might have at law.

13. Security Portal Commitments; DISCLAIMER OF WARRANTIES.

For the avoidance of doubt, any and all commitments, indemnities and other terms and conditions offered by Security Portal with respect to use of the Products are made directly by Security Portal to the end user in accordance with the Security Portal Customer Agreement and do not extend to you as a Reseller. We make NO WARRANTIES, EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, TO you as a RESELLER, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR TITLE AND NON-INFRINGEMENT.

14. LIMITATION OF LIABILITY.

14.1. Waiver of Consequential Damages. TO THE FULLEST EXTENT ALLOWED BY LAW, NEITHER SECURITY PORTAL NOR ITS SUPPLIERS SHALL BE LIABLE FOR ANY LOSS OF USE, LOST DATA, FAILURE OF SECURITY MECHANISMS, INTERRUPTION OF BUSINESS, OR ANY INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY KIND (INCLUDING LOST PROFITS), REGARDLESS OF THE FORM OF ACTION, WHETHER IN CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY OR OTHERWISE, EVEN IF INFORMED OF THE POSSIBILITY OF SUCH DAMAGES IN ADVANCE.

14.2. Liability Cap. TO THE FULLEST EXTENT ALLOWED BY LAW, SECURITY PORTAL’S AND ITS THIRD-PARTY SUPPLIERS’ ENTIRE LIABILITY UNDER THIS RESELLER AGREEMENT SHALL NOT EXCEED THE AMOUNTS ACTUALLY PAID BY RESELLER TO SECURITY PORTAL IN RESPECT OF THE RESELLER ORDER THAT IS THE SUBJECT OF THIS RESELLER AGREEMENT.

15. Dispute Resolution; Governing Law

15.1. Dispute Resolution; Arbitration. In the event of any controversy or claim arising out of or relating to this Reseller Agreement, the parties hereto shall consult and negotiate with each other and, recognizing their mutual interests, attempt to reach a solution satisfactory to both parties. If the parties do not reach a settlement within a period of 60 days, any unresolved controversy or claim arising out of or relating to this Reseller Agreement shall proceed to binding arbitration under the Rules of Arbitration of the International Chamber of Commerce. The parties shall seek to mutually appoint an arbitrator. If the parties cannot agree on a single arbitrator, then there shall be three (3) arbitrators: one selected by each party, and a third selected by the first two. Arbitration will take place in Bucharest (ROMANIA). All negotiations and arbitration proceedings pursuant to this Section 15.1 will be confidential and treated as compromise and settlement negotiations for purposes of all similar rules and codes of evidence of applicable legislation and jurisdictions. The language of the arbitration shall be English or Romanian.

15.2. Governing Law; Jurisdiction. This Reseller Agreement will be governed by and construed in accordance with the applicable laws of Romania. Each party irrevocably agrees that any legal action, suit or proceeding that is not otherwise subject to the arbitration provisions of Section 15.1 (Dispute Resolution; Arbitration) must be brought solely and exclusively in, and will be subject to the service of process and other applicable procedural rules of Romanian designated authorities, and each party irrevocably submits to the sole and exclusive personal jurisdiction of the courts in Romania, generally and unconditionally, with respect to any action, suit or proceeding brought by it or against it by the other party. Notwithstanding the foregoing, Security Portal may bring a claim for equitable relief in any court with proper jurisdiction.

15.3. Injunctive Relief; Enforcement. Notwithstanding the provisions of this Section 15, nothing in this Reseller Agreement shall prevent either party from seeking injunctive relief with respect to a violation of intellectual property rights, confidentiality obligations or enforcement or recognition of any award or order in any appropriate jurisdiction.

15.4. Exclusion of UN Convention and UCITA. The terms of the United Nations Convention on Contracts for the Sale of Goods do not apply to this Reseller Agreement. The Uniform Computer Information Transactions Act (UCITA) shall not apply to this Reseller Agreement regardless of when or where adopted.

16. Government End Users.

The Products are commercial computer software. If the user or licensee of the Products is an agency, department, or other entity of the country administration, the use, duplication, reproduction, release, modification, disclosure, or transfer of the Software, or any related documentation of any kind, including technical data and manuals, is restricted by a license agreement or by the terms of this Reseller Agreement. The Products were developed fully at private expense. All other use is prohibited.

17. General.

This Reseller Agreement is the entire agreement between you and Security Portal relating to the resale of Security Portal products as described in this Reseller Agreement and supersedes all prior or contemporaneous oral or written communications, proposals and representations with respect to the Products or any other subject matter covered by this Reseller Agreement. If any provision of this Reseller Agreement is held to be void, invalid, unenforceable or illegal, the other provisions shall continue in full force and effect. This Reseller Agreement may not be modified or amended except as described in Section 11 (Changes to Agreement) or otherwise with the written agreement of Security Portal (which may be withheld in its complete discretion without any requirement to provide reasons). As used herein, "including" (and its variants) means "including without limitation" (and its variants). If either party to this Reseller Agreement breaches any provision of this Reseller Agreement relating to Confidential Information or intellectual property rights, there may not be an adequate remedy available solely at law; therefore, an injunction, specific performance or other form of equitable relief or monetary damages or any combination thereof may be sought by the injured party to this Reseller Agreement. No failure or delay by the injured party to this Reseller Agreement in exercising any right, power or privilege hereunder shall operate as a waiver thereof, nor shall any single or partial exercise thereof preclude any other or further exercise thereof or the exercise of any right, power or privilege hereunder at law or equity. The parties are independent contractors. This Reseller Agreement shall not be construed as constituting either party as a partner of the other or to create any other form of legal association that would give on party the express or implied right, power or authority to create any duty or obligation of the other party.

Should you have any questions concerning this Reseller Agreement, or if you desire to contact Security Portal for any reason, please contact us.

Security Portal Professional Services Agreement

Effective starting: February 10, 2017

This Security Portal Professional Services Agreement ("Agreement") is between you ("you" or "Customer"), and Security Portal SRL (RO27471689) ("Security Portal" or "we"). If you are agreeing to this Agreement not as an individual but on behalf of your company, then "Customer" or "you" means your company, and you are binding your company to this Agreement and represent and warrant that you have all necessary authority to do so.

This Agreement sets forth the terms under which Security Portal will provide you with certain professional services described on order forms (including online order flows) referencing this Agreement ("Order Forms" and such services, "Services"). Services are provided on a subscription basis for a set term designated on the Order Form (the "Subscription Term"). This Agreement governs Customer’s initial purchase of Services as well as any future purchases made by Customer that reference this Agreement. The Agreement also includes any Security Portal policies or documents attached to or referenced in this document, as well as any Order Forms entered into by the Parties.

This Agreement is separate from the agreement that Security Portal has with its end users at https://spaccess.net/en/legal/customer-agreement/ (as may be modified by Security Portal from time to time, "Security Portal Customer Agreement") regarding the use of Security Portal Products (the "Products").

This Agreement does not have to be signed in order to be binding. You indicate your assent to the terms by clicking on the "I agree" (or similar button) that is presented to you at the time of your order or by signing an Order Form.

1. Services and Deliverables.

During the applicable Subscription Term Security Portal agrees to use diligent efforts to render the Services by the delivery dates specified on the applicable Order Form, if any. Subject to Section 4 (Security Portal Products) below, any reports, recommendations or other deliverables provided by Security Portal to you as part of the Services are "Deliverables". Security Portal grants you a perpetual, worldwide, royalty-free, non-exclusive license to use the Deliverables internally in connection with the applicable Products.

2. Customer Materials.

Customer agrees to provide Security Portal with reasonable access to Customer materials, personnel, equipment or facilities (including without limitation Customer’s instances of the Products) to the extent such access is necessary for the performance of Services. To the extent that Customer does not timely provide the foregoing access required for Security Portal to perform the Services or deliver the Deliverables, Security Portal shall be excused from performance until such items are provided. Customer hereby grants Security Portal a limited right to use any Customer materials provided to Security Portal in connection with the Services (the "Customer Materials") solely for the purpose of performing the Services for Customer. Customer owns and will retain ownership (including all intellectual property rights) in and to the Customer Materials (subject to Security Portal’s ownership of any underlying Products, service descriptions, documentation, and underlying technology ("Security Portal Technology").

3. Ownership of Deliverables; Feedback.

Security Portal owns and will retain ownership (including all intellectual property rights) in and to the Deliverables and any modifications, improvements and derivative works thereof (including any such materials to the extent incorporating any Feedback). If Customer provides any feedback, comments, suggestions, ideas, description of processes, or other information to Security Portal about or in connection with the Products, Deliverables or Services, including without limitation any ideas, concepts, know-how or techniques contained therein ("Feedback"), then Customer grants Security Portal a worldwide, royalty-free, non-exclusive, perpetual and irrevocable license to use, copy, modify and otherwise exploit the Feedback for any purpose, without any compensation to Customer or any restriction or obligation on account of intellectual property rights or otherwise. For clarity, no Feedback will be deemed Customer’s Confidential Information, and nothing in this Agreement, including without limitation Section 9 (Confidential Information), limits Security Portal's right to independently use, develop, evaluate, or market products, whether incorporating Feedback or otherwise.

4. Security Portal Products.

For the avoidance of doubt, the rights to and delivery and use of any Security Portal Technology (including any Product) is governed by the terms of the Security Portal Customer Agreement and not the terms of this Agreement, and, even if listed in an Order Form, no Security Portal Technology (including any Product updates, upgrades, patches and bug fixes) shall be considered a Deliverable hereunder. Customer acknowledges that the Services are being purchased separately from any Product licenses or subscriptions and that no such license or subscription is being provided or offered under this Agreement. Fees for the Services are separate from any fees paid for Products, and Customer’s payment obligations hereunder are not contingent on the purchase or use of any Product.

5. Subscription Term; Payment.

5.1. Subscription Term and Renewals. Unless otherwise specified on the applicable Order Form, each Subscription Term for Services will automatically renew for additional successive Subscription Terms of the same length at Security Portal’s then-current rates, unless either party gives the other written notice of non-renewal at least thirty (30) days prior to expiration of the then-current Subscription Term.

5.2. Payment. Customer will pay Security Portal the amounts and at the times set forth on the applicable Order Form. Customer agrees to reimburse Security Portal for pre-approved travel, lodging and meal expenses incurred in the course of performing the Services at any location other than Security Portal’s site, unless otherwise specified on the Order Form (including any data sheet incorporated therein by reference). Security Portal will invoice Customer for expenses incurred and at Customer’s request and expense, Security Portal will provide copies of receipts for which charges are incurred. All payments are non-refundable and all payment obligations non-cancellable unless otherwise specified on an Order Form. Payments shall be made in U.S. dollars within thirty (30) days from the date of Security Portal’s invoice. Customer will be responsible for all taxes, withholdings, duties and levies in connection with the Services (excluding taxes based on the net income of Security Portal). Upon termination all payments for Services shall be accelerated and become immediately due and payable. Any late payments shall be subject to a service charge equal to 1.5% per month of the amount due or the maximum amount allowed by law, whichever is less.

6. Term and Termination.

This Agreement takes effect on the Effective Date and, unless earlier terminated in accordance with this Section 6, remains in effect until expiration or termination of all Subscription Terms. The "Effective Date" of this Agreement is the date which is the earlier of (a) Customer’s initial receipt of Services or (b) the effective date of the first Order Form referencing this Agreement. Either party may terminate this Agreement or any Order Form if the other party: (i) fails to cure any material breach of this Agreement within thirty (30) days after written notice of such breach; (ii) ceases operation without a successor; or (iii) seeks protection under any bankruptcy, receivership, trust deed, creditors arrangement, composition or comparable proceeding, or if any such proceeding is instituted against such party (and not dismissed within sixty (60) days thereafter). Sections 3 (Ownership of Deliverables; Feedback), 4 (Security Portal Products), 5.2 (Payment) (but only with respect to orders placed during the term hereof), 7 (Warranty Disclaimer), 8 (Limitation of Liability), 9 (Confidential Information), 10 (Publicity), 11 (Dispute Resolution; Governing Law), 14 (Assignment) and 15 (General) will survive any termination or expiration of this Agreement. Unless termination is for Customer’s breach, Customer’s right under Section 1 (Services and Deliverables) to use Deliverables shall survive so long as Customer has a valid right under the Security Portal Customer Agreement to use the applicable Product and provided that Customer remains in compliance with the applicable use restrictions and confidentiality obligations in Sections 1 and 9 herein.

7. Warranty Disclaimer.

ALL SERVICES AND DELIVERABLES ARE PROVIDED "AS IS" AND SECURITY PORTAL EXPRESSLY DISCLAIMS ANY AND ALL WARRANTIES OF ANY KIND OR NATURE, WHETHER EXPRESS, IMPLIED OR STATUTORY, INCLUDING WITHOUT LIMITATION THE IMPLIED WARRANTIES OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.

8. Limitation of Liability.

8.1. Waiver of Consequential Damages. TO THE FULLEST EXTENT ALLOWED BY LAW, NEITHER SECURITY PORTAL NOR ITS SUPPLIERS SHALL BE LIABLE FOR ANY LOSS OF USE, LOST DATA, FAILURE OF SECURITY MECHANISMS, INTERRUPTION OF BUSINESS, OR ANY INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY KIND (INCLUDING LOST PROFITS), REGARDLESS OF THE FORM OF ACTION, WHETHER IN CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY OR OTHERWISE, EVEN IF INFORMED OF THE POSSIBILITY OF SUCH DAMAGES IN ADVANCE.

8.2. Liability Cap. TO THE FULLEST EXTENT ALLOWED BY LAW, SECURITY PORTAL’S AND ITS THIRD-PARTY SUPPLIERS’ ENTIRE LIABILITY UNDER THIS AGREEMENT SHALL NOT EXCEED THE AMOUNTS ACTUALLY PAID BY CUSTOMER TO SECURITY PORTAL UNDER THIS AGREEMENT DURING THE TWELVE (12) MONTHS PRIOR TO THE DATE THE CLAIM AROSE.

9. Confidential Information.

Each party (as "Receiving Party") agrees that all code, inventions, know-how, and business, technical and financial information it obtains from the disclosing party (as "Disclosing Party") constitute the confidential property of the Disclosing Party ("Confidential Information"), provided that it is identified as confidential at the time of disclosure or should be reasonably known by the Receiving Party to be Confidential Information due to the nature of the information disclosed and the circumstances surrounding the disclosure. The Deliverables and any software, documentation or technical information provided by Security Portal (or its agents) shall be deemed Confidential Information of Security Portal without any marking or further designation. Except as expressly authorized herein, the Receiving Party will hold in confidence and not use or disclose any Confidential Information. The Receiving Party’s nondisclosure obligation shall not apply to information which the Receiving Party can document: (a) was rightfully in its possession or known to it prior to receipt of the Confidential Information; (b) is or has become public knowledge through no fault of the Receiving Party; (c) is rightfully obtained by the Receiving Party from a third party without breach of any confidentiality obligation; or (d) is independently developed by employees of the Receiving Party who had no access to such information. Receiving Party may also disclose Confidential Information if so required pursuant to a regulation, law or court order (but only to the minimum extent required to comply with such regulation or order and with advance notice to the Disclosing Party).

10. Dispute Resolution; Governing Law.

10.1. Dispute Resolution; Arbitration. In the event of any controversy or claim arising out of or relating to this Agreement, the parties hereto shall consult and negotiate with each other and, recognizing their mutual interests, attempt to reach a solution satisfactory to both parties. If the parties do not reach a settlement within a period of 60 days, any unresolved controversy or claim arising out of or relating to this Agreement shall proceed to binding arbitration under the Rules of Arbitration of the International Chamber of Commerce. The parties shall seek to mutually appoint an arbitrator. If the parties cannot agree on a single arbitrator, then there shall be three (3) arbitrators: one selected by each party, and a third selected by the first two. Arbitration will take place in Bucharest (Romania). All negotiations and arbitration proceedings pursuant to this Section 10.1 will be confidential and treated as compromise and settlement negotiations for purposes of all similar rules and codes of evidence of applicable legislation and jurisdictions. The language of the arbitration shall be English or Romanian.

10.2. Governing Law; Jurisdiction. This Agreement will be governed by and construed in accordance with the applicable laws of Romania. Each party irrevocably agrees that any legal action, suit or proceeding that is not otherwise subject to the arbitration provisions of Section 10.1 (Dispute Resolution; Arbitration) must be brought solely and exclusively in, and will be subject to the service of process and other applicable procedural rules of Romanian authorities, and each party irrevocably submits to the sole and exclusive personal jurisdiction of the courts in Bucharest (Romania), generally and unconditionally, with respect to any action, suit or proceeding brought by it or against it by the other party. Notwithstanding the foregoing, Security Portal may bring a claim for equitable relief in any court with proper jurisdiction.

10.3. Injunctive Relief; Enforcement. Notwithstanding the provisions of this Section 10, nothing in this Agreement shall prevent either party from seeking injunctive relief with respect to a violation of intellectual property rights, confidentiality obligations or enforcement or recognition of any award or order in any appropriate jurisdiction.

10.4. Exclusion of UN Convention and UCITA. The terms of the United Nations Convention on Contracts for the Sale of Goods do not apply to this Agreement. The Uniform Computer Information Transactions Act (UCITA) shall not apply to this Agreement regardless of when or where adopted.

11. Force Majeure.

Neither party shall be liable to the other for any delay or failure to perform any obligation under this Agreement (except for a failure to pay fees) if the delay or failure is due to events which are beyond the reasonable control of such party, including but not limited to any strike, blockade, war, act of terrorism, riot, natural disaster, failure or diminishment of power or of telecommunications or data networks or services, or refusal of approval or a license by a government agency.

12. Subcontractors.

Security Portal may use the services of subcontractors for performance of Services under this Agreement, provided that Security Portal remains responsible for (a) compliance of any such subcontractor with the terms of this Agreement and (b) for the overall performance of the Services as required under this Agreement.

13. Assignment.

Customer may not assign this Agreement without the prior written consent of Security Portal (which consent will not be unreasonably withheld), provided that the assignee agrees to be bound by the terms and conditions contained in this Agreement. Security Portal may assign its rights and obligations under this Agreement in whole or in part without consent of Customer. Any permitted assignee shall be bound by the terms and conditions of this Agreement.

14. General.

This Agreement is the entire agreement between you and Security Portal relating to the Services and supersedes all prior or contemporaneous oral or written communications, proposals and representations with respect to the Services or any other subject matter covered by this Agreement. If any provision of this Agreement is held to be void, invalid, unenforceable or illegal, the other provisions shall continue in full force and effect. No supplement, modification, or amendment of this Agreement shall be binding, unless executed in writing by a duly authorized representative of each party to this Agreement. As used herein, "including" (and its variants) means "including without limitation" (and its variants). If either party to this Agreement breaches any provision of this Agreement relating to Confidential Information or intellectual property rights, there may not be an adequate remedy available solely at law; therefore, an injunction, specific performance or other form of equitable relief or monetary damages or any combination thereof may be sought by the injured party to this Agreement. No failure or delay by the injured party to this Agreement in exercising any right, power or privilege hereunder shall operate as a waiver thereof, nor shall any single or partial exercise thereof preclude any other or further exercise thereof or the exercise of any right, power or privilege hereunder at law or equity. The parties are independent contractors. This Agreement shall not be construed as constituting either party as a partner of the other or to create any other form of legal association that would give one party the express or implied right, power or authority to create any duty or obligation of the other party. Any notice, report, approval or consent required or permitted under this Agreement will be in writing to the address specified on the Order Form or such other address as may be given in writing by either party to the other.

Service-Specific Terms

Effective starting: January 10, 2017

Your use of SPAccess is subject to the terms of the Security Portal Customer Agreement (the “Agreement”) as well as the following additional terms. Any capitalized terms used but not defined below have the meanings in the Agreement.

1.Repositories. Data that you upload to SPAccess are stored in “repositories.” Data stored in repositories are private (meaning that access to those repositories will be limited to those who have permission to access the repositories)..

2. Storage Rules. We do not set pre-defined storage limits on Your Data in SPAccess. However, we do enforce parameters to ensure that you do not use SPAccess in a way that consumes a disproportionate amount of system resources (CPU’s, memory, disk space, bandwidth, etc.) or that would adversely impact the performance or operation of SPAccess for other SPAccess users.

3. Granting Permissions. Be careful about granting permissions to your repositories. Once you grant such permissions, we will not be able to prevent those users from taking the actions allowed under those permissions, even if you don’t approve of those actions. Be especially careful about granting administrative access to your repositories, as some of those actions may be irreversible. For example, if you grant someone permission that allows them to move content in your repository to another account, we will not be able to reach into that other user’s account without their permission to recover the data, as we are not in a position to arbitrate disputes among our users. In that case, your only recourse may be requesting a takedown under our policy regarding Reporting Copyright and Trademark Violations or pursuing legal action against the other user directly.

4. Responsibility for User Consent. Your administrators may have the ability to access, monitor, use, or disclose data available in SPAccess (including personal data). You will obtain and maintain all required consents from your SPAccess users to allow: (a) you to access, monitor, use, and disclose this data, (b) Security Portal to provide you with the ability to do so, and (c) Security Portal to provide the SPAccess service to you.

Third Party Code in Security Portal Products

Effective starting: January 10, 2017

This is a supplement to the Security Portal Customer Agreement (the “Agreement”) and is included in the Agreement. Any capitalized terms used but not defined below have the meanings in the Agreement. The Products contain code and libraries that we license from third parties. Some of these licenses require us to flow certain terms down to you.

1.Open Source Software in the Products.The Products include components subject to the terms and conditions of “open source” software licenses. To the extent applicable, we will identify open source software included in a Product in or through the Product itself. Some of these licenses require us to provide the open source software to you on the terms of the open source license instead of the terms of the Agreement. In that case, the terms of the open source license will apply, and you will have the rights granted in such licenses to the open source software itself, such as access to source code, right to make modifications, and right to reverse engineer. Notwithstanding the foregoing, if you are using the Products in the form provided to you, in accordance with your permitted Scope of Use, with no distribution of software to third parties, then none of these open source licenses impose any obligations on you beyond what is stated in the Agreement.

2. Combining the Products with Open Source Software.A requirement of some open source licenses, sometimes known as “copyleft licenses,” is that any modifications to the open source software, or combinations of the open source software with other software (such as by linking), must be made available in source code form under the terms of the copyleft license. Examples of copyleft licenses include the GPL or LGPL, Affero, CPL, CDDL, Eclipse or Mozilla licenses. To the extent you are separately authorized by Security Portal to combine and distribute Products with any other code, you must make sure that your use does not: (i) impose, or give the appearance of imposing, any condition or obligation on us with respect to our Products (including, without limitation, any obligation to distribute our Products under an open source license); or (ii) grant, or appear to grant, to any third party any rights to or immunities under our intellectual property or proprietary rights in our Products. To be clear, you may not combine or otherwise modify our Products unless we expressly give you the right to do so under this Agreement.

3. Commercial Third Party Code in the Products.

3.1 The Products may also include components that we license commercially from third parties (“Commercial Components”). For the avoidance of doubt, all of the restrictions for the Products in the Agreement also apply to Commercial Components. Commercial Components are also subject to some additional requirements as set forth below.

3.2 You may use Commercial Components only in conjunction with, as part of, and through the Products as provided by Security Portal. You may not install, access, configure or use any Commercial Components (including any APIs, tools, databases or other aspects any Commercial Components) separately or independently of the rest of the Product, whether for production, technical support or any other purposes, or otherwise attempt to gain direct access to any portions of the Commercial Components, or permit anyone else (including your customers) to do any of these things.

3.3 Some Commercial Components may include source code that is provided as part of its standard shipment. Commercial Component source code will be governed by the terms for Commercial Components in this supplement and not the provisions in Section 6.4 (“Your Modifications”) of the Agreement. Accordingly, notwithstanding any other terms of the Agreement, you may not modify any Commercial Components. You will be financially responsible to the applicable third party licensor ("Commercial Component Licensor") for all damages and losses resulting from your or your Authorized User’s breach of this Section. You may not “benchmark” or otherwise analyze performance information for individual Commercial Component elements.

3.4 You understand that the applicable Commercial Component Licensor retains all ownership and intellectual property rights to the Commercial Component. Commercial Component Licensors (and any other third party licensors of any components of the Products) are intended third party beneficiaries of the Agreement with respect to the items they license and may enforce the Agreement directly against you. However, to be clear, Commercial Component Licensors do not assume any of Security Portal's obligations under the Agreement.

Trademark Guidelines

We've developed these guidelines to ensure our company trademarks are properly displayed and remain undiluted across our customer, partner, and plugin ecosystems. Among the reasons our trademark guidelines are important include:

• • We want our brand and brand names to be associated with awesome dev and IT tools. The more focused the use of the brand, the more powerful it will be in the community.

• • More people and companies are building plugins and becoming partners or ambassadors of Security Portal and our products. They are asking for additional guidelines around how to market, design and brand their plugins and products so they (1) complement the Security Portal product "family", and (2) are distinct from from Security Portal products and brands while remaining part of the Security Portal community.

• • We want to avoid potential conflicts that may arise. If your brand is not clearly differentiated, customers may struggle to identify who to work with or what to buy. As a way of protecting our brands, as well as the best interests of our 3rd party developers and customers, we are sharing publishing these expanded guidelines.

Our Trademarks

Security Portal has registered some of the trademarks below or has otherwise sought protection as indicated below in Romania and other countries. We have done this to protect and preserve the marks for our community of customers, developers, partners, and supporters for the benefit of everyone involved with Security Portal. By this we mean that people should be able to recognize when a product is from Security Portal.

You may use the Security Portal trademarks below in any blog, news article, or on your website without our written consent, as long as you use them according to this guideline, retain the capitalization structure indicated below, and retain the ® symbol or ^TM symbol as applicable on the right shoulder of the mark according to the usage in the list below.

If you have any questions about the use of Security Portal trademarks, please contact us at contact@securityportal.ro.

Our logos

Security Portal logos are distinctive graphic renditions. You may use the Security Portal logo or product logos in a blog or news article, publication, book or other online or offline medium, or on your website in reference to the respective Security Portal product, without our written consent, provided that the logos are duplicated exactly as shown in the preceding link, and the ® symbol (or the ^TM symbol, as applicable) attached to the shoulder of the logo as in the attached link is retained. All other usages of the Security Portal logos require the written approval of Security Portal.

Name dropping

Trademarks protect Security Portal as well as our community of customers, developers, partners, and vendors. They identify the source of one provider's products from another. By "products" we mean all types of offerings, ranging from commercial products and services to open source and free software and informational websites. Trademark law protects the public's ability to rely on trademarks for information about product source and quality, requiring trademark owners to take steps to police proper use of their marks.

In the Security Portal ecosystem of customers, vendors and partners, the Security Portal product names are used in naming for 3rd party products, product reviews, product usage, and more. Below are some guidelines for using Security Portal product naming conventions in your work:

• • It's okay to use Security Portal's product names, logos, and trademarks in your own software product or company naming, however it must be clear that your product is a third-party tool, not a Security Portal – generated tool.

For example: "Acme plugin for SPAccess®" is okay, whereas "SPAccess® plugin for Acme" is not. The former connotes a 3rd party plugin for SPAccess®, the latter connotes a Security Portal – developed tool.

• • It's okay to use Security Portal logos and brand names on your website or blog. You don't need permission from us to use the brands or names.

• • Your website should look like your website, not ours. It should not borrow heavily from or closely resemble Security Portal's website or web properties. For the sake of customers and consumers, clearly distinguishable websites help everyone.

• • You may use the Security Portal logo or product logo in any blog, news article, or on your website without our written consent, as long as you follow these guidelines and do not modify our brand designs.

• • It is acceptable to use Security Portal or our product names or brands in publications, blogs, books or other online or offline mediums, provided this outline is adhered to and the ® symbol or ^TM symbol as applicable is retained on the right shoulder of the mark. In a longer publication where Security Portal is cited more than once, the trademark symbol need only be used the first time the brand is mentioned.

• • Do not concatenate product names

• • You are not permitted to modify the Security Portal logo or product logos in anyway except to resize a logo for the page where it's displayed.

Security Portal Style

In addition to trademarks and service marks, Security Portal has developed artwork, screenshots, and imagery for our website and other web properties.

Security Portal's "look" or "feel" should not be reproduced or mimicked for the same reasons cited above: consumers and customers can be confused about whether they're dealing with Security Portal or another company. The Security Portal website and all intellectual property rights, including all Copyright rights therein, are owned by Security Portal. Reproduction or "creative borrowing" of the website or artwork without permission is a violation of Security Portal's Copyright.

If there are design elements that you wish to re-use on your website (e.g., to reuse a screenshot), please contact us for permission at contact@securityportal.ro.

Grandfathering

We realize these guidelines are being introduced at a point in time when some companies and individuals already have product names that include the Security Portal trademarks. Companies and individuals using the Security Portal product trademarks by or before January 10, 2017 will not be required to change their already existing product names to comply with these guidelines now or in the future. However, we do request that these companies and individuals give proper notice and attribution of the Security Portal trademarks, and that any new product name will follow these guidelines.

If you have any questions about the use of Security Portal marks or logos, please contact us at contact@securityportal.ro.